To complement the new cl-routes field, the bootp static routes option has been
renamed to cf-routes and the network/gateway pairs are separated with a right
arrow.
- do not write /net/ndb for loopback medium unless -p is specified
- use defmask() instead of hardcoded /64 for v6 to get correct /128 mask for ::1
- only do duplicate address detection on ethernet
- increase buffer size to support up to 4096 bit RSA keys
- handle PMTUDiscovery option and respond to pmtu probes
- handle port in Address option
- wlock(&netlk) before closing udpfd to sync with writers
- move default subnet handling out of gethost()
only try listen/dial on udp when IndirectData/TcpOnly is not
enabled.
add support for scipts:
host-up
host-down
tinc-up
tinc-down
subnet-up
subnet-down
when dialing udp connection, only switch when there is no
other udp connection active. when we receive an authenticated
message, we switch to that connection immidiately.
At this moment plan9 is using vendorinfo to communicate
some specific plan9 parameters, but there are some boards
that use this attribute to set specific values. This
patch allows netbooting of these boards using ndb attributes
instead of hard coded solutions in dhcpd(1). Vendor attribute
is used for that purpose because it is also used for the
same purpose in bootp.
Lookupip() was already reading rootpath, but it didn't read the
address of the rootserver. As they are very related it makes sense to
read them at the same time.
This patch also fixes a typo, where vendorclass was used instead of
vendor, resulting that vendor ndb attribute was never used.
the arp table is per interface, so it is possible to have the same
netwrok on multiple physical interfaces, tho with different source
ip address. one example would be a ethernet and a wlan interface.
the mac addresses on these mediums can differ (arp proxying taking
place).
so provide our source address on the interface we received the
request on.
the previous change used the ifcaddr; which is correct; but due to a
oversight in the kernel, had to match the ip of the arp entry.
source address will always work.
unless relay agent (gaddr) is specified, dhcp requests need to
taget a local ip address on the incoming interface or broadcast.
clients might have multiple ethernet interfaces, so we need to
check if any of the ether= attributes in ndb matches. this is
done by passing lookupip() the attribute name and a expected
value and if a match is found, set Info.indb = 1.
remove tohex(), use encodefmt instead. avoid dynamcic allocation.
include interface device in log messages.
due to linux omiting the final Z(4) in the NTLMv2 reply, and
the need for the windom for LMv2 authentication, here is a new
AuthNTLM ticket request now with length and dom fields.
in ntlmv2, the client will retry the challenge response trying a bunch
of different domain names assuming the same server challenge. so we have
to make retries work with factotum and the auth server.
also, windows 7 with compatlevel=4 sends all zeros LM response.
we now update /net/ndb with the following information gathered
from router advertisements (rfc6106 and plan9 specific options):
- recursive dns servers (option 25, ndb: dns=)
- dns search list (option 31, ndb: dnsdomain=)
- plan9 fileserver (option 250, ndb: fs=)
- plan9 authserver (option 251, ndb: auth=)
note the plan9 specific options can be disabled with the -G flag.
for ndbconfig (-N flag), we now collect all ip addresses in ndb
belonging to the devices mac address and configue them all. v6
addresses are getting added when a link local address exists
or the -6 flag has been specified to automatically configure one.
move the dhcp code in its own dhcp.c file and make symbols static
that are not used across modules.
the ::/0 route has the bad side effect of breaking v4 connections
when theres no default route due to v6 mapped v4 addresses. this
might be temporary measure.
instead of hardcoding the tunnel interface MTU to 1280,
we calculate the tunnel MTU from the outside MTU, which
can now be specified with the -m mtu option. The deault
outside MTU is 1500 - 8 (PPPoE).
instead of always just requesting the missing range
of the current piece, remember the workpiece offset
and request sequential chunks from the workpiece.
this avoids double requests of the same ranges when
the peer does not respond with the data immidiately.