Contributed by rueda on from the we-are-pleased-too dept.
CVSROOT: /cvs Module name: src Changes by: firstname.lastname@example.org 2021/02/26 09:16:37 Added files: sbin/dhcpleased: Makefile bpf.c bpf.h checksum.c checksum.h control.c control.h dhcpleased.8 dhcpleased.c dhcpleased.h engine.c engine.h frontend.c frontend.h log.c log.h usr.sbin/dhcpleasectl: Makefile dhcpleasectl.8 dhcpleasectl.c parser.c parser.h Log message: Import dhcpleased(8) - a dhcp daemon to acquire IPv4 address leases from servers.
dhcpleased(8) follows the well known three process design of all our privsep daemons. It uses pledge(2) and unveil(2) to restrict access further. In particular the "engine" process, responsible for parsing of untrusted data, is pledge'd "stdio". It cannot access the outside world nor the filesystem at all. Like slaacd(8) for IPv6 it will be always running and acquire addresses for all interface with the autoconf4 flag set. The flag can be set by "ifconfig $if inet autoconf" or by adding "inet autoconf" to /etc/hostname.if. An existing "dhcp" line should be removed. Various iterations tested by deraadt@ The hardest part, finding a name, was handled by jmatthew@ & otto@ "get to it :)" deraadt@
(Comments are closed)