CMake version 4.0 and later require minimum version of 3.5 or later.
Update to minimum version 3.10 which is the last not deprecated minimum
version.
CMake 3.10 was released in November 2017 and is included in Ubuntu 18.04.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes the following compile problem:
````
/route.c: In function 'rtnl_flush':
/route.c:45:15: error: ignoring return value of 'write' declared with attribute 'warn_unused_result' [-Werror=unused-result]
45 | (void)write(fd, "-1", 2);
| ^~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
ninja: build stopped: subcommand failed.
````
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Improve data & structure length validation.
Addresses CVE-2020-11752
Thanks to Guido Vranken <guido@guidovranken.com> for the report who
requested credit be given to 'ForAllSecure Mayhem'.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Default routes added when parsing DHCP options are problematic on
setups where there are more interfaces than those being managed by
relayd. A default route on the routing table used for locally
generated traffic makes the traffic addressed to not managed local
networks to be sent out using that default route instead of being
properly routed.
Disabling DHCP options parsing prevents the introduction of a default
route, that way the traffic addressed to not managed local networks is
routed using the main routing table.
Signed-off-by: Alejandro Enrique <alejandro.enrique@fon.com>
This patch fix routing policy rules not being deleted on termination
due to SIGTERM, SIGHUP, SIGUSR1 or SIGUSR2.
Calling uloop_end makes the call to uloop_run on main to finish and
the process to exit calling the proper cleaning functions.
Signed-off-by: Alejandro Enrique <alejandro.enrique@fon.com>
This patch improve host detection and refresh when it moves from and
interface to another by pinging for it on all managed interfaces.
Previous to this patch host expiration was done by pinging for it on
the last interface it was known to be. If it does not reply after a
number of retries it will be expired and its entries
deleted. Nevertheless, if the host has moved to another managed
interface it will not be detected until there is some ARP packet sent
by the host.
This detection can be improved by pinging for the host on all managed
interfaces instead of just the one where it is supposed to be
connected, as it will reply to the ARP ping on the new interface it is
connected to and a host refresh will be triggered.
Signed-off-by: Alejandro Enrique <alejandro.enrique@fon.com>
This patch fixes relayd not adding a host on an ARP request for the local
IP address.
When relayd is launched using the -L option, it was not adding the
necessary host routes when it receives an ARP request for the local
IP address.
This issue makes a host not able to connect to the device running
relayd until there is ARP traffic involving a third host.
Signed-off-by: Alejandro Enrique <alejandro.enrique@fon.com>
A host route must be reachable from the default rule lookup when using it
to set a gateway, so before we can add a route with a gateway, we temporarily
inject a bogus IP rule pointing at the correct table.
As soon as the route is set, we can remove the bogus IP rule.
