Re: merge ping6(8) into ping(8)
> On Sun, Sep 18, 2016 at 12:11 AM, Theo de Raadt wrote: > >> > this does 2 things: > >> > [...] > >> > >> I may recall what I have sent to you in private email, excerpt from > >> FreeBSD ping6 manpage: > >> [...] > >> When we have two binaries I have more trust when one of them is working > >> *only* with IPv4 and another one *only* with IPv6. > >> > >> So, what user problems are you trying to solve with this merge? > >> > > > > Mikhail, with great regret I am informing you that the opinion of some > > random gmail user does not actually matter around here. > > It's not about opinion, everyone has it. It's about understanding why > a thing was done. If a person can't answer to the question "why" a > thing was done, I suppose he don't fully understand a solution to a > problem he is trying to solve. > > Random gmail users can bring value as much as fullnamed developers. sorry to hear you don't understand this is not really a forum to attempt education
Re: merge ping6(8) into ping(8)
On 2016/09/18 00:04, Mikhail wrote: > > this does 2 things: > > [...] > > I may recall what I have sent to you in private email, excerpt from FreeBSD > ping6 manpage: > > 8<8<8<8<8<8< > There have been many discussions on why we separate ping6 and ping(8). > Some people argued that it would be more convenient to uniform the ping > command for both IPv4 and IPv6. The followings are an answer to the > request. > > From a developer's point of view: since the underling raw sockets API is > totally different between IPv4 and IPv6, we would end up having two types of > code base. There would actually be less benefit to uniform the two commands > into a single command from the developer's standpoint. Much of the code doesn't relate to the sockets API. Option parsing, timestamp perturbation, printing, etc are all mostly common. > From an operator's point of view: unlike ordinary network applications like > remote login tools, we are usually aware of address family when using > network management tools. We do not just want to know the > reachability to the host, but want to know the reachability to the host > via a particular network protocol such as IPv6. Thus, even if we had a > unified ping(8) command for both IPv4 and IPv6, we would usually type a > -6 or -4 option (or something like those) to specify the particular > address family. This essentially means that we have two different > commands. > > 8<8<8<8<8<8< > > When we have two binaries I have more trust when one of them is working > *only* with IPv4 and another one *only* with IPv6. As a network operator if I'm interested in reachability to a specific machine I'm certainly not going to rely on DNS. And as a user if I'm interested in reachability of a service (which covers the majority of ping usage) I don't care which af is used. In fact I'd prefer to know about "whichever af is used by default to reach this host". > So, what user problems are you trying to solve with this merge? Future changes to ping/ping6 only need to be done in one place, no risk of them getting out of sync. Less disk space. Faster compiles. Less setuid root code to audit. The only reason I see for *not* merging them is that no developer wanted to do the work. Why should they be separate programs? We don't have to choose between firefox and firefox6.
Re: merge ping6(8) into ping(8)
On Sun, Sep 18, 2016 at 12:11 AM, Theo de Raadt wrote: >> > this does 2 things: >> > [...] >> >> I may recall what I have sent to you in private email, excerpt from >> FreeBSD ping6 manpage: >> [...] >> When we have two binaries I have more trust when one of them is working >> *only* with IPv4 and another one *only* with IPv6. >> >> So, what user problems are you trying to solve with this merge? >> > > Mikhail, with great regret I am informing you that the opinion of some > random gmail user does not actually matter around here. It's not about opinion, everyone has it. It's about understanding why a thing was done. If a person can't answer to the question "why" a thing was done, I suppose he don't fully understand a solution to a problem he is trying to solve. Random gmail users can bring value as much as fullnamed developers.
Re: merge ping6(8) into ping(8)
> > this does 2 things: > > [...] > > I may recall what I have sent to you in private email, excerpt from > FreeBSD ping6 manpage: > > 8<8<8<8<8<8< > There have been many discussions on why we separate ping6 and ping(8). > Some people argued that it would be more convenient to uniform the ping > command for both IPv4 and IPv6. The followings are an answer to the > request. > > From a developer's point of view: since the underling raw sockets API is > totally different between IPv4 and IPv6, we would end up having two > types of code base. There would actually be less benefit to uniform the > two commands into a single command from the developer's standpoint. > > From an operator's point of view: unlike ordinary network applications > like remote login tools, we are usually aware of address family when > using network management tools. We do not just want to know the > reachability to the host, but want to know the reachability to the host > via a particular network protocol such as IPv6. Thus, even if we had a > unified ping(8) command for both IPv4 and IPv6, we would usually type a > -6 or -4 option (or something like those) to specify the particular > address family. This essentially means that we have two different > commands. > 8<8<8<8<8<8< > > When we have two binaries I have more trust when one of them is working > *only* with IPv4 and another one *only* with IPv6. > > So, what user problems are you trying to solve with this merge? > Mikhail, with great regret I am informing you that the opinion of some random gmail user does not actually matter around here.
Re: merge ping6(8) into ping(8)
> this does 2 things: > [...] I may recall what I have sent to you in private email, excerpt from FreeBSD ping6 manpage: 8<8<8<8<8<8< There have been many discussions on why we separate ping6 and ping(8). Some people argued that it would be more convenient to uniform the ping command for both IPv4 and IPv6. The followings are an answer to the request. From a developer's point of view: since the underling raw sockets API is totally different between IPv4 and IPv6, we would end up having two types of code base. There would actually be less benefit to uniform the two commands into a single command from the developer's standpoint. From an operator's point of view: unlike ordinary network applications like remote login tools, we are usually aware of address family when using network management tools. We do not just want to know the reachability to the host, but want to know the reachability to the host via a particular network protocol such as IPv6. Thus, even if we had a unified ping(8) command for both IPv4 and IPv6, we would usually type a -6 or -4 option (or something like those) to specify the particular address family. This essentially means that we have two different commands. 8<8<8<8<8<8< When we have two binaries I have more trust when one of them is working *only* with IPv4 and another one *only* with IPv6. So, what user problems are you trying to solve with this merge?
Re: merge ping6(8) into ping(8)
... and this does things to the build infrastructure. It survives make release on amd64, it survived i386 in the past but I'm currently running another make release. I'm trying armv7, too. Tests on other archs would be very welcome, thanks! diff --git distrib/amd64/common/list distrib/amd64/common/list index 4b4f4b1..153c880 100644 --- distrib/amd64/common/list +++ distrib/amd64/common/list @@ -40,7 +40,7 @@ LINK instbin sbin/mount LINK instbin sbin/mount_cd9660 LINK instbin sbin/mount_ffs LINK instbin sbin/newfs -LINK instbin sbin/ping +LINK instbin sbin/ping sbin/ping6 LINK instbin sbin/reboot sbin/halt LINK instbin sbin/restore LINK instbin sbin/route diff --git distrib/amd64/ramdisk_cd/list.local distrib/amd64/ramdisk_cd/list.local index 79982af..7e149a8 100644 --- distrib/amd64/ramdisk_cd/list.local +++ distrib/amd64/ramdisk_cd/list.local @@ -1,8 +1,6 @@ # $OpenBSD: list.local,v 1.26 2015/10/07 18:02:06 krw Exp $ # add local links; use bin/sh since instbin has already been unlinked -LINK instbin sbin/ping6 - LINK instbin sbin/dhclient LINK instbin sbin/bioctl diff --git distrib/armv7/ramdisk/list distrib/armv7/ramdisk/list index 0d13059..82d100e 100644 --- distrib/armv7/ramdisk/list +++ distrib/armv7/ramdisk/list @@ -47,8 +47,7 @@ LINK instbin sbin/mount_nfs LINK instbin sbin/newfs LINK instbin sbin/newfs_ext2fs LINK instbin sbin/newfs_msdos -LINK instbin sbin/ping -LINK instbin sbin/ping6 +LINK instbin sbin/ping sbin/ping6 LINK instbin sbin/reboot sbin/halt LINK instbin sbin/route LINK instbin sbin/sysctl diff --git distrib/hppa/list distrib/hppa/list index 0e2e181..b0f23b7 100644 --- distrib/hppa/list +++ distrib/hppa/list @@ -40,8 +40,7 @@ LINK instbin sbin/mount_cd9660 LINK instbin sbin/mount_ffs LINK instbin sbin/mount_nfs LINK instbin sbin/newfs -LINK instbin sbin/ping -LINK instbin sbin/ping6 +LINK instbin sbin/ping sbin/ping6 LINK instbin sbin/reboot sbin/halt LINK instbin sbin/route LINK instbin sbin/sysctl diff --git distrib/i386/common/list distrib/i386/common/list index 17d8e39..3d8b00f 100644 --- distrib/i386/common/list +++ distrib/i386/common/list @@ -41,7 +41,7 @@ LINK instbin sbin/mount LINK instbin sbin/mount_cd9660 LINK instbin sbin/mount_ffs LINK instbin sbin/newfs -LINK instbin sbin/ping +LINK instbin sbin/ping sbin/ping6 LINK instbin sbin/reboot sbin/halt LINK instbin sbin/route LINK instbin sbin/sysctl diff --git distrib/i386/ramdisk_cd/list.local distrib/i386/ramdisk_cd/list.local index 8a59bc8..18ad5b8 100644 --- distrib/i386/ramdisk_cd/list.local +++ distrib/i386/ramdisk_cd/list.local @@ -3,7 +3,6 @@ # add local links; use bin/sh since instbin has already been unlinked LINK instbin sbin/mount_ext2fs LINK instbin sbin/mount_msdos -LINK instbin sbin/ping6 LINK instbin sbin/mount_udf LINK instbin sbin/restore LINK instbin sbin/bioctl diff --git distrib/landisk/ramdisk/list distrib/landisk/ramdisk/list index ea06d58..ba42a8f 100644 --- distrib/landisk/ramdisk/list +++ distrib/landisk/ramdisk/list @@ -45,8 +45,7 @@ LINK instbin sbin/mount_msdos LINK instbin sbin/mount_nfs LINK instbin sbin/newfs LINK instbin sbin/newfs_msdos -LINK instbin sbin/ping -LINK instbin sbin/ping6
merge ping6(8) into ping(8)
this does 2 things: 1) copy missing things from ping6(8) over to ping(8) 2) add if (v6flag) { /* do new original v6 stuff */ } else { /* re-indent already present v4 stuff and wrap else around it /* } feel free to review and OK while I fight with the build system :/ diff --git ping.c ping.c index 0c95139..1be2c71 100644 --- ping.c +++ ping.c @@ -123,6 +123,9 @@ struct payload { #defineMAXIPLEN60 #defineMAXICMPLEN 76 #defineMAXPAYLOAD (IP_MAXPACKET - MAXIPLEN - ECHOLEN) +#defineIP6LEN 40 +#defineEXTRA 256 /* for AH and various other headers. weird. */ +#defineMAXPAYLOAD6 IPV6_MAXPACKET - IP6LEN - ECHOLEN #defineMAXWAIT_DEFAULT 10 /* secs to wait for response */ #defineNROUTES 9 /* number of record route slots */ @@ -174,6 +177,7 @@ char BSPACE = '\b'; /* characters written for flood */ char DOT = '.'; char *hostname; int ident; /* process id to identify our packets */ +int v6flag = 0;/* are we ping6? */ /* counters */ int64_t npackets; /* max packets to transmit */ @@ -211,6 +215,7 @@ const char *pr_addr(struct sockaddr *, socklen_t); voidpr_pack(u_char *, int, struct msghdr *); __dead void usage(void); +/* IPv4 specific functions */ voidpr_ipopt(int, u_char *); int in_cksum(u_short *, int); voidpr_icmph(struct icmp *); @@ -220,6 +225,16 @@ voidpr_iph(struct ip *); int map_tos(char *, int *); #endif /* SMALL */ +/* IPv6 specific functions */ +int get_hoplim(struct msghdr *); +int get_pathmtu(struct msghdr *, struct sockaddr_in6 *); +voidpr_icmph6(struct icmp6_hdr *, u_char *); +voidpr_iph6(struct ip6_hdr *); +voidpr_exthdrs(struct msghdr *); +voidpr_ip6opt(void *); +voidpr_rthdr(void *); +voidpr_retip6(struct ip6_hdr *, u_char *); + int main(int argc, char *argv[]) { @@ -227,10 +242,15 @@ main(int argc, char *argv[]) struct itimerval itimer; struct sockaddr *from, *dst; struct sockaddr_in from4, dst4; + struct sockaddr_in6 from6, dst6; + struct cmsghdr *scmsg = NULL; + struct in6_pktinfo *pktinfo = NULL; + struct icmp6_filter filt; socklen_t maxsizelen; int64_t preload; - int ch, i, optval = 1, packlen, maxsize, error, s; - int df = 0, tos = 0, bufspace = IP_MAXPACKET; + int ch, i, optval = 1, packlen, maxsize, error, s4, s6, s; + int df = 0, tos = 0, bufspace = IP_MAXPACKET, hoplimit = -1, mflag = 0; + int v4sock_errno = 0, v6sock_errno = 0; u_char *datap, *packet, loop = 1; u_char ttl = MAXTTL; char *e, *target, hbuf[NI_MAXHOST], *source = NULL; @@ -239,19 +259,40 @@ main(int argc, char *argv[]) double intval; uid_t uid; u_int rtableid = 0; + extern char *__progname; - if ((s = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP)) < 0) - err(1, "socket"); + if ((s4 = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP)) < 0) + v4sock_errno = errno; + if ((s6 = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) < 0) + v6sock_errno = errno; /* revoke privs */ uid = getuid(); if (setresuid(uid, uid, uid) == -1) err(1, "setresuid"); + if (strcmp("ping6", __progname) == 0) { + v6flag = 1; + if (v6sock_errno != 0) + errc(1, v6sock_errno, "socket"); + s = s6; + if (s4 >= 0) + close(s4); + maxpayload = MAXPAYLOAD6; + } else { + v6flag = 0; + if (v4sock_errno != 0) + errc(1, v4sock_errno, "socket"); + s = s4; + if (s6 >= 0) + close(s6); + maxpayload = MAXPAYLOAD; + } + preload = 0; - maxpayload = MAXPAYLOAD; datap = &outpack[ECHOLEN + ECHOTMLEN]; - while ((ch = getopt(argc, argv, + while ((ch = getopt(argc, argv, v6flag ? + "c:dEefHh:I:i:Ll:mNnp:qS:s:V:vw:" : "DEI:LRS:c:defHi:l:np:qs:T:t:V:vw:")) != -1) { switch(ch) { case 'c': @@ -283,6 +324,11 @@ main(int argc, char *argv[]) case 'H': options |= F_HOSTNAME; break; + case 'h': /* hoplimit */ + hoplimit = strtonum(optarg, 0, IPV6_MAXHLIM, &errstr); + if (errstr) +