Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.
Sponsored by: Netflix
Traditionally, ping returned exit code EX_NOHOST if a DNS lookup failed.
That is still the case for the legacy code in the new merged ping, but
not for IPv6 targets, nor when a DNS lookup is performed in order to
determine which version of the tool to invoke.
While here, also make sure that the error message is consistent.
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D42159
atf_python may use vnet jails for creating an isolated test environment.
Mark these tests that require root user privileges.
Reviewed by: markj
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
Very early on, the Src/Dst IP addresses were printed in hex notation
(%08x), which will always be 8-characters wide. It was later changed to
use a dot-decimal notation. Depending on the IP address length, the Src
and Dst headers may require a different padding. Use the source and
destination IP lengths as padding for the headers.
Also, print an Opts (options) header, if there are options present. It
has been abbreviated to Opts to match the length of the previous Data
header, removed in ef9e6dc7ee.
Print the header info such that no trailing spaces are produced. As
some git workflows may automatically trim them, and make the tests fail
(see 25b86f8559).
Before
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 f 00 007c 0001 0 0000 40 01 d868 192.0.2.1 192.0.2.2␣
After
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 f 00 007c 0001 0 0000 40 01 d868 192.0.2.1 192.0.2.2
And with options:
Before
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 f 00 007c 0001 0 0000 40 01 d868 192.0.2.1 192.0.2.2 01...
After
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst Opts
4 f 00 007c 0001 0 0000 40 01 d868 192.0.2.1 192.0.2.2 01...
Reviewed by: markj
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
Differential Revision: https://reviews.freebsd.org/D39561
When an echo reply packet is received, the data is compared with the
sent data. When a wrong byte is detected the command displays a report
with the differences.
The first row (the first 8-bytes of data after the ICMP header) should
include the time stamp (if data is at least 8-bytes), this value is not
taken into consideration for the comparison. The remaining rows
represent the data (padded pattern) received/sent, with each byte being
compared for differences.
Print the space before (not after), to add an extra space after cp:/dp:
for better readability when the first time stamp octet is not
zero-padded, and to remove trailing spaces in the output.
Before:
cp:99 0 0 c 1 5 c 0␣
ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd␣
...
After:
cp: 99 0 0 c 1 5 c 0
ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd
...
Reviewed by: markj
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
Differential Revision: https://reviews.freebsd.org/D39492
This is a first step towards a unification/simplification of ping/ping6
(internally). The end goal is to produce a standardized user-facing
output.
Before (ping6):
PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2
16 bytes from ::1, icmp_seq=0 hlim=64 time=0.168 ms
16 bytes from ::1, icmp_seq=1 hlim=64 time=0.068 ms
--- 2001:db8::2 ping6 statistics ---
round-trip min/avg/max/std-dev = 0.068/0.118/0.168/0.050 ms
After (ping6):
PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2
16 bytes from ::1, icmp_seq=0 hlim=64 time=0.168 ms
16 bytes from ::1, icmp_seq=1 hlim=64 time=0.068 ms
--- 2001:db8::2 ping statistics ---
round-trip min/avg/max/stddev = 0.068/0.118/0.168/0.050 ms
This has the nice side-effect of adding units to SIGINFO's statistics,
as printing numbers without units may not be of much help. Also
mentions the fact that these times are round-trip.
Before (ping/ping6 SIGINFO):
2/2 packets received (100.0%) 0.068 min / 0.118 avg / 0.168 max
After (ping/ping6 SIGINFO):
--- <ipv4/ipv6 address> ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.068/0.118/0.168/0.050 ms
In the case of a SIGINFO, the output will be printed to stderr, for both
ping and ping6.
Reviewed by: markj
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
Differential Revision: https://reviews.freebsd.org/D39126
Commit 46d7b45a26 introduced these code
paths. Test and document them.
- Add inner packet too short test
- Add inner IHL too short test
- Add quoted data too short test
- Add IHL too short test
- Add max inner packet IHL without payload test
Reviewed by: markj
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
Differential Revision: https://reviews.freebsd.org/D38528
Avoid calculating the square root of negative zero, which can easily
happen on certain architectures when calculating the population standard
deviation with a sample size of one, e.g., 0.01 - (0.1 * 0.1) =
-0.000000.
Avoid returning a NaN by capping the minimum possible variance value to
zero (positive).
In the future, maybe skip reporting statistics at all for a single
sample.
Reported by: Jenkins
Reviewed by: asomers
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
Differential Revision: https://reviews.freebsd.org/D42114
* Interrupt the option loop as soon as we have an indication of which
protocol is intended.
* If we end up having to perform a DNS lookup, loop over the entire
result looking for either IPv4 or IPv6 addresses.
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Reviewed by: rscheff, kevans, allanjude
Differential Revision: https://reviews.freebsd.org/D42137
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
Test regression fixed in 4630a3252a. Add two tests that do not
use the verbose flag, so the code path in question can be reached:
1. Respond with a proper ICMP destination host unreachable packet.
2. Respond with a doctored ICMP destination host unreachable packet,
that has the ICMP Identifier field modified (+1 bit).
Reviewed by: cy
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D39244
The variable oicmp, which holds the original ("quoted packet") ICMP
packet in a structured way, did not have a copy of the original ICMP
packet obtained from the raw data.
The code was accidentally removed in 20b4130314. Bring it back.
Reported by: Coverity Scan, cy
Reviewed by: cy
CID: 1506960 (UNINIT)
Fixes: 20b4130314
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D39233
The function pr_pack() prints out a packet, if the IP packet contains
options, these are printed as well.
Test the functionality fixed in
70960bb86a.
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D38470
Ping used to provide some sort of packet sniffing capabilities, this was
in an era where hubs were used and tcpdump wasn't invented.
pr_iph() is a function that prints the IP header of the packet.
pr_retip() is essentially a wrapper function to pr_iph(), that also
displays the source and destination ports of a TCP or UDP packet.
After ef9e6dc7ee some of this
functionality was almost removed, to only display packets sent by us
(26+ years ago).
At this point, reaching this code path was only possible by doctoring
the original packet.
After 46d7b45a26 this code path can never
be reached.
Remove the code.
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D38475
When an ICMP packet contains an IP packet in its payload, and that
original IP packet contains options, these options were not displayed
accordingly in pr_iph().
pr_iph() is a function that prints the original "quoted packet" IP
header, with only an IP struct as an argument. The IP struct does not
contain IP options, and it is not guaranteed that the options will be
contiguous in memory to the IP struct after
d9cacf605e.
Pass the raw ICMP data along with the IP struct, in order to print the
options, if any.
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D38469
The sizeof(struct ip) is 20.
The sizeof(struct in_addr) is 4.
No functional change intended.
Reviewed by: asomers, markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D39125
In the IP header, Flags + Fragment Offset is a 16-bit field.
Use ntohs() instead of ntohl(), otherwise the Flags/Fragment Offset
values may not display correctly.
Before (DF set)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 0001 0 0000 40 01 b6a4 192.0.2.1 192.0.2.2
After (DF set)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 0001 2 0000 40 01 b6a4 192.0.2.1 192.0.2.2
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D38479
ping -R (F_RROUTE) will loop at ping.c:1381 until it segfaults or
the unsigned int hlen happens to be less than the size of an IP header:
slippy$ ping -R 192.168.0.101
PING 192.168.0.101 (192.168.0.101): 56 data bytes
64 bytes from 192.168.0.101: icmp_seq=0 ttl=63 time=1.081 ms
RR: 192.168.0.1
192.168.0.101
192.168.0.101
10.1.1.254
10.1.1.91
unknown option bb
unknown option 32
unknown option 6
...
unknown option 96
unknown option 2d
Segmentation fault
The reason for this is while looping through loose source routing (LSRR)
and strict source routing (SSRR), hlen will become smaller than the IP
header. It may even become negative. This should terminate the loop.
However, when hlen is unsigned, an integer underflow occurs becoming a
large number causing the loop to continue virtually forever until hlen
is either by chance smaller than the lenghth of an IP header or it
segfaults.
Reviewed by: asomers
Fixes: 46d7b45a26
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D38744
ping(8) is an old utility, which has received many changes and updates through the years.
Some of these changes may have introduced small bugs, in part due to the lack of tests.
Attempt to remedy the current situation by introducing a way to easily add tests.
Differential Revision: https://reviews.freebsd.org/D38053
ping(8) is an old utility, which has received many changes and updates through the years.
Some of these changes may have introduced small bugs, in part due to the lack of tests.
Attempt to remedy the current situation by introducing a way to easily add tests.
Differential Revision: https://reviews.freebsd.org/D38053
* Appease mandoc -T lint and igor
* Use example.com for documentation
* Update the IPv4 TTL section.
Update the IPv4 TTL section specifically for FreeBSD.
FreeBSD changed the default TTL to 64 in
5639e86bdd7ea151958776264bf5a67e60a54d68. NetBSD and OpenBSD still
use 255. Remove some references of extinct operating systems.
Reviewed by: gbe (manpages), asomers
MFC after: 2 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/630
Ping reads raw IP packets to parse ICMP responses. When reading the
IP Header Len (IHL) ping was was taking the value from the provided
packet without any validation. This could lead to remotely triggerable
stack corruption.
Validate the IHL against expected and recieved data sizes when reading
from the received packet and when reading any quoted packets from within
the ICMP response.
Approved by: so
Reviewed by: markj, asomers
Security: FreeBSD-SA-22:15.ping
Security: CVE-2022-23093
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
X-NetApp-PR: #77
Differential Revision: https://reviews.freebsd.org/D37195
If no IPv4-host, IPv4-mcast-group or IPv6-host is passed, it will
display the usage. The tests are passing because they are just checking
that the exit code is 1.
Fix the tests by checking the appropriate output message.
While here, change the description to match the output and add the
missing requirements.
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D37250
The command "ping -S dotted.quad hostname" fails on dual-stack hosts
with the confusing message "ping: invalid source address: Name does
not resolve" because IPv6 is selected in preference. If the argument
to -S is numeric (likely), select the corresponding address family,
as if -4 or -6 was specified. Add tests that either IPv4 or IPv6 can
be forced via a -S parameter.
Reviewed by: asomers
Differential Revision: https://reviews.freebsd.org/D35271
MFC after: 1 week
After this, we'll be able to ping a host and not spam the terminal, and
no flooding will have to be involved. I've been doing this under Linux
as ping -fi1 host.
Reviewed by: rpokala, Pau Amma
Differential Revision: https://reviews.freebsd.org/D34882