Created attachment 238789 [details] network.subr ifalias_af_common_handler patch While testing CARP as described in the handbook (https://docs.freebsd.org/en/books/handbook/advanced-networking/#carp), I discovered the system hangs on bootup if the passphrase contains only hex characters and a hyphen (-). Example from the handbook: ifconfig_em0="inet 192.168.1.3 netmask 255.255.255.0" ifconfig_em0_alias0="inet vhid 1 pass testpass alias 192.168.1.50/32" If instead of "testpass" something like "abc-def" is used, it will trigger this issue. The issue was traced to ifalias_af_common_handler in network.subr. Line 1050 seems to have a typo with a miscellaneous closing brace ("$_tmpargs}"), however the issue is with the shell pattern matching at line 1052: ${_af}\ *[0-9a-fA-F]-*) This is intended to match the address range specification as described in rc.conf(5) (see man page starting at "It also possible to configure multiple IP addresses"). However, it also matches other scenarios such as the CARP example above. Due to the limitations of shell pattern matching, it may be better to use regular expression matching using expr(1). Attached is a proposed patch file with more strict matching based on the examples in the rc.conf(5) description.
Comment on attachment 238789 [details] network.subr ifalias_af_common_handler patch >--- /etc/network.subr 2022-12-13 22:55:03.480523000 -0500 >+++ /etc/network.subr 2022-12-14 12:24:00.168988000 -0500 >@@ -1047,14 +1047,11 @@ > esac > done > # Process the last component if any. >- if [ -n "$_tmpargs}" ]; then >- case $_tmpargs in >- ${_af}\ *[0-9a-fA-F]-*) >+ if [ -n "$_tmpargs" ]; then >+ if expr "$_tmpargs" : ${_af}' \{1,\}[0-9a-fA-F.:]\{1,\}-[0-9a-fA-F.:]\{1,\}/[0-9]\{1,\}' >/dev/null 2>&1; then > ifalias_af_common_handler $_if $_af $_action \ > `ifalias_expand_addr $_af $_action ${_tmpargs#${_af}\ }` >- ;; >- ${_af}\ *) >+ elif expr "$_tmpargs" : "${_af} " >/dev/null 2>&1; then > ${IFCONFIG_CMD} $_if $_tmpargs $_action && _ret=0 >- ;; >- esac >+ fi > fi > > return $_ret
Created attachment 238790 [details] network.subr patch correction to previous patch
Created attachment 238791 [details] Simpler patch Wouldn't this be a simpler patch that is. a) easier to read, AND b) spawns fewer processes during boot PS. The style for rc scripts is placing braces around variables.
Created attachment 238793 [details] updated without using expr I believe this patch meets the intention of your simplified patch. This will work assuming there are no other edge cases besides CARP "pass" that triggers the issue.
Can you test this, please? I'll try to find the time to test this in a jail or VM. The next four days are out of the question for me but early next week.
I have tested my updated patch using a bhyve VM running 13.1-RELEASE with carp_load="YES". I tested the CARP scenario: ifconfig_vtnet0="inet 192.168.1.1 netmask 255.255.255.0" ifconfig_vtnet0_alias0="inet vhid 1 pass abc-def alias 192.168.1.5/32" As well as the address range scenario: ifconfig_vtnet0_alias0="inet 192.168.1.5-10/24" Both are working as expected for me using either `/etc/rc.d/netif restart` or rebooting.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=e3e57edf4aac05d041ca55ff2f008c6109ef88d5 commit e3e57edf4aac05d041ca55ff2f008c6109ef88d5 Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2022-12-14 21:41:10 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2023-01-02 18:20:05 +0000 network.subr: Fix infinite loop When setting up carp tunnel, using a password consisting of only the characters used as hexadecimal characters, i.e. abc-def, there will be an infinite loop in the shell function ifalias_af_common_handler(). To circumvent this we test for " pass ". PR: 268378 Reported by: jyoung15@gmail.com MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D37748 libexec/rc/network.subr | 3 +++ 1 file changed, 3 insertions(+)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=87061d3bffd1becd643b0ba9dc6f0a7699efbb39 commit 87061d3bffd1becd643b0ba9dc6f0a7699efbb39 Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2022-12-14 21:36:23 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2023-01-02 18:20:05 +0000 network.subr: Add missing brace PR: 268378 Submitted by: jyoung15@gmail.com Reported by: jyoung15@gmail.com MFC after: 3 days libexec/rc/network.subr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=d30b57252df870349b6b9b1cc014c6a276d8623d commit d30b57252df870349b6b9b1cc014c6a276d8623d Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2022-12-14 21:36:23 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2023-01-05 00:35:46 +0000 network.subr: Add missing brace PR: 268378 Submitted by: jyoung15@gmail.com Reported by: jyoung15@gmail.com (cherry picked from commit 87061d3bffd1becd643b0ba9dc6f0a7699efbb39) libexec/rc/network.subr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
A commit in branch stable/12 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=8c7c23a6e030e02c785d3053b57d654987b5a431 commit 8c7c23a6e030e02c785d3053b57d654987b5a431 Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2022-12-14 21:36:23 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2023-01-05 00:35:59 +0000 network.subr: Add missing brace PR: 268378 Submitted by: jyoung15@gmail.com Reported by: jyoung15@gmail.com (cherry picked from commit 87061d3bffd1becd643b0ba9dc6f0a7699efbb39) libexec/rc/network.subr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=40455909e124f41ba4b25194ed9991a1b71dce79 commit 40455909e124f41ba4b25194ed9991a1b71dce79 Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2022-12-14 21:41:10 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2023-02-01 02:53:11 +0000 network.subr: Fix infinite loop When setting up carp tunnel, using a password consisting of only the characters used as hexadecimal characters, i.e. abc-def, there will be an infinite loop in the shell function ifalias_af_common_handler(). To circumvent this we test for " pass ". PR: 268378 Reported by: jyoung15@gmail.com Differential Revision: https://reviews.freebsd.org/D37748 (cherry picked from commit e3e57edf4aac05d041ca55ff2f008c6109ef88d5) libexec/rc/network.subr | 3 +++ 1 file changed, 3 insertions(+)
A commit in branch stable/12 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3512eda8e078d1ca49f6c3ec74eb78d6f373b66b commit 3512eda8e078d1ca49f6c3ec74eb78d6f373b66b Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2022-12-14 21:41:10 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2023-02-01 02:55:19 +0000 network.subr: Fix infinite loop When setting up carp tunnel, using a password consisting of only the characters used as hexadecimal characters, i.e. abc-def, there will be an infinite loop in the shell function ifalias_af_common_handler(). To circumvent this we test for " pass ". PR: 268378 Reported by: jyoung15@gmail.com Differential Revision: https://reviews.freebsd.org/D37748 (cherry picked from commit e3e57edf4aac05d041ca55ff2f008c6109ef88d5) libexec/rc/network.subr | 3 +++ 1 file changed, 3 insertions(+)
MFCed, fixed.