Prevent crash of unprivileged engine process (pledged stdio).

The length field of a DNS label in the DNS search list option is an 8
bit unsigned value. parse_dnssl() treats the search list option as an
array of char, which are signed on most archs. When we read this value
into an int variable it gets sign extended, allowing it to bypass
sanity checks and eventually we pass it as the length to memcpy which
treats it as a huge unsigned value leading to a heap overflow.

An easy fix would be change the signature of parse_dnssl to
parse_dnssl(uint8_t* data, int datalen).

However, the DNS search list option is unused and the function fails
to check if the parsed value is a valid domain name. The function is
also getting in the way of future work so it's best to just delete it.

The problem was found and reported by qualys, thanks!

OK bluhm

branches: 1.22.2; 1.22.4;
Use new terminology of RFC 8981 and (mechanically) replace "privacy"
with "temporary".

Path #defines are traditionally prefixed with _PATH.
pointed out by deraadt

Let slaacd handle all rdomains in a single daemon.
Suggested by claudio and matthieu
Testing matthieu
Putting it in now to get enough testing before release so that there
is enough time to back it out, suggested by deraadt

Make the control socket name depend on the routing domain we are in.
That way, when slaacd gets started in a different rdomain with
route exec things just work, no need to provide an alternative
control socket.
Pointed out by claudio
Original diff by benno, but I like my bikeshed purple.
OK benno, claudio

Send DNS proposals on route socket when new nameservers are learned
from router advertisements.
unwind(8) can solicit DNS proposals by sending an empty RTM_PROPOSAL
message with priority RTP_PROPOSAL_SOLICIT.

Correctly group initialization of AF_UNIX socket.
spotted by deraadt in new code, sweep by me.
OK deraadt

Remove redundant newline.
pointed out by deraadt@

Enable slaacctl(8) to print information on an advertised MTU.

OK florian@

pledge earlier in preparation of pledgepath

print id first to make this symetrical to address proposals

typo

Show timeouts for addresses and default routers.

print default router IP

nano second resolution is meaningless

Use "infinity" for pltime / vltime.
It's a bit easier on the eyes than 4294967295.
While here standardize on a width of 10.

whitespace encountered during review

propose and configure default gateway

print router preference

do not use %hhu

show address proposals in slaacdctl show interface output

no longer carry addresses in struct radv_prefix

The canonical name for ctl programs is without 'd'.
Pointed out by Brad.
OK deraadt@

Use new terminology of RFC 8981 and (mechanically) replace "privacy"
with "temporary".

Path #defines are traditionally prefixed with _PATH.
pointed out by deraadt

Let slaacd handle all rdomains in a single daemon.
Suggested by claudio and matthieu
Testing matthieu
Putting it in now to get enough testing before release so that there
is enough time to back it out, suggested by deraadt

Make the control socket name depend on the routing domain we are in.
That way, when slaacd gets started in a different rdomain with
route exec things just work, no need to provide an alternative
control socket.
Pointed out by claudio
Original diff by benno, but I like my bikeshed purple.
OK benno, claudio

Send DNS proposals on route socket when new nameservers are learned
from router advertisements.
unwind(8) can solicit DNS proposals by sending an empty RTM_PROPOSAL
message with priority RTP_PROPOSAL_SOLICIT.

Correctly group initialization of AF_UNIX socket.
spotted by deraadt in new code, sweep by me.
OK deraadt

Remove redundant newline.
pointed out by deraadt@

Enable slaacctl(8) to print information on an advertised MTU.

OK florian@

pledge earlier in preparation of pledgepath

print id first to make this symetrical to address proposals

typo

Show timeouts for addresses and default routers.

print default router IP

nano second resolution is meaningless

Use "infinity" for pltime / vltime.
It's a bit easier on the eyes than 4294967295.
While here standardize on a width of 10.

whitespace encountered during review

propose and configure default gateway

print router preference

do not use %hhu

show address proposals in slaacdctl show interface output

no longer carry addresses in struct radv_prefix

The canonical name for ctl programs is without 'd'.
Pointed out by Brad.
OK deraadt@

Path #defines are traditionally prefixed with _PATH.
pointed out by deraadt

Let slaacd handle all rdomains in a single daemon.
Suggested by claudio and matthieu
Testing matthieu
Putting it in now to get enough testing before release so that there
is enough time to back it out, suggested by deraadt

Make the control socket name depend on the routing domain we are in.
That way, when slaacd gets started in a different rdomain with
route exec things just work, no need to provide an alternative
control socket.
Pointed out by claudio
Original diff by benno, but I like my bikeshed purple.
OK benno, claudio

Send DNS proposals on route socket when new nameservers are learned
from router advertisements.
unwind(8) can solicit DNS proposals by sending an empty RTM_PROPOSAL
message with priority RTP_PROPOSAL_SOLICIT.

Correctly group initialization of AF_UNIX socket.
spotted by deraadt in new code, sweep by me.
OK deraadt

Remove redundant newline.
pointed out by deraadt@

Enable slaacctl(8) to print information on an advertised MTU.

OK florian@

pledge earlier in preparation of pledgepath

print id first to make this symetrical to address proposals

typo

Show timeouts for addresses and default routers.

print default router IP

nano second resolution is meaningless

Use "infinity" for pltime / vltime.
It's a bit easier on the eyes than 4294967295.
While here standardize on a width of 10.

whitespace encountered during review

propose and configure default gateway

print router preference

do not use %hhu

show address proposals in slaacdctl show interface output

no longer carry addresses in struct radv_prefix

The canonical name for ctl programs is without 'd'.
Pointed out by Brad.
OK deraadt@

Let slaacd handle all rdomains in a single daemon.
Suggested by claudio and matthieu
Testing matthieu
Putting it in now to get enough testing before release so that there
is enough time to back it out, suggested by deraadt

Make the control socket name depend on the routing domain we are in.
That way, when slaacd gets started in a different rdomain with
route exec things just work, no need to provide an alternative
control socket.
Pointed out by claudio
Original diff by benno, but I like my bikeshed purple.
OK benno, claudio

Send DNS proposals on route socket when new nameservers are learned
from router advertisements.
unwind(8) can solicit DNS proposals by sending an empty RTM_PROPOSAL
message with priority RTP_PROPOSAL_SOLICIT.

Correctly group initialization of AF_UNIX socket.
spotted by deraadt in new code, sweep by me.
OK deraadt

Remove redundant newline.
pointed out by deraadt@

Enable slaacctl(8) to print information on an advertised MTU.

OK florian@

pledge earlier in preparation of pledgepath

print id first to make this symetrical to address proposals

typo

Show timeouts for addresses and default routers.

print default router IP

nano second resolution is meaningless

Use "infinity" for pltime / vltime.
It's a bit easier on the eyes than 4294967295.
While here standardize on a width of 10.

whitespace encountered during review

propose and configure default gateway

print router preference

do not use %hhu

show address proposals in slaacdctl show interface output

no longer carry addresses in struct radv_prefix

The canonical name for ctl programs is without 'd'.
Pointed out by Brad.
OK deraadt@

Make the control socket name depend on the routing domain we are in.
That way, when slaacd gets started in a different rdomain with
route exec things just work, no need to provide an alternative
control socket.
Pointed out by claudio
Original diff by benno, but I like my bikeshed purple.
OK benno, claudio

Send DNS proposals on route socket when new nameservers are learned
from router advertisements.
unwind(8) can solicit DNS proposals by sending an empty RTM_PROPOSAL
message with priority RTP_PROPOSAL_SOLICIT.

Correctly group initialization of AF_UNIX socket.
spotted by deraadt in new code, sweep by me.
OK deraadt

Remove redundant newline.
pointed out by deraadt@

Enable slaacctl(8) to print information on an advertised MTU.

OK florian@

pledge earlier in preparation of pledgepath

print id first to make this symetrical to address proposals

typo

Show timeouts for addresses and default routers.

print default router IP

nano second resolution is meaningless

Use "infinity" for pltime / vltime.
It's a bit easier on the eyes than 4294967295.
While here standardize on a width of 10.

whitespace encountered during review

propose and configure default gateway

print router preference

do not use %hhu

show address proposals in slaacdctl show interface output

no longer carry addresses in struct radv_prefix

The canonical name for ctl programs is without 'd'.
Pointed out by Brad.
OK deraadt@

Send DNS proposals on route socket when new nameservers are learned
from router advertisements.
unwind(8) can solicit DNS proposals by sending an empty RTM_PROPOSAL
message with priority RTP_PROPOSAL_SOLICIT.

Correctly group initialization of AF_UNIX socket.
spotted by deraadt in new code, sweep by me.
OK deraadt

Remove redundant newline.
pointed out by deraadt@

Enable slaacctl(8) to print information on an advertised MTU.

OK florian@

pledge earlier in preparation of pledgepath

print id first to make this symetrical to address proposals

typo

Show timeouts for addresses and default routers.

print default router IP

nano second resolution is meaningless

Use "infinity" for pltime / vltime.
It's a bit easier on the eyes than 4294967295.
While here standardize on a width of 10.

whitespace encountered during review

propose and configure default gateway

print router preference

do not use %hhu

show address proposals in slaacdctl show interface output

no longer carry addresses in struct radv_prefix

The canonical name for ctl programs is without 'd'.
Pointed out by Brad.
OK deraadt@

Correctly group initialization of AF_UNIX socket.
spotted by deraadt in new code, sweep by me.
OK deraadt

Remove redundant newline.
pointed out by deraadt@

Enable slaacctl(8) to print information on an advertised MTU.

OK florian@

pledge earlier in preparation of pledgepath

print id first to make this symetrical to address proposals

typo

Show timeouts for addresses and default routers.

print default router IP

nano second resolution is meaningless

Use "infinity" for pltime / vltime.
It's a bit easier on the eyes than 4294967295.
While here standardize on a width of 10.

whitespace encountered during review

propose and configure default gateway

print router preference

do not use %hhu

show address proposals in slaacdctl show interface output

no longer carry addresses in struct radv_prefix

The canonical name for ctl programs is without 'd'.
Pointed out by Brad.
OK deraadt@

Remove redundant newline.
pointed out by deraadt@

Enable slaacctl(8) to print information on an advertised MTU.

OK florian@

pledge earlier in preparation of pledgepath

print id first to make this symetrical to address proposals

typo

Show timeouts for addresses and default routers.

print default router IP

nano second resolution is meaningless

Use "infinity" for pltime / vltime.
It's a bit easier on the eyes than 4294967295.
While here standardize on a width of 10.

whitespace encountered during review

propose and configure default gateway

print router preference

do not use %hhu

show address proposals in slaacdctl show interface output

no longer carry addresses in struct radv_prefix

The canonical name for ctl programs is without 'd'.
Pointed out by Brad.
OK deraadt@

Enable slaacctl(8) to print information on an advertised MTU.

OK florian@

pledge earlier in preparation of pledgepath

print id first to make this symetrical to address proposals

typo

Show timeouts for addresses and default routers.

print default router IP

nano second resolution is meaningless

Use "infinity" for pltime / vltime.
It's a bit easier on the eyes than 4294967295.
While here standardize on a width of 10.

whitespace encountered during review

propose and configure default gateway

print router preference

do not use %hhu

show address proposals in slaacdctl show interface output

no longer carry addresses in struct radv_prefix

The canonical name for ctl programs is without 'd'.
Pointed out by Brad.
OK deraadt@

pledge earlier in preparation of pledgepath

print id first to make this symetrical to address proposals

typo

Show timeouts for addresses and default routers.

print default router IP

nano second resolution is meaningless

Use "infinity" for pltime / vltime.
It's a bit easier on the eyes than 4294967295.
While here standardize on a width of 10.

whitespace encountered during review

propose and configure default gateway

print router preference

do not use %hhu

show address proposals in slaacdctl show interface output

no longer carry addresses in struct radv_prefix

The canonical name for ctl programs is without 'd'.
Pointed out by Brad.
OK deraadt@

print id first to make this symetrical to address proposals

typo

Show timeouts for addresses and default routers.

print default router IP

nano second resolution is meaningless

Use "infinity" for pltime / vltime.
It's a bit easier on the eyes than 4294967295.
While here standardize on a width of 10.

whitespace encountered during review

propose and configure default gateway

print router preference

do not use %hhu

show address proposals in slaacdctl show interface output

no longer carry addresses in struct radv_prefix

The canonical name for ctl programs is without 'd'.
Pointed out by Brad.
OK deraadt@