network/tunnel: allow Local=/Remote=any for all tunnel types

It seems there is no restriction for local and remote addresses. Fixes #34930. (cherry picked from commit 5e48fd0506ed6212c9db2276d5845ab77aa9bce4) (cherry picked from commit 3093ac05abcaf5a43f75ec1d5702ed226cc3ce31)
2025-03-11 04:58:19 +03:00 · 2024-10-30 02:51:18 +09:00 · 2024-10-30 02:51:18 +09:00 · 81c84336f4
commit 81c84336f4
parent 80efb1da3f
1 changed files with 14 additions and 21 deletions
--- a/src/network/netdev/tunnel.c
+++ b/src/network/netdev/tunnel.c
@ -681,34 +681,27 @@ static int netdev_tunnel_verify(NetDev *netdev, const char *filename) {
                }
        }

-        if (IN_SET(netdev->kind, NETDEV_KIND_VTI, NETDEV_KIND_IPIP, NETDEV_KIND_SIT, NETDEV_KIND_GRE) &&
-            !IN_SET(t->family, AF_UNSPEC, AF_INET))
-                return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
-                                              "vti/ipip/sit/gre tunnel without a local/remote IPv4 address configured in %s. Ignoring", filename);
+        if (IN_SET(netdev->kind, NETDEV_KIND_VTI, NETDEV_KIND_IPIP, NETDEV_KIND_SIT, NETDEV_KIND_GRE, NETDEV_KIND_GRETAP, NETDEV_KIND_ERSPAN)) {
+                if (!IN_SET(t->family, AF_UNSPEC, AF_INET))
+                        return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
+                                                      "%s tunnel without a local/remote IPv4 address configured in %s, ignoring.",
+                                                      netdev_kind_to_string(netdev->kind), filename);

-        if (IN_SET(netdev->kind, NETDEV_KIND_GRETAP, NETDEV_KIND_ERSPAN) &&
-            (t->family != AF_INET || !in_addr_is_set(t->family, &t->remote)))
-                return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
-                                              "gretap/erspan tunnel without a remote IPv4 address configured in %s. Ignoring", filename);
+                t->family = AF_INET; /* For netlink_message_append_in_addr_union(). */
+        }

-        if ((IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL) && t->family != AF_INET6) ||
-            (netdev->kind == NETDEV_KIND_IP6GRE && !IN_SET(t->family, AF_UNSPEC, AF_INET6)))
-                return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
-                                              "vti6/ip6tnl/ip6gre tunnel without a local/remote IPv6 address configured in %s. Ignoring", filename);
-
-        if (netdev->kind == NETDEV_KIND_IP6GRETAP &&
-            (t->family != AF_INET6 || !in_addr_is_set(t->family, &t->remote)))
-                return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
-                                              "ip6gretap tunnel without a remote IPv6 address configured in %s. Ignoring", filename);
+        if (IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL, NETDEV_KIND_IP6GRE, NETDEV_KIND_IP6GRETAP)) {
+                if (!IN_SET(t->family, AF_UNSPEC, AF_INET6))
+                        return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
+                                                      "%s tunnel without a local/remote IPv6 address configured in %s, ignoring,",
+                                                      netdev_kind_to_string(netdev->kind), filename);
+                t->family = AF_INET6; /* For netlink_message_append_in_addr_union(). */
+        }

        if (t->fou_tunnel && t->fou_destination_port <= 0)
                return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
                                              "FooOverUDP missing port configured in %s. Ignoring", filename);

-        /* netlink_message_append_in_addr_union() is used for vti/vti6. So, t->family cannot be AF_UNSPEC. */
-        if (netdev->kind == NETDEV_KIND_VTI)
-                t->family = AF_INET;
-
        if (t->assign_to_loopback)
                t->independent = true;