1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-06 17:18:12 +03:00

Merge pull request #32413 from yuwata/network-radv-validator

network/radv: several cleanups for validating configs
This commit is contained in:
Luca Boccassi 2024-04-23 01:02:34 +02:00 committed by GitHub
commit 8d1d8dfaed
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 60 additions and 68 deletions

View File

@ -308,8 +308,6 @@ int network_verify(Network *network) {
if (r < 0)
return r;
network_drop_invalid_address_labels(network);
network_drop_invalid_prefixes(network);
network_drop_invalid_route_prefixes(network);
network_drop_invalid_routing_policy_rules(network);
network_drop_invalid_qdisc(network);
network_drop_invalid_tclass(network);

View File

@ -7,6 +7,7 @@
#include <arpa/inet.h>
#include "dns-domain.h"
#include "ndisc-router-internal.h"
#include "networkd-address-generation.h"
#include "networkd-address.h"
#include "networkd-dhcp-prefix-delegation.h"
@ -22,36 +23,6 @@
#include "string-table.h"
#include "strv.h"
void network_adjust_radv(Network *network) {
assert(network);
/* After this function is called, network->router_prefix_delegation can be treated as a boolean. */
if (network->dhcp_pd < 0)
/* For backward compatibility. */
network->dhcp_pd = FLAGS_SET(network->router_prefix_delegation, RADV_PREFIX_DELEGATION_DHCP6);
if (!FLAGS_SET(network->link_local, ADDRESS_FAMILY_IPV6)) {
if (network->router_prefix_delegation != RADV_PREFIX_DELEGATION_NONE)
log_warning("%s: IPv6PrefixDelegation= is enabled but IPv6 link-local addressing is disabled. "
"Disabling IPv6PrefixDelegation=.", network->filename);
network->router_prefix_delegation = RADV_PREFIX_DELEGATION_NONE;
}
if (network->router_prefix_delegation == RADV_PREFIX_DELEGATION_NONE) {
network->n_router_dns = 0;
network->router_dns = mfree(network->router_dns);
network->router_search_domains = ordered_set_free(network->router_search_domains);
}
if (!FLAGS_SET(network->router_prefix_delegation, RADV_PREFIX_DELEGATION_STATIC)) {
network->prefixes_by_section = hashmap_free_with_destructor(network->prefixes_by_section, prefix_free);
network->route_prefixes_by_section = hashmap_free_with_destructor(network->route_prefixes_by_section, route_prefix_free);
network->pref64_prefixes_by_section = hashmap_free_with_destructor(network->pref64_prefixes_by_section, pref64_prefix_free);
}
}
bool link_radv_enabled(Link *link) {
assert(link);
@ -571,21 +542,17 @@ static int radv_configure(Link *link) {
if (r < 0)
return r;
if (link->network->router_lifetime_usec > 0) {
r = sd_radv_set_preference(link->radv, link->network->router_preference);
if (r < 0)
return r;
}
r = sd_radv_set_preference(link->radv, link->network->router_preference);
if (r < 0)
return r;
r = sd_radv_set_reachable_time(link->radv, link->network->router_reachable_usec);
if (r < 0)
return r;
if (link->network->router_retransmit_usec > 0) {
r = sd_radv_set_retransmit(link->radv, link->network->router_retransmit_usec);
if (r < 0)
return r;
}
r = sd_radv_set_retransmit(link->radv, link->network->router_retransmit_usec);
if (r < 0)
return r;
HASHMAP_FOREACH(p, link->network->prefixes_by_section) {
r = radv_set_prefix(link, p);
@ -841,16 +808,6 @@ static int prefix_section_verify(Prefix *p) {
return 0;
}
void network_drop_invalid_prefixes(Network *network) {
Prefix *p;
assert(network);
HASHMAP_FOREACH(p, network->prefixes_by_section)
if (prefix_section_verify(p) < 0)
prefix_free(p);
}
static int route_prefix_section_verify(RoutePrefix *p) {
if (section_is_invalid(p->section))
return -EINVAL;
@ -864,24 +821,64 @@ static int route_prefix_section_verify(RoutePrefix *p) {
return 0;
}
void network_drop_invalid_route_prefixes(Network *network) {
RoutePrefix *p;
void network_adjust_radv(Network *network) {
assert(network);
HASHMAP_FOREACH(p, network->route_prefixes_by_section)
if (route_prefix_section_verify(p) < 0)
route_prefix_free(p);
}
/* After this function is called, network->router_prefix_delegation can be treated as a boolean. */
void network_drop_invalid_pref64_prefixes(Network *network) {
pref64Prefix *p;
if (network->dhcp_pd < 0)
/* For backward compatibility. */
network->dhcp_pd = FLAGS_SET(network->router_prefix_delegation, RADV_PREFIX_DELEGATION_DHCP6);
assert(network);
if (!FLAGS_SET(network->link_local, ADDRESS_FAMILY_IPV6)) {
if (network->router_prefix_delegation != RADV_PREFIX_DELEGATION_NONE)
log_warning("%s: IPv6PrefixDelegation= is enabled but IPv6 link-local addressing is disabled. "
"Disabling IPv6PrefixDelegation=.", network->filename);
HASHMAP_FOREACH(p, network->pref64_prefixes_by_section)
if (section_is_invalid(p->section))
pref64_prefix_free(p);
network->router_prefix_delegation = RADV_PREFIX_DELEGATION_NONE;
}
if (network->router_prefix_delegation == RADV_PREFIX_DELEGATION_NONE) {
network->n_router_dns = 0;
network->router_dns = mfree(network->router_dns);
network->router_search_domains = ordered_set_free(network->router_search_domains);
}
if (!FLAGS_SET(network->router_prefix_delegation, RADV_PREFIX_DELEGATION_STATIC)) {
network->prefixes_by_section = hashmap_free_with_destructor(network->prefixes_by_section, prefix_free);
network->route_prefixes_by_section = hashmap_free_with_destructor(network->route_prefixes_by_section, route_prefix_free);
network->pref64_prefixes_by_section = hashmap_free_with_destructor(network->pref64_prefixes_by_section, pref64_prefix_free);
}
if (!network->router_prefix_delegation)
return;
/* Below, let's verify router settings, if enabled. */
if (network->router_lifetime_usec == 0 && network->router_preference != SD_NDISC_PREFERENCE_MEDIUM)
/* RFC 4191, Section 2.2,
* If the Router Lifetime is zero, the preference value MUST be set to (00) by the sender.
*
* Note, radv_send_router() gracefully handle that. So, it is not necessary to refuse, but
* let's warn about that. */
log_notice("%s: RouterPreference=%s specified with RouterLifetimeSec=0, ignoring RouterPreference= setting.",
network->filename, ndisc_router_preference_to_string(network->router_preference));
Prefix *prefix;
HASHMAP_FOREACH(prefix, network->prefixes_by_section)
if (prefix_section_verify(prefix) < 0)
prefix_free(prefix);
RoutePrefix *route;
HASHMAP_FOREACH(route, network->route_prefixes_by_section)
if (route_prefix_section_verify(route) < 0)
route_prefix_free(route);
pref64Prefix *pref64;
HASHMAP_FOREACH(pref64, network->pref64_prefixes_by_section)
if (section_is_invalid(pref64->section))
pref64_prefix_free(pref64);
}
int config_parse_prefix(

View File

@ -65,9 +65,6 @@ Prefix *prefix_free(Prefix *prefix);
RoutePrefix *route_prefix_free(RoutePrefix *prefix);
pref64Prefix *pref64_prefix_free(pref64Prefix *prefix);
void network_drop_invalid_prefixes(Network *network);
void network_drop_invalid_route_prefixes(Network *network);
void network_drop_invalid_pref64_prefixes(Network *network);
void network_adjust_radv(Network *network);
int link_request_radv_addresses(Link *link);