From fbdda4bb535de2dd8e5bc930d8d533b750321fc0 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Tue, 9 Nov 2021 06:26:29 +0900 Subject: [PATCH] network: ndisc: split out prefix option handling into ndsic_router_process_prefix() --- src/network/networkd-ndisc.c | 109 +++++++++++++++++++++-------------- 1 file changed, 65 insertions(+), 44 deletions(-) diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c index 5f831b58a40..25322bb7aa3 100644 --- a/src/network/networkd-ndisc.c +++ b/src/network/networkd-ndisc.c @@ -390,8 +390,12 @@ static int ndisc_router_process_autonomous_prefix(Link *link, sd_ndisc_router *r int r; assert(link); + assert(link->network); assert(rt); + if (!link->network->ipv6_accept_ra_use_autonomous_prefix) + return 0; + r = sd_ndisc_router_get_timestamp(rt, clock_boottime_or_monotonic(), ×tamp_usec); if (r < 0) return log_link_error_errno(link, r, "Failed to get RA timestamp: %m"); @@ -479,8 +483,12 @@ static int ndisc_router_process_onlink_prefix(Link *link, sd_ndisc_router *rt) { int r; assert(link); + assert(link->network); assert(rt); + if (!link->network->ipv6_accept_ra_use_onlink_prefix) + return 0; + r = sd_ndisc_router_prefix_get_valid_lifetime(rt, &lifetime_sec); if (r < 0) return log_link_error_errno(link, r, "Failed to get prefix lifetime: %m"); @@ -516,6 +524,56 @@ static int ndisc_router_process_onlink_prefix(Link *link, sd_ndisc_router *rt) { return 0; } +static int ndisc_router_process_prefix(Link *link, sd_ndisc_router *rt) { + unsigned prefixlen; + struct in6_addr a; + uint8_t flags; + int r; + + assert(link); + assert(link->network); + assert(rt); + + r = sd_ndisc_router_prefix_get_address(rt, &a); + if (r < 0) + return log_link_error_errno(link, r, "Failed to get prefix address: %m"); + + r = sd_ndisc_router_prefix_get_prefixlen(rt, &prefixlen); + if (r < 0) + return log_link_error_errno(link, r, "Failed to get prefix length: %m"); + + if (in6_prefix_is_filtered(&a, prefixlen, link->network->ndisc_allow_listed_prefix, link->network->ndisc_deny_listed_prefix)) { + if (DEBUG_LOGGING) { + _cleanup_free_ char *b = NULL; + + (void) in6_addr_prefix_to_string(&a, prefixlen, &b); + if (!set_isempty(link->network->ndisc_allow_listed_prefix)) + log_link_debug(link, "Prefix '%s' is not in allow list, ignoring", strna(b)); + else + log_link_debug(link, "Prefix '%s' is in deny list, ignoring", strna(b)); + } + return 0; + } + + r = sd_ndisc_router_prefix_get_flags(rt, &flags); + if (r < 0) + return log_link_error_errno(link, r, "Failed to get RA prefix flags: %m"); + + if (FLAGS_SET(flags, ND_OPT_PI_FLAG_ONLINK)) { + r = ndisc_router_process_onlink_prefix(link, rt); + if (r < 0) + return r; + } + + if (FLAGS_SET(flags, ND_OPT_PI_FLAG_AUTO)) { + r = ndisc_router_process_autonomous_prefix(link, rt); + if (r < 0) + return r; + } + + return 0; +} + static int ndisc_router_process_route(Link *link, sd_ndisc_router *rt) { _cleanup_(route_freep) Route *route = NULL; unsigned preference, prefixlen; @@ -775,11 +833,13 @@ static int ndisc_router_process_dnssl(Link *link, sd_ndisc_router *rt) { } static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) { + int r; + assert(link); assert(link->network); assert(rt); - for (int r = sd_ndisc_router_option_rewind(rt); ; r = sd_ndisc_router_option_next(rt)) { + for (r = sd_ndisc_router_option_rewind(rt); ; r = sd_ndisc_router_option_next(rt)) { uint8_t type; if (r < 0) @@ -793,51 +853,11 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) { switch (type) { - case SD_NDISC_OPTION_PREFIX_INFORMATION: { - unsigned prefixlen; - struct in6_addr a; - uint8_t flags; - - r = sd_ndisc_router_prefix_get_address(rt, &a); + case SD_NDISC_OPTION_PREFIX_INFORMATION: + r = ndisc_router_process_prefix(link, rt); if (r < 0) - return log_link_error_errno(link, r, "Failed to get prefix address: %m"); - - r = sd_ndisc_router_prefix_get_prefixlen(rt, &prefixlen); - if (r < 0) - return log_link_error_errno(link, r, "Failed to get prefix length: %m"); - - if (in6_prefix_is_filtered(&a, prefixlen, link->network->ndisc_allow_listed_prefix, link->network->ndisc_deny_listed_prefix)) { - if (DEBUG_LOGGING) { - _cleanup_free_ char *b = NULL; - - (void) in6_addr_prefix_to_string(&a, prefixlen, &b); - if (!set_isempty(link->network->ndisc_allow_listed_prefix)) - log_link_debug(link, "Prefix '%s' is not in allow list, ignoring", strna(b)); - else - log_link_debug(link, "Prefix '%s' is in deny list, ignoring", strna(b)); - } - break; - } - - r = sd_ndisc_router_prefix_get_flags(rt, &flags); - if (r < 0) - return log_link_error_errno(link, r, "Failed to get RA prefix flags: %m"); - - if (link->network->ipv6_accept_ra_use_onlink_prefix && - FLAGS_SET(flags, ND_OPT_PI_FLAG_ONLINK)) { - r = ndisc_router_process_onlink_prefix(link, rt); - if (r < 0) - return r; - } - - if (link->network->ipv6_accept_ra_use_autonomous_prefix && - FLAGS_SET(flags, ND_OPT_PI_FLAG_AUTO)) { - r = ndisc_router_process_autonomous_prefix(link, rt); - if (r < 0) - return r; - } + return r; break; - } case SD_NDISC_OPTION_ROUTE_INFORMATION: r = ndisc_router_process_route(link, rt); @@ -961,6 +981,7 @@ static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) { r = ndisc_router_process_default(link, rt); if (r < 0) return r; + r = ndisc_router_process_options(link, rt); if (r < 0) return r;