114 lines
4.3 KiB
Diff
114 lines
4.3 KiB
Diff
From 55d3fdcf5e9f6ceb9fc1a5f93120305f20abf690 Mon Sep 17 00:00:00 2001
|
|
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
|
Date: Mon, 14 Oct 2019 02:00:47 +0900
|
|
Subject: [PATCH] network: ndisc: do not drop all prefixes when a prefix
|
|
matches a blacklist
|
|
|
|
Fixes #13767.
|
|
Reference: https://github.com/systemd/systemd/commit/55d3fdcf5e9f6ceb9fc1a5f93120305f20abf690
|
|
Conflict: NA
|
|
---
|
|
src/network/networkd-ndisc.c | 63 +++++++++++-------------------------
|
|
1 file changed, 19 insertions(+), 44 deletions(-)
|
|
|
|
diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c
|
|
index 49ef022e32..402d1acd4b 100644
|
|
--- a/src/network/networkd-ndisc.c
|
|
+++ b/src/network/networkd-ndisc.c
|
|
@@ -546,6 +546,7 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) {
|
|
int r;
|
|
|
|
assert(link);
|
|
+ assert(link->network);
|
|
assert(rt);
|
|
|
|
r = sd_ndisc_router_option_rewind(rt);
|
|
@@ -564,8 +565,24 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) {
|
|
switch (type) {
|
|
|
|
case SD_NDISC_OPTION_PREFIX_INFORMATION: {
|
|
+ union in_addr_union a;
|
|
uint8_t flags;
|
|
|
|
+ r = sd_ndisc_router_prefix_get_address(rt, &a.in6);
|
|
+ if (r < 0)
|
|
+ return log_link_error_errno(link, r, "Failed to get prefix address: %m");
|
|
+
|
|
+ if (set_contains(link->network->ndisc_black_listed_prefix, &a.in6)) {
|
|
+ if (DEBUG_LOGGING) {
|
|
+ _cleanup_free_ char *b = NULL;
|
|
+
|
|
+ (void) in_addr_to_string(AF_INET6, &a, &b);
|
|
+ log_link_debug(link, "Prefix '%s' is black listed, ignoring", strna(b));
|
|
+ }
|
|
+
|
|
+ break;
|
|
+ }
|
|
+
|
|
r = sd_ndisc_router_prefix_get_flags(rt, &flags);
|
|
if (r < 0)
|
|
return log_link_warning_errno(link, r, "Failed to get RA prefix flags: %m");
|
|
@@ -602,46 +619,6 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) {
|
|
return 0;
|
|
}
|
|
|
|
-static int ndisc_prefix_is_black_listed(Link *link, sd_ndisc_router *rt) {
|
|
- int r;
|
|
-
|
|
- assert(link);
|
|
- assert(link->network);
|
|
- assert(rt);
|
|
-
|
|
- for (r = sd_ndisc_router_option_rewind(rt); ; r = sd_ndisc_router_option_next(rt)) {
|
|
- union in_addr_union a;
|
|
- uint8_t type;
|
|
-
|
|
- if (r < 0)
|
|
- return log_link_warning_errno(link, r, "Failed to iterate through options: %m");
|
|
- if (r == 0) /* EOF */
|
|
- return false;
|
|
-
|
|
- r = sd_ndisc_router_option_get_type(rt, &type);
|
|
- if (r < 0)
|
|
- return log_link_warning_errno(link, r, "Failed to get RA option type: %m");
|
|
-
|
|
- if (type != SD_NDISC_OPTION_PREFIX_INFORMATION)
|
|
- continue;
|
|
-
|
|
- r = sd_ndisc_router_prefix_get_address(rt, &a.in6);
|
|
- if (r < 0)
|
|
- return log_link_error_errno(link, r, "Failed to get prefix address: %m");
|
|
-
|
|
- if (set_contains(link->network->ndisc_black_listed_prefix, &a.in6)) {
|
|
- if (DEBUG_LOGGING) {
|
|
- _cleanup_free_ char *b = NULL;
|
|
-
|
|
- (void) in_addr_to_string(AF_INET6, &a, &b);
|
|
- log_link_debug(link, "Prefix '%s' is black listed, ignoring", strna(b));
|
|
- }
|
|
-
|
|
- return true;
|
|
- }
|
|
- }
|
|
-}
|
|
-
|
|
static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) {
|
|
uint64_t flags;
|
|
int r;
|
|
@@ -666,10 +643,8 @@ static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) {
|
|
}
|
|
}
|
|
|
|
- if (ndisc_prefix_is_black_listed(link, rt) == 0) {
|
|
- (void) ndisc_router_process_default(link, rt);
|
|
- (void) ndisc_router_process_options(link, rt);
|
|
- }
|
|
+ (void) ndisc_router_process_default(link, rt);
|
|
+ (void) ndisc_router_process_options(link, rt);
|
|
|
|
return r;
|
|
}
|
|
--
|
|
2.23.0
|
|
|