diff options
| author |   Yu Watanabe <watanabe.yu+github@gmail.com> | 2019-10-14 02:00:47 +0900 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2019-10-14 20:54:43 +0900 |
| commit | 55d3fdcf5e9f6ceb9fc1a5f93120305f20abf690 (patch) | |
| tree | 8de2864840cbcaa9c48c75b83efd54f1ba754882 | |
| parent | Merge pull request #13761 from dtardon/program-name (diff) | |
| download | systemd-55d3fdcf5e9f6ceb9fc1a5f93120305f20abf690.tar.xz systemd-55d3fdcf5e9f6ceb9fc1a5f93120305f20abf690.zip | |
network: ndisc: do not drop all prefixes when a prefix matches a blacklist
Fixes #13767.
| -rw-r--r-- | src/network/networkd-ndisc.c | 63 |
1 files changed, 19 insertions, 44 deletions
diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c index 49ef022e32c..402d1acd4b2 100644 --- a/src/network/networkd-ndisc.c +++ b/src/network/networkd-ndisc.c @@ -546,6 +546,7 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) { int r; assert(link); + assert(link->network); assert(rt); r = sd_ndisc_router_option_rewind(rt); @@ -564,8 +565,24 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) { switch (type) { case SD_NDISC_OPTION_PREFIX_INFORMATION: { + union in_addr_union a; uint8_t flags; + r = sd_ndisc_router_prefix_get_address(rt, &a.in6); + if (r < 0) + return log_link_error_errno(link, r, "Failed to get prefix address: %m"); + + if (set_contains(link->network->ndisc_black_listed_prefix, &a.in6)) { + if (DEBUG_LOGGING) { + _cleanup_free_ char *b = NULL; + + (void) in_addr_to_string(AF_INET6, &a, &b); + log_link_debug(link, "Prefix '%s' is black listed, ignoring", strna(b)); + } + + break; + } + r = sd_ndisc_router_prefix_get_flags(rt, &flags); if (r < 0) return log_link_warning_errno(link, r, "Failed to get RA prefix flags: %m"); @@ -602,46 +619,6 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) { return 0; } -static int ndisc_prefix_is_black_listed(Link *link, sd_ndisc_router *rt) { - int r; - - assert(link); - assert(link->network); - assert(rt); - - for (r = sd_ndisc_router_option_rewind(rt); ; r = sd_ndisc_router_option_next(rt)) { - union in_addr_union a; - uint8_t type; - - if (r < 0) - return log_link_warning_errno(link, r, "Failed to iterate through options: %m"); - if (r == 0) /* EOF */ - return false; - - r = sd_ndisc_router_option_get_type(rt, &type); - if (r < 0) - return log_link_warning_errno(link, r, "Failed to get RA option type: %m"); - - if (type != SD_NDISC_OPTION_PREFIX_INFORMATION) - continue; - - r = sd_ndisc_router_prefix_get_address(rt, &a.in6); - if (r < 0) - return log_link_error_errno(link, r, "Failed to get prefix address: %m"); - - if (set_contains(link->network->ndisc_black_listed_prefix, &a.in6)) { - if (DEBUG_LOGGING) { - _cleanup_free_ char *b = NULL; - - (void) in_addr_to_string(AF_INET6, &a, &b); - log_link_debug(link, "Prefix '%s' is black listed, ignoring", strna(b)); - } - - return true; - } - } -} - static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) { uint64_t flags; int r; @@ -666,10 +643,8 @@ static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) { } } - if (ndisc_prefix_is_black_listed(link, rt) == 0) { - (void) ndisc_router_process_default(link, rt); - (void) ndisc_router_process_options(link, rt); - } + (void) ndisc_router_process_default(link, rt); + (void) ndisc_router_process_options(link, rt); return r; } |