]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/network/networkd-address.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Drop the text argument from assert_not_reached()
[thirdparty/systemd.git] / src / network / networkd-address.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <net/if.h>
4 #include <net/if_arp.h>
5
6 #include "alloc-util.h"
7 #include "firewall-util.h"
8 #include "memory-util.h"
9 #include "netlink-util.h"
10 #include "networkd-address-pool.h"
11 #include "networkd-address.h"
12 #include "networkd-ipv4acd.h"
13 #include "networkd-manager.h"
14 #include "networkd-network.h"
15 #include "networkd-queue.h"
16 #include "parse-util.h"
17 #include "string-util.h"
18 #include "strv.h"
19 #include "strxcpyx.h"
20
21 #define ADDRESSES_PER_LINK_MAX 2048U
22 #define STATIC_ADDRESSES_PER_NETWORK_MAX 1024U
23
24 static int address_flags_to_string_alloc(uint32_t flags, int family, char **ret) {
25 _cleanup_free_ char *str = NULL;
26 static const struct {
27 uint32_t flag;
28 const char *name;
29 } map[] = {
30 { IFA_F_SECONDARY, "secondary" }, /* This is also called "temporary" for ipv6. */
31 { IFA_F_NODAD, "nodad" },
32 { IFA_F_OPTIMISTIC, "optimistic" },
33 { IFA_F_DADFAILED, "dadfailed" },
34 { IFA_F_HOMEADDRESS, "home-address" },
35 { IFA_F_DEPRECATED, "deprecated" },
36 { IFA_F_TENTATIVE, "tentative" },
37 { IFA_F_PERMANENT, "permanent" },
38 { IFA_F_MANAGETEMPADDR, "manage-temporary-address" },
39 { IFA_F_NOPREFIXROUTE, "no-prefixroute" },
40 { IFA_F_MCAUTOJOIN, "auto-join" },
41 { IFA_F_STABLE_PRIVACY, "stable-privacy" },
42 };
43
44 assert(IN_SET(family, AF_INET, AF_INET6));
45 assert(ret);
46
47 for (size_t i = 0; i < ELEMENTSOF(map); i++)
48 if (flags & map[i].flag &&
49 !strextend_with_separator(
50 &str, ",",
51 map[i].flag == IFA_F_SECONDARY && family == AF_INET6 ? "temporary" : map[i].name))
52 return -ENOMEM;
53
54 *ret = TAKE_PTR(str);
55 return 0;
56 }
57
58 int generate_ipv6_eui_64_address(const Link *link, struct in6_addr *ret) {
59 assert(link);
60 assert(ret);
61
62 if (link->iftype == ARPHRD_INFINIBAND) {
63 /* see RFC4391 section 8 */
64 memcpy(&ret->s6_addr[8], &link->hw_addr.infiniband[12], 8);
65 ret->s6_addr[8] ^= 1 << 1;
66
67 return 0;
68 }
69
70 /* see RFC4291 section 2.5.1 */
71 ret->s6_addr[8] = link->hw_addr.ether.ether_addr_octet[0];
72 ret->s6_addr[8] ^= 1 << 1;
73 ret->s6_addr[9] = link->hw_addr.ether.ether_addr_octet[1];
74 ret->s6_addr[10] = link->hw_addr.ether.ether_addr_octet[2];
75 ret->s6_addr[11] = 0xff;
76 ret->s6_addr[12] = 0xfe;
77 ret->s6_addr[13] = link->hw_addr.ether.ether_addr_octet[3];
78 ret->s6_addr[14] = link->hw_addr.ether.ether_addr_octet[4];
79 ret->s6_addr[15] = link->hw_addr.ether.ether_addr_octet[5];
80
81 return 0;
82 }
83
84 int address_new(Address **ret) {
85 _cleanup_(address_freep) Address *address = NULL;
86
87 address = new(Address, 1);
88 if (!address)
89 return -ENOMEM;
90
91 *address = (Address) {
92 .family = AF_UNSPEC,
93 .scope = RT_SCOPE_UNIVERSE,
94 .cinfo.ifa_prefered = CACHE_INFO_INFINITY_LIFE_TIME,
95 .cinfo.ifa_valid = CACHE_INFO_INFINITY_LIFE_TIME,
96 .set_broadcast = -1,
97 .duplicate_address_detection = ADDRESS_FAMILY_IPV6,
98 };
99
100 *ret = TAKE_PTR(address);
101
102 return 0;
103 }
104
105 static int address_new_static(Network *network, const char *filename, unsigned section_line, Address **ret) {
106 _cleanup_(network_config_section_freep) NetworkConfigSection *n = NULL;
107 _cleanup_(address_freep) Address *address = NULL;
108 int r;
109
110 assert(network);
111 assert(ret);
112 assert(filename);
113 assert(section_line > 0);
114
115 r = network_config_section_new(filename, section_line, &n);
116 if (r < 0)
117 return r;
118
119 address = ordered_hashmap_get(network->addresses_by_section, n);
120 if (address) {
121 *ret = TAKE_PTR(address);
122 return 0;
123 }
124
125 if (ordered_hashmap_size(network->addresses_by_section) >= STATIC_ADDRESSES_PER_NETWORK_MAX)
126 return -E2BIG;
127
128 r = address_new(&address);
129 if (r < 0)
130 return r;
131
132 address->network = network;
133 address->section = TAKE_PTR(n);
134 address->is_static = true;
135
136 r = ordered_hashmap_ensure_put(&network->addresses_by_section, &network_config_hash_ops, address->section, address);
137 if (r < 0)
138 return r;
139
140 *ret = TAKE_PTR(address);
141 return 0;
142 }
143
144 Address *address_free(Address *address) {
145 if (!address)
146 return NULL;
147
148 if (address->network) {
149 assert(address->section);
150 ordered_hashmap_remove(address->network->addresses_by_section, address->section);
151 }
152
153 if (address->link) {
154 NDiscAddress *n;
155
156 set_remove(address->link->addresses, address);
157 set_remove(address->link->addresses_foreign, address);
158 set_remove(address->link->addresses_ipv4acd, address);
159 set_remove(address->link->static_addresses, address);
160 if (address->link->dhcp_address == address)
161 address->link->dhcp_address = NULL;
162 if (address->link->dhcp_address_old == address)
163 address->link->dhcp_address_old = NULL;
164 set_remove(address->link->dhcp6_addresses, address);
165 set_remove(address->link->dhcp6_addresses_old, address);
166 set_remove(address->link->dhcp6_pd_addresses, address);
167 set_remove(address->link->dhcp6_pd_addresses_old, address);
168 SET_FOREACH(n, address->link->ndisc_addresses)
169 if (n->address == address)
170 free(set_remove(address->link->ndisc_addresses, n));
171
172 if (address->family == AF_INET6 &&
173 in6_addr_equal(&address->in_addr.in6, &address->link->ipv6ll_address))
174 memzero(&address->link->ipv6ll_address, sizeof(struct in6_addr));
175 }
176
177 sd_ipv4acd_unref(address->acd);
178
179 network_config_section_free(address->section);
180 free(address->label);
181 return mfree(address);
182 }
183
184 static bool address_may_have_broadcast(const Address *a) {
185 assert(a);
186
187 if (a->family != AF_INET)
188 return false;
189
190 if (in4_addr_is_set(&a->in_addr_peer.in))
191 return false;
192
193 /* A /31 or /32 IPv4 address does not have a broadcast address.
194 * See https://tools.ietf.org/html/rfc3021 */
195 if (a->prefixlen > 30)
196 return false;
197
198 if (a->set_broadcast >= 0)
199 return a->set_broadcast;
200
201 return true; /* Defaults to true. */
202 }
203
204 void address_set_broadcast(Address *a) {
205 assert(a);
206
207 if (!address_may_have_broadcast(a))
208 return;
209
210 /* If explicitly configured, do not update the address. */
211 if (in4_addr_is_set(&a->broadcast))
212 return;
213
214 /* If Address= is 0.0.0.0, then the broadcast address will be set later in address_acquire(). */
215 if (in4_addr_is_null(&a->in_addr.in))
216 return;
217
218 a->broadcast.s_addr = a->in_addr.in.s_addr | htobe32(UINT32_C(0xffffffff) >> a->prefixlen);
219 }
220
221 static bool address_may_set_broadcast(const Address *a, const Link *link) {
222 assert(a);
223 assert(link);
224
225 if (!address_may_have_broadcast(a))
226 return false;
227
228 /* Typical configuration for wireguard does not set broadcast. */
229 return !streq_ptr(link->kind, "wireguard");
230 }
231
232 static uint32_t address_prefix(const Address *a) {
233 assert(a);
234
235 /* make sure we don't try to shift by 32.
236 * See ISO/IEC 9899:TC3 § 6.5.7.3. */
237 if (a->prefixlen == 0)
238 return 0;
239
240 if (a->in_addr_peer.in.s_addr != 0)
241 return be32toh(a->in_addr_peer.in.s_addr) >> (32 - a->prefixlen);
242 else
243 return be32toh(a->in_addr.in.s_addr) >> (32 - a->prefixlen);
244 }
245
246 void address_hash_func(const Address *a, struct siphash *state) {
247 assert(a);
248
249 siphash24_compress(&a->family, sizeof(a->family), state);
250
251 switch (a->family) {
252 case AF_INET:
253 siphash24_compress(&a->prefixlen, sizeof(a->prefixlen), state);
254
255 uint32_t prefix = address_prefix(a);
256 siphash24_compress(&prefix, sizeof(prefix), state);
257
258 _fallthrough_;
259 case AF_INET6:
260 siphash24_compress(&a->in_addr, FAMILY_ADDRESS_SIZE(a->family), state);
261 break;
262 default:
263 /* treat any other address family as AF_UNSPEC */
264 break;
265 }
266 }
267
268 int address_compare_func(const Address *a1, const Address *a2) {
269 int r;
270
271 r = CMP(a1->family, a2->family);
272 if (r != 0)
273 return r;
274
275 switch (a1->family) {
276 case AF_INET:
277 /* See kernel's find_matching_ifa() in net/ipv4/devinet.c */
278 r = CMP(a1->prefixlen, a2->prefixlen);
279 if (r != 0)
280 return r;
281
282 r = CMP(address_prefix(a1), address_prefix(a2));
283 if (r != 0)
284 return r;
285
286 _fallthrough_;
287 case AF_INET6:
288 /* See kernel's ipv6_get_ifaddr() in net/ipv6/addrconf.c */
289 return memcmp(&a1->in_addr, &a2->in_addr, FAMILY_ADDRESS_SIZE(a1->family));
290 default:
291 /* treat any other address family as AF_UNSPEC */
292 return 0;
293 }
294 }
295
296 DEFINE_HASH_OPS_WITH_KEY_DESTRUCTOR(address_hash_ops, Address, address_hash_func, address_compare_func, address_free);
297
298 bool address_equal(const Address *a1, const Address *a2) {
299 if (a1 == a2)
300 return true;
301
302 if (!a1 || !a2)
303 return false;
304
305 return address_compare_func(a1, a2) == 0;
306 }
307
308 int address_dup(const Address *src, Address **ret) {
309 _cleanup_(address_freep) Address *dest = NULL;
310 int r;
311
312 assert(src);
313 assert(ret);
314
315 dest = newdup(Address, src, 1);
316 if (!dest)
317 return -ENOMEM;
318
319 /* clear all pointers */
320 dest->network = NULL;
321 dest->section = NULL;
322 dest->link = NULL;
323 dest->label = NULL;
324 dest->acd = NULL;
325
326 if (src->family == AF_INET) {
327 r = free_and_strdup(&dest->label, src->label);
328 if (r < 0)
329 return r;
330 }
331
332 *ret = TAKE_PTR(dest);
333 return 0;
334 }
335
336 static int address_set_masquerade(Address *address, bool add) {
337 union in_addr_union masked;
338 int r;
339
340 assert(address);
341 assert(address->link);
342
343 if (!address->link->network)
344 return 0;
345
346 if (address->family == AF_INET &&
347 !FLAGS_SET(address->link->network->ip_masquerade, ADDRESS_FAMILY_IPV4))
348 return 0;
349
350 if (address->family == AF_INET6 &&
351 !FLAGS_SET(address->link->network->ip_masquerade, ADDRESS_FAMILY_IPV6))
352 return 0;
353
354 if (address->scope >= RT_SCOPE_LINK)
355 return 0;
356
357 if (address->ip_masquerade_done == add)
358 return 0;
359
360 masked = address->in_addr;
361 r = in_addr_mask(address->family, &masked, address->prefixlen);
362 if (r < 0)
363 return r;
364
365 r = fw_add_masquerade(&address->link->manager->fw_ctx, add, address->family, &masked, address->prefixlen);
366 if (r < 0)
367 return r;
368
369 address->ip_masquerade_done = add;
370
371 return 0;
372 }
373
374 static int address_add_internal(Link *link, Set **addresses, const Address *in, Address **ret) {
375 _cleanup_(address_freep) Address *address = NULL;
376 int r;
377
378 assert(link);
379 assert(addresses);
380 assert(in);
381
382 r = address_dup(in, &address);
383 if (r < 0)
384 return r;
385
386 /* Consider address tentative until we get the real flags from the kernel */
387 address->flags |= IFA_F_TENTATIVE;
388
389 r = set_ensure_put(addresses, &address_hash_ops, address);
390 if (r < 0)
391 return r;
392 if (r == 0)
393 return -EEXIST;
394
395 address->link = link;
396
397 if (ret)
398 *ret = address;
399 TAKE_PTR(address);
400 return 0;
401 }
402
403 static int address_add_foreign(Link *link, const Address *in, Address **ret) {
404 return address_add_internal(link, &link->addresses_foreign, in, ret);
405 }
406
407 static int address_add(Link *link, const Address *in, Address **ret) {
408 Address *address;
409 int r;
410
411 assert(link);
412 assert(in);
413
414 r = address_get(link, in, &address);
415 if (r == -ENOENT) {
416 /* Address does not exist, create a new one */
417 r = address_add_internal(link, &link->addresses, in, &address);
418 if (r < 0)
419 return r;
420 } else if (r == 0) {
421 /* Take over a foreign address */
422 r = set_ensure_put(&link->addresses, &address_hash_ops, address);
423 if (r < 0)
424 return r;
425
426 set_remove(link->addresses_foreign, address);
427 } else if (r == 1) {
428 /* Already exists, do nothing */
429 ;
430 } else
431 return r;
432
433 if (ret)
434 *ret = address;
435 return 0;
436 }
437
438 static int address_update(Address *address, const Address *src) {
439 bool ready;
440 int r;
441
442 assert(address);
443 assert(address->link);
444 assert(src);
445
446 ready = address_is_ready(address);
447
448 address->flags = src->flags;
449 address->scope = src->scope;
450 address->cinfo = src->cinfo;
451
452 if (IN_SET(address->link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
453 return 0;
454
455 link_update_operstate(address->link, true);
456 link_check_ready(address->link);
457
458 if (!ready && address_is_ready(address)) {
459 if (address->callback) {
460 r = address->callback(address);
461 if (r < 0)
462 return r;
463 }
464
465 if (address->family == AF_INET6 &&
466 in6_addr_is_link_local(&address->in_addr.in6) > 0 &&
467 in6_addr_is_null(&address->link->ipv6ll_address)) {
468
469 r = link_ipv6ll_gained(address->link, &address->in_addr.in6);
470 if (r < 0)
471 return r;
472 }
473 }
474
475 return 0;
476 }
477
478 static int address_drop(Address *address) {
479 Link *link;
480 bool ready;
481 int r;
482
483 if (!address)
484 return 0;
485
486 ready = address_is_ready(address);
487 link = address->link;
488
489 r = address_set_masquerade(address, false);
490 if (r < 0)
491 log_link_warning_errno(link, r, "Failed to disable IP masquerading, ignoring: %m");
492
493 address_free(address);
494
495 link_update_operstate(link, true);
496
497 if (link && !ready)
498 link_check_ready(link);
499
500 return 0;
501 }
502
503 int address_get(Link *link, const Address *in, Address **ret) {
504 Address *existing;
505
506 assert(link);
507 assert(in);
508
509 existing = set_get(link->addresses, in);
510 if (existing) {
511 if (ret)
512 *ret = existing;
513 return 1;
514 }
515
516 existing = set_get(link->addresses_foreign, in);
517 if (existing) {
518 if (ret)
519 *ret = existing;
520 return 0;
521 }
522
523 return -ENOENT;
524 }
525
526 int link_get_ipv6_address(Link *link, const struct in6_addr *address, Address **ret) {
527 _cleanup_(address_freep) Address *a = NULL;
528 int r;
529
530 assert(link);
531 assert(address);
532
533 r = address_new(&a);
534 if (r < 0)
535 return r;
536
537 /* address_compare_func() only compares the local address for IPv6 case. So, it is enough to
538 * set only family and the address. */
539 a->family = AF_INET6;
540 a->in_addr.in6 = *address;
541
542 return address_get(link, a, ret);
543 }
544
545 static int addresses_get_ipv4_address(Set *addresses, const struct in_addr *address, Address **ret) {
546 Address *a;
547
548 assert(address);
549
550 SET_FOREACH(a, addresses) {
551 if (a->family != AF_INET)
552 continue;
553
554 if (!in4_addr_equal(&a->in_addr.in, address))
555 continue;
556
557 if (ret)
558 *ret = a;
559
560 return 0;
561 }
562
563 return -ENOENT;
564 }
565
566 int link_get_ipv4_address(Link *link, const struct in_addr *address, unsigned char prefixlen, Address **ret) {
567 int r;
568
569 assert(link);
570 assert(address);
571
572 if (prefixlen != 0) {
573 _cleanup_(address_freep) Address *a = NULL;
574
575 /* If prefixlen is set, then we can use address_get(). */
576
577 r = address_new(&a);
578 if (r < 0)
579 return r;
580
581 a->family = AF_INET;
582 a->in_addr.in = *address;
583 a->prefixlen = prefixlen;
584
585 return address_get(link, a, ret);
586 }
587
588 if (addresses_get_ipv4_address(link->addresses, address, ret) >= 0)
589 return 0;
590 return addresses_get_ipv4_address(link->addresses_foreign, address, ret);
591 }
592
593 int manager_has_address(Manager *manager, int family, const union in_addr_union *address, bool check_ready) {
594 Address *a;
595 Link *link;
596 int r;
597
598 assert(manager);
599 assert(IN_SET(family, AF_INET, AF_INET6));
600 assert(address);
601
602 if (family == AF_INET) {
603 HASHMAP_FOREACH(link, manager->links_by_index)
604 if (link_get_ipv4_address(link, &address->in, 0, &a) >= 0)
605 return !check_ready || address_is_ready(a);
606 } else {
607 _cleanup_(address_freep) Address *tmp = NULL;
608
609 r = address_new(&tmp);
610 if (r < 0)
611 return r;
612
613 tmp->family = family;
614 tmp->in_addr = *address;
615
616 HASHMAP_FOREACH(link, manager->links_by_index)
617 if (address_get(link, tmp, &a) >= 0)
618 return !check_ready || address_is_ready(a);
619 }
620
621 return false;
622 }
623
624 const char* format_lifetime(char *buf, size_t l, uint32_t lifetime) {
625 assert(buf);
626 assert(l > 4);
627
628 if (lifetime == CACHE_INFO_INFINITY_LIFE_TIME)
629 return "forever";
630
631 sprintf(buf, "for ");
632 /* format_timespan() never fails */
633 assert_se(format_timespan(buf + 4, l - 4, lifetime * USEC_PER_SEC, USEC_PER_SEC));
634 return buf;
635 }
636
637 static void log_address_debug(const Address *address, const char *str, const Link *link) {
638 _cleanup_free_ char *addr = NULL, *peer = NULL, *flags_str = NULL;
639
640 assert(address);
641 assert(str);
642 assert(link);
643
644 if (!DEBUG_LOGGING)
645 return;
646
647 (void) in_addr_to_string(address->family, &address->in_addr, &addr);
648 if (in_addr_is_set(address->family, &address->in_addr_peer))
649 (void) in_addr_to_string(address->family, &address->in_addr_peer, &peer);
650
651 (void) address_flags_to_string_alloc(address->flags, address->family, &flags_str);
652
653 log_link_debug(link, "%s address: %s%s%s/%u (valid %s, preferred %s), flags: %s",
654 str, strnull(addr), peer ? " peer " : "", strempty(peer), address->prefixlen,
655 FORMAT_LIFETIME(address->cinfo.ifa_valid),
656 FORMAT_LIFETIME(address->cinfo.ifa_prefered),
657 strna(flags_str));
658 }
659
660 static int address_set_netlink_message(const Address *address, sd_netlink_message *req, Link *link) {
661 uint32_t flags;
662 int r;
663
664 assert(address);
665 assert(req);
666 assert(link);
667
668 r = sd_rtnl_message_addr_set_prefixlen(req, address->prefixlen);
669 if (r < 0)
670 return log_link_error_errno(link, r, "Could not set prefixlen: %m");
671
672 /* On remove, only IFA_F_MANAGETEMPADDR flag for IPv6 addresses are used. But anyway, set all
673 * flags except tentative flag here unconditionally. Without setting the flag, the template
674 * addresses generated by kernel will not be removed automatically when the main address is
675 * removed. */
676 flags = address->flags & ~IFA_F_TENTATIVE;
677 r = sd_rtnl_message_addr_set_flags(req, flags & 0xff);
678 if (r < 0)
679 return log_link_error_errno(link, r, "Could not set flags: %m");
680
681 if ((flags & ~0xff) != 0) {
682 r = sd_netlink_message_append_u32(req, IFA_FLAGS, flags);
683 if (r < 0)
684 return log_link_error_errno(link, r, "Could not set extended flags: %m");
685 }
686
687 r = netlink_message_append_in_addr_union(req, IFA_LOCAL, address->family, &address->in_addr);
688 if (r < 0)
689 return log_link_error_errno(link, r, "Could not append IFA_LOCAL attribute: %m");
690
691 return 0;
692 }
693
694 static int address_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
695 int r;
696
697 assert(rtnl);
698 assert(m);
699 assert(link);
700 assert(link->address_remove_messages > 0);
701
702 link->address_remove_messages--;
703
704 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
705 return 0;
706
707 r = sd_netlink_message_get_errno(m);
708 if (r < 0 && r != -EADDRNOTAVAIL)
709 log_link_message_warning_errno(link, m, r, "Could not drop address");
710
711 return 1;
712 }
713
714 int address_remove(const Address *address, Link *link) {
715 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
716 int r;
717
718 assert(address);
719 assert(IN_SET(address->family, AF_INET, AF_INET6));
720 assert(link);
721 assert(link->ifindex > 0);
722 assert(link->manager);
723 assert(link->manager->rtnl);
724
725 log_address_debug(address, "Removing", link);
726
727 r = sd_rtnl_message_new_addr(link->manager->rtnl, &req, RTM_DELADDR,
728 link->ifindex, address->family);
729 if (r < 0)
730 return log_link_error_errno(link, r, "Could not allocate RTM_DELADDR message: %m");
731
732 r = address_set_netlink_message(address, req, link);
733 if (r < 0)
734 return r;
735
736 r = netlink_call_async(link->manager->rtnl, NULL, req,
737 address_remove_handler,
738 link_netlink_destroy_callback, link);
739 if (r < 0)
740 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
741
742 link_ref(link);
743 link->address_remove_messages++;
744
745 return 0;
746 }
747
748 static bool link_is_static_address_configured(const Link *link, const Address *address) {
749 Address *net_address;
750
751 assert(link);
752 assert(address);
753
754 if (!link->network)
755 return false;
756
757 ORDERED_HASHMAP_FOREACH(net_address, link->network->addresses_by_section)
758 if (address_equal(net_address, address))
759 return true;
760
761 return false;
762 }
763
764 bool link_address_is_dynamic(const Link *link, const Address *address) {
765 Route *route;
766
767 assert(link);
768 assert(address);
769
770 if (address->cinfo.ifa_prefered != CACHE_INFO_INFINITY_LIFE_TIME)
771 return true;
772
773 /* Even when the address is leased from a DHCP server, networkd assign the address
774 * without lifetime when KeepConfiguration=dhcp. So, let's check that we have
775 * corresponding routes with RTPROT_DHCP. */
776 SET_FOREACH(route, link->routes_foreign) {
777 if (route->protocol != RTPROT_DHCP)
778 continue;
779
780 if (address->family != route->family)
781 continue;
782
783 if (in_addr_equal(address->family, &address->in_addr, &route->prefsrc))
784 return true;
785 }
786
787 return false;
788 }
789
790 int link_drop_ipv6ll_addresses(Link *link) {
791 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL, *reply = NULL;
792 int r;
793
794 assert(link);
795 assert(link->manager);
796 assert(link->manager->rtnl);
797
798 /* IPv6LL address may be in the tentative state, and in that case networkd has not received it.
799 * So, we need to dump all IPv6 addresses. */
800
801 if (link_ipv6ll_enabled(link))
802 return 0;
803
804 r = sd_rtnl_message_new_addr(link->manager->rtnl, &req, RTM_GETADDR, link->ifindex, AF_INET6);
805 if (r < 0)
806 return r;
807
808 r = sd_netlink_message_request_dump(req, true);
809 if (r < 0)
810 return r;
811
812 r = sd_netlink_call(link->manager->rtnl, req, 0, &reply);
813 if (r < 0)
814 return r;
815
816 for (sd_netlink_message *addr = reply; addr; addr = sd_netlink_message_next(addr)) {
817 _cleanup_(address_freep) Address *a = NULL;
818 unsigned char flags, prefixlen;
819 struct in6_addr address;
820 int ifindex;
821
822 /* NETLINK_GET_STRICT_CHK socket option is supported since kernel 4.20. To support
823 * older kernels, we need to check ifindex here. */
824 r = sd_rtnl_message_addr_get_ifindex(addr, &ifindex);
825 if (r < 0) {
826 log_link_debug_errno(link, r, "rtnl: received address message without valid ifindex, ignoring: %m");
827 continue;
828 } else if (link->ifindex != ifindex)
829 continue;
830
831 r = sd_rtnl_message_addr_get_flags(addr, &flags);
832 if (r < 0) {
833 log_link_debug_errno(link, r, "rtnl: received address message without valid flags, ignoring: %m");
834 continue;
835 }
836
837 r = sd_rtnl_message_addr_get_prefixlen(addr, &prefixlen);
838 if (r < 0) {
839 log_link_debug_errno(link, r, "rtnl: received address message without prefixlen, ignoring: %m");
840 continue;
841 }
842
843 if (sd_netlink_message_read_in6_addr(addr, IFA_LOCAL, NULL) >= 0)
844 /* address with peer, ignoring. */
845 continue;
846
847 r = sd_netlink_message_read_in6_addr(addr, IFA_ADDRESS, &address);
848 if (r < 0) {
849 log_link_debug_errno(link, r, "rtnl: received address message without valid address, ignoring: %m");
850 continue;
851 }
852
853 if (!in6_addr_is_link_local(&address))
854 continue;
855
856 r = address_new(&a);
857 if (r < 0)
858 return -ENOMEM;
859
860 a->family = AF_INET6;
861 a->in_addr.in6 = address;
862 a->prefixlen = prefixlen;
863 a->flags = flags;
864
865 r = address_remove(a, link);
866 if (r < 0)
867 return r;
868 }
869
870 return 0;
871 }
872
873 int link_drop_foreign_addresses(Link *link) {
874 Address *address;
875 int k, r = 0;
876
877 assert(link);
878
879 SET_FOREACH(address, link->addresses_foreign) {
880 /* We consider IPv6LL addresses to be managed by the kernel, or dropped in link_drop_ipv6ll_addresses() */
881 if (address->family == AF_INET6 && in6_addr_is_link_local(&address->in_addr.in6) == 1)
882 continue;
883
884 if (link_address_is_dynamic(link, address)) {
885 if (link->network && FLAGS_SET(link->network->keep_configuration, KEEP_CONFIGURATION_DHCP))
886 continue;
887 } else if (link->network && FLAGS_SET(link->network->keep_configuration, KEEP_CONFIGURATION_STATIC))
888 continue;
889
890 if (link_is_static_address_configured(link, address)) {
891 k = address_add(link, address, NULL);
892 if (k < 0) {
893 log_link_error_errno(link, k, "Failed to add address: %m");
894 if (r >= 0)
895 r = k;
896 }
897 } else {
898 k = address_remove(address, link);
899 if (k < 0 && r >= 0)
900 r = k;
901 }
902 }
903
904 return r;
905 }
906
907 int link_drop_addresses(Link *link) {
908 Address *address, *pool_address;
909 int k, r = 0;
910
911 assert(link);
912
913 SET_FOREACH(address, link->addresses) {
914 /* we consider IPv6LL addresses to be managed by the kernel */
915 if (address->family == AF_INET6 && in6_addr_is_link_local(&address->in_addr.in6) == 1 && link_ipv6ll_enabled(link))
916 continue;
917
918 k = address_remove(address, link);
919 if (k < 0 && r >= 0) {
920 r = k;
921 continue;
922 }
923
924 SET_FOREACH(pool_address, link->pool_addresses)
925 if (address_equal(address, pool_address))
926 address_free(set_remove(link->pool_addresses, pool_address));
927 }
928
929 return r;
930 }
931
932 static int address_acquire(Link *link, const Address *original, Address **ret) {
933 union in_addr_union in_addr = IN_ADDR_NULL;
934 _cleanup_(address_freep) Address *na = NULL;
935 int r;
936
937 assert(link);
938 assert(original);
939 assert(ret);
940
941 /* Something useful was configured? just use it */
942 if (in_addr_is_set(original->family, &original->in_addr)) {
943 *ret = NULL;
944 return 0;
945 }
946
947 /* The address is configured to be 0.0.0.0 or [::] by the user?
948 * Then let's acquire something more useful from the pool. */
949 r = address_pool_acquire(link->manager, original->family, original->prefixlen, &in_addr);
950 if (r < 0)
951 return r;
952 if (r == 0)
953 return -EBUSY;
954
955 /* Pick first address in range for ourselves. */
956 if (original->family == AF_INET)
957 in_addr.in.s_addr = in_addr.in.s_addr | htobe32(1);
958 else if (original->family == AF_INET6)
959 in_addr.in6.s6_addr[15] |= 1;
960
961 r = address_dup(original, &na);
962 if (r < 0)
963 return r;
964
965 na->in_addr = in_addr;
966 address_set_broadcast(na);
967
968 r = set_ensure_put(&link->pool_addresses, &address_hash_ops, na);
969 if (r < 0)
970 return r;
971 if (r == 0)
972 return -EEXIST;
973
974 *ret = TAKE_PTR(na);
975 return 1;
976 }
977
978 int address_configure_handler_internal(sd_netlink *rtnl, sd_netlink_message *m, Link *link, const char *error_msg) {
979 int r;
980
981 assert(rtnl);
982 assert(m);
983 assert(link);
984 assert(error_msg);
985
986 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
987 return 0;
988
989 r = sd_netlink_message_get_errno(m);
990 if (r < 0 && r != -EEXIST) {
991 log_link_message_warning_errno(link, m, r, error_msg);
992 link_enter_failed(link);
993 return 0;
994 }
995
996 return 1;
997 }
998
999 static int address_configure(
1000 const Address *address,
1001 Link *link,
1002 link_netlink_message_handler_t callback) {
1003
1004 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1005 int r;
1006
1007 assert(address);
1008 assert(IN_SET(address->family, AF_INET, AF_INET6));
1009 assert(link);
1010 assert(link->ifindex > 0);
1011 assert(link->manager);
1012 assert(link->manager->rtnl);
1013 assert(callback);
1014
1015 log_address_debug(address, "Configuring", link);
1016
1017 r = sd_rtnl_message_new_addr_update(link->manager->rtnl, &req,
1018 link->ifindex, address->family);
1019 if (r < 0)
1020 return log_link_error_errno(link, r, "Could not allocate RTM_NEWADDR message: %m");
1021
1022 r = address_set_netlink_message(address, req, link);
1023 if (r < 0)
1024 return r;
1025
1026 r = sd_rtnl_message_addr_set_scope(req, address->scope);
1027 if (r < 0)
1028 return log_link_error_errno(link, r, "Could not set scope: %m");
1029
1030 if (in_addr_is_set(address->family, &address->in_addr_peer)) {
1031 r = netlink_message_append_in_addr_union(req, IFA_ADDRESS, address->family, &address->in_addr_peer);
1032 if (r < 0)
1033 return log_link_error_errno(link, r, "Could not append IFA_ADDRESS attribute: %m");
1034 } else if (address_may_set_broadcast(address, link)) {
1035 r = sd_netlink_message_append_in_addr(req, IFA_BROADCAST, &address->broadcast);
1036 if (r < 0)
1037 return log_link_error_errno(link, r, "Could not append IFA_BROADCAST attribute: %m");
1038 }
1039
1040 if (address->family == AF_INET && address->label) {
1041 r = sd_netlink_message_append_string(req, IFA_LABEL, address->label);
1042 if (r < 0)
1043 return log_link_error_errno(link, r, "Could not append IFA_LABEL attribute: %m");
1044 }
1045
1046 r = sd_netlink_message_append_cache_info(req, IFA_CACHEINFO, &address->cinfo);
1047 if (r < 0)
1048 return log_link_error_errno(link, r, "Could not append IFA_CACHEINFO attribute: %m");
1049
1050 r = sd_netlink_message_append_u32(req, IFA_RT_PRIORITY, address->route_metric);
1051 if (r < 0)
1052 return log_link_error_errno(link, r, "Could not append IFA_RT_PRIORITY attribute: %m");
1053
1054 r = netlink_call_async(link->manager->rtnl, NULL, req, callback, link_netlink_destroy_callback, link);
1055 if (r < 0)
1056 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1057
1058 link_ref(link);
1059 return 0;
1060 }
1061
1062 static int static_address_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1063 int r;
1064
1065 assert(link);
1066 assert(link->static_address_messages > 0);
1067
1068 link->static_address_messages--;
1069
1070 r = address_configure_handler_internal(rtnl, m, link, "Failed to set static address");
1071 if (r <= 0)
1072 return r;
1073
1074 if (link->static_address_messages == 0) {
1075 log_link_debug(link, "Addresses set");
1076 link->static_addresses_configured = true;
1077 link_check_ready(link);
1078 }
1079
1080 return 1;
1081 }
1082
1083 static int static_address_after_configure(Request *req, void *object) {
1084 Address *address = object;
1085 Link *link;
1086 int r;
1087
1088 assert(req);
1089 assert(req->link);
1090 assert(req->type == REQUEST_TYPE_ADDRESS);
1091 assert(address);
1092
1093 link = req->link;
1094
1095 r = set_ensure_put(&link->static_addresses, &address_hash_ops, address);
1096 if (r < 0)
1097 return log_link_warning_errno(link, r, "Failed to store static address: %m");
1098
1099 return 0;
1100 }
1101
1102 int link_request_address(
1103 Link *link,
1104 Address *address,
1105 bool consume_object,
1106 unsigned *message_counter,
1107 link_netlink_message_handler_t netlink_handler,
1108 Request **ret) {
1109
1110 Address *acquired;
1111 int r;
1112
1113 assert(link);
1114 assert(address);
1115
1116 r = address_acquire(link, address, &acquired);
1117 if (r < 0)
1118 return log_link_warning_errno(link, r, "Failed to acquire an address from pool: %m");
1119 if (r > 0) {
1120 if (consume_object) {
1121 address_free(address);
1122 consume_object = false; /* address from pool is already managed by Link. */
1123 }
1124 address = acquired;
1125 }
1126
1127 log_address_debug(address, "Requesting", link);
1128 r = link_queue_request(link, REQUEST_TYPE_ADDRESS, address, consume_object,
1129 message_counter, netlink_handler, ret);
1130 if (r < 0)
1131 return log_link_warning_errno(link, r, "Failed to request address: %m");
1132 return r;
1133 }
1134
1135 int link_request_static_address(Link *link, Address *address, bool consume) {
1136 Request *req;
1137 int r;
1138
1139 assert(link);
1140 assert(address);
1141
1142 r = link_request_address(link, address, consume, &link->static_address_messages,
1143 static_address_handler, &req);
1144 if (r <= 0)
1145 return r;
1146
1147 req->after_configure = static_address_after_configure;
1148 return 0;
1149 }
1150
1151 int link_request_static_addresses(Link *link) {
1152 Address *a;
1153 Prefix *p;
1154 int r;
1155
1156 assert(link);
1157 assert(link->network);
1158
1159 link->static_addresses_configured = false;
1160
1161 ORDERED_HASHMAP_FOREACH(a, link->network->addresses_by_section) {
1162 r = link_request_static_address(link, a, false);
1163 if (r < 0)
1164 return r;
1165 }
1166
1167 HASHMAP_FOREACH(p, link->network->prefixes_by_section) {
1168 _cleanup_(address_freep) Address *address = NULL;
1169
1170 if (!p->assign)
1171 continue;
1172
1173 r = address_new(&address);
1174 if (r < 0)
1175 return log_oom();
1176
1177 r = sd_radv_prefix_get_prefix(p->radv_prefix, &address->in_addr.in6, &address->prefixlen);
1178 if (r < 0)
1179 return log_link_warning_errno(link, r, "Could not get RA prefix: %m");
1180
1181 r = generate_ipv6_eui_64_address(link, &address->in_addr.in6);
1182 if (r < 0)
1183 return log_link_warning_errno(link, r, "Could not generate EUI64 address: %m");
1184
1185 address->family = AF_INET6;
1186 address->route_metric = p->route_metric;
1187
1188 r = link_request_static_address(link, TAKE_PTR(address), true);
1189 if (r < 0)
1190 return r;
1191 }
1192
1193 if (in4_addr_is_set(&link->network->dhcp_server_address)) {
1194 _cleanup_(address_freep) Address *address = NULL;
1195
1196 r = address_new(&address);
1197 if (r < 0)
1198 return log_oom();
1199
1200 address->family = AF_INET;
1201 address->in_addr.in = link->network->dhcp_server_address;
1202 address->prefixlen = link->network->dhcp_server_address_prefixlen;
1203 address_set_broadcast(address);
1204
1205 /* The same address may be explicitly configured in [Address] or [Network] section.
1206 * Configure the DHCP server address only when it is not. */
1207 if (!link_is_static_address_configured(link, address)) {
1208 r = link_request_static_address(link, TAKE_PTR(address), true);
1209 if (r < 0)
1210 return r;
1211 }
1212 }
1213
1214 if (link->static_address_messages == 0) {
1215 link->static_addresses_configured = true;
1216 link_check_ready(link);
1217 } else {
1218 log_link_debug(link, "Setting addresses");
1219 link_set_state(link, LINK_STATE_CONFIGURING);
1220 }
1221
1222 return 0;
1223 }
1224
1225 static int address_is_ready_to_configure(Link *link, const Address *address) {
1226 int r;
1227
1228 assert(link);
1229 assert(address);
1230
1231 if (!link_is_ready_to_configure(link, false))
1232 return false;
1233
1234 if (link->address_remove_messages > 0)
1235 return false;
1236
1237 if (address_get(link, address, NULL) >= 0)
1238 return true;
1239
1240 /* If this is a new address, then refuse adding more than the limit */
1241 if (set_size(link->addresses) >= ADDRESSES_PER_LINK_MAX)
1242 return log_link_warning_errno(link, SYNTHETIC_ERRNO(E2BIG),
1243 "Too many addresses are configured, refusing: %m");
1244
1245 if (address->family == AF_INET &&
1246 address->duplicate_address_detection & ADDRESS_FAMILY_IPV4 &&
1247 link->hw_addr.length == ETH_ALEN &&
1248 !ether_addr_is_null(&link->hw_addr.ether))
1249 return ipv4acd_address_is_ready_to_configure(link, address);
1250
1251 r = address_add(link, address, NULL);
1252 if (r < 0)
1253 return log_link_warning_errno(link, r, "Could not add address: %m");;
1254
1255 return true;
1256 }
1257
1258 int request_process_address(Request *req) {
1259 Address *a;
1260 Link *link;
1261 int r;
1262
1263 assert(req);
1264 assert(req->link);
1265 assert(req->address);
1266 assert(req->type == REQUEST_TYPE_ADDRESS);
1267
1268 link = req->link;
1269
1270 r = address_is_ready_to_configure(link, req->address);
1271 if (r <= 0)
1272 return r;
1273
1274 r = address_configure(req->address, link, req->netlink_handler);
1275 if (r < 0)
1276 return r;
1277
1278 /* To prevent a double decrement on failure in after_configure(). */
1279 req->message_counter = NULL;
1280
1281 r = address_get(link, req->address, &a);
1282 if (r < 0)
1283 return r;
1284
1285 if (req->after_configure) {
1286 r = req->after_configure(req, a);
1287 if (r < 0)
1288 return r;
1289 }
1290
1291 r = address_set_masquerade(a, true);
1292 if (r < 0)
1293 log_link_warning_errno(link, r, "Could not enable IP masquerading, ignoring: %m");
1294
1295 return 1;
1296 }
1297
1298 int manager_rtnl_process_address(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
1299 _cleanup_(address_freep) Address *tmp = NULL;
1300 Link *link = NULL;
1301 uint16_t type;
1302 Address *address = NULL;
1303 int ifindex, r;
1304
1305 assert(rtnl);
1306 assert(message);
1307 assert(m);
1308
1309 if (sd_netlink_message_is_error(message)) {
1310 r = sd_netlink_message_get_errno(message);
1311 if (r < 0)
1312 log_message_warning_errno(message, r, "rtnl: failed to receive address message, ignoring");
1313
1314 return 0;
1315 }
1316
1317 r = sd_netlink_message_get_type(message, &type);
1318 if (r < 0) {
1319 log_warning_errno(r, "rtnl: could not get message type, ignoring: %m");
1320 return 0;
1321 } else if (!IN_SET(type, RTM_NEWADDR, RTM_DELADDR)) {
1322 log_warning("rtnl: received unexpected message type %u when processing address, ignoring.", type);
1323 return 0;
1324 }
1325
1326 r = sd_rtnl_message_addr_get_ifindex(message, &ifindex);
1327 if (r < 0) {
1328 log_warning_errno(r, "rtnl: could not get ifindex from message, ignoring: %m");
1329 return 0;
1330 } else if (ifindex <= 0) {
1331 log_warning("rtnl: received address message with invalid ifindex %d, ignoring.", ifindex);
1332 return 0;
1333 }
1334
1335 r = link_get_by_index(m, ifindex, &link);
1336 if (r < 0 || !link) {
1337 /* when enumerating we might be out of sync, but we will get the address again, so just
1338 * ignore it */
1339 if (!m->enumerating)
1340 log_warning("rtnl: received address for link '%d' we don't know about, ignoring.", ifindex);
1341 return 0;
1342 }
1343
1344 r = address_new(&tmp);
1345 if (r < 0)
1346 return log_oom();
1347
1348 r = sd_rtnl_message_addr_get_family(message, &tmp->family);
1349 if (r < 0) {
1350 log_link_warning(link, "rtnl: received address message without family, ignoring.");
1351 return 0;
1352 } else if (!IN_SET(tmp->family, AF_INET, AF_INET6)) {
1353 log_link_debug(link, "rtnl: received address message with invalid family '%i', ignoring.", tmp->family);
1354 return 0;
1355 }
1356
1357 r = sd_rtnl_message_addr_get_prefixlen(message, &tmp->prefixlen);
1358 if (r < 0) {
1359 log_link_warning_errno(link, r, "rtnl: received address message without prefixlen, ignoring: %m");
1360 return 0;
1361 }
1362
1363 r = sd_rtnl_message_addr_get_scope(message, &tmp->scope);
1364 if (r < 0) {
1365 log_link_warning_errno(link, r, "rtnl: received address message without scope, ignoring: %m");
1366 return 0;
1367 }
1368
1369 r = sd_netlink_message_read_u32(message, IFA_FLAGS, &tmp->flags);
1370 if (r < 0) {
1371 log_link_warning_errno(link, r, "rtnl: received address message without flags, ignoring: %m");
1372 return 0;
1373 }
1374
1375 switch (tmp->family) {
1376 case AF_INET:
1377 r = sd_netlink_message_read_in_addr(message, IFA_LOCAL, &tmp->in_addr.in);
1378 if (r < 0) {
1379 log_link_warning_errno(link, r, "rtnl: received address message without valid address, ignoring: %m");
1380 return 0;
1381 }
1382
1383 r = sd_netlink_message_read_in_addr(message, IFA_ADDRESS, &tmp->in_addr_peer.in);
1384 if (r < 0 && r != -ENODATA) {
1385 log_link_warning_errno(link, r, "rtnl: could not get peer address from address message, ignoring: %m");
1386 return 0;
1387 } else if (r >= 0) {
1388 if (in4_addr_equal(&tmp->in_addr.in, &tmp->in_addr_peer.in))
1389 tmp->in_addr_peer = IN_ADDR_NULL;
1390 }
1391
1392 r = sd_netlink_message_read_in_addr(message, IFA_BROADCAST, &tmp->broadcast);
1393 if (r < 0 && r != -ENODATA) {
1394 log_link_warning_errno(link, r, "rtnl: could not get broadcast from address message, ignoring: %m");
1395 return 0;
1396 }
1397
1398 r = sd_netlink_message_read_string_strdup(message, IFA_LABEL, &tmp->label);
1399 if (r < 0 && r != -ENODATA) {
1400 log_link_warning_errno(link, r, "rtnl: could not get label from address message, ignoring: %m");
1401 return 0;
1402 } else if (r >= 0 && streq_ptr(tmp->label, link->ifname))
1403 tmp->label = mfree(tmp->label);
1404
1405 break;
1406
1407 case AF_INET6:
1408 r = sd_netlink_message_read_in6_addr(message, IFA_LOCAL, &tmp->in_addr.in6);
1409 if (r >= 0) {
1410 /* Have peer address. */
1411 r = sd_netlink_message_read_in6_addr(message, IFA_ADDRESS, &tmp->in_addr_peer.in6);
1412 if (r < 0) {
1413 log_link_warning_errno(link, r, "rtnl: could not get peer address from address message, ignoring: %m");
1414 return 0;
1415 }
1416 } else if (r == -ENODATA) {
1417 /* Does not have peer address. */
1418 r = sd_netlink_message_read_in6_addr(message, IFA_ADDRESS, &tmp->in_addr.in6);
1419 if (r < 0) {
1420 log_link_warning_errno(link, r, "rtnl: received address message without valid address, ignoring: %m");
1421 return 0;
1422 }
1423 } else {
1424 log_link_warning_errno(link, r, "rtnl: could not get local address from address message, ignoring: %m");
1425 return 0;
1426 }
1427
1428 break;
1429
1430 default:
1431 assert_not_reached();
1432 }
1433
1434 r = sd_netlink_message_read_cache_info(message, IFA_CACHEINFO, &tmp->cinfo);
1435 if (r < 0 && r != -ENODATA) {
1436 log_link_warning_errno(link, r, "rtnl: cannot get IFA_CACHEINFO attribute, ignoring: %m");
1437 return 0;
1438 }
1439
1440 (void) address_get(link, tmp, &address);
1441
1442 switch (type) {
1443 case RTM_NEWADDR:
1444 log_address_debug(tmp, address ? "Remembering updated" : "Remembering foreign", link);
1445 if (!address) {
1446 /* An address appeared that we did not request */
1447 r = address_add_foreign(link, tmp, &address);
1448 if (r < 0) {
1449 _cleanup_free_ char *buf = NULL;
1450
1451 (void) in_addr_prefix_to_string(tmp->family, &tmp->in_addr, tmp->prefixlen, &buf);
1452 log_link_warning_errno(link, r, "Failed to remember foreign address %s, ignoring: %m",
1453 strnull(buf));
1454 return 0;
1455 }
1456 }
1457
1458 /* address_update() logs internally, so we don't need to here. */
1459 r = address_update(address, tmp);
1460 if (r < 0)
1461 link_enter_failed(link);
1462
1463 break;
1464
1465 case RTM_DELADDR:
1466 log_address_debug(tmp, address ? "Forgetting" : "Kernel removed unknown", link);
1467 (void) address_drop(address);
1468
1469 break;
1470
1471 default:
1472 assert_not_reached();
1473 }
1474
1475 return 1;
1476 }
1477
1478 int config_parse_broadcast(
1479 const char *unit,
1480 const char *filename,
1481 unsigned line,
1482 const char *section,
1483 unsigned section_line,
1484 const char *lvalue,
1485 int ltype,
1486 const char *rvalue,
1487 void *data,
1488 void *userdata) {
1489
1490 Network *network = userdata;
1491 _cleanup_(address_free_or_set_invalidp) Address *n = NULL;
1492 union in_addr_union u;
1493 int r;
1494
1495 assert(filename);
1496 assert(section);
1497 assert(lvalue);
1498 assert(rvalue);
1499 assert(data);
1500
1501 r = address_new_static(network, filename, section_line, &n);
1502 if (r == -ENOMEM)
1503 return log_oom();
1504 if (r < 0) {
1505 log_syntax(unit, LOG_WARNING, filename, line, r,
1506 "Failed to allocate new address, ignoring assignment: %m");
1507 return 0;
1508 }
1509
1510 if (isempty(rvalue)) {
1511 /* The broadcast address will be calculated based on Address=, and set if the link is
1512 * not a wireguard interface. Here, we do not check or set n->family. */
1513 n->broadcast = (struct in_addr) {};
1514 n->set_broadcast = -1;
1515 TAKE_PTR(n);
1516 return 0;
1517 }
1518
1519 r = parse_boolean(rvalue);
1520 if (r >= 0) {
1521 /* The broadcast address will be calculated based on Address=. Here, we do not check or
1522 * set n->family. */
1523 n->broadcast = (struct in_addr) {};
1524 n->set_broadcast = r;
1525 TAKE_PTR(n);
1526 return 0;
1527 }
1528
1529 if (n->family == AF_INET6) {
1530 log_syntax(unit, LOG_WARNING, filename, line, 0,
1531 "Broadcast is not valid for IPv6 addresses, ignoring assignment: %s", rvalue);
1532 return 0;
1533 }
1534
1535 r = in_addr_from_string(AF_INET, rvalue, &u);
1536 if (r < 0) {
1537 log_syntax(unit, LOG_WARNING, filename, line, r,
1538 "Broadcast is invalid, ignoring assignment: %s", rvalue);
1539 return 0;
1540 }
1541 if (in4_addr_is_null(&u.in)) {
1542 log_syntax(unit, LOG_WARNING, filename, line, 0,
1543 "Broadcast cannot be ANY address, ignoring assignment: %s", rvalue);
1544 return 0;
1545 }
1546
1547 n->broadcast = u.in;
1548 n->set_broadcast = true;
1549 n->family = AF_INET;
1550 TAKE_PTR(n);
1551
1552 return 0;
1553 }
1554
1555 int config_parse_address(
1556 const char *unit,
1557 const char *filename,
1558 unsigned line,
1559 const char *section,
1560 unsigned section_line,
1561 const char *lvalue,
1562 int ltype,
1563 const char *rvalue,
1564 void *data,
1565 void *userdata) {
1566
1567 Network *network = userdata;
1568 _cleanup_(address_free_or_set_invalidp) Address *n = NULL;
1569 union in_addr_union buffer;
1570 unsigned char prefixlen;
1571 int r, f;
1572
1573 assert(filename);
1574 assert(section);
1575 assert(lvalue);
1576 assert(rvalue);
1577 assert(data);
1578
1579 if (streq(section, "Network"))
1580 /* we are not in an Address section, so use line number instead. */
1581 r = address_new_static(network, filename, line, &n);
1582 else
1583 r = address_new_static(network, filename, section_line, &n);
1584 if (r == -ENOMEM)
1585 return log_oom();
1586 if (r < 0) {
1587 log_syntax(unit, LOG_WARNING, filename, line, r,
1588 "Failed to allocate new address, ignoring assignment: %m");
1589 return 0;
1590 }
1591
1592 /* Address=address/prefixlen */
1593 r = in_addr_prefix_from_string_auto_internal(rvalue, PREFIXLEN_REFUSE, &f, &buffer, &prefixlen);
1594 if (r == -ENOANO) {
1595 log_syntax(unit, LOG_WARNING, filename, line, r,
1596 "An address '%s' is specified without prefix length. "
1597 "The behavior of parsing addresses without prefix length will be changed in the future release. "
1598 "Please specify prefix length explicitly.", rvalue);
1599
1600 r = in_addr_prefix_from_string_auto_internal(rvalue, PREFIXLEN_LEGACY, &f, &buffer, &prefixlen);
1601 }
1602 if (r < 0) {
1603 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid address '%s', ignoring assignment: %m", rvalue);
1604 return 0;
1605 }
1606
1607 if (n->family != AF_UNSPEC && f != n->family) {
1608 log_syntax(unit, LOG_WARNING, filename, line, 0, "Address is incompatible, ignoring assignment: %s", rvalue);
1609 return 0;
1610 }
1611
1612 if (in_addr_is_null(f, &buffer)) {
1613 /* Will use address from address pool. Note that for ipv6 case, prefix of the address
1614 * pool is 8, but 40 bit is used by the global ID and 16 bit by the subnet ID. So,
1615 * let's limit the prefix length to 64 or larger. See RFC4193. */
1616 if ((f == AF_INET && prefixlen < 8) ||
1617 (f == AF_INET6 && prefixlen < 64)) {
1618 log_syntax(unit, LOG_WARNING, filename, line, 0,
1619 "Null address with invalid prefixlen='%u', ignoring assignment: %s",
1620 prefixlen, rvalue);
1621 return 0;
1622 }
1623 }
1624
1625 n->family = f;
1626 n->prefixlen = prefixlen;
1627
1628 if (streq(lvalue, "Address"))
1629 n->in_addr = buffer;
1630 else
1631 n->in_addr_peer = buffer;
1632
1633 TAKE_PTR(n);
1634 return 0;
1635 }
1636
1637 int config_parse_label(
1638 const char *unit,
1639 const char *filename,
1640 unsigned line,
1641 const char *section,
1642 unsigned section_line,
1643 const char *lvalue,
1644 int ltype,
1645 const char *rvalue,
1646 void *data,
1647 void *userdata) {
1648
1649 _cleanup_(address_free_or_set_invalidp) Address *n = NULL;
1650 Network *network = userdata;
1651 int r;
1652
1653 assert(filename);
1654 assert(section);
1655 assert(lvalue);
1656 assert(rvalue);
1657 assert(data);
1658
1659 r = address_new_static(network, filename, section_line, &n);
1660 if (r == -ENOMEM)
1661 return log_oom();
1662 if (r < 0) {
1663 log_syntax(unit, LOG_WARNING, filename, line, r,
1664 "Failed to allocate new address, ignoring assignment: %m");
1665 return 0;
1666 }
1667
1668 if (!address_label_valid(rvalue)) {
1669 log_syntax(unit, LOG_WARNING, filename, line, 0,
1670 "Interface label is too long or invalid, ignoring assignment: %s", rvalue);
1671 return 0;
1672 }
1673
1674 r = free_and_strdup(&n->label, rvalue);
1675 if (r < 0)
1676 return log_oom();
1677
1678 TAKE_PTR(n);
1679 return 0;
1680 }
1681
1682 int config_parse_lifetime(
1683 const char *unit,
1684 const char *filename,
1685 unsigned line,
1686 const char *section,
1687 unsigned section_line,
1688 const char *lvalue,
1689 int ltype,
1690 const char *rvalue,
1691 void *data,
1692 void *userdata) {
1693
1694 Network *network = userdata;
1695 _cleanup_(address_free_or_set_invalidp) Address *n = NULL;
1696 uint32_t k;
1697 int r;
1698
1699 assert(filename);
1700 assert(section);
1701 assert(lvalue);
1702 assert(rvalue);
1703 assert(data);
1704
1705 r = address_new_static(network, filename, section_line, &n);
1706 if (r == -ENOMEM)
1707 return log_oom();
1708 if (r < 0) {
1709 log_syntax(unit, LOG_WARNING, filename, line, r,
1710 "Failed to allocate new address, ignoring assignment: %m");
1711 return 0;
1712 }
1713
1714 /* We accept only "forever", "infinity", empty, or "0". */
1715 if (STR_IN_SET(rvalue, "forever", "infinity", ""))
1716 k = CACHE_INFO_INFINITY_LIFE_TIME;
1717 else if (streq(rvalue, "0"))
1718 k = 0;
1719 else {
1720 log_syntax(unit, LOG_WARNING, filename, line, 0,
1721 "Invalid PreferredLifetime= value, ignoring: %s", rvalue);
1722 return 0;
1723 }
1724
1725 n->cinfo.ifa_prefered = k;
1726 TAKE_PTR(n);
1727
1728 return 0;
1729 }
1730
1731 int config_parse_address_flags(
1732 const char *unit,
1733 const char *filename,
1734 unsigned line,
1735 const char *section,
1736 unsigned section_line,
1737 const char *lvalue,
1738 int ltype,
1739 const char *rvalue,
1740 void *data,
1741 void *userdata) {
1742
1743 Network *network = userdata;
1744 _cleanup_(address_free_or_set_invalidp) Address *n = NULL;
1745 int r;
1746
1747 assert(filename);
1748 assert(section);
1749 assert(lvalue);
1750 assert(rvalue);
1751 assert(data);
1752
1753 r = address_new_static(network, filename, section_line, &n);
1754 if (r == -ENOMEM)
1755 return log_oom();
1756 if (r < 0) {
1757 log_syntax(unit, LOG_WARNING, filename, line, r,
1758 "Failed to allocate new address, ignoring assignment: %m");
1759 return 0;
1760 }
1761
1762 r = parse_boolean(rvalue);
1763 if (r < 0) {
1764 log_syntax(unit, LOG_WARNING, filename, line, r,
1765 "Failed to parse %s=, ignoring: %s", lvalue, rvalue);
1766 return 0;
1767 }
1768
1769 if (streq(lvalue, "AddPrefixRoute"))
1770 r = !r;
1771
1772 SET_FLAG(n->flags, ltype, r);
1773
1774 TAKE_PTR(n);
1775 return 0;
1776 }
1777
1778 int config_parse_address_scope(
1779 const char *unit,
1780 const char *filename,
1781 unsigned line,
1782 const char *section,
1783 unsigned section_line,
1784 const char *lvalue,
1785 int ltype,
1786 const char *rvalue,
1787 void *data,
1788 void *userdata) {
1789
1790 Network *network = userdata;
1791 _cleanup_(address_free_or_set_invalidp) Address *n = NULL;
1792 int r;
1793
1794 assert(filename);
1795 assert(section);
1796 assert(lvalue);
1797 assert(rvalue);
1798 assert(data);
1799
1800 r = address_new_static(network, filename, section_line, &n);
1801 if (r == -ENOMEM)
1802 return log_oom();
1803 if (r < 0) {
1804 log_syntax(unit, LOG_WARNING, filename, line, r,
1805 "Failed to allocate new address, ignoring assignment: %m");
1806 return 0;
1807 }
1808
1809 if (streq(rvalue, "host"))
1810 n->scope = RT_SCOPE_HOST;
1811 else if (streq(rvalue, "link"))
1812 n->scope = RT_SCOPE_LINK;
1813 else if (streq(rvalue, "global"))
1814 n->scope = RT_SCOPE_UNIVERSE;
1815 else {
1816 r = safe_atou8(rvalue , &n->scope);
1817 if (r < 0) {
1818 log_syntax(unit, LOG_WARNING, filename, line, r,
1819 "Could not parse address scope \"%s\", ignoring assignment: %m", rvalue);
1820 return 0;
1821 }
1822 }
1823
1824 n->scope_set = true;
1825 TAKE_PTR(n);
1826 return 0;
1827 }
1828
1829 int config_parse_address_route_metric(
1830 const char *unit,
1831 const char *filename,
1832 unsigned line,
1833 const char *section,
1834 unsigned section_line,
1835 const char *lvalue,
1836 int ltype,
1837 const char *rvalue,
1838 void *data,
1839 void *userdata) {
1840
1841 Network *network = userdata;
1842 _cleanup_(address_free_or_set_invalidp) Address *n = NULL;
1843 int r;
1844
1845 assert(filename);
1846 assert(section);
1847 assert(lvalue);
1848 assert(rvalue);
1849 assert(data);
1850
1851 r = address_new_static(network, filename, section_line, &n);
1852 if (r == -ENOMEM)
1853 return log_oom();
1854 if (r < 0) {
1855 log_syntax(unit, LOG_WARNING, filename, line, r,
1856 "Failed to allocate new address, ignoring assignment: %m");
1857 return 0;
1858 }
1859
1860 r = safe_atou32(rvalue, &n->route_metric);
1861 if (r < 0) {
1862 log_syntax(unit, LOG_WARNING, filename, line, r,
1863 "Could not parse %s=, ignoring assignment: %s", lvalue, rvalue);
1864 return 0;
1865 }
1866
1867 TAKE_PTR(n);
1868 return 0;
1869 }
1870
1871 int config_parse_duplicate_address_detection(
1872 const char *unit,
1873 const char *filename,
1874 unsigned line,
1875 const char *section,
1876 unsigned section_line,
1877 const char *lvalue,
1878 int ltype,
1879 const char *rvalue,
1880 void *data,
1881 void *userdata) {
1882
1883 Network *network = userdata;
1884 _cleanup_(address_free_or_set_invalidp) Address *n = NULL;
1885 int r;
1886
1887 assert(filename);
1888 assert(section);
1889 assert(lvalue);
1890 assert(rvalue);
1891 assert(data);
1892
1893 r = address_new_static(network, filename, section_line, &n);
1894 if (r == -ENOMEM)
1895 return log_oom();
1896 if (r < 0) {
1897 log_syntax(unit, LOG_WARNING, filename, line, r,
1898 "Failed to allocate new address, ignoring assignment: %m");
1899 return 0;
1900 }
1901
1902 r = parse_boolean(rvalue);
1903 if (r >= 0) {
1904 log_syntax(unit, LOG_WARNING, filename, line, 0,
1905 "For historical reasons, %s=%s means %s=%s. "
1906 "Please use 'both', 'ipv4', 'ipv6' or 'none' instead.",
1907 lvalue, rvalue, lvalue, r ? "none" : "both");
1908 n->duplicate_address_detection = r ? ADDRESS_FAMILY_NO : ADDRESS_FAMILY_YES;
1909 n = NULL;
1910 return 0;
1911 }
1912
1913 AddressFamily a = duplicate_address_detection_address_family_from_string(rvalue);
1914 if (a < 0) {
1915 log_syntax(unit, LOG_WARNING, filename, line, a,
1916 "Failed to parse %s=, ignoring: %s", lvalue, rvalue);
1917 return 0;
1918 }
1919 n->duplicate_address_detection = a;
1920
1921 TAKE_PTR(n);
1922 return 0;
1923 }
1924
1925 bool address_is_ready(const Address *a) {
1926 assert(a);
1927
1928 return !(a->flags & IFA_F_TENTATIVE);
1929 }
1930
1931 static int address_section_verify(Address *address) {
1932 if (section_is_invalid(address->section))
1933 return -EINVAL;
1934
1935 if (address->family == AF_UNSPEC) {
1936 assert(address->section);
1937
1938 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1939 "%s: Address section without Address= field configured. "
1940 "Ignoring [Address] section from line %u.",
1941 address->section->filename, address->section->line);
1942 }
1943
1944 if (address_may_have_broadcast(address))
1945 address_set_broadcast(address);
1946 else if (address->broadcast.s_addr != 0) {
1947 log_warning("%s: broadcast address is set for IPv6 address or IPv4 address with prefixlength larger than 30. "
1948 "Ignoring Broadcast= setting in the [Address] section from line %u.",
1949 address->section->filename, address->section->line);
1950
1951 address->broadcast.s_addr = 0;
1952 }
1953
1954 if (address->family == AF_INET6 && address->label) {
1955 log_warning("%s: address label is set for IPv6 address in the [Address] section from line %u. "
1956 "Ignoring Label= setting.",
1957 address->section->filename, address->section->line);
1958
1959 address->label = mfree(address->label);
1960 }
1961
1962 if (in_addr_is_localhost(address->family, &address->in_addr) > 0 &&
1963 (address->family == AF_INET || !address->scope_set)) {
1964 /* For IPv4, scope must be always RT_SCOPE_HOST.
1965 * For IPv6, use RT_SCOPE_HOST only when it is not explicitly specified. */
1966
1967 if (address->scope_set && address->scope != RT_SCOPE_HOST)
1968 log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1969 "%s: non-host scope is set in the [Address] section from line %u. "
1970 "Ignoring Scope= setting.",
1971 address->section->filename, address->section->line);
1972
1973 address->scope = RT_SCOPE_HOST;
1974 }
1975
1976 if (address->family == AF_INET6 &&
1977 !FLAGS_SET(address->duplicate_address_detection, ADDRESS_FAMILY_IPV6))
1978 address->flags |= IFA_F_NODAD;
1979
1980 if (address->family == AF_INET && in4_addr_is_link_local(&address->in_addr.in) &&
1981 !FLAGS_SET(address->duplicate_address_detection, ADDRESS_FAMILY_IPV4)) {
1982 log_debug("%s: An IPv4 link-local address is specified, enabling IPv4 Address Conflict Detection (ACD).",
1983 address->section->filename);
1984 address->duplicate_address_detection |= ADDRESS_FAMILY_IPV4;
1985 }
1986
1987 return 0;
1988 }
1989
1990 void network_drop_invalid_addresses(Network *network) {
1991 Address *address;
1992
1993 assert(network);
1994
1995 ORDERED_HASHMAP_FOREACH(address, network->addresses_by_section)
1996 if (address_section_verify(address) < 0)
1997 address_free(address);
1998 }
Unnamed repository; edit this file 'description' to name the repository.