]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
f579559b TG |
2 | |
3 | #include <net/if.h> | |
4 | ||
b5efdb8a | 5 | #include "alloc-util.h" |
f579559b | 6 | #include "conf-parser.h" |
12c2884c | 7 | #include "firewall-util.h" |
081aea25 | 8 | #include "missing_network.h" |
fc2f9534 | 9 | #include "netlink-util.h" |
6bedfcbb | 10 | #include "networkd-address.h" |
23f53b99 | 11 | #include "networkd-manager.h" |
6bedfcbb | 12 | #include "parse-util.h" |
3ac8e543 | 13 | #include "set.h" |
d31645ad | 14 | #include "socket-util.h" |
07630cea | 15 | #include "string-util.h" |
51517f9e | 16 | #include "strv.h" |
3ac8e543 TG |
17 | #include "utf8.h" |
18 | #include "util.h" | |
f579559b | 19 | |
1b566071 | 20 | #define ADDRESSES_PER_LINK_MAX 2048U |
8c34b963 LP |
21 | #define STATIC_ADDRESSES_PER_NETWORK_MAX 1024U |
22 | ||
f0213e37 | 23 | int address_new(Address **ret) { |
8e766630 | 24 | _cleanup_(address_freep) Address *address = NULL; |
f0213e37 | 25 | |
17f9c355 | 26 | address = new(Address, 1); |
f0213e37 TG |
27 | if (!address) |
28 | return -ENOMEM; | |
aba496a5 | 29 | |
17f9c355 YW |
30 | *address = (Address) { |
31 | .family = AF_UNSPEC, | |
32 | .scope = RT_SCOPE_UNIVERSE, | |
33 | .cinfo.ifa_prefered = CACHE_INFO_INFINITY_LIFE_TIME, | |
34 | .cinfo.ifa_valid = CACHE_INFO_INFINITY_LIFE_TIME, | |
35 | }; | |
f0213e37 | 36 | |
1cc6c93a | 37 | *ret = TAKE_PTR(address); |
f0213e37 TG |
38 | |
39 | return 0; | |
aba496a5 UTL |
40 | } |
41 | ||
f4859fc7 | 42 | int address_new_static(Network *network, const char *filename, unsigned section_line, Address **ret) { |
8e766630 LP |
43 | _cleanup_(network_config_section_freep) NetworkConfigSection *n = NULL; |
44 | _cleanup_(address_freep) Address *address = NULL; | |
f0213e37 | 45 | int r; |
f579559b | 46 | |
8c34b963 LP |
47 | assert(network); |
48 | assert(ret); | |
48317c39 | 49 | assert(!!filename == (section_line > 0)); |
8c34b963 | 50 | |
48317c39 | 51 | if (filename) { |
f4859fc7 SS |
52 | r = network_config_section_new(filename, section_line, &n); |
53 | if (r < 0) | |
54 | return r; | |
55 | ||
56 | address = hashmap_get(network->addresses_by_section, n); | |
6ae115c1 | 57 | if (address) { |
1cc6c93a | 58 | *ret = TAKE_PTR(address); |
6ae115c1 TG |
59 | |
60 | return 0; | |
61 | } | |
62 | } | |
63 | ||
8c34b963 LP |
64 | if (network->n_static_addresses >= STATIC_ADDRESSES_PER_NETWORK_MAX) |
65 | return -E2BIG; | |
66 | ||
f0213e37 TG |
67 | r = address_new(&address); |
68 | if (r < 0) | |
69 | return r; | |
801bd9e8 | 70 | |
0f7f2769 YW |
71 | address->network = network; |
72 | LIST_APPEND(addresses, network->static_addresses, address); | |
73 | network->n_static_addresses++; | |
74 | ||
48317c39 | 75 | if (filename) { |
1cc6c93a | 76 | address->section = TAKE_PTR(n); |
fcc48287 | 77 | |
3e570042 YW |
78 | r = hashmap_ensure_allocated(&network->addresses_by_section, &network_config_hash_ops); |
79 | if (r < 0) | |
80 | return r; | |
81 | ||
f7fe70ea SS |
82 | r = hashmap_put(network->addresses_by_section, address->section, address); |
83 | if (r < 0) | |
84 | return r; | |
6ae115c1 TG |
85 | } |
86 | ||
1cc6c93a | 87 | *ret = TAKE_PTR(address); |
f579559b TG |
88 | |
89 | return 0; | |
90 | } | |
91 | ||
92 | void address_free(Address *address) { | |
93 | if (!address) | |
94 | return; | |
95 | ||
f048a16b | 96 | if (address->network) { |
3d3d4255 | 97 | LIST_REMOVE(addresses, address->network->static_addresses, address); |
8c34b963 LP |
98 | assert(address->network->n_static_addresses > 0); |
99 | address->network->n_static_addresses--; | |
f579559b | 100 | |
de4224aa | 101 | if (address->section) |
f4859fc7 | 102 | hashmap_remove(address->network->addresses_by_section, address->section); |
f048a16b | 103 | } |
6ae115c1 | 104 | |
adda1ed9 | 105 | if (address->link) { |
cf1d700d | 106 | set_remove(address->link->addresses, address); |
adda1ed9 | 107 | set_remove(address->link->addresses_foreign, address); |
f150100a SS |
108 | |
109 | if (in_addr_equal(AF_INET6, &address->in_addr, (const union in_addr_union *) &address->link->ipv6ll_address)) | |
110 | memzero(&address->link->ipv6ll_address, sizeof(struct in6_addr)); | |
adda1ed9 | 111 | } |
cf1d700d | 112 | |
de4224aa YW |
113 | network_config_section_free(address->section); |
114 | free(address->label); | |
f579559b TG |
115 | free(address); |
116 | } | |
117 | ||
7a08d314 | 118 | static void address_hash_func(const Address *a, struct siphash *state) { |
3ac8e543 TG |
119 | assert(a); |
120 | ||
121 | siphash24_compress(&a->family, sizeof(a->family), state); | |
122 | ||
123 | switch (a->family) { | |
124 | case AF_INET: | |
125 | siphash24_compress(&a->prefixlen, sizeof(a->prefixlen), state); | |
126 | ||
127 | /* peer prefix */ | |
128 | if (a->prefixlen != 0) { | |
129 | uint32_t prefix; | |
130 | ||
131 | if (a->in_addr_peer.in.s_addr != 0) | |
132 | prefix = be32toh(a->in_addr_peer.in.s_addr) >> (32 - a->prefixlen); | |
133 | else | |
134 | prefix = be32toh(a->in_addr.in.s_addr) >> (32 - a->prefixlen); | |
135 | ||
136 | siphash24_compress(&prefix, sizeof(prefix), state); | |
137 | } | |
138 | ||
4831981d | 139 | _fallthrough_; |
3ac8e543 TG |
140 | case AF_INET6: |
141 | /* local address */ | |
142 | siphash24_compress(&a->in_addr, FAMILY_ADDRESS_SIZE(a->family), state); | |
143 | ||
144 | break; | |
145 | default: | |
146 | /* treat any other address family as AF_UNSPEC */ | |
147 | break; | |
148 | } | |
149 | } | |
150 | ||
7a08d314 | 151 | static int address_compare_func(const Address *a1, const Address *a2) { |
a0edd02e | 152 | int r; |
3ac8e543 | 153 | |
a0edd02e FB |
154 | r = CMP(a1->family, a2->family); |
155 | if (r != 0) | |
156 | return r; | |
3ac8e543 TG |
157 | |
158 | switch (a1->family) { | |
159 | /* use the same notion of equality as the kernel does */ | |
160 | case AF_INET: | |
a0edd02e FB |
161 | r = CMP(a1->prefixlen, a2->prefixlen); |
162 | if (r != 0) | |
163 | return r; | |
3ac8e543 TG |
164 | |
165 | /* compare the peer prefixes */ | |
166 | if (a1->prefixlen != 0) { | |
167 | /* make sure we don't try to shift by 32. | |
168 | * See ISO/IEC 9899:TC3 § 6.5.7.3. */ | |
169 | uint32_t b1, b2; | |
170 | ||
171 | if (a1->in_addr_peer.in.s_addr != 0) | |
172 | b1 = be32toh(a1->in_addr_peer.in.s_addr) >> (32 - a1->prefixlen); | |
173 | else | |
174 | b1 = be32toh(a1->in_addr.in.s_addr) >> (32 - a1->prefixlen); | |
175 | ||
176 | if (a2->in_addr_peer.in.s_addr != 0) | |
177 | b2 = be32toh(a2->in_addr_peer.in.s_addr) >> (32 - a1->prefixlen); | |
178 | else | |
179 | b2 = be32toh(a2->in_addr.in.s_addr) >> (32 - a1->prefixlen); | |
180 | ||
a0edd02e FB |
181 | r = CMP(b1, b2); |
182 | if (r != 0) | |
183 | return r; | |
3ac8e543 TG |
184 | } |
185 | ||
4831981d | 186 | _fallthrough_; |
3ac8e543 TG |
187 | case AF_INET6: |
188 | return memcmp(&a1->in_addr, &a2->in_addr, FAMILY_ADDRESS_SIZE(a1->family)); | |
189 | default: | |
190 | /* treat any other address family as AF_UNSPEC */ | |
191 | return 0; | |
192 | } | |
193 | } | |
194 | ||
7a08d314 | 195 | DEFINE_PRIVATE_HASH_OPS(address_hash_ops, Address, address_hash_func, address_compare_func); |
3ac8e543 TG |
196 | |
197 | bool address_equal(Address *a1, Address *a2) { | |
198 | if (a1 == a2) | |
199 | return true; | |
200 | ||
201 | if (!a1 || !a2) | |
202 | return false; | |
203 | ||
204 | return address_compare_func(a1, a2) == 0; | |
205 | } | |
206 | ||
91b5f997 TG |
207 | static int address_establish(Address *address, Link *link) { |
208 | bool masq; | |
209 | int r; | |
210 | ||
211 | assert(address); | |
212 | assert(link); | |
213 | ||
214 | masq = link->network && | |
fcf50cff TG |
215 | link->network->ip_masquerade && |
216 | address->family == AF_INET && | |
217 | address->scope < RT_SCOPE_LINK; | |
91b5f997 TG |
218 | |
219 | /* Add firewall entry if this is requested */ | |
220 | if (address->ip_masquerade_done != masq) { | |
221 | union in_addr_union masked = address->in_addr; | |
222 | in_addr_mask(address->family, &masked, address->prefixlen); | |
223 | ||
224 | r = fw_add_masquerade(masq, AF_INET, 0, &masked, address->prefixlen, NULL, NULL, 0); | |
225 | if (r < 0) | |
226 | log_link_warning_errno(link, r, "Could not enable IP masquerading: %m"); | |
227 | ||
228 | address->ip_masquerade_done = masq; | |
229 | } | |
230 | ||
231 | return 0; | |
232 | } | |
233 | ||
adda1ed9 TG |
234 | static int address_add_internal(Link *link, Set **addresses, |
235 | int family, | |
236 | const union in_addr_union *in_addr, | |
237 | unsigned char prefixlen, | |
238 | Address **ret) { | |
8e766630 | 239 | _cleanup_(address_freep) Address *address = NULL; |
cf1d700d TG |
240 | int r; |
241 | ||
242 | assert(link); | |
adda1ed9 | 243 | assert(addresses); |
054f0db4 | 244 | assert(in_addr); |
054f0db4 TG |
245 | |
246 | r = address_new(&address); | |
247 | if (r < 0) | |
248 | return r; | |
249 | ||
250 | address->family = family; | |
251 | address->in_addr = *in_addr; | |
252 | address->prefixlen = prefixlen; | |
63bbe5c7 TG |
253 | /* Consider address tentative until we get the real flags from the kernel */ |
254 | address->flags = IFA_F_TENTATIVE; | |
cf1d700d | 255 | |
adda1ed9 | 256 | r = set_ensure_allocated(addresses, &address_hash_ops); |
cf1d700d TG |
257 | if (r < 0) |
258 | return r; | |
259 | ||
adda1ed9 | 260 | r = set_put(*addresses, address); |
cf1d700d TG |
261 | if (r < 0) |
262 | return r; | |
263 | ||
264 | address->link = link; | |
265 | ||
adda1ed9 TG |
266 | if (ret) |
267 | *ret = address; | |
268 | ||
054f0db4 TG |
269 | address = NULL; |
270 | ||
cf1d700d TG |
271 | return 0; |
272 | } | |
273 | ||
adda1ed9 TG |
274 | int address_add_foreign(Link *link, int family, const union in_addr_union *in_addr, unsigned char prefixlen, Address **ret) { |
275 | return address_add_internal(link, &link->addresses_foreign, family, in_addr, prefixlen, ret); | |
276 | } | |
277 | ||
c4a03a56 | 278 | int address_add(Link *link, int family, const union in_addr_union *in_addr, unsigned char prefixlen, Address **ret) { |
cab974b0 | 279 | Address *address; |
e7780c8d TG |
280 | int r; |
281 | ||
cab974b0 TG |
282 | r = address_get(link, family, in_addr, prefixlen, &address); |
283 | if (r == -ENOENT) { | |
284 | /* Address does not exist, create a new one */ | |
285 | r = address_add_internal(link, &link->addresses, family, in_addr, prefixlen, &address); | |
286 | if (r < 0) | |
287 | return r; | |
288 | } else if (r == 0) { | |
289 | /* Take over a foreign address */ | |
290 | r = set_ensure_allocated(&link->addresses, &address_hash_ops); | |
291 | if (r < 0) | |
292 | return r; | |
293 | ||
294 | r = set_put(link->addresses, address); | |
295 | if (r < 0) | |
296 | return r; | |
297 | ||
298 | set_remove(link->addresses_foreign, address); | |
299 | } else if (r == 1) { | |
300 | /* Already exists, do nothing */ | |
301 | ; | |
302 | } else | |
e7780c8d TG |
303 | return r; |
304 | ||
cab974b0 TG |
305 | if (ret) |
306 | *ret = address; | |
e7780c8d TG |
307 | |
308 | return 0; | |
adda1ed9 TG |
309 | } |
310 | ||
fcf50cff | 311 | static int address_release(Address *address) { |
5a8bcb67 LP |
312 | int r; |
313 | ||
314 | assert(address); | |
fcf50cff | 315 | assert(address->link); |
5a8bcb67 | 316 | |
91b5f997 TG |
317 | /* Remove masquerading firewall entry if it was added */ |
318 | if (address->ip_masquerade_done) { | |
5a8bcb67 LP |
319 | union in_addr_union masked = address->in_addr; |
320 | in_addr_mask(address->family, &masked, address->prefixlen); | |
321 | ||
91b5f997 | 322 | r = fw_add_masquerade(false, AF_INET, 0, &masked, address->prefixlen, NULL, NULL, 0); |
5a8bcb67 | 323 | if (r < 0) |
fcf50cff | 324 | log_link_warning_errno(address->link, r, "Failed to disable IP masquerading: %m"); |
5a8bcb67 | 325 | |
91b5f997 | 326 | address->ip_masquerade_done = false; |
5a8bcb67 LP |
327 | } |
328 | ||
329 | return 0; | |
330 | } | |
331 | ||
889b550f LP |
332 | int address_update( |
333 | Address *address, | |
334 | unsigned char flags, | |
335 | unsigned char scope, | |
336 | const struct ifa_cacheinfo *cinfo) { | |
337 | ||
36c32f61 | 338 | bool ready; |
e7ab854c | 339 | int r; |
36c32f61 TG |
340 | |
341 | assert(address); | |
342 | assert(cinfo); | |
7209086d SS |
343 | assert_return(address->link, 1); |
344 | ||
345 | if (IN_SET(address->link->state, LINK_STATE_FAILED, LINK_STATE_LINGER)) | |
346 | return 1; | |
36c32f61 TG |
347 | |
348 | ready = address_is_ready(address); | |
349 | ||
350 | address->flags = flags; | |
351 | address->scope = scope; | |
352 | address->cinfo = *cinfo; | |
353 | ||
959f65d3 | 354 | link_update_operstate(address->link, true); |
c8f7123e | 355 | link_check_ready(address->link); |
7209086d | 356 | |
c8f7123e YW |
357 | if (!ready && |
358 | address_is_ready(address) && | |
359 | address->family == AF_INET6 && | |
360 | in_addr_is_link_local(AF_INET6, &address->in_addr) > 0 && | |
361 | in_addr_is_null(AF_INET6, (const union in_addr_union*) &address->link->ipv6ll_address) > 0) { | |
7209086d | 362 | |
c8f7123e YW |
363 | r = link_ipv6ll_gained(address->link, &address->in_addr.in6); |
364 | if (r < 0) | |
365 | return r; | |
a3a019e1 | 366 | } |
36c32f61 TG |
367 | |
368 | return 0; | |
369 | } | |
370 | ||
91b5f997 | 371 | int address_drop(Address *address) { |
8012cd39 TG |
372 | Link *link; |
373 | bool ready; | |
374 | ||
5a8bcb67 | 375 | assert(address); |
91b5f997 | 376 | |
8012cd39 TG |
377 | ready = address_is_ready(address); |
378 | link = address->link; | |
379 | ||
fcf50cff | 380 | address_release(address); |
91b5f997 TG |
381 | address_free(address); |
382 | ||
959f65d3 | 383 | link_update_operstate(link, true); |
84de38c5 | 384 | |
8012cd39 TG |
385 | if (link && !ready) |
386 | link_check_ready(link); | |
387 | ||
91b5f997 TG |
388 | return 0; |
389 | } | |
390 | ||
1b566071 LP |
391 | int address_get(Link *link, |
392 | int family, | |
393 | const union in_addr_union *in_addr, | |
394 | unsigned char prefixlen, | |
395 | Address **ret) { | |
396 | ||
397 | Address address, *existing; | |
91b5f997 | 398 | |
5a8bcb67 | 399 | assert(link); |
91b5f997 | 400 | assert(in_addr); |
5a8bcb67 | 401 | |
1b566071 LP |
402 | address = (Address) { |
403 | .family = family, | |
404 | .in_addr = *in_addr, | |
405 | .prefixlen = prefixlen, | |
406 | }; | |
5a8bcb67 | 407 | |
91b5f997 | 408 | existing = set_get(link->addresses, &address); |
cab974b0 | 409 | if (existing) { |
1b566071 LP |
410 | if (ret) |
411 | *ret = existing; | |
cab974b0 | 412 | return 1; |
adda1ed9 | 413 | } |
5a8bcb67 | 414 | |
1b566071 LP |
415 | existing = set_get(link->addresses_foreign, &address); |
416 | if (existing) { | |
417 | if (ret) | |
418 | *ret = existing; | |
419 | return 0; | |
420 | } | |
5a8bcb67 | 421 | |
1b566071 | 422 | return -ENOENT; |
5a8bcb67 LP |
423 | } |
424 | ||
302a796f | 425 | static int address_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) { |
63ae0569 YW |
426 | int r; |
427 | ||
428 | assert(m); | |
429 | assert(link); | |
430 | assert(link->ifname); | |
431 | ||
432 | if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER)) | |
433 | return 1; | |
434 | ||
435 | r = sd_netlink_message_get_errno(m); | |
436 | if (r < 0 && r != -EADDRNOTAVAIL) | |
437 | log_link_warning_errno(link, r, "Could not drop address: %m"); | |
438 | ||
439 | return 1; | |
440 | } | |
441 | ||
483d099e ZJS |
442 | int address_remove( |
443 | Address *address, | |
444 | Link *link, | |
302a796f | 445 | link_netlink_message_handler_t callback) { |
483d099e | 446 | |
4afd3348 | 447 | _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL; |
30226d27 | 448 | _cleanup_free_ char *b = NULL; |
407fe036 TG |
449 | int r; |
450 | ||
451 | assert(address); | |
4c701096 | 452 | assert(IN_SET(address->family, AF_INET, AF_INET6)); |
407fe036 TG |
453 | assert(link); |
454 | assert(link->ifindex > 0); | |
455 | assert(link->manager); | |
456 | assert(link->manager->rtnl); | |
457 | ||
30226d27 TJ |
458 | if (DEBUG_LOGGING) { |
459 | if (in_addr_to_string(address->family, &address->in_addr, &b) >= 0) | |
460 | log_link_debug(link, "Removing address %s", b); | |
461 | } | |
462 | ||
151b9b96 LP |
463 | r = sd_rtnl_message_new_addr(link->manager->rtnl, &req, RTM_DELADDR, |
464 | link->ifindex, address->family); | |
eb56eb9b MS |
465 | if (r < 0) |
466 | return log_error_errno(r, "Could not allocate RTM_DELADDR message: %m"); | |
407fe036 | 467 | |
5a723174 | 468 | r = sd_rtnl_message_addr_set_prefixlen(req, address->prefixlen); |
eb56eb9b MS |
469 | if (r < 0) |
470 | return log_error_errno(r, "Could not set prefixlen: %m"); | |
5a723174 | 471 | |
43409486 | 472 | r = netlink_message_append_in_addr_union(req, IFA_LOCAL, address->family, &address->in_addr); |
eb56eb9b MS |
473 | if (r < 0) |
474 | return log_error_errno(r, "Could not append IFA_LOCAL attribute: %m"); | |
407fe036 | 475 | |
302a796f YW |
476 | r = netlink_call_async(link->manager->rtnl, NULL, req, |
477 | callback ?: address_remove_handler, | |
478 | link_netlink_destroy_callback, link); | |
eb56eb9b MS |
479 | if (r < 0) |
480 | return log_error_errno(r, "Could not send rtnetlink message: %m"); | |
407fe036 | 481 | |
563c69c6 TG |
482 | link_ref(link); |
483 | ||
407fe036 TG |
484 | return 0; |
485 | } | |
486 | ||
11bf3cce LP |
487 | static int address_acquire(Link *link, Address *original, Address **ret) { |
488 | union in_addr_union in_addr = {}; | |
489 | struct in_addr broadcast = {}; | |
8e766630 | 490 | _cleanup_(address_freep) Address *na = NULL; |
11bf3cce LP |
491 | int r; |
492 | ||
493 | assert(link); | |
494 | assert(original); | |
495 | assert(ret); | |
496 | ||
497 | /* Something useful was configured? just use it */ | |
7e43ebfb YW |
498 | r = in_addr_is_null(original->family, &original->in_addr); |
499 | if (r <= 0) | |
500 | return r; | |
11bf3cce LP |
501 | |
502 | /* The address is configured to be 0.0.0.0 or [::] by the user? | |
503 | * Then let's acquire something more useful from the pool. */ | |
504 | r = manager_address_pool_acquire(link->manager, original->family, original->prefixlen, &in_addr); | |
6a7a4e4d LP |
505 | if (r < 0) |
506 | return log_link_error_errno(link, r, "Failed to acquire address from pool: %m"); | |
11bf3cce | 507 | if (r == 0) { |
79008bdd | 508 | log_link_error(link, "Couldn't find free address for interface, all taken."); |
11bf3cce LP |
509 | return -EBUSY; |
510 | } | |
511 | ||
512 | if (original->family == AF_INET) { | |
d076c6f9 | 513 | /* Pick first address in range for ourselves ... */ |
11bf3cce LP |
514 | in_addr.in.s_addr = in_addr.in.s_addr | htobe32(1); |
515 | ||
516 | /* .. and use last as broadcast address */ | |
e87e2b78 SS |
517 | if (original->prefixlen > 30) |
518 | broadcast.s_addr = 0; | |
519 | else | |
520 | broadcast.s_addr = in_addr.in.s_addr | htobe32(0xFFFFFFFFUL >> original->prefixlen); | |
11bf3cce LP |
521 | } else if (original->family == AF_INET6) |
522 | in_addr.in6.s6_addr[15] |= 1; | |
523 | ||
f0213e37 | 524 | r = address_new(&na); |
11bf3cce LP |
525 | if (r < 0) |
526 | return r; | |
527 | ||
528 | na->family = original->family; | |
529 | na->prefixlen = original->prefixlen; | |
530 | na->scope = original->scope; | |
531 | na->cinfo = original->cinfo; | |
532 | ||
533 | if (original->label) { | |
534 | na->label = strdup(original->label); | |
0099bc15 | 535 | if (!na->label) |
11bf3cce | 536 | return -ENOMEM; |
11bf3cce LP |
537 | } |
538 | ||
539 | na->broadcast = broadcast; | |
540 | na->in_addr = in_addr; | |
541 | ||
542 | LIST_PREPEND(addresses, link->pool_addresses, na); | |
543 | ||
1cc6c93a | 544 | *ret = TAKE_PTR(na); |
0099bc15 | 545 | |
11bf3cce LP |
546 | return 0; |
547 | } | |
548 | ||
1b566071 LP |
549 | int address_configure( |
550 | Address *address, | |
551 | Link *link, | |
302a796f | 552 | link_netlink_message_handler_t callback, |
1b566071 LP |
553 | bool update) { |
554 | ||
4afd3348 | 555 | _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL; |
f579559b TG |
556 | int r; |
557 | ||
c166a070 | 558 | assert(address); |
4c701096 | 559 | assert(IN_SET(address->family, AF_INET, AF_INET6)); |
c166a070 TG |
560 | assert(link); |
561 | assert(link->ifindex > 0); | |
f882c247 | 562 | assert(link->manager); |
c166a070 | 563 | assert(link->manager->rtnl); |
bd1175bc | 564 | assert(callback); |
f882c247 | 565 | |
1b566071 LP |
566 | /* If this is a new address, then refuse adding more than the limit */ |
567 | if (address_get(link, address->family, &address->in_addr, address->prefixlen, NULL) <= 0 && | |
568 | set_size(link->addresses) >= ADDRESSES_PER_LINK_MAX) | |
569 | return -E2BIG; | |
570 | ||
11bf3cce LP |
571 | r = address_acquire(link, address, &address); |
572 | if (r < 0) | |
573 | return r; | |
574 | ||
66669078 TG |
575 | if (update) |
576 | r = sd_rtnl_message_new_addr_update(link->manager->rtnl, &req, | |
577 | link->ifindex, address->family); | |
578 | else | |
579 | r = sd_rtnl_message_new_addr(link->manager->rtnl, &req, RTM_NEWADDR, | |
580 | link->ifindex, address->family); | |
eb56eb9b MS |
581 | if (r < 0) |
582 | return log_error_errno(r, "Could not allocate RTM_NEWADDR message: %m"); | |
f579559b | 583 | |
5a723174 | 584 | r = sd_rtnl_message_addr_set_prefixlen(req, address->prefixlen); |
eb56eb9b MS |
585 | if (r < 0) |
586 | return log_error_errno(r, "Could not set prefixlen: %m"); | |
5a723174 | 587 | |
851c9f82 PF |
588 | address->flags |= IFA_F_PERMANENT; |
589 | ||
e63be084 SS |
590 | if (address->home_address) |
591 | address->flags |= IFA_F_HOMEADDRESS; | |
592 | ||
593 | if (address->duplicate_address_detection) | |
594 | address->flags |= IFA_F_NODAD; | |
595 | ||
596 | if (address->manage_temporary_address) | |
597 | address->flags |= IFA_F_MANAGETEMPADDR; | |
598 | ||
599 | if (address->prefix_route) | |
600 | address->flags |= IFA_F_NOPREFIXROUTE; | |
601 | ||
602 | if (address->autojoin) | |
603 | address->flags |= IFA_F_MCAUTOJOIN; | |
604 | ||
851c9f82 | 605 | r = sd_rtnl_message_addr_set_flags(req, (address->flags & 0xff)); |
eb56eb9b MS |
606 | if (r < 0) |
607 | return log_error_errno(r, "Could not set flags: %m"); | |
5a723174 | 608 | |
851c9f82 | 609 | if (address->flags & ~0xff) { |
1c4baffc | 610 | r = sd_netlink_message_append_u32(req, IFA_FLAGS, address->flags); |
851c9f82 PF |
611 | if (r < 0) |
612 | return log_error_errno(r, "Could not set extended flags: %m"); | |
613 | } | |
614 | ||
5c1d3fc9 | 615 | r = sd_rtnl_message_addr_set_scope(req, address->scope); |
eb56eb9b MS |
616 | if (r < 0) |
617 | return log_error_errno(r, "Could not set scope: %m"); | |
5a723174 | 618 | |
43409486 | 619 | r = netlink_message_append_in_addr_union(req, IFA_LOCAL, address->family, &address->in_addr); |
eb56eb9b MS |
620 | if (r < 0) |
621 | return log_error_errno(r, "Could not append IFA_LOCAL attribute: %m"); | |
f579559b | 622 | |
d40b01e4 | 623 | if (in_addr_is_null(address->family, &address->in_addr_peer) == 0) { |
43409486 | 624 | r = netlink_message_append_in_addr_union(req, IFA_ADDRESS, address->family, &address->in_addr_peer); |
eb56eb9b MS |
625 | if (r < 0) |
626 | return log_error_errno(r, "Could not append IFA_ADDRESS attribute: %m"); | |
66e0bb33 YW |
627 | } else if (address->family == AF_INET && address->prefixlen <= 30) { |
628 | r = sd_netlink_message_append_in_addr(req, IFA_BROADCAST, &address->broadcast); | |
629 | if (r < 0) | |
630 | return log_error_errno(r, "Could not append IFA_BROADCAST attribute: %m"); | |
f579559b TG |
631 | } |
632 | ||
633 | if (address->label) { | |
1c4baffc | 634 | r = sd_netlink_message_append_string(req, IFA_LABEL, address->label); |
eb56eb9b MS |
635 | if (r < 0) |
636 | return log_error_errno(r, "Could not append IFA_LABEL attribute: %m"); | |
f579559b TG |
637 | } |
638 | ||
66e0bb33 | 639 | r = sd_netlink_message_append_cache_info(req, IFA_CACHEINFO, &address->cinfo); |
eb56eb9b MS |
640 | if (r < 0) |
641 | return log_error_errno(r, "Could not append IFA_CACHEINFO attribute: %m"); | |
68ceb9df | 642 | |
fcf50cff | 643 | r = address_establish(address, link); |
eb56eb9b | 644 | if (r < 0) |
fcf50cff TG |
645 | return r; |
646 | ||
dfef713f | 647 | r = netlink_call_async(link->manager->rtnl, NULL, req, callback, link_netlink_destroy_callback, link); |
fcf50cff TG |
648 | if (r < 0) { |
649 | address_release(address); | |
eb56eb9b | 650 | return log_error_errno(r, "Could not send rtnetlink message: %m"); |
fcf50cff | 651 | } |
f579559b | 652 | |
563c69c6 TG |
653 | link_ref(link); |
654 | ||
dfef713f SS |
655 | if (address->family == AF_INET6 && !in_addr_is_null(address->family, &address->in_addr_peer)) |
656 | r = address_add(link, address->family, &address->in_addr_peer, address->prefixlen, NULL); | |
657 | else | |
658 | r = address_add(link, address->family, &address->in_addr, address->prefixlen, NULL); | |
adda1ed9 TG |
659 | if (r < 0) { |
660 | address_release(address); | |
661 | return log_error_errno(r, "Could not add address: %m"); | |
662 | } | |
663 | ||
f579559b TG |
664 | return 0; |
665 | } | |
666 | ||
44e7b949 LP |
667 | int config_parse_broadcast( |
668 | const char *unit, | |
eb0ea358 TG |
669 | const char *filename, |
670 | unsigned line, | |
671 | const char *section, | |
672 | unsigned section_line, | |
673 | const char *lvalue, | |
674 | int ltype, | |
675 | const char *rvalue, | |
676 | void *data, | |
677 | void *userdata) { | |
44e7b949 | 678 | |
eb0ea358 | 679 | Network *network = userdata; |
8e766630 | 680 | _cleanup_(address_freep) Address *n = NULL; |
eb0ea358 TG |
681 | int r; |
682 | ||
683 | assert(filename); | |
684 | assert(section); | |
685 | assert(lvalue); | |
686 | assert(rvalue); | |
687 | assert(data); | |
688 | ||
f4859fc7 | 689 | r = address_new_static(network, filename, section_line, &n); |
eb0ea358 TG |
690 | if (r < 0) |
691 | return r; | |
692 | ||
482e2ac1 | 693 | if (n->family == AF_INET6) { |
2850cd40 YW |
694 | log_syntax(unit, LOG_ERR, filename, line, 0, |
695 | "Broadcast is not valid for IPv6 addresses, ignoring assignment: %s", rvalue); | |
482e2ac1 TG |
696 | return 0; |
697 | } | |
698 | ||
44e7b949 | 699 | r = in_addr_from_string(AF_INET, rvalue, (union in_addr_union*) &n->broadcast); |
eb0ea358 | 700 | if (r < 0) { |
2850cd40 YW |
701 | log_syntax(unit, LOG_ERR, filename, line, r, |
702 | "Broadcast is invalid, ignoring assignment: %s", rvalue); | |
eb0ea358 TG |
703 | return 0; |
704 | } | |
705 | ||
44e7b949 | 706 | n->family = AF_INET; |
eb0ea358 TG |
707 | n = NULL; |
708 | ||
709 | return 0; | |
710 | } | |
711 | ||
f579559b TG |
712 | int config_parse_address(const char *unit, |
713 | const char *filename, | |
714 | unsigned line, | |
715 | const char *section, | |
71a61510 | 716 | unsigned section_line, |
f579559b TG |
717 | const char *lvalue, |
718 | int ltype, | |
719 | const char *rvalue, | |
720 | void *data, | |
721 | void *userdata) { | |
44e7b949 | 722 | |
6ae115c1 | 723 | Network *network = userdata; |
8e766630 | 724 | _cleanup_(address_freep) Address *n = NULL; |
44e7b949 | 725 | union in_addr_union buffer; |
b7cb4452 | 726 | unsigned char prefixlen; |
44e7b949 | 727 | int r, f; |
f579559b TG |
728 | |
729 | assert(filename); | |
6ae115c1 | 730 | assert(section); |
f579559b TG |
731 | assert(lvalue); |
732 | assert(rvalue); | |
733 | assert(data); | |
734 | ||
92fe133a TG |
735 | if (streq(section, "Network")) { |
736 | /* we are not in an Address section, so treat | |
737 | * this as the special '0' section */ | |
f4859fc7 SS |
738 | r = address_new_static(network, NULL, 0, &n); |
739 | } else | |
740 | r = address_new_static(network, filename, section_line, &n); | |
92fe133a | 741 | |
f579559b TG |
742 | if (r < 0) |
743 | return r; | |
744 | ||
745 | /* Address=address/prefixlen */ | |
0f707207 YW |
746 | r = in_addr_prefix_from_string_auto_internal(rvalue, PREFIXLEN_REFUSE, &f, &buffer, &prefixlen); |
747 | if (r == -ENOANO) { | |
748 | log_syntax(unit, LOG_ERR, filename, line, r, | |
749 | "An address '%s' is specified without prefix length. " | |
750 | "The behavior of parsing addresses without prefix length will be changed in the future release. " | |
751 | "Please specify prefix length explicitly.", rvalue); | |
752 | ||
753 | r = in_addr_prefix_from_string_auto_internal(rvalue, PREFIXLEN_LEGACY, &f, &buffer, &prefixlen); | |
754 | } | |
f579559b | 755 | if (r < 0) { |
b7cb4452 | 756 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid address '%s', ignoring assignment: %m", rvalue); |
f579559b TG |
757 | return 0; |
758 | } | |
759 | ||
44e7b949 | 760 | if (n->family != AF_UNSPEC && f != n->family) { |
b7cb4452 | 761 | log_syntax(unit, LOG_ERR, filename, line, 0, "Address is incompatible, ignoring assignment: %s", rvalue); |
44e7b949 LP |
762 | return 0; |
763 | } | |
764 | ||
c9207ff3 YW |
765 | if (in_addr_is_null(f, &buffer)) { |
766 | /* Will use address from address pool. Note that for ipv6 case, prefix of the address | |
767 | * pool is 8, but 40 bit is used by the global ID and 16 bit by the subnet ID. So, | |
768 | * let's limit the prefix length to 64 or larger. See RFC4193. */ | |
769 | if ((f == AF_INET && prefixlen < 8) || | |
770 | (f == AF_INET6 && prefixlen < 64)) { | |
771 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
772 | "Null address with invalid prefixlen='%u', ignoring assignment: %s", | |
773 | prefixlen, rvalue); | |
774 | return 0; | |
775 | } | |
776 | } | |
777 | ||
44e7b949 | 778 | n->family = f; |
b7cb4452 | 779 | n->prefixlen = prefixlen; |
44e7b949 LP |
780 | |
781 | if (streq(lvalue, "Address")) | |
782 | n->in_addr = buffer; | |
783 | else | |
784 | n->in_addr_peer = buffer; | |
785 | ||
786 | if (n->family == AF_INET && n->broadcast.s_addr == 0) | |
787 | n->broadcast.s_addr = n->in_addr.in.s_addr | htonl(0xfffffffflu >> n->prefixlen); | |
eb0ea358 | 788 | |
f579559b TG |
789 | n = NULL; |
790 | ||
791 | return 0; | |
792 | } | |
6ae115c1 | 793 | |
d31645ad LP |
794 | int config_parse_label( |
795 | const char *unit, | |
6ae115c1 TG |
796 | const char *filename, |
797 | unsigned line, | |
798 | const char *section, | |
799 | unsigned section_line, | |
800 | const char *lvalue, | |
801 | int ltype, | |
802 | const char *rvalue, | |
803 | void *data, | |
804 | void *userdata) { | |
d31645ad | 805 | |
8e766630 | 806 | _cleanup_(address_freep) Address *n = NULL; |
d31645ad | 807 | Network *network = userdata; |
6ae115c1 TG |
808 | int r; |
809 | ||
810 | assert(filename); | |
811 | assert(section); | |
812 | assert(lvalue); | |
813 | assert(rvalue); | |
814 | assert(data); | |
815 | ||
f4859fc7 | 816 | r = address_new_static(network, filename, section_line, &n); |
6ae115c1 TG |
817 | if (r < 0) |
818 | return r; | |
819 | ||
a87d19fe | 820 | if (!address_label_valid(rvalue)) { |
2850cd40 YW |
821 | log_syntax(unit, LOG_ERR, filename, line, 0, |
822 | "Interface label is too long or invalid, ignoring assignment: %s", rvalue); | |
6ae115c1 TG |
823 | return 0; |
824 | } | |
825 | ||
d31645ad LP |
826 | r = free_and_strdup(&n->label, rvalue); |
827 | if (r < 0) | |
828 | return log_oom(); | |
6ae115c1 TG |
829 | |
830 | n = NULL; | |
6ae115c1 TG |
831 | return 0; |
832 | } | |
ce6c77eb | 833 | |
b5834a0b SS |
834 | int config_parse_lifetime(const char *unit, |
835 | const char *filename, | |
836 | unsigned line, | |
837 | const char *section, | |
838 | unsigned section_line, | |
839 | const char *lvalue, | |
840 | int ltype, | |
841 | const char *rvalue, | |
842 | void *data, | |
843 | void *userdata) { | |
844 | Network *network = userdata; | |
8e766630 | 845 | _cleanup_(address_freep) Address *n = NULL; |
b5834a0b SS |
846 | unsigned k; |
847 | int r; | |
848 | ||
849 | assert(filename); | |
850 | assert(section); | |
851 | assert(lvalue); | |
852 | assert(rvalue); | |
853 | assert(data); | |
854 | ||
f4859fc7 | 855 | r = address_new_static(network, filename, section_line, &n); |
b5834a0b SS |
856 | if (r < 0) |
857 | return r; | |
858 | ||
33680b0a YW |
859 | /* We accept only "forever", "infinity", or "0". */ |
860 | if (STR_IN_SET(rvalue, "forever", "infinity")) | |
861 | k = CACHE_INFO_INFINITY_LIFE_TIME; | |
862 | else if (streq(rvalue, "0")) | |
863 | k = 0; | |
864 | else { | |
865 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
866 | "Invalid PreferredLifetime= value, ignoring: %s", rvalue); | |
b5834a0b SS |
867 | return 0; |
868 | } | |
869 | ||
33680b0a YW |
870 | n->cinfo.ifa_prefered = k; |
871 | n = NULL; | |
b5834a0b SS |
872 | |
873 | return 0; | |
874 | } | |
875 | ||
e63be084 SS |
876 | int config_parse_address_flags(const char *unit, |
877 | const char *filename, | |
878 | unsigned line, | |
879 | const char *section, | |
880 | unsigned section_line, | |
881 | const char *lvalue, | |
882 | int ltype, | |
883 | const char *rvalue, | |
884 | void *data, | |
885 | void *userdata) { | |
886 | Network *network = userdata; | |
8e766630 | 887 | _cleanup_(address_freep) Address *n = NULL; |
e63be084 SS |
888 | int r; |
889 | ||
890 | assert(filename); | |
891 | assert(section); | |
892 | assert(lvalue); | |
893 | assert(rvalue); | |
894 | assert(data); | |
895 | ||
f4859fc7 | 896 | r = address_new_static(network, filename, section_line, &n); |
e63be084 SS |
897 | if (r < 0) |
898 | return r; | |
899 | ||
900 | r = parse_boolean(rvalue); | |
901 | if (r < 0) { | |
2850cd40 YW |
902 | log_syntax(unit, LOG_ERR, filename, line, r, |
903 | "Failed to parse address flag, ignoring: %s", rvalue); | |
e63be084 SS |
904 | return 0; |
905 | } | |
906 | ||
907 | if (streq(lvalue, "HomeAddress")) | |
908 | n->home_address = r; | |
909 | else if (streq(lvalue, "DuplicateAddressDetection")) | |
910 | n->duplicate_address_detection = r; | |
911 | else if (streq(lvalue, "ManageTemporaryAddress")) | |
912 | n->manage_temporary_address = r; | |
913 | else if (streq(lvalue, "PrefixRoute")) | |
914 | n->prefix_route = r; | |
915 | else if (streq(lvalue, "AutoJoin")) | |
916 | n->autojoin = r; | |
2850cd40 YW |
917 | else |
918 | assert_not_reached("Invalid address flag type."); | |
e63be084 | 919 | |
4aa4c4b0 | 920 | n = NULL; |
e63be084 SS |
921 | return 0; |
922 | } | |
923 | ||
2959fb07 SS |
924 | int config_parse_address_scope(const char *unit, |
925 | const char *filename, | |
926 | unsigned line, | |
927 | const char *section, | |
928 | unsigned section_line, | |
929 | const char *lvalue, | |
930 | int ltype, | |
931 | const char *rvalue, | |
932 | void *data, | |
933 | void *userdata) { | |
934 | Network *network = userdata; | |
8e766630 | 935 | _cleanup_(address_freep) Address *n = NULL; |
2959fb07 SS |
936 | int r; |
937 | ||
938 | assert(filename); | |
939 | assert(section); | |
940 | assert(lvalue); | |
941 | assert(rvalue); | |
942 | assert(data); | |
943 | ||
944 | r = address_new_static(network, filename, section_line, &n); | |
945 | if (r < 0) | |
946 | return r; | |
947 | ||
948 | if (streq(rvalue, "host")) | |
949 | n->scope = RT_SCOPE_HOST; | |
950 | else if (streq(rvalue, "link")) | |
951 | n->scope = RT_SCOPE_LINK; | |
952 | else if (streq(rvalue, "global")) | |
953 | n->scope = RT_SCOPE_UNIVERSE; | |
954 | else { | |
955 | r = safe_atou8(rvalue , &n->scope); | |
956 | if (r < 0) { | |
2850cd40 YW |
957 | log_syntax(unit, LOG_ERR, filename, line, r, |
958 | "Could not parse address scope \"%s\", ignoring assignment: %m", rvalue); | |
2959fb07 SS |
959 | return 0; |
960 | } | |
961 | } | |
962 | ||
963 | n = NULL; | |
2959fb07 SS |
964 | return 0; |
965 | } | |
966 | ||
ce6c77eb TG |
967 | bool address_is_ready(const Address *a) { |
968 | assert(a); | |
969 | ||
b7ed5384 SS |
970 | if (a->family == AF_INET6) |
971 | return !(a->flags & IFA_F_TENTATIVE); | |
972 | else | |
973 | return !(a->flags & (IFA_F_TENTATIVE | IFA_F_DEPRECATED)); | |
ce6c77eb | 974 | } |