/* SPDX-License-Identifier: LGPL-2.1+ */
-#include <ctype.h>
#include <net/if.h>
+#include <netinet/in.h>
+#include <linux/netdevice.h>
#include "alloc-util.h"
#include "conf-files.h"
#include "fd-util.h"
#include "hostname-util.h"
#include "in-addr-util.h"
-#include "missing_network.h"
#include "network-internal.h"
#include "networkd-manager.h"
#include "networkd-network.h"
#include "parse-util.h"
#include "set.h"
+#include "socket-util.h"
#include "stat-util.h"
#include "string-table.h"
#include "string-util.h"
#include "strv.h"
#include "util.h"
-static void network_config_hash_func(const NetworkConfigSection *c, struct siphash *state) {
- siphash24_compress(c->filename, strlen(c->filename), state);
- siphash24_compress(&c->line, sizeof(c->line), state);
-}
-
-static int network_config_compare_func(const NetworkConfigSection *x, const NetworkConfigSection *y) {
- int r;
-
- r = strcmp(x->filename, y->filename);
- if (r != 0)
- return r;
-
- return CMP(x->line, y->line);
-}
-
-DEFINE_HASH_OPS(network_config_hash_ops, NetworkConfigSection, network_config_hash_func, network_config_compare_func);
-
-int network_config_section_new(const char *filename, unsigned line, NetworkConfigSection **s) {
- NetworkConfigSection *cs;
-
- cs = malloc0(offsetof(NetworkConfigSection, filename) + strlen(filename) + 1);
- if (!cs)
- return -ENOMEM;
-
- strcpy(cs->filename, filename);
- cs->line = line;
-
- *s = TAKE_PTR(cs);
-
- return 0;
-}
-
-void network_config_section_free(NetworkConfigSection *cs) {
- free(cs);
-}
+/* Let's assume that anything above this number is a user misconfiguration. */
+#define MAX_NTP_SERVERS 128
/* Set defaults following RFC7844 */
void network_apply_anonymize_if_set(Network *network) {
network->dhcp_use_timezone = false;
}
+static int network_resolve_netdev_one(Network *network, const char *name, NetDevKind kind, NetDev **ret_netdev) {
+ const char *kind_string;
+ NetDev *netdev;
+ int r;
+
+ /* For test-networkd-conf, the check must be earlier than the assertions. */
+ if (!name)
+ return 0;
+
+ assert(network);
+ assert(network->manager);
+ assert(network->filename);
+ assert(ret_netdev);
+
+ if (kind == _NETDEV_KIND_TUNNEL)
+ kind_string = "tunnel";
+ else {
+ kind_string = netdev_kind_to_string(kind);
+ if (!kind_string)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
+ "%s: Invalid NetDev kind of %s, ignoring assignment.",
+ network->filename, name);
+ }
+
+ r = netdev_get(network->manager, name, &netdev);
+ if (r < 0)
+ return log_error_errno(r, "%s: %s NetDev could not be found, ignoring assignment.",
+ network->filename, name);
+
+ if (netdev->kind != kind && !(kind == _NETDEV_KIND_TUNNEL &&
+ IN_SET(netdev->kind,
+ NETDEV_KIND_IPIP,
+ NETDEV_KIND_SIT,
+ NETDEV_KIND_GRE,
+ NETDEV_KIND_GRETAP,
+ NETDEV_KIND_IP6GRE,
+ NETDEV_KIND_IP6GRETAP,
+ NETDEV_KIND_VTI,
+ NETDEV_KIND_VTI6,
+ NETDEV_KIND_IP6TNL,
+ NETDEV_KIND_ERSPAN)))
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
+ "%s: NetDev %s is not a %s, ignoring assignment",
+ network->filename, name, kind_string);
+
+ *ret_netdev = netdev_ref(netdev);
+ return 1;
+}
+
+static int network_resolve_stacked_netdevs(Network *network) {
+ void *name, *kind;
+ Iterator i;
+ int r;
+
+ assert(network);
+
+ HASHMAP_FOREACH_KEY(kind, name, network->stacked_netdev_names, i) {
+ _cleanup_(netdev_unrefp) NetDev *netdev = NULL;
+
+ r = network_resolve_netdev_one(network, name, PTR_TO_INT(kind), &netdev);
+ if (r <= 0)
+ continue;
+
+ r = hashmap_ensure_allocated(&network->stacked_netdevs, &string_hash_ops);
+ if (r < 0)
+ return log_oom();
+
+ r = hashmap_put(network->stacked_netdevs, netdev->ifname, netdev);
+ if (r < 0)
+ return log_error_errno(r, "%s: Failed to add NetDev '%s' to network: %m",
+ network->filename, (const char *) name);
+
+ netdev = NULL;
+ }
+
+ return 0;
+}
+
+int network_verify(Network *network) {
+ Address *address, *address_next;
+ Route *route, *route_next;
+ FdbEntry *fdb, *fdb_next;
+ Neighbor *neighbor, *neighbor_next;
+ AddressLabel *label, *label_next;
+ Prefix *prefix, *prefix_next;
+ RoutingPolicyRule *rule, *rule_next;
+
+ assert(network);
+ assert(network->filename);
+
+ if (set_isempty(network->match_mac) && strv_isempty(network->match_path) &&
+ strv_isempty(network->match_driver) && strv_isempty(network->match_type) &&
+ strv_isempty(network->match_name) && !network->conditions)
+ log_warning("%s: No valid settings found in the [Match] section. "
+ "The file will match all interfaces. "
+ "If that is intended, please add Name=* in the [Match] section.",
+ network->filename);
+
+ /* skip out early if configuration does not match the environment */
+ if (!condition_test_list(network->conditions, NULL, NULL, NULL))
+ return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
+ "%s: Conditions in the file do not match the system environment, skipping.",
+ network->filename);
+
+ (void) network_resolve_netdev_one(network, network->bond_name, NETDEV_KIND_BOND, &network->bond);
+ (void) network_resolve_netdev_one(network, network->bridge_name, NETDEV_KIND_BRIDGE, &network->bridge);
+ (void) network_resolve_netdev_one(network, network->vrf_name, NETDEV_KIND_VRF, &network->vrf);
+ (void) network_resolve_stacked_netdevs(network);
+
+ /* Free unnecessary entries. */
+ network->bond_name = mfree(network->bond_name);
+ network->bridge_name = mfree(network->bridge_name);
+ network->vrf_name = mfree(network->vrf_name);
+ network->stacked_netdev_names = hashmap_free_free_key(network->stacked_netdev_names);
+
+ if (network->bond) {
+ /* Bonding slave does not support addressing. */
+ if (network->ipv6_accept_ra > 0) {
+ log_warning("%s: Cannot enable IPv6AcceptRA= when Bond= is specified, disabling IPv6AcceptRA=.",
+ network->filename);
+ network->ipv6_accept_ra = 0;
+ }
+ if (network->link_local >= 0 && network->link_local != ADDRESS_FAMILY_NO) {
+ log_warning("%s: Cannot enable LinkLocalAddressing= when Bond= is specified, disabling LinkLocalAddressing=.",
+ network->filename);
+ network->link_local = ADDRESS_FAMILY_NO;
+ }
+ if (network->dhcp != ADDRESS_FAMILY_NO) {
+ log_warning("%s: Cannot enable DHCP= when Bond= is specified, disabling DHCP=.",
+ network->filename);
+ network->dhcp = ADDRESS_FAMILY_NO;
+ }
+ if (network->dhcp_server) {
+ log_warning("%s: Cannot enable DHCPServer= when Bond= is specified, disabling DHCPServer=.",
+ network->filename);
+ network->dhcp_server = false;
+ }
+ if (network->n_static_addresses > 0) {
+ log_warning("%s: Cannot set addresses when Bond= is specified, ignoring addresses.",
+ network->filename);
+ while ((address = network->static_addresses))
+ address_free(address);
+ }
+ if (network->n_static_routes > 0) {
+ log_warning("%s: Cannot set routes when Bond= is specified, ignoring routes.",
+ network->filename);
+ while ((route = network->static_routes))
+ route_free(route);
+ }
+ }
+
+ if (network->link_local < 0)
+ network->link_local = network->bridge ? ADDRESS_FAMILY_NO : ADDRESS_FAMILY_IPV6;
+
+ if (FLAGS_SET(network->link_local, ADDRESS_FAMILY_FALLBACK_IPV4) &&
+ !FLAGS_SET(network->dhcp, ADDRESS_FAMILY_IPV4)) {
+ log_warning("%s: fallback assignment of IPv4 link local address is enabled but DHCPv4 is disabled. "
+ "Disabling the fallback assignment.", network->filename);
+ SET_FLAG(network->link_local, ADDRESS_FAMILY_FALLBACK_IPV4, false);
+ }
+
+ if (network->ipv6_accept_ra < 0 && network->bridge)
+ network->ipv6_accept_ra = false;
+
+ /* IPMasquerade=yes implies IPForward=yes */
+ if (network->ip_masquerade)
+ network->ip_forward |= ADDRESS_FAMILY_IPV4;
+
+ if (network->mtu > 0 && network->dhcp_use_mtu) {
+ log_warning("%s: MTUBytes= in [Link] section and UseMTU= in [DHCP] section are set. "
+ "Disabling UseMTU=.", network->filename);
+ network->dhcp_use_mtu = false;
+ }
+
+ LIST_FOREACH_SAFE(addresses, address, address_next, network->static_addresses)
+ if (address_section_verify(address) < 0)
+ address_free(address);
+
+ LIST_FOREACH_SAFE(routes, route, route_next, network->static_routes)
+ if (route_section_verify(route, network) < 0)
+ route_free(route);
+
+ LIST_FOREACH_SAFE(static_fdb_entries, fdb, fdb_next, network->static_fdb_entries)
+ if (section_is_invalid(fdb->section))
+ fdb_entry_free(fdb);
+
+ LIST_FOREACH_SAFE(neighbors, neighbor, neighbor_next, network->neighbors)
+ if (section_is_invalid(neighbor->section))
+ neighbor_free(neighbor);
+
+ LIST_FOREACH_SAFE(labels, label, label_next, network->address_labels)
+ if (section_is_invalid(label->section))
+ address_label_free(label);
+
+ LIST_FOREACH_SAFE(prefixes, prefix, prefix_next, network->static_prefixes)
+ if (section_is_invalid(prefix->section))
+ prefix_free(prefix);
+
+ LIST_FOREACH_SAFE(rules, rule, rule_next, network->rules)
+ if (section_is_invalid(rule->section))
+ routing_policy_rule_free(rule);
+
+ return 0;
+}
+
int network_load_one(Manager *manager, const char *filename) {
_cleanup_free_ char *fname = NULL, *name = NULL;
- _cleanup_(network_freep) Network *network = NULL;
+ _cleanup_(network_unrefp) Network *network = NULL;
_cleanup_fclose_ FILE *file = NULL;
const char *dropin_dirname;
- Address *address;
- Route *route;
char *d;
int r;
return log_oom();
*network = (Network) {
- .manager = manager,
.filename = TAKE_PTR(fname),
.name = TAKE_PTR(name),
+ .manager = manager,
+ .n_ref = 1,
+
.required_for_online = true,
+ .required_operstate_for_online = LINK_OPERSTATE_DEGRADED,
.dhcp = ADDRESS_FAMILY_NO,
.dhcp_use_ntp = true,
.dhcp_use_dns = true,
.dhcp_use_hostname = true,
.dhcp_use_routes = true,
- /* NOTE: this var might be overwriten by network_apply_anonymize_if_set */
+ /* NOTE: this var might be overwritten by network_apply_anonymize_if_set */
.dhcp_send_hostname = true,
/* To enable/disable RFC7844 Anonymity Profiles */
.dhcp_anonymize = false,
.dhcp_route_metric = DHCP_ROUTE_METRIC,
- /* NOTE: this var might be overwrite by network_apply_anonymize_if_set */
+ /* NOTE: this var might be overwritten by network_apply_anonymize_if_set */
.dhcp_client_identifier = DHCP_CLIENT_ID_DUID,
.dhcp_route_table = RT_TABLE_MAIN,
.dhcp_route_table_set = false,
.fast_leave = -1,
.allow_port_to_be_root = -1,
.unicast_flood = -1,
+ .multicast_flood = -1,
.multicast_to_unicast = -1,
+ .neighbor_suppression = -1,
+ .learning = -1,
+ .bridge_proxy_arp = -1,
+ .bridge_proxy_arp_wifi = -1,
.priority = LINK_BRIDGE_PORT_PRIORITY_INVALID,
+ .multicast_router = _MULTICAST_ROUTER_INVALID,
.lldp_mode = LLDP_MODE_ROUTERS_ONLY,
.dnssec_mode = _DNSSEC_MODE_INVALID,
.dns_over_tls_mode = _DNS_OVER_TLS_MODE_INVALID,
- .link_local = ADDRESS_FAMILY_IPV6,
+ /* If LinkLocalAddressing= is not set, then set to ADDRESS_FAMILY_IPV6 later. */
+ .link_local = _ADDRESS_FAMILY_BOOLEAN_INVALID,
.ipv6_privacy_extensions = IPV6_PRIVACY_EXTENSIONS_NO,
.ipv6_accept_ra = -1,
.ipv6_accept_ra_use_autonomous_prefix = true,
.ipv6_accept_ra_use_onlink_prefix = true,
.ipv6_accept_ra_route_table = RT_TABLE_MAIN,
+ .ipv6_accept_ra_route_table_set = false,
+
+ .can_triple_sampling = -1,
};
- r = config_parse_many(filename, network_dirs, dropin_dirname,
+ r = config_parse_many(filename, NETWORK_DIRS, dropin_dirname,
"Match\0"
"Link\0"
"Network\0"
"CAN\0",
config_item_perf_lookup, network_network_gperf_lookup,
CONFIG_PARSE_WARN, network);
- if (r < 0) {
- /* Unset manager here. Otherwise, LIST_REMOVE() in network_free() fails. */
- network->manager = NULL;
+ if (r < 0)
return r;
- }
network_apply_anonymize_if_set(network);
- /* IPMasquerade=yes implies IPForward=yes */
- if (network->ip_masquerade)
- network->ip_forward |= ADDRESS_FAMILY_IPV4;
-
- if (network->mtu > 0 && network->dhcp_use_mtu) {
- log_warning("MTUBytes= in [Link] section and UseMTU= in [DHCP] section are set in %s. "
- "Disabling UseMTU=.", filename);
- network->dhcp_use_mtu = false;
- }
+ r = network_add_ipv4ll_route(network);
+ if (r < 0)
+ log_warning_errno(r, "%s: Failed to add IPv4LL route, ignoring: %m", network->filename);
- LIST_PREPEND(networks, manager->networks, network);
+ r = network_add_default_route_on_device(network);
+ if (r < 0)
+ log_warning_errno(r, "%s: Failed to add default route on device, ignoring: %m",
+ network->filename);
- r = hashmap_ensure_allocated(&manager->networks_by_name, &string_hash_ops);
+ r = ordered_hashmap_ensure_allocated(&manager->networks, &string_hash_ops);
if (r < 0)
return r;
- r = hashmap_put(manager->networks_by_name, network->name, network);
+ r = ordered_hashmap_put(manager->networks, network->name, network);
if (r < 0)
return r;
- LIST_FOREACH(routes, route, network->static_routes)
- if (!route->family) {
- log_warning("Route section without Gateway field configured in %s. "
- "Ignoring", filename);
- return 0;
- }
-
- LIST_FOREACH(addresses, address, network->static_addresses)
- if (!address->family) {
- log_warning("Address section without Address field configured in %s. "
- "Ignoring", filename);
- return 0;
- }
+ if (network_verify(network) < 0)
+ return 0;
network = NULL;
-
return 0;
}
int network_load(Manager *manager) {
- Network *network;
_cleanup_strv_free_ char **files = NULL;
char **f;
int r;
assert(manager);
- while ((network = manager->networks))
- network_free(network);
+ ordered_hashmap_clear_with_destructor(manager->networks, network_unref);
- r = conf_files_list_strv(&files, ".network", NULL, 0, network_dirs);
+ r = conf_files_list_strv(&files, ".network", NULL, 0, NETWORK_DIRS);
if (r < 0)
return log_error_errno(r, "Failed to enumerate network files: %m");
- STRV_FOREACH_BACKWARDS(f, files) {
+ STRV_FOREACH(f, files) {
r = network_load_one(manager, *f);
if (r < 0)
return r;
return 0;
}
-void network_free(Network *network) {
+static Network *network_free(Network *network) {
IPv6ProxyNDPAddress *ipv6_proxy_ndp_address;
RoutingPolicyRule *rule;
FdbEntry *fdb_entry;
Route *route;
if (!network)
- return;
+ return NULL;
free(network->filename);
strv_free(network->match_driver);
strv_free(network->match_type);
strv_free(network->match_name);
+ condition_free_list(network->conditions);
free(network->description);
free(network->dhcp_vendor_class_identifier);
strv_free(network->dhcp_user_class);
free(network->dhcp_hostname);
-
+ set_free(network->dhcp_black_listed_ip);
free(network->mac);
strv_free(network->ntp);
free(network->dns);
- strv_free(network->search_domains);
- strv_free(network->route_domains);
+ ordered_set_free_free(network->search_domains);
+ ordered_set_free_free(network->route_domains);
strv_free(network->bind_carrier);
- strv_free(network->router_search_domains);
+ ordered_set_free_free(network->router_search_domains);
free(network->router_dns);
+ set_free_free(network->ndisc_black_listed_prefix);
+ free(network->bridge_name);
+ free(network->bond_name);
+ free(network->vrf_name);
+ hashmap_free_free_key(network->stacked_netdev_names);
netdev_unref(network->bridge);
netdev_unref(network->bond);
netdev_unref(network->vrf);
-
hashmap_free_with_destructor(network->stacked_netdevs, netdev_unref);
while ((route = network->static_routes))
hashmap_free(network->rules_by_section);
if (network->manager) {
- if (network->manager->networks)
- LIST_REMOVE(networks, network->manager->networks, network);
-
- if (network->manager->networks_by_name && network->name)
- hashmap_remove(network->manager->networks_by_name, network->name);
+ if (network->manager->networks && network->name)
+ ordered_hashmap_remove(network->manager->networks, network->name);
if (network->manager->duids_requesting_uuid)
set_remove(network->manager->duids_requesting_uuid, &network->duid);
free(network->name);
- condition_free_list(network->match_host);
- condition_free_list(network->match_virt);
- condition_free_list(network->match_kernel_cmdline);
- condition_free_list(network->match_kernel_version);
- condition_free_list(network->match_arch);
-
free(network->dhcp_server_timezone);
free(network->dhcp_server_dns);
free(network->dhcp_server_ntp);
set_free_free(network->dnssec_negative_trust_anchors);
- free(network);
+ return mfree(network);
}
+DEFINE_TRIVIAL_REF_UNREF_FUNC(Network, network, network_free);
+
int network_get_by_name(Manager *manager, const char *name, Network **ret) {
Network *network;
assert(name);
assert(ret);
- network = hashmap_get(manager->networks_by_name, name);
+ network = ordered_hashmap_get(manager->networks, name);
if (!network)
return -ENOENT;
int network_get(Manager *manager, sd_device *device,
const char *ifname, const struct ether_addr *address,
Network **ret) {
- const char *path = NULL, *parent_driver = NULL, *driver = NULL, *devtype = NULL;
- sd_device *parent;
+ const char *path = NULL, *driver = NULL, *devtype = NULL;
Network *network;
+ Iterator i;
assert(manager);
assert(ret);
if (device) {
(void) sd_device_get_property_value(device, "ID_PATH", &path);
- if (sd_device_get_parent(device, &parent) >= 0)
- (void) sd_device_get_driver(parent, &parent_driver);
-
(void) sd_device_get_property_value(device, "ID_NET_DRIVER", &driver);
(void) sd_device_get_devtype(device, &devtype);
}
- LIST_FOREACH(networks, network, manager->networks) {
+ ORDERED_HASHMAP_FOREACH(network, manager->networks, i)
if (net_match_config(network->match_mac, network->match_path,
network->match_driver, network->match_type,
- network->match_name, network->match_host,
- network->match_virt, network->match_kernel_cmdline,
- network->match_kernel_version, network->match_arch,
- address, path, parent_driver, driver,
- devtype, ifname)) {
+ network->match_name,
+ address, path, driver, devtype, ifname)) {
if (network->match_name && device) {
const char *attr;
uint8_t name_assign_type = NET_NAME_UNKNOWN;
*ret = network;
return 0;
}
- }
*ret = NULL;
}
int network_apply(Network *network, Link *link) {
- int r;
-
assert(network);
assert(link);
- link->network = network;
-
- if (network->ipv4ll_route) {
- Route *route;
-
- r = route_new_static(network, NULL, 0, &route);
- if (r < 0)
- return r;
-
- r = inet_pton(AF_INET, "169.254.0.0", &route->dst.in);
- if (r == 0)
- return -EINVAL;
- if (r < 0)
- return -errno;
-
- route->family = AF_INET;
- route->dst_prefixlen = 16;
- route->scope = RT_SCOPE_LINK;
- route->priority = IPV4LL_ROUTE_METRIC;
- route->protocol = RTPROT_STATIC;
- }
+ link->network = network_ref(network);
if (network->n_dns > 0 ||
!strv_isempty(network->ntp) ||
- !strv_isempty(network->search_domains) ||
- !strv_isempty(network->route_domains))
+ !ordered_set_isempty(network->search_domains) ||
+ !ordered_set_isempty(network->route_domains))
link_dirty(link);
return 0;
return false;
}
-int config_parse_netdev(const char *unit,
+int config_parse_stacked_netdev(const char *unit,
const char *filename,
unsigned line,
const char *section,
const char *rvalue,
void *data,
void *userdata) {
- Network *network = userdata;
- _cleanup_free_ char *kind_string = NULL;
- char *p;
- NetDev *netdev;
- NetDevKind kind;
+ _cleanup_free_ char *name = NULL;
+ NetDevKind kind = ltype;
+ Hashmap **h = data;
int r;
assert(filename);
assert(lvalue);
assert(rvalue);
assert(data);
+ assert(IN_SET(kind,
+ NETDEV_KIND_VLAN, NETDEV_KIND_MACVLAN, NETDEV_KIND_MACVTAP,
+ NETDEV_KIND_IPVLAN, NETDEV_KIND_IPVTAP, NETDEV_KIND_VXLAN,
+ NETDEV_KIND_L2TP, NETDEV_KIND_MACSEC, _NETDEV_KIND_TUNNEL));
- kind_string = strdup(lvalue);
- if (!kind_string)
- return log_oom();
-
- /* the keys are CamelCase versions of the kind */
- for (p = kind_string; *p; p++)
- *p = tolower(*p);
-
- kind = netdev_kind_from_string(kind_string);
- if (kind == _NETDEV_KIND_INVALID) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid NetDev kind: %s", lvalue);
- return 0;
- }
-
- r = netdev_get(network->manager, rvalue, &netdev);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "%s could not be found, ignoring assignment: %s", lvalue, rvalue);
- return 0;
- }
-
- if (netdev->kind != kind) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "NetDev is not a %s, ignoring assignment: %s", lvalue, rvalue);
+ if (!ifname_valid(rvalue)) {
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Invalid netdev name in %s=, ignoring assignment: %s", lvalue, rvalue);
return 0;
}
- switch (kind) {
- case NETDEV_KIND_BRIDGE:
- network->bridge = netdev_unref(network->bridge);
- network->bridge = netdev;
-
- break;
- case NETDEV_KIND_BOND:
- network->bond = netdev_unref(network->bond);
- network->bond = netdev;
-
- break;
- case NETDEV_KIND_VRF:
- network->vrf = netdev_unref(network->vrf);
- network->vrf = netdev;
-
- break;
- case NETDEV_KIND_VLAN:
- case NETDEV_KIND_MACVLAN:
- case NETDEV_KIND_MACVTAP:
- case NETDEV_KIND_IPVLAN:
- case NETDEV_KIND_VXLAN:
- case NETDEV_KIND_VCAN:
- r = hashmap_ensure_allocated(&network->stacked_netdevs, &string_hash_ops);
- if (r < 0)
- return log_oom();
-
- r = hashmap_put(network->stacked_netdevs, netdev->ifname, netdev);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Cannot add NetDev '%s' to network: %m", rvalue);
- return 0;
- }
+ name = strdup(rvalue);
+ if (!name)
+ return log_oom();
- break;
- default:
- assert_not_reached("Cannot parse NetDev");
- }
+ r = hashmap_ensure_allocated(h, &string_hash_ops);
+ if (r < 0)
+ return log_oom();
- netdev_ref(netdev);
+ r = hashmap_put(*h, name, INT_TO_PTR(kind));
+ if (r < 0)
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Cannot add NetDev '%s' to network, ignoring assignment: %m", name);
+ else if (r == 0)
+ log_syntax(unit, LOG_DEBUG, filename, line, r,
+ "NetDev '%s' specified twice, ignoring.", name);
+ else
+ name = NULL;
return 0;
}
assert(rvalue);
if (isempty(rvalue)) {
- n->search_domains = strv_free(n->search_domains);
- n->route_domains = strv_free(n->route_domains);
+ n->search_domains = ordered_set_free_free(n->search_domains);
+ n->route_domains = ordered_set_free_free(n->route_domains);
return 0;
}
r = extract_first_word(&p, &w, NULL, 0);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract search or route domain, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to extract search or route domain, ignoring: %s", rvalue);
break;
}
if (r == 0)
domain = is_route ? w + 1 : w;
if (dns_name_is_root(domain) || streq(domain, "*")) {
- /* If the root domain appears as is, or the special token "*" is found, we'll consider this as
- * routing domain, unconditionally. */
+ /* If the root domain appears as is, or the special token "*" is found, we'll
+ * consider this as routing domain, unconditionally. */
is_route = true;
- domain = "."; /* make sure we don't allow empty strings, thus write the root domain as "." */
+ domain = "."; /* make sure we don't allow empty strings, thus write the root
+ * domain as "." */
} else {
r = dns_name_normalize(domain, 0, &normalized);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "'%s' is not a valid domain name, ignoring.", domain);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "'%s' is not a valid domain name, ignoring.", domain);
continue;
}
domain = normalized;
if (is_localhost(domain)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "'localhost' domain names may not be configure as search or route domains, ignoring assignment: %s", domain);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "'localhost' domain may not be configured as search or route domain, ignoring assignment: %s",
+ domain);
continue;
}
}
- if (is_route)
- r = strv_extend(&n->route_domains, domain);
- else
- r = strv_extend(&n->search_domains, domain);
+ OrderedSet **set = is_route ? &n->route_domains : &n->search_domains;
+ r = ordered_set_ensure_allocated(set, &string_hash_ops);
if (r < 0)
- return log_oom();
- }
-
- strv_uniq(n->route_domains);
- strv_uniq(n->search_domains);
-
- return 0;
-}
-
-int config_parse_tunnel(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
- Network *network = userdata;
- NetDev *netdev;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- r = netdev_get(network->manager, rvalue, &netdev);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Tunnel is invalid, ignoring assignment: %s", rvalue);
- return 0;
- }
-
- if (!IN_SET(netdev->kind,
- NETDEV_KIND_IPIP,
- NETDEV_KIND_SIT,
- NETDEV_KIND_GRE,
- NETDEV_KIND_GRETAP,
- NETDEV_KIND_IP6GRE,
- NETDEV_KIND_IP6GRETAP,
- NETDEV_KIND_VTI,
- NETDEV_KIND_VTI6,
- NETDEV_KIND_IP6TNL)) {
- log_syntax(unit, LOG_ERR, filename, line, 0,
- "NetDev is not a tunnel, ignoring assignment: %s", rvalue);
- return 0;
- }
-
- r = hashmap_ensure_allocated(&network->stacked_netdevs, &string_hash_ops);
- if (r < 0)
- return log_oom();
+ return r;
- r = hashmap_put(network->stacked_netdevs, netdev->ifname, netdev);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Cannot add VLAN '%s' to network, ignoring: %m", rvalue);
- return 0;
+ r = ordered_set_put_strdup(*set, domain);
+ if (r < 0)
+ return log_oom();
}
- netdev_ref(netdev);
-
return 0;
}
void *userdata) {
AddressFamilyBoolean *link_local = data;
+ int r;
assert(filename);
assert(lvalue);
* config_parse_address_family_boolean(), except that it
* applies only to IPv4 */
- SET_FLAG(*link_local, ADDRESS_FAMILY_IPV4, parse_boolean(rvalue));
+ r = parse_boolean(rvalue);
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to parse %s=%s, ignoring assignment. "
+ "Note that the setting %s= is deprecated, please use LinkLocalAddressing= instead.",
+ lvalue, rvalue, lvalue);
+ return 0;
+ }
+
+ SET_FLAG(*link_local, ADDRESS_FAMILY_IPV4, r);
+
+ log_syntax(unit, LOG_WARNING, filename, line, 0,
+ "%s=%s is deprecated, please use LinkLocalAddressing=%s instead.",
+ lvalue, rvalue, address_family_boolean_to_string(*link_local));
return 0;
}
if (s < 0) {
/* Previously, we had a slightly different enum here,
- * support its values for compatbility. */
+ * support its values for compatibility. */
if (streq(rvalue, "none"))
s = ADDRESS_FAMILY_NO;
else if (streq(rvalue, "both"))
s = ADDRESS_FAMILY_YES;
else {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse DHCP option, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Failed to parse DHCP option, ignoring: %s", rvalue);
return 0;
}
+
+ log_syntax(unit, LOG_WARNING, filename, line, 0,
+ "DHCP=%s is deprecated, please use DHCP=%s instead.",
+ rvalue, address_family_boolean_to_string(s));
}
*dhcp = s;
};
DEFINE_PRIVATE_STRING_TABLE_LOOKUP_FROM_STRING(dhcp_client_identifier, DHCPClientIdentifier);
-DEFINE_CONFIG_PARSE_ENUM(config_parse_dhcp_client_identifier, dhcp_client_identifier, DHCPClientIdentifier, "Failed to parse client identifier type");
+DEFINE_CONFIG_PARSE_ENUM(config_parse_dhcp_client_identifier, dhcp_client_identifier, DHCPClientIdentifier,
+ "Failed to parse client identifier type");
int config_parse_ipv6token(
const char* unit,
r = in_addr_from_string(AF_INET6, rvalue, &buffer);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IPv6 token, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to parse IPv6 token, ignoring: %s", rvalue);
return 0;
}
if (in_addr_is_null(AF_INET6, &buffer)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "IPv6 token cannot be the ANY address, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "IPv6 token cannot be the ANY address, ignoring: %s", rvalue);
return 0;
}
if ((buffer.in6.s6_addr32[0] | buffer.in6.s6_addr32[1]) != 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "IPv6 token cannot be longer than 64 bits, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "IPv6 token cannot be longer than 64 bits, ignoring: %s", rvalue);
return 0;
}
if (streq(rvalue, "kernel"))
s = _IPV6_PRIVACY_EXTENSIONS_INVALID;
else {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IPv6 privacy extensions option, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Failed to parse IPv6 privacy extensions option, ignoring: %s", rvalue);
return 0;
}
}
return r;
if (!hostname_is_valid(hn, false)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Hostname is not valid, ignoring assignment: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Hostname is not valid, ignoring assignment: %s", rvalue);
return 0;
}
r = dns_name_is_valid(hn);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to check validity of hostname '%s', ignoring assignment: %m", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to check validity of hostname '%s', ignoring assignment: %m", rvalue);
return 0;
}
if (r == 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Hostname is not a valid DNS domain name, ignoring assignment: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Hostname is not a valid DNS domain name, ignoring assignment: %s", rvalue);
return 0;
}
return r;
if (!timezone_is_valid(tz, LOG_ERR)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Timezone is not valid, ignoring assignment: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Timezone is not valid, ignoring assignment: %s", rvalue);
return 0;
}
for (;;) {
_cleanup_free_ char *w = NULL;
- struct in_addr a, *m;
+ union in_addr_union a;
+ struct in_addr *m;
r = extract_first_word(&p, &w, NULL, 0);
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract word, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to extract word, ignoring: %s", rvalue);
return 0;
}
if (r == 0)
break;
- if (inet_pton(AF_INET, w, &a) <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse DNS server address, ignoring: %s", w);
+ r = in_addr_from_string(AF_INET, w, &a);
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to parse DNS server address '%s', ignoring assignment: %m", w);
continue;
}
if (!m)
return log_oom();
- m[n->n_dhcp_server_dns++] = a;
+ m[n->n_dhcp_server_dns++] = a.in;
n->dhcp_server_dns = m;
}
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract word, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to extract word, ignoring: %s", rvalue);
return 0;
}
if (r == 0)
n->router_dns = m;
} else
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse DNS server address, ignoring: %s", w);
-
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "Failed to parse DNS server address, ignoring: %s", w);
}
return 0;
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract word, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to extract word, ignoring: %s", rvalue);
return 0;
}
if (r == 0)
r = dns_name_apply_idna(w, &idna);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to apply IDNA to domain name '%s', ignoring: %m", w);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to apply IDNA to domain name '%s', ignoring: %m", w);
continue;
- }
- if (r > 0) {
- r = strv_push(&n->router_search_domains, idna);
- if (r >= 0)
- idna = NULL;
- } else {
- r = strv_push(&n->router_search_domains, w);
- if (r >= 0)
- w = NULL;
- }
+ } else if (r == 0)
+ /* transfer ownership to simplify subsequent operations */
+ idna = TAKE_PTR(w);
+
+ r = ordered_set_ensure_allocated(&n->router_search_domains, &string_hash_ops);
+ if (r < 0)
+ return r;
+
+ r = ordered_set_consume(n->router_search_domains, TAKE_PTR(idna));
+ if (r < 0)
+ return r;
}
return 0;
for (;;) {
_cleanup_free_ char *w = NULL;
- struct in_addr a, *m;
+ union in_addr_union a;
+ struct in_addr *m;
r = extract_first_word(&p, &w, NULL, 0);
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract word, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to extract word, ignoring: %s", rvalue);
return 0;
}
if (r == 0)
return 0;
- if (inet_pton(AF_INET, w, &a) <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse NTP server address, ignoring: %s", w);
+ r = in_addr_from_string(AF_INET, w, &a);
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to parse NTP server address '%s', ignoring: %m", w);
continue;
}
if (!m)
return log_oom();
- m[n->n_dhcp_server_ntp++] = a;
+ m[n->n_dhcp_server_ntp++] = a.in;
n->dhcp_server_ntp = m;
}
}
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Invalid syntax, ignoring: %s", rvalue);
break;
}
if (r == 0)
r = in_addr_from_string_auto(w, &family, &a);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse dns server address, ignoring: %s", w);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to parse dns server address, ignoring: %s", w);
continue;
}
r = extract_first_word(&p, &w, NULL, 0);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract negative trust anchor domain, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to extract negative trust anchor domain, ignoring: %s", rvalue);
break;
}
if (r == 0)
r = dns_name_is_valid(w);
if (r <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "%s is not a valid domain name, ignoring.", w);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "%s is not a valid domain name, ignoring.", w);
continue;
}
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract NTP server name, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to extract NTP server name, ignoring: %s", rvalue);
break;
}
if (r == 0)
r = dns_name_is_valid_or_address(w);
if (r <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "%s is not a valid domain name or IP address, ignoring.", w);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "%s is not a valid domain name or IP address, ignoring.", w);
continue;
}
- r = strv_push(l, w);
+ if (strv_length(*l) > MAX_NTP_SERVERS) {
+ log_syntax(unit, LOG_WARNING, filename, line, 0,
+ "More than %u NTP servers specified, ignoring \"%s\" and any subsequent entries.",
+ MAX_NTP_SERVERS, w);
+ break;
+ }
+
+ r = strv_consume(l, TAKE_PTR(w));
if (r < 0)
return log_oom();
-
- w = NULL;
}
return 0;
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to split user classes option, ignoring: %s", rvalue);
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to split user classes option, ignoring: %s", rvalue);
break;
}
if (r == 0)
break;
if (strlen(w) > 255) {
- log_syntax(unit, LOG_ERR, filename, line, r, "%s length is not in the range 1-255, ignoring.", w);
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "%s length is not in the range 1-255, ignoring.", w);
continue;
}
return 0;
}
-int config_parse_dhcp_route_table(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
+int config_parse_section_route_table(
+ const char *unit,
+ const char *filename,
+ unsigned line,
+ const char *section,
+ unsigned section_line,
+ const char *lvalue,
+ int ltype,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
Network *network = data;
uint32_t rt;
int r;
r = safe_atou32(rvalue, &rt);
if (r < 0) {
log_syntax(unit, LOG_ERR, filename, line, r,
- "Unable to read RouteTable, ignoring assignment: %s", rvalue);
+ "Failed to parse RouteTable=%s, ignoring assignment: %m", rvalue);
return 0;
}
- network->dhcp_route_table = rt;
- network->dhcp_route_table_set = true;
+ if (streq_ptr(section, "DHCP")) {
+ network->dhcp_route_table = rt;
+ network->dhcp_route_table_set = true;
+ } else { /* section is IPv6AcceptRA */
+ network->ipv6_accept_ra_route_table = rt;
+ network->ipv6_accept_ra_route_table_set = true;
+ }
return 0;
}
-DEFINE_CONFIG_PARSE_ENUM(config_parse_dhcp_use_domains, dhcp_use_domains, DHCPUseDomains, "Failed to parse DHCP use domains setting");
+int config_parse_dhcp_max_attempts(
+ const char *unit,
+ const char *filename,
+ unsigned line,
+ const char *section,
+ unsigned section_line,
+ const char *lvalue,
+ int ltype,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ Network *network = data;
+ uint64_t a;
+ int r;
+
+ assert(network);
+ assert(lvalue);
+ assert(rvalue);
+
+ if (isempty(rvalue)) {
+ network->dhcp_max_attempts = 0;
+ return 0;
+ }
+
+ if (streq(rvalue, "infinity")) {
+ network->dhcp_max_attempts = (uint64_t) -1;
+ return 0;
+ }
+
+ r = safe_atou64(rvalue, &a);
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to parse DHCP maximum attempts, ignoring: %s", rvalue);
+ return 0;
+ }
+
+ if (a == 0) {
+ log_syntax(unit, LOG_ERR, filename, line, 0,
+ "%s= must be positive integer or 'infinity', ignoring: %s", lvalue, rvalue);
+ return 0;
+ }
+
+ network->dhcp_max_attempts = a;
+
+ return 0;
+}
+
+int config_parse_dhcp_black_listed_ip_address(
+ const char *unit,
+ const char *filename,
+ unsigned line,
+ const char *section,
+ unsigned section_line,
+ const char *lvalue,
+ int ltype,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ Network *network = data;
+ const char *p;
+ int r;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if (isempty(rvalue)) {
+ network->dhcp_black_listed_ip = set_free(network->dhcp_black_listed_ip);
+ return 0;
+ }
+
+ for (p = rvalue;;) {
+ _cleanup_free_ char *n = NULL;
+ union in_addr_union ip;
+
+ r = extract_first_word(&p, &n, NULL, 0);
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to parse DHCP black listed ip address, ignoring assignment: %s",
+ rvalue);
+ return 0;
+ }
+ if (r == 0)
+ return 0;
+
+ r = in_addr_from_string(AF_INET, n, &ip);
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "DHCP black listed ip address is invalid, ignoring assignment: %s", n);
+ continue;
+ }
+
+ r = set_ensure_allocated(&network->dhcp_black_listed_ip, NULL);
+ if (r < 0)
+ return log_oom();
+
+ r = set_put(network->dhcp_black_listed_ip, UINT32_TO_PTR(ip.in.s_addr));
+ if (r < 0)
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to store DHCP black listed ip address '%s', ignoring assignment: %m", n);
+ }
+
+ return 0;
+}
+
+DEFINE_CONFIG_PARSE_ENUM(config_parse_dhcp_use_domains, dhcp_use_domains, DHCPUseDomains,
+ "Failed to parse DHCP use domains setting");
static const char* const dhcp_use_domains_table[_DHCP_USE_DOMAINS_MAX] = {
[DHCP_USE_DOMAINS_NO] = "no",
DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dhcp_use_domains, DHCPUseDomains, DHCP_USE_DOMAINS_YES);
-DEFINE_CONFIG_PARSE_ENUM(config_parse_lldp_mode, lldp_mode, LLDPMode, "Failed to parse LLDP= setting.");
-
-static const char* const lldp_mode_table[_LLDP_MODE_MAX] = {
- [LLDP_MODE_NO] = "no",
- [LLDP_MODE_YES] = "yes",
- [LLDP_MODE_ROUTERS_ONLY] = "routers-only",
-};
-
-DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(lldp_mode, LLDPMode, LLDP_MODE_YES);
-
int config_parse_iaid(const char *unit,
const char *filename,
unsigned line,
return 0;
}
+
+int config_parse_required_for_online(
+ const char *unit,
+ const char *filename,
+ unsigned line,
+ const char *section,
+ unsigned section_line,
+ const char *lvalue,
+ int ltype,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ Network *network = data;
+ LinkOperationalState s;
+ bool required = true;
+ int r;
+
+ if (isempty(rvalue)) {
+ network->required_for_online = true;
+ network->required_operstate_for_online = LINK_OPERSTATE_DEGRADED;
+ return 0;
+ }
+
+ s = link_operstate_from_string(rvalue);
+ if (s < 0) {
+ r = parse_boolean(rvalue);
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, r,
+ "Failed to parse %s= setting, ignoring assignment: %s",
+ lvalue, rvalue);
+ return 0;
+ }
+
+ required = r;
+ s = LINK_OPERSTATE_DEGRADED;
+ }
+
+ network->required_for_online = required;
+ network->required_operstate_for_online = s;
+
+ return 0;
+}