network: ndisc: do not drop all prefixes when a prefix matches a blacklist

Fixes #13767.

diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c
index 49ef022e32cfbe4e87954dcb08ba3e0ea35ea838..402d1acd4b2981c892681d240572e34981ec0539 100644 (file)
--- a/src/network/networkd-ndisc.c
+++ b/src/network/networkd-ndisc.c
@@ -546,6 +546,7 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) {
         int r;
 
         assert(link);
+        assert(link->network);
         assert(rt);
 
         r = sd_ndisc_router_option_rewind(rt);
@@ -564,8 +565,24 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) {
                 switch (type) {
 
                 case SD_NDISC_OPTION_PREFIX_INFORMATION: {
+                        union in_addr_union a;
                         uint8_t flags;
 
+                        r = sd_ndisc_router_prefix_get_address(rt, &a.in6);
+                        if (r < 0)
+                                return log_link_error_errno(link, r, "Failed to get prefix address: %m");
+
+                        if (set_contains(link->network->ndisc_black_listed_prefix, &a.in6)) {
+                                if (DEBUG_LOGGING) {
+                                        _cleanup_free_ char *b = NULL;
+
+                                        (void) in_addr_to_string(AF_INET6, &a, &b);
+                                        log_link_debug(link, "Prefix '%s' is black listed, ignoring", strna(b));
+                                }
+
+                                break;
+                        }
+
                         r = sd_ndisc_router_prefix_get_flags(rt, &flags);
                         if (r < 0)
                                 return log_link_warning_errno(link, r, "Failed to get RA prefix flags: %m");
@@ -602,46 +619,6 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) {
         return 0;
 }
 
-static int ndisc_prefix_is_black_listed(Link *link, sd_ndisc_router *rt) {
-        int r;
-
-        assert(link);
-        assert(link->network);
-        assert(rt);
-
-        for (r = sd_ndisc_router_option_rewind(rt); ; r = sd_ndisc_router_option_next(rt)) {
-                union in_addr_union a;
-                uint8_t type;
-
-                if (r < 0)
-                        return log_link_warning_errno(link, r, "Failed to iterate through options: %m");
-                if (r == 0) /* EOF */
-                        return false;
-
-                r = sd_ndisc_router_option_get_type(rt, &type);
-                if (r < 0)
-                        return log_link_warning_errno(link, r, "Failed to get RA option type: %m");
-
-                if (type != SD_NDISC_OPTION_PREFIX_INFORMATION)
-                        continue;
-
-                r = sd_ndisc_router_prefix_get_address(rt, &a.in6);
-                if (r < 0)
-                        return log_link_error_errno(link, r, "Failed to get prefix address: %m");
-
-                if (set_contains(link->network->ndisc_black_listed_prefix, &a.in6)) {
-                        if (DEBUG_LOGGING) {
-                                _cleanup_free_ char *b = NULL;
-
-                                (void) in_addr_to_string(AF_INET6, &a, &b);
-                                log_link_debug(link, "Prefix '%s' is black listed, ignoring", strna(b));
-                        }
-
-                        return true;
-                }
-        }
-}
-
 static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) {
         uint64_t flags;
         int r;
@@ -666,10 +643,8 @@ static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) {
                 }
         }
 
-        if (ndisc_prefix_is_black_listed(link, rt) == 0) {
-                (void) ndisc_router_process_default(link, rt);
-                (void) ndisc_router_process_options(link, rt);
-        }
+        (void) ndisc_router_process_default(link, rt);
+        (void) ndisc_router_process_options(link, rt);
 
         return r;
 }