summaryrefslogtreecommitdiff
path: root/src/libsystemd-network
diff options
context:
space:
mode:
authorThomas Haller <thaller@redhat.com>2018-12-14 16:25:01 +0100
committerThomas Haller <thaller@redhat.com>2019-02-18 13:34:22 +0100
commit072320eab04d29247d7eb1b1fc32ae10e25c020f (patch)
tree3427c60c7b495eedb22b95d33bad673411b944b1 /src/libsystemd-network
parentf8862395e8f802e4106a07ceaaf02b6a1faa5a6d (diff)
downloadsystemd-072320eab04d29247d7eb1b1fc32ae10e25c020f.tar.gz
dhcp: move filtering of bogus DNS/NTP addresses out of DHCP client
The DHCP client should not pre-filter addresses beyond what RFC requires. If a client's user (like networkd) wishes to skip/filter certain addresses, it's their responsibility. The point of this is that the DHCP library does not hide/abstract information that might be relevant for certain users. For example, NetworkManager exposes DHCP options in its API. When doing that, the options should be close to the actual lease. This is related to commit d9ec2e632df4905201facf76d6a205edc952116a (dhcp4: filter bogus DNS/NTP server addresses silently).
Diffstat (limited to 'src/libsystemd-network')
-rw-r--r--src/libsystemd-network/network-internal.c27
-rw-r--r--src/libsystemd-network/network-internal.h6
-rw-r--r--src/libsystemd-network/sd-dhcp-lease.c34
3 files changed, 33 insertions, 34 deletions
diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c
index 221c83df56..465a6f6f03 100644
--- a/src/libsystemd-network/network-internal.c
+++ b/src/libsystemd-network/network-internal.c
@@ -414,16 +414,31 @@ int config_parse_bridge_port_priority(
return 0;
}
-void serialize_in_addrs(FILE *f, const struct in_addr *addresses, size_t size) {
- unsigned i;
+size_t serialize_in_addrs(FILE *f,
+ const struct in_addr *addresses,
+ size_t size,
+ bool with_leading_space,
+ bool (*predicate)(const struct in_addr *addr)) {
+ size_t count;
+ size_t i;
assert(f);
assert(addresses);
- assert(size);
- for (i = 0; i < size; i++)
- fprintf(f, "%s%s", inet_ntoa(addresses[i]),
- (i < (size - 1)) ? " ": "");
+ count = 0;
+
+ for (i = 0; i < size; i++) {
+ if (predicate && !predicate(&addresses[i]))
+ continue;
+ if (with_leading_space)
+ fputc(' ', f);
+ else
+ with_leading_space = true;
+ fputs(inet_ntoa(addresses[i]), f);
+ count++;
+ }
+
+ return count;
}
int deserialize_in_addrs(struct in_addr **ret, const char *string) {
diff --git a/src/libsystemd-network/network-internal.h b/src/libsystemd-network/network-internal.h
index 0c8da848c1..12c303b1e0 100644
--- a/src/libsystemd-network/network-internal.h
+++ b/src/libsystemd-network/network-internal.h
@@ -40,7 +40,11 @@ CONFIG_PARSER_PROTOTYPE(config_parse_bridge_port_priority);
int net_get_unique_predictable_data(sd_device *device, uint64_t *result);
const char *net_get_name(sd_device *device);
-void serialize_in_addrs(FILE *f, const struct in_addr *addresses, size_t size);
+size_t serialize_in_addrs(FILE *f,
+ const struct in_addr *addresses,
+ size_t size,
+ bool with_leading_space,
+ bool (*predicate)(const struct in_addr *addr));
int deserialize_in_addrs(struct in_addr **addresses, const char *string);
void serialize_in6_addrs(FILE *f, const struct in6_addr *addresses,
size_t size);
diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c
index 406188c5c6..8f179f9708 100644
--- a/src/libsystemd-network/sd-dhcp-lease.c
+++ b/src/libsystemd-network/sd-dhcp-lease.c
@@ -371,24 +371,7 @@ static int lease_parse_domain(const uint8_t *option, size_t len, char **ret) {
return 0;
}
-static void filter_bogus_addresses(struct in_addr *addresses, size_t *n) {
- size_t i, j;
-
- /* Silently filter DNS/NTP servers supplied to us that do not make outside of the local scope. */
-
- for (i = 0, j = 0; i < *n; i ++) {
-
- if (in4_addr_is_null(addresses+i) ||
- in4_addr_is_localhost(addresses+i))
- continue;
-
- addresses[j++] = addresses[i];
- }
-
- *n = j;
-}
-
-static int lease_parse_in_addrs(const uint8_t *option, size_t len, bool filter_bogus, struct in_addr **ret, size_t *n_ret) {
+static int lease_parse_in_addrs(const uint8_t *option, size_t len, struct in_addr **ret, size_t *n_ret) {
assert(option);
assert(ret);
assert(n_ret);
@@ -409,9 +392,6 @@ static int lease_parse_in_addrs(const uint8_t *option, size_t len, bool filter_b
if (!addresses)
return -ENOMEM;
- if (filter_bogus)
- filter_bogus_addresses(addresses, &n_addresses);
-
free(*ret);
*ret = addresses;
*n_ret = n_addresses;
@@ -556,19 +536,19 @@ int dhcp_lease_parse_options(uint8_t code, uint8_t len, const void *option, void
break;
case SD_DHCP_OPTION_ROUTER:
- r = lease_parse_in_addrs(option, len, false, &lease->router, &lease->router_size);
+ r = lease_parse_in_addrs(option, len, &lease->router, &lease->router_size);
if (r < 0)
log_debug_errno(r, "Failed to parse router addresses, ignoring: %m");
break;
case SD_DHCP_OPTION_DOMAIN_NAME_SERVER:
- r = lease_parse_in_addrs(option, len, true, &lease->dns, &lease->dns_size);
+ r = lease_parse_in_addrs(option, len, &lease->dns, &lease->dns_size);
if (r < 0)
log_debug_errno(r, "Failed to parse DNS server, ignoring: %m");
break;
case SD_DHCP_OPTION_NTP_SERVER:
- r = lease_parse_in_addrs(option, len, true, &lease->ntp, &lease->ntp_size);
+ r = lease_parse_in_addrs(option, len, &lease->ntp, &lease->ntp_size);
if (r < 0)
log_debug_errno(r, "Failed to parse NTP server, ignoring: %m");
break;
@@ -865,7 +845,7 @@ int dhcp_lease_save(sd_dhcp_lease *lease, const char *lease_file) {
r = sd_dhcp_lease_get_router(lease, &addresses);
if (r > 0) {
fputs("ROUTER=", f);
- serialize_in_addrs(f, addresses, r);
+ serialize_in_addrs(f, addresses, r, false, NULL);
fputc('\n', f);
}
@@ -900,14 +880,14 @@ int dhcp_lease_save(sd_dhcp_lease *lease, const char *lease_file) {
r = sd_dhcp_lease_get_dns(lease, &addresses);
if (r > 0) {
fputs("DNS=", f);
- serialize_in_addrs(f, addresses, r);
+ serialize_in_addrs(f, addresses, r, false, NULL);
fputc('\n', f);
}
r = sd_dhcp_lease_get_ntp(lease, &addresses);
if (r > 0) {
fputs("NTP=", f);
- serialize_in_addrs(f, addresses, r);
+ serialize_in_addrs(f, addresses, r, false, NULL);
fputc('\n', f);
}
View Lorry Controller Status