diff options
author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2023-12-15 00:34:37 +0100 |
---|---|---|
committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2023-12-20 20:22:46 +0100 |
commit | 84ec2fdaf3f3f41097fe0eddba5614a27f330b5f (patch) | |
tree | 1900990f6c095dfa8d4729b8d06cfa9e14aadae3 /src/network | |
parent | network/nexthop: fix wrong verification (diff) | |
download | systemd-84ec2fdaf3f3f41097fe0eddba5614a27f330b5f.tar.xz systemd-84ec2fdaf3f3f41097fe0eddba5614a27f330b5f.zip |
network/nexthop: check if on-link is not enabled for group or blackhole nexthop
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/networkd-nexthop.c | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/src/network/networkd-nexthop.c b/src/network/networkd-nexthop.c index 5a1d90eadb..ad63a73161 100644 --- a/src/network/networkd-nexthop.c +++ b/src/network/networkd-nexthop.c @@ -1023,15 +1023,29 @@ static int nexthop_section_verify(NextHop *nh) { "%s: nexthop group cannot be a blackhole. " "Ignoring [NextHop] section from line %u.", nh->section->filename, nh->section->line); + + if (nh->onlink > 0) + return log_warning_errno(SYNTHETIC_ERRNO(EINVAL), + "%s: nexthop group cannot have on-link flag. " + "Ignoring [NextHop] section from line %u.", + nh->section->filename, nh->section->line); } else if (nh->family == AF_UNSPEC) /* When neither Family=, Gateway=, nor Group= is specified, assume IPv4. */ nh->family = AF_INET; - if (nh->blackhole && in_addr_is_set(nh->family, &nh->gw)) - return log_warning_errno(SYNTHETIC_ERRNO(EINVAL), - "%s: blackhole nexthop cannot have gateway address. " - "Ignoring [NextHop] section from line %u.", - nh->section->filename, nh->section->line); + if (nh->blackhole) { + if (in_addr_is_set(nh->family, &nh->gw)) + return log_warning_errno(SYNTHETIC_ERRNO(EINVAL), + "%s: blackhole nexthop cannot have gateway address. " + "Ignoring [NextHop] section from line %u.", + nh->section->filename, nh->section->line); + + if (nh->onlink > 0) + return log_warning_errno(SYNTHETIC_ERRNO(EINVAL), + "%s: blackhole nexthop cannot have on-link flag. " + "Ignoring [NextHop] section from line %u.", + nh->section->filename, nh->section->line); + } if (nh->onlink < 0 && in_addr_is_set(nh->family, &nh->gw) && ordered_hashmap_isempty(nh->network->addresses_by_section)) { |