| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Not all possible DNS names will survive serialization. Restrict the set
of valid dns names to LDH encoded names.
Fixes: 25c33e350042 (network: parse RFC9463 DHCPv4 DNR option, 2024-01-16)
Fixes: a07e83cc58f6 (network: Parse RFC9463 DHCPv6 DNR option, 2024-01-17)
Fixes: 0c90d1d2f243 (ndisc: Parse RFC9463 encrypted DNS (DNR) option, 2024-01-19)
|
|
|
|
| |
Fixes: 3fd6708cde0f (network: Serialize DNR servers)
|
|
|
|
| |
(#34893)
|
|\
| |
| |
| |
| | |
yuwata/network-dhcpv6-do-not-request-ia-pd-on-info-req
network/dhcp6: do not request IA_PD on information requesting mode
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts the following commits:
- 180cc5421d9712fb95a6bbc725dc8ba459360c8b
"sd-dhcp6-client: allow to request IA_PD on information requesting mode"
- cf7a403e470368049165ecff7ac7686928778d7c
"sd-dhcp6-lease: adjust information refresh time with lifetime of IA_PD"
- 1918eda30d12e1ba3ee55921c18ec53267463e24
"network/dhcp6: process hostname and IA_PD on information requesting mode"
As per discussion in #34299,
https://github.com/systemd/systemd/issues/34299#issuecomment-2425153221
the offending commits violate RFC 8415 section 18.2.6:
> The client uses an Information-request message to obtain
> configuration information without having addresses and/or delegated
> prefixes assigned to it.
|
|\ \
| |/
|/| |
RFC9463: Discovery of Network-designated Resolvers
|
| |
| |
| |
| |
| | |
This duplicates the svc param constants for the benefit of the
resolved-core library.
|
| |
| |
| |
| | |
This is only used by the fuzzer so far.
|
| | |
|
| |
| |
| |
| | |
This option is equivalent to the V4/V6 DNR options for DHCP.
|
| |
| |
| |
| | |
This is equivalent to the DHCPv4 option introduced earlier.
|
| |
| |
| |
| |
| | |
Implement the parsing for V6_DNR DHCPv6 option. This does the same as
the DHCP V4_DNR option.
|
| |
| |
| |
| |
| | |
Convert some of the option parsing to use dns_name_from_wire_format,
introduced earlier. No change in behavior intended.
|
| |
| |
| |
| |
| |
| | |
The encoded fqdn in this option must be properly terminated. We will
soon validate that this field is correctly encoded, so correct it in the
test.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Implement serialization/deserialization for DNR servers. This re-uses
the string format in place for user configuration of DoT servers, and as
a consequence non-DoT servers are discarded when recording the link
configuration, for correctness.
This also enables sd-resolved to use these servers as it would other DNS
servers.
|
| |
| |
| |
| |
| | |
For now only DoT is supported, so DoT resolvers are represented using
the existing configuration format.
|
| |
| |
| |
| |
| |
| |
| |
| | |
This option is another way for DHCP servers to indicate preferred DNS
servers for the network, but includes more detailed info like the server
name, transport (DoT/DoH/DoQ etc.), and port.
Allow our DHCPv4 client to parse this option.
|
| |
| |
| |
| | |
For the case when IRT is too large but lifetime of IA_PD is too short.
|
| |
| |
| |
| | |
To support RFC 7084, WPD-4.
|
| | |
|
| |
| |
| |
| |
| |
| | |
NDisc options
No effective functional change, just refactoring.
|
| |
| |
| |
| |
| |
| |
| | |
interface types
This should fix QMI wwan modems, as noted in
https://github.com/systemd/systemd/issues/27219
|
| | |
|
| | |
|
| | |
|
|/
|
|
|
|
|
| |
When a network is busy, an ARP may be received before the timer event
source triggered first time.
Fixes #34489.
|
|
|
|
|
|
|
|
| |
This way we don't have to pull in net/if.h into format-util.h.
This is supposed to address https://github.com/systemd/systemd/pull/32212#discussion_r1755639881
No actual code changes, just a .c/.h file split-up.
|
|
|
|
| |
Now we have ipv6.h, hence the definition is not necessary anymore.
|
| |
|
|
|
|
|
| |
client_stop() sets DHCP_STATE_STOPPED to client->state, thus the server
never restarted.
|
|
|
|
|
|
| |
Otherwise, even the acquired lease is released, the client may be in
e.g. BOUND state or so, and may send renew or rebind after timeout
later.
|
|
|
|
|
|
|
|
| |
is stopped or so
We can easily hit the assertions without checking the internal states of
the DHCP client before calling these functions. That's annoying.
Let's do more gracefully.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
already stopped
When an interface enters the failed state, even if the DHCP client is
stopped, the acquired DHCP lease is not unreferenced, as the callback
dhcp4_handler() do nothing in that case. When the failed interface is
being reconfigured after that, the DHCP client is stopped again
(though it is already stopped), and SD_DHCP_CLIENT_EVENT_STOP event is
triggered and sd_dhcp_client_send_release() is called, and the
assertion in the function is triggered.
E.g.
===
systemd-networkd[98588]: wlp59s0: DHCPv4 address 192.168.86.250/24, gateway 192.168.86.1 acquired from 192.168.86.1
systemd-networkd[98588]: wlp59s0: Could not set DHCPv4 route: Nexthop has invalid gateway. Network is unreachable
systemd-networkd[98588]: wlp59s0: Failed
systemd-networkd[98588]: wlp59s0: State changed: configuring -> failed
systemd-networkd[98588]: wlp59s0: The interface entered the failed state frequently, refusing to reconfigure it automatically.
systemd-networkd[98588]: wlp59s0: DHCPv4 client: STOPPED
systemd-networkd[98588]: wlp59s0: DHCPv4 client: State changed: bound -> stopped
systemd-networkd[98588]: Got message type=method_call sender=:1.449 destination=org.freedesktop.network1 path=/org/freedesktop/network1 interface=org.freedesktop.network1.Manager member=ReconfigureLink ...
systemd-networkd[98588]: wlp59s0: State changed: failed -> initialized
systemd-networkd[98588]: wlp59s0: found matching network '/etc/systemd/network/50-wifi.network'.
systemd-networkd[98588]: wlp59s0: Configuring with /etc/systemd/network/50-wifi.network.
systemd-networkd[98588]: wlp59s0: DHCPv4 client: STOPPED
systemd-networkd[98588]: Assertion 'sd_dhcp_client_is_running(client)' failed at src/libsystemd-network/sd-dhcp-client.c:2197, function sd_dhcp_client_send_release(). Aborting.
===
|
|\
| |
| | |
network: make IPMasquerade= imply global IP forwarding settings again
|
| | |
|
|/ |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is preparation for making our Varlink API a public API. Since our
Varlink API is built on top of our JSON API we need to make that public
first (it's a nice API, but JSON APIs there are already enough, this is
purely about the Varlink angle).
I made most of the json.h APIs public, and just placed them in
sd-json.h. Sometimes I wasn't so sure however, since the underlying data
structures would have to be made public too. If in doubt I didn#t risk
it, and moved the relevant API to src/libsystemd/sd-json/json-util.h
instead (without any sd_* symbol prefixes).
This is mostly a giant search/replace patch.
|
|
|
|
|
|
|
|
|
| |
I do not think this is necessary, but all other places in
libsystemd-network we clear buffer before receive. Without this,
Coverity warns about use-of-uninitialized-values.
Let's silence Coverity.
Closes CID#1469721.
|
|
|
|
|
|
|
|
|
| |
If we received RA with no flags set, or with an invalid preference,
previously "(null)" was printed.
Follow-up for 238ed432c347ddf7dde7825feb2672b089583103.
Fixes https://github.com/systemd/systemd/pull/32308#discussion_r1600940289.
|
|
|
|
| |
Fixes https://github.com/systemd/systemd/pull/32932#issuecomment-2120424121.
|
|\
| |
| | |
Check packet size in libsystemd-network
|
| |
| |
| |
| |
| |
| | |
icmp6-util-linux.c sounds like a specialized implementation of the functions in
icmp6-util.c. But it's just a set of stub versions used in tests. Rename the
file to make this more obvious.
|
| |
| |
| |
| |
| | |
We generally use a flat list. The switch stmt was generating excessive
indentation.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Coverity was complaining that we use the received packet size as a loop bound
without checking. This is indeed a bit iffy, because depending on how the host
is configured, the packet could be rather large. Let's refuse anything more
than the standard size early to prevent suspicious activity.
Resolves coverity CID#1534892, CID#1543949.
|
| | |
|
|/
|
|
|
| |
We want to eanble running tests as part of the build, but
our builds run in VMs with networking disabled.
|