Compare commits
10 Commits
a733569e39
...
c3cc561d9f
Author | SHA1 | Date |
---|---|---|
Yu Watanabe | c3cc561d9f | |
Yu Watanabe | bab2a46912 | |
Yu Watanabe | 97e002effe | |
Yu Watanabe | c471cb4883 | |
Yu Watanabe | a84a33f302 | |
Yu Watanabe | 07fa6897e2 | |
Yu Watanabe | fb1db600fb | |
Yu Watanabe | 9671efff78 | |
Yu Watanabe | 4f0bc2582e | |
Yu Watanabe | 3292120adf |
4
NEWS
4
NEWS
|
@ -94,7 +94,7 @@ CHANGES WITH 257 in spe:
|
|||
/usr/lib/clock-epoch, and /var/lib/systemd/timesync/clock. See
|
||||
systemd(1) for an detailed updated description.
|
||||
|
||||
* Ctrl-Alt-Delete is reenabled during late shutdown, so that the user
|
||||
* Ctrl-Alt-Delete is re-enabled during late shutdown, so that the user
|
||||
can still initiate a reboot if the system freezes.
|
||||
|
||||
* Unit option PrivateUsers=identity can be used to request a user
|
||||
|
@ -211,7 +211,7 @@ CHANGES WITH 257 in spe:
|
|||
versions.
|
||||
|
||||
* systemd-sysupdate gained a new --transfer-source= option to set the
|
||||
directory to which transfer sources cofigured with
|
||||
directory to which transfer sources configured with
|
||||
PathRelativeTo=explicit will be interpreted.
|
||||
|
||||
Miscellaneous:
|
||||
|
|
|
@ -115,7 +115,7 @@
|
|||
result can be pre-calculated without too much effort. The <literal>.pcrsig</literal> section is not
|
||||
included in this PCR measurement, since it is supposed to contain signatures for the output of the
|
||||
measurement operation, and thus cannot also be input to it. If an UKI contains multiple profiles, only
|
||||
the PE sections of the selected profile (and those of the base profile, except if overriden) are
|
||||
the PE sections of the selected profile (and those of the base profile, except if overridden) are
|
||||
measured.</para>
|
||||
|
||||
<para>If non-zero, the selected numeric profile is measured into PCR 12.</para>
|
||||
|
|
|
@ -6243,22 +6243,22 @@ Name=enp1s0
|
|||
[Network]
|
||||
DHCP=ipv6
|
||||
|
||||
# The below setting is optional, to also assign an address in the delegated prefix
|
||||
# to the upstream interface. If not necessary, then comment out the line below and
|
||||
# the [DHCPPrefixDelegation] section.
|
||||
DHCPPrefixDelegation=yes
|
||||
# The lines below are optional, to also assign an address in the delegated prefix
|
||||
# to the upstream interface. Uncomment the lines below if necessary.
|
||||
#[Network]
|
||||
#DHCPPrefixDelegation=yes
|
||||
#[DHCPPrefixDelegation]
|
||||
#UplinkInterface=:self
|
||||
#SubnetId=0
|
||||
#Announce=no
|
||||
|
||||
# If the upstream network provides Router Advertisement with Managed bit set,
|
||||
# then comment out the line below and WithoutRA= setting in the [DHCPv6] section.
|
||||
IPv6AcceptRA=no
|
||||
|
||||
[DHCPv6]
|
||||
WithoutRA=solicit
|
||||
|
||||
[DHCPPrefixDelegation]
|
||||
UplinkInterface=:self
|
||||
SubnetId=0
|
||||
Announce=no</programlisting>
|
||||
# If the upstream network does not provides any Router Advertisement (RA) messages
|
||||
# or provides an RA with both Managed and Other-information bits unset, then
|
||||
# uncomment the lines below.
|
||||
#[Network]
|
||||
#IPv6AcceptRA=no
|
||||
#[DHCPv6]
|
||||
#WithoutRA=solicit</programlisting>
|
||||
|
||||
<programlisting># /etc/systemd/network/55-dhcpv6-pd-downstream.network
|
||||
[Match]
|
||||
|
|
|
@ -767,6 +767,14 @@ int dhcp6_client_send_message(sd_dhcp6_client *client) {
|
|||
|
||||
switch (client->state) {
|
||||
case DHCP6_STATE_INFORMATION_REQUEST:
|
||||
/* RFC 7084 section 4.2 (https://datatracker.ietf.org/doc/html/rfc7084#section-4.2)
|
||||
* WPD-4: By default, the IPv6 CE router MUST initiate DHCPv6 prefix delegation when either
|
||||
* the M or O flags are set to 1 in a received Router Advertisement (RA) message. */
|
||||
if (FLAGS_SET(client->request_ia, DHCP6_REQUEST_IA_PD)) {
|
||||
r = dhcp6_option_append_ia(&buf, &offset, (client->lease ? client->lease->ia_pd : NULL) ?: &client->ia_pd);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
break;
|
||||
|
||||
case DHCP6_STATE_SOLICITATION:
|
||||
|
|
|
@ -71,6 +71,32 @@ static void dhcp6_lease_set_lifetime(sd_dhcp6_lease *lease) {
|
|||
lease->lifetime_t2 = t2;
|
||||
}
|
||||
|
||||
static void dhcp6_client_set_information_refresh_time(sd_dhcp6_client *client, sd_dhcp6_lease *lease, usec_t irt) {
|
||||
usec_t t1 = USEC_INFINITY, t2 = USEC_INFINITY, min_valid_lt = USEC_INFINITY;
|
||||
|
||||
if (lease->ia_pd) {
|
||||
t1 = be32_sec_to_usec(lease->ia_pd->header.lifetime_t1, /* max_as_infinity = */ true);
|
||||
t2 = be32_sec_to_usec(lease->ia_pd->header.lifetime_t2, /* max_as_infinity = */ true);
|
||||
|
||||
LIST_FOREACH(addresses, a, lease->ia_pd->addresses)
|
||||
min_valid_lt = MIN(min_valid_lt, be32_sec_to_usec(a->iapdprefix.lifetime_valid, /* max_as_infinity = */ true));
|
||||
|
||||
if (t2 == 0 || t2 > min_valid_lt) {
|
||||
/* If T2 is zero or longer than the minimum valid lifetime of the prefixes,
|
||||
* then adjust lifetime with it. */
|
||||
t1 = min_valid_lt / 2;
|
||||
t2 = min_valid_lt / 10 * 8;
|
||||
}
|
||||
|
||||
/* Adjust the received information refresh time with T1. */
|
||||
irt = MIN(irt, t1);
|
||||
}
|
||||
|
||||
client->information_refresh_time_usec = MAX(irt, IRT_MINIMUM);
|
||||
log_dhcp6_client(client, "New information request will be refused in %s.",
|
||||
FORMAT_TIMESPAN(client->information_refresh_time_usec, USEC_PER_SEC));
|
||||
}
|
||||
|
||||
#define DEFINE_GET_TIME_FUNCTIONS(name, val) \
|
||||
int sd_dhcp6_lease_get_##name( \
|
||||
sd_dhcp6_lease *lease, \
|
||||
|
@ -763,18 +789,12 @@ static int dhcp6_lease_parse_message(
|
|||
continue;
|
||||
}
|
||||
|
||||
dhcp6_ia_free(lease->ia_na);
|
||||
lease->ia_na = TAKE_PTR(ia);
|
||||
free_and_replace_full(lease->ia_na, ia, dhcp6_ia_free);
|
||||
break;
|
||||
}
|
||||
case SD_DHCP6_OPTION_IA_PD: {
|
||||
_cleanup_(dhcp6_ia_freep) DHCP6IA *ia = NULL;
|
||||
|
||||
if (client->state == DHCP6_STATE_INFORMATION_REQUEST) {
|
||||
log_dhcp6_client(client, "Ignoring IA PD option in information requesting mode.");
|
||||
break;
|
||||
}
|
||||
|
||||
r = dhcp6_option_parse_ia(client, client->ia_pd.header.id, optcode, optlen, optval, &ia);
|
||||
if (r == -ENOMEM)
|
||||
return log_oom_debug();
|
||||
|
@ -788,8 +808,7 @@ static int dhcp6_lease_parse_message(
|
|||
continue;
|
||||
}
|
||||
|
||||
dhcp6_ia_free(lease->ia_pd);
|
||||
lease->ia_pd = TAKE_PTR(ia);
|
||||
free_and_replace_full(lease->ia_pd, ia, dhcp6_ia_free);
|
||||
break;
|
||||
}
|
||||
case SD_DHCP6_OPTION_RAPID_COMMIT:
|
||||
|
@ -872,12 +891,9 @@ static int dhcp6_lease_parse_message(
|
|||
"The client ID in %s message does not match. Ignoring.",
|
||||
dhcp6_message_type_to_string(message->type));
|
||||
|
||||
if (client->state == DHCP6_STATE_INFORMATION_REQUEST) {
|
||||
client->information_refresh_time_usec = MAX(irt, IRT_MINIMUM);
|
||||
log_dhcp6_client(client, "New information request will be refused in %s.",
|
||||
FORMAT_TIMESPAN(client->information_refresh_time_usec, USEC_PER_SEC));
|
||||
|
||||
} else {
|
||||
if (client->state == DHCP6_STATE_INFORMATION_REQUEST)
|
||||
dhcp6_client_set_information_refresh_time(client, lease, irt);
|
||||
else {
|
||||
r = dhcp6_lease_get_serverid(lease, NULL, NULL);
|
||||
if (r < 0)
|
||||
return log_dhcp6_client_errno(client, r, "%s has no server id",
|
||||
|
|
|
@ -493,6 +493,11 @@ static const uint8_t msg_information_request[] = {
|
|||
DHCP6_MESSAGE_INFORMATION_REQUEST,
|
||||
/* Transaction ID */
|
||||
0x0f, 0xb4, 0xe5,
|
||||
/* IA_PD */
|
||||
0x00, SD_DHCP6_OPTION_IA_PD, 0x00, 0x0c,
|
||||
IA_ID_BYTES,
|
||||
0x00, 0x00, 0x00, 0x00, /* lifetime T1 */
|
||||
0x00, 0x00, 0x00, 0x00, /* lifetime T2 */
|
||||
/* MUD URL */
|
||||
/* ORO */
|
||||
0x00, SD_DHCP6_OPTION_ORO, 0x00, 0x0c,
|
||||
|
|
|
@ -264,30 +264,40 @@ static int dhcp6_address_acquired(Link *link) {
|
|||
return r;
|
||||
}
|
||||
|
||||
if (link->network->dhcp6_use_hostname) {
|
||||
const char *dhcpname = NULL;
|
||||
_cleanup_free_ char *hostname = NULL;
|
||||
return 0;
|
||||
}
|
||||
|
||||
(void) sd_dhcp6_lease_get_fqdn(link->dhcp6_lease, &dhcpname);
|
||||
static int dhcp6_request_hostname(Link *link) {
|
||||
_cleanup_free_ char *hostname = NULL;
|
||||
const char *dhcpname = NULL;
|
||||
int r;
|
||||
|
||||
if (dhcpname) {
|
||||
r = shorten_overlong(dhcpname, &hostname);
|
||||
if (r < 0)
|
||||
log_link_warning_errno(link, r, "Unable to shorten overlong DHCP hostname '%s', ignoring: %m", dhcpname);
|
||||
if (r == 1)
|
||||
log_link_notice(link, "Overlong DHCP hostname received, shortened from '%s' to '%s'", dhcpname, hostname);
|
||||
}
|
||||
if (hostname) {
|
||||
r = manager_set_hostname(link->manager, hostname);
|
||||
if (r < 0)
|
||||
log_link_error_errno(link, r, "Failed to set transient hostname to '%s': %m", hostname);
|
||||
}
|
||||
}
|
||||
assert(link);
|
||||
assert(link->network);
|
||||
|
||||
if (!link->network->dhcp6_use_hostname)
|
||||
return 0;
|
||||
|
||||
r = sd_dhcp6_lease_get_fqdn(link->dhcp6_lease, &dhcpname);
|
||||
if (r == -ENODATA)
|
||||
return 0;
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = shorten_overlong(dhcpname, &hostname);
|
||||
if (r < 0)
|
||||
return log_link_warning_errno(link, r, "Unable to shorten overlong DHCP hostname '%s': %m", dhcpname);
|
||||
if (r == 1)
|
||||
log_link_notice(link, "Overlong DHCP hostname received, shortened from '%s' to '%s'", dhcpname, hostname);
|
||||
|
||||
r = manager_set_hostname(link->manager, hostname);
|
||||
if (r < 0)
|
||||
log_link_warning_errno(link, r, "Failed to set transient hostname to '%s', ignoring: %m", hostname);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int dhcp6_lease_ip_acquired(sd_dhcp6_client *client, Link *link) {
|
||||
static int dhcp6_lease_acquired(sd_dhcp6_client *client, Link *link) {
|
||||
_cleanup_(sd_dhcp6_lease_unrefp) sd_dhcp6_lease *lease_old = NULL;
|
||||
sd_dhcp6_lease *lease;
|
||||
int r;
|
||||
|
@ -302,6 +312,10 @@ static int dhcp6_lease_ip_acquired(sd_dhcp6_client *client, Link *link) {
|
|||
lease_old = TAKE_PTR(link->dhcp6_lease);
|
||||
link->dhcp6_lease = sd_dhcp6_lease_ref(lease);
|
||||
|
||||
r = dhcp6_request_hostname(link);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = dhcp6_address_acquired(link);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -327,22 +341,6 @@ static int dhcp6_lease_ip_acquired(sd_dhcp6_client *client, Link *link) {
|
|||
link_set_state(link, LINK_STATE_CONFIGURING);
|
||||
|
||||
link_check_ready(link);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int dhcp6_lease_information_acquired(sd_dhcp6_client *client, Link *link) {
|
||||
sd_dhcp6_lease *lease;
|
||||
int r;
|
||||
|
||||
assert(client);
|
||||
assert(link);
|
||||
|
||||
r = sd_dhcp6_client_get_lease(client, &lease);
|
||||
if (r < 0)
|
||||
return log_link_error_errno(link, r, "Failed to get DHCPv6 lease: %m");
|
||||
|
||||
unref_and_replace_full(link->dhcp6_lease, lease, sd_dhcp6_lease_ref, sd_dhcp6_lease_unref);
|
||||
|
||||
link_dirty(link);
|
||||
return 0;
|
||||
}
|
||||
|
@ -387,11 +385,8 @@ static void dhcp6_handler(sd_dhcp6_client *client, int event, void *userdata) {
|
|||
break;
|
||||
|
||||
case SD_DHCP6_CLIENT_EVENT_IP_ACQUIRE:
|
||||
r = dhcp6_lease_ip_acquired(client, link);
|
||||
break;
|
||||
|
||||
case SD_DHCP6_CLIENT_EVENT_INFORMATION_REQUEST:
|
||||
r = dhcp6_lease_information_acquired(client, link);
|
||||
r = dhcp6_lease_acquired(client, link);
|
||||
break;
|
||||
|
||||
default:
|
||||
|
|
|
@ -1439,7 +1439,7 @@ int config_parse_router_prefix_delegation(
|
|||
}
|
||||
|
||||
/* When IPv6SendRA= is enabled, only static prefixes are sent by default, and users
|
||||
* need to explicitly enable DHCPv6PrefixDelegation=. */
|
||||
* need to explicitly enable DHCPPrefixDelegation=. */
|
||||
*ra = r ? RADV_PREFIX_DELEGATION_STATIC : RADV_PREFIX_DELEGATION_NONE;
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -5602,7 +5602,7 @@ static int run_container(
|
|||
}
|
||||
|
||||
/* Note: we do not use SD_EVENT_SIGNAL_PROCMASK or sd_event_set_signal_exit(), since we want the
|
||||
* signals to be block continously, even if we destroy the event loop and allocate a new one on
|
||||
* signals to be block continuously, even if we destroy the event loop and allocate a new one on
|
||||
* container reboot. */
|
||||
|
||||
if (arg_kill_signal > 0) {
|
||||
|
|
Loading…
Reference in New Issue