Compare commits

...

10 Commits

Author SHA1 Message Date
Yu Watanabe c3cc561d9f network/radv: update comment
DHCPv6PrefixDelegation= is replaced with DHCPPrefixDelegation=.
2024-09-16 14:35:47 +09:00
Yu Watanabe bab2a46912 man/network: update example for router upstream interface
This comments out all optional settings.
2024-09-16 14:35:47 +09:00
Yu Watanabe 97e002effe network/dhcp6: process hostname and IA_PD on information requesting mode
Fixes #34299.
2024-09-16 14:35:47 +09:00
Yu Watanabe c471cb4883 sd-dhcp6-lease: adjust information refresh time with lifetime of IA_PD
For the case when IRT is too large but lifetime of IA_PD is too short.
2024-09-16 14:35:47 +09:00
Yu Watanabe a84a33f302 sd-dhcp6-client: allow to request IA_PD on information requesting mode
To support RFC 7084, WPD-4.
2024-09-16 14:35:47 +09:00
Yu Watanabe 07fa6897e2 network/dhcp6: set hostname even if UseAddress=no
Follow-up for f963f8953d and
1536b7b2d0.
2024-09-16 14:35:47 +09:00
Yu Watanabe fb1db600fb sd-dhcp6-lease: use free_and_replace_full() 2024-09-16 14:35:47 +09:00
Yu Watanabe 9671efff78 NEWS: fix typo
Follow-up for dcc359010c.
2024-09-16 11:50:48 +09:00
Yu Watanabe 4f0bc2582e man: fix typo
Follow-up for a632d8dd9f.
2024-09-16 11:49:04 +09:00
Yu Watanabe 3292120adf nspawn: fix typo
Follow-up for d7a6bb9891.
2024-09-16 11:47:43 +09:00
9 changed files with 97 additions and 73 deletions

4
NEWS
View File

@ -94,7 +94,7 @@ CHANGES WITH 257 in spe:
/usr/lib/clock-epoch, and /var/lib/systemd/timesync/clock. See
systemd(1) for an detailed updated description.
* Ctrl-Alt-Delete is reenabled during late shutdown, so that the user
* Ctrl-Alt-Delete is re-enabled during late shutdown, so that the user
can still initiate a reboot if the system freezes.
* Unit option PrivateUsers=identity can be used to request a user
@ -211,7 +211,7 @@ CHANGES WITH 257 in spe:
versions.
* systemd-sysupdate gained a new --transfer-source= option to set the
directory to which transfer sources cofigured with
directory to which transfer sources configured with
PathRelativeTo=explicit will be interpreted.
Miscellaneous:

View File

@ -115,7 +115,7 @@
result can be pre-calculated without too much effort. The <literal>.pcrsig</literal> section is not
included in this PCR measurement, since it is supposed to contain signatures for the output of the
measurement operation, and thus cannot also be input to it. If an UKI contains multiple profiles, only
the PE sections of the selected profile (and those of the base profile, except if overriden) are
the PE sections of the selected profile (and those of the base profile, except if overridden) are
measured.</para>
<para>If non-zero, the selected numeric profile is measured into PCR 12.</para>

View File

@ -6243,22 +6243,22 @@ Name=enp1s0
[Network]
DHCP=ipv6
# The below setting is optional, to also assign an address in the delegated prefix
# to the upstream interface. If not necessary, then comment out the line below and
# the [DHCPPrefixDelegation] section.
DHCPPrefixDelegation=yes
# The lines below are optional, to also assign an address in the delegated prefix
# to the upstream interface. Uncomment the lines below if necessary.
#[Network]
#DHCPPrefixDelegation=yes
#[DHCPPrefixDelegation]
#UplinkInterface=:self
#SubnetId=0
#Announce=no
# If the upstream network provides Router Advertisement with Managed bit set,
# then comment out the line below and WithoutRA= setting in the [DHCPv6] section.
IPv6AcceptRA=no
[DHCPv6]
WithoutRA=solicit
[DHCPPrefixDelegation]
UplinkInterface=:self
SubnetId=0
Announce=no</programlisting>
# If the upstream network does not provides any Router Advertisement (RA) messages
# or provides an RA with both Managed and Other-information bits unset, then
# uncomment the lines below.
#[Network]
#IPv6AcceptRA=no
#[DHCPv6]
#WithoutRA=solicit</programlisting>
<programlisting># /etc/systemd/network/55-dhcpv6-pd-downstream.network
[Match]

View File

@ -767,6 +767,14 @@ int dhcp6_client_send_message(sd_dhcp6_client *client) {
switch (client->state) {
case DHCP6_STATE_INFORMATION_REQUEST:
/* RFC 7084 section 4.2 (https://datatracker.ietf.org/doc/html/rfc7084#section-4.2)
* WPD-4: By default, the IPv6 CE router MUST initiate DHCPv6 prefix delegation when either
* the M or O flags are set to 1 in a received Router Advertisement (RA) message. */
if (FLAGS_SET(client->request_ia, DHCP6_REQUEST_IA_PD)) {
r = dhcp6_option_append_ia(&buf, &offset, (client->lease ? client->lease->ia_pd : NULL) ?: &client->ia_pd);
if (r < 0)
return r;
}
break;
case DHCP6_STATE_SOLICITATION:

View File

@ -71,6 +71,32 @@ static void dhcp6_lease_set_lifetime(sd_dhcp6_lease *lease) {
lease->lifetime_t2 = t2;
}
static void dhcp6_client_set_information_refresh_time(sd_dhcp6_client *client, sd_dhcp6_lease *lease, usec_t irt) {
usec_t t1 = USEC_INFINITY, t2 = USEC_INFINITY, min_valid_lt = USEC_INFINITY;
if (lease->ia_pd) {
t1 = be32_sec_to_usec(lease->ia_pd->header.lifetime_t1, /* max_as_infinity = */ true);
t2 = be32_sec_to_usec(lease->ia_pd->header.lifetime_t2, /* max_as_infinity = */ true);
LIST_FOREACH(addresses, a, lease->ia_pd->addresses)
min_valid_lt = MIN(min_valid_lt, be32_sec_to_usec(a->iapdprefix.lifetime_valid, /* max_as_infinity = */ true));
if (t2 == 0 || t2 > min_valid_lt) {
/* If T2 is zero or longer than the minimum valid lifetime of the prefixes,
* then adjust lifetime with it. */
t1 = min_valid_lt / 2;
t2 = min_valid_lt / 10 * 8;
}
/* Adjust the received information refresh time with T1. */
irt = MIN(irt, t1);
}
client->information_refresh_time_usec = MAX(irt, IRT_MINIMUM);
log_dhcp6_client(client, "New information request will be refused in %s.",
FORMAT_TIMESPAN(client->information_refresh_time_usec, USEC_PER_SEC));
}
#define DEFINE_GET_TIME_FUNCTIONS(name, val) \
int sd_dhcp6_lease_get_##name( \
sd_dhcp6_lease *lease, \
@ -763,18 +789,12 @@ static int dhcp6_lease_parse_message(
continue;
}
dhcp6_ia_free(lease->ia_na);
lease->ia_na = TAKE_PTR(ia);
free_and_replace_full(lease->ia_na, ia, dhcp6_ia_free);
break;
}
case SD_DHCP6_OPTION_IA_PD: {
_cleanup_(dhcp6_ia_freep) DHCP6IA *ia = NULL;
if (client->state == DHCP6_STATE_INFORMATION_REQUEST) {
log_dhcp6_client(client, "Ignoring IA PD option in information requesting mode.");
break;
}
r = dhcp6_option_parse_ia(client, client->ia_pd.header.id, optcode, optlen, optval, &ia);
if (r == -ENOMEM)
return log_oom_debug();
@ -788,8 +808,7 @@ static int dhcp6_lease_parse_message(
continue;
}
dhcp6_ia_free(lease->ia_pd);
lease->ia_pd = TAKE_PTR(ia);
free_and_replace_full(lease->ia_pd, ia, dhcp6_ia_free);
break;
}
case SD_DHCP6_OPTION_RAPID_COMMIT:
@ -872,12 +891,9 @@ static int dhcp6_lease_parse_message(
"The client ID in %s message does not match. Ignoring.",
dhcp6_message_type_to_string(message->type));
if (client->state == DHCP6_STATE_INFORMATION_REQUEST) {
client->information_refresh_time_usec = MAX(irt, IRT_MINIMUM);
log_dhcp6_client(client, "New information request will be refused in %s.",
FORMAT_TIMESPAN(client->information_refresh_time_usec, USEC_PER_SEC));
} else {
if (client->state == DHCP6_STATE_INFORMATION_REQUEST)
dhcp6_client_set_information_refresh_time(client, lease, irt);
else {
r = dhcp6_lease_get_serverid(lease, NULL, NULL);
if (r < 0)
return log_dhcp6_client_errno(client, r, "%s has no server id",

View File

@ -493,6 +493,11 @@ static const uint8_t msg_information_request[] = {
DHCP6_MESSAGE_INFORMATION_REQUEST,
/* Transaction ID */
0x0f, 0xb4, 0xe5,
/* IA_PD */
0x00, SD_DHCP6_OPTION_IA_PD, 0x00, 0x0c,
IA_ID_BYTES,
0x00, 0x00, 0x00, 0x00, /* lifetime T1 */
0x00, 0x00, 0x00, 0x00, /* lifetime T2 */
/* MUD URL */
/* ORO */
0x00, SD_DHCP6_OPTION_ORO, 0x00, 0x0c,

View File

@ -264,30 +264,40 @@ static int dhcp6_address_acquired(Link *link) {
return r;
}
if (link->network->dhcp6_use_hostname) {
const char *dhcpname = NULL;
_cleanup_free_ char *hostname = NULL;
return 0;
}
(void) sd_dhcp6_lease_get_fqdn(link->dhcp6_lease, &dhcpname);
static int dhcp6_request_hostname(Link *link) {
_cleanup_free_ char *hostname = NULL;
const char *dhcpname = NULL;
int r;
if (dhcpname) {
r = shorten_overlong(dhcpname, &hostname);
if (r < 0)
log_link_warning_errno(link, r, "Unable to shorten overlong DHCP hostname '%s', ignoring: %m", dhcpname);
if (r == 1)
log_link_notice(link, "Overlong DHCP hostname received, shortened from '%s' to '%s'", dhcpname, hostname);
}
if (hostname) {
r = manager_set_hostname(link->manager, hostname);
if (r < 0)
log_link_error_errno(link, r, "Failed to set transient hostname to '%s': %m", hostname);
}
}
assert(link);
assert(link->network);
if (!link->network->dhcp6_use_hostname)
return 0;
r = sd_dhcp6_lease_get_fqdn(link->dhcp6_lease, &dhcpname);
if (r == -ENODATA)
return 0;
if (r < 0)
return r;
r = shorten_overlong(dhcpname, &hostname);
if (r < 0)
return log_link_warning_errno(link, r, "Unable to shorten overlong DHCP hostname '%s': %m", dhcpname);
if (r == 1)
log_link_notice(link, "Overlong DHCP hostname received, shortened from '%s' to '%s'", dhcpname, hostname);
r = manager_set_hostname(link->manager, hostname);
if (r < 0)
log_link_warning_errno(link, r, "Failed to set transient hostname to '%s', ignoring: %m", hostname);
return 0;
}
static int dhcp6_lease_ip_acquired(sd_dhcp6_client *client, Link *link) {
static int dhcp6_lease_acquired(sd_dhcp6_client *client, Link *link) {
_cleanup_(sd_dhcp6_lease_unrefp) sd_dhcp6_lease *lease_old = NULL;
sd_dhcp6_lease *lease;
int r;
@ -302,6 +312,10 @@ static int dhcp6_lease_ip_acquired(sd_dhcp6_client *client, Link *link) {
lease_old = TAKE_PTR(link->dhcp6_lease);
link->dhcp6_lease = sd_dhcp6_lease_ref(lease);
r = dhcp6_request_hostname(link);
if (r < 0)
return r;
r = dhcp6_address_acquired(link);
if (r < 0)
return r;
@ -327,22 +341,6 @@ static int dhcp6_lease_ip_acquired(sd_dhcp6_client *client, Link *link) {
link_set_state(link, LINK_STATE_CONFIGURING);
link_check_ready(link);
return 0;
}
static int dhcp6_lease_information_acquired(sd_dhcp6_client *client, Link *link) {
sd_dhcp6_lease *lease;
int r;
assert(client);
assert(link);
r = sd_dhcp6_client_get_lease(client, &lease);
if (r < 0)
return log_link_error_errno(link, r, "Failed to get DHCPv6 lease: %m");
unref_and_replace_full(link->dhcp6_lease, lease, sd_dhcp6_lease_ref, sd_dhcp6_lease_unref);
link_dirty(link);
return 0;
}
@ -387,11 +385,8 @@ static void dhcp6_handler(sd_dhcp6_client *client, int event, void *userdata) {
break;
case SD_DHCP6_CLIENT_EVENT_IP_ACQUIRE:
r = dhcp6_lease_ip_acquired(client, link);
break;
case SD_DHCP6_CLIENT_EVENT_INFORMATION_REQUEST:
r = dhcp6_lease_information_acquired(client, link);
r = dhcp6_lease_acquired(client, link);
break;
default:

View File

@ -1439,7 +1439,7 @@ int config_parse_router_prefix_delegation(
}
/* When IPv6SendRA= is enabled, only static prefixes are sent by default, and users
* need to explicitly enable DHCPv6PrefixDelegation=. */
* need to explicitly enable DHCPPrefixDelegation=. */
*ra = r ? RADV_PREFIX_DELEGATION_STATIC : RADV_PREFIX_DELEGATION_NONE;
return 0;
}

View File

@ -5602,7 +5602,7 @@ static int run_container(
}
/* Note: we do not use SD_EVENT_SIGNAL_PROCMASK or sd_event_set_signal_exit(), since we want the
* signals to be block continously, even if we destroy the event loop and allocate a new one on
* signals to be block continuously, even if we destroy the event loop and allocate a new one on
* container reboot. */
if (arg_kill_signal > 0) {