mirror of
https://github.com/systemd/systemd
synced 2025-11-10 04:14:44 +01:00
Compare commits
No commits in common. "e9769453e3535253e2ee8fa06151e606baa4e6bd" and "495454f40f3e9eb7c9ce94b25cd4a8c67a5eb7e6" have entirely different histories.
e9769453e3
...
495454f40f
@ -5,7 +5,7 @@
|
|||||||
|
|
||||||
[Distribution]
|
[Distribution]
|
||||||
Distribution=ubuntu
|
Distribution=ubuntu
|
||||||
Release=focal
|
Release=bionic
|
||||||
Repositories=main,universe
|
Repositories=main,universe
|
||||||
|
|
||||||
[Output]
|
[Output]
|
||||||
@ -25,6 +25,7 @@ BuildPackages=
|
|||||||
git
|
git
|
||||||
gnu-efi
|
gnu-efi
|
||||||
gperf
|
gperf
|
||||||
|
iptables-dev
|
||||||
libacl1-dev
|
libacl1-dev
|
||||||
libaudit-dev
|
libaudit-dev
|
||||||
libblkid-dev
|
libblkid-dev
|
||||||
@ -38,8 +39,6 @@ BuildPackages=
|
|||||||
libgcrypt20-dev
|
libgcrypt20-dev
|
||||||
libgnutls28-dev
|
libgnutls28-dev
|
||||||
libidn2-0-dev
|
libidn2-0-dev
|
||||||
libip4tc-dev
|
|
||||||
libip6tc-dev
|
|
||||||
libkmod-dev
|
libkmod-dev
|
||||||
liblz4-dev
|
liblz4-dev
|
||||||
liblz4-tool
|
liblz4-tool
|
||||||
@ -52,7 +51,6 @@ BuildPackages=
|
|||||||
libsmartcols-dev
|
libsmartcols-dev
|
||||||
libtool
|
libtool
|
||||||
libxkbcommon-dev
|
libxkbcommon-dev
|
||||||
libxtables-dev
|
|
||||||
libzstd-dev
|
libzstd-dev
|
||||||
m4
|
m4
|
||||||
meson
|
meson
|
||||||
@ -67,6 +65,6 @@ BuildPackages=
|
|||||||
zstd
|
zstd
|
||||||
|
|
||||||
Packages=
|
Packages=
|
||||||
libqrencode4
|
libqrencode3
|
||||||
locales
|
locales
|
||||||
libidn2-0
|
libidn2-0
|
||||||
|
|||||||
3
TODO
3
TODO
@ -1087,8 +1087,7 @@ Features:
|
|||||||
- document systemd-journal-flush.service properly
|
- document systemd-journal-flush.service properly
|
||||||
- documentation: recommend to connect the timer units of a service to the service via Also= in [Install]
|
- documentation: recommend to connect the timer units of a service to the service via Also= in [Install]
|
||||||
- man: document the very specific env the shutdown drop-in tools live in
|
- man: document the very specific env the shutdown drop-in tools live in
|
||||||
- man: add more examples to man pages,
|
- man: add more examples to man pages
|
||||||
- in particular an example how to do the equivalent of switching runlevels
|
|
||||||
- man: maybe sort directives in man pages, and take sections from --help and apply them to man too
|
- man: maybe sort directives in man pages, and take sections from --help and apply them to man too
|
||||||
- document root=gpt-auto properly
|
- document root=gpt-auto properly
|
||||||
|
|
||||||
|
|||||||
@ -263,9 +263,11 @@ Sun 2017-02-26 20:57:49 EST 2h 3min left Sun 2017-02-26 11:56:36 EST 6h ago
|
|||||||
If a unit name with no extension is given, an extension of
|
If a unit name with no extension is given, an extension of
|
||||||
<literal>.target</literal> will be assumed.</para>
|
<literal>.target</literal> will be assumed.</para>
|
||||||
|
|
||||||
<para>This command is dangerous, since it will immediately stop processes that are not enabled in
|
<para>This is similar to changing the runlevel in a
|
||||||
the new target, possibly including the graphical environment or terminal you are currently using.
|
traditional init system. The <command>isolate</command>
|
||||||
</para>
|
command will immediately stop processes that are not enabled
|
||||||
|
in the new unit, possibly including the graphical
|
||||||
|
environment or terminal you are currently using.</para>
|
||||||
|
|
||||||
<para>Note that this is allowed only on units where
|
<para>Note that this is allowed only on units where
|
||||||
<option>AllowIsolate=</option> is enabled. See
|
<option>AllowIsolate=</option> is enabled. See
|
||||||
|
|||||||
14
meson.build
14
meson.build
@ -676,17 +676,17 @@ conf.set_quoted('DEFAULT_NET_NAMING_SCHEME', default_net_naming_scheme)
|
|||||||
|
|
||||||
time_epoch = get_option('time-epoch')
|
time_epoch = get_option('time-epoch')
|
||||||
if time_epoch == -1
|
if time_epoch == -1
|
||||||
time_epoch = run_command('sh', ['-c', 'echo "$SOURCE_DATE_EPOCH"']).stdout().strip()
|
source_date_epoch = run_command('sh', ['-c', 'echo "$SOURCE_DATE_EPOCH"']).stdout().strip()
|
||||||
if time_epoch == '' and git.found() and run_command('test', '-e', '.git').returncode() == 0
|
if source_date_epoch != ''
|
||||||
|
time_epoch = source_date_epoch.to_int()
|
||||||
|
elif git.found() and run_command('test', '-e', '.git').returncode() == 0
|
||||||
# If we're in a git repository, use the creation time of the latest git tag.
|
# If we're in a git repository, use the creation time of the latest git tag.
|
||||||
latest_tag = run_command('git', 'describe', '--abbrev=0', '--tags').stdout().strip()
|
latest_tag = run_command('git', 'describe', '--abbrev=0', '--tags').stdout().strip()
|
||||||
time_epoch = run_command('git', 'log', '-1', '--format=%at', latest_tag).stdout()
|
time_epoch = run_command('git', 'log', '-1', '--format=%at', latest_tag).stdout().to_int()
|
||||||
endif
|
else
|
||||||
if time_epoch == ''
|
|
||||||
NEWS = files('NEWS')
|
NEWS = files('NEWS')
|
||||||
time_epoch = run_command(stat, '-c', '%Y', NEWS).stdout()
|
time_epoch = run_command(stat, '-c', '%Y', NEWS).stdout().to_int()
|
||||||
endif
|
endif
|
||||||
time_epoch = time_epoch.to_int()
|
|
||||||
endif
|
endif
|
||||||
conf.set('TIME_EPOCH', time_epoch)
|
conf.set('TIME_EPOCH', time_epoch)
|
||||||
|
|
||||||
|
|||||||
@ -37,7 +37,7 @@ apt-get -q --allow-releaseinfo-change update
|
|||||||
apt-get -y dist-upgrade
|
apt-get -y dist-upgrade
|
||||||
apt-get install -y eatmydata
|
apt-get install -y eatmydata
|
||||||
# The following four are needed as long as these deps are not covered by Debian's own packaging
|
# The following four are needed as long as these deps are not covered by Debian's own packaging
|
||||||
apt-get install -y fdisk tree libfdisk-dev libp11-kit-dev libssl-dev libpwquality-dev
|
apt-get install -y fdisk libfdisk-dev libp11-kit-dev libssl-dev libpwquality-dev
|
||||||
apt-get purge --auto-remove -y unattended-upgrades
|
apt-get purge --auto-remove -y unattended-upgrades
|
||||||
systemctl unmask systemd-networkd
|
systemctl unmask systemd-networkd
|
||||||
systemctl enable systemd-networkd
|
systemctl enable systemd-networkd
|
||||||
|
|||||||
@ -108,7 +108,11 @@ int in_addr_equal(int family, const union in_addr_union *a, const union in_addr_
|
|||||||
return in4_addr_equal(&a->in, &b->in);
|
return in4_addr_equal(&a->in, &b->in);
|
||||||
|
|
||||||
if (family == AF_INET6)
|
if (family == AF_INET6)
|
||||||
return IN6_ARE_ADDR_EQUAL(&a->in6, &b->in6);
|
return
|
||||||
|
a->in6.s6_addr32[0] == b->in6.s6_addr32[0] &&
|
||||||
|
a->in6.s6_addr32[1] == b->in6.s6_addr32[1] &&
|
||||||
|
a->in6.s6_addr32[2] == b->in6.s6_addr32[2] &&
|
||||||
|
a->in6.s6_addr32[3] == b->in6.s6_addr32[3];
|
||||||
|
|
||||||
return -EAFNOSUPPORT;
|
return -EAFNOSUPPORT;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -151,6 +151,12 @@ void siphash24_compress(const void *_in, size_t inlen, struct siphash *state) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void siphash24_compress_boolean(bool in, struct siphash *state) {
|
||||||
|
int i = in;
|
||||||
|
|
||||||
|
siphash24_compress(&i, sizeof i, state);
|
||||||
|
}
|
||||||
|
|
||||||
uint64_t siphash24_finalize(struct siphash *state) {
|
uint64_t siphash24_finalize(struct siphash *state) {
|
||||||
uint64_t b;
|
uint64_t b;
|
||||||
|
|
||||||
|
|||||||
@ -17,21 +17,9 @@ struct siphash {
|
|||||||
|
|
||||||
void siphash24_init(struct siphash *state, const uint8_t k[static 16]);
|
void siphash24_init(struct siphash *state, const uint8_t k[static 16]);
|
||||||
void siphash24_compress(const void *in, size_t inlen, struct siphash *state);
|
void siphash24_compress(const void *in, size_t inlen, struct siphash *state);
|
||||||
|
void siphash24_compress_boolean(bool in, struct siphash *state);
|
||||||
#define siphash24_compress_byte(byte, state) siphash24_compress((const uint8_t[]) { (byte) }, 1, (state))
|
#define siphash24_compress_byte(byte, state) siphash24_compress((const uint8_t[]) { (byte) }, 1, (state))
|
||||||
|
|
||||||
static inline void siphash24_compress_boolean(bool in, struct siphash *state) {
|
|
||||||
uint8_t i = in;
|
|
||||||
|
|
||||||
siphash24_compress(&i, sizeof i, state);
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline void siphash24_compress_string(const char *in, struct siphash *state) {
|
|
||||||
if (!in)
|
|
||||||
return;
|
|
||||||
|
|
||||||
siphash24_compress(in, strlen(in), state);
|
|
||||||
}
|
|
||||||
|
|
||||||
uint64_t siphash24_finalize(struct siphash *state);
|
uint64_t siphash24_finalize(struct siphash *state);
|
||||||
|
|
||||||
uint64_t siphash24(const void *in, size_t inlen, const uint8_t k[static 16]);
|
uint64_t siphash24(const void *in, size_t inlen, const uint8_t k[static 16]);
|
||||||
|
|||||||
@ -589,8 +589,6 @@ static char** sanitize_environment(char **l) {
|
|||||||
/* Let's remove some environment variables that we need ourselves to communicate with our clients */
|
/* Let's remove some environment variables that we need ourselves to communicate with our clients */
|
||||||
strv_env_unset_many(
|
strv_env_unset_many(
|
||||||
l,
|
l,
|
||||||
"CACHE_DIRECTORY",
|
|
||||||
"CONFIGURATION_DIRECTORY",
|
|
||||||
"EXIT_CODE",
|
"EXIT_CODE",
|
||||||
"EXIT_STATUS",
|
"EXIT_STATUS",
|
||||||
"INVOCATION_ID",
|
"INVOCATION_ID",
|
||||||
@ -598,16 +596,13 @@ static char** sanitize_environment(char **l) {
|
|||||||
"LISTEN_FDNAMES",
|
"LISTEN_FDNAMES",
|
||||||
"LISTEN_FDS",
|
"LISTEN_FDS",
|
||||||
"LISTEN_PID",
|
"LISTEN_PID",
|
||||||
"LOGS_DIRECTORY",
|
|
||||||
"MAINPID",
|
"MAINPID",
|
||||||
"MANAGERPID",
|
"MANAGERPID",
|
||||||
"NOTIFY_SOCKET",
|
"NOTIFY_SOCKET",
|
||||||
"PIDFILE",
|
"PIDFILE",
|
||||||
"REMOTE_ADDR",
|
"REMOTE_ADDR",
|
||||||
"REMOTE_PORT",
|
"REMOTE_PORT",
|
||||||
"RUNTIME_DIRECTORY",
|
|
||||||
"SERVICE_RESULT",
|
"SERVICE_RESULT",
|
||||||
"STATE_DIRECTORY",
|
|
||||||
"WATCHDOG_PID",
|
"WATCHDOG_PID",
|
||||||
"WATCHDOG_USEC",
|
"WATCHDOG_USEC",
|
||||||
NULL);
|
NULL);
|
||||||
|
|||||||
@ -685,7 +685,7 @@ static int write_root_passwd(const char *passwd_path, const char *password, cons
|
|||||||
if (errno != ENOENT)
|
if (errno != ENOENT)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
||||||
r = fchmod(fileno(passwd), 0644);
|
r = fchmod(fileno(passwd), 0000);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
||||||
|
|||||||
@ -55,7 +55,7 @@ typedef struct CatalogItem {
|
|||||||
|
|
||||||
static void catalog_hash_func(const CatalogItem *i, struct siphash *state) {
|
static void catalog_hash_func(const CatalogItem *i, struct siphash *state) {
|
||||||
siphash24_compress(&i->id, sizeof(i->id), state);
|
siphash24_compress(&i->id, sizeof(i->id), state);
|
||||||
siphash24_compress_string(i->language, state);
|
siphash24_compress(i->language, strlen(i->language), state);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int catalog_compare_func(const CatalogItem *a, const CatalogItem *b) {
|
static int catalog_compare_func(const CatalogItem *a, const CatalogItem *b) {
|
||||||
|
|||||||
@ -110,10 +110,7 @@ int bus_link_method_set_ntp_servers(sd_bus_message *message, void *userdata, sd_
|
|||||||
|
|
||||||
strv_free_and_replace(l->ntp, ntp);
|
strv_free_and_replace(l->ntp, ntp);
|
||||||
|
|
||||||
link_dirty(l);
|
(void) link_dirty(l);
|
||||||
r = link_save_and_clean(l);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
}
|
}
|
||||||
@ -153,10 +150,7 @@ static int bus_link_method_set_dns_servers_internal(sd_bus_message *message, voi
|
|||||||
free_and_replace(l->dns, dns);
|
free_and_replace(l->dns, dns);
|
||||||
l->n_dns = n;
|
l->n_dns = n;
|
||||||
|
|
||||||
link_dirty(l);
|
(void) link_dirty(l);
|
||||||
r = link_save_and_clean(l);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
|
|
||||||
@ -246,10 +240,7 @@ int bus_link_method_set_domains(sd_bus_message *message, void *userdata, sd_bus_
|
|||||||
l->search_domains = TAKE_PTR(search_domains);
|
l->search_domains = TAKE_PTR(search_domains);
|
||||||
l->route_domains = TAKE_PTR(route_domains);
|
l->route_domains = TAKE_PTR(route_domains);
|
||||||
|
|
||||||
link_dirty(l);
|
(void) link_dirty(l);
|
||||||
r = link_save_and_clean(l);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
}
|
}
|
||||||
@ -280,11 +271,7 @@ int bus_link_method_set_default_route(sd_bus_message *message, void *userdata, s
|
|||||||
|
|
||||||
if (l->dns_default_route != b) {
|
if (l->dns_default_route != b) {
|
||||||
l->dns_default_route = b;
|
l->dns_default_route = b;
|
||||||
|
(void) link_dirty(l);
|
||||||
link_dirty(l);
|
|
||||||
r = link_save_and_clean(l);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
@ -326,11 +313,7 @@ int bus_link_method_set_llmnr(sd_bus_message *message, void *userdata, sd_bus_er
|
|||||||
|
|
||||||
if (l->llmnr != mode) {
|
if (l->llmnr != mode) {
|
||||||
l->llmnr = mode;
|
l->llmnr = mode;
|
||||||
|
(void) link_dirty(l);
|
||||||
link_dirty(l);
|
|
||||||
r = link_save_and_clean(l);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
@ -372,11 +355,7 @@ int bus_link_method_set_mdns(sd_bus_message *message, void *userdata, sd_bus_err
|
|||||||
|
|
||||||
if (l->mdns != mode) {
|
if (l->mdns != mode) {
|
||||||
l->mdns = mode;
|
l->mdns = mode;
|
||||||
|
(void) link_dirty(l);
|
||||||
link_dirty(l);
|
|
||||||
r = link_save_and_clean(l);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
@ -418,11 +397,7 @@ int bus_link_method_set_dns_over_tls(sd_bus_message *message, void *userdata, sd
|
|||||||
|
|
||||||
if (l->dns_over_tls_mode != mode) {
|
if (l->dns_over_tls_mode != mode) {
|
||||||
l->dns_over_tls_mode = mode;
|
l->dns_over_tls_mode = mode;
|
||||||
|
(void) link_dirty(l);
|
||||||
link_dirty(l);
|
|
||||||
r = link_save_and_clean(l);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
@ -464,11 +439,7 @@ int bus_link_method_set_dnssec(sd_bus_message *message, void *userdata, sd_bus_e
|
|||||||
|
|
||||||
if (l->dnssec_mode != mode) {
|
if (l->dnssec_mode != mode) {
|
||||||
l->dnssec_mode = mode;
|
l->dnssec_mode = mode;
|
||||||
|
(void) link_dirty(l);
|
||||||
link_dirty(l);
|
|
||||||
r = link_save_and_clean(l);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
@ -522,10 +493,7 @@ int bus_link_method_set_dnssec_negative_trust_anchors(sd_bus_message *message, v
|
|||||||
set_free_free(l->dnssec_negative_trust_anchors);
|
set_free_free(l->dnssec_negative_trust_anchors);
|
||||||
l->dnssec_negative_trust_anchors = TAKE_PTR(ns);
|
l->dnssec_negative_trust_anchors = TAKE_PTR(ns);
|
||||||
|
|
||||||
link_dirty(l);
|
(void) link_dirty(l);
|
||||||
r = link_save_and_clean(l);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
}
|
}
|
||||||
@ -551,11 +519,7 @@ int bus_link_method_revert_ntp(sd_bus_message *message, void *userdata, sd_bus_e
|
|||||||
return 1; /* Polkit will call us back */
|
return 1; /* Polkit will call us back */
|
||||||
|
|
||||||
link_ntp_settings_clear(l);
|
link_ntp_settings_clear(l);
|
||||||
|
(void) link_dirty(l);
|
||||||
link_dirty(l);
|
|
||||||
r = link_save_and_clean(l);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
}
|
}
|
||||||
@ -581,11 +545,7 @@ int bus_link_method_revert_dns(sd_bus_message *message, void *userdata, sd_bus_e
|
|||||||
return 1; /* Polkit will call us back */
|
return 1; /* Polkit will call us back */
|
||||||
|
|
||||||
link_dns_settings_clear(l);
|
link_dns_settings_clear(l);
|
||||||
|
(void) link_dirty(l);
|
||||||
link_dirty(l);
|
|
||||||
r = link_save_and_clean(l);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
}
|
}
|
||||||
@ -669,9 +629,10 @@ int bus_link_method_reconfigure(sd_bus_message *message, void *userdata, sd_bus_
|
|||||||
return r;
|
return r;
|
||||||
|
|
||||||
link_set_state(l, LINK_STATE_INITIALIZED);
|
link_set_state(l, LINK_STATE_INITIALIZED);
|
||||||
r = link_save_and_clean(l);
|
r = link_save(l);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
link_clean(l);
|
||||||
|
|
||||||
return sd_bus_reply_method_return(message, NULL);
|
return sd_bus_reply_method_return(message, NULL);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1297,10 +1297,7 @@ static int link_request_set_addresses(Link *link) {
|
|||||||
LIST_FOREACH(addresses, ad, link->network->static_addresses) {
|
LIST_FOREACH(addresses, ad, link->network->static_addresses) {
|
||||||
bool update;
|
bool update;
|
||||||
|
|
||||||
if (ad->family == AF_INET6 && !in_addr_is_null(ad->family, &ad->in_addr_peer))
|
update = address_get(link, ad->family, &ad->in_addr, ad->prefixlen, NULL) > 0;
|
||||||
update = address_get(link, ad->family, &ad->in_addr_peer, ad->prefixlen, NULL) > 0;
|
|
||||||
else
|
|
||||||
update = address_get(link, ad->family, &ad->in_addr, ad->prefixlen, NULL) > 0;
|
|
||||||
|
|
||||||
r = address_configure(ad, link, address_handler, update);
|
r = address_configure(ad, link, address_handler, update);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
@ -2606,9 +2603,6 @@ static bool link_is_static_address_configured(Link *link, Address *address) {
|
|||||||
LIST_FOREACH(addresses, net_address, link->network->static_addresses)
|
LIST_FOREACH(addresses, net_address, link->network->static_addresses)
|
||||||
if (address_equal(net_address, address))
|
if (address_equal(net_address, address))
|
||||||
return true;
|
return true;
|
||||||
else if (address->family == AF_INET6 && net_address->family == AF_INET6 &&
|
|
||||||
in_addr_equal(AF_INET6, &address->in_addr, &net_address->in_addr_peer) > 0)
|
|
||||||
return true;
|
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -4531,17 +4525,6 @@ void link_clean(Link *link) {
|
|||||||
link_unref(set_remove(link->manager->dirty_links, link));
|
link_unref(set_remove(link->manager->dirty_links, link));
|
||||||
}
|
}
|
||||||
|
|
||||||
int link_save_and_clean(Link *link) {
|
|
||||||
int r;
|
|
||||||
|
|
||||||
r = link_save(link);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
link_clean(link);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
static const char* const link_state_table[_LINK_STATE_MAX] = {
|
static const char* const link_state_table[_LINK_STATE_MAX] = {
|
||||||
[LINK_STATE_PENDING] = "pending",
|
[LINK_STATE_PENDING] = "pending",
|
||||||
[LINK_STATE_INITIALIZED] = "initialized",
|
[LINK_STATE_INITIALIZED] = "initialized",
|
||||||
|
|||||||
@ -208,7 +208,6 @@ int link_update(Link *link, sd_netlink_message *message);
|
|||||||
void link_dirty(Link *link);
|
void link_dirty(Link *link);
|
||||||
void link_clean(Link *link);
|
void link_clean(Link *link);
|
||||||
int link_save(Link *link);
|
int link_save(Link *link);
|
||||||
int link_save_and_clean(Link *link);
|
|
||||||
|
|
||||||
int link_carrier_reset(Link *link);
|
int link_carrier_reset(Link *link);
|
||||||
bool link_has_carrier(Link *link);
|
bool link_has_carrier(Link *link);
|
||||||
|
|||||||
@ -1727,7 +1727,8 @@ static int manager_dirty_handler(sd_event_source *s, void *userdata) {
|
|||||||
manager_save(m);
|
manager_save(m);
|
||||||
|
|
||||||
SET_FOREACH(link, m->dirty_links, i)
|
SET_FOREACH(link, m->dirty_links, i)
|
||||||
(void) link_save_and_clean(link);
|
if (link_save(link) >= 0)
|
||||||
|
link_clean(link);
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -1898,7 +1899,7 @@ int manager_start(Manager *m) {
|
|||||||
manager_save(m);
|
manager_save(m);
|
||||||
|
|
||||||
HASHMAP_FOREACH(link, m->links, i)
|
HASHMAP_FOREACH(link, m->links, i)
|
||||||
(void) link_save(link);
|
link_save(link);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -35,6 +35,53 @@
|
|||||||
|
|
||||||
#define NDISC_APP_ID SD_ID128_MAKE(13,ac,81,a7,d5,3f,49,78,92,79,5d,0c,29,3a,bc,7e)
|
#define NDISC_APP_ID SD_ID128_MAKE(13,ac,81,a7,d5,3f,49,78,92,79,5d,0c,29,3a,bc,7e)
|
||||||
|
|
||||||
|
static bool stableprivate_address_is_valid(const struct in6_addr *addr) {
|
||||||
|
assert(addr);
|
||||||
|
|
||||||
|
/* According to rfc4291, generated address should not be in the following ranges. */
|
||||||
|
|
||||||
|
if (memcmp(addr, &SUBNET_ROUTER_ANYCAST_ADDRESS_RFC4291, SUBNET_ROUTER_ANYCAST_PREFIXLEN) == 0)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
if (memcmp(addr, &RESERVED_IPV6_INTERFACE_IDENTIFIERS_ADDRESS_RFC4291, RESERVED_IPV6_INTERFACE_IDENTIFIERS_PREFIXLEN) == 0)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
if (memcmp(addr, &RESERVED_SUBNET_ANYCAST_ADDRESSES_RFC4291, RESERVED_SUBNET_ANYCAST_PREFIXLEN) == 0)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int make_stableprivate_address(Link *link, const struct in6_addr *prefix, uint8_t prefix_len, uint8_t dad_counter, struct in6_addr *addr) {
|
||||||
|
sd_id128_t secret_key;
|
||||||
|
struct siphash state;
|
||||||
|
uint64_t rid;
|
||||||
|
size_t l;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
/* According to rfc7217 section 5.1
|
||||||
|
* RID = F(Prefix, Net_Iface, Network_ID, DAD_Counter, secret_key) */
|
||||||
|
|
||||||
|
r = sd_id128_get_machine_app_specific(NDISC_APP_ID, &secret_key);
|
||||||
|
if (r < 0)
|
||||||
|
return log_error_errno(r, "Failed to generate key: %m");
|
||||||
|
|
||||||
|
siphash24_init(&state, secret_key.bytes);
|
||||||
|
|
||||||
|
l = MAX(DIV_ROUND_UP(prefix_len, 8), 8);
|
||||||
|
siphash24_compress(prefix, l, &state);
|
||||||
|
siphash24_compress(link->ifname, strlen(link->ifname), &state);
|
||||||
|
siphash24_compress(&link->mac, sizeof(struct ether_addr), &state);
|
||||||
|
siphash24_compress(&dad_counter, sizeof(uint8_t), &state);
|
||||||
|
|
||||||
|
rid = htole64(siphash24_finalize(&state));
|
||||||
|
|
||||||
|
memcpy(addr->s6_addr, prefix->s6_addr, l);
|
||||||
|
memcpy(addr->s6_addr + l, &rid, 16 - l);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
static int ndisc_route_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
|
static int ndisc_route_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
@ -181,66 +228,9 @@ static int ndisc_router_process_default(Link *link, sd_ndisc_router *rt) {
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool stableprivate_address_is_valid(const struct in6_addr *addr) {
|
static int ndisc_router_generate_addresses(Link *link, unsigned prefixlen, uint32_t lifetime_preferred, Address *address, Set **ret) {
|
||||||
assert(addr);
|
|
||||||
|
|
||||||
/* According to rfc4291, generated address should not be in the following ranges. */
|
|
||||||
|
|
||||||
if (memcmp(addr, &SUBNET_ROUTER_ANYCAST_ADDRESS_RFC4291, SUBNET_ROUTER_ANYCAST_PREFIXLEN) == 0)
|
|
||||||
return false;
|
|
||||||
|
|
||||||
if (memcmp(addr, &RESERVED_IPV6_INTERFACE_IDENTIFIERS_ADDRESS_RFC4291, RESERVED_IPV6_INTERFACE_IDENTIFIERS_PREFIXLEN) == 0)
|
|
||||||
return false;
|
|
||||||
|
|
||||||
if (memcmp(addr, &RESERVED_SUBNET_ANYCAST_ADDRESSES_RFC4291, RESERVED_SUBNET_ANYCAST_PREFIXLEN) == 0)
|
|
||||||
return false;
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int make_stableprivate_address(Link *link, const struct in6_addr *prefix, uint8_t prefix_len, uint8_t dad_counter, struct in6_addr **ret) {
|
|
||||||
_cleanup_free_ struct in6_addr *addr = NULL;
|
|
||||||
sd_id128_t secret_key;
|
|
||||||
struct siphash state;
|
|
||||||
uint64_t rid;
|
|
||||||
size_t l;
|
|
||||||
int r;
|
|
||||||
|
|
||||||
/* According to rfc7217 section 5.1
|
|
||||||
* RID = F(Prefix, Net_Iface, Network_ID, DAD_Counter, secret_key) */
|
|
||||||
|
|
||||||
r = sd_id128_get_machine_app_specific(NDISC_APP_ID, &secret_key);
|
|
||||||
if (r < 0)
|
|
||||||
return log_error_errno(r, "Failed to generate key: %m");
|
|
||||||
|
|
||||||
siphash24_init(&state, secret_key.bytes);
|
|
||||||
|
|
||||||
l = MAX(DIV_ROUND_UP(prefix_len, 8), 8);
|
|
||||||
siphash24_compress(prefix, l, &state);
|
|
||||||
siphash24_compress_string(link->ifname, &state);
|
|
||||||
siphash24_compress(&link->mac, sizeof(struct ether_addr), &state);
|
|
||||||
siphash24_compress(&dad_counter, sizeof(uint8_t), &state);
|
|
||||||
|
|
||||||
rid = htole64(siphash24_finalize(&state));
|
|
||||||
|
|
||||||
addr = new(struct in6_addr, 1);
|
|
||||||
if (!addr)
|
|
||||||
return log_oom();
|
|
||||||
|
|
||||||
memcpy(addr->s6_addr, prefix->s6_addr, l);
|
|
||||||
memcpy(addr->s6_addr + l, &rid, 16 - l);
|
|
||||||
|
|
||||||
if (!stableprivate_address_is_valid(addr)) {
|
|
||||||
*ret = NULL;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
*ret = TAKE_PTR(addr);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int ndisc_router_generate_addresses(Link *link, struct in6_addr *address, uint8_t prefixlen, Set **ret) {
|
|
||||||
_cleanup_set_free_free_ Set *addresses = NULL;
|
_cleanup_set_free_free_ Set *addresses = NULL;
|
||||||
|
struct in6_addr addr;
|
||||||
IPv6Token *j;
|
IPv6Token *j;
|
||||||
Iterator i;
|
Iterator i;
|
||||||
int r;
|
int r;
|
||||||
@ -249,63 +239,76 @@ static int ndisc_router_generate_addresses(Link *link, struct in6_addr *address,
|
|||||||
assert(address);
|
assert(address);
|
||||||
assert(ret);
|
assert(ret);
|
||||||
|
|
||||||
addresses = set_new(&in6_addr_hash_ops);
|
addresses = set_new(&address_hash_ops);
|
||||||
if (!addresses)
|
if (!addresses)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
ORDERED_SET_FOREACH(j, link->network->ipv6_tokens, i) {
|
addr = address->in_addr.in6;
|
||||||
_cleanup_free_ struct in6_addr *new_address = NULL;
|
ORDERED_HASHMAP_FOREACH(j, link->network->ipv6_tokens, i) {
|
||||||
|
bool have_address = false;
|
||||||
|
_cleanup_(address_freep) Address *new_address = NULL;
|
||||||
|
|
||||||
|
r = address_new(&new_address);
|
||||||
|
if (r < 0)
|
||||||
|
return log_oom();
|
||||||
|
|
||||||
|
*new_address = *address;
|
||||||
|
|
||||||
if (j->address_generation_type == IPV6_TOKEN_ADDRESS_GENERATION_PREFIXSTABLE
|
if (j->address_generation_type == IPV6_TOKEN_ADDRESS_GENERATION_PREFIXSTABLE
|
||||||
&& IN6_ARE_ADDR_EQUAL(&j->prefix, address)) {
|
&& memcmp(&j->prefix, &addr, FAMILY_ADDRESS_SIZE(address->family)) == 0) {
|
||||||
/* While this loop uses dad_counter and a retry limit as specified in RFC 7217, the loop
|
/* While this loop uses dad_counter and a retry limit as specified in RFC 7217, the loop
|
||||||
does not actually attempt Duplicate Address Detection; the counter will be incremented
|
does not actually attempt Duplicate Address Detection; the counter will be incremented
|
||||||
only when the address generation algorithm produces an invalid address, and the loop
|
only when the address generation algorithm produces an invalid address, and the loop
|
||||||
may exit with an address which ends up being unusable due to duplication on the link.
|
may exit with an address which ends up being unusable due to duplication on the link.
|
||||||
*/
|
*/
|
||||||
for (; j->dad_counter < DAD_CONFLICTS_IDGEN_RETRIES_RFC7217; j->dad_counter++) {
|
for (; j->dad_counter < DAD_CONFLICTS_IDGEN_RETRIES_RFC7217; j->dad_counter++) {
|
||||||
r = make_stableprivate_address(link, &j->prefix, prefixlen, j->dad_counter, &new_address);
|
r = make_stableprivate_address(link, &j->prefix, prefixlen, j->dad_counter, &new_address->in_addr.in6);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
|
||||||
if (r > 0)
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
if (stableprivate_address_is_valid(&new_address->in_addr.in6)) {
|
||||||
|
have_address = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
} else if (j->address_generation_type == IPV6_TOKEN_ADDRESS_GENERATION_STATIC) {
|
} else if (j->address_generation_type == IPV6_TOKEN_ADDRESS_GENERATION_STATIC) {
|
||||||
new_address = new(struct in6_addr, 1);
|
memcpy(new_address->in_addr.in6.s6_addr + 8, j->prefix.s6_addr + 8, 8);
|
||||||
if (!new_address)
|
have_address = true;
|
||||||
return log_oom();
|
|
||||||
|
|
||||||
memcpy(new_address->s6_addr, address->s6_addr, 8);
|
|
||||||
memcpy(new_address->s6_addr + 8, j->prefix.s6_addr + 8, 8);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (new_address) {
|
if (have_address) {
|
||||||
|
new_address->prefixlen = prefixlen;
|
||||||
|
new_address->flags = IFA_F_NOPREFIXROUTE|IFA_F_MANAGETEMPADDR;
|
||||||
|
new_address->cinfo.ifa_prefered = lifetime_preferred;
|
||||||
|
|
||||||
r = set_put(addresses, new_address);
|
r = set_put(addresses, new_address);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_link_error_errno(link, r, "Failed to store SLAAC address: %m");
|
return log_link_error_errno(link, r, "Failed to store SLAAC address: %m");
|
||||||
else if (r == 0)
|
TAKE_PTR(new_address);
|
||||||
log_link_debug_errno(link, r, "Generated SLAAC address is duplicated, ignoring.");
|
|
||||||
else
|
|
||||||
TAKE_PTR(new_address);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* fall back to EUI-64 if no tokens provided addresses */
|
/* fall back to EUI-64 if no tokens provided addresses */
|
||||||
if (set_isempty(addresses)) {
|
if (set_isempty(addresses)) {
|
||||||
_cleanup_free_ struct in6_addr *new_address = NULL;
|
_cleanup_(address_freep) Address *new_address = NULL;
|
||||||
|
|
||||||
new_address = newdup(struct in6_addr, address, 1);
|
r = address_new(&new_address);
|
||||||
if (!new_address)
|
if (r < 0)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
r = generate_ipv6_eui_64_address(link, new_address);
|
*new_address = *address;
|
||||||
|
|
||||||
|
r = generate_ipv6_eui_64_address(link, &new_address->in_addr.in6);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_link_error_errno(link, r, "Failed to generate EUI64 address: %m");
|
return log_link_error_errno(link, r, "Failed to generate EUI64 address: %m");
|
||||||
|
|
||||||
|
new_address->prefixlen = prefixlen;
|
||||||
|
new_address->flags = IFA_F_NOPREFIXROUTE|IFA_F_MANAGETEMPADDR;
|
||||||
|
new_address->cinfo.ifa_prefered = lifetime_preferred;
|
||||||
|
|
||||||
r = set_put(addresses, new_address);
|
r = set_put(addresses, new_address);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_link_error_errno(link, r, "Failed to store SLAAC address: %m");
|
return log_link_error_errno(link, r, "Failed to store SLAAC address: %m");
|
||||||
|
|
||||||
TAKE_PTR(new_address);
|
TAKE_PTR(new_address);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -318,9 +321,9 @@ static int ndisc_router_process_autonomous_prefix(Link *link, sd_ndisc_router *r
|
|||||||
uint32_t lifetime_valid, lifetime_preferred, lifetime_remaining;
|
uint32_t lifetime_valid, lifetime_preferred, lifetime_remaining;
|
||||||
_cleanup_set_free_free_ Set *addresses = NULL;
|
_cleanup_set_free_free_ Set *addresses = NULL;
|
||||||
_cleanup_(address_freep) Address *address = NULL;
|
_cleanup_(address_freep) Address *address = NULL;
|
||||||
struct in6_addr addr, *a;
|
|
||||||
unsigned prefixlen;
|
unsigned prefixlen;
|
||||||
usec_t time_now;
|
usec_t time_now;
|
||||||
|
Address *a;
|
||||||
Iterator i;
|
Iterator i;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
@ -347,47 +350,41 @@ static int ndisc_router_process_autonomous_prefix(Link *link, sd_ndisc_router *r
|
|||||||
if (lifetime_preferred > lifetime_valid)
|
if (lifetime_preferred > lifetime_valid)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
r = sd_ndisc_router_prefix_get_address(rt, &addr);
|
|
||||||
if (r < 0)
|
|
||||||
return log_link_error_errno(link, r, "Failed to get prefix address: %m");
|
|
||||||
|
|
||||||
r = ndisc_router_generate_addresses(link, &addr, prefixlen, &addresses);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
r = address_new(&address);
|
r = address_new(&address);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
address->family = AF_INET6;
|
address->family = AF_INET6;
|
||||||
address->prefixlen = prefixlen;
|
r = sd_ndisc_router_prefix_get_address(rt, &address->in_addr.in6);
|
||||||
address->flags = IFA_F_NOPREFIXROUTE|IFA_F_MANAGETEMPADDR;
|
if (r < 0)
|
||||||
address->cinfo.ifa_prefered = lifetime_preferred;
|
return log_link_error_errno(link, r, "Failed to get prefix address: %m");
|
||||||
|
|
||||||
|
r = ndisc_router_generate_addresses(link, prefixlen, lifetime_preferred, address, &addresses);
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
SET_FOREACH(a, addresses, i) {
|
SET_FOREACH(a, addresses, i) {
|
||||||
Address *existing_address;
|
Address *existing_address;
|
||||||
|
|
||||||
/* see RFC4862 section 5.5.3.e */
|
/* see RFC4862 section 5.5.3.e */
|
||||||
r = address_get(link, AF_INET6, (union in_addr_union *) a, prefixlen, &existing_address);
|
r = address_get(link, a->family, &a->in_addr, a->prefixlen, &existing_address);
|
||||||
if (r > 0) {
|
if (r > 0) {
|
||||||
lifetime_remaining = existing_address->cinfo.tstamp / 100 + existing_address->cinfo.ifa_valid - time_now / USEC_PER_SEC;
|
lifetime_remaining = existing_address->cinfo.tstamp / 100 + existing_address->cinfo.ifa_valid - time_now / USEC_PER_SEC;
|
||||||
if (lifetime_valid > NDISC_PREFIX_LFT_MIN || lifetime_valid > lifetime_remaining)
|
if (lifetime_valid > NDISC_PREFIX_LFT_MIN || lifetime_valid > lifetime_remaining)
|
||||||
address->cinfo.ifa_valid = lifetime_valid;
|
a->cinfo.ifa_valid = lifetime_valid;
|
||||||
else if (lifetime_remaining <= NDISC_PREFIX_LFT_MIN)
|
else if (lifetime_remaining <= NDISC_PREFIX_LFT_MIN)
|
||||||
address->cinfo.ifa_valid = lifetime_remaining;
|
a->cinfo.ifa_valid = lifetime_remaining;
|
||||||
else
|
else
|
||||||
address->cinfo.ifa_valid = NDISC_PREFIX_LFT_MIN;
|
a->cinfo.ifa_valid = NDISC_PREFIX_LFT_MIN;
|
||||||
} else if (lifetime_valid > 0)
|
} else if (lifetime_valid > 0)
|
||||||
address->cinfo.ifa_valid = lifetime_valid;
|
a->cinfo.ifa_valid = lifetime_valid;
|
||||||
else
|
else
|
||||||
continue; /* see RFC4862 section 5.5.3.d */
|
continue; /* see RFC4862 section 5.5.3.d */
|
||||||
|
|
||||||
if (address->cinfo.ifa_valid == 0)
|
if (a->cinfo.ifa_valid == 0)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
address->in_addr.in6 = *a;
|
r = address_configure(a, link, ndisc_address_handler, true);
|
||||||
|
|
||||||
r = address_configure(address, link, ndisc_address_handler, true);
|
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_link_error_errno(link, r, "Could not set SLAAC address: %m");
|
return log_link_error_errno(link, r, "Could not set SLAAC address: %m");
|
||||||
if (r > 0)
|
if (r > 0)
|
||||||
@ -580,7 +577,7 @@ static int ndisc_router_process_rdnss(Link *link, sd_ndisc_router *rt) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
static void ndisc_dnssl_hash_func(const NDiscDNSSL *x, struct siphash *state) {
|
static void ndisc_dnssl_hash_func(const NDiscDNSSL *x, struct siphash *state) {
|
||||||
siphash24_compress_string(NDISC_DNSSL_DOMAIN(x), state);
|
siphash24_compress(NDISC_DNSSL_DOMAIN(x), strlen(NDISC_DNSSL_DOMAIN(x)), state);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ndisc_dnssl_compare_func(const NDiscDNSSL *a, const NDiscDNSSL *b) {
|
static int ndisc_dnssl_compare_func(const NDiscDNSSL *a, const NDiscDNSSL *b) {
|
||||||
@ -907,26 +904,12 @@ int ipv6token_new(IPv6Token **ret) {
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void ipv6_token_hash_func(const IPv6Token *p, struct siphash *state) {
|
DEFINE_HASH_OPS_WITH_VALUE_DESTRUCTOR(
|
||||||
siphash24_compress(&p->address_generation_type, sizeof(p->address_generation_type), state);
|
|
||||||
siphash24_compress(&p->prefix, sizeof(p->prefix), state);
|
|
||||||
}
|
|
||||||
|
|
||||||
static int ipv6_token_compare_func(const IPv6Token *a, const IPv6Token *b) {
|
|
||||||
int r;
|
|
||||||
|
|
||||||
r = CMP(a->address_generation_type, b->address_generation_type);
|
|
||||||
if (r != 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
return memcmp(&a->prefix, &b->prefix, sizeof(struct in6_addr));
|
|
||||||
}
|
|
||||||
|
|
||||||
DEFINE_HASH_OPS_WITH_KEY_DESTRUCTOR(
|
|
||||||
ipv6_token_hash_ops,
|
ipv6_token_hash_ops,
|
||||||
|
void,
|
||||||
|
trivial_hash_func,
|
||||||
|
trivial_compare_func,
|
||||||
IPv6Token,
|
IPv6Token,
|
||||||
ipv6_token_hash_func,
|
|
||||||
ipv6_token_compare_func,
|
|
||||||
free);
|
free);
|
||||||
|
|
||||||
int config_parse_ndisc_deny_listed_prefix(
|
int config_parse_ndisc_deny_listed_prefix(
|
||||||
@ -1016,7 +999,7 @@ int config_parse_address_generation_type(
|
|||||||
assert(data);
|
assert(data);
|
||||||
|
|
||||||
if (isempty(rvalue)) {
|
if (isempty(rvalue)) {
|
||||||
network->ipv6_tokens = ordered_set_free(network->ipv6_tokens);
|
network->ipv6_tokens = ordered_hashmap_free(network->ipv6_tokens);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1048,19 +1031,18 @@ int config_parse_address_generation_type(
|
|||||||
|
|
||||||
token->prefix = buffer.in6;
|
token->prefix = buffer.in6;
|
||||||
|
|
||||||
r = ordered_set_ensure_allocated(&network->ipv6_tokens, &ipv6_token_hash_ops);
|
r = ordered_hashmap_ensure_allocated(&network->ipv6_tokens, &ipv6_token_hash_ops);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
r = ordered_set_put(network->ipv6_tokens, token);
|
r = ordered_hashmap_put(network->ipv6_tokens, &token->prefix, token);
|
||||||
if (r == -EEXIST)
|
if (r < 0) {
|
||||||
log_syntax(unit, LOG_DEBUG, filename, line, r,
|
|
||||||
"IPv6 token '%s' is duplicated, ignoring: %m", rvalue);
|
|
||||||
else if (r < 0)
|
|
||||||
log_syntax(unit, LOG_WARNING, filename, line, r,
|
log_syntax(unit, LOG_WARNING, filename, line, r,
|
||||||
"Failed to store IPv6 token '%s', ignoring: %m", rvalue);
|
"Failed to store IPv6 token '%s'", rvalue);
|
||||||
else
|
return 0;
|
||||||
TAKE_PTR(token);
|
}
|
||||||
|
|
||||||
|
TAKE_PTR(token);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -763,7 +763,7 @@ static Network *network_free(Network *network) {
|
|||||||
ordered_hashmap_free(network->dhcp_client_send_vendor_options);
|
ordered_hashmap_free(network->dhcp_client_send_vendor_options);
|
||||||
ordered_hashmap_free(network->dhcp_server_send_options);
|
ordered_hashmap_free(network->dhcp_server_send_options);
|
||||||
ordered_hashmap_free(network->dhcp_server_send_vendor_options);
|
ordered_hashmap_free(network->dhcp_server_send_vendor_options);
|
||||||
ordered_set_free(network->ipv6_tokens);
|
ordered_hashmap_free(network->ipv6_tokens);
|
||||||
ordered_hashmap_free(network->dhcp6_client_send_options);
|
ordered_hashmap_free(network->dhcp6_client_send_options);
|
||||||
ordered_hashmap_free(network->dhcp6_client_send_vendor_options);
|
ordered_hashmap_free(network->dhcp6_client_send_vendor_options);
|
||||||
|
|
||||||
|
|||||||
@ -255,7 +255,7 @@ struct Network {
|
|||||||
IPv6AcceptRAStartDHCP6Client ipv6_accept_ra_start_dhcp6_client;
|
IPv6AcceptRAStartDHCP6Client ipv6_accept_ra_start_dhcp6_client;
|
||||||
uint32_t ipv6_accept_ra_route_table;
|
uint32_t ipv6_accept_ra_route_table;
|
||||||
Set *ndisc_deny_listed_prefix;
|
Set *ndisc_deny_listed_prefix;
|
||||||
OrderedSet *ipv6_tokens;
|
OrderedHashmap *ipv6_tokens;
|
||||||
|
|
||||||
IPv6PrivacyExtensions ipv6_privacy_extensions;
|
IPv6PrivacyExtensions ipv6_privacy_extensions;
|
||||||
|
|
||||||
|
|||||||
@ -132,8 +132,11 @@ static void routing_policy_rule_hash_func(const RoutingPolicyRule *rule, struct
|
|||||||
siphash24_compress(&rule->dport, sizeof(rule->dport), state);
|
siphash24_compress(&rule->dport, sizeof(rule->dport), state);
|
||||||
siphash24_compress(&rule->uid_range, sizeof(rule->uid_range), state);
|
siphash24_compress(&rule->uid_range, sizeof(rule->uid_range), state);
|
||||||
|
|
||||||
siphash24_compress_string(rule->iif, state);
|
if (rule->iif)
|
||||||
siphash24_compress_string(rule->oif, state);
|
siphash24_compress(rule->iif, strlen(rule->iif), state);
|
||||||
|
|
||||||
|
if (rule->oif)
|
||||||
|
siphash24_compress(rule->oif, strlen(rule->oif), state);
|
||||||
|
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
|||||||
@ -117,7 +117,7 @@ int kernel_route_expiration_supported(void) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
static void network_config_hash_func(const NetworkConfigSection *c, struct siphash *state) {
|
static void network_config_hash_func(const NetworkConfigSection *c, struct siphash *state) {
|
||||||
siphash24_compress_string(c->filename, state);
|
siphash24_compress(c->filename, strlen(c->filename), state);
|
||||||
siphash24_compress(&c->line, sizeof(c->line), state);
|
siphash24_compress(&c->line, sizeof(c->line), state);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -2977,21 +2977,14 @@ static int inner_child(
|
|||||||
|
|
||||||
/* Wait until the parent wrote the UID map */
|
/* Wait until the parent wrote the UID map */
|
||||||
if (!barrier_place_and_sync(barrier)) /* #2 */
|
if (!barrier_place_and_sync(barrier)) /* #2 */
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(ESRCH), "Parent died too early");
|
return log_error_errno(SYNTHETIC_ERRNO(ESRCH),
|
||||||
|
"Parent died too early");
|
||||||
/* Become the new root user inside our namespace */
|
|
||||||
r = reset_uid_gid();
|
|
||||||
if (r < 0)
|
|
||||||
return log_error_errno(r, "Couldn't become new root: %m");
|
|
||||||
|
|
||||||
/* Creating a new user namespace means all MS_SHARED mounts become MS_SLAVE. Let's put them
|
|
||||||
* back to MS_SHARED here, since that's what we want as defaults. (This will not reconnect
|
|
||||||
* propagation, but simply create new peer groups for all our mounts). */
|
|
||||||
r = mount_verbose(LOG_ERR, NULL, "/", NULL, MS_SHARED|MS_REC, NULL);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
r = reset_uid_gid();
|
||||||
|
if (r < 0)
|
||||||
|
return log_error_errno(r, "Couldn't become new root: %m");
|
||||||
|
|
||||||
r = mount_all(NULL,
|
r = mount_all(NULL,
|
||||||
arg_mount_settings | MOUNT_IN_USERNS,
|
arg_mount_settings | MOUNT_IN_USERNS,
|
||||||
arg_uid_shift,
|
arg_uid_shift,
|
||||||
@ -3357,8 +3350,9 @@ static int outer_child(
|
|||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
/* Mark everything as slave, so that we still receive mounts from the real root, but don't propagate
|
/* Mark everything as slave, so that we still
|
||||||
* mounts to the real root. */
|
* receive mounts from the real root, but don't
|
||||||
|
* propagate mounts to the real root. */
|
||||||
r = mount_verbose(LOG_ERR, NULL, "/", NULL, MS_SLAVE|MS_REC, NULL);
|
r = mount_verbose(LOG_ERR, NULL, "/", NULL, MS_SLAVE|MS_REC, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
@ -3604,8 +3598,9 @@ static int outer_child(
|
|||||||
notify_socket = safe_close(notify_socket);
|
notify_socket = safe_close(notify_socket);
|
||||||
uid_shift_socket = safe_close(uid_shift_socket);
|
uid_shift_socket = safe_close(uid_shift_socket);
|
||||||
|
|
||||||
/* The inner child has all namespaces that are requested, so that we all are owned by the
|
/* The inner child has all namespaces that are
|
||||||
* user if user namespaces are turned on. */
|
* requested, so that we all are owned by the user if
|
||||||
|
* user namespaces are turned on. */
|
||||||
|
|
||||||
if (arg_network_namespace_path) {
|
if (arg_network_namespace_path) {
|
||||||
r = namespace_enter(-1, -1, netns_fd, -1, -1);
|
r = namespace_enter(-1, -1, netns_fd, -1, -1);
|
||||||
|
|||||||
@ -627,7 +627,8 @@ static void dns_server_hash_func(const DnsServer *s, struct siphash *state) {
|
|||||||
siphash24_compress(&s->address, FAMILY_ADDRESS_SIZE(s->family), state);
|
siphash24_compress(&s->address, FAMILY_ADDRESS_SIZE(s->family), state);
|
||||||
siphash24_compress(&s->port, sizeof(s->port), state);
|
siphash24_compress(&s->port, sizeof(s->port), state);
|
||||||
siphash24_compress(&s->ifindex, sizeof(s->ifindex), state);
|
siphash24_compress(&s->ifindex, sizeof(s->ifindex), state);
|
||||||
siphash24_compress_string(s->server_name, state);
|
if (s->server_name)
|
||||||
|
siphash24_compress(s->server_name, strlen(s->server_name), state);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int dns_server_compare_func(const DnsServer *x, const DnsServer *y) {
|
static int dns_server_compare_func(const DnsServer *x, const DnsServer *y) {
|
||||||
|
|||||||
@ -7,8 +7,6 @@
|
|||||||
#include "strv.h"
|
#include "strv.h"
|
||||||
|
|
||||||
static void test_set_steal_first(void) {
|
static void test_set_steal_first(void) {
|
||||||
log_info("/* %s */", __func__);
|
|
||||||
|
|
||||||
_cleanup_ordered_set_free_ OrderedSet *m = NULL;
|
_cleanup_ordered_set_free_ OrderedSet *m = NULL;
|
||||||
int seen[3] = {};
|
int seen[3] = {};
|
||||||
char *val;
|
char *val;
|
||||||
@ -44,18 +42,12 @@ DEFINE_PRIVATE_HASH_OPS_WITH_VALUE_DESTRUCTOR(item_hash_ops, void, trivial_hash_
|
|||||||
static void test_set_free_with_hash_ops(void) {
|
static void test_set_free_with_hash_ops(void) {
|
||||||
OrderedSet *m;
|
OrderedSet *m;
|
||||||
struct Item items[4] = {};
|
struct Item items[4] = {};
|
||||||
|
unsigned i;
|
||||||
log_info("/* %s */", __func__);
|
|
||||||
|
|
||||||
assert_se(m = ordered_set_new(&item_hash_ops));
|
assert_se(m = ordered_set_new(&item_hash_ops));
|
||||||
|
for (i = 0; i < ELEMENTSOF(items) - 1; i++)
|
||||||
for (size_t i = 0; i < ELEMENTSOF(items) - 1; i++)
|
|
||||||
assert_se(ordered_set_put(m, items + i) == 1);
|
assert_se(ordered_set_put(m, items + i) == 1);
|
||||||
|
|
||||||
for (size_t i = 0; i < ELEMENTSOF(items) - 1; i++)
|
|
||||||
assert_se(ordered_set_put(m, items + i) == 0); /* We get 0 here, because we use trivial hash
|
|
||||||
* ops. Also see below... */
|
|
||||||
|
|
||||||
m = ordered_set_free(m);
|
m = ordered_set_free(m);
|
||||||
assert_se(items[0].seen == 1);
|
assert_se(items[0].seen == 1);
|
||||||
assert_se(items[1].seen == 1);
|
assert_se(items[1].seen == 1);
|
||||||
@ -65,9 +57,7 @@ static void test_set_free_with_hash_ops(void) {
|
|||||||
|
|
||||||
static void test_set_put(void) {
|
static void test_set_put(void) {
|
||||||
_cleanup_ordered_set_free_ OrderedSet *m = NULL;
|
_cleanup_ordered_set_free_ OrderedSet *m = NULL;
|
||||||
_cleanup_free_ char **t = NULL, *str = NULL;
|
_cleanup_free_ char **t = NULL;
|
||||||
|
|
||||||
log_info("/* %s */", __func__);
|
|
||||||
|
|
||||||
m = ordered_set_new(&string_hash_ops);
|
m = ordered_set_new(&string_hash_ops);
|
||||||
assert_se(m);
|
assert_se(m);
|
||||||
@ -81,10 +71,6 @@ static void test_set_put(void) {
|
|||||||
assert_se(ordered_set_put(m, (void*) "333") == 0);
|
assert_se(ordered_set_put(m, (void*) "333") == 0);
|
||||||
assert_se(ordered_set_put(m, (void*) "22") == 0);
|
assert_se(ordered_set_put(m, (void*) "22") == 0);
|
||||||
|
|
||||||
assert_se(str = strdup("333"));
|
|
||||||
assert_se(ordered_set_put(m, str) == -EEXIST); /* ... and we get -EEXIST here, because we use
|
|
||||||
* non-trivial hash ops. */
|
|
||||||
|
|
||||||
assert_se(t = ordered_set_get_strv(m));
|
assert_se(t = ordered_set_get_strv(m));
|
||||||
assert_se(streq(t[0], "1"));
|
assert_se(streq(t[0], "1"));
|
||||||
assert_se(streq(t[1], "22"));
|
assert_se(streq(t[1], "22"));
|
||||||
@ -100,8 +86,6 @@ static void test_set_put_string_set(void) {
|
|||||||
_cleanup_free_ char **final = NULL; /* "just free" because the strings are in the set */
|
_cleanup_free_ char **final = NULL; /* "just free" because the strings are in the set */
|
||||||
void *t;
|
void *t;
|
||||||
|
|
||||||
log_info("/* %s */", __func__);
|
|
||||||
|
|
||||||
m = ordered_set_new(&string_hash_ops);
|
m = ordered_set_new(&string_hash_ops);
|
||||||
assert_se(m);
|
assert_se(m);
|
||||||
|
|
||||||
|
|||||||
@ -4,6 +4,4 @@ Name=veth99
|
|||||||
[Network]
|
[Network]
|
||||||
IPv6AcceptRA=true
|
IPv6AcceptRA=true
|
||||||
IPv6Token=::1a:2b:3c:4d
|
IPv6Token=::1a:2b:3c:4d
|
||||||
IPv6Token=::1a:2b:3c:4d
|
|
||||||
IPv6Token=::1a:2b:3c:4d
|
|
||||||
IPv6Token=::fa:de:ca:fe
|
IPv6Token=::fa:de:ca:fe
|
||||||
|
|||||||
@ -2592,9 +2592,7 @@ class NetworkdStateFileTests(unittest.TestCase, Utilities):
|
|||||||
|
|
||||||
path = os.path.join('/run/systemd/netif/links/', ifindex)
|
path = os.path.join('/run/systemd/netif/links/', ifindex)
|
||||||
self.assertTrue(os.path.exists(path))
|
self.assertTrue(os.path.exists(path))
|
||||||
|
time.sleep(2)
|
||||||
# make link state file updated
|
|
||||||
check_output(*resolvectl_cmd, 'revert', 'dummy98', env=env)
|
|
||||||
|
|
||||||
with open(path) as f:
|
with open(path) as f:
|
||||||
data = f.read()
|
data = f.read()
|
||||||
@ -2618,6 +2616,7 @@ class NetworkdStateFileTests(unittest.TestCase, Utilities):
|
|||||||
check_output(*resolvectl_cmd, 'mdns', 'dummy98', 'no', env=env)
|
check_output(*resolvectl_cmd, 'mdns', 'dummy98', 'no', env=env)
|
||||||
check_output(*resolvectl_cmd, 'dnssec', 'dummy98', 'yes', env=env)
|
check_output(*resolvectl_cmd, 'dnssec', 'dummy98', 'yes', env=env)
|
||||||
check_output(*timedatectl_cmd, 'ntp-servers', 'dummy98', '2.fedora.pool.ntp.org', '3.fedora.pool.ntp.org', env=env)
|
check_output(*timedatectl_cmd, 'ntp-servers', 'dummy98', '2.fedora.pool.ntp.org', '3.fedora.pool.ntp.org', env=env)
|
||||||
|
time.sleep(2)
|
||||||
|
|
||||||
with open(path) as f:
|
with open(path) as f:
|
||||||
data = f.read()
|
data = f.read()
|
||||||
@ -2630,6 +2629,7 @@ class NetworkdStateFileTests(unittest.TestCase, Utilities):
|
|||||||
self.assertRegex(data, r'DNSSEC=yes')
|
self.assertRegex(data, r'DNSSEC=yes')
|
||||||
|
|
||||||
check_output(*timedatectl_cmd, 'revert', 'dummy98', env=env)
|
check_output(*timedatectl_cmd, 'revert', 'dummy98', env=env)
|
||||||
|
time.sleep(2)
|
||||||
|
|
||||||
with open(path) as f:
|
with open(path) as f:
|
||||||
data = f.read()
|
data = f.read()
|
||||||
@ -2642,6 +2642,7 @@ class NetworkdStateFileTests(unittest.TestCase, Utilities):
|
|||||||
self.assertRegex(data, r'DNSSEC=yes')
|
self.assertRegex(data, r'DNSSEC=yes')
|
||||||
|
|
||||||
check_output(*resolvectl_cmd, 'revert', 'dummy98', env=env)
|
check_output(*resolvectl_cmd, 'revert', 'dummy98', env=env)
|
||||||
|
time.sleep(2)
|
||||||
|
|
||||||
with open(path) as f:
|
with open(path) as f:
|
||||||
data = f.read()
|
data = f.read()
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user