diff options
Diffstat (limited to 'src/shared/local-addresses.c')
-rw-r--r-- | src/shared/local-addresses.c | 322 |
1 files changed, 234 insertions, 88 deletions
diff --git a/src/shared/local-addresses.c b/src/shared/local-addresses.c index a1577de..5d5435f 100644 --- a/src/shared/local-addresses.c +++ b/src/shared/local-addresses.c @@ -25,7 +25,11 @@ static int address_compare(const struct local_address *a, const struct local_add if (r != 0) return r; - r = CMP(a->metric, b->metric); + r = CMP(a->priority, b->priority); + if (r != 0) + return r; + + r = CMP(a->weight, b->weight); if (r != 0) return r; @@ -36,6 +40,17 @@ static int address_compare(const struct local_address *a, const struct local_add return memcmp(&a->address, &b->address, FAMILY_ADDRESS_SIZE(a->family)); } +bool has_local_address(const struct local_address *addresses, size_t n_addresses, const struct local_address *needle) { + assert(addresses || n_addresses == 0); + assert(needle); + + for (size_t i = 0; i < n_addresses; i++) + if (address_compare(addresses + i, needle) == 0) + return true; + + return false; +} + static void suppress_duplicates(struct local_address *list, size_t *n_list) { size_t old_size, new_size; @@ -58,6 +73,48 @@ static void suppress_duplicates(struct local_address *list, size_t *n_list) { *n_list = new_size; } +static int add_local_address_full( + struct local_address **list, + size_t *n_list, + int ifindex, + unsigned char scope, + uint32_t priority, + uint32_t weight, + int family, + const union in_addr_union *address) { + + assert(list); + assert(n_list); + assert(ifindex > 0); + assert(IN_SET(family, AF_INET, AF_INET6)); + assert(address); + + if (!GREEDY_REALLOC(*list, *n_list + 1)) + return -ENOMEM; + + (*list)[(*n_list)++] = (struct local_address) { + .ifindex = ifindex, + .scope = scope, + .priority = priority, + .weight = weight, + .family = family, + .address = *address, + }; + + return 1; +} + +static int add_local_address( + struct local_address **list, + size_t *n_list, + int ifindex, + unsigned char scope, + int family, + const union in_addr_union *address) { + + return add_local_address_full(list, n_list, ifindex, scope, 0, 0, family, address); +} + int local_addresses( sd_netlink *context, int ifindex, @@ -91,8 +148,8 @@ int local_addresses( return r; for (sd_netlink_message *m = reply; m; m = sd_netlink_message_next(m)) { - struct local_address *a; - unsigned char flags; + union in_addr_union a; + unsigned char flags, scope; uint16_t type; int ifi, family; @@ -115,62 +172,58 @@ int local_addresses( r = sd_rtnl_message_addr_get_family(m, &family); if (r < 0) return r; + if (!IN_SET(family, AF_INET, AF_INET6)) + continue; if (af != AF_UNSPEC && af != family) continue; r = sd_rtnl_message_addr_get_flags(m, &flags); if (r < 0) return r; - if (flags & IFA_F_DEPRECATED) + if ((flags & (IFA_F_DEPRECATED|IFA_F_TENTATIVE)) != 0) continue; - if (!GREEDY_REALLOC0(list, n_list+1)) - return -ENOMEM; - - a = list + n_list; - - r = sd_rtnl_message_addr_get_scope(m, &a->scope); + r = sd_rtnl_message_addr_get_scope(m, &scope); if (r < 0) return r; - if (ifindex == 0 && IN_SET(a->scope, RT_SCOPE_HOST, RT_SCOPE_NOWHERE)) + if (ifindex == 0 && IN_SET(scope, RT_SCOPE_HOST, RT_SCOPE_NOWHERE)) continue; switch (family) { case AF_INET: - r = sd_netlink_message_read_in_addr(m, IFA_LOCAL, &a->address.in); + r = sd_netlink_message_read_in_addr(m, IFA_LOCAL, &a.in); if (r < 0) { - r = sd_netlink_message_read_in_addr(m, IFA_ADDRESS, &a->address.in); + r = sd_netlink_message_read_in_addr(m, IFA_ADDRESS, &a.in); if (r < 0) continue; } break; case AF_INET6: - r = sd_netlink_message_read_in6_addr(m, IFA_LOCAL, &a->address.in6); + r = sd_netlink_message_read_in6_addr(m, IFA_LOCAL, &a.in6); if (r < 0) { - r = sd_netlink_message_read_in6_addr(m, IFA_ADDRESS, &a->address.in6); + r = sd_netlink_message_read_in6_addr(m, IFA_ADDRESS, &a.in6); if (r < 0) continue; } break; default: - continue; + assert_not_reached(); } - a->ifindex = ifi; - a->family = family; - - n_list++; + r = add_local_address(&list, &n_list, ifi, scope, family, &a); + if (r < 0) + return r; }; - if (ret) { - typesafe_qsort(list, n_list, address_compare); - suppress_duplicates(list, &n_list); + typesafe_qsort(list, n_list, address_compare); + suppress_duplicates(list, &n_list); + + if (ret) *ret = TAKE_PTR(list); - } return (int) n_list; } @@ -178,27 +231,117 @@ int local_addresses( static int add_local_gateway( struct local_address **list, size_t *n_list, - int af, int ifindex, - uint32_t metric, - const RouteVia *via) { + uint32_t priority, + uint32_t weight, + int family, + const union in_addr_union *address) { + + return add_local_address_full(list, n_list, ifindex, 0, priority, weight, family, address); +} + +static int parse_nexthop_one( + struct local_address **list, + size_t *n_list, + bool allow_via, + int family, + uint32_t priority, + const struct rtnexthop *rtnh) { + + bool has_gw = false; + int r; + + assert(rtnh); + + size_t len = rtnh->rtnh_len - sizeof(struct rtnexthop); + for (struct rtattr *attr = RTNH_DATA(rtnh); RTA_OK(attr, len); attr = RTA_NEXT(attr, len)) + + switch (attr->rta_type) { + case RTA_GATEWAY: + if (has_gw) + return -EBADMSG; + + has_gw = true; + + if (attr->rta_len != RTA_LENGTH(FAMILY_ADDRESS_SIZE(family))) + return -EBADMSG; + + union in_addr_union a; + memcpy(&a, RTA_DATA(attr), FAMILY_ADDRESS_SIZE(family)); + r = add_local_gateway(list, n_list, rtnh->rtnh_ifindex, priority, rtnh->rtnh_hops, family, &a); + if (r < 0) + return r; + + break; + + case RTA_VIA: + if (has_gw) + return -EBADMSG; + + has_gw = true; + + if (!allow_via) + continue; + + if (family != AF_INET) + return -EBADMSG; /* RTA_VIA is only supported for IPv4 routes. */ + + if (attr->rta_len != RTA_LENGTH(sizeof(RouteVia))) + return -EBADMSG; + + RouteVia *via = RTA_DATA(attr); + if (via->family != AF_INET6) + return -EBADMSG; /* gateway address should be always IPv6. */ + + r = add_local_gateway(list, n_list, rtnh->rtnh_ifindex, priority, rtnh->rtnh_hops, via->family, + &(union in_addr_union) { .in6 = via->address.in6 }); + if (r < 0) + return r; + + break; + } + + return 0; +} + +static int parse_nexthops( + struct local_address **list, + size_t *n_list, + int ifindex, + bool allow_via, + int family, + uint32_t priority, + const struct rtnexthop *rtnh, + size_t size) { + + int r; assert(list); assert(n_list); - assert(via); + assert(IN_SET(family, AF_INET, AF_INET6)); + assert(rtnh || size == 0); - if (af != AF_UNSPEC && af != via->family) - return 0; + if (size < sizeof(struct rtnexthop)) + return -EBADMSG; - if (!GREEDY_REALLOC(*list, *n_list + 1)) - return -ENOMEM; + for (; size >= sizeof(struct rtnexthop); ) { + if (NLMSG_ALIGN(rtnh->rtnh_len) > size) + return -EBADMSG; - (*list)[(*n_list)++] = (struct local_address) { - .ifindex = ifindex, - .metric = metric, - .family = via->family, - .address = via->address, - }; + if (rtnh->rtnh_len < sizeof(struct rtnexthop)) + return -EBADMSG; + + if (ifindex > 0 && rtnh->rtnh_ifindex != ifindex) + goto next_nexthop; + + r = parse_nexthop_one(list, n_list, allow_via, family, priority, rtnh); + if (r < 0) + return r; + + next_nexthop: + size -= NLMSG_ALIGN(rtnh->rtnh_len); + rtnh = RTNH_NEXT(rtnh); + } return 0; } @@ -215,6 +358,12 @@ int local_gateways( size_t n_list = 0; int r; + /* The RTA_VIA attribute is used only for IPv4 routes with an IPv6 gateway. If IPv4 gateways are + * requested (af == AF_INET), then we do not return IPv6 gateway addresses. Similarly, if IPv6 + * gateways are requested (af == AF_INET6), then we do not return gateway addresses for IPv4 routes. + * So, the RTA_VIA attribute is only parsed when af == AF_UNSPEC. */ + bool allow_via = af == AF_UNSPEC; + if (context) rtnl = sd_netlink_ref(context); else { @@ -244,15 +393,10 @@ int local_gateways( return r; for (sd_netlink_message *m = reply; m; m = sd_netlink_message_next(m)) { - _cleanup_ordered_set_free_free_ OrderedSet *multipath_routes = NULL; - _cleanup_free_ void *rta_multipath = NULL; - union in_addr_union gateway; uint16_t type; unsigned char dst_len, src_len, table; - uint32_t ifi = 0, metric = 0; - size_t rta_len; + uint32_t ifi = 0, priority = 0; int family; - RouteVia via; r = sd_netlink_message_get_errno(m); if (r < 0) @@ -283,7 +427,7 @@ int local_gateways( if (table != RT_TABLE_MAIN) continue; - r = sd_netlink_message_read_u32(m, RTA_PRIORITY, &metric); + r = sd_netlink_message_read_u32(m, RTA_PRIORITY, &priority); if (r < 0 && r != -ENODATA) return r; @@ -292,6 +436,8 @@ int local_gateways( return r; if (!IN_SET(family, AF_INET, AF_INET6)) continue; + if (af != AF_UNSPEC && af != family) + continue; r = sd_netlink_message_read_u32(m, RTA_OIF, &ifi); if (r < 0 && r != -ENODATA) @@ -302,64 +448,73 @@ int local_gateways( if (ifindex > 0 && (int) ifi != ifindex) continue; + union in_addr_union gateway; r = netlink_message_read_in_addr_union(m, RTA_GATEWAY, family, &gateway); if (r < 0 && r != -ENODATA) return r; if (r >= 0) { - via.family = family; - via.address = gateway; - r = add_local_gateway(&list, &n_list, af, ifi, metric, &via); + r = add_local_gateway(&list, &n_list, ifi, priority, 0, family, &gateway); if (r < 0) return r; continue; } + if (!allow_via) + continue; + if (family != AF_INET) continue; + RouteVia via; r = sd_netlink_message_read(m, RTA_VIA, sizeof(via), &via); if (r < 0 && r != -ENODATA) return r; if (r >= 0) { - r = add_local_gateway(&list, &n_list, af, ifi, metric, &via); + if (via.family != AF_INET6) + return -EBADMSG; + + r = add_local_gateway(&list, &n_list, ifi, priority, 0, via.family, + &(union in_addr_union) { .in6 = via.address.in6 }); if (r < 0) return r; - - continue; } + + /* If the route has RTA_OIF, it does not have RTA_MULTIPATH. */ + continue; } + size_t rta_len; + _cleanup_free_ void *rta_multipath = NULL; r = sd_netlink_message_read_data(m, RTA_MULTIPATH, &rta_len, &rta_multipath); if (r < 0 && r != -ENODATA) return r; if (r >= 0) { - MultipathRoute *mr; - - r = rtattr_read_nexthop(rta_multipath, rta_len, family, &multipath_routes); + r = parse_nexthops(&list, &n_list, ifindex, allow_via, family, priority, rta_multipath, rta_len); if (r < 0) return r; - - ORDERED_SET_FOREACH(mr, multipath_routes) { - if (ifindex > 0 && mr->ifindex != ifindex) - continue; - - r = add_local_gateway(&list, &n_list, af, ifi, metric, &mr->gateway); - if (r < 0) - return r; - } } } - if (ret) { - typesafe_qsort(list, n_list, address_compare); - suppress_duplicates(list, &n_list); + typesafe_qsort(list, n_list, address_compare); + suppress_duplicates(list, &n_list); + + if (ret) *ret = TAKE_PTR(list); - } return (int) n_list; } +static int add_local_outbound( + struct local_address **list, + size_t *n_list, + int ifindex, + int family, + const union in_addr_union *address) { + + return add_local_address_full(list, n_list, ifindex, 0, 0, 0, family, address); +} + int local_outbounds( sd_netlink *context, int ifindex, @@ -466,29 +621,20 @@ int local_outbounds( if (in4_addr_is_null(&sa.in.sin_addr)) /* Auto-binding didn't work. :-( */ continue; - if (!GREEDY_REALLOC(list, n_list+1)) - return -ENOMEM; - - list[n_list++] = (struct local_address) { - .family = gateways[i].family, - .ifindex = gateways[i].ifindex, - .address.in = sa.in.sin_addr, - }; - + r = add_local_outbound(&list, &n_list, gateways[i].ifindex, gateways[i].family, + &(union in_addr_union) { .in = sa.in.sin_addr }); + if (r < 0) + return r; break; case AF_INET6: if (in6_addr_is_null(&sa.in6.sin6_addr)) continue; - if (!GREEDY_REALLOC(list, n_list+1)) - return -ENOMEM; - - list[n_list++] = (struct local_address) { - .family = gateways[i].family, - .ifindex = gateways[i].ifindex, - .address.in6 = sa.in6.sin6_addr, - }; + r = add_local_outbound(&list, &n_list, gateways[i].ifindex, gateways[i].family, + &(union in_addr_union) { .in6 = sa.in6.sin6_addr }); + if (r < 0) + return r; break; default: @@ -496,11 +642,11 @@ int local_outbounds( } } - if (ret) { - typesafe_qsort(list, n_list, address_compare); - suppress_duplicates(list, &n_list); + typesafe_qsort(list, n_list, address_compare); + suppress_duplicates(list, &n_list); + + if (ret) *ret = TAKE_PTR(list); - } return (int) n_list; } |