diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-11-18 17:11:12 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-11-21 22:58:26 +0100 |
commit | 49ad68298a1c244b6acffff28e7648d803a57563 (patch) | |
tree | e8792ea6e883c02a2f9dbd365c7b02c6675bb12e | |
parent | a380b2d4c6615384c562e6f1dda48ee703498bf0 (diff) |
networkd: do not automatically propagate bogus DNS/NTP servers
Never propagate DNS/NTP servers on the local link via the DHCP server. The
DNS/NTP servers 0.0.0.0 and 127.0.0.1 only make sense in the local context,
hence never propagate them automatically to other hosts.
Fixes: #4524
-rw-r--r-- | src/network/networkd-link.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 216f4aab52..b38eec1ba7 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -862,15 +862,22 @@ static int link_push_uplink_dns_to_dhcp_server(Link *link, sd_dhcp_server *s) { return 0; for (i = 0; i < link->network->n_dns; i++) { + struct in_addr ia; /* Only look for IPv4 addresses */ if (link->network->dns[i].family != AF_INET) continue; + ia = link->network->dns[i].address.in; + + /* Never propagate obviously borked data */ + if (in4_addr_is_null(&ia) || in4_addr_is_localhost(&ia)) + continue; + if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + 1)) return log_oom(); - addresses[n_addresses++] = link->network->dns[i].address.in; + addresses[n_addresses++] = ia; } if (link->network->dhcp_use_dns && link->dhcp_lease) { @@ -911,6 +918,10 @@ static int link_push_uplink_ntp_to_dhcp_server(Link *link, sd_dhcp_server *s) { if (inet_pton(AF_INET, *a, &ia) <= 0) continue; + /* Never propagate obviously borked data */ + if (in4_addr_is_null(&ia) || in4_addr_is_localhost(&ia)) + continue; + if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + 1)) return log_oom(); |