From 40a922d055075b921cca060658b5b22608a36c58 Mon Sep 17 00:00:00 2001 From: Zbigniew Jędrzejewski-Szmek Date: Fri, 2 Dec 2016 13:24:30 -0500 Subject: networkd: use log_netdev_error in a two more places --- src/network/netdev/tunnel.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'src/network/netdev') diff --git a/src/network/netdev/tunnel.c b/src/network/netdev/tunnel.c index b03e770061..b1f1b5a425 100644 --- a/src/network/netdev/tunnel.c +++ b/src/network/netdev/tunnel.c @@ -397,16 +397,17 @@ static int netdev_tunnel_verify(NetDev *netdev, const char *filename) { assert(t); - if (t->family != AF_INET && t->family != AF_INET6 && t->family != 0) { - log_warning("Tunnel with invalid address family configured in %s. Ignoring", filename); + if (!IN_SET(t->family, AF_INET, AF_INET6, AF_UNSPEC)) { + log_netdev_error(netdev, + "Tunnel with invalid address family configured in %s. Ignoring", filename); return -EINVAL; } - if (netdev->kind == NETDEV_KIND_IP6TNL) { - if (t->ip6tnl_mode == _NETDEV_IP6_TNL_MODE_INVALID) { - log_warning("IP6 Tunnel without mode configured in %s. Ignoring", filename); - return -EINVAL; - } + if (netdev->kind == NETDEV_KIND_IP6TNL && + t->ip6tnl_mode == _NETDEV_IP6_TNL_MODE_INVALID) { + log_netdev_error(netdev, + "ip6tnl without mode configured in %s. Ignoring", filename); + return -EINVAL; } return 0; -- cgit v1.2.3-54-g00ecf From 6e47dbbcb32ad9b391296ae47e540c3506431c8f Mon Sep 17 00:00:00 2001 From: Zbigniew Jędrzejewski-Szmek Date: Fri, 2 Dec 2016 13:28:01 -0500 Subject: networkd: tighten parsing of Tunnel addresses When assigning addresses, we'd set the family, and later verify that the address on the other end has the same family. But when the address was specified as "any", we'd simply unset the family. Instead, only unset the family if both addresses are wiped. Also, don't bother setting family = AF_UNSPEC, since it's the default (0). --- src/network/netdev/tunnel.c | 41 ++++++++++++++++++++++++++--------------- 1 file changed, 26 insertions(+), 15 deletions(-) (limited to 'src/network/netdev') diff --git a/src/network/netdev/tunnel.c b/src/network/netdev/tunnel.c index b1f1b5a425..2ce55a84b6 100644 --- a/src/network/netdev/tunnel.c +++ b/src/network/netdev/tunnel.c @@ -432,26 +432,40 @@ int config_parse_tunnel_address(const char *unit, assert(rvalue); assert(data); + /* This is used to parse addresses on both local and remote ends of the tunnel. + * Address families must match. + * + * "any" is a special value which means that the address is unspecified. + */ + if (streq(rvalue, "any")) { - t->family = 0; + *addr = IN_ADDR_NULL; + + /* As a special case, if both the local and remote addresses are + * unspecified, also clear the address family. + */ + if (t->family != AF_UNSPEC && + in_addr_is_null(t->family, &t->local) && + in_addr_is_null(t->family, &t->remote)) + t->family = AF_UNSPEC; return 0; - } else { + } - r = in_addr_from_string_auto(rvalue, &f, &buffer); - if (r < 0) { - log_syntax(unit, LOG_ERR, filename, line, r, "Tunnel address is invalid, ignoring assignment: %s", rvalue); - return 0; - } + r = in_addr_from_string_auto(rvalue, &f, &buffer); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, + "Tunnel address \"%s\" invalid, ignoring assignment: %m", rvalue); + return 0; + } - if (t->family != AF_UNSPEC && t->family != f) { - log_syntax(unit, LOG_ERR, filename, line, 0, "Tunnel addresses incompatible, ignoring assignment: %s", rvalue); - return 0; - } + if (t->family != AF_UNSPEC && t->family != f) { + log_syntax(unit, LOG_ERR, filename, line, 0, + "Tunnel addresses incompatible, ignoring assignment: %s", rvalue); + return 0; } t->family = f; *addr = buffer; - return 0; } @@ -579,7 +593,6 @@ static void ipip_init(NetDev *n) { assert(t); t->pmtudisc = true; - t->family = AF_UNSPEC; } static void sit_init(NetDev *n) { @@ -589,7 +602,6 @@ static void sit_init(NetDev *n) { assert(t); t->pmtudisc = true; - t->family = AF_UNSPEC; } static void vti_init(NetDev *n) { @@ -620,7 +632,6 @@ static void gre_init(NetDev *n) { assert(t); t->pmtudisc = true; - t->family = AF_UNSPEC; } static void ip6gre_init(NetDev *n) { -- cgit v1.2.3-54-g00ecf From 6f3d4decf296f0f0fb2b15dd80216f130f10727d Mon Sep 17 00:00:00 2001 From: Zbigniew Jędrzejewski-Szmek Date: Fri, 2 Dec 2016 13:34:35 -0500 Subject: networkd: check that VTI/VTI6 tunnels have a local address Otherwise we'd fail with an assertion: Assertion 't->family == AF_INET' failed at ../src/network/netdev/tunnel.c:244, function netdev_vti_fill_message_create(). Aborting. --- src/network/netdev/tunnel.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'src/network/netdev') diff --git a/src/network/netdev/tunnel.c b/src/network/netdev/tunnel.c index 2ce55a84b6..c11ac0c539 100644 --- a/src/network/netdev/tunnel.c +++ b/src/network/netdev/tunnel.c @@ -403,6 +403,20 @@ static int netdev_tunnel_verify(NetDev *netdev, const char *filename) { return -EINVAL; } + if (netdev->kind == NETDEV_KIND_VTI && + (t->family != AF_INET || in_addr_is_null(t->family, &t->local))) { + log_netdev_error(netdev, + "vti tunnel without a local IPv4 address configured in %s. Ignoring", filename); + return -EINVAL; + } + + if (netdev->kind == NETDEV_KIND_VTI6 && + (t->family != AF_INET6 || in_addr_is_null(t->family, &t->local))) { + log_netdev_error(netdev, + "vti6 tunnel without a local IPv4 address configured in %s. Ignoring", filename); + return -EINVAL; + } + if (netdev->kind == NETDEV_KIND_IP6TNL && t->ip6tnl_mode == _NETDEV_IP6_TNL_MODE_INVALID) { log_netdev_error(netdev, -- cgit v1.2.3-54-g00ecf