[systemd-commits] 5 commits - src/libsystemd-network src/resolve
Lennart Poettering
lennart at kemper.freedesktop.org
Tue Jul 29 14:53:18 PDT 2014
src/libsystemd-network/dhcp-network.c | 103 ++++++++++++++++----------------
src/libsystemd-network/ipv4ll-network.c | 43 ++++++-------
src/resolve/resolved-dns-query.c | 38 ++++++++---
src/resolve/resolved-dns-query.h | 5 +
src/resolve/resolved-dns-scope.c | 14 ++++
src/resolve/resolved-dns-server.c | 9 --
src/resolve/resolved-dns-server.h | 8 --
src/resolve/resolved-manager.c | 34 +++++++---
8 files changed, 144 insertions(+), 110 deletions(-)
New commits:
commit 2442b93d15f5523aba0c5dc56a42757af889c483
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Jul 29 23:52:57 2014 +0200
resolved: the llmnr destination address check applies to queries, not to responses
diff --git a/src/resolve/resolved-dns-query.c b/src/resolve/resolved-dns-query.c
index f3007aa..271b8fd 100644
--- a/src/resolve/resolved-dns-query.c
+++ b/src/resolve/resolved-dns-query.c
@@ -269,17 +269,6 @@ void dns_query_transaction_process_reply(DnsQueryTransaction *t, DnsPacket *p) {
if (p->family != t->scope->family)
return;
- /* Don't accept UDP packets directed to anything but
- * the LLMNR multicast addresses. */
-
- if (p->ipproto == IPPROTO_UDP) {
- if (p->family == AF_INET && !in_addr_equal(AF_INET, &p->destination, (union in_addr_union*) &LLMNR_MULTICAST_IPV4_ADDRESS))
- return;
-
- if (p->family == AF_INET6 && !in_addr_equal(AF_INET6, &p->destination, (union in_addr_union*) &LLMNR_MULTICAST_IPV6_ADDRESS))
- return;
- }
-
/* Tentative replies shall be discarded, see RFC 4795,
* 2.1.1 */
diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c
index 5742f3e..b975ac4 100644
--- a/src/resolve/resolved-dns-scope.c
+++ b/src/resolve/resolved-dns-scope.c
@@ -452,6 +452,18 @@ void dns_scope_process_query(DnsScope *s, DnsStream *stream, DnsPacket *p) {
if (p->protocol != DNS_PROTOCOL_LLMNR)
return;
+ if (p->ipproto == IPPROTO_UDP) {
+ /* Don't accept UDP queries directed to anything but
+ * the LLMNR multicast addresses. See RFC 4795,
+ * section 2.5.*/
+
+ if (p->family == AF_INET && !in_addr_equal(AF_INET, &p->destination, (union in_addr_union*) &LLMNR_MULTICAST_IPV4_ADDRESS))
+ return;
+
+ if (p->family == AF_INET6 && !in_addr_equal(AF_INET6, &p->destination, (union in_addr_union*) &LLMNR_MULTICAST_IPV6_ADDRESS))
+ return;
+ }
+
r = dns_packet_extract(p);
if (r < 0) {
log_debug("Failed to extract resources from incoming packet: %s", strerror(-r));
commit a2a416f768e2aa7db5b975cd50eb19237cac9cce
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Jul 29 23:52:23 2014 +0200
resolved: add more debug logging
diff --git a/src/resolve/resolved-dns-query.c b/src/resolve/resolved-dns-query.c
index ecffe06..f3007aa 100644
--- a/src/resolve/resolved-dns-query.c
+++ b/src/resolve/resolved-dns-query.c
@@ -19,6 +19,8 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
+#include "af-list.h"
+
#include "resolved-dns-query.h"
#include "resolved-dns-domain.h"
@@ -132,6 +134,12 @@ void dns_query_transaction_complete(DnsQueryTransaction *t, DnsQueryState state)
* should hence not attempt to access the query or transaction
* after calling this function. */
+ log_debug("Transaction on scope %s on %s/%s now complete with %s",
+ dns_protocol_to_string(t->scope->protocol),
+ t->scope->link ? t->scope->link->name : "*",
+ t->scope->family == AF_UNSPEC ? "*" : af_to_name(t->scope->family),
+ dns_query_state_to_string(state));
+
t->state = state;
dns_query_transaction_stop(t);
@@ -419,6 +427,11 @@ static int dns_query_transaction_go(DnsQueryTransaction *t) {
dns_query_transaction_stop(t);
+ log_debug("Beginning transaction on scope %s on %s/%s",
+ dns_protocol_to_string(t->scope->protocol),
+ t->scope->link ? t->scope->link->name : "*",
+ t->scope->family == AF_UNSPEC ? "*" : af_to_name(t->scope->family));
+
if (t->n_attempts >= ATTEMPTS_MAX) {
dns_query_transaction_complete(t, DNS_QUERY_ATTEMPTS_MAX);
return 0;
@@ -889,3 +902,17 @@ int dns_query_cname_redirect(DnsQuery *q, const char *name) {
return 0;
}
+
+static const char* const dns_query_state_table[_DNS_QUERY_STATE_MAX] = {
+ [DNS_QUERY_NULL] = "null",
+ [DNS_QUERY_PENDING] = "pending",
+ [DNS_QUERY_FAILURE] = "failure",
+ [DNS_QUERY_SUCCESS] = "success",
+ [DNS_QUERY_NO_SERVERS] = "no-servers",
+ [DNS_QUERY_TIMEOUT] = "timeout",
+ [DNS_QUERY_ATTEMPTS_MAX] = "attempts-max",
+ [DNS_QUERY_INVALID_REPLY] = "invalid-reply",
+ [DNS_QUERY_RESOURCES] = "resources",
+ [DNS_QUERY_ABORTED] = "aborted",
+};
+DEFINE_STRING_TABLE_LOOKUP(dns_query_state, DnsQueryState);
diff --git a/src/resolve/resolved-dns-query.h b/src/resolve/resolved-dns-query.h
index 37f50b6..67fe7f6 100644
--- a/src/resolve/resolved-dns-query.h
+++ b/src/resolve/resolved-dns-query.h
@@ -49,6 +49,8 @@ typedef enum DnsQueryState {
DNS_QUERY_INVALID_REPLY,
DNS_QUERY_RESOURCES,
DNS_QUERY_ABORTED,
+ _DNS_QUERY_STATE_MAX,
+ _DNS_QUERY_STATE_INVALID = -1
} DnsQueryState;
struct DnsQueryTransaction {
@@ -120,4 +122,7 @@ void dns_query_ready(DnsQuery *q);
int dns_query_cname_redirect(DnsQuery *q, const char *name);
+const char* dns_query_state_to_string(DnsQueryState p) _const_;
+DnsQueryState dns_query_state_from_string(const char *s) _pure_;
+
DEFINE_TRIVIAL_CLEANUP_FUNC(DnsQuery*, dns_query_free);
diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c
index 523ed20..319baf7 100644
--- a/src/resolve/resolved-manager.c
+++ b/src/resolve/resolved-manager.c
@@ -32,6 +32,7 @@
#include "network-internal.h"
#include "conf-parser.h"
#include "socket-util.h"
+#include "af-list.h"
#include "resolved.h"
#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
@@ -58,10 +59,10 @@ static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userda
switch (type) {
- case RTM_NEWLINK:
- if (!l) {
- log_debug("Found link %i", ifindex);
+ case RTM_NEWLINK:{
+ bool is_new = !l;
+ if (!l) {
r = link_new(m, &l, ifindex);
if (r < 0)
goto fail;
@@ -71,11 +72,15 @@ static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userda
if (r < 0)
goto fail;
+ if (is_new)
+ log_debug("Found new link %i/%s", ifindex, l->name);
+
break;
+ }
case RTM_DELLINK:
if (l) {
- log_debug("Removing link %i", l->ifindex);
+ log_debug("Removing link %i/%s", l->ifindex, l->name);
link_free(l);
}
@@ -908,6 +913,8 @@ int manager_send(Manager *m, int fd, int ifindex, int family, const union in_add
assert(port > 0);
assert(p);
+ log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
+
if (family == AF_INET)
return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
else if (family == AF_INET6)
@@ -916,7 +923,6 @@ int manager_send(Manager *m, int fd, int ifindex, int family, const union in_add
return -EAFNOSUPPORT;
}
-
DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
DnsServer *s;
@@ -992,6 +998,8 @@ static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *u
return r;
if (dns_packet_validate_reply(p) > 0) {
+ log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
+
t = hashmap_get(m->dns_query_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
if (!t)
return 0;
commit bf3f1271e2cc0c22b11c8a805a997578dabe9191
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Jul 29 23:51:34 2014 +0200
resolved: set LLMNR TCP and UDP TTLs to the values suggested by the RFC
diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c
index b226f5a..5742f3e 100644
--- a/src/resolve/resolved-dns-scope.c
+++ b/src/resolve/resolved-dns-scope.c
@@ -254,7 +254,7 @@ int dns_scope_tcp_socket(DnsScope *s, int family, const union in_addr_union *add
}
if (s->protocol == DNS_PROTOCOL_LLMNR) {
- /* RFC 4795, section 2.5 suggests the TTL to be set to 1 */
+ /* RFC 4795, section 2.5 requires the TTL to be set to 1 */
if (sa.sa.sa_family == AF_INET) {
r = setsockopt(fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c
index a8715bd..523ed20 100644
--- a/src/resolve/resolved-manager.c
+++ b/src/resolve/resolved-manager.c
@@ -1024,7 +1024,7 @@ int manager_llmnr_ipv4_udp_fd(Manager *m) {
.in.sin_family = AF_INET,
.in.sin_port = htobe16(5355),
};
- static const int one = 1, pmtu = IP_PMTUDISC_DONT;
+ static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
int r;
assert(m);
@@ -1036,13 +1036,14 @@ int manager_llmnr_ipv4_udp_fd(Manager *m) {
if (m->llmnr_ipv4_udp_fd < 0)
return -errno;
- r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
+ /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
+ r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
if (r < 0) {
r = -errno;
goto fail;
}
- r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &one, sizeof(one));
+ r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
if (r < 0) {
r = -errno;
goto fail;
@@ -1101,7 +1102,7 @@ int manager_llmnr_ipv6_udp_fd(Manager *m) {
.in6.sin6_family = AF_INET6,
.in6.sin6_port = htobe16(5355),
};
- static const int one = 1;
+ static const int one = 1, ttl = 255;
int r;
assert(m);
@@ -1113,13 +1114,14 @@ int manager_llmnr_ipv6_udp_fd(Manager *m) {
if (m->llmnr_ipv6_udp_fd < 0)
return -errno;
- r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
+ r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
if (r < 0) {
r = -errno;
goto fail;
}
- r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &one, sizeof(one));
+ /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
+ r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
if (r < 0) {
r = -errno;
goto fail;
@@ -1243,6 +1245,7 @@ int manager_llmnr_ipv4_tcp_fd(Manager *m) {
if (m->llmnr_ipv4_tcp_fd < 0)
return -errno;
+ /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
if (r < 0) {
r = -errno;
@@ -1314,6 +1317,7 @@ int manager_llmnr_ipv6_tcp_fd(Manager *m) {
if (m->llmnr_ipv6_tcp_fd < 0)
return -errno;
+ /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
if (r < 0) {
r = -errno;
commit 088b6ba2648db1899fd956bf8238f0706fbe6c45
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Jul 29 23:49:54 2014 +0200
sd-network: make socket filter programs static const where possible
(also, fix some whitespace/indentation issues, and avoid "index" as identifier in
order to not clash against libc's "index()" call)
diff --git a/src/libsystemd-network/dhcp-network.c b/src/libsystemd-network/dhcp-network.c
index 29276c0..1ced5cf 100644
--- a/src/libsystemd-network/dhcp-network.c
+++ b/src/libsystemd-network/dhcp-network.c
@@ -32,70 +32,71 @@
#include "dhcp-internal.h"
-int dhcp_network_bind_raw_socket(int index, union sockaddr_union *link,
+int dhcp_network_bind_raw_socket(int ifindex, union sockaddr_union *link,
uint32_t xid, struct ether_addr mac_addr) {
+
struct sock_filter filter[] = {
- BPF_STMT(BPF_LD + BPF_W + BPF_LEN, 0), /* A <- packet length */
- BPF_JUMP(BPF_JMP + BPF_JGE + BPF_K, sizeof(DHCPPacket), 1, 0), /* packet >= DHCPPacket ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(DHCPPacket, ip.protocol)), /* A <- IP protocol */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_UDP, 1, 0), /* IP protocol == UDP ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(DHCPPacket, ip.frag_off)), /* A <- Flags */
- BPF_STMT(BPF_ALU + BPF_AND + BPF_K, 0x20), /* A <- A & 0x20 (More Fragments bit) */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 1, 0), /* A == 0 ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(DHCPPacket, ip.frag_off)), /* A <- Flags + Fragment offset */
- BPF_STMT(BPF_ALU + BPF_AND + BPF_K, 0x1fff), /* A <- A & 0x1fff (Fragment offset) */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 1, 0), /* A == 0 ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(DHCPPacket, udp.dest)), /* A <- UDP destination port */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, DHCP_PORT_CLIENT, 1, 0), /* UDP destination port == DHCP client port ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(DHCPPacket, dhcp.op)), /* A <- DHCP op */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, BOOTREPLY, 1, 0), /* op == BOOTREPLY ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(DHCPPacket, dhcp.htype)), /* A <- DHCP header type */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPHRD_ETHER, 1, 0), /* header type == ARPHRD_ETHER ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(DHCPPacket, dhcp.hlen)), /* A <- mac address length */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHER_ADDR_LEN, 1, 0), /* address length == ETHER_ADDR_LEN ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(DHCPPacket, dhcp.xid)), /* A <- client identifier */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, xid, 1, 0), /* client identifier == xid ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_IMM, htobe32(*((unsigned int *) &mac_addr))), /* A <- 4 bytes of client's MAC */
- BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */
- BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(DHCPPacket, dhcp.chaddr)), /* A <- 4 bytes of MAC from dhcp.chaddr */
- BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 1, 0), /* A == 0 ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_IMM, htobe16(*((unsigned short *) (((char *) &mac_addr) + 4)))), /* A <- remainder of client's MAC */
- BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */
- BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(DHCPPacket, dhcp.chaddr) + 4), /* A <- remainder of MAC from dhcp.chaddr */
- BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 1, 0), /* A == 0 ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(DHCPPacket, dhcp.magic)), /* A <- DHCP magic cookie */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, DHCP_MAGIC_COOKIE, 1, 0), /* cookie == DHCP magic cookie ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */
+ BPF_STMT(BPF_LD + BPF_W + BPF_LEN, 0), /* A <- packet length */
+ BPF_JUMP(BPF_JMP + BPF_JGE + BPF_K, sizeof(DHCPPacket), 1, 0), /* packet >= DHCPPacket ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(DHCPPacket, ip.protocol)), /* A <- IP protocol */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_UDP, 1, 0), /* IP protocol == UDP ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(DHCPPacket, ip.frag_off)), /* A <- Flags */
+ BPF_STMT(BPF_ALU + BPF_AND + BPF_K, 0x20), /* A <- A & 0x20 (More Fragments bit) */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 1, 0), /* A == 0 ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(DHCPPacket, ip.frag_off)), /* A <- Flags + Fragment offset */
+ BPF_STMT(BPF_ALU + BPF_AND + BPF_K, 0x1fff), /* A <- A & 0x1fff (Fragment offset) */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 1, 0), /* A == 0 ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(DHCPPacket, udp.dest)), /* A <- UDP destination port */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, DHCP_PORT_CLIENT, 1, 0), /* UDP destination port == DHCP client port ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(DHCPPacket, dhcp.op)), /* A <- DHCP op */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, BOOTREPLY, 1, 0), /* op == BOOTREPLY ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(DHCPPacket, dhcp.htype)), /* A <- DHCP header type */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPHRD_ETHER, 1, 0), /* header type == ARPHRD_ETHER ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(DHCPPacket, dhcp.hlen)), /* A <- mac address length */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHER_ADDR_LEN, 1, 0), /* address length == ETHER_ADDR_LEN ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(DHCPPacket, dhcp.xid)), /* A <- client identifier */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, xid, 1, 0), /* client identifier == xid ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_IMM, htobe32(*((unsigned int *) &mac_addr))), /* A <- 4 bytes of client's MAC */
+ BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */
+ BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(DHCPPacket, dhcp.chaddr)), /* A <- 4 bytes of MAC from dhcp.chaddr */
+ BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 1, 0), /* A == 0 ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_IMM, htobe16(*((unsigned short *) (((char *) &mac_addr) + 4)))), /* A <- remainder of client's MAC */
+ BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */
+ BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(DHCPPacket, dhcp.chaddr) + 4), /* A <- remainder of MAC from dhcp.chaddr */
+ BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 1, 0), /* A == 0 ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(DHCPPacket, dhcp.magic)), /* A <- DHCP magic cookie */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, DHCP_MAGIC_COOKIE, 1, 0), /* cookie == DHCP magic cookie ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */
};
struct sock_fprog fprog = {
- .len = ELEMENTSOF(filter),
- .filter = filter
+ .len = ELEMENTSOF(filter),
+ .filter = filter
};
_cleanup_close_ int s = -1;
int r, on = 1;
- assert(index > 0);
+ assert(ifindex > 0);
assert(link);
s = socket(AF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0);
if (s < 0)
return -errno;
- r = setsockopt (s, SOL_PACKET, PACKET_AUXDATA, &on, sizeof(on));
+ r = setsockopt(s, SOL_PACKET, PACKET_AUXDATA, &on, sizeof(on));
if (r < 0)
return -errno;
@@ -105,7 +106,7 @@ int dhcp_network_bind_raw_socket(int index, union sockaddr_union *link,
link->ll.sll_family = AF_PACKET;
link->ll.sll_protocol = htons(ETH_P_IP);
- link->ll.sll_ifindex = index;
+ link->ll.sll_ifindex = ifindex;
link->ll.sll_halen = ETH_ALEN;
memset(link->ll.sll_addr, 0xff, ETH_ALEN);
diff --git a/src/libsystemd-network/ipv4ll-network.c b/src/libsystemd-network/ipv4ll-network.c
index 0852f42..93ffed4 100644
--- a/src/libsystemd-network/ipv4ll-network.c
+++ b/src/libsystemd-network/ipv4ll-network.c
@@ -37,32 +37,33 @@ int arp_network_send_raw_socket(int fd, const union sockaddr_union *link,
return 0;
}
-int arp_network_bind_raw_socket(int index, union sockaddr_union *link) {
- struct sock_filter filter[] = {
- BPF_STMT(BPF_LD + BPF_W + BPF_LEN, 0), /* A <- packet length */
- BPF_JUMP(BPF_JMP + BPF_JGE + BPF_K, sizeof(struct ether_arp), 1, 0), /* packet >= arp packet ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_hrd)), /* A <- header */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPHRD_ETHER, 1, 0), /* header == ethernet ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_pro)), /* A <- protocol */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 1, 0), /* protocol == IP ? */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_op)), /* A <- operation */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REQUEST, 0, 1), /* protocol == request ? */
- BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REPLY, 0, 1), /* protocol == reply ? */
- BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */
- BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+int arp_network_bind_raw_socket(int ifindex, union sockaddr_union *link) {
+
+ static const struct sock_filter filter[] = {
+ BPF_STMT(BPF_LD + BPF_W + BPF_LEN, 0), /* A <- packet length */
+ BPF_JUMP(BPF_JMP + BPF_JGE + BPF_K, sizeof(struct ether_arp), 1, 0), /* packet >= arp packet ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_hrd)), /* A <- header */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPHRD_ETHER, 1, 0), /* header == ethernet ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_pro)), /* A <- protocol */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 1, 0), /* protocol == IP ? */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
+ BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, ea_hdr.ar_op)), /* A <- operation */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REQUEST, 0, 1), /* protocol == request ? */
+ BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REPLY, 0, 1), /* protocol == reply ? */
+ BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */
+ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
};
struct sock_fprog fprog = {
- .len = ELEMENTSOF(filter),
- .filter = filter
+ .len = ELEMENTSOF(filter),
+ .filter = (struct sock_filter*) filter
};
_cleanup_close_ int s = -1;
int r;
- assert(index > 0);
+ assert(ifindex > 0);
assert(link);
s = socket(PF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0);
@@ -75,7 +76,7 @@ int arp_network_bind_raw_socket(int index, union sockaddr_union *link) {
link->ll.sll_family = AF_PACKET;
link->ll.sll_protocol = htons(ETH_P_ARP);
- link->ll.sll_ifindex = index;
+ link->ll.sll_ifindex = ifindex;
link->ll.sll_halen = ETH_ALEN;
memset(link->ll.sll_addr, 0xff, ETH_ALEN);
commit 2f82f5eae471a23a7aa9f40f19079a4b63e19496
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Jul 29 21:46:12 2014 +0200
resolved: we don't need the DNS server "source" concept anymore, remove it
diff --git a/src/resolve/resolved-dns-server.c b/src/resolve/resolved-dns-server.c
index f33cf5d..2be81ff 100644
--- a/src/resolve/resolved-dns-server.c
+++ b/src/resolve/resolved-dns-server.c
@@ -44,11 +44,9 @@ int dns_server_new(
LIST_FIND_TAIL(servers, l->dns_servers, tail);
LIST_INSERT_AFTER(servers, l->dns_servers, tail, s);
s->link = l;
- s->source = DNS_SERVER_LINK;
} else {
LIST_FIND_TAIL(servers, m->dns_servers, tail);
LIST_INSERT_AFTER(servers, m->dns_servers, tail, s);
- s->source = DNS_SERVER_SYSTEM;
}
s->manager = m;
@@ -63,13 +61,10 @@ DnsServer* dns_server_free(DnsServer *s) {
if (!s)
return NULL;
- if (s->source == DNS_SERVER_LINK) {
-
+ if (s->manager) {
if (s->link)
LIST_REMOVE(servers, s->link->dns_servers, s);
- } else if (s->source == DNS_SERVER_SYSTEM) {
-
- if (s->manager)
+ else
LIST_REMOVE(servers, s->manager->dns_servers, s);
}
diff --git a/src/resolve/resolved-dns-server.h b/src/resolve/resolved-dns-server.h
index 2736032..574616e 100644
--- a/src/resolve/resolved-dns-server.h
+++ b/src/resolve/resolved-dns-server.h
@@ -30,16 +30,8 @@ typedef enum DnsServerSource DnsServerSource;
#include "resolved-link.h"
#include "resolved-dns-server.h"
-enum DnsServerSource {
- DNS_SERVER_ANY,
- DNS_SERVER_SYSTEM,
- DNS_SERVER_LINK,
- _DNS_SERVER_SOURCE_MAX
-};
-
struct DnsServer {
Manager *manager;
- DnsServerSource source;
Link *link;
More information about the systemd-commits
mailing list