diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c index 42119904ce..ca816ec1e4 100644 --- a/src/devices/nm-device.c +++ b/src/devices/nm-device.c @@ -5844,66 +5844,63 @@ nm_device_dhcp4_renew (NMDevice *self, gboolean release) static GHashTable *shared_ips = NULL; static void -release_shared_ip (gpointer data) +shared_ip_release (gpointer data) { g_hash_table_remove (shared_ips, data); -} - -static gboolean -reserve_shared_ip (NMDevice *self, NMSettingIPConfig *s_ip4, NMPlatformIP4Address *address) -{ - if (G_UNLIKELY (shared_ips == NULL)) - shared_ips = g_hash_table_new (g_direct_hash, g_direct_equal); - - memset (address, 0, sizeof (*address)); - - if (s_ip4 && nm_setting_ip_config_get_num_addresses (s_ip4)) { - /* Use the first user-supplied address */ - NMIPAddress *user = nm_setting_ip_config_get_address (s_ip4, 0); - in_addr_t a; - - g_assert (user); - nm_ip_address_get_address_binary (user, &a); - nm_platform_ip4_address_set_addr (address, a, nm_ip_address_get_prefix (user)); - } else { - /* Find an unused address in the 10.42.x.x range */ - guint32 start = (guint32) ntohl (0x0a2a0001); /* 10.42.0.1 */ - guint32 count = 0; - - while (g_hash_table_lookup (shared_ips, GUINT_TO_POINTER (start + count))) { - count += ntohl (0x100); - if (count > ntohl (0xFE00)) { - _LOGE (LOGD_SHARING, "ran out of shared IP addresses!"); - return FALSE; - } - } - nm_platform_ip4_address_set_addr (address, start + count, 24); - g_hash_table_add (shared_ips, GUINT_TO_POINTER (address->address)); - } - - return TRUE; + if (!g_hash_table_size (shared_ips)) + g_clear_pointer (&shared_ips, g_hash_table_unref); } static NMIP4Config * shared4_new_config (NMDevice *self, NMConnection *connection) { NMIP4Config *config = NULL; - NMPlatformIP4Address address; + gboolean is_generated = FALSE; + NMSettingIPConfig *s_ip4; + NMPlatformIP4Address address = { + .addr_source = NM_IP_CONFIG_SOURCE_SHARED, + }; - g_return_val_if_fail (self != NULL, NULL); + g_return_val_if_fail (self, NULL); + g_return_val_if_fail (connection, NULL); - if (!reserve_shared_ip (self, nm_connection_get_setting_ip4_config (connection), &address)) - return NULL; + s_ip4 = nm_connection_get_setting_ip4_config (connection); + if (s_ip4 && nm_setting_ip_config_get_num_addresses (s_ip4)) { + /* Use the first user-supplied address */ + NMIPAddress *user = nm_setting_ip_config_get_address (s_ip4, 0); + in_addr_t a; + + nm_ip_address_get_address_binary (user, &a); + nm_platform_ip4_address_set_addr (&address, a, nm_ip_address_get_prefix (user)); + } else { + /* Find an unused address in the 10.42.x.x range */ + guint32 start = (guint32) ntohl (0x0a2a0001); /* 10.42.0.1 */ + guint32 count = 0; + + if (G_UNLIKELY (!shared_ips)) + shared_ips = g_hash_table_new (g_direct_hash, g_direct_equal); + else { + while (g_hash_table_lookup (shared_ips, GUINT_TO_POINTER (start + count))) { + count += ntohl (0x100); + if (count > ntohl (0xFE00)) { + _LOGE (LOGD_SHARING, "ran out of shared IP addresses!"); + return FALSE; + } + } + } + nm_platform_ip4_address_set_addr (&address, start + count, 24); + g_hash_table_add (shared_ips, GUINT_TO_POINTER (address.address)); + is_generated = TRUE; + } config = nm_ip4_config_new (nm_device_get_ip_ifindex (self)); - address.addr_source = NM_IP_CONFIG_SOURCE_SHARED; nm_ip4_config_add_address (config, &address); - - /* Remove the address lock when the object gets disposed */ - g_object_set_qdata_full (G_OBJECT (config), NM_CACHED_QUARK ("shared-ip"), - GUINT_TO_POINTER (address.address), - release_shared_ip); - + if (is_generated) { + /* Remove the address lock when the object gets disposed */ + g_object_set_qdata_full (G_OBJECT (config), NM_CACHED_QUARK ("shared-ip"), + GUINT_TO_POINTER (address.address), + shared_ip_release); + } return config; } diff --git a/src/dnsmasq/nm-dnsmasq-utils.c b/src/dnsmasq/nm-dnsmasq-utils.c index e4f4324b85..cee52c3def 100644 --- a/src/dnsmasq/nm-dnsmasq-utils.c +++ b/src/dnsmasq/nm-dnsmasq-utils.c @@ -35,11 +35,12 @@ nm_dnsmasq_utils_get_range (const NMPlatformIP4Address *addr, { guint32 host = addr->address; guint8 prefix = addr->plen; - guint32 netmask = nm_utils_ip4_prefix_to_netmask (prefix); - guint32 first, last, reserved; + guint32 netmask; + guint32 first, last, mid, reserved; + const guint32 NUM = 256; - g_return_val_if_fail (out_first != NULL, FALSE); - g_return_val_if_fail (out_last != NULL, FALSE); + g_return_val_if_fail (out_first, FALSE); + g_return_val_if_fail (out_last, FALSE); if (prefix > 30) { if (out_error_desc) @@ -47,29 +48,69 @@ nm_dnsmasq_utils_get_range (const NMPlatformIP4Address *addr, return FALSE; } - /* Find the first available address *after* the local machine's IP */ - first = (host & netmask) + htonl (1); - - /* Shortcut: allow a max of 253 addresses; the - htonl(1) here is to assure - * that we don't set 'last' to the broadcast address of the network. */ - if (prefix < 24) - last = (host | ~nm_utils_ip4_prefix_to_netmask (24)) - htonl (1); - else - last = (host | ~netmask) - htonl(1); - - /* Figure out which range (either above the host address or below it) - * has more addresses. Reserve some addresses for static IPs. - */ - if (ntohl (host) - ntohl (first) > ntohl (last) - ntohl (host)) { - /* Range below the host's IP address */ - reserved = (guint32) ((ntohl (host) - ntohl (first)) / 10); - last = host - htonl (MIN (reserved, 8)) - htonl (1); - } else { - /* Range above host's IP address */ - reserved = (guint32) ((ntohl (last) - ntohl (host)) / 10); - first = host + htonl (MIN (reserved, 8)) + htonl (1); + if (prefix < 24) { + /* if the subnet is larger then /24, we partition it and treat it + * like it would be a /24. + * + * Hence, the resulting range will always be between x.x.x.1/24 + * and x.x.x.254/24, with x.x.x.0 being the network address of the + * host. + * + * In this case, only a /24 portion of the subnet is used. + * No particular reason for that, but it's unlikely that a user + * would use NetworkManager's shared method when having hundered + * of DHCP clients. So, restrict the range to the same /24 in + * which the host address lies. + */ + prefix = 24; } + netmask = nm_utils_ip4_prefix_to_netmask (prefix); + + /* treat addresses in host-order from here on. */ + netmask = ntohl (netmask); + host = ntohl (host); + + /* if host is the network or broadcast address, coerce it to + * one above or below. Usually, we wouldn't expect the user + * to pick such an address. */ + if (host == (host & netmask)) + host++; + else if (host == (host | ~netmask)) + host--; + + /* Exclude the network and broadcast address. */ + first = (host & netmask) + 1; + last = (host | ~netmask) - 1; + + /* Depending on whether host is above or below the middle of + * the subnet, the larger part if handed out. + * + * If the host is in the lower half, the range starts + * at the lower end with the host (plus reserved), until the + * broadcast address + * + * If the host is in the upper half, the range starts above + * the network-address and goes up until the host (except reserved). + * + * reserved is up to 8 addresses, 10% of the determined range. + */ + mid = (host & netmask) | (((first + last) / 2) & ~netmask); + if (host > mid) { + /* use lower range */ + reserved = NM_MIN (((host - first) / 10), 8); + last = host - 1 - reserved; + first = NM_MAX (first, last > NUM ? last - NUM : 0); + } else { + /* use upper range */ + reserved = NM_MIN (((last - host) / 10), 8); + first = host + 1 + reserved; + last = NM_MIN (last, first < 0xFFFFFFFF - NUM ? first + NUM : 0xFFFFFFFF); + } + + first = htonl (first); + last = htonl (last); + nm_utils_inet4_ntop (first, out_first); nm_utils_inet4_ntop (last, out_last); diff --git a/src/dnsmasq/tests/test-dnsmasq-utils.c b/src/dnsmasq/tests/test-dnsmasq-utils.c index 00ff66102a..b311ccb4a0 100644 --- a/src/dnsmasq/tests/test-dnsmasq-utils.c +++ b/src/dnsmasq/tests/test-dnsmasq-utils.c @@ -29,58 +29,138 @@ static void test_address_ranges (void) { - NMPlatformIP4Address addr; - char first[INET_ADDRSTRLEN]; - char last[INET_ADDRSTRLEN]; - char *error_desc = NULL; +#define _test_address_range(addr, plen, expected_first, expected_last) \ + G_STMT_START { \ + char *_error_desc = NULL; \ + char _first[INET_ADDRSTRLEN]; \ + char _last[INET_ADDRSTRLEN]; \ + \ + if (!nm_dnsmasq_utils_get_range (nmtst_platform_ip4_address ((addr""), NULL, (plen)), \ + _first, _last, &_error_desc)) \ + g_assert_not_reached (); \ + g_assert (!_error_desc); \ + g_assert_cmpstr (_first, ==, (expected_first"")); \ + g_assert_cmpstr (_last, ==, (expected_last"")); \ + g_assert_cmpint ((ntohl (nmtst_inet4_from_string (_last)) - ntohl (nmtst_inet4_from_string (_first))), <=, 244); \ + } G_STMT_END - addr = *nmtst_platform_ip4_address ("192.168.0.1", NULL, 24); - g_assert (nm_dnsmasq_utils_get_range (&addr, first, last, &error_desc)); - g_assert (error_desc == NULL); - g_assert_cmpstr (first, ==, "192.168.0.10"); - g_assert_cmpstr (last, ==, "192.168.0.254"); +#define _test_address_range_fail(addr, plen) \ + G_STMT_START { \ + char *_error_desc = NULL; \ + char _first[INET_ADDRSTRLEN]; \ + char _last[INET_ADDRSTRLEN]; \ + \ + if (nm_dnsmasq_utils_get_range (nmtst_platform_ip4_address ((addr""), NULL, (plen)), \ + _first, _last, &_error_desc)) \ + g_assert_not_reached (); \ + g_assert (_error_desc); \ + g_free (_error_desc); \ + } G_STMT_END - addr = *nmtst_platform_ip4_address ("192.168.0.99", NULL, 24); - g_assert (nm_dnsmasq_utils_get_range (&addr, first, last, &error_desc)); - g_assert (error_desc == NULL); - g_assert_cmpstr (first, ==, "192.168.0.108"); - g_assert_cmpstr (last, ==, "192.168.0.254"); + _test_address_range_fail ("1.2.3.1", 31); - addr = *nmtst_platform_ip4_address ("192.168.0.254", NULL, 24); - g_assert (nm_dnsmasq_utils_get_range (&addr, first, last, &error_desc)); - g_assert (error_desc == NULL); - g_assert_cmpstr (first, ==, "192.168.0.1"); - g_assert_cmpstr (last, ==, "192.168.0.245"); + _test_address_range ("0.0.0.0", 30, "0.0.0.2", "0.0.0.2"); + _test_address_range ("0.0.0.1", 30, "0.0.0.2", "0.0.0.2"); + _test_address_range ("0.0.0.2", 30, "0.0.0.1", "0.0.0.1"); + _test_address_range ("0.0.0.3", 30, "0.0.0.1", "0.0.0.1"); + _test_address_range ("1.2.3.0", 30, "1.2.3.2", "1.2.3.2"); + _test_address_range ("1.2.3.1", 30, "1.2.3.2", "1.2.3.2"); + _test_address_range ("1.2.3.2", 30, "1.2.3.1", "1.2.3.1"); + _test_address_range ("1.2.3.3", 30, "1.2.3.1", "1.2.3.1"); + _test_address_range ("1.2.3.4", 30, "1.2.3.6", "1.2.3.6"); + _test_address_range ("1.2.3.5", 30, "1.2.3.6", "1.2.3.6"); + _test_address_range ("1.2.3.6", 30, "1.2.3.5", "1.2.3.5"); + _test_address_range ("1.2.3.7", 30, "1.2.3.5", "1.2.3.5"); + _test_address_range ("1.2.3.8", 30, "1.2.3.10", "1.2.3.10"); + _test_address_range ("1.2.3.9", 30, "1.2.3.10", "1.2.3.10"); + _test_address_range ("255.255.255.0", 30, "255.255.255.2", "255.255.255.2"); + _test_address_range ("255.255.255.1", 30, "255.255.255.2", "255.255.255.2"); + _test_address_range ("255.255.255.2", 30, "255.255.255.1", "255.255.255.1"); + _test_address_range ("255.255.255.3", 30, "255.255.255.1", "255.255.255.1"); + _test_address_range ("255.255.255.248", 30, "255.255.255.250", "255.255.255.250"); + _test_address_range ("255.255.255.249", 30, "255.255.255.250", "255.255.255.250"); + _test_address_range ("255.255.255.250", 30, "255.255.255.249", "255.255.255.249"); + _test_address_range ("255.255.255.251", 30, "255.255.255.249", "255.255.255.249"); + _test_address_range ("255.255.255.252", 30, "255.255.255.254", "255.255.255.254"); + _test_address_range ("255.255.255.253", 30, "255.255.255.254", "255.255.255.254"); + _test_address_range ("255.255.255.254", 30, "255.255.255.253", "255.255.255.253"); + _test_address_range ("255.255.255.255", 30, "255.255.255.253", "255.255.255.253"); - /* Smaller networks */ - addr = *nmtst_platform_ip4_address ("1.2.3.1", NULL, 30); - g_assert (nm_dnsmasq_utils_get_range (&addr, first, last, &error_desc)); - g_assert (error_desc == NULL); - g_assert_cmpstr (first, ==, "1.2.3.2"); - g_assert_cmpstr (last, ==, "1.2.3.2"); + _test_address_range ("0.0.0.0", 29, "0.0.0.2", "0.0.0.6"); + _test_address_range ("0.0.0.1", 29, "0.0.0.2", "0.0.0.6"); + _test_address_range ("0.0.0.2", 29, "0.0.0.3", "0.0.0.6"); + _test_address_range ("0.0.0.3", 29, "0.0.0.4", "0.0.0.6"); + _test_address_range ("0.0.0.4", 29, "0.0.0.1", "0.0.0.3"); + _test_address_range ("0.0.0.5", 29, "0.0.0.1", "0.0.0.4"); + _test_address_range ("0.0.0.6", 29, "0.0.0.1", "0.0.0.5"); + _test_address_range ("0.0.0.7", 29, "0.0.0.1", "0.0.0.5"); + _test_address_range ("0.0.0.8", 29, "0.0.0.10", "0.0.0.14"); + _test_address_range ("0.0.0.9", 29, "0.0.0.10", "0.0.0.14"); + _test_address_range ("1.2.3.0", 29, "1.2.3.2", "1.2.3.6"); + _test_address_range ("1.2.3.1", 29, "1.2.3.2", "1.2.3.6"); + _test_address_range ("1.2.3.2", 29, "1.2.3.3", "1.2.3.6"); + _test_address_range ("1.2.3.3", 29, "1.2.3.4", "1.2.3.6"); + _test_address_range ("1.2.3.4", 29, "1.2.3.1", "1.2.3.3"); + _test_address_range ("1.2.3.5", 29, "1.2.3.1", "1.2.3.4"); + _test_address_range ("1.2.3.6", 29, "1.2.3.1", "1.2.3.5"); + _test_address_range ("1.2.3.7", 29, "1.2.3.1", "1.2.3.5"); + _test_address_range ("1.2.3.8", 29, "1.2.3.10", "1.2.3.14"); + _test_address_range ("1.2.3.9", 29, "1.2.3.10", "1.2.3.14"); + _test_address_range ("255.255.255.248", 29, "255.255.255.250", "255.255.255.254"); + _test_address_range ("255.255.255.249", 29, "255.255.255.250", "255.255.255.254"); + _test_address_range ("255.255.255.250", 29, "255.255.255.251", "255.255.255.254"); + _test_address_range ("255.255.255.251", 29, "255.255.255.252", "255.255.255.254"); + _test_address_range ("255.255.255.252", 29, "255.255.255.249", "255.255.255.251"); + _test_address_range ("255.255.255.253", 29, "255.255.255.249", "255.255.255.252"); + _test_address_range ("255.255.255.254", 29, "255.255.255.249", "255.255.255.253"); + _test_address_range ("255.255.255.255", 29, "255.255.255.249", "255.255.255.253"); - addr = *nmtst_platform_ip4_address ("1.2.3.1", NULL, 29); - g_assert (nm_dnsmasq_utils_get_range (&addr, first, last, &error_desc)); - g_assert (error_desc == NULL); - g_assert_cmpstr (first, ==, "1.2.3.2"); - g_assert_cmpstr (last, ==, "1.2.3.6"); + _test_address_range ("1.2.3.1", 29, "1.2.3.2", "1.2.3.6"); + _test_address_range ("1.2.3.1", 28, "1.2.3.3", "1.2.3.14"); + _test_address_range ("1.2.3.1", 26, "1.2.3.8", "1.2.3.62"); - addr = *nmtst_platform_ip4_address ("1.2.3.1", NULL, 28); - g_assert (nm_dnsmasq_utils_get_range (&addr, first, last, &error_desc)); - g_assert (error_desc == NULL); - g_assert_cmpstr (first, ==, "1.2.3.3"); - g_assert_cmpstr (last, ==, "1.2.3.14"); + _test_address_range ("192.167.255.255", 24, "192.167.255.1", "192.167.255.245"); + _test_address_range ("192.168.0.0", 24, "192.168.0.10", "192.168.0.254"); + _test_address_range ("192.168.0.1", 24, "192.168.0.10", "192.168.0.254"); + _test_address_range ("192.168.0.2", 24, "192.168.0.11", "192.168.0.254"); + _test_address_range ("192.168.0.99", 24, "192.168.0.108", "192.168.0.254"); + _test_address_range ("192.168.0.126", 24, "192.168.0.135", "192.168.0.254"); + _test_address_range ("192.168.0.127", 24, "192.168.0.136", "192.168.0.254"); + _test_address_range ("192.168.0.128", 24, "192.168.0.1", "192.168.0.119"); + _test_address_range ("192.168.0.129", 24, "192.168.0.1", "192.168.0.120"); + _test_address_range ("192.168.0.130", 24, "192.168.0.1", "192.168.0.121"); + _test_address_range ("192.168.0.254", 24, "192.168.0.1", "192.168.0.245"); + _test_address_range ("192.168.0.255", 24, "192.168.0.1", "192.168.0.245"); + _test_address_range ("192.168.1.0", 24, "192.168.1.10", "192.168.1.254"); + _test_address_range ("192.168.1.1", 24, "192.168.1.10", "192.168.1.254"); + _test_address_range ("192.168.1.2", 24, "192.168.1.11", "192.168.1.254"); + _test_address_range ("192.168.1.10", 24, "192.168.1.19", "192.168.1.254"); + _test_address_range ("192.168.15.253", 24, "192.168.15.1", "192.168.15.244"); + _test_address_range ("192.168.15.254", 24, "192.168.15.1", "192.168.15.245"); + _test_address_range ("192.168.15.255", 24, "192.168.15.1", "192.168.15.245"); + _test_address_range ("192.168.16.0", 24, "192.168.16.10", "192.168.16.254"); + _test_address_range ("192.168.16.1", 24, "192.168.16.10", "192.168.16.254"); - addr = *nmtst_platform_ip4_address ("1.2.3.1", NULL, 26); - g_assert (nm_dnsmasq_utils_get_range (&addr, first, last, &error_desc)); - g_assert (error_desc == NULL); - g_assert_cmpstr (first, ==, "1.2.3.8"); - g_assert_cmpstr (last, ==, "1.2.3.62"); - - addr = *nmtst_platform_ip4_address ("1.2.3.1", NULL, 31); - g_assert (nm_dnsmasq_utils_get_range (&addr, first, last, &error_desc) == FALSE); - g_assert (error_desc); - g_free (error_desc); + _test_address_range ("192.167.255.255", 20, "192.167.255.1", "192.167.255.245"); + _test_address_range ("192.168.0.0", 20, "192.168.0.10", "192.168.0.254"); + _test_address_range ("192.168.0.1", 20, "192.168.0.10", "192.168.0.254"); + _test_address_range ("192.168.0.2", 20, "192.168.0.11", "192.168.0.254"); + _test_address_range ("192.168.0.126", 20, "192.168.0.135", "192.168.0.254"); + _test_address_range ("192.168.0.127", 20, "192.168.0.136", "192.168.0.254"); + _test_address_range ("192.168.0.128", 20, "192.168.0.1", "192.168.0.119"); + _test_address_range ("192.168.0.129", 20, "192.168.0.1", "192.168.0.120"); + _test_address_range ("192.168.0.130", 20, "192.168.0.1", "192.168.0.121"); + _test_address_range ("192.168.0.254", 20, "192.168.0.1", "192.168.0.245"); + _test_address_range ("192.168.0.255", 20, "192.168.0.1", "192.168.0.245"); + _test_address_range ("192.168.1.0", 20, "192.168.1.10", "192.168.1.254"); + _test_address_range ("192.168.1.1", 20, "192.168.1.10", "192.168.1.254"); + _test_address_range ("192.168.1.2", 20, "192.168.1.11", "192.168.1.254"); + _test_address_range ("192.168.1.10", 20, "192.168.1.19", "192.168.1.254"); + _test_address_range ("192.168.15.253", 20, "192.168.15.1", "192.168.15.244"); + _test_address_range ("192.168.15.254", 20, "192.168.15.1", "192.168.15.245"); + _test_address_range ("192.168.15.255", 20, "192.168.15.1", "192.168.15.245"); + _test_address_range ("192.168.16.0", 20, "192.168.16.10", "192.168.16.254"); + _test_address_range ("192.168.16.1", 20, "192.168.16.10", "192.168.16.254"); } /*****************************************************************************/