mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git
synced 2025-12-27 09:20:08 +01:00
DHCPv6 IA_NA assignments do not contain a prefix length, they are for a single address (/128) only. However, the ISC DHCPv6 client incorrectly assumes IA_NA assignments come with a implicit prefix length of /64, and passes this incorrect information on to NetworkManager, which adds this prefix as a on-link route. This will cause communication failures in certain networks, for example NBMA networks, and in organisations using longer prefix lengths than /64 for their LANs. For more discussion regarding this problem, see RFC 5942 section 5. This patch makes NM ignore the false prefix length attribute provided by the ISC DHCPv6 client, instead setting it to a /128 (single address) in all cases. Note that this does not preclude an on-link prefix from being added by NM if it is being advertised in the correct way, i.e., by including a Prefix Information Option with the L flag set in an ICMPv6 Router Advertisement. For what it's worth I've also sent a patch to ISC to change the hard- coded implicit prefix length value from /64 to /128 in [ISC-Bugs #29468].
This commit is contained in:
Tore Anderson
Dan Williams
parent
70f64fbc42
commit
eb460b70da
1 changed files with 8 additions and 34 deletions
|
|
@ -1229,12 +1229,6 @@ ip6_options_to_config (NMDHCPClient *self)
|
|||
return NULL;
|
||||
}
|
||||
|
||||
addr = nm_ip6_address_new ();
|
||||
if (!addr) {
|
||||
nm_log_warn (LOGD_DHCP6, "(%s): couldn't allocate memory for an IP6 Address!", priv->iface);
|
||||
goto error;
|
||||
}
|
||||
|
||||
str = g_hash_table_lookup (priv->options, "new_ip6_address");
|
||||
if (str) {
|
||||
if (!inet_pton (AF_INET6, str, &tmp_addr)) {
|
||||
|
|
@ -1243,35 +1237,17 @@ ip6_options_to_config (NMDHCPClient *self)
|
|||
goto error;
|
||||
}
|
||||
|
||||
addr = nm_ip6_address_new ();
|
||||
g_assert (addr);
|
||||
nm_ip6_address_set_address (addr, &tmp_addr);
|
||||
nm_log_info (LOGD_DHCP6, " address %s", str);
|
||||
} else {
|
||||
/* No address in managed mode is a hard error */
|
||||
if (priv->info_only == FALSE)
|
||||
goto error;
|
||||
|
||||
/* But "info-only" setups don't necessarily need an address */
|
||||
nm_ip6_address_unref (addr);
|
||||
addr = NULL;
|
||||
}
|
||||
|
||||
/* Only care about prefix if we got an address */
|
||||
if (addr) {
|
||||
str = g_hash_table_lookup (priv->options, "new_ip6_prefixlen");
|
||||
if (str) {
|
||||
long unsigned int prefix;
|
||||
|
||||
errno = 0;
|
||||
prefix = strtoul (str, NULL, 10);
|
||||
if (errno != 0 || prefix > 128)
|
||||
goto error;
|
||||
|
||||
nm_ip6_address_set_prefix (addr, (guint32) prefix);
|
||||
nm_log_info (LOGD_DHCP6, " prefix %lu", prefix);
|
||||
}
|
||||
/* DHCPv6 IA_NA assignments are single address only */
|
||||
nm_ip6_address_set_prefix (addr, 128);
|
||||
nm_log_info (LOGD_DHCP6, " address %s/128", str);
|
||||
|
||||
nm_ip6_config_take_address (ip6_config, addr);
|
||||
addr = NULL;
|
||||
} else if (priv->info_only == FALSE) {
|
||||
/* No address in Managed mode is a hard error */
|
||||
goto error;
|
||||
}
|
||||
|
||||
str = g_hash_table_lookup (priv->options, "new_host_name");
|
||||
|
|
@ -1300,8 +1276,6 @@ ip6_options_to_config (NMDHCPClient *self)
|
|||
return ip6_config;
|
||||
|
||||
error:
|
||||
if (addr)
|
||||
nm_ip6_address_unref (addr);
|
||||
g_object_unref (ip6_config);
|
||||
return NULL;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue