system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-07-21 18:24:38 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

resolve: refuse mdns scope for ipv4 broadcast addresses

Browse source 
This query can never be answered, so let's no wait for it to timeout.
This commit is contained in:
Ronan Pigott 2023-03-27 09:43:58 -07:00 committed by Lennart Poettering
parent effd05626d
commit cad0fc7a13
4 changed files with 22 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/resolve/resolved-dns-scope.c
View file

@ -556,6 +556,9 @@ static DnsScopeMatch match_subnet_reverse_lookups(
if (s->family != AF_UNSPEC && f != s->family)
return _DNS_SCOPE_MATCH_INVALID; /* Don't look for IPv4 addresses on LLMNR/mDNS over IPv6 and vice versa */
if (in_addr_is_null(f, &ia))
return DNS_SCOPE_NO;
LIST_FOREACH(addresses, a, s->link->addresses) {
if (a->family != f)
@ -569,6 +572,10 @@ static DnsScopeMatch match_subnet_reverse_lookups(
if (a->prefixlen == UCHAR_MAX) /* don't know subnet mask */
continue;
/* Don't send mDNS queries for the IPv4 broadcast address */
if (f == AF_INET && in_addr_equal(f, &a->in_addr_broadcast, &ia) > 0)
return DNS_SCOPE_NO;
/* Check if the address is in the local subnet */
r = in_addr_prefix_covers(f, &a->in_addr, a->prefixlen, &ia);
if (r < 0)

7
src/resolve/resolved-link.c
View file

@ -816,7 +816,11 @@ ResolveSupport link_get_mdns_support(Link *link) {
return MIN(link->mdns_support, link->manager->mdns_support);
}
int link_address_new(Link *l, LinkAddress **ret, int family, const union in_addr_union *in_addr) {
int link_address_new(Link *l,
LinkAddress **ret,
int family,
const union in_addr_union *in_addr,
const union in_addr_union *in_addr_broadcast) {
LinkAddress *a;
assert(l);
@ -829,6 +833,7 @@ int link_address_new(Link *l, LinkAddress **ret, int family, const union in_addr
*a = (LinkAddress) {
.family = family,
.in_addr = *in_addr,
.in_addr_broadcast = *in_addr_broadcast,
.link = l,
.prefixlen = UCHAR_MAX,
};

7
src/resolve/resolved-link.h
View file

@ -26,6 +26,7 @@ struct LinkAddress {
int family;
union in_addr_union in_addr;
union in_addr_union in_addr_broadcast;
unsigned char prefixlen;
unsigned char flags, scope;
@ -111,7 +112,11 @@ int link_save_user(Link *l);
int link_load_user(Link *l);
void link_remove_user(Link *l);
int link_address_new(Link *l, LinkAddress **ret, int family, const union in_addr_union *in_addr);
int link_address_new(Link *l,
LinkAddress **ret,
int family,
const union in_addr_union *in_addr,
const union in_addr_union *in_addr_broadcast);
LinkAddress *link_address_free(LinkAddress *a);
int link_address_update_rtnl(LinkAddress *a, sd_netlink_message *m);
bool link_address_relevant(LinkAddress *l, bool local_multicast);

5
src/resolve/resolved-manager.c
View file

@ -106,7 +106,7 @@ fail:
static int manager_process_address(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
Manager *m = ASSERT_PTR(userdata);
union in_addr_union address;
union in_addr_union address, broadcast = {};
uint16_t type;
int r, ifindex, family;
LinkAddress *a;
@ -134,6 +134,7 @@ static int manager_process_address(sd_netlink *rtnl, sd_netlink_message *mm, voi
switch (family) {
case AF_INET:
sd_netlink_message_read_in_addr(mm, IFA_BROADCAST, &broadcast.in);
r = sd_netlink_message_read_in_addr(mm, IFA_LOCAL, &address.in);
if (r < 0) {
r = sd_netlink_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
@ -164,7 +165,7 @@ static int manager_process_address(sd_netlink *rtnl, sd_netlink_message *mm, voi
case RTM_NEWADDR:
if (!a) {
r = link_address_new(l, &a, family, &address);
r = link_address_new(l, &a, family, &address, &broadcast);
if (r < 0)
return r;
}