systemd-networkd: Use IFA_F_NOPREFIXROUTE with IPv6 addresses

[elogind.git] / src / network / networkd-address.c

diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c
index b4eb91ebb60d4c066e4cf653dbd14059ebcbf06b..85acc499459c7410e42720cd5814e5dfad32c826 100644 (file)
--- a/src/network/networkd-address.c
+++ b/src/network/networkd-address.c
@@ -25,7 +25,6 @@
 #include "util.h"
 #include "conf-parser.h"
 #include "fw-util.h"
-#include "network-internal.h"
 #include "networkd.h"
 #include "networkd-link.h"
 
@@ -116,7 +115,7 @@ int address_establish(Address *address, Link *link) {
                 address->scope < RT_SCOPE_LINK;
 
         /* Add firewall entry if this is requested */
-        if (address->ip_forward_done != masq) {
+        if (address->ip_masquerade_done != masq) {
                 union in_addr_union masked = address->in_addr;
                 in_addr_mask(address->family, &masked, address->prefixlen);
 
@@ -124,7 +123,7 @@ int address_establish(Address *address, Link *link) {
                 if (r < 0)
                         log_link_warning_errno(link, r, "Could not enable IP masquerading: %m");
 
-                address->ip_forward_done = masq;
+                address->ip_masquerade_done = masq;
         }
 
         return 0;
@@ -137,7 +136,7 @@ int address_release(Address *address, Link *link) {
         assert(link);
 
         /* Remove masquerading firewall entry if it was added */
-        if (address->ip_forward_done) {
+        if (address->ip_masquerade_done) {
                 union in_addr_union masked = address->in_addr;
                 in_addr_mask(address->family, &masked, address->prefixlen);
 
@@ -145,7 +144,7 @@ int address_release(Address *address, Link *link) {
                 if (r < 0)
                         log_link_warning_errno(link, r, "Failed to disable IP masquerading: %m");
 
-                address->ip_forward_done = false;
+                address->ip_masquerade_done = false;
         }
 
         return 0;
@@ -210,10 +209,18 @@ int address_update(Address *address, Link *link,
         if (r < 0)
                 return log_error_errno(r, "Could not set prefixlen: %m");
 
-        r = sd_rtnl_message_addr_set_flags(req, IFA_F_PERMANENT);
+        address->flags |= IFA_F_PERMANENT;
+
+        r = sd_rtnl_message_addr_set_flags(req, address->flags & 0xff);
         if (r < 0)
                 return log_error_errno(r, "Could not set flags: %m");
 
+        if (address->flags & ~0xff) {
+                r = sd_rtnl_message_append_u32(req, IFA_FLAGS, address->flags);
+                if (r < 0)
+                        return log_error_errno(r, "Could not set extended flags: %m");
+        }
+
         r = sd_rtnl_message_addr_set_scope(req, address->scope);
         if (r < 0)
                 return log_error_errno(r, "Could not set scope: %m");
@@ -336,10 +343,18 @@ int address_configure(Address *address, Link *link,
         if (r < 0)
                 return log_error_errno(r, "Could not set prefixlen: %m");
 
-        r = sd_rtnl_message_addr_set_flags(req, IFA_F_PERMANENT);
+        address->flags |= IFA_F_PERMANENT;
+
+        r = sd_rtnl_message_addr_set_flags(req, (address->flags & 0xff));
         if (r < 0)
                 return log_error_errno(r, "Could not set flags: %m");
 
+        if (address->flags & ~0xff) {
+                r = sd_rtnl_message_append_u32(req, IFA_FLAGS, address->flags);
+                if (r < 0)
+                        return log_error_errno(r, "Could not set extended flags: %m");
+        }
+
         r = sd_rtnl_message_addr_set_scope(req, address->scope);
         if (r < 0)
                 return log_error_errno(r, "Could not set scope: %m");
@@ -592,6 +607,10 @@ bool address_equal(Address *a1, Address *a2) {
         case AF_INET:
                 if (a1->prefixlen != a2->prefixlen)
                         return false;
+                else if (a1->prefixlen == 0)
+                        /* make sure we don't try to shift by 32.
+                         * See ISO/IEC 9899:TC3 § 6.5.7.3. */
+                        return true;
                 else {
                         uint32_t b1, b2;