network: make Broadcast= accept boolean value

And disable it for wireguard interfaces by default. Closes #18492.
author: Yu Watanabe <watanabe.yu+github@gmail.com> 2021-02-19 06:01:34 +0900
committer: Yu Watanabe <watanabe.yu+github@gmail.com> 2021-02-20 14:23:00 +0900
commit: 832583ada8b9df0de3b486207dd4c703e0f181bc (patch)
tree: d2a8db928e801697a06a5ce1f271c75fc075c8f7 /src/network
parent: 7f37ecf7e59f288f0bcd92624da8d8abdac09215 (diff)
download: systemd-832583ada8b9df0de3b486207dd4c703e0f181bc.tar.gz
2 files changed, 43 insertions, 2 deletions
diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c
index 566709b371..58b089901b 100644
--- a/src/network/networkd-address.c
+++ b/src/network/networkd-address.c
@@ -57,6 +57,7 @@ int address_new(Address **ret) {
                 .scope = RT_SCOPE_UNIVERSE,
                 .cinfo.ifa_prefered = CACHE_INFO_INFINITY_LIFE_TIME,
                 .cinfo.ifa_valid = CACHE_INFO_INFINITY_LIFE_TIME,
+                .set_broadcast = -1,
                 .duplicate_address_detection = ADDRESS_FAMILY_IPV6,
         };
 
@@ -153,6 +154,20 @@ static bool address_may_have_broadcast(const Address *a) {
                 a->prefixlen <= 30;
 }
 
+static bool address_may_set_broadcast(const Address *a, const Link *link) {
+        assert(a);
+        assert(link);
+
+        if (!address_may_have_broadcast(a))
+                return false;
+
+        if (a->set_broadcast >= 0)
+                return a->set_broadcast;
+
+        /* Typical configuration for wireguard does not set broadcast. */
+        return !streq_ptr(link->kind, "wireguard");
+}
+
 static uint32_t address_prefix(const Address *a) {
         assert(a);
 
@@ -887,7 +902,7 @@ int address_configure(
                 r = netlink_message_append_in_addr_union(req, IFA_ADDRESS, address->family, &address->in_addr_peer);
                 if (r < 0)
                         return log_link_error_errno(link, r, "Could not append IFA_ADDRESS attribute: %m");
-        } else if (address_may_have_broadcast(address)) {
+        } else if (address_may_set_broadcast(address, link)) {
                 r = sd_netlink_message_append_in_addr(req, IFA_BROADCAST, &address->broadcast);
                 if (r < 0)
                         return log_link_error_errno(link, r, "Could not append IFA_BROADCAST attribute: %m");
@@ -1467,6 +1482,25 @@ int config_parse_broadcast(
                 return 0;
         }
 
+        if (isempty(rvalue)) {
+                /* The broadcast address will be calculated based on Address=, and set if the link is
+                 * not a wireguard interface. Here, we do not check or set n->family. */
+                n->broadcast = (struct in_addr) {};
+                n->set_broadcast = -1;
+                TAKE_PTR(n);
+                return 0;
+        }
+
+        r = parse_boolean(rvalue);
+        if (r >= 0) {
+                /* The broadcast address will be calculated based on Address=. Here, we do not check or
+                 * set n->family. */
+                n->broadcast = (struct in_addr) {};
+                n->set_broadcast = r;
+                TAKE_PTR(n);
+                return 0;
+        }
+
         if (n->family == AF_INET6) {
                 log_syntax(unit, LOG_WARNING, filename, line, 0,
                            "Broadcast is not valid for IPv6 addresses, ignoring assignment: %s", rvalue);
@@ -1479,8 +1513,14 @@ int config_parse_broadcast(
                            "Broadcast is invalid, ignoring assignment: %s", rvalue);
                 return 0;
         }
+        if (in4_addr_is_null(&u.in)) {
+                log_syntax(unit, LOG_WARNING, filename, line, 0,
+                           "Broadcast cannot be ANY address, ignoring assignment: %s", rvalue);
+                return 0;
+        }
 
         n->broadcast = u.in;
+        n->set_broadcast = true;
         n->family = AF_INET;
         TAKE_PTR(n);
 
@@ -1835,7 +1875,7 @@ static int address_section_verify(Address *address) {
         }
 
         if (address_may_have_broadcast(address)) {
-                if (address->broadcast.s_addr == 0)
+                if (address->broadcast.s_addr == 0 && address->set_broadcast != 0)
                         address->broadcast.s_addr = address->in_addr.in.s_addr | htobe32(0xfffffffflu >> address->prefixlen);
         } else if (address->broadcast.s_addr != 0) {
                 log_warning("%s: broadcast address is set for IPv6 address or IPv4 address with prefixlength larger than 30. "
diff --git a/src/network/networkd-address.h b/src/network/networkd-address.h
index 7c2d0db3d0..e3ca868c2e 100644
--- a/src/network/networkd-address.h
+++ b/src/network/networkd-address.h
@@ -30,6 +30,7 @@ typedef struct Address {
         uint32_t flags;
         char *label;
 
+        int set_broadcast;
         struct in_addr broadcast;
         struct ifa_cacheinfo cinfo;
author	Yu Watanabe <watanabe.yu+github@gmail.com>	2021-02-19 06:01:34 +0900
committer	Yu Watanabe <watanabe.yu+github@gmail.com>	2021-02-20 14:23:00 +0900
commit	832583ada8b9df0de3b486207dd4c703e0f181bc (patch)
tree	d2a8db928e801697a06a5ce1f271c75fc075c8f7 /src/network
parent	7f37ecf7e59f288f0bcd92624da8d8abdac09215 (diff)
download	systemd-832583ada8b9df0de3b486207dd4c703e0f181bc.tar.gz