morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 08:25:20 +09:00
Code Issues Packages Projects Releases Wiki Activity

network: move link_set_ipv6ll_stable_secret() to networkd-ipv6ll.c

Browse Source
This commit is contained in:
Yu Watanabe
2022-02-08 22:53:33 +09:00
parent 05b8fc498e
commit 2b25f4eb23
3 changed files with 48 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
src/network/networkd-ipv6ll.c
View File

@@ -12,6 +12,7 @@
#include "socket-util.h"
#include "string-table.h"
#include "strv.h"
#include "sysctl-util.h"
bool link_ipv6ll_enabled(Link *link) {
assert(link);
@@ -177,6 +178,51 @@ int link_update_ipv6ll_addrgen_mode(Link *link, sd_netlink_message *message) {
return 0;
}
#define STABLE_SECRET_APP_ID_1 SD_ID128_MAKE(aa,05,1d,94,43,68,45,07,b9,73,f1,e8,e4,b7,34,52)
#define STABLE_SECRET_APP_ID_2 SD_ID128_MAKE(52,c4,40,a0,9f,2f,48,58,a9,3a,f6,29,25,ba,7a,7d)
int link_set_ipv6ll_stable_secret(Link *link) {
_cleanup_free_ char *str = NULL;
struct in6_addr a;
int r;
assert(link);
assert(link->network);
if (link->network->ipv6ll_address_gen_mode != IPV6_LINK_LOCAL_ADDRESSS_GEN_MODE_STABLE_PRIVACY)
return 0;
if (in6_addr_is_set(&link->network->ipv6ll_stable_secret))
a = link->network->ipv6ll_stable_secret;
else {
sd_id128_t key;
le64_t v;
/* Generate a stable secret address from machine-ID and the interface name. */
r = sd_id128_get_machine_app_specific(STABLE_SECRET_APP_ID_1, &key);
if (r < 0)
return log_link_debug_errno(link, r, "Failed to generate key: %m");
v = htole64(siphash24_string(link->ifname, key.bytes));
memcpy(a.s6_addr, &v, sizeof(v));
r = sd_id128_get_machine_app_specific(STABLE_SECRET_APP_ID_2, &key);
if (r < 0)
return log_link_debug_errno(link, r, "Failed to generate key: %m");
v = htole64(siphash24_string(link->ifname, key.bytes));
assert_cc(sizeof(v) * 2 == sizeof(a.s6_addr));
memcpy(a.s6_addr + sizeof(v), &v, sizeof(v));
}
r = in6_addr_to_string(&a, &str);
if (r < 0)
return r;
return sysctl_write_ip_property(AF_INET6, link->ifname, "stable_secret", str);
}
static const char* const ipv6_link_local_address_gen_mode_table[_IPV6_LINK_LOCAL_ADDRESS_GEN_MODE_MAX] = {
[IPV6_LINK_LOCAL_ADDRESSS_GEN_MODE_EUI64] = "eui64",
[IPV6_LINK_LOCAL_ADDRESSS_GEN_MODE_NONE] = "none",

2
src/network/networkd-ipv6ll.h
View File

@@ -28,6 +28,8 @@ IPv6LinkLocalAddressGenMode link_get_ipv6ll_addrgen_mode(Link *link);
int ipv6ll_addrgen_mode_fill_message(sd_netlink_message *message, IPv6LinkLocalAddressGenMode mode);
int link_update_ipv6ll_addrgen_mode(Link *link, sd_netlink_message *message);
int link_set_ipv6ll_stable_secret(Link *link);
const char* ipv6_link_local_address_gen_mode_to_string(IPv6LinkLocalAddressGenMode s) _const_;
IPv6LinkLocalAddressGenMode ipv6_link_local_address_gen_mode_from_string(const char *s) _pure_;

45
src/network/networkd-sysctl.c
View File

@@ -11,9 +11,6 @@
#include "string-table.h"
#include "sysctl-util.h"
#define STABLE_SECRET_APP_ID_1 SD_ID128_MAKE(aa,05,1d,94,43,68,45,07,b9,73,f1,e8,e4,b7,34,52)
#define STABLE_SECRET_APP_ID_2 SD_ID128_MAKE(52,c4,40,a0,9f,2f,48,58,a9,3a,f6,29,25,ba,7a,7d)
static int link_update_ipv6_sysctl(Link *link) {
assert(link);
@@ -214,48 +211,6 @@ int link_set_ipv6_mtu(Link *link) {
return sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "mtu", mtu);
}
static int link_set_ipv6ll_stable_secret(Link *link) {
_cleanup_free_ char *str = NULL;
struct in6_addr a;
int r;
assert(link);
assert(link->network);
if (link->network->ipv6ll_address_gen_mode != IPV6_LINK_LOCAL_ADDRESSS_GEN_MODE_STABLE_PRIVACY)
return 0;
if (in6_addr_is_set(&link->network->ipv6ll_stable_secret))
a = link->network->ipv6ll_stable_secret;
else {
sd_id128_t key;
le64_t v;
/* Generate a stable secret address from machine-ID and the interface name. */
r = sd_id128_get_machine_app_specific(STABLE_SECRET_APP_ID_1, &key);
if (r < 0)
return log_link_debug_errno(link, r, "Failed to generate key: %m");
v = htole64(siphash24_string(link->ifname, key.bytes));
memcpy(a.s6_addr, &v, sizeof(v));
r = sd_id128_get_machine_app_specific(STABLE_SECRET_APP_ID_2, &key);
if (r < 0)
return log_link_debug_errno(link, r, "Failed to generate key: %m");
v = htole64(siphash24_string(link->ifname, key.bytes));
assert_cc(sizeof(v) * 2 == sizeof(a.s6_addr));
memcpy(a.s6_addr + sizeof(v), &v, sizeof(v));
}
r = in6_addr_to_string(&a, &str);
if (r < 0)
return r;
return sysctl_write_ip_property(AF_INET6, link->ifname, "stable_secret", str);
}
static int link_set_ipv4_accept_local(Link *link) {
assert(link);