picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

networkd: do not automatically propagate bogus DNS/NTP servers 

Never propagate DNS/NTP servers on the local link via the DHCP server. The
DNS/NTP servers 0.0.0.0 and 127.0.0.1 only make sense in the local context,
hence never propagate them automatically to other hosts.

Fixes: #4524
This commit is contained in:
Lennart Poettering 2016-11-18 17:11:12 +01:00
parent a380b2d4c6
commit 49ad68298a
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/network/networkd-link.c
View File

@ -862,15 +862,22 @@ static int link_push_uplink_dns_to_dhcp_server(Link *link, sd_dhcp_server *s) {
return 0;
for (i = 0; i < link->network->n_dns; i++) {
struct in_addr ia;
/* Only look for IPv4 addresses */
if (link->network->dns[i].family != AF_INET)
continue;
ia = link->network->dns[i].address.in;
/* Never propagate obviously borked data */
if (in4_addr_is_null(&ia) || in4_addr_is_localhost(&ia))
continue;
if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + 1))
return log_oom();
addresses[n_addresses++] = link->network->dns[i].address.in;
addresses[n_addresses++] = ia;
}
if (link->network->dhcp_use_dns && link->dhcp_lease) {
@ -911,6 +918,10 @@ static int link_push_uplink_ntp_to_dhcp_server(Link *link, sd_dhcp_server *s) {
if (inet_pton(AF_INET, *a, &ia) <= 0)
continue;
/* Never propagate obviously borked data */
if (in4_addr_is_null(&ia) || in4_addr_is_localhost(&ia))
continue;
if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + 1))
return log_oom();