in6: Modify address prefix lifetimes when updating address lifetimes
When one uses SIOCAIFADDR_IN6 to add a v6 address, it's possible to set the preferred and valid lifetimes of the address. If the address already exists, this ioctl will recalculate and update the expiry times based on the provided timestamps. When adding a new address, the lifetimes are inherited by the prefix as well, but only if we create a new prefix. If the prefix already exists, as it will in the case where an address is being updated rather than being added, we do not touch the prefix lifetimes at all. This means that the original address lifetime still applies to the route associated with that prefix, so when the prefix expires, the route goes away. This behaviour doesn't make a lot of sense: if the admin updates an address lifetime, we should ensure that the prefix lifetime is updated too. Make that change, ensuring that we do not shorten the prefix lifetime, as the prefix might be shared among multiple interface addresses. Add a regression test. Co-authored by: Franco Fichtner <franco@opnsense.org> Reviewed by: pouria, zlei, ae MFC after: 2 weeks Sponsored by: OPNsense Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D54562
This commit is contained in:
@@ -1330,6 +1330,28 @@ in6_addifaddr(struct ifnet *ifp, struct in6_aliasreq *ifra, struct in6_ifaddr *i
|
||||
(*carp_detach_p)(&ia->ia_ifa, false);
|
||||
goto out;
|
||||
}
|
||||
} else if (pr->ndpr_raf_onlink) {
|
||||
time_t expiry;
|
||||
|
||||
/*
|
||||
* If the prefix already exists, update lifetimes, but avoid
|
||||
* shortening them.
|
||||
*/
|
||||
ND6_WLOCK();
|
||||
expiry = in6_expire_time(pr0.ndpr_pltime);
|
||||
if (pr->ndpr_preferred != 0 &&
|
||||
(pr->ndpr_preferred < expiry || expiry == 0)) {
|
||||
pr->ndpr_pltime = pr0.ndpr_pltime;
|
||||
pr->ndpr_preferred = expiry;
|
||||
}
|
||||
expiry = in6_expire_time(pr0.ndpr_vltime);
|
||||
if (pr->ndpr_expire != 0 &&
|
||||
(pr->ndpr_expire < expiry || expiry == 0)) {
|
||||
pr->ndpr_vltime = pr0.ndpr_vltime;
|
||||
pr->ndpr_expire = expiry;
|
||||
}
|
||||
pr->ndpr_lastupdate = time_uptime;
|
||||
ND6_WUNLOCK();
|
||||
}
|
||||
|
||||
/* relate the address to the prefix */
|
||||
|
||||
Reference in New Issue
Block a user