Hi Dominik, On Sun, Sep 06, 2020 at 11:30:46PM +0200, Dominik wrote: > > dnsmasq 2.81: > > inet6 fd42:d287:488a:d7e8:216:3eff:fecb:d41b/64 scope global dynamic > > mngtmpaddr noprefixroute > > > > dnsmasq 2.82: > > inet6 fd42:d287:488a:d7e8:216:3eff:fecb:d41b/64 scope global mngtmpaddr > > noprefixroute > > > > Was this intentional and is it actually a problem? i.e. I'm wondering if > > we should update the tests to not check for 'dynamic', or if a fix in > > dnsmasq is needed instead. > > Hey Iain, > > The only related difference I can see between v2.81 and v2.82 seem to be > this one: > http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4d85e409cd2f4b0935d6ac5e8c72f6a151735d52 > > It's not clear to me when the kernel marks an address as "dynamic". > Changing the flooring of the lease time may or not have an effect here. > Would you be able to compile dnsmasq from source and check if this > behavior you observed can be triggered by going to 4d85e40 and then back > to its parent (2bd02d2)?
Yeah, thanks, I bisected just now and it is this change:
laney@groovy-vm:~/temp/dnsmasq$ git bisect log
git bisect start
# good: [7ddb99d251c3f5870c8c308a98bb8f283c831872] Debian changelog entry for
CVE-2019-14834
git bisect good 7ddb99d251c3f5870c8c308a98bb8f283c831872
# bad: [f60fea1fb0a288011f57a25dfb653b8f6f8b46b9] CHANGELOG: Fix three typoes.
git bisect bad f60fea1fb0a288011f57a25dfb653b8f6f8b46b9
# good: [49bdf1ead9046c5c554c18ff62fe6e6a9e8a880c] Handle listening on
duplicate addresses
git bisect good 49bdf1ead9046c5c554c18ff62fe6e6a9e8a880c
# good: [837e8f4eb550c688e8a83415c42a99c7bf9a4311] Remove runit support when
building debs for Ubuntu.
git bisect good 837e8f4eb550c688e8a83415c42a99c7bf9a4311
# good: [7e194a0a7d483932eb3f416b8f26131ade588acc] Apply floor of 60s to TTL of
DNSKEY and DS records in cache.
git bisect good 7e194a0a7d483932eb3f416b8f26131ade588acc
# bad: [4d85e409cd2f4b0935d6ac5e8c72f6a151735d52] Change default lease time for
DHCPv6 to one day.
git bisect bad 4d85e409cd2f4b0935d6ac5e8c72f6a151735d52
# good: [2bd02d2f595f1d45a8598a5fce85cfc3d41dddd4] Backdated CHANGELOG update.
git bisect good 2bd02d2f595f1d45a8598a5fce85cfc3d41dddd4
# first bad commit: [4d85e409cd2f4b0935d6ac5e8c72f6a151735d52] Change default
lease time for DHCPv6 to one day.
Good to know. Actually, I suppose that means in my pasted output I left
out the real bug, which is:
inet6 fd42:d287:488a:d7e8:216:3eff:fecb:d41b/64 scope global mngtmpaddr
noprefixroute
valid_lft forever preferred_lft forever
The lifetimes are *forever* now, but the intention of that commit is
that they were supposed to be one day (86400 seconds). I think maybe the
intention of the commit was this (attached)?
Cheers,
--
Iain Lane [ i...@orangesquash.org.uk ]
Debian Developer [ la...@debian.org ]
Ubuntu Developer [ la...@ubuntu.com ]
From c1183528816f5d9d61a12c05ceeda5975f422b32 Mon Sep 17 00:00:00 2001
From: Iain Lane <i...@orangesquash.org.uk>
Date: Mon, 7 Sep 2020 10:20:02 +0100
Subject: [PATCH] Make sure valid and preferred lifetimes always get set
In 4d85e409cd2f4b0935d6ac5e8c72f6a151735d52 we skipped setting the floor
time if we were using the default RA interval. The commit was a bit too
broad; it also caused the valid and preferred lifetimes to be skipped
too, meaning that they were set to infinite.
Adjust the check, so that we only apply the "are we using the default?"
check when calculating the floor; but still set up the `time` variable
because that is used later on as a ceiling for valid_lft and
preferred_lft.
---
src/radv.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/radv.c b/src/radv.c
index 41df852..78edaab 100644
--- a/src/radv.c
+++ b/src/radv.c
@@ -629,11 +629,11 @@ static int add_prefixes(struct in6_addr *local, int prefix,
/* find floor time, don't reduce below 3 * RA interval.
If the lease time has been left as default, don't
use that as a floor. */
- if ((context->flags & CONTEXT_SETLEASE) &&
- time > context->lease_time)
+ if (time > context->lease_time)
{
time = context->lease_time;
- if (time < ((unsigned int)(3 * param->adv_interval)))
+ if ((context->flags & CONTEXT_SETLEASE) &&
+ time < ((unsigned int)(2 * param->adv_interval)))
time = 3 * param->adv_interval;
}
--
2.27.0
signature.asc
Description: PGP signature
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
