config: clamp ra_mtu into 1280-65535 range

(ipv6 packets can be up to 4GB in size...)

The old logic had a logic error of || instead of &&

Signed-off-by: Paul Donald <[email protected]>
Link: https://github.com/openwrt/odhcpd/pull/225
Signed-off-by: Álvaro Fernández Rojas <[email protected]>

diff --git a/src/config.c b/src/config.c
index 05daf5deb5b441eed130a2ffb241ba74de4ea3f4..3cd9b5209b4a0aaa2e908affd80e5e9254a11537 100644 (file)
--- a/src/config.c
+++ b/src/config.c
@@ -1389,13 +1389,18 @@ int config_parse_interface(void *data, size_t len, const char *name, bool overwr
        }
 
        if ((c = tb[IFACE_ATTR_RA_MTU])) {
-               uint32_t ra_mtu = blobmsg_get_u32(c);
-
-               if (ra_mtu >= 1280 || ra_mtu <= 65535)
-                       iface->ra_mtu = ra_mtu;
-               else
-                       syslog(LOG_ERR, "Invalid %s value configured for interface '%s'",
-                                       iface_attrs[IFACE_ATTR_RA_MTU].name, iface->name);
+               uint32_t original_ra_mtu, ra_mtu;
+               original_ra_mtu = ra_mtu = blobmsg_get_u32(c);
+               if (ra_mtu < RA_MTU_MIN)
+                       ra_mtu = RA_MTU_MIN;
+               else if (ra_mtu > RA_MTU_MAX)
+                       ra_mtu = RA_MTU_MAX;
+               iface->ra_mtu = ra_mtu;
+
+               if (original_ra_mtu != ra_mtu) {
+                       syslog(LOG_WARNING, "Clamped invalid %s value configured for interface '%s' to %d",
+                               iface_attrs[IFACE_ATTR_RA_MTU].name, iface->name, iface->ra_mtu);
+               }
        }
 
        if ((c = tb[IFACE_ATTR_RA_SLAAC]))

diff --git a/src/router.h b/src/router.h
index 6d826665a2ef514681120ff4704c19071a53e67a..afcf3df6cd0b009f80883494a4dd97e9ef23a5b7 100644 (file)
--- a/src/router.h
+++ b/src/router.h
@@ -83,6 +83,12 @@ struct icmpv6_opt {
                RETRANS_TIMER                 1,000 milliseconds
 */
 #define RETRANS_TIMER_MAX                              60000
+/* RFC2460 §5
+   IPv6 requires that every link in the internet have an MTU of 1280
+   octets or greater. 
+*/
+#define RA_MTU_MIN                                             1280
+#define RA_MTU_MAX                                             65535
 
 #define ND_RA_FLAG_PROXY               0x4
 #define ND_RA_PREF_HIGH                        (1 << 3)