network/tunnel: allow Local=/Remote=any for all tunnel types

yuwata · bluca · commit 2e68de29d17f · 2024-11-16T10:30:57.000Z
It seems there is no restriction for local and remote addresses. Fixes #34930. (cherry picked from commit 5e48fd0) (cherry picked from commit 3093ac0) (cherry picked from commit 81c8433) (cherry picked from commit 6f19e9f)
diff --git a/src/network/netdev/tunnel.c b/src/network/netdev/tunnel.c
@@ -710,34 +710,27 @@ static int netdev_tunnel_verify(NetDev *netdev, const char *filename) {
                 }
         }
 
-        if (IN_SET(netdev->kind, NETDEV_KIND_VTI, NETDEV_KIND_IPIP, NETDEV_KIND_SIT, NETDEV_KIND_GRE) &&
-            !IN_SET(t->family, AF_UNSPEC, AF_INET))
-                return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
-                                              "vti/ipip/sit/gre tunnel without a local/remote IPv4 address configured in %s. Ignoring", filename);
-
-        if (IN_SET(netdev->kind, NETDEV_KIND_GRETAP, NETDEV_KIND_ERSPAN) &&
-            (t->family != AF_INET || !in_addr_is_set(t->family, &t->remote)))
-                return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
-                                              "gretap/erspan tunnel without a remote IPv4 address configured in %s. Ignoring", filename);
+        if (IN_SET(netdev->kind, NETDEV_KIND_VTI, NETDEV_KIND_IPIP, NETDEV_KIND_SIT, NETDEV_KIND_GRE, NETDEV_KIND_GRETAP, NETDEV_KIND_ERSPAN)) {
+                if (!IN_SET(t->family, AF_UNSPEC, AF_INET))
+                        return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
+                                                      "%s tunnel without a local/remote IPv4 address configured in %s, ignoring.",
+                                                      netdev_kind_to_string(netdev->kind), filename);
 
-        if ((IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL) && t->family != AF_INET6) ||
-            (netdev->kind == NETDEV_KIND_IP6GRE && !IN_SET(t->family, AF_UNSPEC, AF_INET6)))
-                return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
-                                              "vti6/ip6tnl/ip6gre tunnel without a local/remote IPv6 address configured in %s. Ignoring", filename);
+                t->family = AF_INET; /* For netlink_message_append_in_addr_union(). */
+        }
 
-        if (netdev->kind == NETDEV_KIND_IP6GRETAP &&
-            (t->family != AF_INET6 || !in_addr_is_set(t->family, &t->remote)))
-                return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
-                                              "ip6gretap tunnel without a remote IPv6 address configured in %s. Ignoring", filename);
+        if (IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL, NETDEV_KIND_IP6GRE, NETDEV_KIND_IP6GRETAP)) {
+                if (!IN_SET(t->family, AF_UNSPEC, AF_INET6))
+                        return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
+                                                      "%s tunnel without a local/remote IPv6 address configured in %s, ignoring,",
+                                                      netdev_kind_to_string(netdev->kind), filename);
+                t->family = AF_INET6; /* For netlink_message_append_in_addr_union(). */
+        }
 
         if (t->fou_tunnel && t->fou_destination_port <= 0)
                 return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
                                               "FooOverUDP missing port configured in %s. Ignoring", filename);
 
-        /* netlink_message_append_in_addr_union() is used for vti/vti6. So, t->family cannot be AF_UNSPEC. */
-        if (netdev->kind == NETDEV_KIND_VTI)
-                t->family = AF_INET;
-
         if (t->assign_to_loopback)
                 t->independent = true;
 
