From ffef01acddcac27caaef02f7f28bff03d7799e5e Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 19 Feb 2024 10:37:23 +0900
Subject: [PATCH] network/ndisc: ignore most fields of RA header when lifetime
 is zero

---
 src/network/networkd-ndisc.c | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c
index bf67cb63bf..99271aa3fd 100644
--- a/src/network/networkd-ndisc.c
+++ b/src/network/networkd-ndisc.c
@@ -518,6 +518,11 @@ static int ndisc_router_process_icmp6_ratelimit(Link *link, sd_ndisc_router *rt)
         if (!link->network->ipv6_accept_ra_use_icmp6_ratelimit)
                 return 0;
 
+        /* Ignore the icmp6 ratelimit field of the RA header if the lifetime is zero. */
+        r = sd_ndisc_router_get_lifetime(rt, NULL);
+        if (r <= 0)
+                return r;
+
         r = sd_ndisc_router_get_icmp6_ratelimit(rt, &icmp6_ratelimit);
         if (r < 0)
                 return log_link_warning_errno(link, r, "Failed to get ICMP6 ratelimit from RA: %m");
@@ -550,6 +555,11 @@ static int ndisc_router_process_retransmission_time(Link *link, sd_ndisc_router
         if (!link->network->ipv6_accept_ra_use_retransmission_time)
                 return 0;
 
+        /* Ignore the retransmission time field of the RA header if the lifetime is zero. */
+        r = sd_ndisc_router_get_lifetime(rt, NULL);
+        if (r <= 0)
+                return r;
+
         r = sd_ndisc_router_get_retransmission_time(rt, &retrans_time);
         if (r < 0)
                 return log_link_warning_errno(link, r, "Failed to get retransmission time from RA: %m");
@@ -567,8 +577,7 @@ static int ndisc_router_process_retransmission_time(Link *link, sd_ndisc_router
         /* Set the retransmission time for Neighbor Solicitations. */
         r = sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "retrans_time_ms", (uint32_t) msec);
         if (r < 0)
-                log_link_warning_errno(
-                        link, r, "Failed to apply neighbor retransmission time (%"PRIu64"), ignoring: %m", msec);
+                log_link_warning_errno(link, r, "Failed to apply neighbor retransmission time (%"PRIu64"), ignoring: %m", msec);
 
         return 0;
 }
@@ -584,6 +593,11 @@ static int ndisc_router_process_hop_limit(Link *link, sd_ndisc_router *rt) {
         if (!link->network->ipv6_accept_ra_use_hop_limit)
                 return 0;
 
+        /* Ignore the hop limit field of the RA header if the lifetime is zero. */
+        r = sd_ndisc_router_get_lifetime(rt, NULL);
+        if (r <= 0)
+                return r;
+
         r = sd_ndisc_router_get_hop_limit(rt, &hop_limit);
         if (r < 0)
                 return log_link_warning_errno(link, r, "Failed to get hop limit from RA: %m");
@@ -1551,6 +1565,12 @@ static int ndisc_start_dhcp6_client(Link *link, sd_ndisc_router *rt) {
         assert(link);
         assert(link->network);
 
+        /* Do not start DHCPv6 client if the router lifetime is zero, as the message sent as a signal of
+         * that the router is e.g. shutting down, revoked, etc,. */
+        r = sd_ndisc_router_get_lifetime(rt, NULL);
+        if (r <= 0)
+                return r;
+
         switch (link->network->ipv6_accept_ra_start_dhcp6_client) {
         case IPV6_ACCEPT_RA_START_DHCP6_CLIENT_NO:
                 return 0;
-- 
2.25.1