From 9a5b8f3f54ceb90a097d0b2fdc0c81b0e7c78127 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Blin?=
 <sebastien.blin@savoirfairelinux.com>
Date: Fri, 2 Apr 2021 13:51:25 -0400
Subject: [PATCH] pjproject: ignore down interfaces

Some interfaces (typically from docker or virtual machines) were added
in the candidates even if down. For example:

9: br-b8251442502e: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
state DOWN group default

Even if state=DOWN if_enum_by_af consider the ip as valid and adds it in the
candidates because IFF_UP is true. However, if_enum_by_af should use IFF_RUNNING
to detect if the interface is up and running before adding it. Like
 iproute2/bridge/link.c does for print_link_flags.

Resource: https://man7.org/linux/man-pages/man7/netdevice.7.html

Upstream ticket: https://github.com/pjsip/pjproject/issues/2686
Change-Id: I168954509ec935bb45e39700e57a0c12ac837931
GitLab: #495
---
 .../0019-ignore-down-interfaces.patch         | 40 +++++++++++++++++++
 contrib/src/pjproject/rules.mak               |  1 +
 2 files changed, 41 insertions(+)
 create mode 100644 contrib/src/pjproject/0019-ignore-down-interfaces.patch

diff --git a/contrib/src/pjproject/0019-ignore-down-interfaces.patch b/contrib/src/pjproject/0019-ignore-down-interfaces.patch
new file mode 100644
index 0000000000..3216402ea1
--- /dev/null
+++ b/contrib/src/pjproject/0019-ignore-down-interfaces.patch
@@ -0,0 +1,40 @@
+diff --git a/pjlib/src/pj/ip_helper_generic.c b/pjlib/src/pj/ip_helper_generic.c
+index d7bbf725e..2a392d16b 100644
+--- a/pjlib/src/pj/ip_helper_generic.c
++++ b/pjlib/src/pj/ip_helper_generic.c
+@@ -97,6 +97,11 @@ static pj_status_t if_enum_by_af(int af,
+ 	    continue; /* Skip when interface is down */
+ 	}
+ 
++	if ((it->ifa_flags & IFF_RUNNING)==0) {
++	    TRACE_((THIS_FILE, "  interface is not running"));
++	    continue; /* Skip when interface is not running */
++	}
++
+ #if PJ_IP_HELPER_IGNORE_LOOPBACK_IF
+ 	if (it->ifa_flags & IFF_LOOPBACK) {
+ 	    TRACE_((THIS_FILE, "  loopback interface"));
+@@ -208,6 +213,11 @@ static pj_status_t if_enum_by_af(int af,
+ 	    continue; /* Skip when interface is down */
+ 	}
+ 
++	if ((iff.ifr_flags & IFF_RUNNING)==0) {
++	    TRACE_((THIS_FILE, "  interface is not running"));
++	    continue; /* Skip when interface is not running */
++	}
++
+ #if PJ_IP_HELPER_IGNORE_LOOPBACK_IF
+ 	if (iff.ifr_flags & IFF_LOOPBACK) {
+ 	    TRACE_((THIS_FILE, "  loopback interface"));
+@@ -286,6 +296,11 @@ static pj_status_t if_enum_by_af(int af, unsigned *p_cnt, pj_sockaddr ifs[])
+ 	    continue; /* Skip when interface is down */
+ 	}
+ 
++        if ((ifreq.ifr_flags & IFF_RUNNING)==0) {
++	    TRACE_((THIS_FILE, "  interface is not running"));
++	    continue; /* Skip when interface is not running */
++	}
++
+ #if PJ_IP_HELPER_IGNORE_LOOPBACK_IF
+ 	if (ifreq.ifr_flags & IFF_LOOPBACK) {
+ 	    TRACE_((THIS_FILE, "  loopback interface"));
diff --git a/contrib/src/pjproject/rules.mak b/contrib/src/pjproject/rules.mak
index 330f9c410e..b1c273450d 100644
--- a/contrib/src/pjproject/rules.mak
+++ b/contrib/src/pjproject/rules.mak
@@ -63,6 +63,7 @@ pjproject: pjproject-$(PJPROJECT_VERSION).tar.gz .sum-pjproject
 	$(APPLY) $(SRC)/pjproject/0016-use-addrinfo-instead-CFHOST.patch
 	$(APPLY) $(SRC)/pjproject/0017-CVE-2020-15260.patch
 	$(APPLY) $(SRC)/pjproject/0018-CVE-2021-21375.patch
+	$(APPLY) $(SRC)/pjproject/0019-ignore-down-interfaces.patch
 ifdef HAVE_ANDROID
 	$(APPLY) $(SRC)/pjproject/0001-android.patch
 endif
-- 
GitLab