resolved: add an option to control the DNS stub listener

2016-08-31 15:34:29 -07:00 · 2016-08-31 15:34:29 -07:00 · 1ae4329575
parent 07f264e40a
commit 1ae4329575
8 changed files with 63 additions and 16 deletions
--- a/man/resolved.conf.xml
+++ b/man/resolved.conf.xml
@ -213,6 +213,18 @@
        (such as 127.0.0.1 or ::1), in order to avoid duplicate local caching.</para></listitem>
      </varlistentry>

+      <varlistentry>
+        <term><varname>DNSStubListener=</varname></term>
+        <listitem><para>Takes a boolean argument or one of <literal>udp</literal> and <literal>tcp</literal>. If
+        <literal>udp</literal> (the default), a DNS stub resolver will listen for UDP requests on address 127.0.0.53
+        port 53. If <literal>tcp</literal>, the stub will listen for TCP requests on the same address and port. If
+        <literal>yes</literal>, the stub listens for both UDP and TCP requests.  If <literal>no</literal>, the stub
+        listener is disabled.</para>
+
+        <para>Note that the DNS stub listener is turned off implicitly when its listening address and port are already
+        in use.</para></listitem>
+      </varlistentry>
+
    </variablelist>
  </refsect1>

--- a/src/resolve/resolved-conf.c
+++ b/src/resolve/resolved-conf.c
@ -23,8 +23,19 @@
 #include "extract-word.h"
 #include "parse-util.h"
 #include "resolved-conf.h"
+#include "string-table.h"
 #include "string-util.h"

+DEFINE_CONFIG_PARSE_ENUM(config_parse_dns_stub_listener_mode, dns_stub_listener_mode, DnsStubListenerMode, "Failed to parse DNS stub listener mode setting");
+
+static const char* const dns_stub_listener_mode_table[_DNS_STUB_LISTENER_MODE_MAX] = {
+        [DNS_STUB_LISTENER_NO] = "no",
+        [DNS_STUB_LISTENER_UDP] = "udp",
+        [DNS_STUB_LISTENER_TCP] = "tcp",
+        [DNS_STUB_LISTENER_YES] = "yes",
+};
+DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dns_stub_listener_mode, DnsStubListenerMode, DNS_STUB_LISTENER_YES);
+
 int manager_add_dns_server_by_string(Manager *m, DnsServerType type, const char *word) {
        union in_addr_union address;
        int family, r, ifindex = 0;
--- a/src/resolve/resolved-conf.h
+++ b/src/resolve/resolved-conf.h
@ -19,6 +19,17 @@
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
 ***/

+typedef enum DnsStubListenerMode DnsStubListenerMode;
+
+enum DnsStubListenerMode {
+        DNS_STUB_LISTENER_NO,
+        DNS_STUB_LISTENER_UDP,
+        DNS_STUB_LISTENER_TCP,
+        DNS_STUB_LISTENER_YES,
+        _DNS_STUB_LISTENER_MODE_MAX,
+        _DNS_STUB_LISTENER_MODE_INVALID = -1
+};
+
 #include "resolved-manager.h"
 #include "resolved-dns-server.h"

@ -34,3 +45,7 @@ const struct ConfigPerfItem* resolved_gperf_lookup(const char *key, unsigned len

 int config_parse_dns_servers(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
 int config_parse_search_domains(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+int config_parse_dns_stub_listener_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+
+const char* dns_stub_listener_mode_to_string(DnsStubListenerMode p) _const_;
+DnsStubListenerMode dns_stub_listener_mode_from_string(const char *s) _pure_;
--- a/src/resolve/resolved-dns-stub.c
+++ b/src/resolve/resolved-dns-stub.c
@ -540,17 +540,21 @@ int manager_dns_stub_start(Manager *m) {

        assert(m);

-        r = manager_dns_stub_udp_fd(m);
-        if (r == -EADDRINUSE)
-                goto eaddrinuse;
-        if (r < 0)
-                return r;
+        if (IN_SET(m->dns_stub_listener_mode, DNS_STUB_LISTENER_YES, DNS_STUB_LISTENER_UDP)) {
+                r = manager_dns_stub_udp_fd(m);
+                if (r == -EADDRINUSE)
+                        goto eaddrinuse;
+                if (r < 0)
+                        return r;
+        }

-        r = manager_dns_stub_tcp_fd(m);
-        if (r == -EADDRINUSE)
-                goto eaddrinuse;
-        if (r < 0)
-                return r;
+        if (IN_SET(m->dns_stub_listener_mode, DNS_STUB_LISTENER_YES, DNS_STUB_LISTENER_TCP)) {
+                r = manager_dns_stub_tcp_fd(m);
+                if (r == -EADDRINUSE)
+                        goto eaddrinuse;
+                if (r < 0)
+                        return r;
+        }

        return 0;

--- a/src/resolve/resolved-gperf.gperf
+++ b/src/resolve/resolved-gperf.gperf
@ -14,9 +14,10 @@ struct ConfigPerfItem;
 %struct-type
 %includes
 %%
-Resolve.DNS,          config_parse_dns_servers,     DNS_SERVER_SYSTEM,   0
-Resolve.FallbackDNS,  config_parse_dns_servers,     DNS_SERVER_FALLBACK, 0
-Resolve.Domains,      config_parse_search_domains,  0,                   0
-Resolve.LLMNR,        config_parse_resolve_support, 0,                   offsetof(Manager, llmnr_support)
-Resolve.DNSSEC,       config_parse_dnssec_mode,     0,                   offsetof(Manager, dnssec_mode)
-Resolve.Cache,        config_parse_bool,            0,                   offsetof(Manager, enable_cache)
+Resolve.DNS,             config_parse_dns_servers,            DNS_SERVER_SYSTEM,   0
+Resolve.FallbackDNS,     config_parse_dns_servers,            DNS_SERVER_FALLBACK, 0
+Resolve.Domains,         config_parse_search_domains,         0,                   0
+Resolve.LLMNR,           config_parse_resolve_support,        0,                   offsetof(Manager, llmnr_support)
+Resolve.DNSSEC,          config_parse_dnssec_mode,            0,                   offsetof(Manager, dnssec_mode)
+Resolve.Cache,           config_parse_bool,                   0,                   offsetof(Manager, enable_cache)
+Resolve.DNSStubListener, config_parse_dns_stub_listener_mode, 0,                   offsetof(Manager, dns_stub_listener_mode)
--- a/src/resolve/resolved-manager.c
+++ b/src/resolve/resolved-manager.c
@ -501,6 +501,7 @@ int manager_new(Manager **ret) {
        m->mdns_support = RESOLVE_SUPPORT_NO;
        m->dnssec_mode = DEFAULT_DNSSEC_MODE;
        m->enable_cache = true;
+        m->dns_stub_listener_mode = DNS_STUB_LISTENER_UDP;
        m->read_resolv_conf = true;
        m->need_builtin_fallbacks = true;
        m->etc_hosts_last = m->etc_hosts_mtime = USEC_INFINITY;
--- a/src/resolve/resolved-manager.h
+++ b/src/resolve/resolved-manager.h
@ -30,6 +30,7 @@

 typedef struct Manager Manager;

+#include "resolved-conf.h"
 #include "resolved-dns-query.h"
 #include "resolved-dns-search-domain.h"
 #include "resolved-dns-server.h"
@ -47,6 +48,7 @@ struct Manager {
        ResolveSupport mdns_support;
        DnssecMode dnssec_mode;
        bool enable_cache;
+        DnsStubListenerMode dns_stub_listener_mode;

        /* Network */
        Hashmap *links;
--- a/src/resolve/resolved.conf.in
+++ b/src/resolve/resolved.conf.in
@ -18,3 +18,4 @@
 #LLMNR=yes
 #DNSSEC=@DEFAULT_DNSSEC_MODE@
 #Cache=yes
+#DNSStubListener=udp