resolved: beef up DNS server configuration logic
We now maintain two lists of DNS servers: system servers and fallback servers. system servers are used in combination with any per-link servers. fallback servers are only used if there are no system servers or per-link servers configured. The system server list is supposed to be populated from a foreign tool's /etc/resolv.conf (not implemented yet). Also adds a configuration switch for LLMNR, that allows configuring whether LLMNR shall be used simply for resolving or also for responding.
This commit is contained in:
parent
e70df46b97
commit
4e945a6f79
|
@ -4735,6 +4735,8 @@ systemd_resolved_SOURCES = \
|
||||||
src/resolve/resolved.h \
|
src/resolve/resolved.h \
|
||||||
src/resolve/resolved.c \
|
src/resolve/resolved.c \
|
||||||
src/resolve/resolved-manager.c \
|
src/resolve/resolved-manager.c \
|
||||||
|
src/resolve/resolved-conf.c \
|
||||||
|
src/resolve/resolved-conf.h \
|
||||||
src/resolve/resolved-bus.c \
|
src/resolve/resolved-bus.c \
|
||||||
src/resolve/resolved-link.h \
|
src/resolve/resolved-link.h \
|
||||||
src/resolve/resolved-link.c \
|
src/resolve/resolved-link.c \
|
||||||
|
|
157
src/resolve/resolved-conf.c
Normal file
157
src/resolve/resolved-conf.c
Normal file
|
@ -0,0 +1,157 @@
|
||||||
|
/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
|
||||||
|
|
||||||
|
/***
|
||||||
|
This file is part of systemd.
|
||||||
|
|
||||||
|
Copyright 2014 Tom Gundersen <teg@jklm.no>
|
||||||
|
|
||||||
|
systemd is free software; you can redistribute it and/or modify it
|
||||||
|
under the terms of the GNU Lesser General Public License as published by
|
||||||
|
the Free Software Foundation; either version 2.1 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
systemd is distributed in the hope that it will be useful, but
|
||||||
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
Lesser General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU Lesser General Public License
|
||||||
|
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
***/
|
||||||
|
|
||||||
|
#include "conf-parser.h"
|
||||||
|
|
||||||
|
#include "resolved-conf.h"
|
||||||
|
|
||||||
|
int manager_parse_dns_server(Manager *m, DnsServerType type, const char *string) {
|
||||||
|
const char *word, *state;
|
||||||
|
size_t length;
|
||||||
|
DnsServer *first;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
assert(m);
|
||||||
|
assert(string);
|
||||||
|
|
||||||
|
first = type == DNS_SERVER_FALLBACK ? m->fallback_dns_servers : m->dns_servers;
|
||||||
|
|
||||||
|
FOREACH_WORD_QUOTED(word, length, string, state) {
|
||||||
|
char buffer[length+1];
|
||||||
|
int family;
|
||||||
|
union in_addr_union addr;
|
||||||
|
bool found = false;
|
||||||
|
DnsServer *s;
|
||||||
|
|
||||||
|
memcpy(buffer, word, length);
|
||||||
|
buffer[length] = 0;
|
||||||
|
|
||||||
|
r = in_addr_from_string_auto(buffer, &family, &addr);
|
||||||
|
if (r < 0) {
|
||||||
|
log_warning("Ignoring invalid DNS address '%s'", buffer);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Filter out duplicates */
|
||||||
|
LIST_FOREACH(servers, s, first)
|
||||||
|
if (s->family == family && in_addr_equal(family, &s->address, &addr)) {
|
||||||
|
found = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (found)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
r = dns_server_new(m, NULL, type, NULL, family, &addr);
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
int config_parse_dnsv(
|
||||||
|
const char *unit,
|
||||||
|
const char *filename,
|
||||||
|
unsigned line,
|
||||||
|
const char *section,
|
||||||
|
unsigned section_line,
|
||||||
|
const char *lvalue,
|
||||||
|
int ltype,
|
||||||
|
const char *rvalue,
|
||||||
|
void *data,
|
||||||
|
void *userdata) {
|
||||||
|
|
||||||
|
Manager *m = userdata;
|
||||||
|
DnsServer **l;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
assert(filename);
|
||||||
|
assert(lvalue);
|
||||||
|
assert(rvalue);
|
||||||
|
assert(m);
|
||||||
|
|
||||||
|
if (ltype == DNS_SERVER_FALLBACK)
|
||||||
|
l = &m->fallback_dns_servers;
|
||||||
|
else
|
||||||
|
l = &m->dns_servers;
|
||||||
|
|
||||||
|
/* Empty assignment means clear the list */
|
||||||
|
if (isempty(rvalue)) {
|
||||||
|
while (*l)
|
||||||
|
dns_server_free(*l);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
r = manager_parse_dns_server(m, ltype, rvalue);
|
||||||
|
if (r < 0) {
|
||||||
|
log_syntax(unit, LOG_ERR, filename, line, -r, "Failed to parse DNS server string '%s'. Ignoring.", rvalue);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
int config_parse_support(
|
||||||
|
const char *unit,
|
||||||
|
const char *filename,
|
||||||
|
unsigned line,
|
||||||
|
const char *section,
|
||||||
|
unsigned section_line,
|
||||||
|
const char *lvalue,
|
||||||
|
int ltype,
|
||||||
|
const char *rvalue,
|
||||||
|
void *data,
|
||||||
|
void *userdata) {
|
||||||
|
|
||||||
|
Manager *m = userdata;
|
||||||
|
Support support, *v = data;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
assert(filename);
|
||||||
|
assert(lvalue);
|
||||||
|
assert(rvalue);
|
||||||
|
assert(m);
|
||||||
|
|
||||||
|
support = support_from_string(rvalue);
|
||||||
|
if (support < 0) {
|
||||||
|
r = parse_boolean(rvalue);
|
||||||
|
if (r < 0) {
|
||||||
|
log_syntax(unit, LOG_ERR, filename, line, -r, "Failed to parse support level '%s'. Ignoring.", rvalue);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
support = r ? SUPPORT_YES : SUPPORT_NO;
|
||||||
|
}
|
||||||
|
|
||||||
|
*v = support;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
int manager_parse_config_file(Manager *m) {
|
||||||
|
assert(m);
|
||||||
|
|
||||||
|
return config_parse(NULL, "/etc/systemd/resolved.conf", NULL,
|
||||||
|
"Resolve\0",
|
||||||
|
config_item_perf_lookup, resolved_gperf_lookup,
|
||||||
|
false, false, true, m);
|
||||||
|
}
|
32
src/resolve/resolved-conf.h
Normal file
32
src/resolve/resolved-conf.h
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
|
||||||
|
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
/***
|
||||||
|
This file is part of systemd.
|
||||||
|
|
||||||
|
Copyright 2014 Tom Gundersen <teg@jklm.no>
|
||||||
|
|
||||||
|
systemd is free software; you can redistribute it and/or modify it
|
||||||
|
under the terms of the GNU Lesser General Public License as published by
|
||||||
|
the Free Software Foundation; either version 2.1 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
systemd is distributed in the hope that it will be useful, but
|
||||||
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
Lesser General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU Lesser General Public License
|
||||||
|
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
***/
|
||||||
|
|
||||||
|
#include "resolved.h"
|
||||||
|
|
||||||
|
int manager_parse_dns_server(Manager *m, DnsServerType type, const char *string);
|
||||||
|
int manager_parse_config_file(Manager *m);
|
||||||
|
|
||||||
|
const struct ConfigPerfItem* resolved_gperf_lookup(const char *key, unsigned length);
|
||||||
|
|
||||||
|
int config_parse_dnsv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||||
|
int config_parse_support(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
|
@ -384,7 +384,7 @@ int dns_scope_good_dns_server(DnsScope *s, int family, const union in_addr_union
|
||||||
if (s->link)
|
if (s->link)
|
||||||
return !!link_find_dns_server(s->link, family, address);
|
return !!link_find_dns_server(s->link, family, address);
|
||||||
else
|
else
|
||||||
return !!manager_find_dns_server(s->manager, family, address);
|
return manager_known_dns_server(s->manager, family, address);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int dns_scope_make_reply_packet(
|
static int dns_scope_make_reply_packet(
|
||||||
|
|
|
@ -24,6 +24,7 @@
|
||||||
int dns_server_new(
|
int dns_server_new(
|
||||||
Manager *m,
|
Manager *m,
|
||||||
DnsServer **ret,
|
DnsServer **ret,
|
||||||
|
DnsServerType type,
|
||||||
Link *l,
|
Link *l,
|
||||||
int family,
|
int family,
|
||||||
const union in_addr_union *in_addr) {
|
const union in_addr_union *in_addr) {
|
||||||
|
@ -31,26 +32,40 @@ int dns_server_new(
|
||||||
DnsServer *s, *tail;
|
DnsServer *s, *tail;
|
||||||
|
|
||||||
assert(m);
|
assert(m);
|
||||||
|
assert((type == DNS_SERVER_LINK) == !!l);
|
||||||
assert(in_addr);
|
assert(in_addr);
|
||||||
|
|
||||||
s = new0(DnsServer, 1);
|
s = new0(DnsServer, 1);
|
||||||
if (!s)
|
if (!s)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
|
s->type = type;
|
||||||
s->family = family;
|
s->family = family;
|
||||||
s->address = *in_addr;
|
s->address = *in_addr;
|
||||||
|
|
||||||
if (l) {
|
if (type == DNS_SERVER_LINK) {
|
||||||
LIST_FIND_TAIL(servers, l->dns_servers, tail);
|
LIST_FIND_TAIL(servers, l->dns_servers, tail);
|
||||||
LIST_INSERT_AFTER(servers, l->dns_servers, tail, s);
|
LIST_INSERT_AFTER(servers, l->dns_servers, tail, s);
|
||||||
s->link = l;
|
s->link = l;
|
||||||
} else {
|
} else if (type == DNS_SERVER_SYSTEM) {
|
||||||
LIST_FIND_TAIL(servers, m->dns_servers, tail);
|
LIST_FIND_TAIL(servers, m->dns_servers, tail);
|
||||||
LIST_INSERT_AFTER(servers, m->dns_servers, tail, s);
|
LIST_INSERT_AFTER(servers, m->dns_servers, tail, s);
|
||||||
}
|
} else if (type == DNS_SERVER_FALLBACK) {
|
||||||
|
LIST_FIND_TAIL(servers, m->fallback_dns_servers, tail);
|
||||||
|
LIST_INSERT_AFTER(servers, m->fallback_dns_servers, tail, s);
|
||||||
|
} else
|
||||||
|
assert_not_reached("Unknown server type");
|
||||||
|
|
||||||
s->manager = m;
|
s->manager = m;
|
||||||
|
|
||||||
|
/* A new DNS server that isn't fallback is added and the one
|
||||||
|
* we used so far was a fallback one? Then let's try to pick
|
||||||
|
* the new one */
|
||||||
|
if (type != DNS_SERVER_FALLBACK &&
|
||||||
|
s->manager->current_dns_server &&
|
||||||
|
s->manager->current_dns_server->type == DNS_SERVER_FALLBACK)
|
||||||
|
s->manager->current_dns_server = NULL;
|
||||||
|
|
||||||
if (ret)
|
if (ret)
|
||||||
*ret = s;
|
*ret = s;
|
||||||
|
|
||||||
|
@ -62,10 +77,14 @@ DnsServer* dns_server_free(DnsServer *s) {
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
if (s->manager) {
|
if (s->manager) {
|
||||||
if (s->link)
|
if (s->type == DNS_SERVER_LINK)
|
||||||
LIST_REMOVE(servers, s->link->dns_servers, s);
|
LIST_REMOVE(servers, s->link->dns_servers, s);
|
||||||
else
|
else if (s->type == DNS_SERVER_SYSTEM)
|
||||||
LIST_REMOVE(servers, s->manager->dns_servers, s);
|
LIST_REMOVE(servers, s->manager->dns_servers, s);
|
||||||
|
else if (s->type == DNS_SERVER_FALLBACK)
|
||||||
|
LIST_REMOVE(servers, s->manager->fallback_dns_servers, s);
|
||||||
|
else
|
||||||
|
assert_not_reached("Unknown server type");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (s->link && s->link->current_dns_server == s)
|
if (s->link && s->link->current_dns_server == s)
|
||||||
|
|
|
@ -30,9 +30,17 @@ typedef enum DnsServerSource DnsServerSource;
|
||||||
#include "resolved-link.h"
|
#include "resolved-link.h"
|
||||||
#include "resolved-dns-server.h"
|
#include "resolved-dns-server.h"
|
||||||
|
|
||||||
|
typedef enum DnsServerType {
|
||||||
|
DNS_SERVER_SYSTEM,
|
||||||
|
DNS_SERVER_FALLBACK,
|
||||||
|
DNS_SERVER_LINK,
|
||||||
|
} DnsServerType;
|
||||||
|
|
||||||
struct DnsServer {
|
struct DnsServer {
|
||||||
Manager *manager;
|
Manager *manager;
|
||||||
|
|
||||||
|
DnsServerType type;
|
||||||
|
|
||||||
Link *link;
|
Link *link;
|
||||||
|
|
||||||
int family;
|
int family;
|
||||||
|
@ -46,6 +54,7 @@ struct DnsServer {
|
||||||
int dns_server_new(
|
int dns_server_new(
|
||||||
Manager *m,
|
Manager *m,
|
||||||
DnsServer **s,
|
DnsServer **s,
|
||||||
|
DnsServerType type,
|
||||||
Link *l,
|
Link *l,
|
||||||
int family,
|
int family,
|
||||||
const union in_addr_union *address);
|
const union in_addr_union *address);
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
%{
|
%{
|
||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
#include "conf-parser.h"
|
#include "conf-parser.h"
|
||||||
#include "resolved.h"
|
#include "resolved-conf.h"
|
||||||
%}
|
%}
|
||||||
struct ConfigPerfItem;
|
struct ConfigPerfItem;
|
||||||
%null_strings
|
%null_strings
|
||||||
|
@ -14,4 +14,6 @@ struct ConfigPerfItem;
|
||||||
%struct-type
|
%struct-type
|
||||||
%includes
|
%includes
|
||||||
%%
|
%%
|
||||||
Resolve.DNS, config_parse_dnsv, 0, 0
|
Resolve.DNS, config_parse_dnsv, DNS_SERVER_SYSTEM, 0
|
||||||
|
Resolve.FallbackDNS, config_parse_dnsv, DNS_SERVER_FALLBACK, 0
|
||||||
|
Resolve.LLMNR, config_parse_support, 0, offsetof(Manager, llmnr_support)
|
||||||
|
|
|
@ -92,7 +92,7 @@ static void link_allocate_scopes(Link *l) {
|
||||||
} else
|
} else
|
||||||
l->unicast_scope = dns_scope_free(l->unicast_scope);
|
l->unicast_scope = dns_scope_free(l->unicast_scope);
|
||||||
|
|
||||||
if (link_relevant(l, AF_INET) && l->manager->use_llmnr) {
|
if (link_relevant(l, AF_INET) && l->manager->llmnr_support != SUPPORT_NO) {
|
||||||
if (!l->llmnr_ipv4_scope) {
|
if (!l->llmnr_ipv4_scope) {
|
||||||
r = dns_scope_new(l->manager, &l->llmnr_ipv4_scope, l, DNS_PROTOCOL_LLMNR, AF_INET);
|
r = dns_scope_new(l->manager, &l->llmnr_ipv4_scope, l, DNS_PROTOCOL_LLMNR, AF_INET);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -101,7 +101,7 @@ static void link_allocate_scopes(Link *l) {
|
||||||
} else
|
} else
|
||||||
l->llmnr_ipv4_scope = dns_scope_free(l->llmnr_ipv4_scope);
|
l->llmnr_ipv4_scope = dns_scope_free(l->llmnr_ipv4_scope);
|
||||||
|
|
||||||
if (link_relevant(l, AF_INET6) && l->manager->use_llmnr) {
|
if (link_relevant(l, AF_INET6) && l->manager->llmnr_support != SUPPORT_NO) {
|
||||||
if (!l->llmnr_ipv6_scope) {
|
if (!l->llmnr_ipv6_scope) {
|
||||||
r = dns_scope_new(l->manager, &l->llmnr_ipv6_scope, l, DNS_PROTOCOL_LLMNR, AF_INET6);
|
r = dns_scope_new(l->manager, &l->llmnr_ipv6_scope, l, DNS_PROTOCOL_LLMNR, AF_INET6);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -169,7 +169,7 @@ static int link_update_dns_servers(Link *l) {
|
||||||
if (s)
|
if (s)
|
||||||
s->marked = false;
|
s->marked = false;
|
||||||
else {
|
else {
|
||||||
r = dns_server_new(l->manager, NULL, l, family, &a);
|
r = dns_server_new(l->manager, NULL, DNS_SERVER_LINK, l, family, &a);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
goto clear;
|
goto clear;
|
||||||
}
|
}
|
||||||
|
@ -248,11 +248,29 @@ DnsServer* link_find_dns_server(Link *l, int family, const union in_addr_union *
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static DnsServer* link_set_dns_server(Link *l, DnsServer *s) {
|
||||||
|
assert(l);
|
||||||
|
|
||||||
|
if (l->current_dns_server == s)
|
||||||
|
return s;
|
||||||
|
|
||||||
|
if (s) {
|
||||||
|
_cleanup_free_ char *ip = NULL;
|
||||||
|
|
||||||
|
in_addr_to_string(s->family, &s->address, &ip);
|
||||||
|
log_info("Switching to DNS server %s for interface %s.", strna(ip), l->name);
|
||||||
|
} else
|
||||||
|
log_info("No DNS server set for interface %s.", l->name);
|
||||||
|
|
||||||
|
l->current_dns_server = s;
|
||||||
|
return s;
|
||||||
|
}
|
||||||
|
|
||||||
DnsServer *link_get_dns_server(Link *l) {
|
DnsServer *link_get_dns_server(Link *l) {
|
||||||
assert(l);
|
assert(l);
|
||||||
|
|
||||||
if (!l->current_dns_server)
|
if (!l->current_dns_server)
|
||||||
l->current_dns_server = l->dns_servers;
|
link_set_dns_server(l, l->dns_servers);
|
||||||
|
|
||||||
return l->current_dns_server;
|
return l->current_dns_server;
|
||||||
}
|
}
|
||||||
|
@ -260,23 +278,15 @@ DnsServer *link_get_dns_server(Link *l) {
|
||||||
void link_next_dns_server(Link *l) {
|
void link_next_dns_server(Link *l) {
|
||||||
assert(l);
|
assert(l);
|
||||||
|
|
||||||
/* Switch to the next DNS server */
|
|
||||||
|
|
||||||
if (!l->current_dns_server) {
|
|
||||||
l->current_dns_server = l->dns_servers;
|
|
||||||
if (l->current_dns_server)
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!l->current_dns_server)
|
if (!l->current_dns_server)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
if (l->current_dns_server->servers_next) {
|
if (l->current_dns_server->servers_next) {
|
||||||
l->current_dns_server = l->current_dns_server->servers_next;
|
link_set_dns_server(l, l->current_dns_server->servers_next);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
l->current_dns_server = l->dns_servers;
|
link_set_dns_server(l, l->dns_servers);
|
||||||
}
|
}
|
||||||
|
|
||||||
int link_address_new(Link *l, LinkAddress **ret, int family, const union in_addr_union *in_addr) {
|
int link_address_new(Link *l, LinkAddress **ret, int family, const union in_addr_union *in_addr) {
|
||||||
|
@ -337,7 +347,11 @@ void link_address_add_rrs(LinkAddress *a, bool force_remove) {
|
||||||
|
|
||||||
if (a->family == AF_INET) {
|
if (a->family == AF_INET) {
|
||||||
|
|
||||||
if (!force_remove && link_address_relevant(a) && a->link->llmnr_ipv4_scope) {
|
if (!force_remove &&
|
||||||
|
link_address_relevant(a) &&
|
||||||
|
a->link->llmnr_ipv4_scope &&
|
||||||
|
a->link->manager->llmnr_support == SUPPORT_YES) {
|
||||||
|
|
||||||
if (!a->link->manager->host_ipv4_key) {
|
if (!a->link->manager->host_ipv4_key) {
|
||||||
a->link->manager->host_ipv4_key = dns_resource_key_new(DNS_CLASS_IN, DNS_TYPE_A, a->link->manager->hostname);
|
a->link->manager->host_ipv4_key = dns_resource_key_new(DNS_CLASS_IN, DNS_TYPE_A, a->link->manager->hostname);
|
||||||
if (!a->link->manager->host_ipv4_key) {
|
if (!a->link->manager->host_ipv4_key) {
|
||||||
|
@ -389,7 +403,11 @@ void link_address_add_rrs(LinkAddress *a, bool force_remove) {
|
||||||
|
|
||||||
if (a->family == AF_INET6) {
|
if (a->family == AF_INET6) {
|
||||||
|
|
||||||
if (!force_remove && link_address_relevant(a) && a->link->llmnr_ipv6_scope) {
|
if (!force_remove &&
|
||||||
|
link_address_relevant(a) &&
|
||||||
|
a->link->llmnr_ipv6_scope &&
|
||||||
|
a->link->manager->llmnr_support == SUPPORT_YES) {
|
||||||
|
|
||||||
if (!a->link->manager->host_ipv6_key) {
|
if (!a->link->manager->host_ipv6_key) {
|
||||||
a->link->manager->host_ipv6_key = dns_resource_key_new(DNS_CLASS_IN, DNS_TYPE_AAAA, a->link->manager->hostname);
|
a->link->manager->host_ipv6_key = dns_resource_key_new(DNS_CLASS_IN, DNS_TYPE_AAAA, a->link->manager->hostname);
|
||||||
if (!a->link->manager->host_ipv6_key) {
|
if (!a->link->manager->host_ipv6_key) {
|
||||||
|
|
|
@ -33,8 +33,10 @@
|
||||||
#include "conf-parser.h"
|
#include "conf-parser.h"
|
||||||
#include "socket-util.h"
|
#include "socket-util.h"
|
||||||
#include "af-list.h"
|
#include "af-list.h"
|
||||||
#include "resolved.h"
|
|
||||||
#include "utf8.h"
|
#include "utf8.h"
|
||||||
|
|
||||||
|
#include "resolved.h"
|
||||||
|
#include "resolved-conf.h"
|
||||||
#include "resolved-dns-domain.h"
|
#include "resolved-dns-domain.h"
|
||||||
|
|
||||||
#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
|
#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
|
||||||
|
@ -305,87 +307,6 @@ static int manager_network_monitor_listen(Manager *m) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int parse_dns_server_string(Manager *m, const char *string) {
|
|
||||||
const char *word, *state;
|
|
||||||
size_t length;
|
|
||||||
int r;
|
|
||||||
|
|
||||||
assert(m);
|
|
||||||
assert(string);
|
|
||||||
|
|
||||||
FOREACH_WORD_QUOTED(word, length, string, state) {
|
|
||||||
char buffer[length+1];
|
|
||||||
int family;
|
|
||||||
union in_addr_union addr;
|
|
||||||
|
|
||||||
memcpy(buffer, word, length);
|
|
||||||
buffer[length] = 0;
|
|
||||||
|
|
||||||
r = in_addr_from_string_auto(buffer, &family, &addr);
|
|
||||||
if (r < 0) {
|
|
||||||
log_warning("Ignoring invalid DNS address '%s'", buffer);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* filter out duplicates */
|
|
||||||
if (manager_find_dns_server(m, family, &addr))
|
|
||||||
continue;
|
|
||||||
|
|
||||||
r = dns_server_new(m, NULL, NULL, family, &addr);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
}
|
|
||||||
/* do not warn about state here, since probably systemd already did */
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
int config_parse_dnsv(
|
|
||||||
const char *unit,
|
|
||||||
const char *filename,
|
|
||||||
unsigned line,
|
|
||||||
const char *section,
|
|
||||||
unsigned section_line,
|
|
||||||
const char *lvalue,
|
|
||||||
int ltype,
|
|
||||||
const char *rvalue,
|
|
||||||
void *data,
|
|
||||||
void *userdata) {
|
|
||||||
|
|
||||||
Manager *m = userdata;
|
|
||||||
int r;
|
|
||||||
|
|
||||||
assert(filename);
|
|
||||||
assert(lvalue);
|
|
||||||
assert(rvalue);
|
|
||||||
assert(m);
|
|
||||||
|
|
||||||
/* Empty assignment means clear the list */
|
|
||||||
if (isempty(rvalue)) {
|
|
||||||
while (m->dns_servers)
|
|
||||||
dns_server_free(m->dns_servers);
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
r = parse_dns_server_string(m, rvalue);
|
|
||||||
if (r < 0) {
|
|
||||||
log_error("Failed to parse DNS server string");
|
|
||||||
return r;
|
|
||||||
}
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
int manager_parse_config_file(Manager *m) {
|
|
||||||
assert(m);
|
|
||||||
|
|
||||||
return config_parse(NULL, "/etc/systemd/resolved.conf", NULL,
|
|
||||||
"Resolve\0",
|
|
||||||
config_item_perf_lookup, resolved_gperf_lookup,
|
|
||||||
false, false, true, m);
|
|
||||||
}
|
|
||||||
|
|
||||||
static int determine_hostname(char **ret) {
|
static int determine_hostname(char **ret) {
|
||||||
_cleanup_free_ char *h = NULL, *n = NULL;
|
_cleanup_free_ char *h = NULL, *n = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
@ -487,9 +408,9 @@ int manager_new(Manager **ret) {
|
||||||
m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
|
m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
|
||||||
m->hostname_fd = -1;
|
m->hostname_fd = -1;
|
||||||
|
|
||||||
m->use_llmnr = true;
|
m->llmnr_support = SUPPORT_YES;
|
||||||
|
|
||||||
r = parse_dns_server_string(m, DNS_SERVERS);
|
r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
|
@ -560,6 +481,8 @@ Manager *manager_free(Manager *m) {
|
||||||
|
|
||||||
while (m->dns_servers)
|
while (m->dns_servers)
|
||||||
dns_server_free(m->dns_servers);
|
dns_server_free(m->dns_servers);
|
||||||
|
while (m->fallback_dns_servers)
|
||||||
|
dns_server_free(m->fallback_dns_servers);
|
||||||
|
|
||||||
sd_event_source_unref(m->network_event_source);
|
sd_event_source_unref(m->network_event_source);
|
||||||
sd_network_monitor_unref(m->network_monitor);
|
sd_network_monitor_unref(m->network_monitor);
|
||||||
|
@ -605,8 +528,8 @@ static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
|
||||||
assert(count);
|
assert(count);
|
||||||
|
|
||||||
r = in_addr_to_string(s->family, &s->address, &t);
|
r = in_addr_to_string(s->family, &s->address, &t);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning("Invalid DNS address. Ignoring.");
|
log_warning("Invalid DNS address. Ignoring: %s", strerror(-r));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -618,7 +541,7 @@ static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
|
||||||
}
|
}
|
||||||
|
|
||||||
int manager_write_resolv_conf(Manager *m) {
|
int manager_write_resolv_conf(Manager *m) {
|
||||||
const char *path = "/run/systemd/resolve/resolv.conf";
|
static const char path[] = "/run/systemd/resolve/resolv.conf";
|
||||||
_cleanup_free_ char *temp_path = NULL;
|
_cleanup_free_ char *temp_path = NULL;
|
||||||
_cleanup_fclose_ FILE *f = NULL;
|
_cleanup_fclose_ FILE *f = NULL;
|
||||||
unsigned count = 0;
|
unsigned count = 0;
|
||||||
|
@ -641,12 +564,17 @@ int manager_write_resolv_conf(Manager *m) {
|
||||||
"# resolv.conf(5) in a different way, replace the symlink by a\n"
|
"# resolv.conf(5) in a different way, replace the symlink by a\n"
|
||||||
"# static file or a different symlink.\n\n", f);
|
"# static file or a different symlink.\n\n", f);
|
||||||
|
|
||||||
|
LIST_FOREACH(servers, s, m->dns_servers)
|
||||||
|
write_resolve_conf_server(s, f, &count);
|
||||||
|
|
||||||
HASHMAP_FOREACH(l, m->links, i)
|
HASHMAP_FOREACH(l, m->links, i)
|
||||||
LIST_FOREACH(servers, s, l->dns_servers)
|
LIST_FOREACH(servers, s, l->dns_servers)
|
||||||
write_resolve_conf_server(s, f, &count);
|
write_resolve_conf_server(s, f, &count);
|
||||||
|
|
||||||
LIST_FOREACH(servers, s, m->dns_servers)
|
if (count == 0) {
|
||||||
write_resolve_conf_server(s, f, &count);
|
LIST_FOREACH(servers, s, m->fallback_dns_servers)
|
||||||
|
write_resolve_conf_server(s, f, &count);
|
||||||
|
}
|
||||||
|
|
||||||
r = fflush_and_check(f);
|
r = fflush_and_check(f);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -1017,27 +945,65 @@ int manager_send(Manager *m, int fd, int ifindex, int family, const union in_add
|
||||||
return -EAFNOSUPPORT;
|
return -EAFNOSUPPORT;
|
||||||
}
|
}
|
||||||
|
|
||||||
DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
|
bool manager_known_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
|
||||||
DnsServer *s;
|
DnsServer *s;
|
||||||
|
|
||||||
assert(m);
|
assert(m);
|
||||||
assert(in_addr);
|
assert(in_addr);
|
||||||
|
|
||||||
LIST_FOREACH(servers, s, m->dns_servers) {
|
LIST_FOREACH(servers, s, m->dns_servers)
|
||||||
|
if (s->family == family && in_addr_equal(family, &s->address, in_addr))
|
||||||
|
return true;
|
||||||
|
|
||||||
if (s->family == family &&
|
LIST_FOREACH(servers, s, m->fallback_dns_servers)
|
||||||
in_addr_equal(family, &s->address, in_addr))
|
if (s->family == family && in_addr_equal(family, &s->address, in_addr))
|
||||||
return s;
|
return true;
|
||||||
}
|
|
||||||
|
|
||||||
return NULL;
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
static DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
|
||||||
|
assert(m);
|
||||||
|
|
||||||
|
if (m->current_dns_server == s)
|
||||||
|
return s;
|
||||||
|
|
||||||
|
if (s) {
|
||||||
|
_cleanup_free_ char *ip = NULL;
|
||||||
|
|
||||||
|
in_addr_to_string(s->family, &s->address, &ip);
|
||||||
|
log_info("Switching to system DNS server %s.", strna(ip));
|
||||||
|
} else
|
||||||
|
log_info("No system DNS server set.");
|
||||||
|
|
||||||
|
m->current_dns_server = s;
|
||||||
|
return s;
|
||||||
}
|
}
|
||||||
|
|
||||||
DnsServer *manager_get_dns_server(Manager *m) {
|
DnsServer *manager_get_dns_server(Manager *m) {
|
||||||
|
Link *l;
|
||||||
assert(m);
|
assert(m);
|
||||||
|
|
||||||
if (!m->current_dns_server)
|
if (!m->current_dns_server)
|
||||||
m->current_dns_server = m->dns_servers;
|
manager_set_dns_server(m, m->dns_servers);
|
||||||
|
|
||||||
|
if (!m->current_dns_server) {
|
||||||
|
bool found = false;
|
||||||
|
Iterator i;
|
||||||
|
|
||||||
|
/* No DNS servers configured, let's see if there are
|
||||||
|
* any on any links. If not, we use the fallback
|
||||||
|
* servers */
|
||||||
|
|
||||||
|
HASHMAP_FOREACH(l, m->links, i)
|
||||||
|
if (l->dns_servers) {
|
||||||
|
found = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!found)
|
||||||
|
manager_set_dns_server(m, m->fallback_dns_servers);
|
||||||
|
}
|
||||||
|
|
||||||
return m->current_dns_server;
|
return m->current_dns_server;
|
||||||
}
|
}
|
||||||
|
@ -1045,20 +1011,23 @@ DnsServer *manager_get_dns_server(Manager *m) {
|
||||||
void manager_next_dns_server(Manager *m) {
|
void manager_next_dns_server(Manager *m) {
|
||||||
assert(m);
|
assert(m);
|
||||||
|
|
||||||
if (!m->current_dns_server) {
|
/* If there's currently no DNS server set, then the next
|
||||||
m->current_dns_server = m->dns_servers;
|
* manager_get_dns_server() will find one */
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!m->current_dns_server)
|
if (!m->current_dns_server)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
/* Change to the next one */
|
||||||
if (m->current_dns_server->servers_next) {
|
if (m->current_dns_server->servers_next) {
|
||||||
m->current_dns_server = m->current_dns_server->servers_next;
|
manager_set_dns_server(m, m->current_dns_server->servers_next);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
m->current_dns_server = m->dns_servers;
|
/* If there was no next one, then start from the beginning of
|
||||||
|
* the list */
|
||||||
|
if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
|
||||||
|
manager_set_dns_server(m, m->fallback_dns_servers);
|
||||||
|
else
|
||||||
|
manager_set_dns_server(m, m->dns_servers);
|
||||||
}
|
}
|
||||||
|
|
||||||
uint32_t manager_find_mtu(Manager *m) {
|
uint32_t manager_find_mtu(Manager *m) {
|
||||||
|
@ -1494,7 +1463,7 @@ int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_a
|
||||||
|
|
||||||
assert(m);
|
assert(m);
|
||||||
|
|
||||||
a = manager_find_address(m, family, in_addr);
|
a = manager_find_link_address(m, family, in_addr);
|
||||||
if (a)
|
if (a)
|
||||||
return a->link->ifindex;
|
return a->link->ifindex;
|
||||||
|
|
||||||
|
@ -1551,7 +1520,7 @@ int manager_next_hostname(Manager *m) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
LinkAddress* manager_find_address(Manager *m, int family, const union in_addr_union *in_addr) {
|
LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
|
||||||
Iterator i;
|
Iterator i;
|
||||||
Link *l;
|
Link *l;
|
||||||
|
|
||||||
|
@ -1572,5 +1541,12 @@ int manager_our_packet(Manager *m, DnsPacket *p) {
|
||||||
assert(m);
|
assert(m);
|
||||||
assert(p);
|
assert(p);
|
||||||
|
|
||||||
return !!manager_find_address(m, p->family, &p->sender);
|
return !!manager_find_link_address(m, p->family, &p->sender);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static const char* const support_table[_SUPPORT_MAX] = {
|
||||||
|
[SUPPORT_NO] = "no",
|
||||||
|
[SUPPORT_YES] = "yes",
|
||||||
|
[SUPPORT_RESOLVE] = "resolve",
|
||||||
|
};
|
||||||
|
DEFINE_STRING_TABLE_LOOKUP(support, Support);
|
||||||
|
|
|
@ -21,12 +21,12 @@
|
||||||
|
|
||||||
#include "sd-event.h"
|
#include "sd-event.h"
|
||||||
#include "sd-daemon.h"
|
#include "sd-daemon.h"
|
||||||
|
|
||||||
#include "resolved.h"
|
|
||||||
|
|
||||||
#include "mkdir.h"
|
#include "mkdir.h"
|
||||||
#include "capability.h"
|
#include "capability.h"
|
||||||
|
|
||||||
|
#include "resolved.h"
|
||||||
|
#include "resolved-conf.h"
|
||||||
|
|
||||||
int main(int argc, char *argv[]) {
|
int main(int argc, char *argv[]) {
|
||||||
_cleanup_(manager_freep) Manager *m = NULL;
|
_cleanup_(manager_freep) Manager *m = NULL;
|
||||||
const char *user = "systemd-resolve";
|
const char *user = "systemd-resolve";
|
||||||
|
@ -55,8 +55,7 @@ int main(int argc, char *argv[]) {
|
||||||
/* Always create the directory where resolv.conf will live */
|
/* Always create the directory where resolv.conf will live */
|
||||||
r = mkdir_safe_label("/run/systemd/resolve", 0755, uid, gid);
|
r = mkdir_safe_label("/run/systemd/resolve", 0755, uid, gid);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_error("Could not create runtime directory: %s",
|
log_error("Could not create runtime directory: %s", strerror(-r));
|
||||||
strerror(-r));
|
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -74,15 +73,13 @@ int main(int argc, char *argv[]) {
|
||||||
|
|
||||||
r = manager_parse_config_file(m);
|
r = manager_parse_config_file(m);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
log_warning("Failed to parse configuration file: %s", strerror(-r));
|
||||||
|
|
||||||
/* write finish default resolv.conf to avoid a dangling
|
/* Write finish default resolv.conf to avoid a dangling
|
||||||
* symlink */
|
* symlink */
|
||||||
r = manager_write_resolv_conf(m);
|
r = manager_write_resolv_conf(m);
|
||||||
if (r < 0) {
|
if (r < 0)
|
||||||
log_error("Could not create resolv.conf: %s", strerror(-r));
|
log_warning("Could not create resolv.conf: %s", strerror(-r));
|
||||||
goto finish;
|
|
||||||
}
|
|
||||||
|
|
||||||
sd_notify(false,
|
sd_notify(false,
|
||||||
"READY=1\n"
|
"READY=1\n"
|
||||||
|
|
|
@ -8,4 +8,6 @@
|
||||||
# See resolved.conf(5) for details
|
# See resolved.conf(5) for details
|
||||||
|
|
||||||
[Resolve]
|
[Resolve]
|
||||||
#DNS=@DNS_SERVERS@
|
#DNS=
|
||||||
|
#FallbackDNS=@DNS_SERVERS@
|
||||||
|
#LLMNR=yes
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
/***
|
/***
|
||||||
This file is part of systemd.
|
This file is part of systemd.
|
||||||
|
|
||||||
Copyright 2013 Tom Gundersen <teg@jklm.no>
|
Copyright 2014 Tom Gundersen <teg@jklm.no>
|
||||||
|
|
||||||
systemd is free software; you can redistribute it and/or modify it
|
systemd is free software; you can redistribute it and/or modify it
|
||||||
under the terms of the GNU Lesser General Public License as published by
|
under the terms of the GNU Lesser General Public License as published by
|
||||||
|
@ -36,10 +36,18 @@ typedef struct Manager Manager;
|
||||||
#include "resolved-dns-scope.h"
|
#include "resolved-dns-scope.h"
|
||||||
#include "resolved-dns-stream.h"
|
#include "resolved-dns-stream.h"
|
||||||
|
|
||||||
|
typedef enum Support {
|
||||||
|
SUPPORT_NO,
|
||||||
|
SUPPORT_YES,
|
||||||
|
SUPPORT_RESOLVE,
|
||||||
|
_SUPPORT_MAX,
|
||||||
|
_SUPPORT_INVALID = -1
|
||||||
|
} Support;
|
||||||
|
|
||||||
struct Manager {
|
struct Manager {
|
||||||
sd_event *event;
|
sd_event *event;
|
||||||
|
|
||||||
bool use_llmnr:1;
|
Support llmnr_support;
|
||||||
|
|
||||||
/* Network */
|
/* Network */
|
||||||
Hashmap *links;
|
Hashmap *links;
|
||||||
|
@ -66,6 +74,7 @@ struct Manager {
|
||||||
sd_event_source *dns_ipv6_event_source;
|
sd_event_source *dns_ipv6_event_source;
|
||||||
|
|
||||||
LIST_HEAD(DnsServer, dns_servers);
|
LIST_HEAD(DnsServer, dns_servers);
|
||||||
|
LIST_HEAD(DnsServer, fallback_dns_servers);
|
||||||
DnsServer *current_dns_server;
|
DnsServer *current_dns_server;
|
||||||
|
|
||||||
LIST_HEAD(DnsScope, dns_scopes);
|
LIST_HEAD(DnsScope, dns_scopes);
|
||||||
|
@ -101,10 +110,9 @@ struct Manager {
|
||||||
int manager_new(Manager **ret);
|
int manager_new(Manager **ret);
|
||||||
Manager* manager_free(Manager *m);
|
Manager* manager_free(Manager *m);
|
||||||
|
|
||||||
int manager_parse_config_file(Manager *m);
|
|
||||||
int manager_write_resolv_conf(Manager *m);
|
int manager_write_resolv_conf(Manager *m);
|
||||||
|
|
||||||
DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr);
|
bool manager_known_dns_server(Manager *m, int family, const union in_addr_union *in_addr);
|
||||||
DnsServer *manager_get_dns_server(Manager *m);
|
DnsServer *manager_get_dns_server(Manager *m);
|
||||||
void manager_next_dns_server(Manager *m);
|
void manager_next_dns_server(Manager *m);
|
||||||
|
|
||||||
|
@ -122,7 +130,7 @@ int manager_llmnr_ipv6_tcp_fd(Manager *m);
|
||||||
|
|
||||||
int manager_ifindex_is_loopback(Manager *m, int ifindex);
|
int manager_ifindex_is_loopback(Manager *m, int ifindex);
|
||||||
int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr);
|
int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr);
|
||||||
LinkAddress* manager_find_address(Manager *m, int family, const union in_addr_union *in_addr);
|
LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr);
|
||||||
|
|
||||||
void manager_refresh_rrs(Manager *m);
|
void manager_refresh_rrs(Manager *m);
|
||||||
int manager_next_hostname(Manager *m);
|
int manager_next_hostname(Manager *m);
|
||||||
|
@ -132,7 +140,7 @@ int manager_connect_bus(Manager *m);
|
||||||
|
|
||||||
DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free);
|
DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free);
|
||||||
|
|
||||||
const struct ConfigPerfItem* resolved_gperf_lookup(const char *key, unsigned length);
|
|
||||||
int config_parse_dnsv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
|
||||||
|
|
||||||
#define EXTRA_CMSG_SPACE 1024
|
#define EXTRA_CMSG_SPACE 1024
|
||||||
|
|
||||||
|
const char* support_to_string(Support p) _const_;
|
||||||
|
int support_from_string(const char *s) _pure_;
|
||||||
|
|
Loading…
Reference in a new issue