From 8aa5afd20fecb6ac022cb1e3661de220ea3f03cf Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Mon, 13 Jul 2020 09:29:14 +0900 Subject: [PATCH] resolve: read/save port number and SNI from/into link state file --- src/resolve/resolved-dns-server.c | 34 +++++++++++++++++++------- src/resolve/resolved-dns-server.h | 2 ++ src/resolve/resolved-dns-transaction.c | 4 +-- src/resolve/resolved-link.c | 27 ++++++++++++++------ 4 files changed, 48 insertions(+), 19 deletions(-) diff --git a/src/resolve/resolved-dns-server.c b/src/resolve/resolved-dns-server.c index 0ace7d37f2..c87026f434 100644 --- a/src/resolve/resolved-dns-server.c +++ b/src/resolve/resolved-dns-server.c @@ -119,6 +119,7 @@ static DnsServer* dns_server_free(DnsServer *s) { #endif free(s->server_string); + free(s->server_string_full); free(s->server_name); return mfree(s); } @@ -225,7 +226,7 @@ static void dns_server_verified(DnsServer *s, DnsServerFeatureLevel level) { if (s->verified_feature_level != level) { log_debug("Verified we get a response at feature level %s from DNS server %s.", dns_server_feature_level_to_string(level), - dns_server_string(s)); + strna(dns_server_string_full(s))); s->verified_feature_level = level; } @@ -362,7 +363,7 @@ void dns_server_packet_rcode_downgrade(DnsServer *s, DnsServerFeatureLevel level dns_server_reset_counters(s); } - log_debug("Downgrading transaction feature level fixed an RCODE error, downgrading server %s too.", dns_server_string(s)); + log_debug("Downgrading transaction feature level fixed an RCODE error, downgrading server %s too.", strna(dns_server_string_full(s))); } static bool dns_server_grace_period_expired(DnsServer *s) { @@ -416,7 +417,7 @@ DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s) { log_info("Grace period over, resuming full feature set (%s) for DNS server %s.", dns_server_feature_level_to_string(s->possible_feature_level), - dns_server_string(s)); + strna(dns_server_string_full(s))); dns_server_flush_cache(s); @@ -502,7 +503,7 @@ DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s) { log_full(log_level, "Using degraded feature set %s instead of %s for DNS server %s.", dns_server_feature_level_to_string(s->possible_feature_level), - dns_server_feature_level_to_string(p), dns_server_string(s)); + dns_server_feature_level_to_string(p), strna(dns_server_string_full(s))); } } @@ -565,7 +566,22 @@ const char *dns_server_string(DnsServer *server) { if (!server->server_string) (void) in_addr_ifindex_to_string(server->family, &server->address, dns_server_ifindex(server), &server->server_string); - return strna(server->server_string); + return server->server_string; +} + +const char *dns_server_string_full(DnsServer *server) { + assert(server); + + if (!server->server_string_full) + (void) in_addr_port_ifindex_name_to_string( + server->family, + &server->address, + server->port, + dns_server_ifindex(server), + server->server_name, + &server->server_string_full); + + return server->server_string_full; } bool dns_server_dnssec_supported(DnsServer *server) { @@ -597,8 +613,8 @@ void dns_server_warn_downgrade(DnsServer *server) { log_struct(LOG_NOTICE, "MESSAGE_ID=" SD_MESSAGE_DNSSEC_DOWNGRADE_STR, - LOG_MESSAGE("Server %s does not support DNSSEC, downgrading to non-DNSSEC mode.", dns_server_string(server)), - "DNS_SERVER=%s", dns_server_string(server), + LOG_MESSAGE("Server %s does not support DNSSEC, downgrading to non-DNSSEC mode.", strna(dns_server_string_full(server))), + "DNS_SERVER=%s", strna(dns_server_string_full(server)), "DNS_SERVER_FEATURE_LEVEL=%s", dns_server_feature_level_to_string(server->possible_feature_level)); server->warned_downgrade = true; @@ -712,7 +728,7 @@ DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) { if (s) log_debug("Switching to %s DNS server %s.", dns_server_type_to_string(s->type), - dns_server_string(s)); + strna(dns_server_string_full(s))); dns_server_unref(m->current_dns_server); m->current_dns_server = dns_server_ref(s); @@ -852,7 +868,7 @@ void dns_server_dump(DnsServer *s, FILE *f) { f = stdout; fputs("[Server ", f); - fputs(dns_server_string(s), f); + fputs(strna(dns_server_string_full(s)), f); fputs(" type=", f); fputs(dns_server_type_to_string(s->type), f); diff --git a/src/resolve/resolved-dns-server.h b/src/resolve/resolved-dns-server.h index 4109c29452..464e8dc251 100644 --- a/src/resolve/resolved-dns-server.h +++ b/src/resolve/resolved-dns-server.h @@ -60,6 +60,7 @@ struct DnsServer { char *server_name; char *server_string; + char *server_string_full; /* The long-lived stream towards this server. */ DnsStream *stream; @@ -124,6 +125,7 @@ DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s); int dns_server_adjust_opt(DnsServer *server, DnsPacket *packet, DnsServerFeatureLevel level); const char *dns_server_string(DnsServer *server); +const char *dns_server_string_full(DnsServer *server); int dns_server_ifindex(const DnsServer *s); uint16_t dns_server_port(const DnsServer *s); diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c index b798e03102..e23ea273e7 100644 --- a/src/resolve/resolved-dns-transaction.c +++ b/src/resolve/resolved-dns-transaction.c @@ -314,7 +314,7 @@ void dns_transaction_complete(DnsTransaction *t, DnsTransactionState state) { "DNS_TRANSACTION=%" PRIu16, t->id, "DNS_QUESTION=%s", key_str, "DNSSEC_RESULT=%s", dnssec_result_to_string(t->answer_dnssec_result), - "DNS_SERVER=%s", dns_server_string(t->server), + "DNS_SERVER=%s", strna(dns_server_string_full(t->server)), "DNS_SERVER_FEATURE_LEVEL=%s", dns_server_feature_level_to_string(t->server->possible_feature_level)); } @@ -398,7 +398,7 @@ static int dns_transaction_pick_server(DnsTransaction *t) { t->n_picked_servers ++; - log_debug("Using DNS server %s for transaction %u.", dns_server_string(t->server), t->id); + log_debug("Using DNS server %s for transaction %u.", strna(dns_server_string_full(t->server)), t->id); return 1; } diff --git a/src/resolve/resolved-link.c b/src/resolve/resolved-link.c index 3679ca0703..f52c556bd1 100644 --- a/src/resolve/resolved-link.c +++ b/src/resolve/resolved-link.c @@ -15,6 +15,7 @@ #include "resolved-link.h" #include "resolved-llmnr.h" #include "resolved-mdns.h" +#include "socket-netlink.h" #include "string-util.h" #include "strv.h" #include "tmpfile-util.h" @@ -251,25 +252,35 @@ int link_process_rtnl(Link *l, sd_netlink_message *m) { return 0; } -static int link_update_dns_server_one(Link *l, const char *name) { +static int link_update_dns_server_one(Link *l, const char *str) { + _cleanup_free_ char *name = NULL; + int family, ifindex, r; union in_addr_union a; DnsServer *s; - int family, r; + uint16_t port; assert(l); - assert(name); + assert(str); - r = in_addr_from_string_auto(name, &family, &a); + r = in_addr_port_ifindex_name_from_string_auto(str, &family, &a, &port, &ifindex, &name); if (r < 0) return r; - s = dns_server_find(l->dns_servers, family, &a, 0, 0, NULL); + if (ifindex != 0 && ifindex != l->ifindex) + return -EINVAL; + + /* By default, the port number is determined with the transaction feature level. + * See dns_transaction_port() and dns_server_port(). */ + if (IN_SET(port, 53, 853)) + port = 0; + + s = dns_server_find(l->dns_servers, family, &a, port, 0, name); if (s) { dns_server_move_back_and_unmark(s); return 0; } - return dns_server_new(l->manager, NULL, DNS_SERVER_LINK, l, family, &a, 0, 0, NULL); + return dns_server_new(l->manager, NULL, DNS_SERVER_LINK, l, family, &a, port, 0, name); } static int link_update_dns_servers(Link *l) { @@ -732,7 +743,7 @@ DnsServer* link_set_dns_server(Link *l, DnsServer *s) { return s; if (s) - log_debug("Switching to DNS server %s for interface %s.", dns_server_string(s), l->ifname); + log_debug("Switching to DNS server %s for interface %s.", strna(dns_server_string_full(s)), l->ifname); dns_server_unref(l->current_dns_server); l->current_dns_server = dns_server_ref(s); @@ -1209,7 +1220,7 @@ int link_save_user(Link *l) { if (server != l->dns_servers) fputc(' ', f); - v = dns_server_string(server); + v = dns_server_string_full(server); if (!v) { r = -ENOMEM; goto fail;