resolved: make sure we initialize the ifindex of direct zone answers properly
Previously, after checking the local zone for a reply and finding one we'd not initialize the answer ifindex from that. Let's fix that.
This commit is contained in:
Lennart Poettering
parent
145fab1eae
commit
97ebebbc9c
|
|
@ -185,7 +185,7 @@ int dns_answer_add_extend(DnsAnswer **a, DnsResourceRecord *rr, int ifindex, Dns
|
|||
return dns_answer_add(*a, rr, ifindex, flags);
|
||||
}
|
||||
|
||||
int dns_answer_add_soa(DnsAnswer *a, const char *name, uint32_t ttl) {
|
||||
int dns_answer_add_soa(DnsAnswer *a, const char *name, uint32_t ttl, int ifindex) {
|
||||
_cleanup_(dns_resource_record_unrefp) DnsResourceRecord *soa = NULL;
|
||||
|
||||
soa = dns_resource_record_new_full(DNS_CLASS_IN, DNS_TYPE_SOA, name);
|
||||
|
|
@ -208,7 +208,7 @@ int dns_answer_add_soa(DnsAnswer *a, const char *name, uint32_t ttl) {
|
|||
soa->soa.expire = 1;
|
||||
soa->soa.minimum = ttl;
|
||||
|
||||
return dns_answer_add(a, soa, 0, DNS_ANSWER_AUTHENTICATED);
|
||||
return dns_answer_add(a, soa, ifindex, DNS_ANSWER_AUTHENTICATED);
|
||||
}
|
||||
|
||||
int dns_answer_match_key(DnsAnswer *a, const DnsResourceKey *key, DnsAnswerFlags *ret_flags) {
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ DnsAnswer *dns_answer_unref(DnsAnswer *a);
|
|||
|
||||
int dns_answer_add(DnsAnswer *a, DnsResourceRecord *rr, int ifindex, DnsAnswerFlags flags);
|
||||
int dns_answer_add_extend(DnsAnswer **a, DnsResourceRecord *rr, int ifindex, DnsAnswerFlags flags);
|
||||
int dns_answer_add_soa(DnsAnswer *a, const char *name, uint32_t ttl);
|
||||
int dns_answer_add_soa(DnsAnswer *a, const char *name, uint32_t ttl, int ifindex);
|
||||
|
||||
int dns_answer_match_key(DnsAnswer *a, const DnsResourceKey *key, DnsAnswerFlags *combined_flags);
|
||||
int dns_answer_contains_rr(DnsAnswer *a, DnsResourceRecord *rr, DnsAnswerFlags *combined_flags);
|
||||
|
|
|
|||
|
|
@ -721,7 +721,7 @@ void dns_scope_process_query(DnsScope *s, DnsStream *stream, DnsPacket *p) {
|
|||
assert(p->question->n_keys == 1);
|
||||
key = p->question->keys[0];
|
||||
|
||||
r = dns_zone_lookup(&s->zone, key, &answer, &soa, &tentative);
|
||||
r = dns_zone_lookup(&s->zone, key, 0, &answer, &soa, &tentative);
|
||||
if (r < 0) {
|
||||
log_debug_errno(r, "Failed to lookup key: %m");
|
||||
return;
|
||||
|
|
@ -1029,3 +1029,12 @@ bool dns_scope_network_good(DnsScope *s) {
|
|||
|
||||
return manager_routable(s->manager, AF_UNSPEC);
|
||||
}
|
||||
|
||||
int dns_scope_ifindex(DnsScope *s) {
|
||||
assert(s);
|
||||
|
||||
if (s->link)
|
||||
return s->link->ifindex;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -107,3 +107,5 @@ DnsSearchDomain *dns_scope_get_search_domains(DnsScope *s);
|
|||
bool dns_scope_name_needs_search_domain(DnsScope *s, const char *name);
|
||||
|
||||
bool dns_scope_network_good(DnsScope *s);
|
||||
|
||||
int dns_scope_ifindex(DnsScope *s);
|
||||
|
|
|
|||
|
|
@ -557,8 +557,7 @@ static int dns_transaction_open_tcp(DnsTransaction *t) {
|
|||
/* The interface index is difficult to determine if we are
|
||||
* connecting to the local host, hence fill this in right away
|
||||
* instead of determining it from the socket */
|
||||
if (t->scope->link)
|
||||
t->stream->ifindex = t->scope->link->ifindex;
|
||||
t->stream->ifindex = dns_scope_ifindex(t->scope);
|
||||
|
||||
dns_transaction_reset_answer(t);
|
||||
|
||||
|
|
@ -798,12 +797,9 @@ void dns_transaction_process_reply(DnsTransaction *t, DnsPacket *p) {
|
|||
switch (t->scope->protocol) {
|
||||
|
||||
case DNS_PROTOCOL_LLMNR:
|
||||
assert(t->scope->link);
|
||||
/* For LLMNR we will not accept any packets from other interfaces */
|
||||
|
||||
/* For LLMNR we will not accept any packets from other
|
||||
* interfaces */
|
||||
|
||||
if (p->ifindex != t->scope->link->ifindex)
|
||||
if (p->ifindex != dns_scope_ifindex(t->scope))
|
||||
return;
|
||||
|
||||
if (p->family != t->scope->family)
|
||||
|
|
@ -820,10 +816,9 @@ void dns_transaction_process_reply(DnsTransaction *t, DnsPacket *p) {
|
|||
break;
|
||||
|
||||
case DNS_PROTOCOL_MDNS:
|
||||
assert(t->scope->link);
|
||||
|
||||
/* For mDNS we will not accept any packets from other interfaces */
|
||||
if (p->ifindex != t->scope->link->ifindex)
|
||||
|
||||
if (p->ifindex != dns_scope_ifindex(t->scope))
|
||||
return;
|
||||
|
||||
if (p->family != t->scope->family)
|
||||
|
|
@ -1246,7 +1241,7 @@ static int dns_transaction_prepare(DnsTransaction *t, usec_t ts) {
|
|||
* for probing or verifying a zone item. */
|
||||
if (set_isempty(t->notify_zone_items)) {
|
||||
|
||||
r = dns_zone_lookup(&t->scope->zone, t->key, &t->answer, NULL, NULL);
|
||||
r = dns_zone_lookup(&t->scope->zone, t->key, dns_scope_ifindex(t->scope), &t->answer, NULL, NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r > 0) {
|
||||
|
|
|
|||
|
|
@ -287,13 +287,16 @@ int dns_zone_put(DnsZone *z, DnsScope *s, DnsResourceRecord *rr, bool probe) {
|
|||
return 0;
|
||||
}
|
||||
|
||||
int dns_zone_lookup(DnsZone *z, DnsResourceKey *key, DnsAnswer **ret_answer, DnsAnswer **ret_soa, bool *ret_tentative) {
|
||||
int dns_zone_lookup(DnsZone *z, DnsResourceKey *key, int ifindex, DnsAnswer **ret_answer, DnsAnswer **ret_soa, bool *ret_tentative) {
|
||||
_cleanup_(dns_answer_unrefp) DnsAnswer *answer = NULL, *soa = NULL;
|
||||
unsigned n_answer = 0;
|
||||
DnsZoneItem *j, *first;
|
||||
bool tentative = true, need_soa = false;
|
||||
int r;
|
||||
|
||||
/* Note that we don't actually need the ifindex for anything. However when it is passed we'll initialize the
|
||||
* ifindex field in the answer with it */
|
||||
|
||||
assert(z);
|
||||
assert(key);
|
||||
assert(ret_answer);
|
||||
|
|
@ -389,7 +392,7 @@ int dns_zone_lookup(DnsZone *z, DnsResourceKey *key, DnsAnswer **ret_answer, Dns
|
|||
if (k < 0)
|
||||
return k;
|
||||
if (k > 0) {
|
||||
r = dns_answer_add(answer, j->rr, 0, DNS_ANSWER_AUTHENTICATED);
|
||||
r = dns_answer_add(answer, j->rr, ifindex, DNS_ANSWER_AUTHENTICATED);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
|
|
@ -398,7 +401,7 @@ int dns_zone_lookup(DnsZone *z, DnsResourceKey *key, DnsAnswer **ret_answer, Dns
|
|||
}
|
||||
|
||||
if (found && !added) {
|
||||
r = dns_answer_add_soa(soa, dns_resource_key_name(key), LLMNR_DEFAULT_TTL);
|
||||
r = dns_answer_add_soa(soa, dns_resource_key_name(key), LLMNR_DEFAULT_TTL, ifindex);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
|
@ -415,7 +418,7 @@ int dns_zone_lookup(DnsZone *z, DnsResourceKey *key, DnsAnswer **ret_answer, Dns
|
|||
if (j->state != DNS_ZONE_ITEM_PROBING)
|
||||
tentative = false;
|
||||
|
||||
r = dns_answer_add(answer, j->rr, 0, DNS_ANSWER_AUTHENTICATED);
|
||||
r = dns_answer_add(answer, j->rr, ifindex, DNS_ANSWER_AUTHENTICATED);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
|
@ -435,7 +438,7 @@ int dns_zone_lookup(DnsZone *z, DnsResourceKey *key, DnsAnswer **ret_answer, Dns
|
|||
}
|
||||
|
||||
if (add_soa) {
|
||||
r = dns_answer_add_soa(soa, dns_resource_key_name(key), LLMNR_DEFAULT_TTL);
|
||||
r = dns_answer_add_soa(soa, dns_resource_key_name(key), LLMNR_DEFAULT_TTL, ifindex);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ void dns_zone_flush(DnsZone *z);
|
|||
int dns_zone_put(DnsZone *z, DnsScope *s, DnsResourceRecord *rr, bool probe);
|
||||
void dns_zone_remove_rr(DnsZone *z, DnsResourceRecord *rr);
|
||||
|
||||
int dns_zone_lookup(DnsZone *z, DnsResourceKey *key, DnsAnswer **answer, DnsAnswer **soa, bool *tentative);
|
||||
int dns_zone_lookup(DnsZone *z, DnsResourceKey *key, int ifindex, DnsAnswer **answer, DnsAnswer **soa, bool *tentative);
|
||||
|
||||
void dns_zone_item_conflict(DnsZoneItem *i);
|
||||
void dns_zone_item_notify(DnsZoneItem *i);
|
||||
|
|
|
|||
Loading…
Reference in New Issue