This function doesn't really implement ordering, but CMP() is still fine to use
there. Keep the comment in place, just update it slightly to indicate that.
Looked for definitions of functions using the *_compare_func() suffix.
Tested:
- Unit tests passed (ninja -C build/ test)
- Installed this build and booted with it.
The choice what errors to ignore is left to the caller, and the caller is
changed to ignore all errors.
On error, previously read data is kept. So if e.g. an oom error happens, we
will continue to return slightly stale data instead of pretending we have no
entries for the given address. I think that's better, for example when
/etc/hosts contains some important overrides that external DNS should not be
queried for.
We'd store every 0.0.0.0 and ::0 entry as a structure without any addresses
allocated. This is a somewhat common use case, let's optimize it a bit.
This gives some memory savings and a bit faster response time too:
'time build/test-resolved-etc-hosts hosts' goes from 7.7s to 5.6s, and
memory use as reported by valgrind for ~10000 hosts is reduced
==18097== total heap usage: 29,902 allocs, 29,902 frees, 2,136,437 bytes allocated
==18240== total heap usage: 19,955 allocs, 19,955 frees, 1,556,021 bytes allocated
Also rename 'suppress' to 'found' (with reverse meaning). I think this makes
the intent clearer.
This hides the details of juggling the two hashmaps from the callers a bit.
It also makes memory management a bit easier, because those two hashmaps share
some strings, so we can only free them together.
etc_hosts_parse() is made responsible to free the half-filled data structures
on error, which makes the caller a bit simpler.
No functional change. A refactoring to prepare for later changes.
Meson does not care either way, so let's use the simpler syntax. And files()
already gives a list, so nesting this in a list wouldn't be necessary even
if meson did not flatten everything.
To decreae latency this add support for TFO and TLS Session Tickets. As OpenSSL wouldn't let you easily set a different function all written data is temporarily cached and therefore needs to be flushed after each SSL function which can write data.
This provides basic OpenSSL support without optimizations like TCP Fast Open and TLS Session Tickets.
Notice only a single SSL library can be enabled at a time and therefore journald functions provided by GnuTLS will be disabled when using OpenSSL.
Fixes#9531
During handshake and TLS session closing, messages needs to be exchanged. Therefore this patch overrides the requested IO events for the TCP stream when the TLS is waiting for sending or receiving of messages during theses periods. This fixes issues with correctly closing the TLS stream and prevents the handshake from hanging in rare cases (not seen yet).
The current CLI does not support a way to clear these lists, since without any
additional arguments, the command will list the current values.
Introduce a new way to clear the lists by passing a single '' argument to these
subcommands.
Update the man page to document this.
Tested:
$ build/resolvectl domain eth1
Link 3 (eth1): ~.
$ build/resolvectl domain eth1 ''
$ build/resolvectl domain eth1
Link 3 (eth1):
$ build/resolvectl domain eth1 '~.' '~example.com'
$ build/resolvectl domain eth1
Link 3 (eth1): ~. ~example.com
$ build/resolvectl domain eth1 ''
$ build/resolvectl domain eth1
Link 3 (eth1):
$ build/resolvectl domain eth1 '~.'
$ build/resolvectl domain eth1
Link 3 (eth1): ~.
And similar for "dns" and "nta".
This fixes the following valgrind warning:
```
Syscall param sendmsg(msg.msg_name) points to uninitialised byte(s)
at 0x6189CC1: sendmsg (in /usr/lib64/libpthread-2.27.so)
by 0x153082: dns_stream_writev (resolved-dns-stream.c:235)
by 0x153343: dns_stream_tls_writev (resolved-dns-stream.c:299)
by 0x5B30343: ??? (in /usr/lib64/libgnutls.so.30.20.2)
by 0x5B3158F: ??? (in /usr/lib64/libgnutls.so.30.20.2)
by 0x5B33190: ??? (in /usr/lib64/libgnutls.so.30.20.2)
by 0x5B36307: ??? (in /usr/lib64/libgnutls.so.30.20.2)
by 0x5B37D47: gnutls_handshake (in /usr/lib64/libgnutls.so.30.20.2)
by 0x154591: dns_stream_connect_tls (resolved-dns-stream.c:596)
by 0x13A889: dns_transaction_emit_tcp (resolved-dns-transaction.c:676)
by 0x13D901: dns_transaction_go (resolved-dns-transaction.c:1761)
by 0x1330C8: dns_query_candidate_go (resolved-dns-query.c:156)
Address 0xa9ac268 is 312 bytes inside a block of size 592 alloc'd
at 0x4C30B06: calloc (vg_replace_malloc.c:711)
by 0x1541F8: dns_stream_new (resolved-dns-stream.c:545)
by 0x13A662: dns_transaction_emit_tcp (resolved-dns-transaction.c:642)
by 0x13D901: dns_transaction_go (resolved-dns-transaction.c:1761)
by 0x1330C8: dns_query_candidate_go (resolved-dns-query.c:156)
by 0x134E16: dns_query_go (resolved-dns-query.c:757)
by 0x11F3FB: bus_method_resolve_hostname (resolved-bus.c:353)
by 0x4F947A7: method_callbacks_run (bus-objects.c:402)
by 0x4F97266: object_find_and_run (bus-objects.c:1260)
by 0x4F978B1: bus_process_object (bus-objects.c:1376)
by 0x4FAF82C: process_message (sd-bus.c:2661)
by 0x4FAFA1B: process_running (sd-bus.c:2703)
```
