Lennart Poettering
4d926a69bc
resolved: bypass local cache when we issue a transaction for verification purposes
2014-08-05 01:52:24 +02:00
Lennart Poettering
cd1b20f90a
resolved: if there's already an RR established that has the same name of an RR to be established, skip probing the name
...
After all, what has been probed once, doesn't need to be probed again.
2014-08-05 01:52:24 +02:00
Lennart Poettering
21d73c87b0
resolved: actually read the initial state data from networkd when we initialize
2014-08-04 23:08:49 +02:00
Lennart Poettering
19b50b5ba7
resolved: read the per-interface LLMNR setting from networkd and act on it
2014-08-04 23:08:03 +02:00
Lennart Poettering
f0e1546763
resolved: fix order in which we destroy manager resources
2014-08-04 19:59:05 +02:00
Lennart Poettering
edc501d467
resolved: when there's already somebody listening on the LLMNR ports, simple disable LLMNR and warn, but continue
...
This allows us to run resolved inside an nspawn container that shares
the network namespace with the host, if there's already an instance
running.
2014-08-04 19:48:03 +02:00
Zbigniew Jędrzejewski-Szmek
151226ab4b
resolved: RRSIG records
2014-08-03 22:02:32 -04:00
Zbigniew Jędrzejewski-Szmek
ff3d6560be
resolved: add identifiers for dnssec algorithms
2014-08-03 22:02:32 -04:00
Zbigniew Jędrzejewski-Szmek
8db0d2f5c3
resolved: DNSKEY records
2014-08-03 22:02:32 -04:00
Zbigniew Jędrzejewski-Szmek
de292aa1dd
resolve-host: make arg_type an int
...
We are using it also to store _DNS_TYPE_INVALID, so it should be signed.
2014-08-03 22:02:32 -04:00
Zbigniew Jędrzejewski-Szmek
7263f72499
resolve: add more record types and convert to gperf table
...
We are unlikely to evert support most of them, but we can at least
display the types properly.
The list is taken from the IANA list.
The table of number->name mappings is converted to a switch
statement. gcc does a nice job of optimizing lookup (when optimization
is enabled).
systemd-resolve-host -t is now case insensitive.
2014-08-03 22:02:32 -04:00
Zbigniew Jędrzejewski-Szmek
23432a1c24
resolved: align last rr column
2014-08-03 21:46:08 -04:00
Thomas Hindoe Paaboel Andersen
75cd513ef8
resolved: avoid possible dereference of null pointer
...
In dns_scope_make_reply_packet the structs q, answer, and soa can be
null. We should check for null before reading their fields.
2014-08-03 23:01:57 +02:00
Thomas Hindoe Paaboel Andersen
e850d8e1ac
resolved: remove unused variables
2014-08-03 13:19:19 +02:00
Lennart Poettering
7b4c2ee75f
resolved: always drop multicast membership before adding one
...
This is apparently necessary on some devices, such as veth.
2014-08-01 20:27:27 +02:00
Lennart Poettering
747c0ff564
resolved: IPV6_UNICAST_IF may fail if we already are bound to a device, like we are for link-local addresses
2014-08-01 19:25:06 +02:00
Lennart Poettering
2c27fbca2d
resolved: flush cache each time we change to a different DNS server
2014-08-01 18:10:01 +02:00
Lennart Poettering
5cb36f41f0
resolved: read the system /etc/resolv.conf unless we wrote it ourselves
...
This way we integrate nicely with foreign network management stacks,
such as NM.
2014-08-01 18:10:01 +02:00
Lennart Poettering
39d8db043b
resolved: rename resolved.h to resolved-manager.h
...
After all it pretty much exlcusively containers definitions about the
"Manager" object, hence let's call this the most obvious way.
2014-08-01 16:14:59 +02:00
Lennart Poettering
4e945a6f79
resolved: beef up DNS server configuration logic
...
We now maintain two lists of DNS servers: system servers and fallback
servers.
system servers are used in combination with any per-link servers.
fallback servers are only used if there are no system servers or
per-link servers configured.
The system server list is supposed to be populated from a foreign tool's
/etc/resolv.conf (not implemented yet).
Also adds a configuration switch for LLMNR, that allows configuring
whether LLMNR shall be used simply for resolving or also for responding.
2014-08-01 16:06:39 +02:00
Lennart Poettering
95dd6257a6
resolved: don't bother caching negative RRs when the SOA TTL is 0 anyway
2014-08-01 00:58:13 +02:00
Lennart Poettering
9a015429b3
resolved: use CLOCK_BOOTTIME instead of CLOCK_MONOTONIC when aging caches and timeing out transactions
...
That way the cache doens't get confused when the system is suspended.
2014-08-01 00:58:12 +02:00
Lennart Poettering
7da40fc108
resolved: fix negative caching of IDNA domains
2014-08-01 00:58:12 +02:00
Lennart Poettering
bdf10b5b4d
resolved: handle IDNA domains
...
Make sure we format UTF-8 labels as IDNA when writing them to DNS
packets, and as native UTF-8 when writing them to mDNS or LLMNR packets.
When comparing or processing labels always consider native UTF-8 and
IDNA formats equivalent.
2014-08-01 00:58:12 +02:00
Zbigniew Jędrzejewski-Szmek
afbc4f267b
resolved: fix serialization of LOC records, check correctness
2014-07-31 17:42:14 -04:00
Lennart Poettering
eb60f9cd4e
hostnamed: watch system hostname changes and update LLMNR RRs accordingly
2014-07-31 19:54:43 +02:00
Lennart Poettering
8581858257
resolved: fix deserialization of UTF8 host names
2014-07-31 19:54:24 +02:00
Lennart Poettering
7b9f7afcc0
resolved: accept UTF-8 hostnames from bus clients
2014-07-31 19:53:59 +02:00
Lennart Poettering
07bed172ed
resolved: various fixes regarding encoding of UTF8 characters in DNS RRs
2014-07-31 19:51:11 +02:00
Lennart Poettering
fd0b4602f6
resolved: properly compare RRs we cannot parse
2014-07-31 18:41:54 +02:00
Lennart Poettering
42cc2eebb0
resolved: properly process SSHFP RRs
2014-07-31 18:41:41 +02:00
Lennart Poettering
9c92ce6d67
resolved: properly process SRV records
2014-07-31 18:23:34 +02:00
Lennart Poettering
c0eb11cfd0
resolved: provide properly named way to access SPF data in RRs
2014-07-31 18:23:34 +02:00
Lennart Poettering
6a6fc3df74
resolved: make sure we always initialize r when parsing TXT records
2014-07-31 18:23:34 +02:00
Lennart Poettering
8ac4e9e1e5
resolved: properly process DNAME RRs
2014-07-31 18:02:24 +02:00
Lennart Poettering
ec2c5e4398
resolved: implement LLMNR uniqueness verification
2014-07-31 17:47:19 +02:00
Zbigniew Jędrzejewski-Szmek
cbd67a86fb
resolved: fix multi-record packets with TXTs
2014-07-31 10:45:24 -04:00
Zbigniew Jędrzejewski-Szmek
0dae31d468
resolved: LOC records
...
LOC records have a version field. So far only version 0 has been
published, but if a record with a different version was encountered,
our only recourse is to treat it as an unknown type. This is
implemented with the 'unparseable' flag, which causes the
serialization/deserialization and printing function to cause the
record as a blob. The flag can be used if other packet types cannot be
parsed for whatever reason.
2014-07-31 08:56:03 -04:00
Zbigniew Jędrzejewski-Szmek
9de3e32940
resolved: SPF records
2014-07-31 08:56:03 -04:00
Zbigniew Jędrzejewski-Szmek
2e276efc7b
resolved: TXT records
2014-07-31 08:56:03 -04:00
Zbigniew Jędrzejewski-Szmek
946c70944e
resolved: MX records
2014-07-31 08:56:03 -04:00
Zbigniew Jędrzejewski-Szmek
b93312f596
resolve-host: list types and classes
...
Also update systemctl to similar style.
2014-07-31 08:56:03 -04:00
Zbigniew Jędrzejewski-Szmek
b2fadec604
Properly report invalid quoted strings
...
$ systemd-analyze verify trailing-g.service
[./trailing-g.service:2] Trailing garbage, ignoring.
trailing-g.service lacks ExecStart setting. Refusing.
Error: org.freedesktop.systemd1.LoadFailed: Unit trailing-g.service failed to load: Invalid argument.
Failed to create trailing-g.service/start: Invalid argument
2014-07-31 08:56:03 -04:00
Zbigniew Jędrzejewski-Szmek
a2a5291b3f
Reject invalid quoted strings
...
String which ended in an unfinished quote were accepted, potentially
with bad memory accesses.
Reject anything which ends in a unfished quote, or contains
non-whitespace characters right after the closing quote.
_FOREACH_WORD now returns the invalid character in *state. But this return
value is not checked anywhere yet.
Also, make 'word' and 'state' variables const pointers, and rename 'w'
to 'word' in various places. Things are easier to read if the same name
is used consistently.
mbiebl_> am I correct that something like this doesn't work
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"'
mbiebl_> systemd seems to strip of the quotes
mbiebl_> systemctl status shows
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint
mbiebl_> which is pretty weird
2014-07-31 04:00:31 -04:00
Lennart Poettering
e4501ed4e6
resolved: when we got a successful DNS reply, then only wait for other transactions on the same scope, nowhere else
2014-07-30 20:39:52 +02:00
Lennart Poettering
57f5ad3149
resolved: properly set TTL in SOA records
2014-07-30 19:34:50 +02:00
Lennart Poettering
fcf57f9cf7
resolved: don't attempt to order empty answer array
2014-07-30 19:24:13 +02:00
Lennart Poettering
351e6342d5
resolved: properly return start index when appending RR to packet
2014-07-30 19:24:13 +02:00
Lennart Poettering
2d4c5cbc0e
resolved: add API for resolving specific RRs
2014-07-30 19:24:13 +02:00
Lennart Poettering
3339cb71d4
resolved: properly pass empty answers back to bus clients
2014-07-30 17:53:19 +02:00
Lennart Poettering
8bf52d3d17
resolved: include SOA records in LLMNR replies for non-existing RRs to allow negative caching
2014-07-30 16:47:21 +02:00
Lennart Poettering
34b9656f0b
resolved: fix cname handling
2014-07-30 14:46:40 +02:00
Lennart Poettering
0ec7c46eed
resolved: properly handle adding empty replies to cache
2014-07-30 14:21:18 +02:00
Lennart Poettering
ddf163393b
resolved: never cache ANY lookups
2014-07-30 14:05:48 +02:00
Lennart Poettering
d532366133
resolved: respond to ANY queries from our zone
2014-07-30 02:06:09 +02:00
Lennart Poettering
0e2bcd6a17
resolved: don't accept messages with ANY RRs
2014-07-30 02:05:23 +02:00
Lennart Poettering
1d3b690fbd
resolved: don't allow adding of ANY class/type RRs to local zones
2014-07-30 02:04:07 +02:00
Lennart Poettering
8bea3d6f88
resolved: don't do llmnr on interfaces lacking multicasting
2014-07-30 01:48:22 +02:00
Lennart Poettering
0c903ae7db
resolved: follow more closely the recommend timeouts and TTLs from the LLMNR spec
2014-07-30 01:47:48 +02:00
Lennart Poettering
d2f47562d5
resolved: only cache answer RRs, never additional or authoritative RRs of responses
2014-07-30 01:47:10 +02:00
Lennart Poettering
0f05c38759
resolved: never attempt negative caching of SOA records
2014-07-30 01:45:52 +02:00
Lennart Poettering
af93291cc4
resolved: when answer A or AAAA questions, order responses by whether addresses are link-local or not
2014-07-30 00:48:59 +02:00
Lennart Poettering
2442b93d15
resolved: the llmnr destination address check applies to queries, not to responses
2014-07-29 23:53:08 +02:00
Lennart Poettering
a2a416f768
resolved: add more debug logging
2014-07-29 23:53:08 +02:00
Lennart Poettering
bf3f1271e2
resolved: set LLMNR TCP and UDP TTLs to the values suggested by the RFC
2014-07-29 23:53:08 +02:00
Lennart Poettering
2f82f5eae4
resolved: we don't need the DNS server "source" concept anymore, remove it
2014-07-29 23:53:08 +02:00
Lennart Poettering
ea917db9e6
resolved: discard more invalid llmnr messages
2014-07-29 20:57:58 +02:00
Lennart Poettering
b914e211f3
resolved: when resolving an address PTR record via llmnr, make a tcp connection by default
2014-07-29 20:57:58 +02:00
Lennart Poettering
623a4c97b9
resolve: add llmnr responder side for UDP and TCP
...
Name defending is still missing.
2014-07-29 20:57:58 +02:00
Tom Gundersen
6f4dedb250
sd-network: expose DNS/NTP servers as strings
...
This avoids having to distinguish between IPv4 and IPv6, allowing us
to keep their internal orderings. The consumers now has to turn the
strings into addresses.
2014-07-23 23:54:52 +02:00
Tom Gundersen
6073b6f26a
resolved: don't read DHCP leases
...
networkd will expose both statically configured DNS servers and servers
receieved over DHCP in sd_network_get_dns(), so no need to keep
the distinction in resolved.
2014-07-23 23:54:52 +02:00
Tom Gundersen
b0e39c8284
networkd: merge DNS and NTP entries when exporting
...
In the state files, do not distinguish where the various entries came from
(static or DHCP), but include them all in the same list.
2014-07-23 23:54:51 +02:00
Lennart Poettering
934e9b10b4
resolved: most DNS servers can't handle more than one question per packet, hence let's not generate that
2014-07-23 02:00:40 +02:00
Lennart Poettering
7e8e0422ae
resolved: implement negative caching
2014-07-23 02:00:40 +02:00
Lennart Poettering
faa133f3aa
resolved: rework logic so that we can share transactions between queries of different clients
2014-07-23 02:00:40 +02:00
Zbigniew Jędrzejewski-Szmek
901fd81647
resolved: do not use unitialized variable
2014-07-18 21:44:34 -04:00
Lennart Poettering
cbd4560ea2
resolved: various bad memory access fixes to the cache
2014-07-18 21:01:40 +02:00
Lennart Poettering
878cd63db2
resolved: fix bus signatures to follow family as int change
2014-07-18 21:01:07 +02:00
Lennart Poettering
46f08bea4b
in-addr-util: remove family_to_string() API
...
we already have a more complete one with af_to_name(), that is generated
from the header files, no need to duplicate this.
2014-07-18 16:15:12 +02:00
Lennart Poettering
0dd25fb9f0
change type for address family to "int"
...
Let's settle on a single type for all address family values, even if
UNIX is very inconsitent on the precise type otherwise. Given that
socket() is the primary entrypoint for the sockets API, and that uses
"int", and "int" is relatively simple and generic, we settle on "int"
for this.
2014-07-18 16:10:51 +02:00
Lennart Poettering
3c0cf50279
resolved: add more const
2014-07-18 14:01:01 +02:00
Lennart Poettering
1716f6dcf5
resolved: add LLMNR support for looking up names
2014-07-18 12:38:32 +02:00
Thomas Hindoe Paaboel Andersen
962225baa8
resolved: silence warnings
...
No need to write to r here since it will be overwritten as the first
step in parse_fail.
2014-07-17 21:12:39 +02:00
Thomas Hindoe Paaboel Andersen
f12ea7dad0
resolved: remove unused variable
2014-07-17 19:59:47 +02:00
Lennart Poettering
322345fdb9
resolved: add DNS cache
2014-07-17 19:39:50 +02:00
Lennart Poettering
c5ed93163e
resolved: don't trip up when an rtlink message does not include the MTU
2014-07-17 19:39:50 +02:00
Lennart Poettering
39762fdf67
resolved: enforce limit on concurrent outstanding queries
2014-07-17 01:58:14 +02:00
Lennart Poettering
a2ba62c719
sd-network: remove redundant array size parameter from functions that return arrays
...
As long as the number of array entries is relatively small it's nicer to
simply return the number of entries directly, instead of using a size_t*
return parameter for it.
2014-07-17 01:42:26 +02:00
Lennart Poettering
b45d9e86e4
resolved: fix check for mdns names
2014-07-17 01:41:52 +02:00
Lennart Poettering
faec72d5de
resolved: we are never authoritative for localhost
2014-07-17 01:41:52 +02:00
Lennart Poettering
e1c959948c
resolved: properly handle MTU logic
2014-07-17 01:41:52 +02:00
Lennart Poettering
76f468c8ea
dns-domain: enforce maximum DNS domain name length
2014-07-17 01:41:52 +02:00
Lennart Poettering
0014a4ad50
sd-network: fix parameter order for sd_network_monitor_new()
...
Constructors should return the object they created as first parameter,
except when they are generated as a child/member object of some other
object in which case that should be first.
2014-07-17 01:41:52 +02:00
Zbigniew Jędrzejewski-Szmek
36f822c4bd
Let config_parse open file where applicable
...
Special care is needed so that we get an error message if the
file failed to parse, but not when it is missing. To avoid duplicating
the same error check in every caller, add an additional 'warn' boolean
to tell config_parse whether a message should be issued.
This makes things both shorter and more robust wrt. to error reporting.
2014-07-16 18:47:20 -04:00
Kay Sievers
e1bbf3d12f
resolved: do not free() sd_dhcp_lease_get_dns() results
2014-07-16 23:50:45 +02:00
Lennart Poettering
309e9d86f0
resolved: properly pass canonical name information to resolving client
...
Also, hook up nss-resolve to make use of this information
2014-07-16 22:51:50 +02:00
Lennart Poettering
8ba9fd9cee
resolved: add CNAME lookup support
2014-07-16 22:51:50 +02:00
Lennart Poettering
ad86766293
resolved: support for TCP DNS queries
2014-07-16 20:15:47 +02:00
Lennart Poettering
c73ce96b56
dns-packet: allow dynamic resizing of DNS packets
2014-07-16 18:04:14 +02:00
Lennart Poettering
3cb10d3a0b
dns-domain: introduce macros for accessing all DNS header fields
2014-07-16 18:03:46 +02:00
Zbigniew Jędrzejewski-Szmek
4e0296a943
resolve: avoid use of uninitalized variable
2014-07-15 22:47:03 -04:00
Zbigniew Jędrzejewski-Szmek
e9f3d2d508
Constify ConfigTableItem tables
2014-07-15 22:34:40 -04:00
Kay Sievers
18641cb17e
resolved: add legacy dbus service and policy files
2014-07-16 03:41:39 +02:00
Lennart Poettering
4d1cf1e229
resolved: add small NSS module that uses resolved to resolve DNS names
2014-07-16 03:31:30 +02:00
Lennart Poettering
1fa65c593c
dns-domain: never allow labels that are larger than 63 chars
2014-07-16 03:29:20 +02:00
Lennart Poettering
3fe1169fe3
dns-domain: fix generation of reverse IP address lookup name
2014-07-16 03:28:52 +02:00
Lennart Poettering
b9d394ea56
resolve: add distinct bus error code for hosts that exist but lack A or AAAA records
2014-07-16 03:28:18 +02:00
Lennart Poettering
74b2466e14
resolved: add a DNS client stub resolver
...
Let's turn resolved into a something truly useful: a fully asynchronous
DNS stub resolver that subscribes to network changes.
(More to come: caching, LLMNR, mDNS/DNS-SD, DNSSEC, IDN, NSS module)
2014-07-16 00:31:38 +02:00
Lennart Poettering
3b653205cf
shared: split out in_addr related calls from socket-util.[ch] into its private in-addr-util.[ch]
...
These are enough calls for a new file, and they are sufficiently
different from the sockaddr-related calls, hence let's split this out.
2014-07-10 21:15:26 +02:00
Lennart Poettering
096b677388
resolved: properly free network monitor
2014-07-10 20:12:34 +02:00
Lennart Poettering
c92e531c82
resolved: make use of union in_addr_union in resolved, too
2014-07-07 23:11:48 +02:00
Lennart Poettering
b9e7a9d870
resolved: make sure SIGTER/SIGINT actually can be caught and processed
2014-07-07 23:09:02 +02:00
Lennart Poettering
987d561fe2
resolved: let config_parse() open the configuration file for us
2014-07-07 23:03:17 +02:00
Tom Gundersen
682265d5e2
resolved: run as unpriviliged "systemd-resolve" user
...
This service is not yet network facing, but let's prepare nonetheless.
Currently all caps are dropped, but some may need to be kept in the
future.
2014-06-03 10:40:28 +02:00
Tom Gundersen
b686acb27e
resolved: move resolv.conf to resolved's runtime dir
2014-06-02 15:14:32 +02:00
Tom Gundersen
091a364c80
resolved: add daemon to manage resolv.conf
...
Also remove the equivalent functionality from networkd.
2014-05-19 18:14:56 +02:00