networkd : verify dns ip address when parsing configuration (#4492)

Invalid IP addresses would be passed through as-is: $ networkctl status wlp3s0: ● 2: wlp3s0 Link File: /usr/lib/systemd/network/99-default.link Network File: /etc/systemd/network/wlp3s0.network Type: wlan State: routable (configured) Path: pci-0000:03:00.0 Driver: iwlwifi Vendor: Intel Corporation Model: Centrino Advanced-N 6205 [Taylor Peak] (Centrino Advanced-N 6205 AGN) HW Address: XXXXXXXXXX (Intel Corporate) Address: 192.168.2.103 XXXXXXXXXXX Gateway: 192.168.2.1 (Arcadyan Technology Corporation) DNS: 127.0.0.5553 Instead verify that DNS= has a valid list of addresses when parsing configuration. Fixes #4462.
2016-10-27 05:01:04 +05:30 · 2016-10-27 05:01:04 +05:30 · 5325382440
parent 808b95ef82
commit 5325382440
3 changed files with 52 additions and 1 deletions
--- a/src/network/networkd-network-gperf.gperf
+++ b/src/network/networkd-network-gperf.gperf
@ -49,7 +49,7 @@ Network.EmitLLDP,                       config_parse_lldp_emit,
 Network.Address,                        config_parse_address,                           0,                             0
 Network.Gateway,                        config_parse_gateway,                           0,                             0
 Network.Domains,                        config_parse_domains,                           0,                             0
-Network.DNS,                            config_parse_strv,                              0,                             offsetof(Network, dns)
+Network.DNS,                            config_parse_dns,                               0,                             0
 Network.LLMNR,                          config_parse_resolve_support,                   0,                             offsetof(Network, llmnr)
 Network.MulticastDNS,                   config_parse_resolve_support,                   0,                             offsetof(Network, mdns)
 Network.DNSSEC,                         config_parse_dnssec_mode,                       0,                             offsetof(Network, dnssec_mode)
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@ -979,6 +979,56 @@ int config_parse_dhcp_server_ntp(
        }
 }

+int config_parse_dns(
+                const char *unit,
+                const char *filename,
+                unsigned line,
+                const char *section,
+                unsigned section_line,
+                const char *lvalue,
+                int ltype,
+                const char *rvalue,
+                void *data,
+                void *userdata) {
+
+        Network *n = userdata;
+        int r;
+
+        assert(filename);
+        assert(lvalue);
+        assert(rvalue);
+
+        for (;;) {
+                _cleanup_free_ char *w = NULL;
+                union in_addr_union a;
+                int family;
+
+                r = extract_first_word(&rvalue, &w, WHITESPACE, EXTRACT_QUOTES|EXTRACT_RETAIN_ESCAPE);
+                if (r == 0)
+                        break;
+                if (r == -ENOMEM)
+                        return log_oom();
+                if (r < 0) {
+                        log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
+                        break;
+                }
+
+                r = in_addr_from_string_auto(w, &family, &a);
+                if (r < 0) {
+                        log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse dns server address, ignoring: %s", w);
+                        continue;
+                }
+
+                r = strv_consume(&n->dns, w);
+                if (r < 0)
+                        return log_oom();
+
+                w = NULL;
+        }
+
+        return 0;
+}
+
 int config_parse_dnssec_negative_trust_anchors(
                const char *unit,
                const char *filename,
--- a/src/network/networkd-network.h
+++ b/src/network/networkd-network.h
@ -220,6 +220,7 @@ int config_parse_netdev(const char *unit, const char *filename, unsigned line, c
 int config_parse_domains(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
 int config_parse_tunnel(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
 int config_parse_dhcp(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+int config_parse_dns(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
 int config_parse_dhcp_client_identifier(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
 int config_parse_ipv6token(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
 int config_parse_ipv6_privacy_extensions(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);