Compare commits
No commits in common. "293772c27a73bf44957795ed0d14db60abf37a82" and "197db625a30850f4234eed5994bc0e6cd3e7242c" have entirely different histories.
293772c27a
...
197db625a3
|
@ -80,7 +80,7 @@
|
||||||
<parameter>m</parameter> itself if there is no parent container.</para>
|
<parameter>m</parameter> itself if there is no parent container.</para>
|
||||||
|
|
||||||
<para><function>sd_bus_message_enter_container()</function> enters the next container of the message
|
<para><function>sd_bus_message_enter_container()</function> enters the next container of the message
|
||||||
<parameter>m</parameter> for reading. It behaves mostly the same as
|
<parameter>m</parameter>. It behaves mostly the same as
|
||||||
<function>sd_bus_message_open_container()</function>. Entering a container allows reading its contents
|
<function>sd_bus_message_open_container()</function>. Entering a container allows reading its contents
|
||||||
with
|
with
|
||||||
<citerefentry><refentrytitle>sd_bus_message_read</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
<citerefentry><refentrytitle>sd_bus_message_read</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||||
|
@ -89,12 +89,7 @@
|
||||||
|
|
||||||
<para><function>sd_bus_message_exit_container()</function> exits the scope of the last container entered
|
<para><function>sd_bus_message_exit_container()</function> exits the scope of the last container entered
|
||||||
with <function>sd_bus_message_enter_container()</function>. It behaves mostly the same as
|
with <function>sd_bus_message_enter_container()</function>. It behaves mostly the same as
|
||||||
<function>sd_bus_message_close_container()</function>. Note that
|
<function>sd_bus_message_close_container()</function>.</para>
|
||||||
<function>sd_bus_message_exit_container()</function> may only be called after iterating through all
|
|
||||||
members of the container, i.e. reading or skipping them. Use
|
|
||||||
<citerefentry><refentrytitle>sd_bus_message_skip</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
|
||||||
to skip over felds of a container in order to be able to exit the container with
|
|
||||||
<function>sd_bus_message_exit_container()</function> without reading all members.</para>
|
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
||||||
<refsect1>
|
<refsect1>
|
||||||
|
@ -133,13 +128,6 @@
|
||||||
|
|
||||||
<listitem><para>Memory allocation failed.</para></listitem>
|
<listitem><para>Memory allocation failed.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
|
||||||
<term><constant>-EBUSY</constant></term>
|
|
||||||
|
|
||||||
<listitem><para><function>sd_bus_message_exit_container()</function> was called but there are
|
|
||||||
unread members left in the container.</para></listitem>
|
|
||||||
</varlistentry>
|
|
||||||
</variablelist>
|
</variablelist>
|
||||||
</refsect2>
|
</refsect2>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
@ -170,7 +158,6 @@
|
||||||
<citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
<citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||||
<citerefentry><refentrytitle>sd_bus_message_append</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
<citerefentry><refentrytitle>sd_bus_message_append</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||||
<citerefentry><refentrytitle>sd_bus_message_read</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
<citerefentry><refentrytitle>sd_bus_message_read</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||||
<citerefentry><refentrytitle>sd_bus_message_skip</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
|
||||||
<ulink url="https://dbus.freedesktop.org/doc/dbus-specification.html">The D-Bus specification</ulink>
|
<ulink url="https://dbus.freedesktop.org/doc/dbus-specification.html">The D-Bus specification</ulink>
|
||||||
</para>
|
</para>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
|
@ -1064,7 +1064,7 @@ static void socket_apply_socket_options(Socket *s, int fd) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (s->send_buffer > 0) {
|
if (s->send_buffer > 0) {
|
||||||
r = fd_set_sndbuf(fd, s->send_buffer, false);
|
r = fd_set_sndbuf(fd, s->receive_buffer, false);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_unit_warning_errno(UNIT(s), r, "SO_SNDBUF/SO_SNDBUFFORCE failed: %m");
|
log_unit_warning_errno(UNIT(s), r, "SO_SNDBUF/SO_SNDBUFFORCE failed: %m");
|
||||||
}
|
}
|
||||||
|
|
|
@ -76,7 +76,7 @@ int arp_network_bind_raw_socket(int ifindex, be32_t address, const struct ether_
|
||||||
|
|
||||||
assert(ifindex > 0);
|
assert(ifindex > 0);
|
||||||
|
|
||||||
s = socket(AF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0);
|
s = socket(PF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0);
|
||||||
if (s < 0)
|
if (s < 0)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
||||||
|
|
|
@ -47,7 +47,7 @@ int lldp_network_bind_raw_socket(int ifindex) {
|
||||||
|
|
||||||
assert(ifindex > 0);
|
assert(ifindex > 0);
|
||||||
|
|
||||||
fd = socket(AF_PACKET, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK,
|
fd = socket(PF_PACKET, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK,
|
||||||
htobe16(ETHERTYPE_LLDP));
|
htobe16(ETHERTYPE_LLDP));
|
||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
|
@ -916,14 +916,14 @@ _public_ int sd_machine_get_ifindices(const char *machine, int **ret_ifindices)
|
||||||
if (!tt)
|
if (!tt)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
_cleanup_free_ int *ifindices = NULL;
|
size_t n = 0;
|
||||||
|
int *ifindices;
|
||||||
if (ret_ifindices) {
|
if (ret_ifindices) {
|
||||||
ifindices = new(int, strv_length(tt));
|
ifindices = new(int, strv_length(tt));
|
||||||
if (!ifindices)
|
if (!ifindices)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t n = 0;
|
|
||||||
for (size_t i = 0; tt[i]; i++) {
|
for (size_t i = 0; tt[i]; i++) {
|
||||||
int ind;
|
int ind;
|
||||||
|
|
||||||
|
@ -938,8 +938,7 @@ _public_ int sd_machine_get_ifindices(const char *machine, int **ret_ifindices)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret_ifindices)
|
if (ret_ifindices)
|
||||||
*ret_ifindices = TAKE_PTR(ifindices);
|
*ret_ifindices = ifindices;
|
||||||
|
|
||||||
return n;
|
return n;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -436,7 +436,7 @@ int sd_rtnl_message_new_neigh(sd_netlink *rtnl, sd_netlink_message **ret, uint16
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
assert_return(rtnl_message_type_is_neigh(nlmsg_type), -EINVAL);
|
assert_return(rtnl_message_type_is_neigh(nlmsg_type), -EINVAL);
|
||||||
assert_return(IN_SET(ndm_family, AF_UNSPEC, AF_INET, AF_INET6, AF_BRIDGE), -EINVAL);
|
assert_return(IN_SET(ndm_family, AF_UNSPEC, AF_INET, AF_INET6, PF_BRIDGE), -EINVAL);
|
||||||
assert_return(ret, -EINVAL);
|
assert_return(ret, -EINVAL);
|
||||||
|
|
||||||
r = message_new(rtnl, ret, nlmsg_type);
|
r = message_new(rtnl, ret, nlmsg_type);
|
||||||
|
|
|
@ -21,7 +21,7 @@ static void test_message_link_bridge(sd_netlink *rtnl) {
|
||||||
uint32_t cost;
|
uint32_t cost;
|
||||||
|
|
||||||
assert_se(sd_rtnl_message_new_link(rtnl, &message, RTM_NEWLINK, 1) >= 0);
|
assert_se(sd_rtnl_message_new_link(rtnl, &message, RTM_NEWLINK, 1) >= 0);
|
||||||
assert_se(sd_rtnl_message_link_set_family(message, AF_BRIDGE) >= 0);
|
assert_se(sd_rtnl_message_link_set_family(message, PF_BRIDGE) >= 0);
|
||||||
assert_se(sd_netlink_message_open_container(message, IFLA_PROTINFO) >= 0);
|
assert_se(sd_netlink_message_open_container(message, IFLA_PROTINFO) >= 0);
|
||||||
assert_se(sd_netlink_message_append_u32(message, IFLA_BRPORT_COST, 10) >= 0);
|
assert_se(sd_netlink_message_append_u32(message, IFLA_BRPORT_COST, 10) >= 0);
|
||||||
assert_se(sd_netlink_message_close_container(message) >= 0);
|
assert_se(sd_netlink_message_close_container(message) >= 0);
|
||||||
|
|
|
@ -496,10 +496,10 @@ _public_ int sd_resolve_new(sd_resolve **ret) {
|
||||||
for (i = 0; i < _FD_MAX; i++)
|
for (i = 0; i < _FD_MAX; i++)
|
||||||
resolve->fds[i] = -1;
|
resolve->fds[i] = -1;
|
||||||
|
|
||||||
if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, resolve->fds + REQUEST_RECV_FD) < 0)
|
if (socketpair(PF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, resolve->fds + REQUEST_RECV_FD) < 0)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
||||||
if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, resolve->fds + RESPONSE_RECV_FD) < 0)
|
if (socketpair(PF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, resolve->fds + RESPONSE_RECV_FD) < 0)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
||||||
for (i = 0; i < _FD_MAX; i++)
|
for (i = 0; i < _FD_MAX; i++)
|
||||||
|
|
|
@ -56,7 +56,7 @@ int main(int argc, char *argv[]) {
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
struct addrinfo hints = {
|
struct addrinfo hints = {
|
||||||
.ai_family = AF_UNSPEC,
|
.ai_family = PF_UNSPEC,
|
||||||
.ai_socktype = SOCK_STREAM,
|
.ai_socktype = SOCK_STREAM,
|
||||||
.ai_flags = AI_CANONNAME
|
.ai_flags = AI_CANONNAME
|
||||||
};
|
};
|
||||||
|
|
|
@ -192,7 +192,7 @@ int link_set_bridge(Link *link) {
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
|
return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
|
||||||
|
|
||||||
r = sd_rtnl_message_link_set_family(req, AF_BRIDGE);
|
r = sd_rtnl_message_link_set_family(req, PF_BRIDGE);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_link_error_errno(link, r, "Could not set message family: %m");
|
return log_link_error_errno(link, r, "Could not set message family: %m");
|
||||||
|
|
||||||
|
|
|
@ -851,12 +851,10 @@ int config_parse_macsec_key_id(
|
||||||
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse KeyId \"%s\": %m", rvalue);
|
log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse KeyId \"%s\": %m", rvalue);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (l > MACSEC_KEYID_LEN) {
|
if (l > MACSEC_KEYID_LEN)
|
||||||
log_syntax(unit, LOG_WARNING, filename, line, 0,
|
return log_syntax(unit, LOG_WARNING, filename, line, 0,
|
||||||
"Specified KeyId is larger then the allowed maximum (%zu > %u), ignoring: %s",
|
"Specified KeyId is larger then the allowed maximum (%zu > %u), ignoring: %s",
|
||||||
l, MACSEC_KEYID_LEN, rvalue);
|
l, MACSEC_KEYID_LEN, rvalue);
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
dest = a ? a->sa.key_id : b->sa.key_id;
|
dest = a ? a->sa.key_id : b->sa.key_id;
|
||||||
memcpy_safe(dest, p, l);
|
memcpy_safe(dest, p, l);
|
||||||
|
|
|
@ -492,17 +492,13 @@ static int wireguard_decode_key_and_warn(
|
||||||
(void) warn_file_is_world_accessible(filename, NULL, unit, line);
|
(void) warn_file_is_world_accessible(filename, NULL, unit, line);
|
||||||
|
|
||||||
r = unbase64mem_full(rvalue, strlen(rvalue), true, &key, &len);
|
r = unbase64mem_full(rvalue, strlen(rvalue), true, &key, &len);
|
||||||
if (r < 0) {
|
if (r < 0)
|
||||||
log_syntax(unit, LOG_WARNING, filename, line, r,
|
return log_syntax(unit, LOG_WARNING, filename, line, r,
|
||||||
"Failed to decode wireguard key provided by %s=, ignoring assignment: %m", lvalue);
|
"Failed to decode wireguard key provided by %s=, ignoring assignment: %m", lvalue);
|
||||||
return 0;
|
if (len != WG_KEY_LEN)
|
||||||
}
|
return log_syntax(unit, LOG_WARNING, filename, line, SYNTHETIC_ERRNO(EINVAL),
|
||||||
if (len != WG_KEY_LEN) {
|
|
||||||
log_syntax(unit, LOG_WARNING, filename, line, 0,
|
|
||||||
"Wireguard key provided by %s= has invalid length (%zu bytes), ignoring assignment.",
|
"Wireguard key provided by %s= has invalid length (%zu bytes), ignoring assignment.",
|
||||||
lvalue, len);
|
lvalue, len);
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
memcpy(ret, key, WG_KEY_LEN);
|
memcpy(ret, key, WG_KEY_LEN);
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
@ -169,7 +169,7 @@ int br_vlan_configure(Link *link, uint16_t pvid, uint32_t *br_vid_bitmap, uint32
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
|
return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
|
||||||
|
|
||||||
r = sd_rtnl_message_link_set_family(req, AF_BRIDGE);
|
r = sd_rtnl_message_link_set_family(req, PF_BRIDGE);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_link_error_errno(link, r, "Could not set message family: %m");
|
return log_link_error_errno(link, r, "Could not set message family: %m");
|
||||||
|
|
||||||
|
|
|
@ -124,7 +124,7 @@ int fdb_entry_configure(Link *link, FdbEntry *fdb_entry) {
|
||||||
assert(fdb_entry);
|
assert(fdb_entry);
|
||||||
|
|
||||||
/* create new RTM message */
|
/* create new RTM message */
|
||||||
r = sd_rtnl_message_new_neigh(link->manager->rtnl, &req, RTM_NEWNEIGH, link->ifindex, AF_BRIDGE);
|
r = sd_rtnl_message_new_neigh(link->manager->rtnl, &req, RTM_NEWNEIGH, link->ifindex, PF_BRIDGE);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_link_error_errno(link, r, "Could not create RTM_NEWNEIGH message: %m");
|
return log_link_error_errno(link, r, "Could not create RTM_NEWNEIGH message: %m");
|
||||||
|
|
||||||
|
@ -292,12 +292,10 @@ int config_parse_fdb_destination(
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
r = in_addr_from_string_auto(rvalue, &fdb_entry->family, &fdb_entry->destination_addr);
|
r = in_addr_from_string_auto(rvalue, &fdb_entry->family, &fdb_entry->destination_addr);
|
||||||
if (r < 0) {
|
if (r < 0)
|
||||||
log_syntax(unit, LOG_WARNING, filename, line, r,
|
return log_syntax(unit, LOG_WARNING, filename, line, r,
|
||||||
"FDB destination IP address is invalid, ignoring assignment: %s",
|
"FDB destination IP address is invalid, ignoring assignment: %s",
|
||||||
rvalue);
|
rvalue);
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
fdb_entry = NULL;
|
fdb_entry = NULL;
|
||||||
|
|
||||||
|
|
|
@ -267,7 +267,7 @@ static int lldp_send_packet(
|
||||||
|
|
||||||
memcpy(sa.ll.sll_addr, address, ETH_ALEN);
|
memcpy(sa.ll.sll_addr, address, ETH_ALEN);
|
||||||
|
|
||||||
fd = socket(AF_PACKET, SOCK_RAW|SOCK_CLOEXEC, IPPROTO_RAW);
|
fd = socket(PF_PACKET, SOCK_RAW|SOCK_CLOEXEC, IPPROTO_RAW);
|
||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
||||||
|
|
|
@ -21,6 +21,51 @@
|
||||||
|
|
||||||
DEFINE_CONFIG_PARSE_ENUM(config_parse_dns_stub_listener_mode, dns_stub_listener_mode, DnsStubListenerMode, "Failed to parse DNS stub listener mode setting");
|
DEFINE_CONFIG_PARSE_ENUM(config_parse_dns_stub_listener_mode, dns_stub_listener_mode, DnsStubListenerMode, "Failed to parse DNS stub listener mode setting");
|
||||||
|
|
||||||
|
static const char* const dns_stub_listener_mode_table[_DNS_STUB_LISTENER_MODE_MAX] = {
|
||||||
|
[DNS_STUB_LISTENER_NO] = "no",
|
||||||
|
[DNS_STUB_LISTENER_UDP] = "udp",
|
||||||
|
[DNS_STUB_LISTENER_TCP] = "tcp",
|
||||||
|
[DNS_STUB_LISTENER_YES] = "yes",
|
||||||
|
};
|
||||||
|
DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dns_stub_listener_mode, DnsStubListenerMode, DNS_STUB_LISTENER_YES);
|
||||||
|
|
||||||
|
static void dns_stub_listener_extra_hash_func(const DNSStubListenerExtra *a, struct siphash *state) {
|
||||||
|
assert(a);
|
||||||
|
|
||||||
|
siphash24_compress(&a->mode, sizeof(a->mode), state);
|
||||||
|
siphash24_compress(&a->family, sizeof(a->family), state);
|
||||||
|
siphash24_compress(&a->address, FAMILY_ADDRESS_SIZE(a->family), state);
|
||||||
|
siphash24_compress(&a->port, sizeof(a->port), state);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int dns_stub_listener_extra_compare_func(const DNSStubListenerExtra *a, const DNSStubListenerExtra *b) {
|
||||||
|
int r;
|
||||||
|
|
||||||
|
assert(a);
|
||||||
|
assert(b);
|
||||||
|
|
||||||
|
r = CMP(a->mode, b->mode);
|
||||||
|
if (r != 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
r = CMP(a->family, b->family);
|
||||||
|
if (r != 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
r = memcmp(&a->address, &b->address, FAMILY_ADDRESS_SIZE(a->family));
|
||||||
|
if (r != 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
return CMP(a->port, b->port);
|
||||||
|
}
|
||||||
|
|
||||||
|
DEFINE_PRIVATE_HASH_OPS_WITH_KEY_DESTRUCTOR(
|
||||||
|
dns_stub_listener_extra_hash_ops,
|
||||||
|
DNSStubListenerExtra,
|
||||||
|
dns_stub_listener_extra_hash_func,
|
||||||
|
dns_stub_listener_extra_compare_func,
|
||||||
|
dns_stub_listener_extra_free);
|
||||||
|
|
||||||
static int manager_add_dns_server_by_string(Manager *m, DnsServerType type, const char *word) {
|
static int manager_add_dns_server_by_string(Manager *m, DnsServerType type, const char *word) {
|
||||||
_cleanup_free_ char *server_name = NULL;
|
_cleanup_free_ char *server_name = NULL;
|
||||||
union in_addr_union address;
|
union in_addr_union address;
|
||||||
|
@ -391,7 +436,7 @@ int config_parse_dns_stub_listener_extra(
|
||||||
void *data,
|
void *data,
|
||||||
void *userdata) {
|
void *userdata) {
|
||||||
|
|
||||||
_cleanup_free_ DnsStubListenerExtra *stub = NULL;
|
_cleanup_free_ DNSStubListenerExtra *stub = NULL;
|
||||||
Manager *m = userdata;
|
Manager *m = userdata;
|
||||||
const char *p;
|
const char *p;
|
||||||
int r;
|
int r;
|
||||||
|
@ -406,7 +451,7 @@ int config_parse_dns_stub_listener_extra(
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = dns_stub_listener_extra_new(m, &stub);
|
r = dns_stub_listener_extra_new(&stub);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
|
|
|
@ -3,6 +3,17 @@
|
||||||
|
|
||||||
#include "conf-parser.h"
|
#include "conf-parser.h"
|
||||||
|
|
||||||
|
typedef enum DnsStubListenerMode DnsStubListenerMode;
|
||||||
|
|
||||||
|
enum DnsStubListenerMode {
|
||||||
|
DNS_STUB_LISTENER_NO,
|
||||||
|
DNS_STUB_LISTENER_UDP = 1 << 0,
|
||||||
|
DNS_STUB_LISTENER_TCP = 1 << 1,
|
||||||
|
DNS_STUB_LISTENER_YES = DNS_STUB_LISTENER_UDP | DNS_STUB_LISTENER_TCP,
|
||||||
|
_DNS_STUB_LISTENER_MODE_MAX,
|
||||||
|
_DNS_STUB_LISTENER_MODE_INVALID = -1
|
||||||
|
};
|
||||||
|
|
||||||
#include "resolved-dns-server.h"
|
#include "resolved-dns-server.h"
|
||||||
|
|
||||||
int manager_parse_config_file(Manager *m);
|
int manager_parse_config_file(Manager *m);
|
||||||
|
@ -20,3 +31,6 @@ CONFIG_PARSER_PROTOTYPE(config_parse_dnssd_service_name);
|
||||||
CONFIG_PARSER_PROTOTYPE(config_parse_dnssd_service_type);
|
CONFIG_PARSER_PROTOTYPE(config_parse_dnssd_service_type);
|
||||||
CONFIG_PARSER_PROTOTYPE(config_parse_dnssd_txt);
|
CONFIG_PARSER_PROTOTYPE(config_parse_dnssd_txt);
|
||||||
CONFIG_PARSER_PROTOTYPE(config_parse_dns_stub_listener_extra);
|
CONFIG_PARSER_PROTOTYPE(config_parse_dns_stub_listener_extra);
|
||||||
|
|
||||||
|
const char* dns_stub_listener_mode_to_string(DnsStubListenerMode p) _const_;
|
||||||
|
DnsStubListenerMode dns_stub_listener_mode_from_string(const char *s) _pure_;
|
||||||
|
|
|
@ -66,6 +66,7 @@ struct DnsPacket {
|
||||||
DnsResourceRecord *opt;
|
DnsResourceRecord *opt;
|
||||||
|
|
||||||
/* Packet reception metadata */
|
/* Packet reception metadata */
|
||||||
|
int fd; /* Used by UDP extra DNS stub listners */
|
||||||
int ifindex;
|
int ifindex;
|
||||||
int family, ipproto;
|
int family, ipproto;
|
||||||
union in_addr_union sender, destination;
|
union in_addr_union sender, destination;
|
||||||
|
|
|
@ -8,7 +8,6 @@
|
||||||
|
|
||||||
typedef struct DnsQueryCandidate DnsQueryCandidate;
|
typedef struct DnsQueryCandidate DnsQueryCandidate;
|
||||||
typedef struct DnsQuery DnsQuery;
|
typedef struct DnsQuery DnsQuery;
|
||||||
typedef struct DnsStubListenerExtra DnsStubListenerExtra;
|
|
||||||
|
|
||||||
#include "resolved-dns-answer.h"
|
#include "resolved-dns-answer.h"
|
||||||
#include "resolved-dns-question.h"
|
#include "resolved-dns-question.h"
|
||||||
|
@ -83,7 +82,6 @@ struct DnsQuery {
|
||||||
DnsPacket *request_dns_packet;
|
DnsPacket *request_dns_packet;
|
||||||
DnsStream *request_dns_stream;
|
DnsStream *request_dns_stream;
|
||||||
DnsPacket *reply_dns_packet;
|
DnsPacket *reply_dns_packet;
|
||||||
DnsStubListenerExtra *stub_listener_extra;
|
|
||||||
|
|
||||||
/* Completion callback */
|
/* Completion callback */
|
||||||
void (*complete)(DnsQuery* q);
|
void (*complete)(DnsQuery* q);
|
||||||
|
|
|
@ -10,7 +10,6 @@ typedef struct DnsServer DnsServer;
|
||||||
typedef struct DnsStream DnsStream;
|
typedef struct DnsStream DnsStream;
|
||||||
typedef struct DnsTransaction DnsTransaction;
|
typedef struct DnsTransaction DnsTransaction;
|
||||||
typedef struct Manager Manager;
|
typedef struct Manager Manager;
|
||||||
typedef struct DnsStubListenerExtra DnsStubListenerExtra;
|
|
||||||
|
|
||||||
#include "resolved-dns-packet.h"
|
#include "resolved-dns-packet.h"
|
||||||
#include "resolved-dnstls.h"
|
#include "resolved-dnstls.h"
|
||||||
|
@ -76,8 +75,6 @@ struct DnsStream {
|
||||||
/* used when DNS-over-TLS is enabled */
|
/* used when DNS-over-TLS is enabled */
|
||||||
bool encrypted:1;
|
bool encrypted:1;
|
||||||
|
|
||||||
DnsStubListenerExtra *stub_listener_extra;
|
|
||||||
|
|
||||||
LIST_FIELDS(DnsStream, streams);
|
LIST_FIELDS(DnsStream, streams);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -9,70 +9,24 @@
|
||||||
#include "resolved-dns-stub.h"
|
#include "resolved-dns-stub.h"
|
||||||
#include "socket-netlink.h"
|
#include "socket-netlink.h"
|
||||||
#include "socket-util.h"
|
#include "socket-util.h"
|
||||||
#include "string-table.h"
|
|
||||||
|
|
||||||
/* The MTU of the loopback device is 64K on Linux, advertise that as maximum datagram size, but subtract the Ethernet,
|
/* The MTU of the loopback device is 64K on Linux, advertise that as maximum datagram size, but subtract the Ethernet,
|
||||||
* IP and UDP header sizes */
|
* IP and UDP header sizes */
|
||||||
#define ADVERTISE_DATAGRAM_SIZE_MAX (65536U-14U-20U-8U)
|
#define ADVERTISE_DATAGRAM_SIZE_MAX (65536U-14U-20U-8U)
|
||||||
|
|
||||||
static int manager_dns_stub_udp_fd_extra(Manager *m, DnsStubListenerExtra *l);
|
int dns_stub_listener_extra_new(DNSStubListenerExtra **ret) {
|
||||||
|
DNSStubListenerExtra *l;
|
||||||
|
|
||||||
static void dns_stub_listener_extra_hash_func(const DnsStubListenerExtra *a, struct siphash *state) {
|
l = new0(DNSStubListenerExtra, 1);
|
||||||
assert(a);
|
|
||||||
|
|
||||||
siphash24_compress(&a->mode, sizeof(a->mode), state);
|
|
||||||
siphash24_compress(&a->family, sizeof(a->family), state);
|
|
||||||
siphash24_compress(&a->address, FAMILY_ADDRESS_SIZE(a->family), state);
|
|
||||||
siphash24_compress(&a->port, sizeof(a->port), state);
|
|
||||||
}
|
|
||||||
|
|
||||||
static int dns_stub_listener_extra_compare_func(const DnsStubListenerExtra *a, const DnsStubListenerExtra *b) {
|
|
||||||
int r;
|
|
||||||
|
|
||||||
assert(a);
|
|
||||||
assert(b);
|
|
||||||
|
|
||||||
r = CMP(a->mode, b->mode);
|
|
||||||
if (r != 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
r = CMP(a->family, b->family);
|
|
||||||
if (r != 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
r = memcmp(&a->address, &b->address, FAMILY_ADDRESS_SIZE(a->family));
|
|
||||||
if (r != 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
return CMP(a->port, b->port);
|
|
||||||
}
|
|
||||||
|
|
||||||
DEFINE_HASH_OPS_WITH_KEY_DESTRUCTOR(
|
|
||||||
dns_stub_listener_extra_hash_ops,
|
|
||||||
DnsStubListenerExtra,
|
|
||||||
dns_stub_listener_extra_hash_func,
|
|
||||||
dns_stub_listener_extra_compare_func,
|
|
||||||
dns_stub_listener_extra_free);
|
|
||||||
|
|
||||||
int dns_stub_listener_extra_new(
|
|
||||||
Manager *m,
|
|
||||||
DnsStubListenerExtra **ret) {
|
|
||||||
|
|
||||||
DnsStubListenerExtra *l;
|
|
||||||
|
|
||||||
l = new(DnsStubListenerExtra, 1);
|
|
||||||
if (!l)
|
if (!l)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
*l = (DnsStubListenerExtra) {
|
|
||||||
.manager = m,
|
|
||||||
};
|
|
||||||
|
|
||||||
*ret = TAKE_PTR(l);
|
*ret = TAKE_PTR(l);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
DnsStubListenerExtra *dns_stub_listener_extra_free(DnsStubListenerExtra *p) {
|
DNSStubListenerExtra *dns_stub_listener_extra_free(DNSStubListenerExtra *p) {
|
||||||
if (!p)
|
if (!p)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
|
@ -197,13 +151,7 @@ static int dns_stub_finish_reply_packet(
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int dns_stub_send(
|
static int dns_stub_send(Manager *m, DnsStream *s, DnsPacket *p, DnsPacket *reply) {
|
||||||
Manager *m,
|
|
||||||
DnsStubListenerExtra *l,
|
|
||||||
DnsStream *s,
|
|
||||||
DnsPacket *p,
|
|
||||||
DnsPacket *reply) {
|
|
||||||
|
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
assert(m);
|
assert(m);
|
||||||
|
@ -212,29 +160,20 @@ static int dns_stub_send(
|
||||||
|
|
||||||
if (s)
|
if (s)
|
||||||
r = dns_stream_write_packet(s, reply);
|
r = dns_stream_write_packet(s, reply);
|
||||||
else
|
else {
|
||||||
/* Note that it is essential here that we explicitly choose the source IP address for this packet. This
|
/* Note that it is essential here that we explicitly choose the source IP address for this packet. This
|
||||||
* is because otherwise the kernel will choose it automatically based on the routing table and will
|
* is because otherwise the kernel will choose it automatically based on the routing table and will
|
||||||
* thus pick 127.0.0.1 rather than 127.0.0.53. */
|
* thus pick 127.0.0.1 rather than 127.0.0.53. */
|
||||||
r = manager_send(m,
|
|
||||||
manager_dns_stub_udp_fd_extra(m, l),
|
r = manager_send(m, p->fd, p->ifindex, p->family, &p->sender, p->sender_port, &p->destination, reply);
|
||||||
l ? p->ifindex : LOOPBACK_IFINDEX, /* force loopback iface if this is the main listener stub */
|
}
|
||||||
p->family, &p->sender, p->sender_port, &p->destination,
|
|
||||||
reply);
|
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_debug_errno(r, "Failed to send reply packet: %m");
|
return log_debug_errno(r, "Failed to send reply packet: %m");
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int dns_stub_send_failure(
|
static int dns_stub_send_failure(Manager *m, DnsStream *s, DnsPacket *p, int rcode, bool authenticated) {
|
||||||
Manager *m,
|
|
||||||
DnsStubListenerExtra *l,
|
|
||||||
DnsStream *s,
|
|
||||||
DnsPacket *p,
|
|
||||||
int rcode,
|
|
||||||
bool authenticated) {
|
|
||||||
|
|
||||||
_cleanup_(dns_packet_unrefp) DnsPacket *reply = NULL;
|
_cleanup_(dns_packet_unrefp) DnsPacket *reply = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
|
@ -249,7 +188,7 @@ static int dns_stub_send_failure(
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_debug_errno(r, "Failed to build failure packet: %m");
|
return log_debug_errno(r, "Failed to build failure packet: %m");
|
||||||
|
|
||||||
return dns_stub_send(m, l, s, p, reply);
|
return dns_stub_send(m, s, p, reply);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void dns_stub_query_complete(DnsQuery *q) {
|
static void dns_stub_query_complete(DnsQuery *q) {
|
||||||
|
@ -272,7 +211,7 @@ static void dns_stub_query_complete(DnsQuery *q) {
|
||||||
if (!truncated) {
|
if (!truncated) {
|
||||||
r = dns_query_process_cname(q);
|
r = dns_query_process_cname(q);
|
||||||
if (r == -ELOOP) {
|
if (r == -ELOOP) {
|
||||||
(void) dns_stub_send_failure(q->manager, q->stub_listener_extra, q->request_dns_stream, q->request_dns_packet, DNS_RCODE_SERVFAIL, false);
|
(void) dns_stub_send_failure(q->manager, q->request_dns_stream, q->request_dns_packet, DNS_RCODE_SERVFAIL, false);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
|
@ -296,16 +235,16 @@ static void dns_stub_query_complete(DnsQuery *q) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
(void) dns_stub_send(q->manager, q->stub_listener_extra, q->request_dns_stream, q->request_dns_packet, q->reply_dns_packet);
|
(void) dns_stub_send(q->manager, q->request_dns_stream, q->request_dns_packet, q->reply_dns_packet);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
case DNS_TRANSACTION_RCODE_FAILURE:
|
case DNS_TRANSACTION_RCODE_FAILURE:
|
||||||
(void) dns_stub_send_failure(q->manager, q->stub_listener_extra, q->request_dns_stream, q->request_dns_packet, q->answer_rcode, dns_query_fully_authenticated(q));
|
(void) dns_stub_send_failure(q->manager, q->request_dns_stream, q->request_dns_packet, q->answer_rcode, dns_query_fully_authenticated(q));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case DNS_TRANSACTION_NOT_FOUND:
|
case DNS_TRANSACTION_NOT_FOUND:
|
||||||
(void) dns_stub_send_failure(q->manager, q->stub_listener_extra, q->request_dns_stream, q->request_dns_packet, DNS_RCODE_NXDOMAIN, dns_query_fully_authenticated(q));
|
(void) dns_stub_send_failure(q->manager, q->request_dns_stream, q->request_dns_packet, DNS_RCODE_NXDOMAIN, dns_query_fully_authenticated(q));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case DNS_TRANSACTION_TIMEOUT:
|
case DNS_TRANSACTION_TIMEOUT:
|
||||||
|
@ -321,7 +260,7 @@ static void dns_stub_query_complete(DnsQuery *q) {
|
||||||
case DNS_TRANSACTION_NO_TRUST_ANCHOR:
|
case DNS_TRANSACTION_NO_TRUST_ANCHOR:
|
||||||
case DNS_TRANSACTION_RR_TYPE_UNSUPPORTED:
|
case DNS_TRANSACTION_RR_TYPE_UNSUPPORTED:
|
||||||
case DNS_TRANSACTION_NETWORK_DOWN:
|
case DNS_TRANSACTION_NETWORK_DOWN:
|
||||||
(void) dns_stub_send_failure(q->manager, q->stub_listener_extra, q->request_dns_stream, q->request_dns_packet, DNS_RCODE_SERVFAIL, false);
|
(void) dns_stub_send_failure(q->manager, q->request_dns_stream, q->request_dns_packet, DNS_RCODE_SERVFAIL, false);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case DNS_TRANSACTION_NULL:
|
case DNS_TRANSACTION_NULL:
|
||||||
|
@ -355,7 +294,7 @@ static int dns_stub_stream_complete(DnsStream *s, int error) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void dns_stub_process_query(Manager *m, DnsStubListenerExtra *l, DnsStream *s, DnsPacket *p) {
|
static void dns_stub_process_query(Manager *m, DnsStream *s, DnsPacket *p, bool is_extra) {
|
||||||
_cleanup_(dns_query_freep) DnsQuery *q = NULL;
|
_cleanup_(dns_query_freep) DnsQuery *q = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
|
@ -363,56 +302,56 @@ static void dns_stub_process_query(Manager *m, DnsStubListenerExtra *l, DnsStrea
|
||||||
assert(p);
|
assert(p);
|
||||||
assert(p->protocol == DNS_PROTOCOL_DNS);
|
assert(p->protocol == DNS_PROTOCOL_DNS);
|
||||||
|
|
||||||
if (!l && /* l == NULL if this is the main stub */
|
if (!is_extra &&
|
||||||
(in_addr_is_localhost(p->family, &p->sender) <= 0 ||
|
(in_addr_is_localhost(p->family, &p->sender) <= 0 ||
|
||||||
in_addr_is_localhost(p->family, &p->destination) <= 0)) {
|
in_addr_is_localhost(p->family, &p->destination) <= 0)) {
|
||||||
log_error("Got packet on unexpected IP range, refusing.");
|
log_error("Got packet on unexpected IP range, refusing.");
|
||||||
dns_stub_send_failure(m, l, s, p, DNS_RCODE_SERVFAIL, false);
|
dns_stub_send_failure(m, s, p, DNS_RCODE_SERVFAIL, false);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = dns_packet_extract(p);
|
r = dns_packet_extract(p);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_debug_errno(r, "Failed to extract resources from incoming packet, ignoring packet: %m");
|
log_debug_errno(r, "Failed to extract resources from incoming packet, ignoring packet: %m");
|
||||||
dns_stub_send_failure(m, l, s, p, DNS_RCODE_FORMERR, false);
|
dns_stub_send_failure(m, s, p, DNS_RCODE_FORMERR, false);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!DNS_PACKET_VERSION_SUPPORTED(p)) {
|
if (!DNS_PACKET_VERSION_SUPPORTED(p)) {
|
||||||
log_debug("Got EDNS OPT field with unsupported version number.");
|
log_debug("Got EDNS OPT field with unsupported version number.");
|
||||||
dns_stub_send_failure(m, l, s, p, DNS_RCODE_BADVERS, false);
|
dns_stub_send_failure(m, s, p, DNS_RCODE_BADVERS, false);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (dns_type_is_obsolete(p->question->keys[0]->type)) {
|
if (dns_type_is_obsolete(p->question->keys[0]->type)) {
|
||||||
log_debug("Got message with obsolete key type, refusing.");
|
log_debug("Got message with obsolete key type, refusing.");
|
||||||
dns_stub_send_failure(m, l, s, p, DNS_RCODE_NOTIMP, false);
|
dns_stub_send_failure(m, s, p, DNS_RCODE_NOTIMP, false);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (dns_type_is_zone_transer(p->question->keys[0]->type)) {
|
if (dns_type_is_zone_transer(p->question->keys[0]->type)) {
|
||||||
log_debug("Got request for zone transfer, refusing.");
|
log_debug("Got request for zone transfer, refusing.");
|
||||||
dns_stub_send_failure(m, l, s, p, DNS_RCODE_NOTIMP, false);
|
dns_stub_send_failure(m, s, p, DNS_RCODE_NOTIMP, false);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!DNS_PACKET_RD(p)) {
|
if (!DNS_PACKET_RD(p)) {
|
||||||
/* If the "rd" bit is off (i.e. recursion was not requested), then refuse operation */
|
/* If the "rd" bit is off (i.e. recursion was not requested), then refuse operation */
|
||||||
log_debug("Got request with recursion disabled, refusing.");
|
log_debug("Got request with recursion disabled, refusing.");
|
||||||
dns_stub_send_failure(m, l, s, p, DNS_RCODE_REFUSED, false);
|
dns_stub_send_failure(m, s, p, DNS_RCODE_REFUSED, false);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (DNS_PACKET_DO(p) && DNS_PACKET_CD(p)) {
|
if (DNS_PACKET_DO(p) && DNS_PACKET_CD(p)) {
|
||||||
log_debug("Got request with DNSSEC CD bit set, refusing.");
|
log_debug("Got request with DNSSEC CD bit set, refusing.");
|
||||||
dns_stub_send_failure(m, l, s, p, DNS_RCODE_NOTIMP, false);
|
dns_stub_send_failure(m, s, p, DNS_RCODE_NOTIMP, false);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = dns_query_new(m, &q, p->question, p->question, 0, SD_RESOLVED_PROTOCOLS_ALL|SD_RESOLVED_NO_SEARCH);
|
r = dns_query_new(m, &q, p->question, p->question, 0, SD_RESOLVED_PROTOCOLS_ALL|SD_RESOLVED_NO_SEARCH);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_error_errno(r, "Failed to generate query object: %m");
|
log_error_errno(r, "Failed to generate query object: %m");
|
||||||
dns_stub_send_failure(m, l, s, p, DNS_RCODE_SERVFAIL, false);
|
dns_stub_send_failure(m, s, p, DNS_RCODE_SERVFAIL, false);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -421,7 +360,6 @@ static void dns_stub_process_query(Manager *m, DnsStubListenerExtra *l, DnsStrea
|
||||||
|
|
||||||
q->request_dns_packet = dns_packet_ref(p);
|
q->request_dns_packet = dns_packet_ref(p);
|
||||||
q->request_dns_stream = dns_stream_ref(s); /* make sure the stream stays around until we can send a reply through it */
|
q->request_dns_stream = dns_stream_ref(s); /* make sure the stream stays around until we can send a reply through it */
|
||||||
q->stub_listener_extra = l;
|
|
||||||
q->complete = dns_stub_query_complete;
|
q->complete = dns_stub_query_complete;
|
||||||
|
|
||||||
if (s) {
|
if (s) {
|
||||||
|
@ -439,7 +377,7 @@ static void dns_stub_process_query(Manager *m, DnsStubListenerExtra *l, DnsStrea
|
||||||
r = dns_query_go(q);
|
r = dns_query_go(q);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_error_errno(r, "Failed to start query: %m");
|
log_error_errno(r, "Failed to start query: %m");
|
||||||
dns_stub_send_failure(m, l, s, p, DNS_RCODE_SERVFAIL, false);
|
dns_stub_send_failure(m, s, p, DNS_RCODE_SERVFAIL, false);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -447,7 +385,7 @@ static void dns_stub_process_query(Manager *m, DnsStubListenerExtra *l, DnsStrea
|
||||||
TAKE_PTR(q);
|
TAKE_PTR(q);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int on_dns_stub_packet_internal(sd_event_source *s, int fd, uint32_t revents, Manager *m, DnsStubListenerExtra *l) {
|
static int on_dns_stub_packet_internal(sd_event_source *s, int fd, uint32_t revents, Manager *m, bool is_extra) {
|
||||||
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
|
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
|
@ -458,7 +396,7 @@ static int on_dns_stub_packet_internal(sd_event_source *s, int fd, uint32_t reve
|
||||||
if (dns_packet_validate_query(p) > 0) {
|
if (dns_packet_validate_query(p) > 0) {
|
||||||
log_debug("Got DNS stub UDP query packet for id %u", DNS_PACKET_ID(p));
|
log_debug("Got DNS stub UDP query packet for id %u", DNS_PACKET_ID(p));
|
||||||
|
|
||||||
dns_stub_process_query(m, l, NULL, p);
|
dns_stub_process_query(m, NULL, p, is_extra);
|
||||||
} else
|
} else
|
||||||
log_debug("Invalid DNS stub UDP packet, ignoring.");
|
log_debug("Invalid DNS stub UDP packet, ignoring.");
|
||||||
|
|
||||||
|
@ -466,15 +404,11 @@ static int on_dns_stub_packet_internal(sd_event_source *s, int fd, uint32_t reve
|
||||||
}
|
}
|
||||||
|
|
||||||
static int on_dns_stub_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
|
static int on_dns_stub_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
|
||||||
return on_dns_stub_packet_internal(s, fd, revents, userdata, NULL);
|
return on_dns_stub_packet_internal(s, fd, revents, userdata, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int on_dns_stub_packet_extra(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
|
static int on_dns_stub_packet_extra(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
|
||||||
DnsStubListenerExtra *l = userdata;
|
return on_dns_stub_packet_internal(s, fd, revents, userdata, true);
|
||||||
|
|
||||||
assert(l);
|
|
||||||
|
|
||||||
return on_dns_stub_packet_internal(s, fd, revents, l->manager, l);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static int set_dns_stub_common_socket_options(int fd, int family) {
|
static int set_dns_stub_common_socket_options(int fd, int family) {
|
||||||
|
@ -549,17 +483,12 @@ static int manager_dns_stub_udp_fd(Manager *m) {
|
||||||
return TAKE_FD(fd);
|
return TAKE_FD(fd);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int manager_dns_stub_udp_fd_extra(Manager *m, DnsStubListenerExtra *l) {
|
static int manager_dns_stub_udp_fd_extra(Manager *m, DNSStubListenerExtra *l) {
|
||||||
_cleanup_free_ char *pretty = NULL;
|
_cleanup_free_ char *pretty = NULL;
|
||||||
_cleanup_close_ int fd = -1;
|
_cleanup_close_ int fd = -1;
|
||||||
union sockaddr_union sa;
|
union sockaddr_union sa;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
assert(m);
|
|
||||||
|
|
||||||
if (!l)
|
|
||||||
return manager_dns_stub_udp_fd(m);
|
|
||||||
|
|
||||||
if (l->udp_event_source)
|
if (l->udp_event_source)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
@ -597,7 +526,7 @@ static int manager_dns_stub_udp_fd_extra(Manager *m, DnsStubListenerExtra *l) {
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = sd_event_add_io(m->event, &l->udp_event_source, fd, EPOLLIN, on_dns_stub_packet_extra, l);
|
r = sd_event_add_io(m->event, &l->udp_event_source, fd, EPOLLIN, on_dns_stub_packet_extra, m);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
|
@ -622,7 +551,7 @@ fail:
|
||||||
return log_warning_errno(r, "Failed to listen on UDP socket %s: %m", strnull(pretty));
|
return log_warning_errno(r, "Failed to listen on UDP socket %s: %m", strnull(pretty));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int on_dns_stub_stream_packet(DnsStream *s) {
|
static int on_dns_stub_stream_packet_internal(DnsStream *s, bool is_extra) {
|
||||||
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
|
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
|
||||||
|
|
||||||
assert(s);
|
assert(s);
|
||||||
|
@ -633,14 +562,22 @@ static int on_dns_stub_stream_packet(DnsStream *s) {
|
||||||
if (dns_packet_validate_query(p) > 0) {
|
if (dns_packet_validate_query(p) > 0) {
|
||||||
log_debug("Got DNS stub TCP query packet for id %u", DNS_PACKET_ID(p));
|
log_debug("Got DNS stub TCP query packet for id %u", DNS_PACKET_ID(p));
|
||||||
|
|
||||||
dns_stub_process_query(s->manager, s->stub_listener_extra, s, p);
|
dns_stub_process_query(s->manager, s, p, is_extra);
|
||||||
} else
|
} else
|
||||||
log_debug("Invalid DNS stub TCP packet, ignoring.");
|
log_debug("Invalid DNS stub TCP packet, ignoring.");
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int on_dns_stub_stream_internal(sd_event_source *s, int fd, uint32_t revents, Manager *m, DnsStubListenerExtra *l) {
|
static int on_dns_stub_stream_packet(DnsStream *s) {
|
||||||
|
return on_dns_stub_stream_packet_internal(s, false);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int on_dns_stub_stream_packet_extra(DnsStream *s) {
|
||||||
|
return on_dns_stub_stream_packet_internal(s, true);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int on_dns_stub_stream_internal(sd_event_source *s, int fd, uint32_t revents, Manager *m, bool is_extra) {
|
||||||
DnsStream *stream;
|
DnsStream *stream;
|
||||||
int cfd, r;
|
int cfd, r;
|
||||||
|
|
||||||
|
@ -658,8 +595,7 @@ static int on_dns_stub_stream_internal(sd_event_source *s, int fd, uint32_t reve
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
stream->stub_listener_extra = l;
|
stream->on_packet = is_extra ? on_dns_stub_stream_packet_extra : on_dns_stub_stream_packet;
|
||||||
stream->on_packet = on_dns_stub_stream_packet;
|
|
||||||
stream->complete = dns_stub_stream_complete;
|
stream->complete = dns_stub_stream_complete;
|
||||||
|
|
||||||
/* We let the reference to the stream dangle here, it will be dropped later by the complete callback. */
|
/* We let the reference to the stream dangle here, it will be dropped later by the complete callback. */
|
||||||
|
@ -668,14 +604,11 @@ static int on_dns_stub_stream_internal(sd_event_source *s, int fd, uint32_t reve
|
||||||
}
|
}
|
||||||
|
|
||||||
static int on_dns_stub_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
|
static int on_dns_stub_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
|
||||||
return on_dns_stub_stream_internal(s, fd, revents, userdata, NULL);
|
return on_dns_stub_stream_internal(s, fd, revents, userdata, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int on_dns_stub_stream_extra(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
|
static int on_dns_stub_stream_extra(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
|
||||||
DnsStubListenerExtra *l = userdata;
|
return on_dns_stub_stream_internal(s, fd, revents, userdata, true);
|
||||||
|
|
||||||
assert(l);
|
|
||||||
return on_dns_stub_stream_internal(s, fd, revents, l->manager, l);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static int manager_dns_stub_tcp_fd(Manager *m) {
|
static int manager_dns_stub_tcp_fd(Manager *m) {
|
||||||
|
@ -726,7 +659,7 @@ static int manager_dns_stub_tcp_fd(Manager *m) {
|
||||||
return TAKE_FD(fd);
|
return TAKE_FD(fd);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int manager_dns_stub_tcp_fd_extra(Manager *m, DnsStubListenerExtra *l) {
|
static int manager_dns_stub_tcp_fd_extra(Manager *m, DNSStubListenerExtra *l) {
|
||||||
_cleanup_free_ char *pretty = NULL;
|
_cleanup_free_ char *pretty = NULL;
|
||||||
_cleanup_close_ int fd = -1;
|
_cleanup_close_ int fd = -1;
|
||||||
union sockaddr_union sa;
|
union sockaddr_union sa;
|
||||||
|
@ -778,7 +711,7 @@ static int manager_dns_stub_tcp_fd_extra(Manager *m, DnsStubListenerExtra *l) {
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = sd_event_add_io(m->event, &l->tcp_event_source, fd, EPOLLIN, on_dns_stub_stream_extra, l);
|
r = sd_event_add_io(m->event, &l->tcp_event_source, fd, EPOLLIN, on_dns_stub_stream_extra, m);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
|
@ -840,7 +773,7 @@ int manager_dns_stub_start(Manager *m) {
|
||||||
return log_error_errno(r, "Failed to listen on %s socket 127.0.0.53:53: %m", t);
|
return log_error_errno(r, "Failed to listen on %s socket 127.0.0.53:53: %m", t);
|
||||||
|
|
||||||
if (!ordered_set_isempty(m->dns_extra_stub_listeners)) {
|
if (!ordered_set_isempty(m->dns_extra_stub_listeners)) {
|
||||||
DnsStubListenerExtra *l;
|
DNSStubListenerExtra *l;
|
||||||
|
|
||||||
log_debug("Creating extra stub listeners.");
|
log_debug("Creating extra stub listeners.");
|
||||||
|
|
||||||
|
@ -861,11 +794,3 @@ void manager_dns_stub_stop(Manager *m) {
|
||||||
m->dns_stub_udp_event_source = sd_event_source_unref(m->dns_stub_udp_event_source);
|
m->dns_stub_udp_event_source = sd_event_source_unref(m->dns_stub_udp_event_source);
|
||||||
m->dns_stub_tcp_event_source = sd_event_source_unref(m->dns_stub_tcp_event_source);
|
m->dns_stub_tcp_event_source = sd_event_source_unref(m->dns_stub_tcp_event_source);
|
||||||
}
|
}
|
||||||
|
|
||||||
static const char* const dns_stub_listener_mode_table[_DNS_STUB_LISTENER_MODE_MAX] = {
|
|
||||||
[DNS_STUB_LISTENER_NO] = "no",
|
|
||||||
[DNS_STUB_LISTENER_UDP] = "udp",
|
|
||||||
[DNS_STUB_LISTENER_TCP] = "tcp",
|
|
||||||
[DNS_STUB_LISTENER_YES] = "yes",
|
|
||||||
};
|
|
||||||
DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dns_stub_listener_mode, DnsStubListenerMode, DNS_STUB_LISTENER_YES);
|
|
||||||
|
|
|
@ -1,41 +1,10 @@
|
||||||
/* SPDX-License-Identifier: LGPL-2.1+ */
|
/* SPDX-License-Identifier: LGPL-2.1+ */
|
||||||
#pragma once
|
#pragma once
|
||||||
|
|
||||||
#include "hash-funcs.h"
|
|
||||||
|
|
||||||
typedef struct DnsStubListenerExtra DnsStubListenerExtra;
|
|
||||||
|
|
||||||
typedef enum DnsStubListenerMode {
|
|
||||||
DNS_STUB_LISTENER_NO,
|
|
||||||
DNS_STUB_LISTENER_UDP = 1 << 0,
|
|
||||||
DNS_STUB_LISTENER_TCP = 1 << 1,
|
|
||||||
DNS_STUB_LISTENER_YES = DNS_STUB_LISTENER_UDP | DNS_STUB_LISTENER_TCP,
|
|
||||||
_DNS_STUB_LISTENER_MODE_MAX,
|
|
||||||
_DNS_STUB_LISTENER_MODE_INVALID = -1
|
|
||||||
} DnsStubListenerMode;
|
|
||||||
|
|
||||||
#include "resolved-manager.h"
|
#include "resolved-manager.h"
|
||||||
|
|
||||||
struct DnsStubListenerExtra {
|
int dns_stub_listener_extra_new(DNSStubListenerExtra **ret);
|
||||||
Manager *manager;
|
DNSStubListenerExtra *dns_stub_listener_extra_free(DNSStubListenerExtra *p);
|
||||||
|
|
||||||
DnsStubListenerMode mode;
|
|
||||||
|
|
||||||
int family;
|
|
||||||
union in_addr_union address;
|
|
||||||
uint16_t port;
|
|
||||||
|
|
||||||
sd_event_source *udp_event_source;
|
|
||||||
sd_event_source *tcp_event_source;
|
|
||||||
};
|
|
||||||
|
|
||||||
extern const struct hash_ops dns_stub_listener_extra_hash_ops;
|
|
||||||
|
|
||||||
int dns_stub_listener_extra_new(Manager *m, DnsStubListenerExtra **ret);
|
|
||||||
DnsStubListenerExtra *dns_stub_listener_extra_free(DnsStubListenerExtra *p);
|
|
||||||
|
|
||||||
void manager_dns_stub_stop(Manager *m);
|
void manager_dns_stub_stop(Manager *m);
|
||||||
int manager_dns_stub_start(Manager *m);
|
int manager_dns_stub_start(Manager *m);
|
||||||
|
|
||||||
const char* dns_stub_listener_mode_to_string(DnsStubListenerMode p) _const_;
|
|
||||||
DnsStubListenerMode dns_stub_listener_mode_from_string(const char *s) _pure_;
|
|
||||||
|
|
|
@ -6,7 +6,6 @@
|
||||||
#include "resolved-dnssd.h"
|
#include "resolved-dnssd.h"
|
||||||
#include "resolved-dns-rr.h"
|
#include "resolved-dns-rr.h"
|
||||||
#include "resolved-manager.h"
|
#include "resolved-manager.h"
|
||||||
#include "resolved-conf.h"
|
|
||||||
#include "specifier.h"
|
#include "specifier.h"
|
||||||
#include "strv.h"
|
#include "strv.h"
|
||||||
|
|
||||||
|
|
|
@ -789,6 +789,7 @@ int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
|
||||||
|
|
||||||
p->size = (size_t) l;
|
p->size = (size_t) l;
|
||||||
|
|
||||||
|
p->fd = fd;
|
||||||
p->family = sa.sa.sa_family;
|
p->family = sa.sa.sa_family;
|
||||||
p->ipproto = IPPROTO_UDP;
|
p->ipproto = IPPROTO_UDP;
|
||||||
if (p->family == AF_INET) {
|
if (p->family == AF_INET) {
|
||||||
|
|
|
@ -15,10 +15,10 @@
|
||||||
|
|
||||||
typedef struct Manager Manager;
|
typedef struct Manager Manager;
|
||||||
|
|
||||||
|
#include "resolved-conf.h"
|
||||||
#include "resolved-dns-query.h"
|
#include "resolved-dns-query.h"
|
||||||
#include "resolved-dns-search-domain.h"
|
#include "resolved-dns-search-domain.h"
|
||||||
#include "resolved-dns-stream.h"
|
#include "resolved-dns-stream.h"
|
||||||
#include "resolved-dns-stub.h"
|
|
||||||
#include "resolved-dns-trust-anchor.h"
|
#include "resolved-dns-trust-anchor.h"
|
||||||
#include "resolved-link.h"
|
#include "resolved-link.h"
|
||||||
|
|
||||||
|
@ -31,6 +31,17 @@ typedef struct EtcHosts {
|
||||||
Set *no_address;
|
Set *no_address;
|
||||||
} EtcHosts;
|
} EtcHosts;
|
||||||
|
|
||||||
|
typedef struct DNSStubListenerExtra {
|
||||||
|
DnsStubListenerMode mode;
|
||||||
|
|
||||||
|
int family;
|
||||||
|
union in_addr_union address;
|
||||||
|
uint16_t port;
|
||||||
|
|
||||||
|
sd_event_source *udp_event_source;
|
||||||
|
sd_event_source *tcp_event_source;
|
||||||
|
} DNSStubListenerExtra;
|
||||||
|
|
||||||
struct Manager {
|
struct Manager {
|
||||||
sd_event *event;
|
sd_event *event;
|
||||||
|
|
||||||
|
|
|
@ -943,7 +943,7 @@ int config_parse_channel(const char *unit,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (k < 1) {
|
if (k < 1) {
|
||||||
log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid %s value, ignoring: %s", lvalue, rvalue);
|
log_syntax(unit, LOG_ERR, filename, line, -EINVAL, "Invalid %s value, ignoring: %s", lvalue, rvalue);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -212,15 +212,13 @@ int pkcs11_token_login(
|
||||||
"Failed to log into security token '%s': %s", token_label, p11_kit_strerror(rv));
|
"Failed to log into security token '%s': %s", token_label, p11_kit_strerror(rv));
|
||||||
|
|
||||||
log_info("Successfully logged into security token '%s' via protected authentication path.", token_label);
|
log_info("Successfully logged into security token '%s' via protected authentication path.", token_label);
|
||||||
if (ret_used_pin)
|
*ret_used_pin = NULL;
|
||||||
*ret_used_pin = NULL;
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!FLAGS_SET(token_info->flags, CKF_LOGIN_REQUIRED)) {
|
if (!FLAGS_SET(token_info->flags, CKF_LOGIN_REQUIRED)) {
|
||||||
log_info("No login into security token '%s' required.", token_label);
|
log_info("No login into security token '%s' required.", token_label);
|
||||||
if (ret_used_pin)
|
*ret_used_pin = NULL;
|
||||||
*ret_used_pin = NULL;
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue