chiark / gitweb /
~ianmdlvl / elogind.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
resolved: fix typo in sd_notify() call
[elogind.git] / src / resolve / resolved-manager.c
diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c
index a93f4a597f76734e5f82c60fc8b52b21f9009cb4..c4a5b08773995b26b7c123f66f40fc703b52f6e5 100644 (file)
--- a/src/resolve/resolved-manager.c
+++ b/src/resolve/resolved-manager.c
@@ -34,6 +34,7 @@
 #include "socket-util.h"
 #include "af-list.h"
 #include "utf8.h"
+#include "fileio-label.h"
 
 #include "resolved-dns-domain.h"
 #include "resolved-conf.h"
@@ -426,30 +427,33 @@ static int manager_llmnr_start(Manager *m) {
         if (r < 0)
                 return r;
 
-        r = manager_llmnr_ipv6_udp_fd(m);
-        if (r == -EADDRINUSE)
-                goto eaddrinuse;
-        if (r < 0)
-                return r;
-
         r = manager_llmnr_ipv4_tcp_fd(m);
         if (r == -EADDRINUSE)
                 goto eaddrinuse;
         if (r < 0)
                 return r;
 
-        r = manager_llmnr_ipv6_tcp_fd(m);
-        if (r == -EADDRINUSE)
-                goto eaddrinuse;
-        if (r < 0)
-                return r;
+        if (socket_ipv6_is_supported()) {
+                r = manager_llmnr_ipv6_udp_fd(m);
+                if (r == -EADDRINUSE)
+                        goto eaddrinuse;
+                if (r < 0)
+                        return r;
+
+                r = manager_llmnr_ipv6_tcp_fd(m);
+                if (r == -EADDRINUSE)
+                        goto eaddrinuse;
+                if (r < 0)
+                        return r;
+        }
 
         return 0;
 
 eaddrinuse:
-        log_warning("There appears to be another LLMNR respondering running. Turning off LLMNR support.");
+        log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
         m->llmnr_support = SUPPORT_NO;
         manager_llmnr_stop(m);
+
         return 0;
 }
 
@@ -536,10 +540,8 @@ Manager *manager_free(Manager *m) {
 
         dns_scope_free(m->unicast_scope);
 
-        while (m->dns_servers)
-                dns_server_free(m->dns_servers);
-        while (m->fallback_dns_servers)
-                dns_server_free(m->fallback_dns_servers);
+        manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
+        manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
 
         hashmap_free(m->links);
         hashmap_free(m->dns_transactions);
@@ -554,6 +556,7 @@ Manager *manager_free(Manager *m) {
 
         manager_llmnr_stop(m);
 
+        sd_bus_slot_unref(m->prepare_for_sleep_slot);
         sd_event_source_unref(m->bus_retry_event_source);
         sd_bus_unref(m->bus);
 
@@ -675,7 +678,7 @@ clear:
         return r;
 }
 
-static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
+static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
         _cleanup_free_ char *t  = NULL;
         int r;
 
@@ -690,17 +693,72 @@ static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
         }
 
         if (*count == MAXNS)
-                fputs("# Too many DNS servers configured, the following entries may be ignored\n", f);
+                fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
 
         fprintf(f, "nameserver %s\n", t);
         (*count) ++;
 }
 
+static void write_resolv_conf_search(const char *domain, FILE *f,
+                                     unsigned *count, unsigned *length) {
+        assert(domain);
+        assert(f);
+        assert(length);
+
+        if (*count >= MAXDNSRCH ||
+            *length + strlen(domain) > 256) {
+                if (*count == MAXDNSRCH)
+                        fputs(" # Too many search domains configured, remaining ones ignored.", f);
+                if (*length <= 256)
+                        fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
+
+                return;
+        }
+
+        fprintf(f, " %s", domain);
+
+        (*length) += strlen(domain);
+        (*count) ++;
+}
+
+static int write_resolv_conf_contents(FILE *f, Set *dns, Set *domains) {
+        Iterator i;
+
+        fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
+              "# Third party programs must not access this file directly, but\n"
+              "# only through the symlink at /etc/resolv.conf. To manage\n"
+              "# resolv.conf(5) in a different way, replace the symlink by a\n"
+              "# static file or a different symlink.\n\n", f);
+
+        if (set_isempty(dns))
+                fputs("# No DNS servers known.\n", f);
+        else {
+                DnsServer *s;
+                unsigned count = 0;
+
+                SET_FOREACH(s, dns, i)
+                        write_resolv_conf_server(s, f, &count);
+        }
+
+        if (!set_isempty(domains)) {
+                unsigned length = 0, count = 0;
+                char *domain;
+
+                fputs("search", f);
+                SET_FOREACH(domain, domains, i)
+                        write_resolv_conf_search(domain, f, &count, &length);
+                fputs("\n", f);
+        }
+
+        return fflush_and_check(f);
+}
+
+
 int manager_write_resolv_conf(Manager *m) {
         static const char path[] = "/run/systemd/resolve/resolv.conf";
         _cleanup_free_ char *temp_path = NULL;
         _cleanup_fclose_ FILE *f = NULL;
-        unsigned count = 0;
+        _cleanup_set_free_ Set *dns = NULL, *domains = NULL;
         DnsServer *s;
         Iterator i;
         Link *l;
@@ -711,31 +769,66 @@ int manager_write_resolv_conf(Manager *m) {
         /* Read the system /etc/resolv.conf first */
         manager_read_resolv_conf(m);
 
-        r = fopen_temporary(path, &f, &temp_path);
-        if (r < 0)
-                return r;
+        /* Add the full list to a set, to filter out duplicates */
+        dns = set_new(&dns_server_hash_ops);
+        if (!dns)
+                return -ENOMEM;
 
-        fchmod(fileno(f), 0644);
+        domains = set_new(&dns_name_hash_ops);
+        if (!domains)
+                return -ENOMEM;
 
-        fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
-              "# Third party programs must not access this file directly, but\n"
-              "# only through the symlink at /etc/resolv.conf. To manage\n"
-              "# resolv.conf(5) in a different way, replace the symlink by a\n"
-              "# static file or a different symlink.\n\n", f);
+        /* First add the system-wide servers */
+        LIST_FOREACH(servers, s, m->dns_servers) {
+                r = set_put(dns, s);
+                if (r == -EEXIST)
+                        continue;
+                if (r < 0)
+                        return r;
+        }
 
-        LIST_FOREACH(servers, s, m->dns_servers)
-                write_resolve_conf_server(s, f, &count);
+        /* Then, add the per-link servers and domains */
+        HASHMAP_FOREACH(l, m->links, i) {
+                char **domain;
 
-        HASHMAP_FOREACH(l, m->links, i)
-                LIST_FOREACH(servers, s, l->dns_servers)
-                        write_resolve_conf_server(s, f, &count);
+                LIST_FOREACH(servers, s, l->dns_servers) {
+                        r = set_put(dns, s);
+                        if (r == -EEXIST)
+                                continue;
+                        if (r < 0)
+                                return r;
+                }
+
+                if (!l->unicast_scope)
+                        continue;
+
+                STRV_FOREACH(domain, l->unicast_scope->domains) {
+                        r = set_put(domains, *domain);
+                        if (r == -EEXIST)
+                                continue;
+                        if (r < 0)
+                                return r;
+                }
+        }
 
-        if (count == 0) {
-                LIST_FOREACH(servers, s, m->fallback_dns_servers)
-                        write_resolve_conf_server(s, f, &count);
+        /* If we found nothing, add the fallback servers */
+        if (set_isempty(dns)) {
+                LIST_FOREACH(servers, s, m->fallback_dns_servers) {
+                        r = set_put(dns, s);
+                        if (r == -EEXIST)
+                                continue;
+                        if (r < 0)
+                                return r;
+                }
         }
 
-        r = fflush_and_check(f);
+        r = fopen_temporary_label(path, path, &f, &temp_path);
+        if (r < 0)
+                return r;
+
+        fchmod(fileno(f), 0644);
+
+        r = write_resolv_conf_contents(f, dns, domains);
         if (r < 0)
                 goto fail;
 
@@ -756,7 +849,7 @@ int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
         _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
         union {
                 struct cmsghdr header; /* For alignment */
-                uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
+                uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
                                + CMSG_SPACE(int) /* ttl/hoplimit */
                                + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
         } control;
@@ -867,7 +960,7 @@ int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
          * device if the packet came from the local host since it
          * avoids the routing table in such a case. Let's unset the
          * interface index in such a case. */
-        if (p->ifindex > 0 && manager_ifindex_is_loopback(m, p->ifindex) != 0)
+        if (p->ifindex == LOOPBACK_IFINDEX)
                 p->ifindex = 0;
 
         /* If we don't know the interface index still, we look for the
@@ -1602,20 +1695,6 @@ fail:
         return r;
 }
 
-int manager_ifindex_is_loopback(Manager *m, int ifindex) {
-        Link *l;
-        assert(m);
-
-        if (ifindex <= 0)
-                return -EINVAL;
-
-        l = hashmap_get(m->links, INT_TO_PTR(ifindex));
-        if (l->flags & IFF_LOOPBACK)
-                return 1;
-
-        return 0;
-}
-
 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
         LinkAddress *a;
 
@@ -1645,7 +1724,7 @@ void manager_refresh_rrs(Manager *m) {
 
 int manager_next_hostname(Manager *m) {
         const char *p;
-        uint64_t u;
+        uint64_t u, a;
         char *h;
 
         assert(m);
@@ -1663,7 +1742,15 @@ int manager_next_hostname(Manager *m) {
         if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
                 u = 1;
 
-        u++;
+        /* Add a random number to the old value. This way we can avoid
+         * that two hosts pick the same hostname, win on IPv4 and lose
+         * on IPv6 (or vice versa), and pick the same hostname
+         * replacement hostname, ad infinitum. We still want the
+         * numbers to go up monotonically, hence we just add a random
+         * value 1..10 */
+
+        random_bytes(&a, sizeof(a));
+        u += 1 + a % 10;
 
         if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
                 return -ENOMEM;
@@ -1722,6 +1809,27 @@ DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
         return NULL;
 }
 
+void manager_verify_all(Manager *m) {
+        DnsScope *s;
+
+        assert(m);
+
+        LIST_FOREACH(scopes, s, m->dns_scopes)
+                dns_zone_verify_all(&s->zone);
+}
+
+void manager_flush_dns_servers(Manager *m, DnsServerType t) {
+        assert(m);
+
+        if (t == DNS_SERVER_SYSTEM)
+                while (m->dns_servers)
+                        dns_server_free(m->dns_servers);
+
+        if (t == DNS_SERVER_FALLBACK)
+                while (m->fallback_dns_servers)
+                        dns_server_free(m->fallback_dns_servers);
+}
+
 static const char* const support_table[_SUPPORT_MAX] = {
         [SUPPORT_NO] = "no",
         [SUPPORT_YES] = "yes",
Unnamed repository; edit this file 'description' to name the repository.