[systemd-commits] 2 commits - Makefile.am src/nss-myhostname src/nss-mymachines src/nss-resolve src/resolve

Lennart Poettering lennart at kemper.freedesktop.org
Fri Aug 1 07:06:45 PDT 2014


 Makefile.am                         |    2 
 src/nss-myhostname/nss-myhostname.c |   10 +
 src/nss-mymachines/nss-mymachines.c |   10 +
 src/nss-resolve/nss-resolve.c       |   15 ++
 src/resolve/resolved-conf.c         |  157 +++++++++++++++++++++++++++++
 src/resolve/resolved-conf.h         |   32 ++++++
 src/resolve/resolved-dns-scope.c    |    2 
 src/resolve/resolved-dns-server.c   |   29 ++++-
 src/resolve/resolved-dns-server.h   |    9 +
 src/resolve/resolved-gperf.gperf    |    6 -
 src/resolve/resolved-link.c         |   50 ++++++---
 src/resolve/resolved-manager.c      |  190 +++++++++++++++---------------------
 src/resolve/resolved.c              |   19 +--
 src/resolve/resolved.conf.in        |    4 
 src/resolve/resolved.h              |   24 +++-
 15 files changed, 408 insertions(+), 151 deletions(-)

New commits:
commit 4e945a6f7971fd7d1f6b2c62ee3afdaff3c95ce4
Author: Lennart Poettering <lennart at poettering.net>
Date:   Fri Aug 1 16:04:12 2014 +0200

    resolved: beef up DNS server configuration logic
    
    We now maintain two lists of DNS servers: system servers and fallback
    servers.
    
    system servers are used in combination with any per-link servers.
    
    fallback servers are only used if there are no system servers or
    per-link servers configured.
    
    The system server list is supposed to be populated from a foreign tool's
    /etc/resolv.conf (not implemented yet).
    
    Also adds a configuration switch for LLMNR, that allows configuring
    whether LLMNR shall be used simply for resolving or also for responding.

diff --git a/Makefile.am b/Makefile.am
index 364e622..fb43b41 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -4735,6 +4735,8 @@ systemd_resolved_SOURCES = \
 	src/resolve/resolved.h \
 	src/resolve/resolved.c \
 	src/resolve/resolved-manager.c \
+	src/resolve/resolved-conf.c \
+	src/resolve/resolved-conf.h \
 	src/resolve/resolved-bus.c \
 	src/resolve/resolved-link.h \
 	src/resolve/resolved-link.c \
diff --git a/src/resolve/resolved-conf.c b/src/resolve/resolved-conf.c
new file mode 100644
index 0000000..0def80e
--- /dev/null
+++ b/src/resolve/resolved-conf.c
@@ -0,0 +1,157 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+  This file is part of systemd.
+
+  Copyright 2014 Tom Gundersen <teg at jklm.no>
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+ ***/
+
+#include "conf-parser.h"
+
+#include "resolved-conf.h"
+
+int manager_parse_dns_server(Manager *m, DnsServerType type, const char *string) {
+        const char *word, *state;
+        size_t length;
+        DnsServer *first;
+        int r;
+
+        assert(m);
+        assert(string);
+
+        first = type == DNS_SERVER_FALLBACK ? m->fallback_dns_servers : m->dns_servers;
+
+        FOREACH_WORD_QUOTED(word, length, string, state) {
+                char buffer[length+1];
+                int family;
+                union in_addr_union addr;
+                bool found = false;
+                DnsServer *s;
+
+                memcpy(buffer, word, length);
+                buffer[length] = 0;
+
+                r = in_addr_from_string_auto(buffer, &family, &addr);
+                if (r < 0) {
+                        log_warning("Ignoring invalid DNS address '%s'", buffer);
+                        continue;
+                }
+
+                /* Filter out duplicates */
+                LIST_FOREACH(servers, s, first)
+                        if (s->family == family && in_addr_equal(family, &s->address, &addr)) {
+                                found = true;
+                                break;
+                        }
+
+                if (found)
+                        continue;
+
+                r = dns_server_new(m, NULL, type, NULL, family, &addr);
+                if (r < 0)
+                        return r;
+        }
+
+        return 0;
+}
+
+int config_parse_dnsv(
+                const char *unit,
+                const char *filename,
+                unsigned line,
+                const char *section,
+                unsigned section_line,
+                const char *lvalue,
+                int ltype,
+                const char *rvalue,
+                void *data,
+                void *userdata) {
+
+        Manager *m = userdata;
+        DnsServer **l;
+        int r;
+
+        assert(filename);
+        assert(lvalue);
+        assert(rvalue);
+        assert(m);
+
+        if (ltype == DNS_SERVER_FALLBACK)
+                l = &m->fallback_dns_servers;
+        else
+                l = &m->dns_servers;
+
+        /* Empty assignment means clear the list */
+        if (isempty(rvalue)) {
+                while (*l)
+                        dns_server_free(*l);
+
+                return 0;
+        }
+
+        r = manager_parse_dns_server(m, ltype, rvalue);
+        if (r < 0) {
+                log_syntax(unit, LOG_ERR, filename, line, -r, "Failed to parse DNS server string '%s'. Ignoring.", rvalue);
+                return 0;
+        }
+
+        return 0;
+}
+
+int config_parse_support(
+                const char *unit,
+                const char *filename,
+                unsigned line,
+                const char *section,
+                unsigned section_line,
+                const char *lvalue,
+                int ltype,
+                const char *rvalue,
+                void *data,
+                void *userdata) {
+
+        Manager *m = userdata;
+        Support support, *v = data;
+        int r;
+
+        assert(filename);
+        assert(lvalue);
+        assert(rvalue);
+        assert(m);
+
+        support = support_from_string(rvalue);
+        if (support < 0) {
+                r = parse_boolean(rvalue);
+                if (r < 0) {
+                        log_syntax(unit, LOG_ERR, filename, line, -r, "Failed to parse support level '%s'. Ignoring.", rvalue);
+                        return 0;
+                }
+
+                support = r ? SUPPORT_YES : SUPPORT_NO;
+        }
+
+        *v = support;
+        return 0;
+}
+
+int manager_parse_config_file(Manager *m) {
+        assert(m);
+
+        return config_parse(NULL, "/etc/systemd/resolved.conf", NULL,
+                            "Resolve\0",
+                            config_item_perf_lookup, resolved_gperf_lookup,
+                            false, false, true, m);
+}
diff --git a/src/resolve/resolved-conf.h b/src/resolve/resolved-conf.h
new file mode 100644
index 0000000..cdd68fe
--- /dev/null
+++ b/src/resolve/resolved-conf.h
@@ -0,0 +1,32 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+#pragma once
+
+/***
+  This file is part of systemd.
+
+  Copyright 2014 Tom Gundersen <teg at jklm.no>
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include "resolved.h"
+
+int manager_parse_dns_server(Manager *m, DnsServerType type, const char *string);
+int manager_parse_config_file(Manager *m);
+
+const struct ConfigPerfItem* resolved_gperf_lookup(const char *key, unsigned length);
+
+int config_parse_dnsv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+int config_parse_support(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c
index 6061761..42a2fc4 100644
--- a/src/resolve/resolved-dns-scope.c
+++ b/src/resolve/resolved-dns-scope.c
@@ -384,7 +384,7 @@ int dns_scope_good_dns_server(DnsScope *s, int family, const union in_addr_union
         if (s->link)
                 return !!link_find_dns_server(s->link,  family, address);
         else
-                return !!manager_find_dns_server(s->manager, family, address);
+                return manager_known_dns_server(s->manager, family, address);
 }
 
 static int dns_scope_make_reply_packet(
diff --git a/src/resolve/resolved-dns-server.c b/src/resolve/resolved-dns-server.c
index 2be81ff..2c41337 100644
--- a/src/resolve/resolved-dns-server.c
+++ b/src/resolve/resolved-dns-server.c
@@ -24,6 +24,7 @@
 int dns_server_new(
                 Manager *m,
                 DnsServer **ret,
+                DnsServerType type,
                 Link *l,
                 int family,
                 const union in_addr_union *in_addr) {
@@ -31,26 +32,40 @@ int dns_server_new(
         DnsServer *s, *tail;
 
         assert(m);
+        assert((type == DNS_SERVER_LINK) == !!l);
         assert(in_addr);
 
         s = new0(DnsServer, 1);
         if (!s)
                 return -ENOMEM;
 
+        s->type = type;
         s->family = family;
         s->address = *in_addr;
 
-        if (l) {
+        if (type == DNS_SERVER_LINK) {
                 LIST_FIND_TAIL(servers, l->dns_servers, tail);
                 LIST_INSERT_AFTER(servers, l->dns_servers, tail, s);
                 s->link = l;
-        } else {
+        } else if (type == DNS_SERVER_SYSTEM) {
                 LIST_FIND_TAIL(servers, m->dns_servers, tail);
                 LIST_INSERT_AFTER(servers, m->dns_servers, tail, s);
-        }
+        } else if (type == DNS_SERVER_FALLBACK) {
+                LIST_FIND_TAIL(servers, m->fallback_dns_servers, tail);
+                LIST_INSERT_AFTER(servers, m->fallback_dns_servers, tail, s);
+        } else
+                assert_not_reached("Unknown server type");
 
         s->manager = m;
 
+        /* A new DNS server that isn't fallback is added and the one
+         * we used so far was a fallback one? Then let's try to pick
+         * the new one */
+        if (type != DNS_SERVER_FALLBACK &&
+            s->manager->current_dns_server &&
+            s->manager->current_dns_server->type == DNS_SERVER_FALLBACK)
+                s->manager->current_dns_server = NULL;
+
         if (ret)
                 *ret = s;
 
@@ -62,10 +77,14 @@ DnsServer* dns_server_free(DnsServer *s)  {
                 return NULL;
 
         if (s->manager) {
-                if (s->link)
+                if (s->type == DNS_SERVER_LINK)
                         LIST_REMOVE(servers, s->link->dns_servers, s);
-                else
+                else if (s->type == DNS_SERVER_SYSTEM)
                         LIST_REMOVE(servers, s->manager->dns_servers, s);
+                else if (s->type == DNS_SERVER_FALLBACK)
+                        LIST_REMOVE(servers, s->manager->fallback_dns_servers, s);
+                else
+                        assert_not_reached("Unknown server type");
         }
 
         if (s->link && s->link->current_dns_server == s)
diff --git a/src/resolve/resolved-dns-server.h b/src/resolve/resolved-dns-server.h
index 574616e..358bbd4 100644
--- a/src/resolve/resolved-dns-server.h
+++ b/src/resolve/resolved-dns-server.h
@@ -30,9 +30,17 @@ typedef enum DnsServerSource DnsServerSource;
 #include "resolved-link.h"
 #include "resolved-dns-server.h"
 
+typedef enum DnsServerType {
+        DNS_SERVER_SYSTEM,
+        DNS_SERVER_FALLBACK,
+        DNS_SERVER_LINK,
+} DnsServerType;
+
 struct DnsServer {
         Manager *manager;
 
+        DnsServerType type;
+
         Link *link;
 
         int family;
@@ -46,6 +54,7 @@ struct DnsServer {
 int dns_server_new(
                 Manager *m,
                 DnsServer **s,
+                DnsServerType type,
                 Link *l,
                 int family,
                 const union in_addr_union *address);
diff --git a/src/resolve/resolved-gperf.gperf b/src/resolve/resolved-gperf.gperf
index 051ccec..8e78fbf 100644
--- a/src/resolve/resolved-gperf.gperf
+++ b/src/resolve/resolved-gperf.gperf
@@ -1,7 +1,7 @@
 %{
 #include <stddef.h>
 #include "conf-parser.h"
-#include "resolved.h"
+#include "resolved-conf.h"
 %}
 struct ConfigPerfItem;
 %null_strings
@@ -14,4 +14,6 @@ struct ConfigPerfItem;
 %struct-type
 %includes
 %%
-Resolve.DNS,                    config_parse_dnsv,     0, 0
+Resolve.DNS,          config_parse_dnsv,    DNS_SERVER_SYSTEM,   0
+Resolve.FallbackDNS,  config_parse_dnsv,    DNS_SERVER_FALLBACK, 0
+Resolve.LLMNR,        config_parse_support, 0,                   offsetof(Manager, llmnr_support)
diff --git a/src/resolve/resolved-link.c b/src/resolve/resolved-link.c
index 5355eab..93ccc04 100644
--- a/src/resolve/resolved-link.c
+++ b/src/resolve/resolved-link.c
@@ -92,7 +92,7 @@ static void link_allocate_scopes(Link *l) {
         } else
                 l->unicast_scope = dns_scope_free(l->unicast_scope);
 
-        if (link_relevant(l, AF_INET) && l->manager->use_llmnr) {
+        if (link_relevant(l, AF_INET) && l->manager->llmnr_support != SUPPORT_NO) {
                 if (!l->llmnr_ipv4_scope) {
                         r = dns_scope_new(l->manager, &l->llmnr_ipv4_scope, l, DNS_PROTOCOL_LLMNR, AF_INET);
                         if (r < 0)
@@ -101,7 +101,7 @@ static void link_allocate_scopes(Link *l) {
         } else
                 l->llmnr_ipv4_scope = dns_scope_free(l->llmnr_ipv4_scope);
 
-        if (link_relevant(l, AF_INET6) && l->manager->use_llmnr) {
+        if (link_relevant(l, AF_INET6) && l->manager->llmnr_support != SUPPORT_NO) {
                 if (!l->llmnr_ipv6_scope) {
                         r = dns_scope_new(l->manager, &l->llmnr_ipv6_scope, l, DNS_PROTOCOL_LLMNR, AF_INET6);
                         if (r < 0)
@@ -169,7 +169,7 @@ static int link_update_dns_servers(Link *l) {
                 if (s)
                         s->marked = false;
                 else {
-                        r = dns_server_new(l->manager, NULL, l, family, &a);
+                        r = dns_server_new(l->manager, NULL, DNS_SERVER_LINK, l, family, &a);
                         if (r < 0)
                                 goto clear;
                 }
@@ -248,11 +248,29 @@ DnsServer* link_find_dns_server(Link *l, int family, const union in_addr_union *
         return NULL;
 }
 
+static DnsServer* link_set_dns_server(Link *l, DnsServer *s) {
+        assert(l);
+
+        if (l->current_dns_server == s)
+                return s;
+
+        if (s) {
+                _cleanup_free_ char *ip = NULL;
+
+                in_addr_to_string(s->family, &s->address, &ip);
+                log_info("Switching to DNS server %s for interface %s.", strna(ip), l->name);
+        } else
+                log_info("No DNS server set for interface %s.", l->name);
+
+        l->current_dns_server = s;
+        return s;
+}
+
 DnsServer *link_get_dns_server(Link *l) {
         assert(l);
 
         if (!l->current_dns_server)
-                l->current_dns_server = l->dns_servers;
+                link_set_dns_server(l, l->dns_servers);
 
         return l->current_dns_server;
 }
@@ -260,23 +278,15 @@ DnsServer *link_get_dns_server(Link *l) {
 void link_next_dns_server(Link *l) {
         assert(l);
 
-        /* Switch to the next DNS server */
-
-        if (!l->current_dns_server) {
-                l->current_dns_server = l->dns_servers;
-                if (l->current_dns_server)
-                        return;
-        }
-
         if (!l->current_dns_server)
                 return;
 
         if (l->current_dns_server->servers_next) {
-                l->current_dns_server = l->current_dns_server->servers_next;
+                link_set_dns_server(l, l->current_dns_server->servers_next);
                 return;
         }
 
-        l->current_dns_server = l->dns_servers;
+        link_set_dns_server(l, l->dns_servers);
 }
 
 int link_address_new(Link *l, LinkAddress **ret, int family, const union in_addr_union *in_addr) {
@@ -337,7 +347,11 @@ void link_address_add_rrs(LinkAddress *a, bool force_remove) {
 
         if (a->family == AF_INET) {
 
-                if (!force_remove && link_address_relevant(a) && a->link->llmnr_ipv4_scope) {
+                if (!force_remove &&
+                    link_address_relevant(a) &&
+                    a->link->llmnr_ipv4_scope &&
+                    a->link->manager->llmnr_support == SUPPORT_YES) {
+
                         if (!a->link->manager->host_ipv4_key) {
                                 a->link->manager->host_ipv4_key = dns_resource_key_new(DNS_CLASS_IN, DNS_TYPE_A, a->link->manager->hostname);
                                 if (!a->link->manager->host_ipv4_key) {
@@ -389,7 +403,11 @@ void link_address_add_rrs(LinkAddress *a, bool force_remove) {
 
         if (a->family == AF_INET6) {
 
-                if (!force_remove && link_address_relevant(a) && a->link->llmnr_ipv6_scope) {
+                if (!force_remove &&
+                    link_address_relevant(a) &&
+                    a->link->llmnr_ipv6_scope &&
+                    a->link->manager->llmnr_support == SUPPORT_YES) {
+
                         if (!a->link->manager->host_ipv6_key) {
                                 a->link->manager->host_ipv6_key = dns_resource_key_new(DNS_CLASS_IN, DNS_TYPE_AAAA, a->link->manager->hostname);
                                 if (!a->link->manager->host_ipv6_key) {
diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c
index 6987c29..ffb356e 100644
--- a/src/resolve/resolved-manager.c
+++ b/src/resolve/resolved-manager.c
@@ -33,8 +33,10 @@
 #include "conf-parser.h"
 #include "socket-util.h"
 #include "af-list.h"
-#include "resolved.h"
 #include "utf8.h"
+
+#include "resolved.h"
+#include "resolved-conf.h"
 #include "resolved-dns-domain.h"
 
 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
@@ -305,87 +307,6 @@ static int manager_network_monitor_listen(Manager *m) {
         return 0;
 }
 
-static int parse_dns_server_string(Manager *m, const char *string) {
-        const char *word, *state;
-        size_t length;
-        int r;
-
-        assert(m);
-        assert(string);
-
-        FOREACH_WORD_QUOTED(word, length, string, state) {
-                char buffer[length+1];
-                int family;
-                union in_addr_union addr;
-
-                memcpy(buffer, word, length);
-                buffer[length] = 0;
-
-                r = in_addr_from_string_auto(buffer, &family, &addr);
-                if (r < 0) {
-                        log_warning("Ignoring invalid DNS address '%s'", buffer);
-                        continue;
-                }
-
-                /* filter out duplicates */
-                if (manager_find_dns_server(m, family, &addr))
-                        continue;
-
-                r = dns_server_new(m, NULL, NULL, family, &addr);
-                if (r < 0)
-                        return r;
-        }
-        /* do not warn about state here, since probably systemd already did */
-
-        return 0;
-}
-
-int config_parse_dnsv(
-                const char *unit,
-                const char *filename,
-                unsigned line,
-                const char *section,
-                unsigned section_line,
-                const char *lvalue,
-                int ltype,
-                const char *rvalue,
-                void *data,
-                void *userdata) {
-
-        Manager *m = userdata;
-        int r;
-
-        assert(filename);
-        assert(lvalue);
-        assert(rvalue);
-        assert(m);
-
-        /* Empty assignment means clear the list */
-        if (isempty(rvalue)) {
-                while (m->dns_servers)
-                        dns_server_free(m->dns_servers);
-
-                return 0;
-        }
-
-        r = parse_dns_server_string(m, rvalue);
-        if (r < 0) {
-                log_error("Failed to parse DNS server string");
-                return r;
-        }
-
-        return 0;
-}
-
-int manager_parse_config_file(Manager *m) {
-        assert(m);
-
-        return config_parse(NULL, "/etc/systemd/resolved.conf", NULL,
-                            "Resolve\0",
-                            config_item_perf_lookup, resolved_gperf_lookup,
-                            false, false, true, m);
-}
-
 static int determine_hostname(char **ret) {
         _cleanup_free_ char *h = NULL, *n = NULL;
         int r;
@@ -487,9 +408,9 @@ int manager_new(Manager **ret) {
         m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
         m->hostname_fd = -1;
 
-        m->use_llmnr = true;
+        m->llmnr_support = SUPPORT_YES;
 
-        r = parse_dns_server_string(m, DNS_SERVERS);
+        r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
         if (r < 0)
                 return r;
 
@@ -560,6 +481,8 @@ Manager *manager_free(Manager *m) {
 
         while (m->dns_servers)
                 dns_server_free(m->dns_servers);
+        while (m->fallback_dns_servers)
+                dns_server_free(m->fallback_dns_servers);
 
         sd_event_source_unref(m->network_event_source);
         sd_network_monitor_unref(m->network_monitor);
@@ -605,8 +528,8 @@ static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
         assert(count);
 
         r = in_addr_to_string(s->family, &s->address, &t);
-       if (r < 0) {
-                log_warning("Invalid DNS address. Ignoring.");
+        if (r < 0) {
+                log_warning("Invalid DNS address. Ignoring: %s", strerror(-r));
                 return;
         }
 
@@ -618,7 +541,7 @@ static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
 }
 
 int manager_write_resolv_conf(Manager *m) {
-        const char *path = "/run/systemd/resolve/resolv.conf";
+        static const char path[] = "/run/systemd/resolve/resolv.conf";
         _cleanup_free_ char *temp_path = NULL;
         _cleanup_fclose_ FILE *f = NULL;
         unsigned count = 0;
@@ -641,12 +564,17 @@ int manager_write_resolv_conf(Manager *m) {
               "# resolv.conf(5) in a different way, replace the symlink by a\n"
               "# static file or a different symlink.\n\n", f);
 
+        LIST_FOREACH(servers, s, m->dns_servers)
+                write_resolve_conf_server(s, f, &count);
+
         HASHMAP_FOREACH(l, m->links, i)
                 LIST_FOREACH(servers, s, l->dns_servers)
                         write_resolve_conf_server(s, f, &count);
 
-        LIST_FOREACH(servers, s, m->dns_servers)
-                write_resolve_conf_server(s, f, &count);
+        if (count == 0) {
+                LIST_FOREACH(servers, s, m->fallback_dns_servers)
+                        write_resolve_conf_server(s, f, &count);
+        }
 
         r = fflush_and_check(f);
         if (r < 0)
@@ -1017,27 +945,65 @@ int manager_send(Manager *m, int fd, int ifindex, int family, const union in_add
         return -EAFNOSUPPORT;
 }
 
-DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
+bool manager_known_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
         DnsServer *s;
 
         assert(m);
         assert(in_addr);
 
-        LIST_FOREACH(servers, s, m->dns_servers) {
+        LIST_FOREACH(servers, s, m->dns_servers)
+                if (s->family == family && in_addr_equal(family, &s->address, in_addr))
+                        return true;
 
-                if (s->family == family &&
-                    in_addr_equal(family, &s->address, in_addr))
-                        return s;
-        }
+        LIST_FOREACH(servers, s, m->fallback_dns_servers)
+                if (s->family == family && in_addr_equal(family, &s->address, in_addr))
+                        return true;
 
-        return NULL;
+        return false;
+}
+
+static DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
+        assert(m);
+
+        if (m->current_dns_server == s)
+                return s;
+
+        if (s) {
+                _cleanup_free_ char *ip = NULL;
+
+                in_addr_to_string(s->family, &s->address, &ip);
+                log_info("Switching to system DNS server %s.", strna(ip));
+        } else
+                log_info("No system DNS server set.");
+
+        m->current_dns_server = s;
+        return s;
 }
 
 DnsServer *manager_get_dns_server(Manager *m) {
+        Link *l;
         assert(m);
 
         if (!m->current_dns_server)
-                m->current_dns_server = m->dns_servers;
+                manager_set_dns_server(m, m->dns_servers);
+
+        if (!m->current_dns_server) {
+                bool found = false;
+                Iterator i;
+
+                /* No DNS servers configured, let's see if there are
+                 * any on any links. If not, we use the fallback
+                 * servers */
+
+                HASHMAP_FOREACH(l, m->links, i)
+                        if (l->dns_servers) {
+                                found = true;
+                                break;
+                        }
+
+                if (!found)
+                        manager_set_dns_server(m, m->fallback_dns_servers);
+        }
 
         return m->current_dns_server;
 }
@@ -1045,20 +1011,23 @@ DnsServer *manager_get_dns_server(Manager *m) {
 void manager_next_dns_server(Manager *m) {
         assert(m);
 
-        if (!m->current_dns_server) {
-                m->current_dns_server = m->dns_servers;
-                return;
-        }
-
+        /* If there's currently no DNS server set, then the next
+         * manager_get_dns_server() will find one */
         if (!m->current_dns_server)
                 return;
 
+        /* Change to the next one */
         if (m->current_dns_server->servers_next) {
-                m->current_dns_server = m->current_dns_server->servers_next;
+                manager_set_dns_server(m, m->current_dns_server->servers_next);
                 return;
         }
 
-        m->current_dns_server = m->dns_servers;
+        /* If there was no next one, then start from the beginning of
+         * the list */
+        if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
+                manager_set_dns_server(m, m->fallback_dns_servers);
+        else
+                manager_set_dns_server(m, m->dns_servers);
 }
 
 uint32_t manager_find_mtu(Manager *m) {
@@ -1494,7 +1463,7 @@ int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_a
 
         assert(m);
 
-        a = manager_find_address(m, family, in_addr);
+        a = manager_find_link_address(m, family, in_addr);
         if (a)
                 return a->link->ifindex;
 
@@ -1551,7 +1520,7 @@ int manager_next_hostname(Manager *m) {
         return 0;
 }
 
-LinkAddress* manager_find_address(Manager *m, int family, const union in_addr_union *in_addr) {
+LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
         Iterator i;
         Link *l;
 
@@ -1572,5 +1541,12 @@ int manager_our_packet(Manager *m, DnsPacket *p) {
         assert(m);
         assert(p);
 
-        return !!manager_find_address(m, p->family, &p->sender);
+        return !!manager_find_link_address(m, p->family, &p->sender);
 }
+
+static const char* const support_table[_SUPPORT_MAX] = {
+        [SUPPORT_NO] = "no",
+        [SUPPORT_YES] = "yes",
+        [SUPPORT_RESOLVE] = "resolve",
+};
+DEFINE_STRING_TABLE_LOOKUP(support, Support);
diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c
index 275f99c..b4d743f 100644
--- a/src/resolve/resolved.c
+++ b/src/resolve/resolved.c
@@ -21,12 +21,12 @@
 
 #include "sd-event.h"
 #include "sd-daemon.h"
-
-#include "resolved.h"
-
 #include "mkdir.h"
 #include "capability.h"
 
+#include "resolved.h"
+#include "resolved-conf.h"
+
 int main(int argc, char *argv[]) {
         _cleanup_(manager_freep) Manager *m = NULL;
         const char *user = "systemd-resolve";
@@ -55,8 +55,7 @@ int main(int argc, char *argv[]) {
         /* Always create the directory where resolv.conf will live */
         r = mkdir_safe_label("/run/systemd/resolve", 0755, uid, gid);
         if (r < 0) {
-                log_error("Could not create runtime directory: %s",
-                          strerror(-r));
+                log_error("Could not create runtime directory: %s", strerror(-r));
                 goto finish;
         }
 
@@ -74,15 +73,13 @@ int main(int argc, char *argv[]) {
 
         r = manager_parse_config_file(m);
         if (r < 0)
-                return r;
+                log_warning("Failed to parse configuration file: %s", strerror(-r));
 
-        /* write finish default resolv.conf to avoid a dangling
+        /* Write finish default resolv.conf to avoid a dangling
          * symlink */
         r = manager_write_resolv_conf(m);
-        if (r < 0) {
-                log_error("Could not create resolv.conf: %s", strerror(-r));
-                goto finish;
-        }
+        if (r < 0)
+                log_warning("Could not create resolv.conf: %s", strerror(-r));
 
         sd_notify(false,
                   "READY=1\n"
diff --git a/src/resolve/resolved.conf.in b/src/resolve/resolved.conf.in
index a239195..c8263d6 100644
--- a/src/resolve/resolved.conf.in
+++ b/src/resolve/resolved.conf.in
@@ -8,4 +8,6 @@
 # See resolved.conf(5) for details
 
 [Resolve]
-#DNS=@DNS_SERVERS@
+#DNS=
+#FallbackDNS=@DNS_SERVERS@
+#LLMNR=yes
diff --git a/src/resolve/resolved.h b/src/resolve/resolved.h
index 34eb7b5..caac61b 100644
--- a/src/resolve/resolved.h
+++ b/src/resolve/resolved.h
@@ -5,7 +5,7 @@
 /***
   This file is part of systemd.
 
-  Copyright 2013 Tom Gundersen <teg at jklm.no>
+  Copyright 2014 Tom Gundersen <teg at jklm.no>
 
   systemd is free software; you can redistribute it and/or modify it
   under the terms of the GNU Lesser General Public License as published by
@@ -36,10 +36,18 @@ typedef struct Manager Manager;
 #include "resolved-dns-scope.h"
 #include "resolved-dns-stream.h"
 
+typedef enum Support {
+        SUPPORT_NO,
+        SUPPORT_YES,
+        SUPPORT_RESOLVE,
+        _SUPPORT_MAX,
+        _SUPPORT_INVALID = -1
+} Support;
+
 struct Manager {
         sd_event *event;
 
-        bool use_llmnr:1;
+        Support llmnr_support;
 
         /* Network */
         Hashmap *links;
@@ -66,6 +74,7 @@ struct Manager {
         sd_event_source *dns_ipv6_event_source;
 
         LIST_HEAD(DnsServer, dns_servers);
+        LIST_HEAD(DnsServer, fallback_dns_servers);
         DnsServer *current_dns_server;
 
         LIST_HEAD(DnsScope, dns_scopes);
@@ -101,10 +110,9 @@ struct Manager {
 int manager_new(Manager **ret);
 Manager* manager_free(Manager *m);
 
-int manager_parse_config_file(Manager *m);
 int manager_write_resolv_conf(Manager *m);
 
-DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr);
+bool manager_known_dns_server(Manager *m, int family, const union in_addr_union *in_addr);
 DnsServer *manager_get_dns_server(Manager *m);
 void manager_next_dns_server(Manager *m);
 
@@ -122,7 +130,7 @@ int manager_llmnr_ipv6_tcp_fd(Manager *m);
 
 int manager_ifindex_is_loopback(Manager *m, int ifindex);
 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr);
-LinkAddress* manager_find_address(Manager *m, int family, const union in_addr_union *in_addr);
+LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr);
 
 void manager_refresh_rrs(Manager *m);
 int manager_next_hostname(Manager *m);
@@ -132,7 +140,7 @@ int manager_connect_bus(Manager *m);
 
 DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free);
 
-const struct ConfigPerfItem* resolved_gperf_lookup(const char *key, unsigned length);
-int config_parse_dnsv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-
 #define EXTRA_CMSG_SPACE 1024
+
+const char* support_to_string(Support p) _const_;
+int support_from_string(const char *s) _pure_;

commit e70df46b9721a3d025e7a0b4ffb5893cbde5e55d
Author: Lennart Poettering <lennart at poettering.net>
Date:   Fri Aug 1 16:01:12 2014 +0200

    nss: always explicitly reset all error variables
    
    glibc appears to be broken if we don't explicitly reset all error
    variables, let's work around that.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1125975

diff --git a/src/nss-myhostname/nss-myhostname.c b/src/nss-myhostname/nss-myhostname.c
index bf1e311..08d70f6 100644
--- a/src/nss-myhostname/nss-myhostname.c
+++ b/src/nss-myhostname/nss-myhostname.c
@@ -165,6 +165,11 @@ enum nss_status _nss_myhostname_gethostbyname4_r(
         if (ttlp)
                 *ttlp = 0;
 
+        /* Explicitly reset all error variables */
+        *errnop = 0;
+        *h_errnop = NETDB_SUCCESS;
+        h_errno = 0;
+
         return NSS_STATUS_SUCCESS;
 }
 
@@ -289,6 +294,11 @@ static enum nss_status fill_in_hostent(
         if (canonp)
                 *canonp = r_name;
 
+        /* Explicitly reset all error variables */
+        *errnop = 0;
+        *h_errnop = NETDB_SUCCESS;
+        h_errno = 0;
+
         return NSS_STATUS_SUCCESS;
 }
 
diff --git a/src/nss-mymachines/nss-mymachines.c b/src/nss-mymachines/nss-mymachines.c
index 985ebb7..cc185b0 100644
--- a/src/nss-mymachines/nss-mymachines.c
+++ b/src/nss-mymachines/nss-mymachines.c
@@ -205,6 +205,11 @@ enum nss_status _nss_mymachines_gethostbyname4_r(
         if (ttlp)
                 *ttlp = 0;
 
+        /* Explicitly reset all error variables */
+        *errnop = 0;
+        *h_errnop = NETDB_SUCCESS;
+        h_errno = 0;
+
         return NSS_STATUS_SUCCESS;
 
 fail:
@@ -365,6 +370,11 @@ enum nss_status _nss_mymachines_gethostbyname3_r(
         if (canonp)
                 *canonp = r_name;
 
+        /* Explicitly reset all error variables */
+        *errnop = 0;
+        *h_errnop = NETDB_SUCCESS;
+        h_errno = 0;
+
         return NSS_STATUS_SUCCESS;
 
 fail:
diff --git a/src/nss-resolve/nss-resolve.c b/src/nss-resolve/nss-resolve.c
index b2cb19a..555800c 100644
--- a/src/nss-resolve/nss-resolve.c
+++ b/src/nss-resolve/nss-resolve.c
@@ -281,6 +281,11 @@ enum nss_status _nss_resolve_gethostbyname4_r(
         if (ttlp)
                 *ttlp = 0;
 
+        /* Explicitly reset all error variables */
+        *errnop = 0;
+        *h_errnop = NETDB_SUCCESS;
+        h_errno = 0;
+
         return NSS_STATUS_SUCCESS;
 
 fail:
@@ -482,6 +487,11 @@ enum nss_status _nss_resolve_gethostbyname3_r(
         result->h_length = alen;
         result->h_addr_list = (char**) r_addr_list;
 
+        /* Explicitly reset all error variables */
+        *errnop = 0;
+        *h_errnop = NETDB_SUCCESS;
+        h_errno = 0;
+
         if (ttlp)
                 *ttlp = 0;
 
@@ -675,6 +685,11 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
         if (ttlp)
                 *ttlp = 0;
 
+        /* Explicitly reset all error variables */
+        *errnop = 0;
+        *h_errnop = NETDB_SUCCESS;
+        h_errno = 0;
+
         return NSS_STATUS_SUCCESS;
 
 fail:



More information about the systemd-commits mailing list