diff options
| author | Beniamino Galvani <bgalvani@redhat.com> | 2018-01-12 13:43:51 +0100 |
|---|---|---|
| committer | Beniamino Galvani <bgalvani@redhat.com> | 2018-01-12 13:43:51 +0100 |
| commit | b2f306ac3d84283fdebb225079f354afb8c2a752 (patch) | |
| tree | 3cc31444c3acbe5c6b9ef2799b1f3d9d3c8ff1fc | |
| parent | d3dfadf6393461125043219e99a1ce0b0695ea45 (diff) | |
| parent | e91f1a7d2a6b8400b6b331d5b72287dcb5164a39 (diff) | |
| download | NetworkManager-b2f306ac3d84283fdebb225079f354afb8c2a752.tar.gz | |
dns: merge branch 'bg/dns-domains-pt1-bgo746422'
https://bugzilla.gnome.org/show_bug.cgi?id=746422
| -rw-r--r-- | clients/common/settings-docs.h.in | 4 | ||||
| -rw-r--r-- | libnm-core/nm-setting-ip-config.c | 5 | ||||
| -rw-r--r-- | src/dns/nm-dns-dnsmasq.c | 8 | ||||
| -rw-r--r-- | src/dns/nm-dns-manager.c | 109 | ||||
| -rw-r--r-- | src/dns/nm-dns-systemd-resolved.c | 58 | ||||
| -rw-r--r-- | src/nm-core-utils.c | 15 | ||||
| -rw-r--r-- | src/nm-core-utils.h | 2 |
7 files changed, 117 insertions, 84 deletions
diff --git a/clients/common/settings-docs.h.in b/clients/common/settings-docs.h.in index 1f3a1a62be..5da6423c66 100644 --- a/clients/common/settings-docs.h.in +++ b/clients/common/settings-docs.h.in @@ -218,7 +218,7 @@ #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DNS N_("Array of IP addresses of DNS servers.") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DNS_OPTIONS N_("Array of DNS options as described in man 5 resolv.conf. NULL means that the options are unset and left at the default. In this case NetworkManager will use default options. This is distinct from an empty list of properties.") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DNS_PRIORITY N_("Intra-connection DNS priority. The relative priority to be used when determining the order of DNS servers in resolv.conf. A lower value means that servers will be on top of the file. Zero selects the default value, which is 50 for VPNs and 100 for other connections. Note that the priority is to order DNS settings for multiple active connections. It does not disambiguate multiple DNS servers within the same connection profile. For that, just specify the DNS servers in the desired order. When multiple devices have configurations with the same priority, the one with an active default route will be preferred. Note that when using dns=dnsmasq the order is meaningless since dnsmasq forwards queries to all known servers at the same time. Negative values have the special effect of excluding other configurations with a greater priority value; so in presence of at least a negative priority, only DNS servers from connections with the lowest priority value will be used.") -#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DNS_SEARCH N_("Array of DNS search domains.") +#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DNS_SEARCH N_("Array of DNS search domains. Domains starting with a tilde ('~') are considered 'routing' domains and are used only to decide the interface over which a query must be forwarded; they are not used to complete unqualified host names.") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_GATEWAY N_("The gateway associated with this configuration. This is only meaningful if \"addresses\" is also set.") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_IGNORE_AUTO_DNS N_("When \"method\" is set to \"auto\" and this property to TRUE, automatically configured nameservers and search domains are ignored and only nameservers and search domains specified in the \"dns\" and \"dns-search\" properties, if any, are used.") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_IGNORE_AUTO_ROUTES N_("When \"method\" is set to \"auto\" and this property to TRUE, automatically configured routes are ignored and only routes specified in the \"routes\" property, if any, are used.") @@ -238,7 +238,7 @@ #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DNS N_("Array of IP addresses of DNS servers.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DNS_OPTIONS N_("Array of DNS options as described in man 5 resolv.conf. NULL means that the options are unset and left at the default. In this case NetworkManager will use default options. This is distinct from an empty list of properties.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DNS_PRIORITY N_("Intra-connection DNS priority. The relative priority to be used when determining the order of DNS servers in resolv.conf. A lower value means that servers will be on top of the file. Zero selects the default value, which is 50 for VPNs and 100 for other connections. Note that the priority is to order DNS settings for multiple active connections. It does not disambiguate multiple DNS servers within the same connection profile. For that, just specify the DNS servers in the desired order. When multiple devices have configurations with the same priority, the one with an active default route will be preferred. Note that when using dns=dnsmasq the order is meaningless since dnsmasq forwards queries to all known servers at the same time. Negative values have the special effect of excluding other configurations with a greater priority value; so in presence of at least a negative priority, only DNS servers from connections with the lowest priority value will be used.") -#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DNS_SEARCH N_("Array of DNS search domains.") +#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DNS_SEARCH N_("Array of DNS search domains. Domains starting with a tilde ('~') are considered 'routing' domains and are used only to decide the interface over which a query must be forwarded; they are not used to complete unqualified host names.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_GATEWAY N_("The gateway associated with this configuration. This is only meaningful if \"addresses\" is also set.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_IGNORE_AUTO_DNS N_("When \"method\" is set to \"auto\" and this property to TRUE, automatically configured nameservers and search domains are ignored and only nameservers and search domains specified in the \"dns\" and \"dns-search\" properties, if any, are used.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_IGNORE_AUTO_ROUTES N_("When \"method\" is set to \"auto\" and this property to TRUE, automatically configured routes are ignored and only routes specified in the \"routes\" property, if any, are used.") diff --git a/libnm-core/nm-setting-ip-config.c b/libnm-core/nm-setting-ip-config.c index 888ec7559d..45539becb8 100644 --- a/libnm-core/nm-setting-ip-config.c +++ b/libnm-core/nm-setting-ip-config.c @@ -2930,7 +2930,10 @@ nm_setting_ip_config_class_init (NMSettingIPConfigClass *setting_class) /** * NMSettingIPConfig:dns-search: * - * Array of DNS search domains. + * Array of DNS search domains. Domains starting with a tilde ('~') + * are considered 'routing' domains and are used only to decide the + * interface over which a query must be forwarded; they are not used + * to complete unqualified host names. **/ g_object_class_install_property (object_class, PROP_DNS_SEARCH, diff --git a/src/dns/nm-dns-dnsmasq.c b/src/dns/nm-dns-dnsmasq.c index c18aaba0da..9719020c33 100644 --- a/src/dns/nm-dns-dnsmasq.c +++ b/src/dns/nm-dns-dnsmasq.c @@ -219,7 +219,7 @@ add_ip_config (NMDnsDnsmasq *self, char ip_addr_to_string_buf[IP_ADDR_TO_STRING_BUFLEN]; char **domains, **iter; gboolean iface_resolved = FALSE; - const char *iface = NULL; + const char *iface = NULL, *domain; addr_family = nm_ip_config_get_addr_family (ip_config); g_return_if_fail (NM_IN_SET (addr_family, AF_INET, AF_INET6)); @@ -247,21 +247,23 @@ add_ip_config (NMDnsDnsmasq *self, /* searches are preferred over domains */ n = nm_ip_config_get_num_searches (ip_config); for (i = 0; i < n; i++) { + domain = nm_utils_parse_dns_domain (nm_ip_config_get_search (ip_config, i), NULL); add_dnsmasq_nameserver (self, servers, ip_addr_to_string_buf, - nm_ip_config_get_search (ip_config, i)); + domain); added = TRUE; } if (n == 0) { /* If not searches, use any domains */ n = nm_ip_config_get_num_domains (ip_config); + domain = nm_utils_parse_dns_domain (nm_ip_config_get_domain (ip_config, i), NULL); for (i = 0; i < n; i++) { add_dnsmasq_nameserver (self, servers, ip_addr_to_string_buf, - nm_ip_config_get_domain (ip_config, i)); + domain); added = TRUE; } } diff --git a/src/dns/nm-dns-manager.c b/src/dns/nm-dns-manager.c index 0e9d0903fd..e5d83cdc05 100644 --- a/src/dns/nm-dns-manager.c +++ b/src/dns/nm-dns-manager.c @@ -180,7 +180,7 @@ static void _ip_config_dns_priority_changed (gpointer config, /*****************************************************************************/ static gboolean -domain_is_valid (const gchar *domain, gboolean check_public_suffix) +domain_is_valid (const char *domain, gboolean check_public_suffix) { if (*domain == '\0') return FALSE; @@ -191,6 +191,12 @@ domain_is_valid (const gchar *domain, gboolean check_public_suffix) return TRUE; } +static gboolean +domain_is_routing (const char *domain) +{ + return domain[0] == '~'; +} + /*****************************************************************************/ NM_UTILS_LOOKUP_STR_DEFINE_STATIC (_rc_manager_to_string, NMDnsManagerResolvConfManager, @@ -350,7 +356,7 @@ _ip_config_lst_head (NMDnsManager *self) /*****************************************************************************/ static void -add_string_item (GPtrArray *array, const char *str) +add_string_item (GPtrArray *array, const char *str, gboolean dup) { int i; @@ -366,7 +372,7 @@ add_string_item (GPtrArray *array, const char *str) } /* No dupes, add the new item */ - g_ptr_array_add (array, g_strdup (str)); + g_ptr_array_add (array, dup ? g_strdup (str): (gpointer) str); } static void @@ -377,14 +383,43 @@ add_dns_option_item (GPtrArray *array, const char *str) } static void +add_dns_domains (GPtrArray *array, const NMIPConfig *ip_config, + gboolean include_routing, gboolean dup) +{ + guint num_domains, num_searches, i; + const char *str; + + num_domains = nm_ip_config_get_num_domains (ip_config); + num_searches = nm_ip_config_get_num_searches (ip_config); + + for (i = 0; i < num_searches; i++) { + str = nm_ip_config_get_search (ip_config, i); + if (!include_routing && domain_is_routing (str)) + continue; + if (!domain_is_valid (nm_utils_parse_dns_domain (str, NULL), FALSE)) + continue; + add_string_item (array, str, dup); + } + if (num_domains > 1 || !num_searches) { + for (i = 0; i < num_domains; i++) { + str = nm_ip_config_get_domain (ip_config, i); + if (!include_routing && domain_is_routing (str)) + continue; + if (!domain_is_valid (nm_utils_parse_dns_domain (str, NULL), FALSE)) + continue; + add_string_item (array, str, dup); + } + } +} + +static void merge_one_ip_config (NMResolvConfData *rc, int ifindex, const NMIPConfig *ip_config) { int addr_family; - guint num, num_domains, num_searches, i; + guint num, i; char buf[NM_UTILS_INET_ADDRSTRLEN + 50]; - const char *str; addr_family = nm_ip_config_get_addr_family (ip_config); @@ -414,23 +449,10 @@ merge_one_ip_config (NMResolvConfData *rc, } } - add_string_item (rc->nameservers, buf); + add_string_item (rc->nameservers, buf, TRUE); } - num_domains = nm_ip_config_get_num_domains (ip_config); - num_searches = nm_ip_config_get_num_searches (ip_config); - for (i = 0; i < num_searches; i++) { - str = nm_ip_config_get_search (ip_config, i); - if (domain_is_valid (str, FALSE)) - add_string_item (rc->searches, str); - } - if (num_domains > 1 || !num_searches) { - for (i = 0; i < num_domains; i++) { - str = nm_ip_config_get_domain (ip_config, i); - if (domain_is_valid (str, FALSE)) - add_string_item (rc->searches, str); - } - } + add_dns_domains (rc->searches, ip_config, FALSE, TRUE); num = nm_ip_config_get_num_dns_options (ip_config); for (i = 0; i < num; i++) { @@ -445,7 +467,8 @@ merge_one_ip_config (NMResolvConfData *rc, num = nm_ip4_config_get_num_nis_servers (ip4_config); for (i = 0; i < num; i++) { add_string_item (rc->nis_servers, - nm_utils_inet4_ntop (nm_ip4_config_get_nis_server (ip4_config, i), buf)); + nm_utils_inet4_ntop (nm_ip4_config_get_nis_server (ip4_config, i), buf), + TRUE); } if (nm_ip4_config_get_nis_domain (ip4_config)) { @@ -957,18 +980,21 @@ merge_global_dns_config (NMResolvConfData *rc, NMGlobalDnsConfig *global_conf) options = nm_global_dns_config_get_options (global_conf); for (i = 0; searches && searches[i]; i++) { - if (domain_is_valid (searches[i], FALSE)) - add_string_item (rc->searches, searches[i]); + if (domain_is_routing (searches[i])) + continue; + if (!domain_is_valid (searches[i], FALSE)) + continue; + add_string_item (rc->searches, searches[i], TRUE); } for (i = 0; options && options[i]; i++) - add_string_item (rc->options, options[i]); + add_string_item (rc->options, options[i], TRUE); default_domain = nm_global_dns_config_lookup_domain (global_conf, "*"); g_assert (default_domain); servers = nm_global_dns_domain_get_servers (default_domain); for (i = 0; servers && servers[i]; i++) - add_string_item (rc->nameservers, servers[i]); + add_string_item (rc->nameservers, servers[i], TRUE); return TRUE; } @@ -1081,9 +1107,9 @@ _collect_resolv_conf_data (NMDnsManager *self, && !nm_utils_ipaddr_valid (AF_UNSPEC, priv->hostname)) { hostdomain++; if (domain_is_valid (hostdomain, TRUE)) - add_string_item (rc.searches, hostdomain); + add_string_item (rc.searches, hostdomain, TRUE); else if (domain_is_valid (priv->hostname, TRUE)) - add_string_item (rc.searches, priv->hostname); + add_string_item (rc.searches, priv->hostname, TRUE); } } @@ -1892,6 +1918,7 @@ _get_config_variant (NMDnsManager *self) GVariantBuilder builder; NMDnsIPConfigData *ip_data; const CList *head; + gs_unref_ptrarray GPtrArray *array_domains = NULL; if (priv->config_variant) return priv->config_variant; @@ -1934,18 +1961,28 @@ _get_config_variant (NMDnsManager *self) "nameservers", g_variant_builder_end (&strv_builder)); + num = nm_ip_config_get_num_domains (ip_config); + num += nm_ip_config_get_num_searches (ip_config); if (num > 0) { - g_variant_builder_init (&strv_builder, G_VARIANT_TYPE ("as")); - for (i = 0; i < num; i++) { - g_variant_builder_add (&strv_builder, - "s", - nm_ip_config_get_domain (ip_config, i)); + if (!array_domains) + array_domains = g_ptr_array_sized_new (num); + else + g_ptr_array_set_size (array_domains, 0); + + add_dns_domains (array_domains, ip_config, TRUE, FALSE); + if (array_domains->len) { + g_variant_builder_init (&strv_builder, G_VARIANT_TYPE ("as")); + for (i = 0; i < array_domains->len; i++) { + g_variant_builder_add (&strv_builder, + "s", + array_domains->pdata[i]); + } + g_variant_builder_add (&entry_builder, + "{sv}", + "domains", + g_variant_builder_end (&strv_builder)); } - g_variant_builder_add (&entry_builder, - "{sv}", - "domains", - g_variant_builder_end (&strv_builder)); } ifname = nm_platform_link_get_name (NM_PLATFORM_GET, ip_data->data->ifindex); diff --git a/src/dns/nm-dns-systemd-resolved.c b/src/dns/nm-dns-systemd-resolved.c index 7625bcaede..a6035fa4b1 100644 --- a/src/dns/nm-dns-systemd-resolved.c +++ b/src/dns/nm-dns-systemd-resolved.c @@ -139,72 +139,46 @@ static void update_add_ip_config (NMDnsSystemdResolved *self, GVariantBuilder *dns, GVariantBuilder *domains, - gpointer config) + NMIPConfig *config) { int addr_family; gsize addr_size; guint i, n; - gboolean route_only; - - if (NM_IS_IP4_CONFIG (config)) - addr_family = AF_INET; - else if (NM_IS_IP6_CONFIG (config)) - addr_family = AF_INET6; - else - g_return_if_reached (); + gboolean is_routing; + const char *domain; + addr_family = nm_ip_config_get_addr_family (config); addr_size = nm_utils_addr_family_to_size (addr_family); - n = addr_family == AF_INET - ? nm_ip4_config_get_num_nameservers (config) - : nm_ip6_config_get_num_nameservers (config); + n = nm_ip_config_get_num_nameservers (config); for (i = 0 ; i < n; i++) { - in_addr_t ns4; - gconstpointer ns; - - if (addr_family == AF_INET) { - ns4 = nm_ip4_config_get_nameserver (config, i); - ns = &ns4; - } else - ns = nm_ip6_config_get_nameserver (config, i); - g_variant_builder_open (dns, G_VARIANT_TYPE ("(iay)")); g_variant_builder_add (dns, "i", addr_family); g_variant_builder_add_value (dns, g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, - ns, + nm_ip_config_get_nameserver (config, i), addr_size, 1)); g_variant_builder_close (dns); } - /* If this link is never the default (e.g. only used for resources on this - * network) add a routing domain. */ - route_only = addr_family == AF_INET - ? !nm_ip4_config_best_default_route_get (config) - : !nm_ip6_config_best_default_route_get (config); - - n = addr_family == AF_INET - ? nm_ip4_config_get_num_searches (config) - : nm_ip6_config_get_num_searches (config); + n = nm_ip_config_get_num_searches (config); if (n > 0) { for (i = 0; i < n; i++) { + domain = nm_utils_parse_dns_domain (nm_ip_config_get_search (config, i), + &is_routing); g_variant_builder_add (domains, "(sb)", - addr_family == AF_INET - ? nm_ip4_config_get_search (config, i) - : nm_ip6_config_get_search (config, i), - route_only); + domain, + is_routing); } } else { - n = addr_family == AF_INET - ? nm_ip4_config_get_num_domains (config) - : nm_ip6_config_get_num_domains (config); + n = nm_ip_config_get_num_domains (config); for (i = 0; i < n; i++) { + domain = nm_utils_parse_dns_domain (nm_ip_config_get_domain (config, i), + &is_routing); g_variant_builder_add (domains, "(sb)", - addr_family == AF_INET - ? nm_ip4_config_get_domain (config, i) - : nm_ip6_config_get_domain (config, i), - route_only); + domain, + is_routing); } } } diff --git a/src/nm-core-utils.c b/src/nm-core-utils.c index 197fa49ba9..2cb34de7a2 100644 --- a/src/nm-core-utils.c +++ b/src/nm-core-utils.c @@ -4329,6 +4329,21 @@ nm_utils_format_con_diff_for_audit (GHashTable *diff) return g_string_free (str, FALSE); } +const char * +nm_utils_parse_dns_domain (const char *domain, gboolean *is_routing) +{ + g_return_val_if_fail (domain, NULL); + g_return_val_if_fail (domain[0], NULL); + + if (domain[0] == '~') { + domain++; + NM_SET_OUT (is_routing, TRUE); + } else + NM_SET_OUT (is_routing, FALSE); + + return domain; +} + /*****************************************************************************/ NM_UTILS_ENUM2STR_DEFINE (nm_icmpv6_router_pref_to_string, NMIcmpv6RouterPref, diff --git a/src/nm-core-utils.h b/src/nm-core-utils.h index 7078153e99..2f6585e717 100644 --- a/src/nm-core-utils.h +++ b/src/nm-core-utils.h @@ -448,4 +448,6 @@ const char *nm_activation_type_to_string (NMActivationType activation_type); /*****************************************************************************/ +const char *nm_utils_parse_dns_domain (const char *domain, gboolean *is_routing); + #endif /* __NM_CORE_UTILS_H__ */ |