diff options
| author | Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> | 2015-10-29 15:12:32 +0100 |
|---|---|---|
| committer | Lubomir Rintel <lkundrak@v3.sk> | 2015-10-30 10:16:55 +0100 |
| commit | fdf113aa96df9c363a0173268ee48078da66f447 (patch) | |
| tree | ee02c88e8bb5b0edb57ec8565ee81169cf57ba79 | |
| parent | e45ddaabafdaa740544ac42fc8430e4b2dc60cad (diff) | |
| download | NetworkManager-fdf113aa96df9c363a0173268ee48078da66f447.tar.gz | |
Filter DNS servers to add to dnsmasq based on availability and VPN status
| -rw-r--r-- | src/dns-manager/nm-dns-dnsmasq.c | 47 |
1 files changed, 39 insertions, 8 deletions
diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c index 84c2701eb9..4567cd6ab3 100644 --- a/src/dns-manager/nm-dns-dnsmasq.c +++ b/src/dns-manager/nm-dns-dnsmasq.c @@ -311,6 +311,8 @@ update (NMDnsPlugin *plugin, gboolean have_dnsmasq = FALSE; gboolean ret = FALSE; dbus_bool_t result; + gboolean might_default = FALSE; + GSList *vpn_configs_copy; have_dnsmasq = start_dnsmasq (self); if (!have_dnsmasq) @@ -325,20 +327,49 @@ update (NMDnsPlugin *plugin, message = dbus_message_new_method_call (DNSMASQ_DBUS_SERVICE, DNSMASQ_DBUS_PATH, DNSMASQ_DBUS_INTERFACE, "SetServers"); - /* Use split DNS for VPN configs */ - for (iter = (GSList *) vpn_configs; iter; iter = g_slist_next (iter)) { + /* Work on a copy of the vpn_configs list because we might want to remove + * some items from it, yet not affect other DNS plugins that might run + */ + vpn_configs_copy = g_slist_copy (vpn_configs); + + /* Look for a VPN config that is set to get a default route, and if + * there is one, install it *without* splitting into per-domain servers. + */ + for (iter = (GSList *) vpn_configs_copy; iter; iter = g_slist_next (iter)) { if (NM_IS_IP4_CONFIG (iter->data)) - add_ip4_config (message, NM_IP4_CONFIG (iter->data), TRUE); + might_default = !nm_ip4_config_get_never_default (iter->data); else if (NM_IS_IP6_CONFIG (iter->data)) - add_ip6_config (message, NM_IP6_CONFIG (iter->data), TRUE); + might_default = !nm_ip6_config_get_never_default (iter->data); + if (might_default) { + if (NM_IS_IP4_CONFIG (iter->data)) + add_ip4_config (message, NM_IP4_CONFIG (iter->data), FALSE); + else if (NM_IS_IP6_CONFIG (iter->data)) + add_ip6_config (message, NM_IP6_CONFIG (iter->data), FALSE); + vpn_configs_copy = g_slist_remove (vpn_configs_copy, iter->data); + break; + } } - /* Now add interface configs without split DNS */ - for (iter = (GSList *) dev_configs; iter; iter = g_slist_next (iter)) { + /* Use split DNS for remaining VPN configs */ + for (iter = (GSList *) vpn_configs_copy; iter; iter = g_slist_next (iter)) { if (NM_IS_IP4_CONFIG (iter->data)) - add_ip4_config (message, NM_IP4_CONFIG (iter->data), FALSE); + add_ip4_config (message, NM_IP4_CONFIG (iter->data), TRUE); else if (NM_IS_IP6_CONFIG (iter->data)) - add_ip6_config (message, NM_IP6_CONFIG (iter->data), FALSE); + add_ip6_config (message, NM_IP6_CONFIG (iter->data), TRUE); + } + + /* Now add interface configs without split DNS, unless some VPN + * grabs the default route (in which case we should not install them + * at all, since even split DNS may fail, if the local subnet defines + * its domain as being the same domain as what the "default" VPN provides. + */ + if (!might_default) { + for (iter = (GSList *) dev_configs; iter; iter = g_slist_next (iter)) { + if (NM_IS_IP4_CONFIG (iter->data)) + add_ip4_config (message, NM_IP4_CONFIG (iter->data), FALSE); + else if (NM_IS_IP6_CONFIG (iter->data)) + add_ip6_config (message, NM_IP6_CONFIG (iter->data), FALSE); + } } /* And any other random configs */ |