diff options
| -rw-r--r-- | man/NetworkManager.conf.xml | 3 | ||||
| -rw-r--r-- | src/Makefile.am | 2 | ||||
| -rw-r--r-- | src/dns-manager/nm-dns-manager.c | 4 | ||||
| -rw-r--r-- | src/dns-manager/nm-dns-unbound.c | 79 | ||||
| -rw-r--r-- | src/dns-manager/nm-dns-unbound.h | 44 |
5 files changed, 132 insertions, 0 deletions
diff --git a/man/NetworkManager.conf.xml b/man/NetworkManager.conf.xml index afff8ab895..527a1d99a4 100644 --- a/man/NetworkManager.conf.xml +++ b/man/NetworkManager.conf.xml @@ -203,6 +203,9 @@ Copyright (C) 2010 - 2013 Red Hat, Inc. configuration if you are connected to a VPN, and then update <filename>resolv.conf</filename> to point to the local nameserver.</para> + <para><literal>unbound</literal>: NetworkManager will talk + to unbound and dnssec-trigger, providing a "split DNS" + configuration with DNSSEC support.</para> <para><literal>none</literal>: NetworkManager will not modify resolv.conf.</para> </listitem> diff --git a/src/Makefile.am b/src/Makefile.am index f3fcfba98e..63acc3057d 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -106,6 +106,8 @@ nm_sources = \ \ dns-manager/nm-dns-dnsmasq.c \ dns-manager/nm-dns-dnsmasq.h \ + dns-manager/nm-dns-unbound.c \ + dns-manager/nm-dns-unbound.h \ dns-manager/nm-dns-manager.c \ dns-manager/nm-dns-manager.h \ dns-manager/nm-dns-plugin.c \ diff --git a/src/dns-manager/nm-dns-manager.c b/src/dns-manager/nm-dns-manager.c index 659fbec6a8..ac9daa79c8 100644 --- a/src/dns-manager/nm-dns-manager.c +++ b/src/dns-manager/nm-dns-manager.c @@ -45,6 +45,7 @@ #include "nm-dns-plugin.h" #include "nm-dns-dnsmasq.h" +#include "nm-dns-unbound.h" #if HAVE_LIBSOUP #include <libsoup/soup.h> @@ -1122,6 +1123,9 @@ init_resolv_conf_mode (NMDnsManager *self) } else if (!g_strcmp0 (mode, "dnsmasq")) { priv->resolv_conf_mode = NM_DNS_MANAGER_RESOLV_CONF_PROXY; priv->plugin = nm_dns_dnsmasq_new (); + } else if (!g_strcmp0 (mode, "unbound")) { + priv->resolv_conf_mode = NM_DNS_MANAGER_RESOLV_CONF_PROXY; + priv->plugin = nm_dns_unbound_new (); } else { priv->resolv_conf_mode = NM_DNS_MANAGER_RESOLV_CONF_EXPLICIT; if (mode && g_strcmp0 (mode, "default") != 0) diff --git a/src/dns-manager/nm-dns-unbound.c b/src/dns-manager/nm-dns-unbound.c new file mode 100644 index 0000000000..137fd20b09 --- /dev/null +++ b/src/dns-manager/nm-dns-unbound.c @@ -0,0 +1,79 @@ +/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */ +/* + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Copyright (C) 2014 Red Hat, Inc. + * Author: Pavel Šimerda <psimerda@redhat.com> + */ +#include "nm-dns-unbound.h" +#include "NetworkManagerUtils.h" + +G_DEFINE_TYPE (NMDnsUnbound, nm_dns_unbound, NM_TYPE_DNS_PLUGIN) + +/*******************************************/ + +static gboolean +update (NMDnsPlugin *plugin, + const GSList *vpn_configs, + const GSList *dev_configs, + const GSList *other_configs, + const char *hostname) +{ + /* TODO: We currently call a script installed with the dnssec-trigger + * package that queries all information itself. Later, the dependency + * on that package will be optional and the only hard dependency will + * be unbound. + * + * Unbound configuration should be later handled by this plugin directly, + * without calling custom scripts. The dnssec-trigger functionality + * may be eventually merged into NetworkManager. + */ + return nm_spawn_process ("/usr/libexec/dnssec-trigger-script --async --update") == 0; +} + +static gboolean +is_caching (NMDnsPlugin *plugin) +{ + return TRUE; +} + +static const char * +get_name (NMDnsPlugin *plugin) +{ + return "unbound"; +} + +/****************************************************************/ + +NMDnsPlugin * +nm_dns_unbound_new (void) +{ + return g_object_new (NM_TYPE_DNS_UNBOUND, NULL); +} + +static void +nm_dns_unbound_init (NMDnsUnbound *unbound) +{ +} + +static void +nm_dns_unbound_class_init (NMDnsUnboundClass *klass) +{ + NMDnsPluginClass *plugin_class = NM_DNS_PLUGIN_CLASS (klass); + + plugin_class->update = update; + plugin_class->is_caching = is_caching; + plugin_class->get_name = get_name; +} diff --git a/src/dns-manager/nm-dns-unbound.h b/src/dns-manager/nm-dns-unbound.h new file mode 100644 index 0000000000..2aaae7dd4b --- /dev/null +++ b/src/dns-manager/nm-dns-unbound.h @@ -0,0 +1,44 @@ +/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */ +/* This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Copyright (C) 2014 Red Hat, Inc. + */ +#ifndef NM_DNS_UNBOUND_H +#define NM_DNS_UNBOUND_H + +#include <glib-object.h> + +#include "nm-dns-plugin.h" + +#define NM_TYPE_DNS_UNBOUND (nm_dns_unbound_get_type ()) +#define NM_DNS_UNBOUND(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), NM_TYPE_DNS_UNBOUND, NMDnsUnbound)) +#define NM_DNS_UNBOUND_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), NM_TYPE_DNS_UNBOUND, NMDnsUnboundClass)) +#define NM_IS_DNS_UNBOUND(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NM_TYPE_DNS_UNBOUND)) +#define NM_IS_DNS_UNBOUND_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), NM_TYPE_DNS_UNBOUND)) +#define NM_DNS_UNBOUND_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), NM_TYPE_DNS_UNBOUND, NMDnsUnboundClass)) + +typedef struct { + NMDnsPlugin parent; +} NMDnsUnbound; + +typedef struct { + NMDnsPluginClass parent; +} NMDnsUnboundClass; + +GType nm_dns_unbound_get_type (void); + +NMDnsPlugin *nm_dns_unbound_new (void); + +#endif /* NM_DNS_UNBOUND_H */ |