diff options
author | Lennart Poettering <lennart@poettering.net> | 2020-11-09 18:37:13 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2021-02-15 21:54:53 +0100 |
commit | c78735eb795f1377d8d08bc57401efe742d9ec19 (patch) | |
tree | c654932281e487f2803e48a570450f4e21e8ccb0 | |
parent | bb3443d4f6d4d47a4e318ea9fabc894b30cb151d (diff) | |
download | systemd-c78735eb795f1377d8d08bc57401efe742d9ec19.tar.gz |
resolved: reuse check for link-local IP address lookups
Let's reuse accept_link_local_reverse_lookups() at one more place, where
we check for the list of link local reverase address domains. Since we
don't actually accept the domains here (but rather the opposite, not
accept), let's rename the function a bit more generically with accept_ →
match_.
While we are at it invert the if branches, to make things more easily
understandable: filter out the unwatnted stuff and have the "all good"
state as main codepath.
-rw-r--r-- | src/resolve/resolved-dns-scope.c | 30 |
1 files changed, 13 insertions, 17 deletions
diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c index 1ba435f584..245f9bfce8 100644 --- a/src/resolve/resolved-dns-scope.c +++ b/src/resolve/resolved-dns-scope.c @@ -459,7 +459,7 @@ int dns_scope_socket_tcp(DnsScope *s, int family, const union in_addr_union *add return dns_scope_socket(s, SOCK_STREAM, family, address, server, port, ret_socket_address); } -static DnsScopeMatch accept_link_local_reverse_lookups(const char *domain) { +static DnsScopeMatch match_link_local_reverse_lookups(const char *domain) { assert(domain); if (dns_name_endswith(domain, "254.169.in-addr.arpa") > 0) @@ -568,29 +568,25 @@ DnsScopeMatch dns_scope_good_domain( return DNS_SCOPE_YES_BASE + n_best; } - /* See if this scope is suitable as default route. */ - if (!dns_scope_is_default_route(s)) + /* Exclude link-local IP ranges */ + if (match_link_local_reverse_lookups(domain) >= DNS_SCOPE_YES_BASE || + /* If networks use .local in their private setups, they are supposed to also add .local + * to their search domains, which we already checked above. Otherwise, we consider .local + * specific to mDNS and won't send such queries ordinary DNS servers. */ + dns_name_endswith(domain, "local") > 0) return DNS_SCOPE_NO; - /* Exclude link-local IP ranges */ - if (dns_name_endswith(domain, "254.169.in-addr.arpa") == 0 && - dns_name_endswith(domain, "8.e.f.ip6.arpa") == 0 && - dns_name_endswith(domain, "9.e.f.ip6.arpa") == 0 && - dns_name_endswith(domain, "a.e.f.ip6.arpa") == 0 && - dns_name_endswith(domain, "b.e.f.ip6.arpa") == 0 && - /* If networks use .local in their private setups, they are supposed to also add .local to their search - * domains, which we already checked above. Otherwise, we consider .local specific to mDNS and won't - * send such queries ordinary DNS servers. */ - dns_name_endswith(domain, "local") == 0) - return DNS_SCOPE_MAYBE; + /* If there was no match at all, then see if this scope is suitable as default route. */ + if (!dns_scope_is_default_route(s)) + return DNS_SCOPE_NO; - return DNS_SCOPE_NO; + return DNS_SCOPE_MAYBE; } case DNS_PROTOCOL_MDNS: { DnsScopeMatch m; - m = accept_link_local_reverse_lookups(domain); + m = match_link_local_reverse_lookups(domain); if (m >= 0) return m; @@ -609,7 +605,7 @@ DnsScopeMatch dns_scope_good_domain( case DNS_PROTOCOL_LLMNR: { DnsScopeMatch m; - m = accept_link_local_reverse_lookups(domain); + m = match_link_local_reverse_lookups(domain); if (m >= 0) return m; |