summaryrefslogtreecommitdiff
path: root/src/resolve/resolved-link.c
Commit message (Collapse)AuthorAgeFilesLines
* resolve: refuse mdns scope for ipv4 broadcast addressesRonan Pigott2023-04-051-1/+6
| | | | This query can never be answered, so let's no wait for it to timeout.
* tree-wide: use unlink_and_freep() moreoverLennart Poettering2023-02-231-4/+4
|
* resolve: introduce link_get_llmnr_support() and link_get_mdns_support()Yu Watanabe2022-11-101-20/+29
|
* resolve: drop redundant call of socket_ipv6_is_supported()Yu Watanabe2022-11-101-2/+1
| | | | | As link_relevant() is called with AF_INET6, which returns true only when the link has at least one relevant IPv6 address.
* resolve: enable per-link mDNS setting by defaultYu Watanabe2022-11-041-4/+4
| | | | | | | Otherwise, if the link is not managed by systemd-networkd, mDNS cannot be enabled without calling `resolvectl` explicitly. Fixes #25252.
* resolve: persist DNSOverTLS configuration in state filemsizanoen12022-09-281-0/+9
| | | | | | | | | | Currently, NetworkManager will set DNSOverTLS according to its `connection.dnsovertls` configuration only once during connection, instead of every single restart of systemd-resolved, causing resolved to lose the configuration on restart. Fix this by persisting DNSOverTLS in the runtime state file, which will also make it more consistent with other interface-specific settings.
* sd-network: make sd_network_link_get_dns() or friends return -ENODATAYu Watanabe2022-09-271-1/+1
| | | | To make them consistent with other functions.
* resolve: reallocate DNS scope when DNSSEC and/or DNS-over-TLS settings are ↵Yu Watanabe2022-05-101-10/+2
| | | | | | changed Fixes #23227.
* strv: make iterator in STRV_FOREACH() declaread in the loopYu Watanabe2022-03-191-2/+0
| | | | This also avoids multiple evaluations in STRV_FOREACH_BACKWARDS()
* list: declare iterator of LIST_FOREACH() in the loopYu Watanabe2022-03-191-9/+0
|
* resolve: reduce attempts of reading link fileYu Watanabe2022-01-211-3/+6
| | | | | | | The function `link_relevant()` is called repeatedly in `link_allocate_scopes()`. Let's not read networkd's link file in `link_relevant()`. Closes #22190.
* resolve: use FLAGS_SET() macroYu Watanabe2022-01-211-6/+5
|
* resolve: use netif_has_carrier()Yu Watanabe2022-01-211-3/+2
|
* resolve: drop redundant call of link_allocate_scopes() and link_add_rrs()Yu Watanabe2022-01-211-3/+0
| | | | | | | In `manager_process_link()`, the function `link_update()` is called just after `link_process_rtnl()`, and `link_update()` also calls `link_allocate_scopes()` and `link_add_rrs()`. Hence, the calls in `link_process_rtnl()` are redundant.
* resolve: use log_link_warning_errno() or freinds moreYu Watanabe2022-01-211-25/+31
|
* resolve: add debuging log of interface name changeYu Watanabe2022-01-211-1/+5
|
* resolve: do not re-read settings from networkd if link state file is unmodifiedYu Watanabe2021-12-081-11/+27
| | | | | | If many interface creation/deletion occurs continuously, then resolved becomes easily busy. Let's slightly optimize the event triggered by sd-network.
* port string_hashsum from libgcrypt to openssl^gcryptZbigniew Jędrzejewski-Szmek2021-12-011-2/+2
| | | | | | | | This allows resolved and importd to be built without libgcrypt. Note that we now say either 'cryptographic library' or 'cryptolib'. Co-authored-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
* resolve: do not clear DNS servers or friends on link which is not managed by ↵Yu Watanabe2021-11-151-1/+1
| | | | | | | | | | networkd When networkd detects an unmanaged link, then the state is changed in the following order: pending -> initialized -> unmanaged The "initialized" state was added by bd08ce56156751d58584a44e766ef61340cdae2d.
* resolve: make manager_find_ifindex() or friends return earlierYu Watanabe2021-02-181-0/+6
|
* resolved: let's preferably route reverse lookups for local subnets to ↵Lennart Poettering2021-02-161-1/+4
| | | | | | | | | | | | | | matching interfaces Let's preferably route traffic for reverse lookups to LLMNR/mDNS/DNS on the matching interface if the IP address is in the local subnet. Also, if looking up an IP address of our own host, let's avoid doing LLMNR/mDNS at all. This is useful if "~." is a routing domain to DNS, as it means, local reverse lookups still go to LLMNR/mDNS, too. Fixes: #16243 #10081
* resolved: don't redundantly switch DNS servers because of transaction failuresLennart Poettering2021-02-151-3/+11
| | | | | | | | | | | | When a transaction fails and we decide to switch DNS servers, don#t do so unconditionally. Check if the current DNS server is still the same as when the transaction was initiated. And if not, do not do anything. That should reduce the number of redundant DNS server switches if many parallel transactions fail simultaneously (which is pretty likely if DNSSEC is on). Fixes: #17040
* resolved: rework a few functions to return early on errorZbigniew Jędrzejewski-Szmek2021-02-101-67/+39
| | | | | | | The implementation is a bit ugly because we set the output variable twice. But we were already doing this on error, so this is not significantly worse. Doing this allows us to avoid goto's, and the compiler should be able to figure this out and only set once.
* resolve: link - use hashmap_ensure_putSusant Sahani2021-01-181-6/+2
|
* resolved: properly check per-link NTA listLennart Poettering2020-12-021-0/+23
| | | | | We need to check for parent domains too. We did this correctly for the system-wide NTA list, but not for the per-link one. Let's fix that.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* resolved: use structured initialization everywhereLennart Poettering2020-10-281-4/+6
|
* tree-wide: define iterator inside of the macroZbigniew Jędrzejewski-Szmek2020-09-081-2/+1
|
* resolve: read/save port number and SNI from/into link state fileYu Watanabe2020-07-211-8/+19
|
* resolve: also compare port and SNI in dns_server_find()Yu Watanabe2020-07-211-1/+1
|
* resolve: support port specifier in DNS= settingYu Watanabe2020-07-211-1/+1
|
* resolve: propagate error in link_load_user()Yu Watanabe2020-07-211-1/+3
| | | | Most error path in link_load_user() are ENOMEM. Hence, it is critical.
* basic/set: let set_put_strdup() create the set with string hash opsZbigniew Jędrzejewski-Szmek2020-05-061-1/+1
| | | | | | | | | | | | | | | | | | If we're using a set with _put_strdup(), most of the time we want to use string hash ops on the set, and free the strings when done. This defines the appropriate a new string_hash_ops_free structure to automatically free the keys when removing the set, and makes set_put_strdup() and set_put_strdupv() instantiate the set with those hash ops. hashmap_put_strdup() was already doing something similar. (It is OK to instantiate the set earlier, possibly with a different hash ops structure. set_put_strdup() will then use the existing set. It is also OK to call set_free_free() instead of set_free() on a set with string_hash_ops_free, the effect is the same, we're just overriding the override of the cleanup function.) No functional change intended.
* Implement SNI when using DNS-over-TLSGuilhem Lettron2019-12-041-1/+1
| | | | | | | | | Some DNS providers need SNI to identify client. This can be used by adding #name to a DNS. Example: [Resolve] DNS=192.168.1.1#example.com
* resolved: add strict mode for DNS-over-TLSIwan Timmer2019-06-191-1/+1
| | | | Add strict mode for DNS-over-TLS, which will require TLS support from the server. Closes #10755
* resolve: use bridge or bonding interfaces in degraded-carrier stateYu Watanabe2019-04-261-1/+1
| | | | Fixes #12285.
* resolve: use log_link_*() macroYu Watanabe2019-04-131-9/+10
|
* resolve: rename Link.name -> Link.ifnameYu Watanabe2019-04-131-13/+14
| | | | | | This also changes the type from char[IF_NAMESIZE] to char*. By changing the type, now resolved-link.h can drop the dependency to the header net/if.h.
* Make fopen_temporary and fopen_temporary_label unlockedZbigniew Jędrzejewski-Szmek2019-04-121-2/+0
| | | | | | | | This is partially a refactoring, but also makes many more places use unlocked operations implicitly, i.e. all users of fopen_temporary(). AFAICT, the uses are always for short-lived files which are not shared externally, and are just used within the same context. Locking is not necessary.
* tree-wide: drop several missing_*.h and import relevant headers from kernel-5.0Yu Watanabe2019-04-111-1/+2
|
* resolved: read DNS default route option from networkdLennart Poettering2018-12-211-0/+25
|
* resolved: add an explicit way to configure whether a link is useful as ↵Lennart Poettering2018-12-211-9/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | default route Previously, we'd use a link as "default" route depending on whether there are route-only domains defined on it or not. (If there are, it would not be used as default route, if there aren't it would.) Let's make this explicit and add a link variable controlling this. The variable is not changeable from the outside yet, but subsequent commits are supposed to add that. Note that making this configurable adds a certain amount of redundancy, as there are now two ways to ensure a link does not receive "default" lookup (i.e. DNS queries matching no configured route): 1. By ensuring that at least one other link configures a route on it (for example by add "." to its search list) 2. By setting this new boolean to false. But this is exactly what is intended with this patch: that there is an explicit way to configure on the link itself whether it receives 'default' traffic, rather than require this to be configured on other links. The variable added is a tri-state: if true, the link is suitable for recieving "default" traffic. If false, the link is not suitable for it. If unset (i.e. negative) the original logic of "has this route-only routes" is used, to ensure compatibility with the status quo ante.
* resolved: check dns_over_tls_mode in link_needs_save()Lennart Poettering2018-12-211-1/+2
| | | | This was forgotten when DoT was added.
* util-lib: split out env file parsing code into env-file.cLennart Poettering2018-12-021-0/+1
| | | | | | It's quite complex, let's split this out. No code changes, just some file rearranging.
* util-lib: split out all temporary file related calls into tmpfiles-util.cLennart Poettering2018-12-021-0/+1
| | | | | | | | This splits out a bunch of functions from fileio.c that have to do with temporary files. Simply to make the header files a bit shorter, and to group things more nicely. No code changes, just some rearranging of source files.
* fileio: automatically add NULL sentinel to parse_env_file()Lennart Poettering2018-11-141-2/+1
| | | | Let's modernize things a bit.
* fileio: drop "newline" parameter for env file parsersLennart Poettering2018-11-141-1/+1
| | | | | | | Now that we don't (mis-)use the env file parser to parse kernel command lines there's no need anymore to override the used newline character set. Let's hence drop the argument and just "\n\r" always. This nicely simplifies our code.
* meson: make DNS-over-TLS support optionalYu Watanabe2018-06-201-2/+2
| | | | | This adds dns-over-tls option to meson. If set to 'false', systemd-resolved is not linked with libgnutls.
* tree-wide: remove Lennart's copyright linesLennart Poettering2018-06-141-3/+0
| | | | | | | | | | | These lines are generally out-of-date, incomplete and unnecessary. With SPDX and git repository much more accurate and fine grained information about licensing and authorship is available, hence let's drop the per-file copyright notice. Of course, removing copyright lines of others is problematic, hence this commit only removes my own lines and leaves all others untouched. It might be nicer if sooner or later those could go away too, making git the only and accurate source of authorship information.
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | | | | | | This part of the copyright blurb stems from the GPL use recommendations: https://www.gnu.org/licenses/gpl-howto.en.html The concept appears to originate in times where version control was per file, instead of per tree, and was a way to glue the files together. Ultimately, we nowadays don't live in that world anymore, and this information is entirely useless anyway, as people are very welcome to copy these files into any projects they like, and they shouldn't have to change bits that are part of our copyright header for that. hence, let's just get rid of this old cruft, and shorten our codebase a bit.
View Lorry Controller Status