summaryrefslogtreecommitdiff
path: root/src/resolve
Commit message (Collapse)AuthorAgeFilesLines
* conf-parser: Add root argument to config_parse_many()Daan De Meyer2023-05-121-1/+1
|
* resolved: adjust message about credentialsZbigniew Jędrzejewski-Szmek2023-04-251-2/+2
| | | | | | "credential provided widget" would be better spelled as "credential-provided widget". But let's adjust the message to name the bad credential explicitly: this makes it easier to fix for the user.
* shared/creds-util: return 0 for missing creds in read_credential_strings_manyZbigniew Jędrzejewski-Szmek2023-04-251-4/+3
| | | | | | | | | | | Realistically, the only thing that the caller can do is ignore failures related to missing credentials. If the caller requires some credentials to be present, they should just check which output variables are not NULL. One of the callers was already doing that, and the other wanted to, but missed -ENOENT. By suppressing -ENOENT and -ENXIO, both callers are simplified. Fixes a warning at boot: systemd-vconsole-setup[221]: Failed to import credentials, ignoring: No such file or directory
* Merge pull request #27253 from yuwata/cmsg-find-and-copy-dataYu Watanabe2023-04-161-2/+2
|\ | | | | socket-util: introduce CMSG_FIND_AND_COPY_DATA()
| * tree-wide: also use CMSG_TYPED_DATA() on writing message headerYu Watanabe2023-04-161-2/+2
| |
* | tree-wide: add some assertsDavid Tardon2023-04-141-0/+2
| |
* | tree-wide: use TAKE_STRUCTDavid Tardon2023-04-141-2/+1
|/
* tree-wide: port more code over to CMSG_TYPED_DATA()Lennart Poettering2023-04-132-10/+10
|
* resolve: change DNS_PACKET_UNICAST_SIZE_LARGE_MAX to 1232 (#27171)Cristian Rodríguez2023-04-071-2/+2
| | | | | | | The old common default was 4096, until 2020 on which all DNS servers (verified on BIND9, NSD, Unbound, dnsmasq) switched to 1232 as an agreed max size [1]. [1] https://www.dnsflagday.net/2020/#message-size-considerations
* resolve: refuse mdns scope for ipv4 broadcast addressesRonan Pigott2023-04-054-4/+22
| | | | This query can never be answered, so let's no wait for it to timeout.
* conf: replace config_parse_many_nulstr() with config_parse_config_file()Franck Bui2023-03-141-8/+3
| | | | | | | | | | | | | | | | | All daemons use a similar scheme to read their main config files and theirs drop-ins. The main config files are always stored in /etc/systemd directory and it's easy enough to construct the name of the drop-in directories based on the name of the main config file. Hence the new helper does that internally, which allows to reduce and simplify the args passed previously to config_parse_many_nulstr(). Besides the overall code simplification it results: 16 files changed, 87 insertions(+), 159 deletions(-) it allows to identify clearly the locations in the code where configuration files are parsed.
* meson: Introduce userspace depJan Janssen2023-03-101-0/+1
| | | | This will help in a later commit to separate userspace from EFI builds.
* socket-util: fix socket_get_family()Lennart Poettering2023-03-101-3/+3
| | | | Function didn't actually return anything useful. Quite a shame.
* resolved: flush caches on memory pressure and support SIGRTMIN+18Lennart Poettering2023-03-013-1/+36
|
* tree-wide: use unlink_and_freep() moreoverLennart Poettering2023-02-231-4/+4
|
* Merge pull request #26203 from medhefgo/mesonYu Watanabe2023-02-221-62/+67
|\ | | | | meson: Use dicts for test/fuzzer definitions
| * meson: Use dicts for fuzzer definitionsJan Janssen2023-02-211-16/+20
| |
| * meson: Use dicts for test definitionsJan Janssen2023-02-211-46/+47
| | | | | | | | | | | | | | Although this slightly more verbose it makes it much easier to reason about. The code that produces the tests heavily benefits from this. Test lists are also now sorted by test name.
* | tree-wide: use FORK_REARRANGE_STDIO and FORK_CLOSE_ALL_FDSYu Watanabe2023-02-211-8/+4
| |
* | process-util: rename FORK_NULL_STDIO -> FORK_REARRANGE_STDIOYu Watanabe2023-02-211-2/+4
|/ | | | And make safe_fork_full() takes fds to be assigned to stdio.
* resolved: Fall back to TCP if UDP is blockedJoan Bruguera2023-02-151-1/+3
| | | | | | If UDP is blocked on the system (e.g. by iptables or BPF), the kernel will return EPERM on some or all of the system calls (connect, sendmsg, etc.). In this case, try to fall back to TCP, which hopefully will not be blocked.
* treewide: fix a few typos in NEWS, docs and commentsDmitry V. Levin2023-02-151-1/+1
|
* resolve: adjust message for NXDOMAIN lookup resultZbigniew Jędrzejewski-Szmek2023-02-072-2/+9
| | | | | | | | | | | | | | | | | | Previously, we reported: nx.example.org: resolve call failed: 'nx.example.org' not found But the call did succeed, and in fact all communication with the upstream servers was successful, and we got an authoritative negative answer. So instead of saying that the call fail, just say that the host doesn't exist: nx.example.org: Name 'nx.example.org' not found I wanted to keep the prefix of "<name>: ", to keep the output uniform. But it'd look a bit strange to say "<name>: <name> not found", so I added "Name " to make the output more readable. (Another option would be to not display the error string received from resolved, but that seems risky: even if right now resolved uses just one message format, it could start doing something else in the future, so it's better to display the error as received.) Fixes #26233.
* resolve: define normal macros for BUS_ERROR_DNS error codesZbigniew Jędrzejewski-Szmek2023-02-072-18/+18
| | | | | | This result is identical after cpp is done, so we don't save anything by not having the usual macros. And with the usual macros it's easier to grep and code-crossreferencing works better.
* resolve: Skip creating stubs if missing CAP_NET_BIND_SERVICEDaan De Meyer2023-01-261-0/+9
| | | | | | | | If we don't have CAP_NET_BIND_SERVICE, we won't be able to bind the stub listener socket, so let's skip creating it and log a warning. We do the same for the extra stubs if they're configured on privileged ports.
* meson: Do not include headers in source listsJan Janssen2023-01-241-43/+4
| | | | | | Meson+ninja+compiler do this for us and are better at it. https://mesonbuild.com/FAQ.html#do-i-need-to-add-my-headers-to-the-sources-list-like-in-autotools
* string-util: add common implementation of function that converts sized ↵Lennart Poettering2023-01-211-13/+8
| | | | character buffers to NUL terminated C strings
* basic: Use statement expressions more in list.hDaan De Meyer2023-01-082-5/+5
| | | | | Let's use statement expressions to return values instead of passing in return arguments to the LIST macros.
* Merge pull request #25947 from poettering/resolved-dns-credsDaan De Meyer2023-01-061-3/+101
|\ | | | | resolved: add support for reading DNS config from kernel cmdline + service credentials
| * resolved: read DNS conf also from creds and kernel cmdlineLennart Poettering2023-01-051-3/+101
| | | | | | | | | | | | | | | | | | | | | | Note that this drops ProtectProc=invisible from systemd-resolved.service. This is done because othewise access to the booted "kernel" command line is not necessarily available. That's because in containers we want to read /proc/1/cmdline for that. Fixes: #24103
* | resolved: disable SO_BINDTOIFINDEX hack for localhost IP addressesLennart Poettering2023-01-061-1/+2
| | | | | | | | Fixes: #23010
* | dns-domain: dns_name_is_empty() is redundantLennart Poettering2023-01-052-3/+3
| | | | | | | | | | dns_name_is_empty() was added later, but does the same thing as the more accurately called dns_name_is_root(), hence drop the former.
* | resolvectl: remove duplicate ':' from outputLennart Poettering2023-01-051-3/+3
|/ | | | | | | | The second argument to dump_list() actually ends up in a TABLE_FIELD cell now, where we implicitly append a ":". Hence drop it from the strings. Follow-up for: 37a50123fac050c7ccde4afcf3f37ee77aad012c
* resolvectl: don't filter loopback DNS server from global DNS server listLennart Poettering2023-01-041-15/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | "resolvectl status" shows per-link DNS servers separately from global ones. When querying the global list, it will contain both per-link and global servers however. Thus, to not show duplicate info we filter all entries that actually have a non-zero ifindex set (under the assumption that that's a per-link server). This doesn't work if people configured 127.0.0.1 as global server though, as we'll add ifindex 1 to it since 6e32414a66ff8dbcef233981a7066684d903ee9f unconditionally even for global servers. Let's address that by excluding entries with ifindex 1 from suppression. This is safe as resolved ignores loopback ifaces, hence never will have per-link servers on ifindex 1. Note that this splits up the "with_ifindex" parameter into a second parameter "only_global", since they semantically do two different things. One controls whether we shall expect/parse an ifindex dbus field. The other controls whether we shall filter all ifindex values set != 0. These are effectively always used in conjunction hence making them the same actually worked. However this is utterly confusing I think, which as I guess is resulting in the confusion around #25796 (which removes the whole check) Replaces: #25796
* resolved: add some line-breaks/commentsLennart Poettering2023-01-042-7/+25
| | | | Let's make this a bit more readable.
* resolvectl: fix type of ifindex D-Bus field, and make sure to initialize to ↵Lennart Poettering2023-01-041-1/+2
| | | | zero in all code paths
* resolved: downgrade inability to send varlink reply error messageLennart Poettering2023-01-031-2/+2
| | | | | | | | | | Previously, if a client disconnected after sending a lookup request but before waiting for the reply we'd log at LOG_ERR level. That's confusing, since it's entirely OK for the client to lose interest. Hence, let's downgrade to debug level. Fixes: #25892
* fundamental: rework IN_SET() to require at least three argumentsLennart Poettering2023-01-021-1/+1
| | | | | | | If less than three parameters are passed a simple comparison is the better choice. Lo and behold this found two pretty bad typos.
* resolve: fix enumerator name for DNS search domainJacek Migacz2022-12-201-1/+1
|
* tree-wide: use -EBADF moreYu Watanabe2022-12-212-6/+6
|
* tree-wide: use -EBADF for fd initializationZbigniew Jędrzejewski-Szmek2022-12-196-18/+18
| | | | | | | | | | | | | | | | -1 was used everywhere, but -EBADF or -EBADFD started being used in various places. Let's make things consistent in the new style. Note that there are two candidates: EBADF 9 Bad file descriptor EBADFD 77 File descriptor in bad state Since we're initializating the fd, we're just assigning a value that means "no fd yet", so it's just a bad file descriptor, and the first errno fits better. If instead we had a valid file descriptor that became invalid because of some operation or state change, the other errno would fit better. In some places, initialization is dropped if unnecessary.
* resolve: fix NULL-pointer dereferenceYu Watanabe2022-12-141-1/+1
| | | | | Fixes a bug introduced by 16a6bc5a7a5da2482d96f7dc43da360ceab1c320. Fixes CID#1501514.
* resolve: dedup entries in /etc/hostsYu Watanabe2022-12-133-58/+64
| | | | | | | | | | | | | | | | | | | | This improves the performance of parsing the file and reduces memory pressure. Running 'fuzz-etc-hosts timeout-strv' with valgrind, Before: total heap usage: 321,020 allocs, 321,020 frees, 15,820,387,193 bytes allocated real 0m23.531s user 0m21.458s sys 0m1.961s After: total heap usage: 112,408 allocs, 112,408 frees, 7,297,480 bytes allocated real 0m8.664s user 0m8.545s sys 0m0.065s Hopefully fixes oss-fuzz#47708 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47708).
* resolve: introduce more hash-ops and use themYu Watanabe2022-12-131-4/+20
| | | | No functional changes, just refactoring.
* resolve: use dns_name_hash_ops_freeYu Watanabe2022-12-131-2/+2
| | | | No functional changes, just refactoring.
* resolve: split manager_etc_hosts_lookup() into small partsYu Watanabe2022-12-131-61/+90
| | | | No functional changes, just refactoring.
* resolve: adjust warningYu Watanabe2022-12-131-4/+4
|
* resolve: merge two boolean variablesYu Watanabe2022-12-131-10/+5
| | | | No functional changes, just refactoring.
* resolve: introduce cleanup functions for EtcHostsItemBy{Address,Name}Yu Watanabe2022-12-131-20/+22
| | | | | No functional change, just refactoring and preparation for later commits.
* resolve: make etc_hosts_item_by_{address,name}_free() accept NULLYu Watanabe2022-12-131-11/+12
|
View Lorry Controller Status