summaryrefslogtreecommitdiff
path: root/src/shared/resolve-util.h
Commit message (Collapse)AuthorAgeFilesLines
* resolved: introduce common macro for 127.0.0.2 IP addressLennart Poettering2022-11-251-0/+3
|
* resolve: introduce link_get_llmnr_support() and link_get_mdns_support()Yu Watanabe2022-11-101-1/+2
|
* resolved: add "proxy-only" stub on 127.0.0.54Lennart Poettering2021-11-221-1/+4
| | | | | | | | | | | | | | | | | | | | This beefs up the DNS stub logic to listen on two IP addresses: 127.0.0.53 (as before) + 127.0.0.54 (new). When the latter is contact our stub will operate in "bypass" mode only, i.e we'll try to pass DNS requests as unmodified upstream as we can (and not do mDNS/LLMNR and such, also no DNSSEC validation – but we'll still do DNS-over-TLS wrapping). This is supposed to be useful for container environments or tethering: this stub could be exposed (via NAT redirect) to clients of this system and we'll try to stay out of the way with doing too much DNS magic ourselves, but still expose whatever the current DNS server is from upstream under a stable address/port. How to use this: # iptables -t nat -I PREROUTING -p udp -i <interface> --dport 53 -j DNAT --to 127.0.0.54:53 # echo 1 > /proc/sys/net/ipv4/conf/<interface>/route_localnet
* shared: Fix _DNS_CACHE_MODE_INVALID value: use -EINVALBenjamin Robin2021-02-161-1/+1
| | | | Follow-up of #11484
* tree-wide: use -EINVAL for enum invalid valuesZbigniew Jędrzejewski-Szmek2021-02-101-3/+3
| | | | | | | | | As suggested in https://github.com/systemd/systemd/pull/11484#issuecomment-775288617. This does not touch anything exposed in src/systemd. Changing the defines there would be a compatibility break. Note that tests are broken after this commit. They will be fixed in the next one.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* tree-wide: fix spelling of "fallback"Zbigniew Jędrzejewski-Szmek2020-08-201-1/+1
| | | | | | Similarly to "setup" vs. "set up", "fallback" is a noun, and "fall back" is the verb. (This is pretty clear when we construct a sentence in the present continous: "we are falling back" not "we are fallbacking").
* resolve: move resolv.conf path definitions to shared headerLennart Poettering2020-04-221-0/+9
| | | | That way we can use it from nspawn.
* resolved: switch cache option to a tri-state option (systemd#5552).Jorge Niedbalski2019-07-171-0/+14
| | | | | | | | | | | | | Change the resolved.conf Cache option to a tri-state "no, no-negative, yes" values. If a lookup returns SERVFAIL systemd-resolved will cache the result for 30s (See 201d995), however, there are several use cases on which this condition is not acceptable (See systemd#5552 comments) and the only workaround would be to disable cache entirely or flush it , which isn't optimal. This change adds the 'no-negative' option when set it avoids putting in cache negative answers but still works the same heuristics for positive answers. Signed-off-by: Jorge Niedbalski <jnr@metaklass.org>
* resolve: expose dns_server_address_valid()Yu Watanabe2019-07-171-0/+6
|
* resolved: add strict mode for DNS-over-TLSIwan Timmer2019-06-191-0/+3
| | | | Add strict mode for DNS-over-TLS, which will require TLS support from the server. Closes #10755
* tree-wide: remove Lennart's copyright linesLennart Poettering2018-06-141-4/+0
| | | | | | | | | | | These lines are generally out-of-date, incomplete and unnecessary. With SPDX and git repository much more accurate and fine grained information about licensing and authorship is available, hence let's drop the per-file copyright notice. Of course, removing copyright lines of others is problematic, hence this commit only removes my own lines and leaves all others untouched. It might be nicer if sooner or later those could go away too, making git the only and accurate source of authorship information.
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | | | | | | This part of the copyright blurb stems from the GPL use recommendations: https://www.gnu.org/licenses/gpl-howto.en.html The concept appears to originate in times where version control was per file, instead of per tree, and was a way to glue the files together. Ultimately, we nowadays don't live in that world anymore, and this information is entirely useless anyway, as people are very welcome to copy these files into any projects they like, and they shouldn't have to change bits that are part of our copyright header for that. hence, let's just get rid of this old cruft, and shorten our codebase a bit.
* resolve: rename PrivateDNS to DNSOverTLSIwan Timmer2018-06-141-9/+9
| | | PrivateDNS is not considered a good name for this option, so rename it to DNSOverTLS
* resolved: support for DNS-over-TLSIwan Timmer2018-06-111-0/+17
| | | | Add support for DNS-over-TLS using GnuTLS. To reduce latency also TLS False Start and TLS session resumption is supported.
* tree-wide: port over all code to the new CONFIG_PARSER_PROTOTYPE() macroLennart Poettering2018-05-221-2/+3
| | | | | | | | | | | This makes most header files easier to look at. Also Emacs gets really slow when browsing through large sections of overly long prototypes, which is much improved by this macro. We should probably not do something similar with too many other cases, as macros like this might help readability for some, but make it worse for others. But I think given the complexity of this specific prototype and how often we use it, it's worth doing.
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* Add SPDX license identifiers to source files under the LGPLZbigniew Jędrzejewski-Szmek2017-11-191-0/+1
| | | | | This follows what the kernel is doing, c.f. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5fd54ace4721fc5ce2bb5aef6318fcf17f421460.
* tree-wide: remove Emacs lines from all filesDaniel Mack2016-02-101-2/+0
| | | | | This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.
* resolved,networkd: add a per-interface DNSSEC settingLennart Poettering2016-01-051-0/+23
| | | | | This adds a DNSSEC= setting to .network files, and makes resolved honour them.
* resolved,networkd: unify ResolveSupport enumLennart Poettering2016-01-051-0/+39
networkd previously knew an enum "ResolveSupport" for configuring per-interface LLMNR support, resolved had a similar enum just called "Support", with the same value and similar pasers. Unify this, call the enum ResolveSupport, and port both daemons to it.
View Lorry Controller Status