From d050561ac3b3087ffcc0352db988518c120c1979 Mon Sep 17 00:00:00 2001
From: Iwan Timmer <irtimmer@gmail.com>
Date: Fri, 4 May 2018 17:31:16 +0200
Subject: resolve: make PrivateDNS configurable per link

Like with DNSSec, make PrivateDNS configurable per link, so you can have trusted and untrusted links.
---
 src/network/networkd-link.c              | 4 ++++
 src/network/networkd-network-gperf.gperf | 1 +
 src/network/networkd-network.c           | 1 +
 src/network/networkd-network.h           | 1 +
 4 files changed, 7 insertions(+)

(limited to 'src/network')

diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
index c0496407ab..805a4a7957 100644
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -3762,6 +3762,10 @@ int link_save(Link *link) {
                 fprintf(f, "MDNS=%s\n",
                         resolve_support_to_string(link->network->mdns));
 
+                if (link->network->private_dns_mode != _PRIVATE_DNS_MODE_INVALID)
+                        fprintf(f, "PRIVATE_DNS=%s\n",
+                                private_dns_mode_to_string(link->network->private_dns_mode));
+
                 if (link->network->dnssec_mode != _DNSSEC_MODE_INVALID)
                         fprintf(f, "DNSSEC=%s\n",
                                 dnssec_mode_to_string(link->network->dnssec_mode));
diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf
index e6ca6631ed..38d168a596 100644
--- a/src/network/networkd-network-gperf.gperf
+++ b/src/network/networkd-network-gperf.gperf
@@ -60,6 +60,7 @@ Network.Domains,                        config_parse_domains,
 Network.DNS,                            config_parse_dns,                               0,                             0
 Network.LLMNR,                          config_parse_resolve_support,                   0,                             offsetof(Network, llmnr)
 Network.MulticastDNS,                   config_parse_resolve_support,                   0,                             offsetof(Network, mdns)
+Network.PrivateDNS,                     config_parse_private_dns_mode,                  0,                             offsetof(Network, private_dns_mode)
 Network.DNSSEC,                         config_parse_dnssec_mode,                       0,                             offsetof(Network, dnssec_mode)
 Network.DNSSECNegativeTrustAnchors,     config_parse_dnssec_negative_trust_anchors,     0,                             0
 Network.NTP,                            config_parse_ntp,                               0,                             offsetof(Network, ntp)
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index b2a75c7e98..fc7d9a3474 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -236,6 +236,7 @@ static int network_load_one(Manager *manager, const char *filename) {
         network->llmnr = RESOLVE_SUPPORT_YES;
         network->mdns = RESOLVE_SUPPORT_NO;
         network->dnssec_mode = _DNSSEC_MODE_INVALID;
+        network->private_dns_mode = _PRIVATE_DNS_MODE_INVALID;
 
         network->link_local = ADDRESS_FAMILY_IPV6;
 
diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h
index 5b6b40d5da..3136835f8c 100644
--- a/src/network/networkd-network.h
+++ b/src/network/networkd-network.h
@@ -261,6 +261,7 @@ struct Network {
         ResolveSupport llmnr;
         ResolveSupport mdns;
         DnssecMode dnssec_mode;
+        PrivateDnsMode private_dns_mode;
         Set *dnssec_negative_trust_anchors;
 
         LIST_FIELDS(Network, networks);
-- 
cgit v1.2.1