diff options
Diffstat (limited to 'src/resolve')
-rw-r--r-- | src/resolve/resolved-dns-answer.h | 10 | ||||
-rw-r--r-- | src/resolve/resolved-dns-dnssec.c | 2 | ||||
-rw-r--r-- | src/resolve/resolved-dns-query.c | 2 | ||||
-rw-r--r-- | src/resolve/resolved-dns-scope.c | 30 | ||||
-rw-r--r-- | src/resolve/resolved-etc-hosts.c | 4 | ||||
-rw-r--r-- | src/resolve/resolved-manager.c | 2 | ||||
-rw-r--r-- | src/resolve/resolved.c | 4 |
7 files changed, 34 insertions, 20 deletions
diff --git a/src/resolve/resolved-dns-answer.h b/src/resolve/resolved-dns-answer.h index 97514c3408..47fc80e2b0 100644 --- a/src/resolve/resolved-dns-answer.h +++ b/src/resolve/resolved-dns-answer.h @@ -15,11 +15,11 @@ typedef struct DnsAnswerItem DnsAnswerItem; * Note that we usually encode the empty DnsAnswer object as a simple NULL. */ typedef enum DnsAnswerFlags { - DNS_ANSWER_AUTHENTICATED = 1, /* Item has been authenticated */ - DNS_ANSWER_CACHEABLE = 2, /* Item is subject to caching */ - DNS_ANSWER_SHARED_OWNER = 4, /* For mDNS: RRset may be owner by multiple peers */ - DNS_ANSWER_CACHE_FLUSH = 8, /* For mDNS: sets cache-flush bit in the rrclass of response records */ - DNS_ANSWER_GOODBYE = 16, /* For mDNS: item is subject to disappear */ + DNS_ANSWER_AUTHENTICATED = 1 << 0, /* Item has been authenticated */ + DNS_ANSWER_CACHEABLE = 1 << 1, /* Item is subject to caching */ + DNS_ANSWER_SHARED_OWNER = 1 << 2, /* For mDNS: RRset may be owner by multiple peers */ + DNS_ANSWER_CACHE_FLUSH = 1 << 3, /* For mDNS: sets cache-flush bit in the rrclass of response records */ + DNS_ANSWER_GOODBYE = 1 << 4, /* For mDNS: item is subject to disappear */ } DnsAnswerFlags; struct DnsAnswerItem { diff --git a/src/resolve/resolved-dns-dnssec.c b/src/resolve/resolved-dns-dnssec.c index 335fd47780..14acc4e77d 100644 --- a/src/resolve/resolved-dns-dnssec.c +++ b/src/resolve/resolved-dns-dnssec.c @@ -402,7 +402,7 @@ static int dnssec_ecdsa_verify( if (rrsig->rrsig.signature_size != key_size * 2) return -EINVAL; - q = alloca(key_size*2 + 1); + q = newa(uint8_t, key_size*2 + 1); q[0] = 0x04; /* Prepend 0x04 to indicate an uncompressed key */ memcpy(q+1, dnskey->dnskey.key, key_size*2); diff --git a/src/resolve/resolved-dns-query.c b/src/resolve/resolved-dns-query.c index 7a4f97754b..535ef4e776 100644 --- a/src/resolve/resolved-dns-query.c +++ b/src/resolve/resolved-dns-query.c @@ -719,7 +719,7 @@ int dns_query_go(DnsQuery *q) { match = dns_scope_good_domain(s, q->ifindex, q->flags, name); if (match < 0) { - log_debug("Couldn't check if '%s' matches agains scope, ignoring.", name); + log_debug("Couldn't check if '%s' matches against scope, ignoring.", name); continue; } diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c index 972e661d72..66dd2b1b5a 100644 --- a/src/resolve/resolved-dns-scope.c +++ b/src/resolve/resolved-dns-scope.c @@ -527,6 +527,7 @@ DnsScopeMatch dns_scope_good_domain( switch (s->protocol) { case DNS_PROTOCOL_DNS: { + bool has_search_domains = false; int n_best = -1; /* Never route things to scopes that lack DNS servers */ @@ -536,7 +537,11 @@ DnsScopeMatch dns_scope_good_domain( /* Always honour search domains for routing queries, except if this scope lacks DNS servers. Note that * we return DNS_SCOPE_YES here, rather than just DNS_SCOPE_MAYBE, which means other wildcard scopes * won't be considered anymore. */ - LIST_FOREACH(domains, d, dns_scope_get_search_domains(s)) + LIST_FOREACH(domains, d, dns_scope_get_search_domains(s)) { + + if (!d->route_only && !dns_name_is_root(d->name)) + has_search_domains = true; + if (dns_name_endswith(domain, d->name) > 0) { int c; @@ -547,6 +552,13 @@ DnsScopeMatch dns_scope_good_domain( if (c > n_best) n_best = c; } + } + + /* If there's a true search domain defined for this scope, and the query is single-label, + * then let's resolve things here, prefereably. Note that LLMNR considers itself + * authoritative for single-label names too, at the same preference, see below. */ + if (has_search_domains && dns_name_is_single_label(domain)) + return DNS_SCOPE_YES_BASE + 1; /* Let's return the number of labels in the best matching result */ if (n_best >= 0) { @@ -606,12 +618,16 @@ DnsScopeMatch dns_scope_good_domain( if ((dns_name_is_single_label(domain) && /* only resolve single label names via LLMNR */ !is_gateway_hostname(domain) && /* don't resolve "gateway" with LLMNR, let nss-myhostname handle this */ manager_is_own_hostname(s->manager, domain) <= 0)) /* never resolve the local hostname via LLMNR */ - return DNS_SCOPE_YES_BASE + 1; /* Return +1, as we consider ourselves authoritative for - * single-label names, i.e. one label. This is particular - * relevant as it means a "." route on some other scope won't - * pull all traffic away from us. (If people actually want to - * pull traffic away from us they should turn off LLMNR on the - * link) */ + return DNS_SCOPE_YES_BASE + 1; /* Return +1, as we consider ourselves authoritative + * for single-label names, i.e. one label. This is + * particular relevant as it means a "." route on some + * other scope won't pull all traffic away from + * us. (If people actually want to pull traffic away + * from us they should turn off LLMNR on the + * link). Note that unicast DNS scopes with search + * domains also consider themselves authoritative for + * single-label domains, at the same preference (see + * above). */ return DNS_SCOPE_NO; } diff --git a/src/resolve/resolved-etc-hosts.c b/src/resolve/resolved-etc-hosts.c index 01cde4acf7..ee21222e50 100644 --- a/src/resolve/resolved-etc-hosts.c +++ b/src/resolve/resolved-etc-hosts.c @@ -12,12 +12,12 @@ /* Recheck /etc/hosts at most once every 2s */ #define ETC_HOSTS_RECHECK_USEC (2*USEC_PER_SEC) -static inline void etc_hosts_item_free(EtcHostsItem *item) { +static void etc_hosts_item_free(EtcHostsItem *item) { strv_free(item->names); free(item); } -static inline void etc_hosts_item_by_name_free(EtcHostsItemByName *item) { +static void etc_hosts_item_by_name_free(EtcHostsItemByName *item) { free(item->name); free(item->addresses); free(item); diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c index b7dc09ae37..b3d35c8341 100644 --- a/src/resolve/resolved-manager.c +++ b/src/resolve/resolved-manager.c @@ -689,7 +689,7 @@ Manager *manager_free(Manager *m) { manager_mdns_stop(m); manager_dns_stub_stop(m); - sd_bus_unref(m->bus); + sd_bus_flush_close_unref(m->bus); sd_event_source_unref(m->sigusr1_event_source); sd_event_source_unref(m->sigusr2_event_source); diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c index f4efddf8e5..0845b2c1ae 100644 --- a/src/resolve/resolved.c +++ b/src/resolve/resolved.c @@ -81,9 +81,7 @@ static int run(int argc, char *argv[]) { if (r < 0) return log_error_errno(r, "Event loop failed: %m"); - (void) sd_event_get_exit_code(m->event, &r); - - return r; + return 0; } DEFINE_MAIN_FUNCTION(run); |