1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include "alloc-util.h"
24 #include "dns-domain.h"
26 #include "random-util.h"
27 #include "resolved-dns-transaction.h"
28 #include "resolved-llmnr.h"
29 #include "string-table.h"
31 DnsTransaction
* dns_transaction_free(DnsTransaction
*t
) {
38 sd_event_source_unref(t
->timeout_event_source
);
40 dns_packet_unref(t
->sent
);
41 dns_packet_unref(t
->received
);
43 dns_answer_unref(t
->answer
);
45 sd_event_source_unref(t
->dns_udp_event_source
);
46 safe_close(t
->dns_udp_fd
);
48 dns_server_unref(t
->server
);
49 dns_stream_free(t
->stream
);
52 hashmap_remove_value(t
->scope
->transactions_by_key
, t
->key
, t
);
53 LIST_REMOVE(transactions_by_scope
, t
->scope
->transactions
, t
);
56 hashmap_remove(t
->scope
->manager
->dns_transactions
, UINT_TO_PTR(t
->id
));
59 dns_resource_key_unref(t
->key
);
61 while ((c
= set_steal_first(t
->query_candidates
)))
62 set_remove(c
->transactions
, t
);
64 set_free(t
->query_candidates
);
66 while ((i
= set_steal_first(t
->zone_items
)))
67 i
->probe_transaction
= NULL
;
68 set_free(t
->zone_items
);
74 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsTransaction
*, dns_transaction_free
);
76 void dns_transaction_gc(DnsTransaction
*t
) {
82 if (set_isempty(t
->query_candidates
) && set_isempty(t
->zone_items
))
83 dns_transaction_free(t
);
86 int dns_transaction_new(DnsTransaction
**ret
, DnsScope
*s
, DnsResourceKey
*key
) {
87 _cleanup_(dns_transaction_freep
) DnsTransaction
*t
= NULL
;
94 r
= hashmap_ensure_allocated(&s
->manager
->dns_transactions
, NULL
);
98 r
= hashmap_ensure_allocated(&s
->transactions_by_key
, &dns_resource_key_hash_ops
);
102 t
= new0(DnsTransaction
, 1);
107 t
->answer_source
= _DNS_TRANSACTION_SOURCE_INVALID
;
108 t
->key
= dns_resource_key_ref(key
);
110 /* Find a fresh, unused transaction id */
112 random_bytes(&t
->id
, sizeof(t
->id
));
114 hashmap_get(s
->manager
->dns_transactions
, UINT_TO_PTR(t
->id
)));
116 r
= hashmap_put(s
->manager
->dns_transactions
, UINT_TO_PTR(t
->id
), t
);
122 r
= hashmap_replace(s
->transactions_by_key
, t
->key
, t
);
124 hashmap_remove(s
->manager
->dns_transactions
, UINT_TO_PTR(t
->id
));
128 LIST_PREPEND(transactions_by_scope
, s
->transactions
, t
);
139 static void dns_transaction_stop(DnsTransaction
*t
) {
142 t
->timeout_event_source
= sd_event_source_unref(t
->timeout_event_source
);
143 t
->stream
= dns_stream_free(t
->stream
);
145 /* Note that we do not drop the UDP socket here, as we want to
146 * reuse it to repeat the interaction. */
149 static void dns_transaction_tentative(DnsTransaction
*t
, DnsPacket
*p
) {
150 _cleanup_free_
char *pretty
= NULL
;
156 if (manager_our_packet(t
->scope
->manager
, p
) != 0)
159 in_addr_to_string(p
->family
, &p
->sender
, &pretty
);
161 log_debug("Transaction on scope %s on %s/%s got tentative packet from %s",
162 dns_protocol_to_string(t
->scope
->protocol
),
163 t
->scope
->link
? t
->scope
->link
->name
: "*",
164 t
->scope
->family
== AF_UNSPEC
? "*" : af_to_name(t
->scope
->family
),
167 /* RFC 4795, Section 4.1 says that the peer with the
168 * lexicographically smaller IP address loses */
169 if (memcmp(&p
->sender
, &p
->destination
, FAMILY_ADDRESS_SIZE(p
->family
)) >= 0) {
170 log_debug("Peer has lexicographically larger IP address and thus lost in the conflict.");
174 log_debug("We have the lexicographically larger IP address and thus lost in the conflict.");
177 while ((z
= set_first(t
->zone_items
))) {
178 /* First, make sure the zone item drops the reference
180 dns_zone_item_probe_stop(z
);
182 /* Secondly, report this as conflict, so that we might
183 * look for a different hostname */
184 dns_zone_item_conflict(z
);
188 dns_transaction_gc(t
);
191 void dns_transaction_complete(DnsTransaction
*t
, DnsTransactionState state
) {
192 DnsQueryCandidate
*c
;
197 assert(!IN_SET(state
, DNS_TRANSACTION_NULL
, DNS_TRANSACTION_PENDING
));
199 /* Note that this call might invalidate the query. Callers
200 * should hence not attempt to access the query or transaction
201 * after calling this function. */
203 log_debug("Transaction on scope %s on %s/%s now complete with <%s> from %s",
204 dns_protocol_to_string(t
->scope
->protocol
),
205 t
->scope
->link
? t
->scope
->link
->name
: "*",
206 t
->scope
->family
== AF_UNSPEC
? "*" : af_to_name(t
->scope
->family
),
207 dns_transaction_state_to_string(state
),
208 t
->answer_source
< 0 ? "none" : dns_transaction_source_to_string(t
->answer_source
));
212 dns_transaction_stop(t
);
214 /* Notify all queries that are interested, but make sure the
215 * transaction isn't freed while we are still looking at it */
217 SET_FOREACH(c
, t
->query_candidates
, i
)
218 dns_query_candidate_ready(c
);
219 SET_FOREACH(z
, t
->zone_items
, i
)
220 dns_zone_item_ready(z
);
223 dns_transaction_gc(t
);
226 static int on_stream_complete(DnsStream
*s
, int error
) {
227 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
231 assert(s
->transaction
);
233 /* Copy the data we care about out of the stream before we
236 p
= dns_packet_ref(s
->read_packet
);
238 t
->stream
= dns_stream_free(t
->stream
);
241 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
245 if (dns_packet_validate_reply(p
) <= 0) {
246 log_debug("Invalid TCP reply packet.");
247 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
251 dns_scope_check_conflicts(t
->scope
, p
);
254 dns_transaction_process_reply(t
, p
);
257 /* If the response wasn't useful, then complete the transition now */
258 if (t
->state
== DNS_TRANSACTION_PENDING
)
259 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
264 static int dns_transaction_open_tcp(DnsTransaction
*t
) {
265 DnsServer
*server
= NULL
;
266 _cleanup_close_
int fd
= -1;
274 switch (t
->scope
->protocol
) {
275 case DNS_PROTOCOL_DNS
:
276 fd
= dns_scope_tcp_socket(t
->scope
, AF_UNSPEC
, NULL
, 53, &server
);
279 case DNS_PROTOCOL_LLMNR
:
280 /* When we already received a reply to this (but it was truncated), send to its sender address */
282 fd
= dns_scope_tcp_socket(t
->scope
, t
->received
->family
, &t
->received
->sender
, t
->received
->sender_port
, NULL
);
284 union in_addr_union address
;
285 int family
= AF_UNSPEC
;
287 /* Otherwise, try to talk to the owner of a
288 * the IP address, in case this is a reverse
291 r
= dns_name_address(DNS_RESOURCE_KEY_NAME(t
->key
), &family
, &address
);
296 if (family
!= t
->scope
->family
)
299 fd
= dns_scope_tcp_socket(t
->scope
, family
, &address
, LLMNR_PORT
, NULL
);
305 return -EAFNOSUPPORT
;
311 r
= dns_stream_new(t
->scope
->manager
, &t
->stream
, t
->scope
->protocol
, fd
);
317 r
= dns_stream_write_packet(t
->stream
, t
->sent
);
319 t
->stream
= dns_stream_free(t
->stream
);
323 dns_server_unref(t
->server
);
324 t
->server
= dns_server_ref(server
);
325 t
->received
= dns_packet_unref(t
->received
);
326 t
->answer
= dns_answer_unref(t
->answer
);
328 t
->stream
->complete
= on_stream_complete
;
329 t
->stream
->transaction
= t
;
331 /* The interface index is difficult to determine if we are
332 * connecting to the local host, hence fill this in right away
333 * instead of determining it from the socket */
335 t
->stream
->ifindex
= t
->scope
->link
->ifindex
;
340 static void dns_transaction_next_dns_server(DnsTransaction
*t
) {
343 t
->server
= dns_server_unref(t
->server
);
344 t
->dns_udp_event_source
= sd_event_source_unref(t
->dns_udp_event_source
);
345 t
->dns_udp_fd
= safe_close(t
->dns_udp_fd
);
347 dns_scope_next_dns_server(t
->scope
);
350 void dns_transaction_process_reply(DnsTransaction
*t
, DnsPacket
*p
) {
356 assert(t
->state
== DNS_TRANSACTION_PENDING
);
358 assert(t
->scope
->manager
);
360 /* Note that this call might invalidate the query. Callers
361 * should hence not attempt to access the query or transaction
362 * after calling this function. */
364 switch (t
->scope
->protocol
) {
365 case DNS_PROTOCOL_LLMNR
:
366 assert(t
->scope
->link
);
368 /* For LLMNR we will not accept any packets from other
371 if (p
->ifindex
!= t
->scope
->link
->ifindex
)
374 if (p
->family
!= t
->scope
->family
)
377 /* Tentative packets are not full responses but still
378 * useful for identifying uniqueness conflicts during
380 if (DNS_PACKET_LLMNR_T(p
)) {
381 dns_transaction_tentative(t
, p
);
387 case DNS_PROTOCOL_MDNS
:
388 assert(t
->scope
->link
);
390 /* For mDNS we will not accept any packets from other interfaces */
391 if (p
->ifindex
!= t
->scope
->link
->ifindex
)
394 if (p
->family
!= t
->scope
->family
)
399 case DNS_PROTOCOL_DNS
:
403 assert_not_reached("Invalid DNS protocol.");
406 if (t
->received
!= p
) {
407 dns_packet_unref(t
->received
);
408 t
->received
= dns_packet_ref(p
);
411 t
->answer_source
= DNS_TRANSACTION_NETWORK
;
413 if (p
->ipproto
== IPPROTO_TCP
) {
414 if (DNS_PACKET_TC(p
)) {
415 /* Truncated via TCP? Somebody must be fucking with us */
416 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
420 if (DNS_PACKET_ID(p
) != t
->id
) {
421 /* Not the reply to our query? Somebody must be fucking with us */
422 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
427 assert_se(sd_event_now(t
->scope
->manager
->event
, clock_boottime_or_monotonic(), &ts
) >= 0);
429 switch (t
->scope
->protocol
) {
430 case DNS_PROTOCOL_DNS
:
433 if (IN_SET(DNS_PACKET_RCODE(p
), DNS_RCODE_FORMERR
, DNS_RCODE_SERVFAIL
, DNS_RCODE_NOTIMP
)) {
435 /* request failed, immediately try again with reduced features */
436 log_debug("Server returned error: %s", dns_rcode_to_string(DNS_PACKET_RCODE(p
)));
438 dns_server_packet_failed(t
->server
, t
->current_features
);
440 r
= dns_transaction_go(t
);
442 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
448 dns_server_packet_received(t
->server
, t
->current_features
, ts
- t
->start_usec
, p
->size
);
451 case DNS_PROTOCOL_LLMNR
:
452 case DNS_PROTOCOL_MDNS
:
453 dns_scope_packet_received(t
->scope
, ts
- t
->start_usec
);
460 if (DNS_PACKET_TC(p
)) {
462 /* Truncated packets for mDNS are not allowed. Give up immediately. */
463 if (t
->scope
->protocol
== DNS_PROTOCOL_MDNS
) {
464 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
468 /* Response was truncated, let's try again with good old TCP */
469 r
= dns_transaction_open_tcp(t
);
471 /* No servers found? Damn! */
472 dns_transaction_complete(t
, DNS_TRANSACTION_NO_SERVERS
);
476 /* On LLMNR and mDNS, if we cannot connect to the host,
477 * we immediately give up */
478 if (t
->scope
->protocol
== DNS_PROTOCOL_LLMNR
) {
479 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
483 /* On DNS, couldn't send? Try immediately again, with a new server */
484 dns_transaction_next_dns_server(t
);
486 r
= dns_transaction_go(t
);
488 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
496 /* Parse and update the cache */
497 r
= dns_packet_extract(p
);
499 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
503 if (t
->scope
->protocol
== DNS_PROTOCOL_DNS
) {
504 /* Only consider responses with equivalent query section to the request */
505 if (p
->question
->n_keys
!= 1 || dns_resource_key_equal(p
->question
->keys
[0], t
->key
) <= 0) {
506 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
510 /* Install the answer as answer to the transaction */
511 dns_answer_unref(t
->answer
);
512 t
->answer
= dns_answer_ref(p
->answer
);
513 t
->answer_rcode
= DNS_PACKET_RCODE(p
);
514 t
->answer_authenticated
= t
->scope
->dnssec_mode
== DNSSEC_TRUST
&& DNS_PACKET_AD(p
);
516 /* According to RFC 4795, section 2.9. only the RRs from the answer section shall be cached */
517 if (DNS_PACKET_SHALL_CACHE(p
))
518 dns_cache_put(&t
->scope
->cache
,
522 DNS_PACKET_ANCOUNT(p
),
523 t
->answer_authenticated
,
529 if (DNS_PACKET_RCODE(p
) == DNS_RCODE_SUCCESS
)
530 dns_transaction_complete(t
, DNS_TRANSACTION_SUCCESS
);
532 dns_transaction_complete(t
, DNS_TRANSACTION_FAILURE
);
535 static int on_dns_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
536 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
537 DnsTransaction
*t
= userdata
;
543 r
= manager_recv(t
->scope
->manager
, fd
, DNS_PROTOCOL_DNS
, &p
);
547 if (dns_packet_validate_reply(p
) > 0 &&
548 DNS_PACKET_ID(p
) == t
->id
)
549 dns_transaction_process_reply(t
, p
);
551 log_debug("Invalid DNS packet.");
556 static int dns_transaction_emit(DnsTransaction
*t
) {
561 if (t
->scope
->protocol
== DNS_PROTOCOL_DNS
&& !t
->server
) {
562 DnsServer
*server
= NULL
;
563 _cleanup_close_
int fd
= -1;
565 fd
= dns_scope_udp_dns_socket(t
->scope
, &server
);
569 r
= sd_event_add_io(t
->scope
->manager
->event
, &t
->dns_udp_event_source
, fd
, EPOLLIN
, on_dns_packet
, t
);
575 t
->server
= dns_server_ref(server
);
578 r
= dns_scope_emit(t
->scope
, t
->dns_udp_fd
, t
->server
, t
->sent
);
583 t
->current_features
= t
->server
->possible_features
;
588 static int on_transaction_timeout(sd_event_source
*s
, usec_t usec
, void *userdata
) {
589 DnsTransaction
*t
= userdata
;
595 if (!t
->initial_jitter_scheduled
|| t
->initial_jitter_elapsed
) {
596 /* Timeout reached? Increase the timeout for the server used */
597 switch (t
->scope
->protocol
) {
598 case DNS_PROTOCOL_DNS
:
601 dns_server_packet_lost(t
->server
, t
->current_features
, usec
- t
->start_usec
);
604 case DNS_PROTOCOL_LLMNR
:
605 case DNS_PROTOCOL_MDNS
:
606 dns_scope_packet_lost(t
->scope
, usec
- t
->start_usec
);
610 assert_not_reached("Invalid DNS protocol.");
613 if (t
->initial_jitter_scheduled
)
614 t
->initial_jitter_elapsed
= true;
617 /* ...and try again with a new server */
618 dns_transaction_next_dns_server(t
);
620 r
= dns_transaction_go(t
);
622 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
627 static int dns_transaction_make_packet(DnsTransaction
*t
) {
628 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
636 r
= dns_packet_new_query(&p
, t
->scope
->protocol
, 0, t
->scope
->dnssec_mode
== DNSSEC_YES
);
640 r
= dns_scope_good_key(t
->scope
, t
->key
);
646 r
= dns_packet_append_key(p
, t
->key
, NULL
);
650 DNS_PACKET_HEADER(p
)->qdcount
= htobe16(1);
651 DNS_PACKET_HEADER(p
)->id
= t
->id
;
659 static usec_t
transaction_get_resend_timeout(DnsTransaction
*t
) {
663 switch (t
->scope
->protocol
) {
664 case DNS_PROTOCOL_DNS
:
667 return t
->server
->resend_timeout
;
668 case DNS_PROTOCOL_MDNS
:
669 assert(t
->n_attempts
> 0);
670 return (1 << (t
->n_attempts
- 1)) * USEC_PER_SEC
;
671 case DNS_PROTOCOL_LLMNR
:
672 return t
->scope
->resend_timeout
;
674 assert_not_reached("Invalid DNS protocol.");
678 static int dns_transaction_prepare_next_attempt(DnsTransaction
*t
, usec_t ts
) {
684 had_stream
= !!t
->stream
;
686 dns_transaction_stop(t
);
688 if (t
->n_attempts
>= TRANSACTION_ATTEMPTS_MAX(t
->scope
->protocol
)) {
689 dns_transaction_complete(t
, DNS_TRANSACTION_ATTEMPTS_MAX_REACHED
);
693 if (t
->scope
->protocol
== DNS_PROTOCOL_LLMNR
&& had_stream
) {
694 /* If we already tried via a stream, then we don't
695 * retry on LLMNR. See RFC 4795, Section 2.7. */
696 dns_transaction_complete(t
, DNS_TRANSACTION_ATTEMPTS_MAX_REACHED
);
702 t
->received
= dns_packet_unref(t
->received
);
703 t
->answer
= dns_answer_unref(t
->answer
);
705 t
->answer_source
= _DNS_TRANSACTION_SOURCE_INVALID
;
707 /* Check the trust anchor. Do so only on classic DNS, since DNSSEC does not apply otherwise. */
708 if (t
->scope
->protocol
== DNS_PROTOCOL_DNS
) {
709 r
= dns_trust_anchor_lookup(&t
->scope
->manager
->trust_anchor
, t
->key
, &t
->answer
);
713 t
->answer_rcode
= DNS_RCODE_SUCCESS
;
714 t
->answer_source
= DNS_TRANSACTION_TRUST_ANCHOR
;
715 t
->answer_authenticated
= true;
716 dns_transaction_complete(t
, DNS_TRANSACTION_SUCCESS
);
721 /* Check the zone, but only if this transaction is not used
722 * for probing or verifying a zone item. */
723 if (set_isempty(t
->zone_items
)) {
725 r
= dns_zone_lookup(&t
->scope
->zone
, t
->key
, &t
->answer
, NULL
, NULL
);
729 t
->answer_rcode
= DNS_RCODE_SUCCESS
;
730 t
->answer_source
= DNS_TRANSACTION_ZONE
;
731 t
->answer_authenticated
= true;
732 dns_transaction_complete(t
, DNS_TRANSACTION_SUCCESS
);
737 /* Check the cache, but only if this transaction is not used
738 * for probing or verifying a zone item. */
739 if (set_isempty(t
->zone_items
)) {
741 /* Before trying the cache, let's make sure we figured out a
742 * server to use. Should this cause a change of server this
743 * might flush the cache. */
744 dns_scope_get_dns_server(t
->scope
);
746 /* Let's then prune all outdated entries */
747 dns_cache_prune(&t
->scope
->cache
);
749 r
= dns_cache_lookup(&t
->scope
->cache
, t
->key
, &t
->answer_rcode
, &t
->answer
, &t
->answer_authenticated
);
753 t
->answer_source
= DNS_TRANSACTION_CACHE
;
754 if (t
->answer_rcode
== DNS_RCODE_SUCCESS
)
755 dns_transaction_complete(t
, DNS_TRANSACTION_SUCCESS
);
757 dns_transaction_complete(t
, DNS_TRANSACTION_FAILURE
);
765 int dns_transaction_go(DnsTransaction
*t
) {
771 assert_se(sd_event_now(t
->scope
->manager
->event
, clock_boottime_or_monotonic(), &ts
) >= 0);
772 r
= dns_transaction_prepare_next_attempt(t
, ts
);
776 log_debug("Excercising transaction on scope %s on %s/%s",
777 dns_protocol_to_string(t
->scope
->protocol
),
778 t
->scope
->link
? t
->scope
->link
->name
: "*",
779 t
->scope
->family
== AF_UNSPEC
? "*" : af_to_name(t
->scope
->family
));
781 if (!t
->initial_jitter_scheduled
&&
782 (t
->scope
->protocol
== DNS_PROTOCOL_LLMNR
||
783 t
->scope
->protocol
== DNS_PROTOCOL_MDNS
)) {
784 usec_t jitter
, accuracy
;
786 /* RFC 4795 Section 2.7 suggests all queries should be
787 * delayed by a random time from 0 to JITTER_INTERVAL. */
789 t
->initial_jitter_scheduled
= true;
791 random_bytes(&jitter
, sizeof(jitter
));
793 switch (t
->scope
->protocol
) {
794 case DNS_PROTOCOL_LLMNR
:
795 jitter
%= LLMNR_JITTER_INTERVAL_USEC
;
796 accuracy
= LLMNR_JITTER_INTERVAL_USEC
;
798 case DNS_PROTOCOL_MDNS
:
799 jitter
%= MDNS_JITTER_RANGE_USEC
;
800 jitter
+= MDNS_JITTER_MIN_USEC
;
801 accuracy
= MDNS_JITTER_RANGE_USEC
;
804 assert_not_reached("bad protocol");
807 r
= sd_event_add_time(
808 t
->scope
->manager
->event
,
809 &t
->timeout_event_source
,
810 clock_boottime_or_monotonic(),
811 ts
+ jitter
, accuracy
,
812 on_transaction_timeout
, t
);
817 t
->next_attempt_after
= ts
;
818 t
->state
= DNS_TRANSACTION_PENDING
;
820 log_debug("Delaying %s transaction for " USEC_FMT
"us.", dns_protocol_to_string(t
->scope
->protocol
), jitter
);
824 /* Otherwise, we need to ask the network */
825 r
= dns_transaction_make_packet(t
);
827 /* Not the right request to make on this network?
828 * (i.e. an A request made on IPv6 or an AAAA request
829 * made on IPv4, on LLMNR or mDNS.) */
830 dns_transaction_complete(t
, DNS_TRANSACTION_NO_SERVERS
);
836 if (t
->scope
->protocol
== DNS_PROTOCOL_LLMNR
&&
837 (dns_name_endswith(DNS_RESOURCE_KEY_NAME(t
->key
), "in-addr.arpa") > 0 ||
838 dns_name_endswith(DNS_RESOURCE_KEY_NAME(t
->key
), "ip6.arpa") > 0)) {
840 /* RFC 4795, Section 2.4. says reverse lookups shall
841 * always be made via TCP on LLMNR */
842 r
= dns_transaction_open_tcp(t
);
844 /* Try via UDP, and if that fails due to large size or lack of
845 * support try via TCP */
846 r
= dns_transaction_emit(t
);
847 if (r
== -EMSGSIZE
|| r
== -EAGAIN
)
848 r
= dns_transaction_open_tcp(t
);
852 /* No servers to send this to? */
853 dns_transaction_complete(t
, DNS_TRANSACTION_NO_SERVERS
);
856 if (t
->scope
->protocol
!= DNS_PROTOCOL_DNS
) {
857 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
861 /* Couldn't send? Try immediately again, with a new server */
862 dns_transaction_next_dns_server(t
);
864 return dns_transaction_go(t
);
867 ts
+= transaction_get_resend_timeout(t
);
869 r
= sd_event_add_time(
870 t
->scope
->manager
->event
,
871 &t
->timeout_event_source
,
872 clock_boottime_or_monotonic(),
874 on_transaction_timeout
, t
);
878 t
->state
= DNS_TRANSACTION_PENDING
;
879 t
->next_attempt_after
= ts
;
884 static const char* const dns_transaction_state_table
[_DNS_TRANSACTION_STATE_MAX
] = {
885 [DNS_TRANSACTION_NULL
] = "null",
886 [DNS_TRANSACTION_PENDING
] = "pending",
887 [DNS_TRANSACTION_FAILURE
] = "failure",
888 [DNS_TRANSACTION_SUCCESS
] = "success",
889 [DNS_TRANSACTION_NO_SERVERS
] = "no-servers",
890 [DNS_TRANSACTION_TIMEOUT
] = "timeout",
891 [DNS_TRANSACTION_ATTEMPTS_MAX_REACHED
] = "attempts-max-reached",
892 [DNS_TRANSACTION_INVALID_REPLY
] = "invalid-reply",
893 [DNS_TRANSACTION_RESOURCES
] = "resources",
894 [DNS_TRANSACTION_ABORTED
] = "aborted",
896 DEFINE_STRING_TABLE_LOOKUP(dns_transaction_state
, DnsTransactionState
);
898 static const char* const dns_transaction_source_table
[_DNS_TRANSACTION_SOURCE_MAX
] = {
899 [DNS_TRANSACTION_NETWORK
] = "network",
900 [DNS_TRANSACTION_CACHE
] = "cache",
901 [DNS_TRANSACTION_ZONE
] = "zone",
902 [DNS_TRANSACTION_TRUST_ANCHOR
] = "trust-anchor",
904 DEFINE_STRING_TABLE_LOOKUP(dns_transaction_source
, DnsTransactionSource
);