1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include "alloc-util.h"
24 #include "dns-domain.h"
26 #include "random-util.h"
27 #include "resolved-dns-transaction.h"
28 #include "resolved-llmnr.h"
29 #include "string-table.h"
31 DnsTransaction
* dns_transaction_free(DnsTransaction
*t
) {
38 sd_event_source_unref(t
->timeout_event_source
);
40 dns_packet_unref(t
->sent
);
41 dns_packet_unref(t
->received
);
43 dns_answer_unref(t
->answer
);
45 sd_event_source_unref(t
->dns_udp_event_source
);
46 safe_close(t
->dns_udp_fd
);
48 dns_server_unref(t
->server
);
49 dns_stream_free(t
->stream
);
52 hashmap_remove_value(t
->scope
->transactions_by_key
, t
->key
, t
);
53 LIST_REMOVE(transactions_by_scope
, t
->scope
->transactions
, t
);
56 hashmap_remove(t
->scope
->manager
->dns_transactions
, UINT_TO_PTR(t
->id
));
59 dns_resource_key_unref(t
->key
);
61 while ((c
= set_steal_first(t
->query_candidates
)))
62 set_remove(c
->transactions
, t
);
64 set_free(t
->query_candidates
);
66 while ((i
= set_steal_first(t
->zone_items
)))
67 i
->probe_transaction
= NULL
;
68 set_free(t
->zone_items
);
74 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsTransaction
*, dns_transaction_free
);
76 void dns_transaction_gc(DnsTransaction
*t
) {
82 if (set_isempty(t
->query_candidates
) && set_isempty(t
->zone_items
))
83 dns_transaction_free(t
);
86 int dns_transaction_new(DnsTransaction
**ret
, DnsScope
*s
, DnsResourceKey
*key
) {
87 _cleanup_(dns_transaction_freep
) DnsTransaction
*t
= NULL
;
94 r
= hashmap_ensure_allocated(&s
->manager
->dns_transactions
, NULL
);
98 r
= hashmap_ensure_allocated(&s
->transactions_by_key
, &dns_resource_key_hash_ops
);
102 t
= new0(DnsTransaction
, 1);
107 t
->answer_source
= _DNS_TRANSACTION_SOURCE_INVALID
;
108 t
->key
= dns_resource_key_ref(key
);
110 /* Find a fresh, unused transaction id */
112 random_bytes(&t
->id
, sizeof(t
->id
));
114 hashmap_get(s
->manager
->dns_transactions
, UINT_TO_PTR(t
->id
)));
116 r
= hashmap_put(s
->manager
->dns_transactions
, UINT_TO_PTR(t
->id
), t
);
122 r
= hashmap_replace(s
->transactions_by_key
, t
->key
, t
);
124 hashmap_remove(s
->manager
->dns_transactions
, UINT_TO_PTR(t
->id
));
128 LIST_PREPEND(transactions_by_scope
, s
->transactions
, t
);
139 static void dns_transaction_stop(DnsTransaction
*t
) {
142 t
->timeout_event_source
= sd_event_source_unref(t
->timeout_event_source
);
143 t
->stream
= dns_stream_free(t
->stream
);
145 /* Note that we do not drop the UDP socket here, as we want to
146 * reuse it to repeat the interaction. */
149 static void dns_transaction_tentative(DnsTransaction
*t
, DnsPacket
*p
) {
150 _cleanup_free_
char *pretty
= NULL
;
156 if (manager_our_packet(t
->scope
->manager
, p
) != 0)
159 in_addr_to_string(p
->family
, &p
->sender
, &pretty
);
161 log_debug("Transaction on scope %s on %s/%s got tentative packet from %s",
162 dns_protocol_to_string(t
->scope
->protocol
),
163 t
->scope
->link
? t
->scope
->link
->name
: "*",
164 t
->scope
->family
== AF_UNSPEC
? "*" : af_to_name(t
->scope
->family
),
167 /* RFC 4795, Section 4.1 says that the peer with the
168 * lexicographically smaller IP address loses */
169 if (memcmp(&p
->sender
, &p
->destination
, FAMILY_ADDRESS_SIZE(p
->family
)) >= 0) {
170 log_debug("Peer has lexicographically larger IP address and thus lost in the conflict.");
174 log_debug("We have the lexicographically larger IP address and thus lost in the conflict.");
177 while ((z
= set_first(t
->zone_items
))) {
178 /* First, make sure the zone item drops the reference
180 dns_zone_item_probe_stop(z
);
182 /* Secondly, report this as conflict, so that we might
183 * look for a different hostname */
184 dns_zone_item_conflict(z
);
188 dns_transaction_gc(t
);
191 void dns_transaction_complete(DnsTransaction
*t
, DnsTransactionState state
) {
192 DnsQueryCandidate
*c
;
197 assert(!IN_SET(state
, DNS_TRANSACTION_NULL
, DNS_TRANSACTION_PENDING
));
199 /* Note that this call might invalidate the query. Callers
200 * should hence not attempt to access the query or transaction
201 * after calling this function. */
203 log_debug("Transaction on scope %s on %s/%s now complete with <%s> from %s",
204 dns_protocol_to_string(t
->scope
->protocol
),
205 t
->scope
->link
? t
->scope
->link
->name
: "*",
206 t
->scope
->family
== AF_UNSPEC
? "*" : af_to_name(t
->scope
->family
),
207 dns_transaction_state_to_string(state
),
208 t
->answer_source
< 0 ? "none" : dns_transaction_source_to_string(t
->answer_source
));
212 dns_transaction_stop(t
);
214 /* Notify all queries that are interested, but make sure the
215 * transaction isn't freed while we are still looking at it */
217 SET_FOREACH(c
, t
->query_candidates
, i
)
218 dns_query_candidate_ready(c
);
219 SET_FOREACH(z
, t
->zone_items
, i
)
220 dns_zone_item_ready(z
);
223 dns_transaction_gc(t
);
226 static int on_stream_complete(DnsStream
*s
, int error
) {
227 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
231 assert(s
->transaction
);
233 /* Copy the data we care about out of the stream before we
236 p
= dns_packet_ref(s
->read_packet
);
238 t
->stream
= dns_stream_free(t
->stream
);
241 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
245 if (dns_packet_validate_reply(p
) <= 0) {
246 log_debug("Invalid LLMNR TCP packet.");
247 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
251 dns_scope_check_conflicts(t
->scope
, p
);
254 dns_transaction_process_reply(t
, p
);
257 /* If the response wasn't useful, then complete the transition now */
258 if (t
->state
== DNS_TRANSACTION_PENDING
)
259 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
264 static int dns_transaction_open_tcp(DnsTransaction
*t
) {
265 DnsServer
*server
= NULL
;
266 _cleanup_close_
int fd
= -1;
274 switch (t
->scope
->protocol
) {
275 case DNS_PROTOCOL_DNS
:
276 fd
= dns_scope_tcp_socket(t
->scope
, AF_UNSPEC
, NULL
, 53, &server
);
279 case DNS_PROTOCOL_LLMNR
:
280 /* When we already received a reply to this (but it was truncated), send to its sender address */
282 fd
= dns_scope_tcp_socket(t
->scope
, t
->received
->family
, &t
->received
->sender
, t
->received
->sender_port
, NULL
);
284 union in_addr_union address
;
285 int family
= AF_UNSPEC
;
287 /* Otherwise, try to talk to the owner of a
288 * the IP address, in case this is a reverse
291 r
= dns_name_address(DNS_RESOURCE_KEY_NAME(t
->key
), &family
, &address
);
296 if (family
!= t
->scope
->family
)
299 fd
= dns_scope_tcp_socket(t
->scope
, family
, &address
, LLMNR_PORT
, NULL
);
305 return -EAFNOSUPPORT
;
311 r
= dns_stream_new(t
->scope
->manager
, &t
->stream
, t
->scope
->protocol
, fd
);
317 r
= dns_stream_write_packet(t
->stream
, t
->sent
);
319 t
->stream
= dns_stream_free(t
->stream
);
323 dns_server_unref(t
->server
);
324 t
->server
= dns_server_ref(server
);
325 t
->received
= dns_packet_unref(t
->received
);
326 t
->answer
= dns_answer_unref(t
->answer
);
328 t
->stream
->complete
= on_stream_complete
;
329 t
->stream
->transaction
= t
;
331 /* The interface index is difficult to determine if we are
332 * connecting to the local host, hence fill this in right away
333 * instead of determining it from the socket */
335 t
->stream
->ifindex
= t
->scope
->link
->ifindex
;
340 static void dns_transaction_next_dns_server(DnsTransaction
*t
) {
343 t
->server
= dns_server_unref(t
->server
);
344 t
->dns_udp_event_source
= sd_event_source_unref(t
->dns_udp_event_source
);
345 t
->dns_udp_fd
= safe_close(t
->dns_udp_fd
);
347 dns_scope_next_dns_server(t
->scope
);
350 void dns_transaction_process_reply(DnsTransaction
*t
, DnsPacket
*p
) {
356 assert(t
->state
== DNS_TRANSACTION_PENDING
);
358 assert(t
->scope
->manager
);
360 /* Note that this call might invalidate the query. Callers
361 * should hence not attempt to access the query or transaction
362 * after calling this function. */
364 switch (t
->scope
->protocol
) {
365 case DNS_PROTOCOL_LLMNR
:
366 assert(t
->scope
->link
);
368 /* For LLMNR we will not accept any packets from other
371 if (p
->ifindex
!= t
->scope
->link
->ifindex
)
374 if (p
->family
!= t
->scope
->family
)
377 /* Tentative packets are not full responses but still
378 * useful for identifying uniqueness conflicts during
380 if (DNS_PACKET_LLMNR_T(p
)) {
381 dns_transaction_tentative(t
, p
);
387 case DNS_PROTOCOL_DNS
:
391 assert_not_reached("Invalid DNS protocol.");
394 if (t
->received
!= p
) {
395 dns_packet_unref(t
->received
);
396 t
->received
= dns_packet_ref(p
);
399 t
->answer_source
= DNS_TRANSACTION_NETWORK
;
401 if (p
->ipproto
== IPPROTO_TCP
) {
402 if (DNS_PACKET_TC(p
)) {
403 /* Truncated via TCP? Somebody must be fucking with us */
404 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
408 if (DNS_PACKET_ID(p
) != t
->id
) {
409 /* Not the reply to our query? Somebody must be fucking with us */
410 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
415 assert_se(sd_event_now(t
->scope
->manager
->event
, clock_boottime_or_monotonic(), &ts
) >= 0);
417 switch (t
->scope
->protocol
) {
418 case DNS_PROTOCOL_DNS
:
421 if (IN_SET(DNS_PACKET_RCODE(p
), DNS_RCODE_FORMERR
, DNS_RCODE_SERVFAIL
, DNS_RCODE_NOTIMP
)) {
423 /* request failed, immediately try again with reduced features */
424 log_debug("Server returned error: %s", dns_rcode_to_string(DNS_PACKET_RCODE(p
)));
426 dns_server_packet_failed(t
->server
, t
->current_features
);
428 r
= dns_transaction_go(t
);
430 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
436 dns_server_packet_received(t
->server
, t
->current_features
, ts
- t
->start_usec
, p
->size
);
439 case DNS_PROTOCOL_LLMNR
:
440 case DNS_PROTOCOL_MDNS
:
441 dns_scope_packet_received(t
->scope
, ts
- t
->start_usec
);
448 if (DNS_PACKET_TC(p
)) {
449 /* Response was truncated, let's try again with good old TCP */
450 r
= dns_transaction_open_tcp(t
);
452 /* No servers found? Damn! */
453 dns_transaction_complete(t
, DNS_TRANSACTION_NO_SERVERS
);
457 /* On LLMNR, if we cannot connect to the host,
458 * we immediately give up */
459 if (t
->scope
->protocol
== DNS_PROTOCOL_LLMNR
) {
460 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
464 /* On DNS, couldn't send? Try immediately again, with a new server */
465 dns_transaction_next_dns_server(t
);
467 r
= dns_transaction_go(t
);
469 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
477 /* Parse and update the cache */
478 r
= dns_packet_extract(p
);
480 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
484 /* Only consider responses with equivalent query section to the request */
485 if (p
->question
->n_keys
!= 1 || dns_resource_key_equal(p
->question
->keys
[0], t
->key
) <= 0) {
486 dns_transaction_complete(t
, DNS_TRANSACTION_INVALID_REPLY
);
490 /* Install the answer as answer to the transaction */
491 dns_answer_unref(t
->answer
);
492 t
->answer
= dns_answer_ref(p
->answer
);
493 t
->answer_rcode
= DNS_PACKET_RCODE(p
);
494 t
->answer_authenticated
= t
->scope
->dnssec_mode
== DNSSEC_TRUST
&& DNS_PACKET_AD(p
);
496 /* According to RFC 4795, section 2.9. only the RRs from the answer section shall be cached */
497 if (DNS_PACKET_SHALL_CACHE(p
))
498 dns_cache_put(&t
->scope
->cache
,
502 DNS_PACKET_ANCOUNT(p
),
503 t
->answer_authenticated
,
508 if (DNS_PACKET_RCODE(p
) == DNS_RCODE_SUCCESS
)
509 dns_transaction_complete(t
, DNS_TRANSACTION_SUCCESS
);
511 dns_transaction_complete(t
, DNS_TRANSACTION_FAILURE
);
514 static int on_dns_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
515 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
516 DnsTransaction
*t
= userdata
;
522 r
= manager_recv(t
->scope
->manager
, fd
, DNS_PROTOCOL_DNS
, &p
);
526 if (dns_packet_validate_reply(p
) > 0 &&
527 DNS_PACKET_ID(p
) == t
->id
)
528 dns_transaction_process_reply(t
, p
);
530 log_debug("Invalid DNS packet.");
535 static int dns_transaction_emit(DnsTransaction
*t
) {
540 if (t
->scope
->protocol
== DNS_PROTOCOL_DNS
&& !t
->server
) {
541 DnsServer
*server
= NULL
;
542 _cleanup_close_
int fd
= -1;
544 fd
= dns_scope_udp_dns_socket(t
->scope
, &server
);
548 r
= sd_event_add_io(t
->scope
->manager
->event
, &t
->dns_udp_event_source
, fd
, EPOLLIN
, on_dns_packet
, t
);
554 t
->server
= dns_server_ref(server
);
557 r
= dns_scope_emit(t
->scope
, t
->dns_udp_fd
, t
->server
, t
->sent
);
562 t
->current_features
= t
->server
->possible_features
;
567 static int on_transaction_timeout(sd_event_source
*s
, usec_t usec
, void *userdata
) {
568 DnsTransaction
*t
= userdata
;
574 /* Timeout reached? Increase the timeout for the server used */
575 switch (t
->scope
->protocol
) {
576 case DNS_PROTOCOL_DNS
:
579 dns_server_packet_lost(t
->server
, t
->current_features
, usec
- t
->start_usec
);
582 case DNS_PROTOCOL_LLMNR
:
583 case DNS_PROTOCOL_MDNS
:
584 dns_scope_packet_lost(t
->scope
, usec
- t
->start_usec
);
588 assert_not_reached("Invalid DNS protocol.");
591 /* ...and try again with a new server */
592 dns_transaction_next_dns_server(t
);
594 r
= dns_transaction_go(t
);
596 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
601 static int dns_transaction_make_packet(DnsTransaction
*t
) {
602 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
610 r
= dns_packet_new_query(&p
, t
->scope
->protocol
, 0, t
->scope
->dnssec_mode
== DNSSEC_YES
);
614 r
= dns_scope_good_key(t
->scope
, t
->key
);
620 r
= dns_packet_append_key(p
, t
->key
, NULL
);
624 DNS_PACKET_HEADER(p
)->qdcount
= htobe16(1);
625 DNS_PACKET_HEADER(p
)->id
= t
->id
;
633 static usec_t
transaction_get_resend_timeout(DnsTransaction
*t
) {
637 switch (t
->scope
->protocol
) {
638 case DNS_PROTOCOL_DNS
:
641 return t
->server
->resend_timeout
;
642 case DNS_PROTOCOL_LLMNR
:
643 case DNS_PROTOCOL_MDNS
:
644 return t
->scope
->resend_timeout
;
646 assert_not_reached("Invalid DNS protocol.");
650 int dns_transaction_go(DnsTransaction
*t
) {
657 had_stream
= !!t
->stream
;
659 dns_transaction_stop(t
);
661 log_debug("Excercising transaction on scope %s on %s/%s",
662 dns_protocol_to_string(t
->scope
->protocol
),
663 t
->scope
->link
? t
->scope
->link
->name
: "*",
664 t
->scope
->family
== AF_UNSPEC
? "*" : af_to_name(t
->scope
->family
));
666 if (t
->n_attempts
>= TRANSACTION_ATTEMPTS_MAX(t
->scope
->protocol
)) {
667 dns_transaction_complete(t
, DNS_TRANSACTION_ATTEMPTS_MAX_REACHED
);
671 if (t
->scope
->protocol
== DNS_PROTOCOL_LLMNR
&& had_stream
) {
672 /* If we already tried via a stream, then we don't
673 * retry on LLMNR. See RFC 4795, Section 2.7. */
674 dns_transaction_complete(t
, DNS_TRANSACTION_ATTEMPTS_MAX_REACHED
);
678 assert_se(sd_event_now(t
->scope
->manager
->event
, clock_boottime_or_monotonic(), &ts
) >= 0);
682 t
->received
= dns_packet_unref(t
->received
);
683 t
->answer
= dns_answer_unref(t
->answer
);
685 t
->answer_source
= _DNS_TRANSACTION_SOURCE_INVALID
;
687 /* Check the trust anchor. Do so only on classic DNS, since DNSSEC does not apply otherwise. */
688 if (t
->scope
->protocol
== DNS_PROTOCOL_DNS
) {
689 r
= dns_trust_anchor_lookup(&t
->scope
->manager
->trust_anchor
, t
->key
, &t
->answer
);
693 t
->answer_rcode
= DNS_RCODE_SUCCESS
;
694 t
->answer_source
= DNS_TRANSACTION_TRUST_ANCHOR
;
695 t
->answer_authenticated
= true;
696 dns_transaction_complete(t
, DNS_TRANSACTION_SUCCESS
);
701 /* Check the zone, but only if this transaction is not used
702 * for probing or verifying a zone item. */
703 if (set_isempty(t
->zone_items
)) {
705 r
= dns_zone_lookup(&t
->scope
->zone
, t
->key
, &t
->answer
, NULL
, NULL
);
709 t
->answer_rcode
= DNS_RCODE_SUCCESS
;
710 t
->answer_source
= DNS_TRANSACTION_ZONE
;
711 t
->answer_authenticated
= true;
712 dns_transaction_complete(t
, DNS_TRANSACTION_SUCCESS
);
717 /* Check the cache, but only if this transaction is not used
718 * for probing or verifying a zone item. */
719 if (set_isempty(t
->zone_items
)) {
721 /* Before trying the cache, let's make sure we figured out a
722 * server to use. Should this cause a change of server this
723 * might flush the cache. */
724 dns_scope_get_dns_server(t
->scope
);
726 /* Let's then prune all outdated entries */
727 dns_cache_prune(&t
->scope
->cache
);
729 r
= dns_cache_lookup(&t
->scope
->cache
, t
->key
, &t
->answer_rcode
, &t
->answer
, &t
->answer_authenticated
);
733 t
->answer_source
= DNS_TRANSACTION_CACHE
;
734 if (t
->answer_rcode
== DNS_RCODE_SUCCESS
)
735 dns_transaction_complete(t
, DNS_TRANSACTION_SUCCESS
);
737 dns_transaction_complete(t
, DNS_TRANSACTION_FAILURE
);
742 if (t
->scope
->protocol
== DNS_PROTOCOL_LLMNR
&& !t
->initial_jitter
) {
745 /* RFC 4795 Section 2.7 suggests all queries should be
746 * delayed by a random time from 0 to JITTER_INTERVAL. */
748 t
->initial_jitter
= true;
750 random_bytes(&jitter
, sizeof(jitter
));
751 jitter
%= LLMNR_JITTER_INTERVAL_USEC
;
753 r
= sd_event_add_time(
754 t
->scope
->manager
->event
,
755 &t
->timeout_event_source
,
756 clock_boottime_or_monotonic(),
758 LLMNR_JITTER_INTERVAL_USEC
,
759 on_transaction_timeout
, t
);
764 t
->state
= DNS_TRANSACTION_PENDING
;
766 log_debug("Delaying LLMNR transaction for " USEC_FMT
"us.", jitter
);
770 /* Otherwise, we need to ask the network */
771 r
= dns_transaction_make_packet(t
);
773 /* Not the right request to make on this network?
774 * (i.e. an A request made on IPv6 or an AAAA request
775 * made on IPv4, on LLMNR or mDNS.) */
776 dns_transaction_complete(t
, DNS_TRANSACTION_NO_SERVERS
);
782 if (t
->scope
->protocol
== DNS_PROTOCOL_LLMNR
&&
783 (dns_name_endswith(DNS_RESOURCE_KEY_NAME(t
->key
), "in-addr.arpa") > 0 ||
784 dns_name_endswith(DNS_RESOURCE_KEY_NAME(t
->key
), "ip6.arpa") > 0)) {
786 /* RFC 4795, Section 2.4. says reverse lookups shall
787 * always be made via TCP on LLMNR */
788 r
= dns_transaction_open_tcp(t
);
790 /* Try via UDP, and if that fails due to large size or lack of
791 * support try via TCP */
792 r
= dns_transaction_emit(t
);
793 if (r
== -EMSGSIZE
|| r
== -EAGAIN
)
794 r
= dns_transaction_open_tcp(t
);
798 /* No servers to send this to? */
799 dns_transaction_complete(t
, DNS_TRANSACTION_NO_SERVERS
);
802 if (t
->scope
->protocol
!= DNS_PROTOCOL_DNS
) {
803 dns_transaction_complete(t
, DNS_TRANSACTION_RESOURCES
);
807 /* Couldn't send? Try immediately again, with a new server */
808 dns_transaction_next_dns_server(t
);
810 return dns_transaction_go(t
);
813 r
= sd_event_add_time(
814 t
->scope
->manager
->event
,
815 &t
->timeout_event_source
,
816 clock_boottime_or_monotonic(),
817 ts
+ transaction_get_resend_timeout(t
), 0,
818 on_transaction_timeout
, t
);
822 t
->state
= DNS_TRANSACTION_PENDING
;
826 static const char* const dns_transaction_state_table
[_DNS_TRANSACTION_STATE_MAX
] = {
827 [DNS_TRANSACTION_NULL
] = "null",
828 [DNS_TRANSACTION_PENDING
] = "pending",
829 [DNS_TRANSACTION_FAILURE
] = "failure",
830 [DNS_TRANSACTION_SUCCESS
] = "success",
831 [DNS_TRANSACTION_NO_SERVERS
] = "no-servers",
832 [DNS_TRANSACTION_TIMEOUT
] = "timeout",
833 [DNS_TRANSACTION_ATTEMPTS_MAX_REACHED
] = "attempts-max-reached",
834 [DNS_TRANSACTION_INVALID_REPLY
] = "invalid-reply",
835 [DNS_TRANSACTION_RESOURCES
] = "resources",
836 [DNS_TRANSACTION_ABORTED
] = "aborted",
838 DEFINE_STRING_TABLE_LOOKUP(dns_transaction_state
, DnsTransactionState
);
840 static const char* const dns_transaction_source_table
[_DNS_TRANSACTION_SOURCE_MAX
] = {
841 [DNS_TRANSACTION_NETWORK
] = "network",
842 [DNS_TRANSACTION_CACHE
] = "cache",
843 [DNS_TRANSACTION_ZONE
] = "zone",
844 [DNS_TRANSACTION_TRUST_ANCHOR
] = "trust-anchor",
846 DEFINE_STRING_TABLE_LOOKUP(dns_transaction_source
, DnsTransactionSource
);