/* SPDX-License-Identifier: LGPL-2.1+ */
-/***
- This file is part of systemd.
-
- Copyright 2014 Zbigniew Jędrzejewski-Szmek
-***/
#include <getopt.h>
#include <net/if.h>
#include "verbs.h"
static int arg_family = AF_UNSPEC;
-int arg_ifindex = 0;
-const char *arg_ifname = NULL;
+static int arg_ifindex = 0;
+static char *arg_ifname = NULL;
static uint16_t arg_type = 0;
static uint16_t arg_class = 0;
static bool arg_legend = true;
char **arg_set_domain = NULL;
static const char *arg_set_llmnr = NULL;
static const char *arg_set_mdns = NULL;
+static const char *arg_set_dns_over_tls = NULL;
static const char *arg_set_dnssec = NULL;
static char **arg_set_nta = NULL;
STATUS_DOMAIN,
STATUS_LLMNR,
STATUS_MDNS,
+ STATUS_PRIVATE,
STATUS_DNSSEC,
STATUS_NTA,
} StatusMode;
-static int parse_ifindex_with_warn(const char *s) {
+static int parse_ifindex_and_warn(const char *s) {
int ifi;
assert(s);
if (parse_ifindex(s, &ifi) < 0) {
ifi = if_nametoindex(s);
if (ifi <= 0)
- return log_error_errno(errno, "Unknown interface %s: %m", s);
+ return log_error_errno(errno, "Unknown interface '%s': %m", s);
}
return ifi;
}
+int ifname_mangle(const char *s, bool allow_loopback) {
+ _cleanup_free_ char *iface = NULL;
+ const char *dot;
+ int r;
+
+ assert(s);
+
+ if (arg_ifname) {
+ assert(arg_ifindex >= 0);
+
+ if (!allow_loopback && arg_ifindex == LOOPBACK_IFINDEX) {
+ log_error("Interface can't be the loopback interface (lo). Sorry.");
+ return -EINVAL;
+ }
+
+ return 1;
+ }
+
+ dot = strchr(s, '.');
+ if (dot) {
+ iface = strndup(s, dot - s);
+ if (!iface)
+ return log_oom();
+
+ log_debug("Ignoring protocol specifier '%s'.", dot + 1);
+ } else {
+ iface = strdup(s);
+ if (!iface)
+ return log_oom();
+ }
+
+ if (parse_ifindex(iface, &r) < 0) {
+ r = if_nametoindex(iface);
+ if (r <= 0) {
+ if (errno == ENODEV && arg_ifindex_permissive) {
+ log_debug("Interface '%s' not found, but -f specified, ignoring.", iface);
+ return 0; /* done */
+ }
+
+ return log_error_errno(errno, "Unknown interface '%s': %m", iface);
+ }
+ }
+
+ if (!allow_loopback && r == LOOPBACK_IFINDEX) {
+ log_error("Interface can't be the loopback interface (lo). Sorry.");
+ return -EINVAL;
+ }
+
+ arg_ifindex = r;
+ arg_ifname = TAKE_PTR(iface);
+
+ return 1;
+}
+
static void print_source(uint64_t flags, usec_t rtt) {
char rtt_str[FORMAT_TIMESTAMP_MAX];
_cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL, *reply = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
const char *canonical = NULL;
- char ifname[IF_NAMESIZE] = "";
unsigned c = 0;
- int r;
uint64_t flags;
usec_t ts;
+ int r;
assert(name);
- if (arg_ifindex > 0 && !if_indextoname(arg_ifindex, ifname))
- return log_error_errno(errno, "Failed to resolve interface name for index %i: %m", arg_ifindex);
-
- log_debug("Resolving %s (family %s, interface %s).", name, af_to_name(arg_family) ?: "*", isempty(ifname) ? "*" : ifname);
+ log_debug("Resolving %s (family %s, interface %s).", name, af_to_name(arg_family) ?: "*", isempty(arg_ifname) ? "*" : arg_ifname);
r = sd_bus_message_new_method_call(
bus,
while ((r = sd_bus_message_enter_container(reply, 'r', "iiay")) > 0) {
_cleanup_free_ char *pretty = NULL;
+ char ifname[IF_NAMESIZE] = "";
int ifindex, family;
const void *a;
size_t sz;
return -EINVAL;
}
- ifname[0] = 0;
if (ifindex > 0 && !if_indextoname(ifindex, ifname))
log_warning_errno(errno, "Failed to resolve interface name for index %i: %m", ifindex);
ts = now(CLOCK_MONOTONIC);
r = sd_bus_call(bus, req, SD_RESOLVED_QUERY_TIMEOUT_USEC, &error, &reply);
- if (r < 0) {
- log_error("%s: resolve call failed: %s", pretty, bus_error_message(&error, r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "%s: resolve call failed: %s", pretty, bus_error_message(&error, r));
ts = now(CLOCK_MONOTONIC) - ts;
static int resolve_record(sd_bus *bus, const char *name, uint16_t class, uint16_t type, bool warn_missing) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL, *reply = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- char ifname[IF_NAMESIZE] = "";
unsigned n = 0;
uint64_t flags;
int r;
assert(name);
- if (arg_ifindex > 0 && !if_indextoname(arg_ifindex, ifname))
- return log_error_errno(errno, "Failed to resolve interface name for index %i: %m", arg_ifindex);
-
- log_debug("Resolving %s %s %s (interface %s).", name, dns_class_to_string(class), dns_type_to_string(type), isempty(ifname) ? "*" : ifname);
+ log_debug("Resolving %s %s %s (interface %s).", name, dns_class_to_string(class), dns_type_to_string(type), isempty(arg_ifname) ? "*" : arg_ifname);
r = sd_bus_message_new_method_call(
bus,
const char *canonical_name, *canonical_type, *canonical_domain;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL, *reply = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- char ifname[IF_NAMESIZE] = "";
size_t indent, sz;
uint64_t flags;
const char *p;
name = empty_to_null(name);
type = empty_to_null(type);
- if (arg_ifindex > 0 && !if_indextoname(arg_ifindex, ifname))
- return log_error_errno(errno, "Failed to resolve interface name for index %i: %m", arg_ifindex);
-
if (name)
- log_debug("Resolving service \"%s\" of type %s in %s (family %s, interface %s).", name, type, domain, af_to_name(arg_family) ?: "*", isempty(ifname) ? "*" : ifname);
+ log_debug("Resolving service \"%s\" of type %s in %s (family %s, interface %s).", name, type, domain, af_to_name(arg_family) ?: "*", isempty(arg_ifname) ? "*" : arg_ifname);
else if (type)
- log_debug("Resolving service type %s of %s (family %s, interface %s).", type, domain, af_to_name(arg_family) ?: "*", isempty(ifname) ? "*" : ifname);
+ log_debug("Resolving service type %s of %s (family %s, interface %s).", type, domain, af_to_name(arg_family) ?: "*", isempty(arg_ifname) ? "*" : arg_ifname);
else
- log_debug("Resolving service type %s (family %s, interface %s).", domain, af_to_name(arg_family) ?: "*", isempty(ifname) ? "*" : ifname);
+ log_debug("Resolving service type %s (family %s, interface %s).", domain, af_to_name(arg_family) ?: "*", isempty(arg_ifname) ? "*" : arg_ifname);
r = sd_bus_message_new_method_call(
bus,
while ((r = sd_bus_message_enter_container(reply, 'r', "iiay")) > 0) {
_cleanup_free_ char *pretty = NULL;
+ char ifname[IF_NAMESIZE] = "";
int ifindex, family;
const void *a;
return -EINVAL;
}
- ifname[0] = 0;
if (ifindex > 0 && !if_indextoname(ifindex, ifname))
log_warning_errno(errno, "Failed to resolve interface name for index %i: %m", ifindex);
arg_type ?: DNS_TYPE_OPENPGPKEY, false);
if (IN_SET(r, -ENXIO, -ESRCH)) { /* NXDOMAIN or NODATA? */
- hashed = NULL;
+ hashed = mfree(hashed);
r = string_hashsum_sha224(address, domain - 1 - address, &hashed);
if (r < 0)
return log_error_errno(r, "Hashing failed: %m");
return 0;
}
-static int status_ifindex(sd_bus *bus, int ifindex, const char *name, StatusMode mode, bool *empty_line) {
-
- struct link_info {
- uint64_t scopes_mask;
- const char *llmnr;
- const char *mdns;
- const char *dnssec;
- char *current_dns;
- char **dns;
- char **domains;
- char **ntas;
- bool dnssec_supported;
- } link_info = {};
+struct link_info {
+ uint64_t scopes_mask;
+ const char *llmnr;
+ const char *mdns;
+ const char *dns_over_tls;
+ const char *dnssec;
+ char *current_dns;
+ char **dns;
+ char **domains;
+ char **ntas;
+ bool dnssec_supported;
+};
+
+static void link_info_clear(struct link_info *p) {
+ free(p->current_dns);
+ strv_free(p->dns);
+ strv_free(p->domains);
+ strv_free(p->ntas);
+}
+static int status_ifindex(sd_bus *bus, int ifindex, const char *name, StatusMode mode, bool *empty_line) {
static const struct bus_properties_map property_map[] = {
{ "ScopesMask", "t", NULL, offsetof(struct link_info, scopes_mask) },
{ "DNS", "a(iay)", map_link_dns_servers, offsetof(struct link_info, dns) },
{ "Domains", "a(sb)", map_link_domains, offsetof(struct link_info, domains) },
{ "LLMNR", "s", NULL, offsetof(struct link_info, llmnr) },
{ "MulticastDNS", "s", NULL, offsetof(struct link_info, mdns) },
+ { "DNSOverTLS", "s", NULL, offsetof(struct link_info, dns_over_tls) },
{ "DNSSEC", "s", NULL, offsetof(struct link_info, dnssec) },
{ "DNSSECNegativeTrustAnchors", "as", NULL, offsetof(struct link_info, ntas) },
{ "DNSSECSupported", "b", NULL, offsetof(struct link_info, dnssec_supported) },
{}
};
-
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
+ _cleanup_(link_info_clear) struct link_info link_info = {};
_cleanup_free_ char *ifi = NULL, *p = NULL;
char ifname[IF_NAMESIZE] = "";
char **i;
&error,
&m,
&link_info);
- if (r < 0) {
- log_error_errno(r, "Failed to get link data for %i: %s", ifindex, bus_error_message(&error, r));
- goto finish;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to get link data for %i: %s", ifindex, bus_error_message(&error, r));
(void) pager_open(arg_no_pager, false);
- if (mode == STATUS_DNS) {
- r = status_print_strv_ifindex(ifindex, name, link_info.dns);
- goto finish;
- }
+ if (mode == STATUS_DNS)
+ return status_print_strv_ifindex(ifindex, name, link_info.dns);
- if (mode == STATUS_DOMAIN) {
- r = status_print_strv_ifindex(ifindex, name, link_info.domains);
- goto finish;
- }
+ if (mode == STATUS_DOMAIN)
+ return status_print_strv_ifindex(ifindex, name, link_info.domains);
- if (mode == STATUS_NTA) {
- r = status_print_strv_ifindex(ifindex, name, link_info.ntas);
- goto finish;
- }
+ if (mode == STATUS_NTA)
+ return status_print_strv_ifindex(ifindex, name, link_info.ntas);
if (mode == STATUS_LLMNR) {
printf("%sLink %i (%s)%s: %s\n",
ansi_highlight(), ifindex, name, ansi_normal(),
strna(link_info.llmnr));
- r = 0;
- goto finish;
+ return 0;
}
if (mode == STATUS_MDNS) {
ansi_highlight(), ifindex, name, ansi_normal(),
strna(link_info.mdns));
- r = 0;
- goto finish;
+ return 0;
+ }
+
+ if (mode == STATUS_PRIVATE) {
+ printf("%sLink %i (%s)%s: %s\n",
+ ansi_highlight(), ifindex, name, ansi_normal(),
+ strna(link_info.dns_over_tls));
+
+ return 0;
}
if (mode == STATUS_DNSSEC) {
ansi_highlight(), ifindex, name, ansi_normal(),
strna(link_info.dnssec));
- r = 0;
- goto finish;
+ return 0;
}
if (empty_line && *empty_line)
printf(" LLMNR setting: %s\n"
"MulticastDNS setting: %s\n"
+ " DNSOverTLS setting: %s\n"
" DNSSEC setting: %s\n"
" DNSSEC supported: %s\n",
strna(link_info.llmnr),
strna(link_info.mdns),
+ strna(link_info.dns_over_tls),
strna(link_info.dnssec),
yes_no(link_info.dnssec_supported));
if (empty_line)
*empty_line = true;
- r = 0;
-
-finish:
- free(link_info.current_dns);
- strv_free(link_info.dns);
- strv_free(link_info.domains);
- strv_free(link_info.ntas);
- return r;
+ return 0;
}
static int map_global_dns_servers(sd_bus *bus, const char *member, sd_bus_message *m, sd_bus_error *error, void *userdata) {
return 0;
}
-static int status_global(sd_bus *bus, StatusMode mode, bool *empty_line) {
-
- struct global_info {
- char *current_dns;
- char **dns;
- char **fallback_dns;
- char **domains;
- char **ntas;
- const char *llmnr;
- const char *mdns;
- const char *dnssec;
- bool dnssec_supported;
- } global_info = {};
+struct global_info {
+ char *current_dns;
+ char **dns;
+ char **fallback_dns;
+ char **domains;
+ char **ntas;
+ const char *llmnr;
+ const char *mdns;
+ const char *dns_over_tls;
+ const char *dnssec;
+ bool dnssec_supported;
+};
+
+static void global_info_clear(struct global_info *p) {
+ free(p->current_dns);
+ strv_free(p->dns);
+ strv_free(p->fallback_dns);
+ strv_free(p->domains);
+ strv_free(p->ntas);
+}
+static int status_global(sd_bus *bus, StatusMode mode, bool *empty_line) {
static const struct bus_properties_map property_map[] = {
{ "DNS", "a(iiay)", map_global_dns_servers, offsetof(struct global_info, dns) },
{ "FallbackDNS", "a(iiay)", map_global_dns_servers, offsetof(struct global_info, fallback_dns) },
{ "DNSSECNegativeTrustAnchors", "as", NULL, offsetof(struct global_info, ntas) },
{ "LLMNR", "s", NULL, offsetof(struct global_info, llmnr) },
{ "MulticastDNS", "s", NULL, offsetof(struct global_info, mdns) },
+ { "DNSOverTLS", "s", NULL, offsetof(struct global_info, dns_over_tls) },
{ "DNSSEC", "s", NULL, offsetof(struct global_info, dnssec) },
{ "DNSSECSupported", "b", NULL, offsetof(struct global_info, dnssec_supported) },
{}
};
-
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
+ _cleanup_(global_info_clear) struct global_info global_info = {};
char **i;
int r;
&error,
&m,
&global_info);
- if (r < 0) {
- log_error_errno(r, "Failed to get global data: %s", bus_error_message(&error, r));
- goto finish;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to get global data: %s", bus_error_message(&error, r));
(void) pager_open(arg_no_pager, false);
- if (mode == STATUS_DNS) {
- r = status_print_strv_global(global_info.dns);
- goto finish;
- }
+ if (mode == STATUS_DNS)
+ return status_print_strv_global(global_info.dns);
- if (mode == STATUS_DOMAIN) {
- r = status_print_strv_global(global_info.domains);
- goto finish;
- }
+ if (mode == STATUS_DOMAIN)
+ return status_print_strv_global(global_info.domains);
- if (mode == STATUS_NTA) {
- r = status_print_strv_global(global_info.ntas);
- goto finish;
- }
+ if (mode == STATUS_NTA)
+ return status_print_strv_global(global_info.ntas);
if (mode == STATUS_LLMNR) {
printf("%sGlobal%s: %s\n", ansi_highlight(), ansi_normal(),
strna(global_info.llmnr));
- r = 0;
- goto finish;
+ return 0;
}
if (mode == STATUS_MDNS) {
printf("%sGlobal%s: %s\n", ansi_highlight(), ansi_normal(),
strna(global_info.mdns));
- r = 0;
- goto finish;
+ return 0;
+ }
+
+ if (mode == STATUS_PRIVATE) {
+ printf("%sGlobal%s: %s\n", ansi_highlight(), ansi_normal(),
+ strna(global_info.dns_over_tls));
+
+ return 0;
}
if (mode == STATUS_DNSSEC) {
printf("%sGlobal%s: %s\n", ansi_highlight(), ansi_normal(),
strna(global_info.dnssec));
- r = 0;
- goto finish;
+ return 0;
}
printf("%sGlobal%s\n", ansi_highlight(), ansi_normal());
printf(" LLMNR setting: %s\n"
"MulticastDNS setting: %s\n"
+ " DNSOverTLS setting: %s\n"
" DNSSEC setting: %s\n"
" DNSSEC supported: %s\n",
strna(global_info.llmnr),
strna(global_info.mdns),
+ strna(global_info.dns_over_tls),
strna(global_info.dnssec),
yes_no(global_info.dnssec_supported));
*empty_line = true;
- r = 0;
-
-finish:
- free(global_info.current_dns);
- strv_free(global_info.dns);
- strv_free(global_info.fallback_dns);
- strv_free(global_info.domains);
- strv_free(global_info.ntas);
-
- return r;
+ return 0;
}
static int status_all(sd_bus *bus, StatusMode mode) {
STRV_FOREACH(ifname, argv + 1) {
int ifindex;
- ifindex = parse_ifindex_with_warn(*ifname);
+ ifindex = parse_ifindex_and_warn(*ifname);
if (ifindex < 0)
continue;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL;
sd_bus *bus = userdata;
- int ifindex, r;
char **p;
+ int r;
assert(bus);
if (argc <= 1)
return status_all(bus, STATUS_DNS);
- ifindex = parse_ifindex_with_warn(argv[1]);
- if (ifindex < 0)
- return ifindex;
-
- if (ifindex == LOOPBACK_IFINDEX) {
- log_error("Interface can't be the loopback interface (lo). Sorry.");
- return -EINVAL;
- }
+ r = ifname_mangle(argv[1], false);
+ if (r < 0)
+ return r;
if (argc == 2)
- return status_ifindex(bus, ifindex, NULL, STATUS_DNS, NULL);
+ return status_ifindex(bus, arg_ifindex, NULL, STATUS_DNS, NULL);
r = sd_bus_message_new_method_call(
bus,
if (r < 0)
return bus_log_create_error(r);
- r = sd_bus_message_append(req, "i", ifindex);
+ r = sd_bus_message_append(req, "i", arg_ifindex);
if (r < 0)
return bus_log_create_error(r);
if (r < 0)
return bus_log_create_error(r);
- STRV_FOREACH(p, argv + 2) {
- struct in_addr_data data;
+ /* If only argument is the empty string, then call SetLinkDNS() with an
+ * empty list, which will clear the list of domains for an interface. */
+ if (!strv_equal(argv + 2, STRV_MAKE(""))) {
+ STRV_FOREACH(p, argv + 2) {
+ struct in_addr_data data;
- r = in_addr_from_string_auto(*p, &data.family, &data.address);
- if (r < 0)
- return log_error_errno(r, "Failed to parse DNS server address: %s", *p);
+ r = in_addr_from_string_auto(*p, &data.family, &data.address);
+ if (r < 0)
+ return log_error_errno(r, "Failed to parse DNS server address: %s", *p);
- r = sd_bus_message_open_container(req, 'r', "iay");
- if (r < 0)
- return bus_log_create_error(r);
+ r = sd_bus_message_open_container(req, 'r', "iay");
+ if (r < 0)
+ return bus_log_create_error(r);
- r = sd_bus_message_append(req, "i", data.family);
- if (r < 0)
- return bus_log_create_error(r);
+ r = sd_bus_message_append(req, "i", data.family);
+ if (r < 0)
+ return bus_log_create_error(r);
- r = sd_bus_message_append_array(req, 'y', &data.address, FAMILY_ADDRESS_SIZE(data.family));
- if (r < 0)
- return bus_log_create_error(r);
+ r = sd_bus_message_append_array(req, 'y', &data.address, FAMILY_ADDRESS_SIZE(data.family));
+ if (r < 0)
+ return bus_log_create_error(r);
- r = sd_bus_message_close_container(req);
- if (r < 0)
- return bus_log_create_error(r);
+ r = sd_bus_message_close_container(req);
+ if (r < 0)
+ return bus_log_create_error(r);
+ }
}
r = sd_bus_message_close_container(req);
r = sd_bus_call(bus, req, 0, &error, NULL);
if (r < 0) {
if (sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY))
- return log_interface_is_managed(r, ifindex);
+ return log_interface_is_managed(r, arg_ifindex);
if (arg_ifindex_permissive &&
sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_LINK))
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL;
sd_bus *bus = userdata;
- int ifindex, r;
char **p;
+ int r;
assert(bus);
if (argc <= 1)
return status_all(bus, STATUS_DOMAIN);
- ifindex = parse_ifindex_with_warn(argv[1]);
- if (ifindex < 0)
- return ifindex;
-
- if (ifindex == LOOPBACK_IFINDEX) {
- log_error("Interface can't be the loopback interface (lo). Sorry.");
- return -EINVAL;
- }
+ r = ifname_mangle(argv[1], false);
+ if (r < 0)
+ return r;
if (argc == 2)
- return status_ifindex(bus, ifindex, NULL, STATUS_DOMAIN, NULL);
+ return status_ifindex(bus, arg_ifindex, NULL, STATUS_DOMAIN, NULL);
r = sd_bus_message_new_method_call(
bus,
if (r < 0)
return bus_log_create_error(r);
- r = sd_bus_message_append(req, "i", ifindex);
+ r = sd_bus_message_append(req, "i", arg_ifindex);
if (r < 0)
return bus_log_create_error(r);
if (r < 0)
return bus_log_create_error(r);
- STRV_FOREACH(p, argv + 2) {
- const char *n;
+ /* If only argument is the empty string, then call SetLinkDomains() with an
+ * empty list, which will clear the list of domains for an interface. */
+ if (!strv_equal(argv + 2, STRV_MAKE(""))) {
+ STRV_FOREACH(p, argv + 2) {
+ const char *n;
- n = **p == '~' ? *p + 1 : *p;
+ n = **p == '~' ? *p + 1 : *p;
- r = dns_name_is_valid(n);
- if (r < 0)
- return log_error_errno(r, "Failed to validate specified domain %s: %m", n);
- if (r == 0) {
- log_error("Domain not valid: %s", n);
- return -EINVAL;
- }
+ r = dns_name_is_valid(n);
+ if (r < 0)
+ return log_error_errno(r, "Failed to validate specified domain %s: %m", n);
+ if (r == 0) {
+ log_error("Domain not valid: %s", n);
+ return -EINVAL;
+ }
- r = sd_bus_message_append(req, "(sb)", n, **p == '~');
- if (r < 0)
- return bus_log_create_error(r);
+ r = sd_bus_message_append(req, "(sb)", n, **p == '~');
+ if (r < 0)
+ return bus_log_create_error(r);
+ }
}
r = sd_bus_message_close_container(req);
r = sd_bus_call(bus, req, 0, &error, NULL);
if (r < 0) {
if (sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY))
- return log_interface_is_managed(r, ifindex);
+ return log_interface_is_managed(r, arg_ifindex);
if (arg_ifindex_permissive &&
sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_LINK))
static int verb_llmnr(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = userdata;
- int ifindex, r;
+ int r;
assert(bus);
if (argc <= 1)
return status_all(bus, STATUS_LLMNR);
- ifindex = parse_ifindex_with_warn(argv[1]);
- if (ifindex < 0)
- return ifindex;
-
- if (ifindex == LOOPBACK_IFINDEX) {
- log_error("Interface can't be the loopback interface (lo). Sorry.");
- return -EINVAL;
- }
+ r = ifname_mangle(argv[1], false);
+ if (r < 0)
+ return r;
if (argc == 2)
- return status_ifindex(bus, ifindex, NULL, STATUS_LLMNR, NULL);
+ return status_ifindex(bus, arg_ifindex, NULL, STATUS_LLMNR, NULL);
r = sd_bus_call_method(bus,
"org.freedesktop.resolve1",
"SetLinkLLMNR",
&error,
NULL,
- "is", ifindex, argv[2]);
+ "is", arg_ifindex, argv[2]);
if (r < 0) {
if (sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY))
- return log_interface_is_managed(r, ifindex);
+ return log_interface_is_managed(r, arg_ifindex);
if (arg_ifindex_permissive &&
sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_LINK))
static int verb_mdns(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = userdata;
- int ifindex, r;
+ int r;
assert(bus);
if (argc <= 1)
return status_all(bus, STATUS_MDNS);
- ifindex = parse_ifindex_with_warn(argv[1]);
- if (ifindex < 0)
- return ifindex;
-
- if (ifindex == LOOPBACK_IFINDEX) {
- log_error("Interface can't be the loopback interface (lo). Sorry.");
- return -EINVAL;
- }
+ r = ifname_mangle(argv[1], false);
+ if (r < 0)
+ return r;
if (argc == 2)
- return status_ifindex(bus, ifindex, NULL, STATUS_MDNS, NULL);
+ return status_ifindex(bus, arg_ifindex, NULL, STATUS_MDNS, NULL);
r = sd_bus_call_method(bus,
"org.freedesktop.resolve1",
"SetLinkMulticastDNS",
&error,
NULL,
- "is", ifindex, argv[2]);
+ "is", arg_ifindex, argv[2]);
if (r < 0) {
if (sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY))
- return log_interface_is_managed(r, ifindex);
+ return log_interface_is_managed(r, arg_ifindex);
if (arg_ifindex_permissive &&
sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_LINK))
return 0;
}
-static int verb_dnssec(int argc, char **argv, void *userdata) {
+static int verb_dns_over_tls(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = userdata;
- int ifindex, r;
+ int r;
assert(bus);
if (argc <= 1)
- return status_all(bus, STATUS_DNSSEC);
+ return status_all(bus, STATUS_PRIVATE);
- ifindex = parse_ifindex_with_warn(argv[1]);
- if (ifindex < 0)
- return ifindex;
+ r = ifname_mangle(argv[1], false);
+ if (r < 0)
+ return r;
- if (ifindex == LOOPBACK_IFINDEX) {
- log_error("Interface can't be the loopback interface (lo). Sorry.");
- return -EINVAL;
+ if (argc == 2)
+ return status_ifindex(bus, arg_ifindex, NULL, STATUS_PRIVATE, NULL);
+
+ r = sd_bus_call_method(bus,
+ "org.freedesktop.resolve1",
+ "/org/freedesktop/resolve1",
+ "org.freedesktop.resolve1.Manager",
+ "SetLinkDNSOverTLS",
+ &error,
+ NULL,
+ "is", arg_ifindex, argv[2]);
+ if (r < 0) {
+ if (sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY))
+ return log_interface_is_managed(r, arg_ifindex);
+
+ if (arg_ifindex_permissive &&
+ sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_LINK))
+ return 0;
+
+ return log_error_errno(r, "Failed to set DNSOverTLS configuration: %s", bus_error_message(&error, r));
}
+ return 0;
+}
+
+static int verb_dnssec(int argc, char **argv, void *userdata) {
+ _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
+ sd_bus *bus = userdata;
+ int r;
+
+ assert(bus);
+
+ if (argc <= 1)
+ return status_all(bus, STATUS_DNSSEC);
+
+ r = ifname_mangle(argv[1], false);
+ if (r < 0)
+ return r;
+
if (argc == 2)
- return status_ifindex(bus, ifindex, NULL, STATUS_DNSSEC, NULL);
+ return status_ifindex(bus, arg_ifindex, NULL, STATUS_DNSSEC, NULL);
r = sd_bus_call_method(bus,
"org.freedesktop.resolve1",
"SetLinkDNSSEC",
&error,
NULL,
- "is", ifindex, argv[2]);
+ "is", arg_ifindex, argv[2]);
if (r < 0) {
if (sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY))
- return log_interface_is_managed(r, ifindex);
+ return log_interface_is_managed(r, arg_ifindex);
if (arg_ifindex_permissive &&
sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_LINK))
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL;
sd_bus *bus = userdata;
- int ifindex, i, r;
+ char **p;
+ int r;
+ bool clear;
assert(bus);
if (argc <= 1)
return status_all(bus, STATUS_NTA);
- ifindex = parse_ifindex_with_warn(argv[1]);
- if (ifindex < 0)
- return ifindex;
-
- if (ifindex == LOOPBACK_IFINDEX) {
- log_error("Interface can't be the loopback interface (lo). Sorry.");
- return -EINVAL;
- }
+ r = ifname_mangle(argv[1], false);
+ if (r < 0)
+ return r;
if (argc == 2)
- return status_ifindex(bus, ifindex, NULL, STATUS_NTA, NULL);
+ return status_ifindex(bus, arg_ifindex, NULL, STATUS_NTA, NULL);
- for (i = 2; i < argc; i++) {
- r = dns_name_is_valid(argv[i]);
- if (r < 0)
- return log_error_errno(r, "Failed to validate specified domain %s: %m", argv[i]);
- if (r == 0) {
- log_error("Domain not valid: %s", argv[i]);
- return -EINVAL;
+ /* If only argument is the empty string, then call SetLinkDNSSECNegativeTrustAnchors()
+ * with an empty list, which will clear the list of domains for an interface. */
+ clear = strv_equal(argv + 2, STRV_MAKE(""));
+
+ if (!clear)
+ STRV_FOREACH(p, argv + 2) {
+ r = dns_name_is_valid(*p);
+ if (r < 0)
+ return log_error_errno(r, "Failed to validate specified domain %s: %m", *p);
+ if (r == 0) {
+ log_error("Domain not valid: %s", *p);
+ return -EINVAL;
+ }
}
- }
r = sd_bus_message_new_method_call(
bus,
if (r < 0)
return bus_log_create_error(r);
- r = sd_bus_message_append(req, "i", ifindex);
+ r = sd_bus_message_append(req, "i", arg_ifindex);
if (r < 0)
return bus_log_create_error(r);
- r = sd_bus_message_append_strv(req, argv + 2);
+ r = sd_bus_message_append_strv(req, clear ? NULL : argv + 2);
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_call(bus, req, 0, &error, NULL);
if (r < 0) {
if (sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY))
- return log_interface_is_managed(r, ifindex);
+ return log_interface_is_managed(r, arg_ifindex);
if (arg_ifindex_permissive &&
sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_LINK))
static int verb_revert_link(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = userdata;
- int ifindex, r;
+ int r;
assert(bus);
- ifindex = parse_ifindex_with_warn(argv[1]);
- if (ifindex < 0)
- return ifindex;
-
- if (ifindex == LOOPBACK_IFINDEX) {
- log_error("Interface can't be the loopback interface (lo). Sorry.");
- return -EINVAL;
- }
+ r = ifname_mangle(argv[1], false);
+ if (r < 0)
+ return r;
r = sd_bus_call_method(bus,
"org.freedesktop.resolve1",
"RevertLink",
&error,
NULL,
- "i", ifindex);
+ "i", arg_ifindex);
if (r < 0) {
if (arg_ifindex_permissive &&
sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_LINK))
" --set-domain=DOMAIN Set per-interface search domain\n"
" --set-llmnr=MODE Set per-interface LLMNR mode\n"
" --set-mdns=MODE Set per-interface MulticastDNS mode\n"
+ " --set-dnsovertls=MODE Set per-interface DNS-over-TLS mode\n"
" --set-dnssec=MODE Set per-interface DNSSEC mode\n"
" --set-nta=DOMAIN Set per-interface DNSSEC NTA\n"
" --revert Revert per-interface configuration\n"
" domain [LINK [DOMAIN...]] Get/set per-interface search domain\n"
" llmnr [LINK [MODE]] Get/set per-interface LLMNR mode\n"
" mdns [LINK [MODE]] Get/set per-interface MulticastDNS mode\n"
+ " dnsovertls [LINK [MODE]] Get/set per-interface DNS-over-TLS mode\n"
" dnssec [LINK [MODE]] Get/set per-interface DNSSEC mode\n"
" nta [LINK [DOMAIN...]] Get/set per-interface DNSSEC NTA\n"
" revert LINK Revert per-interface configuration\n"
ARG_SET_DOMAIN,
ARG_SET_LLMNR,
ARG_SET_MDNS,
+ ARG_SET_PRIVATE,
ARG_SET_DNSSEC,
ARG_SET_NTA,
ARG_REVERT_LINK,
{ "set-domain", required_argument, NULL, ARG_SET_DOMAIN },
{ "set-llmnr", required_argument, NULL, ARG_SET_LLMNR },
{ "set-mdns", required_argument, NULL, ARG_SET_MDNS },
+ { "set-dnsovertls", required_argument, NULL, ARG_SET_PRIVATE },
{ "set-dnssec", required_argument, NULL, ARG_SET_DNSSEC },
{ "set-nta", required_argument, NULL, ARG_SET_NTA },
{ "revert", no_argument, NULL, ARG_REVERT_LINK },
break;
case 'i':
- r = parse_ifindex_with_warn(optarg);
+ arg_ifname = mfree(arg_ifname);
+ r = ifname_mangle(optarg, true);
if (r < 0)
return r;
-
- arg_ifname = optarg;
- arg_ifindex = r;
break;
case 't':
arg_mode = MODE_SET_LINK;
break;
+ case ARG_SET_PRIVATE:
+ arg_set_dns_over_tls = optarg;
+ arg_mode = MODE_SET_LINK;
+ break;
+
case ARG_SET_DNSSEC:
arg_set_dnssec = optarg;
arg_mode = MODE_SET_LINK;
if (IN_SET(arg_mode, MODE_SET_LINK, MODE_REVERT_LINK)) {
if (arg_ifindex <= 0) {
- log_error("--set-dns=, --set-domain=, --set-llmnr=, --set-mdns=, --set-dnssec=, --set-nta= and --revert require --interface=.");
+ log_error("--set-dns=, --set-domain=, --set-llmnr=, --set-mdns=, --set-dnsovertls=, --set-dnssec=, --set-nta= and --revert require --interface=.");
return -EINVAL;
}
break;
case 'i':
- r = parse_ifindex_with_warn(optarg);
+ arg_ifname = mfree(arg_ifname);
+ r = ifname_mangle(optarg, true);
if (r < 0)
return r;
-
- arg_ifindex = r;
break;
case 't':
{ "domain", VERB_ANY, VERB_ANY, 0, verb_domain },
{ "llmnr", VERB_ANY, 3, 0, verb_llmnr },
{ "mdns", VERB_ANY, 3, 0, verb_mdns },
+ { "dnsovertls", VERB_ANY, 3, 0, verb_dns_over_tls },
{ "dnssec", VERB_ANY, 3, 0, verb_dnssec },
{ "nta", VERB_ANY, VERB_ANY, 0, verb_nta },
{ "revert", 2, 2, 0, verb_revert_link },
return translate("status", NULL, argc - optind, argv + optind, bus);
case MODE_SET_LINK:
+ assert(arg_ifname);
+
if (arg_set_dns) {
r = translate("dns", arg_ifname, strv_length(arg_set_dns), arg_set_dns, bus);
if (r < 0)
return r;
}
+ if (arg_set_dns_over_tls) {
+ r = translate("dnsovertls", arg_ifname, 1, (char **) &arg_set_dns_over_tls, bus);
+ if (r < 0)
+ return r;
+ }
+
if (arg_set_dnssec) {
r = translate("dnssec", arg_ifname, 1, (char **) &arg_set_dnssec, bus);
if (r < 0)
return r;
case MODE_REVERT_LINK:
+ assert(arg_ifname);
+
return translate("revert", arg_ifname, 0, NULL, bus);
case _MODE_INVALID:
goto finish;
}
- if (streq(program_invocation_short_name, "systemd-resolve"))
+ if (STR_IN_SET(program_invocation_short_name, "systemd-resolve", "resolvconf"))
r = compat_main(argc, argv, bus);
else
r = native_main(argc, argv, bus);
sd_bus_flush_close_unref(bus);
pager_close();
+ free(arg_ifname);
strv_free(arg_set_dns);
strv_free(arg_set_domain);
strv_free(arg_set_nta);