]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
4e945a6f LP |
2 | /*** |
3 | This file is part of systemd. | |
4 | ||
5 | Copyright 2014 Tom Gundersen <teg@jklm.no> | |
4e945a6f LP |
6 | ***/ |
7 | ||
b5efdb8a | 8 | #include "alloc-util.h" |
4e945a6f | 9 | #include "conf-parser.h" |
a0f29c76 | 10 | #include "def.h" |
b5efdb8a | 11 | #include "extract-word.h" |
6501dd31 | 12 | #include "hexdecoct.h" |
6bedfcbb | 13 | #include "parse-util.h" |
4e945a6f | 14 | #include "resolved-conf.h" |
6501dd31 DR |
15 | #include "resolved-dnssd.h" |
16 | #include "specifier.h" | |
1ae43295 | 17 | #include "string-table.h" |
6bedfcbb | 18 | #include "string-util.h" |
6501dd31 | 19 | #include "utf8.h" |
4e945a6f | 20 | |
1ae43295 DM |
21 | DEFINE_CONFIG_PARSE_ENUM(config_parse_dns_stub_listener_mode, dns_stub_listener_mode, DnsStubListenerMode, "Failed to parse DNS stub listener mode setting"); |
22 | ||
23 | static const char* const dns_stub_listener_mode_table[_DNS_STUB_LISTENER_MODE_MAX] = { | |
24 | [DNS_STUB_LISTENER_NO] = "no", | |
25 | [DNS_STUB_LISTENER_UDP] = "udp", | |
26 | [DNS_STUB_LISTENER_TCP] = "tcp", | |
27 | [DNS_STUB_LISTENER_YES] = "yes", | |
28 | }; | |
29 | DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dns_stub_listener_mode, DnsStubListenerMode, DNS_STUB_LISTENER_YES); | |
30 | ||
636e813d LP |
31 | int manager_add_dns_server_by_string(Manager *m, DnsServerType type, const char *word) { |
32 | union in_addr_union address; | |
2817157b | 33 | int family, r, ifindex = 0; |
0eac4623 | 34 | DnsServer *s; |
4e945a6f LP |
35 | |
36 | assert(m); | |
636e813d LP |
37 | assert(word); |
38 | ||
2817157b | 39 | r = in_addr_ifindex_from_string_auto(word, &family, &address, &ifindex); |
636e813d LP |
40 | if (r < 0) |
41 | return r; | |
4e945a6f | 42 | |
b30bf55d LP |
43 | /* Silently filter out 0.0.0.0 and 127.0.0.53 (our own stub DNS listener) */ |
44 | if (!dns_server_address_valid(family, &address)) | |
45 | return 0; | |
46 | ||
636e813d | 47 | /* Filter out duplicates */ |
2817157b | 48 | s = dns_server_find(manager_get_first_dns_server(m, type), family, &address, ifindex); |
636e813d LP |
49 | if (s) { |
50 | /* | |
51 | * Drop the marker. This is used to find the servers | |
52 | * that ceased to exist, see | |
53 | * manager_mark_dns_servers() and | |
54 | * manager_flush_marked_dns_servers(). | |
55 | */ | |
0b58db65 | 56 | dns_server_move_back_and_unmark(s); |
636e813d LP |
57 | return 0; |
58 | } | |
59 | ||
2817157b | 60 | return dns_server_new(m, NULL, type, NULL, family, &address, ifindex); |
636e813d LP |
61 | } |
62 | ||
63 | int manager_parse_dns_server_string_and_warn(Manager *m, DnsServerType type, const char *string) { | |
64 | int r; | |
65 | ||
66 | assert(m); | |
67 | assert(string); | |
68 | ||
9ed794a3 | 69 | for (;;) { |
b5efdb8a | 70 | _cleanup_free_ char *word = NULL; |
880603a1 SS |
71 | |
72 | r = extract_first_word(&string, &word, NULL, 0); | |
73 | if (r < 0) | |
636e813d | 74 | return r; |
880603a1 SS |
75 | if (r == 0) |
76 | break; | |
4e945a6f | 77 | |
636e813d | 78 | r = manager_add_dns_server_by_string(m, type, word); |
a51c1048 | 79 | if (r < 0) |
2817157b | 80 | log_warning_errno(r, "Failed to add DNS server address '%s', ignoring: %m", word); |
a51c1048 LP |
81 | } |
82 | ||
83 | return 0; | |
84 | } | |
85 | ||
86 | int manager_add_search_domain_by_string(Manager *m, const char *domain) { | |
87 | DnsSearchDomain *d; | |
adc800a6 | 88 | bool route_only; |
a51c1048 LP |
89 | int r; |
90 | ||
91 | assert(m); | |
92 | assert(domain); | |
93 | ||
adc800a6 LP |
94 | route_only = *domain == '~'; |
95 | if (route_only) | |
96 | domain++; | |
97 | ||
98 | if (dns_name_is_root(domain) || streq(domain, "*")) { | |
99 | route_only = true; | |
100 | domain = "."; | |
101 | } | |
102 | ||
a51c1048 LP |
103 | r = dns_search_domain_find(m->search_domains, domain, &d); |
104 | if (r < 0) | |
105 | return r; | |
adc800a6 | 106 | if (r > 0) |
a51c1048 | 107 | dns_search_domain_move_back_and_unmark(d); |
adc800a6 LP |
108 | else { |
109 | r = dns_search_domain_new(m, &d, DNS_SEARCH_DOMAIN_SYSTEM, NULL, domain); | |
110 | if (r < 0) | |
111 | return r; | |
a51c1048 LP |
112 | } |
113 | ||
adc800a6 LP |
114 | d->route_only = route_only; |
115 | return 0; | |
a51c1048 LP |
116 | } |
117 | ||
118 | int manager_parse_search_domains_and_warn(Manager *m, const char *string) { | |
119 | int r; | |
120 | ||
121 | assert(m); | |
122 | assert(string); | |
123 | ||
9ed794a3 | 124 | for (;;) { |
a51c1048 LP |
125 | _cleanup_free_ char *word = NULL; |
126 | ||
127 | r = extract_first_word(&string, &word, NULL, EXTRACT_QUOTES); | |
128 | if (r < 0) | |
129 | return r; | |
130 | if (r == 0) | |
131 | break; | |
132 | ||
133 | r = manager_add_search_domain_by_string(m, word); | |
134 | if (r < 0) | |
2817157b | 135 | log_warning_errno(r, "Failed to add search domain '%s', ignoring: %m", word); |
4e945a6f LP |
136 | } |
137 | ||
138 | return 0; | |
139 | } | |
140 | ||
636e813d | 141 | int config_parse_dns_servers( |
4e945a6f LP |
142 | const char *unit, |
143 | const char *filename, | |
144 | unsigned line, | |
145 | const char *section, | |
146 | unsigned section_line, | |
147 | const char *lvalue, | |
148 | int ltype, | |
149 | const char *rvalue, | |
150 | void *data, | |
151 | void *userdata) { | |
152 | ||
153 | Manager *m = userdata; | |
4e945a6f LP |
154 | int r; |
155 | ||
156 | assert(filename); | |
157 | assert(lvalue); | |
158 | assert(rvalue); | |
159 | assert(m); | |
160 | ||
3e684349 | 161 | if (isempty(rvalue)) |
5cb36f41 | 162 | /* Empty assignment means clear the list */ |
4b95f179 | 163 | dns_server_unlink_all(manager_get_first_dns_server(m, ltype)); |
3e684349 | 164 | else { |
b938cb90 | 165 | /* Otherwise, add to the list */ |
636e813d | 166 | r = manager_parse_dns_server_string_and_warn(m, ltype, rvalue); |
5cb36f41 | 167 | if (r < 0) { |
12ca818f | 168 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse DNS server string '%s'. Ignoring.", rvalue); |
5cb36f41 LP |
169 | return 0; |
170 | } | |
4e945a6f LP |
171 | } |
172 | ||
5cb36f41 LP |
173 | /* If we have a manual setting, then we stop reading |
174 | * /etc/resolv.conf */ | |
175 | if (ltype == DNS_SERVER_SYSTEM) | |
176 | m->read_resolv_conf = false; | |
00fa60ae LP |
177 | if (ltype == DNS_SERVER_FALLBACK) |
178 | m->need_builtin_fallbacks = false; | |
5cb36f41 | 179 | |
4e945a6f LP |
180 | return 0; |
181 | } | |
182 | ||
a51c1048 LP |
183 | int config_parse_search_domains( |
184 | const char *unit, | |
185 | const char *filename, | |
186 | unsigned line, | |
187 | const char *section, | |
188 | unsigned section_line, | |
189 | const char *lvalue, | |
190 | int ltype, | |
191 | const char *rvalue, | |
192 | void *data, | |
193 | void *userdata) { | |
194 | ||
195 | Manager *m = userdata; | |
196 | int r; | |
197 | ||
198 | assert(filename); | |
199 | assert(lvalue); | |
200 | assert(rvalue); | |
201 | assert(m); | |
202 | ||
203 | if (isempty(rvalue)) | |
204 | /* Empty assignment means clear the list */ | |
205 | dns_search_domain_unlink_all(m->search_domains); | |
206 | else { | |
207 | /* Otherwise, add to the list */ | |
208 | r = manager_parse_search_domains_and_warn(m, rvalue); | |
209 | if (r < 0) { | |
210 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse search domains string '%s'. Ignoring.", rvalue); | |
211 | return 0; | |
212 | } | |
213 | } | |
214 | ||
215 | /* If we have a manual setting, then we stop reading | |
216 | * /etc/resolv.conf */ | |
217 | m->read_resolv_conf = false; | |
6501dd31 DR |
218 | |
219 | return 0; | |
220 | } | |
221 | ||
222 | int config_parse_dnssd_service_name(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata) { | |
223 | static const Specifier specifier_table[] = { | |
224 | { 'b', specifier_boot_id, NULL }, | |
225 | { 'H', specifier_host_name, NULL }, | |
226 | { 'm', specifier_machine_id, NULL }, | |
227 | { 'v', specifier_kernel_release, NULL }, | |
228 | {} | |
229 | }; | |
230 | DnssdService *s = userdata; | |
231 | _cleanup_free_ char *name = NULL; | |
232 | int r; | |
233 | ||
234 | assert(filename); | |
235 | assert(lvalue); | |
236 | assert(rvalue); | |
237 | assert(s); | |
238 | ||
239 | if (isempty(rvalue)) { | |
240 | log_syntax(unit, LOG_ERR, filename, line, 0, "Service instance name can't be empty. Ignoring."); | |
241 | return -EINVAL; | |
242 | } | |
243 | ||
244 | r = free_and_strdup(&s->name_template, rvalue); | |
245 | if (r < 0) | |
246 | return log_oom(); | |
247 | ||
248 | r = specifier_printf(s->name_template, specifier_table, NULL, &name); | |
249 | if (r < 0) | |
250 | return log_debug_errno(r, "Failed to replace specifiers: %m"); | |
251 | ||
252 | if (!dns_service_name_is_valid(name)) { | |
253 | log_syntax(unit, LOG_ERR, filename, line, 0, "Service instance name template renders to invalid name '%s'. Ignoring.", name); | |
254 | return -EINVAL; | |
255 | } | |
256 | ||
257 | return 0; | |
258 | } | |
259 | ||
260 | int config_parse_dnssd_service_type(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata) { | |
261 | DnssdService *s = userdata; | |
262 | int r; | |
263 | ||
264 | assert(filename); | |
265 | assert(lvalue); | |
266 | assert(rvalue); | |
267 | assert(s); | |
268 | ||
269 | if (isempty(rvalue)) { | |
270 | log_syntax(unit, LOG_ERR, filename, line, 0, "Service type can't be empty. Ignoring."); | |
271 | return -EINVAL; | |
272 | } | |
273 | ||
274 | if (!dnssd_srv_type_is_valid(rvalue)) { | |
275 | log_syntax(unit, LOG_ERR, filename, line, 0, "Service type is invalid. Ignoring."); | |
276 | return -EINVAL; | |
277 | } | |
278 | ||
279 | r = free_and_strdup(&s->type, rvalue); | |
280 | if (r < 0) | |
281 | return log_oom(); | |
282 | ||
283 | return 0; | |
284 | } | |
285 | ||
286 | int config_parse_dnssd_txt(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata) { | |
400f54fb | 287 | _cleanup_(dnssd_txtdata_freep) DnssdTxtData *txt_data = NULL; |
6501dd31 DR |
288 | DnssdService *s = userdata; |
289 | DnsTxtItem *last = NULL; | |
290 | ||
291 | assert(filename); | |
292 | assert(lvalue); | |
293 | assert(rvalue); | |
294 | assert(s); | |
295 | ||
400f54fb DR |
296 | if (isempty(rvalue)) { |
297 | /* Flush out collected items */ | |
298 | s->txt_data_items = dnssd_txtdata_free_all(s->txt_data_items); | |
6501dd31 | 299 | return 0; |
400f54fb DR |
300 | } |
301 | ||
302 | txt_data = new0(DnssdTxtData, 1); | |
303 | if (!txt_data) | |
304 | return log_oom(); | |
6501dd31 DR |
305 | |
306 | for (;;) { | |
307 | _cleanup_free_ char *word = NULL; | |
308 | _cleanup_free_ char *key = NULL; | |
309 | _cleanup_free_ char *value = NULL; | |
310 | _cleanup_free_ void *decoded = NULL; | |
311 | size_t length = 0; | |
312 | DnsTxtItem *i; | |
313 | int r; | |
314 | ||
315 | r = extract_first_word(&rvalue, &word, NULL, | |
316 | EXTRACT_QUOTES|EXTRACT_CUNESCAPE|EXTRACT_CUNESCAPE_RELAX); | |
317 | if (r == 0) | |
318 | break; | |
319 | if (r == -ENOMEM) | |
320 | return log_oom(); | |
321 | if (r < 0) | |
322 | return log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue); | |
323 | ||
324 | r = split_pair(word, "=", &key, &value); | |
325 | if (r == -ENOMEM) | |
326 | return log_oom(); | |
1cc6c93a YW |
327 | if (r == -EINVAL) |
328 | key = TAKE_PTR(word); | |
6501dd31 DR |
329 | |
330 | if (!ascii_is_valid(key)) { | |
331 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring: %s", key); | |
332 | return -EINVAL; | |
333 | } | |
334 | ||
335 | switch (ltype) { | |
336 | ||
337 | case DNS_TXT_ITEM_DATA: | |
338 | if (value) { | |
339 | r = unbase64mem(value, strlen(value), &decoded, &length); | |
340 | if (r == -ENOMEM) | |
341 | return log_oom(); | |
342 | if (r < 0) | |
343 | return log_syntax(unit, LOG_ERR, filename, line, r, | |
344 | "Invalid base64 encoding, ignoring: %s", value); | |
345 | } | |
346 | ||
347 | r = dnssd_txt_item_new_from_data(key, decoded, length, &i); | |
348 | if (r < 0) | |
349 | return log_oom(); | |
350 | break; | |
351 | ||
352 | case DNS_TXT_ITEM_TEXT: | |
353 | r = dnssd_txt_item_new_from_string(key, value, &i); | |
354 | if (r < 0) | |
355 | return log_oom(); | |
356 | break; | |
357 | ||
358 | default: | |
359 | assert_not_reached("Unknown type of Txt config"); | |
360 | } | |
361 | ||
400f54fb | 362 | LIST_INSERT_AFTER(items, txt_data->txt, last, i); |
6501dd31 DR |
363 | last = i; |
364 | } | |
400f54fb DR |
365 | |
366 | if (!LIST_IS_EMPTY(txt_data->txt)) { | |
367 | LIST_PREPEND(items, s->txt_data_items, txt_data); | |
368 | txt_data = NULL; | |
369 | } | |
a51c1048 LP |
370 | |
371 | return 0; | |
372 | } | |
373 | ||
4e945a6f | 374 | int manager_parse_config_file(Manager *m) { |
00fa60ae LP |
375 | int r; |
376 | ||
4e945a6f LP |
377 | assert(m); |
378 | ||
43688c49 | 379 | r = config_parse_many_nulstr(PKGSYSCONFDIR "/resolved.conf", |
da412854 YW |
380 | CONF_PATHS_NULSTR("systemd/resolved.conf.d"), |
381 | "Resolve\0", | |
382 | config_item_perf_lookup, resolved_gperf_lookup, | |
bcde742e | 383 | CONFIG_PARSE_WARN, m); |
00fa60ae LP |
384 | if (r < 0) |
385 | return r; | |
386 | ||
387 | if (m->need_builtin_fallbacks) { | |
388 | r = manager_parse_dns_server_string_and_warn(m, DNS_SERVER_FALLBACK, DNS_SERVERS); | |
389 | if (r < 0) | |
390 | return r; | |
391 | } | |
392 | ||
349cc4a5 | 393 | #if ! HAVE_GCRYPT |
42303dcb YW |
394 | if (m->dnssec_mode != DNSSEC_NO) { |
395 | log_warning("DNSSEC option cannot be enabled or set to allow-downgrade when systemd-resolved is built without gcrypt support. Turning off DNSSEC support."); | |
396 | m->dnssec_mode = DNSSEC_NO; | |
397 | } | |
398 | #endif | |
00fa60ae LP |
399 | return 0; |
400 | ||
4e945a6f | 401 | } |