[thirdparty/systemd.git] / src / resolve / resolved-conf.c

/* SPDX-License-Identifier: LGPL-2.1+ */
/***
  This file is part of systemd.

  Copyright 2014 Tom Gundersen <teg@jklm.no>
 ***/

#include "alloc-util.h"
#include "conf-parser.h"
#include "def.h"
#include "extract-word.h"
#include "hexdecoct.h"
#include "parse-util.h"
#include "resolved-conf.h"
#include "resolved-dnssd.h"
#include "specifier.h"
#include "string-table.h"
#include "string-util.h"
#include "utf8.h"

DEFINE_CONFIG_PARSE_ENUM(config_parse_dns_stub_listener_mode, dns_stub_listener_mode, DnsStubListenerMode, "Failed to parse DNS stub listener mode setting");

static const char* const dns_stub_listener_mode_table[_DNS_STUB_LISTENER_MODE_MAX] = {
        [DNS_STUB_LISTENER_NO] = "no",
        [DNS_STUB_LISTENER_UDP] = "udp",
        [DNS_STUB_LISTENER_TCP] = "tcp",
        [DNS_STUB_LISTENER_YES] = "yes",
};
DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dns_stub_listener_mode, DnsStubListenerMode, DNS_STUB_LISTENER_YES);

int manager_add_dns_server_by_string(Manager *m, DnsServerType type, const char *word) {
        union in_addr_union address;
        int family, r, ifindex = 0;
        DnsServer *s;

        assert(m);
        assert(word);

        r = in_addr_ifindex_from_string_auto(word, &family, &address, &ifindex);
        if (r < 0)
                return r;

        /* Silently filter out 0.0.0.0 and 127.0.0.53 (our own stub DNS listener) */
        if (!dns_server_address_valid(family, &address))
                return 0;

        /* Filter out duplicates */
        s = dns_server_find(manager_get_first_dns_server(m, type), family, &address, ifindex);
        if (s) {
                /*
                 * Drop the marker. This is used to find the servers
                 * that ceased to exist, see
                 * manager_mark_dns_servers() and
                 * manager_flush_marked_dns_servers().
                 */
                dns_server_move_back_and_unmark(s);
                return 0;
        }

        return dns_server_new(m, NULL, type, NULL, family, &address, ifindex);
}

int manager_parse_dns_server_string_and_warn(Manager *m, DnsServerType type, const char *string) {
        int r;

        assert(m);
        assert(string);

        for (;;) {
                _cleanup_free_ char *word = NULL;

                r = extract_first_word(&string, &word, NULL, 0);
                if (r < 0)
                        return r;
                if (r == 0)
                        break;

                r = manager_add_dns_server_by_string(m, type, word);
                if (r < 0)
                        log_warning_errno(r, "Failed to add DNS server address '%s', ignoring: %m", word);
        }

        return 0;
}

int manager_add_search_domain_by_string(Manager *m, const char *domain) {
        DnsSearchDomain *d;
        bool route_only;
        int r;

        assert(m);
        assert(domain);

        route_only = *domain == '~';
        if (route_only)
                domain++;

        if (dns_name_is_root(domain) || streq(domain, "*")) {
                route_only = true;
                domain = ".";
        }

        r = dns_search_domain_find(m->search_domains, domain, &d);
        if (r < 0)
                return r;
        if (r > 0)
                dns_search_domain_move_back_and_unmark(d);
        else {
                r = dns_search_domain_new(m, &d, DNS_SEARCH_DOMAIN_SYSTEM, NULL, domain);
                if (r < 0)
                        return r;
        }

        d->route_only = route_only;
        return 0;
}

int manager_parse_search_domains_and_warn(Manager *m, const char *string) {
        int r;

        assert(m);
        assert(string);

        for (;;) {
                _cleanup_free_ char *word = NULL;

                r = extract_first_word(&string, &word, NULL, EXTRACT_QUOTES);
                if (r < 0)
                        return r;
                if (r == 0)
                        break;

                r = manager_add_search_domain_by_string(m, word);
                if (r < 0)
                        log_warning_errno(r, "Failed to add search domain '%s', ignoring: %m", word);
        }

        return 0;
}

int config_parse_dns_servers(
                const char *unit,
                const char *filename,
                unsigned line,
                const char *section,
                unsigned section_line,
                const char *lvalue,
                int ltype,
                const char *rvalue,
                void *data,
                void *userdata) {

        Manager *m = userdata;
        int r;

        assert(filename);
        assert(lvalue);
        assert(rvalue);
        assert(m);

        if (isempty(rvalue))
                /* Empty assignment means clear the list */
                dns_server_unlink_all(manager_get_first_dns_server(m, ltype));
        else {
                /* Otherwise, add to the list */
                r = manager_parse_dns_server_string_and_warn(m, ltype, rvalue);
                if (r < 0) {
                        log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse DNS server string '%s'. Ignoring.", rvalue);
                        return 0;
                }
        }

        /* If we have a manual setting, then we stop reading
         * /etc/resolv.conf */
        if (ltype == DNS_SERVER_SYSTEM)
                m->read_resolv_conf = false;
        if (ltype == DNS_SERVER_FALLBACK)
                m->need_builtin_fallbacks = false;

        return 0;
}

int config_parse_search_domains(
                const char *unit,
                const char *filename,
                unsigned line,
                const char *section,
                unsigned section_line,
                const char *lvalue,
                int ltype,
                const char *rvalue,
                void *data,
                void *userdata) {

        Manager *m = userdata;
        int r;

        assert(filename);
        assert(lvalue);
        assert(rvalue);
        assert(m);

        if (isempty(rvalue))
                /* Empty assignment means clear the list */
                dns_search_domain_unlink_all(m->search_domains);
        else {
                /* Otherwise, add to the list */
                r = manager_parse_search_domains_and_warn(m, rvalue);
                if (r < 0) {
                        log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse search domains string '%s'. Ignoring.", rvalue);
                        return 0;
                }
        }

        /* If we have a manual setting, then we stop reading
         * /etc/resolv.conf */
        m->read_resolv_conf = false;

        return 0;
}

int config_parse_dnssd_service_name(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata) {
        static const Specifier specifier_table[] = {
                { 'b', specifier_boot_id,         NULL },
                { 'H', specifier_host_name, NULL },
                { 'm', specifier_machine_id, NULL },
                { 'v', specifier_kernel_release,  NULL },
                {}
        };
        DnssdService *s = userdata;
        _cleanup_free_ char *name = NULL;
        int r;

        assert(filename);
        assert(lvalue);
        assert(rvalue);
        assert(s);

        if (isempty(rvalue)) {
                log_syntax(unit, LOG_ERR, filename, line, 0, "Service instance name can't be empty. Ignoring.");
                return -EINVAL;
        }

        r = free_and_strdup(&s->name_template, rvalue);
        if (r < 0)
                return log_oom();

        r = specifier_printf(s->name_template, specifier_table, NULL, &name);
        if (r < 0)
                return log_debug_errno(r, "Failed to replace specifiers: %m");

        if (!dns_service_name_is_valid(name)) {
                log_syntax(unit, LOG_ERR, filename, line, 0, "Service instance name template renders to invalid name '%s'. Ignoring.", name);
                return -EINVAL;
        }

        return 0;
}

int config_parse_dnssd_service_type(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata) {
        DnssdService *s = userdata;
        int r;

        assert(filename);
        assert(lvalue);
        assert(rvalue);
        assert(s);

        if (isempty(rvalue)) {
                log_syntax(unit, LOG_ERR, filename, line, 0, "Service type can't be empty. Ignoring.");
                return -EINVAL;
        }

        if (!dnssd_srv_type_is_valid(rvalue)) {
                log_syntax(unit, LOG_ERR, filename, line, 0, "Service type is invalid. Ignoring.");
                return -EINVAL;
        }

        r = free_and_strdup(&s->type, rvalue);
        if (r < 0)
                return log_oom();

        return 0;
}

int config_parse_dnssd_txt(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata) {
        _cleanup_(dnssd_txtdata_freep) DnssdTxtData *txt_data = NULL;
        DnssdService *s = userdata;
        DnsTxtItem *last = NULL;

        assert(filename);
        assert(lvalue);
        assert(rvalue);
        assert(s);

        if (isempty(rvalue)) {
                /* Flush out collected items */
                s->txt_data_items = dnssd_txtdata_free_all(s->txt_data_items);
                return 0;
        }

        txt_data = new0(DnssdTxtData, 1);
        if (!txt_data)
                return log_oom();

        for (;;) {
                _cleanup_free_ char *word = NULL;
                _cleanup_free_ char *key = NULL;
                _cleanup_free_ char *value = NULL;
                _cleanup_free_ void *decoded = NULL;
                size_t length = 0;
                DnsTxtItem *i;
                int r;

                r = extract_first_word(&rvalue, &word, NULL,
                                       EXTRACT_QUOTES|EXTRACT_CUNESCAPE|EXTRACT_CUNESCAPE_RELAX);
                if (r == 0)
                        break;
                if (r == -ENOMEM)
                        return log_oom();
                if (r < 0)
                        return log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);

                r = split_pair(word, "=", &key, &value);
                if (r == -ENOMEM)
                        return log_oom();
                if (r == -EINVAL)
                        key = TAKE_PTR(word);

                if (!ascii_is_valid(key)) {
                        log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring: %s", key);
                        return -EINVAL;
                }

                switch (ltype) {

                case DNS_TXT_ITEM_DATA:
                        if (value) {
                                r = unbase64mem(value, strlen(value), &decoded, &length);
                                if (r == -ENOMEM)
                                        return log_oom();
                                if (r < 0)
                                        return log_syntax(unit, LOG_ERR, filename, line, r,
                                                          "Invalid base64 encoding, ignoring: %s", value);
                        }

                        r = dnssd_txt_item_new_from_data(key, decoded, length, &i);
                        if (r < 0)
                                return log_oom();
                        break;

                case DNS_TXT_ITEM_TEXT:
                        r = dnssd_txt_item_new_from_string(key, value, &i);
                        if (r < 0)
                                return log_oom();
                        break;

                default:
                        assert_not_reached("Unknown type of Txt config");
                }

                LIST_INSERT_AFTER(items, txt_data->txt, last, i);
                last = i;
        }

        if (!LIST_IS_EMPTY(txt_data->txt)) {
                LIST_PREPEND(items, s->txt_data_items, txt_data);
                txt_data = NULL;
        }

        return 0;
}

int manager_parse_config_file(Manager *m) {
        int r;

        assert(m);

        r = config_parse_many_nulstr(PKGSYSCONFDIR "/resolved.conf",
                                     CONF_PATHS_NULSTR("systemd/resolved.conf.d"),
                                     "Resolve\0",
                                     config_item_perf_lookup, resolved_gperf_lookup,
                                     CONFIG_PARSE_WARN, m);
        if (r < 0)
                return r;

        if (m->need_builtin_fallbacks) {
                r = manager_parse_dns_server_string_and_warn(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
                if (r < 0)
                        return r;
        }

#if ! HAVE_GCRYPT
        if (m->dnssec_mode != DNSSEC_NO) {
                log_warning("DNSSEC option cannot be enabled or set to allow-downgrade when systemd-resolved is built without gcrypt support. Turning off DNSSEC support.");
                m->dnssec_mode = DNSSEC_NO;
        }
#endif
        return 0;

}
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
4e945a6f LP	2	/***
	3	This file is part of systemd.
	4
	5	Copyright 2014 Tom Gundersen <teg@jklm.no>
4e945a6f LP	6	***/
4e945a6f LP	7
b5efdb8a	8	#include "alloc-util.h"
4e945a6f	9	#include "conf-parser.h"
a0f29c76	10	#include "def.h"
b5efdb8a	11	#include "extract-word.h"
6501dd31	12	#include "hexdecoct.h"
6bedfcbb	13	#include "parse-util.h"
4e945a6f	14	#include "resolved-conf.h"
6501dd31 DR	15	#include "resolved-dnssd.h"
6501dd31 DR	16	#include "specifier.h"
1ae43295	17	#include "string-table.h"
6bedfcbb	18	#include "string-util.h"
6501dd31	19	#include "utf8.h"
4e945a6f	20
1ae43295 DM	21	DEFINE_CONFIG_PARSE_ENUM(config_parse_dns_stub_listener_mode, dns_stub_listener_mode, DnsStubListenerMode, "Failed to parse DNS stub listener mode setting");
	22
	23	static const char* const dns_stub_listener_mode_table[_DNS_STUB_LISTENER_MODE_MAX] = {
	24	[DNS_STUB_LISTENER_NO] = "no",
	25	[DNS_STUB_LISTENER_UDP] = "udp",
	26	[DNS_STUB_LISTENER_TCP] = "tcp",
	27	[DNS_STUB_LISTENER_YES] = "yes",
	28	};
	29	DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dns_stub_listener_mode, DnsStubListenerMode, DNS_STUB_LISTENER_YES);
	30
636e813d LP	31	int manager_add_dns_server_by_string(Manager m, DnsServerType type, const char word) {
636e813d LP	32	union in_addr_union address;
2817157b	33	int family, r, ifindex = 0;
0eac4623	34	DnsServer *s;
4e945a6f LP	35
4e945a6f LP	36	assert(m);
636e813d LP	37	assert(word);
636e813d LP	38
2817157b	39	r = in_addr_ifindex_from_string_auto(word, &family, &address, &ifindex);
636e813d LP	40	if (r < 0)
636e813d LP	41	return r;
4e945a6f	42
b30bf55d LP	43	/* Silently filter out 0.0.0.0 and 127.0.0.53 (our own stub DNS listener) */
	44	if (!dns_server_address_valid(family, &address))
	45	return 0;
	46
636e813d	47	/* Filter out duplicates */
2817157b	48	s = dns_server_find(manager_get_first_dns_server(m, type), family, &address, ifindex);
636e813d LP	49	if (s) {
	50	/*
	51	* Drop the marker. This is used to find the servers
	52	* that ceased to exist, see
	53	* manager_mark_dns_servers() and
	54	* manager_flush_marked_dns_servers().
	55	*/
0b58db65	56	dns_server_move_back_and_unmark(s);
636e813d LP	57	return 0;
	58	}
	59
2817157b	60	return dns_server_new(m, NULL, type, NULL, family, &address, ifindex);
636e813d LP	61	}
	62
	63	int manager_parse_dns_server_string_and_warn(Manager m, DnsServerType type, const char string) {
	64	int r;
	65
	66	assert(m);
	67	assert(string);
	68
9ed794a3	69	for (;;) {
b5efdb8a	70	_cleanup_free_ char *word = NULL;
880603a1 SS	71
	72	r = extract_first_word(&string, &word, NULL, 0);
	73	if (r < 0)
636e813d	74	return r;
880603a1 SS	75	if (r == 0)
880603a1 SS	76	break;
4e945a6f	77
636e813d	78	r = manager_add_dns_server_by_string(m, type, word);
a51c1048	79	if (r < 0)
2817157b	80	log_warning_errno(r, "Failed to add DNS server address '%s', ignoring: %m", word);
a51c1048 LP	81	}
	82
	83	return 0;
	84	}
	85
	86	int manager_add_search_domain_by_string(Manager m, const char domain) {
	87	DnsSearchDomain *d;
adc800a6	88	bool route_only;
a51c1048 LP	89	int r;
	90
	91	assert(m);
	92	assert(domain);
	93
adc800a6 LP	94	route_only = *domain == '~';
	95	if (route_only)
	96	domain++;
	97
	98	if (dns_name_is_root(domain) \|\| streq(domain, "*")) {
	99	route_only = true;
	100	domain = ".";
	101	}
	102
a51c1048 LP	103	r = dns_search_domain_find(m->search_domains, domain, &d);
	104	if (r < 0)
	105	return r;
adc800a6	106	if (r > 0)
a51c1048	107	dns_search_domain_move_back_and_unmark(d);
adc800a6 LP	108	else {
	109	r = dns_search_domain_new(m, &d, DNS_SEARCH_DOMAIN_SYSTEM, NULL, domain);
	110	if (r < 0)
	111	return r;
a51c1048 LP	112	}
a51c1048 LP	113
adc800a6 LP	114	d->route_only = route_only;
adc800a6 LP	115	return 0;
a51c1048 LP	116	}
	117
	118	int manager_parse_search_domains_and_warn(Manager m, const char string) {
	119	int r;
	120
	121	assert(m);
	122	assert(string);
	123
9ed794a3	124	for (;;) {
a51c1048 LP	125	_cleanup_free_ char *word = NULL;
	126
	127	r = extract_first_word(&string, &word, NULL, EXTRACT_QUOTES);
	128	if (r < 0)
	129	return r;
	130	if (r == 0)
	131	break;
	132
	133	r = manager_add_search_domain_by_string(m, word);
	134	if (r < 0)
2817157b	135	log_warning_errno(r, "Failed to add search domain '%s', ignoring: %m", word);
4e945a6f LP	136	}
	137
	138	return 0;
	139	}
	140
636e813d	141	int config_parse_dns_servers(
4e945a6f LP	142	const char *unit,
	143	const char *filename,
	144	unsigned line,
	145	const char *section,
	146	unsigned section_line,
	147	const char *lvalue,
	148	int ltype,
	149	const char *rvalue,
	150	void *data,
	151	void *userdata) {
	152
	153	Manager *m = userdata;
4e945a6f LP	154	int r;
	155
	156	assert(filename);
	157	assert(lvalue);
	158	assert(rvalue);
	159	assert(m);
	160
3e684349	161	if (isempty(rvalue))
5cb36f41	162	/* Empty assignment means clear the list */
4b95f179	163	dns_server_unlink_all(manager_get_first_dns_server(m, ltype));
3e684349	164	else {
b938cb90	165	/* Otherwise, add to the list */
636e813d	166	r = manager_parse_dns_server_string_and_warn(m, ltype, rvalue);
5cb36f41	167	if (r < 0) {
12ca818f	168	log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse DNS server string '%s'. Ignoring.", rvalue);
5cb36f41 LP	169	return 0;
5cb36f41 LP	170	}
4e945a6f LP	171	}
4e945a6f LP	172
5cb36f41 LP	173	/* If we have a manual setting, then we stop reading
	174	* /etc/resolv.conf */
	175	if (ltype == DNS_SERVER_SYSTEM)
	176	m->read_resolv_conf = false;
00fa60ae LP	177	if (ltype == DNS_SERVER_FALLBACK)
00fa60ae LP	178	m->need_builtin_fallbacks = false;
5cb36f41	179
4e945a6f LP	180	return 0;
	181	}
	182
a51c1048 LP	183	int config_parse_search_domains(
	184	const char *unit,
	185	const char *filename,
	186	unsigned line,
	187	const char *section,
	188	unsigned section_line,
	189	const char *lvalue,
	190	int ltype,
	191	const char *rvalue,
	192	void *data,
	193	void *userdata) {
	194
	195	Manager *m = userdata;
	196	int r;
	197
	198	assert(filename);
	199	assert(lvalue);
	200	assert(rvalue);
	201	assert(m);
	202
	203	if (isempty(rvalue))
	204	/* Empty assignment means clear the list */
	205	dns_search_domain_unlink_all(m->search_domains);
	206	else {
	207	/* Otherwise, add to the list */
	208	r = manager_parse_search_domains_and_warn(m, rvalue);
	209	if (r < 0) {
	210	log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse search domains string '%s'. Ignoring.", rvalue);
	211	return 0;
	212	}
	213	}
	214
	215	/* If we have a manual setting, then we stop reading
	216	* /etc/resolv.conf */
	217	m->read_resolv_conf = false;
6501dd31 DR	218
	219	return 0;
	220	}
	221
	222	int config_parse_dnssd_service_name(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata) {
	223	static const Specifier specifier_table[] = {
	224	{ 'b', specifier_boot_id, NULL },
	225	{ 'H', specifier_host_name, NULL },
	226	{ 'm', specifier_machine_id, NULL },
	227	{ 'v', specifier_kernel_release, NULL },
	228	{}
	229	};
	230	DnssdService *s = userdata;
	231	_cleanup_free_ char *name = NULL;
	232	int r;
	233
	234	assert(filename);
	235	assert(lvalue);
	236	assert(rvalue);
	237	assert(s);
	238
	239	if (isempty(rvalue)) {
	240	log_syntax(unit, LOG_ERR, filename, line, 0, "Service instance name can't be empty. Ignoring.");
	241	return -EINVAL;
	242	}
	243
	244	r = free_and_strdup(&s->name_template, rvalue);
	245	if (r < 0)
	246	return log_oom();
	247
	248	r = specifier_printf(s->name_template, specifier_table, NULL, &name);
	249	if (r < 0)
	250	return log_debug_errno(r, "Failed to replace specifiers: %m");
	251
	252	if (!dns_service_name_is_valid(name)) {
	253	log_syntax(unit, LOG_ERR, filename, line, 0, "Service instance name template renders to invalid name '%s'. Ignoring.", name);
	254	return -EINVAL;
	255	}
	256
	257	return 0;
	258	}
	259
	260	int config_parse_dnssd_service_type(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata) {
	261	DnssdService *s = userdata;
	262	int r;
	263
	264	assert(filename);
	265	assert(lvalue);
	266	assert(rvalue);
	267	assert(s);
	268
	269	if (isempty(rvalue)) {
	270	log_syntax(unit, LOG_ERR, filename, line, 0, "Service type can't be empty. Ignoring.");
	271	return -EINVAL;
	272	}
	273
	274	if (!dnssd_srv_type_is_valid(rvalue)) {
	275	log_syntax(unit, LOG_ERR, filename, line, 0, "Service type is invalid. Ignoring.");
	276	return -EINVAL;
	277	}
	278
	279	r = free_and_strdup(&s->type, rvalue);
	280	if (r < 0)
	281	return log_oom();
282
283	return 0;
284	}
285
286	int config_parse_dnssd_txt(const char unit, const char filename, unsigned line, const char section, unsigned section_line, const char lvalue, int ltype, const char rvalue, void data, void *userdata) {
400f54fb	287	_cleanup_(dnssd_txtdata_freep) DnssdTxtData *txt_data = NULL;
6501dd31 DR	288	DnssdService *s = userdata;
	289	DnsTxtItem *last = NULL;
	290
	291	assert(filename);
	292	assert(lvalue);
	293	assert(rvalue);
	294	assert(s);
	295
400f54fb DR	296	if (isempty(rvalue)) {
	297	/* Flush out collected items */
	298	s->txt_data_items = dnssd_txtdata_free_all(s->txt_data_items);
6501dd31	299	return 0;
400f54fb DR	300	}
	301
	302	txt_data = new0(DnssdTxtData, 1);
	303	if (!txt_data)
	304	return log_oom();
6501dd31 DR	305
	306	for (;;) {
	307	_cleanup_free_ char *word = NULL;
	308	_cleanup_free_ char *key = NULL;
	309	_cleanup_free_ char *value = NULL;
	310	_cleanup_free_ void *decoded = NULL;
	311	size_t length = 0;
	312	DnsTxtItem *i;
	313	int r;
	314
	315	r = extract_first_word(&rvalue, &word, NULL,
	316	EXTRACT_QUOTES\|EXTRACT_CUNESCAPE\|EXTRACT_CUNESCAPE_RELAX);
	317	if (r == 0)
	318	break;
	319	if (r == -ENOMEM)
	320	return log_oom();
	321	if (r < 0)
	322	return log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
	323
	324	r = split_pair(word, "=", &key, &value);
	325	if (r == -ENOMEM)
	326	return log_oom();
1cc6c93a YW	327	if (r == -EINVAL)
1cc6c93a YW	328	key = TAKE_PTR(word);
6501dd31 DR	329
	330	if (!ascii_is_valid(key)) {
	331	log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring: %s", key);
	332	return -EINVAL;
	333	}
	334
	335	switch (ltype) {
	336
	337	case DNS_TXT_ITEM_DATA:
	338	if (value) {
	339	r = unbase64mem(value, strlen(value), &decoded, &length);
	340	if (r == -ENOMEM)
	341	return log_oom();
	342	if (r < 0)
	343	return log_syntax(unit, LOG_ERR, filename, line, r,
	344	"Invalid base64 encoding, ignoring: %s", value);
	345	}
	346
	347	r = dnssd_txt_item_new_from_data(key, decoded, length, &i);
	348	if (r < 0)
	349	return log_oom();
	350	break;
	351
	352	case DNS_TXT_ITEM_TEXT:
	353	r = dnssd_txt_item_new_from_string(key, value, &i);
	354	if (r < 0)
	355	return log_oom();
	356	break;
	357
	358	default:
	359	assert_not_reached("Unknown type of Txt config");
	360	}
	361
400f54fb	362	LIST_INSERT_AFTER(items, txt_data->txt, last, i);
6501dd31 DR	363	last = i;
6501dd31 DR	364	}
400f54fb DR	365
	366	if (!LIST_IS_EMPTY(txt_data->txt)) {
	367	LIST_PREPEND(items, s->txt_data_items, txt_data);
	368	txt_data = NULL;
	369	}
a51c1048 LP	370
	371	return 0;
	372	}
	373
4e945a6f	374	int manager_parse_config_file(Manager *m) {
00fa60ae LP	375	int r;
00fa60ae LP	376
4e945a6f LP	377	assert(m);
4e945a6f LP	378
43688c49	379	r = config_parse_many_nulstr(PKGSYSCONFDIR "/resolved.conf",
da412854 YW	380	CONF_PATHS_NULSTR("systemd/resolved.conf.d"),
	381	"Resolve\0",
	382	config_item_perf_lookup, resolved_gperf_lookup,
bcde742e	383	CONFIG_PARSE_WARN, m);
00fa60ae LP	384	if (r < 0)
	385	return r;
	386
	387	if (m->need_builtin_fallbacks) {
	388	r = manager_parse_dns_server_string_and_warn(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
	389	if (r < 0)
	390	return r;
	391	}
	392
349cc4a5	393	#if ! HAVE_GCRYPT
42303dcb YW	394	if (m->dnssec_mode != DNSSEC_NO) {
	395	log_warning("DNSSEC option cannot be enabled or set to allow-downgrade when systemd-resolved is built without gcrypt support. Turning off DNSSEC support.");
	396	m->dnssec_mode = DNSSEC_NO;
	397	}
	398	#endif
00fa60ae LP	399	return 0;
00fa60ae LP	400
4e945a6f	401	}