]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
4e945a6f LP |
2 | /*** |
3 | This file is part of systemd. | |
4 | ||
5 | Copyright 2014 Tom Gundersen <teg@jklm.no> | |
6 | ||
7 | systemd is free software; you can redistribute it and/or modify it | |
8 | under the terms of the GNU Lesser General Public License as published by | |
9 | the Free Software Foundation; either version 2.1 of the License, or | |
10 | (at your option) any later version. | |
11 | ||
12 | systemd is distributed in the hope that it will be useful, but | |
13 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
15 | Lesser General Public License for more details. | |
16 | ||
17 | You should have received a copy of the GNU Lesser General Public License | |
18 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
19 | ***/ | |
20 | ||
b5efdb8a | 21 | #include "alloc-util.h" |
4e945a6f | 22 | #include "conf-parser.h" |
a0f29c76 | 23 | #include "def.h" |
b5efdb8a | 24 | #include "extract-word.h" |
6bedfcbb | 25 | #include "parse-util.h" |
4e945a6f | 26 | #include "resolved-conf.h" |
1ae43295 | 27 | #include "string-table.h" |
6bedfcbb | 28 | #include "string-util.h" |
4e945a6f | 29 | |
1ae43295 DM |
30 | DEFINE_CONFIG_PARSE_ENUM(config_parse_dns_stub_listener_mode, dns_stub_listener_mode, DnsStubListenerMode, "Failed to parse DNS stub listener mode setting"); |
31 | ||
32 | static const char* const dns_stub_listener_mode_table[_DNS_STUB_LISTENER_MODE_MAX] = { | |
33 | [DNS_STUB_LISTENER_NO] = "no", | |
34 | [DNS_STUB_LISTENER_UDP] = "udp", | |
35 | [DNS_STUB_LISTENER_TCP] = "tcp", | |
36 | [DNS_STUB_LISTENER_YES] = "yes", | |
37 | }; | |
38 | DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dns_stub_listener_mode, DnsStubListenerMode, DNS_STUB_LISTENER_YES); | |
39 | ||
636e813d LP |
40 | int manager_add_dns_server_by_string(Manager *m, DnsServerType type, const char *word) { |
41 | union in_addr_union address; | |
2817157b | 42 | int family, r, ifindex = 0; |
0eac4623 | 43 | DnsServer *s; |
4e945a6f LP |
44 | |
45 | assert(m); | |
636e813d LP |
46 | assert(word); |
47 | ||
2817157b | 48 | r = in_addr_ifindex_from_string_auto(word, &family, &address, &ifindex); |
636e813d LP |
49 | if (r < 0) |
50 | return r; | |
4e945a6f | 51 | |
b30bf55d LP |
52 | /* Silently filter out 0.0.0.0 and 127.0.0.53 (our own stub DNS listener) */ |
53 | if (!dns_server_address_valid(family, &address)) | |
54 | return 0; | |
55 | ||
636e813d | 56 | /* Filter out duplicates */ |
2817157b | 57 | s = dns_server_find(manager_get_first_dns_server(m, type), family, &address, ifindex); |
636e813d LP |
58 | if (s) { |
59 | /* | |
60 | * Drop the marker. This is used to find the servers | |
61 | * that ceased to exist, see | |
62 | * manager_mark_dns_servers() and | |
63 | * manager_flush_marked_dns_servers(). | |
64 | */ | |
0b58db65 | 65 | dns_server_move_back_and_unmark(s); |
636e813d LP |
66 | return 0; |
67 | } | |
68 | ||
2817157b | 69 | return dns_server_new(m, NULL, type, NULL, family, &address, ifindex); |
636e813d LP |
70 | } |
71 | ||
72 | int manager_parse_dns_server_string_and_warn(Manager *m, DnsServerType type, const char *string) { | |
73 | int r; | |
74 | ||
75 | assert(m); | |
76 | assert(string); | |
77 | ||
9ed794a3 | 78 | for (;;) { |
b5efdb8a | 79 | _cleanup_free_ char *word = NULL; |
880603a1 SS |
80 | |
81 | r = extract_first_word(&string, &word, NULL, 0); | |
82 | if (r < 0) | |
636e813d | 83 | return r; |
880603a1 SS |
84 | if (r == 0) |
85 | break; | |
4e945a6f | 86 | |
636e813d | 87 | r = manager_add_dns_server_by_string(m, type, word); |
a51c1048 | 88 | if (r < 0) |
2817157b | 89 | log_warning_errno(r, "Failed to add DNS server address '%s', ignoring: %m", word); |
a51c1048 LP |
90 | } |
91 | ||
92 | return 0; | |
93 | } | |
94 | ||
95 | int manager_add_search_domain_by_string(Manager *m, const char *domain) { | |
96 | DnsSearchDomain *d; | |
adc800a6 | 97 | bool route_only; |
a51c1048 LP |
98 | int r; |
99 | ||
100 | assert(m); | |
101 | assert(domain); | |
102 | ||
adc800a6 LP |
103 | route_only = *domain == '~'; |
104 | if (route_only) | |
105 | domain++; | |
106 | ||
107 | if (dns_name_is_root(domain) || streq(domain, "*")) { | |
108 | route_only = true; | |
109 | domain = "."; | |
110 | } | |
111 | ||
a51c1048 LP |
112 | r = dns_search_domain_find(m->search_domains, domain, &d); |
113 | if (r < 0) | |
114 | return r; | |
adc800a6 | 115 | if (r > 0) |
a51c1048 | 116 | dns_search_domain_move_back_and_unmark(d); |
adc800a6 LP |
117 | else { |
118 | r = dns_search_domain_new(m, &d, DNS_SEARCH_DOMAIN_SYSTEM, NULL, domain); | |
119 | if (r < 0) | |
120 | return r; | |
a51c1048 LP |
121 | } |
122 | ||
adc800a6 LP |
123 | d->route_only = route_only; |
124 | return 0; | |
a51c1048 LP |
125 | } |
126 | ||
127 | int manager_parse_search_domains_and_warn(Manager *m, const char *string) { | |
128 | int r; | |
129 | ||
130 | assert(m); | |
131 | assert(string); | |
132 | ||
9ed794a3 | 133 | for (;;) { |
a51c1048 LP |
134 | _cleanup_free_ char *word = NULL; |
135 | ||
136 | r = extract_first_word(&string, &word, NULL, EXTRACT_QUOTES); | |
137 | if (r < 0) | |
138 | return r; | |
139 | if (r == 0) | |
140 | break; | |
141 | ||
142 | r = manager_add_search_domain_by_string(m, word); | |
143 | if (r < 0) | |
2817157b | 144 | log_warning_errno(r, "Failed to add search domain '%s', ignoring: %m", word); |
4e945a6f LP |
145 | } |
146 | ||
147 | return 0; | |
148 | } | |
149 | ||
636e813d | 150 | int config_parse_dns_servers( |
4e945a6f LP |
151 | const char *unit, |
152 | const char *filename, | |
153 | unsigned line, | |
154 | const char *section, | |
155 | unsigned section_line, | |
156 | const char *lvalue, | |
157 | int ltype, | |
158 | const char *rvalue, | |
159 | void *data, | |
160 | void *userdata) { | |
161 | ||
162 | Manager *m = userdata; | |
4e945a6f LP |
163 | int r; |
164 | ||
165 | assert(filename); | |
166 | assert(lvalue); | |
167 | assert(rvalue); | |
168 | assert(m); | |
169 | ||
3e684349 | 170 | if (isempty(rvalue)) |
5cb36f41 | 171 | /* Empty assignment means clear the list */ |
4b95f179 | 172 | dns_server_unlink_all(manager_get_first_dns_server(m, ltype)); |
3e684349 | 173 | else { |
b938cb90 | 174 | /* Otherwise, add to the list */ |
636e813d | 175 | r = manager_parse_dns_server_string_and_warn(m, ltype, rvalue); |
5cb36f41 | 176 | if (r < 0) { |
12ca818f | 177 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse DNS server string '%s'. Ignoring.", rvalue); |
5cb36f41 LP |
178 | return 0; |
179 | } | |
4e945a6f LP |
180 | } |
181 | ||
5cb36f41 LP |
182 | /* If we have a manual setting, then we stop reading |
183 | * /etc/resolv.conf */ | |
184 | if (ltype == DNS_SERVER_SYSTEM) | |
185 | m->read_resolv_conf = false; | |
00fa60ae LP |
186 | if (ltype == DNS_SERVER_FALLBACK) |
187 | m->need_builtin_fallbacks = false; | |
5cb36f41 | 188 | |
4e945a6f LP |
189 | return 0; |
190 | } | |
191 | ||
a51c1048 LP |
192 | int config_parse_search_domains( |
193 | const char *unit, | |
194 | const char *filename, | |
195 | unsigned line, | |
196 | const char *section, | |
197 | unsigned section_line, | |
198 | const char *lvalue, | |
199 | int ltype, | |
200 | const char *rvalue, | |
201 | void *data, | |
202 | void *userdata) { | |
203 | ||
204 | Manager *m = userdata; | |
205 | int r; | |
206 | ||
207 | assert(filename); | |
208 | assert(lvalue); | |
209 | assert(rvalue); | |
210 | assert(m); | |
211 | ||
212 | if (isempty(rvalue)) | |
213 | /* Empty assignment means clear the list */ | |
214 | dns_search_domain_unlink_all(m->search_domains); | |
215 | else { | |
216 | /* Otherwise, add to the list */ | |
217 | r = manager_parse_search_domains_and_warn(m, rvalue); | |
218 | if (r < 0) { | |
219 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse search domains string '%s'. Ignoring.", rvalue); | |
220 | return 0; | |
221 | } | |
222 | } | |
223 | ||
224 | /* If we have a manual setting, then we stop reading | |
225 | * /etc/resolv.conf */ | |
226 | m->read_resolv_conf = false; | |
227 | ||
228 | return 0; | |
229 | } | |
230 | ||
4e945a6f | 231 | int manager_parse_config_file(Manager *m) { |
00fa60ae LP |
232 | int r; |
233 | ||
4e945a6f LP |
234 | assert(m); |
235 | ||
43688c49 | 236 | r = config_parse_many_nulstr(PKGSYSCONFDIR "/resolved.conf", |
da412854 YW |
237 | CONF_PATHS_NULSTR("systemd/resolved.conf.d"), |
238 | "Resolve\0", | |
239 | config_item_perf_lookup, resolved_gperf_lookup, | |
bcde742e | 240 | CONFIG_PARSE_WARN, m); |
00fa60ae LP |
241 | if (r < 0) |
242 | return r; | |
243 | ||
244 | if (m->need_builtin_fallbacks) { | |
245 | r = manager_parse_dns_server_string_and_warn(m, DNS_SERVER_FALLBACK, DNS_SERVERS); | |
246 | if (r < 0) | |
247 | return r; | |
248 | } | |
249 | ||
349cc4a5 | 250 | #if ! HAVE_GCRYPT |
42303dcb YW |
251 | if (m->dnssec_mode != DNSSEC_NO) { |
252 | log_warning("DNSSEC option cannot be enabled or set to allow-downgrade when systemd-resolved is built without gcrypt support. Turning off DNSSEC support."); | |
253 | m->dnssec_mode = DNSSEC_NO; | |
254 | } | |
255 | #endif | |
00fa60ae LP |
256 | return 0; |
257 | ||
4e945a6f | 258 | } |