]> git.ipfire.org Git - thirdparty/systemd.git/blobdiff - src/resolve/resolved-link.c
projects / thirdparty / systemd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add SPDX license identifiers to source files under the LGPL
[thirdparty/systemd.git] / src / resolve / resolved-link.c
diff --git a/src/resolve/resolved-link.c b/src/resolve/resolved-link.c
index 44c0cd654f47ec9a824acd9d7412b718a3f8771d..a0128aace0add2cf2e40c93dccb4c411019c3a82 100644 (file)
--- a/src/resolve/resolved-link.c
+++ b/src/resolve/resolved-link.c
@@ -1,3 +1,4 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
 /***
   This file is part of systemd.
 
@@ -28,6 +29,8 @@
 #include "mkdir.h"
 #include "parse-util.h"
 #include "resolved-link.h"
+#include "resolved-llmnr.h"
+#include "resolved-mdns.h"
 #include "string-util.h"
 #include "strv.h"
 
@@ -109,13 +112,30 @@ Link *link_free(Link *l) {
 }
 
 void link_allocate_scopes(Link *l) {
+        bool unicast_relevant;
         int r;
 
         assert(l);
 
-        if (link_relevant(l, AF_UNSPEC, false) &&
-            l->dns_servers) {
+        /* If a link that used to be relevant is no longer, or a link that did not use to be relevant now becomes
+         * relevant, let's reinit the learnt global DNS server information, since we might talk to different servers
+         * now, even if they have the same addresses as before. */
+
+        unicast_relevant = link_relevant(l, AF_UNSPEC, false);
+        if (unicast_relevant != l->unicast_relevant) {
+                l->unicast_relevant = unicast_relevant;
+
+                dns_server_reset_features_all(l->manager->fallback_dns_servers);
+                dns_server_reset_features_all(l->manager->dns_servers);
+        }
+
+        /* And now, allocate all scopes that makes sense now if we didn't have them yet, and drop those which we don't
+         * need anymore */
+
+        if (unicast_relevant && l->dns_servers) {
                 if (!l->unicast_scope) {
+                        dns_server_reset_features_all(l->dns_servers);
+
                         r = dns_scope_new(l->manager, &l->unicast_scope, l, DNS_PROTOCOL_DNS, AF_UNSPEC);
                         if (r < 0)
                                 log_warning_errno(r, "Failed to allocate DNS scope: %m");
@@ -311,6 +331,12 @@ void link_set_dnssec_mode(Link *l, DnssecMode mode) {
 
         assert(l);
 
+#if ! HAVE_GCRYPT
+        if (IN_SET(mode, DNSSEC_YES, DNSSEC_ALLOW_DOWNGRADE))
+                log_warning("DNSSEC option for the link cannot be enabled or set to allow-downgrade when systemd-resolved is built without gcrypt support. Turning off DNSSEC support.");
+        return;
+#endif
+
         if (l->dnssec_mode == mode)
                 return;
 
@@ -523,10 +549,25 @@ static void link_read_settings(Link *l) {
 }
 
 int link_update(Link *l) {
+        int r;
+
         assert(l);
 
         link_read_settings(l);
         link_load_user(l);
+
+        if (l->llmnr_support != RESOLVE_SUPPORT_NO) {
+                r = manager_llmnr_start(l->manager);
+                if (r < 0)
+                        return r;
+        }
+
+        if (l->mdns_support != RESOLVE_SUPPORT_NO) {
+                r = manager_mdns_start(l->manager);
+                if (r < 0)
+                        return r;
+        }
+
         link_allocate_scopes(l);
         link_add_rrs(l, false);
 
@@ -539,11 +580,11 @@ bool link_relevant(Link *l, int family, bool local_multicast) {
 
         assert(l);
 
-        /* A link is relevant for local multicast traffic if it isn't a loopback or pointopoint device, has a link
+        /* A link is relevant for local multicast traffic if it isn't a loopback device, has a link
          * beat, can do multicast and has at least one link-local (or better) IP address.
          *
          * A link is relevant for non-multicast traffic if it isn't a loopback device, has a link beat, and has at
-         * least one routable address.*/
+         * least one routable address. */
 
         if (l->flags & (IFF_LOOPBACK|IFF_DORMANT))
                 return false;
@@ -552,9 +593,6 @@ bool link_relevant(Link *l, int family, bool local_multicast) {
                 return false;
 
         if (local_multicast) {
-                if (l->flags & IFF_POINTOPOINT)
-                        return false;
-
                 if ((l->flags & IFF_MULTICAST) != IFF_MULTICAST)
                         return false;
         }
@@ -594,7 +632,7 @@ DnsServer* link_set_dns_server(Link *l, DnsServer *s) {
                 return s;
 
         if (s)
-                log_info("Switching to DNS server %s for interface %s.", dns_server_string(s), l->name);
+                log_debug("Switching to DNS server %s for interface %s.", dns_server_string(s), l->name);
 
         dns_server_unref(l->current_dns_server);
         l->current_dns_server = dns_server_ref(s);
@@ -1030,7 +1068,7 @@ int link_save_user(Link *l) {
         if (r < 0)
                 goto fail;
 
-        fputs("# This is private data. Do not parse.\n", f);
+        fputs_unlocked("# This is private data. Do not parse.\n", f);
 
         v = resolve_support_to_string(l->llmnr_support);
         if (v)
@@ -1047,11 +1085,11 @@ int link_save_user(Link *l) {
         if (l->dns_servers) {
                 DnsServer *server;
 
-                fputs("SERVERS=", f);
+                fputs_unlocked("SERVERS=", f);
                 LIST_FOREACH(servers, server, l->dns_servers) {
 
                         if (server != l->dns_servers)
-                                fputc(' ', f);
+                                fputc_unlocked(' ', f);
 
                         v = dns_server_string(server);
                         if (!v) {
@@ -1059,26 +1097,26 @@ int link_save_user(Link *l) {
                                 goto fail;
                         }
 
-                        fputs(v, f);
+                        fputs_unlocked(v, f);
                 }
-                fputc('\n', f);
+                fputc_unlocked('\n', f);
         }
 
         if (l->search_domains) {
                 DnsSearchDomain *domain;
 
-                fputs("DOMAINS=", f);
+                fputs_unlocked("DOMAINS=", f);
                 LIST_FOREACH(domains, domain, l->search_domains) {
 
                         if (domain != l->search_domains)
-                                fputc(' ', f);
+                                fputc_unlocked(' ', f);
 
                         if (domain->route_only)
-                                fputc('~', f);
+                                fputc_unlocked('~', f);
 
-                        fputs(DNS_SEARCH_DOMAIN_NAME(domain), f);
+                        fputs_unlocked(DNS_SEARCH_DOMAIN_NAME(domain), f);
                 }
-                fputc('\n', f);
+                fputc_unlocked('\n', f);
         }
 
         if (!set_isempty(l->dnssec_negative_trust_anchors)) {
@@ -1086,16 +1124,16 @@ int link_save_user(Link *l) {
                 Iterator i;
                 char *nta;
 
-                fputs("NTAS=", f);
+                fputs_unlocked("NTAS=", f);
                 SET_FOREACH(nta, l->dnssec_negative_trust_anchors, i) {
 
                         if (space)
-                                fputc(' ', f);
+                                fputc_unlocked(' ', f);
 
-                        fputs(nta, f);
+                        fputs_unlocked(nta, f);
                         space = true;
                 }
-                fputc('\n', f);
+                fputc_unlocked('\n', f);
         }
 
         r = fflush_and_check(f);
Unnamed repository; edit this file 'description' to name the repository.