resolved,nss-myhostname: use _gateway for the gateway

This changes the symbolic name for the default gateway from "gateway" to
"_gateway". A new configuration option -Dcompat-gateway-hostname=true|false
is added. If it is set, the old name is also supported, but the new name
is used as the canonical name in either case. This is intended as a temporary
measure to make the transition easier, and the option should be removed
after a few releases, at which point only the new name will be used.

The old "gateway" name mostly works OK, but hasn't gained widespread acceptance
because of the following (potential) conflicts:
- it is completely legal to have a host called "gateway"
- there is no guarantee that "gateway" will not be registered as a TLD, even
  though this currently seems unlikely. (Even then, there would be no
  conflict except for the case when the top-level domain itself was being resolved.
  The "gateway" or "_gateway" labels have only special meaning when the
  whole name consists of a single label, so resolution of any subdomain
  of the hypothetical gateway. TLD would still work OK. )
Moving to "_gateway" avoids those issues because underscores are not allowed
in host names (RFC 1123, §2.1) and avoids potential conflicts with local or
global names.

v2:
- simplify the logic to hardcode "_gateway" and allow
  -Dcompat-gateway-hostname=true as a temporary measure.

diff --git a/meson.build b/meson.build
index ba8bb8185685ffaa5f78560faccc2098b91e4809..2be88c5ea1022e9e9e3323ee4139ea745344b9d4 100644 (file)
--- a/meson.build
+++ b/meson.build
@@ -537,6 +537,8 @@ endforeach
 ############################################################
 
 conf.set_quoted('FALLBACK_HOSTNAME', get_option('fallback-hostname'))
+conf.set10('ENABLE_COMPAT_GATEWAY_HOSTNAME', get_option('compat-gateway-hostname'))
+gateway_hostnames = ['_gateway'] + (conf.get('ENABLE_COMPAT_GATEWAY_HOSTNAME') == 1 ? ['gateway'] : [])
 
 default_hierarchy = get_option('default-hierarchy')
 conf.set_quoted('DEFAULT_HIERARCHY_NAME', default_hierarchy,
@@ -2399,6 +2401,7 @@ status = [
         'nobody user name:                  @0@'.format(get_option('nobody-user')),
         'nobody group name:                 @0@'.format(get_option('nobody-group')),
         'fallback hostname:                 @0@'.format(get_option('fallback-hostname')),
+        'symbolic gateway hostnames:        @0@'.format(', '.join(gateway_hostnames)),
 
         'default DNSSEC mode:               @0@'.format(default_dnssec),
         'default cgroup hierarchy:          @0@'.format(default_hierarchy),

diff --git a/meson_options.txt b/meson_options.txt
index 0cd8fb02e7f3f0c32c48d48da74f0f63d85592db..a2de6aba3ada5e955ca5d8f32e0cef8180f531c7 100644 (file)
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -120,6 +120,8 @@ option('pamconfdir', type : 'string',
 
 option('fallback-hostname', type : 'string', value : 'localhost',
        description : 'the hostname used if none configured')
+option('compat-gateway-hostname', type : 'boolean', value : 'false',
+       description : 'allow "gateway" as the symbolic name for default gateway')
 option('default-hierarchy', type : 'combo',
        choices : ['legacy', 'hybrid', 'unified'], value : 'hybrid',
        description : 'default cgroup hierarchy')

diff --git a/src/basic/hostname-util.c b/src/basic/hostname-util.c
index a94037b3035d8c53e40cf419af040868f67adc32..b511a36301fc79f004796f0bd7a622d96b625d9b 100644 (file)
--- a/src/basic/hostname-util.c
+++ b/src/basic/hostname-util.c
@@ -196,8 +196,11 @@ bool is_gateway_hostname(const char *hostname) {
          * synthetic "gateway" host. */
 
         return
-                strcaseeq(hostname, "gateway") ||
-                strcaseeq(hostname, "gateway.");
+                strcaseeq(hostname, "_gateway") || strcaseeq(hostname, "_gateway.")
+#if ENABLE_COMPAT_GATEWAY_HOSTNAME
+                || strcaseeq(hostname, "gateway") || strcaseeq(hostname, "gateway.")
+#endif
+                ;
 }
 
 int sethostname_idempotent(const char *s) {

diff --git a/src/nss-myhostname/nss-myhostname.c b/src/nss-myhostname/nss-myhostname.c
index 0570fde5920aad972bbabe139b677f5a984baebd..9ebdbb7cf3193d20a73f8d7cfc702ca0128d7d0d 100644 (file)
--- a/src/nss-myhostname/nss-myhostname.c
+++ b/src/nss-myhostname/nss-myhostname.c
@@ -86,7 +86,7 @@ enum nss_status _nss_myhostname_gethostbyname4_r(
                         return NSS_STATUS_NOTFOUND;
                 }
 
-                canonical = "gateway";
+                canonical = "_gateway";
 
         } else {
                 hn = gethostname_malloc();
@@ -356,7 +356,7 @@ enum nss_status _nss_myhostname_gethostbyname3_r(
                         return NSS_STATUS_NOTFOUND;
                 }
 
-                canonical = "gateway";
+                canonical = "_gateway";
 
         } else {
                 hn = gethostname_malloc();
@@ -467,7 +467,7 @@ enum nss_status _nss_myhostname_gethostbyaddr2_r(
                         continue;
 
                 if (memcmp(addr, &a->address, FAMILY_ADDRESS_SIZE(af)) == 0) {
-                        canonical = "gateway";
+                        canonical = "_gateway";
                         goto found;
                 }
         }

diff --git a/src/resolve/resolved-dns-synthesize.c b/src/resolve/resolved-dns-synthesize.c
index e3003411f7933a93d0536e33462fd19b87716a52..c454f6404962fda38991b9c878741ac932f67ba8 100644 (file)
--- a/src/resolve/resolved-dns-synthesize.c
+++ b/src/resolve/resolved-dns-synthesize.c
@@ -334,7 +334,7 @@ static int synthesize_gateway_ptr(Manager *m, int af, const union in_addr_union
         if (n < 0)
                 return n;
 
-        return answer_add_addresses_ptr(answer, "gateway", addresses, n, af, address);
+        return answer_add_addresses_ptr(answer, "_gateway", addresses, n, af, address);
 }
 
 int dns_synthesize_answer(

diff --git a/src/test/test-nss.c b/src/test/test-nss.c
index 57eeb8e40c5c36dbe706ee90dcb597b255d6f335..44570caa6c09c93455d26f78e3972baca7b4474d 100644 (file)
--- a/src/test/test-nss.c
+++ b/src/test/test-nss.c
@@ -491,7 +491,7 @@ static int parse_argv(int argc, char **argv,
                 if (!hostname)
                         return -ENOMEM;
 
-                names = strv_new("localhost", "gateway", "foo_no_such_host", hostname, NULL);
+                names = strv_new("localhost", "_gateway", "foo_no_such_host", hostname, NULL);
                 if (!names)
                         return -ENOMEM;