From c9299be2f5a634881d6d9053cc93d093df040671 Mon Sep 17 00:00:00 2001 From: Iwan Timmer Date: Wed, 13 Jun 2018 20:26:24 +0200 Subject: [PATCH] resolve: rename PrivateDNS to DNSOverTLS PrivateDNS is not considered a good name for this option, so rename it to DNSOverTLS --- NEWS | 4 +-- man/resolvectl.xml | 8 ++--- man/resolved.conf.xml | 8 ++--- man/systemd.network.xml | 4 +-- meson.build | 18 +++++----- meson_options.txt | 4 +-- shell-completion/bash/resolvectl | 12 +++---- shell-completion/bash/systemd-resolve | 2 +- src/libsystemd/sd-network/sd-network.c | 4 +-- src/network/networkd-link.c | 6 ++-- src/network/networkd-network-gperf.gperf | 2 +- src/network/networkd-network.c | 2 +- src/network/networkd-network.h | 2 +- src/resolve/resolvectl.c | 44 ++++++++++++------------ src/resolve/resolved-bus.c | 10 +++--- src/resolve/resolved-conf.c | 6 ++-- src/resolve/resolved-dns-scope.c | 6 ++-- src/resolve/resolved-dns-scope.h | 2 +- src/resolve/resolved-dns-server.c | 10 +++--- src/resolve/resolved-dns-server.h | 2 +- src/resolve/resolved-gperf.gperf | 2 +- src/resolve/resolved-link-bus.c | 26 +++++++------- src/resolve/resolved-link-bus.h | 2 +- src/resolve/resolved-link.c | 34 +++++++++--------- src/resolve/resolved-link.h | 6 ++-- src/resolve/resolved-manager.c | 10 +++--- src/resolve/resolved-manager.h | 4 +-- src/resolve/resolved.conf.in | 2 +- src/shared/resolve-util.c | 10 +++--- src/shared/resolve-util.h | 18 +++++----- src/systemd/sd-network.h | 4 +-- 31 files changed, 137 insertions(+), 137 deletions(-) diff --git a/NEWS b/NEWS index 79e8a1bcbd6..cca6692c4bc 100644 --- a/NEWS +++ b/NEWS @@ -52,8 +52,8 @@ CHANGES WITH 239 in spe: screen resolution for HiDPI systems, and now provides loader configuration settings to change the resolution explicitly. - * systemd-resolved now supports DNS-over-TLS ("PrivateDNS"). It's still - turned off by default, use PrivateDNS=opportunistic to turn it on in + * systemd-resolved now supports DNS-over-TLS. It's still + turned off by default, use DNSOverTLS=opportunistic to turn it on in resolved.conf. We intend to make this the default as soon as couple of additional techniques for optimizing the initial latency caused by establishing a TLS/TCP connection are implemented. diff --git a/man/resolvectl.xml b/man/resolvectl.xml index 539a785f2bb..53cff45473e 100644 --- a/man/resolvectl.xml +++ b/man/resolvectl.xml @@ -257,7 +257,7 @@ - + Get/set per-interface DNS configuration. These commands may be used to configure various DNS @@ -269,8 +269,8 @@ through external means. The command expects IPv4 or IPv6 address specifications of DNS servers to use. The command expects valid DNS domains, possibly prefixed with ~, and configures a per-interface search or route-only domain. The , - , and commands may be used to configure - the per-interface LLMNR, MulticastDNS, DNSSEC and PrivateDNS settings. Finally, command + , and commands may be used to configure + the per-interface LLMNR, MulticastDNS, DNSSEC and DNSOverTLS settings. Finally, command may be used to configure additional per-interface DNSSEC NTA domains. For details about these settings, their possible values and their effect, see the corresponding options in systemd.network5. @@ -283,7 +283,7 @@ Revert the per-interface DNS configuration. If the DNS configuration is reverted all per-interface DNS setting are reset to their defaults, undoing all effects of , , , , , - , . Note that when a network interface disappears all + , . Note that when a network interface disappears all configuration is lost automatically, an explicit reverting is not necessary in that case. diff --git a/man/resolved.conf.xml b/man/resolved.conf.xml index 67cc4094404..a926da8180e 100644 --- a/man/resolved.conf.xml +++ b/man/resolved.conf.xml @@ -207,7 +207,7 @@ - PrivateDNS= + DNSOverTLS= Takes false or opportunistic. When set to opportunistic @@ -226,10 +226,10 @@ Note as the resolver is not capable of authenticating the server, it is vulnerable for "man-in-the-middle" attacks. - In addition to this global PrivateDNS setting + In addition to this global DNSOverTLS setting systemd-networkd.service8 - also maintains per-link PrivateDNS settings. For system DNS - servers (see above), only the global PrivateDNS setting is in + also maintains per-link DNSOverTLS settings. For system DNS + servers (see above), only the global DNSOverTLS setting is in effect. For per-link DNS servers the per-link setting is in effect, unless it is unset in which case the global setting is used instead. diff --git a/man/systemd.network.xml b/man/systemd.network.xml index b43874b59cd..d2dd7987798 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -385,7 +385,7 @@ - PrivateDNS= + DNSOverTLS= Takes false or opportunistic. When set to opportunistic, enables @@ -394,7 +394,7 @@ support on the link. This option defines a per-interface setting for resolved.conf5's - global PrivateDNS= option. Defaults to + global DNSOverTLS= option. Defaults to false. This setting is read by systemd-resolved.service8. diff --git a/meson.build b/meson.build index c62d2afccd8..213a47e32d8 100644 --- a/meson.build +++ b/meson.build @@ -1137,17 +1137,17 @@ conf.set('DEFAULT_DNSSEC_MODE', 'DNSSEC_' + default_dnssec.underscorify().to_upper()) substs.set('DEFAULT_DNSSEC_MODE', default_dnssec) -default_private_dns = get_option('default-private-dns') +default_dns_over_tls = get_option('default-dns-over-tls') if fuzzer_build - default_private_dns = 'no' + default_dns_over_tls = 'no' endif -if default_private_dns != 'no' and conf.get('HAVE_GNUTLS') == 0 - message('default-private-dns cannot be set to strict or opportunistic when gnutls is disabled. Setting default-private-dns to no.') - default_private_dns = 'no' +if default_dns_over_tls != 'no' and conf.get('HAVE_GNUTLS') == 0 + message('default-dns-over-tls cannot be set to strict or opportunistic when gnutls is disabled. Setting default-dns-over-tls to no.') + default_dns_over_tls = 'no' endif -conf.set('DEFAULT_PRIVATE_DNS_MODE', - 'PRIVATE_DNS_' + default_private_dns.underscorify().to_upper()) -substs.set('DEFAULT_PRIVATE_DNS_MODE', default_private_dns) +conf.set('DEFAULT_DNS_OVER_TLS_MODE', + 'DNS_OVER_TLS_' + default_dns_over_tls.underscorify().to_upper()) +substs.set('DEFAULT_DNS_OVER_TLS_MODE', default_dns_over_tls) want_importd = get_option('importd') if want_importd != 'false' @@ -2870,7 +2870,7 @@ status = [ 'symbolic gateway hostnames: @0@'.format(', '.join(gateway_hostnames)), 'default DNSSEC mode: @0@'.format(default_dnssec), - 'default private DNS mode: @0@'.format(default_private_dns), + 'default DNS-over-TLS mode: @0@'.format(default_dns_over_tls), 'default cgroup hierarchy: @0@'.format(default_hierarchy), 'default KillUserProcesses setting: @0@'.format(kill_user_processes)] diff --git a/meson_options.txt b/meson_options.txt index c1d0cf6d7b0..233d91338b5 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -193,8 +193,8 @@ option('default-dnssec', type : 'combo', description : 'default DNSSEC mode', choices : ['yes', 'allow-downgrade', 'no'], value : 'allow-downgrade') -option('default-private-dns', type : 'combo', - description : 'default private DNS mode', +option('default-dns-over-tls', type : 'combo', + description : 'default DNS-over-TLS mode', choices : ['opportunistic', 'no'], value : 'no') option('dns-servers', type : 'string', diff --git a/shell-completion/bash/resolvectl b/shell-completion/bash/resolvectl index a8b24bc757e..0d92acd5394 100644 --- a/shell-completion/bash/resolvectl +++ b/shell-completion/bash/resolvectl @@ -48,14 +48,14 @@ _resolvectl() { [LINK]='revert dns domain nta' [RESOLVE]='llmnr mdns' [DNSSEC]='dnssec' - [PRIVATEDNS]='privatedns' + [DNSOVERTLS]='dnsovertls' [STANDALONE]='statistics reset-statistics flush-caches reset-server-features' ) local -A ARGS=( [FAMILY]='tcp udp sctp' [RESOLVE]='yes no resolve' [DNSSEC]='yes no allow-downgrade' - [PRIVATEDNS]='no opportunistic' + [DNSOVERTLS]='no opportunistic' ) local interfaces=$( __get_interfaces ) @@ -111,7 +111,7 @@ _resolvectl() { comps="" fi - elif __contains_word "$verb" ${VERBS[LINK]} ${VERBS[RESOLVE]} ${VERBS[DNSSEC]} ${VERBS[PRIVATEDNS]}; then + elif __contains_word "$verb" ${VERBS[LINK]} ${VERBS[RESOLVE]} ${VERBS[DNSSEC]} ${VERBS[DNSOVERTLS]}; then for ((i++; i < COMP_CWORD; i++)); do if __contains_word "${COMP_WORDS[i]}" $interfaces && ! __contains_word "${COMP_WORDS[i-1]}" ${OPTS[ARG]}; then @@ -155,10 +155,10 @@ _resolvectl() { comps='' fi - elif __contains_word "$verb" ${VERBS[PRIVATEDNS]}; then + elif __contains_word "$verb" ${VERBS[DNSOVERTLS]}; then name= for ((i++; i < COMP_CWORD; i++)); do - if __contains_word "${COMP_WORDS[i]}" ${ARGS[PRIVATEDNS]} && + if __contains_word "${COMP_WORDS[i]}" ${ARGS[DNSOVERTLS]} && ! __contains_word "${COMP_WORDS[i-1]}" ${OPTS[ARG]}; then name=${COMP_WORDS[i]} break; @@ -166,7 +166,7 @@ _resolvectl() { done if [[ -z $name ]]; then - comps=${ARGS[PRIVATEDNS]} + comps=${ARGS[DNSOVERTLS]} else comps='' fi diff --git a/shell-completion/bash/systemd-resolve b/shell-completion/bash/systemd-resolve index 7bcd13563cf..98c6c87a3ba 100644 --- a/shell-completion/bash/systemd-resolve +++ b/shell-completion/bash/systemd-resolve @@ -65,7 +65,7 @@ _systemd-resolve() { --set-dnssec) comps="yes no allow-downgrade" ;; - --set-privatedns) + --set-dnsovertls) comps="no opportunistic" ;; esac diff --git a/src/libsystemd/sd-network/sd-network.c b/src/libsystemd/sd-network/sd-network.c index 412a8ae82ee..79e52fbe03b 100644 --- a/src/libsystemd/sd-network/sd-network.c +++ b/src/libsystemd/sd-network/sd-network.c @@ -178,8 +178,8 @@ _public_ int sd_network_link_get_mdns(int ifindex, char **mdns) { return network_link_get_string(ifindex, "MDNS", mdns); } -_public_ int sd_network_link_get_private_dns(int ifindex, char **private_dns) { - return network_link_get_string(ifindex, "PRIVATE_DNS", private_dns); +_public_ int sd_network_link_get_dns_over_tls(int ifindex, char **dns_over_tls) { + return network_link_get_string(ifindex, "DNS_OVER_TLS", dns_over_tls); } _public_ int sd_network_link_get_dnssec(int ifindex, char **dnssec) { diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 805a4a7957d..07827884f33 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -3762,9 +3762,9 @@ int link_save(Link *link) { fprintf(f, "MDNS=%s\n", resolve_support_to_string(link->network->mdns)); - if (link->network->private_dns_mode != _PRIVATE_DNS_MODE_INVALID) - fprintf(f, "PRIVATE_DNS=%s\n", - private_dns_mode_to_string(link->network->private_dns_mode)); + if (link->network->dns_over_tls_mode != _DNS_OVER_TLS_MODE_INVALID) + fprintf(f, "DNS_OVER_TLS=%s\n", + dns_over_tls_mode_to_string(link->network->dns_over_tls_mode)); if (link->network->dnssec_mode != _DNSSEC_MODE_INVALID) fprintf(f, "DNSSEC=%s\n", diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf index 38d168a596e..6ad5257f792 100644 --- a/src/network/networkd-network-gperf.gperf +++ b/src/network/networkd-network-gperf.gperf @@ -60,7 +60,7 @@ Network.Domains, config_parse_domains, Network.DNS, config_parse_dns, 0, 0 Network.LLMNR, config_parse_resolve_support, 0, offsetof(Network, llmnr) Network.MulticastDNS, config_parse_resolve_support, 0, offsetof(Network, mdns) -Network.PrivateDNS, config_parse_private_dns_mode, 0, offsetof(Network, private_dns_mode) +Network.DNSOverTLS, config_parse_dns_over_tls_mode, 0, offsetof(Network, dns_over_tls_mode) Network.DNSSEC, config_parse_dnssec_mode, 0, offsetof(Network, dnssec_mode) Network.DNSSECNegativeTrustAnchors, config_parse_dnssec_negative_trust_anchors, 0, 0 Network.NTP, config_parse_ntp, 0, offsetof(Network, ntp) diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index fc7d9a34741..7e47245a36a 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -236,7 +236,7 @@ static int network_load_one(Manager *manager, const char *filename) { network->llmnr = RESOLVE_SUPPORT_YES; network->mdns = RESOLVE_SUPPORT_NO; network->dnssec_mode = _DNSSEC_MODE_INVALID; - network->private_dns_mode = _PRIVATE_DNS_MODE_INVALID; + network->dns_over_tls_mode = _DNS_OVER_TLS_MODE_INVALID; network->link_local = ADDRESS_FAMILY_IPV6; diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h index 3136835f8c8..0d5f3050a52 100644 --- a/src/network/networkd-network.h +++ b/src/network/networkd-network.h @@ -261,7 +261,7 @@ struct Network { ResolveSupport llmnr; ResolveSupport mdns; DnssecMode dnssec_mode; - PrivateDnsMode private_dns_mode; + DnsOverTlsMode dns_over_tls_mode; Set *dnssec_negative_trust_anchors; LIST_FIELDS(Network, networks); diff --git a/src/resolve/resolvectl.c b/src/resolve/resolvectl.c index 8517bcc692e..f8cc2df81e4 100644 --- a/src/resolve/resolvectl.c +++ b/src/resolve/resolvectl.c @@ -56,7 +56,7 @@ char **arg_set_dns = NULL; char **arg_set_domain = NULL; static const char *arg_set_llmnr = NULL; static const char *arg_set_mdns = NULL; -static const char *arg_set_private_dns = NULL; +static const char *arg_set_dns_over_tls = NULL; static const char *arg_set_dnssec = NULL; static char **arg_set_nta = NULL; @@ -1339,7 +1339,7 @@ static int status_ifindex(sd_bus *bus, int ifindex, const char *name, StatusMode uint64_t scopes_mask; const char *llmnr; const char *mdns; - const char *private_dns; + const char *dns_over_tls; const char *dnssec; char *current_dns; char **dns; @@ -1355,7 +1355,7 @@ static int status_ifindex(sd_bus *bus, int ifindex, const char *name, StatusMode { "Domains", "a(sb)", map_link_domains, offsetof(struct link_info, domains) }, { "LLMNR", "s", NULL, offsetof(struct link_info, llmnr) }, { "MulticastDNS", "s", NULL, offsetof(struct link_info, mdns) }, - { "PrivateDNS", "s", NULL, offsetof(struct link_info, private_dns) }, + { "DNSOverTLS", "s", NULL, offsetof(struct link_info, dns_over_tls) }, { "DNSSEC", "s", NULL, offsetof(struct link_info, dnssec) }, { "DNSSECNegativeTrustAnchors", "as", NULL, offsetof(struct link_info, ntas) }, { "DNSSECSupported", "b", NULL, offsetof(struct link_info, dnssec_supported) }, @@ -1437,7 +1437,7 @@ static int status_ifindex(sd_bus *bus, int ifindex, const char *name, StatusMode if (mode == STATUS_PRIVATE) { printf("%sLink %i (%s)%s: %s\n", ansi_highlight(), ifindex, name, ansi_normal(), - strna(link_info.private_dns)); + strna(link_info.dns_over_tls)); r = 0; goto finish; @@ -1470,12 +1470,12 @@ static int status_ifindex(sd_bus *bus, int ifindex, const char *name, StatusMode printf(" LLMNR setting: %s\n" "MulticastDNS setting: %s\n" - " PrivateDNS setting: %s\n" + " DNSOverTLS setting: %s\n" " DNSSEC setting: %s\n" " DNSSEC supported: %s\n", strna(link_info.llmnr), strna(link_info.mdns), - strna(link_info.private_dns), + strna(link_info.dns_over_tls), strna(link_info.dnssec), yes_no(link_info.dnssec_supported)); @@ -1617,7 +1617,7 @@ static int status_global(sd_bus *bus, StatusMode mode, bool *empty_line) { char **ntas; const char *llmnr; const char *mdns; - const char *private_dns; + const char *dns_over_tls; const char *dnssec; bool dnssec_supported; } global_info = {}; @@ -1630,7 +1630,7 @@ static int status_global(sd_bus *bus, StatusMode mode, bool *empty_line) { { "DNSSECNegativeTrustAnchors", "as", NULL, offsetof(struct global_info, ntas) }, { "LLMNR", "s", NULL, offsetof(struct global_info, llmnr) }, { "MulticastDNS", "s", NULL, offsetof(struct global_info, mdns) }, - { "PrivateDNS", "s", NULL, offsetof(struct global_info, private_dns) }, + { "DNSOverTLS", "s", NULL, offsetof(struct global_info, dns_over_tls) }, { "DNSSEC", "s", NULL, offsetof(struct global_info, dnssec) }, { "DNSSECSupported", "b", NULL, offsetof(struct global_info, dnssec_supported) }, {} @@ -1692,7 +1692,7 @@ static int status_global(sd_bus *bus, StatusMode mode, bool *empty_line) { if (mode == STATUS_PRIVATE) { printf("%sGlobal%s: %s\n", ansi_highlight(), ansi_normal(), - strna(global_info.private_dns)); + strna(global_info.dns_over_tls)); r = 0; goto finish; @@ -1710,12 +1710,12 @@ static int status_global(sd_bus *bus, StatusMode mode, bool *empty_line) { printf(" LLMNR setting: %s\n" "MulticastDNS setting: %s\n" - " PrivateDNS setting: %s\n" + " DNSOverTLS setting: %s\n" " DNSSEC setting: %s\n" " DNSSEC supported: %s\n", strna(global_info.llmnr), strna(global_info.mdns), - strna(global_info.private_dns), + strna(global_info.dns_over_tls), strna(global_info.dnssec), yes_no(global_info.dnssec_supported)); @@ -2108,7 +2108,7 @@ static int verb_mdns(int argc, char **argv, void *userdata) { return 0; } -static int verb_private_dns(int argc, char **argv, void *userdata) { +static int verb_dns_over_tls(int argc, char **argv, void *userdata) { _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; sd_bus *bus = userdata; int ifindex, r; @@ -2134,7 +2134,7 @@ static int verb_private_dns(int argc, char **argv, void *userdata) { "org.freedesktop.resolve1", "/org/freedesktop/resolve1", "org.freedesktop.resolve1.Manager", - "SetLinkPrivateDNS", + "SetLinkDNSOverTLS", &error, NULL, "is", ifindex, argv[2]); @@ -2146,7 +2146,7 @@ static int verb_private_dns(int argc, char **argv, void *userdata) { sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_LINK)) return 0; - return log_error_errno(r, "Failed to set PrivateDNS configuration: %s", bus_error_message(&error, r)); + return log_error_errno(r, "Failed to set DNSOverTLS configuration: %s", bus_error_message(&error, r)); } return 0; @@ -2354,7 +2354,7 @@ static void compat_help(void) { " --set-domain=DOMAIN Set per-interface search domain\n" " --set-llmnr=MODE Set per-interface LLMNR mode\n" " --set-mdns=MODE Set per-interface MulticastDNS mode\n" - " --set-privatedns=MODE Set per-interface PrivateDNS mode\n" + " --set-dnsovertls=MODE Set per-interface DNS-over-TLS mode\n" " --set-dnssec=MODE Set per-interface DNSSEC mode\n" " --set-nta=DOMAIN Set per-interface DNSSEC NTA\n" " --revert Revert per-interface configuration\n" @@ -2398,7 +2398,7 @@ static void native_help(void) { " domain [LINK [DOMAIN...]] Get/set per-interface search domain\n" " llmnr [LINK [MODE]] Get/set per-interface LLMNR mode\n" " mdns [LINK [MODE]] Get/set per-interface MulticastDNS mode\n" - " privatedns [LINK [MODE]] Get/set per-interface PrivateDNS mode\n" + " dnsovertls [LINK [MODE]] Get/set per-interface DNS-over-TLS mode\n" " dnssec [LINK [MODE]] Get/set per-interface DNSSEC mode\n" " nta [LINK [DOMAIN...]] Get/set per-interface DNSSEC NTA\n" " revert LINK Revert per-interface configuration\n" @@ -2464,7 +2464,7 @@ static int compat_parse_argv(int argc, char *argv[]) { { "set-domain", required_argument, NULL, ARG_SET_DOMAIN }, { "set-llmnr", required_argument, NULL, ARG_SET_LLMNR }, { "set-mdns", required_argument, NULL, ARG_SET_MDNS }, - { "set-privatedns", required_argument, NULL, ARG_SET_PRIVATE }, + { "set-dnsovertls", required_argument, NULL, ARG_SET_PRIVATE }, { "set-dnssec", required_argument, NULL, ARG_SET_DNSSEC }, { "set-nta", required_argument, NULL, ARG_SET_NTA }, { "revert", no_argument, NULL, ARG_REVERT_LINK }, @@ -2684,7 +2684,7 @@ static int compat_parse_argv(int argc, char *argv[]) { break; case ARG_SET_PRIVATE: - arg_set_private_dns = optarg; + arg_set_dns_over_tls = optarg; arg_mode = MODE_SET_LINK; break; @@ -2731,7 +2731,7 @@ static int compat_parse_argv(int argc, char *argv[]) { if (IN_SET(arg_mode, MODE_SET_LINK, MODE_REVERT_LINK)) { if (arg_ifindex <= 0) { - log_error("--set-dns=, --set-domain=, --set-llmnr=, --set-mdns=, --set-privatedns=, --set-dnssec=, --set-nta= and --revert require --interface=."); + log_error("--set-dns=, --set-domain=, --set-llmnr=, --set-mdns=, --set-dnsovertls=, --set-dnssec=, --set-nta= and --revert require --interface=."); return -EINVAL; } @@ -2957,7 +2957,7 @@ static int native_main(int argc, char *argv[], sd_bus *bus) { { "domain", VERB_ANY, VERB_ANY, 0, verb_domain }, { "llmnr", VERB_ANY, 3, 0, verb_llmnr }, { "mdns", VERB_ANY, 3, 0, verb_mdns }, - { "privatedns", VERB_ANY, 3, 0, verb_private_dns }, + { "dnsovertls", VERB_ANY, 3, 0, verb_dns_over_tls }, { "dnssec", VERB_ANY, 3, 0, verb_dnssec }, { "nta", VERB_ANY, VERB_ANY, 0, verb_nta }, { "revert", 2, 2, 0, verb_revert_link }, @@ -3050,8 +3050,8 @@ static int compat_main(int argc, char *argv[], sd_bus *bus) { return r; } - if (arg_set_private_dns) { - r = translate("privatedns", arg_ifname, 1, (char **) &arg_set_private_dns, bus); + if (arg_set_dns_over_tls) { + r = translate("dnsovertls", arg_ifname, 1, (char **) &arg_set_dns_over_tls, bus); if (r < 0) return r; } diff --git a/src/resolve/resolved-bus.c b/src/resolve/resolved-bus.c index bead18f82d8..03a29619f17 100644 --- a/src/resolve/resolved-bus.c +++ b/src/resolve/resolved-bus.c @@ -1471,7 +1471,7 @@ static int bus_property_get_ntas( static BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_dns_stub_listener_mode, dns_stub_listener_mode, DnsStubListenerMode); static BUS_DEFINE_PROPERTY_GET(bus_property_get_dnssec_supported, "b", Manager, manager_dnssec_supported); static BUS_DEFINE_PROPERTY_GET2(bus_property_get_dnssec_mode, "s", Manager, manager_get_dnssec_mode, dnssec_mode_to_string); -static BUS_DEFINE_PROPERTY_GET2(bus_property_get_private_dns_mode, "s", Manager, manager_get_private_dns_mode, private_dns_mode_to_string); +static BUS_DEFINE_PROPERTY_GET2(bus_property_get_dns_over_tls_mode, "s", Manager, manager_get_dns_over_tls_mode, dns_over_tls_mode_to_string); static int bus_method_reset_statistics(sd_bus_message *message, void *userdata, sd_bus_error *error) { Manager *m = userdata; @@ -1542,8 +1542,8 @@ static int bus_method_set_link_mdns(sd_bus_message *message, void *userdata, sd_ return call_link_method(userdata, message, bus_link_method_set_mdns, error); } -static int bus_method_set_link_private_dns(sd_bus_message *message, void *userdata, sd_bus_error *error) { - return call_link_method(userdata, message, bus_link_method_set_private_dns, error); +static int bus_method_set_link_dns_over_tls(sd_bus_message *message, void *userdata, sd_bus_error *error) { + return call_link_method(userdata, message, bus_link_method_set_dns_over_tls, error); } static int bus_method_set_link_dnssec(sd_bus_message *message, void *userdata, sd_bus_error *error) { @@ -1836,7 +1836,7 @@ static const sd_bus_vtable resolve_vtable[] = { SD_BUS_PROPERTY("LLMNRHostname", "s", NULL, offsetof(Manager, llmnr_hostname), 0), SD_BUS_PROPERTY("LLMNR", "s", bus_property_get_resolve_support, offsetof(Manager, llmnr_support), 0), SD_BUS_PROPERTY("MulticastDNS", "s", bus_property_get_resolve_support, offsetof(Manager, mdns_support), 0), - SD_BUS_PROPERTY("PrivateDNS", "s", bus_property_get_private_dns_mode, 0, 0), + SD_BUS_PROPERTY("DNSOverTLS", "s", bus_property_get_dns_over_tls_mode, 0, 0), SD_BUS_PROPERTY("DNS", "a(iiay)", bus_property_get_dns_servers, 0, 0), SD_BUS_PROPERTY("FallbackDNS", "a(iiay)", bus_property_get_fallback_dns_servers, offsetof(Manager, fallback_dns_servers), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("CurrentDNSServer", "(iiay)", bus_property_get_current_dns_server, offsetof(Manager, current_dns_server), 0), @@ -1861,7 +1861,7 @@ static const sd_bus_vtable resolve_vtable[] = { SD_BUS_METHOD("SetLinkDomains", "ia(sb)", NULL, bus_method_set_link_domains, 0), SD_BUS_METHOD("SetLinkLLMNR", "is", NULL, bus_method_set_link_llmnr, 0), SD_BUS_METHOD("SetLinkMulticastDNS", "is", NULL, bus_method_set_link_mdns, 0), - SD_BUS_METHOD("SetLinkPrivateDNS", "is", NULL, bus_method_set_link_private_dns, 0), + SD_BUS_METHOD("SetLinkDNSOverTLS", "is", NULL, bus_method_set_link_dns_over_tls, 0), SD_BUS_METHOD("SetLinkDNSSEC", "is", NULL, bus_method_set_link_dnssec, 0), SD_BUS_METHOD("SetLinkDNSSECNegativeTrustAnchors", "ias", NULL, bus_method_set_link_dnssec_negative_trust_anchors, 0), SD_BUS_METHOD("RevertLink", "i", NULL, bus_method_revert_link, 0), diff --git a/src/resolve/resolved-conf.c b/src/resolve/resolved-conf.c index 2825d2df18a..237e3717f2e 100644 --- a/src/resolve/resolved-conf.c +++ b/src/resolve/resolved-conf.c @@ -398,9 +398,9 @@ int manager_parse_config_file(Manager *m) { #endif #if ! HAVE_GNUTLS - if (m->private_dns_mode != PRIVATE_DNS_NO) { - log_warning("Private DNS option cannot be set to opportunistic when systemd-resolved is built without gnutls support. Turning off private DNS support."); - m->private_dns_mode = PRIVATE_DNS_NO; + if (m->dns_over_tls_mode != DNS_OVER_TLS_NO) { + log_warning("DNS-over-TLS option cannot be set to opportunistic when systemd-resolved is built without gnutls support. Turning off DNS-over-TLS support."); + m->dns_over_tls_mode = DNS_OVER_TLS_NO; } #endif return 0; diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c index 78e03d8121e..a056980d02a 100644 --- a/src/resolve/resolved-dns-scope.c +++ b/src/resolve/resolved-dns-scope.c @@ -54,15 +54,15 @@ int dns_scope_new(Manager *m, DnsScope **ret, Link *l, DnsProtocol protocol, int if (l) { s->dnssec_mode = link_get_dnssec_mode(l); - s->private_dns_mode = link_get_private_dns_mode(l); + s->dns_over_tls_mode = link_get_dns_over_tls_mode(l); } else { s->dnssec_mode = manager_get_dnssec_mode(m); - s->private_dns_mode = manager_get_private_dns_mode(m); + s->dns_over_tls_mode = manager_get_dns_over_tls_mode(m); } } else { s->dnssec_mode = DNSSEC_NO; - s->private_dns_mode = PRIVATE_DNS_NO; + s->dns_over_tls_mode = DNS_OVER_TLS_NO; } LIST_PREPEND(scopes, m->dns_scopes, s); diff --git a/src/resolve/resolved-dns-scope.h b/src/resolve/resolved-dns-scope.h index 45e6d31c679..989d0442464 100644 --- a/src/resolve/resolved-dns-scope.h +++ b/src/resolve/resolved-dns-scope.h @@ -35,7 +35,7 @@ struct DnsScope { DnsProtocol protocol; int family; DnssecMode dnssec_mode; - PrivateDnsMode private_dns_mode; + DnsOverTlsMode dns_over_tls_mode; Link *link; diff --git a/src/resolve/resolved-dns-server.c b/src/resolve/resolved-dns-server.c index d14dfd22ea0..1b43b8e82f9 100644 --- a/src/resolve/resolved-dns-server.c +++ b/src/resolve/resolved-dns-server.c @@ -400,11 +400,11 @@ DnsServerFeatureLevel dns_server_possible_feature_level(DnsServer *s) { /* Determine the best feature level we care about. If DNSSEC mode is off there's no point in using anything * better than EDNS0, hence don't even try. */ if (dns_server_get_dnssec_mode(s) != DNSSEC_NO) - best = dns_server_get_private_dns_mode(s) == PRIVATE_DNS_NO ? + best = dns_server_get_dns_over_tls_mode(s) == DNS_OVER_TLS_NO ? DNS_SERVER_FEATURE_LEVEL_LARGE : DNS_SERVER_FEATURE_LEVEL_TLS_DO; else - best = dns_server_get_private_dns_mode(s) == PRIVATE_DNS_NO ? + best = dns_server_get_dns_over_tls_mode(s) == DNS_OVER_TLS_NO ? DNS_SERVER_FEATURE_LEVEL_EDNS0 : DNS_SERVER_FEATURE_LEVEL_TLS_PLAIN; @@ -811,13 +811,13 @@ DnssecMode dns_server_get_dnssec_mode(DnsServer *s) { return manager_get_dnssec_mode(s->manager); } -PrivateDnsMode dns_server_get_private_dns_mode(DnsServer *s) { +DnsOverTlsMode dns_server_get_dns_over_tls_mode(DnsServer *s) { assert(s); if (s->link) - return link_get_private_dns_mode(s->link); + return link_get_dns_over_tls_mode(s->link); - return manager_get_private_dns_mode(s->manager); + return manager_get_dns_over_tls_mode(s->manager); } void dns_server_flush_cache(DnsServer *s) { diff --git a/src/resolve/resolved-dns-server.h b/src/resolve/resolved-dns-server.h index 8972fef6362..ecdba25df36 100644 --- a/src/resolve/resolved-dns-server.h +++ b/src/resolve/resolved-dns-server.h @@ -144,7 +144,7 @@ void manager_next_dns_server(Manager *m); bool dns_server_address_valid(int family, const union in_addr_union *sa); DnssecMode dns_server_get_dnssec_mode(DnsServer *s); -PrivateDnsMode dns_server_get_private_dns_mode(DnsServer *s); +DnsOverTlsMode dns_server_get_dns_over_tls_mode(DnsServer *s); DEFINE_TRIVIAL_CLEANUP_FUNC(DnsServer*, dns_server_unref); diff --git a/src/resolve/resolved-gperf.gperf b/src/resolve/resolved-gperf.gperf index e076241fb62..648ca4d8a24 100644 --- a/src/resolve/resolved-gperf.gperf +++ b/src/resolve/resolved-gperf.gperf @@ -23,6 +23,6 @@ Resolve.Domains, config_parse_search_domains, 0, Resolve.LLMNR, config_parse_resolve_support, 0, offsetof(Manager, llmnr_support) Resolve.MulticastDNS, config_parse_resolve_support, 0, offsetof(Manager, mdns_support) Resolve.DNSSEC, config_parse_dnssec_mode, 0, offsetof(Manager, dnssec_mode) -Resolve.PrivateDNS, config_parse_private_dns_mode, 0, offsetof(Manager, private_dns_mode) +Resolve.DNSOverTLS, config_parse_dns_over_tls_mode, 0, offsetof(Manager, dns_over_tls_mode) Resolve.Cache, config_parse_bool, 0, offsetof(Manager, enable_cache) Resolve.DNSStubListener, config_parse_dns_stub_listener_mode, 0, offsetof(Manager, dns_stub_listener_mode) diff --git a/src/resolve/resolved-link-bus.c b/src/resolve/resolved-link-bus.c index 3e06f1fe4b7..0ef8aebaa00 100644 --- a/src/resolve/resolved-link-bus.c +++ b/src/resolve/resolved-link-bus.c @@ -18,7 +18,7 @@ static BUS_DEFINE_PROPERTY_GET(property_get_dnssec_supported, "b", Link, link_dnssec_supported); static BUS_DEFINE_PROPERTY_GET2(property_get_dnssec_mode, "s", Link, link_get_dnssec_mode, dnssec_mode_to_string); -static int property_get_private_dns_mode( +static int property_get_dns_over_tls_mode( sd_bus *bus, const char *path, const char *interface, @@ -32,7 +32,7 @@ static int property_get_private_dns_mode( assert(reply); assert(l); - return sd_bus_message_append(reply, "s", private_dns_mode_to_string(link_get_private_dns_mode(l))); + return sd_bus_message_append(reply, "s", dns_over_tls_mode_to_string(link_get_dns_over_tls_mode(l))); } static int property_get_dns( @@ -419,10 +419,10 @@ int bus_link_method_set_mdns(sd_bus_message *message, void *userdata, sd_bus_err return sd_bus_reply_method_return(message, NULL); } -int bus_link_method_set_private_dns(sd_bus_message *message, void *userdata, sd_bus_error *error) { +int bus_link_method_set_dns_over_tls(sd_bus_message *message, void *userdata, sd_bus_error *error) { Link *l = userdata; - const char *private_dns; - PrivateDnsMode mode; + const char *dns_over_tls; + DnsOverTlsMode mode; int r; assert(message); @@ -432,19 +432,19 @@ int bus_link_method_set_private_dns(sd_bus_message *message, void *userdata, sd_ if (r < 0) return r; - r = sd_bus_message_read(message, "s", &private_dns); + r = sd_bus_message_read(message, "s", &dns_over_tls); if (r < 0) return r; - if (isempty(private_dns)) - mode = _PRIVATE_DNS_MODE_INVALID; + if (isempty(dns_over_tls)) + mode = _DNS_OVER_TLS_MODE_INVALID; else { - mode = private_dns_mode_from_string(private_dns); + mode = dns_over_tls_mode_from_string(dns_over_tls); if (mode < 0) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid PrivateDNS setting: %s", private_dns); + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid DNSOverTLS setting: %s", dns_over_tls); } - link_set_private_dns_mode(l, mode); + link_set_dns_over_tls_mode(l, mode); (void) link_save_user(l); @@ -557,7 +557,7 @@ const sd_bus_vtable link_vtable[] = { SD_BUS_PROPERTY("Domains", "a(sb)", property_get_domains, 0, 0), SD_BUS_PROPERTY("LLMNR", "s", bus_property_get_resolve_support, offsetof(Link, llmnr_support), 0), SD_BUS_PROPERTY("MulticastDNS", "s", bus_property_get_resolve_support, offsetof(Link, mdns_support), 0), - SD_BUS_PROPERTY("PrivateDNS", "s", property_get_private_dns_mode, 0, 0), + SD_BUS_PROPERTY("DNSOverTLS", "s", property_get_dns_over_tls_mode, 0, 0), SD_BUS_PROPERTY("DNSSEC", "s", property_get_dnssec_mode, 0, 0), SD_BUS_PROPERTY("DNSSECNegativeTrustAnchors", "as", property_get_ntas, 0, 0), SD_BUS_PROPERTY("DNSSECSupported", "b", property_get_dnssec_supported, 0, 0), @@ -566,7 +566,7 @@ const sd_bus_vtable link_vtable[] = { SD_BUS_METHOD("SetDomains", "a(sb)", NULL, bus_link_method_set_domains, 0), SD_BUS_METHOD("SetLLMNR", "s", NULL, bus_link_method_set_llmnr, 0), SD_BUS_METHOD("SetMulticastDNS", "s", NULL, bus_link_method_set_mdns, 0), - SD_BUS_METHOD("SetPrivateDNS", "s", NULL, bus_link_method_set_private_dns, 0), + SD_BUS_METHOD("SetDNSOverTLS", "s", NULL, bus_link_method_set_dns_over_tls, 0), SD_BUS_METHOD("SetDNSSEC", "s", NULL, bus_link_method_set_dnssec, 0), SD_BUS_METHOD("SetDNSSECNegativeTrustAnchors", "as", NULL, bus_link_method_set_dnssec_negative_trust_anchors, 0), SD_BUS_METHOD("Revert", NULL, NULL, bus_link_method_revert, 0), diff --git a/src/resolve/resolved-link-bus.h b/src/resolve/resolved-link-bus.h index 1632621230b..1383f7959ee 100644 --- a/src/resolve/resolved-link-bus.h +++ b/src/resolve/resolved-link-bus.h @@ -21,7 +21,7 @@ int bus_link_method_set_dns_servers(sd_bus_message *message, void *userdata, sd_ int bus_link_method_set_domains(sd_bus_message *message, void *userdata, sd_bus_error *error); int bus_link_method_set_llmnr(sd_bus_message *message, void *userdata, sd_bus_error *error); int bus_link_method_set_mdns(sd_bus_message *message, void *userdata, sd_bus_error *error); -int bus_link_method_set_private_dns(sd_bus_message *message, void *userdata, sd_bus_error *error); +int bus_link_method_set_dns_over_tls(sd_bus_message *message, void *userdata, sd_bus_error *error); int bus_link_method_set_dnssec(sd_bus_message *message, void *userdata, sd_bus_error *error); int bus_link_method_set_dnssec_negative_trust_anchors(sd_bus_message *message, void *userdata, sd_bus_error *error); int bus_link_method_revert(sd_bus_message *message, void *userdata, sd_bus_error *error); diff --git a/src/resolve/resolved-link.c b/src/resolve/resolved-link.c index aceea66ed6d..8e7db29f9fd 100644 --- a/src/resolve/resolved-link.c +++ b/src/resolve/resolved-link.c @@ -41,7 +41,7 @@ int link_new(Manager *m, Link **ret, int ifindex) { l->llmnr_support = RESOLVE_SUPPORT_YES; l->mdns_support = RESOLVE_SUPPORT_NO; l->dnssec_mode = _DNSSEC_MODE_INVALID; - l->private_dns_mode = _PRIVATE_DNS_MODE_INVALID; + l->dns_over_tls_mode = _DNS_OVER_TLS_MODE_INVALID; l->operstate = IF_OPER_UNKNOWN; if (asprintf(&l->state_file, "/run/systemd/resolve/netif/%i", ifindex) < 0) @@ -66,7 +66,7 @@ void link_flush_settings(Link *l) { l->llmnr_support = RESOLVE_SUPPORT_YES; l->mdns_support = RESOLVE_SUPPORT_NO; l->dnssec_mode = _DNSSEC_MODE_INVALID; - l->private_dns_mode = _PRIVATE_DNS_MODE_INVALID; + l->dns_over_tls_mode = _DNS_OVER_TLS_MODE_INVALID; dns_server_unlink_all(l->dns_servers); dns_search_domain_unlink_all(l->search_domains); @@ -354,26 +354,26 @@ clear: return r; } -void link_set_private_dns_mode(Link *l, PrivateDnsMode mode) { +void link_set_dns_over_tls_mode(Link *l, DnsOverTlsMode mode) { assert(l); #if ! HAVE_GNUTLS - if (mode != PRIVATE_DNS_NO) - log_warning("Private DNS option for the link cannot be set to opportunistic when systemd-resolved is built without gnutls support. Turning off Private DNS support."); + if (mode != DNS_OVER_TLS_NO) + log_warning("DNS-over-TLS option for the link cannot be set to opportunistic when systemd-resolved is built without gnutls support. Turning off DNS-over-TLS support."); return; #endif - l->private_dns_mode = mode; + l->dns_over_tls_mode = mode; } -static int link_update_private_dns_mode(Link *l) { +static int link_update_dns_over_tls_mode(Link *l) { _cleanup_free_ char *b = NULL; int r; assert(l); - r = sd_network_link_get_private_dns(l->ifindex, &b); + r = sd_network_link_get_dns_over_tls(l->ifindex, &b); if (r == -ENODATA) { r = 0; goto clear; @@ -381,8 +381,8 @@ static int link_update_private_dns_mode(Link *l) { if (r < 0) goto clear; - l->private_dns_mode = private_dns_mode_from_string(b); - if (l->private_dns_mode < 0) { + l->dns_over_tls_mode = dns_over_tls_mode_from_string(b); + if (l->dns_over_tls_mode < 0) { r = -EINVAL; goto clear; } @@ -390,7 +390,7 @@ static int link_update_private_dns_mode(Link *l) { return 0; clear: - l->private_dns_mode = _PRIVATE_DNS_MODE_INVALID; + l->dns_over_tls_mode = _DNS_OVER_TLS_MODE_INVALID; return r; } @@ -601,9 +601,9 @@ static void link_read_settings(Link *l) { if (r < 0) log_warning_errno(r, "Failed to read mDNS support for interface %s, ignoring: %m", l->name); - r = link_update_private_dns_mode(l); + r = link_update_dns_over_tls_mode(l); if (r < 0) - log_warning_errno(r, "Failed to read Private DNS mode for interface %s, ignoring: %m", l->name); + log_warning_errno(r, "Failed to read DNS-over-TLS mode for interface %s, ignoring: %m", l->name); r = link_update_dnssec_mode(l); if (r < 0) @@ -738,13 +738,13 @@ void link_next_dns_server(Link *l) { link_set_dns_server(l, l->dns_servers); } -PrivateDnsMode link_get_private_dns_mode(Link *l) { +DnsOverTlsMode link_get_dns_over_tls_mode(Link *l) { assert(l); - if (l->private_dns_mode != _PRIVATE_DNS_MODE_INVALID) - return l->private_dns_mode; + if (l->dns_over_tls_mode != _DNS_OVER_TLS_MODE_INVALID) + return l->dns_over_tls_mode; - return manager_get_private_dns_mode(l->manager); + return manager_get_dns_over_tls_mode(l->manager); } DnssecMode link_get_dnssec_mode(Link *l) { diff --git a/src/resolve/resolved-link.h b/src/resolve/resolved-link.h index cedcdd6753e..58a9c239bd8 100644 --- a/src/resolve/resolved-link.h +++ b/src/resolve/resolved-link.h @@ -59,7 +59,7 @@ struct Link { ResolveSupport llmnr_support; ResolveSupport mdns_support; - PrivateDnsMode private_dns_mode; + DnsOverTlsMode dns_over_tls_mode; DnssecMode dnssec_mode; Set *dnssec_negative_trust_anchors; @@ -91,7 +91,7 @@ void link_add_rrs(Link *l, bool force_remove); void link_flush_settings(Link *l); void link_set_dnssec_mode(Link *l, DnssecMode mode); -void link_set_private_dns_mode(Link *l, PrivateDnsMode mode); +void link_set_dns_over_tls_mode(Link *l, DnsOverTlsMode mode); void link_allocate_scopes(Link *l); DnsServer* link_set_dns_server(Link *l, DnsServer *s); @@ -101,7 +101,7 @@ void link_next_dns_server(Link *l); DnssecMode link_get_dnssec_mode(Link *l); bool link_dnssec_supported(Link *l); -PrivateDnsMode link_get_private_dns_mode(Link *l); +DnsOverTlsMode link_get_dns_over_tls_mode(Link *l); int link_save_user(Link *l); int link_load_user(Link *l); diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c index f8d372f9f0a..39f83f77151 100644 --- a/src/resolve/resolved-manager.c +++ b/src/resolve/resolved-manager.c @@ -580,7 +580,7 @@ int manager_new(Manager **ret) { m->llmnr_support = RESOLVE_SUPPORT_YES; m->mdns_support = RESOLVE_SUPPORT_YES; m->dnssec_mode = DEFAULT_DNSSEC_MODE; - m->private_dns_mode = DEFAULT_PRIVATE_DNS_MODE; + m->dns_over_tls_mode = DEFAULT_DNS_OVER_TLS_MODE; m->enable_cache = true; m->dns_stub_listener_mode = DNS_STUB_LISTENER_UDP; m->read_resolv_conf = true; @@ -1385,13 +1385,13 @@ bool manager_dnssec_supported(Manager *m) { return true; } -PrivateDnsMode manager_get_private_dns_mode(Manager *m) { +DnsOverTlsMode manager_get_dns_over_tls_mode(Manager *m) { assert(m); - if (m->private_dns_mode != _PRIVATE_DNS_MODE_INVALID) - return m->private_dns_mode; + if (m->dns_over_tls_mode != _DNS_OVER_TLS_MODE_INVALID) + return m->dns_over_tls_mode; - return PRIVATE_DNS_NO; + return DNS_OVER_TLS_NO; } void manager_dnssec_verdict(Manager *m, DnssecVerdict verdict, const DnsResourceKey *key) { diff --git a/src/resolve/resolved-manager.h b/src/resolve/resolved-manager.h index 4bba8b897df..df4f774f491 100644 --- a/src/resolve/resolved-manager.h +++ b/src/resolve/resolved-manager.h @@ -35,7 +35,7 @@ struct Manager { ResolveSupport llmnr_support; ResolveSupport mdns_support; DnssecMode dnssec_mode; - PrivateDnsMode private_dns_mode; + DnsOverTlsMode dns_over_tls_mode; bool enable_cache; DnsStubListenerMode dns_stub_listener_mode; @@ -173,7 +173,7 @@ int manager_compile_search_domains(Manager *m, OrderedSet **domains, int filter_ DnssecMode manager_get_dnssec_mode(Manager *m); bool manager_dnssec_supported(Manager *m); -PrivateDnsMode manager_get_private_dns_mode(Manager *m); +DnsOverTlsMode manager_get_dns_over_tls_mode(Manager *m); void manager_dnssec_verdict(Manager *m, DnssecVerdict verdict, const DnsResourceKey *key); diff --git a/src/resolve/resolved.conf.in b/src/resolve/resolved.conf.in index 60c48087a67..2528340f74a 100644 --- a/src/resolve/resolved.conf.in +++ b/src/resolve/resolved.conf.in @@ -18,6 +18,6 @@ #LLMNR=yes #MulticastDNS=yes #DNSSEC=@DEFAULT_DNSSEC_MODE@ -#PrivateDNS=@DEFAULT_PRIVATE_DNS_MODE@ +#DNSOverTLS=@DEFAULT_DNS_OVER_TLS_MODE@ #Cache=yes #DNSStubListener=udp diff --git a/src/shared/resolve-util.c b/src/shared/resolve-util.c index 770334f2578..72f8bca823f 100644 --- a/src/shared/resolve-util.c +++ b/src/shared/resolve-util.c @@ -11,7 +11,7 @@ DEFINE_CONFIG_PARSE_ENUM(config_parse_resolve_support, resolve_support, ResolveSupport, "Failed to parse resolve support setting"); DEFINE_CONFIG_PARSE_ENUM(config_parse_dnssec_mode, dnssec_mode, DnssecMode, "Failed to parse DNSSEC mode setting"); -DEFINE_CONFIG_PARSE_ENUM(config_parse_private_dns_mode, private_dns_mode, PrivateDnsMode, "Failed to parse private DNS mode setting"); +DEFINE_CONFIG_PARSE_ENUM(config_parse_dns_over_tls_mode, dns_over_tls_mode, DnsOverTlsMode, "Failed to parse DNS-over-TLS mode setting"); static const char* const resolve_support_table[_RESOLVE_SUPPORT_MAX] = { [RESOLVE_SUPPORT_NO] = "no", @@ -27,8 +27,8 @@ static const char* const dnssec_mode_table[_DNSSEC_MODE_MAX] = { }; DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dnssec_mode, DnssecMode, DNSSEC_YES); -static const char* const private_dns_mode_table[_PRIVATE_DNS_MODE_MAX] = { - [PRIVATE_DNS_NO] = "no", - [PRIVATE_DNS_OPPORTUNISTIC] = "opportunistic", +static const char* const dns_over_tls_mode_table[_DNS_OVER_TLS_MODE_MAX] = { + [DNS_OVER_TLS_NO] = "no", + [DNS_OVER_TLS_OPPORTUNISTIC] = "opportunistic", }; -DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(private_dns_mode, PrivateDnsMode, _PRIVATE_DNS_MODE_INVALID); +DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dns_over_tls_mode, DnsOverTlsMode, _DNS_OVER_TLS_MODE_INVALID); diff --git a/src/shared/resolve-util.h b/src/shared/resolve-util.h index 784bb2d6bd6..b7c2fdffc5f 100644 --- a/src/shared/resolve-util.h +++ b/src/shared/resolve-util.h @@ -12,7 +12,7 @@ typedef enum ResolveSupport ResolveSupport; typedef enum DnssecMode DnssecMode; -typedef enum PrivateDnsMode PrivateDnsMode; +typedef enum DnsOverTlsMode DnsOverTlsMode; enum ResolveSupport { RESOLVE_SUPPORT_NO, @@ -40,21 +40,21 @@ enum DnssecMode { _DNSSEC_MODE_INVALID = -1 }; -enum PrivateDnsMode { +enum DnsOverTlsMode { /* No connection is made for DNS-over-TLS */ - PRIVATE_DNS_NO, + DNS_OVER_TLS_NO, /* Try to connect using DNS-over-TLS, but if connection fails, * fallback to using an unencrypted connection */ - PRIVATE_DNS_OPPORTUNISTIC, + DNS_OVER_TLS_OPPORTUNISTIC, - _PRIVATE_DNS_MODE_MAX, - _PRIVATE_DNS_MODE_INVALID = -1 + _DNS_OVER_TLS_MODE_MAX, + _DNS_OVER_TLS_MODE_INVALID = -1 }; CONFIG_PARSER_PROTOTYPE(config_parse_resolve_support); CONFIG_PARSER_PROTOTYPE(config_parse_dnssec_mode); -CONFIG_PARSER_PROTOTYPE(config_parse_private_dns_mode); +CONFIG_PARSER_PROTOTYPE(config_parse_dns_over_tls_mode); const char* resolve_support_to_string(ResolveSupport p) _const_; ResolveSupport resolve_support_from_string(const char *s) _pure_; @@ -62,5 +62,5 @@ ResolveSupport resolve_support_from_string(const char *s) _pure_; const char* dnssec_mode_to_string(DnssecMode p) _const_; DnssecMode dnssec_mode_from_string(const char *s) _pure_; -const char* private_dns_mode_to_string(PrivateDnsMode p) _const_; -PrivateDnsMode private_dns_mode_from_string(const char *s) _pure_; +const char* dns_over_tls_mode_to_string(DnsOverTlsMode p) _const_; +DnsOverTlsMode dns_over_tls_mode_from_string(const char *s) _pure_; diff --git a/src/systemd/sd-network.h b/src/systemd/sd-network.h index 64bfb4fc09d..45b5ed9c454 100644 --- a/src/systemd/sd-network.h +++ b/src/systemd/sd-network.h @@ -129,13 +129,13 @@ int sd_network_link_get_llmnr(int ifindex, char **llmnr); */ int sd_network_link_get_mdns(int ifindex, char **mdns); -/* Indicates whether or not Private DNS should be enabled for the +/* Indicates whether or not DNS-over-TLS should be enabled for the * link. * Possible levels of support: strict, no, opportunistic * Possible return codes: * -ENODATA: networkd is not aware of the link */ -int sd_network_link_get_private_dns(int ifindex, char **private_dns); +int sd_network_link_get_dns_over_tls(int ifindex, char **dns_over_tls); /* Indicates whether or not DNSSEC should be enabled for the link * Possible levels of support: yes, no, allow-downgrade -- 2.39.2