resolved: Fall back to TCP if UDP is blocked

If UDP is blocked on the system (e.g. by iptables or BPF), the kernel will
return EPERM on some or all of the system calls (connect, sendmsg, etc.).
In this case, try to fall back to TCP, which hopefully will not be blocked.

diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c
index 8d76630adb686ad867e342432a206720856cbd8c..3f994690e622a610e05d471f4190a03365a6924b 100644 (file)
--- a/src/resolve/resolved-dns-transaction.c
+++ b/src/resolve/resolved-dns-transaction.c
@@ -2079,7 +2079,9 @@ int dns_transaction_go(DnsTransaction *t) {
                         log_debug("Sending query via TCP since it is too large.");
                 else if (r == -EAGAIN)
                         log_debug("Sending query via TCP since UDP isn't supported or DNS-over-TLS is selected.");
-                if (IN_SET(r, -EMSGSIZE, -EAGAIN))
+                else if (r == -EPERM)
+                        log_debug("Sending query via TCP since UDP is blocked.");
+                if (IN_SET(r, -EMSGSIZE, -EAGAIN, -EPERM))
                         r = dns_transaction_emit_tcp(t);
         }
         if (r == -ELOOP) {