if (dns_name_endswith(domain, "invalid") > 0)
return DNS_SCOPE_NO;
- /* Never go to network for the _gateway domain, it's something special, synthesized locally. */
- if (is_gateway_hostname(domain))
+ /* Never go to network for the _gateway or _outbound domain — they're something special, synthesized locally. */
+ if (is_gateway_hostname(domain) || is_outbound_hostname(domain))
return DNS_SCOPE_NO;
switch (s->protocol) {
if ((dns_name_is_single_label(domain) && /* only resolve single label names via LLMNR */
!is_gateway_hostname(domain) && /* don't resolve "_gateway" with LLMNR, let local synthesizing logic handle that */
+ !is_outbound_hostname(domain) && /* similar for "_outbound" */
dns_name_equal(domain, "local") == 0 && /* don't resolve "local" with LLMNR, it's the top-level domain of mDNS after all, see above */
manager_is_own_hostname(s->manager, domain) <= 0)) /* never resolve the local hostname via LLMNR */
return DNS_SCOPE_YES_BASE + 1; /* Return +1, as we consider ourselves authoritative
return added;
}
-static int synthesize_gateway_rr(Manager *m, const DnsResourceKey *key, int ifindex, DnsAnswer **answer) {
+static int synthesize_gateway_rr(
+ Manager *m,
+ const DnsResourceKey *key,
+ int ifindex,
+ int (*lookup)(sd_netlink *context, int ifindex, int af, struct local_address **ret), /* either local_gateways() or local_outbound() */
+ DnsAnswer **answer) {
_cleanup_free_ struct local_address *addresses = NULL;
int n = 0, af, r;
assert(m);
assert(key);
+ assert(lookup);
assert(answer);
af = dns_type_to_af(key->type);
if (af >= 0) {
- n = local_gateways(m->rtnl, ifindex, af, &addresses);
+ n = lookup(m->rtnl, ifindex, af, &addresses);
if (n < 0) /* < 0 means: error */
return n;
if (n == 0) { /* == 0 means we have no gateway */
/* See if there's a gateway on the other protocol */
if (af == AF_INET)
- n = local_gateways(m->rtnl, ifindex, AF_INET6, NULL);
+ n = lookup(m->rtnl, ifindex, AF_INET6, NULL);
else {
assert(af == AF_INET6);
- n = local_gateways(m->rtnl, ifindex, AF_INET, NULL);
+ n = lookup(m->rtnl, ifindex, AF_INET, NULL);
}
if (n <= 0) /* error (if < 0) or really no gateway at all (if == 0) */
return n;
} else if (is_gateway_hostname(name)) {
- r = synthesize_gateway_rr(m, key, ifindex, &answer);
+ r = synthesize_gateway_rr(m, key, ifindex, local_gateways, &answer);
if (r < 0)
return log_error_errno(r, "Failed to synthesize gateway RRs: %m");
if (r == 0) { /* if we have no gateway return NXDOMAIN */
continue;
}
+ } else if (is_outbound_hostname(name)) {
+
+ r = synthesize_gateway_rr(m, key, ifindex, local_outbounds, &answer);
+ if (r < 0)
+ return log_error_errno(r, "Failed to synthesize outbound RRs: %m");
+ if (r == 0) { /* if we have no gateway return NXDOMAIN */
+ nxdomain = true;
+ continue;
+ }
+
} else if ((dns_name_endswith(name, "127.in-addr.arpa") > 0 && dns_name_equal(name, "2.0.0.127.in-addr.arpa") == 0) ||
dns_name_equal(name, "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa") > 0) {
if (v == 0 && w == 0) /* This IP address is neither a local one nor a gateway */
continue;
+ /* Note that we never synthesize reverse PTR for _outbound, since those are local
+ * addresses and thus mapped to the local hostname anyway, hence they already have a
+ * mapping. */
+
} else
continue;
projects / thirdparty / systemd.git / commitdiff
