[[ ${#DNS[@]} -gt 0 ]] || return 0
if [[ $(resolvconf --version 2>/dev/null) == openresolv\ * ]]; then
- printf 'nameserver %s\n' "${DNS[@]}" | cmd resolvconf -a "$INTERFACE" -m 0 -x
+ { printf 'nameserver %s\n' "${DNS[@]}"
+ [[ ${#DNS_SEARCH[@]} -eq 0 ]] || printf 'search %s\n' "${DNS_SEARCH[*]}"
+ } | cmd resolvconf -a "$INTERFACE" -m 0 -x
else
echo "[#] mount \`${DNS[*]}' /etc/resolv.conf" >&2
[[ -e /etc/resolv.conf ]] || touch /etc/resolv.conf
_EOF
printf 'nameserver %s\n' "${DNS[@]}"
+ [[ ${#DNS_SEARCH[@]} -eq 0 ]] || printf 'search %s\n' "${DNS_SEARCH[*]}"
} | unshare -m --propagation shared bash -c "$(cat <<-_EOF
set -e
context="\$(stat -c %C /etc/resolv.conf 2>/dev/null)" || unset context
return is_valid_ipv4(s) || is_valid_ipv6(s);
}
-static bool is_valid_dns(string_span_t s)
-{
- return is_valid_ipv4(s) || is_valid_ipv6(s);
-}
-
enum field {
InterfaceSection,
PrivateKey,
{
switch (section) {
case DNS:
- append_highlight_span(ret, parent.s, s, is_valid_dns(s) ? HighlightIP : HighlightError);
+ if (is_valid_ipv4(s) || is_valid_ipv6(s))
+ append_highlight_span(ret, parent.s, s, HighlightIP);
+ else if (is_valid_hostname(s))
+ append_highlight_span(ret, parent.s, s, HighlightHost);
+ else
+ append_highlight_span(ret, parent.s, s, HighlightError);
break;
case Address:
case AllowedIPs: {
to be assigned to the interface. May be specified multiple times.
.IP \(bu
DNS \(em a comma-separated list of IP (v4 or v6) addresses to be set as the interface's
-DNS servers. May be specified multiple times. Upon bringing the interface up, this runs
+DNS servers, or non-IP hostnames to be set as the interface's DNS search domains. May be
+specified multiple times. Upon bringing the interface up, this runs
`resolvconf -a tun.\fIINTERFACE\fP -m 0 -x` and upon bringing it down, this runs
`resolvconf -d tun.\fIINTERFACE\fP`. If these particular invocations of
.BR resolvconf (8)
if (len > (1<<16))
return;
_cleanup_free_ char *mutable = xstrdup(dnses);
- _cleanup_free_ char *shell_arglist = xmalloc(len * 4 + 1);
- _cleanup_free_ char *function_arglist = xmalloc(len * 4 + 1);
+ _cleanup_free_ char *dns_shell_arglist = xmalloc(len * 4 + 1);
+ _cleanup_free_ char *dns_search_shell_arglist = xmalloc(len * 4 + 1);
+ _cleanup_free_ char *dns_function_arglist = xmalloc(len * 4 + 1);
+ _cleanup_free_ char *dns_search_function_arglist = xmalloc(len * 4 + 1);
_cleanup_free_ char *arg = xmalloc(len + 4);
_cleanup_free_ char **dns_list = NULL;
+ _cleanup_free_ char **dns_search_list = NULL;
_cleanup_binder_ AIBinder *handle = NULL;
- size_t dns_list_size = 0;
+ _cleanup_regfree_ regex_t regex_ipnothost = { 0 };
+ size_t dns_list_size = 0, dns_search_list_size = 0;
+ bool is_ip;
if (!len)
return;
+
+ xregcomp(®ex_ipnothost, "^[a-zA-Z0-9_=+.-]{1,15}$", REG_EXTENDED | REG_NOSUB);
for (char *dns = strtok(mutable, ", \t\n"); dns; dns = strtok(NULL, ", \t\n")) {
if (strchr(dns, '\'') || strchr(dns, '\\'))
continue;
- ++dns_list_size;
+ ++*(!regexec(®ex_ipnothost, dns, 0, NULL, 0) ? &dns_list_size : &dns_search_list_size);
}
if (!dns_list_size)
return;
dns_list = xcalloc(dns_list_size + 1, sizeof(*dns_list));
+ dns_search_list = xcalloc(dns_search_list_size + 1, sizeof(*dns_search_list));
free(mutable);
mutable = xstrdup(dnses);
- shell_arglist[0] = '\0';
- function_arglist[0] = '\0';
+ dns_shell_arglist[0] = '\0';
+ dns_search_shell_arglist[0] = '\0';
+ dns_function_arglist[0] = '\0';
+ dns_search_function_arglist[0] = '\0';
dns_list_size = 0;
+ dns_search_list_size = 0;
for (char *dns = strtok(mutable, ", \t\n"); dns; dns = strtok(NULL, ", \t\n")) {
if (strchr(dns, '\'') || strchr(dns, '\\'))
continue;
+ is_ip = !regexec(®ex_ipnothost, dns, 0, NULL, 0);
snprintf(arg, len + 3, "'%s' ", dns);
- strncat(shell_arglist, arg, len * 4 - 1);
- snprintf(arg, len + 2, function_arglist[0] == '\0' ? "%s" : ", %s", dns);
- strncat(function_arglist, arg, len * 4 - 1);
- dns_list[dns_list_size++] = dns;
+ strncat(is_ip ? dns_shell_arglist : dns_search_shell_arglist, arg, len * 4 - 1);
+ snprintf(arg, len + 2, (is_ip ? dns_function_arglist[0] : dns_search_function_arglist[0]) == '\0' ? "%s" : ", %s", dns);
+ strncat(is_ip ? dns_function_arglist : dns_search_function_arglist, arg, len * 4 - 1);
+ *(is_ip ? &dns_list[dns_list_size++] : &dns_search_list[dns_search_list_size++]) = dns;
}
if ((handle = dnsresolver_get_handle())) {
.base_timeout_msec = DNSRESOLVER_BASE_TIMEOUT,
.retry_count = DNSRESOLVER_RETRY_COUNT,
.servers = dns_list,
- .domains = (char *[]){NULL},
+ .domains = dns_search_list,
.tls_name = "",
.tls_servers = (char *[]){NULL},
.tls_fingerprints = (char *[]){NULL}
};
- printf("[#] <binder>::dnsResolver->setResolverConfiguration(%u, [%s], [], %d, %d, %d, %d, %d, %d, [], [])\n",
- netid, function_arglist, DNSRESOLVER_SAMPLE_VALIDITY, DNSRESOLVER_SUCCESS_THRESHOLD,
- DNSRESOLVER_MIN_SAMPLES, DNSRESOLVER_MAX_SAMPLES, DNSRESOLVER_BASE_TIMEOUT, DNSRESOLVER_RETRY_COUNT);
+ printf("[#] <binder>::dnsResolver->setResolverConfiguration(%u, [%s], [%s], %d, %d, %d, %d, %d, %d, [], [])\n",
+ netid, dns_function_arglist, dns_search_function_arglist, DNSRESOLVER_SAMPLE_VALIDITY,
+ DNSRESOLVER_SUCCESS_THRESHOLD, DNSRESOLVER_MIN_SAMPLES, DNSRESOLVER_MAX_SAMPLES,
+ DNSRESOLVER_BASE_TIMEOUT, DNSRESOLVER_RETRY_COUNT);
status = dnsresolver_set_resolver_configuration(handle, ¶ms);
if (status != 0) {
exit(ENONET);
}
} else
- cndc("resolver setnetdns %u '' %s", netid, shell_arglist);
+ cndc("resolver setnetdns %u '%s' %s", netid, dns_search_shell_arglist, dns_shell_arglist);
}
static void add_addr(const char *iface, const char *addr)
ADDRESSES=( )
MTU=""
DNS=( )
+DNS_SEARCH=( )
TABLE=""
PRE_UP=( )
POST_UP=( )
CONFIG_SEARCH_PATHS=( /etc/wireguard /usr/local/etc/wireguard )
parse_options() {
- local interface_section=0 line key value stripped path
+ local interface_section=0 line key value stripped path v
CONFIG_FILE="$1"
if [[ $CONFIG_FILE =~ ^[a-zA-Z0-9_=+.-]{1,15}$ ]]; then
for path in "${CONFIG_SEARCH_PATHS[@]}"; do
case "$key" in
Address) ADDRESSES+=( ${value//,/ } ); continue ;;
MTU) MTU="$value"; continue ;;
- DNS) DNS+=( ${value//,/ } ); continue ;;
+ DNS) for v in ${value//,/ }; do
+ [[ $v =~ (^[0-9.]+$)|(^.*:.*$) ]] && DNS+=( $v ) || DNS_SEARCH+=( $v )
+ done; continue ;;
Table) TABLE="$value"; continue ;;
PreUp) PRE_UP+=( "$value" ); continue ;;
PreDown) PRE_DOWN+=( "$value" ); continue ;;
}
declare -A SERVICE_DNS
+declare -A SERVICE_DNS_SEARCH
collect_new_service_dns() {
local service get_response
local -A found_services
get_response="$(cmd networksetup -getdnsservers "$service")"
[[ $get_response == *" "* ]] && get_response="Empty"
[[ -n $get_response ]] && SERVICE_DNS["$service"]="$get_response"
+ get_response="$(cmd networksetup -getsearchdomains "$service")"
+ [[ $get_response == *" "* ]] && get_response="Empty"
+ [[ -n $get_response ]] && SERVICE_DNS_SEARCH["$service"]="$get_response"
done; } < <(networksetup -listallnetworkservices)
for service in "${!SERVICE_DNS[@]}"; do
- [[ -n ${found_services["$service"]} ]] || unset SERVICE_DNS["$service"]
+ if ! [[ -n ${found_services["$service"]} ]]; then
+ unset SERVICE_DNS["$service"]
+ unset SERVICE_DNS_SEARCH["$service"]
+ fi
done
}
for service in "${!SERVICE_DNS[@]}"; do
while read -r response; do
[[ $response == *Error* ]] && echo "$response" >&2
- done < <(cmd networksetup -setdnsservers "$service" "${DNS[@]}")
+ done < <(
+ cmd networksetup -setdnsservers "$service" "${DNS[@]}"
+ if [[ ${#DNS_SEARCH[@]} -eq 0 ]]; then
+ cmd networksetup -setsearchdomains "$service" Empty
+ else
+ cmd networksetup -setsearchdomains "$service" "${DNS_SEARCH[@]}"
+ fi
+ )
done
}
for service in "${!SERVICE_DNS[@]}"; do
while read -r response; do
[[ $response == *Error* ]] && echo "$response" >&2
- done < <(cmd networksetup -setdnsservers "$service" ${SERVICE_DNS["$service"]} || true)
+ done < <(
+ cmd networksetup -setdnsservers "$service" ${SERVICE_DNS["$service"]} || true
+ cmd networksetup -setsearchdomains "$service" ${SERVICE_DNS_SEARCH["$service"]} || true
+ )
done
}
ADDRESSES=( )
MTU=""
DNS=( )
+DNS_SEARCH=( )
TABLE=""
PRE_UP=( )
POST_UP=( )
}
parse_options() {
- local interface_section=0 line key value stripped path
+ local interface_section=0 line key value stripped path v
CONFIG_FILE="$1"
if [[ $CONFIG_FILE =~ ^[a-zA-Z0-9_=+.-]{1,15}$ ]]; then
for path in "${CONFIG_SEARCH_PATHS[@]}"; do
case "$key" in
Address) ADDRESSES+=( ${value//,/ } ); continue ;;
MTU) MTU="$value"; continue ;;
- DNS) DNS+=( ${value//,/ } ); continue ;;
+ DNS) for v in ${value//,/ }; do
+ [[ $v =~ (^[0-9.]+$)|(^.*:.*$) ]] && DNS+=( $v ) || DNS_SEARCH+=( $v )
+ done; continue ;;
Table) TABLE="$value"; continue ;;
PreUp) PRE_UP+=( "$value" ); continue ;;
PreDown) PRE_DOWN+=( "$value" ); continue ;;
HAVE_SET_DNS=0
set_dns() {
[[ ${#DNS[@]} -gt 0 ]] || return 0
- printf 'nameserver %s\n' "${DNS[@]}" | cmd resolvconf -a "$INTERFACE" -x
+ { printf 'nameserver %s\n' "${DNS[@]}"
+ [[ ${#DNS_SEARCH[@]} -eq 0 ]] || printf 'search %s\n' "${DNS_SEARCH[*]}"
+ } | cmd resolvconf -a "$INTERFACE" -x
HAVE_SET_DNS=1
}
ADDRESSES=( )
MTU=""
DNS=( )
+DNS_SEARCH=( )
TABLE=""
PRE_UP=( )
POST_UP=( )
}
parse_options() {
- local interface_section=0 line key value stripped
+ local interface_section=0 line key value stripped v
CONFIG_FILE="$1"
[[ $CONFIG_FILE =~ ^[a-zA-Z0-9_=+.-]{1,15}$ ]] && CONFIG_FILE="/etc/wireguard/$CONFIG_FILE.conf"
[[ -e $CONFIG_FILE ]] || die "\`$CONFIG_FILE' does not exist"
case "$key" in
Address) ADDRESSES+=( ${value//,/ } ); continue ;;
MTU) MTU="$value"; continue ;;
- DNS) DNS+=( ${value//,/ } ); continue ;;
+ DNS) for v in ${value//,/ }; do
+ [[ $v =~ (^[0-9.]+$)|(^.*:.*$) ]] && DNS+=( $v ) || DNS_SEARCH+=( $v )
+ done; continue ;;
Table) TABLE="$value"; continue ;;
PreUp) PRE_UP+=( "$value" ); continue ;;
PreDown) PRE_DOWN+=( "$value" ); continue ;;
HAVE_SET_DNS=0
set_dns() {
[[ ${#DNS[@]} -gt 0 ]] || return 0
- printf 'nameserver %s\n' "${DNS[@]}" | cmd resolvconf -a "$(resolvconf_iface_prefix)$INTERFACE" -m 0 -x
+ { printf 'nameserver %s\n' "${DNS[@]}"
+ [[ ${#DNS_SEARCH[@]} -eq 0 ]] || printf 'search %s\n' "${DNS_SEARCH[*]}"
+ } | cmd resolvconf -a "$(resolvconf_iface_prefix)$INTERFACE" -m 0 -x
HAVE_SET_DNS=1
}
ADDRESSES=( )
MTU=""
DNS=( )
+DNS_SEARCH=( )
TABLE=""
PRE_UP=( )
POST_UP=( )
case "$key" in
Address) ADDRESSES+=( ${value//,/ } ); continue ;;
MTU) MTU="$value"; continue ;;
- DNS) DNS+=( ${value//,/ } ); continue ;;
+ DNS) for v in ${value//,/ }; do
+ [[ $v =~ (^[0-9.]+$)|(^.*:.*$) ]] && DNS+=( $v ) || DNS_SEARCH+=( $v )
+ done; continue ;;
Table) TABLE="$value"; continue ;;
PreUp) PRE_UP+=( "$value" ); continue ;;
PreDown) PRE_DOWN+=( "$value" ); continue ;;
[[ ${#DNS[@]} -gt 0 ]] || return 0
# TODO: this is a horrible way of doing it. Has OpenBSD no resolvconf?
cmd cp /etc/resolv.conf "/etc/resolv.conf.wg-quick-backup.$INTERFACE"
- cmd printf 'nameserver %s\n' "${DNS[@]}" > /etc/resolv.conf
+ { cmd printf 'nameserver %s\n' "${DNS[@]}"
+ [[ ${#DNS_SEARCH[@]} -eq 0 ]] || cmd printf 'search %s\n' "${DNS_SEARCH[*]}"
+ } > /etc/resolv.conf
}
unset_dns() {
projects / thirdparty / wireguard-tools.git / commitdiff
