From dee1916e4cf3cb3baafc3b01118a56a38b4d936c Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Mon, 15 Nov 2021 15:19:07 +0100 Subject: [PATCH] resolve: Make path to resolvconf(8) configurable Prefer the configured command over finding it at the default location over installing in the configured file. References strongswan/strongswan#744 --- conf/plugins/resolve.opt | 12 ++++++- .../plugins/resolve/resolve_handler.c | 35 ++++++++++++------- 2 files changed, 34 insertions(+), 13 deletions(-) diff --git a/conf/plugins/resolve.opt b/conf/plugins/resolve.opt index ce65eff9e1..089576102f 100644 --- a/conf/plugins/resolve.opt +++ b/conf/plugins/resolve.opt @@ -1,5 +1,5 @@ charon.plugins.resolve.file = /etc/resolv.conf - File where to add DNS server entries. + File where to add DNS server entries if not using resolvconf(8). charon.plugins.resolve.resolvconf.iface_prefix = lo.inet.ipsec. Prefix used for interface names sent to resolvconf(8). @@ -9,3 +9,13 @@ charon.plugins.resolve.resolvconf.iface_prefix = lo.inet.ipsec. a valid interface name according to the rules defined by resolvconf. Also, it should have a high priority according to the order defined in **interface-order**(5). + +charon.plugins.resolve.resolvconf.path = /sbin/resolvconf + Path/command for resolvconf(8). + + Path/command for **resolvconf**(8). The command is executed by a shell, so + "resolvconf" will work if it's in $PATH of the daemon. + + If not configured, **resolvconf**(8) will be used if found at the default + location. Otherwise, the file in _charon.plugins.resolve.file_ will be + modfied directly. diff --git a/src/libcharon/plugins/resolve/resolve_handler.c b/src/libcharon/plugins/resolve/resolve_handler.c index 9b906fc059..391d0b276b 100644 --- a/src/libcharon/plugins/resolve/resolve_handler.c +++ b/src/libcharon/plugins/resolve/resolve_handler.c @@ -50,9 +50,9 @@ struct private_resolve_handler_t { char *file; /** - * Use resolvconf instead of writing directly to resolv.conf + * Path/command for resolvconf(8) */ - bool use_resolvconf; + char *resolvconf; /** * Prefix to be used for interface names sent to resolvconf @@ -196,7 +196,7 @@ static bool invoke_resolvconf(private_resolve_handler_t *this, host_t *addr, /* we use the nameserver's IP address as part of the interface name to * make them unique */ process = process_start_shell(NULL, install ? &in : NULL, &out, NULL, - "2>&1 %s %s %s%H", RESOLVCONF_EXEC, + "2>&1 %s %s %s%H", this->resolvconf, install ? "-a" : "-d", this->iface_prefix, addr); if (!process) @@ -295,7 +295,7 @@ METHOD(attribute_handler_t, handle, bool, this->mutex->lock(this->mutex); if (array_bsearch(this->servers, addr, dns_server_find, &found) == -1) { - if (this->use_resolvconf) + if (this->resolvconf) { handled = invoke_resolvconf(this, addr, TRUE); } @@ -362,7 +362,7 @@ METHOD(attribute_handler_t, release, void, } else { - if (this->use_resolvconf) + if (this->resolvconf) { invoke_resolvconf(this, addr, FALSE); } @@ -483,17 +483,28 @@ resolve_handler_t *resolve_handler_create() .destroy = _destroy, }, .mutex = mutex_create(MUTEX_TYPE_DEFAULT), - .file = lib->settings->get_str(lib->settings, "%s.plugins.resolve.file", - RESOLV_CONF, lib->ns), + .file = lib->settings->get_str(lib->settings, + "%s.plugins.resolve.file", RESOLV_CONF, lib->ns), + .resolvconf = lib->settings->get_str(lib->settings, + "%s.plugins.resolve.resolvconf.path", + NULL, lib->ns), + .iface_prefix = lib->settings->get_str(lib->settings, + "%s.plugins.resolve.resolvconf.iface_prefix", + RESOLVCONF_PREFIX, lib->ns), ); - if (stat(RESOLVCONF_EXEC, &st) == 0) + if (!this->resolvconf && stat(RESOLVCONF_EXEC, &st) == 0) { - this->use_resolvconf = TRUE; - this->iface_prefix = lib->settings->get_str(lib->settings, - "%s.plugins.resolve.resolvconf.iface_prefix", - RESOLVCONF_PREFIX, lib->ns); + this->resolvconf = RESOLVCONF_EXEC; } + if (this->resolvconf) + { + DBG1(DBG_CFG, "using '%s' to install DNS servers", this->resolvconf); + } + else + { + DBG1(DBG_CFG, "install DNS servers in '%s'", this->file); + } return &this->public; } -- 2.47.2