1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-07-22 20:59:31 +03:00
Commit Graph

74 Commits

Author SHA1 Message Date
995340074e tree-wide: use ASSERT_PTR more 2022-09-13 08:13:27 +02:00
28e5e1e97f tree-wide: allow ASCII fallback for … in logs 2022-06-28 12:50:44 +02:00
a7d15a2465 nss: only read logging config from environment variables
log_parse_environment() uses should_parse_proc_cmdline() to determine whether
it should parse settings from the kernel command line. But the checks that
should_parse_proc_cmdline() apply to the whole process, and we could get a positive
answer also when log_parse_environment() was called from one of the nss modules.
In case of nss-modules, we don't want to look at the kernel command line.

log_parse_environment_variables() that only looks at the environment variables
is split out and used in the nss modules.

Fixes #22020.
2022-01-11 13:39:52 +01:00
8ef114c692 nss-resolve: expose various source-disablement settings as variables
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2006761:
> systemd-resolved always (reverse)-resolves the host's IP addresses and FQDN.
> This can be harmful when an application (for instance, a DNS zone manager) is
> installed on the same server instance.  That application would expect
> NXDOMAIN to be returned if the current server's IP does not belong in an
> already managed reverse zone.

This allows clients of nss-resolve to use the same config options that are
available through the dbus api and as command-line options to resolvectl.

The man page text is is mostly copied directly from
c6f20515ab.
2021-12-21 02:28:52 +09:00
ae78529fc7 resolved: properly signal transient errors back to NSS stack
NSS mostly knows four error cases: SUCCESS, NOTFOUND, UNAVAIL, TRYAGAIN,
and they can all be used in nsswitch.conf to route requests.

So far nss-resolve would return SUCCESS + NOTFOUND + UNAVAIL. Let's also
return TRYAGAIN in some cases, specifically the ones where we are
currntly unable to resolve a request but likely could later. i.e.
errors caused by networking issues or such.

Fixes: #20786
2021-11-22 22:33:40 +01:00
718ca77232 shared/json: use int64_t instead of intmax_t
We were already asserting that the intmax_t and uintmax_t types
are the same as int64_t and uint64_t. Pretty much everywhere in
the code base we use the latter types. In principle intmax_t could
be something different on some new architecture, and then the code would
fail to compile or behave differently. We actually do not want the code
to behave differently on those architectures, because that'd break
interoperability. So let's just use int64_t/uint64_t since that's what
we indend to use.
2021-11-18 01:34:31 +01:00
75d2f0a0c4 nss-resolve: define variables in the body
Same motivation as in the parent commit: let's define variables later, ideally
right when they are first initialized, so it's easier to figure out that they
are properly initialized.

error_id and r_tuple* were previously initialized, but I don't see why they
would need to be.

No functional change intended.
2021-03-31 17:19:03 +02:00
77fac974fe nss-resolve: fix parsing of io.systemd.Resolve.ResolveAddress reply
Since the switch to varlink in 0c73f4f075, the
code wasn't functional. The JSON_VARIANT_UNSIGNED/JSON_VARIANT_STRING mismatch
meant that we'd reject any reply. Once past that, the code would use
unitialized 'c' and 'n' variables, so it's lucky we never got that far ;)

With -Wmaybe-unitialized, gcc would warn.

I think that declaring the huge list of local variables with very short names
at the top of the function was making it harder to understand what is going on
in the function. So let's rename the variables a bit, and initialize them upon
declaration if possible.

$ build/test-nss-hosts resolve 1.1.1.1 1.0.0.1 10.38.5.41
======== resolve ========
_nss_resolve_gethostbyaddr2_r("1.1.1.1") → status=NSS_STATUS_SUCCESS
                   errno=999/--- h_errno=0/Resolver Error 0 (no error) ttl=0
        "one.one.one.one"
        AF_INET 1.1.1.1

_nss_resolve_gethostbyaddr_r("1.1.1.1") → status=NSS_STATUS_SUCCESS
                   errno=999/--- h_errno=0/Resolver Error 0 (no error)
        "one.one.one.one"
        AF_INET 1.1.1.1

_nss_resolve_gethostbyaddr2_r("1.0.0.1") → status=NSS_STATUS_SUCCESS
                   errno=999/--- h_errno=0/Resolver Error 0 (no error) ttl=0
        "one.one.one.one"
        AF_INET 1.0.0.1

_nss_resolve_gethostbyaddr_r("1.0.0.1") → status=NSS_STATUS_SUCCESS
                   errno=999/--- h_errno=0/Resolver Error 0 (no error)
        "one.one.one.one"
        AF_INET 1.0.0.1

_nss_resolve_gethostbyaddr2_r("10.38.5.41") → status=NSS_STATUS_SUCCESS
                   errno=999/--- h_errno=0/Resolver Error 0 (no error) ttl=0
        "squid.redhat.com"
        alias "squid.corp.redhat.com"
        alias "squid2.corp.redhat.com"
        alias "squid3.corp.redhat.com"
        alias "squid4.corp.redhat.com"
        alias "squid5.corp.redhat.com"
        AF_INET 10.38.5.41

_nss_resolve_gethostbyaddr_r("10.38.5.41") → status=NSS_STATUS_SUCCESS
                   errno=999/--- h_errno=0/Resolver Error 0 (no error)
        "squid.redhat.com"
        alias "squid.corp.redhat.com"
        alias "squid2.corp.redhat.com"
        alias "squid3.corp.redhat.com"
        alias "squid4.corp.redhat.com"
        alias "squid5.corp.redhat.com"
        AF_INET 10.38.5.41

(I have 10.38.5.41 squid.redhat.com squid.corp.redhat.com squid2.corp.redhat.com squid3.corp.redhat.com squid4.corp.redhat.com squid5.corp.redhat.com
in /etc/hosts for testing.)
2021-03-31 16:28:14 +02:00
94876904bb tree-wide: use in_addr_is_set() or friends 2021-02-18 03:48:07 +09:00
aee9d18c8d nss-resolve: allow turning off validation via env var 2021-02-14 22:01:09 +01:00
425ed13991 nss-resolve: shortcut fixing of ifindex if it's zero anyway 2021-02-05 18:46:18 +01:00
6da52ca861 nss-resolve: accept zero ifindex when parsing resolved reply
Sometimes a reply isn't associated to any specific interface, it might
be a general truth (for example served from /etc/hosts or so). In this
case the server might pass ifindex == 0. Accept that.

https://github.com/systemd/systemd/pull/17823#issuecomment-742439422
2021-02-05 18:44:22 +01:00
55679e291c nss-resolve: initialize logging, log json errors
When the .so module is loaded, it gets a separate copy of stuff in src/basic,
including the log level variables. So any logging settings are unaffected by
the loading program calling log_parse_environment() or such. Let's also parse
the environment here so that we can have nice logging.

Initialization is done from each exported function, and pthread_once_t is used
to avoid duplicate initialization. I didn't merge PROTECT_ERRNO into
NSS_ENTRYPOINT_BEGIN because UNPROTECT_ERRNO is called in a bunch of places
and it would feel strange to have PROTECT_ERRNO hidden, but not UNPROTECT_ERRNO.

The most interesting stuff in this module is the varlink messages, and any
potential errors in json. So let's enable json logging when debug messages are
enabled.

With those changes, figuring out the issue in
https://github.com/systemd/systemd/pull/17823 is trivial:

$ LD_LIBRARY_PATH=build/ SYSTEMD_LOG_COLOR=1 SYSTEMD_LOG_LOCATION=1 SYSTEMD_LOG_LEVEL=debug getent hosts mirrors.fedoraproject.org
src/shared/varlink.c:237: n/a: varlink: setting state idle-client
src/shared/varlink.c:1240: n/a: Sending message: {"method":"io.systemd.Resolve.ResolveHostname","parameters":{"name":"mirrors.fedoraproject.org","family":10}}
src/shared/varlink.c:240: n/a: varlink: changing state idle-client → calling
src/shared/varlink.c:588: n/a: New incoming message: {"parameters":{"addresses":[{"ifindex":0,"family":10,"address":[42,5,208,20,0,16,120,3,247,116,77,124,226,119,164,87]},{"ifindex":0,"family":10,"address":[42,5,208,28,12,106,204,3,38,58,132,9,185,97,126,2]},{"ifindex":0,"family":10,"address":[38,32,0,82,0,3,0,1,222,173,190,239,202,254,254,215]},{"ifindex":0,"family":10,"address":[38,5,188,128,48,16,6,0,222,173,190,239,202,254,254,217]},{"ifindex":0,"family":10,"address":[38,4,21,128,254,0,0,0,222,173,190,239,202,254,254,209]},{"ifindex":0,"family":10,"address":[38,32,0,82,0,3,0,1,222,173,190,239,202,254,254,214]},{"ifindex":0,"family":10,"address":[38,16,0,40,48,144,48,1,222,173,190,239,202,254,254,211]},{"ifindex":0,"family":10,"address":[32,1,65,120,0,2,18,105,0,0,0,0,0,0,254,210]}],"name":"wildcard.fedoraproject.org","flags":1}}
src/shared/varlink.c:240: n/a: varlink: changing state calling → called
src/shared/varlink.c:240: n/a: varlink: changing state called → idle-client
src/nss-resolve/nss-resolve.c:84: (string):1:40: JSON field 'ifindex' is out of bounds for an interface index.
2020-12-10 20:50:01 +01:00
3c229a9afb nss-resolve: varlink_call() set error_id only when r >= 0
Fixes #17870.
2020-12-07 09:25:39 +01:00
db9ecf0501 license: LGPL-2.1+ -> LGPL-2.1-or-later 2020-11-09 13:23:58 +09:00
0c73f4f075 nss-resolve: port over to new varlink interface 2020-08-26 16:48:16 +02:00
8e34f4cc62 nss-resolve: treat BUS_ERROR_NO_SUCH_UNIT the same as SD_BUS_ERROR_SERVICE_UNKNOWN too
Seems safer to do so.
2020-08-24 19:48:26 +02:00
9b71e4ab90 shared: actually move all BusLocator related calls to bus-locator.c 2020-06-30 15:09:19 +02:00
a63d7e7bf6 nss-resolve: switch to BusLocator-oriented helpers
Mechanical substitution reducing some verbosity
2020-05-07 08:46:44 -07:00
455fa9610c tree-wide: drop string.h when string-util.h or friends are included 2019-11-04 00:30:32 +09:00
5238e95759 codespell: fix spelling errors 2019-04-29 16:47:18 +02:00
8baaf650ef nss-resolve: list more errors as cause for fallback
If dbus-daemon kicks us from the bus or hangs, we should fallback too.

Fixes: #12203
2019-04-11 11:13:11 +02:00
547fde4759 nss-resolve: simplify condition
Of course, if the error is NXDOMAIN then it's not one of the errors
listed for fallback, hence don't bother...
2019-04-11 11:13:11 +02:00
a62fc245d0 nss-resolve: resue a jump target
We can reuse "fail" here, since it does the same thing.
2019-04-11 11:13:10 +02:00
c7c468c92a nss-resolve: return error properly 2019-04-11 11:13:10 +02:00
954cba660d nss-resolve: drop unnecessary variable
We assign the same value to "ret" always, let's just return the value
literally.
2019-04-11 11:13:10 +02:00
ca78ad1de9 headers: remove unneeded includes from util.h
This means we need to include many more headers in various files that simply
included util.h before, but it seems cleaner to do it this way.
2019-03-27 11:53:12 +01:00
2b2fec7db0 util: split out errno related stuff 2019-03-14 13:25:51 +01:00
cdccd29f39 nss: unportect errno before writing to NSS' *errnop
Fixes: #11321
2019-02-08 10:34:47 +01:00
0192cbdb2c Revert "nss: prevent PROTECT_ERRNO from squashing changes to *errnop"
This reverts commit b26c904113.

I don't see anythign wrong, but Ubuntu autopkgtest CI started failing fairly
consistently since this was merged. Let's see if reverting fixes things.
2019-01-10 21:23:14 +01:00
b26c904113 nss: prevent PROTECT_ERRNO from squashing changes to *errnop
glibc passes in &errno for errnop, which means PROTECT_ERRNO ends up
squashing our intentional changes to *errnop.

Fixes #11321.
2019-01-10 11:08:42 +01:00
54fe2ce1b9 Merge pull request #9504 from poettering/nss-deadlock
some nss deadlock love
2018-07-26 10:16:25 +02:00
06202b9e65 nss: do not modify errno when NSS_STATUS_NOTFOUND or NSS_STATUS_SUCCESS
This also adds PROTECT_ERRNO for all nss module functions.

C.f. glibc NSS documents https://www.gnu.org/software/libc/manual/html_node/NSS-Modules-Interface.html
and discussion in https://sourceware.org/bugzilla/show_bug.cgi?id=23410.

Fixes #9585.
2018-07-25 10:23:22 +02:00
2f28018cb8 nss: never become IPC clients for services that are about to be started
This is an attempt to automatically detect and avoid certain kinds of
NSS deadlocks as discussed in this thread:

https://lists.freedesktop.org/archives/systemd-devel/2018-July/040975.html
2018-07-20 16:57:35 +02:00
0c69794138 tree-wide: remove Lennart's copyright lines
These lines are generally out-of-date, incomplete and unnecessary. With
SPDX and git repository much more accurate and fine grained information
about licensing and authorship is available, hence let's drop the
per-file copyright notice. Of course, removing copyright lines of others
is problematic, hence this commit only removes my own lines and leaves
all others untouched. It might be nicer if sooner or later those could
go away too, making git the only and accurate source of authorship
information.
2018-06-14 10:20:20 +02:00
818bf54632 tree-wide: drop 'This file is part of systemd' blurb
This part of the copyright blurb stems from the GPL use recommendations:

https://www.gnu.org/licenses/gpl-howto.en.html

The concept appears to originate in times where version control was per
file, instead of per tree, and was a way to glue the files together.
Ultimately, we nowadays don't live in that world anymore, and this
information is entirely useless anyway, as people are very welcome to
copy these files into any projects they like, and they shouldn't have to
change bits that are part of our copyright header for that.

hence, let's just get rid of this old cruft, and shorten our codebase a
bit.
2018-06-14 10:20:20 +02:00
11a1589223 tree-wide: drop license boilerplate
Files which are installed as-is (any .service and other unit files, .conf
files, .policy files, etc), are left as is. My assumption is that SPDX
identifiers are not yet that well known, so it's better to retain the
extended header to avoid any doubt.

I also kept any copyright lines. We can probably remove them, but it'd nice to
obtain explicit acks from all involved authors before doing that.
2018-04-06 18:58:55 +02:00
ott
4cbfd62b46 resolve: Adjust and unify D-Bus call timeout (#7847)
DNS queries have a timeout of DNS_TRANSACTION_ATTEMPTS_MAX *
DNS_TIMEOUT_MAX_USEC = 120 s. Calls to the ResolveHostname method of
the org.freedesktop.resolve1.Manager interface have various call
timeouts that are smaller than 120 s. So it seems correct to adjust
the call timeout to the maximum query timeout and to unify the call
timeout among all callers.

A timeout of 120 s might seem large, in particular since BIND does seem
to have a query timeout of 10 s. However, it seems match the timeout
value of 120 s of Unbound. Moreover, the query and timeout handling of
resolve have problems and might be improved in the future, so this
change is at best an interim solution.
2018-01-23 09:53:31 +09:00
d9215cd838 Add SPDX license headers to various assorted files 2017-11-19 19:08:15 +01:00
53e1b68390 Add SPDX license identifiers to source files under the LGPL
This follows what the kernel is doing, c.f.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5fd54ace4721fc5ce2bb5aef6318fcf17f421460.
2017-11-19 19:08:15 +01:00
4c70109600 tree-wide: use IN_SET macro (#6977) 2017-10-04 16:01:32 +02:00
72cdb3e783 build-sys: drop automake support
v2:
- also mention m4
2017-07-18 10:04:44 -04:00
5486a31d28 nss-resolve: drop the internal fallback to libnss_dns (#5945)
If we could not communicate with systemd-resolved, we would call into
libnss_dns. libnss_dns would return NOTFOUND for stuff like "localhost" and
other names resolved by nss-myhostname, which we would fall under the !UNAVAIL=
condition and cause resolution to fail. So the following recommended
configuration in nsswitch.conf would not work:

   hosts: resolve [!UNAVAIL=return] dns myhostname

Remove the internal fallback code completely so that the fallback logic
can be configured in nsswitch.conf.

Tested with
   hosts: resolve [!UNAVAIL=return] myhostname
and
   hosts: resolve [!UNAVAIL=return] dns myhostname

Fixes #5742.
2017-05-12 14:31:46 +02:00
11814bbbae nss-resolve: Fix assertion in ifindex_to_scopeid. (#5360) 2017-02-16 11:00:49 +01:00
e36c6e48fb nss-resolve: report ERANGE for small buffers. (#5359)
The correct error code to report when a provided buffer is too small is
ERANGE. This is recognized by glibc, which will then try again with a
larger buffer. The old behaviour of reporting ENOMEM has no special
meaning for glibc. The error will simply be propagated to the
application, and a later retry will trigger the same error again.

Additionally, h_errnop must be set to NETDB_INTERNAL to have glibc look
at errnop for details.

More information at:
https://www.gnu.org/software/libc/manual/html_node/NSS-Modules-Interface.html
2017-02-16 10:52:04 +01:00
27007efff6 nss-resolve: don't set scopeindex for non-link-local addresses
Apparently some apps don't like that. And given that this isn't
necessary for link-local addresses, let's suppress this information.

Fixes: #4465
2017-02-09 16:13:07 +01:00
344874fcd0 nss-resolve: be a bit more careful with returning NSS_STATUS_NOTFOUND
Let's tighten the cases when our module returns NSS_STATUS_NOTFOUND. Let's do
so only if we actually managed to talk to resolved. In all other cases stick to
NSS_STATUS_UNAVAIL as before, as it clearly indicates that our module or the
system is borked, and the "dns" fallback should really take place.

In particular this fixes the 2nd-level fallback from our own dlopen() based
fallback handling. In this case we really should return UNAVAIL so that the
caller can apply its own fallback still.

Fix-up for d7247512a9.

Note that our own dlopen() based fallback is pretty much redundant now if
nsswitch.conf is configured like this:

   hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname

In a future release we should probably drop our internal fallback then, in
favour of this nsswitch.conf-based one.
2016-10-24 19:04:43 +02:00
d7247512a9 nss-resolve: return NOTFOUND instead of UNAVAIL on resolution errors
It needs to be possible to tell apart "the nss-resolve module does not exist"
(which can happen when running foreign-architecture programs) from "the queried
DNS name failed DNSSEC validation" or other errors. So return NOTFOUND for these
cases too, and only keep UNAVAIL for the cases where we cannot handle the given
address family.

This makes it possible to configure a fallback to "dns" without breaking
DNSSEC, with "resolve [!UNAVAIL=return] dns". Add this to the manpage.

This does not change behaviour if resolved is not running, as that already
falls back to the "dns" glibc module.

Fixes #4157
2016-10-01 16:59:06 +02:00
46c7a7ac87 nss-resolve: simplify error handling
Handle general errors from the resolved call in _nss_resolve_gethostbyaddr2_r()
the same say as in the other variants: Just "goto fail" as that does exactly
the same.
2016-10-01 16:43:29 +02:00
cf2d43e7f4 Move nss typedefs into nss-util.h
In preparation for subsequent changes.
2016-04-02 20:11:41 -04:00