mirror of
https://github.com/systemd/systemd.git
synced 2024-12-22 17:35:35 +03:00
Merge pull request #6772 from pfl/dnssl
networkd: DNSSL option for systemd-networkd prefix delegation
This commit is contained in:
commit
2e7063777d
@ -1443,11 +1443,20 @@
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><varname>Domains=</varname></term>
|
||||
|
||||
<listitem><para>A list of DNS search domains distributed via
|
||||
Router Advertisement messages. Defaults to empty, i.e. no search
|
||||
domains are sent.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><varname>DNSLifetimeSec=</varname></term>
|
||||
|
||||
<listitem><para>Lifetime in seconds for the DNS server addresses listed
|
||||
in <varname>DNS=</varname>.</para></listitem>
|
||||
in <varname>DNS=</varname> and search domains listed in
|
||||
<varname>Domains=</varname>.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
</variablelist>
|
||||
|
@ -36,6 +36,7 @@ assert_cc(SD_RADV_DEFAULT_MIN_TIMEOUT_USEC <= SD_RADV_DEFAULT_MAX_TIMEOUT_USEC)
|
||||
#define SD_RADV_MAX_RA_DELAY_TIME_USEC (500*USEC_PER_MSEC)
|
||||
|
||||
#define SD_RADV_OPT_RDNSS 25
|
||||
#define SD_RADV_OPT_DNSSL 31
|
||||
|
||||
enum RAdvState {
|
||||
SD_RADV_STATE_IDLE = 0,
|
||||
@ -75,6 +76,7 @@ struct sd_radv {
|
||||
|
||||
size_t n_rdnss;
|
||||
struct sd_radv_opt_dns *rdnss;
|
||||
struct sd_radv_opt_dns *dnssl;
|
||||
};
|
||||
|
||||
struct sd_radv_prefix {
|
||||
|
@ -26,12 +26,14 @@
|
||||
|
||||
#include "macro.h"
|
||||
#include "alloc-util.h"
|
||||
#include "dns-domain.h"
|
||||
#include "fd-util.h"
|
||||
#include "icmp6-util.h"
|
||||
#include "in-addr-util.h"
|
||||
#include "radv-internal.h"
|
||||
#include "socket-util.h"
|
||||
#include "string-util.h"
|
||||
#include "strv.h"
|
||||
#include "util.h"
|
||||
#include "random-util.h"
|
||||
|
||||
@ -204,6 +206,12 @@ static int radv_send(sd_radv *ra, const struct in6_addr *dst,
|
||||
msg.msg_iovlen++;
|
||||
}
|
||||
|
||||
if (ra->dnssl) {
|
||||
iov[msg.msg_iovlen].iov_base = ra->dnssl;
|
||||
iov[msg.msg_iovlen].iov_len = ra->dnssl->length * 8;
|
||||
msg.msg_iovlen++;
|
||||
}
|
||||
|
||||
if (sendmsg(ra->fd, &msg, 0) < 0)
|
||||
return -errno;
|
||||
|
||||
@ -590,6 +598,58 @@ _public_ int sd_radv_set_rdnss(sd_radv *ra, uint32_t lifetime,
|
||||
return 0;
|
||||
}
|
||||
|
||||
_public_ int sd_radv_set_dnssl(sd_radv *ra, uint32_t lifetime,
|
||||
char **search_list) {
|
||||
_cleanup_free_ struct sd_radv_opt_dns *opt_dnssl = NULL;
|
||||
size_t len = 0;
|
||||
char **s;
|
||||
uint8_t *p;
|
||||
|
||||
assert_return(ra, -EINVAL);
|
||||
|
||||
if (!search_list || *search_list == NULL) {
|
||||
ra->dnssl = mfree(ra->dnssl);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
STRV_FOREACH(s, search_list)
|
||||
len += strlen(*s) + 2;
|
||||
|
||||
len = (sizeof(struct sd_radv_opt_dns) + len + 7) & ~0x7;
|
||||
|
||||
opt_dnssl = malloc0(len);
|
||||
if (!opt_dnssl)
|
||||
return -ENOMEM;
|
||||
|
||||
opt_dnssl->type = SD_RADV_OPT_DNSSL;
|
||||
opt_dnssl->length = len / 8;
|
||||
opt_dnssl->lifetime = htobe32(lifetime);
|
||||
|
||||
p = (uint8_t *)(opt_dnssl + 1);
|
||||
len -= sizeof(struct sd_radv_opt_dns);
|
||||
|
||||
STRV_FOREACH(s, search_list) {
|
||||
int r;
|
||||
|
||||
r = dns_name_to_wire_format(*s, p, len, false);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
if (len < (size_t)r)
|
||||
return -ENOBUFS;
|
||||
|
||||
p += r;
|
||||
len -= r;
|
||||
}
|
||||
|
||||
free(ra->dnssl);
|
||||
ra->dnssl = opt_dnssl;
|
||||
opt_dnssl = NULL;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
_public_ int sd_radv_prefix_new(sd_radv_prefix **ret) {
|
||||
_cleanup_(sd_radv_prefix_unrefp) sd_radv_prefix *p = NULL;
|
||||
|
||||
|
@ -57,7 +57,7 @@ static uint8_t advertisement[] = {
|
||||
0x19, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3c,
|
||||
0x20, 0x01, 0x0d, 0xb8, 0xde, 0xad, 0xbe, 0xef,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
|
||||
/* DNS Search List Option - not yet supported */
|
||||
/* DNS Search List Option */
|
||||
0x1f, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3c,
|
||||
0x03, 0x6c, 0x61, 0x62, 0x05, 0x69, 0x6e, 0x74,
|
||||
0x72, 0x61, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
@ -110,6 +110,8 @@ static const struct in6_addr test_rdnss = { { { 0x20, 0x01, 0x0d, 0xb8,
|
||||
0xde, 0xad, 0xbe, 0xef,
|
||||
0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x01 } } };
|
||||
static const char *test_dnssl[] = { "lab.intra",
|
||||
NULL };
|
||||
|
||||
static int test_rs_hangcheck(sd_event_source *s, uint64_t usec,
|
||||
void *userdata) {
|
||||
@ -220,6 +222,11 @@ static void test_radv(void) {
|
||||
assert_se(sd_radv_set_rdnss(ra, 0, &test_rdnss, 1) >= 0);
|
||||
assert_se(sd_radv_set_rdnss(ra, 0, NULL, 0) >= 0);
|
||||
|
||||
assert_se(sd_radv_set_dnssl(ra, 0, NULL) >= 0);
|
||||
assert_se(sd_radv_set_dnssl(ra, 600, NULL) >= 0);
|
||||
assert_se(sd_radv_set_dnssl(ra, 0, (char **)test_dnssl) >= 0);
|
||||
assert_se(sd_radv_set_dnssl(ra, 600, (char **)test_dnssl) >= 0);
|
||||
|
||||
ra = sd_radv_unref(ra);
|
||||
assert_se(!ra);
|
||||
}
|
||||
@ -251,7 +258,7 @@ int icmp6_receive(int fd, void *iov_base, size_t iov_len,
|
||||
|
||||
static int radv_recv(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
|
||||
sd_radv *ra = userdata;
|
||||
unsigned char buf[144];
|
||||
unsigned char buf[168];
|
||||
size_t i;
|
||||
|
||||
read(test_fd[0], &buf, sizeof(buf));
|
||||
@ -319,6 +326,7 @@ static void test_ra(void) {
|
||||
assert_se(sd_radv_set_managed_information(ra, true) >= 0);
|
||||
assert_se(sd_radv_set_other_information(ra, true) >= 0);
|
||||
assert_se(sd_radv_set_rdnss(ra, 60, &test_rdnss, 1) >= 0);
|
||||
assert_se(sd_radv_set_dnssl(ra, 60, (char **)test_dnssl) >= 0);
|
||||
|
||||
for (i = 0; i < ELEMENTSOF(prefix); i++) {
|
||||
sd_radv_prefix *p;
|
||||
|
@ -152,6 +152,7 @@ IPv6PrefixDelegation.Managed, config_parse_bool,
|
||||
IPv6PrefixDelegation.OtherInformation, config_parse_bool, 0, offsetof(Network, router_other_information)
|
||||
IPv6PrefixDelegation.RouterPreference, config_parse_router_preference, 0, 0
|
||||
IPv6PrefixDelegation.DNS, config_parse_radv_dns, 0, 0
|
||||
IPv6PrefixDelegation.Domains, config_parse_radv_search_domains, 0, 0
|
||||
IPv6PrefixDelegation.DNSLifetimeSec, config_parse_sec, 0, offsetof(Network, router_dns_lifetime_usec)
|
||||
IPv6Prefix.Prefix, config_parse_prefix, 0, 0
|
||||
IPv6Prefix.OnLink, config_parse_prefix_flags, 0, 0
|
||||
|
@ -35,6 +35,7 @@
|
||||
#include "stat-util.h"
|
||||
#include "string-table.h"
|
||||
#include "string-util.h"
|
||||
#include "strv.h"
|
||||
#include "util.h"
|
||||
|
||||
static void network_config_hash_func(const void *p, struct siphash *state) {
|
||||
@ -1127,6 +1128,55 @@ int config_parse_radv_dns(
|
||||
return 0;
|
||||
}
|
||||
|
||||
int config_parse_radv_search_domains(
|
||||
const char *unit,
|
||||
const char *filename,
|
||||
unsigned line,
|
||||
const char *section,
|
||||
unsigned section_line,
|
||||
const char *lvalue,
|
||||
int ltype,
|
||||
const char *rvalue,
|
||||
void *data,
|
||||
void *userdata) {
|
||||
|
||||
Network *n = data;
|
||||
const char *p = rvalue;
|
||||
int r;
|
||||
|
||||
assert(filename);
|
||||
assert(lvalue);
|
||||
assert(rvalue);
|
||||
|
||||
for (;;) {
|
||||
_cleanup_free_ char *w = NULL;
|
||||
_cleanup_free_ char *idna = NULL;
|
||||
|
||||
r = extract_first_word(&p, &w, NULL, 0);
|
||||
if (r == -ENOMEM)
|
||||
return log_oom();
|
||||
if (r < 0) {
|
||||
log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract word, ignoring: %s", rvalue);
|
||||
return 0;
|
||||
}
|
||||
if (r == 0)
|
||||
break;
|
||||
|
||||
r = dns_name_apply_idna(w, &idna);
|
||||
if (r > 0) {
|
||||
r = strv_push(&n->router_search_domains, idna);
|
||||
if (r >= 0)
|
||||
idna = NULL;
|
||||
} else if (r == 0) {
|
||||
r = strv_push(&n->router_search_domains, w);
|
||||
if (r >= 0)
|
||||
w = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int config_parse_dhcp_server_ntp(
|
||||
const char *unit,
|
||||
const char *filename,
|
||||
|
@ -169,6 +169,7 @@ struct Network {
|
||||
usec_t router_dns_lifetime_usec;
|
||||
struct in6_addr *router_dns;
|
||||
unsigned n_router_dns;
|
||||
char **router_search_domains;
|
||||
|
||||
/* Bridge Support */
|
||||
bool use_bpdu;
|
||||
@ -275,6 +276,7 @@ int config_parse_hostname(const char *unit, const char *filename, unsigned line,
|
||||
int config_parse_timezone(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
int config_parse_dhcp_server_dns(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
int config_parse_radv_dns(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
int config_parse_radv_search_domains(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
int config_parse_dhcp_server_ntp(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
int config_parse_dnssec_negative_trust_anchors(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
int config_parse_dhcp_use_domains(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
|
@ -85,5 +85,14 @@ int radv_configure(Link *link) {
|
||||
return r;
|
||||
}
|
||||
|
||||
if (link->network->router_search_domains) {
|
||||
r = sd_radv_set_dnssl(link->radv,
|
||||
DIV_ROUND_UP(link->network->router_dns_lifetime_usec,
|
||||
USEC_PER_SEC),
|
||||
link->network->router_search_domains);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -59,6 +59,7 @@ int sd_radv_set_preference(sd_radv *ra, unsigned preference);
|
||||
int sd_radv_add_prefix(sd_radv *ra, sd_radv_prefix *p);
|
||||
int sd_radv_set_rdnss(sd_radv *ra, uint32_t lifetime,
|
||||
const struct in6_addr *dns, size_t n_dns);
|
||||
int sd_radv_set_dnssl(sd_radv *ra, uint32_t lifetime, char **search_list);
|
||||
|
||||
/* Advertised prefixes */
|
||||
int sd_radv_prefix_new(sd_radv_prefix **ret);
|
||||
|
Loading…
Reference in New Issue
Block a user