1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-26 03:22:00 +03:00
Commit Graph

13791 Commits

Author SHA1 Message Date
Lennart Poettering
8af5b88322 resolved: split out check whether reply matches our question
It's complicated enough, it deserves its own call.

(Also contains some unrelated whitespace, comment and assertion changes)
2015-12-10 11:35:52 +01:00
Lennart Poettering
8b5b564947 resolved: IXFR and AXFR cannot be the type of RRs, only of RR keys
Enforce this while parsing RRs.
2015-12-10 11:35:52 +01:00
Lennart Poettering
d75acfb059 resolved: when parsing DNS packets, handle OPT RR specially
As soon as we encounter the OPT RR while parsing, store it in a special
field in the DnsPacket structure. That way, we won't be confused if we
iterate through RRs, and can check that there's really only one of these
RRs around.
2015-12-10 11:35:52 +01:00
Lennart Poettering
c296dd2eea resolved: refuse modifying DnsAnswer objects that have more than one reference
DnsAnswer objects should be considered immutable after having passed to
more than one user, i.e. with a reference counter > 1. Enforce that in
code, so that we can track down misuses easier.
2015-12-10 11:28:02 +01:00
Lennart Poettering
d12bf2bdff resolved: fix libgcrypt error checking
libgcrypt encodes the error source in the error code, we need to mask
that away before comparing error codes.
2015-12-10 11:28:02 +01:00
Lennart Poettering
d42800f18e resolved: split out logic to flush DnsAnswer objects
Let's simplify things, by making this a function call of its own.
2015-12-10 11:28:02 +01:00
Lennart Poettering
7bcffc2efa resolved: honour RFC6761's ban on the invalid TLD 2015-12-10 11:28:02 +01:00
Lennart Poettering
aa44ee274c resolved: fix DNS_ANSWER_FOREACH_IFINDEX() to not collide with user defined ifindex variable 2015-12-10 11:28:02 +01:00
Lennart Poettering
0bb4749d1f resolved: partially revert 5eefe54
Quoting @teg:

"Contrary to what the comment said, we always verify redirect chains in
full, and cache all the CNAME records. There is therefore no need to
do extra negative caching along a CNAME chain."

This simply steals @teg's commit since we'll touch the SOA matching case
in a later patch, and rather want this bit gone, so that we don't have
to "fix" it, only to remove it later on.
2015-12-10 11:28:01 +01:00
Lennart Poettering
c52a97b896 resolved: when outputting RRs in text form, append a trailing dot to owner names
After all, that's how this is done in DNS, and is particularly important
if we look a DS/DNSKEY RRs for the root zone itself, where the owner
name would otherwise be shown as completely empty (i.e. missing).
2015-12-10 11:28:01 +01:00
Lennart Poettering
4d247a6cd3 resolved: shortcut RR comparisons if pointers match
When iterating through RR lists we frequently end up comparing RRs and
RR keys with themselves, hence att a minor optimization to check ptr
values first, before doing a deep comparison.
2015-12-10 11:28:01 +01:00
Lennart Poettering
c84e853934 resolved: fix parameter type of dns_type_is_pseudo()
DNS RR types are uint16_t after all, treat them as such.
2015-12-10 11:28:01 +01:00
Lennart Poettering
e4b0e86225 Merge pull request #2056 from evverx/expose-soft-limits-on-the-bus
Expose soft limits on the bus
2015-12-10 11:20:03 +01:00
Daniel Mack
261f3673c1 resolved: add more linked packets for overlong known answers
For mDNS, if we're unable to stuff all known answers into the given packet,
allocate a new one, push the RR into that one and link it to the current
one.
2015-12-10 10:21:50 +01:00
Daniel Mack
80a62095dc resolved: handle linked packet in dns_scope_emit()
In dns_scope_emit(), walk the list of additional packets and emit all of
them. Set the TC bit in all but the last of them.

This is specific to mDNS, so an assertion is triggered if used with other
protocols.
2015-12-10 10:20:55 +01:00
Daniel Mack
9c49156383 resolved: add support for linked packets
For mDNS, we need to support the TC bit in case the list of known answers
exceed the maximum packet size.

For this, add a 'more' pointer to DnsPacket for an additional packet.

When a packet is unref'ed, the ->more packet is also unrefed, so it
sufficient to only keep track of the 1st packet in a chain.
2015-12-10 10:20:54 +01:00
Daniel Mack
dbfbb6e776 resolved: add dns_packet_set_flags()
We need to support the TC bit in queries in case known answers exceed the
maximum packet size. Factor out the flags compilation to
dns_packet_set_flags() and make it externally available.
2015-12-10 10:20:23 +01:00
Daniel Mack
ee8d930568 resolved: llmnr, mdns: simplify error handling
sd_event_add_io() returns the error directly and does not mess with errno.
2015-12-09 18:49:15 +01:00
Daniel Mack
b43d96b076 resolved: don't send .local requests to DNS servers
DNS names ending with .local are specific to mDNS, so don't use them
on DNS scopes.
2015-12-09 18:49:14 +01:00
Daniel Mack
0896271419 Merge pull request #2110 from keszybz/udev-indentation
Udev indentation
2015-12-09 14:18:37 +01:00
Tom Gundersen
319c29920c Merge pull request #2115 from dvdhrm/rbtree
basic: add RB-Tree implementation
2015-12-08 17:31:09 +01:00
Daniel Mack
7778dffff3 resolved: add dns_cache_export_to_packet()
This new functions exports cached records of type PTR, SRV and TXT into
an existing DnsPacket. This is used in order to fill in known records
to mDNS queries, for known answer supression.
2015-12-08 16:51:41 +01:00
Daniel Mack
0afa57e2e7 resolved: implement query coalescing
Implement dns_transaction_make_packet_mdns(), a special version of
dns_transaction_make_packet() for mDNS which differs in many ways:

a) We coalesce queries of currently active transaction on the scope.
   This is possible because mDNS actually allows many questions in a
   to be sent in a single packet and it takes some burden from the
   network.

b) Both A and AAAA query keys are broadcast on both IPv4 and IPv6
   scopes, because other hosts might only respond on one of their
   addresses but resolve both types.

c) We discard previously sent packages (t->sent) so we can start over
   and coalesce pending transactions again.
2015-12-08 16:51:41 +01:00
Daniel Mack
a9da14e1e9 resolved: add 'next_attempt_after' field to DnsTransaction
For each transaction, record when the earliest point in time when the
query packet may hit the wire. This is the same time stamp for which
the timer is scheduled in retries, except for the initial query packets
which are delayed by a random jitter. In this case, we denote that the
packet may actually be sent at the nominal time, without the jitter.

Transactions that share the same timestamp will also have identical
values in this field. It is used to coalesce pending queries in a later
patch.
2015-12-08 16:51:41 +01:00
Daniel Mack
1effe96568 resolved: split dns_transaction_go()
Split some code out of dns_transaction_go() so we can re-use it later from
different context. The new function dns_transaction_prepare_next_attempt()
takes care of preparing everything so that a new packet can conditionally
be formulated for a transaction.

This patch shouldn't cause any functional change.
2015-12-08 16:51:41 +01:00
Daniel Mack
547493c5ad resolved: handle more mDNS protocol details 2015-12-08 16:51:41 +01:00
Daniel Mack
a20b959217 resolved: fix debug message 2015-12-08 16:51:40 +01:00
Daniel Mack
124602aea8 resolved: add mDNS packet dispatcher
Add the packet dispatching routine for mDNS.

It differs to what LLMNR and DNS dispatchers do in the way it matches
incoming packets. In mDNS, we actually handle all incoming packets,
regardless whether we asked for them earlier or not.
2015-12-08 16:51:40 +01:00
Daniel Mack
d84e543d92 resolved: allow name compression in NSEC records 2015-12-08 16:51:40 +01:00
Daniel Mack
11a27c2ec1 resolved: handle mDNS timeouts per transaction
mDNS packet timeouts need to be handled per transaction, not per link.
Re-use the n_attempts field for this purpose, as packets timeouts should be
determined by starting at 1 second, and doubling the value on each try.
2015-12-08 16:51:40 +01:00
Daniel Mack
ef7ce6df4d resolved: short-cut jitter callbacks for LLMNR and mDNS
When a jitter callback is issued instead of sending a DNS packet directly,
on_transaction_timeout() is invoked to 'retry' the transaction. However,
this function has side effects. For once, it increases the packet loss
counter on the scope, and it also unrefs/refs the server instances.

Fix this by tracking the jitter with two bool variables. One saying that
the initial jitter has been scheduled in the first place, and one that
tells us the delay packet has been sent.
2015-12-08 16:51:40 +01:00
Daniel Mack
90325e8c2e resolved: flush keys when DNS_RESOURCE_KEY_CACHE_FLUSH is set
In mDNS, DNS_RESOURCE_KEY_CACHE_FLUSH denotes whether other records with the
same key should be flushed from the cache.
2015-12-08 16:51:39 +01:00
Daniel Mack
23502de3b0 resolved: add cache flush flag to DnsResourceKey
MDNS has a 'key cache flush' flag for records which must be masked out for
the parsers to do our right thing. We will also use that flag later (in a
different patch) in order to alter the cache behavior.
2015-12-08 16:41:45 +01:00
Daniel Mack
ea12bcc789 resolved: add mDNS initial jitter
The logic is to kick off mDNS packets in a delayed way is mostly identical
to what LLMNR needs, except that the constants are different.
2015-12-08 16:41:45 +01:00
Daniel Mack
b4f1862df2 resolved: create dns scopes for mDNS
Follow what LLMNR does, and create per-link DnsScope objects.
2015-12-08 16:41:45 +01:00
Daniel Mack
0db4c90afd resolved: add code to join/leave mDNS multicast groups
Per link, join the mDNS multicast groups when the scope is created, and
leave it again when the scope goes away.
2015-12-08 16:41:45 +01:00
Daniel Mack
4e5bf5e158 resolved: add packet header details for mDNS
Validate mDNS queries and responses by looking at some header fields,
add mDNS flags.
2015-12-08 16:41:45 +01:00
Daniel Mack
bc7702b098 resolved: add infrastructure for mDNS related sockets
Just hook up mDNS listeners with an empty packet dispather function,
introduce a config directive, man page updates etc.
2015-12-08 16:37:40 +01:00
Zbigniew Jędrzejewski-Szmek
2af917de2d Merge pull request #2104 from evverx/rlimit-util-test
tests: add test-rlimit-util
2015-12-07 23:47:45 -05:00
David Herrmann
a0e4cae820 basic: add RB-Tree implementation
This adds an self-standing RB-Tree implementation to src/basic/. This
will be needed for NSEC RR lookups, since we need "close lookups", which
hashmaps (not even ordered-hashmaps) can give us in reasonable time.
2015-12-07 18:34:05 +01:00
Evgeny Vereshchagin
fe39daf2c1 tests: add test-rlimit-util 2015-12-07 09:41:15 +00:00
Zbigniew Jędrzejewski-Szmek
461577eeb3 udev/scsi_id: fix some strange indentation 2015-12-07 00:45:08 -05:00
Zbigniew Jędrzejewski-Szmek
3f65d73149 udev: add emacs header line
Otherwise emacs wants to use 2-space indentation and other
attrocities.
2015-12-07 00:45:08 -05:00
Zbigniew Jędrzejewski-Szmek
9eba69df1c udev: fix NULL deref when executing rules
We quite obviously check whether event->dev_db is nonnull, and
right after that call a function which asserts the same. Move
the call under the same if.

https://bugzilla.redhat.com/show_bug.cgi?id=1283971
2015-12-07 00:44:14 -05:00
Zbigniew Jędrzejewski-Szmek
90b33a2746 libudev: simplify udev_device_ensure_usec_initialized a bit 2015-12-07 00:44:14 -05:00
Lennart Poettering
0fbf9d1fa3 Merge pull request #2100 from msekletar/nologin-label
user-sessions: make sure /run/nologin has correct SELinux label
2015-12-06 20:57:33 +01:00
Lennart Poettering
e28039b2eb Merge pull request #2107 from phomes/misc
Misc cleanups
2015-12-06 20:49:12 +01:00
Thomas Hindoe Paaboel Andersen
22ebb9e4a9 resolve: remove unused variable 2015-12-06 13:49:33 +01:00
Thomas Hindoe Paaboel Andersen
a8fbdf5424 shared: include what we use
The next step of a general cleanup of our includes. This one mostly
adds missing includes but there are a few removals as well.
2015-12-06 13:49:33 +01:00
Alban Crequy
b370fec2b9 nspawn: set TasksMax in machined instead of nspawn
https://github.com/systemd/systemd/issues/2016
2015-12-04 23:36:39 +01:00