1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-31 16:21:26 +03:00
Commit Graph

49548 Commits

Author SHA1 Message Date
Luca Boccassi
b8f762f2fe stat-util: fix dir_is_empty_at without path
Use the right FD, and do a fd_reopen instead of a dup, since the
latter will still share the internal pointer which then gets
moved by FOREACH_DIRENT, affecting the caller's FD.
2021-02-16 20:24:27 +01:00
Lennart Poettering
42b23010b9
Merge pull request #18624 from poettering/resolved-feature-level-tweak
resolved: three tweaks to server feature level tracking
2021-02-16 20:24:05 +01:00
Yu Watanabe
955b11ffd3
Merge pull request #18629 from yuwata/sd-netlink-nexthop-types
sd-netlink: add nexthop related types
2021-02-17 04:06:15 +09:00
Lennart Poettering
9147b591a1 resolved: unify code for trying a different DNS server
Let's unify some code, and add a common implementation of a function
that checks whether we have tried all DNS servers yet, and retries the
transaction if we don't. We already use this same code twice. Let's use
it at some other places too now — basically all cases where we switch to
a new server — with the one case of packet loss, where we too switch
servers, but don#t care how many times we already tried to switch.
2021-02-16 18:54:33 +01:00
Lennart Poettering
7ef863a76a resolved: improve log message when retrying a transaction with a different server 2021-02-16 18:53:33 +01:00
Lennart Poettering
fba3e94df5 resolved: never go below DNSSEC feature level in DNSSEC strict mode
This adjusts our feature level handling: when DNSSEC strict mode is on,
let's never lower the feature level below the lowest DNSSEC mode.

Also, when asking whether DNSSEC is supproted, always say yes in strict
mode. This means that error reporting about transactions that fail
because of missing DNSSEC RRs will not report "incompatible-server" but
instead "missing-signature" or suchlike.

The main difference here is that DNSSEC failures become local to a
transaction, instead of propagating into the feature level we reuse for
future transactions. This is beneficial with routers that implement
"mostly a DNS proxy", i.e. that propagate most DNS requests 1:1 to their
upstream servers, but synthesize local answers for a select few domains.
For example, AVM Fritz!Boxes operate that way: they proxy most traffic
1:1 upstream in an DNSSEC-compatible fashion, but synthesize the
"fritz.box" locally, so that it can be used to configure the router.
This local domain cannot be DNSSEC verified, it comes without
signatures. Previously this would mean once that domain was resolved
feature level would be downgraded, and we'd thus fail all future DNSSEC
attempts. With this change, the immediate lookup for "fritz.box" will
fail validation, but for all other unrelated future ones that comes
without prejudice.

(While we are at it, also make a couple of other downgrade paths a bit
tighter.)

Fixes: #10570 #14435 #6490
2021-02-16 18:44:01 +01:00
Lennart Poettering
d8592a4e2f resolved: make feature level checks a bit more discriptive
The levels have an order, but the order is sometimes a bit arbitrary.
Hence add simple macros to check for specific features and use those, so
that the ordering leaks a bit less into all files.
2021-02-16 18:41:08 +01:00
Lennart Poettering
2c42a217a2 resolved: when we can't parse a packet, downgrade feature level
So far we didn't really handle the case where we can't parse a reply
packet. Since this apparently happens in real-life though, let's add
some minimal logic, to downgrade/restart if we see this.
2021-02-16 18:41:08 +01:00
Yu Watanabe
8900c05e6e netlink: drop sd_rtnl_message_{route,nexthop}_set_family()
The family is already set when the message is created.
2021-02-17 02:06:26 +09:00
Yu Watanabe
fc80ed5f97 network: drop unnecessary family setting
It is already set in sd_rtnl_message_new_nexthop().
2021-02-17 02:06:26 +09:00
Yu Watanabe
ccb4072e21 man: fix indentation 2021-02-16 17:59:21 +01:00
Lennart Poettering
b52eac2010 resolved: paranoia — ensure DNS reply came over stream we sent it to 2021-02-16 17:43:27 +01:00
heretoenhance
8d186a35cb
Adding an explanation for CONFIG_NET requirement (#18600)
* README: replace CONFIG_NET with CONFIG_UNIX in requirements list
2021-02-16 16:26:51 +00:00
Yu Watanabe
735a3d73b7 netlink: fix assertions 2021-02-17 01:21:03 +09:00
Yu Watanabe
4684ec5e3d netlink: add nexthop related types 2021-02-17 01:16:42 +09:00
Yu Watanabe
f5b7deb969 sd-netlink: add RTA_NH_ID attribute support 2021-02-17 01:16:10 +09:00
Zbigniew Jędrzejewski-Szmek
15567b3a73 Rename unit_times_free to unit_times_free_array
It frees the whole array and the type is UnitTimes not UnitTime.
2021-02-16 17:15:11 +01:00
Zbigniew Jędrzejewski-Szmek
cfb1a0e555 Rename strbuf_cleanup to strbuf_free
It frees the whole object.
2021-02-16 17:15:11 +01:00
Zbigniew Jędrzejewski-Szmek
425ac7a253 fuzz-systemctl-parse-argv: call static destuctors
With all the preparatory work in previous PRs, we can now call static destructors
repeatedly without issue. We need to do it here so that global variables allocated
during parsing are properly freed.
2021-02-16 17:15:11 +01:00
Zbigniew Jędrzejewski-Szmek
36556f6e51 systemctl: use free_and_replace on global variable
In normal usage we cannot set it multiple times, but from a fuzzer we
may. Doing it this way is nicer anyway.
2021-02-16 17:15:11 +01:00
Zbigniew Jędrzejewski-Szmek
fd421c4adc tree-wide: reset the cleaned-up variable in cleanup functions
If the cleanup function returns the appropriate type, use that to reset the
variable. For other functions (usually the foreign ones which return void), add
an explicit value to reset to.

This causes a bit of code churn, but I think it might be worth it. In a
following patch static destructors will be called from a fuzzer, and this
change allows them to be called multiple times. But I think such a change might
help with detecting unitialized code reuse too. We hit various bugs like this,
and things are more obvious when a pointer has been set to NULL.

I was worried whether this change increases text size, but it doesn't seem to:

-Dbuildtype=debug:
before "tree-wide: return NULL from freeing functions":
-rwxrwxr-x 1 zbyszek zbyszek 4117672 Feb 16 14:36 build/libsystemd.so.0.30.0*
-rwxrwxr-x 1 zbyszek zbyszek 4494520 Feb 16 15:06 build/systemd*
after "tree-wide: return NULL from freeing functions":
-rwxrwxr-x 1 zbyszek zbyszek 4117672 Feb 16 14:36 build/libsystemd.so.0.30.0*
-rwxrwxr-x 1 zbyszek zbyszek 4494576 Feb 16 15:10 build/systemd*
now:
-rwxrwxr-x 1 zbyszek zbyszek 4117672 Feb 16 14:36 build/libsystemd.so.0.30.0*
-rwxrwxr-x 1 zbyszek zbyszek 4494640 Feb 16 15:15 build/systemd*

-Dbuildtype=release:
before "tree-wide: return NULL from freeing functions":
-rwxrwxr-x 1 zbyszek zbyszek 5252256 Feb 14 14:47 build-rawhide/libsystemd.so.0.30.0*
-rwxrwxr-x 1 zbyszek zbyszek 1834184 Feb 16 15:09 build-rawhide/systemd*
after "tree-wide: return NULL from freeing functions":
-rwxrwxr-x 1 zbyszek zbyszek 5252256 Feb 14 14:47 build-rawhide/libsystemd.so.0.30.0*
-rwxrwxr-x 1 zbyszek zbyszek 1834184 Feb 16 15:10 build-rawhide/systemd*
now:
-rwxrwxr-x 1 zbyszek zbyszek 5252256 Feb 14 14:47 build-rawhide/libsystemd.so.0.30.0*
-rwxrwxr-x 1 zbyszek zbyszek 1834184 Feb 16 15:16 build-rawhide/systemd*

I would expect that the compiler would be able to elide the setting of a
variable if the variable is never used again. And this seems to be the case:
in optimized builds there is no change in size whatsoever. And the change in
size in unoptimized build is negligible.

Something strange is happening with size of libsystemd: it's bigger in
optimized builds. Something to figure out, but unrelated to this patch.
2021-02-16 17:15:11 +01:00
Zbigniew Jędrzejewski-Szmek
75db809ae5 tree-wide: return NULL from freeing functions
I started working on this because I wanted to change how
DEFINE_TRIVIAL_CLEANUP_FUNC is defined. Even independently of that change, it's
nice to make make things more consistent and predictable.
2021-02-16 17:15:10 +01:00
Lennart Poettering
1d123e772d resolved: reduce indentation level a bit 2021-02-16 16:46:01 +01:00
Lennart Poettering
13eb76ef06 resolved: let's preferably route reverse lookups for local subnets to matching interfaces
Let's preferably route traffic for reverse lookups to LLMNR/mDNS/DNS on
the matching interface if the IP address is in the local subnet. Also,
if looking up an IP address of our own host, let's avoid doing
LLMNR/mDNS at all.

This is useful if "~." is a routing domain to DNS, as it means, local
reverse lookups still go to LLMNR/mDNS, too.

Fixes: #16243 #10081
2021-02-16 16:13:42 +01:00
Zbigniew Jędrzejewski-Szmek
13734c75b5 Refactor strv_env_replace() into strv_env_replace_consume()
All callers of strv_env_replace() would free the argument on error.
So let's follow the same pattern as with strv_consume (and similar
naming) and unconditionally "use up" the argument.
2021-02-16 16:10:14 +01:00
Zbigniew Jędrzejewski-Szmek
b230baaeb7 shared/exec-util: fix minor memleak
p was not freed on error.
2021-02-16 16:10:14 +01:00
Zbigniew Jędrzejewski-Szmek
73c8cc7164 test-env-util: add tests for the two new functions 2021-02-16 16:10:14 +01:00
Zbigniew Jędrzejewski-Szmek
99bfce1080 basic/env-util: drop now-unused strv_env_set() 2021-02-16 16:10:14 +01:00
Zbigniew Jędrzejewski-Szmek
f08231fe07 basic/env-util: add strv_env_assign() helper 2021-02-16 16:10:14 +01:00
Zbigniew Jędrzejewski-Szmek
6f8f8688e1 shared/user-record: inline iterator variable declarations 2021-02-16 16:10:14 +01:00
Zbigniew Jędrzejewski-Szmek
ab4ab13c74 locale: inline iterator variable declarations 2021-02-16 16:10:14 +01:00
Luca Boccassi
809ceb8217 namespace: store and use original MountEntry paths when prefixing
Some paths (eg: mount_tmpfs) simply assumed that prefixing always
happens and it always stores the original path in path_const, and
the prefixed path in path_malloc.
But if a MountEntry is set up in a helper function and thus uses
only _malloc struct members, this assumption doesn't hold and there's
a crash.

Refactor so that prefixing is done with a helper which stores the
original path in a separate struct member, and accessing it also
uses a helper which does the right thing.
2021-02-16 14:33:23 +00:00
Luca Boccassi
b850a9b29f MountImages: actually support optional paths
ENOENT did not cause an image mount to be skipped, fix it
2021-02-16 14:33:23 +00:00
Zbigniew Jędrzejewski-Szmek
5d160a2304 networkd: make network_config_section_free() inline 2021-02-16 14:27:59 +01:00
Zbigniew Jędrzejewski-Szmek
1f38830153 resolved: make dns_transaction_gc return a pointer
_gc() does cleanup if it is possible. So far it returned a bool to
signal if it succeeded (false on success). When working on the resolved
code I had to look at the definition every time, because the (arguably
reversed) calling convention is unobvious. So let's return a pointer
(non-NULL: gc has not been done, NULL: gc has been done).

This fits nicely with the standard to return a pointer from all free
functions obviously.
2021-02-16 14:27:59 +01:00
Zbigniew Jędrzejewski-Szmek
d3b56a0cad networkd-ndisc: drop confused freepp function
The function to cleanup IPv6Token was defined using freep, i.e. the macro
generated a freepp function. The correct way would be to do something like
  #define ipv6_token_free mfree
  DEFINE_TRIVIAL_CLEANUP_FUNC(IPv6Token *, ipv6_token_free);
which would create ipv6_token_freep().
But since the cleanup function is unused, let's just drop it.
2021-02-16 14:27:59 +01:00
Zbigniew Jędrzejewski-Szmek
450918d111 coredump: add typedef for struct 2021-02-16 14:27:59 +01:00
Zbigniew Jędrzejewski-Szmek
a779cf30d2 basic/capability-util: add missing initialization
There was no error, because the pointer is unconditionally set below.
2021-02-16 14:27:59 +01:00
Zbigniew Jędrzejewski-Szmek
6aa601c56c analyze: use typedefs for structs and inline iterator variable decls 2021-02-16 14:27:59 +01:00
Lennart Poettering
1e69eaddf8 resolved: log process info of clients requesting resolution via D-Bus
Let's make things more debuggable: when debug logging is on, let's
say which client is asking for our services.

This is helpful for easily figuring out which local process might
interfere with your debugging sessions by issuing additional requests
while you try to debug a request (I am looking at you, geoclue!).
2021-02-16 13:42:49 +01:00
Lennart Poettering
ff05157f82
Merge pull request #18617 from poettering/resolved-confidential
resolved: tell clients which source a response is from, and whether it was never sent via unencrypted transports
2021-02-16 13:40:46 +01:00
Lennart Poettering
5c1790d1ce resolved: propagate source where an RR from back to client
This is extremely useful when debugging stuff: knowing whether a result
was cached, came from network, or was synthesized.
2021-02-16 10:03:43 +01:00
Lennart Poettering
43fc4baa26 resolved: add "confidential" flag for replies passed to clients
Let's introduce a new flag that indicates whether the response was
acquired in "confidential" mode, i.e. via encrypted DNS-over-TLS, or
synthesized locally.

Fixes: #12859
2021-02-16 10:03:43 +01:00
Lennart Poettering
6f055e43b8 resolved: replace "answer_authenticated" bool by uint64_t query_flags field
Let's use the same flags type we use for client communication, i.e.
instead of "bool answer_authenticated", let's use "uint64_t
answer_query_flags", with the SD_RESOLVED_AUTHENTICATED flag.

This is mostly just search/replace, i.e. a refactoring, no change in
behaviour.

This becomes useful once in a later commit SD_RESOLVED_CONFIDENTIAL is
added to indicate resolution that either were encrypted (DNS-over-TLS)
or never left the local system.
2021-02-16 10:03:43 +01:00
Lennart Poettering
0e703bb48d
Merge pull request #18611 from poettering/ifname-validate-tighter
make ifname validation tighter
2021-02-16 09:52:32 +01:00
Lennart Poettering
e03d156f78
Merge pull request #18603 from poettering/socket-graveyard
resolved: keep udp sockets until we receive a reply or timeout
2021-02-16 09:51:41 +01:00
Lennart Poettering
018b642a98 resolvectl: clarify IDNA and search path logic in combination with "resolvectl query --type="
When low-level RR resolution is requested from "resolvectl query" via
"--type=" or "--class=" no search domain logic is applied and no IDNA
translation.

Explain this in detail in the documentation, and also mentions this when
users attempt to resolve single-label names or names with international
characters in the output.

I believe the current behaviour is correct, but it is indeed surprising.
Hence the documentation and output improvement.

Fixes: #11325 #10737
2021-02-16 09:51:17 +01:00
Zbigniew Jędrzejewski-Szmek
a16d732a51 fuzz-systemctl-parse-argv: avoid "leak" of bus object
Memory sanitizer would report leaked memory from --boot-load-entry=help.

Maybe we should disable all bus connections from the fuzzer? It seems not
appropriate to communicate with logind. OTOH, in a real fuzzing environment
this call should just fail, so maybe that's OK.
2021-02-16 08:57:12 +01:00
Zbigniew Jędrzejewski-Szmek
e557c82dd5
Merge pull request #18571 from bluca/portable_dbus_doc
portable: use helpers for DBUS registration and document DBUS interface
2021-02-16 08:30:27 +01:00
Zbigniew Jędrzejewski-Szmek
8f50eb04ac
Merge pull request #18481 from keszybz/rpm-restart-post-trans
Restart units after the rpm transaction
2021-02-16 08:25:49 +01:00