summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-07-30 00:48:59 +0200
committerLennart Poettering <lennart@poettering.net>2014-07-30 00:48:59 +0200
commitaf93291cc4cbd2fe2fb4af7d3c56138fb39f31dc (patch)
tree18600359a8412751275aa86b607f0b35c21e0b3a
parent2442b93d15f5523aba0c5dc56a42757af889c483 (diff)
resolved: when answer A or AAAA questions, order responses by whether addresses are link-local or not
-rw-r--r--src/network/networkd-address.c4
-rw-r--r--src/network/networkd-link.c2
-rw-r--r--src/resolve/resolved-dns-answer.c31
-rw-r--r--src/resolve/resolved-dns-answer.h1
-rw-r--r--src/resolve/resolved-dns-scope.c2
-rw-r--r--src/shared/in-addr-util.c13
-rw-r--r--src/shared/in-addr-util.h3
7 files changed, 51 insertions, 5 deletions
diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c
index 539bd98b52..1b2d7d52ff 100644
--- a/src/network/networkd-address.c
+++ b/src/network/networkd-address.c
@@ -243,7 +243,7 @@ static int address_acquire(Link *link, Address *original, Address **ret) {
assert(ret);
/* Something useful was configured? just use it */
- if (in_addr_null(original->family, &original->in_addr) <= 0)
+ if (in_addr_is_null(original->family, &original->in_addr) <= 0)
return 0;
/* The address is configured to be 0.0.0.0 or [::] by the user?
@@ -345,7 +345,7 @@ int address_configure(Address *address, Link *link,
return r;
}
- if (!in_addr_null(address->family, &address->in_addr_peer)) {
+ if (!in_addr_is_null(address->family, &address->in_addr_peer)) {
if (address->family == AF_INET)
r = sd_rtnl_message_append_in_addr(req, IFA_ADDRESS, &address->in_addr_peer.in);
else if (address->family == AF_INET6)
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
index 7db71c0b70..87bdd85644 100644
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -283,7 +283,7 @@ static Address* link_find_dhcp_server_address(Link *link) {
if (address->family != AF_INET)
continue;
- if (in_addr_null(address->family, &address->in_addr))
+ if (in_addr_is_null(address->family, &address->in_addr))
continue;
return address;
diff --git a/src/resolve/resolved-dns-answer.c b/src/resolve/resolved-dns-answer.c
index d907664527..93e51fc248 100644
--- a/src/resolve/resolved-dns-answer.c
+++ b/src/resolve/resolved-dns-answer.c
@@ -175,3 +175,34 @@ DnsAnswer *dns_answer_merge(DnsAnswer *a, DnsAnswer *b) {
return k;
}
+
+void dns_answer_order_by_scope(DnsAnswer *a, bool prefer_link_local) {
+ DnsResourceRecord **rrs;
+ unsigned i, start, end;
+ assert(a);
+
+ if (a->n_rrs <= 1)
+ return;
+
+ start = 0;
+ end = a->n_rrs-1;
+
+ /* RFC 4795, Section 2.6 suggests we should order entries
+ * depending on whether the sender is a link-local address. */
+
+ rrs = newa(DnsResourceRecord*, a->n_rrs);
+ for (i = 0; i < a->n_rrs; i++) {
+
+ if (a->rrs[i]->key->class == DNS_CLASS_IN &&
+ ((a->rrs[i]->key->type == DNS_TYPE_A && in_addr_is_link_local(AF_INET, (union in_addr_union*) &a->rrs[i]->a.in_addr) != prefer_link_local) ||
+ (a->rrs[i]->key->type == DNS_TYPE_AAAA && in_addr_is_link_local(AF_INET6, (union in_addr_union*) &a->rrs[i]->aaaa.in6_addr) != prefer_link_local)))
+ /* Order address records that are are not preferred to the end of the array */
+ rrs[end--] = a->rrs[i];
+ else
+ /* Order all other records to the beginning of the array */
+ rrs[start++] = a->rrs[i];
+ }
+
+ assert(start == end+1);
+ memcpy(a->rrs, rrs, sizeof(DnsResourceRecord*) * a->n_rrs);
+}
diff --git a/src/resolve/resolved-dns-answer.h b/src/resolve/resolved-dns-answer.h
index 135a421f29..268bb38537 100644
--- a/src/resolve/resolved-dns-answer.h
+++ b/src/resolve/resolved-dns-answer.h
@@ -42,5 +42,6 @@ int dns_answer_contains(DnsAnswer *a, DnsResourceKey *key);
int dns_answer_find_soa(DnsAnswer *a, DnsResourceKey *key, DnsResourceRecord **ret);
DnsAnswer *dns_answer_merge(DnsAnswer *a, DnsAnswer *b);
+void dns_answer_order_by_scope(DnsAnswer *a, bool prefer_link_local);
DEFINE_TRIVIAL_CLEANUP_FUNC(DnsAnswer*, dns_answer_unref);
diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c
index b975ac4092..b17de0c88f 100644
--- a/src/resolve/resolved-dns-scope.c
+++ b/src/resolve/resolved-dns-scope.c
@@ -483,6 +483,8 @@ void dns_scope_process_query(DnsScope *s, DnsStream *stream, DnsPacket *p) {
if (r == 0)
return;
+ dns_answer_order_by_scope(answer, in_addr_is_link_local(p->family, &p->sender) > 0);
+
r = dns_scope_make_reply_packet(s, DNS_PACKET_ID(p), DNS_RCODE_SUCCESS, p->question, answer, &reply);
if (r < 0) {
log_debug("Failed to build reply packet: %s", strerror(-r));
diff --git a/src/shared/in-addr-util.c b/src/shared/in-addr-util.c
index e9a99177fc..459f846173 100644
--- a/src/shared/in-addr-util.c
+++ b/src/shared/in-addr-util.c
@@ -23,7 +23,7 @@
#include "in-addr-util.h"
-int in_addr_null(int family, const union in_addr_union *u) {
+int in_addr_is_null(int family, const union in_addr_union *u) {
assert(u);
if (family == AF_INET)
@@ -39,6 +39,17 @@ int in_addr_null(int family, const union in_addr_union *u) {
return -EAFNOSUPPORT;
}
+int in_addr_is_link_local(int family, const union in_addr_union *u) {
+ assert(u);
+
+ if (family == AF_INET)
+ return (be32toh(u->in.s_addr) & 0xFFFF0000) == (169U << 24 | 254U << 16);
+
+ if (family == AF_INET6)
+ return IN6_IS_ADDR_LINKLOCAL(&u->in6);
+
+ return -EAFNOSUPPORT;
+}
int in_addr_equal(int family, const union in_addr_union *a, const union in_addr_union *b) {
assert(a);
diff --git a/src/shared/in-addr-util.h b/src/shared/in-addr-util.h
index cff2c321ed..7d1d6baa27 100644
--- a/src/shared/in-addr-util.h
+++ b/src/shared/in-addr-util.h
@@ -31,7 +31,8 @@ union in_addr_union {
struct in6_addr in6;
};
-int in_addr_null(int family, const union in_addr_union *u);
+int in_addr_is_null(int family, const union in_addr_union *u);
+int in_addr_is_link_local(int family, const union in_addr_union *u);
int in_addr_equal(int family, const union in_addr_union *a, const union in_addr_union *b);
int in_addr_prefix_intersect(int family, const union in_addr_union *a, unsigned aprefixlen, const union in_addr_union *b, unsigned bprefixlen);
int in_addr_prefix_next(int family, union in_addr_union *u, unsigned prefixlen);