summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSusant Sahani <ssahani@users.noreply.github.com>2016-10-27 05:01:04 +0530
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-10-26 19:31:04 -0400
commit532538244028ca90e9a7c59ec9627a3ff17a7da8 (patch)
treeddf0f5718c4865443f1e899306faad005b0a2230
parent808b95ef82a0715af7bde08a0050e2477bfc6f0f (diff)
networkd : verify dns ip address when parsing configuration (#4492)
Invalid IP addresses would be passed through as-is: $ networkctl status wlp3s0: ● 2: wlp3s0 Link File: /usr/lib/systemd/network/99-default.link Network File: /etc/systemd/network/wlp3s0.network Type: wlan State: routable (configured) Path: pci-0000:03:00.0 Driver: iwlwifi Vendor: Intel Corporation Model: Centrino Advanced-N 6205 [Taylor Peak] (Centrino Advanced-N 6205 AGN) HW Address: XXXXXXXXXX (Intel Corporate) Address: 192.168.2.103 XXXXXXXXXXX Gateway: 192.168.2.1 (Arcadyan Technology Corporation) DNS: 127.0.0.5553 Instead verify that DNS= has a valid list of addresses when parsing configuration. Fixes #4462.
-rw-r--r--src/network/networkd-network-gperf.gperf2
-rw-r--r--src/network/networkd-network.c50
-rw-r--r--src/network/networkd-network.h1
3 files changed, 52 insertions, 1 deletions
diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf
index 5587961b9f..bcf8186c33 100644
--- a/src/network/networkd-network-gperf.gperf
+++ b/src/network/networkd-network-gperf.gperf
@@ -49,7 +49,7 @@ Network.EmitLLDP, config_parse_lldp_emit,
Network.Address, config_parse_address, 0, 0
Network.Gateway, config_parse_gateway, 0, 0
Network.Domains, config_parse_domains, 0, 0
-Network.DNS, config_parse_strv, 0, offsetof(Network, dns)
+Network.DNS, config_parse_dns, 0, 0
Network.LLMNR, config_parse_resolve_support, 0, offsetof(Network, llmnr)
Network.MulticastDNS, config_parse_resolve_support, 0, offsetof(Network, mdns)
Network.DNSSEC, config_parse_dnssec_mode, 0, offsetof(Network, dnssec_mode)
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 584cb96979..042232fcac 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -979,6 +979,56 @@ int config_parse_dhcp_server_ntp(
}
}
+int config_parse_dns(
+ const char *unit,
+ const char *filename,
+ unsigned line,
+ const char *section,
+ unsigned section_line,
+ const char *lvalue,
+ int ltype,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ Network *n = userdata;
+ int r;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+
+ for (;;) {
+ _cleanup_free_ char *w = NULL;
+ union in_addr_union a;
+ int family;
+
+ r = extract_first_word(&rvalue, &w, WHITESPACE, EXTRACT_QUOTES|EXTRACT_RETAIN_ESCAPE);
+ if (r == 0)
+ break;
+ if (r == -ENOMEM)
+ return log_oom();
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
+ break;
+ }
+
+ r = in_addr_from_string_auto(w, &family, &a);
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse dns server address, ignoring: %s", w);
+ continue;
+ }
+
+ r = strv_consume(&n->dns, w);
+ if (r < 0)
+ return log_oom();
+
+ w = NULL;
+ }
+
+ return 0;
+}
+
int config_parse_dnssec_negative_trust_anchors(
const char *unit,
const char *filename,
diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h
index ef4b499ab9..42fc82d392 100644
--- a/src/network/networkd-network.h
+++ b/src/network/networkd-network.h
@@ -220,6 +220,7 @@ int config_parse_netdev(const char *unit, const char *filename, unsigned line, c
int config_parse_domains(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_tunnel(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_dhcp(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+int config_parse_dns(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_dhcp_client_identifier(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_ipv6token(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_ipv6_privacy_extensions(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);