diff options
author | David Michael <david.michael@coreos.com> | 2016-08-31 15:34:29 -0700 |
---|---|---|
committer | David Michael <david.michael@coreos.com> | 2016-10-07 12:14:38 -0700 |
commit | 1ae43295751fc235e7f93719a635a5b06f3ac09b (patch) | |
tree | 942693237c80fa428220f0d719e0d7e72eaf4cbe | |
parent | 07f264e40a36552a11559ff3fd5e07dbdbfad444 (diff) |
resolved: add an option to control the DNS stub listener
-rw-r--r-- | man/resolved.conf.xml | 12 | ||||
-rw-r--r-- | src/resolve/resolved-conf.c | 11 | ||||
-rw-r--r-- | src/resolve/resolved-conf.h | 15 | ||||
-rw-r--r-- | src/resolve/resolved-dns-stub.c | 24 | ||||
-rw-r--r-- | src/resolve/resolved-gperf.gperf | 13 | ||||
-rw-r--r-- | src/resolve/resolved-manager.c | 1 | ||||
-rw-r--r-- | src/resolve/resolved-manager.h | 2 | ||||
-rw-r--r-- | src/resolve/resolved.conf.in | 1 |
8 files changed, 63 insertions, 16 deletions
diff --git a/man/resolved.conf.xml b/man/resolved.conf.xml index 7556c6ff31..44df8ffa80 100644 --- a/man/resolved.conf.xml +++ b/man/resolved.conf.xml @@ -213,6 +213,18 @@ (such as 127.0.0.1 or ::1), in order to avoid duplicate local caching.</para></listitem> </varlistentry> + <varlistentry> + <term><varname>DNSStubListener=</varname></term> + <listitem><para>Takes a boolean argument or one of <literal>udp</literal> and <literal>tcp</literal>. If + <literal>udp</literal> (the default), a DNS stub resolver will listen for UDP requests on address 127.0.0.53 + port 53. If <literal>tcp</literal>, the stub will listen for TCP requests on the same address and port. If + <literal>yes</literal>, the stub listens for both UDP and TCP requests. If <literal>no</literal>, the stub + listener is disabled.</para> + + <para>Note that the DNS stub listener is turned off implicitly when its listening address and port are already + in use.</para></listitem> + </varlistentry> + </variablelist> </refsect1> diff --git a/src/resolve/resolved-conf.c b/src/resolve/resolved-conf.c index dd233e7c4a..246327daa2 100644 --- a/src/resolve/resolved-conf.c +++ b/src/resolve/resolved-conf.c @@ -23,8 +23,19 @@ #include "extract-word.h" #include "parse-util.h" #include "resolved-conf.h" +#include "string-table.h" #include "string-util.h" +DEFINE_CONFIG_PARSE_ENUM(config_parse_dns_stub_listener_mode, dns_stub_listener_mode, DnsStubListenerMode, "Failed to parse DNS stub listener mode setting"); + +static const char* const dns_stub_listener_mode_table[_DNS_STUB_LISTENER_MODE_MAX] = { + [DNS_STUB_LISTENER_NO] = "no", + [DNS_STUB_LISTENER_UDP] = "udp", + [DNS_STUB_LISTENER_TCP] = "tcp", + [DNS_STUB_LISTENER_YES] = "yes", +}; +DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dns_stub_listener_mode, DnsStubListenerMode, DNS_STUB_LISTENER_YES); + int manager_add_dns_server_by_string(Manager *m, DnsServerType type, const char *word) { union in_addr_union address; int family, r, ifindex = 0; diff --git a/src/resolve/resolved-conf.h b/src/resolve/resolved-conf.h index 64a185c69f..fc425a36b2 100644 --- a/src/resolve/resolved-conf.h +++ b/src/resolve/resolved-conf.h @@ -19,6 +19,17 @@ along with systemd; If not, see <http://www.gnu.org/licenses/>. ***/ +typedef enum DnsStubListenerMode DnsStubListenerMode; + +enum DnsStubListenerMode { + DNS_STUB_LISTENER_NO, + DNS_STUB_LISTENER_UDP, + DNS_STUB_LISTENER_TCP, + DNS_STUB_LISTENER_YES, + _DNS_STUB_LISTENER_MODE_MAX, + _DNS_STUB_LISTENER_MODE_INVALID = -1 +}; + #include "resolved-manager.h" #include "resolved-dns-server.h" @@ -34,3 +45,7 @@ const struct ConfigPerfItem* resolved_gperf_lookup(const char *key, unsigned len int config_parse_dns_servers(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); int config_parse_search_domains(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); +int config_parse_dns_stub_listener_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); + +const char* dns_stub_listener_mode_to_string(DnsStubListenerMode p) _const_; +DnsStubListenerMode dns_stub_listener_mode_from_string(const char *s) _pure_; diff --git a/src/resolve/resolved-dns-stub.c b/src/resolve/resolved-dns-stub.c index d263cedcd9..53772535c6 100644 --- a/src/resolve/resolved-dns-stub.c +++ b/src/resolve/resolved-dns-stub.c @@ -540,17 +540,21 @@ int manager_dns_stub_start(Manager *m) { assert(m); - r = manager_dns_stub_udp_fd(m); - if (r == -EADDRINUSE) - goto eaddrinuse; - if (r < 0) - return r; + if (IN_SET(m->dns_stub_listener_mode, DNS_STUB_LISTENER_YES, DNS_STUB_LISTENER_UDP)) { + r = manager_dns_stub_udp_fd(m); + if (r == -EADDRINUSE) + goto eaddrinuse; + if (r < 0) + return r; + } - r = manager_dns_stub_tcp_fd(m); - if (r == -EADDRINUSE) - goto eaddrinuse; - if (r < 0) - return r; + if (IN_SET(m->dns_stub_listener_mode, DNS_STUB_LISTENER_YES, DNS_STUB_LISTENER_TCP)) { + r = manager_dns_stub_tcp_fd(m); + if (r == -EADDRINUSE) + goto eaddrinuse; + if (r < 0) + return r; + } return 0; diff --git a/src/resolve/resolved-gperf.gperf b/src/resolve/resolved-gperf.gperf index 2fd56bce26..446f85cdf4 100644 --- a/src/resolve/resolved-gperf.gperf +++ b/src/resolve/resolved-gperf.gperf @@ -14,9 +14,10 @@ struct ConfigPerfItem; %struct-type %includes %% -Resolve.DNS, config_parse_dns_servers, DNS_SERVER_SYSTEM, 0 -Resolve.FallbackDNS, config_parse_dns_servers, DNS_SERVER_FALLBACK, 0 -Resolve.Domains, config_parse_search_domains, 0, 0 -Resolve.LLMNR, config_parse_resolve_support, 0, offsetof(Manager, llmnr_support) -Resolve.DNSSEC, config_parse_dnssec_mode, 0, offsetof(Manager, dnssec_mode) -Resolve.Cache, config_parse_bool, 0, offsetof(Manager, enable_cache) +Resolve.DNS, config_parse_dns_servers, DNS_SERVER_SYSTEM, 0 +Resolve.FallbackDNS, config_parse_dns_servers, DNS_SERVER_FALLBACK, 0 +Resolve.Domains, config_parse_search_domains, 0, 0 +Resolve.LLMNR, config_parse_resolve_support, 0, offsetof(Manager, llmnr_support) +Resolve.DNSSEC, config_parse_dnssec_mode, 0, offsetof(Manager, dnssec_mode) +Resolve.Cache, config_parse_bool, 0, offsetof(Manager, enable_cache) +Resolve.DNSStubListener, config_parse_dns_stub_listener_mode, 0, offsetof(Manager, dns_stub_listener_mode) diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c index 92ade820ac..40f08e8044 100644 --- a/src/resolve/resolved-manager.c +++ b/src/resolve/resolved-manager.c @@ -501,6 +501,7 @@ int manager_new(Manager **ret) { m->mdns_support = RESOLVE_SUPPORT_NO; m->dnssec_mode = DEFAULT_DNSSEC_MODE; m->enable_cache = true; + m->dns_stub_listener_mode = DNS_STUB_LISTENER_UDP; m->read_resolv_conf = true; m->need_builtin_fallbacks = true; m->etc_hosts_last = m->etc_hosts_mtime = USEC_INFINITY; diff --git a/src/resolve/resolved-manager.h b/src/resolve/resolved-manager.h index deebd8e484..6b2208ed94 100644 --- a/src/resolve/resolved-manager.h +++ b/src/resolve/resolved-manager.h @@ -30,6 +30,7 @@ typedef struct Manager Manager; +#include "resolved-conf.h" #include "resolved-dns-query.h" #include "resolved-dns-search-domain.h" #include "resolved-dns-server.h" @@ -47,6 +48,7 @@ struct Manager { ResolveSupport mdns_support; DnssecMode dnssec_mode; bool enable_cache; + DnsStubListenerMode dns_stub_listener_mode; /* Network */ Hashmap *links; diff --git a/src/resolve/resolved.conf.in b/src/resolve/resolved.conf.in index 3bd8389c88..60afa151e3 100644 --- a/src/resolve/resolved.conf.in +++ b/src/resolve/resolved.conf.in @@ -18,3 +18,4 @@ #LLMNR=yes #DNSSEC=@DEFAULT_DNSSEC_MODE@ #Cache=yes +#DNSStubListener=udp |