summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-12-26resolved: add an automatic downgrade to non-DNSSEC modeLennart Poettering
This adds a mode that makes resolved automatically downgrade from DNSSEC support to classic non-DNSSEC resolving if the configured DNS server is not capable of DNSSEC. Enabling this mode increases compatibility with crappy network equipment, but of course opens up the system to downgrading attacks. The new mode can be enabled by setting DNSSEC=downgrade-ok in resolved.conf. DNSSEC=yes otoh remains a "strict" mode, where DNS resolving rather fails then allow downgrading. Downgrading is done: - when the server does not support EDNS0+DO - or when the server supports it but does not augment returned RRs with RRSIGs. The latter is detected when requesting DS or SOA RRs for the root domain (which is necessary to do proofs for unsigned data)
2015-12-26resolved: no need to store return value of dns_server_possible_features()Lennart Poettering
The call already updates possible_features, it's pointless doing this in the caller a second time.
2015-12-26resolved: don't set TCP_NODELAY twice for TCP socketsLennart Poettering
We previously set it once in the scope code and once in the stream code. Remove it from the latter, as all other socket options are set in the former.
2015-12-26resolved: generate an explicit transaction error when we cannot reach server ↵Lennart Poettering
via TCP Previously, if we couldn't reach a server via UDP we'd generate an MAX_ATTEMPTS transaction result, but if we couldn't reach it via TCP we'd generate a RESOURCES transaction result. While it is OK to generate two different errors I think, "RESOURCES" is certainly a misnomer. Introduce a new transaction result "CONNECTION_FAILURE" instead.
2015-12-26resolved: deal with unsigned DS/NSEC/NSEC3 properlyLennart Poettering
Previously, we'd insist on an RRSIG for all DS/NSEC/NSEC3 RRs. With this change we don't do that anymore, but also allow unsigned DS/NSEC/NSEC3 if we can prove that the zone they are located in is unsigned.
2015-12-26resolved: log each dnssec failure, in a recognizable wayLennart Poettering
2015-12-26resolved: gather statistics about resolved namesLennart Poettering
This collects statistical data about transactions, dnssec verifications and the cache, and exposes it over the bus. The systemd-resolve-host tool learns new options to query these statistics and reset them.
2015-12-26resolved: if we accepted unauthenticated NSEC/NSEC3 RRs, use them for proofsLennart Poettering
But keep track that the proof is not authenticated.
2015-12-26resolved: don't insist on finding DNSKEYs for RRsets of zones with DNSSEC offLennart Poettering
2015-12-26resolved: be stricter when searching for a DS RR for a DNSKEY RRLennart Poettering
2015-12-26resolved: make use of dns_type_may_redirect() where possibleLennart Poettering
2015-12-26update DNSSEC TODOLennart Poettering
2015-12-26resolved: tighten search for NSEC3 RRs a bitLennart Poettering
Be stricter when searching suitable NSEC3 RRs for proof: generalize the check we use to find suitable NSEC3 RRs, in nsec3_is_good(), and add additional checks, such as checking whether all NSEC3 RRs use the same parameters, have the same suffix and so on.
2015-12-26resolved: when doing NSEC3 proof, first find right NSEC3 suffixLennart Poettering
When doing an NSEC3 proof, before detrmining whether a name is the closest encloser we first need to figure out the longest common suffix we have with any NSEC3 RR in the reply.
2015-12-26resolved: properly implement RRSIG validation of wildcarded RRsetsLennart Poettering
Note that this is still not complete, one additional step is still missing: when we verified that a wildcard RRset is properly signed, we still need to do an NSEC/NSEC3 proof that no more specific RRset exists.
2015-12-26resolved: never use data from failed transactionsLennart Poettering
Otherwise if we have an A lookup that failed DNSSEC validation, but an AAAA lookup that succeeded, we might end up using the A data, but we really should not.
2015-12-26resolved: don't choke on NSEC/NSEC3 RRs with no bitmapLennart Poettering
This might happen in some cases (empty non-terminals...) and we should not choke on it.
2015-12-26bitmap: don't do bitwise XOR on booleansLennart Poettering
It's weird doing bitwise operations on booleans. Let's use the boolean XOR (i.e. "!=") instead of the bitweise XOR (i.e. "^") on them.
2015-12-26util-lib: make sure more bitmap calls can deal with NULL objects fineLennart Poettering
2015-12-26resolved: internalize string buffer of dns_resource_record_to_string()Lennart Poettering
Let's simplify usage and memory management of DnsResourceRecord's dns_resource_record_to_string() call: cache the formatted string as part of the object, and return it on subsequent calls, freeing it when the DnsResourceRecord itself is freed.
2015-12-26resolved: when matching SOA RRs, don't eat up errorsLennart Poettering
2015-12-26resolved: when matching SOA RRs, honour RR classLennart Poettering
2015-12-26resolved: when looking for a SOA RR in a reply, pick the right oneLennart Poettering
If there are multiple SOA RRs, and we look for a suitable one covering our request, then make sure to pick the one that is furthest away from the root name, not just the first one we encounter.
2015-12-26resolved: when caching NXDOMAIN for an RR, make sure we flush out old ANY ↵Lennart Poettering
entries We use ANY RR keys to store NXDOMAIN information, but we previously didn't flush out old ANY RR items in the cache when adding new entries. Fix that.
2015-12-26resolved: split out a new dns_type_may_redirect() callLennart Poettering
Let's abstract which RRs shall honour CNAMEs, and which ones should not.
2015-12-26resolve-host: propagate error properlyLennart Poettering
2015-12-25Merge pull request #2197 from mscherer/add_seal_configZbigniew Jędrzejewski-Szmek
Add Seal option in the configuration file for journald-remote
2015-12-25Merge pull request #2223 from ssahani/lldpZbigniew Jędrzejewski-Szmek
Closes #2223.
2015-12-25V3 LLDP: Add packet validation (system name and description)Susant Sahani
LLDP type system name and system description should be with in 255 characters and unique. Let's add the validation to discard corrupt packets.
2015-12-25lldp: improve loggingSusant Sahani
2015-12-24Merge pull request #2153 from evverx/fix-verify-for-templatesZbigniew Jędrzejewski-Szmek
analyze: verify verifies templates too
2015-12-24Merge pull request #2216 from zonque/nameownerchangedLennart Poettering
core: re-sync bus name list after deserializing during daemon-reload
2015-12-23core: re-sync bus name list after deserializing during daemon-reloadDaniel Mack
When the daemon reloads, it doesn not actually give up its DBus connection, as wrongly stated in an earlier commit. However, even though the bus connection stays open, the daemon flushes out all its internal state. Hence, if there is a NameOwnerChanged signal after the flush and before the deserialization, it cannot be matched against any pending unit. To fix this, rename bus_list_names() to manager_sync_bus_names() and call it explicitly at the end of the daemon reload operation.
2015-12-23Merge pull request #2158 from keszybz/journal-decompressionLennart Poettering
Journal decompression fixes
2015-12-23Merge pull request #2214 from zonque/leakLennart Poettering
Core: plug a memory leak in socket.c, and some related cleanups
2015-12-22socket: nullify pointers after freeDaniel Mack
A socket shouldn't be used after socket_done() returns, but follow the general guideline here and avoid dangling pointers anyway.
2015-12-22socket: free fdname memberDaniel Mack
Plug a small memory leak.
2015-12-21Merge pull request #2202 from zonque/nameownerchangedLennart Poettering
core: fix bus name synchronization after daemon-reload
2015-12-21Merge pull request #2204 from zonque/sd-event-debugLennart Poettering
sd-event: improve debugging of event source errors
2015-12-21sd-event: improve debugging of event source errorsDaniel Mack
Printing the pointer variable really doesn't help, so drop that. Instead, add a string lookup table for the EventSourceType enum, and print the type of event source in case of errors.
2015-12-21Merge pull request #2203 from mbiebl/man-typo-fixDaniel Mack
man: fix typo in systemctl(1)
2015-12-21man: fix typo in systemctl(1)Michael Biebl
2015-12-21core: fix bus name synchronization after daemon-reloadDaniel Mack
During daemon-reload, PID1 temporarly loses its DBus connection, so there's a small window in which all signals sent by dbus-daemon are lost. This is a problem, since we rely on the NameOwnerChanged signals in order to consider a service with Type=dbus fully started or terminated, respectively. In order to fix this, a rewrite of bus_list_names() is necessary. We used to walk the current list of names on the bus, and blindly triggered the bus_name_owner_change() callback on each service, providing the actual name as current owner. This implementation has a number of problems: * We cannot detect if the the name was moved from one owner to the other while we were reloading * We don't notify services which missed the name loss signal * Providing the actual name as current owner is a hack, as the comment also admits. To fix this, this patch carries the following changes: * Track the name of the current bus name owner, and (de-)serialize it during reload. This way, we can detect changes. * In bus_list_names(), walk the list of bus names we're interested in first, and then see if the name is active on the bus. If it is, check it it's still the same as it used to be, and synthesize NameOwnerChanged signals for the name add and/or loss. This should fully synchronize the current name list with the internal state of all services.
2015-12-20Merge pull request #2199 from phomes/resolve-indentationDaniel Mack
resolve: fix indentation
2015-12-20resolve: fix indentationThomas Hindoe Paaboel Andersen
2015-12-20Add Seal option in the configuration file for journald-remoteMichael Scherer
While journal received remotely can be sealed, it can only be done on the command line using --seal, so for consistency, we will also permit to set it in the configuration file.
2015-12-20Merge pull request #2190 from poettering/dnssec6Tom Gundersen
Add DNSSEC proof of unsignedness and NSEC3 proof
2015-12-20Merge pull request #2193 from ToostInc/logindbus-typo-fixDaniel Mack
Fix typo on logind-dbus.c
2015-12-19Fix typo on logind-dbus.cJoost Bremmer
method_schedule_shutdown referenced org.freedesktop.login1.poweroff* which is never registered in polkit. Now refers to org.freedesktop.login1.power-off* Signed-off-by: Joost Bremmer <toost.b@gmail.com>
2015-12-18resolved: propagate DNSSEC validation status from auxiliary transactionsLennart Poettering
Let's make sure we propagate the DNSSEC validation status from an auxiliary DNSSEC transaction back to the originating transaction, to improve the error messages we generate.