summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-12-03resolved: don't accept expired RRSIGsLennart Poettering
2015-12-02resolved: add basic DNSSEC supportLennart Poettering
This adds most basic operation for doing DNSSEC validation on the client side. However, it does not actually add the verification logic to the resolver. Specifically, this patch only includes: - Verifying DNSKEY RRs against a DS RRs - Verifying RRSets against a combination of RRSIG and DNSKEY RRs - Matching up RRSIG RRs and DNSKEY RRs - Matching up RR keys and RRSIG RRs - Calculating the DNSSEC key tag from a DNSKEY RR All currently used DNSSEC combinations of SHA and RSA are implemented. Support for MD5 hashing and DSA or EC cyphers are not. MD5 and DSA are probably obsolete, and shouldn't be added. EC should probably be added eventually, if it actually is deployed on the Internet.
2015-12-02resolved: port ResolveRecord() bus call implementation to ↵Lennart Poettering
dns_resource_record_to_wire_format() Now that we have dns_resource_record_to_wire_format() we can generate the RR serialization we return to bus clients in ResolveRecord() with it. We pass the RR data along in the original form, not the DNSSEC canonical form, since that would mean we'd lose RR name casing, which is however important to keep for DNS-SD services and similar.
2015-12-02resolved: add code to generate the wire format for a single RRLennart Poettering
This adds dns_resource_record_to_wire_format() that generates the raw wire-format of a single DnsResourceRecord object, and caches it in the object, optionally in DNSSEC canonical form. This call is used later to generate the RR serialization of RRs to verify. This adds four new fields to DnsResourceRecord objects: - wire_format points to the buffer with the wire-format version of the RR - wire_format_size stores the size of that buffer - wire_format_rdata_offset specifies the index into the buffer where the RDATA of the RR begins (i.e. the size of the key part of the RR). - wire_format_canonical is a boolean that stores whether the cached wire format is in DNSSEC canonical form or not. Note that this patch adds a mode where a DnsPacket is allocated on the stack (instead of on the heap), so that it is cheaper to reuse the DnsPacket object for generating this wire format. After all we reuse the DnsPacket object for this, since it comes with all the dynamic memory management, and serialization calls we need anyway.
2015-12-02resolved: add code to map DNSSEC digest types to strings and backLennart Poettering
2015-12-02resolved: store DNSKEY fields flags+protocol as-isLennart Poettering
When verifying signatures we need to be able to verify the original data we got for an RR set, and that means we cannot simply drop flags bits or consider RRs invalid too eagerly. Hence, instead of parsing the DNSKEY flags store them as-is. Similar, accept the protocol field as it is, and don't consider it a parsing error if it is not 3. Of course, this means that the DNSKEY handling code later on needs to check explicit for protocol != 3.
2015-12-02resolved: add RFC 5702 defined DNSSEC algorithms to tableLennart Poettering
2015-12-02util-lib: update dns_name_to_wire_format() to optionally generate DNSSEC ↵Lennart Poettering
canonical names We'll need this later when putting together RR serializations to checksum.
2015-12-02resolved: make sure DNS_ANSWER_FOREACH() can be nestedLennart Poettering
Change the iterator counter so that a different varable is used for each invocation of the macro, so that it may be nested.
2015-12-02resolved: simplify dns_packet_append_string()Lennart Poettering
It essentially does the same as dns_packet_append_raw_string(), hence make it a wrapper around it.
2015-12-02hostnamed: SMBIOS 3.0 knows the "tablet" form factor, add support for itLennart Poettering
2015-12-02Merge pull request #2073 from poettering/dns-label-fixesLennart Poettering
Dns label fixes + unrelated selinux clean-up
2015-12-02Merge pull request #2084 from keszybz/ppc64-fixes-2Lennart Poettering
Test fixes to run in ppc64 mock
2015-12-02lz4: fix size check which had no chance of working on big-endianZbigniew Jędrzejewski-Szmek
2015-12-02tests: fix newlines in skip messageZbigniew Jędrzejewski-Szmek
2015-12-02tests: turn check if manager cannot be intialized into macroZbigniew Jędrzejewski-Szmek
We need to check the same thing in multiple tests. Use a shared macro to make it easier to update the list of errnos. Change the errno code for "unitialized cgroup fs" for ENOMEDIUM. Exec format error looks like something more serious. This fixes test-execute invocation in mock.
2015-12-01basic/virt: add missing includes to compile on ppc64Zbigniew Jędrzejewski-Szmek
2015-12-02Merge pull request #2082 from phomes/basic-sort-includesTom Gundersen
basic: re-sort includes
2015-12-01basic: re-sort includesThomas Hindoe Paaboel Andersen
My previous patch to only include what we use accidentially placed the added inlcudes in non-sorted order.
2015-12-01Merge pull request #2074 from keszybz/test-acl-util-fixTom Gundersen
test-acl-util: fix two issues from review
2015-12-01Merge pull request #2075 from phomes/includes-cleanup-basicTom Gundersen
basic: include only what we use
2015-11-30basic: include only what we useThomas Hindoe Paaboel Andersen
This is a cleaned up result of running iwyu but without forward declarations on src/basic.
2015-11-30test-acl-util: fix two issues from reviewZbigniew Jędrzejewski-Szmek
https://github.com/systemd/systemd/pull/2063
2015-11-30core: simplify selinux AVC initializationLennart Poettering
Let's merge access_init() and mac_selinux_access_init(), and only call mac_selinux_use() once, inside the merged function, instead of multiple times, including in the caller. See comments on: https://github.com/systemd/systemd/pull/2053
2015-11-30dns-domain: change error codes when dealing with too short buffers to ENOBUFSLennart Poettering
Some calls used ENOBUFS to indicate too-short result buffers, others used ENOSPC. Let's unify this on ENOBUFS.
2015-11-30dns-domain: check resulting domain name length in dns_name_to_wire_format()Lennart Poettering
Let's better be safe than sorry.
2015-11-30dns-domain: make sure dns_name_to_wire_format() may properly encode the root ↵Lennart Poettering
domain The root domain consists of zero labels, and we should be able to encode that.
2015-11-30dns-domain: don't accept overly long hostnamesLennart Poettering
Make sure dns_name_normalize(), dns_name_concat(), dns_name_is_valid() do not accept/generate invalidly long hostnames, i.e. longer than 253 characters.
2015-11-30dns-domain: be more strict when encoding/decoding labelsLennart Poettering
Labels of zero length are not OK, refuse them early on. The concept of a "zero-length label" doesn't exist, a zero-length full domain name however does (representing the root domain). See RFC 2181, Section 11.
2015-11-30Merge pull request #2068 from grawity/cgls-error-v2Lennart Poettering
cgls: add a better error message for missing cgroupfs [v2]
2015-11-30Merge pull request #2053 from poettering/selinux-fixDavid Herrmann
Two unrelated fixes
2015-11-30cgls: add a better error message for missing cgroupfsMantas Mikulėnas
2015-11-30Merge pull request #2063 from keszybz/issue-1977-2Lennart Poettering
journal: clean up permission setting and acl adjustements on user journals
2015-11-29tmpfiles: set acls on system.journal explicitlyZbigniew Jędrzejewski-Szmek
https://github.com/systemd/systemd/issues/1397
2015-11-29tmpfiles: also set acls on /var/log/journalZbigniew Jędrzejewski-Szmek
This way, directories created later for containers or for journald-remote, will be readable by adm & wheel groups by default, similarly to /var/log/journal/%m itself. https://github.com/systemd/systemd/issues/1971
2015-11-29Merge pull request #2058 from phomes/unused-variable2Ronny Chevalier
tree-wide: remove unused variables
2015-11-29tree-wide: remove unused variablesThomas Hindoe Paaboel Andersen
2015-11-28acl-util: only set the mask if not presentZbigniew Jędrzejewski-Szmek
When we have non-owner user or group entries, we need the mask for the acl to be valid. But acl_calc_mask() calculates the mask to include all permissions, even those that were masked before. Apparently this happens when we inherit *:r-x permissions from a parent directory — the kernel sets *:r-x, mask:r--, effectively masking the executable bit. acl_calc_mask() would set the mask:r-x, effectively enabling the bit. To avoid this, be more conservative when to add the mask entry: first iterate over all entries, and do nothing if a mask. This returns the code closer to J.A.Steffens' original version in v204-90-g23ad4dd884. Should fix https://github.com/systemd/systemd/issues/1977.
2015-11-28test-acl-util: add new testZbigniew Jędrzejewski-Szmek
For now, only add_acls_for_user is tested. When run under root, it actually sets the acls. When run under non-root, it sets the acls for the user, which does nothing, but at least calls the functions.
2015-11-27journal: move the gist of server_fix_perms to acl-util.[hc]Zbigniew Jędrzejewski-Szmek
Most of the function is moved to acl-util.c to make it possible to add tests in subsequent commit. Setting of the mode in server_fix_perms is removed: - we either just created the file ourselves, and the permission be better right, - or the file was already there, and we should not modify the permissions. server_fix_perms is renamed to server_fix_acls to better reflect new meaning, and made static because it is only used in one file.
2015-11-27libsystemd: make sure we prefix even the dirty secrets in our API with "_sd_"Lennart Poettering
This renames __useless_struct_to_allow_trailing_semicolon__ everywhere to _sd_useless_struct_to_allow_trailing_semicolon_, to follow our usual rule of prefixing stuff from public headers that should be considered internal with "_sd_". While we are at it, also to be safe: when the struct is used in the C++ protector macros make sure to use two different names depending on whether it appears in the C++ or C side of things. After all, there might be compilers that don't consider C++ and C structs the same. See https://github.com/systemd/systemd/pull/2052#discussion_r46067059
2015-11-27selinux: split up mac_selinux_have() from mac_selinux_use()Lennart Poettering
Let's distuingish the cases where our code takes an active role in selinux management, or just passively reports whatever selinux properties are set. mac_selinux_have() now checks whether selinux is around for the passive stuff, and mac_selinux_use() for the active stuff. The latter checks the former, plus also checks UID == 0, under the assumption that only when we run priviliged selinux management really makes sense. Fixes: #1941
2015-11-27Merge pull request #2052 from poettering/export-cleanupDavid Herrmann
Make gcc cleanup helper calls public in most of our sd-xyz APIs
2015-11-27Merge pull request #2043 from teg/resolved-edns0-5Lennart Poettering
resolved: add edns0 support
2015-11-27resolved: add one more comment with a link to the matching RFCLennart Poettering
2015-11-27util-lib: move nss-util.h from shared/ to basic/Lennart Poettering
The header file defines some helpers for GLIBC NSS and doesn't include anything else but glibc headers, hence there's little reason to keep it in shared/. See: #2008
2015-11-27tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easyLennart Poettering
GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.
2015-11-27Merge pull request #2049 from evverx/journal-test-dont-run-on-incomplete-setupDaniel Mack
tests: don't run test on incomplete setup; use sync
2015-11-27tests: use sync instead of flushEvgeny Vereshchagin
flush doesn't sync a journal -> tests sometimes fail
2015-11-27Merge pull request #2048 from poettering/fork-errnoDaniel Mack
core:execute: fix fork() fail handling in exec_spawn()