summaryrefslogtreecommitdiff
path: root/src/nss-resolve
AgeCommit message (Collapse)Author
2016-10-24nss-resolve: be a bit more careful with returning NSS_STATUS_NOTFOUNDLennart Poettering
Let's tighten the cases when our module returns NSS_STATUS_NOTFOUND. Let's do so only if we actually managed to talk to resolved. In all other cases stick to NSS_STATUS_UNAVAIL as before, as it clearly indicates that our module or the system is borked, and the "dns" fallback should really take place. In particular this fixes the 2nd-level fallback from our own dlopen() based fallback handling. In this case we really should return UNAVAIL so that the caller can apply its own fallback still. Fix-up for d7247512a904f1dd74125859d8da66166c2a6933. Note that our own dlopen() based fallback is pretty much redundant now if nsswitch.conf is configured like this: hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname In a future release we should probably drop our internal fallback then, in favour of this nsswitch.conf-based one.
2016-10-01nss-resolve: return NOTFOUND instead of UNAVAIL on resolution errorsMartin Pitt
It needs to be possible to tell apart "the nss-resolve module does not exist" (which can happen when running foreign-architecture programs) from "the queried DNS name failed DNSSEC validation" or other errors. So return NOTFOUND for these cases too, and only keep UNAVAIL for the cases where we cannot handle the given address family. This makes it possible to configure a fallback to "dns" without breaking DNSSEC, with "resolve [!UNAVAIL=return] dns". Add this to the manpage. This does not change behaviour if resolved is not running, as that already falls back to the "dns" glibc module. Fixes #4157
2016-10-01nss-resolve: simplify error handlingMartin Pitt
Handle general errors from the resolved call in _nss_resolve_gethostbyaddr2_r() the same say as in the other variants: Just "goto fail" as that does exactly the same.
2016-04-02Move nss typedefs into nss-util.hZbigniew Jędrzejewski-Szmek
In preparation for subsequent changes.
2016-02-22tree-wide: make ++/-- usage consistent WRT spacingVito Caputo
Throughout the tree there's spurious use of spaces separating ++ and -- operators from their respective operands. Make ++ and -- operator consistent with the majority of existing uses; discard the spaces.
2016-02-10tree-wide: remove Emacs lines from all filesDaniel Mack
This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.
2016-01-27nss-resolve: also fall back to nss-dns if dbus doesn't workLennart Poettering
Fixes #1692
2016-01-27nss: block various signals while running NSS lookupsLennart Poettering
Let's make sure our poll() calls don't get interrupted where they shouldn't (SIGALRM, ...), but allow them to be interrupted where they should (SIGINT, ...). Fixes #1965
2016-01-26nss-resolve: fix gethostbyaddr h_aliasesSamu Kallio
Fix the comparison to include the first alias, which will otherwise be left as a bogus pointer.
2015-11-27nss-resolve: link lessZbigniew Jędrzejewski-Szmek
This reduces libraries reported by ldd by liblzma, liblz4, libgcrypt, libgpg-error, libacl, libidn, libseccomp.
2015-11-27tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easyLennart Poettering
GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.
2015-10-24util-lib: split our string related calls from util.[ch] into its own file ↵Lennart Poettering
string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files.
2015-08-21resolved: rework synthesizing logicLennart Poettering
With this change we'll now also generate synthesized RRs for the local LLMNR hostname (first label of system hostname), the local mDNS hostname (first label of system hostname suffixed with .local), the "gateway" hostname and all the reverse PTRs. This hence takes over part of what nss-myhostname already implemented. Local hostnames resolve to the set of local IP addresses. Since the addresses are possibly on different interfaces it is necessary to change the internal DnsAnswer object to track per-RR interface indexes, and to change the bus API to always return the interface per-address rather than per-reply. This change also patches the existing clients for resolved accordingly (nss-resolve + systemd-resolve-host). This also changes the routing logic for queries slightly: we now ensure that the local hostname is never resolved via LLMNR, thus making it trustable on the local system.
2015-07-03sd-bus: introduce new sd_bus_flush_close_unref() callLennart Poettering
sd_bus_flush_close_unref() is a call that simply combines sd_bus_flush() (which writes all unwritten messages out) + sd_bus_close() (which terminates the connection, releasing all unread messages) + sd_bus_unref() (which frees the connection). The combination of this call is used pretty frequently in systemd tools right before exiting, and should also be relevant for most external clients, and is hence useful to cover in a call of its own. Previously the combination of the three calls was already done in the _cleanup_bus_close_unref_ macro, but this was only available internally. Also see #327
2015-06-08tree-wide: remove spurious spaceThomas Hindoe Paaboel Andersen
2015-02-23remove unused includesThomas Hindoe Paaboel Andersen
This patch removes includes that are not used. The removals were found with include-what-you-use which checks if any of the symbols from a header is in use.
2014-12-10sd-bus: move common errors src/shared/bus-errors.h → ↵Lennart Poettering
src/libsystemd/sd-bus/bus-common-errors.h Stuff in src/shared/ should not use stuff from src/libsystemd/ really.
2014-09-19nss: remove dead codeThomas Hindoe Paaboel Andersen
c > 0 is already guaranteed from earlier checks. We go from ms = ALIGN(l+1) + sizeof(char*) + (c > 0 ? c : 1) * ALIGN(alen) + (c > 0 ? c+1 : 2) * sizeof(char*); to ms = ALIGN(l+1) + sizeof(char*) + c * ALIGN(alen) + (c+1) * sizeof(char*); to ms = ALIGN(l+1) + c * ALIGN(alen) + (c+2) * sizeof(char*); Found by coverity. Fixes: CID#1237570 and CID#1237610
2014-09-17nss-resolve: remove dead codeThomas Hindoe Paaboel Andersen
ifindex < 0 was already checked before entering the loop Found by coverity. Fixes: CID#1237609
2014-08-14resolved: allow passing on which protocol, family and interface to look ↵Lennart Poettering
something up Also, return on which protocol/family/interface we found something.
2014-08-04bus: always explicitly close bus from main programsLennart Poettering
Since b5eca3a2059f9399d1dc52cbcf9698674c4b1cf0 we don't attempt to GC busses anymore when unsent messages remain that keep their reference, when they otherwise are not referenced anymore. This means that if we explicitly want connections to go away, we need to close them. With this change we will no do so explicitly wherver we connect to the bus from a main program (and thus know when the bus connection should go away), or when we create a private bus connection, that really should go away after our use. This fixes connection leaks in the NSS and PAM modules.
2014-08-01nss: always explicitly reset all error variablesLennart Poettering
glibc appears to be broken if we don't explicitly reset all error variables, let's work around that. https://bugzilla.redhat.com/show_bug.cgi?id=1125975
2014-08-01nss-resolve: fallback to the class NSS "dns" module if we cannot contact ↵Lennart Poettering
resolved That way DNS resolution works both with and without resolved running.
2014-07-18resolved: fix bus signatures to follow family as int changeLennart Poettering
2014-07-18change type for address family to "int"Lennart Poettering
Let's settle on a single type for all address family values, even if UNIX is very inconsitent on the precise type otherwise. Given that socket() is the primary entrypoint for the sockets API, and that uses "int", and "int" is relatively simple and generic, we settle on "int" for this.
2014-07-18shared: rename PROTO_ADDRESS_SIZE() to FAMILY_ADDRESS_SIZE()Lennart Poettering
We mostly use "family" to refer to AF_INET, AF_INET6, etc, let's use this terminology here, too
2014-07-16resolved: properly pass canonical name information to resolving clientLennart Poettering
Also, hook up nss-resolve to make use of this information
2014-07-16resolved: add small NSS module that uses resolved to resolve DNS namesLennart Poettering