summaryrefslogtreecommitdiff
path: root/src/resolve
AgeCommit message (Collapse)Author
2015-08-14resolved: never allow routing of "localhost" queries to DNS or LLMNRLennart Poettering
We should never allow leaking of "localhost" queries onto the network, even if there's an explicit domain rotue set for this.
2015-08-14resolved: locally synthesize replies for "localhost"Lennart Poettering
Let's make sure that clients querying resolved via the bus for A, AAAA or PTR records for "localhost" get a synthesized, local reply, so that we do not hit the network. This makes part of nss-myhostname redundant, if used in conjunction. However, given that nss-resolve shall be optional we need to keep this code in both places for now.
2015-08-03sd-event: make sure sd_event_now() cannot failLennart Poettering
Previously, if the event loop never ran before sd_event_now() would fail. With this change it will instead fall back to invoking now(). This way, the function cannot fail anymore, except for programming error when invoking it with wrong parameters. This takes into account the fact that many callers did not handle the error condition correctly, and if the callers did, then they kept simply invoking now() as fall back on their own. Hence let's shorten the code using this call, and make things more robust, and let's just fall back to now() internally. Whether now() is used or the cache timestamp may still be detected via the return value of sd_event_now(). If > 0 is returned, then the fall back to now() was used, if == 0 is returned, then the cached value was returned. This patch also simplifies many of the invocations of sd_event_now(): the manual fall back to now() can be removed. Also, in cases where the call is invoked withing void functions we can now protect the invocation via assert_se(), acknowledging the fact that the call cannot fail anymore except for programming errors with the parameters. This change is inspired by #841.
2015-08-03resolved: transaction - increase number of retry attemptsTom Gundersen
With the exponential backoff, we can perform more requests in the same amount of time, so bump this a bit. In case of large RTT this may be necessary in order not to regress, and in case of large packet-loss it will make us more robust. The latter is particularly relevant once we start probing for features (and hence may see packet-loss until we settle on the right feature level).
2015-08-03resolved: transaction - exponentially increase retry timeoutsTom Gundersen
Rather than fixing this to 5s for unicast DNS and 1s for LLMNR, start at a tenth of those values and increase exponentially until the old values are reached. For LLMNR the recommended timeout for IEEE802 networks (which basically means all of the ones we care about) is 100ms, so that should be uncontroversial. For unicast DNS I have found no recommended value. However, it seems vastly more likely that hitting a 500ms timeout is casued by a packet loss, rather than the RTT genuinely being greater than 500ms, so taking this as a startnig value seems reasonable to me. In the common case this greatly reduces the latency due to normal packet loss. Moreover, once we get support for probing for features, this means that we can send more packets before degrading the feature level whilst still allowing us to settle on the correct feature level in a reasonable timeframe. The timeouts are tracked per server (or per scope for the multicast protocols), and once a server (or scope) receives a successfull package the timeout is reset. We also track the largest RTT for the given server/scope, and always start our timouts at twice the largest observed RTT.
2015-08-03resolved: cache - use clock_boottime_or_monotonic()Tom Gundersen
We cannot rely on CLOCK_BOOTTIME being supported by the kernel, so fallack to CLOCK_MONOTONIC if the former is not supported.
2015-07-29Merge pull request #768 from poettering/resolved-localhostDaniel Mack
resolved: never attempt to resolve loopback addresses via DNS/LLMNR/mDNS
2015-07-29resolved: never attempt to resolve loopback addresses via DNS/LLMNR/mDNSLennart Poettering
We already refuse to resolve "localhost", hence we should also refuse resolving "127.0.0.1" and friends.
2015-07-29treewide: fix typosTorstein Husebø
2015-07-28resolved: packet - refuse empty type bitmapsTom Gundersen
The NSEC type itself must at least be in the bitmap, so NSEC records with empty bitmaps must be bogus.
2015-07-28resolved: packet - fix read_type_window()Tom Gundersen
We were tracking the bit offset inside each byte, rather than inside the whole bitmap.
2015-07-28resolve: packet - fix append_types()Tom Gundersen
We were counting the number of bits set rather than the number of bytes they occupied.
2015-07-28resolved: compare dns question arrays properlyLennart Poettering
Let's optimize things a bit and properly compare DNS question arrays, instead of checking if they are mutual supersets. This also makes ANY query handling more accurate.
2015-07-27resolved: transaction - don't explicitly verify packet sourceTom Gundersen
This is handled by the kernel now that the socket is connect()ed.
2015-07-27resolved: transaction - don't unref server when creating TCP socketTom Gundersen
This was a bug.
2015-07-27resolved: scope - write() unicast DNS packetsTom Gundersen
As we have connect()ed to the desired DNS server, we no longer need to pass control messages manually when sending packets. Simplify the logic accordingly.
2015-07-27resolved: transaction - introduce dns_transaction_emit()Tom Gundersen
This function emits the UDP packet via the scope, but first it will determine the current server (and connect to it) and store the server in the transaction. This should not change the behavior, but simplifies the code.
2015-07-27resolved: transaction - move a couple of functionsTom Gundersen
No functional change, but makes follow-up patch clearer.
2015-07-27resolved: transaction - move DNS UDP socket creation to the scopeTom Gundersen
With access to the server when creating the socket, we can connect() to the server and hence simplify message sending and receiving in follow-up patches.
2015-07-27resolved: transaction - close socket when changing serverTom Gundersen
Close the socket when changing the server in a transaction, in order for it to be reopened with the right server when we send the next packet. This fixes a regression where we could get stuck with a failing server.
2015-07-27resolved: transaction - don't request PKTINFO for unicast DNSTom Gundersen
This was only ever used by LLMNR, so don't request this for unicast DNS packets.
2015-07-27resloved: transaction - unify IPv4 and IPv6 socketsTom Gundersen
A transaction can only have one socket at a time, so no need to distinguish these.
2015-07-24resolved: fix DNS_TYPE_ANY vs DNS_CLASS_ANY confusionDaniel Mack
Assigning a TPYE enum value to a class variable is certainly wrong. However, they both have the same value, so the result was correct nevertheless.
2015-07-23resolve: transaction - stop processing packet when found to be invalidTom Gundersen
We were stopping the transaction, but we need to stop processing the packet alltogether.
2015-07-23resolved: packet - fix segfault in truncate()Tom Gundersen
A size_t was being accessed as a char* due to the order of arguments being inverted.
2015-07-23resolved: rr - ignore pseudo types in NSEC(3) bitmapsTom Gundersen
2015-07-23resolved: rr - fix parsing of NSEC3Tom Gundersen
We were appending rather than reading the bitmap.
2015-07-23resolved: rr - don't read past end of RR when parsing NSEC(3)Tom Gundersen
We can never read past the end of the packet, so this seems impossible to exploit, but let's error out early as reading past the end of the current RR is clearly an error. Found by Lennart, based on patch by Daniel.
2015-07-23resolved: rr - SSHFP contains the fingerprint, not the keyTom Gundersen
Rename the field to make this clearer.
2015-07-23resolved: packet - fail on invalid zero-length dataTom Gundersen
Most blobs (keys, signatures, ...) should have a specific size given by the relevant algorithm. However, as we don't use/verify the algorithms yet, let's just ensure that we don't read out zero-length data in cases where this does not make sense. The only exceptions, where zero-length data is allowed are in the NSEC3 salt field, and the generic data (which we don't know anything about, so better not make any assumptions).
2015-07-23Merge pull request #669 from poettering/dns-rr-memdupTom Gundersen
resolve: unify memdup() code when parsing RRs
2015-07-23Merge pull request #673 from poettering/dns-packet-append-type-windowDaniel Mack
resolved: make sure we alway initialize *start in dns_packet_append_t…
2015-07-23resolved: make sure we alway initialize *start in ↵Lennart Poettering
dns_packet_append_type_window()
2015-07-23resolve: unify memdup() code when parsing RRsLennart Poettering
Let's make dns_packet_read_public_key() more generic by renaming it to dns_packet_read_memdup() (which more accurately describes what it does...). Then, patch all cases where we memdup() RR data to use this new call. This specifically checks for zero-length objects, and handles them gracefully. It will set zero length payload fields as a result. Special care should be taken to ensure that any code using this call can handle the returned allocated field to be NULL if the size is specified as 0!
2015-07-23Merge pull request #667 from poettering/dns-rr-memleakTom Gundersen
resolve: fix two minor memory leaks
2015-07-23resolve: fix two minor memory leaksLennart Poettering
strv_extend() already strdup()s internally, no need to to this twice. (Also, was missing OOM check...). Use strv_consume() when we already have a string allocated whose ownership we want to pass to the strv. This fixes 50f1e641a93cacfc693b0c3d300bee5df0c8c460.
2015-07-23resolve: drop dns_scope_good_dns_server()Lennart Poettering
It's not used anymore since 29815b6c608b836cada5e349d06a96b63eaa65f3, hence let's remove it from the sources.
2015-07-16bitmap: use external iteratorTom Gundersen
Reuse the Iterator object from hashmap.h and expose a similar API. This allows us to do { Iterator i; unsigned n; BITMAP_FOREACH(n, b, i) { Iterator j; unsigned m; BITMAP_FOREACH(m, b, j) { ... } } } without getting confused. Requested by David.
2015-07-14resolved: rr - add NSEC3 supportTom Gundersen
Needed for DNSSEC.
2015-07-14resolved: rr - add NSEC supportTom Gundersen
Needed for DNSSEC.
2015-07-14Merge pull request #586 from teg/resolved-rrs-3Daniel Mack
resolved: minor improvements to RR handling
2015-07-14resolved: improve printing of unknown RRsTom Gundersen
This implements the recommendations from RFC3597.
2015-07-14resolved: rr - add DS supportTom Gundersen
Needed for DNSSEC.
2015-07-14resolved: rr - print formated timestamps in RRSIGTom Gundersen
2015-07-14resolved: use one UDP socket per transactionTom Gundersen
We used to have one global socket, use one per transaction instead. This has the side-effect of giving us a random UDP port per transaction, and hence increasing the entropy and making cache poisoining significantly harder to achieve. We still reuse the same port number for packets belonging to the same transaction (resent packets).
2015-07-14resolved: implement RFC5452Tom Gundersen
This improves the resilience against cache poisoning by being stricter about only accepting responses that match precisely the requst they are in reply to. It should be noted that we still only use one port (which is picked at random), rather than one port for each transaction. Port randomization would improve things further, but is not required by the RFC.
2015-07-14resolved: pin the server used in a transactionTom Gundersen
We want to discover information about the server and use that in when crafting packets to be resent.
2015-07-14resolved: reference count the dns serversTom Gundersen
We want to reference the servers from their active transactions, so make sure they stay around as long as the transaction does.
2015-07-14resolved: packet - ensure there is space for IP+UDP headersTom Gundersen
Currently we only make sure our links can handle the size of the payload witohut taking the headers into account.
2015-07-14resolved: rr - print DNSKEY and RRSIG in base64Tom Gundersen
As mandated by RFC4034.