summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2016-01-20Merge pull request #2337 from dhxgit/patch-1Tom Gundersen
Fix IPv6PrivacyExtension (networkd-ndisc.c)
2016-01-20Merge pull request #2054 from keszybz/nss-link-less-2Lennart Poettering
Nss link less 2
2016-01-20Merge pull request #2267 from gdamjan/dont-drop-criticalTom Gundersen
networkd: link - do not drop config for critical interfaces
2016-01-20Merge pull request #1607 from keszybz/lz4-remove-v1Lennart Poettering
Remove the old version of the lz4 stream compressor
2016-01-20Merge pull request #2085 from fbuihuu/more-use-of-check-load-stateLennart Poettering
core: use bus_unit_check_load_state() in transaction_add_job_and_depe…
2016-01-20journal-gatewayd: fix offsetZbigniew Jędrzejewski-Szmek
I was checking something when writing the patch and committed this by mistake.
2016-01-20Merge pull request #2385 from zonque/bootctlLennart Poettering
bootctl: use DRAW_TREE_RIGHT rather than hard-coded UTF-8 character
2016-01-20Merge pull request #2381 from jsynacek/journalctl-colors-v4Lennart Poettering
basic/terminal-util: introduce SYSTEMD_COLORS environment variable
2016-01-20bootctl: use DRAW_TREE_RIGHT rather than hard-coded UTF-8 characterDaniel Mack
Fixes #2384
2016-01-20basic/terminal-util: introduce SYSTEMD_COLORS environment variableJan Synacek
... to determine if color output should be enabled. If the variable is not set, fall back to using on_tty(). Also, rewrite existing code to use colors_enabled() where appropriate.
2016-01-19resolved: rework DNSSECSupported propertyLennart Poettering
Not only report whether the server actually supports DNSSEC, but also first check whether DNSSEC is actually enabled for it in our local configuration. Also, export a per-link DNSSECSupported property in addition to the existing manager-wide property.
2016-01-19resolved: add SetLinkXYZ() method counterparts on the Link objectLennart Poettering
So far, we exposed SetLinkXYZ() on the Manager interface, to set a couple of link properties. This adds similar calls SetXYZ() on the Link interface, and makes sure the former is little more than a shortcut to the latter. SetLinkXYZ() has the benefit of not requiring a GetLink() round trip for setting these properties, while the method actually belongs to the Link objects, and this change corrects that.
2016-01-19sd-resolve: use UINT64_C() macros where appropriateLennart Poettering
2016-01-19networkd: sd_bus_path_decode() returns 0, if the prefix doesn't matchLennart Poettering
2016-01-19networkd: optimize link_node_enumerator() a bitLennart Poettering
strv_consume() is pretty expensive when invoked piecemeal, hence optimize it a bit by pre-allocating a properly sized array.
2016-01-19resolved: expose bus objects for each LinkLennart Poettering
The link objects expose as properties the current settings made with SetLinkDNS() and related calls, plus some more information.
2016-01-19resolved: rename a few props to closer match ther counterparts in the ↵Lennart Poettering
various configuration files
2016-01-19resolved: add bus API for configuring per-link DNS settingsLennart Poettering
This is useful for alternative network management solutions (such as NetworkManager) to push DNS configuration data into resolved. The calls will fail should networkd already have taken possesion of a link, so that the bus API is only available if we don't get the data from networkd.
2016-01-19resolved: add a couple of errors to the error mapping tablesLennart Poettering
These were previously forgotten, add them now.
2016-01-19resolved: allocate DNS scope for links only if the interface is upLennart Poettering
For mDNS and LLMNR we already created the scopes only if the specific interfaces where actually up and suitable for Multicasting. Add a similar (but weaker) logic for unicast DNS as well.
2016-01-19resolve-host: support --interface= as long form for -iLennart Poettering
2016-01-19resolve-host: show whether DNSSEC is supported or not in --statistics outputLennart Poettering
This should be generally useful information, hence show it.
2016-01-19resolve-host: also show mDNS as source of resolvingLennart Poettering
2016-01-19Merge pull request #2369 from zonque/resolvedLennart Poettering
resolved: hide public mDNS configuration knobs for now
2016-01-19Merge pull request #2357 from keszybz/warnings-2Lennart Poettering
Remove gcc warnings v2
2016-01-19resolved: remove configuration knobs for mDNS until it's readyDaniel Mack
These bits were intenionally left out while mDNS is under development. Remove the exposed knobs and man page entries again until this is settled.
2016-01-19resolved: fix mDNS IPv6 multicast addressDaniel Mack
Fixes #2366
2016-01-19resolved: don't forget about lost OPT and RRSIG when downgrading a feature levelLennart Poettering
Certain Belkin routers appear to implement a broken DNS cache for A RRs and some others, but implement a pass-thru for AAAA RRs. This has the effect that we quickly recognize the broken logic of the router when we do an A lookup, but for AAAA everything works fine until we actually try to validate the request. Given that the validation will necessarily fail ultimately let's make sure we remember even when downgrading a feature level that OPT or RRSIG was missing.
2016-01-18update DNSSEC TODOLennart Poettering
2016-01-18resolved: don't try to print error strings, where errno isn't setLennart Poettering
2016-01-18resolved: when restarting a transaction pick a new IDLennart Poettering
When we restart a transaction because of an incompatible server, pick a new transaction ID. This should increase compatibility with DNS servers that don't like if they get different requests with the same transaction ID.
2016-01-18resolved: enforce maximum limit on DNS transactionsLennart Poettering
given that DNSSEC lookups may result in quite a number of auxiliary transactions, let's better be safe than sorry and also enforce a limit on the number of total transactions, not just on the number of queries.
2016-01-18resolved: add DNAME test case to the complex DNSSEC testLennart Poettering
2016-01-18resolved: fix how we detect whether auxiliary DNSSEC transactions are readyLennart Poettering
Previously, when getting notified about a completed auxiliary DNSSEC transaction we'd immediately act on it, and possibly abort the main transaction. This is problematic, as DNS transactions that already completed at the time we started using them will never get the notification event, and hence never be acted on in the same way. Hence, introduce a new call dns_transaction_dnssec_ready() that checks the state of auxiliary DNSSEC transactions, and returns 1 when we are ready for the actual DNSSEC validation step. Then, make sure this is invoked when the auxiliary transactions are first acquired (and thus possibly reused) as well when the notifications explained above take place. This fixes problems particularly when doing combined A and AAAA lookups where the auxiliary DNSSEC transactions get reused between them, and where we got confused if we reused an auxiliary DNSSEC transaction from one when it already got completed from the other.
2016-01-18resolved: end log messages in a full stopLennart Poettering
2016-01-18resolved: never consider following a CNAME/DNAME chain for a CNAME/DNAME lookupLennart Poettering
Let's avoid thinking that a CNAME/DNAME chain traversal could be a good idea if QTYPE is already CNAME/DNAME. (Also, let's bail out early when trying to see if some RR is a suitable CNAME/DNAME for some other RR).
2016-01-18resolved: when following a CNAME, turn off search domainsLennart Poettering
If the first step was done via a search domain, make sure the subsequent steps are not.
2016-01-18resolved: properly reset old collected data when following a CNAME redirectLennart Poettering
2016-01-18resolved: beef up complex dnssec test to also use ResolveAddress() and do ↵Lennart Poettering
IDNA checks
2016-01-18resolved: rework IDNA logicLennart Poettering
Move IDNA logic out of the normal domain name processing, and into the bus frontend calls. Previously whenever comparing two domain names we'd implicitly do IDNA conversion so that "pöttering.de" and "xn--pttering-n4a.de" would be considered equal. This is problematic not only for DNSSEC, but actually also against he IDNA specs. Moreover it creates problems when encoding DNS-SD services in classic DNS. There, the specification suggests using UTF8 encoding for the actual service name, but apply IDNA encoding to the domain suffix. With this change IDNA conversion is done only: - When the user passes a non-ASCII hostname when resolving a host name using ResolveHostname() - When the user passes a non-ASCII domain suffix when resolving a service using ResolveService() No IDNA encoding is done anymore: - When the user does raw ResolveRecord() RR resolving - On the service part of a DNS-SD service name Previously, IDNA encoding was done when serializing names into packets, at a point where information whether something is a label that needs IDNA encoding or not was not available, but at a point whether it was known whether to generate a classic DNS packet (where IDNA applies), or an mDNS/LLMNR packet (where IDNA does not apply, and UTF8 is used instead for all host names). With this change each DnsQuery object will now maintain two copies of the DnsQuestion to ask: one encoded in IDNA for use with classic DNS, and one encoded in UTF8 for use with LLMNR and MulticastDNS.
2016-01-18resolved: minor optimization for dns_question_is_equal()Lennart Poettering
If the poinetrs are equal, we don't have to do a deep comparison. This is similar to a similar optimization we already have in place for RRs and keys.
2016-01-18resolved: be slightly stricter when validating DnsQuestionLennart Poettering
Also verify whether the DNS RR types are actually suitable for a question.
2016-01-18resolved: make key argument of dns_question_contains() constLennart Poettering
2016-01-18resolved add dns_name_apply_idna() to convert a domain name into its IDNA ↵Lennart Poettering
equivalent
2016-01-18Merge pull request #2326 from poettering/dnssec15Tom Gundersen
Fifteenth batch of DNSSEC patches
2016-01-18journal-remote: update to 64bit µhttp api, provide fallbackZbigniew Jędrzejewski-Szmek
64 bit offset is now accepted, which is nice. The old function is deprecated, and generates a compile time warning when used. We only use an offset of 0, so we really don't care. Adapt to use the new function, but fall back to the old one on older versions.
2016-01-18journal-remote: fix warning about deprecated µhttpd macroZbigniew Jędrzejewski-Szmek
src/journal-remote/journal-remote.c:590:13: warning: Value MHD_HTTP_METHOD_NOT_ACCEPTABLE is deprecated, use MHD_HTTP_NOT_ACCEPTABLE return mhd_respond(connection, MHD_HTTP_METHOD_NOT_ACCEPTABLE, ^ The new define was added in 0.9.38. Instead of requiring the new libmicrohttpd version, provide the fallback, it is trivial.
2016-01-18resolve: fix return value from dns_packet_append_rr()Zbigniew Jędrzejewski-Szmek
2016-01-18udevd: initialize fds to -1 and close them before exitingZbigniew Jędrzejewski-Szmek
Little change in practice, because the program will exit soon afterwards, but the standard style of closing all fds is now followed. Also gets rid of gcc warning about fd_ctrl and fd_uevent being unitialized.
2016-01-18journald: do not free uninitialized pointer in error pathZbigniew Jędrzejewski-Szmek