From 532538244028ca90e9a7c59ec9627a3ff17a7da8 Mon Sep 17 00:00:00 2001
From: Susant Sahani <ssahani@users.noreply.github.com>
Date: Thu, 27 Oct 2016 05:01:04 +0530
Subject: networkd : verify dns ip address when parsing configuration (#4492)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Invalid IP addresses would be passed through as-is:
$ networkctl status wlp3s0:
● 2: wlp3s0
       Link File: /usr/lib/systemd/network/99-default.link
    Network File: /etc/systemd/network/wlp3s0.network
            Type: wlan
           State: routable (configured)
            Path: pci-0000:03:00.0
          Driver: iwlwifi
          Vendor: Intel Corporation
           Model: Centrino Advanced-N 6205 [Taylor Peak] (Centrino Advanced-N 6205 AGN)
      HW Address: XXXXXXXXXX (Intel Corporate)
         Address: 192.168.2.103
                  XXXXXXXXXXX
         Gateway: 192.168.2.1 (Arcadyan Technology Corporation)
             DNS: 127.0.0.5553

Instead verify that DNS= has a valid list of addresses when parsing configuration.

Fixes #4462.
---
 src/network/networkd-network.c | 50 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

(limited to 'src/network/networkd-network.c')

diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 584cb96979..042232fcac 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -979,6 +979,56 @@ int config_parse_dhcp_server_ntp(
         }
 }
 
+int config_parse_dns(
+                const char *unit,
+                const char *filename,
+                unsigned line,
+                const char *section,
+                unsigned section_line,
+                const char *lvalue,
+                int ltype,
+                const char *rvalue,
+                void *data,
+                void *userdata) {
+
+        Network *n = userdata;
+        int r;
+
+        assert(filename);
+        assert(lvalue);
+        assert(rvalue);
+
+        for (;;) {
+                _cleanup_free_ char *w = NULL;
+                union in_addr_union a;
+                int family;
+
+                r = extract_first_word(&rvalue, &w, WHITESPACE, EXTRACT_QUOTES|EXTRACT_RETAIN_ESCAPE);
+                if (r == 0)
+                        break;
+                if (r == -ENOMEM)
+                        return log_oom();
+                if (r < 0) {
+                        log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
+                        break;
+                }
+
+                r = in_addr_from_string_auto(w, &family, &a);
+                if (r < 0) {
+                        log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse dns server address, ignoring: %s", w);
+                        continue;
+                }
+
+                r = strv_consume(&n->dns, w);
+                if (r < 0)
+                        return log_oom();
+
+                w = NULL;
+        }
+
+        return 0;
+}
+
 int config_parse_dnssec_negative_trust_anchors(
                 const char *unit,
                 const char *filename,
-- 
cgit v1.2.3-54-g00ecf