summaryrefslogtreecommitdiffstats
path: root/src/resolve (follow)
Commit message (Collapse)AuthorAgeFilesLines
* cocci: simplify some if checksLennart Poettering2018-11-161-9/+3
|
* Merge pull request #10742 from poettering/c-utf8Zbigniew Jędrzejewski-Szmek2018-11-151-3/+2
|\ | | | | default to C.UTF-8 locale, and many improvements to env var file parsing/kernel cmdline parsing
| * fileio: automatically add NULL sentinel to parse_env_file()Lennart Poettering2018-11-141-2/+1
| | | | | | | | Let's modernize things a bit.
| * fileio: drop "newline" parameter for env file parsersLennart Poettering2018-11-141-1/+1
| | | | | | | | | | | | | | Now that we don't (mis-)use the env file parser to parse kernel command lines there's no need anymore to override the used newline character set. Let's hence drop the argument and just "\n\r" always. This nicely simplifies our code.
* | Move LONG_LINE_MAX definition to fileio.hZbigniew Jędrzejewski-Szmek2018-11-142-2/+0
| | | | | | | | | | | | | | | | | | | | | | All users of the macro (except for one, in serialize.c), use the macro in connection with read_line(), so they must include fileio.h. Let's not play libc games and require multiple header file to be included for the most common use of a function. The removal of def.h includes is not exact. I mostly went over the commits that switch over to use read_line() and add def.h at the same time and reverted the addition of def.h in those files.
* | basic/pager: convert the pager options to a flags argumentZbigniew Jędrzejewski-Szmek2018-11-141-5/+5
|/ | | | | Pretty much everything uses just the first argument, and this doesn't make this common pattern more complicated, but makes it simpler to pass multiple options.
* Merge pull request #10460 from yuwata/setsockopt_int-moreLennart Poettering2018-10-192-353/+214
|\ | | | | tree-wide: use setsockopt_int() more
| * resolved-mdns: use TAKE_FD()Yu Watanabe2018-10-181-118/+72
| |
| * resolved-llmnr: use TAKE_FD()Yu Watanabe2018-10-181-230/+142
| |
| * tree-wide: use setsockopt_int() moreYu Watanabe2018-10-182-27/+22
| |
* | Merge pull request #10450 from poettering/foreach-line-excorcismYu Watanabe2018-10-193-8/+32
|\ \ | |/ |/| FOREACH_LINE excorcism
| * resolved-resolv-conf: FOREACH_LINE excorcismLennart Poettering2018-10-181-2/+11
| |
| * resolved-etc-hosts: FOREACH_LINE excorcismLennart Poettering2018-10-181-3/+10
| |
| * resolved-dns-trust-anchor: FOREACH_LINE excorcismLennart Poettering2018-10-181-3/+11
| | | | | | | | Also, properly ignore these read errors, and say so.
* | tree-wide: introduce setsockopt_int() helper and make use of it everywhereLennart Poettering2018-10-184-88/+95
| | | | | | | | | | | | As suggested by @heftig: https://github.com/systemd/systemd/commit/6d5e65f6454212cd400d0ebda34978a9f20cc26a#commitcomment-30938667
* | Merge pull request #10407 from yuwata/netlink-slotLennart Poettering2018-10-181-4/+4
|\ \ | |/ |/| sd-netlink: introduce sd_netlink_slot object and relevant functions
| * sd-netlink: make sd_netlink_slot take its descriptionYu Watanabe2018-10-161-4/+4
| |
| * sd-netlink: introduce sd_netlink_slotYu Watanabe2018-10-151-4/+4
| |
* | resolve: set IP_RECVERRYu Watanabe2018-10-181-0/+7
| | | | | | | | Closes #10345.
* | Merge pull request #10412 from poettering/sockaddr-sun-pathYu Watanabe2018-10-164-52/+48
|\ \ | | | | | | various fixes related to struct sockaddr_un handling
| * | tree-wide: add a single version of "static const int one = 1"Lennart Poettering2018-10-154-52/+48
| |/ | | | | | | | | | | | | | | | | | | All over the place we define local variables for the various sockopts that take a bool-like "int" value. Sometimes they are const, sometimes static, sometimes both, sometimes neither. Let's clean this up, introduce a common const variable "const_int_one" (as well as one matching "const_int_zero") and use it everywhere, all acorss the codebase.
* / tree-wide: CMP()ify all the thingsLennart Poettering2018-10-161-6/+1
|/ | | | Let's employ coccinelle to fix everything up automatically for us.
* resolve: fix member access within null pointerYu Watanabe2018-10-111-2/+2
| | | | Fixes #10333.
* resolve: use structured initializersYu Watanabe2018-10-111-61/+72
|
* Merge pull request #10117 from keszybz/undynamicifyLennart Poettering2018-10-051-1/+1
|\ | | | | Set DynamicUser=no for networkd, resolved, timesyncd
| * Revert "resolve: enable DynamicUser= for systemd-resolved.service"Zbigniew Jędrzejewski-Szmek2018-09-201-1/+1
| | | | | | | | | | This reverts commit 0187368cadea183e18c6d575a9d6b7f491a402af. (systemd.conf.m4 part was already reverted in 5b5d82615011b9827466b7cd5756da35627a1608.)
* | tree-wide: use typesafe_qsort()Yu Watanabe2018-09-194-47/+30
|/
* test: remove support for suffix in get_testdata_dir()Filipe Brandenburger2018-09-121-1/+4
| | | | Instead, use path_join() in callers wherever needed.
* resolve: update comment, avoid alarming wrongnessAlan Jenkins2018-08-291-1/+1
| | | | | | | | | | | | | | | | | | | `systemd-resolved.service` runs as `User=systemd-resolved`, and uses certain Capabilit{y,ies} magic. By my understanding, this means it is started with a number of "privileges". Indeed, `capabilities(7)` explains > Linux divides the privileges traditionally > associated with superuser into distinct units, known as capabilities, > which can be independently enabled and disabled." This situation appears to contradict our current code comment which said > If we are not running as root we assume all privileges are already dropped. This appears to be a confusion in the comment only. The rest of the code tells a much clearer story. (Don't ask me if the story is correct. `capabilities(7)` scares me). Let's tweak the comment to make it consistent and avoid worrying readers about this.
* tree-wide: use DEFINE_TRIVIAL_REF_UNREF_FUNC() macro or friends where applicableYu Watanabe2018-08-276-120/+29
|
* tree-wide: use unsigned for refcountYu Watanabe2018-08-272-2/+2
|
* Merge pull request #9783 from poettering/get-user-creds-flagsZbigniew Jędrzejewski-Szmek2018-08-212-2/+3
|\ | | | | beef up get_user_creds() a bit and other improvements
| * user-util: rework get_user_creds()Lennart Poettering2018-08-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Let's fold get_user_creds_clean() into get_user_creds(), and introduce a flags argument for it to select "clean" behaviour. This flags parameter also learns to other new flags: - USER_CREDS_SYNTHESIZE_FALLBACK: in this mode the user records for root/nobody are only synthesized as fallback. Normally, the synthesized records take precedence over what is in the user database. With this flag set this is reversed, and the user database takes precedence, and the synthesized records are only used if they are missing there. This flag should be set in cases where doing NSS is deemed safe, and where there's interest in knowing the correct shell, for example if the admin changed root's shell to zsh or suchlike. - USER_CREDS_ALLOW_MISSING: if set, and a UID/GID is specified by numeric value, and there's no user/group record for it accept it anyway. This allows us to fix #9767 This then also ports all users to set the most appropriate flags. Fixes: #9767 [zj: remove one isempty() call]
| * test-resolved: fix whitespace issueLennart Poettering2018-08-061-1/+1
| |
| * test-resolved: add one more assert_se() checkLennart Poettering2018-08-061-0/+1
| |
* | tree-wide: add clickable man page link to all --help textsLennart Poettering2018-08-202-14/+47
| | | | | | | | | | | | | | | | | | | | This is a bit like the info link in most of GNU's --help texts, but we don't do info but man pages, and we make them properly clickable on terminal supporting that, because awesome. I think it's generally advisable to link up our (brief) --help texts and our (more comprehensive) man pages a bit, so this should be an easy and straight-forward way to do it.
* | resolvectl: free the block of memory 'hashed' points to before reusing itEvgeny Vereshchagin2018-08-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a memory leak: ``` d5070e2f67ededca022f81f2941900606b16f3196b2268e856295f59._openpgpkey.gmail.com: resolve call failed: 'd5070e2f67ededca022f81f2941900606b16f3196b2268e856295f59._openpgpkey.gmail.com' not found ================================================================= ==224==ERROR: LeakSanitizer: detected memory leaks Direct leak of 65 byte(s) in 1 object(s) allocated from: #0 0x7f71b0878850 in malloc (/usr/lib64/libasan.so.4+0xde850) #1 0x7f71afaf69b0 in malloc_multiply ../src/basic/alloc-util.h:63 #2 0x7f71afaf6c95 in hexmem ../src/basic/hexdecoct.c:62 #3 0x7f71afbb574b in string_hashsum ../src/basic/gcrypt-util.c:45 #4 0x56201333e0b9 in string_hashsum_sha256 ../src/basic/gcrypt-util.h:30 #5 0x562013347b63 in resolve_openpgp ../src/resolve/resolvectl.c:908 #6 0x562013348b9f in verb_openpgp ../src/resolve/resolvectl.c:944 #7 0x7f71afbae0b0 in dispatch_verb ../src/basic/verbs.c:119 #8 0x56201335790b in native_main ../src/resolve/resolvectl.c:2947 #9 0x56201335880d in main ../src/resolve/resolvectl.c:3087 #10 0x7f71ad8fcf29 in __libc_start_main (/lib64/libc.so.6+0x20f29) SUMMARY: AddressSanitizer: 65 byte(s) leaked in 1 allocation(s). ```
* | resolved: do not keep dns_server to dns_stream ref if tls connection failed ↵Iwan Timmer2018-08-131-6/+6
| | | | | | | | | | | | | | | | | | | | (#9855) The references to the dns_server are now setup after the tls connection is setup. This ensures that the stream got fully stopped when the initial tls setup failed instead of having the unref being blocked by the reference to the stream by the server. Therefore on_stream_io would no longer be called with a half setup encrypted connection. Fixes the issue reported in #9838.
* | resolve: do not hit CNAME or DNAME entry in NODATA cache (#9836)Yu Watanabe2018-08-131-2/+2
| | | | | | Fixes #9833.
* | Merge pull request #9827 from yuwata/fix-9795-9820Lennart Poettering2018-08-082-2/+2
|\ \ | | | | | | journal: fixes issues reported by ASan
| * | resolve: use memcmp_safe() and memcpy_safe()Yu Watanabe2018-08-082-2/+2
| | | | | | | | | | | | | | | | | | As the length of salt in NSEC3 may be zero. Fixes #9757.
* | | resolve: do not compress target names in SRV recordsYu Watanabe2018-08-081-1/+3
|/ / | | | | | | Fixes #9793.
* | Merge pull request #9817 from yuwata/shorten-error-loggingLennart Poettering2018-08-071-100/+71
|\ \ | | | | | | tree-wide: Shorten error logging and several code cleanups
| * | tree-wide: shorten error logging a bitYu Watanabe2018-08-071-4/+2
| | | | | | | | | | | | Continuation of 4027f96aa08c73f109aa46b89842ca0e25c9c0e9.
| * | resolve: use _cleanup_ attributeYu Watanabe2018-08-071-96/+69
| |/
* | resolve: use CMP() in dns_resource_record_compare_funcFilipe Brandenburger2018-08-071-4/+3
| | | | | | | | | | This function doesn't really implement ordering, but CMP() is still fine to use there. Keep the comment in place, just update it slightly to indicate that.
* | tree-wide: Convert compare_func's to use CMP() macro wherever possible.Filipe Brandenburger2018-08-074-25/+17
|/ | | | | | | | Looked for definitions of functions using the *_compare_func() suffix. Tested: - Unit tests passed (ninja -C build/ test) - Installed this build and booted with it.
* Merge pull request #9792 from poettering/hashmap-mempoolZbigniew Jędrzejewski-Szmek2018-08-061-2/+2
|\ | | | | minor hashmap fixes
| * test-resolved: follow coding style, use fopen() with 'e'Lennart Poettering2018-08-031-2/+2
| |
* | resolve: sort headersYu Watanabe2018-08-064-10/+8
| |