| Age | Commit message (Collapse) | Author |
|---|
|
Luckily routesock would never be <= 2 so shutdown would always failing
with EINVAL and not shutting down random other sockets.
The kernel was just uselessly piling up route messages that we were
never reading.
This mistake first showed up in slaacd(8) and then was copied to the
other daemons.
Reported & fixed by Josiah Frentsos (jfrent at tilde.team), thanks!
OK kn
|
|
Instead of repairing potential garbage ensure that we receive proper C
strings. Inspired by a similar diff by deraadt@ for ldapd.
|
|
|
|
parse_config() handle the case of defaults. This prevents the resolver
process from spinning up resolver strategies before the config has
been parsed and tearing them down immediately after if they are not
listed in the config files preferences section.
OK kn
|
|
An unwind.conf like the following would still query forwarders,
both "." periodically and any explicit "example.com." queries:
preference { recursor autoconf stub }
forwarder { 2001:db8::1 }
force accept bogus forwarder { example.com. }
That's because the forwarder and resolver children processes start with
the default configuration and main later sends them the effective user
configuration; merging them, however, would ignore the list of enabled
resolvers, i.e. those listed in the `preference {}' block and thusly
cause children to always have all forwarders enabled (as is by default).
Copy the resolvers list during merge to fix this and restore expected
behaviour.
(Noticed during tests with "forwarder" temporarily removed from
`preference {}' while leaving the rest as is: my VPN interface serving
that forwarder showed DNS traffic while it was supposed to be silent.)
OK florian
|
|
Do not abuse "dhcp" to say "DHCP and SLAAC".
unwind.conf(5) does so but unwindctl(8) does not; in fact, the latter
already has `status autoconf' to
Show nameservers learned from dhclient(8), dhcpleased(8) or slaacd(8).
Adjust unwind's config manual and internal code accordingly; still accept
the old keyword but do not document it.
hostname.if(5) already advises for `inet[6] autoconf' instead of `dhcp' and
other related daemons don't abuse the word "dhcp" like unwind does.
Feedback sthen
OK florian
|
|
the configuration struct. This is also an implicit list of enabled
resolver strategies. We have also stored an explict lookup array of
enabled strategies outside of the configuration to be able to quickly
answer "is this strategy enabled" without traversing the preferences
list.
Move this table into the configuration so that we don't need to
"repair" it on config reload.
This fixes a bug where on startup the preferences list and enabled
lookup table were not in sync. It didn't matter in practice since we
do a config reload and then pass in DNSSEC trustanchors on startup.
Both actions combined repaired things.
OK benno
|
|
Pointed out by deraadt
|
|
ugly and the underlying problem (dhclient and unwind playing well
together) should be solved differently.
Final straw was jca reporting that it breaks his setup.
|
|
This is a step towards starting unwind earlier, before the network is
up and partitions are mounted.
OK kn
|
|
While here also set SOCK_NONBLOCK on the frontend routesock.
|
|
to configure libunbound accordingly. This way it no longer tries to
talk to IPv6 nameservers when only IPv4 is available and vice versa.
input deraadt
OK kn
|
|
Follows claudio's lead in ospfd et al.
Problem reported by mortimer.
|
|
Problem reported by mortimer
|
|
|
|
Since we are only serving localhost we could get away with doing
serving over UDP only because we have a huge MTU on lo0, it's still
not correct behavior.
This also enables sending truncated answers with TC set if the answer
does not fit into the edns announced udp size.
Testing at least by matthieu, jca, otto, phessler
OK phessler
|
|
No binary change on amd64.
ok florian
|
|
If the configuration contains duplicate domains in the block list
file or a force list, the nodes would leak in the frontend process
each time the config is reloaded. Also add a check when copying the
force list over imsg and fatal if a duplicate is encountered. This
should never happen.
ok florian
|
|
16k) by splitting them up.
Previously unwind would send meta-data about the finished query from
the resolver process to the frontend process and then silently fail to
send the actual answer because it was too big for imsg.
When receiving the meta-data for the next query the frontend process
would then exit via fatal() because it was still expecting an answer.
This likely fixes rare crashes observed by Leo Unglaub.
Note that even with DNSSEC signatures, answers this big are very rare.
OK tb, benno
|
|
resolvers.
OK kn
|
|
Lets unwind(8) run when another name server listens on the wildcard
address. Conflict with unbound(8) spotted by sthen@, ok florian@ deraadt@
|
|
slaacd and unwind start very early in the boot process and syslog is
not fully available yet so these messages tend to get lost.
But they are also not particularly useful.
Prompted by a report by Jason Mader on bugs@
OK deraadt, claudio, bluhm
Note that this code has been copied around to all our privsep daemons
and also lives in usr.sbin. Leave it alone there because multiple people
said they find it useful for those daemons.
|
|
The bind might fail if another daemon is running while the
control socket opening will succeed.
Then we end up with an overwritten control socket, unwind exiting
and no control socket to the already running unwind.
Found the hard way by deraadt
OK deraadt, mestre, kn, pamela
|
|
This is beneficial since we prefer strategies according to their
performance.
Previously name servers were upgraded to opportunistic DoT if it was
available even if the round trip times went through the roof and there
was no way to got back to plain udp/53 DNS.
To make up a bit of space in the unwindctl status output, name servers
learned via DHCP or SLAAC are printed in a new subcommand.
The status output will be further improved shortly.
Input & OK otto
|
|
with this. Currently only available as a command line flag (-vvv).
With this we now have two debug levels available in unwind proper, to
be used shortly.
looks good to otto
|
|
Handles typical split-horzizon setups. ok florian@
|
|
Pointed out by & OK otto
|
|
reuse in the future.
OK otto
|
|
OK otto
|
|
Avoid an extra parameter and set NULL initialised conffile conditionally.
From Matthew Martin <phy1729 at gmail dot com>, thanks!
|
|
Default /etc/unwind.conf is optional and may be missing, but explicitly
specified files should exist.
OK florian
|
|
Tested by deraadt as part of a larger diff.
|
|
captive portal host internaly via the resolver process.
deraadt and me observed weird captive portal checking hangs inside of
unwind if only 127.0.0.1 was listed as a nameserver in resolv.conf
with the old code.
|
|
autoconfiguration daemons. Currently only slaacd is switched over so
we need to keep the lease file parsing.
|
|
future work to be able to easily delete elements while iterating.
OK kn
|
|
unwind should now be able to work in networks with crappy middle boxes.
We also need to switch to the ASR resolver, not DHCP when we are behind
a captive portal. Some captive portals let through DNS queries with edns0
options but the "click here to accept the terms of service page" is not
resolvable with edns0.
|
|
libc asynchronous resolver directly with DHCP provided nameservers.
This is a last-ditch effort when we find ourself behind a completely
broken middle-box.
Input & OK otto
OK benno
|
|
OK benno
|
|
|
|
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
|
OK pamela
|
|
|
|
in the block list it answers with rcode REFUSED.
|
|
|
|
This and pledge("rpath") can go once we switch to RTM_PROPOSAL.
|
|
Unfortunately the nameserver types enums needed to be renamed
to not collide with yacc tokens.
|
|
descriptor keeps CLOEXEC flag then it will be closed unexpectedly by
exec().
ok tedu florian
|
|
|
|
While we are behind a captive portal we have to ask the dhcp provided
resolvers. However it is possible that those resolvers do not like
to talk to unwind because of EDNS0.
Unwind handles this case by closing its listening socket and hands
over to asr. Except for the resolving of the captive portal host which
it still tries to resolve via libunbound.
Turns out there is no need for this we can just use getaddrinfo_async
from asr which then either hits unwind which does the right thing or
unwind closed its listening socket and asr moves on to talk directly
to the dhcp resolvers.
|
|
We still want to log other causes when failing to open the lease file,
but then do so with a more helpful error message.
ok florian@
|
