Age | Commit message (Collapse) | Author |
|
|
|
|
|
resolvd, slaacd, unwind.
The mitigation story is way better: syscalls are in a randomly located
libc, and every syscall stub is randomly located inside that due to
random relinking. As opposed to fixed offset inside a release binary.
There is one known consequence: /usr nfs mounting must use statically
configured IP addresses.
ok kettenis florian, others
|
|
|
|
helper functions from unbound(8).
Delete unused shared memory functions that the unbound(8) daemon uses
for statistics gathering. While here get rid of daemon.h which is
unused, too.
With this we can remove the hack in config.h to pretend we don't have
shmget to prevent linker errors which makes syncing with unbound(8)
easier.
|
|
jmc@ dislikes a comma before "then" in a conditional, so leave those
untouched.
ok jmc@
|
|
queries. There is no need to do all this work just to get access to
the query id and flags.
OK bket, sthen
|
|
search domains and retry.
|
|
|
|
Upstream renamed parse_edns_from_pkt to parse_edns_from_query_pkt and
added two arguments (config_file and comm_point) that we don't use,
adjust callers in frontend accordingly.
|
|
parse_extract_edns_from_response_msg and parse_edns_from_pkt to
parse_edns_from_query_pkt in libunbound 1.14.0.
Both funktions work equally well for us but it would look weird to use
the "from_response_msg" function on the query so switch to
parse_edns_from_pkt in preparation for the libunbound update.
testing & OK sthen
|
|
Use the OpenSSL 1.1 codepath using accessors that have been available
since LibreSSL 2.7 instead of reaching into the structs.
ok sthen
|
|
Instead of repairing potential garbage ensure that we receive proper C
strings. Inspired by a similar diff by deraadt@ for ldapd.
|
|
macro-build a replacement for sccsid, and was done without any concern
for namespace damage. Unfortunately this practice started infecting
other code as others were unaware they didn't need the file.
ok millert guenther
|
|
link-local addresses. With this dns proposals from slaacd with
link-local addresses from slaacd(8) are wroking.
Requested by & OK kn
|
|
The resolver is the actual consumer and shouldn't trust the frontend.
Fold the IPv4/IPv6 specific checks thanks to the previous commit.
Idea from florian
OK florian
|
|
Reduce duplicate code and use getnameinfo(3) for IPv4 as well.
This commit is the equivalent of sbin/resolvd/resolvd.c revision 1.21
"Simplify address family handling, ditch inet_ntop(3)".
OK florian
|
|
RTM_PROPOSAL's list of IP addresses does not contain scope IDs by design.
This is not a problem as the proposal is always bound to an interface,
as long as we use it...
Fill in the scope ID for link-local IPs and replace inet_ntop(3) usage with
getnameinfo(3) in the IPv6 case such that it actually turns up in the string
representation.
This is the unwind specific fix to ensure working IPv6LL; libunbound still
requires another fix.
This commit is the equivalent of sbin/resolvd/resolvd.c revision 1.20
"Install missing scope identifier for IPv6 link-local addresses".
OK florian
|
|
We document them as explicitly required, `unwind -dnvf...' spits them
out like this and the last `force' example uses them as well.
|
|
(200ms) to answer before trying the next strategy. However, we need to
skip strategies that are not available. In the default configuration,
without a config file unwind(8) would give DoT 200ms more time, but no
DoT forwarders are known, so this is useless.
OK kn
|
|
|
|
parse_config() handle the case of defaults. This prevents the resolver
process from spinning up resolver strategies before the config has
been parsed and tearing them down immediately after if they are not
listed in the config files preferences section.
OK kn
|
|
An unwind.conf like the following would still query forwarders,
both "." periodically and any explicit "example.com." queries:
preference { recursor autoconf stub }
forwarder { 2001:db8::1 }
force accept bogus forwarder { example.com. }
That's because the forwarder and resolver children processes start with
the default configuration and main later sends them the effective user
configuration; merging them, however, would ignore the list of enabled
resolvers, i.e. those listed in the `preference {}' block and thusly
cause children to always have all forwarders enabled (as is by default).
Copy the resolvers list during merge to fix this and restore expected
behaviour.
(Noticed during tests with "forwarder" temporarily removed from
`preference {}' while leaving the rest as is: my VPN interface serving
that forwarder showed DNS traffic while it was supposed to be silent.)
OK florian
|
|
functions that take "char *" arguments. Where such chars are
assigned to int or passed to ctype functions, explicitly cast them
to unsigned char.
For OpenBSD's clang, -Wpointer-sign has been disabled by default,
but when the parse.y code was built elsewhere, the compiler would
complain.
With help from millert@
ok benno@ deraadt@
|
|
|
|
Do not abuse "dhcp" to say "DHCP and SLAAC".
unwind.conf(5) does so but unwindctl(8) does not; in fact, the latter
already has `status autoconf' to
Show nameservers learned from dhclient(8), dhcpleased(8) or slaacd(8).
Adjust unwind's config manual and internal code accordingly; still accept
the old keyword but do not document it.
hostname.if(5) already advises for `inet[6] autoconf' instead of `dhcp' and
other related daemons don't abuse the word "dhcp" like unwind does.
Feedback sthen
OK florian
|
|
Found in resolvd(8) which uses the same code.
|
|
authorities when encountering a validation error.
This only helps one particular case of validation errors: When
authorities are out of sync and some carry old zones. In all other
cases this causes a huge amount of work that will just end in a
SERVFAIL because the result will still be bogus.
OK sthen
|
|
OK sthen as part of a larger diff
|
|
OK sthen
|
|
switched networks. We validated it, we can't do better than that!
While here reorder the long list of conditions to make it easier to
understand when we doubt a response because we might be behind a
captive portal. First list all conditions when we do not doubt the
response and then the two conditions when we do doubt the response.
OK benno
|
|
the configuration struct. This is also an implicit list of enabled
resolver strategies. We have also stored an explict lookup array of
enabled strategies outside of the configuration to be able to quickly
answer "is this strategy enabled" without traversing the preferences
list.
Move this table into the configuration so that we don't need to
"repair" it on config reload.
This fixes a bug where on startup the preferences list and enabled
lookup table were not in sync. It didn't matter in practice since we
do a config reload and then pass in DNSSEC trustanchors on startup.
Both actions combined repaired things.
OK benno
|
|
OK florian
|
|
Zap the obsolete dhclient.conf(5) supersede quirk while here.
Feedback OK florian
|
|
fails to report the path that the failure occured on. Suggested by
deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
|
|
|
Pointed out by deraadt
|
|
able to send answers back to the correct client in case two are
connecting at the same time. We also need to pass the pid around to
the resolver process so that it can hand it back to us.
Debugged by deraadt and dlg who noticed that answers would always
arrive on the first control connection.
deraadt@ points out that tracking the pid is not the best choice in
case one process wants to hold open two connections but at least this
brings us in line with all the other privsep daemons with control
tools. If we change this we should change it in all daemons.
|
|
|
|
rewording by jmc@
ok jmc@
|
|
provided nameservers, i.e. the stub resolver check succeeded.
Previously we would only probe DNS64 on network change but would not
reschedule when it failed. Sometimes (most of the time?) this failes
because our address is still tentative or a default route has
not yet been installed.
OK phessler
|
|
ugly and the underlying problem (dhclient and unwind playing well
together) should be solved differently.
Final straw was jca reporting that it breaks his setup.
|
|
localhost.
|
|
This is a step towards starting unwind earlier, before the network is
up and partitions are mounted.
OK kn
|
|
resolver so we have to schedule a re-check.
OK kn
|
|
While here also set SOCK_NONBLOCK on the frontend routesock.
|
|
old configuration. We will then request another check that runs in
parallel to the old check. If the new check finishes earlier, the
current check result will be overwritten by an outdated check result
which is likely wrong.
While here fix some whitespace.
OK phessler
|
|
to configure libunbound accordingly. This way it no longer tries to
talk to IPv6 nameservers when only IPv4 is available and vice versa.
input deraadt
OK kn
|
|
handle them like UNKNOWN.
Found the hard way by kn.
|
|
libunbound.
OK phessler
|