colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: accept DNS URIs in global configuration

Browse Source 
Accept name servers specified with an URI syntax in the global
configuration. A plugin that doesn't support a specific scheme can
decide to ignore it and use only the servers it understands. At the
moment there is no plugin that supports DNS-over-TLS servers in the
global configuration.
This commit is contained in:
Beniamino Galvani
2024-12-05 09:59:06 +01:00
parent 4dee109b8d
commit 8416a58e26
4 changed files with 47 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
man/NetworkManager.conf.xml
View File

@@ -1575,8 +1575,24 @@ managed=1
<term><varname>servers</varname></term>
<listitem>
<para>
A list of addresses of DNS servers to be used for the given domain.
</para>
A list of addresses of DNS servers to be used for the
given domain. Each server can be specified either as a
plain IP address or with a URI syntax. When it is
specified as an URI, the following forms are supported:
</para>
<para>
<simplelist type="horiz" columns="1">
<member>dns+udp://<varname>ADDRESS</varname>[:<varname>PORT</varname>] : DNS</member>
<member>dns+tls://<varname>ADDRESS</varname>[:<varname>PORT</varname>][#<varname>SERVERNAME]</varname> : DNS over TLS</member>
</simplelist>
</para>
<para>
<varname>ADDRESS</varname> is an IPv4 or IPv6
address. When it is IPv6, it must be enclosed in square
brackets ('[' and ']'). When it is a IPv6 link-local
address, the address should be followed by a percent
sign ('%') and an interface name.
</para>
</listitem>
</varlistentry>
<varlistentry>

13
src/core/dns/nm-dns-dnsmasq.c
View File

@@ -853,13 +853,16 @@ add_global_config(NMDnsDnsmasq *self,
const char *const *servers = nm_global_dns_domain_get_servers(domain);
const char *name = nm_global_dns_domain_get_name(domain);
g_return_if_fail(name);
nm_assert(name);
for (j = 0; servers && servers[j]; j++) {
if (!strcmp(name, "*"))
add_dnsmasq_nameserver(self, dnsmasq_servers, servers[j], NULL);
else
add_dnsmasq_nameserver(self, dnsmasq_servers, servers[j], name);
char str[NM_INET_ADDRSTRLEN];
/* TODO: support IPv6 link-local addresses with scope id */
if (!nm_dns_uri_parse_plain(AF_UNSPEC, servers[j], str, NULL))
continue;
add_dnsmasq_nameserver(self, dnsmasq_servers, str, nm_streq(name, "*") ? NULL : name);
}
}
}

11
src/core/dns/nm-dns-manager.c
View File

@@ -1291,8 +1291,15 @@ merge_global_dns_config(NMResolvConfData *rc, NMGlobalDnsConfig *global_conf)
if (!servers)
return TRUE;
for (i = 0; servers[i]; i++)
add_string_item(rc->nameservers, servers[i], TRUE);
for (i = 0; servers[i]; i++) {
char addrstr[NM_INET_ADDRSTRLEN];
/* TODO: support IPv6 link-local addresses with scope id */
if (!nm_dns_uri_parse_plain(AF_UNSPEC, servers[i], addrstr, NULL))
continue;
add_string_item(rc->nameservers, addrstr, TRUE);
}
return TRUE;
}

15
src/core/nm-config-data.c
View File

@@ -1259,10 +1259,19 @@ load_global_dns(GKeyFile *keyfile, gboolean internal)
if (strv) {
nm_strv_cleanup(strv, TRUE, TRUE, TRUE);
for (i = 0, j = 0; strv[i]; i++) {
if (nm_inet_is_valid(AF_INET, strv[i]) || nm_inet_is_valid(AF_INET6, strv[i]))
strv[j++] = strv[i];
else
gs_free char *to_free = NULL;
if (nm_dns_uri_normalize(AF_UNSPEC, strv[i], &to_free)) {
if (to_free) {
g_free(strv[i]);
strv[j++] = g_steal_pointer(&to_free);
} else {
strv[j++] = strv[i];
}
} else {
nm_log_dbg(LOGD_CORE, "invalid global name server \"%s\"", strv[i]);
g_free(strv[i]);
}
}
if (j == 0)
g_free(strv);