24710c48ed16be5fa461fbb303a744a907541daf |
|
03-Dec-2015 |
Lennart Poettering <lennart@poettering.net> |
resolved: introduce a dnssec_mode setting per scope
The setting controls which kind of DNSSEC validation is done: none at
all, trusting the AD bit, or client-side validation.
For now, no validation is implemented, hence the setting doesn't do much
yet, except of toggling the CD bit in the generated messages if full
client-side validation is requested. |
0b58db658b5c3f586ac3a837427f1f7fec2abb2e |
|
25-Nov-2015 |
Lennart Poettering <lennart@poettering.net> |
resolved: make sure order of dns servers is stable
Previously, we'd keep adding new dns servers we discover to the end of
our linked list of servers. When we encountered a pre-existing server,
we'd just leave it where it was. In essence that meant that old servers
ended up at the front, and new servers at the end, but not in an order
that would reflect the configuration.
With this change we ensure that every pre-existing server we want to add
again we move to the back of the linked list, so that the order is
stable and in sync with the requested configuration. |
0eac462399c8e87bcce252cf058eba9f2678f2bd |
|
25-Nov-2015 |
Lennart Poettering <lennart@poettering.net> |
resolved: rework dns server lifecycle logic
Previously, there was a chance of memory corruption, because when
switching to the next DNS server we didn't care whether they linked list
of DNS servers was still valid.
Clean up lifecycle of the dns server logic:
- When a DnsServer object is still in the linked list of DnsServers for
a link or the manager, indicate so with a "linked" boolean field, and
never follow the linked list if that boolean is not set.
- When picking a DnsServer to use for a link ot manager, always
explicitly take a reference.
This also rearranges some logic, to make the tracking of dns servers by
link and globally more alike. |
75eb615480afd787fa412f0a529523f568f79b26 |
|
10-Nov-2015 |
Lennart Poettering <lennart@poettering.net> |
defs: rework CONF_DIRS_NULSTR() macro
The macro is generically useful for putting together search paths, hence
let's make it truly generic, by dropping the implicit ".d" appending it
does, and leave that to the caller. Also rename it from
CONF_DIRS_NULSTR() to CONF_PATHS_NULSTR(), since it's not strictly about
dirs that way, but any kind of file system path.
Also, mark CONF_DIR_SPLIT_USR() as internal macro by renaming it to
_CONF_PATHS_SPLIT_USR() so that the leading underscore indicates that
it's internal. |
12ca818ffddb77eb6a0fabe369a5bcbf6994ff8b |
|
30-Sep-2015 |
Lennart Poettering <lennart@poettering.net> |
tree-wide: clean up log_syntax() usage
- Rely everywhere that we use abs() on the error code passed in anyway,
thus don't need to explicitly negate what we pass in
- Never attach synthetic error number information to log messages. Only
log about errors we *receive* with the error number we got there,
don't log any synthetic error, that don#t even propagate, but just eat
up.
- Be more careful with attaching exactly the error we get, instead of
errno or unrelated errors randomly.
- Fix one occasion where the error number and line number got swapped.
- Make sure we never tape over OOM issues, or inability to resolve
specifiers |