diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:49:52 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:49:52 +0000 |
commit | 55944e5e40b1be2afc4855d8d2baf4b73d1876b5 (patch) | |
tree | 33f869f55a1b149e9b7c2b7e201867ca5dd52992 /src/resolve/resolved-varlink.c | |
parent | Initial commit. (diff) | |
download | systemd-55944e5e40b1be2afc4855d8d2baf4b73d1876b5.tar.xz systemd-55944e5e40b1be2afc4855d8d2baf4b73d1876b5.zip |
Adding upstream version 255.4.upstream/255.4
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | src/resolve/resolved-varlink.c | 796 |
1 files changed, 796 insertions, 0 deletions
diff --git a/src/resolve/resolved-varlink.c b/src/resolve/resolved-varlink.c new file mode 100644 index 0000000..3e178a6 --- /dev/null +++ b/src/resolve/resolved-varlink.c @@ -0,0 +1,796 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include "glyph-util.h" +#include "in-addr-util.h" +#include "resolved-dns-synthesize.h" +#include "resolved-varlink.h" +#include "socket-netlink.h" +#include "varlink-io.systemd.Resolve.h" +#include "varlink-io.systemd.Resolve.Monitor.h" + +typedef struct LookupParameters { + int ifindex; + uint64_t flags; + int family; + union in_addr_union address; + size_t address_size; + char *name; +} LookupParameters; + +static void lookup_parameters_destroy(LookupParameters *p) { + assert(p); + free(p->name); +} + +static int reply_query_state(DnsQuery *q) { + + assert(q); + assert(q->varlink_request); + + switch (q->state) { + + case DNS_TRANSACTION_NO_SERVERS: + return varlink_error(q->varlink_request, "io.systemd.Resolve.NoNameServers", NULL); + + case DNS_TRANSACTION_TIMEOUT: + return varlink_error(q->varlink_request, "io.systemd.Resolve.QueryTimedOut", NULL); + + case DNS_TRANSACTION_ATTEMPTS_MAX_REACHED: + return varlink_error(q->varlink_request, "io.systemd.Resolve.MaxAttemptsReached", NULL); + + case DNS_TRANSACTION_INVALID_REPLY: + return varlink_error(q->varlink_request, "io.systemd.Resolve.InvalidReply", NULL); + + case DNS_TRANSACTION_ERRNO: + return varlink_error_errno(q->varlink_request, q->answer_errno); + + case DNS_TRANSACTION_ABORTED: + return varlink_error(q->varlink_request, "io.systemd.Resolve.QueryAborted", NULL); + + case DNS_TRANSACTION_DNSSEC_FAILED: + return varlink_errorb(q->varlink_request, "io.systemd.Resolve.DNSSECValidationFailed", + JSON_BUILD_OBJECT(JSON_BUILD_PAIR("result", JSON_BUILD_STRING(dnssec_result_to_string(q->answer_dnssec_result))))); + + case DNS_TRANSACTION_NO_TRUST_ANCHOR: + return varlink_error(q->varlink_request, "io.systemd.Resolve.NoTrustAnchor", NULL); + + case DNS_TRANSACTION_RR_TYPE_UNSUPPORTED: + return varlink_error(q->varlink_request, "io.systemd.Resolve.ResourceRecordTypeUnsupported", NULL); + + case DNS_TRANSACTION_NETWORK_DOWN: + return varlink_error(q->varlink_request, "io.systemd.Resolve.NetworkDown", NULL); + + case DNS_TRANSACTION_NO_SOURCE: + return varlink_error(q->varlink_request, "io.systemd.Resolve.NoSource", NULL); + + case DNS_TRANSACTION_STUB_LOOP: + return varlink_error(q->varlink_request, "io.systemd.Resolve.StubLoop", NULL); + + case DNS_TRANSACTION_NOT_FOUND: + /* We return this as NXDOMAIN. This is only generated when a host doesn't implement LLMNR/TCP, and we + * thus quickly know that we cannot resolve an in-addr.arpa or ip6.arpa address. */ + return varlink_errorb(q->varlink_request, "io.systemd.Resolve.DNSError", + JSON_BUILD_OBJECT(JSON_BUILD_PAIR("rcode", JSON_BUILD_INTEGER(DNS_RCODE_NXDOMAIN)))); + + case DNS_TRANSACTION_RCODE_FAILURE: + return varlink_errorb(q->varlink_request, "io.systemd.Resolve.DNSError", + JSON_BUILD_OBJECT(JSON_BUILD_PAIR("rcode", JSON_BUILD_INTEGER(q->answer_rcode)))); + + case DNS_TRANSACTION_NULL: + case DNS_TRANSACTION_PENDING: + case DNS_TRANSACTION_VALIDATING: + case DNS_TRANSACTION_SUCCESS: + default: + assert_not_reached(); + } +} + +static void vl_on_disconnect(VarlinkServer *s, Varlink *link, void *userdata) { + DnsQuery *q; + + assert(s); + assert(link); + + q = varlink_get_userdata(link); + if (!q) + return; + + if (!DNS_TRANSACTION_IS_LIVE(q->state)) + return; + + log_debug("Client of active query vanished, aborting query."); + dns_query_complete(q, DNS_TRANSACTION_ABORTED); +} + +static void vl_on_notification_disconnect(VarlinkServer *s, Varlink *link, void *userdata) { + Manager *m = ASSERT_PTR(userdata); + + assert(s); + assert(link); + + Varlink *removed_link = set_remove(m->varlink_subscription, link); + if (removed_link) { + varlink_unref(removed_link); + log_debug("%u monitor clients remain active", set_size(m->varlink_subscription)); + } +} + +static bool validate_and_mangle_flags( + const char *name, + uint64_t *flags, + uint64_t ok) { + + assert(flags); + + /* This checks that the specified client-provided flags parameter actually makes sense, and mangles + * it slightly. Specifically: + * + * 1. We check that only the protocol flags and a bunch of NO_XYZ flags are on at most, plus the + * method-specific flags specified in 'ok'. + * + * 2. If no protocols are enabled we automatically convert that to "all protocols are enabled". + * + * The second rule means that clients can just pass 0 as flags for the common case, and all supported + * protocols are enabled. Moreover it's useful so that client's do not have to be aware of all + * protocols implemented in resolved, but can use 0 as protocols flags set as indicator for + * "everything". + */ + + if (*flags & ~(SD_RESOLVED_PROTOCOLS_ALL| + SD_RESOLVED_NO_CNAME| + SD_RESOLVED_NO_VALIDATE| + SD_RESOLVED_NO_SYNTHESIZE| + SD_RESOLVED_NO_CACHE| + SD_RESOLVED_NO_ZONE| + SD_RESOLVED_NO_TRUST_ANCHOR| + SD_RESOLVED_NO_NETWORK| + SD_RESOLVED_NO_STALE| + ok)) + return false; + + if ((*flags & SD_RESOLVED_PROTOCOLS_ALL) == 0) /* If no protocol is enabled, enable all */ + *flags |= SD_RESOLVED_PROTOCOLS_ALL; + + /* If the SD_RESOLVED_NO_SEARCH flag is acceptable, and the query name is dot-suffixed, turn off + * search domains. Note that DNS name normalization drops the dot suffix, hence we propagate this + * into the flags field as early as we can. */ + if (name && FLAGS_SET(ok, SD_RESOLVED_NO_SEARCH) && dns_name_dot_suffixed(name) > 0) + *flags |= SD_RESOLVED_NO_SEARCH; + + return true; +} + +static void vl_method_resolve_hostname_complete(DnsQuery *query) { + _cleanup_(dns_resource_record_unrefp) DnsResourceRecord *canonical = NULL; + _cleanup_(json_variant_unrefp) JsonVariant *array = NULL; + _cleanup_(dns_query_freep) DnsQuery *q = query; + _cleanup_free_ char *normalized = NULL; + DnsResourceRecord *rr; + DnsQuestion *question; + int ifindex, r; + + assert(q); + + if (q->state != DNS_TRANSACTION_SUCCESS) { + r = reply_query_state(q); + goto finish; + } + + r = dns_query_process_cname_many(q); + if (r == -ELOOP) { + r = varlink_error(q->varlink_request, "io.systemd.Resolve.CNAMELoop", NULL); + goto finish; + } + if (r < 0) + goto finish; + if (r == DNS_QUERY_CNAME) { + /* This was a cname, and the query was restarted. */ + TAKE_PTR(q); + return; + } + + question = dns_query_question_for_protocol(q, q->answer_protocol); + + DNS_ANSWER_FOREACH_IFINDEX(rr, ifindex, q->answer) { + _cleanup_(json_variant_unrefp) JsonVariant *entry = NULL; + int family; + const void *p; + + r = dns_question_matches_rr(question, rr, DNS_SEARCH_DOMAIN_NAME(q->answer_search_domain)); + if (r < 0) + goto finish; + if (r == 0) + continue; + + if (rr->key->type == DNS_TYPE_A) { + family = AF_INET; + p = &rr->a.in_addr; + } else if (rr->key->type == DNS_TYPE_AAAA) { + family = AF_INET6; + p = &rr->aaaa.in6_addr; + } else { + r = -EAFNOSUPPORT; + goto finish; + } + + r = json_build(&entry, + JSON_BUILD_OBJECT( + JSON_BUILD_PAIR_CONDITION(ifindex > 0, "ifindex", JSON_BUILD_INTEGER(ifindex)), + JSON_BUILD_PAIR("family", JSON_BUILD_INTEGER(family)), + JSON_BUILD_PAIR("address", JSON_BUILD_BYTE_ARRAY(p, FAMILY_ADDRESS_SIZE(family))))); + if (r < 0) + goto finish; + + if (!canonical) + canonical = dns_resource_record_ref(rr); + + r = json_variant_append_array(&array, entry); + if (r < 0) + goto finish; + } + + if (json_variant_is_blank_object(array)) { + r = varlink_error(q->varlink_request, "io.systemd.Resolve.NoSuchResourceRecord", NULL); + goto finish; + } + + assert(canonical); + r = dns_name_normalize(dns_resource_key_name(canonical->key), 0, &normalized); + if (r < 0) + goto finish; + + r = varlink_replyb(q->varlink_request, + JSON_BUILD_OBJECT( + JSON_BUILD_PAIR("addresses", JSON_BUILD_VARIANT(array)), + JSON_BUILD_PAIR("name", JSON_BUILD_STRING(normalized)), + JSON_BUILD_PAIR("flags", JSON_BUILD_INTEGER(dns_query_reply_flags_make(q))))); +finish: + if (r < 0) { + log_full_errno(ERRNO_IS_DISCONNECT(r) ? LOG_DEBUG : LOG_ERR, r, "Failed to send hostname reply: %m"); + r = varlink_error_errno(q->varlink_request, r); + } +} + +static int parse_as_address(Varlink *link, LookupParameters *p) { + _cleanup_free_ char *canonical = NULL; + int r, ff, parsed_ifindex, ifindex; + union in_addr_union parsed; + + assert(link); + assert(p); + + /* Check if this parses as literal address. If so, just parse it and return that, do not involve networking */ + r = in_addr_ifindex_from_string_auto(p->name, &ff, &parsed, &parsed_ifindex); + if (r < 0) + return 0; /* not a literal address */ + + /* Make sure the data we parsed matches what is requested */ + if ((p->family != AF_UNSPEC && ff != p->family) || + (p->ifindex > 0 && parsed_ifindex > 0 && parsed_ifindex != p->ifindex)) + return varlink_error(link, "io.systemd.Resolve.NoSuchResourceRecord", NULL); + + ifindex = parsed_ifindex > 0 ? parsed_ifindex : p->ifindex; + + /* Reformat the address as string, to return as canonicalized name */ + r = in_addr_ifindex_to_string(ff, &parsed, ifindex, &canonical); + if (r < 0) + return r; + + return varlink_replyb( + link, + JSON_BUILD_OBJECT( + JSON_BUILD_PAIR("addresses", + JSON_BUILD_ARRAY( + JSON_BUILD_OBJECT( + JSON_BUILD_PAIR_CONDITION(ifindex > 0, "ifindex", JSON_BUILD_INTEGER(ifindex)), + JSON_BUILD_PAIR("family", JSON_BUILD_INTEGER(ff)), + JSON_BUILD_PAIR("address", JSON_BUILD_BYTE_ARRAY(&parsed, FAMILY_ADDRESS_SIZE(ff)))))), + JSON_BUILD_PAIR("name", JSON_BUILD_STRING(canonical)), + JSON_BUILD_PAIR("flags", JSON_BUILD_INTEGER(SD_RESOLVED_FLAGS_MAKE(dns_synthesize_protocol(p->flags), ff, true, true)| + SD_RESOLVED_SYNTHETIC)))); +} + +static int vl_method_resolve_hostname(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) { + static const JsonDispatch dispatch_table[] = { + { "ifindex", _JSON_VARIANT_TYPE_INVALID, json_dispatch_int, offsetof(LookupParameters, ifindex), 0 }, + { "name", JSON_VARIANT_STRING, json_dispatch_string, offsetof(LookupParameters, name), JSON_MANDATORY }, + { "family", _JSON_VARIANT_TYPE_INVALID, json_dispatch_int, offsetof(LookupParameters, family), 0 }, + { "flags", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(LookupParameters, flags), 0 }, + {} + }; + + _cleanup_(dns_question_unrefp) DnsQuestion *question_idna = NULL, *question_utf8 = NULL; + _cleanup_(lookup_parameters_destroy) LookupParameters p = { + .family = AF_UNSPEC, + }; + _cleanup_(dns_query_freep) DnsQuery *q = NULL; + Manager *m; + int r; + + assert(link); + + m = varlink_server_get_userdata(varlink_get_server(link)); + assert(m); + + if (FLAGS_SET(flags, VARLINK_METHOD_ONEWAY)) + return -EINVAL; + + r = varlink_dispatch(link, parameters, dispatch_table, &p); + if (r != 0) + return r; + + if (p.ifindex < 0) + return varlink_error_invalid_parameter(link, JSON_VARIANT_STRING_CONST("ifindex")); + + r = dns_name_is_valid(p.name); + if (r < 0) + return r; + if (r == 0) + return varlink_error_invalid_parameter(link, JSON_VARIANT_STRING_CONST("name")); + + if (!IN_SET(p.family, AF_UNSPEC, AF_INET, AF_INET6)) + return varlink_error_invalid_parameter(link, JSON_VARIANT_STRING_CONST("family")); + + if (!validate_and_mangle_flags(p.name, &p.flags, SD_RESOLVED_NO_SEARCH)) + return varlink_error_invalid_parameter(link, JSON_VARIANT_STRING_CONST("flags")); + + r = parse_as_address(link, &p); + if (r != 0) + return r; + + r = dns_question_new_address(&question_utf8, p.family, p.name, false); + if (r < 0) + return r; + + r = dns_question_new_address(&question_idna, p.family, p.name, true); + if (r < 0 && r != -EALREADY) + return r; + + r = dns_query_new(m, &q, question_utf8, question_idna ?: question_utf8, NULL, p.ifindex, p.flags); + if (r < 0) + return r; + + q->varlink_request = varlink_ref(link); + varlink_set_userdata(link, q); + q->request_family = p.family; + q->complete = vl_method_resolve_hostname_complete; + + r = dns_query_go(q); + if (r < 0) + return r; + + TAKE_PTR(q); + return 1; +} + +static int json_dispatch_address(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) { + LookupParameters *p = ASSERT_PTR(userdata); + union in_addr_union buf = {}; + JsonVariant *i; + size_t n, k = 0; + + assert(variant); + + if (!json_variant_is_array(variant)) + return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is not an array.", strna(name)); + + n = json_variant_elements(variant); + if (!IN_SET(n, 4, 16)) + return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "JSON field '%s' is array of unexpected size.", strna(name)); + + JSON_VARIANT_ARRAY_FOREACH(i, variant) { + int64_t b; + + if (!json_variant_is_integer(i)) + return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), "Element %zu of JSON field '%s' is not an integer.", k, strna(name)); + + b = json_variant_integer(i); + if (b < 0 || b > 0xff) + return json_log(variant, flags, SYNTHETIC_ERRNO(EINVAL), + "Element %zu of JSON field '%s' is out of range 0%s255.", + k, strna(name), special_glyph(SPECIAL_GLYPH_ELLIPSIS)); + + buf.bytes[k++] = (uint8_t) b; + } + + p->address = buf; + p->address_size = k; + + return 0; +} + +static void vl_method_resolve_address_complete(DnsQuery *query) { + _cleanup_(json_variant_unrefp) JsonVariant *array = NULL; + _cleanup_(dns_query_freep) DnsQuery *q = query; + DnsQuestion *question; + DnsResourceRecord *rr; + int ifindex, r; + + assert(q); + + if (q->state != DNS_TRANSACTION_SUCCESS) { + r = reply_query_state(q); + goto finish; + } + + r = dns_query_process_cname_many(q); + if (r == -ELOOP) { + r = varlink_error(q->varlink_request, "io.systemd.Resolve.CNAMELoop", NULL); + goto finish; + } + if (r < 0) + goto finish; + if (r == DNS_QUERY_CNAME) { + /* This was a cname, and the query was restarted. */ + TAKE_PTR(q); + return; + } + + question = dns_query_question_for_protocol(q, q->answer_protocol); + + DNS_ANSWER_FOREACH_IFINDEX(rr, ifindex, q->answer) { + _cleanup_free_ char *normalized = NULL; + + r = dns_question_matches_rr(question, rr, NULL); + if (r < 0) + goto finish; + if (r == 0) + continue; + + r = dns_name_normalize(rr->ptr.name, 0, &normalized); + if (r < 0) + goto finish; + + r = json_variant_append_arrayb( + &array, + JSON_BUILD_OBJECT( + JSON_BUILD_PAIR_CONDITION(ifindex > 0, "ifindex", JSON_BUILD_INTEGER(ifindex)), + JSON_BUILD_PAIR("name", JSON_BUILD_STRING(normalized)))); + if (r < 0) + goto finish; + } + + if (json_variant_is_blank_object(array)) { + r = varlink_error(q->varlink_request, "io.systemd.Resolve.NoSuchResourceRecord", NULL); + goto finish; + } + + r = varlink_replyb(q->varlink_request, + JSON_BUILD_OBJECT( + JSON_BUILD_PAIR("names", JSON_BUILD_VARIANT(array)), + JSON_BUILD_PAIR("flags", JSON_BUILD_INTEGER(dns_query_reply_flags_make(q))))); +finish: + if (r < 0) { + log_full_errno(ERRNO_IS_DISCONNECT(r) ? LOG_DEBUG : LOG_ERR, r, "Failed to send address reply: %m"); + r = varlink_error_errno(q->varlink_request, r); + } +} + +static int vl_method_resolve_address(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) { + static const JsonDispatch dispatch_table[] = { + { "ifindex", _JSON_VARIANT_TYPE_INVALID, json_dispatch_int, offsetof(LookupParameters, ifindex), 0 }, + { "family", _JSON_VARIANT_TYPE_INVALID, json_dispatch_int, offsetof(LookupParameters, family), JSON_MANDATORY }, + { "address", JSON_VARIANT_ARRAY, json_dispatch_address, 0, JSON_MANDATORY }, + { "flags", _JSON_VARIANT_TYPE_INVALID, json_dispatch_uint64, offsetof(LookupParameters, flags), 0 }, + {} + }; + + _cleanup_(dns_question_unrefp) DnsQuestion *question = NULL; + _cleanup_(lookup_parameters_destroy) LookupParameters p = { + .family = AF_UNSPEC, + }; + _cleanup_(dns_query_freep) DnsQuery *q = NULL; + Manager *m; + int r; + + assert(link); + + m = varlink_server_get_userdata(varlink_get_server(link)); + assert(m); + + if (FLAGS_SET(flags, VARLINK_METHOD_ONEWAY)) + return -EINVAL; + + r = varlink_dispatch(link, parameters, dispatch_table, &p); + if (r != 0) + return r; + + if (p.ifindex < 0) + return varlink_error_invalid_parameter(link, JSON_VARIANT_STRING_CONST("ifindex")); + + if (!IN_SET(p.family, AF_INET, AF_INET6)) + return varlink_error_invalid_parameter(link, JSON_VARIANT_STRING_CONST("family")); + + if (FAMILY_ADDRESS_SIZE(p.family) != p.address_size) + return varlink_error(link, "io.systemd.Resolve.BadAddressSize", NULL); + + if (!validate_and_mangle_flags(NULL, &p.flags, 0)) + return varlink_error_invalid_parameter(link, JSON_VARIANT_STRING_CONST("flags")); + + r = dns_question_new_reverse(&question, p.family, &p.address); + if (r < 0) + return r; + + r = dns_query_new(m, &q, question, question, NULL, p.ifindex, p.flags|SD_RESOLVED_NO_SEARCH); + if (r < 0) + return r; + + q->varlink_request = varlink_ref(link); + varlink_set_userdata(link, q); + + q->request_family = p.family; + q->request_address = p.address; + q->complete = vl_method_resolve_address_complete; + + r = dns_query_go(q); + if (r < 0) + return r; + + TAKE_PTR(q); + return 1; +} + +static int vl_method_subscribe_query_results(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) { + Manager *m; + int r; + + assert(link); + + m = ASSERT_PTR(varlink_server_get_userdata(varlink_get_server(link))); + + /* if the client didn't set the more flag, it is using us incorrectly */ + if (!FLAGS_SET(flags, VARLINK_METHOD_MORE)) + return varlink_error_invalid_parameter(link, NULL); + + if (json_variant_elements(parameters) > 0) + return varlink_error_invalid_parameter(link, parameters); + + /* Send a ready message to the connecting client, to indicate that we are now listinening, and all + * queries issued after the point the client sees this will also be reported to the client. */ + r = varlink_notifyb(link, + JSON_BUILD_OBJECT(JSON_BUILD_PAIR("ready", JSON_BUILD_BOOLEAN(true)))); + if (r < 0) + return log_error_errno(r, "Failed to report monitor to be established: %m"); + + r = set_ensure_put(&m->varlink_subscription, NULL, link); + if (r < 0) + return log_error_errno(r, "Failed to add subscription to set: %m"); + varlink_ref(link); + + log_debug("%u clients now attached for varlink notifications", set_size(m->varlink_subscription)); + + return 1; +} + +static int vl_method_dump_cache(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) { + _cleanup_(json_variant_unrefp) JsonVariant *list = NULL; + Manager *m; + int r; + + assert(link); + + if (json_variant_elements(parameters) > 0) + return varlink_error_invalid_parameter(link, parameters); + + m = ASSERT_PTR(varlink_server_get_userdata(varlink_get_server(link))); + + LIST_FOREACH(scopes, s, m->dns_scopes) { + _cleanup_(json_variant_unrefp) JsonVariant *j = NULL; + + r = dns_scope_dump_cache_to_json(s, &j); + if (r < 0) + return r; + + r = json_variant_append_array(&list, j); + if (r < 0) + return r; + } + + if (!list) { + r = json_variant_new_array(&list, NULL, 0); + if (r < 0) + return r; + } + + return varlink_replyb(link, JSON_BUILD_OBJECT( + JSON_BUILD_PAIR("dump", JSON_BUILD_VARIANT(list)))); +} + +static int dns_server_dump_state_to_json_list(DnsServer *server, JsonVariant **list) { + _cleanup_(json_variant_unrefp) JsonVariant *j = NULL; + int r; + + assert(list); + assert(server); + + r = dns_server_dump_state_to_json(server, &j); + if (r < 0) + return r; + + return json_variant_append_array(list, j); +} + +static int vl_method_dump_server_state(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) { + _cleanup_(json_variant_unrefp) JsonVariant *list = NULL; + Manager *m; + int r; + Link *l; + + assert(link); + + if (json_variant_elements(parameters) > 0) + return varlink_error_invalid_parameter(link, parameters); + + m = ASSERT_PTR(varlink_server_get_userdata(varlink_get_server(link))); + + LIST_FOREACH(servers, server, m->dns_servers) { + r = dns_server_dump_state_to_json_list(server, &list); + if (r < 0) + return r; + } + + LIST_FOREACH(servers, server, m->fallback_dns_servers) { + r = dns_server_dump_state_to_json_list(server, &list); + if (r < 0) + return r; + } + + HASHMAP_FOREACH(l, m->links) + LIST_FOREACH(servers, server, l->dns_servers) { + r = dns_server_dump_state_to_json_list(server, &list); + if (r < 0) + return r; + } + + if (!list) { + r = json_variant_new_array(&list, NULL, 0); + if (r < 0) + return r; + } + + return varlink_replyb(link, JSON_BUILD_OBJECT( + JSON_BUILD_PAIR("dump", JSON_BUILD_VARIANT(list)))); +} + +static int vl_method_dump_statistics(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) { + _cleanup_(json_variant_unrefp) JsonVariant *j = NULL; + Manager *m; + int r; + + assert(link); + + if (json_variant_elements(parameters) > 0) + return varlink_error_invalid_parameter(link, parameters); + + m = ASSERT_PTR(varlink_server_get_userdata(varlink_get_server(link))); + + r = dns_manager_dump_statistics_json(m, &j); + if (r < 0) + return r; + + return varlink_replyb(link, JSON_BUILD_VARIANT(j)); +} + +static int vl_method_reset_statistics(Varlink *link, JsonVariant *parameters, VarlinkMethodFlags flags, void *userdata) { + Manager *m; + + assert(link); + + if (json_variant_elements(parameters) > 0) + return varlink_error_invalid_parameter(link, parameters); + + m = ASSERT_PTR(varlink_server_get_userdata(varlink_get_server(link))); + + dns_manager_reset_statistics(m); + + return varlink_replyb(link, JSON_BUILD_EMPTY_OBJECT); +} + +static int varlink_monitor_server_init(Manager *m) { + _cleanup_(varlink_server_unrefp) VarlinkServer *server = NULL; + int r; + + assert(m); + + if (m->varlink_monitor_server) + return 0; + + r = varlink_server_new(&server, VARLINK_SERVER_ROOT_ONLY); + if (r < 0) + return log_error_errno(r, "Failed to allocate varlink server object: %m"); + + varlink_server_set_userdata(server, m); + + r = varlink_server_add_interface(server, &vl_interface_io_systemd_Resolve_Monitor); + if (r < 0) + return log_error_errno(r, "Failed to add Resolve.Monitor interface to varlink server: %m"); + + r = varlink_server_bind_method_many( + server, + "io.systemd.Resolve.Monitor.SubscribeQueryResults", vl_method_subscribe_query_results, + "io.systemd.Resolve.Monitor.DumpCache", vl_method_dump_cache, + "io.systemd.Resolve.Monitor.DumpServerState", vl_method_dump_server_state, + "io.systemd.Resolve.Monitor.DumpStatistics", vl_method_dump_statistics, + "io.systemd.Resolve.Monitor.ResetStatistics", vl_method_reset_statistics); + if (r < 0) + return log_error_errno(r, "Failed to register varlink methods: %m"); + + r = varlink_server_bind_disconnect(server, vl_on_notification_disconnect); + if (r < 0) + return log_error_errno(r, "Failed to register varlink disconnect handler: %m"); + + r = varlink_server_listen_address(server, "/run/systemd/resolve/io.systemd.Resolve.Monitor", 0600); + if (r < 0) + return log_error_errno(r, "Failed to bind to varlink socket: %m"); + + r = varlink_server_attach_event(server, m->event, SD_EVENT_PRIORITY_NORMAL); + if (r < 0) + return log_error_errno(r, "Failed to attach varlink connection to event loop: %m"); + + m->varlink_monitor_server = TAKE_PTR(server); + + return 0; +} + +static int varlink_main_server_init(Manager *m) { + _cleanup_(varlink_server_unrefp) VarlinkServer *s = NULL; + int r; + + assert(m); + + if (m->varlink_server) + return 0; + + r = varlink_server_new(&s, VARLINK_SERVER_ACCOUNT_UID); + if (r < 0) + return log_error_errno(r, "Failed to allocate varlink server object: %m"); + + varlink_server_set_userdata(s, m); + + r = varlink_server_add_interface(s, &vl_interface_io_systemd_Resolve); + if (r < 0) + return log_error_errno(r, "Failed to add Resolve interface to varlink server: %m"); + + r = varlink_server_bind_method_many( + s, + "io.systemd.Resolve.ResolveHostname", vl_method_resolve_hostname, + "io.systemd.Resolve.ResolveAddress", vl_method_resolve_address); + if (r < 0) + return log_error_errno(r, "Failed to register varlink methods: %m"); + + r = varlink_server_bind_disconnect(s, vl_on_disconnect); + if (r < 0) + return log_error_errno(r, "Failed to register varlink disconnect handler: %m"); + + r = varlink_server_listen_address(s, "/run/systemd/resolve/io.systemd.Resolve", 0666); + if (r < 0) + return log_error_errno(r, "Failed to bind to varlink socket: %m"); + + r = varlink_server_attach_event(s, m->event, SD_EVENT_PRIORITY_NORMAL); + if (r < 0) + return log_error_errno(r, "Failed to attach varlink connection to event loop: %m"); + + m->varlink_server = TAKE_PTR(s); + return 0; +} + +int manager_varlink_init(Manager *m) { + int r; + + r = varlink_main_server_init(m); + if (r < 0) + return r; + + r = varlink_monitor_server_init(m); + if (r < 0) + return r; + + return 0; +} + +void manager_varlink_done(Manager *m) { + assert(m); + + m->varlink_server = varlink_server_unref(m->varlink_server); + m->varlink_monitor_server = varlink_server_unref(m->varlink_monitor_server); +} |