Skip to content

Commit

Permalink
Add workaround for split-dns
Browse files Browse the repository at this point in the history
Split-dns seems to be quite a complicated thing to implement
correctly, and probably depends on something like systemd-resolvd
or NetworkManager support to be added, as discussed here:
    adrienverge#561

In the mean time DNS is not working at all if no global dns
is set. This patch implements a slightly ugly workaround by using
the split-dns info as the default dns when no default dns was configured
in the xml response. I expect that the two settings are mutually exclusive in
any case, but I don't understand DNS well enough to be sure.
  • Loading branch information
lpeens authored and louis-peens committed Sep 18, 2021
1 parent f29ee54 commit 9d6a717
Show file tree
Hide file tree
Showing 2 changed files with 57 additions and 5 deletions.
57 changes: 52 additions & 5 deletions src/ipv4.c
Original file line number Diff line number Diff line change
Expand Up @@ -1080,10 +1080,14 @@ int ipv4_add_nameservers_to_resolv_conf(struct tunnel *tunnel)
tunnel->ipv4.ns2_was_there = 0;
tunnel->ipv4.dns_suffix_was_there = 0;

if (tunnel->ipv4.ns1_addr.s_addr == 0)
// TODO: Split dns workaround
if (tunnel->ipv4.ns1_addr.s_addr == 0 &&
tunnel->ipv4.dns_split.ns_addrs[0].s_addr == 0)
tunnel->ipv4.ns1_was_there = -1;

if (tunnel->ipv4.ns2_addr.s_addr == 0)
// TODO: Split dns workaround
if (tunnel->ipv4.ns2_addr.s_addr == 0 &&
tunnel->ipv4.dns_split.ns_addrs[1].s_addr == 0)
tunnel->ipv4.ns2_was_there = -1;

#if HAVE_RESOLVCONF
Expand Down Expand Up @@ -1161,22 +1165,44 @@ int ipv4_add_nameservers_to_resolv_conf(struct tunnel *tunnel)
strcpy(ns1, "nameserver ");
strncat(ns1, inet_ntoa(tunnel->ipv4.ns1_addr), 15);
} else {
ns1[0] = '\0';
// TODO: Split dns workaround
if (tunnel->ipv4.dns_split.ns_addrs[0].s_addr != 0) {
printf("Hitting ns_addrs[0]\n");
strcpy(ns1, "nameserver ");
strncat(ns1, inet_ntoa(tunnel->ipv4.dns_split.ns_addrs[0]), 15);
printf("ns1 string was: %s\n", ns1);
} else {
printf("missed ns_addrs[0]\n");
ns1[0] = '\0';
}
}

if (tunnel->ipv4.ns2_addr.s_addr != 0) {
strcpy(ns2, "nameserver ");
strncat(ns2, inet_ntoa(tunnel->ipv4.ns2_addr), 15);
} else {
ns2[0] = '\0';
// TODO: Split dns workaround
if (tunnel->ipv4.dns_split.ns_addrs[1].s_addr != 0) {
strcpy(ns2, "nameserver ");
strncat(ns2, inet_ntoa(tunnel->ipv4.dns_split.ns_addrs[1]), 15);
} else {
ns2[0] = '\0';
}
}

if (tunnel->ipv4.dns_suffix != NULL) {
strcpy(dns_suffix, "search ");
strncat(dns_suffix, tunnel->ipv4.dns_suffix, MAX_DOMAIN_LENGTH);
replace_char(dns_suffix, ';', ' ');
} else {
dns_suffix[0] = '\0';
// TODO: Split dns workaround
if (tunnel->ipv4.dns_split.domains != NULL) {
strcpy(dns_suffix, "search ");
strncat(dns_suffix, tunnel->ipv4.dns_split.domains,
MAX_DOMAIN_LENGTH);
} else {
dns_suffix[0] = '\0';
}
}

#if HAVE_RESOLVCONF
Expand Down Expand Up @@ -1353,16 +1379,37 @@ int ipv4_del_nameservers_from_resolv_conf(struct tunnel *tunnel)
if (tunnel->ipv4.ns1_addr.s_addr != 0) {
strcpy(ns1, "nameserver ");
strncat(ns1, inet_ntoa(tunnel->ipv4.ns1_addr), 15);
// TODO: Split dns workaround
} else if (tunnel->ipv4.dns_split.ns_addrs[0].s_addr != 0) {
strcpy(ns1, "nameserver ");
strncat(ns1, inet_ntoa(tunnel->ipv4.dns_split.ns_addrs[0]), 15);
}

ns2[0] = '\0';
if (tunnel->ipv4.ns2_addr.s_addr != 0) {
strcpy(ns2, "nameserver ");
strncat(ns2, inet_ntoa(tunnel->ipv4.ns2_addr), 15);
// TODO: Split dns workaround
} else if (tunnel->ipv4.dns_split.ns_addrs[1].s_addr != 0) {
strcpy(ns2, "nameserver ");
strncat(ns2, inet_ntoa(tunnel->ipv4.dns_split.ns_addrs[1]), 15);
}

dns_suffix[0] = '\0';
if (tunnel->ipv4.dns_suffix != NULL && tunnel->ipv4.dns_suffix[0] != '\0') {
strcpy(dns_suffix, "search ");
strncat(dns_suffix, tunnel->ipv4.dns_suffix, MAX_DOMAIN_LENGTH);
// TODO: Split dns workaround
} else if (tunnel->ipv4.dns_split.domains != NULL) {
/* If dns_suffix was not supplied see if split_dns was maybe
* configured If so copy use this info. This is a work around
* to be able to use some sort of vpn if split support is not
* supported. Basically set the first split domain as global
* domain.
*/
strcpy(dns_suffix, "search ");
strncat(dns_suffix, tunnel->ipv4.dns_split.domains,
MAX_DOMAIN_LENGTH);
}

file = freopen("/etc/resolv.conf", "w", file);
Expand Down
5 changes: 5 additions & 0 deletions src/tunnel.c
Original file line number Diff line number Diff line change
Expand Up @@ -1271,6 +1271,11 @@ int run_tunnel(struct vpn_config *config)
.on_ppp_if_down = on_ppp_if_down
};

// Init dns_split
tunnel.ipv4.dns_split.domains = NULL;
memset(&tunnel.ipv4.dns_split.ns_addrs, 0,
sizeof(tunnel.ipv4.dns_split.ns_addrs));

// Step 0: get gateway host IP
log_debug("Resolving gateway host ip\n");
ret = get_gateway_host_ip(&tunnel);
Expand Down

0 comments on commit 9d6a717

Please sign in to comment.