https-github-com-bit
diff --git a/‎src/resolve/resolved-dns-domain.c‎
Lines changed: 87 additions & 1 deletion b/‎src/resolve/resolved-dns-domain.c‎
Lines changed: 87 additions & 1 deletion
diff --git a/‎src/resolve/resolved-dns-domain.h‎
Lines changed: 1 addition & 0 deletions b/‎src/resolve/resolved-dns-domain.h‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/resolve/resolved-dns-query.c‎
Lines changed: 44 additions & 6 deletions b/‎src/resolve/resolved-dns-query.c‎
Lines changed: 44 additions & 6 deletions
diff --git a/‎src/resolve/resolved-dns-question.c‎
Lines changed: 35 additions & 0 deletions b/‎src/resolve/resolved-dns-question.c‎
Lines changed: 35 additions & 0 deletions
diff --git a/‎src/resolve/resolved-dns-question.h‎
Lines changed: 3 additions & 0 deletions b/‎src/resolve/resolved-dns-question.h‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/resolve/resolved-dns-scope.c‎
Lines changed: 2 additions & 2 deletions b/‎src/resolve/resolved-dns-scope.c‎
Lines changed: 2 additions & 2 deletions
@@ -360,6 +360,93 @@ int dns_name_reverse(int family, const union in_addr_union *a, char **ret) {
         return 0;
 }
 
+int dns_name_address(const char *p, int *family, union in_addr_union *address) {
+        int r;
+
+        assert(p);
+        assert(family);
+        assert(address);
+
+        r = dns_name_endswith(p, "in-addr.arpa");
+        if (r < 0)
+                return r;
+        if (r > 0) {
+                uint8_t a[4];
+                unsigned i;
+
+                for (i = 0; i < ELEMENTSOF(a); i++) {
+                        char label[DNS_LABEL_MAX+1];
+
+                        r = dns_label_unescape(&p, label, sizeof(label));
+                        if (r < 0)
+                                return r;
+                        if (r == 0)
+                                return -EINVAL;
+                        if (r > 3)
+                                return -EINVAL;
+
+                        r = safe_atou8(label, &a[i]);
+                        if (r < 0)
+                                return r;
+                }
+
+                r = dns_name_equal(p, "in-addr.arpa");
+                if (r <= 0)
+                        return r;
+
+                *family = AF_INET;
+                address->in.s_addr = htobe32(((uint32_t) a[3] << 24) |
+                                             ((uint32_t) a[2] << 16) |
+                                             ((uint32_t) a[1] << 8) |
+                                              (uint32_t) a[0]);
+
+                return 1;
+        }
+
+        r = dns_name_endswith(p, "ip6.arpa");
+        if (r < 0)
+                return r;
+        if (r > 0) {
+                struct in6_addr a;
+                unsigned i;
+
+                for (i = 0; i < ELEMENTSOF(a.s6_addr); i++) {
+                        char label[DNS_LABEL_MAX+1];
+                        int x, y;
+
+                        r = dns_label_unescape(&p, label, sizeof(label));
+                        if (r <= 0)
+                                return r;
+                        if (r != 1)
+                                return -EINVAL;
+                        x = unhexchar(label[0]);
+                        if (x < 0)
+                                return -EINVAL;
+
+                        r = dns_label_unescape(&p, label, sizeof(label));
+                        if (r <= 0)
+                                return r;
+                        if (r != 1)
+                                return -EINVAL;
+                        y = unhexchar(label[0]);
+                        if (y < 0)
+                                return -EINVAL;
+
+                        a.s6_addr[ELEMENTSOF(a.s6_addr) - i - 1] = (uint8_t) y << 4 | (uint8_t) x;
+                }
+
+                r = dns_name_equal(p, "ip6.arpa");
+                if (r <= 0)
+                        return r;
+
+                *family = AF_INET6;
+                address->in6 = a;
+                return 1;
+        }
+
+        return 0;
+}
+
 int dns_name_root(const char *name) {
         char label[DNS_LABEL_MAX+1];
         int r;
@@ -382,7 +469,6 @@ int dns_name_single_label(const char *name) {
         r = dns_label_unescape(&name, label, sizeof(label));
         if (r < 0)
                 return r;
-
         if (r == 0)
                 return 0;
 
 
@@ -39,6 +39,7 @@ int dns_name_equal(const char *x, const char *y);
 int dns_name_endswith(const char *name, const char *suffix);
 
 int dns_name_reverse(int family, const union in_addr_union *a, char **ret);
+int dns_name_address(const char *p, int *family, union in_addr_union *a);
 
 int dns_name_root(const char *name);
 int dns_name_single_label(const char *name);
@@ -165,7 +165,14 @@ static int on_stream_complete(DnsStream *s, int error) {
                 return 0;
         }
 
+        t->block_gc++;
         dns_query_transaction_process_reply(t, p);
+        t->block_gc--;
+
+        /* If the response wasn't useful, then complete the transition now */
+        if (t->state == DNS_QUERY_PENDING)
+                dns_query_transaction_complete(t, DNS_QUERY_INVALID_REPLY);
+
         return 0;
 }
 
@@ -181,10 +188,25 @@ static int dns_query_transaction_open_tcp(DnsQueryTransaction *t) {
         if (t->scope->protocol == DNS_PROTOCOL_DNS)
                 fd = dns_scope_tcp_socket(t->scope, AF_UNSPEC, NULL, 53);
         else if (t->scope->protocol == DNS_PROTOCOL_LLMNR) {
-                if (!t->received)
-                        return -EINVAL;
 
-                fd = dns_scope_tcp_socket(t->scope, t->received->family, &t->received->sender, t->received->sender_port);
+                /* When we already received a query to this (but it was truncated), send to its sender address */
+                if (t->received)
+                        fd = dns_scope_tcp_socket(t->scope, t->received->family, &t->received->sender, t->received->sender_port);
+                else {
+                        union in_addr_union address;
+                        int family;
+
+                        /* Otherwise, try to talk to the owner of a
+                         * the IP address, in case this is a reverse
+                         * PTR lookup */
+                        r = dns_question_extract_reverse_address(t->question, &family, &address);
+                        if (r < 0)
+                                return r;
+                        if (r == 0)
+                                return -EINVAL;
+
+                        fd = dns_scope_tcp_socket(t->scope, family, &address, 5355);
+                }
         } else
                 return -EAFNOSUPPORT;
 
@@ -205,6 +227,13 @@ static int dns_query_transaction_open_tcp(DnsQueryTransaction *t) {
 
         t->received = dns_packet_unref(t->received);
         t->stream->complete = on_stream_complete;
+        t->stream->transaction = t;
+
+        /* The interface index is difficult to determine if we are
+         * connecting to the local host, hence fill this in right away
+         * instead of determining it from the socket */
+        if (t->scope->link)
+                t->stream->ifindex = t->scope->link->ifindex;
 
         return 0;
 }
@@ -416,10 +445,19 @@ static int dns_query_transaction_go(DnsQueryTransaction *t) {
         if (r < 0)
                 return r;
 
-        /* Try via UDP, and if that fails due to large size try via TCP */
-        r = dns_scope_send(t->scope, t->sent);
-        if (r == -EMSGSIZE)
+        if (t->scope->protocol == DNS_PROTOCOL_LLMNR &&
+            (dns_question_endswith(t->question, "in-addr.arpa") > 0 ||
+             dns_question_endswith(t->question, "ip6.arpa") > 0)) {
+
+                /* RFC 4795, Section 2.4. says reverse lookups shall
+                 * always be made via TCP on LLMNR */
                 r = dns_query_transaction_open_tcp(t);
+        } else {
+                /* Try via UDP, and if that fails due to large size try via TCP */
+                r = dns_scope_send(t->scope, t->sent);
+                if (r == -EMSGSIZE)
+                        r = dns_query_transaction_open_tcp(t);
+        }
         if (r == -ESRCH) {
                 /* No servers to send this to? */
                 dns_query_transaction_complete(t, DNS_QUERY_NO_SERVERS);
 
@@ -235,3 +235,38 @@ int dns_question_cname_redirect(DnsQuestion *q, const char *name, DnsQuestion **
 
         return 1;
 }
+
+int dns_question_endswith(DnsQuestion *q, const char *suffix) {
+        unsigned i;
+
+        assert(q);
+        assert(suffix);
+
+        for (i = 0; i < q->n_keys; i++) {
+                int k;
+
+                k = dns_name_endswith(DNS_RESOURCE_KEY_NAME(q->keys[i]), suffix);
+                if (k <= 0)
+                        return k;
+        }
+
+        return 1;
+}
+
+int dns_question_extract_reverse_address(DnsQuestion *q, int *family, union in_addr_union *address) {
+        unsigned i;
+
+        assert(q);
+        assert(family);
+        assert(address);
+
+        for (i = 0; i < q->n_keys; i++) {
+                int k;
+
+                k = dns_name_address(DNS_RESOURCE_KEY_NAME(q->keys[i]), family, address);
+                if (k != 0)
+                        return k;
+        }
+
+        return 0;
+}
@@ -46,4 +46,7 @@ int dns_question_is_superset(DnsQuestion *q, DnsQuestion *other);
 
 int dns_question_cname_redirect(DnsQuestion *q, const char *name, DnsQuestion **ret);
 
+int dns_question_endswith(DnsQuestion *q, const char *suffix);
+int dns_question_extract_reverse_address(DnsQuestion *q, int *family, union in_addr_union *address);
+
 DEFINE_TRIVIAL_CLEANUP_FUNC(DnsQuestion*, dns_question_unref);
@@ -312,8 +312,8 @@ DnsScopeMatch dns_scope_good_domain(DnsScope *s, const char *domain) {
         }
 
         if (s->protocol == DNS_PROTOCOL_LLMNR) {
-                if (dns_name_endswith(domain, "254.169.in-addr.arpa") > 0 ||
-                    dns_name_endswith(domain, "0.8.e.f.ip6.arpa") > 0 ||
+                if (dns_name_endswith(domain, "in-addr.arpa") > 0 ||
+                    dns_name_endswith(domain, "ip6.arpa") > 0 ||
                     dns_name_single_label(domain) > 0)
                         return DNS_SCOPE_MAYBE;
Original file line number	Diff line number	Diff line change
`@@ -312,8 +312,8 @@ DnsScopeMatch dns_scope_good_domain(DnsScope s, const char domain) {`
`312`	`312`	`}`
`313`	`313`
`314`	`314`	`if (s->protocol == DNS_PROTOCOL_LLMNR) {`
`315`		`- if (dns_name_endswith(domain, "254.169.in-addr.arpa") > 0 \|\|`
`316`		`- dns_name_endswith(domain, "0.8.e.f.ip6.arpa") > 0 \|\|`
	`315`	`+ if (dns_name_endswith(domain, "in-addr.arpa") > 0 \|\|`
	`316`	`+ dns_name_endswith(domain, "ip6.arpa") > 0 \|\|`
`317`	`317`	`dns_name_single_label(domain) > 0)`
`318`	`318`	`return DNS_SCOPE_MAYBE;`
`319`	`319`