From 1ebef6cabfd03197ae5d623d8cf07cade49be38a Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Wed, 5 Oct 2022 16:03:23 -0500
Subject: [PATCH] core: don't restrict DNS interface when performing
 connectivity check

Currently, when performing DNS resolution with systemd-resolved,
NetworkManager tells systemd-resolved to consider only DNS configuration
for the network interface that the connectivity check request will be
routed through. But this is not correct because DNS and routing are
configured entirely separately. For example, say we have a VPN that
receives all DNS but only a subset of routing. NetworkManager will
configure systemd-resolved with no DNS servers on any interface except
for the VPN interface, but will still route traffic through other
interfaces. This is entirely legitimate and works fine in practice,
except for the connectivity check.

To fix this, we just drop the restriction and allow systemd-resolved to
consider its full configuration, which is what gets used normally
anyway. This allows our connectivity check to match the real
configuration instead of failing spuriously.

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1107

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1415
(cherry picked from commit e6dac4f0b67e5abd10e0f8a82e040d8374f607a8)
---
 src/core/nm-connectivity.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/src/core/nm-connectivity.c b/src/core/nm-connectivity.c
index 25ac3c7f8c..cd30853d3d 100644
--- a/src/core/nm-connectivity.c
+++ b/src/core/nm-connectivity.c
@@ -82,7 +82,6 @@ struct _NMConnectivityCheckHandle {
         gsize response_good_cnt;
 
         guint curl_timer;
-        int   ch_ifindex;
     } concheck;
 #endif
 
@@ -1049,8 +1048,6 @@ nm_connectivity_check_start(NMConnectivity             *self,
         NMConnectivityState state;
         const char         *reason;
 
-        cb_data->concheck.ch_ifindex = ifindex;
-
         if (platform) {
             state = check_platform_config(self, platform, ifindex, addr_family, &reason);
             nm_assert((state == NM_CONNECTIVITY_UNKNOWN) == !reason);
@@ -1106,7 +1103,7 @@ nm_connectivity_check_start(NMConnectivity             *self,
                                    "org.freedesktop.resolve1.Manager",
                                    "ResolveHostname",
                                    g_variant_new("(isit)",
-                                                 (gint32) cb_data->concheck.ch_ifindex,
+                                                 0,
                                                  cb_data->concheck.con_config->host,
                                                  (gint32) cb_data->addr_family,
                                                  SD_RESOLVED_DNS),