dns: add wildcard domain to VPNs with never-default=no and no domains

If a VPN has never-default=no but doesn't get a default route (this
can happen for example when the server pushes routes with
openconnect), and there are no search domains, then the name servers
pushed by the server would be unused. It is preferable in this case to
use the VPN DNS server for all queries.

https://bugzilla.redhat.com/show_bug.cgi?id=1863041
(cherry picked from commit cefd5ee322)
(cherry picked from commit c5b57526ac)

src/dns/nm-dns-manager.c

@@ -1305,10 +1305,27 @@ rebuild_domain_lists (NMDnsManager *self)
 	head = _ip_config_lst_head (self);
 	c_list_for_each_entry (ip_data, head, ip_config_lst) {
 		NMIPConfig *ip_config = ip_data->ip_config;
+		gboolean add_wildcard = FALSE;
 
 		if (!nm_ip_config_get_num_nameservers (ip_config))
 			continue;
-		if (nm_ip_config_best_default_route_get (ip_config)) {
+		if (nm_ip_config_best_default_route_get (ip_config))
+			add_wildcard = TRUE;
+		else {
+			/* If a VPN has never-default=no but doesn't get a default
+			 * route (this can happen for example when the server
+			 * pushes routes with openconnect), and there are no
+			 * search or routing domains, then the name servers pushed
+			 * by the server would be unused. It is preferable in this
+			 * case to use the VPN DNS server for all queries. */
+			if (   ip_data->ip_config_type == NM_DNS_IP_CONFIG_TYPE_VPN
+			    && !nm_ip_config_get_never_default (ip_data->ip_config)
+			    && nm_ip_config_get_num_searches (ip_data->ip_config) == 0
+			    && nm_ip_config_get_num_domains (ip_data->ip_config) == 0)
+				add_wildcard = TRUE;
+		}
+
+		if (add_wildcard) {
 			if (!wildcard_entries)
 				wildcard_entries = g_hash_table_new (nm_direct_hash, NULL);
 			g_hash_table_add (wildcard_entries, ip_data);