From c5b57526accb2eef73f9b158c182bfa79fc73f5f Mon Sep 17 00:00:00 2001 From: Beniamino Galvani Date: Tue, 29 Sep 2020 13:42:02 +0200 Subject: [PATCH] dns: add wildcard domain to VPNs with never-default=no and no domains If a VPN has never-default=no but doesn't get a default route (this can happen for example when the server pushes routes with openconnect), and there are no search domains, then the name servers pushed by the server would be unused. It is preferable in this case to use the VPN DNS server for all queries. https://bugzilla.redhat.com/show_bug.cgi?id=1863041 (cherry picked from commit cefd5ee3229d33de8b474852deb5a2044e378b04) --- src/dns/nm-dns-manager.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/src/dns/nm-dns-manager.c b/src/dns/nm-dns-manager.c index f11e104817..635e94f69f 100644 --- a/src/dns/nm-dns-manager.c +++ b/src/dns/nm-dns-manager.c @@ -1332,11 +1332,28 @@ rebuild_domain_lists(NMDnsManager *self) head = _ip_config_lst_head(self); c_list_for_each_entry (ip_data, head, ip_config_lst) { - NMIPConfig *ip_config = ip_data->ip_config; + NMIPConfig *ip_config = ip_data->ip_config; + gboolean add_wildcard = FALSE; if (!nm_ip_config_get_num_nameservers(ip_config)) continue; - if (nm_ip_config_best_default_route_get(ip_config)) { + if (nm_ip_config_best_default_route_get(ip_config)) + add_wildcard = TRUE; + else { + /* If a VPN has never-default=no but doesn't get a default + * route (this can happen for example when the server + * pushes routes with openconnect), and there are no + * search or routing domains, then the name servers pushed + * by the server would be unused. It is preferable in this + * case to use the VPN DNS server for all queries. */ + if (ip_data->ip_config_type == NM_DNS_IP_CONFIG_TYPE_VPN + && !nm_ip_config_get_never_default(ip_data->ip_config) + && nm_ip_config_get_num_searches(ip_data->ip_config) == 0 + && nm_ip_config_get_num_domains(ip_data->ip_config) == 0) + add_wildcard = TRUE; + } + + if (add_wildcard) { if (!wildcard_entries) wildcard_entries = g_hash_table_new(nm_direct_hash, NULL); g_hash_table_add(wildcard_entries, ip_data);