From cefd5ee3229d33de8b474852deb5a2044e378b04 Mon Sep 17 00:00:00 2001 From: Beniamino Galvani Date: Tue, 29 Sep 2020 13:42:02 +0200 Subject: [PATCH] dns: add wildcard domain to VPNs with never-default=no and no domains If a VPN has never-default=no but doesn't get a default route (this can happen for example when the server pushes routes with openconnect), and there are no search domains, then the name servers pushed by the server would be unused. It is preferable in this case to use the VPN DNS server for all queries. https://bugzilla.redhat.com/show_bug.cgi?id=1863041 --- src/dns/nm-dns-manager.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/src/dns/nm-dns-manager.c b/src/dns/nm-dns-manager.c index f11e104817..635e94f69f 100644 --- a/src/dns/nm-dns-manager.c +++ b/src/dns/nm-dns-manager.c @@ -1332,11 +1332,28 @@ rebuild_domain_lists(NMDnsManager *self) head = _ip_config_lst_head(self); c_list_for_each_entry (ip_data, head, ip_config_lst) { - NMIPConfig *ip_config = ip_data->ip_config; + NMIPConfig *ip_config = ip_data->ip_config; + gboolean add_wildcard = FALSE; if (!nm_ip_config_get_num_nameservers(ip_config)) continue; - if (nm_ip_config_best_default_route_get(ip_config)) { + if (nm_ip_config_best_default_route_get(ip_config)) + add_wildcard = TRUE; + else { + /* If a VPN has never-default=no but doesn't get a default + * route (this can happen for example when the server + * pushes routes with openconnect), and there are no + * search or routing domains, then the name servers pushed + * by the server would be unused. It is preferable in this + * case to use the VPN DNS server for all queries. */ + if (ip_data->ip_config_type == NM_DNS_IP_CONFIG_TYPE_VPN + && !nm_ip_config_get_never_default(ip_data->ip_config) + && nm_ip_config_get_num_searches(ip_data->ip_config) == 0 + && nm_ip_config_get_num_domains(ip_data->ip_config) == 0) + add_wildcard = TRUE; + } + + if (add_wildcard) { if (!wildcard_entries) wildcard_entries = g_hash_table_new(nm_direct_hash, NULL); g_hash_table_add(wildcard_entries, ip_data);