dns fixes

kmk3 · Oct 31, 2019 · 11418a4 · 11418a4
1 parent 0e723a8
commit 11418a4
Show file tree

Hide file tree

Showing 3 changed files with 63 additions and 18 deletions.
diff --git a/src/firejail/main.c b/src/firejail/main.c
@@ -2209,9 +2209,8 @@ int main(int argc, char **argv) {
  else if (cfg.dns4 == NULL)
  cfg.dns4 = dns;
  else {
- fprintf(stderr, "Error: up to 4 DNS servers can be specified\n");
+ fwarning("Warning: up to 4 DNS servers can be specified, %s ignored\n", dns);
  free(dns);
- return 1;
  }
  }
 

diff --git a/src/firejail/profile.c b/src/firejail/profile.c
@@ -874,8 +874,8 @@ int profile_check_line(char *ptr, int lineno, const char *fname) {
  else if (cfg.dns4 == NULL)
  cfg.dns4 = dns;
  else {
- fprintf(stderr, "Error: up to 4 DNS servers can be specified\n");
- exit(1);
+ fwarning("Warning: up to 4 DNS servers can be specified, %s ignored\n", dns);
+ free(dns);
  }
  return 0;
  }

diff --git a/test/environment/dns.exp b/test/environment/dns.exp
@@ -1,31 +1,77 @@
 #!/usr/bin/expect -f
 
-set timeout 30
+set timeout 10
 spawn $env(SHELL)
 match_max 100000
 
+send -- "firejail --dns=8.8.4.4 --dns=8.8.8.8 --dns=4.2.2.1 --dns=::2 --dns=1.2.3.4 sleep 1\r"
+expect {
+ timeout {puts "TESTING ERROR 1\n";exit}
+ "Warning: up to 4 DNS servers can be specified, 1.2.3.4 ignored"
+}
+expect {
+ timeout {puts "TESTING ERROR 1.1\n";exit}
+ "DNS server 8.8.4.4"
+}
+expect {
+ timeout {puts "TESTING ERROR 1.2\n";exit}
+ "DNS server 8.8.8.8"
+}
+expect {
+ timeout {puts "TESTING ERROR 1.3\n";exit}
+ "DNS server 4.2.2.1"
+}
+expect {
+ timeout {puts "TESTING ERROR 1.4\n";exit}
+ "DNS server ::2"
+}
+expect {
+ timeout {puts "TESTING ERROR 1.5\n";exit}
+ "Child process initialized"
+}
+expect {
+ timeout {puts "TESTING ERROR 1.6\n";exit}
+ "Parent is shutting down, bye..."
+}
+after 100
+
+
+send -- "firejail --quiet --dns=8.8.4.4 --dns=8.8.8.8 --dns=4.2.2.1 --dns=::2 --dns=1.2.3.4 cat /etc/passwd\r"
+expect {
+ timeout {puts "TESTING ERROR 2\n";exit}
+ "Warning: up to 4 DNS servers can be specified, 1.2.3.4 ignored" {puts "TESTING ERROR 2.1\n";exit}
+ "DNS server 8.8.4.4" {puts "TESTING ERROR 2.2\n";exit}
+ "DNS server 8.8.8.8" {puts "TESTING ERROR 2.3\n";exit}
+ "DNS server 4.2.2.1" {puts "TESTING ERROR 2.4\n";exit}
+ "DNS server ::2" {puts "TESTING ERROR 2.5\n";exit}
+ "Child process initialized" {puts "TESTING ERROR 2.6\n";exit}
+ "Parent is shutting down, bye..." {puts "TESTING ERROR 2.7\n";exit}
+ "root"
+}
+after 100
+
 send -- "firejail --dns=8.8.4.4 --dns=8.8.8.8 --dns=4.2.2.1 --dns=::2\r"
 expect {
- timeout {puts "TESTING ERROR 2.1\n";exit}
+ timeout {puts "TESTING ERROR 3\n";exit}
  "Child process initialized"
 }
 sleep 1
 
 send -- "cat /etc/resolv.conf\r"
 expect {
- timeout {puts "TESTING ERROR 2.2\n";exit}
+ timeout {puts "TESTING ERROR 4.1\n";exit}
  "nameserver 8.8.4.4"
 }
 expect {
- timeout {puts "TESTING ERROR 2.3\n";exit}
+ timeout {puts "TESTING ERROR 4.2\n";exit}
  "nameserver 8.8.8.8"
 }
 expect {
- timeout {puts "TESTING ERROR 2.4\n";exit}
+ timeout {puts "TESTING ERROR 4.3\n";exit}
  "nameserver 4.2.2.1"
 }
 expect {
- timeout {puts "TESTING ERROR 2.5\n";exit}
+ timeout {puts "TESTING ERROR 4.4\n";exit}
  "nameserver ::2"
 }
 after 100
@@ -35,43 +81,43 @@ sleep 1
 
 send -- "firejail --profile=dns.profile\r"
 expect {
- timeout {puts "TESTING ERROR 12.1\n";exit}
+ timeout {puts "TESTING ERROR 5.1\n";exit}
  "Child process initialized"
 }
 sleep 1
 
 send -- "cat /etc/resolv.conf\r"
 expect {
- timeout {puts "TESTING ERROR 12.2\n";exit}
+ timeout {puts "TESTING ERROR 5.2\n";exit}
  "nameserver 8.8.4.4"
 }
 expect {
- timeout {puts "TESTING ERROR 12.3\n";exit}
+ timeout {puts "TESTING ERROR 5.3\n";exit}
  "nameserver 8.8.8.8"
 }
 expect {
- timeout {puts "TESTING ERROR 12.4\n";exit}
+ timeout {puts "TESTING ERROR 5.4\n";exit}
  "nameserver 4.2.2.1"
 }
 after 100
 expect {
- timeout {puts "TESTING ERROR 12.5\n";exit}
+ timeout {puts "TESTING ERROR 5.5\n";exit}
  "nameserver ::2"
 }
 send -- "exit\r"
 sleep 1
 
 send -- "firejail --trace --dns=208.67.222.222 wget -q debian.org\r"
 expect {
- timeout {puts "TESTING ERROR 1.2\n";exit}
+ timeout {puts "TESTING ERROR 6.1\n";exit}
  "connect"
 }
 expect {
- timeout {puts "TESTING ERROR 1.2\n";exit}
+ timeout {puts "TESTING ERROR 6.2\n";exit}
  "208.67.222.222"
 }
 expect {
- timeout {puts "TESTING ERROR 1.2\n";exit}
+ timeout {puts "TESTING ERROR 6.3\n";exit}
  "53"
 }
 after 100