1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <arpa/inet.h>
25 #include <sys/ioctl.h>
27 #include <netinet/in.h>
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "sd-dhcp-lease.h"
33 #include "dhcp-lease-internal.h"
34 #include "network-internal.h"
35 #include "conf-parser.h"
36 #include "socket-util.h"
39 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
41 static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
42 Manager *m = userdata;
51 r = sd_rtnl_message_get_type(mm, &type);
55 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
59 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
65 log_debug("Found link %i", ifindex);
67 r = link_new(m, &l, ifindex);
72 r = link_update_rtnl(l, mm);
80 log_debug("Removing link %i", l->ifindex);
90 log_warning("Failed to process RTNL link message: %s", strerror(-r));
94 static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
95 Manager *m = userdata;
96 union in_addr_union address;
98 int r, ifindex, family;
106 r = sd_rtnl_message_get_type(mm, &type);
110 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
114 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
118 r = sd_rtnl_message_addr_get_family(mm, &family);
125 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
127 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
135 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
137 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
148 a = link_find_address(l, family, &address);
155 r = link_address_new(l, &a, family, &address);
160 r = link_address_update_rtnl(a, mm);
168 link_address_free(a);
175 log_warning("Failed to process RTNL address message: %s", strerror(-r));
180 static int manager_rtnl_listen(Manager *m) {
181 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
187 /* First, subscibe to interfaces coming and going */
188 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
192 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
196 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
200 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
204 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
208 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
212 /* Then, enumerate all links */
213 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
217 r = sd_rtnl_message_request_dump(req, true);
221 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
225 for (i = reply; i; i = sd_rtnl_message_next(i)) {
226 r = manager_process_link(m->rtnl, i, m);
231 req = sd_rtnl_message_unref(req);
232 reply = sd_rtnl_message_unref(reply);
234 /* Finally, enumerate all addresses, too */
235 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
239 r = sd_rtnl_message_request_dump(req, true);
243 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
247 for (i = reply; i; i = sd_rtnl_message_next(i)) {
248 r = manager_process_address(m->rtnl, i, m);
256 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
257 Manager *m = userdata;
264 sd_network_monitor_flush(m->network_monitor);
266 HASHMAP_FOREACH(l, m->links, i) {
267 r = link_update_monitor(l);
269 log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
272 r = manager_write_resolv_conf(m);
274 log_warning("Could not update resolv.conf: %s", strerror(-r));
279 static int manager_network_monitor_listen(Manager *m) {
284 r = sd_network_monitor_new(&m->network_monitor, NULL);
288 fd = sd_network_monitor_get_fd(m->network_monitor);
292 events = sd_network_monitor_get_events(m->network_monitor);
296 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
303 static int parse_dns_server_string(Manager *m, const char *string) {
311 FOREACH_WORD_QUOTED(word, length, string, state) {
312 char buffer[length+1];
314 union in_addr_union addr;
316 memcpy(buffer, word, length);
319 r = in_addr_from_string_auto(buffer, &family, &addr);
321 log_warning("Ignoring invalid DNS address '%s'", buffer);
325 /* filter out duplicates */
326 if (manager_find_dns_server(m, family, &addr))
329 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &addr);
337 int config_parse_dnsv(
339 const char *filename,
342 unsigned section_line,
349 Manager *m = userdata;
357 /* Empty assignment means clear the list */
358 if (isempty(rvalue)) {
359 while (m->dns_servers)
360 dns_server_free(m->dns_servers);
365 r = parse_dns_server_string(m, rvalue);
367 log_error("Failed to parse DNS server string");
374 int manager_parse_config_file(Manager *m) {
377 return config_parse(NULL, "/etc/systemd/resolved.conf", NULL,
379 config_item_perf_lookup, resolved_gperf_lookup,
380 false, false, true, m);
383 int manager_new(Manager **ret) {
384 _cleanup_(manager_freep) Manager *m = NULL;
389 m = new0(Manager, 1);
393 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
394 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
398 r = parse_dns_server_string(m, /* "172.31.0.125 2001:4860:4860::8888 2001:4860:4860::8889" */ DNS_SERVERS);
402 r = sd_event_default(&m->event);
406 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
407 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
409 sd_event_set_watchdog(m->event, true);
411 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
415 r = manager_network_monitor_listen(m);
419 r = manager_rtnl_listen(m);
423 r = manager_connect_bus(m);
433 Manager *manager_free(Manager *m) {
439 while (m->dns_queries)
440 dns_query_free(m->dns_queries);
442 hashmap_free(m->dns_query_transactions);
444 while ((l = hashmap_first(m->links)))
446 hashmap_free(m->links);
448 dns_scope_free(m->unicast_scope);
450 while (m->dns_servers)
451 dns_server_free(m->dns_servers);
453 sd_event_source_unref(m->network_event_source);
454 sd_network_monitor_unref(m->network_monitor);
456 sd_event_source_unref(m->dns_ipv4_event_source);
457 sd_event_source_unref(m->dns_ipv6_event_source);
458 safe_close(m->dns_ipv4_fd);
459 safe_close(m->dns_ipv6_fd);
461 sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
462 sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
463 safe_close(m->llmnr_ipv4_udp_fd);
464 safe_close(m->llmnr_ipv6_udp_fd);
466 sd_event_source_unref(m->bus_retry_event_source);
467 sd_bus_unref(m->bus);
469 sd_event_unref(m->event);
475 static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
476 _cleanup_free_ char *t = NULL;
483 r = in_addr_to_string(s->family, &s->address, &t);
485 log_warning("Invalid DNS address. Ignoring.");
490 fputs("# Too many DNS servers configured, the following entries may be ignored\n", f);
492 fprintf(f, "nameserver %s\n", t);
496 int manager_write_resolv_conf(Manager *m) {
497 const char *path = "/run/systemd/resolve/resolv.conf";
498 _cleanup_free_ char *temp_path = NULL;
499 _cleanup_fclose_ FILE *f = NULL;
508 r = fopen_temporary(path, &f, &temp_path);
512 fchmod(fileno(f), 0644);
514 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
515 "# Third party programs must not access this file directly, but\n"
516 "# only through the symlink at /etc/resolv.conf. To manage\n"
517 "# resolv.conf(5) in a different way, replace the symlink by a\n"
518 "# static file or a different symlink.\n\n", f);
520 HASHMAP_FOREACH(l, m->links, i) {
521 LIST_FOREACH(servers, s, l->link_dns_servers)
522 write_resolve_conf_server(s, f, &count);
524 LIST_FOREACH(servers, s, l->dhcp_dns_servers)
525 write_resolve_conf_server(s, f, &count);
528 LIST_FOREACH(servers, s, m->dns_servers)
529 write_resolve_conf_server(s, f, &count);
531 r = fflush_and_check(f);
535 if (rename(temp_path, path) < 0) {
548 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
549 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
551 struct cmsghdr header; /* For alignment */
552 uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
553 + CMSG_SPACE(int) /* ttl/hoplimit */
554 + 1024 /* kernel appears to require extra buffer space */];
556 union sockaddr_union sa;
557 struct msghdr mh = {};
558 struct cmsghdr *cmsg;
567 r = ioctl(fd, FIONREAD, &ms);
573 r = dns_packet_new(&p, protocol, ms);
577 iov.iov_base = DNS_PACKET_DATA(p);
578 iov.iov_len = p->allocated;
580 mh.msg_name = &sa.sa;
581 mh.msg_namelen = sizeof(sa);
584 mh.msg_control = &control;
585 mh.msg_controllen = sizeof(control);
587 l = recvmsg(fd, &mh, 0);
589 if (errno == EAGAIN || errno == EINTR)
598 assert(!(mh.msg_flags & MSG_CTRUNC));
599 assert(!(mh.msg_flags & MSG_TRUNC));
601 p->size = (size_t) l;
603 p->family = sa.sa.sa_family;
604 if (p->family == AF_INET)
605 p->sender.in = sa.in.sin_addr;
606 else if (p->family == AF_INET6)
607 p->sender.in6 = sa.in6.sin6_addr;
609 return -EAFNOSUPPORT;
611 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
613 if (cmsg->cmsg_level == IPPROTO_IPV6) {
614 assert(p->family == AF_INET6);
616 switch (cmsg->cmsg_type) {
619 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
621 p->ifindex = i->ipi6_ifindex;
622 p->destination.in6 = i->ipi6_addr;
627 p->ttl = *(int *) CMSG_DATA(cmsg);
631 } else if (cmsg->cmsg_level == IPPROTO_IP) {
632 assert(p->family == AF_INET);
634 switch (cmsg->cmsg_type) {
637 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
639 p->ifindex = i->ipi_ifindex;
640 p->destination.in = i->ipi_addr;
645 p->ttl = *(int *) CMSG_DATA(cmsg);
657 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
658 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
659 DnsQueryTransaction *t = NULL;
660 Manager *m = userdata;
663 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
667 if (dns_packet_validate_reply(p) >= 0) {
668 t = hashmap_get(m->dns_query_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
672 dns_query_transaction_reply(t, p);
674 log_debug("Invalid reply packet.");
679 int manager_dns_ipv4_fd(Manager *m) {
685 if (m->dns_ipv4_fd >= 0)
686 return m->dns_ipv4_fd;
688 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
689 if (m->dns_ipv4_fd < 0)
692 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
698 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
702 return m->dns_ipv4_fd;
705 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
709 int manager_dns_ipv6_fd(Manager *m) {
715 if (m->dns_ipv6_fd >= 0)
716 return m->dns_ipv6_fd;
718 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
719 if (m->dns_ipv6_fd < 0)
722 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
728 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
732 return m->dns_ipv6_fd;
735 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
739 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
746 if (sendmsg(fd, mh, flags) >= 0)
755 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
763 static int manager_ipv4_send(Manager *m, int fd, int ifindex, struct in_addr *addr, uint16_t port, DnsPacket *p) {
764 union sockaddr_union sa = {
765 .in.sin_family = AF_INET,
768 struct cmsghdr header; /* For alignment */
769 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
771 struct msghdr mh = {};
780 iov.iov_base = DNS_PACKET_DATA(p);
781 iov.iov_len = p->size;
783 sa.in.sin_addr = *addr;
784 sa.in.sin_port = htobe16(port),
788 mh.msg_name = &sa.sa;
789 mh.msg_namelen = sizeof(sa.in);
792 struct cmsghdr *cmsg;
793 struct in_pktinfo *pi;
797 mh.msg_control = &control;
798 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
800 cmsg = CMSG_FIRSTHDR(&mh);
801 cmsg->cmsg_len = mh.msg_controllen;
802 cmsg->cmsg_level = IPPROTO_IP;
803 cmsg->cmsg_type = IP_PKTINFO;
805 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
806 pi->ipi_ifindex = ifindex;
809 return sendmsg_loop(fd, &mh, 0);
812 static int manager_ipv6_send(Manager *m, int fd, int ifindex, struct in6_addr *addr, uint16_t port, DnsPacket *p) {
813 union sockaddr_union sa = {
814 .in6.sin6_family = AF_INET6,
817 struct cmsghdr header; /* For alignment */
818 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
820 struct msghdr mh = {};
829 iov.iov_base = DNS_PACKET_DATA(p);
830 iov.iov_len = p->size;
832 sa.in6.sin6_addr = *addr;
833 sa.in6.sin6_port = htobe16(port),
834 sa.in6.sin6_scope_id = ifindex;
838 mh.msg_name = &sa.sa;
839 mh.msg_namelen = sizeof(sa.in6);
842 struct cmsghdr *cmsg;
843 struct in6_pktinfo *pi;
847 mh.msg_control = &control;
848 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
850 cmsg = CMSG_FIRSTHDR(&mh);
851 cmsg->cmsg_len = mh.msg_controllen;
852 cmsg->cmsg_level = IPPROTO_IPV6;
853 cmsg->cmsg_type = IPV6_PKTINFO;
855 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
856 pi->ipi6_ifindex = ifindex;
859 return sendmsg_loop(fd, &mh, 0);
862 int manager_send(Manager *m, int fd, int ifindex, int family, union in_addr_union *addr, uint16_t port, DnsPacket *p) {
869 if (family == AF_INET)
870 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
871 else if (family == AF_INET6)
872 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
874 return -EAFNOSUPPORT;
878 DnsServer* manager_find_dns_server(Manager *m, int family, union in_addr_union *in_addr) {
884 LIST_FOREACH(servers, s, m->dns_servers) {
886 if (s->family == family &&
887 in_addr_equal(family, &s->address, in_addr))
894 DnsServer *manager_get_dns_server(Manager *m) {
897 if (!m->current_dns_server)
898 m->current_dns_server = m->dns_servers;
900 return m->current_dns_server;
903 void manager_next_dns_server(Manager *m) {
906 if (!m->current_dns_server) {
907 m->current_dns_server = m->dns_servers;
911 if (!m->current_dns_server)
914 if (m->current_dns_server->servers_next) {
915 m->current_dns_server = m->current_dns_server->servers_next;
919 m->current_dns_server = m->dns_servers;
922 uint32_t manager_find_mtu(Manager *m) {
927 /* If we don't know on which link a DNS packet would be
928 * delivered, let's find the largest MTU that works on all
929 * interfaces we know of */
931 HASHMAP_FOREACH(l, m->links, i) {
935 if (mtu <= 0 || l->mtu < mtu)
942 static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
943 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
944 DnsQueryTransaction *t = NULL;
945 Manager *m = userdata;
948 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
952 if (dns_packet_validate_reply(p) >= 0) {
953 t = hashmap_get(m->dns_query_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
957 dns_query_transaction_reply(t, p);
963 int manager_llmnr_ipv4_udp_fd(Manager *m) {
964 union sockaddr_union sa = {
965 .in.sin_family = AF_INET,
966 .in.sin_port = htobe16(5355),
968 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
973 if (m->llmnr_ipv4_udp_fd >= 0)
974 return m->llmnr_ipv4_udp_fd;
976 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
977 if (m->llmnr_ipv4_udp_fd < 0)
980 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
986 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &one, sizeof(one));
992 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
998 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1004 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1010 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1016 /* Disable Don't-Fragment bit in the IP header */
1017 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1023 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1029 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1033 return m->llmnr_ipv4_udp_fd;
1036 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1040 int manager_llmnr_ipv6_udp_fd(Manager *m) {
1041 union sockaddr_union sa = {
1042 .in6.sin6_family = AF_INET6,
1043 .in6.sin6_port = htobe16(5355),
1045 static const int one = 1;
1050 if (m->llmnr_ipv6_udp_fd >= 0)
1051 return m->llmnr_ipv6_udp_fd;
1053 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1054 if (m->llmnr_ipv6_udp_fd < 0)
1057 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1063 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &one, sizeof(one));
1069 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1075 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1081 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1087 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1093 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1099 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1105 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1111 return m->llmnr_ipv6_udp_fd;
1114 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);