1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <arpa/inet.h>
25 #include <sys/ioctl.h>
27 #include <netinet/in.h>
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "network-internal.h"
33 #include "conf-parser.h"
34 #include "socket-util.h"
37 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
39 static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
40 Manager *m = userdata;
49 r = sd_rtnl_message_get_type(mm, &type);
53 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
57 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
63 log_debug("Found link %i", ifindex);
65 r = link_new(m, &l, ifindex);
70 r = link_update_rtnl(l, mm);
78 log_debug("Removing link %i", l->ifindex);
88 log_warning("Failed to process RTNL link message: %s", strerror(-r));
92 static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
93 Manager *m = userdata;
94 union in_addr_union address;
96 int r, ifindex, family;
104 r = sd_rtnl_message_get_type(mm, &type);
108 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
112 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
116 r = sd_rtnl_message_addr_get_family(mm, &family);
123 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
125 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
133 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
135 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
146 a = link_find_address(l, family, &address);
153 r = link_address_new(l, &a, family, &address);
158 r = link_address_update_rtnl(a, mm);
166 link_address_free(a);
173 log_warning("Failed to process RTNL address message: %s", strerror(-r));
178 static int manager_rtnl_listen(Manager *m) {
179 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
185 /* First, subscibe to interfaces coming and going */
186 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
190 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
194 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
198 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
202 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
206 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
210 /* Then, enumerate all links */
211 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
215 r = sd_rtnl_message_request_dump(req, true);
219 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
223 for (i = reply; i; i = sd_rtnl_message_next(i)) {
224 r = manager_process_link(m->rtnl, i, m);
229 req = sd_rtnl_message_unref(req);
230 reply = sd_rtnl_message_unref(reply);
232 /* Finally, enumerate all addresses, too */
233 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
237 r = sd_rtnl_message_request_dump(req, true);
241 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
245 for (i = reply; i; i = sd_rtnl_message_next(i)) {
246 r = manager_process_address(m->rtnl, i, m);
254 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
255 Manager *m = userdata;
262 sd_network_monitor_flush(m->network_monitor);
264 HASHMAP_FOREACH(l, m->links, i) {
265 r = link_update_monitor(l);
267 log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
270 r = manager_write_resolv_conf(m);
272 log_warning("Could not update resolv.conf: %s", strerror(-r));
277 static int manager_network_monitor_listen(Manager *m) {
282 r = sd_network_monitor_new(&m->network_monitor, NULL);
286 fd = sd_network_monitor_get_fd(m->network_monitor);
290 events = sd_network_monitor_get_events(m->network_monitor);
294 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
301 static int parse_dns_server_string(Manager *m, const char *string) {
309 FOREACH_WORD_QUOTED(word, length, string, state) {
310 char buffer[length+1];
312 union in_addr_union addr;
314 memcpy(buffer, word, length);
317 r = in_addr_from_string_auto(buffer, &family, &addr);
319 log_warning("Ignoring invalid DNS address '%s'", buffer);
323 /* filter out duplicates */
324 if (manager_find_dns_server(m, family, &addr))
327 r = dns_server_new(m, NULL, NULL, family, &addr);
335 int config_parse_dnsv(
337 const char *filename,
340 unsigned section_line,
347 Manager *m = userdata;
355 /* Empty assignment means clear the list */
356 if (isempty(rvalue)) {
357 while (m->dns_servers)
358 dns_server_free(m->dns_servers);
363 r = parse_dns_server_string(m, rvalue);
365 log_error("Failed to parse DNS server string");
372 int manager_parse_config_file(Manager *m) {
375 return config_parse(NULL, "/etc/systemd/resolved.conf", NULL,
377 config_item_perf_lookup, resolved_gperf_lookup,
378 false, false, true, m);
381 int manager_new(Manager **ret) {
382 _cleanup_(manager_freep) Manager *m = NULL;
387 m = new0(Manager, 1);
391 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
392 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
396 r = parse_dns_server_string(m, DNS_SERVERS);
400 r = sd_event_default(&m->event);
404 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
405 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
407 sd_event_set_watchdog(m->event, true);
409 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
413 r = manager_network_monitor_listen(m);
417 r = manager_rtnl_listen(m);
421 r = manager_connect_bus(m);
431 Manager *manager_free(Manager *m) {
437 while (m->dns_queries)
438 dns_query_free(m->dns_queries);
440 hashmap_free(m->dns_query_transactions);
442 while ((l = hashmap_first(m->links)))
444 hashmap_free(m->links);
446 dns_scope_free(m->unicast_scope);
448 while (m->dns_servers)
449 dns_server_free(m->dns_servers);
451 sd_event_source_unref(m->network_event_source);
452 sd_network_monitor_unref(m->network_monitor);
454 sd_event_source_unref(m->dns_ipv4_event_source);
455 sd_event_source_unref(m->dns_ipv6_event_source);
456 safe_close(m->dns_ipv4_fd);
457 safe_close(m->dns_ipv6_fd);
459 sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
460 sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
461 safe_close(m->llmnr_ipv4_udp_fd);
462 safe_close(m->llmnr_ipv6_udp_fd);
464 sd_event_source_unref(m->bus_retry_event_source);
465 sd_bus_unref(m->bus);
467 sd_event_unref(m->event);
473 static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
474 _cleanup_free_ char *t = NULL;
481 r = in_addr_to_string(s->family, &s->address, &t);
483 log_warning("Invalid DNS address. Ignoring.");
488 fputs("# Too many DNS servers configured, the following entries may be ignored\n", f);
490 fprintf(f, "nameserver %s\n", t);
494 int manager_write_resolv_conf(Manager *m) {
495 const char *path = "/run/systemd/resolve/resolv.conf";
496 _cleanup_free_ char *temp_path = NULL;
497 _cleanup_fclose_ FILE *f = NULL;
506 r = fopen_temporary(path, &f, &temp_path);
510 fchmod(fileno(f), 0644);
512 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
513 "# Third party programs must not access this file directly, but\n"
514 "# only through the symlink at /etc/resolv.conf. To manage\n"
515 "# resolv.conf(5) in a different way, replace the symlink by a\n"
516 "# static file or a different symlink.\n\n", f);
518 HASHMAP_FOREACH(l, m->links, i)
519 LIST_FOREACH(servers, s, l->dns_servers)
520 write_resolve_conf_server(s, f, &count);
522 LIST_FOREACH(servers, s, m->dns_servers)
523 write_resolve_conf_server(s, f, &count);
525 r = fflush_and_check(f);
529 if (rename(temp_path, path) < 0) {
542 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
543 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
545 struct cmsghdr header; /* For alignment */
546 uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
547 + CMSG_SPACE(int) /* ttl/hoplimit */
548 + 1024 /* kernel appears to require extra buffer space */];
550 union sockaddr_union sa;
551 struct msghdr mh = {};
552 struct cmsghdr *cmsg;
561 r = ioctl(fd, FIONREAD, &ms);
567 r = dns_packet_new(&p, protocol, ms);
571 iov.iov_base = DNS_PACKET_DATA(p);
572 iov.iov_len = p->allocated;
574 mh.msg_name = &sa.sa;
575 mh.msg_namelen = sizeof(sa);
578 mh.msg_control = &control;
579 mh.msg_controllen = sizeof(control);
581 l = recvmsg(fd, &mh, 0);
583 if (errno == EAGAIN || errno == EINTR)
592 assert(!(mh.msg_flags & MSG_CTRUNC));
593 assert(!(mh.msg_flags & MSG_TRUNC));
595 p->size = (size_t) l;
597 p->family = sa.sa.sa_family;
598 if (p->family == AF_INET)
599 p->sender.in = sa.in.sin_addr;
600 else if (p->family == AF_INET6)
601 p->sender.in6 = sa.in6.sin6_addr;
603 return -EAFNOSUPPORT;
605 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
607 if (cmsg->cmsg_level == IPPROTO_IPV6) {
608 assert(p->family == AF_INET6);
610 switch (cmsg->cmsg_type) {
613 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
615 p->ifindex = i->ipi6_ifindex;
616 p->destination.in6 = i->ipi6_addr;
621 p->ttl = *(int *) CMSG_DATA(cmsg);
625 } else if (cmsg->cmsg_level == IPPROTO_IP) {
626 assert(p->family == AF_INET);
628 switch (cmsg->cmsg_type) {
631 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
633 p->ifindex = i->ipi_ifindex;
634 p->destination.in = i->ipi_addr;
639 p->ttl = *(int *) CMSG_DATA(cmsg);
651 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
652 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
653 DnsQueryTransaction *t = NULL;
654 Manager *m = userdata;
657 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
661 if (dns_packet_validate_reply(p) >= 0) {
662 t = hashmap_get(m->dns_query_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
666 dns_query_transaction_process_reply(t, p);
668 log_debug("Invalid reply packet.");
673 int manager_dns_ipv4_fd(Manager *m) {
679 if (m->dns_ipv4_fd >= 0)
680 return m->dns_ipv4_fd;
682 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
683 if (m->dns_ipv4_fd < 0)
686 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
692 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
696 return m->dns_ipv4_fd;
699 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
703 int manager_dns_ipv6_fd(Manager *m) {
709 if (m->dns_ipv6_fd >= 0)
710 return m->dns_ipv6_fd;
712 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
713 if (m->dns_ipv6_fd < 0)
716 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
722 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
726 return m->dns_ipv6_fd;
729 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
733 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
740 if (sendmsg(fd, mh, flags) >= 0)
749 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
757 static int manager_ipv4_send(Manager *m, int fd, int ifindex, struct in_addr *addr, uint16_t port, DnsPacket *p) {
758 union sockaddr_union sa = {
759 .in.sin_family = AF_INET,
762 struct cmsghdr header; /* For alignment */
763 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
765 struct msghdr mh = {};
774 iov.iov_base = DNS_PACKET_DATA(p);
775 iov.iov_len = p->size;
777 sa.in.sin_addr = *addr;
778 sa.in.sin_port = htobe16(port),
782 mh.msg_name = &sa.sa;
783 mh.msg_namelen = sizeof(sa.in);
786 struct cmsghdr *cmsg;
787 struct in_pktinfo *pi;
791 mh.msg_control = &control;
792 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
794 cmsg = CMSG_FIRSTHDR(&mh);
795 cmsg->cmsg_len = mh.msg_controllen;
796 cmsg->cmsg_level = IPPROTO_IP;
797 cmsg->cmsg_type = IP_PKTINFO;
799 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
800 pi->ipi_ifindex = ifindex;
803 return sendmsg_loop(fd, &mh, 0);
806 static int manager_ipv6_send(Manager *m, int fd, int ifindex, struct in6_addr *addr, uint16_t port, DnsPacket *p) {
807 union sockaddr_union sa = {
808 .in6.sin6_family = AF_INET6,
811 struct cmsghdr header; /* For alignment */
812 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
814 struct msghdr mh = {};
823 iov.iov_base = DNS_PACKET_DATA(p);
824 iov.iov_len = p->size;
826 sa.in6.sin6_addr = *addr;
827 sa.in6.sin6_port = htobe16(port),
828 sa.in6.sin6_scope_id = ifindex;
832 mh.msg_name = &sa.sa;
833 mh.msg_namelen = sizeof(sa.in6);
836 struct cmsghdr *cmsg;
837 struct in6_pktinfo *pi;
841 mh.msg_control = &control;
842 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
844 cmsg = CMSG_FIRSTHDR(&mh);
845 cmsg->cmsg_len = mh.msg_controllen;
846 cmsg->cmsg_level = IPPROTO_IPV6;
847 cmsg->cmsg_type = IPV6_PKTINFO;
849 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
850 pi->ipi6_ifindex = ifindex;
853 return sendmsg_loop(fd, &mh, 0);
856 int manager_send(Manager *m, int fd, int ifindex, int family, union in_addr_union *addr, uint16_t port, DnsPacket *p) {
863 if (family == AF_INET)
864 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
865 else if (family == AF_INET6)
866 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
868 return -EAFNOSUPPORT;
872 DnsServer* manager_find_dns_server(Manager *m, int family, union in_addr_union *in_addr) {
878 LIST_FOREACH(servers, s, m->dns_servers) {
880 if (s->family == family &&
881 in_addr_equal(family, &s->address, in_addr))
888 DnsServer *manager_get_dns_server(Manager *m) {
891 if (!m->current_dns_server)
892 m->current_dns_server = m->dns_servers;
894 return m->current_dns_server;
897 void manager_next_dns_server(Manager *m) {
900 if (!m->current_dns_server) {
901 m->current_dns_server = m->dns_servers;
905 if (!m->current_dns_server)
908 if (m->current_dns_server->servers_next) {
909 m->current_dns_server = m->current_dns_server->servers_next;
913 m->current_dns_server = m->dns_servers;
916 uint32_t manager_find_mtu(Manager *m) {
921 /* If we don't know on which link a DNS packet would be
922 * delivered, let's find the largest MTU that works on all
923 * interfaces we know of */
925 HASHMAP_FOREACH(l, m->links, i) {
929 if (mtu <= 0 || l->mtu < mtu)
936 static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
937 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
938 DnsQueryTransaction *t = NULL;
939 Manager *m = userdata;
942 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
946 if (dns_packet_validate_reply(p) >= 0) {
947 t = hashmap_get(m->dns_query_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
951 dns_query_transaction_process_reply(t, p);
957 int manager_llmnr_ipv4_udp_fd(Manager *m) {
958 union sockaddr_union sa = {
959 .in.sin_family = AF_INET,
960 .in.sin_port = htobe16(5355),
962 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
967 if (m->llmnr_ipv4_udp_fd >= 0)
968 return m->llmnr_ipv4_udp_fd;
970 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
971 if (m->llmnr_ipv4_udp_fd < 0)
974 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
980 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &one, sizeof(one));
986 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
992 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
998 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1004 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1010 /* Disable Don't-Fragment bit in the IP header */
1011 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1017 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1023 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1027 return m->llmnr_ipv4_udp_fd;
1030 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1034 int manager_llmnr_ipv6_udp_fd(Manager *m) {
1035 union sockaddr_union sa = {
1036 .in6.sin6_family = AF_INET6,
1037 .in6.sin6_port = htobe16(5355),
1039 static const int one = 1;
1044 if (m->llmnr_ipv6_udp_fd >= 0)
1045 return m->llmnr_ipv6_udp_fd;
1047 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1048 if (m->llmnr_ipv6_udp_fd < 0)
1051 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1057 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &one, sizeof(one));
1063 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1069 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1075 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1081 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1087 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1093 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1099 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1105 return m->llmnr_ipv6_udp_fd;
1108 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);