1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <arpa/inet.h>
25 #include <sys/ioctl.h>
27 #include <netinet/in.h>
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "network-internal.h"
33 #include "conf-parser.h"
34 #include "socket-util.h"
38 #include "resolved-dns-domain.h"
39 #include "resolved-conf.h"
40 #include "resolved-bus.h"
41 #include "resolved-manager.h"
43 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
45 static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
46 Manager *m = userdata;
55 r = sd_rtnl_message_get_type(mm, &type);
59 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
63 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
71 r = link_new(m, &l, ifindex);
76 r = link_update_rtnl(l, mm);
80 r = link_update_monitor(l);
85 log_debug("Found new link %i/%s", ifindex, l->name);
92 log_debug("Removing link %i/%s", l->ifindex, l->name);
102 log_warning("Failed to process RTNL link message: %s", strerror(-r));
106 static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
107 Manager *m = userdata;
108 union in_addr_union address;
110 int r, ifindex, family;
118 r = sd_rtnl_message_get_type(mm, &type);
122 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
126 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
130 r = sd_rtnl_message_addr_get_family(mm, &family);
137 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
139 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
147 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
149 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
160 a = link_find_address(l, family, &address);
167 r = link_address_new(l, &a, family, &address);
172 r = link_address_update_rtnl(a, mm);
180 link_address_free(a);
187 log_warning("Failed to process RTNL address message: %s", strerror(-r));
191 static int manager_rtnl_listen(Manager *m) {
192 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
198 /* First, subscibe to interfaces coming and going */
199 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
203 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
207 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
211 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
215 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
219 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
223 /* Then, enumerate all links */
224 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
228 r = sd_rtnl_message_request_dump(req, true);
232 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
236 for (i = reply; i; i = sd_rtnl_message_next(i)) {
237 r = manager_process_link(m->rtnl, i, m);
242 req = sd_rtnl_message_unref(req);
243 reply = sd_rtnl_message_unref(reply);
245 /* Finally, enumerate all addresses, too */
246 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
250 r = sd_rtnl_message_request_dump(req, true);
254 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
258 for (i = reply; i; i = sd_rtnl_message_next(i)) {
259 r = manager_process_address(m->rtnl, i, m);
267 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
268 Manager *m = userdata;
275 sd_network_monitor_flush(m->network_monitor);
277 HASHMAP_FOREACH(l, m->links, i) {
278 r = link_update_monitor(l);
280 log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
283 r = manager_write_resolv_conf(m);
285 log_warning("Could not update resolv.conf: %s", strerror(-r));
290 static int manager_network_monitor_listen(Manager *m) {
295 r = sd_network_monitor_new(&m->network_monitor, NULL);
299 fd = sd_network_monitor_get_fd(m->network_monitor);
303 events = sd_network_monitor_get_events(m->network_monitor);
307 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
314 static int determine_hostname(char **ret) {
315 _cleanup_free_ char *h = NULL, *n = NULL;
320 h = gethostname_malloc();
324 if (!utf8_is_valid(h)) {
325 log_error("System hostname is not UTF-8 clean.");
329 r = dns_name_normalize(h, &n);
331 log_error("System hostname '%s' cannot be normalized.", h);
341 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
342 _cleanup_free_ char *h = NULL;
343 Manager *m = userdata;
348 r = determine_hostname(&h);
350 return 0; /* ignore invalid hostnames */
352 if (streq(h, m->hostname))
355 log_info("System hostname changed to '%s'.", h);
360 manager_refresh_rrs(m);
365 static int manager_watch_hostname(Manager *m) {
370 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
371 if (m->hostname_fd < 0) {
372 log_warning("Failed to watch hostname: %m");
376 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
379 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
380 m->hostname_fd = safe_close(m->hostname_fd);
382 log_error("Failed to add hostname event source: %s", strerror(-r));
387 r = determine_hostname(&m->hostname);
389 log_info("Defaulting to hostname 'linux'.");
390 m->hostname = strdup("linux");
394 log_info("Using system hostname '%s'.", m->hostname);
399 static void manager_llmnr_stop(Manager *m) {
402 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
403 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
405 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
406 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
408 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
409 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
411 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
412 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
415 static int manager_llmnr_start(Manager *m) {
420 if (m->llmnr_support == SUPPORT_NO)
423 r = manager_llmnr_ipv4_udp_fd(m);
424 if (r == -EADDRINUSE)
429 r = manager_llmnr_ipv6_udp_fd(m);
430 if (r == -EADDRINUSE)
435 r = manager_llmnr_ipv4_tcp_fd(m);
436 if (r == -EADDRINUSE)
441 r = manager_llmnr_ipv6_tcp_fd(m);
442 if (r == -EADDRINUSE)
450 log_warning("There appears to be another LLMNR respondering running. Turning off LLMNR support.");
451 m->llmnr_support = SUPPORT_NO;
452 manager_llmnr_stop(m);
456 int manager_new(Manager **ret) {
457 _cleanup_(manager_freep) Manager *m = NULL;
462 m = new0(Manager, 1);
466 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
467 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
468 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
471 m->llmnr_support = SUPPORT_YES;
472 m->read_resolv_conf = true;
474 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
478 r = sd_event_default(&m->event);
482 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
483 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
485 sd_event_set_watchdog(m->event, true);
487 r = manager_watch_hostname(m);
491 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
495 r = manager_network_monitor_listen(m);
499 r = manager_rtnl_listen(m);
503 r = manager_connect_bus(m);
513 int manager_start(Manager *m) {
518 r = manager_llmnr_start(m);
525 Manager *manager_free(Manager *m) {
531 while ((l = hashmap_first(m->links)))
534 while (m->dns_queries)
535 dns_query_free(m->dns_queries);
537 dns_scope_free(m->unicast_scope);
539 while (m->dns_servers)
540 dns_server_free(m->dns_servers);
541 while (m->fallback_dns_servers)
542 dns_server_free(m->fallback_dns_servers);
544 hashmap_free(m->links);
545 hashmap_free(m->dns_transactions);
547 sd_event_source_unref(m->network_event_source);
548 sd_network_monitor_unref(m->network_monitor);
550 sd_event_source_unref(m->dns_ipv4_event_source);
551 sd_event_source_unref(m->dns_ipv6_event_source);
552 safe_close(m->dns_ipv4_fd);
553 safe_close(m->dns_ipv6_fd);
555 manager_llmnr_stop(m);
557 sd_bus_slot_unref(m->prepare_for_sleep_slot);
558 sd_event_source_unref(m->bus_retry_event_source);
559 sd_bus_unref(m->bus);
561 sd_event_unref(m->event);
563 dns_resource_key_unref(m->host_ipv4_key);
564 dns_resource_key_unref(m->host_ipv6_key);
566 safe_close(m->hostname_fd);
567 sd_event_source_unref(m->hostname_event_source);
575 int manager_read_resolv_conf(Manager *m) {
576 _cleanup_fclose_ FILE *f = NULL;
585 /* Reads the system /etc/resolv.conf, if it exists and is not
586 * symlinked to our own resolv.conf instance */
588 if (!m->read_resolv_conf)
591 r = stat("/etc/resolv.conf", &st);
594 log_warning("Failed to open /etc/resolv.conf: %m");
599 /* Have we already seen the file? */
600 t = timespec_load(&st.st_mtim);
601 if (t == m->resolv_conf_mtime)
604 m->resolv_conf_mtime = t;
606 /* Is it symlinked to our own file? */
607 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
608 st.st_dev == own.st_dev &&
609 st.st_ino == own.st_ino) {
614 f = fopen("/etc/resolv.conf", "re");
617 log_warning("Failed to open /etc/resolv.conf: %m");
622 if (fstat(fileno(f), &st) < 0) {
623 log_error("Failed to stat open file: %m");
628 LIST_FOREACH(servers, s, m->dns_servers)
631 FOREACH_LINE(line, f, r = -errno; goto clear) {
632 union in_addr_union address;
640 if (*l == '#' || *l == ';')
643 a = first_word(l, "nameserver");
647 r = in_addr_from_string_auto(a, &family, &address);
649 log_warning("Failed to parse name server %s.", a);
653 LIST_FOREACH(servers, s, m->dns_servers)
654 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
660 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
666 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
673 while (m->dns_servers)
674 dns_server_free(m->dns_servers);
679 static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
680 _cleanup_free_ char *t = NULL;
687 r = in_addr_to_string(s->family, &s->address, &t);
689 log_warning("Invalid DNS address. Ignoring: %s", strerror(-r));
694 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
696 fprintf(f, "nameserver %s\n", t);
700 int manager_write_resolv_conf(Manager *m) {
701 static const char path[] = "/run/systemd/resolve/resolv.conf";
702 _cleanup_free_ char *temp_path = NULL;
703 _cleanup_fclose_ FILE *f = NULL;
704 _cleanup_set_free_ Set *dns = NULL;
713 /* Read the system /etc/resolv.conf first */
714 manager_read_resolv_conf(m);
716 /* Add the full list to a set, to filter out duplicates */
717 dns = set_new(dns_server_hash_func, dns_server_compare_func);
721 /* First add the system-wide servers */
722 LIST_FOREACH(servers, s, m->dns_servers) {
730 /* Then, add the per-link servers */
731 HASHMAP_FOREACH(l, m->links, i)
732 LIST_FOREACH(servers, s, l->dns_servers) {
740 /* If we found nothing, add the fallback servers */
741 if (set_isempty(dns)) {
742 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
751 r = fopen_temporary(path, &f, &temp_path);
755 fchmod(fileno(f), 0644);
757 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
758 "# Third party programs must not access this file directly, but\n"
759 "# only through the symlink at /etc/resolv.conf. To manage\n"
760 "# resolv.conf(5) in a different way, replace the symlink by a\n"
761 "# static file or a different symlink.\n\n", f);
763 if (set_isempty(dns))
764 fputs("# No DNS servers known.\n", f);
766 SET_FOREACH(s, dns, i)
767 write_resolve_conf_server(s, f, &count);
770 r = fflush_and_check(f);
774 if (rename(temp_path, path) < 0) {
787 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
788 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
790 struct cmsghdr header; /* For alignment */
791 uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
792 + CMSG_SPACE(int) /* ttl/hoplimit */
793 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
795 union sockaddr_union sa;
796 struct msghdr mh = {};
797 struct cmsghdr *cmsg;
806 r = ioctl(fd, FIONREAD, &ms);
812 r = dns_packet_new(&p, protocol, ms);
816 iov.iov_base = DNS_PACKET_DATA(p);
817 iov.iov_len = p->allocated;
819 mh.msg_name = &sa.sa;
820 mh.msg_namelen = sizeof(sa);
823 mh.msg_control = &control;
824 mh.msg_controllen = sizeof(control);
826 l = recvmsg(fd, &mh, 0);
828 if (errno == EAGAIN || errno == EINTR)
837 assert(!(mh.msg_flags & MSG_CTRUNC));
838 assert(!(mh.msg_flags & MSG_TRUNC));
840 p->size = (size_t) l;
842 p->family = sa.sa.sa_family;
843 p->ipproto = IPPROTO_UDP;
844 if (p->family == AF_INET) {
845 p->sender.in = sa.in.sin_addr;
846 p->sender_port = be16toh(sa.in.sin_port);
847 } else if (p->family == AF_INET6) {
848 p->sender.in6 = sa.in6.sin6_addr;
849 p->sender_port = be16toh(sa.in6.sin6_port);
850 p->ifindex = sa.in6.sin6_scope_id;
852 return -EAFNOSUPPORT;
854 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
856 if (cmsg->cmsg_level == IPPROTO_IPV6) {
857 assert(p->family == AF_INET6);
859 switch (cmsg->cmsg_type) {
862 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
865 p->ifindex = i->ipi6_ifindex;
867 p->destination.in6 = i->ipi6_addr;
872 p->ttl = *(int *) CMSG_DATA(cmsg);
876 } else if (cmsg->cmsg_level == IPPROTO_IP) {
877 assert(p->family == AF_INET);
879 switch (cmsg->cmsg_type) {
882 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
885 p->ifindex = i->ipi_ifindex;
887 p->destination.in = i->ipi_addr;
892 p->ttl = *(int *) CMSG_DATA(cmsg);
898 /* The Linux kernel sets the interface index to the loopback
899 * device if the packet came from the local host since it
900 * avoids the routing table in such a case. Let's unset the
901 * interface index in such a case. */
902 if (p->ifindex > 0 && manager_ifindex_is_loopback(m, p->ifindex) != 0)
905 /* If we don't know the interface index still, we look for the
906 * first local interface with a matching address. Yuck! */
908 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
916 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
917 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
918 DnsTransaction *t = NULL;
919 Manager *m = userdata;
922 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
926 if (dns_packet_validate_reply(p) > 0) {
927 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
931 dns_transaction_process_reply(t, p);
934 log_debug("Invalid DNS packet.");
939 int manager_dns_ipv4_fd(Manager *m) {
945 if (m->dns_ipv4_fd >= 0)
946 return m->dns_ipv4_fd;
948 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
949 if (m->dns_ipv4_fd < 0)
952 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
958 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
962 return m->dns_ipv4_fd;
965 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
969 int manager_dns_ipv6_fd(Manager *m) {
975 if (m->dns_ipv6_fd >= 0)
976 return m->dns_ipv6_fd;
978 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
979 if (m->dns_ipv6_fd < 0)
982 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
988 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
992 return m->dns_ipv6_fd;
995 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
999 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1006 if (sendmsg(fd, mh, flags) >= 0)
1012 if (errno != EAGAIN)
1015 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1023 static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1024 union sockaddr_union sa = {
1025 .in.sin_family = AF_INET,
1028 struct cmsghdr header; /* For alignment */
1029 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1031 struct msghdr mh = {};
1040 iov.iov_base = DNS_PACKET_DATA(p);
1041 iov.iov_len = p->size;
1043 sa.in.sin_addr = *addr;
1044 sa.in.sin_port = htobe16(port),
1048 mh.msg_name = &sa.sa;
1049 mh.msg_namelen = sizeof(sa.in);
1052 struct cmsghdr *cmsg;
1053 struct in_pktinfo *pi;
1057 mh.msg_control = &control;
1058 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1060 cmsg = CMSG_FIRSTHDR(&mh);
1061 cmsg->cmsg_len = mh.msg_controllen;
1062 cmsg->cmsg_level = IPPROTO_IP;
1063 cmsg->cmsg_type = IP_PKTINFO;
1065 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1066 pi->ipi_ifindex = ifindex;
1069 return sendmsg_loop(fd, &mh, 0);
1072 static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1073 union sockaddr_union sa = {
1074 .in6.sin6_family = AF_INET6,
1077 struct cmsghdr header; /* For alignment */
1078 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1080 struct msghdr mh = {};
1089 iov.iov_base = DNS_PACKET_DATA(p);
1090 iov.iov_len = p->size;
1092 sa.in6.sin6_addr = *addr;
1093 sa.in6.sin6_port = htobe16(port),
1094 sa.in6.sin6_scope_id = ifindex;
1098 mh.msg_name = &sa.sa;
1099 mh.msg_namelen = sizeof(sa.in6);
1102 struct cmsghdr *cmsg;
1103 struct in6_pktinfo *pi;
1107 mh.msg_control = &control;
1108 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1110 cmsg = CMSG_FIRSTHDR(&mh);
1111 cmsg->cmsg_len = mh.msg_controllen;
1112 cmsg->cmsg_level = IPPROTO_IPV6;
1113 cmsg->cmsg_type = IPV6_PKTINFO;
1115 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1116 pi->ipi6_ifindex = ifindex;
1119 return sendmsg_loop(fd, &mh, 0);
1122 int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1129 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1131 if (family == AF_INET)
1132 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1133 else if (family == AF_INET6)
1134 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1136 return -EAFNOSUPPORT;
1139 DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1145 LIST_FOREACH(servers, s, m->dns_servers)
1146 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1149 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1150 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1156 DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1159 if (m->current_dns_server == s)
1163 _cleanup_free_ char *ip = NULL;
1165 in_addr_to_string(s->family, &s->address, &ip);
1166 log_info("Switching to system DNS server %s.", strna(ip));
1169 m->current_dns_server = s;
1171 if (m->unicast_scope)
1172 dns_cache_flush(&m->unicast_scope->cache);
1177 DnsServer *manager_get_dns_server(Manager *m) {
1181 /* Try to read updates resolv.conf */
1182 manager_read_resolv_conf(m);
1184 if (!m->current_dns_server)
1185 manager_set_dns_server(m, m->dns_servers);
1187 if (!m->current_dns_server) {
1191 /* No DNS servers configured, let's see if there are
1192 * any on any links. If not, we use the fallback
1195 HASHMAP_FOREACH(l, m->links, i)
1196 if (l->dns_servers) {
1202 manager_set_dns_server(m, m->fallback_dns_servers);
1205 return m->current_dns_server;
1208 void manager_next_dns_server(Manager *m) {
1211 /* If there's currently no DNS server set, then the next
1212 * manager_get_dns_server() will find one */
1213 if (!m->current_dns_server)
1216 /* Change to the next one */
1217 if (m->current_dns_server->servers_next) {
1218 manager_set_dns_server(m, m->current_dns_server->servers_next);
1222 /* If there was no next one, then start from the beginning of
1224 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1225 manager_set_dns_server(m, m->fallback_dns_servers);
1227 manager_set_dns_server(m, m->dns_servers);
1230 uint32_t manager_find_mtu(Manager *m) {
1235 /* If we don't know on which link a DNS packet would be
1236 * delivered, let's find the largest MTU that works on all
1237 * interfaces we know of */
1239 HASHMAP_FOREACH(l, m->links, i) {
1243 if (mtu <= 0 || l->mtu < mtu)
1250 static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1251 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1252 DnsTransaction *t = NULL;
1253 Manager *m = userdata;
1257 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1261 scope = manager_find_scope(m, p);
1263 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1267 if (dns_packet_validate_reply(p) > 0) {
1268 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1270 dns_scope_check_conflicts(scope, p);
1272 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1274 dns_transaction_process_reply(t, p);
1276 } else if (dns_packet_validate_query(p) > 0) {
1277 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
1279 dns_scope_process_query(scope, NULL, p);
1281 log_debug("Invalid LLMNR UDP packet.");
1286 int manager_llmnr_ipv4_udp_fd(Manager *m) {
1287 union sockaddr_union sa = {
1288 .in.sin_family = AF_INET,
1289 .in.sin_port = htobe16(5355),
1291 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1296 if (m->llmnr_ipv4_udp_fd >= 0)
1297 return m->llmnr_ipv4_udp_fd;
1299 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1300 if (m->llmnr_ipv4_udp_fd < 0)
1303 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1304 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1310 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1316 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1322 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1328 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1334 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1340 /* Disable Don't-Fragment bit in the IP header */
1341 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1347 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1353 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1357 return m->llmnr_ipv4_udp_fd;
1360 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1364 int manager_llmnr_ipv6_udp_fd(Manager *m) {
1365 union sockaddr_union sa = {
1366 .in6.sin6_family = AF_INET6,
1367 .in6.sin6_port = htobe16(5355),
1369 static const int one = 1, ttl = 255;
1374 if (m->llmnr_ipv6_udp_fd >= 0)
1375 return m->llmnr_ipv6_udp_fd;
1377 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1378 if (m->llmnr_ipv6_udp_fd < 0)
1381 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1387 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1388 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1394 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1400 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1406 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1412 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1418 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1424 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1430 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1436 return m->llmnr_ipv6_udp_fd;
1439 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1443 static int on_llmnr_stream_packet(DnsStream *s) {
1448 scope = manager_find_scope(s->manager, s->read_packet);
1450 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1454 if (dns_packet_validate_query(s->read_packet) > 0) {
1455 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
1457 dns_scope_process_query(scope, s, s->read_packet);
1459 /* If no reply packet was set, we free the stream */
1460 if (s->write_packet)
1463 log_debug("Invalid LLMNR TCP packet.");
1469 static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1471 Manager *m = userdata;
1474 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1476 if (errno == EAGAIN || errno == EINTR)
1482 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1488 stream->on_packet = on_llmnr_stream_packet;
1492 int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1493 union sockaddr_union sa = {
1494 .in.sin_family = AF_INET,
1495 .in.sin_port = htobe16(5355),
1497 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1502 if (m->llmnr_ipv4_tcp_fd >= 0)
1503 return m->llmnr_ipv4_tcp_fd;
1505 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1506 if (m->llmnr_ipv4_tcp_fd < 0)
1509 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1510 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1516 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1522 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1528 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1534 /* Disable Don't-Fragment bit in the IP header */
1535 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1541 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1547 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1553 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1557 return m->llmnr_ipv4_tcp_fd;
1560 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1564 int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1565 union sockaddr_union sa = {
1566 .in6.sin6_family = AF_INET6,
1567 .in6.sin6_port = htobe16(5355),
1569 static const int one = 1;
1574 if (m->llmnr_ipv6_tcp_fd >= 0)
1575 return m->llmnr_ipv6_tcp_fd;
1577 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1578 if (m->llmnr_ipv6_tcp_fd < 0)
1581 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1582 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1588 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1594 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1600 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1606 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1612 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1618 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1624 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1630 return m->llmnr_ipv6_tcp_fd;
1633 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1637 int manager_ifindex_is_loopback(Manager *m, int ifindex) {
1644 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
1645 if (l->flags & IFF_LOOPBACK)
1651 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1656 a = manager_find_link_address(m, family, in_addr);
1658 return a->link->ifindex;
1663 void manager_refresh_rrs(Manager *m) {
1669 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1670 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1672 HASHMAP_FOREACH(l, m->links, i) {
1673 link_add_rrs(l, true);
1674 link_add_rrs(l, false);
1678 int manager_next_hostname(Manager *m) {
1685 p = strchr(m->hostname, 0);
1688 while (p > m->hostname) {
1689 if (!strchr("0123456789", p[-1]))
1695 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1698 /* Add a random number to the old value. This way we can avoid
1699 * that two hosts pick the same hostname, win on IPv4 and lose
1700 * on IPv6 (or vice versa), and pick the same hostname
1701 * replacement hostname, ad infinitum. We still want the
1702 * numbers to go up monotonically, hence we just add a random
1705 random_bytes(&a, sizeof(a));
1708 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1711 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1716 manager_refresh_rrs(m);
1721 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1727 HASHMAP_FOREACH(l, m->links, i) {
1730 a = link_find_address(l, family, in_addr);
1738 bool manager_our_packet(Manager *m, DnsPacket *p) {
1742 return !!manager_find_link_address(m, p->family, &p->sender);
1745 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1751 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1755 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1756 if (p->family == AF_INET)
1757 return l->llmnr_ipv4_scope;
1758 else if (p->family == AF_INET6)
1759 return l->llmnr_ipv6_scope;
1765 void manager_verify_all(Manager *m) {
1770 LIST_FOREACH(scopes, s, m->dns_scopes)
1771 dns_zone_verify_all(&s->zone);
1774 static const char* const support_table[_SUPPORT_MAX] = {
1775 [SUPPORT_NO] = "no",
1776 [SUPPORT_YES] = "yes",
1777 [SUPPORT_RESOLVE] = "resolve",
1779 DEFINE_STRING_TABLE_LOOKUP(support, Support);