1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <arpa/inet.h>
25 #include <sys/ioctl.h>
27 #include <netinet/in.h>
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "sd-dhcp-lease.h"
33 #include "dhcp-lease-internal.h"
34 #include "network-internal.h"
35 #include "conf-parser.h"
36 #include "socket-util.h"
39 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
41 static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
42 Manager *m = userdata;
51 r = sd_rtnl_message_get_type(mm, &type);
55 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
59 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
65 log_debug("Found link %i", ifindex);
67 r = link_new(m, &l, ifindex);
72 r = link_update_rtnl(l, mm);
80 log_debug("Removing link %i", l->ifindex);
90 log_warning("Failed to process RTNL link message: %s", strerror(-r));
94 static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
95 Manager *m = userdata;
96 union in_addr_union address;
107 r = sd_rtnl_message_get_type(mm, &type);
111 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
115 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
119 r = sd_rtnl_message_addr_get_family(mm, &family);
126 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
128 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
136 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
138 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
149 a = link_find_address(l, family, &address);
156 r = link_address_new(l, &a, family, &address);
161 r = link_address_update_rtnl(a, mm);
169 link_address_free(a);
176 log_warning("Failed to process RTNL address message: %s", strerror(-r));
181 static int manager_rtnl_listen(Manager *m) {
182 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
188 /* First, subscibe to interfaces coming and going */
189 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
193 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
197 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
201 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
205 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
209 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
213 /* Then, enumerate all links */
214 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
218 r = sd_rtnl_message_request_dump(req, true);
222 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
226 for (i = reply; i; i = sd_rtnl_message_next(i)) {
227 r = manager_process_link(m->rtnl, i, m);
232 req = sd_rtnl_message_unref(req);
233 reply = sd_rtnl_message_unref(reply);
235 /* Finally, enumerate all addresses, too */
236 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
240 r = sd_rtnl_message_request_dump(req, true);
244 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
248 for (i = reply; i; i = sd_rtnl_message_next(i)) {
249 r = manager_process_address(m->rtnl, i, m);
257 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
258 Manager *m = userdata;
265 sd_network_monitor_flush(m->network_monitor);
267 HASHMAP_FOREACH(l, m->links, i) {
268 r = link_update_monitor(l);
270 log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
273 r = manager_write_resolv_conf(m);
275 log_warning("Could not update resolv.conf: %s", strerror(-r));
280 static int manager_network_monitor_listen(Manager *m) {
285 r = sd_network_monitor_new(&m->network_monitor, NULL);
289 fd = sd_network_monitor_get_fd(m->network_monitor);
293 events = sd_network_monitor_get_events(m->network_monitor);
297 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
304 static int parse_dns_server_string(Manager *m, const char *string) {
312 FOREACH_WORD_QUOTED(word, length, string, state) {
313 char buffer[length+1];
315 union in_addr_union addr;
317 memcpy(buffer, word, length);
320 r = in_addr_from_string_auto(buffer, &family, &addr);
322 log_warning("Ignoring invalid DNS address '%s'", buffer);
326 /* filter out duplicates */
327 if (manager_find_dns_server(m, family, &addr))
330 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &addr);
338 int config_parse_dnsv(
340 const char *filename,
343 unsigned section_line,
350 Manager *m = userdata;
358 /* Empty assignment means clear the list */
359 if (isempty(rvalue)) {
360 while (m->dns_servers)
361 dns_server_free(m->dns_servers);
366 r = parse_dns_server_string(m, rvalue);
368 log_error("Failed to parse DNS server string");
375 int manager_parse_config_file(Manager *m) {
378 return config_parse(NULL, "/etc/systemd/resolved.conf", NULL,
380 config_item_perf_lookup, resolved_gperf_lookup,
381 false, false, true, m);
384 int manager_new(Manager **ret) {
385 _cleanup_(manager_freep) Manager *m = NULL;
390 m = new0(Manager, 1);
394 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
395 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
399 r = parse_dns_server_string(m, /* "172.31.0.125 2001:4860:4860::8888 2001:4860:4860::8889" */ DNS_SERVERS);
403 r = sd_event_default(&m->event);
407 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
408 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
410 sd_event_set_watchdog(m->event, true);
412 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
416 r = manager_network_monitor_listen(m);
420 r = manager_rtnl_listen(m);
424 r = manager_connect_bus(m);
434 Manager *manager_free(Manager *m) {
440 while (m->dns_queries)
441 dns_query_free(m->dns_queries);
443 hashmap_free(m->dns_query_transactions);
445 while ((l = hashmap_first(m->links)))
447 hashmap_free(m->links);
449 dns_scope_free(m->unicast_scope);
451 while (m->dns_servers)
452 dns_server_free(m->dns_servers);
454 sd_event_source_unref(m->network_event_source);
455 sd_network_monitor_unref(m->network_monitor);
457 sd_event_source_unref(m->dns_ipv4_event_source);
458 sd_event_source_unref(m->dns_ipv6_event_source);
459 safe_close(m->dns_ipv4_fd);
460 safe_close(m->dns_ipv6_fd);
462 sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
463 sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
464 safe_close(m->llmnr_ipv4_udp_fd);
465 safe_close(m->llmnr_ipv6_udp_fd);
467 sd_event_source_unref(m->bus_retry_event_source);
468 sd_bus_unref(m->bus);
470 sd_event_unref(m->event);
476 static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
477 _cleanup_free_ char *t = NULL;
484 r = in_addr_to_string(s->family, &s->address, &t);
486 log_warning("Invalid DNS address. Ignoring.");
491 fputs("# Too many DNS servers configured, the following entries may be ignored\n", f);
493 fprintf(f, "nameserver %s\n", t);
497 int manager_write_resolv_conf(Manager *m) {
498 const char *path = "/run/systemd/resolve/resolv.conf";
499 _cleanup_free_ char *temp_path = NULL;
500 _cleanup_fclose_ FILE *f = NULL;
509 r = fopen_temporary(path, &f, &temp_path);
513 fchmod(fileno(f), 0644);
515 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
516 "# Third party programs must not access this file directly, but\n"
517 "# only through the symlink at /etc/resolv.conf. To manage\n"
518 "# resolv.conf(5) in a different way, replace the symlink by a\n"
519 "# static file or a different symlink.\n\n", f);
521 HASHMAP_FOREACH(l, m->links, i) {
522 LIST_FOREACH(servers, s, l->link_dns_servers)
523 write_resolve_conf_server(s, f, &count);
525 LIST_FOREACH(servers, s, l->dhcp_dns_servers)
526 write_resolve_conf_server(s, f, &count);
529 LIST_FOREACH(servers, s, m->dns_servers)
530 write_resolve_conf_server(s, f, &count);
532 r = fflush_and_check(f);
536 if (rename(temp_path, path) < 0) {
549 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
550 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
552 struct cmsghdr header; /* For alignment */
553 uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
554 + CMSG_SPACE(int) /* ttl/hoplimit */
555 + 1024 /* kernel appears to require extra buffer space */];
557 union sockaddr_union sa;
558 struct msghdr mh = {};
559 struct cmsghdr *cmsg;
568 r = ioctl(fd, FIONREAD, &ms);
574 r = dns_packet_new(&p, protocol, ms);
578 iov.iov_base = DNS_PACKET_DATA(p);
579 iov.iov_len = p->allocated;
581 mh.msg_name = &sa.sa;
582 mh.msg_namelen = sizeof(sa);
585 mh.msg_control = &control;
586 mh.msg_controllen = sizeof(control);
588 l = recvmsg(fd, &mh, 0);
590 if (errno == EAGAIN || errno == EINTR)
599 assert(!(mh.msg_flags & MSG_CTRUNC));
600 assert(!(mh.msg_flags & MSG_TRUNC));
602 p->size = (size_t) l;
604 p->family = sa.sa.sa_family;
605 if (p->family == AF_INET)
606 p->sender.in = sa.in.sin_addr;
607 else if (p->family == AF_INET6)
608 p->sender.in6 = sa.in6.sin6_addr;
610 return -EAFNOSUPPORT;
612 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
614 if (cmsg->cmsg_level == IPPROTO_IPV6) {
615 assert(p->family == AF_INET6);
617 switch (cmsg->cmsg_type) {
620 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
622 p->ifindex = i->ipi6_ifindex;
623 p->destination.in6 = i->ipi6_addr;
628 p->ttl = *(int *) CMSG_DATA(cmsg);
632 } else if (cmsg->cmsg_level == IPPROTO_IP) {
633 assert(p->family == AF_INET);
635 switch (cmsg->cmsg_type) {
638 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
640 p->ifindex = i->ipi_ifindex;
641 p->destination.in = i->ipi_addr;
646 p->ttl = *(int *) CMSG_DATA(cmsg);
658 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
659 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
660 DnsQueryTransaction *t = NULL;
661 Manager *m = userdata;
664 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
668 if (dns_packet_validate_reply(p) >= 0) {
669 t = hashmap_get(m->dns_query_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
673 dns_query_transaction_reply(t, p);
675 log_debug("Invalid reply packet.");
680 int manager_dns_ipv4_fd(Manager *m) {
686 if (m->dns_ipv4_fd >= 0)
687 return m->dns_ipv4_fd;
689 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
690 if (m->dns_ipv4_fd < 0)
693 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
699 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
703 return m->dns_ipv4_fd;
706 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
710 int manager_dns_ipv6_fd(Manager *m) {
716 if (m->dns_ipv6_fd >= 0)
717 return m->dns_ipv6_fd;
719 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
720 if (m->dns_ipv6_fd < 0)
723 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
729 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
733 return m->dns_ipv6_fd;
736 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
740 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
747 if (sendmsg(fd, mh, flags) >= 0)
756 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
764 static int manager_ipv4_send(Manager *m, int fd, int ifindex, struct in_addr *addr, uint16_t port, DnsPacket *p) {
765 union sockaddr_union sa = {
766 .in.sin_family = AF_INET,
769 struct cmsghdr header; /* For alignment */
770 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
772 struct msghdr mh = {};
781 iov.iov_base = DNS_PACKET_DATA(p);
782 iov.iov_len = p->size;
784 sa.in.sin_addr = *addr;
785 sa.in.sin_port = htobe16(port),
789 mh.msg_name = &sa.sa;
790 mh.msg_namelen = sizeof(sa.in);
793 struct cmsghdr *cmsg;
794 struct in_pktinfo *pi;
798 mh.msg_control = &control;
799 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
801 cmsg = CMSG_FIRSTHDR(&mh);
802 cmsg->cmsg_len = mh.msg_controllen;
803 cmsg->cmsg_level = IPPROTO_IP;
804 cmsg->cmsg_type = IP_PKTINFO;
806 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
807 pi->ipi_ifindex = ifindex;
810 return sendmsg_loop(fd, &mh, 0);
813 static int manager_ipv6_send(Manager *m, int fd, int ifindex, struct in6_addr *addr, uint16_t port, DnsPacket *p) {
814 union sockaddr_union sa = {
815 .in6.sin6_family = AF_INET6,
818 struct cmsghdr header; /* For alignment */
819 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
821 struct msghdr mh = {};
830 iov.iov_base = DNS_PACKET_DATA(p);
831 iov.iov_len = p->size;
833 sa.in6.sin6_addr = *addr;
834 sa.in6.sin6_port = htobe16(port),
835 sa.in6.sin6_scope_id = ifindex;
839 mh.msg_name = &sa.sa;
840 mh.msg_namelen = sizeof(sa.in6);
843 struct cmsghdr *cmsg;
844 struct in6_pktinfo *pi;
848 mh.msg_control = &control;
849 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
851 cmsg = CMSG_FIRSTHDR(&mh);
852 cmsg->cmsg_len = mh.msg_controllen;
853 cmsg->cmsg_level = IPPROTO_IPV6;
854 cmsg->cmsg_type = IPV6_PKTINFO;
856 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
857 pi->ipi6_ifindex = ifindex;
860 return sendmsg_loop(fd, &mh, 0);
863 int manager_send(Manager *m, int fd, int ifindex, unsigned char family, union in_addr_union *addr, uint16_t port, DnsPacket *p) {
870 if (family == AF_INET)
871 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
872 else if (family == AF_INET6)
873 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
875 return -EAFNOSUPPORT;
879 DnsServer* manager_find_dns_server(Manager *m, unsigned char family, union in_addr_union *in_addr) {
885 LIST_FOREACH(servers, s, m->dns_servers) {
887 if (s->family == family &&
888 in_addr_equal(family, &s->address, in_addr))
895 DnsServer *manager_get_dns_server(Manager *m) {
898 if (!m->current_dns_server)
899 m->current_dns_server = m->dns_servers;
901 return m->current_dns_server;
904 void manager_next_dns_server(Manager *m) {
907 if (!m->current_dns_server) {
908 m->current_dns_server = m->dns_servers;
912 if (!m->current_dns_server)
915 if (m->current_dns_server->servers_next) {
916 m->current_dns_server = m->current_dns_server->servers_next;
920 m->current_dns_server = m->dns_servers;
923 uint32_t manager_find_mtu(Manager *m) {
928 /* If we don't know on which link a DNS packet would be
929 * delivered, let's find the largest MTU that works on all
930 * interfaces we know of */
932 HASHMAP_FOREACH(l, m->links, i) {
936 if (mtu <= 0 || l->mtu < mtu)
943 static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
944 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
945 DnsQueryTransaction *t = NULL;
946 Manager *m = userdata;
949 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
953 if (dns_packet_validate_reply(p) >= 0) {
954 t = hashmap_get(m->dns_query_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
958 dns_query_transaction_reply(t, p);
964 int manager_llmnr_ipv4_udp_fd(Manager *m) {
965 union sockaddr_union sa = {
966 .in.sin_family = AF_INET,
967 .in.sin_port = htobe16(5355),
969 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
974 if (m->llmnr_ipv4_udp_fd >= 0)
975 return m->llmnr_ipv4_udp_fd;
977 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
978 if (m->llmnr_ipv4_udp_fd < 0)
981 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
987 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &one, sizeof(one));
993 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
999 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1005 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1011 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1017 /* Disable Don't-Fragment bit in the IP header */
1018 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1024 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1030 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1034 return m->llmnr_ipv4_udp_fd;
1037 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1041 int manager_llmnr_ipv6_udp_fd(Manager *m) {
1042 union sockaddr_union sa = {
1043 .in6.sin6_family = AF_INET6,
1044 .in6.sin6_port = htobe16(5355),
1046 static const int one = 1;
1051 if (m->llmnr_ipv6_udp_fd >= 0)
1052 return m->llmnr_ipv6_udp_fd;
1054 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1055 if (m->llmnr_ipv6_udp_fd < 0)
1058 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1064 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &one, sizeof(one));
1070 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1076 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1082 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1088 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1094 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1100 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1106 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1112 return m->llmnr_ipv6_udp_fd;
1115 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);