1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <arpa/inet.h>
25 #include <sys/ioctl.h>
27 #include <netinet/in.h>
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "network-internal.h"
33 #include "conf-parser.h"
34 #include "socket-util.h"
38 #include "resolved-dns-domain.h"
39 #include "resolved-conf.h"
40 #include "resolved-bus.h"
41 #include "resolved-manager.h"
43 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
45 static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
46 Manager *m = userdata;
55 r = sd_rtnl_message_get_type(mm, &type);
59 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
63 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
71 r = link_new(m, &l, ifindex);
76 r = link_update_rtnl(l, mm);
80 r = link_update_monitor(l);
85 log_debug("Found new link %i/%s", ifindex, l->name);
92 log_debug("Removing link %i/%s", l->ifindex, l->name);
102 log_warning("Failed to process RTNL link message: %s", strerror(-r));
106 static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
107 Manager *m = userdata;
108 union in_addr_union address;
110 int r, ifindex, family;
118 r = sd_rtnl_message_get_type(mm, &type);
122 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
126 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
130 r = sd_rtnl_message_addr_get_family(mm, &family);
137 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
139 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
147 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
149 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
160 a = link_find_address(l, family, &address);
167 r = link_address_new(l, &a, family, &address);
172 r = link_address_update_rtnl(a, mm);
180 link_address_free(a);
187 log_warning("Failed to process RTNL address message: %s", strerror(-r));
191 static int manager_rtnl_listen(Manager *m) {
192 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
198 /* First, subscibe to interfaces coming and going */
199 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
203 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
207 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
211 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
215 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
219 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
223 /* Then, enumerate all links */
224 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
228 r = sd_rtnl_message_request_dump(req, true);
232 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
236 for (i = reply; i; i = sd_rtnl_message_next(i)) {
237 r = manager_process_link(m->rtnl, i, m);
242 req = sd_rtnl_message_unref(req);
243 reply = sd_rtnl_message_unref(reply);
245 /* Finally, enumerate all addresses, too */
246 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
250 r = sd_rtnl_message_request_dump(req, true);
254 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
258 for (i = reply; i; i = sd_rtnl_message_next(i)) {
259 r = manager_process_address(m->rtnl, i, m);
267 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
268 Manager *m = userdata;
275 sd_network_monitor_flush(m->network_monitor);
277 HASHMAP_FOREACH(l, m->links, i) {
278 r = link_update_monitor(l);
280 log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
283 r = manager_write_resolv_conf(m);
285 log_warning("Could not update resolv.conf: %s", strerror(-r));
290 static int manager_network_monitor_listen(Manager *m) {
295 r = sd_network_monitor_new(&m->network_monitor, NULL);
299 fd = sd_network_monitor_get_fd(m->network_monitor);
303 events = sd_network_monitor_get_events(m->network_monitor);
307 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
314 static int determine_hostname(char **ret) {
315 _cleanup_free_ char *h = NULL, *n = NULL;
320 h = gethostname_malloc();
324 if (!utf8_is_valid(h)) {
325 log_error("System hostname is not UTF-8 clean.");
329 r = dns_name_normalize(h, &n);
331 log_error("System hostname '%s' cannot be normalized.", h);
341 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
342 _cleanup_free_ char *h = NULL;
343 Manager *m = userdata;
348 r = determine_hostname(&h);
350 return 0; /* ignore invalid hostnames */
352 if (streq(h, m->hostname))
355 log_info("System hostname changed to '%s'.", h);
360 manager_refresh_rrs(m);
365 static int manager_watch_hostname(Manager *m) {
370 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
371 if (m->hostname_fd < 0) {
372 log_warning("Failed to watch hostname: %m");
376 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
379 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
380 m->hostname_fd = safe_close(m->hostname_fd);
382 log_error("Failed to add hostname event source: %s", strerror(-r));
387 r = determine_hostname(&m->hostname);
389 log_info("Defaulting to hostname 'linux'.");
390 m->hostname = strdup("linux");
394 log_info("Using system hostname '%s'.", m->hostname);
399 static void manager_llmnr_stop(Manager *m) {
402 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
403 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
405 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
406 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
408 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
409 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
411 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
412 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
415 static int manager_llmnr_start(Manager *m) {
420 if (m->llmnr_support == SUPPORT_NO)
423 r = manager_llmnr_ipv4_udp_fd(m);
424 if (r == -EADDRINUSE)
429 r = manager_llmnr_ipv4_tcp_fd(m);
430 if (r == -EADDRINUSE)
435 if (socket_ipv6_is_supported()) {
436 r = manager_llmnr_ipv6_udp_fd(m);
437 if (r == -EADDRINUSE)
442 r = manager_llmnr_ipv6_tcp_fd(m);
443 if (r == -EADDRINUSE)
452 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
453 m->llmnr_support = SUPPORT_NO;
454 manager_llmnr_stop(m);
459 int manager_new(Manager **ret) {
460 _cleanup_(manager_freep) Manager *m = NULL;
465 m = new0(Manager, 1);
469 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
470 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
471 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
474 m->llmnr_support = SUPPORT_YES;
475 m->read_resolv_conf = true;
477 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
481 r = sd_event_default(&m->event);
485 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
486 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
488 sd_event_set_watchdog(m->event, true);
490 r = manager_watch_hostname(m);
494 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
498 r = manager_network_monitor_listen(m);
502 r = manager_rtnl_listen(m);
506 r = manager_connect_bus(m);
516 int manager_start(Manager *m) {
521 r = manager_llmnr_start(m);
528 Manager *manager_free(Manager *m) {
534 while ((l = hashmap_first(m->links)))
537 while (m->dns_queries)
538 dns_query_free(m->dns_queries);
540 dns_scope_free(m->unicast_scope);
542 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
543 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
545 hashmap_free(m->links);
546 hashmap_free(m->dns_transactions);
548 sd_event_source_unref(m->network_event_source);
549 sd_network_monitor_unref(m->network_monitor);
551 sd_event_source_unref(m->dns_ipv4_event_source);
552 sd_event_source_unref(m->dns_ipv6_event_source);
553 safe_close(m->dns_ipv4_fd);
554 safe_close(m->dns_ipv6_fd);
556 manager_llmnr_stop(m);
558 sd_bus_slot_unref(m->prepare_for_sleep_slot);
559 sd_event_source_unref(m->bus_retry_event_source);
560 sd_bus_unref(m->bus);
562 sd_event_unref(m->event);
564 dns_resource_key_unref(m->host_ipv4_key);
565 dns_resource_key_unref(m->host_ipv6_key);
567 safe_close(m->hostname_fd);
568 sd_event_source_unref(m->hostname_event_source);
576 int manager_read_resolv_conf(Manager *m) {
577 _cleanup_fclose_ FILE *f = NULL;
586 /* Reads the system /etc/resolv.conf, if it exists and is not
587 * symlinked to our own resolv.conf instance */
589 if (!m->read_resolv_conf)
592 r = stat("/etc/resolv.conf", &st);
595 log_warning("Failed to open /etc/resolv.conf: %m");
600 /* Have we already seen the file? */
601 t = timespec_load(&st.st_mtim);
602 if (t == m->resolv_conf_mtime)
605 m->resolv_conf_mtime = t;
607 /* Is it symlinked to our own file? */
608 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
609 st.st_dev == own.st_dev &&
610 st.st_ino == own.st_ino) {
615 f = fopen("/etc/resolv.conf", "re");
618 log_warning("Failed to open /etc/resolv.conf: %m");
623 if (fstat(fileno(f), &st) < 0) {
624 log_error("Failed to stat open file: %m");
629 LIST_FOREACH(servers, s, m->dns_servers)
632 FOREACH_LINE(line, f, r = -errno; goto clear) {
633 union in_addr_union address;
641 if (*l == '#' || *l == ';')
644 a = first_word(l, "nameserver");
648 r = in_addr_from_string_auto(a, &family, &address);
650 log_warning("Failed to parse name server %s.", a);
654 LIST_FOREACH(servers, s, m->dns_servers)
655 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
661 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
667 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
674 while (m->dns_servers)
675 dns_server_free(m->dns_servers);
680 static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
681 _cleanup_free_ char *t = NULL;
688 r = in_addr_to_string(s->family, &s->address, &t);
690 log_warning("Invalid DNS address. Ignoring: %s", strerror(-r));
695 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
697 fprintf(f, "nameserver %s\n", t);
701 static void write_resolv_conf_search(const char *domain, FILE *f,
702 unsigned *count, unsigned *length) {
707 if (*count >= MAXDNSRCH ||
708 *length + strlen(domain) > 256) {
709 if (*count == MAXDNSRCH)
710 fputs(" # Too many search domains configured, remaining ones ignored.", f);
712 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
717 fprintf(f, " %s", domain);
719 (*length) += strlen(domain);
723 static int write_resolv_conf_contents(FILE *f, Set *dns, Set *domains) {
726 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
727 "# Third party programs must not access this file directly, but\n"
728 "# only through the symlink at /etc/resolv.conf. To manage\n"
729 "# resolv.conf(5) in a different way, replace the symlink by a\n"
730 "# static file or a different symlink.\n\n", f);
732 if (set_isempty(dns))
733 fputs("# No DNS servers known.\n", f);
738 SET_FOREACH(s, dns, i)
739 write_resolv_conf_server(s, f, &count);
742 if (!set_isempty(domains)) {
743 unsigned length = 0, count = 0;
747 SET_FOREACH(domain, domains, i)
748 write_resolv_conf_search(domain, f, &count, &length);
752 return fflush_and_check(f);
756 int manager_write_resolv_conf(Manager *m) {
757 static const char path[] = "/run/systemd/resolve/resolv.conf";
758 _cleanup_free_ char *temp_path = NULL;
759 _cleanup_fclose_ FILE *f = NULL;
760 _cleanup_set_free_ Set *dns = NULL, *domains = NULL;
768 /* Read the system /etc/resolv.conf first */
769 manager_read_resolv_conf(m);
771 /* Add the full list to a set, to filter out duplicates */
772 dns = set_new(&dns_server_hash_ops);
776 domains = set_new(&dns_name_hash_ops);
780 /* First add the system-wide servers */
781 LIST_FOREACH(servers, s, m->dns_servers) {
789 /* Then, add the per-link servers and domains */
790 HASHMAP_FOREACH(l, m->links, i) {
793 LIST_FOREACH(servers, s, l->dns_servers) {
801 if (!l->unicast_scope)
804 STRV_FOREACH(domain, l->unicast_scope->domains) {
805 r = set_put(domains, *domain);
813 /* If we found nothing, add the fallback servers */
814 if (set_isempty(dns)) {
815 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
824 r = fopen_temporary(path, &f, &temp_path);
828 fchmod(fileno(f), 0644);
830 r = write_resolv_conf_contents(f, dns, domains);
834 if (rename(temp_path, path) < 0) {
847 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
848 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
850 struct cmsghdr header; /* For alignment */
851 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
852 + CMSG_SPACE(int) /* ttl/hoplimit */
853 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
855 union sockaddr_union sa;
856 struct msghdr mh = {};
857 struct cmsghdr *cmsg;
866 r = ioctl(fd, FIONREAD, &ms);
872 r = dns_packet_new(&p, protocol, ms);
876 iov.iov_base = DNS_PACKET_DATA(p);
877 iov.iov_len = p->allocated;
879 mh.msg_name = &sa.sa;
880 mh.msg_namelen = sizeof(sa);
883 mh.msg_control = &control;
884 mh.msg_controllen = sizeof(control);
886 l = recvmsg(fd, &mh, 0);
888 if (errno == EAGAIN || errno == EINTR)
897 assert(!(mh.msg_flags & MSG_CTRUNC));
898 assert(!(mh.msg_flags & MSG_TRUNC));
900 p->size = (size_t) l;
902 p->family = sa.sa.sa_family;
903 p->ipproto = IPPROTO_UDP;
904 if (p->family == AF_INET) {
905 p->sender.in = sa.in.sin_addr;
906 p->sender_port = be16toh(sa.in.sin_port);
907 } else if (p->family == AF_INET6) {
908 p->sender.in6 = sa.in6.sin6_addr;
909 p->sender_port = be16toh(sa.in6.sin6_port);
910 p->ifindex = sa.in6.sin6_scope_id;
912 return -EAFNOSUPPORT;
914 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
916 if (cmsg->cmsg_level == IPPROTO_IPV6) {
917 assert(p->family == AF_INET6);
919 switch (cmsg->cmsg_type) {
922 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
925 p->ifindex = i->ipi6_ifindex;
927 p->destination.in6 = i->ipi6_addr;
932 p->ttl = *(int *) CMSG_DATA(cmsg);
936 } else if (cmsg->cmsg_level == IPPROTO_IP) {
937 assert(p->family == AF_INET);
939 switch (cmsg->cmsg_type) {
942 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
945 p->ifindex = i->ipi_ifindex;
947 p->destination.in = i->ipi_addr;
952 p->ttl = *(int *) CMSG_DATA(cmsg);
958 /* The Linux kernel sets the interface index to the loopback
959 * device if the packet came from the local host since it
960 * avoids the routing table in such a case. Let's unset the
961 * interface index in such a case. */
962 if (p->ifindex > 0 && manager_ifindex_is_loopback(m, p->ifindex) != 0)
965 /* If we don't know the interface index still, we look for the
966 * first local interface with a matching address. Yuck! */
968 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
976 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
977 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
978 DnsTransaction *t = NULL;
979 Manager *m = userdata;
982 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
986 if (dns_packet_validate_reply(p) > 0) {
987 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
991 dns_transaction_process_reply(t, p);
994 log_debug("Invalid DNS packet.");
999 int manager_dns_ipv4_fd(Manager *m) {
1005 if (m->dns_ipv4_fd >= 0)
1006 return m->dns_ipv4_fd;
1008 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1009 if (m->dns_ipv4_fd < 0)
1012 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1018 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
1022 return m->dns_ipv4_fd;
1025 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1029 int manager_dns_ipv6_fd(Manager *m) {
1035 if (m->dns_ipv6_fd >= 0)
1036 return m->dns_ipv6_fd;
1038 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1039 if (m->dns_ipv6_fd < 0)
1042 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1048 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
1052 return m->dns_ipv6_fd;
1055 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1059 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1066 if (sendmsg(fd, mh, flags) >= 0)
1072 if (errno != EAGAIN)
1075 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1083 static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1084 union sockaddr_union sa = {
1085 .in.sin_family = AF_INET,
1088 struct cmsghdr header; /* For alignment */
1089 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1091 struct msghdr mh = {};
1100 iov.iov_base = DNS_PACKET_DATA(p);
1101 iov.iov_len = p->size;
1103 sa.in.sin_addr = *addr;
1104 sa.in.sin_port = htobe16(port),
1108 mh.msg_name = &sa.sa;
1109 mh.msg_namelen = sizeof(sa.in);
1112 struct cmsghdr *cmsg;
1113 struct in_pktinfo *pi;
1117 mh.msg_control = &control;
1118 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1120 cmsg = CMSG_FIRSTHDR(&mh);
1121 cmsg->cmsg_len = mh.msg_controllen;
1122 cmsg->cmsg_level = IPPROTO_IP;
1123 cmsg->cmsg_type = IP_PKTINFO;
1125 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1126 pi->ipi_ifindex = ifindex;
1129 return sendmsg_loop(fd, &mh, 0);
1132 static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1133 union sockaddr_union sa = {
1134 .in6.sin6_family = AF_INET6,
1137 struct cmsghdr header; /* For alignment */
1138 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1140 struct msghdr mh = {};
1149 iov.iov_base = DNS_PACKET_DATA(p);
1150 iov.iov_len = p->size;
1152 sa.in6.sin6_addr = *addr;
1153 sa.in6.sin6_port = htobe16(port),
1154 sa.in6.sin6_scope_id = ifindex;
1158 mh.msg_name = &sa.sa;
1159 mh.msg_namelen = sizeof(sa.in6);
1162 struct cmsghdr *cmsg;
1163 struct in6_pktinfo *pi;
1167 mh.msg_control = &control;
1168 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1170 cmsg = CMSG_FIRSTHDR(&mh);
1171 cmsg->cmsg_len = mh.msg_controllen;
1172 cmsg->cmsg_level = IPPROTO_IPV6;
1173 cmsg->cmsg_type = IPV6_PKTINFO;
1175 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1176 pi->ipi6_ifindex = ifindex;
1179 return sendmsg_loop(fd, &mh, 0);
1182 int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1189 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1191 if (family == AF_INET)
1192 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1193 else if (family == AF_INET6)
1194 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1196 return -EAFNOSUPPORT;
1199 DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1205 LIST_FOREACH(servers, s, m->dns_servers)
1206 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1209 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1210 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1216 DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1219 if (m->current_dns_server == s)
1223 _cleanup_free_ char *ip = NULL;
1225 in_addr_to_string(s->family, &s->address, &ip);
1226 log_info("Switching to system DNS server %s.", strna(ip));
1229 m->current_dns_server = s;
1231 if (m->unicast_scope)
1232 dns_cache_flush(&m->unicast_scope->cache);
1237 DnsServer *manager_get_dns_server(Manager *m) {
1241 /* Try to read updates resolv.conf */
1242 manager_read_resolv_conf(m);
1244 if (!m->current_dns_server)
1245 manager_set_dns_server(m, m->dns_servers);
1247 if (!m->current_dns_server) {
1251 /* No DNS servers configured, let's see if there are
1252 * any on any links. If not, we use the fallback
1255 HASHMAP_FOREACH(l, m->links, i)
1256 if (l->dns_servers) {
1262 manager_set_dns_server(m, m->fallback_dns_servers);
1265 return m->current_dns_server;
1268 void manager_next_dns_server(Manager *m) {
1271 /* If there's currently no DNS server set, then the next
1272 * manager_get_dns_server() will find one */
1273 if (!m->current_dns_server)
1276 /* Change to the next one */
1277 if (m->current_dns_server->servers_next) {
1278 manager_set_dns_server(m, m->current_dns_server->servers_next);
1282 /* If there was no next one, then start from the beginning of
1284 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1285 manager_set_dns_server(m, m->fallback_dns_servers);
1287 manager_set_dns_server(m, m->dns_servers);
1290 uint32_t manager_find_mtu(Manager *m) {
1295 /* If we don't know on which link a DNS packet would be
1296 * delivered, let's find the largest MTU that works on all
1297 * interfaces we know of */
1299 HASHMAP_FOREACH(l, m->links, i) {
1303 if (mtu <= 0 || l->mtu < mtu)
1310 static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1311 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1312 DnsTransaction *t = NULL;
1313 Manager *m = userdata;
1317 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1321 scope = manager_find_scope(m, p);
1323 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1327 if (dns_packet_validate_reply(p) > 0) {
1328 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1330 dns_scope_check_conflicts(scope, p);
1332 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1334 dns_transaction_process_reply(t, p);
1336 } else if (dns_packet_validate_query(p) > 0) {
1337 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
1339 dns_scope_process_query(scope, NULL, p);
1341 log_debug("Invalid LLMNR UDP packet.");
1346 int manager_llmnr_ipv4_udp_fd(Manager *m) {
1347 union sockaddr_union sa = {
1348 .in.sin_family = AF_INET,
1349 .in.sin_port = htobe16(5355),
1351 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1356 if (m->llmnr_ipv4_udp_fd >= 0)
1357 return m->llmnr_ipv4_udp_fd;
1359 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1360 if (m->llmnr_ipv4_udp_fd < 0)
1363 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1364 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1370 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1376 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1382 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1388 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1394 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1400 /* Disable Don't-Fragment bit in the IP header */
1401 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1407 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1413 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1417 return m->llmnr_ipv4_udp_fd;
1420 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1424 int manager_llmnr_ipv6_udp_fd(Manager *m) {
1425 union sockaddr_union sa = {
1426 .in6.sin6_family = AF_INET6,
1427 .in6.sin6_port = htobe16(5355),
1429 static const int one = 1, ttl = 255;
1434 if (m->llmnr_ipv6_udp_fd >= 0)
1435 return m->llmnr_ipv6_udp_fd;
1437 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1438 if (m->llmnr_ipv6_udp_fd < 0)
1441 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1447 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1448 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1454 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1460 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1466 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1472 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1478 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1484 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1490 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1496 return m->llmnr_ipv6_udp_fd;
1499 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1503 static int on_llmnr_stream_packet(DnsStream *s) {
1508 scope = manager_find_scope(s->manager, s->read_packet);
1510 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1514 if (dns_packet_validate_query(s->read_packet) > 0) {
1515 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
1517 dns_scope_process_query(scope, s, s->read_packet);
1519 /* If no reply packet was set, we free the stream */
1520 if (s->write_packet)
1523 log_debug("Invalid LLMNR TCP packet.");
1529 static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1531 Manager *m = userdata;
1534 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1536 if (errno == EAGAIN || errno == EINTR)
1542 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1548 stream->on_packet = on_llmnr_stream_packet;
1552 int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1553 union sockaddr_union sa = {
1554 .in.sin_family = AF_INET,
1555 .in.sin_port = htobe16(5355),
1557 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1562 if (m->llmnr_ipv4_tcp_fd >= 0)
1563 return m->llmnr_ipv4_tcp_fd;
1565 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1566 if (m->llmnr_ipv4_tcp_fd < 0)
1569 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1570 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1576 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1582 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1588 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1594 /* Disable Don't-Fragment bit in the IP header */
1595 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1601 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1607 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1613 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1617 return m->llmnr_ipv4_tcp_fd;
1620 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1624 int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1625 union sockaddr_union sa = {
1626 .in6.sin6_family = AF_INET6,
1627 .in6.sin6_port = htobe16(5355),
1629 static const int one = 1;
1634 if (m->llmnr_ipv6_tcp_fd >= 0)
1635 return m->llmnr_ipv6_tcp_fd;
1637 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1638 if (m->llmnr_ipv6_tcp_fd < 0)
1641 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1642 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1648 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1654 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1660 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1666 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1672 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1678 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1684 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1690 return m->llmnr_ipv6_tcp_fd;
1693 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1697 /* lo having ifindex 1 is hardcoded in the kernel */
1698 #define LOOPBACK_IFINDEX 1
1700 int manager_ifindex_is_loopback(Manager *m, int ifindex) {
1707 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
1709 /* in case we don't yet track the link, rely on the hardcoded value */
1710 return ifindex == LOOPBACK_IFINDEX;
1711 else if (l->flags & IFF_LOOPBACK)
1717 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1722 a = manager_find_link_address(m, family, in_addr);
1724 return a->link->ifindex;
1729 void manager_refresh_rrs(Manager *m) {
1735 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1736 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1738 HASHMAP_FOREACH(l, m->links, i) {
1739 link_add_rrs(l, true);
1740 link_add_rrs(l, false);
1744 int manager_next_hostname(Manager *m) {
1751 p = strchr(m->hostname, 0);
1754 while (p > m->hostname) {
1755 if (!strchr("0123456789", p[-1]))
1761 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1764 /* Add a random number to the old value. This way we can avoid
1765 * that two hosts pick the same hostname, win on IPv4 and lose
1766 * on IPv6 (or vice versa), and pick the same hostname
1767 * replacement hostname, ad infinitum. We still want the
1768 * numbers to go up monotonically, hence we just add a random
1771 random_bytes(&a, sizeof(a));
1774 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1777 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1782 manager_refresh_rrs(m);
1787 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1793 HASHMAP_FOREACH(l, m->links, i) {
1796 a = link_find_address(l, family, in_addr);
1804 bool manager_our_packet(Manager *m, DnsPacket *p) {
1808 return !!manager_find_link_address(m, p->family, &p->sender);
1811 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1817 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1821 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1822 if (p->family == AF_INET)
1823 return l->llmnr_ipv4_scope;
1824 else if (p->family == AF_INET6)
1825 return l->llmnr_ipv6_scope;
1831 void manager_verify_all(Manager *m) {
1836 LIST_FOREACH(scopes, s, m->dns_scopes)
1837 dns_zone_verify_all(&s->zone);
1840 void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1843 if (t == DNS_SERVER_SYSTEM)
1844 while (m->dns_servers)
1845 dns_server_free(m->dns_servers);
1847 if (t == DNS_SERVER_FALLBACK)
1848 while (m->fallback_dns_servers)
1849 dns_server_free(m->fallback_dns_servers);
1852 static const char* const support_table[_SUPPORT_MAX] = {
1853 [SUPPORT_NO] = "no",
1854 [SUPPORT_YES] = "yes",
1855 [SUPPORT_RESOLVE] = "resolve",
1857 DEFINE_STRING_TABLE_LOOKUP(support, Support);