1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <sys/ioctl.h>
25 #include <netinet/in.h>
27 #include "rtnl-util.h"
28 #include "network-internal.h"
29 #include "socket-util.h"
32 #include "fileio-label.h"
34 #include "resolved-dns-domain.h"
35 #include "resolved-conf.h"
36 #include "resolved-bus.h"
37 #include "resolved-manager.h"
39 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
41 static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
42 Manager *m = userdata;
51 r = sd_rtnl_message_get_type(mm, &type);
55 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
59 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
67 r = link_new(m, &l, ifindex);
72 r = link_update_rtnl(l, mm);
76 r = link_update_monitor(l);
81 log_debug("Found new link %i/%s", ifindex, l->name);
88 log_debug("Removing link %i/%s", l->ifindex, l->name);
98 log_warning_errno(r, "Failed to process RTNL link message: %m");
102 static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
103 Manager *m = userdata;
104 union in_addr_union address;
106 int r, ifindex, family;
114 r = sd_rtnl_message_get_type(mm, &type);
118 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
122 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
126 r = sd_rtnl_message_addr_get_family(mm, &family);
133 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
135 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
143 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
145 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
156 a = link_find_address(l, family, &address);
163 r = link_address_new(l, &a, family, &address);
168 r = link_address_update_rtnl(a, mm);
176 link_address_free(a);
183 log_warning_errno(r, "Failed to process RTNL address message: %m");
187 static int manager_rtnl_listen(Manager *m) {
188 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
194 /* First, subscribe to interfaces coming and going */
195 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
199 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
203 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
207 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
211 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
215 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
219 /* Then, enumerate all links */
220 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
224 r = sd_rtnl_message_request_dump(req, true);
228 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
232 for (i = reply; i; i = sd_rtnl_message_next(i)) {
233 r = manager_process_link(m->rtnl, i, m);
238 req = sd_rtnl_message_unref(req);
239 reply = sd_rtnl_message_unref(reply);
241 /* Finally, enumerate all addresses, too */
242 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
246 r = sd_rtnl_message_request_dump(req, true);
250 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
254 for (i = reply; i; i = sd_rtnl_message_next(i)) {
255 r = manager_process_address(m->rtnl, i, m);
263 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
264 Manager *m = userdata;
271 sd_network_monitor_flush(m->network_monitor);
273 HASHMAP_FOREACH(l, m->links, i) {
274 r = link_update_monitor(l);
276 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
279 r = manager_write_resolv_conf(m);
281 log_warning_errno(r, "Could not update resolv.conf: %m");
286 static int manager_network_monitor_listen(Manager *m) {
291 r = sd_network_monitor_new(&m->network_monitor, NULL);
295 fd = sd_network_monitor_get_fd(m->network_monitor);
299 events = sd_network_monitor_get_events(m->network_monitor);
303 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
310 static int determine_hostname(char **ret) {
311 _cleanup_free_ char *h = NULL, *n = NULL;
316 h = gethostname_malloc();
320 if (!utf8_is_valid(h)) {
321 log_error("System hostname is not UTF-8 clean.");
325 r = dns_name_normalize(h, &n);
327 log_error("System hostname '%s' cannot be normalized.", h);
337 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
338 _cleanup_free_ char *h = NULL;
339 Manager *m = userdata;
344 r = determine_hostname(&h);
346 return 0; /* ignore invalid hostnames */
348 if (streq(h, m->hostname))
351 log_info("System hostname changed to '%s'.", h);
356 manager_refresh_rrs(m);
361 static int manager_watch_hostname(Manager *m) {
366 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
367 if (m->hostname_fd < 0) {
368 log_warning_errno(errno, "Failed to watch hostname: %m");
372 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
375 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
376 m->hostname_fd = safe_close(m->hostname_fd);
378 return log_error_errno(r, "Failed to add hostname event source: %m");
381 r = determine_hostname(&m->hostname);
383 log_info("Defaulting to hostname 'linux'.");
384 m->hostname = strdup("linux");
388 log_info("Using system hostname '%s'.", m->hostname);
393 static void manager_llmnr_stop(Manager *m) {
396 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
397 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
399 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
400 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
402 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
403 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
405 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
406 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
409 static int manager_llmnr_start(Manager *m) {
414 if (m->llmnr_support == SUPPORT_NO)
417 r = manager_llmnr_ipv4_udp_fd(m);
418 if (r == -EADDRINUSE)
423 r = manager_llmnr_ipv4_tcp_fd(m);
424 if (r == -EADDRINUSE)
429 if (socket_ipv6_is_supported()) {
430 r = manager_llmnr_ipv6_udp_fd(m);
431 if (r == -EADDRINUSE)
436 r = manager_llmnr_ipv6_tcp_fd(m);
437 if (r == -EADDRINUSE)
446 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
447 m->llmnr_support = SUPPORT_NO;
448 manager_llmnr_stop(m);
453 int manager_new(Manager **ret) {
454 _cleanup_(manager_freep) Manager *m = NULL;
459 m = new0(Manager, 1);
463 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
464 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
465 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
468 m->llmnr_support = SUPPORT_YES;
469 m->read_resolv_conf = true;
471 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
475 r = sd_event_default(&m->event);
479 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
480 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
482 sd_event_set_watchdog(m->event, true);
484 r = manager_watch_hostname(m);
488 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
492 r = manager_network_monitor_listen(m);
496 r = manager_rtnl_listen(m);
500 r = manager_connect_bus(m);
510 int manager_start(Manager *m) {
515 r = manager_llmnr_start(m);
522 Manager *manager_free(Manager *m) {
528 while ((l = hashmap_first(m->links)))
531 while (m->dns_queries)
532 dns_query_free(m->dns_queries);
534 dns_scope_free(m->unicast_scope);
536 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
537 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
539 hashmap_free(m->links);
540 hashmap_free(m->dns_transactions);
542 sd_event_source_unref(m->network_event_source);
543 sd_network_monitor_unref(m->network_monitor);
545 sd_event_source_unref(m->dns_ipv4_event_source);
546 sd_event_source_unref(m->dns_ipv6_event_source);
547 safe_close(m->dns_ipv4_fd);
548 safe_close(m->dns_ipv6_fd);
550 manager_llmnr_stop(m);
552 sd_bus_slot_unref(m->prepare_for_sleep_slot);
553 sd_event_source_unref(m->bus_retry_event_source);
554 sd_bus_unref(m->bus);
556 sd_event_unref(m->event);
558 dns_resource_key_unref(m->host_ipv4_key);
559 dns_resource_key_unref(m->host_ipv6_key);
561 safe_close(m->hostname_fd);
562 sd_event_source_unref(m->hostname_event_source);
570 int manager_read_resolv_conf(Manager *m) {
571 _cleanup_fclose_ FILE *f = NULL;
580 /* Reads the system /etc/resolv.conf, if it exists and is not
581 * symlinked to our own resolv.conf instance */
583 if (!m->read_resolv_conf)
586 r = stat("/etc/resolv.conf", &st);
589 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
594 /* Have we already seen the file? */
595 t = timespec_load(&st.st_mtim);
596 if (t == m->resolv_conf_mtime)
599 m->resolv_conf_mtime = t;
601 /* Is it symlinked to our own file? */
602 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
603 st.st_dev == own.st_dev &&
604 st.st_ino == own.st_ino) {
609 f = fopen("/etc/resolv.conf", "re");
612 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
617 if (fstat(fileno(f), &st) < 0) {
618 log_error_errno(errno, "Failed to stat open file: %m");
623 LIST_FOREACH(servers, s, m->dns_servers)
626 FOREACH_LINE(line, f, r = -errno; goto clear) {
627 union in_addr_union address;
635 if (*l == '#' || *l == ';')
638 a = first_word(l, "nameserver");
642 r = in_addr_from_string_auto(a, &family, &address);
644 log_warning("Failed to parse name server %s.", a);
648 LIST_FOREACH(servers, s, m->dns_servers)
649 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
655 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
661 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
665 /* Whenever /etc/resolv.conf changes, start using the first
666 * DNS server of it. This is useful to deal with broken
667 * network managing implementations (like NetworkManager),
668 * that when connecting to a VPN place both the VPN DNS
669 * servers and the local ones in /etc/resolv.conf. Without
670 * resetting the DNS server to use back to the first entry we
671 * will continue to use the local one thus being unable to
672 * resolve VPN domains. */
673 manager_set_dns_server(m, m->dns_servers);
678 while (m->dns_servers)
679 dns_server_free(m->dns_servers);
684 static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
685 _cleanup_free_ char *t = NULL;
692 r = in_addr_to_string(s->family, &s->address, &t);
694 log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
699 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
701 fprintf(f, "nameserver %s\n", t);
705 static void write_resolv_conf_search(const char *domain, FILE *f,
706 unsigned *count, unsigned *length) {
711 if (*count >= MAXDNSRCH ||
712 *length + strlen(domain) > 256) {
713 if (*count == MAXDNSRCH)
714 fputs(" # Too many search domains configured, remaining ones ignored.", f);
716 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
721 fprintf(f, " %s", domain);
723 (*length) += strlen(domain);
727 static int write_resolv_conf_contents(FILE *f, Set *dns, Set *domains) {
730 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
731 "# Third party programs must not access this file directly, but\n"
732 "# only through the symlink at /etc/resolv.conf. To manage\n"
733 "# resolv.conf(5) in a different way, replace the symlink by a\n"
734 "# static file or a different symlink.\n\n", f);
736 if (set_isempty(dns))
737 fputs("# No DNS servers known.\n", f);
742 SET_FOREACH(s, dns, i)
743 write_resolv_conf_server(s, f, &count);
746 if (!set_isempty(domains)) {
747 unsigned length = 0, count = 0;
751 SET_FOREACH(domain, domains, i)
752 write_resolv_conf_search(domain, f, &count, &length);
756 return fflush_and_check(f);
760 int manager_write_resolv_conf(Manager *m) {
761 static const char path[] = "/run/systemd/resolve/resolv.conf";
762 _cleanup_free_ char *temp_path = NULL;
763 _cleanup_fclose_ FILE *f = NULL;
764 _cleanup_set_free_ Set *dns = NULL, *domains = NULL;
772 /* Read the system /etc/resolv.conf first */
773 manager_read_resolv_conf(m);
775 /* Add the full list to a set, to filter out duplicates */
776 dns = set_new(&dns_server_hash_ops);
780 domains = set_new(&dns_name_hash_ops);
784 /* First add the system-wide servers */
785 LIST_FOREACH(servers, s, m->dns_servers) {
793 /* Then, add the per-link servers and domains */
794 HASHMAP_FOREACH(l, m->links, i) {
797 LIST_FOREACH(servers, s, l->dns_servers) {
805 if (!l->unicast_scope)
808 STRV_FOREACH(domain, l->unicast_scope->domains) {
809 r = set_put(domains, *domain);
817 /* If we found nothing, add the fallback servers */
818 if (set_isempty(dns)) {
819 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
828 r = fopen_temporary_label(path, path, &f, &temp_path);
832 fchmod(fileno(f), 0644);
834 r = write_resolv_conf_contents(f, dns, domains);
838 if (rename(temp_path, path) < 0) {
851 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
852 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
854 struct cmsghdr header; /* For alignment */
855 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
856 + CMSG_SPACE(int) /* ttl/hoplimit */
857 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
859 union sockaddr_union sa;
860 struct msghdr mh = {};
861 struct cmsghdr *cmsg;
870 r = ioctl(fd, FIONREAD, &ms);
876 r = dns_packet_new(&p, protocol, ms);
880 iov.iov_base = DNS_PACKET_DATA(p);
881 iov.iov_len = p->allocated;
883 mh.msg_name = &sa.sa;
884 mh.msg_namelen = sizeof(sa);
887 mh.msg_control = &control;
888 mh.msg_controllen = sizeof(control);
890 l = recvmsg(fd, &mh, 0);
892 if (errno == EAGAIN || errno == EINTR)
901 assert(!(mh.msg_flags & MSG_CTRUNC));
902 assert(!(mh.msg_flags & MSG_TRUNC));
904 p->size = (size_t) l;
906 p->family = sa.sa.sa_family;
907 p->ipproto = IPPROTO_UDP;
908 if (p->family == AF_INET) {
909 p->sender.in = sa.in.sin_addr;
910 p->sender_port = be16toh(sa.in.sin_port);
911 } else if (p->family == AF_INET6) {
912 p->sender.in6 = sa.in6.sin6_addr;
913 p->sender_port = be16toh(sa.in6.sin6_port);
914 p->ifindex = sa.in6.sin6_scope_id;
916 return -EAFNOSUPPORT;
918 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
920 if (cmsg->cmsg_level == IPPROTO_IPV6) {
921 assert(p->family == AF_INET6);
923 switch (cmsg->cmsg_type) {
926 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
929 p->ifindex = i->ipi6_ifindex;
931 p->destination.in6 = i->ipi6_addr;
936 p->ttl = *(int *) CMSG_DATA(cmsg);
940 } else if (cmsg->cmsg_level == IPPROTO_IP) {
941 assert(p->family == AF_INET);
943 switch (cmsg->cmsg_type) {
946 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
949 p->ifindex = i->ipi_ifindex;
951 p->destination.in = i->ipi_addr;
956 p->ttl = *(int *) CMSG_DATA(cmsg);
962 /* The Linux kernel sets the interface index to the loopback
963 * device if the packet came from the local host since it
964 * avoids the routing table in such a case. Let's unset the
965 * interface index in such a case. */
966 if (p->ifindex == LOOPBACK_IFINDEX)
969 /* If we don't know the interface index still, we look for the
970 * first local interface with a matching address. Yuck! */
972 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
980 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
981 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
982 DnsTransaction *t = NULL;
983 Manager *m = userdata;
986 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
990 if (dns_packet_validate_reply(p) > 0) {
991 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
995 dns_transaction_process_reply(t, p);
998 log_debug("Invalid DNS packet.");
1003 int manager_dns_ipv4_fd(Manager *m) {
1009 if (m->dns_ipv4_fd >= 0)
1010 return m->dns_ipv4_fd;
1012 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1013 if (m->dns_ipv4_fd < 0)
1016 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1022 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
1026 return m->dns_ipv4_fd;
1029 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1033 int manager_dns_ipv6_fd(Manager *m) {
1039 if (m->dns_ipv6_fd >= 0)
1040 return m->dns_ipv6_fd;
1042 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1043 if (m->dns_ipv6_fd < 0)
1046 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1052 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
1056 return m->dns_ipv6_fd;
1059 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1063 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1070 if (sendmsg(fd, mh, flags) >= 0)
1076 if (errno != EAGAIN)
1079 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1087 static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1088 union sockaddr_union sa = {
1089 .in.sin_family = AF_INET,
1092 struct cmsghdr header; /* For alignment */
1093 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1095 struct msghdr mh = {};
1104 iov.iov_base = DNS_PACKET_DATA(p);
1105 iov.iov_len = p->size;
1107 sa.in.sin_addr = *addr;
1108 sa.in.sin_port = htobe16(port),
1112 mh.msg_name = &sa.sa;
1113 mh.msg_namelen = sizeof(sa.in);
1116 struct cmsghdr *cmsg;
1117 struct in_pktinfo *pi;
1121 mh.msg_control = &control;
1122 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1124 cmsg = CMSG_FIRSTHDR(&mh);
1125 cmsg->cmsg_len = mh.msg_controllen;
1126 cmsg->cmsg_level = IPPROTO_IP;
1127 cmsg->cmsg_type = IP_PKTINFO;
1129 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1130 pi->ipi_ifindex = ifindex;
1133 return sendmsg_loop(fd, &mh, 0);
1136 static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1137 union sockaddr_union sa = {
1138 .in6.sin6_family = AF_INET6,
1141 struct cmsghdr header; /* For alignment */
1142 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1144 struct msghdr mh = {};
1153 iov.iov_base = DNS_PACKET_DATA(p);
1154 iov.iov_len = p->size;
1156 sa.in6.sin6_addr = *addr;
1157 sa.in6.sin6_port = htobe16(port),
1158 sa.in6.sin6_scope_id = ifindex;
1162 mh.msg_name = &sa.sa;
1163 mh.msg_namelen = sizeof(sa.in6);
1166 struct cmsghdr *cmsg;
1167 struct in6_pktinfo *pi;
1171 mh.msg_control = &control;
1172 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1174 cmsg = CMSG_FIRSTHDR(&mh);
1175 cmsg->cmsg_len = mh.msg_controllen;
1176 cmsg->cmsg_level = IPPROTO_IPV6;
1177 cmsg->cmsg_type = IPV6_PKTINFO;
1179 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1180 pi->ipi6_ifindex = ifindex;
1183 return sendmsg_loop(fd, &mh, 0);
1186 int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1193 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1195 if (family == AF_INET)
1196 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1197 else if (family == AF_INET6)
1198 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1200 return -EAFNOSUPPORT;
1203 DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1209 LIST_FOREACH(servers, s, m->dns_servers)
1210 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1213 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1214 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1220 DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1223 if (m->current_dns_server == s)
1227 _cleanup_free_ char *ip = NULL;
1229 in_addr_to_string(s->family, &s->address, &ip);
1230 log_info("Switching to system DNS server %s.", strna(ip));
1233 m->current_dns_server = s;
1235 if (m->unicast_scope)
1236 dns_cache_flush(&m->unicast_scope->cache);
1241 DnsServer *manager_get_dns_server(Manager *m) {
1245 /* Try to read updates resolv.conf */
1246 manager_read_resolv_conf(m);
1248 if (!m->current_dns_server)
1249 manager_set_dns_server(m, m->dns_servers);
1251 if (!m->current_dns_server) {
1255 /* No DNS servers configured, let's see if there are
1256 * any on any links. If not, we use the fallback
1259 HASHMAP_FOREACH(l, m->links, i)
1260 if (l->dns_servers) {
1266 manager_set_dns_server(m, m->fallback_dns_servers);
1269 return m->current_dns_server;
1272 void manager_next_dns_server(Manager *m) {
1275 /* If there's currently no DNS server set, then the next
1276 * manager_get_dns_server() will find one */
1277 if (!m->current_dns_server)
1280 /* Change to the next one */
1281 if (m->current_dns_server->servers_next) {
1282 manager_set_dns_server(m, m->current_dns_server->servers_next);
1286 /* If there was no next one, then start from the beginning of
1288 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1289 manager_set_dns_server(m, m->fallback_dns_servers);
1291 manager_set_dns_server(m, m->dns_servers);
1294 uint32_t manager_find_mtu(Manager *m) {
1299 /* If we don't know on which link a DNS packet would be
1300 * delivered, let's find the largest MTU that works on all
1301 * interfaces we know of */
1303 HASHMAP_FOREACH(l, m->links, i) {
1307 if (mtu <= 0 || l->mtu < mtu)
1314 static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1315 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1316 DnsTransaction *t = NULL;
1317 Manager *m = userdata;
1321 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1325 scope = manager_find_scope(m, p);
1327 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1331 if (dns_packet_validate_reply(p) > 0) {
1332 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1334 dns_scope_check_conflicts(scope, p);
1336 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1338 dns_transaction_process_reply(t, p);
1340 } else if (dns_packet_validate_query(p) > 0) {
1341 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
1343 dns_scope_process_query(scope, NULL, p);
1345 log_debug("Invalid LLMNR UDP packet.");
1350 int manager_llmnr_ipv4_udp_fd(Manager *m) {
1351 union sockaddr_union sa = {
1352 .in.sin_family = AF_INET,
1353 .in.sin_port = htobe16(5355),
1355 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1360 if (m->llmnr_ipv4_udp_fd >= 0)
1361 return m->llmnr_ipv4_udp_fd;
1363 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1364 if (m->llmnr_ipv4_udp_fd < 0)
1367 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1368 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1374 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1380 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1386 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1392 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1398 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1404 /* Disable Don't-Fragment bit in the IP header */
1405 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1411 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1417 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1421 return m->llmnr_ipv4_udp_fd;
1424 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1428 int manager_llmnr_ipv6_udp_fd(Manager *m) {
1429 union sockaddr_union sa = {
1430 .in6.sin6_family = AF_INET6,
1431 .in6.sin6_port = htobe16(5355),
1433 static const int one = 1, ttl = 255;
1438 if (m->llmnr_ipv6_udp_fd >= 0)
1439 return m->llmnr_ipv6_udp_fd;
1441 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1442 if (m->llmnr_ipv6_udp_fd < 0)
1445 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1451 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1452 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1458 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1464 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1470 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1476 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1482 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1488 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1494 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1500 return m->llmnr_ipv6_udp_fd;
1503 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1507 static int on_llmnr_stream_packet(DnsStream *s) {
1512 scope = manager_find_scope(s->manager, s->read_packet);
1514 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1518 if (dns_packet_validate_query(s->read_packet) > 0) {
1519 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
1521 dns_scope_process_query(scope, s, s->read_packet);
1523 /* If no reply packet was set, we free the stream */
1524 if (s->write_packet)
1527 log_debug("Invalid LLMNR TCP packet.");
1533 static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1535 Manager *m = userdata;
1538 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1540 if (errno == EAGAIN || errno == EINTR)
1546 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1552 stream->on_packet = on_llmnr_stream_packet;
1556 int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1557 union sockaddr_union sa = {
1558 .in.sin_family = AF_INET,
1559 .in.sin_port = htobe16(5355),
1561 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1566 if (m->llmnr_ipv4_tcp_fd >= 0)
1567 return m->llmnr_ipv4_tcp_fd;
1569 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1570 if (m->llmnr_ipv4_tcp_fd < 0)
1573 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1574 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1580 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1586 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1592 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1598 /* Disable Don't-Fragment bit in the IP header */
1599 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1605 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1611 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1617 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1621 return m->llmnr_ipv4_tcp_fd;
1624 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1628 int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1629 union sockaddr_union sa = {
1630 .in6.sin6_family = AF_INET6,
1631 .in6.sin6_port = htobe16(5355),
1633 static const int one = 1;
1638 if (m->llmnr_ipv6_tcp_fd >= 0)
1639 return m->llmnr_ipv6_tcp_fd;
1641 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1642 if (m->llmnr_ipv6_tcp_fd < 0)
1645 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1646 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1652 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1658 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1664 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1670 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1676 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1682 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1688 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1694 return m->llmnr_ipv6_tcp_fd;
1697 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1701 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1706 a = manager_find_link_address(m, family, in_addr);
1708 return a->link->ifindex;
1713 void manager_refresh_rrs(Manager *m) {
1719 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1720 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1722 HASHMAP_FOREACH(l, m->links, i) {
1723 link_add_rrs(l, true);
1724 link_add_rrs(l, false);
1728 int manager_next_hostname(Manager *m) {
1735 p = strchr(m->hostname, 0);
1738 while (p > m->hostname) {
1739 if (!strchr("0123456789", p[-1]))
1745 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1748 /* Add a random number to the old value. This way we can avoid
1749 * that two hosts pick the same hostname, win on IPv4 and lose
1750 * on IPv6 (or vice versa), and pick the same hostname
1751 * replacement hostname, ad infinitum. We still want the
1752 * numbers to go up monotonically, hence we just add a random
1755 random_bytes(&a, sizeof(a));
1758 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1761 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1766 manager_refresh_rrs(m);
1771 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1777 HASHMAP_FOREACH(l, m->links, i) {
1780 a = link_find_address(l, family, in_addr);
1788 bool manager_our_packet(Manager *m, DnsPacket *p) {
1792 return !!manager_find_link_address(m, p->family, &p->sender);
1795 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1801 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1805 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1806 if (p->family == AF_INET)
1807 return l->llmnr_ipv4_scope;
1808 else if (p->family == AF_INET6)
1809 return l->llmnr_ipv6_scope;
1815 void manager_verify_all(Manager *m) {
1820 LIST_FOREACH(scopes, s, m->dns_scopes)
1821 dns_zone_verify_all(&s->zone);
1824 void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1827 if (t == DNS_SERVER_SYSTEM)
1828 while (m->dns_servers)
1829 dns_server_free(m->dns_servers);
1831 if (t == DNS_SERVER_FALLBACK)
1832 while (m->fallback_dns_servers)
1833 dns_server_free(m->fallback_dns_servers);
1836 static const char* const support_table[_SUPPORT_MAX] = {
1837 [SUPPORT_NO] = "no",
1838 [SUPPORT_YES] = "yes",
1839 [SUPPORT_RESOLVE] = "resolve",
1841 DEFINE_STRING_TABLE_LOOKUP(support, Support);