1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <arpa/inet.h>
25 #include <sys/ioctl.h>
27 #include <netinet/in.h>
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "network-internal.h"
33 #include "conf-parser.h"
34 #include "socket-util.h"
38 #include "resolved-dns-domain.h"
39 #include "resolved-conf.h"
40 #include "resolved-bus.h"
41 #include "resolved-manager.h"
43 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
45 static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
46 Manager *m = userdata;
55 r = sd_rtnl_message_get_type(mm, &type);
59 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
63 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
71 r = link_new(m, &l, ifindex);
76 r = link_update_rtnl(l, mm);
80 r = link_update_monitor(l);
85 log_debug("Found new link %i/%s", ifindex, l->name);
92 log_debug("Removing link %i/%s", l->ifindex, l->name);
102 log_warning("Failed to process RTNL link message: %s", strerror(-r));
106 static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
107 Manager *m = userdata;
108 union in_addr_union address;
110 int r, ifindex, family;
118 r = sd_rtnl_message_get_type(mm, &type);
122 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
126 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
130 r = sd_rtnl_message_addr_get_family(mm, &family);
137 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
139 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
147 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
149 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
160 a = link_find_address(l, family, &address);
167 r = link_address_new(l, &a, family, &address);
172 r = link_address_update_rtnl(a, mm);
180 link_address_free(a);
187 log_warning("Failed to process RTNL address message: %s", strerror(-r));
191 static int manager_rtnl_listen(Manager *m) {
192 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
198 /* First, subscibe to interfaces coming and going */
199 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
203 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
207 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
211 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
215 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
219 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
223 /* Then, enumerate all links */
224 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
228 r = sd_rtnl_message_request_dump(req, true);
232 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
236 for (i = reply; i; i = sd_rtnl_message_next(i)) {
237 r = manager_process_link(m->rtnl, i, m);
242 req = sd_rtnl_message_unref(req);
243 reply = sd_rtnl_message_unref(reply);
245 /* Finally, enumerate all addresses, too */
246 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
250 r = sd_rtnl_message_request_dump(req, true);
254 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
258 for (i = reply; i; i = sd_rtnl_message_next(i)) {
259 r = manager_process_address(m->rtnl, i, m);
267 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
268 Manager *m = userdata;
275 sd_network_monitor_flush(m->network_monitor);
277 HASHMAP_FOREACH(l, m->links, i) {
278 r = link_update_monitor(l);
280 log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
283 r = manager_write_resolv_conf(m);
285 log_warning("Could not update resolv.conf: %s", strerror(-r));
290 static int manager_network_monitor_listen(Manager *m) {
295 r = sd_network_monitor_new(&m->network_monitor, NULL);
299 fd = sd_network_monitor_get_fd(m->network_monitor);
303 events = sd_network_monitor_get_events(m->network_monitor);
307 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
314 static int determine_hostname(char **ret) {
315 _cleanup_free_ char *h = NULL, *n = NULL;
320 h = gethostname_malloc();
324 if (!utf8_is_valid(h)) {
325 log_error("System hostname is not UTF-8 clean.");
329 r = dns_name_normalize(h, &n);
331 log_error("System hostname '%s' cannot be normalized.", h);
341 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
342 _cleanup_free_ char *h = NULL;
343 Manager *m = userdata;
348 r = determine_hostname(&h);
350 return 0; /* ignore invalid hostnames */
352 if (streq(h, m->hostname))
355 log_info("System hostname changed to '%s'.", h);
360 manager_refresh_rrs(m);
365 static int manager_watch_hostname(Manager *m) {
370 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
371 if (m->hostname_fd < 0) {
372 log_warning("Failed to watch hostname: %m");
376 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
379 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
380 m->hostname_fd = safe_close(m->hostname_fd);
382 log_error("Failed to add hostname event source: %s", strerror(-r));
387 r = determine_hostname(&m->hostname);
389 log_info("Defaulting to hostname 'linux'.");
390 m->hostname = strdup("linux");
394 log_info("Using system hostname '%s'.", m->hostname);
399 static void manager_llmnr_stop(Manager *m) {
402 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
403 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
405 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
406 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
408 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
409 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
411 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
412 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
415 static int manager_llmnr_start(Manager *m) {
420 if (m->llmnr_support == SUPPORT_NO)
423 r = manager_llmnr_ipv4_udp_fd(m);
424 if (r == -EADDRINUSE)
429 r = manager_llmnr_ipv4_tcp_fd(m);
430 if (r == -EADDRINUSE)
435 if (socket_ipv6_is_supported()) {
436 r = manager_llmnr_ipv6_udp_fd(m);
437 if (r == -EADDRINUSE)
442 r = manager_llmnr_ipv6_tcp_fd(m);
443 if (r == -EADDRINUSE)
452 log_warning("There appears to be another LLMNR respondering running. Turning off LLMNR support.");
453 m->llmnr_support = SUPPORT_NO;
454 manager_llmnr_stop(m);
459 int manager_new(Manager **ret) {
460 _cleanup_(manager_freep) Manager *m = NULL;
465 m = new0(Manager, 1);
469 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
470 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
471 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
474 m->llmnr_support = SUPPORT_YES;
475 m->read_resolv_conf = true;
477 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
481 r = sd_event_default(&m->event);
485 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
486 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
488 sd_event_set_watchdog(m->event, true);
490 r = manager_watch_hostname(m);
494 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
498 r = manager_network_monitor_listen(m);
502 r = manager_rtnl_listen(m);
506 r = manager_connect_bus(m);
516 int manager_start(Manager *m) {
521 r = manager_llmnr_start(m);
528 Manager *manager_free(Manager *m) {
534 while ((l = hashmap_first(m->links)))
537 while (m->dns_queries)
538 dns_query_free(m->dns_queries);
540 dns_scope_free(m->unicast_scope);
542 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
543 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
545 hashmap_free(m->links);
546 hashmap_free(m->dns_transactions);
548 sd_event_source_unref(m->network_event_source);
549 sd_network_monitor_unref(m->network_monitor);
551 sd_event_source_unref(m->dns_ipv4_event_source);
552 sd_event_source_unref(m->dns_ipv6_event_source);
553 safe_close(m->dns_ipv4_fd);
554 safe_close(m->dns_ipv6_fd);
556 manager_llmnr_stop(m);
558 sd_bus_slot_unref(m->prepare_for_sleep_slot);
559 sd_event_source_unref(m->bus_retry_event_source);
560 sd_bus_unref(m->bus);
562 sd_event_unref(m->event);
564 dns_resource_key_unref(m->host_ipv4_key);
565 dns_resource_key_unref(m->host_ipv6_key);
567 safe_close(m->hostname_fd);
568 sd_event_source_unref(m->hostname_event_source);
576 int manager_read_resolv_conf(Manager *m) {
577 _cleanup_fclose_ FILE *f = NULL;
586 /* Reads the system /etc/resolv.conf, if it exists and is not
587 * symlinked to our own resolv.conf instance */
589 if (!m->read_resolv_conf)
592 r = stat("/etc/resolv.conf", &st);
595 log_warning("Failed to open /etc/resolv.conf: %m");
600 /* Have we already seen the file? */
601 t = timespec_load(&st.st_mtim);
602 if (t == m->resolv_conf_mtime)
605 m->resolv_conf_mtime = t;
607 /* Is it symlinked to our own file? */
608 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
609 st.st_dev == own.st_dev &&
610 st.st_ino == own.st_ino) {
615 f = fopen("/etc/resolv.conf", "re");
618 log_warning("Failed to open /etc/resolv.conf: %m");
623 if (fstat(fileno(f), &st) < 0) {
624 log_error("Failed to stat open file: %m");
629 LIST_FOREACH(servers, s, m->dns_servers)
632 FOREACH_LINE(line, f, r = -errno; goto clear) {
633 union in_addr_union address;
641 if (*l == '#' || *l == ';')
644 a = first_word(l, "nameserver");
648 r = in_addr_from_string_auto(a, &family, &address);
650 log_warning("Failed to parse name server %s.", a);
654 LIST_FOREACH(servers, s, m->dns_servers)
655 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
661 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
667 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
674 while (m->dns_servers)
675 dns_server_free(m->dns_servers);
680 static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
681 _cleanup_free_ char *t = NULL;
688 r = in_addr_to_string(s->family, &s->address, &t);
690 log_warning("Invalid DNS address. Ignoring: %s", strerror(-r));
695 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
697 fprintf(f, "nameserver %s\n", t);
701 int manager_write_resolv_conf(Manager *m) {
702 static const char path[] = "/run/systemd/resolve/resolv.conf";
703 _cleanup_free_ char *temp_path = NULL;
704 _cleanup_fclose_ FILE *f = NULL;
705 _cleanup_set_free_ Set *dns = NULL;
714 /* Read the system /etc/resolv.conf first */
715 manager_read_resolv_conf(m);
717 /* Add the full list to a set, to filter out duplicates */
718 dns = set_new(dns_server_hash_func, dns_server_compare_func);
722 /* First add the system-wide servers */
723 LIST_FOREACH(servers, s, m->dns_servers) {
731 /* Then, add the per-link servers */
732 HASHMAP_FOREACH(l, m->links, i)
733 LIST_FOREACH(servers, s, l->dns_servers) {
741 /* If we found nothing, add the fallback servers */
742 if (set_isempty(dns)) {
743 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
752 r = fopen_temporary(path, &f, &temp_path);
756 fchmod(fileno(f), 0644);
758 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
759 "# Third party programs must not access this file directly, but\n"
760 "# only through the symlink at /etc/resolv.conf. To manage\n"
761 "# resolv.conf(5) in a different way, replace the symlink by a\n"
762 "# static file or a different symlink.\n\n", f);
764 if (set_isempty(dns))
765 fputs("# No DNS servers known.\n", f);
767 SET_FOREACH(s, dns, i)
768 write_resolve_conf_server(s, f, &count);
771 r = fflush_and_check(f);
775 if (rename(temp_path, path) < 0) {
788 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
789 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
791 struct cmsghdr header; /* For alignment */
792 uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
793 + CMSG_SPACE(int) /* ttl/hoplimit */
794 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
796 union sockaddr_union sa;
797 struct msghdr mh = {};
798 struct cmsghdr *cmsg;
807 r = ioctl(fd, FIONREAD, &ms);
813 r = dns_packet_new(&p, protocol, ms);
817 iov.iov_base = DNS_PACKET_DATA(p);
818 iov.iov_len = p->allocated;
820 mh.msg_name = &sa.sa;
821 mh.msg_namelen = sizeof(sa);
824 mh.msg_control = &control;
825 mh.msg_controllen = sizeof(control);
827 l = recvmsg(fd, &mh, 0);
829 if (errno == EAGAIN || errno == EINTR)
838 assert(!(mh.msg_flags & MSG_CTRUNC));
839 assert(!(mh.msg_flags & MSG_TRUNC));
841 p->size = (size_t) l;
843 p->family = sa.sa.sa_family;
844 p->ipproto = IPPROTO_UDP;
845 if (p->family == AF_INET) {
846 p->sender.in = sa.in.sin_addr;
847 p->sender_port = be16toh(sa.in.sin_port);
848 } else if (p->family == AF_INET6) {
849 p->sender.in6 = sa.in6.sin6_addr;
850 p->sender_port = be16toh(sa.in6.sin6_port);
851 p->ifindex = sa.in6.sin6_scope_id;
853 return -EAFNOSUPPORT;
855 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
857 if (cmsg->cmsg_level == IPPROTO_IPV6) {
858 assert(p->family == AF_INET6);
860 switch (cmsg->cmsg_type) {
863 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
866 p->ifindex = i->ipi6_ifindex;
868 p->destination.in6 = i->ipi6_addr;
873 p->ttl = *(int *) CMSG_DATA(cmsg);
877 } else if (cmsg->cmsg_level == IPPROTO_IP) {
878 assert(p->family == AF_INET);
880 switch (cmsg->cmsg_type) {
883 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
886 p->ifindex = i->ipi_ifindex;
888 p->destination.in = i->ipi_addr;
893 p->ttl = *(int *) CMSG_DATA(cmsg);
899 /* The Linux kernel sets the interface index to the loopback
900 * device if the packet came from the local host since it
901 * avoids the routing table in such a case. Let's unset the
902 * interface index in such a case. */
903 if (p->ifindex > 0 && manager_ifindex_is_loopback(m, p->ifindex) != 0)
906 /* If we don't know the interface index still, we look for the
907 * first local interface with a matching address. Yuck! */
909 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
917 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
918 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
919 DnsTransaction *t = NULL;
920 Manager *m = userdata;
923 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
927 if (dns_packet_validate_reply(p) > 0) {
928 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
932 dns_transaction_process_reply(t, p);
935 log_debug("Invalid DNS packet.");
940 int manager_dns_ipv4_fd(Manager *m) {
946 if (m->dns_ipv4_fd >= 0)
947 return m->dns_ipv4_fd;
949 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
950 if (m->dns_ipv4_fd < 0)
953 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
959 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
963 return m->dns_ipv4_fd;
966 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
970 int manager_dns_ipv6_fd(Manager *m) {
976 if (m->dns_ipv6_fd >= 0)
977 return m->dns_ipv6_fd;
979 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
980 if (m->dns_ipv6_fd < 0)
983 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
989 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
993 return m->dns_ipv6_fd;
996 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1000 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1007 if (sendmsg(fd, mh, flags) >= 0)
1013 if (errno != EAGAIN)
1016 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1024 static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1025 union sockaddr_union sa = {
1026 .in.sin_family = AF_INET,
1029 struct cmsghdr header; /* For alignment */
1030 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1032 struct msghdr mh = {};
1041 iov.iov_base = DNS_PACKET_DATA(p);
1042 iov.iov_len = p->size;
1044 sa.in.sin_addr = *addr;
1045 sa.in.sin_port = htobe16(port),
1049 mh.msg_name = &sa.sa;
1050 mh.msg_namelen = sizeof(sa.in);
1053 struct cmsghdr *cmsg;
1054 struct in_pktinfo *pi;
1058 mh.msg_control = &control;
1059 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1061 cmsg = CMSG_FIRSTHDR(&mh);
1062 cmsg->cmsg_len = mh.msg_controllen;
1063 cmsg->cmsg_level = IPPROTO_IP;
1064 cmsg->cmsg_type = IP_PKTINFO;
1066 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1067 pi->ipi_ifindex = ifindex;
1070 return sendmsg_loop(fd, &mh, 0);
1073 static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1074 union sockaddr_union sa = {
1075 .in6.sin6_family = AF_INET6,
1078 struct cmsghdr header; /* For alignment */
1079 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1081 struct msghdr mh = {};
1090 iov.iov_base = DNS_PACKET_DATA(p);
1091 iov.iov_len = p->size;
1093 sa.in6.sin6_addr = *addr;
1094 sa.in6.sin6_port = htobe16(port),
1095 sa.in6.sin6_scope_id = ifindex;
1099 mh.msg_name = &sa.sa;
1100 mh.msg_namelen = sizeof(sa.in6);
1103 struct cmsghdr *cmsg;
1104 struct in6_pktinfo *pi;
1108 mh.msg_control = &control;
1109 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1111 cmsg = CMSG_FIRSTHDR(&mh);
1112 cmsg->cmsg_len = mh.msg_controllen;
1113 cmsg->cmsg_level = IPPROTO_IPV6;
1114 cmsg->cmsg_type = IPV6_PKTINFO;
1116 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1117 pi->ipi6_ifindex = ifindex;
1120 return sendmsg_loop(fd, &mh, 0);
1123 int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1130 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1132 if (family == AF_INET)
1133 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1134 else if (family == AF_INET6)
1135 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1137 return -EAFNOSUPPORT;
1140 DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1146 LIST_FOREACH(servers, s, m->dns_servers)
1147 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1150 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1151 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1157 DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1160 if (m->current_dns_server == s)
1164 _cleanup_free_ char *ip = NULL;
1166 in_addr_to_string(s->family, &s->address, &ip);
1167 log_info("Switching to system DNS server %s.", strna(ip));
1170 m->current_dns_server = s;
1172 if (m->unicast_scope)
1173 dns_cache_flush(&m->unicast_scope->cache);
1178 DnsServer *manager_get_dns_server(Manager *m) {
1182 /* Try to read updates resolv.conf */
1183 manager_read_resolv_conf(m);
1185 if (!m->current_dns_server)
1186 manager_set_dns_server(m, m->dns_servers);
1188 if (!m->current_dns_server) {
1192 /* No DNS servers configured, let's see if there are
1193 * any on any links. If not, we use the fallback
1196 HASHMAP_FOREACH(l, m->links, i)
1197 if (l->dns_servers) {
1203 manager_set_dns_server(m, m->fallback_dns_servers);
1206 return m->current_dns_server;
1209 void manager_next_dns_server(Manager *m) {
1212 /* If there's currently no DNS server set, then the next
1213 * manager_get_dns_server() will find one */
1214 if (!m->current_dns_server)
1217 /* Change to the next one */
1218 if (m->current_dns_server->servers_next) {
1219 manager_set_dns_server(m, m->current_dns_server->servers_next);
1223 /* If there was no next one, then start from the beginning of
1225 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1226 manager_set_dns_server(m, m->fallback_dns_servers);
1228 manager_set_dns_server(m, m->dns_servers);
1231 uint32_t manager_find_mtu(Manager *m) {
1236 /* If we don't know on which link a DNS packet would be
1237 * delivered, let's find the largest MTU that works on all
1238 * interfaces we know of */
1240 HASHMAP_FOREACH(l, m->links, i) {
1244 if (mtu <= 0 || l->mtu < mtu)
1251 static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1252 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1253 DnsTransaction *t = NULL;
1254 Manager *m = userdata;
1258 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1262 scope = manager_find_scope(m, p);
1264 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1268 if (dns_packet_validate_reply(p) > 0) {
1269 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1271 dns_scope_check_conflicts(scope, p);
1273 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1275 dns_transaction_process_reply(t, p);
1277 } else if (dns_packet_validate_query(p) > 0) {
1278 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
1280 dns_scope_process_query(scope, NULL, p);
1282 log_debug("Invalid LLMNR UDP packet.");
1287 int manager_llmnr_ipv4_udp_fd(Manager *m) {
1288 union sockaddr_union sa = {
1289 .in.sin_family = AF_INET,
1290 .in.sin_port = htobe16(5355),
1292 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1297 if (m->llmnr_ipv4_udp_fd >= 0)
1298 return m->llmnr_ipv4_udp_fd;
1300 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1301 if (m->llmnr_ipv4_udp_fd < 0)
1304 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1305 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1311 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1317 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1323 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1329 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1335 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1341 /* Disable Don't-Fragment bit in the IP header */
1342 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1348 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1354 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1358 return m->llmnr_ipv4_udp_fd;
1361 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1365 int manager_llmnr_ipv6_udp_fd(Manager *m) {
1366 union sockaddr_union sa = {
1367 .in6.sin6_family = AF_INET6,
1368 .in6.sin6_port = htobe16(5355),
1370 static const int one = 1, ttl = 255;
1375 if (m->llmnr_ipv6_udp_fd >= 0)
1376 return m->llmnr_ipv6_udp_fd;
1378 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1379 if (m->llmnr_ipv6_udp_fd < 0)
1382 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1388 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1389 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1395 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1401 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1407 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1413 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1419 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1425 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1431 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1437 return m->llmnr_ipv6_udp_fd;
1440 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1444 static int on_llmnr_stream_packet(DnsStream *s) {
1449 scope = manager_find_scope(s->manager, s->read_packet);
1451 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1455 if (dns_packet_validate_query(s->read_packet) > 0) {
1456 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
1458 dns_scope_process_query(scope, s, s->read_packet);
1460 /* If no reply packet was set, we free the stream */
1461 if (s->write_packet)
1464 log_debug("Invalid LLMNR TCP packet.");
1470 static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1472 Manager *m = userdata;
1475 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1477 if (errno == EAGAIN || errno == EINTR)
1483 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1489 stream->on_packet = on_llmnr_stream_packet;
1493 int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1494 union sockaddr_union sa = {
1495 .in.sin_family = AF_INET,
1496 .in.sin_port = htobe16(5355),
1498 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1503 if (m->llmnr_ipv4_tcp_fd >= 0)
1504 return m->llmnr_ipv4_tcp_fd;
1506 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1507 if (m->llmnr_ipv4_tcp_fd < 0)
1510 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1511 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1517 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1523 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1529 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1535 /* Disable Don't-Fragment bit in the IP header */
1536 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1542 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1548 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1554 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1558 return m->llmnr_ipv4_tcp_fd;
1561 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1565 int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1566 union sockaddr_union sa = {
1567 .in6.sin6_family = AF_INET6,
1568 .in6.sin6_port = htobe16(5355),
1570 static const int one = 1;
1575 if (m->llmnr_ipv6_tcp_fd >= 0)
1576 return m->llmnr_ipv6_tcp_fd;
1578 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1579 if (m->llmnr_ipv6_tcp_fd < 0)
1582 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1583 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1589 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1595 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1601 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1607 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1613 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1619 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1625 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1631 return m->llmnr_ipv6_tcp_fd;
1634 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1638 int manager_ifindex_is_loopback(Manager *m, int ifindex) {
1645 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
1646 if (l->flags & IFF_LOOPBACK)
1652 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1657 a = manager_find_link_address(m, family, in_addr);
1659 return a->link->ifindex;
1664 void manager_refresh_rrs(Manager *m) {
1670 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1671 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1673 HASHMAP_FOREACH(l, m->links, i) {
1674 link_add_rrs(l, true);
1675 link_add_rrs(l, false);
1679 int manager_next_hostname(Manager *m) {
1686 p = strchr(m->hostname, 0);
1689 while (p > m->hostname) {
1690 if (!strchr("0123456789", p[-1]))
1696 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1699 /* Add a random number to the old value. This way we can avoid
1700 * that two hosts pick the same hostname, win on IPv4 and lose
1701 * on IPv6 (or vice versa), and pick the same hostname
1702 * replacement hostname, ad infinitum. We still want the
1703 * numbers to go up monotonically, hence we just add a random
1706 random_bytes(&a, sizeof(a));
1709 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1712 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1717 manager_refresh_rrs(m);
1722 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1728 HASHMAP_FOREACH(l, m->links, i) {
1731 a = link_find_address(l, family, in_addr);
1739 bool manager_our_packet(Manager *m, DnsPacket *p) {
1743 return !!manager_find_link_address(m, p->family, &p->sender);
1746 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1752 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1756 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1757 if (p->family == AF_INET)
1758 return l->llmnr_ipv4_scope;
1759 else if (p->family == AF_INET6)
1760 return l->llmnr_ipv6_scope;
1766 void manager_verify_all(Manager *m) {
1771 LIST_FOREACH(scopes, s, m->dns_scopes)
1772 dns_zone_verify_all(&s->zone);
1775 void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1778 if (t == DNS_SERVER_SYSTEM)
1779 while (m->dns_servers)
1780 dns_server_free(m->dns_servers);
1782 if (t == DNS_SERVER_FALLBACK)
1783 while (m->fallback_dns_servers)
1784 dns_server_free(m->fallback_dns_servers);
1787 static const char* const support_table[_SUPPORT_MAX] = {
1788 [SUPPORT_NO] = "no",
1789 [SUPPORT_YES] = "yes",
1790 [SUPPORT_RESOLVE] = "resolve",
1792 DEFINE_STRING_TABLE_LOOKUP(support, Support);