1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <arpa/inet.h>
25 #include <sys/ioctl.h>
27 #include <netinet/in.h>
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "network-internal.h"
33 #include "conf-parser.h"
34 #include "socket-util.h"
38 #include "resolved-dns-domain.h"
39 #include "resolved-conf.h"
40 #include "resolved-bus.h"
41 #include "resolved-manager.h"
43 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
45 static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
46 Manager *m = userdata;
55 r = sd_rtnl_message_get_type(mm, &type);
59 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
63 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
71 r = link_new(m, &l, ifindex);
76 r = link_update_rtnl(l, mm);
80 r = link_update_monitor(l);
85 log_debug("Found new link %i/%s", ifindex, l->name);
92 log_debug("Removing link %i/%s", l->ifindex, l->name);
102 log_warning("Failed to process RTNL link message: %s", strerror(-r));
106 static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
107 Manager *m = userdata;
108 union in_addr_union address;
110 int r, ifindex, family;
118 r = sd_rtnl_message_get_type(mm, &type);
122 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
126 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
130 r = sd_rtnl_message_addr_get_family(mm, &family);
137 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
139 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
147 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
149 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
160 a = link_find_address(l, family, &address);
167 r = link_address_new(l, &a, family, &address);
172 r = link_address_update_rtnl(a, mm);
180 link_address_free(a);
187 log_warning("Failed to process RTNL address message: %s", strerror(-r));
191 static int manager_rtnl_listen(Manager *m) {
192 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
198 /* First, subscibe to interfaces coming and going */
199 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
203 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
207 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
211 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
215 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
219 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
223 /* Then, enumerate all links */
224 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
228 r = sd_rtnl_message_request_dump(req, true);
232 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
236 for (i = reply; i; i = sd_rtnl_message_next(i)) {
237 r = manager_process_link(m->rtnl, i, m);
242 req = sd_rtnl_message_unref(req);
243 reply = sd_rtnl_message_unref(reply);
245 /* Finally, enumerate all addresses, too */
246 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
250 r = sd_rtnl_message_request_dump(req, true);
254 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
258 for (i = reply; i; i = sd_rtnl_message_next(i)) {
259 r = manager_process_address(m->rtnl, i, m);
267 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
268 Manager *m = userdata;
275 sd_network_monitor_flush(m->network_monitor);
277 HASHMAP_FOREACH(l, m->links, i) {
278 r = link_update_monitor(l);
280 log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
283 r = manager_write_resolv_conf(m);
285 log_warning("Could not update resolv.conf: %s", strerror(-r));
290 static int manager_network_monitor_listen(Manager *m) {
295 r = sd_network_monitor_new(&m->network_monitor, NULL);
299 fd = sd_network_monitor_get_fd(m->network_monitor);
303 events = sd_network_monitor_get_events(m->network_monitor);
307 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
314 static int determine_hostname(char **ret) {
315 _cleanup_free_ char *h = NULL, *n = NULL;
320 h = gethostname_malloc();
324 if (!utf8_is_valid(h)) {
325 log_error("System hostname is not UTF-8 clean.");
329 r = dns_name_normalize(h, &n);
331 log_error("System hostname '%s' cannot be normalized.", h);
341 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
342 _cleanup_free_ char *h = NULL;
343 Manager *m = userdata;
348 r = determine_hostname(&h);
350 return 0; /* ignore invalid hostnames */
352 if (streq(h, m->hostname))
355 log_info("System hostname changed to '%s'.", h);
360 manager_refresh_rrs(m);
365 static int manager_watch_hostname(Manager *m) {
370 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
371 if (m->hostname_fd < 0) {
372 log_warning("Failed to watch hostname: %m");
376 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
379 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
380 m->hostname_fd = safe_close(m->hostname_fd);
382 log_error("Failed to add hostname event source: %s", strerror(-r));
387 r = determine_hostname(&m->hostname);
389 log_info("Defaulting to hostname 'linux'.");
390 m->hostname = strdup("linux");
394 log_info("Using system hostname '%s'.", m->hostname);
399 static void manager_llmnr_stop(Manager *m) {
402 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
403 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
405 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
406 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
408 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
409 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
411 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
412 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
415 static int manager_llmnr_start(Manager *m) {
420 if (m->llmnr_support == SUPPORT_NO)
423 r = manager_llmnr_ipv4_udp_fd(m);
424 if (r == -EADDRINUSE)
429 r = manager_llmnr_ipv4_tcp_fd(m);
430 if (r == -EADDRINUSE)
435 if (socket_ipv6_is_supported()) {
436 r = manager_llmnr_ipv6_udp_fd(m);
437 if (r == -EADDRINUSE)
442 r = manager_llmnr_ipv6_tcp_fd(m);
443 if (r == -EADDRINUSE)
452 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
453 m->llmnr_support = SUPPORT_NO;
454 manager_llmnr_stop(m);
459 int manager_new(Manager **ret) {
460 _cleanup_(manager_freep) Manager *m = NULL;
465 m = new0(Manager, 1);
469 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
470 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
471 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
474 m->llmnr_support = SUPPORT_YES;
475 m->read_resolv_conf = true;
477 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
481 r = sd_event_default(&m->event);
485 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
486 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
488 sd_event_set_watchdog(m->event, true);
490 r = manager_watch_hostname(m);
494 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
498 r = manager_network_monitor_listen(m);
502 r = manager_rtnl_listen(m);
506 r = manager_connect_bus(m);
516 int manager_start(Manager *m) {
521 r = manager_llmnr_start(m);
528 Manager *manager_free(Manager *m) {
534 while ((l = hashmap_first(m->links)))
537 while (m->dns_queries)
538 dns_query_free(m->dns_queries);
540 dns_scope_free(m->unicast_scope);
542 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
543 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
545 hashmap_free(m->links);
546 hashmap_free(m->dns_transactions);
548 sd_event_source_unref(m->network_event_source);
549 sd_network_monitor_unref(m->network_monitor);
551 sd_event_source_unref(m->dns_ipv4_event_source);
552 sd_event_source_unref(m->dns_ipv6_event_source);
553 safe_close(m->dns_ipv4_fd);
554 safe_close(m->dns_ipv6_fd);
556 manager_llmnr_stop(m);
558 sd_bus_slot_unref(m->prepare_for_sleep_slot);
559 sd_event_source_unref(m->bus_retry_event_source);
560 sd_bus_unref(m->bus);
562 sd_event_unref(m->event);
564 dns_resource_key_unref(m->host_ipv4_key);
565 dns_resource_key_unref(m->host_ipv6_key);
567 safe_close(m->hostname_fd);
568 sd_event_source_unref(m->hostname_event_source);
576 int manager_read_resolv_conf(Manager *m) {
577 _cleanup_fclose_ FILE *f = NULL;
586 /* Reads the system /etc/resolv.conf, if it exists and is not
587 * symlinked to our own resolv.conf instance */
589 if (!m->read_resolv_conf)
592 r = stat("/etc/resolv.conf", &st);
595 log_warning("Failed to open /etc/resolv.conf: %m");
600 /* Have we already seen the file? */
601 t = timespec_load(&st.st_mtim);
602 if (t == m->resolv_conf_mtime)
605 m->resolv_conf_mtime = t;
607 /* Is it symlinked to our own file? */
608 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
609 st.st_dev == own.st_dev &&
610 st.st_ino == own.st_ino) {
615 f = fopen("/etc/resolv.conf", "re");
618 log_warning("Failed to open /etc/resolv.conf: %m");
623 if (fstat(fileno(f), &st) < 0) {
624 log_error("Failed to stat open file: %m");
629 LIST_FOREACH(servers, s, m->dns_servers)
632 FOREACH_LINE(line, f, r = -errno; goto clear) {
633 union in_addr_union address;
641 if (*l == '#' || *l == ';')
644 a = first_word(l, "nameserver");
648 r = in_addr_from_string_auto(a, &family, &address);
650 log_warning("Failed to parse name server %s.", a);
654 LIST_FOREACH(servers, s, m->dns_servers)
655 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
661 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
667 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
674 while (m->dns_servers)
675 dns_server_free(m->dns_servers);
680 static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
681 _cleanup_free_ char *t = NULL;
688 r = in_addr_to_string(s->family, &s->address, &t);
690 log_warning("Invalid DNS address. Ignoring: %s", strerror(-r));
695 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
697 fprintf(f, "nameserver %s\n", t);
701 static void write_resolv_conf_search(const char *domain, FILE *f,
702 unsigned *count, unsigned *length) {
707 if (*count >= MAXDNSRCH ||
708 *length + strlen(domain) > 256) {
709 if (*count == MAXDNSRCH)
710 fputs(" # Too many search domains configured, remaining ones ignored.", f);
712 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
717 fprintf(f, " %s", domain);
719 (*length) += strlen(domain);
723 int manager_write_resolv_conf(Manager *m) {
724 static const char path[] = "/run/systemd/resolve/resolv.conf";
725 _cleanup_free_ char *temp_path = NULL;
726 _cleanup_fclose_ FILE *f = NULL;
727 _cleanup_set_free_ Set *dns = NULL, *domains = NULL;
736 /* Read the system /etc/resolv.conf first */
737 manager_read_resolv_conf(m);
739 /* Add the full list to a set, to filter out duplicates */
740 dns = set_new(&dns_server_hash_ops);
744 domains = set_new(&dns_name_hash_ops);
748 /* First add the system-wide servers */
749 LIST_FOREACH(servers, s, m->dns_servers) {
757 /* Then, add the per-link servers and domains */
758 HASHMAP_FOREACH(l, m->links, i) {
761 LIST_FOREACH(servers, s, l->dns_servers) {
769 if (!l->unicast_scope)
772 STRV_FOREACH(domain, l->unicast_scope->domains) {
773 r = set_put(domains, *domain);
781 /* If we found nothing, add the fallback servers */
782 if (set_isempty(dns)) {
783 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
792 r = fopen_temporary(path, &f, &temp_path);
796 fchmod(fileno(f), 0644);
798 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
799 "# Third party programs must not access this file directly, but\n"
800 "# only through the symlink at /etc/resolv.conf. To manage\n"
801 "# resolv.conf(5) in a different way, replace the symlink by a\n"
802 "# static file or a different symlink.\n\n", f);
804 if (set_isempty(dns))
805 fputs("# No DNS servers known.\n", f);
807 SET_FOREACH(s, dns, i)
808 write_resolv_conf_server(s, f, &count);
811 if (!set_isempty(domains)) {
818 SET_FOREACH(domain, domains, i)
819 write_resolv_conf_search(domain, f, &count, &length);
823 r = fflush_and_check(f);
827 if (rename(temp_path, path) < 0) {
840 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
841 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
843 struct cmsghdr header; /* For alignment */
844 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
845 + CMSG_SPACE(int) /* ttl/hoplimit */
846 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
848 union sockaddr_union sa;
849 struct msghdr mh = {};
850 struct cmsghdr *cmsg;
859 r = ioctl(fd, FIONREAD, &ms);
865 r = dns_packet_new(&p, protocol, ms);
869 iov.iov_base = DNS_PACKET_DATA(p);
870 iov.iov_len = p->allocated;
872 mh.msg_name = &sa.sa;
873 mh.msg_namelen = sizeof(sa);
876 mh.msg_control = &control;
877 mh.msg_controllen = sizeof(control);
879 l = recvmsg(fd, &mh, 0);
881 if (errno == EAGAIN || errno == EINTR)
890 assert(!(mh.msg_flags & MSG_CTRUNC));
891 assert(!(mh.msg_flags & MSG_TRUNC));
893 p->size = (size_t) l;
895 p->family = sa.sa.sa_family;
896 p->ipproto = IPPROTO_UDP;
897 if (p->family == AF_INET) {
898 p->sender.in = sa.in.sin_addr;
899 p->sender_port = be16toh(sa.in.sin_port);
900 } else if (p->family == AF_INET6) {
901 p->sender.in6 = sa.in6.sin6_addr;
902 p->sender_port = be16toh(sa.in6.sin6_port);
903 p->ifindex = sa.in6.sin6_scope_id;
905 return -EAFNOSUPPORT;
907 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
909 if (cmsg->cmsg_level == IPPROTO_IPV6) {
910 assert(p->family == AF_INET6);
912 switch (cmsg->cmsg_type) {
915 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
918 p->ifindex = i->ipi6_ifindex;
920 p->destination.in6 = i->ipi6_addr;
925 p->ttl = *(int *) CMSG_DATA(cmsg);
929 } else if (cmsg->cmsg_level == IPPROTO_IP) {
930 assert(p->family == AF_INET);
932 switch (cmsg->cmsg_type) {
935 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
938 p->ifindex = i->ipi_ifindex;
940 p->destination.in = i->ipi_addr;
945 p->ttl = *(int *) CMSG_DATA(cmsg);
951 /* The Linux kernel sets the interface index to the loopback
952 * device if the packet came from the local host since it
953 * avoids the routing table in such a case. Let's unset the
954 * interface index in such a case. */
955 if (p->ifindex > 0 && manager_ifindex_is_loopback(m, p->ifindex) != 0)
958 /* If we don't know the interface index still, we look for the
959 * first local interface with a matching address. Yuck! */
961 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
969 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
970 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
971 DnsTransaction *t = NULL;
972 Manager *m = userdata;
975 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
979 if (dns_packet_validate_reply(p) > 0) {
980 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
984 dns_transaction_process_reply(t, p);
987 log_debug("Invalid DNS packet.");
992 int manager_dns_ipv4_fd(Manager *m) {
998 if (m->dns_ipv4_fd >= 0)
999 return m->dns_ipv4_fd;
1001 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1002 if (m->dns_ipv4_fd < 0)
1005 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1011 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
1015 return m->dns_ipv4_fd;
1018 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1022 int manager_dns_ipv6_fd(Manager *m) {
1028 if (m->dns_ipv6_fd >= 0)
1029 return m->dns_ipv6_fd;
1031 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1032 if (m->dns_ipv6_fd < 0)
1035 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1041 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
1045 return m->dns_ipv6_fd;
1048 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1052 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1059 if (sendmsg(fd, mh, flags) >= 0)
1065 if (errno != EAGAIN)
1068 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1076 static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1077 union sockaddr_union sa = {
1078 .in.sin_family = AF_INET,
1081 struct cmsghdr header; /* For alignment */
1082 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1084 struct msghdr mh = {};
1093 iov.iov_base = DNS_PACKET_DATA(p);
1094 iov.iov_len = p->size;
1096 sa.in.sin_addr = *addr;
1097 sa.in.sin_port = htobe16(port),
1101 mh.msg_name = &sa.sa;
1102 mh.msg_namelen = sizeof(sa.in);
1105 struct cmsghdr *cmsg;
1106 struct in_pktinfo *pi;
1110 mh.msg_control = &control;
1111 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1113 cmsg = CMSG_FIRSTHDR(&mh);
1114 cmsg->cmsg_len = mh.msg_controllen;
1115 cmsg->cmsg_level = IPPROTO_IP;
1116 cmsg->cmsg_type = IP_PKTINFO;
1118 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1119 pi->ipi_ifindex = ifindex;
1122 return sendmsg_loop(fd, &mh, 0);
1125 static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1126 union sockaddr_union sa = {
1127 .in6.sin6_family = AF_INET6,
1130 struct cmsghdr header; /* For alignment */
1131 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1133 struct msghdr mh = {};
1142 iov.iov_base = DNS_PACKET_DATA(p);
1143 iov.iov_len = p->size;
1145 sa.in6.sin6_addr = *addr;
1146 sa.in6.sin6_port = htobe16(port),
1147 sa.in6.sin6_scope_id = ifindex;
1151 mh.msg_name = &sa.sa;
1152 mh.msg_namelen = sizeof(sa.in6);
1155 struct cmsghdr *cmsg;
1156 struct in6_pktinfo *pi;
1160 mh.msg_control = &control;
1161 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1163 cmsg = CMSG_FIRSTHDR(&mh);
1164 cmsg->cmsg_len = mh.msg_controllen;
1165 cmsg->cmsg_level = IPPROTO_IPV6;
1166 cmsg->cmsg_type = IPV6_PKTINFO;
1168 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1169 pi->ipi6_ifindex = ifindex;
1172 return sendmsg_loop(fd, &mh, 0);
1175 int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1182 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1184 if (family == AF_INET)
1185 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1186 else if (family == AF_INET6)
1187 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1189 return -EAFNOSUPPORT;
1192 DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1198 LIST_FOREACH(servers, s, m->dns_servers)
1199 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1202 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1203 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1209 DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1212 if (m->current_dns_server == s)
1216 _cleanup_free_ char *ip = NULL;
1218 in_addr_to_string(s->family, &s->address, &ip);
1219 log_info("Switching to system DNS server %s.", strna(ip));
1222 m->current_dns_server = s;
1224 if (m->unicast_scope)
1225 dns_cache_flush(&m->unicast_scope->cache);
1230 DnsServer *manager_get_dns_server(Manager *m) {
1234 /* Try to read updates resolv.conf */
1235 manager_read_resolv_conf(m);
1237 if (!m->current_dns_server)
1238 manager_set_dns_server(m, m->dns_servers);
1240 if (!m->current_dns_server) {
1244 /* No DNS servers configured, let's see if there are
1245 * any on any links. If not, we use the fallback
1248 HASHMAP_FOREACH(l, m->links, i)
1249 if (l->dns_servers) {
1255 manager_set_dns_server(m, m->fallback_dns_servers);
1258 return m->current_dns_server;
1261 void manager_next_dns_server(Manager *m) {
1264 /* If there's currently no DNS server set, then the next
1265 * manager_get_dns_server() will find one */
1266 if (!m->current_dns_server)
1269 /* Change to the next one */
1270 if (m->current_dns_server->servers_next) {
1271 manager_set_dns_server(m, m->current_dns_server->servers_next);
1275 /* If there was no next one, then start from the beginning of
1277 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1278 manager_set_dns_server(m, m->fallback_dns_servers);
1280 manager_set_dns_server(m, m->dns_servers);
1283 uint32_t manager_find_mtu(Manager *m) {
1288 /* If we don't know on which link a DNS packet would be
1289 * delivered, let's find the largest MTU that works on all
1290 * interfaces we know of */
1292 HASHMAP_FOREACH(l, m->links, i) {
1296 if (mtu <= 0 || l->mtu < mtu)
1303 static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1304 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1305 DnsTransaction *t = NULL;
1306 Manager *m = userdata;
1310 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1314 scope = manager_find_scope(m, p);
1316 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1320 if (dns_packet_validate_reply(p) > 0) {
1321 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1323 dns_scope_check_conflicts(scope, p);
1325 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1327 dns_transaction_process_reply(t, p);
1329 } else if (dns_packet_validate_query(p) > 0) {
1330 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
1332 dns_scope_process_query(scope, NULL, p);
1334 log_debug("Invalid LLMNR UDP packet.");
1339 int manager_llmnr_ipv4_udp_fd(Manager *m) {
1340 union sockaddr_union sa = {
1341 .in.sin_family = AF_INET,
1342 .in.sin_port = htobe16(5355),
1344 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1349 if (m->llmnr_ipv4_udp_fd >= 0)
1350 return m->llmnr_ipv4_udp_fd;
1352 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1353 if (m->llmnr_ipv4_udp_fd < 0)
1356 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1357 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1363 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1369 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1375 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1381 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1387 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1393 /* Disable Don't-Fragment bit in the IP header */
1394 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1400 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1406 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1410 return m->llmnr_ipv4_udp_fd;
1413 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1417 int manager_llmnr_ipv6_udp_fd(Manager *m) {
1418 union sockaddr_union sa = {
1419 .in6.sin6_family = AF_INET6,
1420 .in6.sin6_port = htobe16(5355),
1422 static const int one = 1, ttl = 255;
1427 if (m->llmnr_ipv6_udp_fd >= 0)
1428 return m->llmnr_ipv6_udp_fd;
1430 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1431 if (m->llmnr_ipv6_udp_fd < 0)
1434 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1440 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1441 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1447 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1453 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1459 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1465 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1471 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1477 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1483 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1489 return m->llmnr_ipv6_udp_fd;
1492 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1496 static int on_llmnr_stream_packet(DnsStream *s) {
1501 scope = manager_find_scope(s->manager, s->read_packet);
1503 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1507 if (dns_packet_validate_query(s->read_packet) > 0) {
1508 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
1510 dns_scope_process_query(scope, s, s->read_packet);
1512 /* If no reply packet was set, we free the stream */
1513 if (s->write_packet)
1516 log_debug("Invalid LLMNR TCP packet.");
1522 static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1524 Manager *m = userdata;
1527 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1529 if (errno == EAGAIN || errno == EINTR)
1535 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1541 stream->on_packet = on_llmnr_stream_packet;
1545 int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1546 union sockaddr_union sa = {
1547 .in.sin_family = AF_INET,
1548 .in.sin_port = htobe16(5355),
1550 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1555 if (m->llmnr_ipv4_tcp_fd >= 0)
1556 return m->llmnr_ipv4_tcp_fd;
1558 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1559 if (m->llmnr_ipv4_tcp_fd < 0)
1562 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1563 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1569 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1575 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1581 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1587 /* Disable Don't-Fragment bit in the IP header */
1588 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1594 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1600 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1606 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1610 return m->llmnr_ipv4_tcp_fd;
1613 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1617 int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1618 union sockaddr_union sa = {
1619 .in6.sin6_family = AF_INET6,
1620 .in6.sin6_port = htobe16(5355),
1622 static const int one = 1;
1627 if (m->llmnr_ipv6_tcp_fd >= 0)
1628 return m->llmnr_ipv6_tcp_fd;
1630 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1631 if (m->llmnr_ipv6_tcp_fd < 0)
1634 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1635 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1641 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1647 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1653 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1659 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1665 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1671 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1677 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1683 return m->llmnr_ipv6_tcp_fd;
1686 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1690 /* lo having ifindex 1 is hardcoded in the kernel */
1691 #define LOOPBACK_IFINDEX 1
1693 int manager_ifindex_is_loopback(Manager *m, int ifindex) {
1700 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
1702 /* in case we don't yet track the link, rely on the hardcoded value */
1703 return ifindex == LOOPBACK_IFINDEX;
1704 else if (l->flags & IFF_LOOPBACK)
1710 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1715 a = manager_find_link_address(m, family, in_addr);
1717 return a->link->ifindex;
1722 void manager_refresh_rrs(Manager *m) {
1728 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1729 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1731 HASHMAP_FOREACH(l, m->links, i) {
1732 link_add_rrs(l, true);
1733 link_add_rrs(l, false);
1737 int manager_next_hostname(Manager *m) {
1744 p = strchr(m->hostname, 0);
1747 while (p > m->hostname) {
1748 if (!strchr("0123456789", p[-1]))
1754 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1757 /* Add a random number to the old value. This way we can avoid
1758 * that two hosts pick the same hostname, win on IPv4 and lose
1759 * on IPv6 (or vice versa), and pick the same hostname
1760 * replacement hostname, ad infinitum. We still want the
1761 * numbers to go up monotonically, hence we just add a random
1764 random_bytes(&a, sizeof(a));
1767 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1770 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1775 manager_refresh_rrs(m);
1780 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1786 HASHMAP_FOREACH(l, m->links, i) {
1789 a = link_find_address(l, family, in_addr);
1797 bool manager_our_packet(Manager *m, DnsPacket *p) {
1801 return !!manager_find_link_address(m, p->family, &p->sender);
1804 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1810 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1814 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1815 if (p->family == AF_INET)
1816 return l->llmnr_ipv4_scope;
1817 else if (p->family == AF_INET6)
1818 return l->llmnr_ipv6_scope;
1824 void manager_verify_all(Manager *m) {
1829 LIST_FOREACH(scopes, s, m->dns_scopes)
1830 dns_zone_verify_all(&s->zone);
1833 void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1836 if (t == DNS_SERVER_SYSTEM)
1837 while (m->dns_servers)
1838 dns_server_free(m->dns_servers);
1840 if (t == DNS_SERVER_FALLBACK)
1841 while (m->fallback_dns_servers)
1842 dns_server_free(m->fallback_dns_servers);
1845 static const char* const support_table[_SUPPORT_MAX] = {
1846 [SUPPORT_NO] = "no",
1847 [SUPPORT_YES] = "yes",
1848 [SUPPORT_RESOLVE] = "resolve",
1850 DEFINE_STRING_TABLE_LOOKUP(support, Support);
~ianmdlvl / elogind.git / blob