1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <arpa/inet.h>
25 #include <sys/ioctl.h>
27 #include <netinet/in.h>
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "network-internal.h"
33 #include "conf-parser.h"
34 #include "socket-util.h"
37 #include "fileio-label.h"
39 #include "resolved-dns-domain.h"
40 #include "resolved-conf.h"
41 #include "resolved-bus.h"
42 #include "resolved-manager.h"
44 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
46 static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
47 Manager *m = userdata;
56 r = sd_rtnl_message_get_type(mm, &type);
60 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
64 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
72 r = link_new(m, &l, ifindex);
77 r = link_update_rtnl(l, mm);
81 r = link_update_monitor(l);
86 log_debug("Found new link %i/%s", ifindex, l->name);
93 log_debug("Removing link %i/%s", l->ifindex, l->name);
103 log_warning("Failed to process RTNL link message: %s", strerror(-r));
107 static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
108 Manager *m = userdata;
109 union in_addr_union address;
111 int r, ifindex, family;
119 r = sd_rtnl_message_get_type(mm, &type);
123 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
127 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
131 r = sd_rtnl_message_addr_get_family(mm, &family);
138 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
140 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
148 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
150 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
161 a = link_find_address(l, family, &address);
168 r = link_address_new(l, &a, family, &address);
173 r = link_address_update_rtnl(a, mm);
181 link_address_free(a);
188 log_warning("Failed to process RTNL address message: %s", strerror(-r));
192 static int manager_rtnl_listen(Manager *m) {
193 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
199 /* First, subscibe to interfaces coming and going */
200 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
204 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
208 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
212 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
216 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
220 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
224 /* Then, enumerate all links */
225 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
229 r = sd_rtnl_message_request_dump(req, true);
233 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
237 for (i = reply; i; i = sd_rtnl_message_next(i)) {
238 r = manager_process_link(m->rtnl, i, m);
243 req = sd_rtnl_message_unref(req);
244 reply = sd_rtnl_message_unref(reply);
246 /* Finally, enumerate all addresses, too */
247 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
251 r = sd_rtnl_message_request_dump(req, true);
255 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
259 for (i = reply; i; i = sd_rtnl_message_next(i)) {
260 r = manager_process_address(m->rtnl, i, m);
268 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
269 Manager *m = userdata;
276 sd_network_monitor_flush(m->network_monitor);
278 HASHMAP_FOREACH(l, m->links, i) {
279 r = link_update_monitor(l);
281 log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
284 r = manager_write_resolv_conf(m);
286 log_warning("Could not update resolv.conf: %s", strerror(-r));
291 static int manager_network_monitor_listen(Manager *m) {
296 r = sd_network_monitor_new(&m->network_monitor, NULL);
300 fd = sd_network_monitor_get_fd(m->network_monitor);
304 events = sd_network_monitor_get_events(m->network_monitor);
308 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
315 static int determine_hostname(char **ret) {
316 _cleanup_free_ char *h = NULL, *n = NULL;
321 h = gethostname_malloc();
325 if (!utf8_is_valid(h)) {
326 log_error("System hostname is not UTF-8 clean.");
330 r = dns_name_normalize(h, &n);
332 log_error("System hostname '%s' cannot be normalized.", h);
342 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
343 _cleanup_free_ char *h = NULL;
344 Manager *m = userdata;
349 r = determine_hostname(&h);
351 return 0; /* ignore invalid hostnames */
353 if (streq(h, m->hostname))
356 log_info("System hostname changed to '%s'.", h);
361 manager_refresh_rrs(m);
366 static int manager_watch_hostname(Manager *m) {
371 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
372 if (m->hostname_fd < 0) {
373 log_warning("Failed to watch hostname: %m");
377 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
380 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
381 m->hostname_fd = safe_close(m->hostname_fd);
383 log_error("Failed to add hostname event source: %s", strerror(-r));
388 r = determine_hostname(&m->hostname);
390 log_info("Defaulting to hostname 'linux'.");
391 m->hostname = strdup("linux");
395 log_info("Using system hostname '%s'.", m->hostname);
400 static void manager_llmnr_stop(Manager *m) {
403 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
404 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
406 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
407 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
409 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
410 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
412 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
413 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
416 static int manager_llmnr_start(Manager *m) {
421 if (m->llmnr_support == SUPPORT_NO)
424 r = manager_llmnr_ipv4_udp_fd(m);
425 if (r == -EADDRINUSE)
430 r = manager_llmnr_ipv4_tcp_fd(m);
431 if (r == -EADDRINUSE)
436 if (socket_ipv6_is_supported()) {
437 r = manager_llmnr_ipv6_udp_fd(m);
438 if (r == -EADDRINUSE)
443 r = manager_llmnr_ipv6_tcp_fd(m);
444 if (r == -EADDRINUSE)
453 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
454 m->llmnr_support = SUPPORT_NO;
455 manager_llmnr_stop(m);
460 int manager_new(Manager **ret) {
461 _cleanup_(manager_freep) Manager *m = NULL;
466 m = new0(Manager, 1);
470 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
471 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
472 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
475 m->llmnr_support = SUPPORT_YES;
476 m->read_resolv_conf = true;
478 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
482 r = sd_event_default(&m->event);
486 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
487 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
489 sd_event_set_watchdog(m->event, true);
491 r = manager_watch_hostname(m);
495 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
499 r = manager_network_monitor_listen(m);
503 r = manager_rtnl_listen(m);
507 r = manager_connect_bus(m);
517 int manager_start(Manager *m) {
522 r = manager_llmnr_start(m);
529 Manager *manager_free(Manager *m) {
535 while ((l = hashmap_first(m->links)))
538 while (m->dns_queries)
539 dns_query_free(m->dns_queries);
541 dns_scope_free(m->unicast_scope);
543 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
544 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
546 hashmap_free(m->links);
547 hashmap_free(m->dns_transactions);
549 sd_event_source_unref(m->network_event_source);
550 sd_network_monitor_unref(m->network_monitor);
552 sd_event_source_unref(m->dns_ipv4_event_source);
553 sd_event_source_unref(m->dns_ipv6_event_source);
554 safe_close(m->dns_ipv4_fd);
555 safe_close(m->dns_ipv6_fd);
557 manager_llmnr_stop(m);
559 sd_bus_slot_unref(m->prepare_for_sleep_slot);
560 sd_event_source_unref(m->bus_retry_event_source);
561 sd_bus_unref(m->bus);
563 sd_event_unref(m->event);
565 dns_resource_key_unref(m->host_ipv4_key);
566 dns_resource_key_unref(m->host_ipv6_key);
568 safe_close(m->hostname_fd);
569 sd_event_source_unref(m->hostname_event_source);
577 int manager_read_resolv_conf(Manager *m) {
578 _cleanup_fclose_ FILE *f = NULL;
587 /* Reads the system /etc/resolv.conf, if it exists and is not
588 * symlinked to our own resolv.conf instance */
590 if (!m->read_resolv_conf)
593 r = stat("/etc/resolv.conf", &st);
596 log_warning("Failed to open /etc/resolv.conf: %m");
601 /* Have we already seen the file? */
602 t = timespec_load(&st.st_mtim);
603 if (t == m->resolv_conf_mtime)
606 m->resolv_conf_mtime = t;
608 /* Is it symlinked to our own file? */
609 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
610 st.st_dev == own.st_dev &&
611 st.st_ino == own.st_ino) {
616 f = fopen("/etc/resolv.conf", "re");
619 log_warning("Failed to open /etc/resolv.conf: %m");
624 if (fstat(fileno(f), &st) < 0) {
625 log_error("Failed to stat open file: %m");
630 LIST_FOREACH(servers, s, m->dns_servers)
633 FOREACH_LINE(line, f, r = -errno; goto clear) {
634 union in_addr_union address;
642 if (*l == '#' || *l == ';')
645 a = first_word(l, "nameserver");
649 r = in_addr_from_string_auto(a, &family, &address);
651 log_warning("Failed to parse name server %s.", a);
655 LIST_FOREACH(servers, s, m->dns_servers)
656 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
662 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
668 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
675 while (m->dns_servers)
676 dns_server_free(m->dns_servers);
681 static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
682 _cleanup_free_ char *t = NULL;
689 r = in_addr_to_string(s->family, &s->address, &t);
691 log_warning("Invalid DNS address. Ignoring: %s", strerror(-r));
696 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
698 fprintf(f, "nameserver %s\n", t);
702 static void write_resolv_conf_search(const char *domain, FILE *f,
703 unsigned *count, unsigned *length) {
708 if (*count >= MAXDNSRCH ||
709 *length + strlen(domain) > 256) {
710 if (*count == MAXDNSRCH)
711 fputs(" # Too many search domains configured, remaining ones ignored.", f);
713 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
718 fprintf(f, " %s", domain);
720 (*length) += strlen(domain);
724 static int write_resolv_conf_contents(FILE *f, Set *dns, Set *domains) {
727 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
728 "# Third party programs must not access this file directly, but\n"
729 "# only through the symlink at /etc/resolv.conf. To manage\n"
730 "# resolv.conf(5) in a different way, replace the symlink by a\n"
731 "# static file or a different symlink.\n\n", f);
733 if (set_isempty(dns))
734 fputs("# No DNS servers known.\n", f);
739 SET_FOREACH(s, dns, i)
740 write_resolv_conf_server(s, f, &count);
743 if (!set_isempty(domains)) {
744 unsigned length = 0, count = 0;
748 SET_FOREACH(domain, domains, i)
749 write_resolv_conf_search(domain, f, &count, &length);
753 return fflush_and_check(f);
757 int manager_write_resolv_conf(Manager *m) {
758 static const char path[] = "/run/systemd/resolve/resolv.conf";
759 _cleanup_free_ char *temp_path = NULL;
760 _cleanup_fclose_ FILE *f = NULL;
761 _cleanup_set_free_ Set *dns = NULL, *domains = NULL;
769 /* Read the system /etc/resolv.conf first */
770 manager_read_resolv_conf(m);
772 /* Add the full list to a set, to filter out duplicates */
773 dns = set_new(&dns_server_hash_ops);
777 domains = set_new(&dns_name_hash_ops);
781 /* First add the system-wide servers */
782 LIST_FOREACH(servers, s, m->dns_servers) {
790 /* Then, add the per-link servers and domains */
791 HASHMAP_FOREACH(l, m->links, i) {
794 LIST_FOREACH(servers, s, l->dns_servers) {
802 if (!l->unicast_scope)
805 STRV_FOREACH(domain, l->unicast_scope->domains) {
806 r = set_put(domains, *domain);
814 /* If we found nothing, add the fallback servers */
815 if (set_isempty(dns)) {
816 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
825 r = fopen_temporary_label(path, path, &f, &temp_path);
829 fchmod(fileno(f), 0644);
831 r = write_resolv_conf_contents(f, dns, domains);
835 if (rename(temp_path, path) < 0) {
848 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
849 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
851 struct cmsghdr header; /* For alignment */
852 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
853 + CMSG_SPACE(int) /* ttl/hoplimit */
854 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
856 union sockaddr_union sa;
857 struct msghdr mh = {};
858 struct cmsghdr *cmsg;
867 r = ioctl(fd, FIONREAD, &ms);
873 r = dns_packet_new(&p, protocol, ms);
877 iov.iov_base = DNS_PACKET_DATA(p);
878 iov.iov_len = p->allocated;
880 mh.msg_name = &sa.sa;
881 mh.msg_namelen = sizeof(sa);
884 mh.msg_control = &control;
885 mh.msg_controllen = sizeof(control);
887 l = recvmsg(fd, &mh, 0);
889 if (errno == EAGAIN || errno == EINTR)
898 assert(!(mh.msg_flags & MSG_CTRUNC));
899 assert(!(mh.msg_flags & MSG_TRUNC));
901 p->size = (size_t) l;
903 p->family = sa.sa.sa_family;
904 p->ipproto = IPPROTO_UDP;
905 if (p->family == AF_INET) {
906 p->sender.in = sa.in.sin_addr;
907 p->sender_port = be16toh(sa.in.sin_port);
908 } else if (p->family == AF_INET6) {
909 p->sender.in6 = sa.in6.sin6_addr;
910 p->sender_port = be16toh(sa.in6.sin6_port);
911 p->ifindex = sa.in6.sin6_scope_id;
913 return -EAFNOSUPPORT;
915 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
917 if (cmsg->cmsg_level == IPPROTO_IPV6) {
918 assert(p->family == AF_INET6);
920 switch (cmsg->cmsg_type) {
923 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
926 p->ifindex = i->ipi6_ifindex;
928 p->destination.in6 = i->ipi6_addr;
933 p->ttl = *(int *) CMSG_DATA(cmsg);
937 } else if (cmsg->cmsg_level == IPPROTO_IP) {
938 assert(p->family == AF_INET);
940 switch (cmsg->cmsg_type) {
943 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
946 p->ifindex = i->ipi_ifindex;
948 p->destination.in = i->ipi_addr;
953 p->ttl = *(int *) CMSG_DATA(cmsg);
959 /* The Linux kernel sets the interface index to the loopback
960 * device if the packet came from the local host since it
961 * avoids the routing table in such a case. Let's unset the
962 * interface index in such a case. */
963 if (p->ifindex == LOOPBACK_IFINDEX)
966 /* If we don't know the interface index still, we look for the
967 * first local interface with a matching address. Yuck! */
969 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
977 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
978 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
979 DnsTransaction *t = NULL;
980 Manager *m = userdata;
983 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
987 if (dns_packet_validate_reply(p) > 0) {
988 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
992 dns_transaction_process_reply(t, p);
995 log_debug("Invalid DNS packet.");
1000 int manager_dns_ipv4_fd(Manager *m) {
1006 if (m->dns_ipv4_fd >= 0)
1007 return m->dns_ipv4_fd;
1009 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1010 if (m->dns_ipv4_fd < 0)
1013 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1019 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
1023 return m->dns_ipv4_fd;
1026 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1030 int manager_dns_ipv6_fd(Manager *m) {
1036 if (m->dns_ipv6_fd >= 0)
1037 return m->dns_ipv6_fd;
1039 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1040 if (m->dns_ipv6_fd < 0)
1043 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1049 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
1053 return m->dns_ipv6_fd;
1056 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1060 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1067 if (sendmsg(fd, mh, flags) >= 0)
1073 if (errno != EAGAIN)
1076 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1084 static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1085 union sockaddr_union sa = {
1086 .in.sin_family = AF_INET,
1089 struct cmsghdr header; /* For alignment */
1090 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1092 struct msghdr mh = {};
1101 iov.iov_base = DNS_PACKET_DATA(p);
1102 iov.iov_len = p->size;
1104 sa.in.sin_addr = *addr;
1105 sa.in.sin_port = htobe16(port),
1109 mh.msg_name = &sa.sa;
1110 mh.msg_namelen = sizeof(sa.in);
1113 struct cmsghdr *cmsg;
1114 struct in_pktinfo *pi;
1118 mh.msg_control = &control;
1119 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1121 cmsg = CMSG_FIRSTHDR(&mh);
1122 cmsg->cmsg_len = mh.msg_controllen;
1123 cmsg->cmsg_level = IPPROTO_IP;
1124 cmsg->cmsg_type = IP_PKTINFO;
1126 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1127 pi->ipi_ifindex = ifindex;
1130 return sendmsg_loop(fd, &mh, 0);
1133 static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1134 union sockaddr_union sa = {
1135 .in6.sin6_family = AF_INET6,
1138 struct cmsghdr header; /* For alignment */
1139 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1141 struct msghdr mh = {};
1150 iov.iov_base = DNS_PACKET_DATA(p);
1151 iov.iov_len = p->size;
1153 sa.in6.sin6_addr = *addr;
1154 sa.in6.sin6_port = htobe16(port),
1155 sa.in6.sin6_scope_id = ifindex;
1159 mh.msg_name = &sa.sa;
1160 mh.msg_namelen = sizeof(sa.in6);
1163 struct cmsghdr *cmsg;
1164 struct in6_pktinfo *pi;
1168 mh.msg_control = &control;
1169 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1171 cmsg = CMSG_FIRSTHDR(&mh);
1172 cmsg->cmsg_len = mh.msg_controllen;
1173 cmsg->cmsg_level = IPPROTO_IPV6;
1174 cmsg->cmsg_type = IPV6_PKTINFO;
1176 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1177 pi->ipi6_ifindex = ifindex;
1180 return sendmsg_loop(fd, &mh, 0);
1183 int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1190 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1192 if (family == AF_INET)
1193 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1194 else if (family == AF_INET6)
1195 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1197 return -EAFNOSUPPORT;
1200 DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1206 LIST_FOREACH(servers, s, m->dns_servers)
1207 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1210 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1211 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1217 DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1220 if (m->current_dns_server == s)
1224 _cleanup_free_ char *ip = NULL;
1226 in_addr_to_string(s->family, &s->address, &ip);
1227 log_info("Switching to system DNS server %s.", strna(ip));
1230 m->current_dns_server = s;
1232 if (m->unicast_scope)
1233 dns_cache_flush(&m->unicast_scope->cache);
1238 DnsServer *manager_get_dns_server(Manager *m) {
1242 /* Try to read updates resolv.conf */
1243 manager_read_resolv_conf(m);
1245 if (!m->current_dns_server)
1246 manager_set_dns_server(m, m->dns_servers);
1248 if (!m->current_dns_server) {
1252 /* No DNS servers configured, let's see if there are
1253 * any on any links. If not, we use the fallback
1256 HASHMAP_FOREACH(l, m->links, i)
1257 if (l->dns_servers) {
1263 manager_set_dns_server(m, m->fallback_dns_servers);
1266 return m->current_dns_server;
1269 void manager_next_dns_server(Manager *m) {
1272 /* If there's currently no DNS server set, then the next
1273 * manager_get_dns_server() will find one */
1274 if (!m->current_dns_server)
1277 /* Change to the next one */
1278 if (m->current_dns_server->servers_next) {
1279 manager_set_dns_server(m, m->current_dns_server->servers_next);
1283 /* If there was no next one, then start from the beginning of
1285 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1286 manager_set_dns_server(m, m->fallback_dns_servers);
1288 manager_set_dns_server(m, m->dns_servers);
1291 uint32_t manager_find_mtu(Manager *m) {
1296 /* If we don't know on which link a DNS packet would be
1297 * delivered, let's find the largest MTU that works on all
1298 * interfaces we know of */
1300 HASHMAP_FOREACH(l, m->links, i) {
1304 if (mtu <= 0 || l->mtu < mtu)
1311 static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1312 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1313 DnsTransaction *t = NULL;
1314 Manager *m = userdata;
1318 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1322 scope = manager_find_scope(m, p);
1324 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1328 if (dns_packet_validate_reply(p) > 0) {
1329 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1331 dns_scope_check_conflicts(scope, p);
1333 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1335 dns_transaction_process_reply(t, p);
1337 } else if (dns_packet_validate_query(p) > 0) {
1338 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
1340 dns_scope_process_query(scope, NULL, p);
1342 log_debug("Invalid LLMNR UDP packet.");
1347 int manager_llmnr_ipv4_udp_fd(Manager *m) {
1348 union sockaddr_union sa = {
1349 .in.sin_family = AF_INET,
1350 .in.sin_port = htobe16(5355),
1352 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1357 if (m->llmnr_ipv4_udp_fd >= 0)
1358 return m->llmnr_ipv4_udp_fd;
1360 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1361 if (m->llmnr_ipv4_udp_fd < 0)
1364 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1365 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1371 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1377 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1383 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1389 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1395 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1401 /* Disable Don't-Fragment bit in the IP header */
1402 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1408 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1414 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1418 return m->llmnr_ipv4_udp_fd;
1421 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1425 int manager_llmnr_ipv6_udp_fd(Manager *m) {
1426 union sockaddr_union sa = {
1427 .in6.sin6_family = AF_INET6,
1428 .in6.sin6_port = htobe16(5355),
1430 static const int one = 1, ttl = 255;
1435 if (m->llmnr_ipv6_udp_fd >= 0)
1436 return m->llmnr_ipv6_udp_fd;
1438 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1439 if (m->llmnr_ipv6_udp_fd < 0)
1442 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1448 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1449 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1455 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1461 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1467 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1473 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1479 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1485 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1491 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1497 return m->llmnr_ipv6_udp_fd;
1500 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1504 static int on_llmnr_stream_packet(DnsStream *s) {
1509 scope = manager_find_scope(s->manager, s->read_packet);
1511 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1515 if (dns_packet_validate_query(s->read_packet) > 0) {
1516 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
1518 dns_scope_process_query(scope, s, s->read_packet);
1520 /* If no reply packet was set, we free the stream */
1521 if (s->write_packet)
1524 log_debug("Invalid LLMNR TCP packet.");
1530 static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1532 Manager *m = userdata;
1535 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1537 if (errno == EAGAIN || errno == EINTR)
1543 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1549 stream->on_packet = on_llmnr_stream_packet;
1553 int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1554 union sockaddr_union sa = {
1555 .in.sin_family = AF_INET,
1556 .in.sin_port = htobe16(5355),
1558 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1563 if (m->llmnr_ipv4_tcp_fd >= 0)
1564 return m->llmnr_ipv4_tcp_fd;
1566 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1567 if (m->llmnr_ipv4_tcp_fd < 0)
1570 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1571 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1577 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1583 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1589 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1595 /* Disable Don't-Fragment bit in the IP header */
1596 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1602 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1608 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1614 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1618 return m->llmnr_ipv4_tcp_fd;
1621 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1625 int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1626 union sockaddr_union sa = {
1627 .in6.sin6_family = AF_INET6,
1628 .in6.sin6_port = htobe16(5355),
1630 static const int one = 1;
1635 if (m->llmnr_ipv6_tcp_fd >= 0)
1636 return m->llmnr_ipv6_tcp_fd;
1638 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1639 if (m->llmnr_ipv6_tcp_fd < 0)
1642 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1643 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1649 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1655 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1661 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1667 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1673 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1679 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1685 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1691 return m->llmnr_ipv6_tcp_fd;
1694 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1698 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1703 a = manager_find_link_address(m, family, in_addr);
1705 return a->link->ifindex;
1710 void manager_refresh_rrs(Manager *m) {
1716 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1717 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1719 HASHMAP_FOREACH(l, m->links, i) {
1720 link_add_rrs(l, true);
1721 link_add_rrs(l, false);
1725 int manager_next_hostname(Manager *m) {
1732 p = strchr(m->hostname, 0);
1735 while (p > m->hostname) {
1736 if (!strchr("0123456789", p[-1]))
1742 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1745 /* Add a random number to the old value. This way we can avoid
1746 * that two hosts pick the same hostname, win on IPv4 and lose
1747 * on IPv6 (or vice versa), and pick the same hostname
1748 * replacement hostname, ad infinitum. We still want the
1749 * numbers to go up monotonically, hence we just add a random
1752 random_bytes(&a, sizeof(a));
1755 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1758 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1763 manager_refresh_rrs(m);
1768 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1774 HASHMAP_FOREACH(l, m->links, i) {
1777 a = link_find_address(l, family, in_addr);
1785 bool manager_our_packet(Manager *m, DnsPacket *p) {
1789 return !!manager_find_link_address(m, p->family, &p->sender);
1792 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1798 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1802 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1803 if (p->family == AF_INET)
1804 return l->llmnr_ipv4_scope;
1805 else if (p->family == AF_INET6)
1806 return l->llmnr_ipv6_scope;
1812 void manager_verify_all(Manager *m) {
1817 LIST_FOREACH(scopes, s, m->dns_scopes)
1818 dns_zone_verify_all(&s->zone);
1821 void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1824 if (t == DNS_SERVER_SYSTEM)
1825 while (m->dns_servers)
1826 dns_server_free(m->dns_servers);
1828 if (t == DNS_SERVER_FALLBACK)
1829 while (m->fallback_dns_servers)
1830 dns_server_free(m->fallback_dns_servers);
1833 static const char* const support_table[_SUPPORT_MAX] = {
1834 [SUPPORT_NO] = "no",
1835 [SUPPORT_YES] = "yes",
1836 [SUPPORT_RESOLVE] = "resolve",
1838 DEFINE_STRING_TABLE_LOOKUP(support, Support);
~ianmdlvl / elogind.git / blob