From bf3f1271e2cc0c22b11c8a805a997578dabe9191 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 29 Jul 2014 23:51:34 +0200 Subject: [PATCH] resolved: set LLMNR TCP and UDP TTLs to the values suggested by the RFC --- src/resolve/resolved-dns-scope.c | 2 +- src/resolve/resolved-manager.c | 16 ++++++++++------ 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c index b226f5a45..5742f3ef4 100644 --- a/src/resolve/resolved-dns-scope.c +++ b/src/resolve/resolved-dns-scope.c @@ -254,7 +254,7 @@ int dns_scope_tcp_socket(DnsScope *s, int family, const union in_addr_union *add } if (s->protocol == DNS_PROTOCOL_LLMNR) { - /* RFC 4795, section 2.5 suggests the TTL to be set to 1 */ + /* RFC 4795, section 2.5 requires the TTL to be set to 1 */ if (sa.sa.sa_family == AF_INET) { r = setsockopt(fd, IPPROTO_IP, IP_TTL, &one, sizeof(one)); diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c index a8715bd5b..523ed2020 100644 --- a/src/resolve/resolved-manager.c +++ b/src/resolve/resolved-manager.c @@ -1024,7 +1024,7 @@ int manager_llmnr_ipv4_udp_fd(Manager *m) { .in.sin_family = AF_INET, .in.sin_port = htobe16(5355), }; - static const int one = 1, pmtu = IP_PMTUDISC_DONT; + static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255; int r; assert(m); @@ -1036,13 +1036,14 @@ int manager_llmnr_ipv4_udp_fd(Manager *m) { if (m->llmnr_ipv4_udp_fd < 0) return -errno; - r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one)); + /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */ + r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl)); if (r < 0) { r = -errno; goto fail; } - r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &one, sizeof(one)); + r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl)); if (r < 0) { r = -errno; goto fail; @@ -1101,7 +1102,7 @@ int manager_llmnr_ipv6_udp_fd(Manager *m) { .in6.sin6_family = AF_INET6, .in6.sin6_port = htobe16(5355), }; - static const int one = 1; + static const int one = 1, ttl = 255; int r; assert(m); @@ -1113,13 +1114,14 @@ int manager_llmnr_ipv6_udp_fd(Manager *m) { if (m->llmnr_ipv6_udp_fd < 0) return -errno; - r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one)); + r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl)); if (r < 0) { r = -errno; goto fail; } - r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &one, sizeof(one)); + /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */ + r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl)); if (r < 0) { r = -errno; goto fail; @@ -1243,6 +1245,7 @@ int manager_llmnr_ipv4_tcp_fd(Manager *m) { if (m->llmnr_ipv4_tcp_fd < 0) return -errno; + /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */ r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one)); if (r < 0) { r = -errno; @@ -1314,6 +1317,7 @@ int manager_llmnr_ipv6_tcp_fd(Manager *m) { if (m->llmnr_ipv6_tcp_fd < 0) return -errno; + /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */ r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one)); if (r < 0) { r = -errno; -- 2.30.2