1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <arpa/inet.h>
25 #include <sys/ioctl.h>
27 #include <netinet/in.h>
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "network-internal.h"
33 #include "conf-parser.h"
34 #include "socket-util.h"
38 #include "resolved-dns-domain.h"
39 #include "resolved-conf.h"
40 #include "resolved-bus.h"
41 #include "resolved-manager.h"
43 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
45 static int manager_process_link(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
46 Manager
*m
= userdata
;
55 r
= sd_rtnl_message_get_type(mm
, &type
);
59 r
= sd_rtnl_message_link_get_ifindex(mm
, &ifindex
);
63 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
71 r
= link_new(m
, &l
, ifindex
);
76 r
= link_update_rtnl(l
, mm
);
80 r
= link_update_monitor(l
);
85 log_debug("Found new link %i/%s", ifindex
, l
->name
);
92 log_debug("Removing link %i/%s", l
->ifindex
, l
->name
);
102 log_warning("Failed to process RTNL link message: %s", strerror(-r
));
106 static int manager_process_address(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
107 Manager
*m
= userdata
;
108 union in_addr_union address
;
110 int r
, ifindex
, family
;
118 r
= sd_rtnl_message_get_type(mm
, &type
);
122 r
= sd_rtnl_message_addr_get_ifindex(mm
, &ifindex
);
126 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
130 r
= sd_rtnl_message_addr_get_family(mm
, &family
);
137 r
= sd_rtnl_message_read_in_addr(mm
, IFA_LOCAL
, &address
.in
);
139 r
= sd_rtnl_message_read_in_addr(mm
, IFA_ADDRESS
, &address
.in
);
147 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_LOCAL
, &address
.in6
);
149 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_ADDRESS
, &address
.in6
);
160 a
= link_find_address(l
, family
, &address
);
167 r
= link_address_new(l
, &a
, family
, &address
);
172 r
= link_address_update_rtnl(a
, mm
);
180 link_address_free(a
);
187 log_warning("Failed to process RTNL address message: %s", strerror(-r
));
191 static int manager_rtnl_listen(Manager
*m
) {
192 _cleanup_rtnl_message_unref_ sd_rtnl_message
*req
= NULL
, *reply
= NULL
;
198 /* First, subscibe to interfaces coming and going */
199 r
= sd_rtnl_open(&m
->rtnl
, 3, RTNLGRP_LINK
, RTNLGRP_IPV4_IFADDR
, RTNLGRP_IPV6_IFADDR
);
203 r
= sd_rtnl_attach_event(m
->rtnl
, m
->event
, 0);
207 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWLINK
, manager_process_link
, m
);
211 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELLINK
, manager_process_link
, m
);
215 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWADDR
, manager_process_address
, m
);
219 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELADDR
, manager_process_address
, m
);
223 /* Then, enumerate all links */
224 r
= sd_rtnl_message_new_link(m
->rtnl
, &req
, RTM_GETLINK
, 0);
228 r
= sd_rtnl_message_request_dump(req
, true);
232 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
236 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
237 r
= manager_process_link(m
->rtnl
, i
, m
);
242 req
= sd_rtnl_message_unref(req
);
243 reply
= sd_rtnl_message_unref(reply
);
245 /* Finally, enumerate all addresses, too */
246 r
= sd_rtnl_message_new_addr(m
->rtnl
, &req
, RTM_GETADDR
, 0, AF_UNSPEC
);
250 r
= sd_rtnl_message_request_dump(req
, true);
254 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
258 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
259 r
= manager_process_address(m
->rtnl
, i
, m
);
267 static int on_network_event(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
268 Manager
*m
= userdata
;
275 sd_network_monitor_flush(m
->network_monitor
);
277 HASHMAP_FOREACH(l
, m
->links
, i
) {
278 r
= link_update_monitor(l
);
280 log_warning("Failed to update monitor information for %i: %s", l
->ifindex
, strerror(-r
));
283 r
= manager_write_resolv_conf(m
);
285 log_warning("Could not update resolv.conf: %s", strerror(-r
));
290 static int manager_network_monitor_listen(Manager
*m
) {
295 r
= sd_network_monitor_new(&m
->network_monitor
, NULL
);
299 fd
= sd_network_monitor_get_fd(m
->network_monitor
);
303 events
= sd_network_monitor_get_events(m
->network_monitor
);
307 r
= sd_event_add_io(m
->event
, &m
->network_event_source
, fd
, events
, &on_network_event
, m
);
314 static int determine_hostname(char **ret
) {
315 _cleanup_free_
char *h
= NULL
, *n
= NULL
;
320 h
= gethostname_malloc();
324 if (!utf8_is_valid(h
)) {
325 log_error("System hostname is not UTF-8 clean.");
329 r
= dns_name_normalize(h
, &n
);
331 log_error("System hostname '%s' cannot be normalized.", h
);
341 static int on_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
342 _cleanup_free_
char *h
= NULL
;
343 Manager
*m
= userdata
;
348 r
= determine_hostname(&h
);
350 return 0; /* ignore invalid hostnames */
352 if (streq(h
, m
->hostname
))
355 log_info("System hostname changed to '%s'.", h
);
360 manager_refresh_rrs(m
);
365 static int manager_watch_hostname(Manager
*m
) {
370 m
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
371 if (m
->hostname_fd
< 0) {
372 log_warning("Failed to watch hostname: %m");
376 r
= sd_event_add_io(m
->event
, &m
->hostname_event_source
, m
->hostname_fd
, 0, on_hostname_change
, m
);
379 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
380 m
->hostname_fd
= safe_close(m
->hostname_fd
);
382 log_error("Failed to add hostname event source: %s", strerror(-r
));
387 r
= determine_hostname(&m
->hostname
);
389 log_info("Defaulting to hostname 'linux'.");
390 m
->hostname
= strdup("linux");
394 log_info("Using system hostname '%s'.", m
->hostname
);
399 static void manager_llmnr_stop(Manager
*m
) {
402 m
->llmnr_ipv4_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_udp_event_source
);
403 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
405 m
->llmnr_ipv6_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_udp_event_source
);
406 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
408 m
->llmnr_ipv4_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_tcp_event_source
);
409 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
411 m
->llmnr_ipv6_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_tcp_event_source
);
412 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
415 static int manager_llmnr_start(Manager
*m
) {
420 if (m
->llmnr_support
== SUPPORT_NO
)
423 r
= manager_llmnr_ipv4_udp_fd(m
);
424 if (r
== -EADDRINUSE
)
429 r
= manager_llmnr_ipv6_udp_fd(m
);
430 if (r
== -EADDRINUSE
)
435 r
= manager_llmnr_ipv4_tcp_fd(m
);
436 if (r
== -EADDRINUSE
)
441 r
= manager_llmnr_ipv6_tcp_fd(m
);
442 if (r
== -EADDRINUSE
)
450 log_warning("There appears to be another LLMNR respondering running. Turning off LLMNR support.");
451 m
->llmnr_support
= SUPPORT_NO
;
452 manager_llmnr_stop(m
);
456 int manager_new(Manager
**ret
) {
457 _cleanup_(manager_freep
) Manager
*m
= NULL
;
462 m
= new0(Manager
, 1);
466 m
->dns_ipv4_fd
= m
->dns_ipv6_fd
= -1;
467 m
->llmnr_ipv4_udp_fd
= m
->llmnr_ipv6_udp_fd
= -1;
468 m
->llmnr_ipv4_tcp_fd
= m
->llmnr_ipv6_tcp_fd
= -1;
471 m
->llmnr_support
= SUPPORT_YES
;
472 m
->read_resolv_conf
= true;
474 r
= manager_parse_dns_server(m
, DNS_SERVER_FALLBACK
, DNS_SERVERS
);
478 r
= sd_event_default(&m
->event
);
482 sd_event_add_signal(m
->event
, NULL
, SIGTERM
, NULL
, NULL
);
483 sd_event_add_signal(m
->event
, NULL
, SIGINT
, NULL
, NULL
);
485 sd_event_set_watchdog(m
->event
, true);
487 r
= manager_watch_hostname(m
);
491 r
= dns_scope_new(m
, &m
->unicast_scope
, NULL
, DNS_PROTOCOL_DNS
, AF_UNSPEC
);
495 r
= manager_network_monitor_listen(m
);
499 r
= manager_rtnl_listen(m
);
503 r
= manager_connect_bus(m
);
513 int manager_start(Manager
*m
) {
518 r
= manager_llmnr_start(m
);
525 Manager
*manager_free(Manager
*m
) {
531 while ((l
= hashmap_first(m
->links
)))
534 while (m
->dns_queries
)
535 dns_query_free(m
->dns_queries
);
537 dns_scope_free(m
->unicast_scope
);
539 manager_flush_dns_servers(m
, DNS_SERVER_SYSTEM
);
540 manager_flush_dns_servers(m
, DNS_SERVER_FALLBACK
);
542 hashmap_free(m
->links
);
543 hashmap_free(m
->dns_transactions
);
545 sd_event_source_unref(m
->network_event_source
);
546 sd_network_monitor_unref(m
->network_monitor
);
548 sd_event_source_unref(m
->dns_ipv4_event_source
);
549 sd_event_source_unref(m
->dns_ipv6_event_source
);
550 safe_close(m
->dns_ipv4_fd
);
551 safe_close(m
->dns_ipv6_fd
);
553 manager_llmnr_stop(m
);
555 sd_bus_slot_unref(m
->prepare_for_sleep_slot
);
556 sd_event_source_unref(m
->bus_retry_event_source
);
557 sd_bus_unref(m
->bus
);
559 sd_event_unref(m
->event
);
561 dns_resource_key_unref(m
->host_ipv4_key
);
562 dns_resource_key_unref(m
->host_ipv6_key
);
564 safe_close(m
->hostname_fd
);
565 sd_event_source_unref(m
->hostname_event_source
);
573 int manager_read_resolv_conf(Manager
*m
) {
574 _cleanup_fclose_
FILE *f
= NULL
;
583 /* Reads the system /etc/resolv.conf, if it exists and is not
584 * symlinked to our own resolv.conf instance */
586 if (!m
->read_resolv_conf
)
589 r
= stat("/etc/resolv.conf", &st
);
592 log_warning("Failed to open /etc/resolv.conf: %m");
597 /* Have we already seen the file? */
598 t
= timespec_load(&st
.st_mtim
);
599 if (t
== m
->resolv_conf_mtime
)
602 m
->resolv_conf_mtime
= t
;
604 /* Is it symlinked to our own file? */
605 if (stat("/run/systemd/resolve/resolv.conf", &own
) >= 0 &&
606 st
.st_dev
== own
.st_dev
&&
607 st
.st_ino
== own
.st_ino
) {
612 f
= fopen("/etc/resolv.conf", "re");
615 log_warning("Failed to open /etc/resolv.conf: %m");
620 if (fstat(fileno(f
), &st
) < 0) {
621 log_error("Failed to stat open file: %m");
626 LIST_FOREACH(servers
, s
, m
->dns_servers
)
629 FOREACH_LINE(line
, f
, r
= -errno
; goto clear
) {
630 union in_addr_union address
;
638 if (*l
== '#' || *l
== ';')
641 a
= first_word(l
, "nameserver");
645 r
= in_addr_from_string_auto(a
, &family
, &address
);
647 log_warning("Failed to parse name server %s.", a
);
651 LIST_FOREACH(servers
, s
, m
->dns_servers
)
652 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, &address
) > 0)
658 r
= dns_server_new(m
, NULL
, DNS_SERVER_SYSTEM
, NULL
, family
, &address
);
664 LIST_FOREACH_SAFE(servers
, s
, nx
, m
->dns_servers
)
671 while (m
->dns_servers
)
672 dns_server_free(m
->dns_servers
);
677 static void write_resolve_conf_server(DnsServer
*s
, FILE *f
, unsigned *count
) {
678 _cleanup_free_
char *t
= NULL
;
685 r
= in_addr_to_string(s
->family
, &s
->address
, &t
);
687 log_warning("Invalid DNS address. Ignoring: %s", strerror(-r
));
692 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f
);
694 fprintf(f
, "nameserver %s\n", t
);
698 int manager_write_resolv_conf(Manager
*m
) {
699 static const char path
[] = "/run/systemd/resolve/resolv.conf";
700 _cleanup_free_
char *temp_path
= NULL
;
701 _cleanup_fclose_
FILE *f
= NULL
;
702 _cleanup_set_free_ Set
*dns
= NULL
;
711 /* Read the system /etc/resolv.conf first */
712 manager_read_resolv_conf(m
);
714 /* Add the full list to a set, to filter out duplicates */
715 dns
= set_new(dns_server_hash_func
, dns_server_compare_func
);
719 /* First add the system-wide servers */
720 LIST_FOREACH(servers
, s
, m
->dns_servers
) {
728 /* Then, add the per-link servers */
729 HASHMAP_FOREACH(l
, m
->links
, i
)
730 LIST_FOREACH(servers
, s
, l
->dns_servers
) {
738 /* If we found nothing, add the fallback servers */
739 if (set_isempty(dns
)) {
740 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
) {
749 r
= fopen_temporary(path
, &f
, &temp_path
);
753 fchmod(fileno(f
), 0644);
755 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
756 "# Third party programs must not access this file directly, but\n"
757 "# only through the symlink at /etc/resolv.conf. To manage\n"
758 "# resolv.conf(5) in a different way, replace the symlink by a\n"
759 "# static file or a different symlink.\n\n", f
);
761 if (set_isempty(dns
))
762 fputs("# No DNS servers known.\n", f
);
764 SET_FOREACH(s
, dns
, i
)
765 write_resolve_conf_server(s
, f
, &count
);
768 r
= fflush_and_check(f
);
772 if (rename(temp_path
, path
) < 0) {
785 int manager_recv(Manager
*m
, int fd
, DnsProtocol protocol
, DnsPacket
**ret
) {
786 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
788 struct cmsghdr header
; /* For alignment */
789 uint8_t buffer
[CMSG_SPACE(MAX(sizeof(struct in_pktinfo
), sizeof(struct in6_pktinfo
)))
790 + CMSG_SPACE(int) /* ttl/hoplimit */
791 + EXTRA_CMSG_SPACE
/* kernel appears to require extra buffer space */];
793 union sockaddr_union sa
;
794 struct msghdr mh
= {};
795 struct cmsghdr
*cmsg
;
804 r
= ioctl(fd
, FIONREAD
, &ms
);
810 r
= dns_packet_new(&p
, protocol
, ms
);
814 iov
.iov_base
= DNS_PACKET_DATA(p
);
815 iov
.iov_len
= p
->allocated
;
817 mh
.msg_name
= &sa
.sa
;
818 mh
.msg_namelen
= sizeof(sa
);
821 mh
.msg_control
= &control
;
822 mh
.msg_controllen
= sizeof(control
);
824 l
= recvmsg(fd
, &mh
, 0);
826 if (errno
== EAGAIN
|| errno
== EINTR
)
835 assert(!(mh
.msg_flags
& MSG_CTRUNC
));
836 assert(!(mh
.msg_flags
& MSG_TRUNC
));
838 p
->size
= (size_t) l
;
840 p
->family
= sa
.sa
.sa_family
;
841 p
->ipproto
= IPPROTO_UDP
;
842 if (p
->family
== AF_INET
) {
843 p
->sender
.in
= sa
.in
.sin_addr
;
844 p
->sender_port
= be16toh(sa
.in
.sin_port
);
845 } else if (p
->family
== AF_INET6
) {
846 p
->sender
.in6
= sa
.in6
.sin6_addr
;
847 p
->sender_port
= be16toh(sa
.in6
.sin6_port
);
848 p
->ifindex
= sa
.in6
.sin6_scope_id
;
850 return -EAFNOSUPPORT
;
852 for (cmsg
= CMSG_FIRSTHDR(&mh
); cmsg
; cmsg
= CMSG_NXTHDR(&mh
, cmsg
)) {
854 if (cmsg
->cmsg_level
== IPPROTO_IPV6
) {
855 assert(p
->family
== AF_INET6
);
857 switch (cmsg
->cmsg_type
) {
860 struct in6_pktinfo
*i
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
863 p
->ifindex
= i
->ipi6_ifindex
;
865 p
->destination
.in6
= i
->ipi6_addr
;
870 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
874 } else if (cmsg
->cmsg_level
== IPPROTO_IP
) {
875 assert(p
->family
== AF_INET
);
877 switch (cmsg
->cmsg_type
) {
880 struct in_pktinfo
*i
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
883 p
->ifindex
= i
->ipi_ifindex
;
885 p
->destination
.in
= i
->ipi_addr
;
890 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
896 /* The Linux kernel sets the interface index to the loopback
897 * device if the packet came from the local host since it
898 * avoids the routing table in such a case. Let's unset the
899 * interface index in such a case. */
900 if (p
->ifindex
> 0 && manager_ifindex_is_loopback(m
, p
->ifindex
) != 0)
903 /* If we don't know the interface index still, we look for the
904 * first local interface with a matching address. Yuck! */
906 p
->ifindex
= manager_find_ifindex(m
, p
->family
, &p
->destination
);
914 static int on_dns_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
915 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
916 DnsTransaction
*t
= NULL
;
917 Manager
*m
= userdata
;
920 r
= manager_recv(m
, fd
, DNS_PROTOCOL_DNS
, &p
);
924 if (dns_packet_validate_reply(p
) > 0) {
925 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
929 dns_transaction_process_reply(t
, p
);
932 log_debug("Invalid DNS packet.");
937 int manager_dns_ipv4_fd(Manager
*m
) {
943 if (m
->dns_ipv4_fd
>= 0)
944 return m
->dns_ipv4_fd
;
946 m
->dns_ipv4_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
947 if (m
->dns_ipv4_fd
< 0)
950 r
= setsockopt(m
->dns_ipv4_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
956 r
= sd_event_add_io(m
->event
, &m
->dns_ipv4_event_source
, m
->dns_ipv4_fd
, EPOLLIN
, on_dns_packet
, m
);
960 return m
->dns_ipv4_fd
;
963 m
->dns_ipv4_fd
= safe_close(m
->dns_ipv4_fd
);
967 int manager_dns_ipv6_fd(Manager
*m
) {
973 if (m
->dns_ipv6_fd
>= 0)
974 return m
->dns_ipv6_fd
;
976 m
->dns_ipv6_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
977 if (m
->dns_ipv6_fd
< 0)
980 r
= setsockopt(m
->dns_ipv6_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
986 r
= sd_event_add_io(m
->event
, &m
->dns_ipv6_event_source
, m
->dns_ipv6_fd
, EPOLLIN
, on_dns_packet
, m
);
990 return m
->dns_ipv6_fd
;
993 m
->dns_ipv6_fd
= safe_close(m
->dns_ipv6_fd
);
997 static int sendmsg_loop(int fd
, struct msghdr
*mh
, int flags
) {
1004 if (sendmsg(fd
, mh
, flags
) >= 0)
1010 if (errno
!= EAGAIN
)
1013 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
1021 static int manager_ipv4_send(Manager
*m
, int fd
, int ifindex
, const struct in_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
1022 union sockaddr_union sa
= {
1023 .in
.sin_family
= AF_INET
,
1026 struct cmsghdr header
; /* For alignment */
1027 uint8_t buffer
[CMSG_SPACE(sizeof(struct in_pktinfo
))];
1029 struct msghdr mh
= {};
1038 iov
.iov_base
= DNS_PACKET_DATA(p
);
1039 iov
.iov_len
= p
->size
;
1041 sa
.in
.sin_addr
= *addr
;
1042 sa
.in
.sin_port
= htobe16(port
),
1046 mh
.msg_name
= &sa
.sa
;
1047 mh
.msg_namelen
= sizeof(sa
.in
);
1050 struct cmsghdr
*cmsg
;
1051 struct in_pktinfo
*pi
;
1055 mh
.msg_control
= &control
;
1056 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in_pktinfo
));
1058 cmsg
= CMSG_FIRSTHDR(&mh
);
1059 cmsg
->cmsg_len
= mh
.msg_controllen
;
1060 cmsg
->cmsg_level
= IPPROTO_IP
;
1061 cmsg
->cmsg_type
= IP_PKTINFO
;
1063 pi
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
1064 pi
->ipi_ifindex
= ifindex
;
1067 return sendmsg_loop(fd
, &mh
, 0);
1070 static int manager_ipv6_send(Manager
*m
, int fd
, int ifindex
, const struct in6_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
1071 union sockaddr_union sa
= {
1072 .in6
.sin6_family
= AF_INET6
,
1075 struct cmsghdr header
; /* For alignment */
1076 uint8_t buffer
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
1078 struct msghdr mh
= {};
1087 iov
.iov_base
= DNS_PACKET_DATA(p
);
1088 iov
.iov_len
= p
->size
;
1090 sa
.in6
.sin6_addr
= *addr
;
1091 sa
.in6
.sin6_port
= htobe16(port
),
1092 sa
.in6
.sin6_scope_id
= ifindex
;
1096 mh
.msg_name
= &sa
.sa
;
1097 mh
.msg_namelen
= sizeof(sa
.in6
);
1100 struct cmsghdr
*cmsg
;
1101 struct in6_pktinfo
*pi
;
1105 mh
.msg_control
= &control
;
1106 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in6_pktinfo
));
1108 cmsg
= CMSG_FIRSTHDR(&mh
);
1109 cmsg
->cmsg_len
= mh
.msg_controllen
;
1110 cmsg
->cmsg_level
= IPPROTO_IPV6
;
1111 cmsg
->cmsg_type
= IPV6_PKTINFO
;
1113 pi
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
1114 pi
->ipi6_ifindex
= ifindex
;
1117 return sendmsg_loop(fd
, &mh
, 0);
1120 int manager_send(Manager
*m
, int fd
, int ifindex
, int family
, const union in_addr_union
*addr
, uint16_t port
, DnsPacket
*p
) {
1127 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
), ifindex
, af_to_name(family
));
1129 if (family
== AF_INET
)
1130 return manager_ipv4_send(m
, fd
, ifindex
, &addr
->in
, port
, p
);
1131 else if (family
== AF_INET6
)
1132 return manager_ipv6_send(m
, fd
, ifindex
, &addr
->in6
, port
, p
);
1134 return -EAFNOSUPPORT
;
1137 DnsServer
* manager_find_dns_server(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1143 LIST_FOREACH(servers
, s
, m
->dns_servers
)
1144 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1147 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
)
1148 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1154 DnsServer
*manager_set_dns_server(Manager
*m
, DnsServer
*s
) {
1157 if (m
->current_dns_server
== s
)
1161 _cleanup_free_
char *ip
= NULL
;
1163 in_addr_to_string(s
->family
, &s
->address
, &ip
);
1164 log_info("Switching to system DNS server %s.", strna(ip
));
1167 m
->current_dns_server
= s
;
1169 if (m
->unicast_scope
)
1170 dns_cache_flush(&m
->unicast_scope
->cache
);
1175 DnsServer
*manager_get_dns_server(Manager
*m
) {
1179 /* Try to read updates resolv.conf */
1180 manager_read_resolv_conf(m
);
1182 if (!m
->current_dns_server
)
1183 manager_set_dns_server(m
, m
->dns_servers
);
1185 if (!m
->current_dns_server
) {
1189 /* No DNS servers configured, let's see if there are
1190 * any on any links. If not, we use the fallback
1193 HASHMAP_FOREACH(l
, m
->links
, i
)
1194 if (l
->dns_servers
) {
1200 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1203 return m
->current_dns_server
;
1206 void manager_next_dns_server(Manager
*m
) {
1209 /* If there's currently no DNS server set, then the next
1210 * manager_get_dns_server() will find one */
1211 if (!m
->current_dns_server
)
1214 /* Change to the next one */
1215 if (m
->current_dns_server
->servers_next
) {
1216 manager_set_dns_server(m
, m
->current_dns_server
->servers_next
);
1220 /* If there was no next one, then start from the beginning of
1222 if (m
->current_dns_server
->type
== DNS_SERVER_FALLBACK
)
1223 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1225 manager_set_dns_server(m
, m
->dns_servers
);
1228 uint32_t manager_find_mtu(Manager
*m
) {
1233 /* If we don't know on which link a DNS packet would be
1234 * delivered, let's find the largest MTU that works on all
1235 * interfaces we know of */
1237 HASHMAP_FOREACH(l
, m
->links
, i
) {
1241 if (mtu
<= 0 || l
->mtu
< mtu
)
1248 static int on_llmnr_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1249 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
1250 DnsTransaction
*t
= NULL
;
1251 Manager
*m
= userdata
;
1255 r
= manager_recv(m
, fd
, DNS_PROTOCOL_LLMNR
, &p
);
1259 scope
= manager_find_scope(m
, p
);
1261 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1265 if (dns_packet_validate_reply(p
) > 0) {
1266 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p
));
1268 dns_scope_check_conflicts(scope
, p
);
1270 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
1272 dns_transaction_process_reply(t
, p
);
1274 } else if (dns_packet_validate_query(p
) > 0) {
1275 log_debug("Got query packet for id %u", DNS_PACKET_ID(p
));
1277 dns_scope_process_query(scope
, NULL
, p
);
1279 log_debug("Invalid LLMNR UDP packet.");
1284 int manager_llmnr_ipv4_udp_fd(Manager
*m
) {
1285 union sockaddr_union sa
= {
1286 .in
.sin_family
= AF_INET
,
1287 .in
.sin_port
= htobe16(5355),
1289 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
, ttl
= 255;
1294 if (m
->llmnr_ipv4_udp_fd
>= 0)
1295 return m
->llmnr_ipv4_udp_fd
;
1297 m
->llmnr_ipv4_udp_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1298 if (m
->llmnr_ipv4_udp_fd
< 0)
1301 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1302 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_TTL
, &ttl
, sizeof(ttl
));
1308 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_TTL
, &ttl
, sizeof(ttl
));
1314 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_LOOP
, &one
, sizeof(one
));
1320 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1326 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1332 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1338 /* Disable Don't-Fragment bit in the IP header */
1339 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1345 r
= bind(m
->llmnr_ipv4_udp_fd
, &sa
.sa
, sizeof(sa
.in
));
1351 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_udp_event_source
, m
->llmnr_ipv4_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1355 return m
->llmnr_ipv4_udp_fd
;
1358 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
1362 int manager_llmnr_ipv6_udp_fd(Manager
*m
) {
1363 union sockaddr_union sa
= {
1364 .in6
.sin6_family
= AF_INET6
,
1365 .in6
.sin6_port
= htobe16(5355),
1367 static const int one
= 1, ttl
= 255;
1372 if (m
->llmnr_ipv6_udp_fd
>= 0)
1373 return m
->llmnr_ipv6_udp_fd
;
1375 m
->llmnr_ipv6_udp_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1376 if (m
->llmnr_ipv6_udp_fd
< 0)
1379 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &ttl
, sizeof(ttl
));
1385 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1386 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_HOPS
, &ttl
, sizeof(ttl
));
1392 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_LOOP
, &one
, sizeof(one
));
1398 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1404 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1410 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1416 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1422 r
= bind(m
->llmnr_ipv6_udp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1428 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_udp_event_source
, m
->llmnr_ipv6_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1434 return m
->llmnr_ipv6_udp_fd
;
1437 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
1441 static int on_llmnr_stream_packet(DnsStream
*s
) {
1446 scope
= manager_find_scope(s
->manager
, s
->read_packet
);
1448 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1452 if (dns_packet_validate_query(s
->read_packet
) > 0) {
1453 log_debug("Got query packet for id %u", DNS_PACKET_ID(s
->read_packet
));
1455 dns_scope_process_query(scope
, s
, s
->read_packet
);
1457 /* If no reply packet was set, we free the stream */
1458 if (s
->write_packet
)
1461 log_debug("Invalid LLMNR TCP packet.");
1467 static int on_llmnr_stream(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1469 Manager
*m
= userdata
;
1472 cfd
= accept4(fd
, NULL
, NULL
, SOCK_NONBLOCK
|SOCK_CLOEXEC
);
1474 if (errno
== EAGAIN
|| errno
== EINTR
)
1480 r
= dns_stream_new(m
, &stream
, DNS_PROTOCOL_LLMNR
, cfd
);
1486 stream
->on_packet
= on_llmnr_stream_packet
;
1490 int manager_llmnr_ipv4_tcp_fd(Manager
*m
) {
1491 union sockaddr_union sa
= {
1492 .in
.sin_family
= AF_INET
,
1493 .in
.sin_port
= htobe16(5355),
1495 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
;
1500 if (m
->llmnr_ipv4_tcp_fd
>= 0)
1501 return m
->llmnr_ipv4_tcp_fd
;
1503 m
->llmnr_ipv4_tcp_fd
= socket(AF_INET
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1504 if (m
->llmnr_ipv4_tcp_fd
< 0)
1507 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1508 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_TTL
, &one
, sizeof(one
));
1514 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1520 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1526 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1532 /* Disable Don't-Fragment bit in the IP header */
1533 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1539 r
= bind(m
->llmnr_ipv4_tcp_fd
, &sa
.sa
, sizeof(sa
.in
));
1545 r
= listen(m
->llmnr_ipv4_tcp_fd
, SOMAXCONN
);
1551 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_tcp_event_source
, m
->llmnr_ipv4_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1555 return m
->llmnr_ipv4_tcp_fd
;
1558 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
1562 int manager_llmnr_ipv6_tcp_fd(Manager
*m
) {
1563 union sockaddr_union sa
= {
1564 .in6
.sin6_family
= AF_INET6
,
1565 .in6
.sin6_port
= htobe16(5355),
1567 static const int one
= 1;
1572 if (m
->llmnr_ipv6_tcp_fd
>= 0)
1573 return m
->llmnr_ipv6_tcp_fd
;
1575 m
->llmnr_ipv6_tcp_fd
= socket(AF_INET6
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1576 if (m
->llmnr_ipv6_tcp_fd
< 0)
1579 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1580 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &one
, sizeof(one
));
1586 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1592 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1598 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1604 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1610 r
= bind(m
->llmnr_ipv6_tcp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1616 r
= listen(m
->llmnr_ipv6_tcp_fd
, SOMAXCONN
);
1622 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_tcp_event_source
, m
->llmnr_ipv6_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1628 return m
->llmnr_ipv6_tcp_fd
;
1631 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
1635 int manager_ifindex_is_loopback(Manager
*m
, int ifindex
) {
1642 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
1643 if (l
->flags
& IFF_LOOPBACK
)
1649 int manager_find_ifindex(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1654 a
= manager_find_link_address(m
, family
, in_addr
);
1656 return a
->link
->ifindex
;
1661 void manager_refresh_rrs(Manager
*m
) {
1667 m
->host_ipv4_key
= dns_resource_key_unref(m
->host_ipv4_key
);
1668 m
->host_ipv6_key
= dns_resource_key_unref(m
->host_ipv6_key
);
1670 HASHMAP_FOREACH(l
, m
->links
, i
) {
1671 link_add_rrs(l
, true);
1672 link_add_rrs(l
, false);
1676 int manager_next_hostname(Manager
*m
) {
1683 p
= strchr(m
->hostname
, 0);
1686 while (p
> m
->hostname
) {
1687 if (!strchr("0123456789", p
[-1]))
1693 if (*p
== 0 || safe_atou64(p
, &u
) < 0 || u
<= 0)
1696 /* Add a random number to the old value. This way we can avoid
1697 * that two hosts pick the same hostname, win on IPv4 and lose
1698 * on IPv6 (or vice versa), and pick the same hostname
1699 * replacement hostname, ad infinitum. We still want the
1700 * numbers to go up monotonically, hence we just add a random
1703 random_bytes(&a
, sizeof(a
));
1706 if (asprintf(&h
, "%.*s%" PRIu64
, (int) (p
- m
->hostname
), m
->hostname
, u
) < 0)
1709 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m
->hostname
, h
);
1714 manager_refresh_rrs(m
);
1719 LinkAddress
* manager_find_link_address(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1725 HASHMAP_FOREACH(l
, m
->links
, i
) {
1728 a
= link_find_address(l
, family
, in_addr
);
1736 bool manager_our_packet(Manager
*m
, DnsPacket
*p
) {
1740 return !!manager_find_link_address(m
, p
->family
, &p
->sender
);
1743 DnsScope
* manager_find_scope(Manager
*m
, DnsPacket
*p
) {
1749 l
= hashmap_get(m
->links
, INT_TO_PTR(p
->ifindex
));
1753 if (p
->protocol
== DNS_PROTOCOL_LLMNR
) {
1754 if (p
->family
== AF_INET
)
1755 return l
->llmnr_ipv4_scope
;
1756 else if (p
->family
== AF_INET6
)
1757 return l
->llmnr_ipv6_scope
;
1763 void manager_verify_all(Manager
*m
) {
1768 LIST_FOREACH(scopes
, s
, m
->dns_scopes
)
1769 dns_zone_verify_all(&s
->zone
);
1772 void manager_flush_dns_servers(Manager
*m
, DnsServerType t
) {
1775 if (t
== DNS_SERVER_SYSTEM
)
1776 while (m
->dns_servers
)
1777 dns_server_free(m
->dns_servers
);
1779 if (t
== DNS_SERVER_FALLBACK
)
1780 while (m
->fallback_dns_servers
)
1781 dns_server_free(m
->fallback_dns_servers
);
1784 static const char* const support_table
[_SUPPORT_MAX
] = {
1785 [SUPPORT_NO
] = "no",
1786 [SUPPORT_YES
] = "yes",
1787 [SUPPORT_RESOLVE
] = "resolve",
1789 DEFINE_STRING_TABLE_LOOKUP(support
, Support
);