]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
resolved: unify logic how we flush out DNS servers we learnt
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <arpa/inet.h>
23 #include <resolv.h>
24 #include <net/if.h>
25 #include <sys/ioctl.h>
26 #include <sys/poll.h>
27 #include <netinet/in.h>
28
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "network-internal.h"
33 #include "conf-parser.h"
34 #include "socket-util.h"
35 #include "af-list.h"
36 #include "utf8.h"
37
38 #include "resolved-dns-domain.h"
39 #include "resolved-conf.h"
40 #include "resolved-bus.h"
41 #include "resolved-manager.h"
42
43 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
44
45 static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
46 Manager *m = userdata;
47 uint16_t type;
48 Link *l;
49 int ifindex, r;
50
51 assert(rtnl);
52 assert(m);
53 assert(mm);
54
55 r = sd_rtnl_message_get_type(mm, &type);
56 if (r < 0)
57 goto fail;
58
59 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
60 if (r < 0)
61 goto fail;
62
63 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
64
65 switch (type) {
66
67 case RTM_NEWLINK:{
68 bool is_new = !l;
69
70 if (!l) {
71 r = link_new(m, &l, ifindex);
72 if (r < 0)
73 goto fail;
74 }
75
76 r = link_update_rtnl(l, mm);
77 if (r < 0)
78 goto fail;
79
80 r = link_update_monitor(l);
81 if (r < 0)
82 goto fail;
83
84 if (is_new)
85 log_debug("Found new link %i/%s", ifindex, l->name);
86
87 break;
88 }
89
90 case RTM_DELLINK:
91 if (l) {
92 log_debug("Removing link %i/%s", l->ifindex, l->name);
93 link_free(l);
94 }
95
96 break;
97 }
98
99 return 0;
100
101 fail:
102 log_warning("Failed to process RTNL link message: %s", strerror(-r));
103 return 0;
104 }
105
106 static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
107 Manager *m = userdata;
108 union in_addr_union address;
109 uint16_t type;
110 int r, ifindex, family;
111 LinkAddress *a;
112 Link *l;
113
114 assert(rtnl);
115 assert(mm);
116 assert(m);
117
118 r = sd_rtnl_message_get_type(mm, &type);
119 if (r < 0)
120 goto fail;
121
122 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
123 if (r < 0)
124 goto fail;
125
126 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
127 if (!l)
128 return 0;
129
130 r = sd_rtnl_message_addr_get_family(mm, &family);
131 if (r < 0)
132 goto fail;
133
134 switch (family) {
135
136 case AF_INET:
137 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
138 if (r < 0) {
139 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
140 if (r < 0)
141 goto fail;
142 }
143
144 break;
145
146 case AF_INET6:
147 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
148 if (r < 0) {
149 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
150 if (r < 0)
151 goto fail;
152 }
153
154 break;
155
156 default:
157 return 0;
158 }
159
160 a = link_find_address(l, family, &address);
161
162 switch (type) {
163
164 case RTM_NEWADDR:
165
166 if (!a) {
167 r = link_address_new(l, &a, family, &address);
168 if (r < 0)
169 return r;
170 }
171
172 r = link_address_update_rtnl(a, mm);
173 if (r < 0)
174 return r;
175
176 break;
177
178 case RTM_DELADDR:
179 if (a)
180 link_address_free(a);
181 break;
182 }
183
184 return 0;
185
186 fail:
187 log_warning("Failed to process RTNL address message: %s", strerror(-r));
188 return 0;
189 }
190
191 static int manager_rtnl_listen(Manager *m) {
192 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
193 sd_rtnl_message *i;
194 int r;
195
196 assert(m);
197
198 /* First, subscibe to interfaces coming and going */
199 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
200 if (r < 0)
201 return r;
202
203 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
204 if (r < 0)
205 return r;
206
207 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
208 if (r < 0)
209 return r;
210
211 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
212 if (r < 0)
213 return r;
214
215 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
216 if (r < 0)
217 return r;
218
219 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
220 if (r < 0)
221 return r;
222
223 /* Then, enumerate all links */
224 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
225 if (r < 0)
226 return r;
227
228 r = sd_rtnl_message_request_dump(req, true);
229 if (r < 0)
230 return r;
231
232 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
233 if (r < 0)
234 return r;
235
236 for (i = reply; i; i = sd_rtnl_message_next(i)) {
237 r = manager_process_link(m->rtnl, i, m);
238 if (r < 0)
239 return r;
240 }
241
242 req = sd_rtnl_message_unref(req);
243 reply = sd_rtnl_message_unref(reply);
244
245 /* Finally, enumerate all addresses, too */
246 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
247 if (r < 0)
248 return r;
249
250 r = sd_rtnl_message_request_dump(req, true);
251 if (r < 0)
252 return r;
253
254 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
255 if (r < 0)
256 return r;
257
258 for (i = reply; i; i = sd_rtnl_message_next(i)) {
259 r = manager_process_address(m->rtnl, i, m);
260 if (r < 0)
261 return r;
262 }
263
264 return r;
265 }
266
267 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
268 Manager *m = userdata;
269 Iterator i;
270 Link *l;
271 int r;
272
273 assert(m);
274
275 sd_network_monitor_flush(m->network_monitor);
276
277 HASHMAP_FOREACH(l, m->links, i) {
278 r = link_update_monitor(l);
279 if (r < 0)
280 log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
281 }
282
283 r = manager_write_resolv_conf(m);
284 if (r < 0)
285 log_warning("Could not update resolv.conf: %s", strerror(-r));
286
287 return 0;
288 }
289
290 static int manager_network_monitor_listen(Manager *m) {
291 int r, fd, events;
292
293 assert(m);
294
295 r = sd_network_monitor_new(&m->network_monitor, NULL);
296 if (r < 0)
297 return r;
298
299 fd = sd_network_monitor_get_fd(m->network_monitor);
300 if (fd < 0)
301 return fd;
302
303 events = sd_network_monitor_get_events(m->network_monitor);
304 if (events < 0)
305 return events;
306
307 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
308 if (r < 0)
309 return r;
310
311 return 0;
312 }
313
314 static int determine_hostname(char **ret) {
315 _cleanup_free_ char *h = NULL, *n = NULL;
316 int r;
317
318 assert(ret);
319
320 h = gethostname_malloc();
321 if (!h)
322 return log_oom();
323
324 if (!utf8_is_valid(h)) {
325 log_error("System hostname is not UTF-8 clean.");
326 return -EINVAL;
327 }
328
329 r = dns_name_normalize(h, &n);
330 if (r < 0) {
331 log_error("System hostname '%s' cannot be normalized.", h);
332 return r;
333 }
334
335 *ret = n;
336 n = NULL;
337
338 return 0;
339 }
340
341 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
342 _cleanup_free_ char *h = NULL;
343 Manager *m = userdata;
344 int r;
345
346 assert(m);
347
348 r = determine_hostname(&h);
349 if (r < 0)
350 return 0; /* ignore invalid hostnames */
351
352 if (streq(h, m->hostname))
353 return 0;
354
355 log_info("System hostname changed to '%s'.", h);
356 free(m->hostname);
357 m->hostname = h;
358 h = NULL;
359
360 manager_refresh_rrs(m);
361
362 return 0;
363 }
364
365 static int manager_watch_hostname(Manager *m) {
366 int r;
367
368 assert(m);
369
370 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
371 if (m->hostname_fd < 0) {
372 log_warning("Failed to watch hostname: %m");
373 return 0;
374 }
375
376 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
377 if (r < 0) {
378 if (r == -EPERM)
379 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
380 m->hostname_fd = safe_close(m->hostname_fd);
381 else {
382 log_error("Failed to add hostname event source: %s", strerror(-r));
383 return r;
384 }
385 }
386
387 r = determine_hostname(&m->hostname);
388 if (r < 0) {
389 log_info("Defaulting to hostname 'linux'.");
390 m->hostname = strdup("linux");
391 if (!m->hostname)
392 return log_oom();
393 } else
394 log_info("Using system hostname '%s'.", m->hostname);
395
396 return 0;
397 }
398
399 static void manager_llmnr_stop(Manager *m) {
400 assert(m);
401
402 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
403 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
404
405 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
406 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
407
408 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
409 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
410
411 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
412 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
413 }
414
415 static int manager_llmnr_start(Manager *m) {
416 int r;
417
418 assert(m);
419
420 if (m->llmnr_support == SUPPORT_NO)
421 return 0;
422
423 r = manager_llmnr_ipv4_udp_fd(m);
424 if (r == -EADDRINUSE)
425 goto eaddrinuse;
426 if (r < 0)
427 return r;
428
429 r = manager_llmnr_ipv6_udp_fd(m);
430 if (r == -EADDRINUSE)
431 goto eaddrinuse;
432 if (r < 0)
433 return r;
434
435 r = manager_llmnr_ipv4_tcp_fd(m);
436 if (r == -EADDRINUSE)
437 goto eaddrinuse;
438 if (r < 0)
439 return r;
440
441 r = manager_llmnr_ipv6_tcp_fd(m);
442 if (r == -EADDRINUSE)
443 goto eaddrinuse;
444 if (r < 0)
445 return r;
446
447 return 0;
448
449 eaddrinuse:
450 log_warning("There appears to be another LLMNR respondering running. Turning off LLMNR support.");
451 m->llmnr_support = SUPPORT_NO;
452 manager_llmnr_stop(m);
453 return 0;
454 }
455
456 int manager_new(Manager **ret) {
457 _cleanup_(manager_freep) Manager *m = NULL;
458 int r;
459
460 assert(ret);
461
462 m = new0(Manager, 1);
463 if (!m)
464 return -ENOMEM;
465
466 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
467 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
468 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
469 m->hostname_fd = -1;
470
471 m->llmnr_support = SUPPORT_YES;
472 m->read_resolv_conf = true;
473
474 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
475 if (r < 0)
476 return r;
477
478 r = sd_event_default(&m->event);
479 if (r < 0)
480 return r;
481
482 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
483 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
484
485 sd_event_set_watchdog(m->event, true);
486
487 r = manager_watch_hostname(m);
488 if (r < 0)
489 return r;
490
491 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
492 if (r < 0)
493 return r;
494
495 r = manager_network_monitor_listen(m);
496 if (r < 0)
497 return r;
498
499 r = manager_rtnl_listen(m);
500 if (r < 0)
501 return r;
502
503 r = manager_connect_bus(m);
504 if (r < 0)
505 return r;
506
507 *ret = m;
508 m = NULL;
509
510 return 0;
511 }
512
513 int manager_start(Manager *m) {
514 int r;
515
516 assert(m);
517
518 r = manager_llmnr_start(m);
519 if (r < 0)
520 return r;
521
522 return 0;
523 }
524
525 Manager *manager_free(Manager *m) {
526 Link *l;
527
528 if (!m)
529 return NULL;
530
531 while ((l = hashmap_first(m->links)))
532 link_free(l);
533
534 while (m->dns_queries)
535 dns_query_free(m->dns_queries);
536
537 dns_scope_free(m->unicast_scope);
538
539 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
540 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
541
542 hashmap_free(m->links);
543 hashmap_free(m->dns_transactions);
544
545 sd_event_source_unref(m->network_event_source);
546 sd_network_monitor_unref(m->network_monitor);
547
548 sd_event_source_unref(m->dns_ipv4_event_source);
549 sd_event_source_unref(m->dns_ipv6_event_source);
550 safe_close(m->dns_ipv4_fd);
551 safe_close(m->dns_ipv6_fd);
552
553 manager_llmnr_stop(m);
554
555 sd_bus_slot_unref(m->prepare_for_sleep_slot);
556 sd_event_source_unref(m->bus_retry_event_source);
557 sd_bus_unref(m->bus);
558
559 sd_event_unref(m->event);
560
561 dns_resource_key_unref(m->host_ipv4_key);
562 dns_resource_key_unref(m->host_ipv6_key);
563
564 safe_close(m->hostname_fd);
565 sd_event_source_unref(m->hostname_event_source);
566 free(m->hostname);
567
568 free(m);
569
570 return NULL;
571 }
572
573 int manager_read_resolv_conf(Manager *m) {
574 _cleanup_fclose_ FILE *f = NULL;
575 struct stat st, own;
576 char line[LINE_MAX];
577 DnsServer *s, *nx;
578 usec_t t;
579 int r;
580
581 assert(m);
582
583 /* Reads the system /etc/resolv.conf, if it exists and is not
584 * symlinked to our own resolv.conf instance */
585
586 if (!m->read_resolv_conf)
587 return 0;
588
589 r = stat("/etc/resolv.conf", &st);
590 if (r < 0) {
591 if (errno != ENOENT)
592 log_warning("Failed to open /etc/resolv.conf: %m");
593 r = -errno;
594 goto clear;
595 }
596
597 /* Have we already seen the file? */
598 t = timespec_load(&st.st_mtim);
599 if (t == m->resolv_conf_mtime)
600 return 0;
601
602 m->resolv_conf_mtime = t;
603
604 /* Is it symlinked to our own file? */
605 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
606 st.st_dev == own.st_dev &&
607 st.st_ino == own.st_ino) {
608 r = 0;
609 goto clear;
610 }
611
612 f = fopen("/etc/resolv.conf", "re");
613 if (!f) {
614 if (errno != ENOENT)
615 log_warning("Failed to open /etc/resolv.conf: %m");
616 r = -errno;
617 goto clear;
618 }
619
620 if (fstat(fileno(f), &st) < 0) {
621 log_error("Failed to stat open file: %m");
622 r = -errno;
623 goto clear;
624 }
625
626 LIST_FOREACH(servers, s, m->dns_servers)
627 s->marked = true;
628
629 FOREACH_LINE(line, f, r = -errno; goto clear) {
630 union in_addr_union address;
631 int family;
632 char *l;
633 const char *a;
634
635 truncate_nl(line);
636
637 l = strstrip(line);
638 if (*l == '#' || *l == ';')
639 continue;
640
641 a = first_word(l, "nameserver");
642 if (!a)
643 continue;
644
645 r = in_addr_from_string_auto(a, &family, &address);
646 if (r < 0) {
647 log_warning("Failed to parse name server %s.", a);
648 continue;
649 }
650
651 LIST_FOREACH(servers, s, m->dns_servers)
652 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
653 break;
654
655 if (s)
656 s->marked = false;
657 else {
658 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
659 if (r < 0)
660 goto clear;
661 }
662 }
663
664 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
665 if (s->marked)
666 dns_server_free(s);
667
668 return 0;
669
670 clear:
671 while (m->dns_servers)
672 dns_server_free(m->dns_servers);
673
674 return r;
675 }
676
677 static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
678 _cleanup_free_ char *t = NULL;
679 int r;
680
681 assert(s);
682 assert(f);
683 assert(count);
684
685 r = in_addr_to_string(s->family, &s->address, &t);
686 if (r < 0) {
687 log_warning("Invalid DNS address. Ignoring: %s", strerror(-r));
688 return;
689 }
690
691 if (*count == MAXNS)
692 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
693
694 fprintf(f, "nameserver %s\n", t);
695 (*count) ++;
696 }
697
698 int manager_write_resolv_conf(Manager *m) {
699 static const char path[] = "/run/systemd/resolve/resolv.conf";
700 _cleanup_free_ char *temp_path = NULL;
701 _cleanup_fclose_ FILE *f = NULL;
702 _cleanup_set_free_ Set *dns = NULL;
703 unsigned count = 0;
704 DnsServer *s;
705 Iterator i;
706 Link *l;
707 int r;
708
709 assert(m);
710
711 /* Read the system /etc/resolv.conf first */
712 manager_read_resolv_conf(m);
713
714 /* Add the full list to a set, to filter out duplicates */
715 dns = set_new(dns_server_hash_func, dns_server_compare_func);
716 if (!dns)
717 return -ENOMEM;
718
719 /* First add the system-wide servers */
720 LIST_FOREACH(servers, s, m->dns_servers) {
721 r = set_put(dns, s);
722 if (r == -EEXIST)
723 continue;
724 if (r < 0)
725 return r;
726 }
727
728 /* Then, add the per-link servers */
729 HASHMAP_FOREACH(l, m->links, i)
730 LIST_FOREACH(servers, s, l->dns_servers) {
731 r = set_put(dns, s);
732 if (r == -EEXIST)
733 continue;
734 if (r < 0)
735 return r;
736 }
737
738 /* If we found nothing, add the fallback servers */
739 if (set_isempty(dns)) {
740 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
741 r = set_put(dns, s);
742 if (r == -EEXIST)
743 continue;
744 if (r < 0)
745 return r;
746 }
747 }
748
749 r = fopen_temporary(path, &f, &temp_path);
750 if (r < 0)
751 return r;
752
753 fchmod(fileno(f), 0644);
754
755 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
756 "# Third party programs must not access this file directly, but\n"
757 "# only through the symlink at /etc/resolv.conf. To manage\n"
758 "# resolv.conf(5) in a different way, replace the symlink by a\n"
759 "# static file or a different symlink.\n\n", f);
760
761 if (set_isempty(dns))
762 fputs("# No DNS servers known.\n", f);
763 else {
764 SET_FOREACH(s, dns, i)
765 write_resolve_conf_server(s, f, &count);
766 }
767
768 r = fflush_and_check(f);
769 if (r < 0)
770 goto fail;
771
772 if (rename(temp_path, path) < 0) {
773 r = -errno;
774 goto fail;
775 }
776
777 return 0;
778
779 fail:
780 unlink(path);
781 unlink(temp_path);
782 return r;
783 }
784
785 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
786 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
787 union {
788 struct cmsghdr header; /* For alignment */
789 uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
790 + CMSG_SPACE(int) /* ttl/hoplimit */
791 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
792 } control;
793 union sockaddr_union sa;
794 struct msghdr mh = {};
795 struct cmsghdr *cmsg;
796 struct iovec iov;
797 int ms = 0, r;
798 ssize_t l;
799
800 assert(m);
801 assert(fd >= 0);
802 assert(ret);
803
804 r = ioctl(fd, FIONREAD, &ms);
805 if (r < 0)
806 return -errno;
807 if (ms < 0)
808 return -EIO;
809
810 r = dns_packet_new(&p, protocol, ms);
811 if (r < 0)
812 return r;
813
814 iov.iov_base = DNS_PACKET_DATA(p);
815 iov.iov_len = p->allocated;
816
817 mh.msg_name = &sa.sa;
818 mh.msg_namelen = sizeof(sa);
819 mh.msg_iov = &iov;
820 mh.msg_iovlen = 1;
821 mh.msg_control = &control;
822 mh.msg_controllen = sizeof(control);
823
824 l = recvmsg(fd, &mh, 0);
825 if (l < 0) {
826 if (errno == EAGAIN || errno == EINTR)
827 return 0;
828
829 return -errno;
830 }
831
832 if (l <= 0)
833 return -EIO;
834
835 assert(!(mh.msg_flags & MSG_CTRUNC));
836 assert(!(mh.msg_flags & MSG_TRUNC));
837
838 p->size = (size_t) l;
839
840 p->family = sa.sa.sa_family;
841 p->ipproto = IPPROTO_UDP;
842 if (p->family == AF_INET) {
843 p->sender.in = sa.in.sin_addr;
844 p->sender_port = be16toh(sa.in.sin_port);
845 } else if (p->family == AF_INET6) {
846 p->sender.in6 = sa.in6.sin6_addr;
847 p->sender_port = be16toh(sa.in6.sin6_port);
848 p->ifindex = sa.in6.sin6_scope_id;
849 } else
850 return -EAFNOSUPPORT;
851
852 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
853
854 if (cmsg->cmsg_level == IPPROTO_IPV6) {
855 assert(p->family == AF_INET6);
856
857 switch (cmsg->cmsg_type) {
858
859 case IPV6_PKTINFO: {
860 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
861
862 if (p->ifindex <= 0)
863 p->ifindex = i->ipi6_ifindex;
864
865 p->destination.in6 = i->ipi6_addr;
866 break;
867 }
868
869 case IPV6_HOPLIMIT:
870 p->ttl = *(int *) CMSG_DATA(cmsg);
871 break;
872
873 }
874 } else if (cmsg->cmsg_level == IPPROTO_IP) {
875 assert(p->family == AF_INET);
876
877 switch (cmsg->cmsg_type) {
878
879 case IP_PKTINFO: {
880 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
881
882 if (p->ifindex <= 0)
883 p->ifindex = i->ipi_ifindex;
884
885 p->destination.in = i->ipi_addr;
886 break;
887 }
888
889 case IP_TTL:
890 p->ttl = *(int *) CMSG_DATA(cmsg);
891 break;
892 }
893 }
894 }
895
896 /* The Linux kernel sets the interface index to the loopback
897 * device if the packet came from the local host since it
898 * avoids the routing table in such a case. Let's unset the
899 * interface index in such a case. */
900 if (p->ifindex > 0 && manager_ifindex_is_loopback(m, p->ifindex) != 0)
901 p->ifindex = 0;
902
903 /* If we don't know the interface index still, we look for the
904 * first local interface with a matching address. Yuck! */
905 if (p->ifindex <= 0)
906 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
907
908 *ret = p;
909 p = NULL;
910
911 return 1;
912 }
913
914 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
915 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
916 DnsTransaction *t = NULL;
917 Manager *m = userdata;
918 int r;
919
920 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
921 if (r <= 0)
922 return r;
923
924 if (dns_packet_validate_reply(p) > 0) {
925 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
926 if (!t)
927 return 0;
928
929 dns_transaction_process_reply(t, p);
930
931 } else
932 log_debug("Invalid DNS packet.");
933
934 return 0;
935 }
936
937 int manager_dns_ipv4_fd(Manager *m) {
938 const int one = 1;
939 int r;
940
941 assert(m);
942
943 if (m->dns_ipv4_fd >= 0)
944 return m->dns_ipv4_fd;
945
946 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
947 if (m->dns_ipv4_fd < 0)
948 return -errno;
949
950 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
951 if (r < 0) {
952 r = -errno;
953 goto fail;
954 }
955
956 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
957 if (r < 0)
958 goto fail;
959
960 return m->dns_ipv4_fd;
961
962 fail:
963 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
964 return r;
965 }
966
967 int manager_dns_ipv6_fd(Manager *m) {
968 const int one = 1;
969 int r;
970
971 assert(m);
972
973 if (m->dns_ipv6_fd >= 0)
974 return m->dns_ipv6_fd;
975
976 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
977 if (m->dns_ipv6_fd < 0)
978 return -errno;
979
980 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
981 if (r < 0) {
982 r = -errno;
983 goto fail;
984 }
985
986 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
987 if (r < 0)
988 goto fail;
989
990 return m->dns_ipv6_fd;
991
992 fail:
993 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
994 return r;
995 }
996
997 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
998 int r;
999
1000 assert(fd >= 0);
1001 assert(mh);
1002
1003 for (;;) {
1004 if (sendmsg(fd, mh, flags) >= 0)
1005 return 0;
1006
1007 if (errno == EINTR)
1008 continue;
1009
1010 if (errno != EAGAIN)
1011 return -errno;
1012
1013 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1014 if (r < 0)
1015 return r;
1016 if (r == 0)
1017 return -ETIMEDOUT;
1018 }
1019 }
1020
1021 static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1022 union sockaddr_union sa = {
1023 .in.sin_family = AF_INET,
1024 };
1025 union {
1026 struct cmsghdr header; /* For alignment */
1027 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1028 } control;
1029 struct msghdr mh = {};
1030 struct iovec iov;
1031
1032 assert(m);
1033 assert(fd >= 0);
1034 assert(addr);
1035 assert(port > 0);
1036 assert(p);
1037
1038 iov.iov_base = DNS_PACKET_DATA(p);
1039 iov.iov_len = p->size;
1040
1041 sa.in.sin_addr = *addr;
1042 sa.in.sin_port = htobe16(port),
1043
1044 mh.msg_iov = &iov;
1045 mh.msg_iovlen = 1;
1046 mh.msg_name = &sa.sa;
1047 mh.msg_namelen = sizeof(sa.in);
1048
1049 if (ifindex > 0) {
1050 struct cmsghdr *cmsg;
1051 struct in_pktinfo *pi;
1052
1053 zero(control);
1054
1055 mh.msg_control = &control;
1056 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1057
1058 cmsg = CMSG_FIRSTHDR(&mh);
1059 cmsg->cmsg_len = mh.msg_controllen;
1060 cmsg->cmsg_level = IPPROTO_IP;
1061 cmsg->cmsg_type = IP_PKTINFO;
1062
1063 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1064 pi->ipi_ifindex = ifindex;
1065 }
1066
1067 return sendmsg_loop(fd, &mh, 0);
1068 }
1069
1070 static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1071 union sockaddr_union sa = {
1072 .in6.sin6_family = AF_INET6,
1073 };
1074 union {
1075 struct cmsghdr header; /* For alignment */
1076 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1077 } control;
1078 struct msghdr mh = {};
1079 struct iovec iov;
1080
1081 assert(m);
1082 assert(fd >= 0);
1083 assert(addr);
1084 assert(port > 0);
1085 assert(p);
1086
1087 iov.iov_base = DNS_PACKET_DATA(p);
1088 iov.iov_len = p->size;
1089
1090 sa.in6.sin6_addr = *addr;
1091 sa.in6.sin6_port = htobe16(port),
1092 sa.in6.sin6_scope_id = ifindex;
1093
1094 mh.msg_iov = &iov;
1095 mh.msg_iovlen = 1;
1096 mh.msg_name = &sa.sa;
1097 mh.msg_namelen = sizeof(sa.in6);
1098
1099 if (ifindex > 0) {
1100 struct cmsghdr *cmsg;
1101 struct in6_pktinfo *pi;
1102
1103 zero(control);
1104
1105 mh.msg_control = &control;
1106 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1107
1108 cmsg = CMSG_FIRSTHDR(&mh);
1109 cmsg->cmsg_len = mh.msg_controllen;
1110 cmsg->cmsg_level = IPPROTO_IPV6;
1111 cmsg->cmsg_type = IPV6_PKTINFO;
1112
1113 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1114 pi->ipi6_ifindex = ifindex;
1115 }
1116
1117 return sendmsg_loop(fd, &mh, 0);
1118 }
1119
1120 int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1121 assert(m);
1122 assert(fd >= 0);
1123 assert(addr);
1124 assert(port > 0);
1125 assert(p);
1126
1127 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1128
1129 if (family == AF_INET)
1130 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1131 else if (family == AF_INET6)
1132 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1133
1134 return -EAFNOSUPPORT;
1135 }
1136
1137 DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1138 DnsServer *s;
1139
1140 assert(m);
1141 assert(in_addr);
1142
1143 LIST_FOREACH(servers, s, m->dns_servers)
1144 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1145 return s;
1146
1147 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1148 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1149 return s;
1150
1151 return NULL;
1152 }
1153
1154 DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1155 assert(m);
1156
1157 if (m->current_dns_server == s)
1158 return s;
1159
1160 if (s) {
1161 _cleanup_free_ char *ip = NULL;
1162
1163 in_addr_to_string(s->family, &s->address, &ip);
1164 log_info("Switching to system DNS server %s.", strna(ip));
1165 }
1166
1167 m->current_dns_server = s;
1168
1169 if (m->unicast_scope)
1170 dns_cache_flush(&m->unicast_scope->cache);
1171
1172 return s;
1173 }
1174
1175 DnsServer *manager_get_dns_server(Manager *m) {
1176 Link *l;
1177 assert(m);
1178
1179 /* Try to read updates resolv.conf */
1180 manager_read_resolv_conf(m);
1181
1182 if (!m->current_dns_server)
1183 manager_set_dns_server(m, m->dns_servers);
1184
1185 if (!m->current_dns_server) {
1186 bool found = false;
1187 Iterator i;
1188
1189 /* No DNS servers configured, let's see if there are
1190 * any on any links. If not, we use the fallback
1191 * servers */
1192
1193 HASHMAP_FOREACH(l, m->links, i)
1194 if (l->dns_servers) {
1195 found = true;
1196 break;
1197 }
1198
1199 if (!found)
1200 manager_set_dns_server(m, m->fallback_dns_servers);
1201 }
1202
1203 return m->current_dns_server;
1204 }
1205
1206 void manager_next_dns_server(Manager *m) {
1207 assert(m);
1208
1209 /* If there's currently no DNS server set, then the next
1210 * manager_get_dns_server() will find one */
1211 if (!m->current_dns_server)
1212 return;
1213
1214 /* Change to the next one */
1215 if (m->current_dns_server->servers_next) {
1216 manager_set_dns_server(m, m->current_dns_server->servers_next);
1217 return;
1218 }
1219
1220 /* If there was no next one, then start from the beginning of
1221 * the list */
1222 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1223 manager_set_dns_server(m, m->fallback_dns_servers);
1224 else
1225 manager_set_dns_server(m, m->dns_servers);
1226 }
1227
1228 uint32_t manager_find_mtu(Manager *m) {
1229 uint32_t mtu = 0;
1230 Link *l;
1231 Iterator i;
1232
1233 /* If we don't know on which link a DNS packet would be
1234 * delivered, let's find the largest MTU that works on all
1235 * interfaces we know of */
1236
1237 HASHMAP_FOREACH(l, m->links, i) {
1238 if (l->mtu <= 0)
1239 continue;
1240
1241 if (mtu <= 0 || l->mtu < mtu)
1242 mtu = l->mtu;
1243 }
1244
1245 return mtu;
1246 }
1247
1248 static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1249 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1250 DnsTransaction *t = NULL;
1251 Manager *m = userdata;
1252 DnsScope *scope;
1253 int r;
1254
1255 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1256 if (r <= 0)
1257 return r;
1258
1259 scope = manager_find_scope(m, p);
1260 if (!scope) {
1261 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1262 return 0;
1263 }
1264
1265 if (dns_packet_validate_reply(p) > 0) {
1266 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1267
1268 dns_scope_check_conflicts(scope, p);
1269
1270 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1271 if (t)
1272 dns_transaction_process_reply(t, p);
1273
1274 } else if (dns_packet_validate_query(p) > 0) {
1275 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
1276
1277 dns_scope_process_query(scope, NULL, p);
1278 } else
1279 log_debug("Invalid LLMNR UDP packet.");
1280
1281 return 0;
1282 }
1283
1284 int manager_llmnr_ipv4_udp_fd(Manager *m) {
1285 union sockaddr_union sa = {
1286 .in.sin_family = AF_INET,
1287 .in.sin_port = htobe16(5355),
1288 };
1289 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1290 int r;
1291
1292 assert(m);
1293
1294 if (m->llmnr_ipv4_udp_fd >= 0)
1295 return m->llmnr_ipv4_udp_fd;
1296
1297 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1298 if (m->llmnr_ipv4_udp_fd < 0)
1299 return -errno;
1300
1301 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1302 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1303 if (r < 0) {
1304 r = -errno;
1305 goto fail;
1306 }
1307
1308 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1309 if (r < 0) {
1310 r = -errno;
1311 goto fail;
1312 }
1313
1314 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1315 if (r < 0) {
1316 r = -errno;
1317 goto fail;
1318 }
1319
1320 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1321 if (r < 0) {
1322 r = -errno;
1323 goto fail;
1324 }
1325
1326 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1327 if (r < 0) {
1328 r = -errno;
1329 goto fail;
1330 }
1331
1332 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1333 if (r < 0) {
1334 r = -errno;
1335 goto fail;
1336 }
1337
1338 /* Disable Don't-Fragment bit in the IP header */
1339 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1340 if (r < 0) {
1341 r = -errno;
1342 goto fail;
1343 }
1344
1345 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1346 if (r < 0) {
1347 r = -errno;
1348 goto fail;
1349 }
1350
1351 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1352 if (r < 0)
1353 goto fail;
1354
1355 return m->llmnr_ipv4_udp_fd;
1356
1357 fail:
1358 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1359 return r;
1360 }
1361
1362 int manager_llmnr_ipv6_udp_fd(Manager *m) {
1363 union sockaddr_union sa = {
1364 .in6.sin6_family = AF_INET6,
1365 .in6.sin6_port = htobe16(5355),
1366 };
1367 static const int one = 1, ttl = 255;
1368 int r;
1369
1370 assert(m);
1371
1372 if (m->llmnr_ipv6_udp_fd >= 0)
1373 return m->llmnr_ipv6_udp_fd;
1374
1375 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1376 if (m->llmnr_ipv6_udp_fd < 0)
1377 return -errno;
1378
1379 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1380 if (r < 0) {
1381 r = -errno;
1382 goto fail;
1383 }
1384
1385 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1386 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1387 if (r < 0) {
1388 r = -errno;
1389 goto fail;
1390 }
1391
1392 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1393 if (r < 0) {
1394 r = -errno;
1395 goto fail;
1396 }
1397
1398 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1399 if (r < 0) {
1400 r = -errno;
1401 goto fail;
1402 }
1403
1404 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1405 if (r < 0) {
1406 r = -errno;
1407 goto fail;
1408 }
1409
1410 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1411 if (r < 0) {
1412 r = -errno;
1413 goto fail;
1414 }
1415
1416 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1417 if (r < 0) {
1418 r = -errno;
1419 goto fail;
1420 }
1421
1422 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1423 if (r < 0) {
1424 r = -errno;
1425 goto fail;
1426 }
1427
1428 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1429 if (r < 0) {
1430 r = -errno;
1431 goto fail;
1432 }
1433
1434 return m->llmnr_ipv6_udp_fd;
1435
1436 fail:
1437 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1438 return r;
1439 }
1440
1441 static int on_llmnr_stream_packet(DnsStream *s) {
1442 DnsScope *scope;
1443
1444 assert(s);
1445
1446 scope = manager_find_scope(s->manager, s->read_packet);
1447 if (!scope) {
1448 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1449 return 0;
1450 }
1451
1452 if (dns_packet_validate_query(s->read_packet) > 0) {
1453 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
1454
1455 dns_scope_process_query(scope, s, s->read_packet);
1456
1457 /* If no reply packet was set, we free the stream */
1458 if (s->write_packet)
1459 return 0;
1460 } else
1461 log_debug("Invalid LLMNR TCP packet.");
1462
1463 dns_stream_free(s);
1464 return 0;
1465 }
1466
1467 static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1468 DnsStream *stream;
1469 Manager *m = userdata;
1470 int cfd, r;
1471
1472 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1473 if (cfd < 0) {
1474 if (errno == EAGAIN || errno == EINTR)
1475 return 0;
1476
1477 return -errno;
1478 }
1479
1480 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1481 if (r < 0) {
1482 safe_close(cfd);
1483 return r;
1484 }
1485
1486 stream->on_packet = on_llmnr_stream_packet;
1487 return 0;
1488 }
1489
1490 int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1491 union sockaddr_union sa = {
1492 .in.sin_family = AF_INET,
1493 .in.sin_port = htobe16(5355),
1494 };
1495 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1496 int r;
1497
1498 assert(m);
1499
1500 if (m->llmnr_ipv4_tcp_fd >= 0)
1501 return m->llmnr_ipv4_tcp_fd;
1502
1503 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1504 if (m->llmnr_ipv4_tcp_fd < 0)
1505 return -errno;
1506
1507 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1508 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1509 if (r < 0) {
1510 r = -errno;
1511 goto fail;
1512 }
1513
1514 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1515 if (r < 0) {
1516 r = -errno;
1517 goto fail;
1518 }
1519
1520 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1521 if (r < 0) {
1522 r = -errno;
1523 goto fail;
1524 }
1525
1526 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1527 if (r < 0) {
1528 r = -errno;
1529 goto fail;
1530 }
1531
1532 /* Disable Don't-Fragment bit in the IP header */
1533 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1534 if (r < 0) {
1535 r = -errno;
1536 goto fail;
1537 }
1538
1539 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1540 if (r < 0) {
1541 r = -errno;
1542 goto fail;
1543 }
1544
1545 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1546 if (r < 0) {
1547 r = -errno;
1548 goto fail;
1549 }
1550
1551 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1552 if (r < 0)
1553 goto fail;
1554
1555 return m->llmnr_ipv4_tcp_fd;
1556
1557 fail:
1558 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1559 return r;
1560 }
1561
1562 int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1563 union sockaddr_union sa = {
1564 .in6.sin6_family = AF_INET6,
1565 .in6.sin6_port = htobe16(5355),
1566 };
1567 static const int one = 1;
1568 int r;
1569
1570 assert(m);
1571
1572 if (m->llmnr_ipv6_tcp_fd >= 0)
1573 return m->llmnr_ipv6_tcp_fd;
1574
1575 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1576 if (m->llmnr_ipv6_tcp_fd < 0)
1577 return -errno;
1578
1579 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1580 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1581 if (r < 0) {
1582 r = -errno;
1583 goto fail;
1584 }
1585
1586 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1587 if (r < 0) {
1588 r = -errno;
1589 goto fail;
1590 }
1591
1592 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1593 if (r < 0) {
1594 r = -errno;
1595 goto fail;
1596 }
1597
1598 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1599 if (r < 0) {
1600 r = -errno;
1601 goto fail;
1602 }
1603
1604 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1605 if (r < 0) {
1606 r = -errno;
1607 goto fail;
1608 }
1609
1610 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1611 if (r < 0) {
1612 r = -errno;
1613 goto fail;
1614 }
1615
1616 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1617 if (r < 0) {
1618 r = -errno;
1619 goto fail;
1620 }
1621
1622 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1623 if (r < 0) {
1624 r = -errno;
1625 goto fail;
1626 }
1627
1628 return m->llmnr_ipv6_tcp_fd;
1629
1630 fail:
1631 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1632 return r;
1633 }
1634
1635 int manager_ifindex_is_loopback(Manager *m, int ifindex) {
1636 Link *l;
1637 assert(m);
1638
1639 if (ifindex <= 0)
1640 return -EINVAL;
1641
1642 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
1643 if (l->flags & IFF_LOOPBACK)
1644 return 1;
1645
1646 return 0;
1647 }
1648
1649 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1650 LinkAddress *a;
1651
1652 assert(m);
1653
1654 a = manager_find_link_address(m, family, in_addr);
1655 if (a)
1656 return a->link->ifindex;
1657
1658 return 0;
1659 }
1660
1661 void manager_refresh_rrs(Manager *m) {
1662 Iterator i;
1663 Link *l;
1664
1665 assert(m);
1666
1667 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1668 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1669
1670 HASHMAP_FOREACH(l, m->links, i) {
1671 link_add_rrs(l, true);
1672 link_add_rrs(l, false);
1673 }
1674 }
1675
1676 int manager_next_hostname(Manager *m) {
1677 const char *p;
1678 uint64_t u, a;
1679 char *h;
1680
1681 assert(m);
1682
1683 p = strchr(m->hostname, 0);
1684 assert(p);
1685
1686 while (p > m->hostname) {
1687 if (!strchr("0123456789", p[-1]))
1688 break;
1689
1690 p--;
1691 }
1692
1693 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1694 u = 1;
1695
1696 /* Add a random number to the old value. This way we can avoid
1697 * that two hosts pick the same hostname, win on IPv4 and lose
1698 * on IPv6 (or vice versa), and pick the same hostname
1699 * replacement hostname, ad infinitum. We still want the
1700 * numbers to go up monotonically, hence we just add a random
1701 * value 1..10 */
1702
1703 random_bytes(&a, sizeof(a));
1704 u += 1 + a % 10;
1705
1706 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1707 return -ENOMEM;
1708
1709 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1710
1711 free(m->hostname);
1712 m->hostname = h;
1713
1714 manager_refresh_rrs(m);
1715
1716 return 0;
1717 }
1718
1719 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1720 Iterator i;
1721 Link *l;
1722
1723 assert(m);
1724
1725 HASHMAP_FOREACH(l, m->links, i) {
1726 LinkAddress *a;
1727
1728 a = link_find_address(l, family, in_addr);
1729 if (a)
1730 return a;
1731 }
1732
1733 return NULL;
1734 }
1735
1736 bool manager_our_packet(Manager *m, DnsPacket *p) {
1737 assert(m);
1738 assert(p);
1739
1740 return !!manager_find_link_address(m, p->family, &p->sender);
1741 }
1742
1743 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1744 Link *l;
1745
1746 assert(m);
1747 assert(p);
1748
1749 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1750 if (!l)
1751 return NULL;
1752
1753 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1754 if (p->family == AF_INET)
1755 return l->llmnr_ipv4_scope;
1756 else if (p->family == AF_INET6)
1757 return l->llmnr_ipv6_scope;
1758 }
1759
1760 return NULL;
1761 }
1762
1763 void manager_verify_all(Manager *m) {
1764 DnsScope *s;
1765
1766 assert(m);
1767
1768 LIST_FOREACH(scopes, s, m->dns_scopes)
1769 dns_zone_verify_all(&s->zone);
1770 }
1771
1772 void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1773 assert(m);
1774
1775 if (t == DNS_SERVER_SYSTEM)
1776 while (m->dns_servers)
1777 dns_server_free(m->dns_servers);
1778
1779 if (t == DNS_SERVER_FALLBACK)
1780 while (m->fallback_dns_servers)
1781 dns_server_free(m->fallback_dns_servers);
1782 }
1783
1784 static const char* const support_table[_SUPPORT_MAX] = {
1785 [SUPPORT_NO] = "no",
1786 [SUPPORT_YES] = "yes",
1787 [SUPPORT_RESOLVE] = "resolve",
1788 };
1789 DEFINE_STRING_TABLE_LOOKUP(support, Support);
Unnamed repository; edit this file 'description' to name the repository.