1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <arpa/inet.h>
25 #include <sys/ioctl.h>
27 #include <netinet/in.h>
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "network-internal.h"
33 #include "conf-parser.h"
34 #include "socket-util.h"
38 #include "resolved-dns-domain.h"
39 #include "resolved-conf.h"
40 #include "resolved-bus.h"
41 #include "resolved-manager.h"
43 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
45 static int manager_process_link(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
46 Manager
*m
= userdata
;
55 r
= sd_rtnl_message_get_type(mm
, &type
);
59 r
= sd_rtnl_message_link_get_ifindex(mm
, &ifindex
);
63 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
71 r
= link_new(m
, &l
, ifindex
);
76 r
= link_update_rtnl(l
, mm
);
80 r
= link_update_monitor(l
);
85 log_debug("Found new link %i/%s", ifindex
, l
->name
);
92 log_debug("Removing link %i/%s", l
->ifindex
, l
->name
);
102 log_warning("Failed to process RTNL link message: %s", strerror(-r
));
106 static int manager_process_address(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
107 Manager
*m
= userdata
;
108 union in_addr_union address
;
110 int r
, ifindex
, family
;
118 r
= sd_rtnl_message_get_type(mm
, &type
);
122 r
= sd_rtnl_message_addr_get_ifindex(mm
, &ifindex
);
126 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
130 r
= sd_rtnl_message_addr_get_family(mm
, &family
);
137 r
= sd_rtnl_message_read_in_addr(mm
, IFA_LOCAL
, &address
.in
);
139 r
= sd_rtnl_message_read_in_addr(mm
, IFA_ADDRESS
, &address
.in
);
147 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_LOCAL
, &address
.in6
);
149 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_ADDRESS
, &address
.in6
);
160 a
= link_find_address(l
, family
, &address
);
167 r
= link_address_new(l
, &a
, family
, &address
);
172 r
= link_address_update_rtnl(a
, mm
);
180 link_address_free(a
);
187 log_warning("Failed to process RTNL address message: %s", strerror(-r
));
191 static int manager_rtnl_listen(Manager
*m
) {
192 _cleanup_rtnl_message_unref_ sd_rtnl_message
*req
= NULL
, *reply
= NULL
;
198 /* First, subscibe to interfaces coming and going */
199 r
= sd_rtnl_open(&m
->rtnl
, 3, RTNLGRP_LINK
, RTNLGRP_IPV4_IFADDR
, RTNLGRP_IPV6_IFADDR
);
203 r
= sd_rtnl_attach_event(m
->rtnl
, m
->event
, 0);
207 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWLINK
, manager_process_link
, m
);
211 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELLINK
, manager_process_link
, m
);
215 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWADDR
, manager_process_address
, m
);
219 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELADDR
, manager_process_address
, m
);
223 /* Then, enumerate all links */
224 r
= sd_rtnl_message_new_link(m
->rtnl
, &req
, RTM_GETLINK
, 0);
228 r
= sd_rtnl_message_request_dump(req
, true);
232 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
236 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
237 r
= manager_process_link(m
->rtnl
, i
, m
);
242 req
= sd_rtnl_message_unref(req
);
243 reply
= sd_rtnl_message_unref(reply
);
245 /* Finally, enumerate all addresses, too */
246 r
= sd_rtnl_message_new_addr(m
->rtnl
, &req
, RTM_GETADDR
, 0, AF_UNSPEC
);
250 r
= sd_rtnl_message_request_dump(req
, true);
254 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
258 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
259 r
= manager_process_address(m
->rtnl
, i
, m
);
267 static int on_network_event(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
268 Manager
*m
= userdata
;
275 sd_network_monitor_flush(m
->network_monitor
);
277 HASHMAP_FOREACH(l
, m
->links
, i
) {
278 r
= link_update_monitor(l
);
280 log_warning("Failed to update monitor information for %i: %s", l
->ifindex
, strerror(-r
));
283 r
= manager_write_resolv_conf(m
);
285 log_warning("Could not update resolv.conf: %s", strerror(-r
));
290 static int manager_network_monitor_listen(Manager
*m
) {
295 r
= sd_network_monitor_new(&m
->network_monitor
, NULL
);
299 fd
= sd_network_monitor_get_fd(m
->network_monitor
);
303 events
= sd_network_monitor_get_events(m
->network_monitor
);
307 r
= sd_event_add_io(m
->event
, &m
->network_event_source
, fd
, events
, &on_network_event
, m
);
314 static int determine_hostname(char **ret
) {
315 _cleanup_free_
char *h
= NULL
, *n
= NULL
;
320 h
= gethostname_malloc();
324 if (!utf8_is_valid(h
)) {
325 log_error("System hostname is not UTF-8 clean.");
329 r
= dns_name_normalize(h
, &n
);
331 log_error("System hostname '%s' cannot be normalized.", h
);
341 static int on_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
342 _cleanup_free_
char *h
= NULL
;
343 Manager
*m
= userdata
;
348 r
= determine_hostname(&h
);
350 return 0; /* ignore invalid hostnames */
352 if (streq(h
, m
->hostname
))
355 log_info("System hostname changed to '%s'.", h
);
360 manager_refresh_rrs(m
);
365 static int manager_watch_hostname(Manager
*m
) {
370 m
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
371 if (m
->hostname_fd
< 0) {
372 log_warning("Failed to watch hostname: %m");
376 r
= sd_event_add_io(m
->event
, &m
->hostname_event_source
, m
->hostname_fd
, 0, on_hostname_change
, m
);
379 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
380 m
->hostname_fd
= safe_close(m
->hostname_fd
);
382 log_error("Failed to add hostname event source: %s", strerror(-r
));
387 r
= determine_hostname(&m
->hostname
);
389 log_info("Defaulting to hostname 'linux'.");
390 m
->hostname
= strdup("linux");
394 log_info("Using system hostname '%s'.", m
->hostname
);
399 static void manager_llmnr_stop(Manager
*m
) {
402 m
->llmnr_ipv4_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_udp_event_source
);
403 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
405 m
->llmnr_ipv6_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_udp_event_source
);
406 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
408 m
->llmnr_ipv4_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_tcp_event_source
);
409 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
411 m
->llmnr_ipv6_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_tcp_event_source
);
412 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
415 static int manager_llmnr_start(Manager
*m
) {
420 if (m
->llmnr_support
== SUPPORT_NO
)
423 r
= manager_llmnr_ipv4_udp_fd(m
);
424 if (r
== -EADDRINUSE
)
429 r
= manager_llmnr_ipv6_udp_fd(m
);
430 if (r
== -EADDRINUSE
)
435 r
= manager_llmnr_ipv4_tcp_fd(m
);
436 if (r
== -EADDRINUSE
)
441 r
= manager_llmnr_ipv6_tcp_fd(m
);
442 if (r
== -EADDRINUSE
)
450 log_warning("There appears to be another LLMNR respondering running. Turning off LLMNR support.");
451 m
->llmnr_support
= SUPPORT_NO
;
452 manager_llmnr_stop(m
);
456 int manager_new(Manager
**ret
) {
457 _cleanup_(manager_freep
) Manager
*m
= NULL
;
462 m
= new0(Manager
, 1);
466 m
->dns_ipv4_fd
= m
->dns_ipv6_fd
= -1;
467 m
->llmnr_ipv4_udp_fd
= m
->llmnr_ipv6_udp_fd
= -1;
468 m
->llmnr_ipv4_tcp_fd
= m
->llmnr_ipv6_tcp_fd
= -1;
471 m
->llmnr_support
= SUPPORT_YES
;
472 m
->read_resolv_conf
= true;
474 r
= manager_parse_dns_server(m
, DNS_SERVER_FALLBACK
, DNS_SERVERS
);
478 r
= sd_event_default(&m
->event
);
482 sd_event_add_signal(m
->event
, NULL
, SIGTERM
, NULL
, NULL
);
483 sd_event_add_signal(m
->event
, NULL
, SIGINT
, NULL
, NULL
);
485 sd_event_set_watchdog(m
->event
, true);
487 r
= manager_watch_hostname(m
);
491 r
= dns_scope_new(m
, &m
->unicast_scope
, NULL
, DNS_PROTOCOL_DNS
, AF_UNSPEC
);
495 r
= manager_network_monitor_listen(m
);
499 r
= manager_rtnl_listen(m
);
503 r
= manager_connect_bus(m
);
513 int manager_start(Manager
*m
) {
518 r
= manager_llmnr_start(m
);
525 Manager
*manager_free(Manager
*m
) {
531 while ((l
= hashmap_first(m
->links
)))
534 while (m
->dns_queries
)
535 dns_query_free(m
->dns_queries
);
537 dns_scope_free(m
->unicast_scope
);
539 while (m
->dns_servers
)
540 dns_server_free(m
->dns_servers
);
541 while (m
->fallback_dns_servers
)
542 dns_server_free(m
->fallback_dns_servers
);
544 hashmap_free(m
->links
);
545 hashmap_free(m
->dns_transactions
);
547 sd_event_source_unref(m
->network_event_source
);
548 sd_network_monitor_unref(m
->network_monitor
);
550 sd_event_source_unref(m
->dns_ipv4_event_source
);
551 sd_event_source_unref(m
->dns_ipv6_event_source
);
552 safe_close(m
->dns_ipv4_fd
);
553 safe_close(m
->dns_ipv6_fd
);
555 manager_llmnr_stop(m
);
557 sd_bus_slot_unref(m
->prepare_for_sleep_slot
);
558 sd_event_source_unref(m
->bus_retry_event_source
);
559 sd_bus_unref(m
->bus
);
561 sd_event_unref(m
->event
);
563 dns_resource_key_unref(m
->host_ipv4_key
);
564 dns_resource_key_unref(m
->host_ipv6_key
);
566 safe_close(m
->hostname_fd
);
567 sd_event_source_unref(m
->hostname_event_source
);
575 int manager_read_resolv_conf(Manager
*m
) {
576 _cleanup_fclose_
FILE *f
= NULL
;
585 /* Reads the system /etc/resolv.conf, if it exists and is not
586 * symlinked to our own resolv.conf instance */
588 if (!m
->read_resolv_conf
)
591 r
= stat("/etc/resolv.conf", &st
);
594 log_warning("Failed to open /etc/resolv.conf: %m");
599 /* Have we already seen the file? */
600 t
= timespec_load(&st
.st_mtim
);
601 if (t
== m
->resolv_conf_mtime
)
604 m
->resolv_conf_mtime
= t
;
606 /* Is it symlinked to our own file? */
607 if (stat("/run/systemd/resolve/resolv.conf", &own
) >= 0 &&
608 st
.st_dev
== own
.st_dev
&&
609 st
.st_ino
== own
.st_ino
) {
614 f
= fopen("/etc/resolv.conf", "re");
617 log_warning("Failed to open /etc/resolv.conf: %m");
622 if (fstat(fileno(f
), &st
) < 0) {
623 log_error("Failed to stat open file: %m");
628 LIST_FOREACH(servers
, s
, m
->dns_servers
)
631 FOREACH_LINE(line
, f
, r
= -errno
; goto clear
) {
632 union in_addr_union address
;
640 if (*l
== '#' || *l
== ';')
643 a
= first_word(l
, "nameserver");
647 r
= in_addr_from_string_auto(a
, &family
, &address
);
649 log_warning("Failed to parse name server %s.", a
);
653 LIST_FOREACH(servers
, s
, m
->dns_servers
)
654 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, &address
) > 0)
660 r
= dns_server_new(m
, NULL
, DNS_SERVER_SYSTEM
, NULL
, family
, &address
);
666 LIST_FOREACH_SAFE(servers
, s
, nx
, m
->dns_servers
)
673 while (m
->dns_servers
)
674 dns_server_free(m
->dns_servers
);
679 static void write_resolve_conf_server(DnsServer
*s
, FILE *f
, unsigned *count
) {
680 _cleanup_free_
char *t
= NULL
;
687 r
= in_addr_to_string(s
->family
, &s
->address
, &t
);
689 log_warning("Invalid DNS address. Ignoring: %s", strerror(-r
));
694 fputs("# Too many DNS servers configured, the following entries may be ignored\n", f
);
696 fprintf(f
, "nameserver %s\n", t
);
700 int manager_write_resolv_conf(Manager
*m
) {
701 static const char path
[] = "/run/systemd/resolve/resolv.conf";
702 _cleanup_free_
char *temp_path
= NULL
;
703 _cleanup_fclose_
FILE *f
= NULL
;
712 /* Read the system /etc/resolv.conf first */
713 manager_read_resolv_conf(m
);
715 r
= fopen_temporary(path
, &f
, &temp_path
);
719 fchmod(fileno(f
), 0644);
721 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
722 "# Third party programs must not access this file directly, but\n"
723 "# only through the symlink at /etc/resolv.conf. To manage\n"
724 "# resolv.conf(5) in a different way, replace the symlink by a\n"
725 "# static file or a different symlink.\n\n", f
);
727 LIST_FOREACH(servers
, s
, m
->dns_servers
)
728 write_resolve_conf_server(s
, f
, &count
);
730 HASHMAP_FOREACH(l
, m
->links
, i
)
731 LIST_FOREACH(servers
, s
, l
->dns_servers
)
732 write_resolve_conf_server(s
, f
, &count
);
735 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
)
736 write_resolve_conf_server(s
, f
, &count
);
739 r
= fflush_and_check(f
);
743 if (rename(temp_path
, path
) < 0) {
756 int manager_recv(Manager
*m
, int fd
, DnsProtocol protocol
, DnsPacket
**ret
) {
757 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
759 struct cmsghdr header
; /* For alignment */
760 uint8_t buffer
[CMSG_SPACE(MAX(sizeof(struct in_pktinfo
), sizeof(struct in6_pktinfo
)))
761 + CMSG_SPACE(int) /* ttl/hoplimit */
762 + EXTRA_CMSG_SPACE
/* kernel appears to require extra buffer space */];
764 union sockaddr_union sa
;
765 struct msghdr mh
= {};
766 struct cmsghdr
*cmsg
;
775 r
= ioctl(fd
, FIONREAD
, &ms
);
781 r
= dns_packet_new(&p
, protocol
, ms
);
785 iov
.iov_base
= DNS_PACKET_DATA(p
);
786 iov
.iov_len
= p
->allocated
;
788 mh
.msg_name
= &sa
.sa
;
789 mh
.msg_namelen
= sizeof(sa
);
792 mh
.msg_control
= &control
;
793 mh
.msg_controllen
= sizeof(control
);
795 l
= recvmsg(fd
, &mh
, 0);
797 if (errno
== EAGAIN
|| errno
== EINTR
)
806 assert(!(mh
.msg_flags
& MSG_CTRUNC
));
807 assert(!(mh
.msg_flags
& MSG_TRUNC
));
809 p
->size
= (size_t) l
;
811 p
->family
= sa
.sa
.sa_family
;
812 p
->ipproto
= IPPROTO_UDP
;
813 if (p
->family
== AF_INET
) {
814 p
->sender
.in
= sa
.in
.sin_addr
;
815 p
->sender_port
= be16toh(sa
.in
.sin_port
);
816 } else if (p
->family
== AF_INET6
) {
817 p
->sender
.in6
= sa
.in6
.sin6_addr
;
818 p
->sender_port
= be16toh(sa
.in6
.sin6_port
);
819 p
->ifindex
= sa
.in6
.sin6_scope_id
;
821 return -EAFNOSUPPORT
;
823 for (cmsg
= CMSG_FIRSTHDR(&mh
); cmsg
; cmsg
= CMSG_NXTHDR(&mh
, cmsg
)) {
825 if (cmsg
->cmsg_level
== IPPROTO_IPV6
) {
826 assert(p
->family
== AF_INET6
);
828 switch (cmsg
->cmsg_type
) {
831 struct in6_pktinfo
*i
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
834 p
->ifindex
= i
->ipi6_ifindex
;
836 p
->destination
.in6
= i
->ipi6_addr
;
841 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
845 } else if (cmsg
->cmsg_level
== IPPROTO_IP
) {
846 assert(p
->family
== AF_INET
);
848 switch (cmsg
->cmsg_type
) {
851 struct in_pktinfo
*i
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
854 p
->ifindex
= i
->ipi_ifindex
;
856 p
->destination
.in
= i
->ipi_addr
;
861 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
867 /* The Linux kernel sets the interface index to the loopback
868 * device if the packet came from the local host since it
869 * avoids the routing table in such a case. Let's unset the
870 * interface index in such a case. */
871 if (p
->ifindex
> 0 && manager_ifindex_is_loopback(m
, p
->ifindex
) != 0)
874 /* If we don't know the interface index still, we look for the
875 * first local interface with a matching address. Yuck! */
877 p
->ifindex
= manager_find_ifindex(m
, p
->family
, &p
->destination
);
885 static int on_dns_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
886 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
887 DnsTransaction
*t
= NULL
;
888 Manager
*m
= userdata
;
891 r
= manager_recv(m
, fd
, DNS_PROTOCOL_DNS
, &p
);
895 if (dns_packet_validate_reply(p
) > 0) {
896 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
900 dns_transaction_process_reply(t
, p
);
903 log_debug("Invalid DNS packet.");
908 int manager_dns_ipv4_fd(Manager
*m
) {
914 if (m
->dns_ipv4_fd
>= 0)
915 return m
->dns_ipv4_fd
;
917 m
->dns_ipv4_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
918 if (m
->dns_ipv4_fd
< 0)
921 r
= setsockopt(m
->dns_ipv4_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
927 r
= sd_event_add_io(m
->event
, &m
->dns_ipv4_event_source
, m
->dns_ipv4_fd
, EPOLLIN
, on_dns_packet
, m
);
931 return m
->dns_ipv4_fd
;
934 m
->dns_ipv4_fd
= safe_close(m
->dns_ipv4_fd
);
938 int manager_dns_ipv6_fd(Manager
*m
) {
944 if (m
->dns_ipv6_fd
>= 0)
945 return m
->dns_ipv6_fd
;
947 m
->dns_ipv6_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
948 if (m
->dns_ipv6_fd
< 0)
951 r
= setsockopt(m
->dns_ipv6_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
957 r
= sd_event_add_io(m
->event
, &m
->dns_ipv6_event_source
, m
->dns_ipv6_fd
, EPOLLIN
, on_dns_packet
, m
);
961 return m
->dns_ipv6_fd
;
964 m
->dns_ipv6_fd
= safe_close(m
->dns_ipv6_fd
);
968 static int sendmsg_loop(int fd
, struct msghdr
*mh
, int flags
) {
975 if (sendmsg(fd
, mh
, flags
) >= 0)
984 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
992 static int manager_ipv4_send(Manager
*m
, int fd
, int ifindex
, const struct in_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
993 union sockaddr_union sa
= {
994 .in
.sin_family
= AF_INET
,
997 struct cmsghdr header
; /* For alignment */
998 uint8_t buffer
[CMSG_SPACE(sizeof(struct in_pktinfo
))];
1000 struct msghdr mh
= {};
1009 iov
.iov_base
= DNS_PACKET_DATA(p
);
1010 iov
.iov_len
= p
->size
;
1012 sa
.in
.sin_addr
= *addr
;
1013 sa
.in
.sin_port
= htobe16(port
),
1017 mh
.msg_name
= &sa
.sa
;
1018 mh
.msg_namelen
= sizeof(sa
.in
);
1021 struct cmsghdr
*cmsg
;
1022 struct in_pktinfo
*pi
;
1026 mh
.msg_control
= &control
;
1027 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in_pktinfo
));
1029 cmsg
= CMSG_FIRSTHDR(&mh
);
1030 cmsg
->cmsg_len
= mh
.msg_controllen
;
1031 cmsg
->cmsg_level
= IPPROTO_IP
;
1032 cmsg
->cmsg_type
= IP_PKTINFO
;
1034 pi
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
1035 pi
->ipi_ifindex
= ifindex
;
1038 return sendmsg_loop(fd
, &mh
, 0);
1041 static int manager_ipv6_send(Manager
*m
, int fd
, int ifindex
, const struct in6_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
1042 union sockaddr_union sa
= {
1043 .in6
.sin6_family
= AF_INET6
,
1046 struct cmsghdr header
; /* For alignment */
1047 uint8_t buffer
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
1049 struct msghdr mh
= {};
1058 iov
.iov_base
= DNS_PACKET_DATA(p
);
1059 iov
.iov_len
= p
->size
;
1061 sa
.in6
.sin6_addr
= *addr
;
1062 sa
.in6
.sin6_port
= htobe16(port
),
1063 sa
.in6
.sin6_scope_id
= ifindex
;
1067 mh
.msg_name
= &sa
.sa
;
1068 mh
.msg_namelen
= sizeof(sa
.in6
);
1071 struct cmsghdr
*cmsg
;
1072 struct in6_pktinfo
*pi
;
1076 mh
.msg_control
= &control
;
1077 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in6_pktinfo
));
1079 cmsg
= CMSG_FIRSTHDR(&mh
);
1080 cmsg
->cmsg_len
= mh
.msg_controllen
;
1081 cmsg
->cmsg_level
= IPPROTO_IPV6
;
1082 cmsg
->cmsg_type
= IPV6_PKTINFO
;
1084 pi
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
1085 pi
->ipi6_ifindex
= ifindex
;
1088 return sendmsg_loop(fd
, &mh
, 0);
1091 int manager_send(Manager
*m
, int fd
, int ifindex
, int family
, const union in_addr_union
*addr
, uint16_t port
, DnsPacket
*p
) {
1098 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
), ifindex
, af_to_name(family
));
1100 if (family
== AF_INET
)
1101 return manager_ipv4_send(m
, fd
, ifindex
, &addr
->in
, port
, p
);
1102 else if (family
== AF_INET6
)
1103 return manager_ipv6_send(m
, fd
, ifindex
, &addr
->in6
, port
, p
);
1105 return -EAFNOSUPPORT
;
1108 DnsServer
* manager_find_dns_server(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1114 LIST_FOREACH(servers
, s
, m
->dns_servers
)
1115 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1118 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
)
1119 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1125 DnsServer
*manager_set_dns_server(Manager
*m
, DnsServer
*s
) {
1128 if (m
->current_dns_server
== s
)
1132 _cleanup_free_
char *ip
= NULL
;
1134 in_addr_to_string(s
->family
, &s
->address
, &ip
);
1135 log_info("Switching to system DNS server %s.", strna(ip
));
1138 m
->current_dns_server
= s
;
1140 if (m
->unicast_scope
)
1141 dns_cache_flush(&m
->unicast_scope
->cache
);
1146 DnsServer
*manager_get_dns_server(Manager
*m
) {
1150 /* Try to read updates resolv.conf */
1151 manager_read_resolv_conf(m
);
1153 if (!m
->current_dns_server
)
1154 manager_set_dns_server(m
, m
->dns_servers
);
1156 if (!m
->current_dns_server
) {
1160 /* No DNS servers configured, let's see if there are
1161 * any on any links. If not, we use the fallback
1164 HASHMAP_FOREACH(l
, m
->links
, i
)
1165 if (l
->dns_servers
) {
1171 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1174 return m
->current_dns_server
;
1177 void manager_next_dns_server(Manager
*m
) {
1180 /* If there's currently no DNS server set, then the next
1181 * manager_get_dns_server() will find one */
1182 if (!m
->current_dns_server
)
1185 /* Change to the next one */
1186 if (m
->current_dns_server
->servers_next
) {
1187 manager_set_dns_server(m
, m
->current_dns_server
->servers_next
);
1191 /* If there was no next one, then start from the beginning of
1193 if (m
->current_dns_server
->type
== DNS_SERVER_FALLBACK
)
1194 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1196 manager_set_dns_server(m
, m
->dns_servers
);
1199 uint32_t manager_find_mtu(Manager
*m
) {
1204 /* If we don't know on which link a DNS packet would be
1205 * delivered, let's find the largest MTU that works on all
1206 * interfaces we know of */
1208 HASHMAP_FOREACH(l
, m
->links
, i
) {
1212 if (mtu
<= 0 || l
->mtu
< mtu
)
1219 static int on_llmnr_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1220 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
1221 DnsTransaction
*t
= NULL
;
1222 Manager
*m
= userdata
;
1226 r
= manager_recv(m
, fd
, DNS_PROTOCOL_LLMNR
, &p
);
1230 scope
= manager_find_scope(m
, p
);
1232 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1236 if (dns_packet_validate_reply(p
) > 0) {
1237 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p
));
1239 dns_scope_check_conflicts(scope
, p
);
1241 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
1243 dns_transaction_process_reply(t
, p
);
1245 } else if (dns_packet_validate_query(p
) > 0) {
1246 log_debug("Got query packet for id %u", DNS_PACKET_ID(p
));
1248 dns_scope_process_query(scope
, NULL
, p
);
1250 log_debug("Invalid LLMNR UDP packet.");
1255 int manager_llmnr_ipv4_udp_fd(Manager
*m
) {
1256 union sockaddr_union sa
= {
1257 .in
.sin_family
= AF_INET
,
1258 .in
.sin_port
= htobe16(5355),
1260 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
, ttl
= 255;
1265 if (m
->llmnr_ipv4_udp_fd
>= 0)
1266 return m
->llmnr_ipv4_udp_fd
;
1268 m
->llmnr_ipv4_udp_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1269 if (m
->llmnr_ipv4_udp_fd
< 0)
1272 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1273 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_TTL
, &ttl
, sizeof(ttl
));
1279 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_TTL
, &ttl
, sizeof(ttl
));
1285 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_LOOP
, &one
, sizeof(one
));
1291 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1297 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1303 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1309 /* Disable Don't-Fragment bit in the IP header */
1310 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1316 r
= bind(m
->llmnr_ipv4_udp_fd
, &sa
.sa
, sizeof(sa
.in
));
1322 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_udp_event_source
, m
->llmnr_ipv4_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1326 return m
->llmnr_ipv4_udp_fd
;
1329 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
1333 int manager_llmnr_ipv6_udp_fd(Manager
*m
) {
1334 union sockaddr_union sa
= {
1335 .in6
.sin6_family
= AF_INET6
,
1336 .in6
.sin6_port
= htobe16(5355),
1338 static const int one
= 1, ttl
= 255;
1343 if (m
->llmnr_ipv6_udp_fd
>= 0)
1344 return m
->llmnr_ipv6_udp_fd
;
1346 m
->llmnr_ipv6_udp_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1347 if (m
->llmnr_ipv6_udp_fd
< 0)
1350 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &ttl
, sizeof(ttl
));
1356 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1357 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_HOPS
, &ttl
, sizeof(ttl
));
1363 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_LOOP
, &one
, sizeof(one
));
1369 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1375 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1381 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1387 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1393 r
= bind(m
->llmnr_ipv6_udp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1399 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_udp_event_source
, m
->llmnr_ipv6_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1405 return m
->llmnr_ipv6_udp_fd
;
1408 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
1412 static int on_llmnr_stream_packet(DnsStream
*s
) {
1417 scope
= manager_find_scope(s
->manager
, s
->read_packet
);
1419 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1423 if (dns_packet_validate_query(s
->read_packet
) > 0) {
1424 log_debug("Got query packet for id %u", DNS_PACKET_ID(s
->read_packet
));
1426 dns_scope_process_query(scope
, s
, s
->read_packet
);
1428 /* If no reply packet was set, we free the stream */
1429 if (s
->write_packet
)
1432 log_debug("Invalid LLMNR TCP packet.");
1438 static int on_llmnr_stream(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1440 Manager
*m
= userdata
;
1443 cfd
= accept4(fd
, NULL
, NULL
, SOCK_NONBLOCK
|SOCK_CLOEXEC
);
1445 if (errno
== EAGAIN
|| errno
== EINTR
)
1451 r
= dns_stream_new(m
, &stream
, DNS_PROTOCOL_LLMNR
, cfd
);
1457 stream
->on_packet
= on_llmnr_stream_packet
;
1461 int manager_llmnr_ipv4_tcp_fd(Manager
*m
) {
1462 union sockaddr_union sa
= {
1463 .in
.sin_family
= AF_INET
,
1464 .in
.sin_port
= htobe16(5355),
1466 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
;
1471 if (m
->llmnr_ipv4_tcp_fd
>= 0)
1472 return m
->llmnr_ipv4_tcp_fd
;
1474 m
->llmnr_ipv4_tcp_fd
= socket(AF_INET
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1475 if (m
->llmnr_ipv4_tcp_fd
< 0)
1478 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1479 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_TTL
, &one
, sizeof(one
));
1485 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1491 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1497 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1503 /* Disable Don't-Fragment bit in the IP header */
1504 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1510 r
= bind(m
->llmnr_ipv4_tcp_fd
, &sa
.sa
, sizeof(sa
.in
));
1516 r
= listen(m
->llmnr_ipv4_tcp_fd
, SOMAXCONN
);
1522 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_tcp_event_source
, m
->llmnr_ipv4_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1526 return m
->llmnr_ipv4_tcp_fd
;
1529 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
1533 int manager_llmnr_ipv6_tcp_fd(Manager
*m
) {
1534 union sockaddr_union sa
= {
1535 .in6
.sin6_family
= AF_INET6
,
1536 .in6
.sin6_port
= htobe16(5355),
1538 static const int one
= 1;
1543 if (m
->llmnr_ipv6_tcp_fd
>= 0)
1544 return m
->llmnr_ipv6_tcp_fd
;
1546 m
->llmnr_ipv6_tcp_fd
= socket(AF_INET6
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1547 if (m
->llmnr_ipv6_tcp_fd
< 0)
1550 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1551 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &one
, sizeof(one
));
1557 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1563 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1569 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1575 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1581 r
= bind(m
->llmnr_ipv6_tcp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1587 r
= listen(m
->llmnr_ipv6_tcp_fd
, SOMAXCONN
);
1593 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_tcp_event_source
, m
->llmnr_ipv6_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1599 return m
->llmnr_ipv6_tcp_fd
;
1602 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
1606 int manager_ifindex_is_loopback(Manager
*m
, int ifindex
) {
1613 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
1614 if (l
->flags
& IFF_LOOPBACK
)
1620 int manager_find_ifindex(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1625 a
= manager_find_link_address(m
, family
, in_addr
);
1627 return a
->link
->ifindex
;
1632 void manager_refresh_rrs(Manager
*m
) {
1638 m
->host_ipv4_key
= dns_resource_key_unref(m
->host_ipv4_key
);
1639 m
->host_ipv6_key
= dns_resource_key_unref(m
->host_ipv6_key
);
1641 HASHMAP_FOREACH(l
, m
->links
, i
) {
1642 link_add_rrs(l
, true);
1643 link_add_rrs(l
, false);
1647 int manager_next_hostname(Manager
*m
) {
1654 p
= strchr(m
->hostname
, 0);
1657 while (p
> m
->hostname
) {
1658 if (!strchr("0123456789", p
[-1]))
1664 if (*p
== 0 || safe_atou64(p
, &u
) < 0 || u
<= 0)
1667 /* Add a random number to the old value. This way we can avoid
1668 * that two hosts pick the same hostname, win on IPv4 and lose
1669 * on IPv6 (or vice versa), and pick the same hostname
1670 * replacement hostname, ad infinitum. We still want the
1671 * numbers to go up monotonically, hence we just add a random
1674 random_bytes(&a
, sizeof(a
));
1677 if (asprintf(&h
, "%.*s%" PRIu64
, (int) (p
- m
->hostname
), m
->hostname
, u
) < 0)
1680 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m
->hostname
, h
);
1685 manager_refresh_rrs(m
);
1690 LinkAddress
* manager_find_link_address(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1696 HASHMAP_FOREACH(l
, m
->links
, i
) {
1699 a
= link_find_address(l
, family
, in_addr
);
1707 bool manager_our_packet(Manager
*m
, DnsPacket
*p
) {
1711 return !!manager_find_link_address(m
, p
->family
, &p
->sender
);
1714 DnsScope
* manager_find_scope(Manager
*m
, DnsPacket
*p
) {
1720 l
= hashmap_get(m
->links
, INT_TO_PTR(p
->ifindex
));
1724 if (p
->protocol
== DNS_PROTOCOL_LLMNR
) {
1725 if (p
->family
== AF_INET
)
1726 return l
->llmnr_ipv4_scope
;
1727 else if (p
->family
== AF_INET6
)
1728 return l
->llmnr_ipv6_scope
;
1734 void manager_verify_all(Manager
*m
) {
1739 LIST_FOREACH(scopes
, s
, m
->dns_scopes
)
1740 dns_zone_verify_all(&s
->zone
);
1743 static const char* const support_table
[_SUPPORT_MAX
] = {
1744 [SUPPORT_NO
] = "no",
1745 [SUPPORT_YES
] = "yes",
1746 [SUPPORT_RESOLVE
] = "resolve",
1748 DEFINE_STRING_TABLE_LOOKUP(support
, Support
);