1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2014 Tom Gundersen <teg@jklm.no>
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
21 #include <netinet/in.h>
23 #include <stdio_ext.h>
24 #include <sys/ioctl.h>
31 #include "alloc-util.h"
32 #include "dirent-util.h"
33 #include "dns-domain.h"
35 #include "fileio-label.h"
36 #include "hostname-util.h"
38 #include "netlink-util.h"
39 #include "network-internal.h"
40 #include "ordered-set.h"
41 #include "parse-util.h"
42 #include "random-util.h"
43 #include "resolved-bus.h"
44 #include "resolved-conf.h"
45 #include "resolved-dnssd.h"
46 #include "resolved-dns-stub.h"
47 #include "resolved-etc-hosts.h"
48 #include "resolved-llmnr.h"
49 #include "resolved-manager.h"
50 #include "resolved-mdns.h"
51 #include "resolved-resolv-conf.h"
52 #include "socket-util.h"
53 #include "string-table.h"
54 #include "string-util.h"
57 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
59 static int manager_process_link(sd_netlink
*rtnl
, sd_netlink_message
*mm
, void *userdata
) {
60 Manager
*m
= userdata
;
69 r
= sd_netlink_message_get_type(mm
, &type
);
73 r
= sd_rtnl_message_link_get_ifindex(mm
, &ifindex
);
77 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
85 r
= link_new(m
, &l
, ifindex
);
90 r
= link_process_rtnl(l
, mm
);
99 log_debug("Found new link %i/%s", ifindex
, l
->name
);
106 log_debug("Removing link %i/%s", l
->ifindex
, l
->name
);
117 log_warning_errno(r
, "Failed to process RTNL link message: %m");
121 static int manager_process_address(sd_netlink
*rtnl
, sd_netlink_message
*mm
, void *userdata
) {
122 Manager
*m
= userdata
;
123 union in_addr_union address
;
125 int r
, ifindex
, family
;
133 r
= sd_netlink_message_get_type(mm
, &type
);
137 r
= sd_rtnl_message_addr_get_ifindex(mm
, &ifindex
);
141 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
145 r
= sd_rtnl_message_addr_get_family(mm
, &family
);
152 r
= sd_netlink_message_read_in_addr(mm
, IFA_LOCAL
, &address
.in
);
154 r
= sd_netlink_message_read_in_addr(mm
, IFA_ADDRESS
, &address
.in
);
162 r
= sd_netlink_message_read_in6_addr(mm
, IFA_LOCAL
, &address
.in6
);
164 r
= sd_netlink_message_read_in6_addr(mm
, IFA_ADDRESS
, &address
.in6
);
175 a
= link_find_address(l
, family
, &address
);
182 r
= link_address_new(l
, &a
, family
, &address
);
187 r
= link_address_update_rtnl(a
, mm
);
194 link_address_free(a
);
201 log_warning_errno(r
, "Failed to process RTNL address message: %m");
205 static int manager_rtnl_listen(Manager
*m
) {
206 _cleanup_(sd_netlink_message_unrefp
) sd_netlink_message
*req
= NULL
, *reply
= NULL
;
207 sd_netlink_message
*i
;
212 /* First, subscribe to interfaces coming and going */
213 r
= sd_netlink_open(&m
->rtnl
);
217 r
= sd_netlink_attach_event(m
->rtnl
, m
->event
, SD_EVENT_PRIORITY_IMPORTANT
);
221 r
= sd_netlink_add_match(m
->rtnl
, RTM_NEWLINK
, manager_process_link
, m
);
225 r
= sd_netlink_add_match(m
->rtnl
, RTM_DELLINK
, manager_process_link
, m
);
229 r
= sd_netlink_add_match(m
->rtnl
, RTM_NEWADDR
, manager_process_address
, m
);
233 r
= sd_netlink_add_match(m
->rtnl
, RTM_DELADDR
, manager_process_address
, m
);
237 /* Then, enumerate all links */
238 r
= sd_rtnl_message_new_link(m
->rtnl
, &req
, RTM_GETLINK
, 0);
242 r
= sd_netlink_message_request_dump(req
, true);
246 r
= sd_netlink_call(m
->rtnl
, req
, 0, &reply
);
250 for (i
= reply
; i
; i
= sd_netlink_message_next(i
)) {
251 r
= manager_process_link(m
->rtnl
, i
, m
);
256 req
= sd_netlink_message_unref(req
);
257 reply
= sd_netlink_message_unref(reply
);
259 /* Finally, enumerate all addresses, too */
260 r
= sd_rtnl_message_new_addr(m
->rtnl
, &req
, RTM_GETADDR
, 0, AF_UNSPEC
);
264 r
= sd_netlink_message_request_dump(req
, true);
268 r
= sd_netlink_call(m
->rtnl
, req
, 0, &reply
);
272 for (i
= reply
; i
; i
= sd_netlink_message_next(i
)) {
273 r
= manager_process_address(m
->rtnl
, i
, m
);
281 static int on_network_event(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
282 Manager
*m
= userdata
;
289 sd_network_monitor_flush(m
->network_monitor
);
291 HASHMAP_FOREACH(l
, m
->links
, i
) {
294 log_warning_errno(r
, "Failed to update monitor information for %i: %m", l
->ifindex
);
297 (void) manager_write_resolv_conf(m
);
302 static int manager_network_monitor_listen(Manager
*m
) {
307 r
= sd_network_monitor_new(&m
->network_monitor
, NULL
);
311 fd
= sd_network_monitor_get_fd(m
->network_monitor
);
315 events
= sd_network_monitor_get_events(m
->network_monitor
);
319 r
= sd_event_add_io(m
->event
, &m
->network_event_source
, fd
, events
, &on_network_event
, m
);
323 r
= sd_event_source_set_priority(m
->network_event_source
, SD_EVENT_PRIORITY_IMPORTANT
+5);
327 (void) sd_event_source_set_description(m
->network_event_source
, "network-monitor");
332 static int determine_hostname(char **full_hostname
, char **llmnr_hostname
, char **mdns_hostname
) {
333 _cleanup_free_
char *h
= NULL
, *n
= NULL
;
335 _cleanup_free_
char *utf8
= NULL
;
339 char label
[DNS_LABEL_MAX
];
340 const char *p
, *decoded
;
343 assert(full_hostname
);
344 assert(llmnr_hostname
);
345 assert(mdns_hostname
);
347 /* Extract and normalize the first label of the locally configured hostname, and check it's not "localhost". */
349 r
= gethostname_strict(&h
);
351 return log_debug_errno(r
, "Can't determine system hostname: %m");
354 r
= dns_label_unescape(&p
, label
, sizeof label
);
356 return log_error_errno(r
, "Failed to unescape host name: %m");
358 log_error("Couldn't find a single label in hostname.");
363 r
= idn2_to_unicode_8z8z(label
, &utf8
, 0);
365 return log_error("Failed to undo IDNA: %s", idn2_strerror(r
));
366 assert(utf8_is_valid(utf8
));
371 k
= dns_label_undo_idna(label
, r
, label
, sizeof label
);
373 return log_error_errno(k
, "Failed to undo IDNA: %m");
377 if (!utf8_is_valid(label
)) {
378 log_error("System hostname is not UTF-8 clean.");
383 decoded
= label
; /* no decoding */
386 r
= dns_label_escape_new(decoded
, r
, &n
);
388 return log_error_errno(r
, "Failed to escape host name: %m");
390 if (is_localhost(n
)) {
391 log_debug("System hostname is 'localhost', ignoring.");
395 r
= dns_name_concat(n
, "local", mdns_hostname
);
397 return log_error_errno(r
, "Failed to determine mDNS hostname: %m");
399 *llmnr_hostname
= TAKE_PTR(n
);
400 *full_hostname
= TAKE_PTR(h
);
405 static const char *fallback_hostname(void) {
407 /* Determine the fall back hostname. For exposing this system to the outside world, we cannot have it to be
408 * "localhost" even if that's the compiled in hostname. In this case, let's revert to "linux" instead. */
410 if (is_localhost(FALLBACK_HOSTNAME
))
413 return FALLBACK_HOSTNAME
;
416 static int make_fallback_hostnames(char **full_hostname
, char **llmnr_hostname
, char **mdns_hostname
) {
417 _cleanup_free_
char *n
= NULL
, *m
= NULL
;
418 char label
[DNS_LABEL_MAX
], *h
;
422 assert(full_hostname
);
423 assert(llmnr_hostname
);
424 assert(mdns_hostname
);
426 p
= fallback_hostname();
427 r
= dns_label_unescape(&p
, label
, sizeof(label
));
429 return log_error_errno(r
, "Failed to unescape fallback host name: %m");
431 assert(r
> 0); /* The fallback hostname must have at least one label */
433 r
= dns_label_escape_new(label
, r
, &n
);
435 return log_error_errno(r
, "Failed to escape fallback hostname: %m");
437 r
= dns_name_concat(n
, "local", &m
);
439 return log_error_errno(r
, "Failed to concatenate mDNS hostname: %m");
441 h
= strdup(fallback_hostname());
445 *llmnr_hostname
= TAKE_PTR(n
);
446 *mdns_hostname
= TAKE_PTR(m
);
453 static int on_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
454 _cleanup_free_
char *full_hostname
= NULL
, *llmnr_hostname
= NULL
, *mdns_hostname
= NULL
;
455 Manager
*m
= userdata
;
460 r
= determine_hostname(&full_hostname
, &llmnr_hostname
, &mdns_hostname
);
462 return 0; /* ignore invalid hostnames */
464 if (streq(full_hostname
, m
->full_hostname
) &&
465 streq(llmnr_hostname
, m
->llmnr_hostname
) &&
466 streq(mdns_hostname
, m
->mdns_hostname
))
469 log_info("System hostname changed to '%s'.", full_hostname
);
471 free_and_replace(m
->full_hostname
, full_hostname
);
472 free_and_replace(m
->llmnr_hostname
, llmnr_hostname
);
473 free_and_replace(m
->mdns_hostname
, mdns_hostname
);
475 manager_refresh_rrs(m
);
480 static int manager_watch_hostname(Manager
*m
) {
485 m
->hostname_fd
= open("/proc/sys/kernel/hostname",
486 O_RDONLY
|O_CLOEXEC
|O_NONBLOCK
|O_NOCTTY
);
487 if (m
->hostname_fd
< 0) {
488 log_warning_errno(errno
, "Failed to watch hostname: %m");
492 r
= sd_event_add_io(m
->event
, &m
->hostname_event_source
, m
->hostname_fd
, 0, on_hostname_change
, m
);
495 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
496 m
->hostname_fd
= safe_close(m
->hostname_fd
);
498 return log_error_errno(r
, "Failed to add hostname event source: %m");
501 (void) sd_event_source_set_description(m
->hostname_event_source
, "hostname");
503 r
= determine_hostname(&m
->full_hostname
, &m
->llmnr_hostname
, &m
->mdns_hostname
);
505 log_info("Defaulting to hostname '%s'.", fallback_hostname());
507 r
= make_fallback_hostnames(&m
->full_hostname
, &m
->llmnr_hostname
, &m
->mdns_hostname
);
511 log_info("Using system hostname '%s'.", m
->full_hostname
);
516 static int manager_sigusr1(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
517 _cleanup_free_
char *buffer
= NULL
;
518 _cleanup_fclose_
FILE *f
= NULL
;
519 Manager
*m
= userdata
;
530 f
= open_memstream(&buffer
, &size
);
534 (void) __fsetlocking(f
, FSETLOCKING_BYCALLER
);
536 LIST_FOREACH(scopes
, scope
, m
->dns_scopes
)
537 dns_scope_dump(scope
, f
);
539 LIST_FOREACH(servers
, server
, m
->dns_servers
)
540 dns_server_dump(server
, f
);
541 LIST_FOREACH(servers
, server
, m
->fallback_dns_servers
)
542 dns_server_dump(server
, f
);
543 HASHMAP_FOREACH(l
, m
->links
, i
)
544 LIST_FOREACH(servers
, server
, l
->dns_servers
)
545 dns_server_dump(server
, f
);
547 if (fflush_and_check(f
) < 0)
550 log_dump(LOG_INFO
, buffer
);
554 static int manager_sigusr2(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
555 Manager
*m
= userdata
;
561 manager_flush_caches(m
);
566 static int manager_sigrtmin1(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
567 Manager
*m
= userdata
;
573 manager_reset_server_features(m
);
577 int manager_new(Manager
**ret
) {
578 _cleanup_(manager_freep
) Manager
*m
= NULL
;
583 m
= new0(Manager
, 1);
587 m
->llmnr_ipv4_udp_fd
= m
->llmnr_ipv6_udp_fd
= -1;
588 m
->llmnr_ipv4_tcp_fd
= m
->llmnr_ipv6_tcp_fd
= -1;
589 m
->mdns_ipv4_fd
= m
->mdns_ipv6_fd
= -1;
590 m
->dns_stub_udp_fd
= m
->dns_stub_tcp_fd
= -1;
593 m
->llmnr_support
= RESOLVE_SUPPORT_YES
;
594 m
->mdns_support
= RESOLVE_SUPPORT_YES
;
595 m
->dnssec_mode
= DEFAULT_DNSSEC_MODE
;
596 m
->enable_cache
= true;
597 m
->dns_stub_listener_mode
= DNS_STUB_LISTENER_UDP
;
598 m
->read_resolv_conf
= true;
599 m
->need_builtin_fallbacks
= true;
600 m
->etc_hosts_last
= m
->etc_hosts_mtime
= USEC_INFINITY
;
602 r
= dns_trust_anchor_load(&m
->trust_anchor
);
606 r
= manager_parse_config_file(m
);
608 log_warning_errno(r
, "Failed to parse configuration file: %m");
610 r
= sd_event_default(&m
->event
);
614 sd_event_add_signal(m
->event
, NULL
, SIGTERM
, NULL
, NULL
);
615 sd_event_add_signal(m
->event
, NULL
, SIGINT
, NULL
, NULL
);
617 sd_event_set_watchdog(m
->event
, true);
619 r
= manager_watch_hostname(m
);
625 log_warning_errno(r
, "Failed to load DNS-SD configuration files: %m");
627 r
= dns_scope_new(m
, &m
->unicast_scope
, NULL
, DNS_PROTOCOL_DNS
, AF_UNSPEC
);
631 r
= manager_network_monitor_listen(m
);
635 r
= manager_rtnl_listen(m
);
639 r
= manager_connect_bus(m
);
643 (void) sd_event_add_signal(m
->event
, &m
->sigusr1_event_source
, SIGUSR1
, manager_sigusr1
, m
);
644 (void) sd_event_add_signal(m
->event
, &m
->sigusr2_event_source
, SIGUSR2
, manager_sigusr2
, m
);
645 (void) sd_event_add_signal(m
->event
, &m
->sigrtmin1_event_source
, SIGRTMIN
+1, manager_sigrtmin1
, m
);
647 manager_cleanup_saved_user(m
);
655 int manager_start(Manager
*m
) {
660 r
= manager_dns_stub_start(m
);
667 Manager
*manager_free(Manager
*m
) {
674 dns_server_unlink_all(m
->dns_servers
);
675 dns_server_unlink_all(m
->fallback_dns_servers
);
676 dns_search_domain_unlink_all(m
->search_domains
);
678 while ((l
= hashmap_first(m
->links
)))
681 while (m
->dns_queries
)
682 dns_query_free(m
->dns_queries
);
684 dns_scope_free(m
->unicast_scope
);
686 /* At this point only orphaned streams should remain. All others should have been freed already by their
688 while (m
->dns_streams
)
689 dns_stream_unref(m
->dns_streams
);
691 hashmap_free(m
->links
);
692 hashmap_free(m
->dns_transactions
);
694 sd_event_source_unref(m
->network_event_source
);
695 sd_network_monitor_unref(m
->network_monitor
);
697 sd_netlink_unref(m
->rtnl
);
698 sd_event_source_unref(m
->rtnl_event_source
);
700 manager_llmnr_stop(m
);
701 manager_mdns_stop(m
);
702 manager_dns_stub_stop(m
);
704 sd_bus_slot_unref(m
->prepare_for_sleep_slot
);
705 sd_event_source_unref(m
->bus_retry_event_source
);
706 sd_bus_unref(m
->bus
);
708 sd_event_source_unref(m
->sigusr1_event_source
);
709 sd_event_source_unref(m
->sigusr2_event_source
);
710 sd_event_source_unref(m
->sigrtmin1_event_source
);
712 sd_event_unref(m
->event
);
714 dns_resource_key_unref(m
->llmnr_host_ipv4_key
);
715 dns_resource_key_unref(m
->llmnr_host_ipv6_key
);
716 dns_resource_key_unref(m
->mdns_host_ipv4_key
);
717 dns_resource_key_unref(m
->mdns_host_ipv6_key
);
719 sd_event_source_unref(m
->hostname_event_source
);
720 safe_close(m
->hostname_fd
);
722 free(m
->full_hostname
);
723 free(m
->llmnr_hostname
);
724 free(m
->mdns_hostname
);
726 while ((s
= hashmap_first(m
->dnssd_services
)))
727 dnssd_service_free(s
);
728 hashmap_free(m
->dnssd_services
);
730 dns_trust_anchor_flush(&m
->trust_anchor
);
731 manager_etc_hosts_flush(m
);
736 int manager_recv(Manager
*m
, int fd
, DnsProtocol protocol
, DnsPacket
**ret
) {
737 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
739 struct cmsghdr header
; /* For alignment */
740 uint8_t buffer
[CMSG_SPACE(MAXSIZE(struct in_pktinfo
, struct in6_pktinfo
))
741 + CMSG_SPACE(int) /* ttl/hoplimit */
742 + EXTRA_CMSG_SPACE
/* kernel appears to require extra buffer space */];
744 union sockaddr_union sa
;
745 struct msghdr mh
= {};
746 struct cmsghdr
*cmsg
;
755 ms
= next_datagram_size_fd(fd
);
759 r
= dns_packet_new(&p
, protocol
, ms
, DNS_PACKET_SIZE_MAX
);
763 iov
.iov_base
= DNS_PACKET_DATA(p
);
764 iov
.iov_len
= p
->allocated
;
766 mh
.msg_name
= &sa
.sa
;
767 mh
.msg_namelen
= sizeof(sa
);
770 mh
.msg_control
= &control
;
771 mh
.msg_controllen
= sizeof(control
);
773 l
= recvmsg(fd
, &mh
, 0);
777 if (IN_SET(errno
, EAGAIN
, EINTR
))
783 assert(!(mh
.msg_flags
& MSG_CTRUNC
));
784 assert(!(mh
.msg_flags
& MSG_TRUNC
));
786 p
->size
= (size_t) l
;
788 p
->family
= sa
.sa
.sa_family
;
789 p
->ipproto
= IPPROTO_UDP
;
790 if (p
->family
== AF_INET
) {
791 p
->sender
.in
= sa
.in
.sin_addr
;
792 p
->sender_port
= be16toh(sa
.in
.sin_port
);
793 } else if (p
->family
== AF_INET6
) {
794 p
->sender
.in6
= sa
.in6
.sin6_addr
;
795 p
->sender_port
= be16toh(sa
.in6
.sin6_port
);
796 p
->ifindex
= sa
.in6
.sin6_scope_id
;
798 return -EAFNOSUPPORT
;
800 CMSG_FOREACH(cmsg
, &mh
) {
802 if (cmsg
->cmsg_level
== IPPROTO_IPV6
) {
803 assert(p
->family
== AF_INET6
);
805 switch (cmsg
->cmsg_type
) {
808 struct in6_pktinfo
*i
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
811 p
->ifindex
= i
->ipi6_ifindex
;
813 p
->destination
.in6
= i
->ipi6_addr
;
818 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
822 } else if (cmsg
->cmsg_level
== IPPROTO_IP
) {
823 assert(p
->family
== AF_INET
);
825 switch (cmsg
->cmsg_type
) {
828 struct in_pktinfo
*i
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
831 p
->ifindex
= i
->ipi_ifindex
;
833 p
->destination
.in
= i
->ipi_addr
;
838 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
844 /* The Linux kernel sets the interface index to the loopback
845 * device if the packet came from the local host since it
846 * avoids the routing table in such a case. Let's unset the
847 * interface index in such a case. */
848 if (p
->ifindex
== LOOPBACK_IFINDEX
)
851 if (protocol
!= DNS_PROTOCOL_DNS
) {
852 /* If we don't know the interface index still, we look for the
853 * first local interface with a matching address. Yuck! */
855 p
->ifindex
= manager_find_ifindex(m
, p
->family
, &p
->destination
);
864 static int sendmsg_loop(int fd
, struct msghdr
*mh
, int flags
) {
871 if (sendmsg(fd
, mh
, flags
) >= 0)
880 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
888 static int write_loop(int fd
, void *message
, size_t length
) {
895 if (write(fd
, message
, length
) >= 0)
904 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
912 int manager_write(Manager
*m
, int fd
, DnsPacket
*p
) {
915 log_debug("Sending %s packet with id %" PRIu16
".", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
));
917 r
= write_loop(fd
, DNS_PACKET_DATA(p
), p
->size
);
924 static int manager_ipv4_send(
928 const struct in_addr
*destination
,
930 const struct in_addr
*source
,
932 union sockaddr_union sa
= {
933 .in
.sin_family
= AF_INET
,
936 struct cmsghdr header
; /* For alignment */
937 uint8_t buffer
[CMSG_SPACE(sizeof(struct in_pktinfo
))];
939 struct msghdr mh
= {};
948 iov
.iov_base
= DNS_PACKET_DATA(p
);
949 iov
.iov_len
= p
->size
;
951 sa
.in
.sin_addr
= *destination
;
952 sa
.in
.sin_port
= htobe16(port
),
956 mh
.msg_name
= &sa
.sa
;
957 mh
.msg_namelen
= sizeof(sa
.in
);
960 struct cmsghdr
*cmsg
;
961 struct in_pktinfo
*pi
;
965 mh
.msg_control
= &control
;
966 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in_pktinfo
));
968 cmsg
= CMSG_FIRSTHDR(&mh
);
969 cmsg
->cmsg_len
= mh
.msg_controllen
;
970 cmsg
->cmsg_level
= IPPROTO_IP
;
971 cmsg
->cmsg_type
= IP_PKTINFO
;
973 pi
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
974 pi
->ipi_ifindex
= ifindex
;
977 pi
->ipi_spec_dst
= *source
;
980 return sendmsg_loop(fd
, &mh
, 0);
983 static int manager_ipv6_send(
987 const struct in6_addr
*destination
,
989 const struct in6_addr
*source
,
992 union sockaddr_union sa
= {
993 .in6
.sin6_family
= AF_INET6
,
996 struct cmsghdr header
; /* For alignment */
997 uint8_t buffer
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
999 struct msghdr mh
= {};
1004 assert(destination
);
1008 iov
.iov_base
= DNS_PACKET_DATA(p
);
1009 iov
.iov_len
= p
->size
;
1011 sa
.in6
.sin6_addr
= *destination
;
1012 sa
.in6
.sin6_port
= htobe16(port
),
1013 sa
.in6
.sin6_scope_id
= ifindex
;
1017 mh
.msg_name
= &sa
.sa
;
1018 mh
.msg_namelen
= sizeof(sa
.in6
);
1021 struct cmsghdr
*cmsg
;
1022 struct in6_pktinfo
*pi
;
1026 mh
.msg_control
= &control
;
1027 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in6_pktinfo
));
1029 cmsg
= CMSG_FIRSTHDR(&mh
);
1030 cmsg
->cmsg_len
= mh
.msg_controllen
;
1031 cmsg
->cmsg_level
= IPPROTO_IPV6
;
1032 cmsg
->cmsg_type
= IPV6_PKTINFO
;
1034 pi
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
1035 pi
->ipi6_ifindex
= ifindex
;
1038 pi
->ipi6_addr
= *source
;
1041 return sendmsg_loop(fd
, &mh
, 0);
1049 const union in_addr_union
*destination
,
1051 const union in_addr_union
*source
,
1056 assert(destination
);
1060 log_debug("Sending %s packet with id %" PRIu16
" on interface %i/%s.", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
), ifindex
, af_to_name(family
));
1062 if (family
== AF_INET
)
1063 return manager_ipv4_send(m
, fd
, ifindex
, &destination
->in
, port
, &source
->in
, p
);
1064 if (family
== AF_INET6
)
1065 return manager_ipv6_send(m
, fd
, ifindex
, &destination
->in6
, port
, &source
->in6
, p
);
1067 return -EAFNOSUPPORT
;
1070 uint32_t manager_find_mtu(Manager
*m
) {
1075 /* If we don't know on which link a DNS packet would be
1076 * delivered, let's find the largest MTU that works on all
1077 * interfaces we know of */
1079 HASHMAP_FOREACH(l
, m
->links
, i
) {
1083 if (mtu
<= 0 || l
->mtu
< mtu
)
1090 int manager_find_ifindex(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1095 a
= manager_find_link_address(m
, family
, in_addr
);
1097 return a
->link
->ifindex
;
1102 void manager_refresh_rrs(Manager
*m
) {
1109 m
->llmnr_host_ipv4_key
= dns_resource_key_unref(m
->llmnr_host_ipv4_key
);
1110 m
->llmnr_host_ipv6_key
= dns_resource_key_unref(m
->llmnr_host_ipv6_key
);
1111 m
->mdns_host_ipv4_key
= dns_resource_key_unref(m
->mdns_host_ipv4_key
);
1112 m
->mdns_host_ipv6_key
= dns_resource_key_unref(m
->mdns_host_ipv6_key
);
1114 if (m
->mdns_support
== RESOLVE_SUPPORT_YES
)
1115 HASHMAP_FOREACH(s
, m
->dnssd_services
, i
)
1116 if (dnssd_update_rrs(s
) < 0)
1117 log_warning("Failed to refresh DNS-SD service '%s'", s
->name
);
1119 HASHMAP_FOREACH(l
, m
->links
, i
) {
1120 link_add_rrs(l
, true);
1121 link_add_rrs(l
, false);
1125 static int manager_next_random_name(const char *old
, char **ret_new
) {
1134 if (!strchr(DIGITS
, p
[-1]))
1140 if (*p
== 0 || safe_atou64(p
, &u
) < 0 || u
<= 0)
1143 /* Add a random number to the old value. This way we can avoid
1144 * that two hosts pick the same hostname, win on IPv4 and lose
1145 * on IPv6 (or vice versa), and pick the same hostname
1146 * replacement hostname, ad infinitum. We still want the
1147 * numbers to go up monotonically, hence we just add a random
1150 random_bytes(&a
, sizeof(a
));
1153 if (asprintf(&n
, "%.*s%" PRIu64
, (int) (p
- old
), old
, u
) < 0)
1161 int manager_next_hostname(Manager
*m
) {
1162 _cleanup_free_
char *h
= NULL
, *k
= NULL
;
1167 r
= manager_next_random_name(m
->llmnr_hostname
, &h
);
1171 r
= dns_name_concat(h
, "local", &k
);
1175 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m
->llmnr_hostname
, h
);
1177 free_and_replace(m
->llmnr_hostname
, h
);
1178 free_and_replace(m
->mdns_hostname
, k
);
1180 manager_refresh_rrs(m
);
1185 LinkAddress
* manager_find_link_address(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1191 HASHMAP_FOREACH(l
, m
->links
, i
) {
1194 a
= link_find_address(l
, family
, in_addr
);
1202 bool manager_our_packet(Manager
*m
, DnsPacket
*p
) {
1206 return !!manager_find_link_address(m
, p
->family
, &p
->sender
);
1209 DnsScope
* manager_find_scope(Manager
*m
, DnsPacket
*p
) {
1215 l
= hashmap_get(m
->links
, INT_TO_PTR(p
->ifindex
));
1219 switch (p
->protocol
) {
1220 case DNS_PROTOCOL_LLMNR
:
1221 if (p
->family
== AF_INET
)
1222 return l
->llmnr_ipv4_scope
;
1223 else if (p
->family
== AF_INET6
)
1224 return l
->llmnr_ipv6_scope
;
1228 case DNS_PROTOCOL_MDNS
:
1229 if (p
->family
== AF_INET
)
1230 return l
->mdns_ipv4_scope
;
1231 else if (p
->family
== AF_INET6
)
1232 return l
->mdns_ipv6_scope
;
1243 void manager_verify_all(Manager
*m
) {
1248 LIST_FOREACH(scopes
, s
, m
->dns_scopes
)
1249 dns_zone_verify_all(&s
->zone
);
1252 int manager_is_own_hostname(Manager
*m
, const char *name
) {
1258 if (m
->llmnr_hostname
) {
1259 r
= dns_name_equal(name
, m
->llmnr_hostname
);
1264 if (m
->mdns_hostname
) {
1265 r
= dns_name_equal(name
, m
->mdns_hostname
);
1270 if (m
->full_hostname
)
1271 return dns_name_equal(name
, m
->full_hostname
);
1276 int manager_compile_dns_servers(Manager
*m
, OrderedSet
**dns
) {
1285 r
= ordered_set_ensure_allocated(dns
, &dns_server_hash_ops
);
1289 /* First add the system-wide servers and domains */
1290 LIST_FOREACH(servers
, s
, m
->dns_servers
) {
1291 r
= ordered_set_put(*dns
, s
);
1298 /* Then, add the per-link servers */
1299 HASHMAP_FOREACH(l
, m
->links
, i
) {
1300 LIST_FOREACH(servers
, s
, l
->dns_servers
) {
1301 r
= ordered_set_put(*dns
, s
);
1309 /* If we found nothing, add the fallback servers */
1310 if (ordered_set_isempty(*dns
)) {
1311 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
) {
1312 r
= ordered_set_put(*dns
, s
);
1323 /* filter_route is a tri-state:
1325 * = 0 or false: return only domains which should be used for searching
1326 * > 0 or true: return only domains which are for routing only
1328 int manager_compile_search_domains(Manager
*m
, OrderedSet
**domains
, int filter_route
) {
1337 r
= ordered_set_ensure_allocated(domains
, &dns_name_hash_ops
);
1341 LIST_FOREACH(domains
, d
, m
->search_domains
) {
1343 if (filter_route
>= 0 &&
1344 d
->route_only
!= !!filter_route
)
1347 r
= ordered_set_put(*domains
, d
->name
);
1354 HASHMAP_FOREACH(l
, m
->links
, i
) {
1356 LIST_FOREACH(domains
, d
, l
->search_domains
) {
1358 if (filter_route
>= 0 &&
1359 d
->route_only
!= !!filter_route
)
1362 r
= ordered_set_put(*domains
, d
->name
);
1373 DnssecMode
manager_get_dnssec_mode(Manager
*m
) {
1376 if (m
->dnssec_mode
!= _DNSSEC_MODE_INVALID
)
1377 return m
->dnssec_mode
;
1382 bool manager_dnssec_supported(Manager
*m
) {
1389 if (manager_get_dnssec_mode(m
) == DNSSEC_NO
)
1392 server
= manager_get_dns_server(m
);
1393 if (server
&& !dns_server_dnssec_supported(server
))
1396 HASHMAP_FOREACH(l
, m
->links
, i
)
1397 if (!link_dnssec_supported(l
))
1403 void manager_dnssec_verdict(Manager
*m
, DnssecVerdict verdict
, const DnsResourceKey
*key
) {
1405 assert(verdict
>= 0);
1406 assert(verdict
< _DNSSEC_VERDICT_MAX
);
1408 if (DEBUG_LOGGING
) {
1409 char s
[DNS_RESOURCE_KEY_STRING_MAX
];
1411 log_debug("Found verdict for lookup %s: %s",
1412 dns_resource_key_to_string(key
, s
, sizeof s
),
1413 dnssec_verdict_to_string(verdict
));
1416 m
->n_dnssec_verdict
[verdict
]++;
1419 bool manager_routable(Manager
*m
, int family
) {
1425 /* Returns true if the host has at least one interface with a routable address of the specified type */
1427 HASHMAP_FOREACH(l
, m
->links
, i
)
1428 if (link_relevant(l
, family
, false))
1434 void manager_flush_caches(Manager
*m
) {
1439 LIST_FOREACH(scopes
, scope
, m
->dns_scopes
)
1440 dns_cache_flush(&scope
->cache
);
1442 log_info("Flushed all caches.");
1445 void manager_reset_server_features(Manager
*m
) {
1449 dns_server_reset_features_all(m
->dns_servers
);
1450 dns_server_reset_features_all(m
->fallback_dns_servers
);
1452 HASHMAP_FOREACH(l
, m
->links
, i
)
1453 dns_server_reset_features_all(l
->dns_servers
);
1455 log_info("Resetting learnt feature levels on all servers.");
1458 void manager_cleanup_saved_user(Manager
*m
) {
1459 _cleanup_closedir_
DIR *d
= NULL
;
1465 /* Clean up all saved per-link files in /run/systemd/resolve/netif/ that don't have a matching interface
1466 * anymore. These files are created to persist settings pushed in by the user via the bus, so that resolved can
1467 * be restarted without losing this data. */
1469 d
= opendir("/run/systemd/resolve/netif/");
1471 if (errno
== ENOENT
)
1474 log_warning_errno(errno
, "Failed to open interface directory: %m");
1478 FOREACH_DIRENT_ALL(de
, d
, log_error_errno(errno
, "Failed to read interface directory: %m")) {
1479 _cleanup_free_
char *p
= NULL
;
1483 if (!IN_SET(de
->d_type
, DT_UNKNOWN
, DT_REG
))
1486 if (dot_or_dot_dot(de
->d_name
))
1489 r
= parse_ifindex(de
->d_name
, &ifindex
);
1490 if (r
< 0) /* Probably some temporary file from a previous run. Delete it */
1493 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
1494 if (!l
) /* link vanished */
1497 if (l
->is_managed
) /* now managed by networkd, hence the bus settings are useless */
1503 p
= strappend("/run/systemd/resolve/netif/", de
->d_name
);
1513 bool manager_next_dnssd_names(Manager
*m
) {
1521 HASHMAP_FOREACH(s
, m
->dnssd_services
, i
) {
1522 _cleanup_free_
char * new_name
= NULL
;
1527 r
= manager_next_random_name(s
->name_template
, &new_name
);
1529 log_warning_errno(r
, "Failed to get new name for service '%s': %m", s
->name
);
1533 free_and_replace(s
->name_template
, new_name
);
1535 s
->withdrawn
= false;
1541 manager_refresh_rrs(m
);