]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/resolve/resolved-mdns.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #5131 from keszybz/environment-generators
[thirdparty/systemd.git] / src / resolve / resolved-mdns.c
1 /***
2 This file is part of systemd.
3
4 Copyright 2015 Daniel Mack
5
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
10
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
18 ***/
19
20 #include <resolv.h>
21 #include <netinet/in.h>
22 #include <arpa/inet.h>
23
24 #include "fd-util.h"
25 #include "resolved-manager.h"
26 #include "resolved-mdns.h"
27
28 void manager_mdns_stop(Manager *m) {
29 assert(m);
30
31 m->mdns_ipv4_event_source = sd_event_source_unref(m->mdns_ipv4_event_source);
32 m->mdns_ipv4_fd = safe_close(m->mdns_ipv4_fd);
33
34 m->mdns_ipv6_event_source = sd_event_source_unref(m->mdns_ipv6_event_source);
35 m->mdns_ipv6_fd = safe_close(m->mdns_ipv6_fd);
36 }
37
38 int manager_mdns_start(Manager *m) {
39 int r;
40
41 assert(m);
42
43 if (m->mdns_support == RESOLVE_SUPPORT_NO)
44 return 0;
45
46 r = manager_mdns_ipv4_fd(m);
47 if (r == -EADDRINUSE)
48 goto eaddrinuse;
49 if (r < 0)
50 return r;
51
52 if (socket_ipv6_is_supported()) {
53 r = manager_mdns_ipv6_fd(m);
54 if (r == -EADDRINUSE)
55 goto eaddrinuse;
56 if (r < 0)
57 return r;
58 }
59
60 return 0;
61
62 eaddrinuse:
63 log_warning("There appears to be another mDNS responder running. Turning off mDNS support.");
64 m->mdns_support = RESOLVE_SUPPORT_NO;
65 manager_mdns_stop(m);
66
67 return 0;
68 }
69
70 static int mdns_scope_process_query(DnsScope *s, DnsPacket *p) {
71 _cleanup_(dns_answer_unrefp) DnsAnswer *answer = NULL, *soa = NULL;
72 _cleanup_(dns_packet_unrefp) DnsPacket *reply = NULL;
73 DnsResourceKey *key = NULL;
74 bool tentative = false;
75 int r;
76
77 assert(s);
78 assert(p);
79
80 r = dns_packet_extract(p);
81 if (r < 0)
82 return log_debug_errno(r, "Failed to extract resource records from incoming packet: %m");
83
84 /* TODO: there might be more than one question in mDNS queries. */
85 assert_return((dns_question_size(p->question) > 0), -EINVAL);
86 key = p->question->keys[0];
87
88 r = dns_zone_lookup(&s->zone, key, 0, &answer, &soa, &tentative);
89 if (r < 0) {
90 log_debug_errno(r, "Failed to lookup key: %m");
91 return r;
92 }
93 if (r == 0)
94 return 0;
95
96 r = dns_scope_make_reply_packet(s, DNS_PACKET_ID(p), DNS_RCODE_SUCCESS, NULL, answer, NULL, false, &reply);
97 if (r < 0) {
98 log_debug_errno(r, "Failed to build reply packet: %m");
99 return r;
100 }
101
102 if (!ratelimit_test(&s->ratelimit))
103 return 0;
104
105 r = dns_scope_emit_udp(s, -1, reply);
106 if (r < 0) {
107 log_debug_errno(r, "Failed to send reply packet: %m");
108 return r;
109 }
110
111 return 0;
112 }
113
114 static int on_mdns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
115 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
116 Manager *m = userdata;
117 DnsScope *scope;
118 int r;
119
120 r = manager_recv(m, fd, DNS_PROTOCOL_MDNS, &p);
121 if (r <= 0)
122 return r;
123
124 if (manager_our_packet(m, p))
125 return 0;
126
127 scope = manager_find_scope(m, p);
128 if (!scope) {
129 log_warning("Got mDNS UDP packet on unknown scope. Ignoring.");
130 return 0;
131 }
132
133 if (dns_packet_validate_reply(p) > 0) {
134 DnsResourceRecord *rr;
135
136 log_debug("Got mDNS reply packet");
137
138 /*
139 * mDNS is different from regular DNS and LLMNR with regard to handling responses.
140 * While on other protocols, we can ignore every answer that doesn't match a question
141 * we broadcast earlier, RFC6762, section 18.1 recommends looking at and caching all
142 * incoming information, regardless of the DNS packet ID.
143 *
144 * Hence, extract the packet here, and try to find a transaction for answer the we got
145 * and complete it. Also store the new information in scope's cache.
146 */
147 r = dns_packet_extract(p);
148 if (r < 0) {
149 log_debug("mDNS packet extraction failed.");
150 return 0;
151 }
152
153 dns_scope_check_conflicts(scope, p);
154
155 DNS_ANSWER_FOREACH(rr, p->answer) {
156 const char *name = dns_resource_key_name(rr->key);
157 DnsTransaction *t;
158
159 /* If the received reply packet contains ANY record that is not .local or .in-addr.arpa,
160 * we assume someone's playing tricks on us and discard the packet completely. */
161 if (!(dns_name_endswith(name, "in-addr.arpa") > 0 ||
162 dns_name_endswith(name, "local") > 0))
163 return 0;
164
165 if (rr->ttl == 0) {
166 log_debug("Got a goodbye packet");
167 /* See the section 10.1 of RFC6762 */
168 rr->ttl = 1;
169 }
170
171 t = dns_scope_find_transaction(scope, rr->key, false);
172 if (t)
173 dns_transaction_process_reply(t, p);
174
175 /* Also look for the various types of ANY transactions */
176 t = dns_scope_find_transaction(scope, &DNS_RESOURCE_KEY_CONST(rr->key->class, DNS_TYPE_ANY, dns_resource_key_name(rr->key)), false);
177 if (t)
178 dns_transaction_process_reply(t, p);
179
180 t = dns_scope_find_transaction(scope, &DNS_RESOURCE_KEY_CONST(DNS_CLASS_ANY, rr->key->type, dns_resource_key_name(rr->key)), false);
181 if (t)
182 dns_transaction_process_reply(t, p);
183
184 t = dns_scope_find_transaction(scope, &DNS_RESOURCE_KEY_CONST(DNS_CLASS_ANY, DNS_TYPE_ANY, dns_resource_key_name(rr->key)), false);
185 if (t)
186 dns_transaction_process_reply(t, p);
187 }
188
189 dns_cache_put(&scope->cache, NULL, DNS_PACKET_RCODE(p), p->answer, false, (uint32_t) -1, 0, p->family, &p->sender);
190
191 } else if (dns_packet_validate_query(p) > 0) {
192 log_debug("Got mDNS query packet for id %u", DNS_PACKET_ID(p));
193
194 r = mdns_scope_process_query(scope, p);
195 if (r < 0) {
196 log_debug_errno(r, "mDNS query processing failed: %m");
197 return 0;
198 }
199 } else
200 log_debug("Invalid mDNS UDP packet.");
201
202 return 0;
203 }
204
205 int manager_mdns_ipv4_fd(Manager *m) {
206 union sockaddr_union sa = {
207 .in.sin_family = AF_INET,
208 .in.sin_port = htobe16(MDNS_PORT),
209 };
210 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
211 int r;
212
213 assert(m);
214
215 if (m->mdns_ipv4_fd >= 0)
216 return m->mdns_ipv4_fd;
217
218 m->mdns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
219 if (m->mdns_ipv4_fd < 0)
220 return -errno;
221
222 r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
223 if (r < 0) {
224 r = -errno;
225 goto fail;
226 }
227
228 r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
229 if (r < 0) {
230 r = -errno;
231 goto fail;
232 }
233
234 r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
235 if (r < 0) {
236 r = -errno;
237 goto fail;
238 }
239
240 r = setsockopt(m->mdns_ipv4_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
241 if (r < 0) {
242 r = -errno;
243 goto fail;
244 }
245
246 r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
247 if (r < 0) {
248 r = -errno;
249 goto fail;
250 }
251
252 r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
253 if (r < 0) {
254 r = -errno;
255 goto fail;
256 }
257
258 /* Disable Don't-Fragment bit in the IP header */
259 r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
260 if (r < 0) {
261 r = -errno;
262 goto fail;
263 }
264
265 r = bind(m->mdns_ipv4_fd, &sa.sa, sizeof(sa.in));
266 if (r < 0) {
267 r = -errno;
268 goto fail;
269 }
270
271 r = sd_event_add_io(m->event, &m->mdns_ipv4_event_source, m->mdns_ipv4_fd, EPOLLIN, on_mdns_packet, m);
272 if (r < 0)
273 goto fail;
274
275 return m->mdns_ipv4_fd;
276
277 fail:
278 m->mdns_ipv4_fd = safe_close(m->mdns_ipv4_fd);
279 return r;
280 }
281
282 int manager_mdns_ipv6_fd(Manager *m) {
283 union sockaddr_union sa = {
284 .in6.sin6_family = AF_INET6,
285 .in6.sin6_port = htobe16(MDNS_PORT),
286 };
287 static const int one = 1, ttl = 255;
288 int r;
289
290 assert(m);
291
292 if (m->mdns_ipv6_fd >= 0)
293 return m->mdns_ipv6_fd;
294
295 m->mdns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
296 if (m->mdns_ipv6_fd < 0)
297 return -errno;
298
299 r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
300 if (r < 0) {
301 r = -errno;
302 goto fail;
303 }
304
305 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
306 r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
307 if (r < 0) {
308 r = -errno;
309 goto fail;
310 }
311
312 r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
313 if (r < 0) {
314 r = -errno;
315 goto fail;
316 }
317
318 r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
319 if (r < 0) {
320 r = -errno;
321 goto fail;
322 }
323
324 r = setsockopt(m->mdns_ipv6_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
325 if (r < 0) {
326 r = -errno;
327 goto fail;
328 }
329
330 r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
331 if (r < 0) {
332 r = -errno;
333 goto fail;
334 }
335
336 r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
337 if (r < 0) {
338 r = -errno;
339 goto fail;
340 }
341
342 r = bind(m->mdns_ipv6_fd, &sa.sa, sizeof(sa.in6));
343 if (r < 0) {
344 r = -errno;
345 goto fail;
346 }
347
348 r = sd_event_add_io(m->event, &m->mdns_ipv6_event_source, m->mdns_ipv6_fd, EPOLLIN, on_mdns_packet, m);
349 if (r < 0)
350 goto fail;
351
352 return m->mdns_ipv6_fd;
353
354 fail:
355 m->mdns_ipv6_fd = safe_close(m->mdns_ipv6_fd);
356 return r;
357 }
Unnamed repository; edit this file 'description' to name the repository.