]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blob
? search:


3bb2ba3e35000b615979687658854e676793dffa
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2014 Tom Gundersen <teg@jklm.no>
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <netinet/in.h>
22 #include <poll.h>
23 #include <stdio_ext.h>
24 #include <sys/ioctl.h>
25
26 #if HAVE_LIBIDN2
27 #include <idn2.h>
28 #endif
29
30 #include "af-list.h"
31 #include "alloc-util.h"
32 #include "dirent-util.h"
33 #include "dns-domain.h"
34 #include "fd-util.h"
35 #include "fileio-label.h"
36 #include "hostname-util.h"
37 #include "io-util.h"
38 #include "netlink-util.h"
39 #include "network-internal.h"
40 #include "ordered-set.h"
41 #include "parse-util.h"
42 #include "random-util.h"
43 #include "resolved-bus.h"
44 #include "resolved-conf.h"
45 #include "resolved-dnssd.h"
46 #include "resolved-dns-stub.h"
47 #include "resolved-etc-hosts.h"
48 #include "resolved-llmnr.h"
49 #include "resolved-manager.h"
50 #include "resolved-mdns.h"
51 #include "resolved-resolv-conf.h"
52 #include "socket-util.h"
53 #include "string-table.h"
54 #include "string-util.h"
55 #include "utf8.h"
56
57 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
58
59 static int manager_process_link(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
60 Manager *m = userdata;
61 uint16_t type;
62 Link *l;
63 int ifindex, r;
64
65 assert(rtnl);
66 assert(m);
67 assert(mm);
68
69 r = sd_netlink_message_get_type(mm, &type);
70 if (r < 0)
71 goto fail;
72
73 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
74 if (r < 0)
75 goto fail;
76
77 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
78
79 switch (type) {
80
81 case RTM_NEWLINK:{
82 bool is_new = !l;
83
84 if (!l) {
85 r = link_new(m, &l, ifindex);
86 if (r < 0)
87 goto fail;
88 }
89
90 r = link_process_rtnl(l, mm);
91 if (r < 0)
92 goto fail;
93
94 r = link_update(l);
95 if (r < 0)
96 goto fail;
97
98 if (is_new)
99 log_debug("Found new link %i/%s", ifindex, l->name);
100
101 break;
102 }
103
104 case RTM_DELLINK:
105 if (l) {
106 log_debug("Removing link %i/%s", l->ifindex, l->name);
107 link_remove_user(l);
108 link_free(l);
109 }
110
111 break;
112 }
113
114 return 0;
115
116 fail:
117 log_warning_errno(r, "Failed to process RTNL link message: %m");
118 return 0;
119 }
120
121 static int manager_process_address(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
122 Manager *m = userdata;
123 union in_addr_union address;
124 uint16_t type;
125 int r, ifindex, family;
126 LinkAddress *a;
127 Link *l;
128
129 assert(rtnl);
130 assert(mm);
131 assert(m);
132
133 r = sd_netlink_message_get_type(mm, &type);
134 if (r < 0)
135 goto fail;
136
137 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
138 if (r < 0)
139 goto fail;
140
141 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
142 if (!l)
143 return 0;
144
145 r = sd_rtnl_message_addr_get_family(mm, &family);
146 if (r < 0)
147 goto fail;
148
149 switch (family) {
150
151 case AF_INET:
152 r = sd_netlink_message_read_in_addr(mm, IFA_LOCAL, &address.in);
153 if (r < 0) {
154 r = sd_netlink_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
155 if (r < 0)
156 goto fail;
157 }
158
159 break;
160
161 case AF_INET6:
162 r = sd_netlink_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
163 if (r < 0) {
164 r = sd_netlink_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
165 if (r < 0)
166 goto fail;
167 }
168
169 break;
170
171 default:
172 return 0;
173 }
174
175 a = link_find_address(l, family, &address);
176
177 switch (type) {
178
179 case RTM_NEWADDR:
180
181 if (!a) {
182 r = link_address_new(l, &a, family, &address);
183 if (r < 0)
184 return r;
185 }
186
187 r = link_address_update_rtnl(a, mm);
188 if (r < 0)
189 return r;
190
191 break;
192
193 case RTM_DELADDR:
194 link_address_free(a);
195 break;
196 }
197
198 return 0;
199
200 fail:
201 log_warning_errno(r, "Failed to process RTNL address message: %m");
202 return 0;
203 }
204
205 static int manager_rtnl_listen(Manager *m) {
206 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL, *reply = NULL;
207 sd_netlink_message *i;
208 int r;
209
210 assert(m);
211
212 /* First, subscribe to interfaces coming and going */
213 r = sd_netlink_open(&m->rtnl);
214 if (r < 0)
215 return r;
216
217 r = sd_netlink_attach_event(m->rtnl, m->event, SD_EVENT_PRIORITY_IMPORTANT);
218 if (r < 0)
219 return r;
220
221 r = sd_netlink_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
222 if (r < 0)
223 return r;
224
225 r = sd_netlink_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
226 if (r < 0)
227 return r;
228
229 r = sd_netlink_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
230 if (r < 0)
231 return r;
232
233 r = sd_netlink_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
234 if (r < 0)
235 return r;
236
237 /* Then, enumerate all links */
238 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
239 if (r < 0)
240 return r;
241
242 r = sd_netlink_message_request_dump(req, true);
243 if (r < 0)
244 return r;
245
246 r = sd_netlink_call(m->rtnl, req, 0, &reply);
247 if (r < 0)
248 return r;
249
250 for (i = reply; i; i = sd_netlink_message_next(i)) {
251 r = manager_process_link(m->rtnl, i, m);
252 if (r < 0)
253 return r;
254 }
255
256 req = sd_netlink_message_unref(req);
257 reply = sd_netlink_message_unref(reply);
258
259 /* Finally, enumerate all addresses, too */
260 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
261 if (r < 0)
262 return r;
263
264 r = sd_netlink_message_request_dump(req, true);
265 if (r < 0)
266 return r;
267
268 r = sd_netlink_call(m->rtnl, req, 0, &reply);
269 if (r < 0)
270 return r;
271
272 for (i = reply; i; i = sd_netlink_message_next(i)) {
273 r = manager_process_address(m->rtnl, i, m);
274 if (r < 0)
275 return r;
276 }
277
278 return r;
279 }
280
281 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
282 Manager *m = userdata;
283 Iterator i;
284 Link *l;
285 int r;
286
287 assert(m);
288
289 sd_network_monitor_flush(m->network_monitor);
290
291 HASHMAP_FOREACH(l, m->links, i) {
292 r = link_update(l);
293 if (r < 0)
294 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
295 }
296
297 (void) manager_write_resolv_conf(m);
298
299 return 0;
300 }
301
302 static int manager_network_monitor_listen(Manager *m) {
303 int r, fd, events;
304
305 assert(m);
306
307 r = sd_network_monitor_new(&m->network_monitor, NULL);
308 if (r < 0)
309 return r;
310
311 fd = sd_network_monitor_get_fd(m->network_monitor);
312 if (fd < 0)
313 return fd;
314
315 events = sd_network_monitor_get_events(m->network_monitor);
316 if (events < 0)
317 return events;
318
319 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
320 if (r < 0)
321 return r;
322
323 r = sd_event_source_set_priority(m->network_event_source, SD_EVENT_PRIORITY_IMPORTANT+5);
324 if (r < 0)
325 return r;
326
327 (void) sd_event_source_set_description(m->network_event_source, "network-monitor");
328
329 return 0;
330 }
331
332 static int determine_hostname(char **full_hostname, char **llmnr_hostname, char **mdns_hostname) {
333 _cleanup_free_ char *h = NULL, *n = NULL;
334 #if HAVE_LIBIDN2
335 _cleanup_free_ char *utf8 = NULL;
336 #elif HAVE_LIBIDN
337 int k;
338 #endif
339 char label[DNS_LABEL_MAX];
340 const char *p, *decoded;
341 int r;
342
343 assert(full_hostname);
344 assert(llmnr_hostname);
345 assert(mdns_hostname);
346
347 /* Extract and normalize the first label of the locally configured hostname, and check it's not "localhost". */
348
349 r = gethostname_strict(&h);
350 if (r < 0)
351 return log_debug_errno(r, "Can't determine system hostname: %m");
352
353 p = h;
354 r = dns_label_unescape(&p, label, sizeof label);
355 if (r < 0)
356 return log_error_errno(r, "Failed to unescape host name: %m");
357 if (r == 0) {
358 log_error("Couldn't find a single label in hostname.");
359 return -EINVAL;
360 }
361
362 #if HAVE_LIBIDN2
363 r = idn2_to_unicode_8z8z(label, &utf8, 0);
364 if (r != IDN2_OK)
365 return log_error("Failed to undo IDNA: %s", idn2_strerror(r));
366 assert(utf8_is_valid(utf8));
367
368 r = strlen(utf8);
369 decoded = utf8;
370 #elif HAVE_LIBIDN
371 k = dns_label_undo_idna(label, r, label, sizeof label);
372 if (k < 0)
373 return log_error_errno(k, "Failed to undo IDNA: %m");
374 if (k > 0)
375 r = k;
376
377 if (!utf8_is_valid(label)) {
378 log_error("System hostname is not UTF-8 clean.");
379 return -EINVAL;
380 }
381 decoded = label;
382 #else
383 decoded = label; /* no decoding */
384 #endif
385
386 r = dns_label_escape_new(decoded, r, &n);
387 if (r < 0)
388 return log_error_errno(r, "Failed to escape host name: %m");
389
390 if (is_localhost(n)) {
391 log_debug("System hostname is 'localhost', ignoring.");
392 return -EINVAL;
393 }
394
395 r = dns_name_concat(n, "local", mdns_hostname);
396 if (r < 0)
397 return log_error_errno(r, "Failed to determine mDNS hostname: %m");
398
399 *llmnr_hostname = TAKE_PTR(n);
400 *full_hostname = TAKE_PTR(h);
401
402 return 0;
403 }
404
405 static const char *fallback_hostname(void) {
406
407 /* Determine the fall back hostname. For exposing this system to the outside world, we cannot have it to be
408 * "localhost" even if that's the compiled in hostname. In this case, let's revert to "linux" instead. */
409
410 if (is_localhost(FALLBACK_HOSTNAME))
411 return "linux";
412
413 return FALLBACK_HOSTNAME;
414 }
415
416 static int make_fallback_hostnames(char **full_hostname, char **llmnr_hostname, char **mdns_hostname) {
417 _cleanup_free_ char *n = NULL, *m = NULL;
418 char label[DNS_LABEL_MAX], *h;
419 const char *p;
420 int r;
421
422 assert(full_hostname);
423 assert(llmnr_hostname);
424 assert(mdns_hostname);
425
426 p = fallback_hostname();
427 r = dns_label_unescape(&p, label, sizeof(label));
428 if (r < 0)
429 return log_error_errno(r, "Failed to unescape fallback host name: %m");
430
431 assert(r > 0); /* The fallback hostname must have at least one label */
432
433 r = dns_label_escape_new(label, r, &n);
434 if (r < 0)
435 return log_error_errno(r, "Failed to escape fallback hostname: %m");
436
437 r = dns_name_concat(n, "local", &m);
438 if (r < 0)
439 return log_error_errno(r, "Failed to concatenate mDNS hostname: %m");
440
441 h = strdup(fallback_hostname());
442 if (!h)
443 return log_oom();
444
445 *llmnr_hostname = TAKE_PTR(n);
446 *mdns_hostname = TAKE_PTR(m);
447
448 *full_hostname = h;
449
450 return 0;
451 }
452
453 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
454 _cleanup_free_ char *full_hostname = NULL, *llmnr_hostname = NULL, *mdns_hostname = NULL;
455 Manager *m = userdata;
456 int r;
457
458 assert(m);
459
460 r = determine_hostname(&full_hostname, &llmnr_hostname, &mdns_hostname);
461 if (r < 0)
462 return 0; /* ignore invalid hostnames */
463
464 if (streq(full_hostname, m->full_hostname) &&
465 streq(llmnr_hostname, m->llmnr_hostname) &&
466 streq(mdns_hostname, m->mdns_hostname))
467 return 0;
468
469 log_info("System hostname changed to '%s'.", full_hostname);
470
471 free_and_replace(m->full_hostname, full_hostname);
472 free_and_replace(m->llmnr_hostname, llmnr_hostname);
473 free_and_replace(m->mdns_hostname, mdns_hostname);
474
475 manager_refresh_rrs(m);
476
477 return 0;
478 }
479
480 static int manager_watch_hostname(Manager *m) {
481 int r;
482
483 assert(m);
484
485 m->hostname_fd = open("/proc/sys/kernel/hostname",
486 O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
487 if (m->hostname_fd < 0) {
488 log_warning_errno(errno, "Failed to watch hostname: %m");
489 return 0;
490 }
491
492 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
493 if (r < 0) {
494 if (r == -EPERM)
495 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
496 m->hostname_fd = safe_close(m->hostname_fd);
497 else
498 return log_error_errno(r, "Failed to add hostname event source: %m");
499 }
500
501 (void) sd_event_source_set_description(m->hostname_event_source, "hostname");
502
503 r = determine_hostname(&m->full_hostname, &m->llmnr_hostname, &m->mdns_hostname);
504 if (r < 0) {
505 log_info("Defaulting to hostname '%s'.", fallback_hostname());
506
507 r = make_fallback_hostnames(&m->full_hostname, &m->llmnr_hostname, &m->mdns_hostname);
508 if (r < 0)
509 return r;
510 } else
511 log_info("Using system hostname '%s'.", m->full_hostname);
512
513 return 0;
514 }
515
516 static int manager_sigusr1(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
517 _cleanup_free_ char *buffer = NULL;
518 _cleanup_fclose_ FILE *f = NULL;
519 Manager *m = userdata;
520 DnsServer *server;
521 size_t size = 0;
522 DnsScope *scope;
523 Iterator i;
524 Link *l;
525
526 assert(s);
527 assert(si);
528 assert(m);
529
530 f = open_memstream(&buffer, &size);
531 if (!f)
532 return log_oom();
533
534 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
535
536 LIST_FOREACH(scopes, scope, m->dns_scopes)
537 dns_scope_dump(scope, f);
538
539 LIST_FOREACH(servers, server, m->dns_servers)
540 dns_server_dump(server, f);
541 LIST_FOREACH(servers, server, m->fallback_dns_servers)
542 dns_server_dump(server, f);
543 HASHMAP_FOREACH(l, m->links, i)
544 LIST_FOREACH(servers, server, l->dns_servers)
545 dns_server_dump(server, f);
546
547 if (fflush_and_check(f) < 0)
548 return log_oom();
549
550 log_dump(LOG_INFO, buffer);
551 return 0;
552 }
553
554 static int manager_sigusr2(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
555 Manager *m = userdata;
556
557 assert(s);
558 assert(si);
559 assert(m);
560
561 manager_flush_caches(m);
562
563 return 0;
564 }
565
566 static int manager_sigrtmin1(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
567 Manager *m = userdata;
568
569 assert(s);
570 assert(si);
571 assert(m);
572
573 manager_reset_server_features(m);
574 return 0;
575 }
576
577 int manager_new(Manager **ret) {
578 _cleanup_(manager_freep) Manager *m = NULL;
579 int r;
580
581 assert(ret);
582
583 m = new0(Manager, 1);
584 if (!m)
585 return -ENOMEM;
586
587 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
588 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
589 m->mdns_ipv4_fd = m->mdns_ipv6_fd = -1;
590 m->dns_stub_udp_fd = m->dns_stub_tcp_fd = -1;
591 m->hostname_fd = -1;
592
593 m->llmnr_support = RESOLVE_SUPPORT_YES;
594 m->mdns_support = RESOLVE_SUPPORT_YES;
595 m->dnssec_mode = DEFAULT_DNSSEC_MODE;
596 m->enable_cache = true;
597 m->dns_stub_listener_mode = DNS_STUB_LISTENER_UDP;
598 m->read_resolv_conf = true;
599 m->need_builtin_fallbacks = true;
600 m->etc_hosts_last = m->etc_hosts_mtime = USEC_INFINITY;
601
602 r = dns_trust_anchor_load(&m->trust_anchor);
603 if (r < 0)
604 return r;
605
606 r = manager_parse_config_file(m);
607 if (r < 0)
608 log_warning_errno(r, "Failed to parse configuration file: %m");
609
610 r = sd_event_default(&m->event);
611 if (r < 0)
612 return r;
613
614 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
615 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
616
617 sd_event_set_watchdog(m->event, true);
618
619 r = manager_watch_hostname(m);
620 if (r < 0)
621 return r;
622
623 r = dnssd_load(m);
624 if (r < 0)
625 log_warning_errno(r, "Failed to load DNS-SD configuration files: %m");
626
627 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
628 if (r < 0)
629 return r;
630
631 r = manager_network_monitor_listen(m);
632 if (r < 0)
633 return r;
634
635 r = manager_rtnl_listen(m);
636 if (r < 0)
637 return r;
638
639 r = manager_connect_bus(m);
640 if (r < 0)
641 return r;
642
643 (void) sd_event_add_signal(m->event, &m->sigusr1_event_source, SIGUSR1, manager_sigusr1, m);
644 (void) sd_event_add_signal(m->event, &m->sigusr2_event_source, SIGUSR2, manager_sigusr2, m);
645 (void) sd_event_add_signal(m->event, &m->sigrtmin1_event_source, SIGRTMIN+1, manager_sigrtmin1, m);
646
647 manager_cleanup_saved_user(m);
648
649 *ret = TAKE_PTR(m);
650
651 return 0;
652 }
653
654 int manager_start(Manager *m) {
655 int r;
656
657 assert(m);
658
659 r = manager_dns_stub_start(m);
660 if (r < 0)
661 return r;
662
663 return 0;
664 }
665
666 Manager *manager_free(Manager *m) {
667 Link *l;
668 DnssdService *s;
669
670 if (!m)
671 return NULL;
672
673 dns_server_unlink_all(m->dns_servers);
674 dns_server_unlink_all(m->fallback_dns_servers);
675 dns_search_domain_unlink_all(m->search_domains);
676
677 while ((l = hashmap_first(m->links)))
678 link_free(l);
679
680 while (m->dns_queries)
681 dns_query_free(m->dns_queries);
682
683 dns_scope_free(m->unicast_scope);
684
685 /* At this point only orphaned streams should remain. All others should have been freed already by their
686 * owners */
687 while (m->dns_streams)
688 dns_stream_unref(m->dns_streams);
689
690 hashmap_free(m->links);
691 hashmap_free(m->dns_transactions);
692
693 sd_event_source_unref(m->network_event_source);
694 sd_network_monitor_unref(m->network_monitor);
695
696 sd_netlink_unref(m->rtnl);
697 sd_event_source_unref(m->rtnl_event_source);
698
699 manager_llmnr_stop(m);
700 manager_mdns_stop(m);
701 manager_dns_stub_stop(m);
702
703 sd_bus_slot_unref(m->prepare_for_sleep_slot);
704 sd_event_source_unref(m->bus_retry_event_source);
705 sd_bus_unref(m->bus);
706
707 sd_event_source_unref(m->sigusr1_event_source);
708 sd_event_source_unref(m->sigusr2_event_source);
709 sd_event_source_unref(m->sigrtmin1_event_source);
710
711 sd_event_unref(m->event);
712
713 dns_resource_key_unref(m->llmnr_host_ipv4_key);
714 dns_resource_key_unref(m->llmnr_host_ipv6_key);
715 dns_resource_key_unref(m->mdns_host_ipv4_key);
716 dns_resource_key_unref(m->mdns_host_ipv6_key);
717
718 sd_event_source_unref(m->hostname_event_source);
719 safe_close(m->hostname_fd);
720
721 free(m->full_hostname);
722 free(m->llmnr_hostname);
723 free(m->mdns_hostname);
724
725 while ((s = hashmap_first(m->dnssd_services)))
726 dnssd_service_free(s);
727 hashmap_free(m->dnssd_services);
728
729 dns_trust_anchor_flush(&m->trust_anchor);
730 manager_etc_hosts_flush(m);
731
732 return mfree(m);
733 }
734
735 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
736 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
737 union {
738 struct cmsghdr header; /* For alignment */
739 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
740 + CMSG_SPACE(int) /* ttl/hoplimit */
741 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
742 } control;
743 union sockaddr_union sa;
744 struct msghdr mh = {};
745 struct cmsghdr *cmsg;
746 struct iovec iov;
747 ssize_t ms, l;
748 int r;
749
750 assert(m);
751 assert(fd >= 0);
752 assert(ret);
753
754 ms = next_datagram_size_fd(fd);
755 if (ms < 0)
756 return ms;
757
758 r = dns_packet_new(&p, protocol, ms, DNS_PACKET_SIZE_MAX);
759 if (r < 0)
760 return r;
761
762 iov.iov_base = DNS_PACKET_DATA(p);
763 iov.iov_len = p->allocated;
764
765 mh.msg_name = &sa.sa;
766 mh.msg_namelen = sizeof(sa);
767 mh.msg_iov = &iov;
768 mh.msg_iovlen = 1;
769 mh.msg_control = &control;
770 mh.msg_controllen = sizeof(control);
771
772 l = recvmsg(fd, &mh, 0);
773 if (l == 0)
774 return 0;
775 if (l < 0) {
776 if (IN_SET(errno, EAGAIN, EINTR))
777 return 0;
778
779 return -errno;
780 }
781
782 assert(!(mh.msg_flags & MSG_CTRUNC));
783 assert(!(mh.msg_flags & MSG_TRUNC));
784
785 p->size = (size_t) l;
786
787 p->family = sa.sa.sa_family;
788 p->ipproto = IPPROTO_UDP;
789 if (p->family == AF_INET) {
790 p->sender.in = sa.in.sin_addr;
791 p->sender_port = be16toh(sa.in.sin_port);
792 } else if (p->family == AF_INET6) {
793 p->sender.in6 = sa.in6.sin6_addr;
794 p->sender_port = be16toh(sa.in6.sin6_port);
795 p->ifindex = sa.in6.sin6_scope_id;
796 } else
797 return -EAFNOSUPPORT;
798
799 CMSG_FOREACH(cmsg, &mh) {
800
801 if (cmsg->cmsg_level == IPPROTO_IPV6) {
802 assert(p->family == AF_INET6);
803
804 switch (cmsg->cmsg_type) {
805
806 case IPV6_PKTINFO: {
807 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
808
809 if (p->ifindex <= 0)
810 p->ifindex = i->ipi6_ifindex;
811
812 p->destination.in6 = i->ipi6_addr;
813 break;
814 }
815
816 case IPV6_HOPLIMIT:
817 p->ttl = *(int *) CMSG_DATA(cmsg);
818 break;
819
820 }
821 } else if (cmsg->cmsg_level == IPPROTO_IP) {
822 assert(p->family == AF_INET);
823
824 switch (cmsg->cmsg_type) {
825
826 case IP_PKTINFO: {
827 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
828
829 if (p->ifindex <= 0)
830 p->ifindex = i->ipi_ifindex;
831
832 p->destination.in = i->ipi_addr;
833 break;
834 }
835
836 case IP_TTL:
837 p->ttl = *(int *) CMSG_DATA(cmsg);
838 break;
839 }
840 }
841 }
842
843 /* The Linux kernel sets the interface index to the loopback
844 * device if the packet came from the local host since it
845 * avoids the routing table in such a case. Let's unset the
846 * interface index in such a case. */
847 if (p->ifindex == LOOPBACK_IFINDEX)
848 p->ifindex = 0;
849
850 if (protocol != DNS_PROTOCOL_DNS) {
851 /* If we don't know the interface index still, we look for the
852 * first local interface with a matching address. Yuck! */
853 if (p->ifindex <= 0)
854 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
855 }
856
857 *ret = TAKE_PTR(p);
858
859 return 1;
860 }
861
862 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
863 int r;
864
865 assert(fd >= 0);
866 assert(mh);
867
868 for (;;) {
869 if (sendmsg(fd, mh, flags) >= 0)
870 return 0;
871
872 if (errno == EINTR)
873 continue;
874
875 if (errno != EAGAIN)
876 return -errno;
877
878 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
879 if (r < 0)
880 return r;
881 if (r == 0)
882 return -ETIMEDOUT;
883 }
884 }
885
886 static int write_loop(int fd, void *message, size_t length) {
887 int r;
888
889 assert(fd >= 0);
890 assert(message);
891
892 for (;;) {
893 if (write(fd, message, length) >= 0)
894 return 0;
895
896 if (errno == EINTR)
897 continue;
898
899 if (errno != EAGAIN)
900 return -errno;
901
902 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
903 if (r < 0)
904 return r;
905 if (r == 0)
906 return -ETIMEDOUT;
907 }
908 }
909
910 int manager_write(Manager *m, int fd, DnsPacket *p) {
911 int r;
912
913 log_debug("Sending %s packet with id %" PRIu16 ".", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p));
914
915 r = write_loop(fd, DNS_PACKET_DATA(p), p->size);
916 if (r < 0)
917 return r;
918
919 return 0;
920 }
921
922 static int manager_ipv4_send(
923 Manager *m,
924 int fd,
925 int ifindex,
926 const struct in_addr *destination,
927 uint16_t port,
928 const struct in_addr *source,
929 DnsPacket *p) {
930 union sockaddr_union sa = {
931 .in.sin_family = AF_INET,
932 };
933 union {
934 struct cmsghdr header; /* For alignment */
935 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
936 } control;
937 struct msghdr mh = {};
938 struct iovec iov;
939
940 assert(m);
941 assert(fd >= 0);
942 assert(destination);
943 assert(port > 0);
944 assert(p);
945
946 iov.iov_base = DNS_PACKET_DATA(p);
947 iov.iov_len = p->size;
948
949 sa.in.sin_addr = *destination;
950 sa.in.sin_port = htobe16(port),
951
952 mh.msg_iov = &iov;
953 mh.msg_iovlen = 1;
954 mh.msg_name = &sa.sa;
955 mh.msg_namelen = sizeof(sa.in);
956
957 if (ifindex > 0) {
958 struct cmsghdr *cmsg;
959 struct in_pktinfo *pi;
960
961 zero(control);
962
963 mh.msg_control = &control;
964 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
965
966 cmsg = CMSG_FIRSTHDR(&mh);
967 cmsg->cmsg_len = mh.msg_controllen;
968 cmsg->cmsg_level = IPPROTO_IP;
969 cmsg->cmsg_type = IP_PKTINFO;
970
971 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
972 pi->ipi_ifindex = ifindex;
973
974 if (source)
975 pi->ipi_spec_dst = *source;
976 }
977
978 return sendmsg_loop(fd, &mh, 0);
979 }
980
981 static int manager_ipv6_send(
982 Manager *m,
983 int fd,
984 int ifindex,
985 const struct in6_addr *destination,
986 uint16_t port,
987 const struct in6_addr *source,
988 DnsPacket *p) {
989
990 union sockaddr_union sa = {
991 .in6.sin6_family = AF_INET6,
992 };
993 union {
994 struct cmsghdr header; /* For alignment */
995 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
996 } control;
997 struct msghdr mh = {};
998 struct iovec iov;
999
1000 assert(m);
1001 assert(fd >= 0);
1002 assert(destination);
1003 assert(port > 0);
1004 assert(p);
1005
1006 iov.iov_base = DNS_PACKET_DATA(p);
1007 iov.iov_len = p->size;
1008
1009 sa.in6.sin6_addr = *destination;
1010 sa.in6.sin6_port = htobe16(port),
1011 sa.in6.sin6_scope_id = ifindex;
1012
1013 mh.msg_iov = &iov;
1014 mh.msg_iovlen = 1;
1015 mh.msg_name = &sa.sa;
1016 mh.msg_namelen = sizeof(sa.in6);
1017
1018 if (ifindex > 0) {
1019 struct cmsghdr *cmsg;
1020 struct in6_pktinfo *pi;
1021
1022 zero(control);
1023
1024 mh.msg_control = &control;
1025 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1026
1027 cmsg = CMSG_FIRSTHDR(&mh);
1028 cmsg->cmsg_len = mh.msg_controllen;
1029 cmsg->cmsg_level = IPPROTO_IPV6;
1030 cmsg->cmsg_type = IPV6_PKTINFO;
1031
1032 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1033 pi->ipi6_ifindex = ifindex;
1034
1035 if (source)
1036 pi->ipi6_addr = *source;
1037 }
1038
1039 return sendmsg_loop(fd, &mh, 0);
1040 }
1041
1042 int manager_send(
1043 Manager *m,
1044 int fd,
1045 int ifindex,
1046 int family,
1047 const union in_addr_union *destination,
1048 uint16_t port,
1049 const union in_addr_union *source,
1050 DnsPacket *p) {
1051
1052 assert(m);
1053 assert(fd >= 0);
1054 assert(destination);
1055 assert(port > 0);
1056 assert(p);
1057
1058 log_debug("Sending %s packet with id %" PRIu16 " on interface %i/%s.", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1059
1060 if (family == AF_INET)
1061 return manager_ipv4_send(m, fd, ifindex, &destination->in, port, &source->in, p);
1062 if (family == AF_INET6)
1063 return manager_ipv6_send(m, fd, ifindex, &destination->in6, port, &source->in6, p);
1064
1065 return -EAFNOSUPPORT;
1066 }
1067
1068 uint32_t manager_find_mtu(Manager *m) {
1069 uint32_t mtu = 0;
1070 Link *l;
1071 Iterator i;
1072
1073 /* If we don't know on which link a DNS packet would be
1074 * delivered, let's find the largest MTU that works on all
1075 * interfaces we know of */
1076
1077 HASHMAP_FOREACH(l, m->links, i) {
1078 if (l->mtu <= 0)
1079 continue;
1080
1081 if (mtu <= 0 || l->mtu < mtu)
1082 mtu = l->mtu;
1083 }
1084
1085 return mtu;
1086 }
1087
1088 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1089 LinkAddress *a;
1090
1091 assert(m);
1092
1093 a = manager_find_link_address(m, family, in_addr);
1094 if (a)
1095 return a->link->ifindex;
1096
1097 return 0;
1098 }
1099
1100 void manager_refresh_rrs(Manager *m) {
1101 Iterator i;
1102 Link *l;
1103 DnssdService *s;
1104
1105 assert(m);
1106
1107 m->llmnr_host_ipv4_key = dns_resource_key_unref(m->llmnr_host_ipv4_key);
1108 m->llmnr_host_ipv6_key = dns_resource_key_unref(m->llmnr_host_ipv6_key);
1109 m->mdns_host_ipv4_key = dns_resource_key_unref(m->mdns_host_ipv4_key);
1110 m->mdns_host_ipv6_key = dns_resource_key_unref(m->mdns_host_ipv6_key);
1111
1112 if (m->mdns_support == RESOLVE_SUPPORT_YES)
1113 HASHMAP_FOREACH(s, m->dnssd_services, i)
1114 if (dnssd_update_rrs(s) < 0)
1115 log_warning("Failed to refresh DNS-SD service '%s'", s->name);
1116
1117 HASHMAP_FOREACH(l, m->links, i) {
1118 link_add_rrs(l, true);
1119 link_add_rrs(l, false);
1120 }
1121 }
1122
1123 static int manager_next_random_name(const char *old, char **ret_new) {
1124 const char *p;
1125 uint64_t u, a;
1126 char *n;
1127
1128 p = strchr(old, 0);
1129 assert(p);
1130
1131 while (p > old) {
1132 if (!strchr(DIGITS, p[-1]))
1133 break;
1134
1135 p--;
1136 }
1137
1138 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1139 u = 1;
1140
1141 /* Add a random number to the old value. This way we can avoid
1142 * that two hosts pick the same hostname, win on IPv4 and lose
1143 * on IPv6 (or vice versa), and pick the same hostname
1144 * replacement hostname, ad infinitum. We still want the
1145 * numbers to go up monotonically, hence we just add a random
1146 * value 1..10 */
1147
1148 random_bytes(&a, sizeof(a));
1149 u += 1 + a % 10;
1150
1151 if (asprintf(&n, "%.*s%" PRIu64, (int) (p - old), old, u) < 0)
1152 return -ENOMEM;
1153
1154 *ret_new = n;
1155
1156 return 0;
1157 }
1158
1159 int manager_next_hostname(Manager *m) {
1160 _cleanup_free_ char *h = NULL, *k = NULL;
1161 int r;
1162
1163 assert(m);
1164
1165 r = manager_next_random_name(m->llmnr_hostname, &h);
1166 if (r < 0)
1167 return r;
1168
1169 r = dns_name_concat(h, "local", &k);
1170 if (r < 0)
1171 return r;
1172
1173 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->llmnr_hostname, h);
1174
1175 free_and_replace(m->llmnr_hostname, h);
1176 free_and_replace(m->mdns_hostname, k);
1177
1178 manager_refresh_rrs(m);
1179
1180 return 0;
1181 }
1182
1183 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1184 Iterator i;
1185 Link *l;
1186
1187 assert(m);
1188
1189 HASHMAP_FOREACH(l, m->links, i) {
1190 LinkAddress *a;
1191
1192 a = link_find_address(l, family, in_addr);
1193 if (a)
1194 return a;
1195 }
1196
1197 return NULL;
1198 }
1199
1200 bool manager_our_packet(Manager *m, DnsPacket *p) {
1201 assert(m);
1202 assert(p);
1203
1204 return !!manager_find_link_address(m, p->family, &p->sender);
1205 }
1206
1207 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1208 Link *l;
1209
1210 assert(m);
1211 assert(p);
1212
1213 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1214 if (!l)
1215 return NULL;
1216
1217 switch (p->protocol) {
1218 case DNS_PROTOCOL_LLMNR:
1219 if (p->family == AF_INET)
1220 return l->llmnr_ipv4_scope;
1221 else if (p->family == AF_INET6)
1222 return l->llmnr_ipv6_scope;
1223
1224 break;
1225
1226 case DNS_PROTOCOL_MDNS:
1227 if (p->family == AF_INET)
1228 return l->mdns_ipv4_scope;
1229 else if (p->family == AF_INET6)
1230 return l->mdns_ipv6_scope;
1231
1232 break;
1233
1234 default:
1235 break;
1236 }
1237
1238 return NULL;
1239 }
1240
1241 void manager_verify_all(Manager *m) {
1242 DnsScope *s;
1243
1244 assert(m);
1245
1246 LIST_FOREACH(scopes, s, m->dns_scopes)
1247 dns_zone_verify_all(&s->zone);
1248 }
1249
1250 int manager_is_own_hostname(Manager *m, const char *name) {
1251 int r;
1252
1253 assert(m);
1254 assert(name);
1255
1256 if (m->llmnr_hostname) {
1257 r = dns_name_equal(name, m->llmnr_hostname);
1258 if (r != 0)
1259 return r;
1260 }
1261
1262 if (m->mdns_hostname) {
1263 r = dns_name_equal(name, m->mdns_hostname);
1264 if (r != 0)
1265 return r;
1266 }
1267
1268 if (m->full_hostname)
1269 return dns_name_equal(name, m->full_hostname);
1270
1271 return 0;
1272 }
1273
1274 int manager_compile_dns_servers(Manager *m, OrderedSet **dns) {
1275 DnsServer *s;
1276 Iterator i;
1277 Link *l;
1278 int r;
1279
1280 assert(m);
1281 assert(dns);
1282
1283 r = ordered_set_ensure_allocated(dns, &dns_server_hash_ops);
1284 if (r < 0)
1285 return r;
1286
1287 /* First add the system-wide servers and domains */
1288 LIST_FOREACH(servers, s, m->dns_servers) {
1289 r = ordered_set_put(*dns, s);
1290 if (r == -EEXIST)
1291 continue;
1292 if (r < 0)
1293 return r;
1294 }
1295
1296 /* Then, add the per-link servers */
1297 HASHMAP_FOREACH(l, m->links, i) {
1298 LIST_FOREACH(servers, s, l->dns_servers) {
1299 r = ordered_set_put(*dns, s);
1300 if (r == -EEXIST)
1301 continue;
1302 if (r < 0)
1303 return r;
1304 }
1305 }
1306
1307 /* If we found nothing, add the fallback servers */
1308 if (ordered_set_isempty(*dns)) {
1309 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
1310 r = ordered_set_put(*dns, s);
1311 if (r == -EEXIST)
1312 continue;
1313 if (r < 0)
1314 return r;
1315 }
1316 }
1317
1318 return 0;
1319 }
1320
1321 /* filter_route is a tri-state:
1322 * < 0: no filtering
1323 * = 0 or false: return only domains which should be used for searching
1324 * > 0 or true: return only domains which are for routing only
1325 */
1326 int manager_compile_search_domains(Manager *m, OrderedSet **domains, int filter_route) {
1327 DnsSearchDomain *d;
1328 Iterator i;
1329 Link *l;
1330 int r;
1331
1332 assert(m);
1333 assert(domains);
1334
1335 r = ordered_set_ensure_allocated(domains, &dns_name_hash_ops);
1336 if (r < 0)
1337 return r;
1338
1339 LIST_FOREACH(domains, d, m->search_domains) {
1340
1341 if (filter_route >= 0 &&
1342 d->route_only != !!filter_route)
1343 continue;
1344
1345 r = ordered_set_put(*domains, d->name);
1346 if (r == -EEXIST)
1347 continue;
1348 if (r < 0)
1349 return r;
1350 }
1351
1352 HASHMAP_FOREACH(l, m->links, i) {
1353
1354 LIST_FOREACH(domains, d, l->search_domains) {
1355
1356 if (filter_route >= 0 &&
1357 d->route_only != !!filter_route)
1358 continue;
1359
1360 r = ordered_set_put(*domains, d->name);
1361 if (r == -EEXIST)
1362 continue;
1363 if (r < 0)
1364 return r;
1365 }
1366 }
1367
1368 return 0;
1369 }
1370
1371 DnssecMode manager_get_dnssec_mode(Manager *m) {
1372 assert(m);
1373
1374 if (m->dnssec_mode != _DNSSEC_MODE_INVALID)
1375 return m->dnssec_mode;
1376
1377 return DNSSEC_NO;
1378 }
1379
1380 bool manager_dnssec_supported(Manager *m) {
1381 DnsServer *server;
1382 Iterator i;
1383 Link *l;
1384
1385 assert(m);
1386
1387 if (manager_get_dnssec_mode(m) == DNSSEC_NO)
1388 return false;
1389
1390 server = manager_get_dns_server(m);
1391 if (server && !dns_server_dnssec_supported(server))
1392 return false;
1393
1394 HASHMAP_FOREACH(l, m->links, i)
1395 if (!link_dnssec_supported(l))
1396 return false;
1397
1398 return true;
1399 }
1400
1401 void manager_dnssec_verdict(Manager *m, DnssecVerdict verdict, const DnsResourceKey *key) {
1402
1403 assert(verdict >= 0);
1404 assert(verdict < _DNSSEC_VERDICT_MAX);
1405
1406 if (DEBUG_LOGGING) {
1407 char s[DNS_RESOURCE_KEY_STRING_MAX];
1408
1409 log_debug("Found verdict for lookup %s: %s",
1410 dns_resource_key_to_string(key, s, sizeof s),
1411 dnssec_verdict_to_string(verdict));
1412 }
1413
1414 m->n_dnssec_verdict[verdict]++;
1415 }
1416
1417 bool manager_routable(Manager *m, int family) {
1418 Iterator i;
1419 Link *l;
1420
1421 assert(m);
1422
1423 /* Returns true if the host has at least one interface with a routable address of the specified type */
1424
1425 HASHMAP_FOREACH(l, m->links, i)
1426 if (link_relevant(l, family, false))
1427 return true;
1428
1429 return false;
1430 }
1431
1432 void manager_flush_caches(Manager *m) {
1433 DnsScope *scope;
1434
1435 assert(m);
1436
1437 LIST_FOREACH(scopes, scope, m->dns_scopes)
1438 dns_cache_flush(&scope->cache);
1439
1440 log_info("Flushed all caches.");
1441 }
1442
1443 void manager_reset_server_features(Manager *m) {
1444 Iterator i;
1445 Link *l;
1446
1447 dns_server_reset_features_all(m->dns_servers);
1448 dns_server_reset_features_all(m->fallback_dns_servers);
1449
1450 HASHMAP_FOREACH(l, m->links, i)
1451 dns_server_reset_features_all(l->dns_servers);
1452
1453 log_info("Resetting learnt feature levels on all servers.");
1454 }
1455
1456 void manager_cleanup_saved_user(Manager *m) {
1457 _cleanup_closedir_ DIR *d = NULL;
1458 struct dirent *de;
1459 int r;
1460
1461 assert(m);
1462
1463 /* Clean up all saved per-link files in /run/systemd/resolve/netif/ that don't have a matching interface
1464 * anymore. These files are created to persist settings pushed in by the user via the bus, so that resolved can
1465 * be restarted without losing this data. */
1466
1467 d = opendir("/run/systemd/resolve/netif/");
1468 if (!d) {
1469 if (errno == ENOENT)
1470 return;
1471
1472 log_warning_errno(errno, "Failed to open interface directory: %m");
1473 return;
1474 }
1475
1476 FOREACH_DIRENT_ALL(de, d, log_error_errno(errno, "Failed to read interface directory: %m")) {
1477 _cleanup_free_ char *p = NULL;
1478 int ifindex;
1479 Link *l;
1480
1481 if (!IN_SET(de->d_type, DT_UNKNOWN, DT_REG))
1482 continue;
1483
1484 if (dot_or_dot_dot(de->d_name))
1485 continue;
1486
1487 r = parse_ifindex(de->d_name, &ifindex);
1488 if (r < 0) /* Probably some temporary file from a previous run. Delete it */
1489 goto rm;
1490
1491 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
1492 if (!l) /* link vanished */
1493 goto rm;
1494
1495 if (l->is_managed) /* now managed by networkd, hence the bus settings are useless */
1496 goto rm;
1497
1498 continue;
1499
1500 rm:
1501 p = strappend("/run/systemd/resolve/netif/", de->d_name);
1502 if (!p) {
1503 log_oom();
1504 return;
1505 }
1506
1507 (void) unlink(p);
1508 }
1509 }
1510
1511 bool manager_next_dnssd_names(Manager *m) {
1512 Iterator i;
1513 DnssdService *s;
1514 bool tried = false;
1515 int r;
1516
1517 assert(m);
1518
1519 HASHMAP_FOREACH(s, m->dnssd_services, i) {
1520 _cleanup_free_ char * new_name = NULL;
1521
1522 if (!s->withdrawn)
1523 continue;
1524
1525 r = manager_next_random_name(s->name_template, &new_name);
1526 if (r < 0) {
1527 log_warning_errno(r, "Failed to get new name for service '%s': %m", s->name);
1528 continue;
1529 }
1530
1531 free_and_replace(s->name_template, new_name);
1532
1533 s->withdrawn = false;
1534
1535 tried = true;
1536 }
1537
1538 if (tried)
1539 manager_refresh_rrs(m);
1540
1541 return tried;
1542 }
Unnamed repository; edit this file 'description' to name the repository.