1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2014 Tom Gundersen <teg@jklm.no>
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
21 #include <netinet/in.h>
23 #include <stdio_ext.h>
24 #include <sys/ioctl.h>
31 #include "alloc-util.h"
32 #include "dirent-util.h"
33 #include "dns-domain.h"
35 #include "fileio-label.h"
36 #include "hostname-util.h"
38 #include "netlink-util.h"
39 #include "network-internal.h"
40 #include "ordered-set.h"
41 #include "parse-util.h"
42 #include "random-util.h"
43 #include "resolved-bus.h"
44 #include "resolved-conf.h"
45 #include "resolved-dnssd.h"
46 #include "resolved-dns-stub.h"
47 #include "resolved-etc-hosts.h"
48 #include "resolved-llmnr.h"
49 #include "resolved-manager.h"
50 #include "resolved-mdns.h"
51 #include "resolved-resolv-conf.h"
52 #include "socket-util.h"
53 #include "string-table.h"
54 #include "string-util.h"
57 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
59 static int manager_process_link(sd_netlink
*rtnl
, sd_netlink_message
*mm
, void *userdata
) {
60 Manager
*m
= userdata
;
69 r
= sd_netlink_message_get_type(mm
, &type
);
73 r
= sd_rtnl_message_link_get_ifindex(mm
, &ifindex
);
77 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
85 r
= link_new(m
, &l
, ifindex
);
90 r
= link_process_rtnl(l
, mm
);
99 log_debug("Found new link %i/%s", ifindex
, l
->name
);
106 log_debug("Removing link %i/%s", l
->ifindex
, l
->name
);
117 log_warning_errno(r
, "Failed to process RTNL link message: %m");
121 static int manager_process_address(sd_netlink
*rtnl
, sd_netlink_message
*mm
, void *userdata
) {
122 Manager
*m
= userdata
;
123 union in_addr_union address
;
125 int r
, ifindex
, family
;
133 r
= sd_netlink_message_get_type(mm
, &type
);
137 r
= sd_rtnl_message_addr_get_ifindex(mm
, &ifindex
);
141 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
145 r
= sd_rtnl_message_addr_get_family(mm
, &family
);
152 r
= sd_netlink_message_read_in_addr(mm
, IFA_LOCAL
, &address
.in
);
154 r
= sd_netlink_message_read_in_addr(mm
, IFA_ADDRESS
, &address
.in
);
162 r
= sd_netlink_message_read_in6_addr(mm
, IFA_LOCAL
, &address
.in6
);
164 r
= sd_netlink_message_read_in6_addr(mm
, IFA_ADDRESS
, &address
.in6
);
175 a
= link_find_address(l
, family
, &address
);
182 r
= link_address_new(l
, &a
, family
, &address
);
187 r
= link_address_update_rtnl(a
, mm
);
194 link_address_free(a
);
201 log_warning_errno(r
, "Failed to process RTNL address message: %m");
205 static int manager_rtnl_listen(Manager
*m
) {
206 _cleanup_(sd_netlink_message_unrefp
) sd_netlink_message
*req
= NULL
, *reply
= NULL
;
207 sd_netlink_message
*i
;
212 /* First, subscribe to interfaces coming and going */
213 r
= sd_netlink_open(&m
->rtnl
);
217 r
= sd_netlink_attach_event(m
->rtnl
, m
->event
, SD_EVENT_PRIORITY_IMPORTANT
);
221 r
= sd_netlink_add_match(m
->rtnl
, RTM_NEWLINK
, manager_process_link
, m
);
225 r
= sd_netlink_add_match(m
->rtnl
, RTM_DELLINK
, manager_process_link
, m
);
229 r
= sd_netlink_add_match(m
->rtnl
, RTM_NEWADDR
, manager_process_address
, m
);
233 r
= sd_netlink_add_match(m
->rtnl
, RTM_DELADDR
, manager_process_address
, m
);
237 /* Then, enumerate all links */
238 r
= sd_rtnl_message_new_link(m
->rtnl
, &req
, RTM_GETLINK
, 0);
242 r
= sd_netlink_message_request_dump(req
, true);
246 r
= sd_netlink_call(m
->rtnl
, req
, 0, &reply
);
250 for (i
= reply
; i
; i
= sd_netlink_message_next(i
)) {
251 r
= manager_process_link(m
->rtnl
, i
, m
);
256 req
= sd_netlink_message_unref(req
);
257 reply
= sd_netlink_message_unref(reply
);
259 /* Finally, enumerate all addresses, too */
260 r
= sd_rtnl_message_new_addr(m
->rtnl
, &req
, RTM_GETADDR
, 0, AF_UNSPEC
);
264 r
= sd_netlink_message_request_dump(req
, true);
268 r
= sd_netlink_call(m
->rtnl
, req
, 0, &reply
);
272 for (i
= reply
; i
; i
= sd_netlink_message_next(i
)) {
273 r
= manager_process_address(m
->rtnl
, i
, m
);
281 static int on_network_event(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
282 Manager
*m
= userdata
;
289 sd_network_monitor_flush(m
->network_monitor
);
291 HASHMAP_FOREACH(l
, m
->links
, i
) {
294 log_warning_errno(r
, "Failed to update monitor information for %i: %m", l
->ifindex
);
297 (void) manager_write_resolv_conf(m
);
302 static int manager_network_monitor_listen(Manager
*m
) {
307 r
= sd_network_monitor_new(&m
->network_monitor
, NULL
);
311 fd
= sd_network_monitor_get_fd(m
->network_monitor
);
315 events
= sd_network_monitor_get_events(m
->network_monitor
);
319 r
= sd_event_add_io(m
->event
, &m
->network_event_source
, fd
, events
, &on_network_event
, m
);
323 r
= sd_event_source_set_priority(m
->network_event_source
, SD_EVENT_PRIORITY_IMPORTANT
+5);
327 (void) sd_event_source_set_description(m
->network_event_source
, "network-monitor");
332 static int determine_hostname(char **full_hostname
, char **llmnr_hostname
, char **mdns_hostname
) {
333 _cleanup_free_
char *h
= NULL
, *n
= NULL
;
335 _cleanup_free_
char *utf8
= NULL
;
339 char label
[DNS_LABEL_MAX
];
340 const char *p
, *decoded
;
343 assert(full_hostname
);
344 assert(llmnr_hostname
);
345 assert(mdns_hostname
);
347 /* Extract and normalize the first label of the locally configured hostname, and check it's not "localhost". */
349 r
= gethostname_strict(&h
);
351 return log_debug_errno(r
, "Can't determine system hostname: %m");
354 r
= dns_label_unescape(&p
, label
, sizeof label
);
356 return log_error_errno(r
, "Failed to unescape host name: %m");
358 log_error("Couldn't find a single label in hostname.");
363 r
= idn2_to_unicode_8z8z(label
, &utf8
, 0);
365 return log_error("Failed to undo IDNA: %s", idn2_strerror(r
));
366 assert(utf8_is_valid(utf8
));
371 k
= dns_label_undo_idna(label
, r
, label
, sizeof label
);
373 return log_error_errno(k
, "Failed to undo IDNA: %m");
377 if (!utf8_is_valid(label
)) {
378 log_error("System hostname is not UTF-8 clean.");
383 decoded
= label
; /* no decoding */
386 r
= dns_label_escape_new(decoded
, r
, &n
);
388 return log_error_errno(r
, "Failed to escape host name: %m");
390 if (is_localhost(n
)) {
391 log_debug("System hostname is 'localhost', ignoring.");
395 r
= dns_name_concat(n
, "local", mdns_hostname
);
397 return log_error_errno(r
, "Failed to determine mDNS hostname: %m");
399 *llmnr_hostname
= TAKE_PTR(n
);
400 *full_hostname
= TAKE_PTR(h
);
405 static const char *fallback_hostname(void) {
407 /* Determine the fall back hostname. For exposing this system to the outside world, we cannot have it to be
408 * "localhost" even if that's the compiled in hostname. In this case, let's revert to "linux" instead. */
410 if (is_localhost(FALLBACK_HOSTNAME
))
413 return FALLBACK_HOSTNAME
;
416 static int make_fallback_hostnames(char **full_hostname
, char **llmnr_hostname
, char **mdns_hostname
) {
417 _cleanup_free_
char *n
= NULL
, *m
= NULL
;
418 char label
[DNS_LABEL_MAX
], *h
;
422 assert(full_hostname
);
423 assert(llmnr_hostname
);
424 assert(mdns_hostname
);
426 p
= fallback_hostname();
427 r
= dns_label_unescape(&p
, label
, sizeof(label
));
429 return log_error_errno(r
, "Failed to unescape fallback host name: %m");
431 assert(r
> 0); /* The fallback hostname must have at least one label */
433 r
= dns_label_escape_new(label
, r
, &n
);
435 return log_error_errno(r
, "Failed to escape fallback hostname: %m");
437 r
= dns_name_concat(n
, "local", &m
);
439 return log_error_errno(r
, "Failed to concatenate mDNS hostname: %m");
441 h
= strdup(fallback_hostname());
445 *llmnr_hostname
= TAKE_PTR(n
);
446 *mdns_hostname
= TAKE_PTR(m
);
453 static int on_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
454 _cleanup_free_
char *full_hostname
= NULL
, *llmnr_hostname
= NULL
, *mdns_hostname
= NULL
;
455 Manager
*m
= userdata
;
460 r
= determine_hostname(&full_hostname
, &llmnr_hostname
, &mdns_hostname
);
462 return 0; /* ignore invalid hostnames */
464 if (streq(full_hostname
, m
->full_hostname
) &&
465 streq(llmnr_hostname
, m
->llmnr_hostname
) &&
466 streq(mdns_hostname
, m
->mdns_hostname
))
469 log_info("System hostname changed to '%s'.", full_hostname
);
471 free_and_replace(m
->full_hostname
, full_hostname
);
472 free_and_replace(m
->llmnr_hostname
, llmnr_hostname
);
473 free_and_replace(m
->mdns_hostname
, mdns_hostname
);
475 manager_refresh_rrs(m
);
480 static int manager_watch_hostname(Manager
*m
) {
485 m
->hostname_fd
= open("/proc/sys/kernel/hostname",
486 O_RDONLY
|O_CLOEXEC
|O_NONBLOCK
|O_NOCTTY
);
487 if (m
->hostname_fd
< 0) {
488 log_warning_errno(errno
, "Failed to watch hostname: %m");
492 r
= sd_event_add_io(m
->event
, &m
->hostname_event_source
, m
->hostname_fd
, 0, on_hostname_change
, m
);
495 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
496 m
->hostname_fd
= safe_close(m
->hostname_fd
);
498 return log_error_errno(r
, "Failed to add hostname event source: %m");
501 (void) sd_event_source_set_description(m
->hostname_event_source
, "hostname");
503 r
= determine_hostname(&m
->full_hostname
, &m
->llmnr_hostname
, &m
->mdns_hostname
);
505 log_info("Defaulting to hostname '%s'.", fallback_hostname());
507 r
= make_fallback_hostnames(&m
->full_hostname
, &m
->llmnr_hostname
, &m
->mdns_hostname
);
511 log_info("Using system hostname '%s'.", m
->full_hostname
);
516 static int manager_sigusr1(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
517 _cleanup_free_
char *buffer
= NULL
;
518 _cleanup_fclose_
FILE *f
= NULL
;
519 Manager
*m
= userdata
;
530 f
= open_memstream(&buffer
, &size
);
534 (void) __fsetlocking(f
, FSETLOCKING_BYCALLER
);
536 LIST_FOREACH(scopes
, scope
, m
->dns_scopes
)
537 dns_scope_dump(scope
, f
);
539 LIST_FOREACH(servers
, server
, m
->dns_servers
)
540 dns_server_dump(server
, f
);
541 LIST_FOREACH(servers
, server
, m
->fallback_dns_servers
)
542 dns_server_dump(server
, f
);
543 HASHMAP_FOREACH(l
, m
->links
, i
)
544 LIST_FOREACH(servers
, server
, l
->dns_servers
)
545 dns_server_dump(server
, f
);
547 if (fflush_and_check(f
) < 0)
550 log_dump(LOG_INFO
, buffer
);
554 static int manager_sigusr2(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
555 Manager
*m
= userdata
;
561 manager_flush_caches(m
);
566 static int manager_sigrtmin1(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
567 Manager
*m
= userdata
;
573 manager_reset_server_features(m
);
577 int manager_new(Manager
**ret
) {
578 _cleanup_(manager_freep
) Manager
*m
= NULL
;
583 m
= new0(Manager
, 1);
587 m
->llmnr_ipv4_udp_fd
= m
->llmnr_ipv6_udp_fd
= -1;
588 m
->llmnr_ipv4_tcp_fd
= m
->llmnr_ipv6_tcp_fd
= -1;
589 m
->mdns_ipv4_fd
= m
->mdns_ipv6_fd
= -1;
590 m
->dns_stub_udp_fd
= m
->dns_stub_tcp_fd
= -1;
593 m
->llmnr_support
= RESOLVE_SUPPORT_YES
;
594 m
->mdns_support
= RESOLVE_SUPPORT_YES
;
595 m
->dnssec_mode
= DEFAULT_DNSSEC_MODE
;
596 m
->enable_cache
= true;
597 m
->dns_stub_listener_mode
= DNS_STUB_LISTENER_UDP
;
598 m
->read_resolv_conf
= true;
599 m
->need_builtin_fallbacks
= true;
600 m
->etc_hosts_last
= m
->etc_hosts_mtime
= USEC_INFINITY
;
602 r
= dns_trust_anchor_load(&m
->trust_anchor
);
606 r
= manager_parse_config_file(m
);
608 log_warning_errno(r
, "Failed to parse configuration file: %m");
610 r
= sd_event_default(&m
->event
);
614 sd_event_add_signal(m
->event
, NULL
, SIGTERM
, NULL
, NULL
);
615 sd_event_add_signal(m
->event
, NULL
, SIGINT
, NULL
, NULL
);
617 sd_event_set_watchdog(m
->event
, true);
619 r
= manager_watch_hostname(m
);
625 log_warning_errno(r
, "Failed to load DNS-SD configuration files: %m");
627 r
= dns_scope_new(m
, &m
->unicast_scope
, NULL
, DNS_PROTOCOL_DNS
, AF_UNSPEC
);
631 r
= manager_network_monitor_listen(m
);
635 r
= manager_rtnl_listen(m
);
639 r
= manager_connect_bus(m
);
643 (void) sd_event_add_signal(m
->event
, &m
->sigusr1_event_source
, SIGUSR1
, manager_sigusr1
, m
);
644 (void) sd_event_add_signal(m
->event
, &m
->sigusr2_event_source
, SIGUSR2
, manager_sigusr2
, m
);
645 (void) sd_event_add_signal(m
->event
, &m
->sigrtmin1_event_source
, SIGRTMIN
+1, manager_sigrtmin1
, m
);
647 manager_cleanup_saved_user(m
);
654 int manager_start(Manager
*m
) {
659 r
= manager_dns_stub_start(m
);
666 Manager
*manager_free(Manager
*m
) {
673 dns_server_unlink_all(m
->dns_servers
);
674 dns_server_unlink_all(m
->fallback_dns_servers
);
675 dns_search_domain_unlink_all(m
->search_domains
);
677 while ((l
= hashmap_first(m
->links
)))
680 while (m
->dns_queries
)
681 dns_query_free(m
->dns_queries
);
683 dns_scope_free(m
->unicast_scope
);
685 /* At this point only orphaned streams should remain. All others should have been freed already by their
687 while (m
->dns_streams
)
688 dns_stream_unref(m
->dns_streams
);
690 hashmap_free(m
->links
);
691 hashmap_free(m
->dns_transactions
);
693 sd_event_source_unref(m
->network_event_source
);
694 sd_network_monitor_unref(m
->network_monitor
);
696 sd_netlink_unref(m
->rtnl
);
697 sd_event_source_unref(m
->rtnl_event_source
);
699 manager_llmnr_stop(m
);
700 manager_mdns_stop(m
);
701 manager_dns_stub_stop(m
);
703 sd_bus_slot_unref(m
->prepare_for_sleep_slot
);
704 sd_event_source_unref(m
->bus_retry_event_source
);
705 sd_bus_unref(m
->bus
);
707 sd_event_source_unref(m
->sigusr1_event_source
);
708 sd_event_source_unref(m
->sigusr2_event_source
);
709 sd_event_source_unref(m
->sigrtmin1_event_source
);
711 sd_event_unref(m
->event
);
713 dns_resource_key_unref(m
->llmnr_host_ipv4_key
);
714 dns_resource_key_unref(m
->llmnr_host_ipv6_key
);
715 dns_resource_key_unref(m
->mdns_host_ipv4_key
);
716 dns_resource_key_unref(m
->mdns_host_ipv6_key
);
718 sd_event_source_unref(m
->hostname_event_source
);
719 safe_close(m
->hostname_fd
);
721 free(m
->full_hostname
);
722 free(m
->llmnr_hostname
);
723 free(m
->mdns_hostname
);
725 while ((s
= hashmap_first(m
->dnssd_services
)))
726 dnssd_service_free(s
);
727 hashmap_free(m
->dnssd_services
);
729 dns_trust_anchor_flush(&m
->trust_anchor
);
730 manager_etc_hosts_flush(m
);
735 int manager_recv(Manager
*m
, int fd
, DnsProtocol protocol
, DnsPacket
**ret
) {
736 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
738 struct cmsghdr header
; /* For alignment */
739 uint8_t buffer
[CMSG_SPACE(MAXSIZE(struct in_pktinfo
, struct in6_pktinfo
))
740 + CMSG_SPACE(int) /* ttl/hoplimit */
741 + EXTRA_CMSG_SPACE
/* kernel appears to require extra buffer space */];
743 union sockaddr_union sa
;
744 struct msghdr mh
= {};
745 struct cmsghdr
*cmsg
;
754 ms
= next_datagram_size_fd(fd
);
758 r
= dns_packet_new(&p
, protocol
, ms
, DNS_PACKET_SIZE_MAX
);
762 iov
.iov_base
= DNS_PACKET_DATA(p
);
763 iov
.iov_len
= p
->allocated
;
765 mh
.msg_name
= &sa
.sa
;
766 mh
.msg_namelen
= sizeof(sa
);
769 mh
.msg_control
= &control
;
770 mh
.msg_controllen
= sizeof(control
);
772 l
= recvmsg(fd
, &mh
, 0);
776 if (IN_SET(errno
, EAGAIN
, EINTR
))
782 assert(!(mh
.msg_flags
& MSG_CTRUNC
));
783 assert(!(mh
.msg_flags
& MSG_TRUNC
));
785 p
->size
= (size_t) l
;
787 p
->family
= sa
.sa
.sa_family
;
788 p
->ipproto
= IPPROTO_UDP
;
789 if (p
->family
== AF_INET
) {
790 p
->sender
.in
= sa
.in
.sin_addr
;
791 p
->sender_port
= be16toh(sa
.in
.sin_port
);
792 } else if (p
->family
== AF_INET6
) {
793 p
->sender
.in6
= sa
.in6
.sin6_addr
;
794 p
->sender_port
= be16toh(sa
.in6
.sin6_port
);
795 p
->ifindex
= sa
.in6
.sin6_scope_id
;
797 return -EAFNOSUPPORT
;
799 CMSG_FOREACH(cmsg
, &mh
) {
801 if (cmsg
->cmsg_level
== IPPROTO_IPV6
) {
802 assert(p
->family
== AF_INET6
);
804 switch (cmsg
->cmsg_type
) {
807 struct in6_pktinfo
*i
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
810 p
->ifindex
= i
->ipi6_ifindex
;
812 p
->destination
.in6
= i
->ipi6_addr
;
817 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
821 } else if (cmsg
->cmsg_level
== IPPROTO_IP
) {
822 assert(p
->family
== AF_INET
);
824 switch (cmsg
->cmsg_type
) {
827 struct in_pktinfo
*i
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
830 p
->ifindex
= i
->ipi_ifindex
;
832 p
->destination
.in
= i
->ipi_addr
;
837 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
843 /* The Linux kernel sets the interface index to the loopback
844 * device if the packet came from the local host since it
845 * avoids the routing table in such a case. Let's unset the
846 * interface index in such a case. */
847 if (p
->ifindex
== LOOPBACK_IFINDEX
)
850 if (protocol
!= DNS_PROTOCOL_DNS
) {
851 /* If we don't know the interface index still, we look for the
852 * first local interface with a matching address. Yuck! */
854 p
->ifindex
= manager_find_ifindex(m
, p
->family
, &p
->destination
);
862 static int sendmsg_loop(int fd
, struct msghdr
*mh
, int flags
) {
869 if (sendmsg(fd
, mh
, flags
) >= 0)
878 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
886 static int write_loop(int fd
, void *message
, size_t length
) {
893 if (write(fd
, message
, length
) >= 0)
902 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
910 int manager_write(Manager
*m
, int fd
, DnsPacket
*p
) {
913 log_debug("Sending %s packet with id %" PRIu16
".", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
));
915 r
= write_loop(fd
, DNS_PACKET_DATA(p
), p
->size
);
922 static int manager_ipv4_send(
926 const struct in_addr
*destination
,
928 const struct in_addr
*source
,
930 union sockaddr_union sa
= {
931 .in
.sin_family
= AF_INET
,
934 struct cmsghdr header
; /* For alignment */
935 uint8_t buffer
[CMSG_SPACE(sizeof(struct in_pktinfo
))];
937 struct msghdr mh
= {};
946 iov
.iov_base
= DNS_PACKET_DATA(p
);
947 iov
.iov_len
= p
->size
;
949 sa
.in
.sin_addr
= *destination
;
950 sa
.in
.sin_port
= htobe16(port
),
954 mh
.msg_name
= &sa
.sa
;
955 mh
.msg_namelen
= sizeof(sa
.in
);
958 struct cmsghdr
*cmsg
;
959 struct in_pktinfo
*pi
;
963 mh
.msg_control
= &control
;
964 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in_pktinfo
));
966 cmsg
= CMSG_FIRSTHDR(&mh
);
967 cmsg
->cmsg_len
= mh
.msg_controllen
;
968 cmsg
->cmsg_level
= IPPROTO_IP
;
969 cmsg
->cmsg_type
= IP_PKTINFO
;
971 pi
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
972 pi
->ipi_ifindex
= ifindex
;
975 pi
->ipi_spec_dst
= *source
;
978 return sendmsg_loop(fd
, &mh
, 0);
981 static int manager_ipv6_send(
985 const struct in6_addr
*destination
,
987 const struct in6_addr
*source
,
990 union sockaddr_union sa
= {
991 .in6
.sin6_family
= AF_INET6
,
994 struct cmsghdr header
; /* For alignment */
995 uint8_t buffer
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
997 struct msghdr mh
= {};
1002 assert(destination
);
1006 iov
.iov_base
= DNS_PACKET_DATA(p
);
1007 iov
.iov_len
= p
->size
;
1009 sa
.in6
.sin6_addr
= *destination
;
1010 sa
.in6
.sin6_port
= htobe16(port
),
1011 sa
.in6
.sin6_scope_id
= ifindex
;
1015 mh
.msg_name
= &sa
.sa
;
1016 mh
.msg_namelen
= sizeof(sa
.in6
);
1019 struct cmsghdr
*cmsg
;
1020 struct in6_pktinfo
*pi
;
1024 mh
.msg_control
= &control
;
1025 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in6_pktinfo
));
1027 cmsg
= CMSG_FIRSTHDR(&mh
);
1028 cmsg
->cmsg_len
= mh
.msg_controllen
;
1029 cmsg
->cmsg_level
= IPPROTO_IPV6
;
1030 cmsg
->cmsg_type
= IPV6_PKTINFO
;
1032 pi
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
1033 pi
->ipi6_ifindex
= ifindex
;
1036 pi
->ipi6_addr
= *source
;
1039 return sendmsg_loop(fd
, &mh
, 0);
1047 const union in_addr_union
*destination
,
1049 const union in_addr_union
*source
,
1054 assert(destination
);
1058 log_debug("Sending %s packet with id %" PRIu16
" on interface %i/%s.", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
), ifindex
, af_to_name(family
));
1060 if (family
== AF_INET
)
1061 return manager_ipv4_send(m
, fd
, ifindex
, &destination
->in
, port
, &source
->in
, p
);
1062 if (family
== AF_INET6
)
1063 return manager_ipv6_send(m
, fd
, ifindex
, &destination
->in6
, port
, &source
->in6
, p
);
1065 return -EAFNOSUPPORT
;
1068 uint32_t manager_find_mtu(Manager
*m
) {
1073 /* If we don't know on which link a DNS packet would be
1074 * delivered, let's find the largest MTU that works on all
1075 * interfaces we know of */
1077 HASHMAP_FOREACH(l
, m
->links
, i
) {
1081 if (mtu
<= 0 || l
->mtu
< mtu
)
1088 int manager_find_ifindex(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1093 a
= manager_find_link_address(m
, family
, in_addr
);
1095 return a
->link
->ifindex
;
1100 void manager_refresh_rrs(Manager
*m
) {
1107 m
->llmnr_host_ipv4_key
= dns_resource_key_unref(m
->llmnr_host_ipv4_key
);
1108 m
->llmnr_host_ipv6_key
= dns_resource_key_unref(m
->llmnr_host_ipv6_key
);
1109 m
->mdns_host_ipv4_key
= dns_resource_key_unref(m
->mdns_host_ipv4_key
);
1110 m
->mdns_host_ipv6_key
= dns_resource_key_unref(m
->mdns_host_ipv6_key
);
1112 if (m
->mdns_support
== RESOLVE_SUPPORT_YES
)
1113 HASHMAP_FOREACH(s
, m
->dnssd_services
, i
)
1114 if (dnssd_update_rrs(s
) < 0)
1115 log_warning("Failed to refresh DNS-SD service '%s'", s
->name
);
1117 HASHMAP_FOREACH(l
, m
->links
, i
) {
1118 link_add_rrs(l
, true);
1119 link_add_rrs(l
, false);
1123 static int manager_next_random_name(const char *old
, char **ret_new
) {
1132 if (!strchr(DIGITS
, p
[-1]))
1138 if (*p
== 0 || safe_atou64(p
, &u
) < 0 || u
<= 0)
1141 /* Add a random number to the old value. This way we can avoid
1142 * that two hosts pick the same hostname, win on IPv4 and lose
1143 * on IPv6 (or vice versa), and pick the same hostname
1144 * replacement hostname, ad infinitum. We still want the
1145 * numbers to go up monotonically, hence we just add a random
1148 random_bytes(&a
, sizeof(a
));
1151 if (asprintf(&n
, "%.*s%" PRIu64
, (int) (p
- old
), old
, u
) < 0)
1159 int manager_next_hostname(Manager
*m
) {
1160 _cleanup_free_
char *h
= NULL
, *k
= NULL
;
1165 r
= manager_next_random_name(m
->llmnr_hostname
, &h
);
1169 r
= dns_name_concat(h
, "local", &k
);
1173 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m
->llmnr_hostname
, h
);
1175 free_and_replace(m
->llmnr_hostname
, h
);
1176 free_and_replace(m
->mdns_hostname
, k
);
1178 manager_refresh_rrs(m
);
1183 LinkAddress
* manager_find_link_address(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1189 HASHMAP_FOREACH(l
, m
->links
, i
) {
1192 a
= link_find_address(l
, family
, in_addr
);
1200 bool manager_our_packet(Manager
*m
, DnsPacket
*p
) {
1204 return !!manager_find_link_address(m
, p
->family
, &p
->sender
);
1207 DnsScope
* manager_find_scope(Manager
*m
, DnsPacket
*p
) {
1213 l
= hashmap_get(m
->links
, INT_TO_PTR(p
->ifindex
));
1217 switch (p
->protocol
) {
1218 case DNS_PROTOCOL_LLMNR
:
1219 if (p
->family
== AF_INET
)
1220 return l
->llmnr_ipv4_scope
;
1221 else if (p
->family
== AF_INET6
)
1222 return l
->llmnr_ipv6_scope
;
1226 case DNS_PROTOCOL_MDNS
:
1227 if (p
->family
== AF_INET
)
1228 return l
->mdns_ipv4_scope
;
1229 else if (p
->family
== AF_INET6
)
1230 return l
->mdns_ipv6_scope
;
1241 void manager_verify_all(Manager
*m
) {
1246 LIST_FOREACH(scopes
, s
, m
->dns_scopes
)
1247 dns_zone_verify_all(&s
->zone
);
1250 int manager_is_own_hostname(Manager
*m
, const char *name
) {
1256 if (m
->llmnr_hostname
) {
1257 r
= dns_name_equal(name
, m
->llmnr_hostname
);
1262 if (m
->mdns_hostname
) {
1263 r
= dns_name_equal(name
, m
->mdns_hostname
);
1268 if (m
->full_hostname
)
1269 return dns_name_equal(name
, m
->full_hostname
);
1274 int manager_compile_dns_servers(Manager
*m
, OrderedSet
**dns
) {
1283 r
= ordered_set_ensure_allocated(dns
, &dns_server_hash_ops
);
1287 /* First add the system-wide servers and domains */
1288 LIST_FOREACH(servers
, s
, m
->dns_servers
) {
1289 r
= ordered_set_put(*dns
, s
);
1296 /* Then, add the per-link servers */
1297 HASHMAP_FOREACH(l
, m
->links
, i
) {
1298 LIST_FOREACH(servers
, s
, l
->dns_servers
) {
1299 r
= ordered_set_put(*dns
, s
);
1307 /* If we found nothing, add the fallback servers */
1308 if (ordered_set_isempty(*dns
)) {
1309 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
) {
1310 r
= ordered_set_put(*dns
, s
);
1321 /* filter_route is a tri-state:
1323 * = 0 or false: return only domains which should be used for searching
1324 * > 0 or true: return only domains which are for routing only
1326 int manager_compile_search_domains(Manager
*m
, OrderedSet
**domains
, int filter_route
) {
1335 r
= ordered_set_ensure_allocated(domains
, &dns_name_hash_ops
);
1339 LIST_FOREACH(domains
, d
, m
->search_domains
) {
1341 if (filter_route
>= 0 &&
1342 d
->route_only
!= !!filter_route
)
1345 r
= ordered_set_put(*domains
, d
->name
);
1352 HASHMAP_FOREACH(l
, m
->links
, i
) {
1354 LIST_FOREACH(domains
, d
, l
->search_domains
) {
1356 if (filter_route
>= 0 &&
1357 d
->route_only
!= !!filter_route
)
1360 r
= ordered_set_put(*domains
, d
->name
);
1371 DnssecMode
manager_get_dnssec_mode(Manager
*m
) {
1374 if (m
->dnssec_mode
!= _DNSSEC_MODE_INVALID
)
1375 return m
->dnssec_mode
;
1380 bool manager_dnssec_supported(Manager
*m
) {
1387 if (manager_get_dnssec_mode(m
) == DNSSEC_NO
)
1390 server
= manager_get_dns_server(m
);
1391 if (server
&& !dns_server_dnssec_supported(server
))
1394 HASHMAP_FOREACH(l
, m
->links
, i
)
1395 if (!link_dnssec_supported(l
))
1401 void manager_dnssec_verdict(Manager
*m
, DnssecVerdict verdict
, const DnsResourceKey
*key
) {
1403 assert(verdict
>= 0);
1404 assert(verdict
< _DNSSEC_VERDICT_MAX
);
1406 if (DEBUG_LOGGING
) {
1407 char s
[DNS_RESOURCE_KEY_STRING_MAX
];
1409 log_debug("Found verdict for lookup %s: %s",
1410 dns_resource_key_to_string(key
, s
, sizeof s
),
1411 dnssec_verdict_to_string(verdict
));
1414 m
->n_dnssec_verdict
[verdict
]++;
1417 bool manager_routable(Manager
*m
, int family
) {
1423 /* Returns true if the host has at least one interface with a routable address of the specified type */
1425 HASHMAP_FOREACH(l
, m
->links
, i
)
1426 if (link_relevant(l
, family
, false))
1432 void manager_flush_caches(Manager
*m
) {
1437 LIST_FOREACH(scopes
, scope
, m
->dns_scopes
)
1438 dns_cache_flush(&scope
->cache
);
1440 log_info("Flushed all caches.");
1443 void manager_reset_server_features(Manager
*m
) {
1447 dns_server_reset_features_all(m
->dns_servers
);
1448 dns_server_reset_features_all(m
->fallback_dns_servers
);
1450 HASHMAP_FOREACH(l
, m
->links
, i
)
1451 dns_server_reset_features_all(l
->dns_servers
);
1453 log_info("Resetting learnt feature levels on all servers.");
1456 void manager_cleanup_saved_user(Manager
*m
) {
1457 _cleanup_closedir_
DIR *d
= NULL
;
1463 /* Clean up all saved per-link files in /run/systemd/resolve/netif/ that don't have a matching interface
1464 * anymore. These files are created to persist settings pushed in by the user via the bus, so that resolved can
1465 * be restarted without losing this data. */
1467 d
= opendir("/run/systemd/resolve/netif/");
1469 if (errno
== ENOENT
)
1472 log_warning_errno(errno
, "Failed to open interface directory: %m");
1476 FOREACH_DIRENT_ALL(de
, d
, log_error_errno(errno
, "Failed to read interface directory: %m")) {
1477 _cleanup_free_
char *p
= NULL
;
1481 if (!IN_SET(de
->d_type
, DT_UNKNOWN
, DT_REG
))
1484 if (dot_or_dot_dot(de
->d_name
))
1487 r
= parse_ifindex(de
->d_name
, &ifindex
);
1488 if (r
< 0) /* Probably some temporary file from a previous run. Delete it */
1491 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
1492 if (!l
) /* link vanished */
1495 if (l
->is_managed
) /* now managed by networkd, hence the bus settings are useless */
1501 p
= strappend("/run/systemd/resolve/netif/", de
->d_name
);
1511 bool manager_next_dnssd_names(Manager
*m
) {
1519 HASHMAP_FOREACH(s
, m
->dnssd_services
, i
) {
1520 _cleanup_free_
char * new_name
= NULL
;
1525 r
= manager_next_random_name(s
->name_template
, &new_name
);
1527 log_warning_errno(r
, "Failed to get new name for service '%s': %m", s
->name
);
1531 free_and_replace(s
->name_template
, new_name
);
1533 s
->withdrawn
= false;
1539 manager_refresh_rrs(m
);