]> git.ipfire.org Git - people/ms/dnsmasq.git/blob - src/dnsmasq.c
projects / people / ms / dnsmasq.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
import of dnsmasq-2.57.tar.gz
[people/ms/dnsmasq.git] / src / dnsmasq.c
1 /* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
7
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
12
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
15 */
16
17 #include "dnsmasq.h"
18
19 struct daemon *daemon;
20
21 static char *compile_opts =
22 #ifndef HAVE_IPV6
23 "no-"
24 #endif
25 "IPv6 "
26 #ifndef HAVE_GETOPT_LONG
27 "no-"
28 #endif
29 "GNU-getopt "
30 #ifdef HAVE_BROKEN_RTC
31 "no-RTC "
32 #endif
33 #ifdef NO_FORK
34 "no-MMU "
35 #endif
36 #ifndef HAVE_DBUS
37 "no-"
38 #endif
39 "DBus "
40 #ifndef LOCALEDIR
41 "no-"
42 #endif
43 "I18N "
44 #ifndef HAVE_DHCP
45 "no-"
46 #endif
47 "DHCP "
48 #if defined(HAVE_DHCP) && !defined(HAVE_SCRIPT)
49 "no-scripts "
50 #endif
51 #ifndef HAVE_TFTP
52 "no-"
53 #endif
54 "TFTP "
55 #if !defined(LOCALEDIR) && !defined(HAVE_IDN)
56 "no-"
57 #endif
58 "IDN";
59
60
61 static volatile pid_t pid = 0;
62 static volatile int pipewrite;
63
64 static int set_dns_listeners(time_t now, fd_set *set, int *maxfdp);
65 static void check_dns_listeners(fd_set *set, time_t now);
66 static void sig_handler(int sig);
67 static void async_event(int pipe, time_t now);
68 static void fatal_event(struct event_desc *ev);
69
70 int main (int argc, char **argv)
71 {
72 int bind_fallback = 0;
73 time_t now;
74 struct sigaction sigact;
75 struct iname *if_tmp;
76 int piperead, pipefd[2], err_pipe[2];
77 struct passwd *ent_pw = NULL;
78 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
79 uid_t script_uid = 0;
80 gid_t script_gid = 0;
81 #endif
82 struct group *gp = NULL;
83 long i, max_fd = sysconf(_SC_OPEN_MAX);
84 char *baduser = NULL;
85 int log_err;
86 #if defined(HAVE_LINUX_NETWORK)
87 cap_user_header_t hdr = NULL;
88 cap_user_data_t data = NULL;
89 #endif
90
91 #ifdef LOCALEDIR
92 setlocale(LC_ALL, "");
93 bindtextdomain("dnsmasq", LOCALEDIR);
94 textdomain("dnsmasq");
95 #endif
96
97 sigact.sa_handler = sig_handler;
98 sigact.sa_flags = 0;
99 sigemptyset(&sigact.sa_mask);
100 sigaction(SIGUSR1, &sigact, NULL);
101 sigaction(SIGUSR2, &sigact, NULL);
102 sigaction(SIGHUP, &sigact, NULL);
103 sigaction(SIGTERM, &sigact, NULL);
104 sigaction(SIGALRM, &sigact, NULL);
105 sigaction(SIGCHLD, &sigact, NULL);
106
107 /* ignore SIGPIPE */
108 sigact.sa_handler = SIG_IGN;
109 sigaction(SIGPIPE, &sigact, NULL);
110
111 umask(022); /* known umask, create leases and pid files as 0644 */
112
113 read_opts(argc, argv, compile_opts);
114
115 if (daemon->edns_pktsz < PACKETSZ)
116 daemon->edns_pktsz = PACKETSZ;
117 daemon->packet_buff_sz = daemon->edns_pktsz > DNSMASQ_PACKETSZ ?
118 daemon->edns_pktsz : DNSMASQ_PACKETSZ;
119 daemon->packet = safe_malloc(daemon->packet_buff_sz);
120
121 #ifdef HAVE_DHCP
122 if (!daemon->lease_file)
123 {
124 if (daemon->dhcp)
125 daemon->lease_file = LEASEFILE;
126 }
127 #endif
128
129 /* Close any file descriptors we inherited apart from std{in|out|err} */
130 for (i = 0; i < max_fd; i++)
131 if (i != STDOUT_FILENO && i != STDERR_FILENO && i != STDIN_FILENO)
132 close(i);
133
134 #ifdef HAVE_LINUX_NETWORK
135 netlink_init();
136 #elif !(defined(IP_RECVDSTADDR) && \
137 defined(IP_RECVIF) && \
138 defined(IP_SENDSRCADDR))
139 if (!option_bool(OPT_NOWILD))
140 {
141 bind_fallback = 1;
142 set_option_bool(OPT_NOWILD);
143 }
144 #endif
145
146 #ifndef HAVE_TFTP
147 if (daemon->tftp_unlimited || daemon->tftp_interfaces)
148 die(_("TFTP server not available: set HAVE_TFTP in src/config.h"), NULL, EC_BADCONF);
149 #endif
150
151 #ifdef HAVE_SOLARIS_NETWORK
152 if (daemon->max_logs != 0)
153 die(_("asychronous logging is not available under Solaris"), NULL, EC_BADCONF);
154 #endif
155
156 #ifdef __ANDROID__
157 if (daemon->max_logs != 0)
158 die(_("asychronous logging is not available under Android"), NULL, EC_BADCONF);
159 #endif
160
161 rand_init();
162
163 now = dnsmasq_time();
164
165 #ifdef HAVE_DHCP
166 if (daemon->dhcp)
167 {
168 /* Note that order matters here, we must call lease_init before
169 creating any file descriptors which shouldn't be leaked
170 to the lease-script init process. */
171 lease_init(now);
172 dhcp_init();
173 }
174 #endif
175
176 if (!enumerate_interfaces())
177 die(_("failed to find list of interfaces: %s"), NULL, EC_MISC);
178
179 if (option_bool(OPT_NOWILD))
180 {
181 daemon->listeners = create_bound_listeners();
182
183 for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
184 if (if_tmp->name && !if_tmp->used)
185 die(_("unknown interface %s"), if_tmp->name, EC_BADNET);
186
187 for (if_tmp = daemon->if_addrs; if_tmp; if_tmp = if_tmp->next)
188 if (!if_tmp->used)
189 {
190 prettyprint_addr(&if_tmp->addr, daemon->namebuff);
191 die(_("no interface with address %s"), daemon->namebuff, EC_BADNET);
192 }
193 }
194 else
195 daemon->listeners = create_wildcard_listeners();
196
197 if (daemon->port != 0)
198 cache_init();
199
200 if (option_bool(OPT_DBUS))
201 #ifdef HAVE_DBUS
202 {
203 char *err;
204 daemon->dbus = NULL;
205 daemon->watches = NULL;
206 if ((err = dbus_init()))
207 die(_("DBus error: %s"), err, EC_MISC);
208 }
209 #else
210 die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL, EC_BADCONF);
211 #endif
212
213 if (daemon->port != 0)
214 pre_allocate_sfds();
215
216 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
217 /* Note getpwnam returns static storage */
218 if (daemon->dhcp && daemon->lease_change_command && daemon->scriptuser)
219 {
220 if ((ent_pw = getpwnam(daemon->scriptuser)))
221 {
222 script_uid = ent_pw->pw_uid;
223 script_gid = ent_pw->pw_gid;
224 }
225 else
226 baduser = daemon->scriptuser;
227 }
228 #endif
229
230 if (daemon->username && !(ent_pw = getpwnam(daemon->username)))
231 baduser = daemon->username;
232 else if (daemon->groupname && !(gp = getgrnam(daemon->groupname)))
233 baduser = daemon->groupname;
234
235 if (baduser)
236 die(_("unknown user or group: %s"), baduser, EC_BADCONF);
237
238 /* implement group defaults, "dip" if available, or group associated with uid */
239 if (!daemon->group_set && !gp)
240 {
241 if (!(gp = getgrnam(CHGRP)) && ent_pw)
242 gp = getgrgid(ent_pw->pw_gid);
243
244 /* for error message */
245 if (gp)
246 daemon->groupname = gp->gr_name;
247 }
248
249 #if defined(HAVE_LINUX_NETWORK)
250 /* determine capability API version here, while we can still
251 call safe_malloc */
252 if (ent_pw && ent_pw->pw_uid != 0)
253 {
254 int capsize = 1; /* for header version 1 */
255 hdr = safe_malloc(sizeof(*hdr));
256
257 /* find version supported by kernel */
258 memset(hdr, 0, sizeof(*hdr));
259 capget(hdr, NULL);
260
261 if (hdr->version != LINUX_CAPABILITY_VERSION_1)
262 {
263 /* if unknown version, use largest supported version (3) */
264 if (hdr->version != LINUX_CAPABILITY_VERSION_2)
265 hdr->version = LINUX_CAPABILITY_VERSION_3;
266 capsize = 2;
267 }
268
269 data = safe_malloc(sizeof(*data) * capsize);
270 memset(data, 0, sizeof(*data) * capsize);
271 }
272 #endif
273
274 /* Use a pipe to carry signals and other events back to the event loop
275 in a race-free manner and another to carry errors to daemon-invoking process */
276 safe_pipe(pipefd, 1);
277
278 piperead = pipefd[0];
279 pipewrite = pipefd[1];
280 /* prime the pipe to load stuff first time. */
281 send_event(pipewrite, EVENT_RELOAD, 0);
282
283 err_pipe[1] = -1;
284
285 if (!option_bool(OPT_DEBUG))
286 {
287 /* The following code "daemonizes" the process.
288 See Stevens section 12.4 */
289
290 if (chdir("/") != 0)
291 die(_("cannot chdir to filesystem root: %s"), NULL, EC_MISC);
292
293 #ifndef NO_FORK
294 if (!option_bool(OPT_NO_FORK))
295 {
296 pid_t pid;
297
298 /* pipe to carry errors back to original process.
299 When startup is complete we close this and the process terminates. */
300 safe_pipe(err_pipe, 0);
301
302 if ((pid = fork()) == -1)
303 /* fd == -1 since we've not forked, never returns. */
304 send_event(-1, EVENT_FORK_ERR, errno);
305
306 if (pid != 0)
307 {
308 struct event_desc ev;
309
310 /* close our copy of write-end */
311 close(err_pipe[1]);
312
313 /* check for errors after the fork */
314 if (read_write(err_pipe[0], (unsigned char *)&ev, sizeof(ev), 1))
315 fatal_event(&ev);
316
317 _exit(EC_GOOD);
318 }
319
320 close(err_pipe[0]);
321
322 /* NO calls to die() from here on. */
323
324 setsid();
325
326 if ((pid = fork()) == -1)
327 send_event(err_pipe[1], EVENT_FORK_ERR, errno);
328
329 if (pid != 0)
330 _exit(0);
331 }
332 #endif
333
334 /* write pidfile _after_ forking ! */
335 if (daemon->runfile)
336 {
337 FILE *pidfile;
338
339 /* only complain if started as root */
340 if ((pidfile = fopen(daemon->runfile, "w")))
341 {
342 fprintf(pidfile, "%d\n", (int) getpid());
343 fclose(pidfile);
344 }
345 else if (getuid() == 0)
346 {
347 send_event(err_pipe[1], EVENT_PIDFILE, errno);
348 _exit(0);
349 }
350 }
351 }
352
353 log_err = log_start(ent_pw, err_pipe[1]);
354
355 if (!option_bool(OPT_DEBUG))
356 {
357 /* open stdout etc to /dev/null */
358 int nullfd = open("/dev/null", O_RDWR);
359 dup2(nullfd, STDOUT_FILENO);
360 dup2(nullfd, STDERR_FILENO);
361 dup2(nullfd, STDIN_FILENO);
362 close(nullfd);
363 }
364
365 /* if we are to run scripts, we need to fork a helper before dropping root. */
366 daemon->helperfd = -1;
367 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
368 if (daemon->dhcp && daemon->lease_change_command)
369 daemon->helperfd = create_helper(pipewrite, err_pipe[1], script_uid, script_gid, max_fd);
370 #endif
371
372 if (!option_bool(OPT_DEBUG) && getuid() == 0)
373 {
374 int bad_capabilities = 0;
375 gid_t dummy;
376
377 /* remove all supplimentary groups */
378 if (gp &&
379 (setgroups(0, &dummy) == -1 ||
380 setgid(gp->gr_gid) == -1))
381 {
382 send_event(err_pipe[1], EVENT_GROUP_ERR, errno);
383 _exit(0);
384 }
385
386 if (ent_pw && ent_pw->pw_uid != 0)
387 {
388 #if defined(HAVE_LINUX_NETWORK)
389 /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
390 CAP_NET_RAW (for icmp) if we're doing dhcp */
391 data->effective = data->permitted = data->inheritable =
392 (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID);
393
394 /* Tell kernel to not clear capabilities when dropping root */
395 if (capset(hdr, data) == -1 || prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1)
396 bad_capabilities = errno;
397
398 #elif defined(HAVE_SOLARIS_NETWORK)
399 /* http://developers.sun.com/solaris/articles/program_privileges.html */
400 priv_set_t *priv_set;
401
402 if (!(priv_set = priv_str_to_set("basic", ",", NULL)) ||
403 priv_addset(priv_set, PRIV_NET_ICMPACCESS) == -1 ||
404 priv_addset(priv_set, PRIV_SYS_NET_CONFIG) == -1)
405 bad_capabilities = errno;
406
407 if (priv_set && bad_capabilities == 0)
408 {
409 priv_inverse(priv_set);
410
411 if (setppriv(PRIV_OFF, PRIV_LIMIT, priv_set) == -1)
412 bad_capabilities = errno;
413 }
414
415 if (priv_set)
416 priv_freeset(priv_set);
417
418 #endif
419
420 if (bad_capabilities != 0)
421 {
422 send_event(err_pipe[1], EVENT_CAP_ERR, bad_capabilities);
423 _exit(0);
424 }
425
426 /* finally drop root */
427 if (setuid(ent_pw->pw_uid) == -1)
428 {
429 send_event(err_pipe[1], EVENT_USER_ERR, errno);
430 _exit(0);
431 }
432
433 #ifdef HAVE_LINUX_NETWORK
434 data->effective = data->permitted =
435 (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW);
436 data->inheritable = 0;
437
438 /* lose the setuid and setgid capbilities */
439 if (capset(hdr, data) == -1)
440 {
441 send_event(err_pipe[1], EVENT_CAP_ERR, errno);
442 _exit(0);
443 }
444 #endif
445
446 }
447 }
448
449 #ifdef HAVE_LINUX_NETWORK
450 if (option_bool(OPT_DEBUG))
451 prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
452 #endif
453
454 if (daemon->port == 0)
455 my_syslog(LOG_INFO, _("started, version %s DNS disabled"), VERSION);
456 else if (daemon->cachesize != 0)
457 my_syslog(LOG_INFO, _("started, version %s cachesize %d"), VERSION, daemon->cachesize);
458 else
459 my_syslog(LOG_INFO, _("started, version %s cache disabled"), VERSION);
460
461 my_syslog(LOG_INFO, _("compile time options: %s"), compile_opts);
462
463 #ifdef HAVE_DBUS
464 if (option_bool(OPT_DBUS))
465 {
466 if (daemon->dbus)
467 my_syslog(LOG_INFO, _("DBus support enabled: connected to system bus"));
468 else
469 my_syslog(LOG_INFO, _("DBus support enabled: bus connection pending"));
470 }
471 #endif
472
473 if (log_err != 0)
474 my_syslog(LOG_WARNING, _("warning: failed to change owner of %s: %s"),
475 daemon->log_file, strerror(log_err));
476
477 if (bind_fallback)
478 my_syslog(LOG_WARNING, _("setting --bind-interfaces option because of OS limitations"));
479
480 if (!option_bool(OPT_NOWILD))
481 for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
482 if (if_tmp->name && !if_tmp->used)
483 my_syslog(LOG_WARNING, _("warning: interface %s does not currently exist"), if_tmp->name);
484
485 if (daemon->port != 0 && option_bool(OPT_NO_RESOLV))
486 {
487 if (daemon->resolv_files && !daemon->resolv_files->is_default)
488 my_syslog(LOG_WARNING, _("warning: ignoring resolv-file flag because no-resolv is set"));
489 daemon->resolv_files = NULL;
490 if (!daemon->servers)
491 my_syslog(LOG_WARNING, _("warning: no upstream servers configured"));
492 }
493
494 if (daemon->max_logs != 0)
495 my_syslog(LOG_INFO, _("asynchronous logging enabled, queue limit is %d messages"), daemon->max_logs);
496
497 #ifdef HAVE_DHCP
498 if (daemon->dhcp)
499 {
500 struct dhcp_context *dhcp_tmp;
501
502 for (dhcp_tmp = daemon->dhcp; dhcp_tmp; dhcp_tmp = dhcp_tmp->next)
503 {
504 prettyprint_time(daemon->dhcp_buff2, dhcp_tmp->lease_time);
505 strcpy(daemon->dhcp_buff, inet_ntoa(dhcp_tmp->start));
506 my_syslog(MS_DHCP | LOG_INFO,
507 (dhcp_tmp->flags & CONTEXT_STATIC) ?
508 _("DHCP, static leases only on %.0s%s, lease time %s") :
509 (dhcp_tmp->flags & CONTEXT_PROXY) ?
510 _("DHCP, proxy on subnet %.0s%s%.0s") :
511 _("DHCP, IP range %s -- %s, lease time %s"),
512 daemon->dhcp_buff, inet_ntoa(dhcp_tmp->end), daemon->dhcp_buff2);
513 }
514 }
515 #endif
516
517 #ifdef HAVE_TFTP
518 if (daemon->tftp_unlimited || daemon->tftp_interfaces)
519 {
520 #ifdef FD_SETSIZE
521 if (FD_SETSIZE < (unsigned)max_fd)
522 max_fd = FD_SETSIZE;
523 #endif
524
525 my_syslog(MS_TFTP | LOG_INFO, "TFTP %s%s %s",
526 daemon->tftp_prefix ? _("root is ") : _("enabled"),
527 daemon->tftp_prefix ? daemon->tftp_prefix: "",
528 option_bool(OPT_TFTP_SECURE) ? _("secure mode") : "");
529
530 /* This is a guess, it assumes that for small limits,
531 disjoint files might be served, but for large limits,
532 a single file will be sent to may clients (the file only needs
533 one fd). */
534
535 max_fd -= 30; /* use other than TFTP */
536
537 if (max_fd < 0)
538 max_fd = 5;
539 else if (max_fd < 100)
540 max_fd = max_fd/2;
541 else
542 max_fd = max_fd - 20;
543
544 /* if we have to use a limited range of ports,
545 that will limit the number of transfers */
546 if (daemon->start_tftp_port != 0 &&
547 daemon->end_tftp_port - daemon->start_tftp_port + 1 < max_fd)
548 max_fd = daemon->end_tftp_port - daemon->start_tftp_port + 1;
549
550 if (daemon->tftp_max > max_fd)
551 {
552 daemon->tftp_max = max_fd;
553 my_syslog(MS_TFTP | LOG_WARNING,
554 _("restricting maximum simultaneous TFTP transfers to %d"),
555 daemon->tftp_max);
556 }
557 }
558 #endif
559
560 /* finished start-up - release original process */
561 if (err_pipe[1] != -1)
562 close(err_pipe[1]);
563
564 if (daemon->port != 0)
565 check_servers();
566
567 pid = getpid();
568
569 while (1)
570 {
571 int maxfd = -1;
572 struct timeval t, *tp = NULL;
573 fd_set rset, wset, eset;
574
575 FD_ZERO(&rset);
576 FD_ZERO(&wset);
577 FD_ZERO(&eset);
578
579 /* if we are out of resources, find how long we have to wait
580 for some to come free, we'll loop around then and restart
581 listening for queries */
582 if ((t.tv_sec = set_dns_listeners(now, &rset, &maxfd)) != 0)
583 {
584 t.tv_usec = 0;
585 tp = &t;
586 }
587
588 /* Whilst polling for the dbus, or doing a tftp transfer, wake every quarter second */
589 if (daemon->tftp_trans ||
590 (option_bool(OPT_DBUS) && !daemon->dbus))
591 {
592 t.tv_sec = 0;
593 t.tv_usec = 250000;
594 tp = &t;
595 }
596
597 #ifdef HAVE_DBUS
598 set_dbus_listeners(&maxfd, &rset, &wset, &eset);
599 #endif
600
601 #ifdef HAVE_DHCP
602 if (daemon->dhcp)
603 {
604 FD_SET(daemon->dhcpfd, &rset);
605 bump_maxfd(daemon->dhcpfd, &maxfd);
606 if (daemon->pxefd != -1)
607 {
608 FD_SET(daemon->pxefd, &rset);
609 bump_maxfd(daemon->pxefd, &maxfd);
610 }
611 }
612 #endif
613
614 #ifdef HAVE_LINUX_NETWORK
615 FD_SET(daemon->netlinkfd, &rset);
616 bump_maxfd(daemon->netlinkfd, &maxfd);
617 #endif
618
619 FD_SET(piperead, &rset);
620 bump_maxfd(piperead, &maxfd);
621
622 #ifdef HAVE_DHCP
623 # ifdef HAVE_SCRIPT
624 while (helper_buf_empty() && do_script_run(now));
625
626 if (!helper_buf_empty())
627 {
628 FD_SET(daemon->helperfd, &wset);
629 bump_maxfd(daemon->helperfd, &maxfd);
630 }
631 # else
632 /* need this for other side-effects */
633 while (do_script_run(now));
634 # endif
635 #endif
636
637 /* must do this just before select(), when we know no
638 more calls to my_syslog() can occur */
639 set_log_writer(&wset, &maxfd);
640
641 if (select(maxfd+1, &rset, &wset, &eset, tp) < 0)
642 {
643 /* otherwise undefined after error */
644 FD_ZERO(&rset); FD_ZERO(&wset); FD_ZERO(&eset);
645 }
646
647 now = dnsmasq_time();
648
649 check_log_writer(&wset);
650
651 #ifdef HAVE_LINUX_NETWORK
652 if (FD_ISSET(daemon->netlinkfd, &rset))
653 netlink_multicast();
654 #endif
655
656 /* Check for changes to resolv files once per second max. */
657 /* Don't go silent for long periods if the clock goes backwards. */
658 if (daemon->last_resolv == 0 ||
659 difftime(now, daemon->last_resolv) > 1.0 ||
660 difftime(now, daemon->last_resolv) < -1.0)
661 {
662 /* poll_resolv doesn't need to reload first time through, since
663 that's queued anyway. */
664
665 poll_resolv(0, daemon->last_resolv != 0, now);
666 daemon->last_resolv = now;
667 }
668
669 if (FD_ISSET(piperead, &rset))
670 async_event(piperead, now);
671
672 #ifdef HAVE_DBUS
673 /* if we didn't create a DBus connection, retry now. */
674 if (option_bool(OPT_DBUS) && !daemon->dbus)
675 {
676 char *err;
677 if ((err = dbus_init()))
678 my_syslog(LOG_WARNING, _("DBus error: %s"), err);
679 if (daemon->dbus)
680 my_syslog(LOG_INFO, _("connected to system DBus"));
681 }
682 check_dbus_listeners(&rset, &wset, &eset);
683 #endif
684
685 check_dns_listeners(&rset, now);
686
687 #ifdef HAVE_TFTP
688 check_tftp_listeners(&rset, now);
689 #endif
690
691 #ifdef HAVE_DHCP
692 if (daemon->dhcp)
693 {
694 if (FD_ISSET(daemon->dhcpfd, &rset))
695 dhcp_packet(now, 0);
696 if (daemon->pxefd != -1 && FD_ISSET(daemon->pxefd, &rset))
697 dhcp_packet(now, 1);
698 }
699
700 # ifdef HAVE_SCRIPT
701 if (daemon->helperfd != -1 && FD_ISSET(daemon->helperfd, &wset))
702 helper_write();
703 # endif
704 #endif
705
706 }
707 }
708
709 static void sig_handler(int sig)
710 {
711 if (pid == 0)
712 {
713 /* ignore anything other than TERM during startup
714 and in helper proc. (helper ignore TERM too) */
715 if (sig == SIGTERM)
716 exit(EC_MISC);
717 }
718 else if (pid != getpid())
719 {
720 /* alarm is used to kill TCP children after a fixed time. */
721 if (sig == SIGALRM)
722 _exit(0);
723 }
724 else
725 {
726 /* master process */
727 int event, errsave = errno;
728
729 if (sig == SIGHUP)
730 event = EVENT_RELOAD;
731 else if (sig == SIGCHLD)
732 event = EVENT_CHILD;
733 else if (sig == SIGALRM)
734 event = EVENT_ALARM;
735 else if (sig == SIGTERM)
736 event = EVENT_TERM;
737 else if (sig == SIGUSR1)
738 event = EVENT_DUMP;
739 else if (sig == SIGUSR2)
740 event = EVENT_REOPEN;
741 else
742 return;
743
744 send_event(pipewrite, event, 0);
745 errno = errsave;
746 }
747 }
748
749 void send_event(int fd, int event, int data)
750 {
751 struct event_desc ev;
752
753 ev.event = event;
754 ev.data = data;
755
756 /* error pipe, debug mode. */
757 if (fd == -1)
758 fatal_event(&ev);
759 else
760 /* pipe is non-blocking and struct event_desc is smaller than
761 PIPE_BUF, so this either fails or writes everything */
762 while (write(fd, &ev, sizeof(ev)) == -1 && errno == EINTR);
763 }
764
765 static void fatal_event(struct event_desc *ev)
766 {
767 errno = ev->data;
768
769 switch (ev->event)
770 {
771 case EVENT_DIE:
772 exit(0);
773
774 case EVENT_FORK_ERR:
775 die(_("cannot fork into background: %s"), NULL, EC_MISC);
776
777 case EVENT_PIPE_ERR:
778 die(_("failed to create helper: %s"), NULL, EC_MISC);
779
780 case EVENT_CAP_ERR:
781 die(_("setting capabilities failed: %s"), NULL, EC_MISC);
782
783 case EVENT_USER_ERR:
784 case EVENT_HUSER_ERR:
785 die(_("failed to change user-id to %s: %s"),
786 ev->event == EVENT_USER_ERR ? daemon->username : daemon->scriptuser,
787 EC_MISC);
788
789 case EVENT_GROUP_ERR:
790 die(_("failed to change group-id to %s: %s"), daemon->groupname, EC_MISC);
791
792 case EVENT_PIDFILE:
793 die(_("failed to open pidfile %s: %s"), daemon->runfile, EC_FILE);
794
795 case EVENT_LOG_ERR:
796 die(_("cannot open %s: %s"), daemon->log_file ? daemon->log_file : "log", EC_FILE);
797 }
798 }
799
800 static void async_event(int pipe, time_t now)
801 {
802 pid_t p;
803 struct event_desc ev;
804 int i;
805
806 if (read_write(pipe, (unsigned char *)&ev, sizeof(ev), 1))
807 switch (ev.event)
808 {
809 case EVENT_RELOAD:
810 clear_cache_and_reload(now);
811 if (daemon->port != 0 && daemon->resolv_files && option_bool(OPT_NO_POLL))
812 {
813 reload_servers(daemon->resolv_files->name);
814 check_servers();
815 }
816 #ifdef HAVE_DHCP
817 rerun_scripts();
818 #endif
819 break;
820
821 case EVENT_DUMP:
822 if (daemon->port != 0)
823 dump_cache(now);
824 break;
825
826 case EVENT_ALARM:
827 #ifdef HAVE_DHCP
828 if (daemon->dhcp)
829 {
830 lease_prune(NULL, now);
831 lease_update_file(now);
832 }
833 #endif
834 break;
835
836 case EVENT_CHILD:
837 /* See Stevens 5.10 */
838 while ((p = waitpid(-1, NULL, WNOHANG)) != 0)
839 if (p == -1)
840 {
841 if (errno != EINTR)
842 break;
843 }
844 else
845 for (i = 0 ; i < MAX_PROCS; i++)
846 if (daemon->tcp_pids[i] == p)
847 daemon->tcp_pids[i] = 0;
848 break;
849
850 case EVENT_KILLED:
851 my_syslog(LOG_WARNING, _("child process killed by signal %d"), ev.data);
852 break;
853
854 case EVENT_EXITED:
855 my_syslog(LOG_WARNING, _("child process exited with status %d"), ev.data);
856 break;
857
858 case EVENT_EXEC_ERR:
859 my_syslog(LOG_ERR, _("failed to execute %s: %s"),
860 daemon->lease_change_command, strerror(ev.data));
861 break;
862
863 /* necessary for fatal errors in helper */
864 case EVENT_HUSER_ERR:
865 case EVENT_DIE:
866 fatal_event(&ev);
867 break;
868
869 case EVENT_REOPEN:
870 /* Note: this may leave TCP-handling processes with the old file still open.
871 Since any such process will die in CHILD_LIFETIME or probably much sooner,
872 we leave them logging to the old file. */
873 if (daemon->log_file != NULL)
874 log_reopen(daemon->log_file);
875 break;
876
877 case EVENT_TERM:
878 /* Knock all our children on the head. */
879 for (i = 0; i < MAX_PROCS; i++)
880 if (daemon->tcp_pids[i] != 0)
881 kill(daemon->tcp_pids[i], SIGALRM);
882
883 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
884 /* handle pending lease transitions */
885 if (daemon->helperfd != -1)
886 {
887 /* block in writes until all done */
888 if ((i = fcntl(daemon->helperfd, F_GETFL)) != -1)
889 fcntl(daemon->helperfd, F_SETFL, i & ~O_NONBLOCK);
890 do {
891 helper_write();
892 } while (!helper_buf_empty() || do_script_run(now));
893 close(daemon->helperfd);
894 }
895 #endif
896
897 if (daemon->lease_stream)
898 fclose(daemon->lease_stream);
899
900 if (daemon->runfile)
901 unlink(daemon->runfile);
902
903 my_syslog(LOG_INFO, _("exiting on receipt of SIGTERM"));
904 flush_log();
905 exit(EC_GOOD);
906 }
907 }
908
909 void poll_resolv(int force, int do_reload, time_t now)
910 {
911 struct resolvc *res, *latest;
912 struct stat statbuf;
913 time_t last_change = 0;
914 /* There may be more than one possible file.
915 Go through and find the one which changed _last_.
916 Warn of any which can't be read. */
917
918 if (daemon->port == 0 || option_bool(OPT_NO_POLL))
919 return;
920
921 for (latest = NULL, res = daemon->resolv_files; res; res = res->next)
922 if (stat(res->name, &statbuf) == -1)
923 {
924 if (force)
925 {
926 res->mtime = 0;
927 continue;
928 }
929
930 if (!res->logged)
931 my_syslog(LOG_WARNING, _("failed to access %s: %s"), res->name, strerror(errno));
932 res->logged = 1;
933
934 if (res->mtime != 0)
935 {
936 /* existing file evaporated, force selection of the latest
937 file even if its mtime hasn't changed since we last looked */
938 poll_resolv(1, do_reload, now);
939 return;
940 }
941 }
942 else
943 {
944 res->logged = 0;
945 if (force || (statbuf.st_mtime != res->mtime))
946 {
947 res->mtime = statbuf.st_mtime;
948 if (difftime(statbuf.st_mtime, last_change) > 0.0)
949 {
950 last_change = statbuf.st_mtime;
951 latest = res;
952 }
953 }
954 }
955
956 if (latest)
957 {
958 static int warned = 0;
959 if (reload_servers(latest->name))
960 {
961 my_syslog(LOG_INFO, _("reading %s"), latest->name);
962 warned = 0;
963 check_servers();
964 if (option_bool(OPT_RELOAD) && do_reload)
965 clear_cache_and_reload(now);
966 }
967 else
968 {
969 latest->mtime = 0;
970 if (!warned)
971 {
972 my_syslog(LOG_WARNING, _("no servers found in %s, will retry"), latest->name);
973 warned = 1;
974 }
975 }
976 }
977 }
978
979 void clear_cache_and_reload(time_t now)
980 {
981 if (daemon->port != 0)
982 cache_reload();
983
984 #ifdef HAVE_DHCP
985 if (daemon->dhcp)
986 {
987 if (option_bool(OPT_ETHERS))
988 dhcp_read_ethers();
989 reread_dhcp();
990 dhcp_update_configs(daemon->dhcp_conf);
991 check_dhcp_hosts(0);
992 lease_update_from_configs();
993 lease_update_file(now);
994 lease_update_dns();
995 }
996 #endif
997 }
998
999 static int set_dns_listeners(time_t now, fd_set *set, int *maxfdp)
1000 {
1001 struct serverfd *serverfdp;
1002 struct listener *listener;
1003 int wait = 0, i;
1004
1005 #ifdef HAVE_TFTP
1006 int tftp = 0;
1007 struct tftp_transfer *transfer;
1008 for (transfer = daemon->tftp_trans; transfer; transfer = transfer->next)
1009 {
1010 tftp++;
1011 FD_SET(transfer->sockfd, set);
1012 bump_maxfd(transfer->sockfd, maxfdp);
1013 }
1014 #endif
1015
1016 /* will we be able to get memory? */
1017 if (daemon->port != 0)
1018 get_new_frec(now, &wait);
1019
1020 for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
1021 {
1022 FD_SET(serverfdp->fd, set);
1023 bump_maxfd(serverfdp->fd, maxfdp);
1024 }
1025
1026 if (daemon->port != 0 && !daemon->osport)
1027 for (i = 0; i < RANDOM_SOCKS; i++)
1028 if (daemon->randomsocks[i].refcount != 0)
1029 {
1030 FD_SET(daemon->randomsocks[i].fd, set);
1031 bump_maxfd(daemon->randomsocks[i].fd, maxfdp);
1032 }
1033
1034 for (listener = daemon->listeners; listener; listener = listener->next)
1035 {
1036 /* only listen for queries if we have resources */
1037 if (listener->fd != -1 && wait == 0)
1038 {
1039 FD_SET(listener->fd, set);
1040 bump_maxfd(listener->fd, maxfdp);
1041 }
1042
1043 /* death of a child goes through the select loop, so
1044 we don't need to explicitly arrange to wake up here */
1045 if (listener->tcpfd != -1)
1046 for (i = 0; i < MAX_PROCS; i++)
1047 if (daemon->tcp_pids[i] == 0)
1048 {
1049 FD_SET(listener->tcpfd, set);
1050 bump_maxfd(listener->tcpfd, maxfdp);
1051 break;
1052 }
1053
1054 #ifdef HAVE_TFTP
1055 if (tftp <= daemon->tftp_max && listener->tftpfd != -1)
1056 {
1057 FD_SET(listener->tftpfd, set);
1058 bump_maxfd(listener->tftpfd, maxfdp);
1059 }
1060 #endif
1061
1062 }
1063
1064 return wait;
1065 }
1066
1067 static void check_dns_listeners(fd_set *set, time_t now)
1068 {
1069 struct serverfd *serverfdp;
1070 struct listener *listener;
1071 int i;
1072
1073 for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
1074 if (FD_ISSET(serverfdp->fd, set))
1075 reply_query(serverfdp->fd, serverfdp->source_addr.sa.sa_family, now);
1076
1077 if (daemon->port != 0 && !daemon->osport)
1078 for (i = 0; i < RANDOM_SOCKS; i++)
1079 if (daemon->randomsocks[i].refcount != 0 &&
1080 FD_ISSET(daemon->randomsocks[i].fd, set))
1081 reply_query(daemon->randomsocks[i].fd, daemon->randomsocks[i].family, now);
1082
1083 for (listener = daemon->listeners; listener; listener = listener->next)
1084 {
1085 if (listener->fd != -1 && FD_ISSET(listener->fd, set))
1086 receive_query(listener, now);
1087
1088 #ifdef HAVE_TFTP
1089 if (listener->tftpfd != -1 && FD_ISSET(listener->tftpfd, set))
1090 tftp_request(listener, now);
1091 #endif
1092
1093 if (listener->tcpfd != -1 && FD_ISSET(listener->tcpfd, set))
1094 {
1095 int confd;
1096 struct irec *iface = NULL;
1097 pid_t p;
1098
1099 while((confd = accept(listener->tcpfd, NULL, NULL)) == -1 && errno == EINTR);
1100
1101 if (confd == -1)
1102 continue;
1103
1104 if (option_bool(OPT_NOWILD))
1105 iface = listener->iface;
1106 else
1107 {
1108 union mysockaddr tcp_addr;
1109 socklen_t tcp_len = sizeof(union mysockaddr);
1110 /* Check for allowed interfaces when binding the wildcard address:
1111 we do this by looking for an interface with the same address as
1112 the local address of the TCP connection, then looking to see if that's
1113 an allowed interface. As a side effect, we get the netmask of the
1114 interface too, for localisation. */
1115
1116 /* interface may be new since startup */
1117 if (enumerate_interfaces() &&
1118 getsockname(confd, (struct sockaddr *)&tcp_addr, &tcp_len) != -1)
1119 for (iface = daemon->interfaces; iface; iface = iface->next)
1120 if (sockaddr_isequal(&iface->addr, &tcp_addr))
1121 break;
1122 }
1123
1124 if (!iface)
1125 {
1126 shutdown(confd, SHUT_RDWR);
1127 close(confd);
1128 }
1129 #ifndef NO_FORK
1130 else if (!option_bool(OPT_DEBUG) && (p = fork()) != 0)
1131 {
1132 if (p != -1)
1133 {
1134 int i;
1135 for (i = 0; i < MAX_PROCS; i++)
1136 if (daemon->tcp_pids[i] == 0)
1137 {
1138 daemon->tcp_pids[i] = p;
1139 break;
1140 }
1141 }
1142 close(confd);
1143 }
1144 #endif
1145 else
1146 {
1147 unsigned char *buff;
1148 struct server *s;
1149 int flags;
1150 struct in_addr dst_addr_4;
1151
1152 dst_addr_4.s_addr = 0;
1153
1154 #ifndef NO_FORK
1155 /* Arrange for SIGALARM after CHILD_LIFETIME seconds to
1156 terminate the process. */
1157 if (!option_bool(OPT_DEBUG))
1158 alarm(CHILD_LIFETIME);
1159 #endif
1160
1161 /* start with no upstream connections. */
1162 for (s = daemon->servers; s; s = s->next)
1163 s->tcpfd = -1;
1164
1165 /* The connected socket inherits non-blocking
1166 attribute from the listening socket.
1167 Reset that here. */
1168 if ((flags = fcntl(confd, F_GETFL, 0)) != -1)
1169 fcntl(confd, F_SETFL, flags & ~O_NONBLOCK);
1170
1171 if (listener->family == AF_INET)
1172 dst_addr_4 = iface->addr.in.sin_addr;
1173
1174 buff = tcp_request(confd, now, dst_addr_4, iface->netmask);
1175
1176 shutdown(confd, SHUT_RDWR);
1177 close(confd);
1178
1179 if (buff)
1180 free(buff);
1181
1182 for (s = daemon->servers; s; s = s->next)
1183 if (s->tcpfd != -1)
1184 {
1185 shutdown(s->tcpfd, SHUT_RDWR);
1186 close(s->tcpfd);
1187 }
1188 #ifndef NO_FORK
1189 if (!option_bool(OPT_DEBUG))
1190 {
1191 flush_log();
1192 _exit(0);
1193 }
1194 #endif
1195 }
1196 }
1197 }
1198 }
1199
1200 #ifdef HAVE_DHCP
1201 int make_icmp_sock(void)
1202 {
1203 int fd;
1204 int zeroopt = 0;
1205
1206 if ((fd = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP)) != -1)
1207 {
1208 if (!fix_fd(fd) ||
1209 setsockopt(fd, SOL_SOCKET, SO_DONTROUTE, &zeroopt, sizeof(zeroopt)) == -1)
1210 {
1211 close(fd);
1212 fd = -1;
1213 }
1214 }
1215
1216 return fd;
1217 }
1218
1219 int icmp_ping(struct in_addr addr)
1220 {
1221 /* Try and get an ICMP echo from a machine. */
1222
1223 /* Note that whilst in the three second wait, we check for
1224 (and service) events on the DNS and TFTP sockets, (so doing that
1225 better not use any resources our caller has in use...)
1226 but we remain deaf to signals or further DHCP packets. */
1227
1228 int fd;
1229 struct sockaddr_in saddr;
1230 struct {
1231 struct ip ip;
1232 struct icmp icmp;
1233 } packet;
1234 unsigned short id = rand16();
1235 unsigned int i, j;
1236 int gotreply = 0;
1237 time_t start, now;
1238
1239 #if defined(HAVE_LINUX_NETWORK) || defined (HAVE_SOLARIS_NETWORK)
1240 if ((fd = make_icmp_sock()) == -1)
1241 return 0;
1242 #else
1243 int opt = 2000;
1244 fd = daemon->dhcp_icmp_fd;
1245 setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
1246 #endif
1247
1248 saddr.sin_family = AF_INET;
1249 saddr.sin_port = 0;
1250 saddr.sin_addr = addr;
1251 #ifdef HAVE_SOCKADDR_SA_LEN
1252 saddr.sin_len = sizeof(struct sockaddr_in);
1253 #endif
1254
1255 memset(&packet.icmp, 0, sizeof(packet.icmp));
1256 packet.icmp.icmp_type = ICMP_ECHO;
1257 packet.icmp.icmp_id = id;
1258 for (j = 0, i = 0; i < sizeof(struct icmp) / 2; i++)
1259 j += ((u16 *)&packet.icmp)[i];
1260 while (j>>16)
1261 j = (j & 0xffff) + (j >> 16);
1262 packet.icmp.icmp_cksum = (j == 0xffff) ? j : ~j;
1263
1264 while (sendto(fd, (char *)&packet.icmp, sizeof(struct icmp), 0,
1265 (struct sockaddr *)&saddr, sizeof(saddr)) == -1 &&
1266 retry_send());
1267
1268 for (now = start = dnsmasq_time();
1269 difftime(now, start) < (float)PING_WAIT;)
1270 {
1271 struct timeval tv;
1272 fd_set rset, wset;
1273 struct sockaddr_in faddr;
1274 int maxfd = fd;
1275 socklen_t len = sizeof(faddr);
1276
1277 tv.tv_usec = 250000;
1278 tv.tv_sec = 0;
1279
1280 FD_ZERO(&rset);
1281 FD_ZERO(&wset);
1282 FD_SET(fd, &rset);
1283 set_dns_listeners(now, &rset, &maxfd);
1284 set_log_writer(&wset, &maxfd);
1285
1286 if (select(maxfd+1, &rset, &wset, NULL, &tv) < 0)
1287 {
1288 FD_ZERO(&rset);
1289 FD_ZERO(&wset);
1290 }
1291
1292 now = dnsmasq_time();
1293
1294 check_log_writer(&wset);
1295 check_dns_listeners(&rset, now);
1296
1297 #ifdef HAVE_TFTP
1298 check_tftp_listeners(&rset, now);
1299 #endif
1300
1301 if (FD_ISSET(fd, &rset) &&
1302 recvfrom(fd, &packet, sizeof(packet), 0,
1303 (struct sockaddr *)&faddr, &len) == sizeof(packet) &&
1304 saddr.sin_addr.s_addr == faddr.sin_addr.s_addr &&
1305 packet.icmp.icmp_type == ICMP_ECHOREPLY &&
1306 packet.icmp.icmp_seq == 0 &&
1307 packet.icmp.icmp_id == id)
1308 {
1309 gotreply = 1;
1310 break;
1311 }
1312 }
1313
1314 #if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK)
1315 close(fd);
1316 #else
1317 opt = 1;
1318 setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
1319 #endif
1320
1321 return gotreply;
1322 }
1323 #endif
1324
1325
Michael's tree of dnsmasq.