1 /* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 struct daemon
*daemon
;
21 static char *compile_opts
=
26 #ifndef HAVE_GETOPT_LONG
30 #ifdef HAVE_BROKEN_RTC
48 #if defined(HAVE_DHCP) && !defined(HAVE_SCRIPT)
55 #if !defined(LOCALEDIR) && !defined(HAVE_IDN)
61 static volatile pid_t pid
= 0;
62 static volatile int pipewrite
;
64 static int set_dns_listeners(time_t now
, fd_set
*set
, int *maxfdp
);
65 static void check_dns_listeners(fd_set
*set
, time_t now
);
66 static void sig_handler(int sig
);
67 static void async_event(int pipe
, time_t now
);
68 static void fatal_event(struct event_desc
*ev
);
70 int main (int argc
, char **argv
)
72 int bind_fallback
= 0;
74 struct sigaction sigact
;
76 int piperead
, pipefd
[2], err_pipe
[2];
77 struct passwd
*ent_pw
= NULL
;
78 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
82 struct group
*gp
= NULL
;
83 long i
, max_fd
= sysconf(_SC_OPEN_MAX
);
86 #if defined(HAVE_LINUX_NETWORK)
87 cap_user_header_t hdr
= NULL
;
88 cap_user_data_t data
= NULL
;
92 setlocale(LC_ALL
, "");
93 bindtextdomain("dnsmasq", LOCALEDIR
);
94 textdomain("dnsmasq");
97 sigact
.sa_handler
= sig_handler
;
99 sigemptyset(&sigact
.sa_mask
);
100 sigaction(SIGUSR1
, &sigact
, NULL
);
101 sigaction(SIGUSR2
, &sigact
, NULL
);
102 sigaction(SIGHUP
, &sigact
, NULL
);
103 sigaction(SIGTERM
, &sigact
, NULL
);
104 sigaction(SIGALRM
, &sigact
, NULL
);
105 sigaction(SIGCHLD
, &sigact
, NULL
);
108 sigact
.sa_handler
= SIG_IGN
;
109 sigaction(SIGPIPE
, &sigact
, NULL
);
111 umask(022); /* known umask, create leases and pid files as 0644 */
113 read_opts(argc
, argv
, compile_opts
);
115 if (daemon
->edns_pktsz
< PACKETSZ
)
116 daemon
->edns_pktsz
= PACKETSZ
;
117 daemon
->packet_buff_sz
= daemon
->edns_pktsz
> DNSMASQ_PACKETSZ
?
118 daemon
->edns_pktsz
: DNSMASQ_PACKETSZ
;
119 daemon
->packet
= safe_malloc(daemon
->packet_buff_sz
);
122 if (!daemon
->lease_file
)
125 daemon
->lease_file
= LEASEFILE
;
129 /* Close any file descriptors we inherited apart from std{in|out|err} */
130 for (i
= 0; i
< max_fd
; i
++)
131 if (i
!= STDOUT_FILENO
&& i
!= STDERR_FILENO
&& i
!= STDIN_FILENO
)
134 #ifdef HAVE_LINUX_NETWORK
136 #elif !(defined(IP_RECVDSTADDR) && \
137 defined(IP_RECVIF) && \
138 defined(IP_SENDSRCADDR))
139 if (!option_bool(OPT_NOWILD
))
142 set_option_bool(OPT_NOWILD
);
147 if (daemon
->tftp_unlimited
|| daemon
->tftp_interfaces
)
148 die(_("TFTP server not available: set HAVE_TFTP in src/config.h"), NULL
, EC_BADCONF
);
151 #ifdef HAVE_SOLARIS_NETWORK
152 if (daemon
->max_logs
!= 0)
153 die(_("asychronous logging is not available under Solaris"), NULL
, EC_BADCONF
);
157 if (daemon
->max_logs
!= 0)
158 die(_("asychronous logging is not available under Android"), NULL
, EC_BADCONF
);
163 now
= dnsmasq_time();
168 /* Note that order matters here, we must call lease_init before
169 creating any file descriptors which shouldn't be leaked
170 to the lease-script init process. */
176 if (!enumerate_interfaces())
177 die(_("failed to find list of interfaces: %s"), NULL
, EC_MISC
);
179 if (option_bool(OPT_NOWILD
))
181 daemon
->listeners
= create_bound_listeners();
183 for (if_tmp
= daemon
->if_names
; if_tmp
; if_tmp
= if_tmp
->next
)
184 if (if_tmp
->name
&& !if_tmp
->used
)
185 die(_("unknown interface %s"), if_tmp
->name
, EC_BADNET
);
187 for (if_tmp
= daemon
->if_addrs
; if_tmp
; if_tmp
= if_tmp
->next
)
190 prettyprint_addr(&if_tmp
->addr
, daemon
->namebuff
);
191 die(_("no interface with address %s"), daemon
->namebuff
, EC_BADNET
);
195 daemon
->listeners
= create_wildcard_listeners();
197 if (daemon
->port
!= 0)
200 if (option_bool(OPT_DBUS
))
205 daemon
->watches
= NULL
;
206 if ((err
= dbus_init()))
207 die(_("DBus error: %s"), err
, EC_MISC
);
210 die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL
, EC_BADCONF
);
213 if (daemon
->port
!= 0)
216 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
217 /* Note getpwnam returns static storage */
218 if (daemon
->dhcp
&& daemon
->lease_change_command
&& daemon
->scriptuser
)
220 if ((ent_pw
= getpwnam(daemon
->scriptuser
)))
222 script_uid
= ent_pw
->pw_uid
;
223 script_gid
= ent_pw
->pw_gid
;
226 baduser
= daemon
->scriptuser
;
230 if (daemon
->username
&& !(ent_pw
= getpwnam(daemon
->username
)))
231 baduser
= daemon
->username
;
232 else if (daemon
->groupname
&& !(gp
= getgrnam(daemon
->groupname
)))
233 baduser
= daemon
->groupname
;
236 die(_("unknown user or group: %s"), baduser
, EC_BADCONF
);
238 /* implement group defaults, "dip" if available, or group associated with uid */
239 if (!daemon
->group_set
&& !gp
)
241 if (!(gp
= getgrnam(CHGRP
)) && ent_pw
)
242 gp
= getgrgid(ent_pw
->pw_gid
);
244 /* for error message */
246 daemon
->groupname
= gp
->gr_name
;
249 #if defined(HAVE_LINUX_NETWORK)
250 /* determine capability API version here, while we can still
252 if (ent_pw
&& ent_pw
->pw_uid
!= 0)
254 int capsize
= 1; /* for header version 1 */
255 hdr
= safe_malloc(sizeof(*hdr
));
257 /* find version supported by kernel */
258 memset(hdr
, 0, sizeof(*hdr
));
261 if (hdr
->version
!= LINUX_CAPABILITY_VERSION_1
)
263 /* if unknown version, use largest supported version (3) */
264 if (hdr
->version
!= LINUX_CAPABILITY_VERSION_2
)
265 hdr
->version
= LINUX_CAPABILITY_VERSION_3
;
269 data
= safe_malloc(sizeof(*data
) * capsize
);
270 memset(data
, 0, sizeof(*data
) * capsize
);
274 /* Use a pipe to carry signals and other events back to the event loop
275 in a race-free manner and another to carry errors to daemon-invoking process */
276 safe_pipe(pipefd
, 1);
278 piperead
= pipefd
[0];
279 pipewrite
= pipefd
[1];
280 /* prime the pipe to load stuff first time. */
281 send_event(pipewrite
, EVENT_RELOAD
, 0);
285 if (!option_bool(OPT_DEBUG
))
287 /* The following code "daemonizes" the process.
288 See Stevens section 12.4 */
291 die(_("cannot chdir to filesystem root: %s"), NULL
, EC_MISC
);
294 if (!option_bool(OPT_NO_FORK
))
298 /* pipe to carry errors back to original process.
299 When startup is complete we close this and the process terminates. */
300 safe_pipe(err_pipe
, 0);
302 if ((pid
= fork()) == -1)
303 /* fd == -1 since we've not forked, never returns. */
304 send_event(-1, EVENT_FORK_ERR
, errno
);
308 struct event_desc ev
;
310 /* close our copy of write-end */
313 /* check for errors after the fork */
314 if (read_write(err_pipe
[0], (unsigned char *)&ev
, sizeof(ev
), 1))
322 /* NO calls to die() from here on. */
326 if ((pid
= fork()) == -1)
327 send_event(err_pipe
[1], EVENT_FORK_ERR
, errno
);
334 /* write pidfile _after_ forking ! */
339 /* only complain if started as root */
340 if ((pidfile
= fopen(daemon
->runfile
, "w")))
342 fprintf(pidfile
, "%d\n", (int) getpid());
345 else if (getuid() == 0)
347 send_event(err_pipe
[1], EVENT_PIDFILE
, errno
);
353 log_err
= log_start(ent_pw
, err_pipe
[1]);
355 if (!option_bool(OPT_DEBUG
))
357 /* open stdout etc to /dev/null */
358 int nullfd
= open("/dev/null", O_RDWR
);
359 dup2(nullfd
, STDOUT_FILENO
);
360 dup2(nullfd
, STDERR_FILENO
);
361 dup2(nullfd
, STDIN_FILENO
);
365 /* if we are to run scripts, we need to fork a helper before dropping root. */
366 daemon
->helperfd
= -1;
367 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
368 if (daemon
->dhcp
&& daemon
->lease_change_command
)
369 daemon
->helperfd
= create_helper(pipewrite
, err_pipe
[1], script_uid
, script_gid
, max_fd
);
372 if (!option_bool(OPT_DEBUG
) && getuid() == 0)
374 int bad_capabilities
= 0;
377 /* remove all supplimentary groups */
379 (setgroups(0, &dummy
) == -1 ||
380 setgid(gp
->gr_gid
) == -1))
382 send_event(err_pipe
[1], EVENT_GROUP_ERR
, errno
);
386 if (ent_pw
&& ent_pw
->pw_uid
!= 0)
388 #if defined(HAVE_LINUX_NETWORK)
389 /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
390 CAP_NET_RAW (for icmp) if we're doing dhcp */
391 data
->effective
= data
->permitted
= data
->inheritable
=
392 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
) | (1 << CAP_SETUID
);
394 /* Tell kernel to not clear capabilities when dropping root */
395 if (capset(hdr
, data
) == -1 || prctl(PR_SET_KEEPCAPS
, 1, 0, 0, 0) == -1)
396 bad_capabilities
= errno
;
398 #elif defined(HAVE_SOLARIS_NETWORK)
399 /* http://developers.sun.com/solaris/articles/program_privileges.html */
400 priv_set_t
*priv_set
;
402 if (!(priv_set
= priv_str_to_set("basic", ",", NULL
)) ||
403 priv_addset(priv_set
, PRIV_NET_ICMPACCESS
) == -1 ||
404 priv_addset(priv_set
, PRIV_SYS_NET_CONFIG
) == -1)
405 bad_capabilities
= errno
;
407 if (priv_set
&& bad_capabilities
== 0)
409 priv_inverse(priv_set
);
411 if (setppriv(PRIV_OFF
, PRIV_LIMIT
, priv_set
) == -1)
412 bad_capabilities
= errno
;
416 priv_freeset(priv_set
);
420 if (bad_capabilities
!= 0)
422 send_event(err_pipe
[1], EVENT_CAP_ERR
, bad_capabilities
);
426 /* finally drop root */
427 if (setuid(ent_pw
->pw_uid
) == -1)
429 send_event(err_pipe
[1], EVENT_USER_ERR
, errno
);
433 #ifdef HAVE_LINUX_NETWORK
434 data
->effective
= data
->permitted
=
435 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
);
436 data
->inheritable
= 0;
438 /* lose the setuid and setgid capbilities */
439 if (capset(hdr
, data
) == -1)
441 send_event(err_pipe
[1], EVENT_CAP_ERR
, errno
);
449 #ifdef HAVE_LINUX_NETWORK
450 if (option_bool(OPT_DEBUG
))
451 prctl(PR_SET_DUMPABLE
, 1, 0, 0, 0);
454 if (daemon
->port
== 0)
455 my_syslog(LOG_INFO
, _("started, version %s DNS disabled"), VERSION
);
456 else if (daemon
->cachesize
!= 0)
457 my_syslog(LOG_INFO
, _("started, version %s cachesize %d"), VERSION
, daemon
->cachesize
);
459 my_syslog(LOG_INFO
, _("started, version %s cache disabled"), VERSION
);
461 my_syslog(LOG_INFO
, _("compile time options: %s"), compile_opts
);
464 if (option_bool(OPT_DBUS
))
467 my_syslog(LOG_INFO
, _("DBus support enabled: connected to system bus"));
469 my_syslog(LOG_INFO
, _("DBus support enabled: bus connection pending"));
474 my_syslog(LOG_WARNING
, _("warning: failed to change owner of %s: %s"),
475 daemon
->log_file
, strerror(log_err
));
478 my_syslog(LOG_WARNING
, _("setting --bind-interfaces option because of OS limitations"));
480 if (!option_bool(OPT_NOWILD
))
481 for (if_tmp
= daemon
->if_names
; if_tmp
; if_tmp
= if_tmp
->next
)
482 if (if_tmp
->name
&& !if_tmp
->used
)
483 my_syslog(LOG_WARNING
, _("warning: interface %s does not currently exist"), if_tmp
->name
);
485 if (daemon
->port
!= 0 && option_bool(OPT_NO_RESOLV
))
487 if (daemon
->resolv_files
&& !daemon
->resolv_files
->is_default
)
488 my_syslog(LOG_WARNING
, _("warning: ignoring resolv-file flag because no-resolv is set"));
489 daemon
->resolv_files
= NULL
;
490 if (!daemon
->servers
)
491 my_syslog(LOG_WARNING
, _("warning: no upstream servers configured"));
494 if (daemon
->max_logs
!= 0)
495 my_syslog(LOG_INFO
, _("asynchronous logging enabled, queue limit is %d messages"), daemon
->max_logs
);
500 struct dhcp_context
*dhcp_tmp
;
502 for (dhcp_tmp
= daemon
->dhcp
; dhcp_tmp
; dhcp_tmp
= dhcp_tmp
->next
)
504 prettyprint_time(daemon
->dhcp_buff2
, dhcp_tmp
->lease_time
);
505 strcpy(daemon
->dhcp_buff
, inet_ntoa(dhcp_tmp
->start
));
506 my_syslog(MS_DHCP
| LOG_INFO
,
507 (dhcp_tmp
->flags
& CONTEXT_STATIC
) ?
508 _("DHCP, static leases only on %.0s%s, lease time %s") :
509 (dhcp_tmp
->flags
& CONTEXT_PROXY
) ?
510 _("DHCP, proxy on subnet %.0s%s%.0s") :
511 _("DHCP, IP range %s -- %s, lease time %s"),
512 daemon
->dhcp_buff
, inet_ntoa(dhcp_tmp
->end
), daemon
->dhcp_buff2
);
518 if (daemon
->tftp_unlimited
|| daemon
->tftp_interfaces
)
521 if (FD_SETSIZE
< (unsigned)max_fd
)
525 my_syslog(MS_TFTP
| LOG_INFO
, "TFTP %s%s %s",
526 daemon
->tftp_prefix
? _("root is ") : _("enabled"),
527 daemon
->tftp_prefix
? daemon
->tftp_prefix
: "",
528 option_bool(OPT_TFTP_SECURE
) ? _("secure mode") : "");
530 /* This is a guess, it assumes that for small limits,
531 disjoint files might be served, but for large limits,
532 a single file will be sent to may clients (the file only needs
535 max_fd
-= 30; /* use other than TFTP */
539 else if (max_fd
< 100)
542 max_fd
= max_fd
- 20;
544 /* if we have to use a limited range of ports,
545 that will limit the number of transfers */
546 if (daemon
->start_tftp_port
!= 0 &&
547 daemon
->end_tftp_port
- daemon
->start_tftp_port
+ 1 < max_fd
)
548 max_fd
= daemon
->end_tftp_port
- daemon
->start_tftp_port
+ 1;
550 if (daemon
->tftp_max
> max_fd
)
552 daemon
->tftp_max
= max_fd
;
553 my_syslog(MS_TFTP
| LOG_WARNING
,
554 _("restricting maximum simultaneous TFTP transfers to %d"),
560 /* finished start-up - release original process */
561 if (err_pipe
[1] != -1)
564 if (daemon
->port
!= 0)
572 struct timeval t
, *tp
= NULL
;
573 fd_set rset
, wset
, eset
;
579 /* if we are out of resources, find how long we have to wait
580 for some to come free, we'll loop around then and restart
581 listening for queries */
582 if ((t
.tv_sec
= set_dns_listeners(now
, &rset
, &maxfd
)) != 0)
588 /* Whilst polling for the dbus, or doing a tftp transfer, wake every quarter second */
589 if (daemon
->tftp_trans
||
590 (option_bool(OPT_DBUS
) && !daemon
->dbus
))
598 set_dbus_listeners(&maxfd
, &rset
, &wset
, &eset
);
604 FD_SET(daemon
->dhcpfd
, &rset
);
605 bump_maxfd(daemon
->dhcpfd
, &maxfd
);
606 if (daemon
->pxefd
!= -1)
608 FD_SET(daemon
->pxefd
, &rset
);
609 bump_maxfd(daemon
->pxefd
, &maxfd
);
614 #ifdef HAVE_LINUX_NETWORK
615 FD_SET(daemon
->netlinkfd
, &rset
);
616 bump_maxfd(daemon
->netlinkfd
, &maxfd
);
619 FD_SET(piperead
, &rset
);
620 bump_maxfd(piperead
, &maxfd
);
624 while (helper_buf_empty() && do_script_run(now
));
626 if (!helper_buf_empty())
628 FD_SET(daemon
->helperfd
, &wset
);
629 bump_maxfd(daemon
->helperfd
, &maxfd
);
632 /* need this for other side-effects */
633 while (do_script_run(now
));
637 /* must do this just before select(), when we know no
638 more calls to my_syslog() can occur */
639 set_log_writer(&wset
, &maxfd
);
641 if (select(maxfd
+1, &rset
, &wset
, &eset
, tp
) < 0)
643 /* otherwise undefined after error */
644 FD_ZERO(&rset
); FD_ZERO(&wset
); FD_ZERO(&eset
);
647 now
= dnsmasq_time();
649 check_log_writer(&wset
);
651 #ifdef HAVE_LINUX_NETWORK
652 if (FD_ISSET(daemon
->netlinkfd
, &rset
))
656 /* Check for changes to resolv files once per second max. */
657 /* Don't go silent for long periods if the clock goes backwards. */
658 if (daemon
->last_resolv
== 0 ||
659 difftime(now
, daemon
->last_resolv
) > 1.0 ||
660 difftime(now
, daemon
->last_resolv
) < -1.0)
662 /* poll_resolv doesn't need to reload first time through, since
663 that's queued anyway. */
665 poll_resolv(0, daemon
->last_resolv
!= 0, now
);
666 daemon
->last_resolv
= now
;
669 if (FD_ISSET(piperead
, &rset
))
670 async_event(piperead
, now
);
673 /* if we didn't create a DBus connection, retry now. */
674 if (option_bool(OPT_DBUS
) && !daemon
->dbus
)
677 if ((err
= dbus_init()))
678 my_syslog(LOG_WARNING
, _("DBus error: %s"), err
);
680 my_syslog(LOG_INFO
, _("connected to system DBus"));
682 check_dbus_listeners(&rset
, &wset
, &eset
);
685 check_dns_listeners(&rset
, now
);
688 check_tftp_listeners(&rset
, now
);
694 if (FD_ISSET(daemon
->dhcpfd
, &rset
))
696 if (daemon
->pxefd
!= -1 && FD_ISSET(daemon
->pxefd
, &rset
))
701 if (daemon
->helperfd
!= -1 && FD_ISSET(daemon
->helperfd
, &wset
))
709 static void sig_handler(int sig
)
713 /* ignore anything other than TERM during startup
714 and in helper proc. (helper ignore TERM too) */
718 else if (pid
!= getpid())
720 /* alarm is used to kill TCP children after a fixed time. */
727 int event
, errsave
= errno
;
730 event
= EVENT_RELOAD
;
731 else if (sig
== SIGCHLD
)
733 else if (sig
== SIGALRM
)
735 else if (sig
== SIGTERM
)
737 else if (sig
== SIGUSR1
)
739 else if (sig
== SIGUSR2
)
740 event
= EVENT_REOPEN
;
744 send_event(pipewrite
, event
, 0);
749 void send_event(int fd
, int event
, int data
)
751 struct event_desc ev
;
756 /* error pipe, debug mode. */
760 /* pipe is non-blocking and struct event_desc is smaller than
761 PIPE_BUF, so this either fails or writes everything */
762 while (write(fd
, &ev
, sizeof(ev
)) == -1 && errno
== EINTR
);
765 static void fatal_event(struct event_desc
*ev
)
775 die(_("cannot fork into background: %s"), NULL
, EC_MISC
);
778 die(_("failed to create helper: %s"), NULL
, EC_MISC
);
781 die(_("setting capabilities failed: %s"), NULL
, EC_MISC
);
784 case EVENT_HUSER_ERR
:
785 die(_("failed to change user-id to %s: %s"),
786 ev
->event
== EVENT_USER_ERR
? daemon
->username
: daemon
->scriptuser
,
789 case EVENT_GROUP_ERR
:
790 die(_("failed to change group-id to %s: %s"), daemon
->groupname
, EC_MISC
);
793 die(_("failed to open pidfile %s: %s"), daemon
->runfile
, EC_FILE
);
796 die(_("cannot open %s: %s"), daemon
->log_file
? daemon
->log_file
: "log", EC_FILE
);
800 static void async_event(int pipe
, time_t now
)
803 struct event_desc ev
;
806 if (read_write(pipe
, (unsigned char *)&ev
, sizeof(ev
), 1))
810 clear_cache_and_reload(now
);
811 if (daemon
->port
!= 0 && daemon
->resolv_files
&& option_bool(OPT_NO_POLL
))
813 reload_servers(daemon
->resolv_files
->name
);
822 if (daemon
->port
!= 0)
830 lease_prune(NULL
, now
);
831 lease_update_file(now
);
837 /* See Stevens 5.10 */
838 while ((p
= waitpid(-1, NULL
, WNOHANG
)) != 0)
845 for (i
= 0 ; i
< MAX_PROCS
; i
++)
846 if (daemon
->tcp_pids
[i
] == p
)
847 daemon
->tcp_pids
[i
] = 0;
851 my_syslog(LOG_WARNING
, _("child process killed by signal %d"), ev
.data
);
855 my_syslog(LOG_WARNING
, _("child process exited with status %d"), ev
.data
);
859 my_syslog(LOG_ERR
, _("failed to execute %s: %s"),
860 daemon
->lease_change_command
, strerror(ev
.data
));
863 /* necessary for fatal errors in helper */
864 case EVENT_HUSER_ERR
:
870 /* Note: this may leave TCP-handling processes with the old file still open.
871 Since any such process will die in CHILD_LIFETIME or probably much sooner,
872 we leave them logging to the old file. */
873 if (daemon
->log_file
!= NULL
)
874 log_reopen(daemon
->log_file
);
878 /* Knock all our children on the head. */
879 for (i
= 0; i
< MAX_PROCS
; i
++)
880 if (daemon
->tcp_pids
[i
] != 0)
881 kill(daemon
->tcp_pids
[i
], SIGALRM
);
883 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
884 /* handle pending lease transitions */
885 if (daemon
->helperfd
!= -1)
887 /* block in writes until all done */
888 if ((i
= fcntl(daemon
->helperfd
, F_GETFL
)) != -1)
889 fcntl(daemon
->helperfd
, F_SETFL
, i
& ~O_NONBLOCK
);
892 } while (!helper_buf_empty() || do_script_run(now
));
893 close(daemon
->helperfd
);
897 if (daemon
->lease_stream
)
898 fclose(daemon
->lease_stream
);
901 unlink(daemon
->runfile
);
903 my_syslog(LOG_INFO
, _("exiting on receipt of SIGTERM"));
909 void poll_resolv(int force
, int do_reload
, time_t now
)
911 struct resolvc
*res
, *latest
;
913 time_t last_change
= 0;
914 /* There may be more than one possible file.
915 Go through and find the one which changed _last_.
916 Warn of any which can't be read. */
918 if (daemon
->port
== 0 || option_bool(OPT_NO_POLL
))
921 for (latest
= NULL
, res
= daemon
->resolv_files
; res
; res
= res
->next
)
922 if (stat(res
->name
, &statbuf
) == -1)
931 my_syslog(LOG_WARNING
, _("failed to access %s: %s"), res
->name
, strerror(errno
));
936 /* existing file evaporated, force selection of the latest
937 file even if its mtime hasn't changed since we last looked */
938 poll_resolv(1, do_reload
, now
);
945 if (force
|| (statbuf
.st_mtime
!= res
->mtime
))
947 res
->mtime
= statbuf
.st_mtime
;
948 if (difftime(statbuf
.st_mtime
, last_change
) > 0.0)
950 last_change
= statbuf
.st_mtime
;
958 static int warned
= 0;
959 if (reload_servers(latest
->name
))
961 my_syslog(LOG_INFO
, _("reading %s"), latest
->name
);
964 if (option_bool(OPT_RELOAD
) && do_reload
)
965 clear_cache_and_reload(now
);
972 my_syslog(LOG_WARNING
, _("no servers found in %s, will retry"), latest
->name
);
979 void clear_cache_and_reload(time_t now
)
981 if (daemon
->port
!= 0)
987 if (option_bool(OPT_ETHERS
))
990 dhcp_update_configs(daemon
->dhcp_conf
);
992 lease_update_from_configs();
993 lease_update_file(now
);
999 static int set_dns_listeners(time_t now
, fd_set
*set
, int *maxfdp
)
1001 struct serverfd
*serverfdp
;
1002 struct listener
*listener
;
1007 struct tftp_transfer
*transfer
;
1008 for (transfer
= daemon
->tftp_trans
; transfer
; transfer
= transfer
->next
)
1011 FD_SET(transfer
->sockfd
, set
);
1012 bump_maxfd(transfer
->sockfd
, maxfdp
);
1016 /* will we be able to get memory? */
1017 if (daemon
->port
!= 0)
1018 get_new_frec(now
, &wait
);
1020 for (serverfdp
= daemon
->sfds
; serverfdp
; serverfdp
= serverfdp
->next
)
1022 FD_SET(serverfdp
->fd
, set
);
1023 bump_maxfd(serverfdp
->fd
, maxfdp
);
1026 if (daemon
->port
!= 0 && !daemon
->osport
)
1027 for (i
= 0; i
< RANDOM_SOCKS
; i
++)
1028 if (daemon
->randomsocks
[i
].refcount
!= 0)
1030 FD_SET(daemon
->randomsocks
[i
].fd
, set
);
1031 bump_maxfd(daemon
->randomsocks
[i
].fd
, maxfdp
);
1034 for (listener
= daemon
->listeners
; listener
; listener
= listener
->next
)
1036 /* only listen for queries if we have resources */
1037 if (listener
->fd
!= -1 && wait
== 0)
1039 FD_SET(listener
->fd
, set
);
1040 bump_maxfd(listener
->fd
, maxfdp
);
1043 /* death of a child goes through the select loop, so
1044 we don't need to explicitly arrange to wake up here */
1045 if (listener
->tcpfd
!= -1)
1046 for (i
= 0; i
< MAX_PROCS
; i
++)
1047 if (daemon
->tcp_pids
[i
] == 0)
1049 FD_SET(listener
->tcpfd
, set
);
1050 bump_maxfd(listener
->tcpfd
, maxfdp
);
1055 if (tftp
<= daemon
->tftp_max
&& listener
->tftpfd
!= -1)
1057 FD_SET(listener
->tftpfd
, set
);
1058 bump_maxfd(listener
->tftpfd
, maxfdp
);
1067 static void check_dns_listeners(fd_set
*set
, time_t now
)
1069 struct serverfd
*serverfdp
;
1070 struct listener
*listener
;
1073 for (serverfdp
= daemon
->sfds
; serverfdp
; serverfdp
= serverfdp
->next
)
1074 if (FD_ISSET(serverfdp
->fd
, set
))
1075 reply_query(serverfdp
->fd
, serverfdp
->source_addr
.sa
.sa_family
, now
);
1077 if (daemon
->port
!= 0 && !daemon
->osport
)
1078 for (i
= 0; i
< RANDOM_SOCKS
; i
++)
1079 if (daemon
->randomsocks
[i
].refcount
!= 0 &&
1080 FD_ISSET(daemon
->randomsocks
[i
].fd
, set
))
1081 reply_query(daemon
->randomsocks
[i
].fd
, daemon
->randomsocks
[i
].family
, now
);
1083 for (listener
= daemon
->listeners
; listener
; listener
= listener
->next
)
1085 if (listener
->fd
!= -1 && FD_ISSET(listener
->fd
, set
))
1086 receive_query(listener
, now
);
1089 if (listener
->tftpfd
!= -1 && FD_ISSET(listener
->tftpfd
, set
))
1090 tftp_request(listener
, now
);
1093 if (listener
->tcpfd
!= -1 && FD_ISSET(listener
->tcpfd
, set
))
1096 struct irec
*iface
= NULL
;
1099 while((confd
= accept(listener
->tcpfd
, NULL
, NULL
)) == -1 && errno
== EINTR
);
1104 if (option_bool(OPT_NOWILD
))
1105 iface
= listener
->iface
;
1108 union mysockaddr tcp_addr
;
1109 socklen_t tcp_len
= sizeof(union mysockaddr
);
1110 /* Check for allowed interfaces when binding the wildcard address:
1111 we do this by looking for an interface with the same address as
1112 the local address of the TCP connection, then looking to see if that's
1113 an allowed interface. As a side effect, we get the netmask of the
1114 interface too, for localisation. */
1116 /* interface may be new since startup */
1117 if (enumerate_interfaces() &&
1118 getsockname(confd
, (struct sockaddr
*)&tcp_addr
, &tcp_len
) != -1)
1119 for (iface
= daemon
->interfaces
; iface
; iface
= iface
->next
)
1120 if (sockaddr_isequal(&iface
->addr
, &tcp_addr
))
1126 shutdown(confd
, SHUT_RDWR
);
1130 else if (!option_bool(OPT_DEBUG
) && (p
= fork()) != 0)
1135 for (i
= 0; i
< MAX_PROCS
; i
++)
1136 if (daemon
->tcp_pids
[i
] == 0)
1138 daemon
->tcp_pids
[i
] = p
;
1147 unsigned char *buff
;
1150 struct in_addr dst_addr_4
;
1152 dst_addr_4
.s_addr
= 0;
1155 /* Arrange for SIGALARM after CHILD_LIFETIME seconds to
1156 terminate the process. */
1157 if (!option_bool(OPT_DEBUG
))
1158 alarm(CHILD_LIFETIME
);
1161 /* start with no upstream connections. */
1162 for (s
= daemon
->servers
; s
; s
= s
->next
)
1165 /* The connected socket inherits non-blocking
1166 attribute from the listening socket.
1168 if ((flags
= fcntl(confd
, F_GETFL
, 0)) != -1)
1169 fcntl(confd
, F_SETFL
, flags
& ~O_NONBLOCK
);
1171 if (listener
->family
== AF_INET
)
1172 dst_addr_4
= iface
->addr
.in
.sin_addr
;
1174 buff
= tcp_request(confd
, now
, dst_addr_4
, iface
->netmask
);
1176 shutdown(confd
, SHUT_RDWR
);
1182 for (s
= daemon
->servers
; s
; s
= s
->next
)
1185 shutdown(s
->tcpfd
, SHUT_RDWR
);
1189 if (!option_bool(OPT_DEBUG
))
1201 int make_icmp_sock(void)
1206 if ((fd
= socket (AF_INET
, SOCK_RAW
, IPPROTO_ICMP
)) != -1)
1209 setsockopt(fd
, SOL_SOCKET
, SO_DONTROUTE
, &zeroopt
, sizeof(zeroopt
)) == -1)
1219 int icmp_ping(struct in_addr addr
)
1221 /* Try and get an ICMP echo from a machine. */
1223 /* Note that whilst in the three second wait, we check for
1224 (and service) events on the DNS and TFTP sockets, (so doing that
1225 better not use any resources our caller has in use...)
1226 but we remain deaf to signals or further DHCP packets. */
1229 struct sockaddr_in saddr
;
1234 unsigned short id
= rand16();
1239 #if defined(HAVE_LINUX_NETWORK) || defined (HAVE_SOLARIS_NETWORK)
1240 if ((fd
= make_icmp_sock()) == -1)
1244 fd
= daemon
->dhcp_icmp_fd
;
1245 setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &opt
, sizeof(opt
));
1248 saddr
.sin_family
= AF_INET
;
1250 saddr
.sin_addr
= addr
;
1251 #ifdef HAVE_SOCKADDR_SA_LEN
1252 saddr
.sin_len
= sizeof(struct sockaddr_in
);
1255 memset(&packet
.icmp
, 0, sizeof(packet
.icmp
));
1256 packet
.icmp
.icmp_type
= ICMP_ECHO
;
1257 packet
.icmp
.icmp_id
= id
;
1258 for (j
= 0, i
= 0; i
< sizeof(struct icmp
) / 2; i
++)
1259 j
+= ((u16
*)&packet
.icmp
)[i
];
1261 j
= (j
& 0xffff) + (j
>> 16);
1262 packet
.icmp
.icmp_cksum
= (j
== 0xffff) ? j
: ~j
;
1264 while (sendto(fd
, (char *)&packet
.icmp
, sizeof(struct icmp
), 0,
1265 (struct sockaddr
*)&saddr
, sizeof(saddr
)) == -1 &&
1268 for (now
= start
= dnsmasq_time();
1269 difftime(now
, start
) < (float)PING_WAIT
;)
1273 struct sockaddr_in faddr
;
1275 socklen_t len
= sizeof(faddr
);
1277 tv
.tv_usec
= 250000;
1283 set_dns_listeners(now
, &rset
, &maxfd
);
1284 set_log_writer(&wset
, &maxfd
);
1286 if (select(maxfd
+1, &rset
, &wset
, NULL
, &tv
) < 0)
1292 now
= dnsmasq_time();
1294 check_log_writer(&wset
);
1295 check_dns_listeners(&rset
, now
);
1298 check_tftp_listeners(&rset
, now
);
1301 if (FD_ISSET(fd
, &rset
) &&
1302 recvfrom(fd
, &packet
, sizeof(packet
), 0,
1303 (struct sockaddr
*)&faddr
, &len
) == sizeof(packet
) &&
1304 saddr
.sin_addr
.s_addr
== faddr
.sin_addr
.s_addr
&&
1305 packet
.icmp
.icmp_type
== ICMP_ECHOREPLY
&&
1306 packet
.icmp
.icmp_seq
== 0 &&
1307 packet
.icmp
.icmp_id
== id
)
1314 #if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK)
1318 setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &opt
, sizeof(opt
));