]> git.ipfire.org Git - people/ms/dnsmasq.git/blob - src/network.c
projects / people / ms / dnsmasq.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'master' of ssh://central/var/cache/git/dnsmasq
[people/ms/dnsmasq.git] / src / network.c
1 /* dnsmasq is Copyright (c) 2000-2014 Simon Kelley
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
7
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
12
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
15 */
16
17 #include "dnsmasq.h"
18
19 #ifndef IN6_IS_ADDR_ULA
20 #define IN6_IS_ADDR_ULA(a) ((((__const uint32_t *) (a))[0] & htonl (0xfe00000)) == htonl (0xfc000000))
21 #endif
22
23 #ifdef HAVE_LINUX_NETWORK
24
25 int indextoname(int fd, int index, char *name)
26 {
27 struct ifreq ifr;
28
29 if (index == 0)
30 return 0;
31
32 ifr.ifr_ifindex = index;
33 if (ioctl(fd, SIOCGIFNAME, &ifr) == -1)
34 return 0;
35
36 strncpy(name, ifr.ifr_name, IF_NAMESIZE);
37
38 return 1;
39 }
40
41
42 #elif defined(HAVE_SOLARIS_NETWORK)
43
44 #include <zone.h>
45 #include <alloca.h>
46 #ifndef LIFC_UNDER_IPMP
47 # define LIFC_UNDER_IPMP 0
48 #endif
49
50 int indextoname(int fd, int index, char *name)
51 {
52 int64_t lifc_flags;
53 struct lifnum lifn;
54 int numifs, bufsize, i;
55 struct lifconf lifc;
56 struct lifreq *lifrp;
57
58 if (index == 0)
59 return 0;
60
61 if (getzoneid() == GLOBAL_ZONEID)
62 {
63 if (!if_indextoname(index, name))
64 return 0;
65 return 1;
66 }
67
68 lifc_flags = LIFC_NOXMIT | LIFC_TEMPORARY | LIFC_ALLZONES | LIFC_UNDER_IPMP;
69 lifn.lifn_family = AF_UNSPEC;
70 lifn.lifn_flags = lifc_flags;
71 if (ioctl(fd, SIOCGLIFNUM, &lifn) < 0)
72 return 0;
73
74 numifs = lifn.lifn_count;
75 bufsize = numifs * sizeof(struct lifreq);
76
77 lifc.lifc_family = AF_UNSPEC;
78 lifc.lifc_flags = lifc_flags;
79 lifc.lifc_len = bufsize;
80 lifc.lifc_buf = alloca(bufsize);
81
82 if (ioctl(fd, SIOCGLIFCONF, &lifc) < 0)
83 return 0;
84
85 lifrp = lifc.lifc_req;
86 for (i = lifc.lifc_len / sizeof(struct lifreq); i; i--, lifrp++)
87 {
88 struct lifreq lifr;
89 strncpy(lifr.lifr_name, lifrp->lifr_name, IF_NAMESIZE);
90 if (ioctl(fd, SIOCGLIFINDEX, &lifr) < 0)
91 return 0;
92
93 if (lifr.lifr_index == index) {
94 strncpy(name, lifr.lifr_name, IF_NAMESIZE);
95 return 1;
96 }
97 }
98 return 0;
99 }
100
101
102 #else
103
104 int indextoname(int fd, int index, char *name)
105 {
106 (void)fd;
107
108 if (index == 0 || !if_indextoname(index, name))
109 return 0;
110
111 return 1;
112 }
113
114 #endif
115
116 int iface_check(int family, struct all_addr *addr, char *name, int *auth)
117 {
118 struct iname *tmp;
119 int ret = 1, match_addr = 0;
120
121 /* Note: have to check all and not bail out early, so that we set the
122 "used" flags.
123
124 May be called with family == AF_LOCALto check interface by name only. */
125
126 if (auth)
127 *auth = 0;
128
129 if (daemon->if_names || daemon->if_addrs)
130 {
131 ret = 0;
132
133 for (tmp = daemon->if_names; tmp; tmp = tmp->next)
134 if (tmp->name && wildcard_match(tmp->name, name))
135 ret = tmp->used = 1;
136
137 if (addr)
138 for (tmp = daemon->if_addrs; tmp; tmp = tmp->next)
139 if (tmp->addr.sa.sa_family == family)
140 {
141 if (family == AF_INET &&
142 tmp->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
143 ret = match_addr = tmp->used = 1;
144 #ifdef HAVE_IPV6
145 else if (family == AF_INET6 &&
146 IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr,
147 &addr->addr.addr6))
148 ret = match_addr = tmp->used = 1;
149 #endif
150 }
151 }
152
153 if (!match_addr)
154 for (tmp = daemon->if_except; tmp; tmp = tmp->next)
155 if (tmp->name && wildcard_match(tmp->name, name))
156 ret = 0;
157
158
159 for (tmp = daemon->authinterface; tmp; tmp = tmp->next)
160 if (tmp->name)
161 {
162 if (strcmp(tmp->name, name) == 0 &&
163 (tmp->addr.sa.sa_family == 0 || tmp->addr.sa.sa_family == family))
164 break;
165 }
166 else if (addr && tmp->addr.sa.sa_family == AF_INET && family == AF_INET &&
167 tmp->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
168 break;
169 #ifdef HAVE_IPV6
170 else if (addr && tmp->addr.sa.sa_family == AF_INET6 && family == AF_INET6 &&
171 IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr, &addr->addr.addr6))
172 break;
173 #endif
174
175 if (tmp && auth)
176 {
177 *auth = 1;
178 ret = 1;
179 }
180
181 return ret;
182 }
183
184
185 /* Fix for problem that the kernel sometimes reports the loopback inerface as the
186 arrival interface when a packet originates locally, even when sent to address of
187 an interface other than the loopback. Accept packet if it arrived via a loopback
188 interface, even when we're not accepting packets that way, as long as the destination
189 address is one we're believing. Interface list must be up-to-date before calling. */
190 int loopback_exception(int fd, int family, struct all_addr *addr, char *name)
191 {
192 struct ifreq ifr;
193 struct irec *iface;
194
195 strncpy(ifr.ifr_name, name, IF_NAMESIZE);
196 if (ioctl(fd, SIOCGIFFLAGS, &ifr) != -1 &&
197 ifr.ifr_flags & IFF_LOOPBACK)
198 {
199 for (iface = daemon->interfaces; iface; iface = iface->next)
200 if (iface->addr.sa.sa_family == family)
201 {
202 if (family == AF_INET)
203 {
204 if (iface->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
205 return 1;
206 }
207 #ifdef HAVE_IPV6
208 else if (IN6_ARE_ADDR_EQUAL(&iface->addr.in6.sin6_addr, &addr->addr.addr6))
209 return 1;
210 #endif
211
212 }
213 }
214 return 0;
215 }
216
217 /* If we're configured with something like --interface=eth0:0 then we'll listen correctly
218 on the relevant address, but the name of the arrival interface, derived from the
219 index won't match the config. Check that we found an interface address for the arrival
220 interface: daemon->interfaces must be up-to-date. */
221 int label_exception(int index, int family, struct all_addr *addr)
222 {
223 struct irec *iface;
224
225 /* labels only supported on IPv4 addresses. */
226 if (family != AF_INET)
227 return 0;
228
229 for (iface = daemon->interfaces; iface; iface = iface->next)
230 if (iface->index == index && iface->addr.sa.sa_family == AF_INET &&
231 iface->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
232 return 1;
233
234 return 0;
235 }
236
237 struct iface_param {
238 struct addrlist *spare;
239 int fd;
240 };
241
242 static int iface_allowed(struct iface_param *param, int if_index, char *label,
243 union mysockaddr *addr, struct in_addr netmask, int prefixlen, int dad)
244 {
245 struct irec *iface;
246 int mtu = 0, loopback;
247 struct ifreq ifr;
248 int tftp_ok = !!option_bool(OPT_TFTP);
249 int dhcp_ok = 1;
250 int auth_dns = 0;
251 #if defined(HAVE_DHCP) || defined(HAVE_TFTP)
252 struct iname *tmp;
253 #endif
254
255 (void)prefixlen;
256
257 if (!indextoname(param->fd, if_index, ifr.ifr_name) ||
258 ioctl(param->fd, SIOCGIFFLAGS, &ifr) == -1)
259 return 0;
260
261 loopback = ifr.ifr_flags & IFF_LOOPBACK;
262
263 if (loopback)
264 dhcp_ok = 0;
265
266 if (ioctl(param->fd, SIOCGIFMTU, &ifr) != -1)
267 mtu = ifr.ifr_mtu;
268
269 if (!label)
270 label = ifr.ifr_name;
271
272
273 #ifdef HAVE_IPV6
274 if (addr->sa.sa_family != AF_INET6 || !IN6_IS_ADDR_LINKLOCAL(&addr->in6.sin6_addr))
275 #endif
276 {
277 struct interface_name *int_name;
278 struct addrlist *al;
279 #ifdef HAVE_AUTH
280 struct auth_zone *zone;
281 struct auth_name_list *name;
282
283 /* Find subnets in auth_zones */
284 for (zone = daemon->auth_zones; zone; zone = zone->next)
285 for (name = zone->interface_names; name; name = name->next)
286 if (wildcard_match(name->name, label))
287 {
288 if (addr->sa.sa_family == AF_INET && (name->flags & AUTH4))
289 {
290 if (param->spare)
291 {
292 al = param->spare;
293 param->spare = al->next;
294 }
295 else
296 al = whine_malloc(sizeof(struct addrlist));
297
298 if (al)
299 {
300 al->next = zone->subnet;
301 zone->subnet = al;
302 al->prefixlen = prefixlen;
303 al->addr.addr.addr4 = addr->in.sin_addr;
304 al->flags = 0;
305 }
306 }
307
308 #ifdef HAVE_IPV6
309 if (addr->sa.sa_family == AF_INET6 && (name->flags & AUTH6))
310 {
311 if (param->spare)
312 {
313 al = param->spare;
314 param->spare = al->next;
315 }
316 else
317 al = whine_malloc(sizeof(struct addrlist));
318
319 if (al)
320 {
321 al->next = zone->subnet;
322 zone->subnet = al;
323 al->prefixlen = prefixlen;
324 al->addr.addr.addr6 = addr->in6.sin6_addr;
325 al->flags = ADDRLIST_IPV6;
326 }
327 }
328 #endif
329
330 }
331 #endif
332
333 /* Update addresses from interface_names. These are a set independent
334 of the set we're listening on. */
335 for (int_name = daemon->int_names; int_name; int_name = int_name->next)
336 if (strncmp(label, int_name->intr, IF_NAMESIZE) == 0 &&
337 (addr->sa.sa_family == int_name->family || int_name->family == 0))
338 {
339 if (param->spare)
340 {
341 al = param->spare;
342 param->spare = al->next;
343 }
344 else
345 al = whine_malloc(sizeof(struct addrlist));
346
347 if (al)
348 {
349 al->next = int_name->addr;
350 int_name->addr = al;
351
352 if (addr->sa.sa_family == AF_INET)
353 {
354 al->addr.addr.addr4 = addr->in.sin_addr;
355 al->flags = 0;
356 }
357 #ifdef HAVE_IPV6
358 else
359 {
360 al->addr.addr.addr6 = addr->in6.sin6_addr;
361 al->flags = ADDRLIST_IPV6;
362 }
363 #endif
364 }
365 }
366 }
367
368 /* check whether the interface IP has been added already
369 we call this routine multiple times. */
370 for (iface = daemon->interfaces; iface; iface = iface->next)
371 if (sockaddr_isequal(&iface->addr, addr))
372 {
373 iface->dad = dad;
374 iface->found = 1; /* for garbage collection */
375 return 1;
376 }
377
378 /* If we are restricting the set of interfaces to use, make
379 sure that loopback interfaces are in that set. */
380 if (daemon->if_names && loopback)
381 {
382 struct iname *lo;
383 for (lo = daemon->if_names; lo; lo = lo->next)
384 if (lo->name && strcmp(lo->name, ifr.ifr_name) == 0)
385 break;
386
387 if (!lo && (lo = whine_malloc(sizeof(struct iname))))
388 {
389 if ((lo->name = whine_malloc(strlen(ifr.ifr_name)+1)))
390 {
391 strcpy(lo->name, ifr.ifr_name);
392 lo->used = 1;
393 lo->next = daemon->if_names;
394 daemon->if_names = lo;
395 }
396 else
397 free(lo);
398 }
399 }
400
401 if (addr->sa.sa_family == AF_INET &&
402 !iface_check(AF_INET, (struct all_addr *)&addr->in.sin_addr, label, &auth_dns))
403 return 1;
404
405 #ifdef HAVE_IPV6
406 if (addr->sa.sa_family == AF_INET6 &&
407 !iface_check(AF_INET6, (struct all_addr *)&addr->in6.sin6_addr, label, &auth_dns))
408 return 1;
409 #endif
410
411 #ifdef HAVE_DHCP
412 /* No DHCP where we're doing auth DNS. */
413 if (auth_dns)
414 {
415 tftp_ok = 0;
416 dhcp_ok = 0;
417 }
418 else
419 for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
420 if (tmp->name && wildcard_match(tmp->name, ifr.ifr_name))
421 {
422 tftp_ok = 0;
423 dhcp_ok = 0;
424 }
425 #endif
426
427
428 #ifdef HAVE_TFTP
429 if (daemon->tftp_interfaces)
430 {
431 /* dedicated tftp interface list */
432 tftp_ok = 0;
433 for (tmp = daemon->tftp_interfaces; tmp; tmp = tmp->next)
434 if (tmp->name && wildcard_match(tmp->name, ifr.ifr_name))
435 tftp_ok = 1;
436 }
437 #endif
438
439 /* add to list */
440 if ((iface = whine_malloc(sizeof(struct irec))))
441 {
442 iface->addr = *addr;
443 iface->netmask = netmask;
444 iface->tftp_ok = tftp_ok;
445 iface->dhcp_ok = dhcp_ok;
446 iface->dns_auth = auth_dns;
447 iface->mtu = mtu;
448 iface->dad = dad;
449 iface->found = 1;
450 iface->done = iface->multicast_done = iface->warned = 0;
451 iface->index = if_index;
452 if ((iface->name = whine_malloc(strlen(ifr.ifr_name)+1)))
453 {
454 strcpy(iface->name, ifr.ifr_name);
455 iface->next = daemon->interfaces;
456 daemon->interfaces = iface;
457 return 1;
458 }
459 free(iface);
460
461 }
462
463 errno = ENOMEM;
464 return 0;
465 }
466
467 #ifdef HAVE_IPV6
468 static int iface_allowed_v6(struct in6_addr *local, int prefix,
469 int scope, int if_index, int flags,
470 int preferred, int valid, void *vparam)
471 {
472 union mysockaddr addr;
473 struct in_addr netmask; /* dummy */
474 netmask.s_addr = 0;
475
476 (void)scope; /* warning */
477 (void)preferred;
478 (void)valid;
479
480 memset(&addr, 0, sizeof(addr));
481 #ifdef HAVE_SOCKADDR_SA_LEN
482 addr.in6.sin6_len = sizeof(addr.in6);
483 #endif
484 addr.in6.sin6_family = AF_INET6;
485 addr.in6.sin6_addr = *local;
486 addr.in6.sin6_port = htons(daemon->port);
487 /* FreeBSD insists this is zero for non-linklocal addresses */
488 if (IN6_IS_ADDR_LINKLOCAL(local))
489 addr.in6.sin6_scope_id = if_index;
490 else
491 addr.in6.sin6_scope_id = 0;
492
493 return iface_allowed((struct iface_param *)vparam, if_index, NULL, &addr, netmask, prefix, !!(flags & IFACE_TENTATIVE));
494 }
495 #endif
496
497 static int iface_allowed_v4(struct in_addr local, int if_index, char *label,
498 struct in_addr netmask, struct in_addr broadcast, void *vparam)
499 {
500 union mysockaddr addr;
501 int prefix, bit;
502
503 memset(&addr, 0, sizeof(addr));
504 #ifdef HAVE_SOCKADDR_SA_LEN
505 addr.in.sin_len = sizeof(addr.in);
506 #endif
507 addr.in.sin_family = AF_INET;
508 addr.in.sin_addr = broadcast; /* warning */
509 addr.in.sin_addr = local;
510 addr.in.sin_port = htons(daemon->port);
511
512 /* determine prefix length from netmask */
513 for (prefix = 32, bit = 1; (bit & ntohl(netmask.s_addr)) == 0 && prefix != 0; bit = bit << 1, prefix--);
514
515 return iface_allowed((struct iface_param *)vparam, if_index, label, &addr, netmask, prefix, 0);
516 }
517
518 int enumerate_interfaces(int reset)
519 {
520 static struct addrlist *spare = NULL;
521 static int done = 0, active = 0;
522 struct iface_param param;
523 int errsave, ret = 1;
524 struct addrlist *addr, *tmp;
525 struct interface_name *intname;
526 struct irec *iface;
527 #ifdef HAVE_AUTH
528 struct auth_zone *zone;
529 #endif
530
531 /* Do this max once per select cycle - also inhibits netlink socket use
532 in TCP child processes. */
533
534 if (reset)
535 {
536 done = 0;
537 return 1;
538 }
539
540 if (done || active)
541 return 1;
542
543 done = 1;
544
545 /* protect against recusive calls from iface_enumerate(); */
546 active = 1;
547
548 if ((param.fd = socket(PF_INET, SOCK_DGRAM, 0)) == -1)
549 return 0;
550
551 /* Mark interfaces for garbage collection */
552 for (iface = daemon->interfaces; iface; iface = iface->next)
553 iface->found = 0;
554
555 /* remove addresses stored against interface_names */
556 for (intname = daemon->int_names; intname; intname = intname->next)
557 {
558 for (addr = intname->addr; addr; addr = tmp)
559 {
560 tmp = addr->next;
561 addr->next = spare;
562 spare = addr;
563 }
564
565 intname->addr = NULL;
566 }
567
568 #ifdef HAVE_AUTH
569 /* remove addresses stored against auth_zone subnets, but not
570 ones configured as address literals */
571 for (zone = daemon->auth_zones; zone; zone = zone->next)
572 if (zone->interface_names)
573 {
574 struct addrlist **up;
575 for (up = &zone->subnet, addr = zone->subnet; addr; addr = tmp)
576 {
577 tmp = addr->next;
578 if (addr->flags & ADDRLIST_LITERAL)
579 up = &addr->next;
580 else
581 {
582 *up = addr->next;
583 addr->next = spare;
584 spare = addr;
585 }
586 }
587 }
588 #endif
589
590 param.spare = spare;
591
592 #ifdef HAVE_IPV6
593 ret = iface_enumerate(AF_INET6, &param, iface_allowed_v6);
594 #endif
595
596 if (ret)
597 ret = iface_enumerate(AF_INET, &param, iface_allowed_v4);
598
599 errsave = errno;
600 close(param.fd);
601
602 if (option_bool(OPT_CLEVERBIND))
603 {
604 /* Garbage-collect listeners listening on addresses that no longer exist.
605 Does nothing when not binding interfaces or for listeners on localhost,
606 since the ->iface field is NULL. Note that this needs the protections
607 against re-entrancy, hence it's here. It also means there's a possibility,
608 in OPT_CLEVERBIND mode, that at listener will just disappear after
609 a call to enumerate_interfaces, this is checked OK on all calls. */
610 struct listener *l, *tmp, **up;
611
612 for (up = &daemon->listeners, l = daemon->listeners; l; l = tmp)
613 {
614 tmp = l->next;
615
616 if (!l->iface || l->iface->found)
617 up = &l->next;
618 else
619 {
620 *up = l->next;
621
622 /* In case it ever returns */
623 l->iface->done = 0;
624
625 if (l->fd != -1)
626 close(l->fd);
627 if (l->tcpfd != -1)
628 close(l->tcpfd);
629 if (l->tftpfd != -1)
630 close(l->tftpfd);
631
632 free(l);
633 }
634 }
635 }
636
637 errno = errsave;
638
639 spare = param.spare;
640 active = 0;
641
642 return ret;
643 }
644
645 /* set NONBLOCK bit on fd: See Stevens 16.6 */
646 int fix_fd(int fd)
647 {
648 int flags;
649
650 if ((flags = fcntl(fd, F_GETFL)) == -1 ||
651 fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1)
652 return 0;
653
654 return 1;
655 }
656
657 static int make_sock(union mysockaddr *addr, int type, int dienow)
658 {
659 int family = addr->sa.sa_family;
660 int fd, rc, opt = 1;
661
662 if ((fd = socket(family, type, 0)) == -1)
663 {
664 int port, errsav;
665 char *s;
666
667 /* No error if the kernel just doesn't support this IP flavour */
668 if (errno == EPROTONOSUPPORT ||
669 errno == EAFNOSUPPORT ||
670 errno == EINVAL)
671 return -1;
672
673 err:
674 errsav = errno;
675 port = prettyprint_addr(addr, daemon->addrbuff);
676 if (!option_bool(OPT_NOWILD) && !option_bool(OPT_CLEVERBIND))
677 sprintf(daemon->addrbuff, "port %d", port);
678 s = _("failed to create listening socket for %s: %s");
679
680 if (fd != -1)
681 close (fd);
682
683 errno = errsav;
684
685 if (dienow)
686 {
687 /* failure to bind addresses given by --listen-address at this point
688 is OK if we're doing bind-dynamic */
689 if (!option_bool(OPT_CLEVERBIND))
690 die(s, daemon->addrbuff, EC_BADNET);
691 }
692 else
693 my_syslog(LOG_WARNING, s, daemon->addrbuff, strerror(errno));
694
695 return -1;
696 }
697
698 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 || !fix_fd(fd))
699 goto err;
700
701 #ifdef HAVE_IPV6
702 if (family == AF_INET6 && setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &opt, sizeof(opt)) == -1)
703 goto err;
704 #endif
705
706 if ((rc = bind(fd, (struct sockaddr *)addr, sa_len(addr))) == -1)
707 goto err;
708
709 if (type == SOCK_STREAM)
710 {
711 if (listen(fd, 5) == -1)
712 goto err;
713 }
714 else if (family == AF_INET)
715 {
716 if (!option_bool(OPT_NOWILD))
717 {
718 #if defined(HAVE_LINUX_NETWORK)
719 if (setsockopt(fd, IPPROTO_IP, IP_PKTINFO, &opt, sizeof(opt)) == -1)
720 goto err;
721 #elif defined(IP_RECVDSTADDR) && defined(IP_RECVIF)
722 if (setsockopt(fd, IPPROTO_IP, IP_RECVDSTADDR, &opt, sizeof(opt)) == -1 ||
723 setsockopt(fd, IPPROTO_IP, IP_RECVIF, &opt, sizeof(opt)) == -1)
724 goto err;
725 #endif
726 }
727 }
728 #ifdef HAVE_IPV6
729 else if (!set_ipv6pktinfo(fd))
730 goto err;
731 #endif
732
733 return fd;
734 }
735
736 #ifdef HAVE_IPV6
737 int set_ipv6pktinfo(int fd)
738 {
739 int opt = 1;
740
741 /* The API changed around Linux 2.6.14 but the old ABI is still supported:
742 handle all combinations of headers and kernel.
743 OpenWrt note that this fixes the problem addressed by your very broken patch. */
744 daemon->v6pktinfo = IPV6_PKTINFO;
745
746 #ifdef IPV6_RECVPKTINFO
747 if (setsockopt(fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &opt, sizeof(opt)) != -1)
748 return 1;
749 # ifdef IPV6_2292PKTINFO
750 else if (errno == ENOPROTOOPT && setsockopt(fd, IPPROTO_IPV6, IPV6_2292PKTINFO, &opt, sizeof(opt)) != -1)
751 {
752 daemon->v6pktinfo = IPV6_2292PKTINFO;
753 return 1;
754 }
755 # endif
756 #else
757 if (setsockopt(fd, IPPROTO_IPV6, IPV6_PKTINFO, &opt, sizeof(opt)) != -1)
758 return 1;
759 #endif
760
761 return 0;
762 }
763 #endif
764
765
766 /* Find the interface on which a TCP connection arrived, if possible, or zero otherwise. */
767 int tcp_interface(int fd, int af)
768 {
769 int if_index = 0;
770
771 #ifdef HAVE_LINUX_NETWORK
772 int opt = 1;
773 struct cmsghdr *cmptr;
774 struct msghdr msg;
775
776 /* use mshdr do that the CMSDG_* macros are available */
777 msg.msg_control = daemon->packet;
778 msg.msg_controllen = daemon->packet_buff_sz;
779
780 /* we overwrote the buffer... */
781 daemon->srv_save = NULL;
782
783 if (af == AF_INET)
784 {
785 if (setsockopt(fd, IPPROTO_IP, IP_PKTINFO, &opt, sizeof(opt)) != -1 &&
786 getsockopt(fd, IPPROTO_IP, IP_PKTOPTIONS, msg.msg_control, (socklen_t *)&msg.msg_controllen) != -1)
787 for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
788 if (cmptr->cmsg_level == IPPROTO_IP && cmptr->cmsg_type == IP_PKTINFO)
789 {
790 union {
791 unsigned char *c;
792 struct in_pktinfo *p;
793 } p;
794
795 p.c = CMSG_DATA(cmptr);
796 if_index = p.p->ipi_ifindex;
797 }
798 }
799 #ifdef HAVE_IPV6
800 else
801 {
802 /* Only the RFC-2292 API has the ability to find the interface for TCP connections,
803 it was removed in RFC-3542 !!!!
804
805 Fortunately, Linux kept the 2292 ABI when it moved to 3542. The following code always
806 uses the old ABI, and should work with pre- and post-3542 kernel headers */
807
808 #ifdef IPV6_2292PKTOPTIONS
809 # define PKTOPTIONS IPV6_2292PKTOPTIONS
810 #else
811 # define PKTOPTIONS IPV6_PKTOPTIONS
812 #endif
813
814 if (set_ipv6pktinfo(fd) &&
815 getsockopt(fd, IPPROTO_IPV6, PKTOPTIONS, msg.msg_control, (socklen_t *)&msg.msg_controllen) != -1)
816 {
817 for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
818 if (cmptr->cmsg_level == IPPROTO_IPV6 && cmptr->cmsg_type == daemon->v6pktinfo)
819 {
820 union {
821 unsigned char *c;
822 struct in6_pktinfo *p;
823 } p;
824 p.c = CMSG_DATA(cmptr);
825
826 if_index = p.p->ipi6_ifindex;
827 }
828 }
829 }
830 #endif /* IPV6 */
831 #endif /* Linux */
832
833 return if_index;
834 }
835
836 static struct listener *create_listeners(union mysockaddr *addr, int do_tftp, int dienow)
837 {
838 struct listener *l = NULL;
839 int fd = -1, tcpfd = -1, tftpfd = -1;
840
841 (void)do_tftp;
842
843 if (daemon->port != 0)
844 {
845 fd = make_sock(addr, SOCK_DGRAM, dienow);
846 tcpfd = make_sock(addr, SOCK_STREAM, dienow);
847 }
848
849 #ifdef HAVE_TFTP
850 if (do_tftp)
851 {
852 if (addr->sa.sa_family == AF_INET)
853 {
854 /* port must be restored to DNS port for TCP code */
855 short save = addr->in.sin_port;
856 addr->in.sin_port = htons(TFTP_PORT);
857 tftpfd = make_sock(addr, SOCK_DGRAM, dienow);
858 addr->in.sin_port = save;
859 }
860 # ifdef HAVE_IPV6
861 else
862 {
863 short save = addr->in6.sin6_port;
864 addr->in6.sin6_port = htons(TFTP_PORT);
865 tftpfd = make_sock(addr, SOCK_DGRAM, dienow);
866 addr->in6.sin6_port = save;
867 }
868 # endif
869 }
870 #endif
871
872 if (fd != -1 || tcpfd != -1 || tftpfd != -1)
873 {
874 l = safe_malloc(sizeof(struct listener));
875 l->next = NULL;
876 l->family = addr->sa.sa_family;
877 l->fd = fd;
878 l->tcpfd = tcpfd;
879 l->tftpfd = tftpfd;
880 l->iface = NULL;
881 }
882
883 return l;
884 }
885
886 void create_wildcard_listeners(void)
887 {
888 union mysockaddr addr;
889 struct listener *l, *l6;
890
891 memset(&addr, 0, sizeof(addr));
892 #ifdef HAVE_SOCKADDR_SA_LEN
893 addr.in.sin_len = sizeof(addr.in);
894 #endif
895 addr.in.sin_family = AF_INET;
896 addr.in.sin_addr.s_addr = INADDR_ANY;
897 addr.in.sin_port = htons(daemon->port);
898
899 l = create_listeners(&addr, !!option_bool(OPT_TFTP), 1);
900
901 #ifdef HAVE_IPV6
902 memset(&addr, 0, sizeof(addr));
903 # ifdef HAVE_SOCKADDR_SA_LEN
904 addr.in6.sin6_len = sizeof(addr.in6);
905 # endif
906 addr.in6.sin6_family = AF_INET6;
907 addr.in6.sin6_addr = in6addr_any;
908 addr.in6.sin6_port = htons(daemon->port);
909
910 l6 = create_listeners(&addr, !!option_bool(OPT_TFTP), 1);
911 if (l)
912 l->next = l6;
913 else
914 l = l6;
915 #endif
916
917 daemon->listeners = l;
918 }
919
920 void create_bound_listeners(int dienow)
921 {
922 struct listener *new;
923 struct irec *iface;
924 struct iname *if_tmp;
925
926 for (iface = daemon->interfaces; iface; iface = iface->next)
927 if (!iface->done && !iface->dad && iface->found &&
928 (new = create_listeners(&iface->addr, iface->tftp_ok, dienow)))
929 {
930 new->iface = iface;
931 new->next = daemon->listeners;
932 daemon->listeners = new;
933 iface->done = 1;
934 }
935
936 /* Check for --listen-address options that haven't been used because there's
937 no interface with a matching address. These may be valid: eg it's possible
938 to listen on 127.0.1.1 even if the loopback interface is 127.0.0.1
939
940 If the address isn't valid the bind() will fail and we'll die()
941 (except in bind-dynamic mode, when we'll complain but keep trying.)
942
943 The resulting listeners have the ->iface field NULL, and this has to be
944 handled by the DNS and TFTP code. It disables --localise-queries processing
945 (no netmask) and some MTU login the tftp code. */
946
947 for (if_tmp = daemon->if_addrs; if_tmp; if_tmp = if_tmp->next)
948 if (!if_tmp->used &&
949 (new = create_listeners(&if_tmp->addr, !!option_bool(OPT_TFTP), dienow)))
950 {
951 new->next = daemon->listeners;
952 daemon->listeners = new;
953 }
954 }
955
956 /* In --bind-interfaces, the only access control is the addresses we're listening on.
957 There's nothing to avoid a query to the address of an internal interface arriving via
958 an external interface where we don't want to accept queries, except that in the usual
959 case the addresses of internal interfaces are RFC1918. When bind-interfaces in use,
960 and we listen on an address that looks like it's probably globally routeable, shout.
961
962 The fix is to use --bind-dynamic, which actually checks the arrival interface too.
963 Tough if your platform doesn't support this.
964
965 Note that checking the arrival interface is supported in the standard IPv6 API and
966 always done, so we don't warn about any IPv6 addresses here.
967 */
968
969 void warn_bound_listeners(void)
970 {
971 struct irec *iface;
972 int advice = 0;
973
974 for (iface = daemon->interfaces; iface; iface = iface->next)
975 if (!iface->dns_auth)
976 {
977 if (iface->addr.sa.sa_family == AF_INET)
978 {
979 if (!private_net(iface->addr.in.sin_addr, 1))
980 {
981 inet_ntop(AF_INET, &iface->addr.in.sin_addr, daemon->addrbuff, ADDRSTRLEN);
982 iface->warned = advice = 1;
983 my_syslog(LOG_WARNING,
984 _("LOUD WARNING: listening on %s may accept requests via interfaces other than %s"),
985 daemon->addrbuff, iface->name);
986 }
987 }
988 }
989
990 if (advice)
991 my_syslog(LOG_WARNING, _("LOUD WARNING: use --bind-dynamic rather than --bind-interfaces to avoid DNS amplification attacks via these interface(s)"));
992 }
993
994 void warn_int_names(void)
995 {
996 struct interface_name *intname;
997
998 for (intname = daemon->int_names; intname; intname = intname->next)
999 if (!intname->addr)
1000 my_syslog(LOG_WARNING, _("warning: no addresses found for interface %s"), intname->intr);
1001 }
1002
1003 int is_dad_listeners(void)
1004 {
1005 struct irec *iface;
1006
1007 if (option_bool(OPT_NOWILD))
1008 for (iface = daemon->interfaces; iface; iface = iface->next)
1009 if (iface->dad && !iface->done)
1010 return 1;
1011
1012 return 0;
1013 }
1014
1015 #ifdef HAVE_DHCP6
1016 void join_multicast(int dienow)
1017 {
1018 struct irec *iface, *tmp;
1019
1020 for (iface = daemon->interfaces; iface; iface = iface->next)
1021 if (iface->addr.sa.sa_family == AF_INET6 && iface->dhcp_ok && !iface->multicast_done)
1022 {
1023 /* There's an irec per address but we only want to join for multicast
1024 once per interface. Weed out duplicates. */
1025 for (tmp = daemon->interfaces; tmp; tmp = tmp->next)
1026 if (tmp->multicast_done && tmp->index == iface->index)
1027 break;
1028
1029 iface->multicast_done = 1;
1030
1031 if (!tmp)
1032 {
1033 struct ipv6_mreq mreq;
1034 int err = 0;
1035
1036 mreq.ipv6mr_interface = iface->index;
1037
1038 inet_pton(AF_INET6, ALL_RELAY_AGENTS_AND_SERVERS, &mreq.ipv6mr_multiaddr);
1039
1040 if ((daemon->doing_dhcp6 || daemon->relay6) &&
1041 setsockopt(daemon->dhcp6fd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq, sizeof(mreq)) == -1)
1042 err = 1;
1043
1044 inet_pton(AF_INET6, ALL_SERVERS, &mreq.ipv6mr_multiaddr);
1045
1046 if (daemon->doing_dhcp6 &&
1047 setsockopt(daemon->dhcp6fd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq, sizeof(mreq)) == -1)
1048 err = 1;
1049
1050 inet_pton(AF_INET6, ALL_ROUTERS, &mreq.ipv6mr_multiaddr);
1051
1052 if (daemon->doing_ra &&
1053 setsockopt(daemon->icmp6fd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq, sizeof(mreq)) == -1)
1054 err = 1;
1055
1056 if (err)
1057 {
1058 char *s = _("interface %s failed to join DHCPv6 multicast group: %s");
1059 if (dienow)
1060 die(s, iface->name, EC_BADNET);
1061 else
1062 my_syslog(LOG_ERR, s, iface->name, strerror(errno));
1063 }
1064 }
1065 }
1066 }
1067 #endif
1068
1069 /* return a UDP socket bound to a random port, have to cope with straying into
1070 occupied port nos and reserved ones. */
1071 int random_sock(int family)
1072 {
1073 int fd;
1074
1075 if ((fd = socket(family, SOCK_DGRAM, 0)) != -1)
1076 {
1077 union mysockaddr addr;
1078 unsigned int ports_avail = 65536u - (unsigned short)daemon->min_port;
1079 int tries = ports_avail < 30 ? 3 * ports_avail : 100;
1080
1081 memset(&addr, 0, sizeof(addr));
1082 addr.sa.sa_family = family;
1083
1084 /* don't loop forever if all ports in use. */
1085
1086 if (fix_fd(fd))
1087 while(tries--)
1088 {
1089 unsigned short port = rand16();
1090
1091 if (daemon->min_port != 0)
1092 port = htons(daemon->min_port + (port % ((unsigned short)ports_avail)));
1093
1094 if (family == AF_INET)
1095 {
1096 addr.in.sin_addr.s_addr = INADDR_ANY;
1097 addr.in.sin_port = port;
1098 #ifdef HAVE_SOCKADDR_SA_LEN
1099 addr.in.sin_len = sizeof(struct sockaddr_in);
1100 #endif
1101 }
1102 #ifdef HAVE_IPV6
1103 else
1104 {
1105 addr.in6.sin6_addr = in6addr_any;
1106 addr.in6.sin6_port = port;
1107 #ifdef HAVE_SOCKADDR_SA_LEN
1108 addr.in6.sin6_len = sizeof(struct sockaddr_in6);
1109 #endif
1110 }
1111 #endif
1112
1113 if (bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == 0)
1114 return fd;
1115
1116 if (errno != EADDRINUSE && errno != EACCES)
1117 break;
1118 }
1119
1120 close(fd);
1121 }
1122
1123 return -1;
1124 }
1125
1126
1127 int local_bind(int fd, union mysockaddr *addr, char *intname, int is_tcp)
1128 {
1129 union mysockaddr addr_copy = *addr;
1130
1131 /* cannot set source _port_ for TCP connections. */
1132 if (is_tcp)
1133 {
1134 if (addr_copy.sa.sa_family == AF_INET)
1135 addr_copy.in.sin_port = 0;
1136 #ifdef HAVE_IPV6
1137 else
1138 addr_copy.in6.sin6_port = 0;
1139 #endif
1140 }
1141
1142 if (bind(fd, (struct sockaddr *)&addr_copy, sa_len(&addr_copy)) == -1)
1143 return 0;
1144
1145 #if defined(SO_BINDTODEVICE)
1146 if (intname[0] != 0 &&
1147 setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, intname, IF_NAMESIZE) == -1)
1148 return 0;
1149 #endif
1150
1151 return 1;
1152 }
1153
1154 static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname)
1155 {
1156 struct serverfd *sfd;
1157 int errsave;
1158
1159 /* when using random ports, servers which would otherwise use
1160 the INADDR_ANY/port0 socket have sfd set to NULL */
1161 if (!daemon->osport && intname[0] == 0)
1162 {
1163 errno = 0;
1164
1165 if (addr->sa.sa_family == AF_INET &&
1166 addr->in.sin_addr.s_addr == INADDR_ANY &&
1167 addr->in.sin_port == htons(0))
1168 return NULL;
1169
1170 #ifdef HAVE_IPV6
1171 if (addr->sa.sa_family == AF_INET6 &&
1172 memcmp(&addr->in6.sin6_addr, &in6addr_any, sizeof(in6addr_any)) == 0 &&
1173 addr->in6.sin6_port == htons(0))
1174 return NULL;
1175 #endif
1176 }
1177
1178 /* may have a suitable one already */
1179 for (sfd = daemon->sfds; sfd; sfd = sfd->next )
1180 if (sockaddr_isequal(&sfd->source_addr, addr) &&
1181 strcmp(intname, sfd->interface) == 0)
1182 return sfd;
1183
1184 /* need to make a new one. */
1185 errno = ENOMEM; /* in case malloc fails. */
1186 if (!(sfd = whine_malloc(sizeof(struct serverfd))))
1187 return NULL;
1188
1189 if ((sfd->fd = socket(addr->sa.sa_family, SOCK_DGRAM, 0)) == -1)
1190 {
1191 free(sfd);
1192 return NULL;
1193 }
1194
1195 if (!local_bind(sfd->fd, addr, intname, 0) || !fix_fd(sfd->fd))
1196 {
1197 errsave = errno; /* save error from bind. */
1198 close(sfd->fd);
1199 free(sfd);
1200 errno = errsave;
1201 return NULL;
1202 }
1203
1204 strcpy(sfd->interface, intname);
1205 sfd->source_addr = *addr;
1206 sfd->next = daemon->sfds;
1207 daemon->sfds = sfd;
1208 return sfd;
1209 }
1210
1211 /* create upstream sockets during startup, before root is dropped which may be needed
1212 this allows query_port to be a low port and interface binding */
1213 void pre_allocate_sfds(void)
1214 {
1215 struct server *srv;
1216
1217 if (daemon->query_port != 0)
1218 {
1219 union mysockaddr addr;
1220 memset(&addr, 0, sizeof(addr));
1221 addr.in.sin_family = AF_INET;
1222 addr.in.sin_addr.s_addr = INADDR_ANY;
1223 addr.in.sin_port = htons(daemon->query_port);
1224 #ifdef HAVE_SOCKADDR_SA_LEN
1225 addr.in.sin_len = sizeof(struct sockaddr_in);
1226 #endif
1227 allocate_sfd(&addr, "");
1228 #ifdef HAVE_IPV6
1229 memset(&addr, 0, sizeof(addr));
1230 addr.in6.sin6_family = AF_INET6;
1231 addr.in6.sin6_addr = in6addr_any;
1232 addr.in6.sin6_port = htons(daemon->query_port);
1233 #ifdef HAVE_SOCKADDR_SA_LEN
1234 addr.in6.sin6_len = sizeof(struct sockaddr_in6);
1235 #endif
1236 allocate_sfd(&addr, "");
1237 #endif
1238 }
1239
1240 for (srv = daemon->servers; srv; srv = srv->next)
1241 if (!(srv->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR | SERV_USE_RESOLV | SERV_NO_REBIND)) &&
1242 !allocate_sfd(&srv->source_addr, srv->interface) &&
1243 errno != 0 &&
1244 option_bool(OPT_NOWILD))
1245 {
1246 prettyprint_addr(&srv->source_addr, daemon->namebuff);
1247 if (srv->interface[0] != 0)
1248 {
1249 strcat(daemon->namebuff, " ");
1250 strcat(daemon->namebuff, srv->interface);
1251 }
1252 die(_("failed to bind server socket for %s: %s"),
1253 daemon->namebuff, EC_BADNET);
1254 }
1255 }
1256
1257
1258 void check_servers(void)
1259 {
1260 struct irec *iface;
1261 struct server *new, *tmp, *ret = NULL;
1262 int port = 0;
1263
1264 /* interface may be new since startup */
1265 if (!option_bool(OPT_NOWILD))
1266 enumerate_interfaces(0);
1267
1268 for (new = daemon->servers; new; new = tmp)
1269 {
1270 tmp = new->next;
1271
1272 if (!(new->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR | SERV_USE_RESOLV | SERV_NO_REBIND)))
1273 {
1274 port = prettyprint_addr(&new->addr, daemon->namebuff);
1275
1276 /* 0.0.0.0 is nothing, the stack treats it like 127.0.0.1 */
1277 if (new->addr.sa.sa_family == AF_INET &&
1278 new->addr.in.sin_addr.s_addr == 0)
1279 {
1280 free(new);
1281 continue;
1282 }
1283
1284 for (iface = daemon->interfaces; iface; iface = iface->next)
1285 if (sockaddr_isequal(&new->addr, &iface->addr))
1286 break;
1287 if (iface)
1288 {
1289 my_syslog(LOG_WARNING, _("ignoring nameserver %s - local interface"), daemon->namebuff);
1290 free(new);
1291 continue;
1292 }
1293
1294 /* Do we need a socket set? */
1295 if (!new->sfd &&
1296 !(new->sfd = allocate_sfd(&new->source_addr, new->interface)) &&
1297 errno != 0)
1298 {
1299 my_syslog(LOG_WARNING,
1300 _("ignoring nameserver %s - cannot make/bind socket: %s"),
1301 daemon->namebuff, strerror(errno));
1302 free(new);
1303 continue;
1304 }
1305 }
1306
1307 /* reverse order - gets it right. */
1308 new->next = ret;
1309 ret = new;
1310
1311 if (!(new->flags & SERV_NO_REBIND))
1312 {
1313 if (new->flags & (SERV_HAS_DOMAIN | SERV_FOR_NODOTS | SERV_USE_RESOLV))
1314 {
1315 char *s1, *s2;
1316 if (!(new->flags & SERV_HAS_DOMAIN))
1317 s1 = _("unqualified"), s2 = _("names");
1318 else if (strlen(new->domain) == 0)
1319 s1 = _("default"), s2 = "";
1320 else
1321 s1 = _("domain"), s2 = new->domain;
1322
1323 if (new->flags & SERV_NO_ADDR)
1324 my_syslog(LOG_INFO, _("using local addresses only for %s %s"), s1, s2);
1325 else if (new->flags & SERV_USE_RESOLV)
1326 my_syslog(LOG_INFO, _("using standard nameservers for %s %s"), s1, s2);
1327 else if (!(new->flags & SERV_LITERAL_ADDRESS))
1328 my_syslog(LOG_INFO, _("using nameserver %s#%d for %s %s"), daemon->namebuff, port, s1, s2);
1329 }
1330 else if (new->interface[0] != 0)
1331 my_syslog(LOG_INFO, _("using nameserver %s#%d(via %s)"), daemon->namebuff, port, new->interface);
1332 else
1333 my_syslog(LOG_INFO, _("using nameserver %s#%d"), daemon->namebuff, port);
1334 }
1335 }
1336
1337 daemon->servers = ret;
1338 }
1339
1340 /* Return zero if no servers found, in that case we keep polling.
1341 This is a protection against an update-time/write race on resolv.conf */
1342 int reload_servers(char *fname)
1343 {
1344 FILE *f;
1345 char *line;
1346 struct server *old_servers = NULL;
1347 struct server *new_servers = NULL;
1348 struct server *serv;
1349 int gotone = 0;
1350
1351 /* buff happens to be MAXDNAME long... */
1352 if (!(f = fopen(fname, "r")))
1353 {
1354 my_syslog(LOG_ERR, _("failed to read %s: %s"), fname, strerror(errno));
1355 return 0;
1356 }
1357
1358 /* move old servers to free list - we can reuse the memory
1359 and not risk malloc if there are the same or fewer new servers.
1360 Servers which were specced on the command line go to the new list. */
1361 for (serv = daemon->servers; serv;)
1362 {
1363 struct server *tmp = serv->next;
1364 if (serv->flags & SERV_FROM_RESOLV)
1365 {
1366 serv->next = old_servers;
1367 old_servers = serv;
1368 /* forward table rules reference servers, so have to blow them away */
1369 server_gone(serv);
1370 }
1371 else
1372 {
1373 serv->next = new_servers;
1374 new_servers = serv;
1375 }
1376 serv = tmp;
1377 }
1378
1379 while ((line = fgets(daemon->namebuff, MAXDNAME, f)))
1380 {
1381 union mysockaddr addr, source_addr;
1382 char *token = strtok(line, " \t\n\r");
1383
1384 if (!token)
1385 continue;
1386 if (strcmp(token, "nameserver") != 0 && strcmp(token, "server") != 0)
1387 continue;
1388 if (!(token = strtok(NULL, " \t\n\r")))
1389 continue;
1390
1391 memset(&addr, 0, sizeof(addr));
1392 memset(&source_addr, 0, sizeof(source_addr));
1393
1394 if ((addr.in.sin_addr.s_addr = inet_addr(token)) != (in_addr_t) -1)
1395 {
1396 #ifdef HAVE_SOCKADDR_SA_LEN
1397 source_addr.in.sin_len = addr.in.sin_len = sizeof(source_addr.in);
1398 #endif
1399 source_addr.in.sin_family = addr.in.sin_family = AF_INET;
1400 addr.in.sin_port = htons(NAMESERVER_PORT);
1401 source_addr.in.sin_addr.s_addr = INADDR_ANY;
1402 source_addr.in.sin_port = htons(daemon->query_port);
1403 }
1404 #ifdef HAVE_IPV6
1405 else
1406 {
1407 int scope_index = 0;
1408 char *scope_id = strchr(token, '%');
1409
1410 if (scope_id)
1411 {
1412 *(scope_id++) = 0;
1413 scope_index = if_nametoindex(scope_id);
1414 }
1415
1416 if (inet_pton(AF_INET6, token, &addr.in6.sin6_addr) > 0)
1417 {
1418 #ifdef HAVE_SOCKADDR_SA_LEN
1419 source_addr.in6.sin6_len = addr.in6.sin6_len = sizeof(source_addr.in6);
1420 #endif
1421 source_addr.in6.sin6_family = addr.in6.sin6_family = AF_INET6;
1422 source_addr.in6.sin6_flowinfo = addr.in6.sin6_flowinfo = 0;
1423 addr.in6.sin6_port = htons(NAMESERVER_PORT);
1424 addr.in6.sin6_scope_id = scope_index;
1425 source_addr.in6.sin6_addr = in6addr_any;
1426 source_addr.in6.sin6_port = htons(daemon->query_port);
1427 source_addr.in6.sin6_scope_id = 0;
1428 }
1429 else
1430 continue;
1431 }
1432 #else /* IPV6 */
1433 else
1434 continue;
1435 #endif
1436
1437 if (old_servers)
1438 {
1439 serv = old_servers;
1440 old_servers = old_servers->next;
1441 }
1442 else if (!(serv = whine_malloc(sizeof (struct server))))
1443 continue;
1444
1445 /* this list is reverse ordered:
1446 it gets reversed again in check_servers */
1447 serv->next = new_servers;
1448 new_servers = serv;
1449 serv->addr = addr;
1450 serv->source_addr = source_addr;
1451 serv->domain = NULL;
1452 serv->interface[0] = 0;
1453 serv->sfd = NULL;
1454 serv->flags = SERV_FROM_RESOLV;
1455 serv->queries = serv->failed_queries = 0;
1456 gotone = 1;
1457 }
1458
1459 /* Free any memory not used. */
1460 while (old_servers)
1461 {
1462 struct server *tmp = old_servers->next;
1463 free(old_servers);
1464 old_servers = tmp;
1465 }
1466
1467 daemon->servers = new_servers;
1468 fclose(f);
1469
1470 return gotone;
1471 }
1472
1473 #if defined(HAVE_LINUX_NETWORK) || defined(HAVE_BSD_NETWORK)
1474 /* Called when addresses are added or deleted from an interface */
1475 void newaddress(time_t now)
1476 {
1477 (void)now;
1478
1479 if (option_bool(OPT_CLEVERBIND) || daemon->doing_dhcp6 || daemon->relay6 || daemon->doing_ra)
1480 enumerate_interfaces(0);
1481
1482 if (option_bool(OPT_CLEVERBIND))
1483 create_bound_listeners(0);
1484
1485 #ifdef HAVE_DHCP6
1486 if (daemon->doing_dhcp6 || daemon->relay6 || daemon->doing_ra)
1487 join_multicast(0);
1488
1489 if (daemon->doing_dhcp6 || daemon->doing_ra)
1490 dhcp_construct_contexts(now);
1491
1492 if (daemon->doing_dhcp6)
1493 lease_find_interfaces(now);
1494 #endif
1495 }
1496
1497 #endif
1498
1499
1500
1501
Michael's tree of dnsmasq.