1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
4 #include <netinet/in.h>
12 #include "alloc-util.h"
13 #include "bus-polkit.h"
14 #include "dirent-util.h"
15 #include "dns-domain.h"
18 #include "hostname-util.h"
21 #include "missing_network.h"
22 #include "netlink-util.h"
23 #include "ordered-set.h"
24 #include "parse-util.h"
25 #include "random-util.h"
26 #include "resolved-bus.h"
27 #include "resolved-conf.h"
28 #include "resolved-dns-stub.h"
29 #include "resolved-dnssd.h"
30 #include "resolved-etc-hosts.h"
31 #include "resolved-llmnr.h"
32 #include "resolved-manager.h"
33 #include "resolved-mdns.h"
34 #include "resolved-resolv-conf.h"
35 #include "resolved-varlink.h"
36 #include "socket-util.h"
37 #include "string-table.h"
38 #include "string-util.h"
41 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
43 static int manager_process_link(sd_netlink
*rtnl
, sd_netlink_message
*mm
, void *userdata
) {
44 Manager
*m
= userdata
;
53 r
= sd_netlink_message_get_type(mm
, &type
);
57 r
= sd_rtnl_message_link_get_ifindex(mm
, &ifindex
);
61 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
69 r
= link_new(m
, &l
, ifindex
);
74 r
= link_process_rtnl(l
, mm
);
83 log_debug("Found new link %i/%s", ifindex
, l
->ifname
);
90 log_debug("Removing link %i/%s", l
->ifindex
, l
->ifname
);
101 log_warning_errno(r
, "Failed to process RTNL link message: %m");
105 static int manager_process_address(sd_netlink
*rtnl
, sd_netlink_message
*mm
, void *userdata
) {
106 Manager
*m
= userdata
;
107 union in_addr_union address
;
109 int r
, ifindex
, family
;
117 r
= sd_netlink_message_get_type(mm
, &type
);
121 r
= sd_rtnl_message_addr_get_ifindex(mm
, &ifindex
);
125 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
129 r
= sd_rtnl_message_addr_get_family(mm
, &family
);
136 r
= sd_netlink_message_read_in_addr(mm
, IFA_LOCAL
, &address
.in
);
138 r
= sd_netlink_message_read_in_addr(mm
, IFA_ADDRESS
, &address
.in
);
146 r
= sd_netlink_message_read_in6_addr(mm
, IFA_LOCAL
, &address
.in6
);
148 r
= sd_netlink_message_read_in6_addr(mm
, IFA_ADDRESS
, &address
.in6
);
159 a
= link_find_address(l
, family
, &address
);
166 r
= link_address_new(l
, &a
, family
, &address
);
171 r
= link_address_update_rtnl(a
, mm
);
178 link_address_free(a
);
185 log_warning_errno(r
, "Failed to process RTNL address message: %m");
189 static int manager_rtnl_listen(Manager
*m
) {
190 _cleanup_(sd_netlink_message_unrefp
) sd_netlink_message
*req
= NULL
, *reply
= NULL
;
191 sd_netlink_message
*i
;
196 /* First, subscribe to interfaces coming and going */
197 r
= sd_netlink_open(&m
->rtnl
);
201 r
= sd_netlink_attach_event(m
->rtnl
, m
->event
, SD_EVENT_PRIORITY_IMPORTANT
);
205 r
= sd_netlink_add_match(m
->rtnl
, NULL
, RTM_NEWLINK
, manager_process_link
, NULL
, m
, "resolve-NEWLINK");
209 r
= sd_netlink_add_match(m
->rtnl
, NULL
, RTM_DELLINK
, manager_process_link
, NULL
, m
, "resolve-DELLINK");
213 r
= sd_netlink_add_match(m
->rtnl
, NULL
, RTM_NEWADDR
, manager_process_address
, NULL
, m
, "resolve-NEWADDR");
217 r
= sd_netlink_add_match(m
->rtnl
, NULL
, RTM_DELADDR
, manager_process_address
, NULL
, m
, "resolve-DELADDR");
221 /* Then, enumerate all links */
222 r
= sd_rtnl_message_new_link(m
->rtnl
, &req
, RTM_GETLINK
, 0);
226 r
= sd_netlink_message_request_dump(req
, true);
230 r
= sd_netlink_call(m
->rtnl
, req
, 0, &reply
);
234 for (i
= reply
; i
; i
= sd_netlink_message_next(i
)) {
235 r
= manager_process_link(m
->rtnl
, i
, m
);
240 req
= sd_netlink_message_unref(req
);
241 reply
= sd_netlink_message_unref(reply
);
243 /* Finally, enumerate all addresses, too */
244 r
= sd_rtnl_message_new_addr(m
->rtnl
, &req
, RTM_GETADDR
, 0, AF_UNSPEC
);
248 r
= sd_netlink_message_request_dump(req
, true);
252 r
= sd_netlink_call(m
->rtnl
, req
, 0, &reply
);
256 for (i
= reply
; i
; i
= sd_netlink_message_next(i
)) {
257 r
= manager_process_address(m
->rtnl
, i
, m
);
265 static int on_network_event(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
266 Manager
*m
= userdata
;
272 sd_network_monitor_flush(m
->network_monitor
);
274 HASHMAP_FOREACH(l
, m
->links
) {
277 log_warning_errno(r
, "Failed to update monitor information for %i: %m", l
->ifindex
);
280 (void) manager_write_resolv_conf(m
);
281 (void) manager_send_changed(m
, "DNS");
286 static int manager_network_monitor_listen(Manager
*m
) {
291 r
= sd_network_monitor_new(&m
->network_monitor
, NULL
);
295 fd
= sd_network_monitor_get_fd(m
->network_monitor
);
299 events
= sd_network_monitor_get_events(m
->network_monitor
);
303 r
= sd_event_add_io(m
->event
, &m
->network_event_source
, fd
, events
, &on_network_event
, m
);
307 r
= sd_event_source_set_priority(m
->network_event_source
, SD_EVENT_PRIORITY_IMPORTANT
+5);
311 (void) sd_event_source_set_description(m
->network_event_source
, "network-monitor");
316 static int determine_hostname(char **full_hostname
, char **llmnr_hostname
, char **mdns_hostname
) {
317 _cleanup_free_
char *h
= NULL
, *n
= NULL
;
319 _cleanup_free_
char *utf8
= NULL
;
323 char label
[DNS_LABEL_MAX
];
324 const char *p
, *decoded
;
327 assert(full_hostname
);
328 assert(llmnr_hostname
);
329 assert(mdns_hostname
);
331 /* Extract and normalize the first label of the locally configured hostname, and check it's not "localhost". */
333 r
= gethostname_strict(&h
);
335 return log_debug_errno(r
, "Can't determine system hostname: %m");
338 r
= dns_label_unescape(&p
, label
, sizeof label
, 0);
340 return log_error_errno(r
, "Failed to unescape hostname: %m");
342 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
),
343 "Couldn't find a single label in hostname.");
345 #if HAVE_LIBIDN || HAVE_LIBIDN2
348 log_debug_errno(r
, "Failed to initialize IDN support, ignoring: %m");
349 decoded
= label
; /* no decoding */
354 r
= sym_idn2_to_unicode_8z8z(label
, &utf8
, 0);
356 return log_error_errno(SYNTHETIC_ERRNO(EUCLEAN
),
357 "Failed to undo IDNA: %s", sym_idn2_strerror(r
));
358 assert(utf8_is_valid(utf8
));
363 k
= dns_label_undo_idna(label
, r
, label
, sizeof label
);
365 return log_error_errno(k
, "Failed to undo IDNA: %m");
369 if (!utf8_is_valid(label
))
370 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
),
371 "System hostname is not UTF-8 clean.");
374 decoded
= label
; /* no decoding */
378 r
= dns_label_escape_new(decoded
, r
, &n
);
380 return log_error_errno(r
, "Failed to escape hostname: %m");
383 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL
),
384 "System hostname is 'localhost', ignoring.");
386 r
= dns_name_concat(n
, "local", 0, mdns_hostname
);
388 return log_error_errno(r
, "Failed to determine mDNS hostname: %m");
390 *llmnr_hostname
= TAKE_PTR(n
);
391 *full_hostname
= TAKE_PTR(h
);
396 static const char *fallback_hostname(void) {
398 /* Determine the fall back hostname. For exposing this system to the outside world, we cannot have it to be
399 * "localhost" even if that's the compiled in hostname. In this case, let's revert to "linux" instead. */
401 if (is_localhost(FALLBACK_HOSTNAME
))
404 return FALLBACK_HOSTNAME
;
407 static int make_fallback_hostnames(char **full_hostname
, char **llmnr_hostname
, char **mdns_hostname
) {
408 _cleanup_free_
char *n
= NULL
, *m
= NULL
;
409 char label
[DNS_LABEL_MAX
], *h
;
413 assert(full_hostname
);
414 assert(llmnr_hostname
);
415 assert(mdns_hostname
);
417 p
= fallback_hostname();
418 r
= dns_label_unescape(&p
, label
, sizeof label
, 0);
420 return log_error_errno(r
, "Failed to unescape fallback hostname: %m");
422 assert(r
> 0); /* The fallback hostname must have at least one label */
424 r
= dns_label_escape_new(label
, r
, &n
);
426 return log_error_errno(r
, "Failed to escape fallback hostname: %m");
428 r
= dns_name_concat(n
, "local", 0, &m
);
430 return log_error_errno(r
, "Failed to concatenate mDNS hostname: %m");
432 h
= strdup(fallback_hostname());
436 *llmnr_hostname
= TAKE_PTR(n
);
437 *mdns_hostname
= TAKE_PTR(m
);
444 static int on_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
445 _cleanup_free_
char *full_hostname
= NULL
, *llmnr_hostname
= NULL
, *mdns_hostname
= NULL
;
446 Manager
*m
= userdata
;
447 bool llmnr_hostname_changed
;
452 r
= determine_hostname(&full_hostname
, &llmnr_hostname
, &mdns_hostname
);
454 return 0; /* ignore invalid hostnames */
456 llmnr_hostname_changed
= !streq(llmnr_hostname
, m
->llmnr_hostname
);
457 if (streq(full_hostname
, m
->full_hostname
) &&
458 !llmnr_hostname_changed
&&
459 streq(mdns_hostname
, m
->mdns_hostname
))
462 log_info("System hostname changed to '%s'.", full_hostname
);
464 free_and_replace(m
->full_hostname
, full_hostname
);
465 free_and_replace(m
->llmnr_hostname
, llmnr_hostname
);
466 free_and_replace(m
->mdns_hostname
, mdns_hostname
);
468 manager_refresh_rrs(m
);
469 (void) manager_send_changed(m
, "LLMNRHostname");
474 static int manager_watch_hostname(Manager
*m
) {
479 m
->hostname_fd
= open("/proc/sys/kernel/hostname",
480 O_RDONLY
|O_CLOEXEC
|O_NONBLOCK
|O_NOCTTY
);
481 if (m
->hostname_fd
< 0) {
482 log_warning_errno(errno
, "Failed to watch hostname: %m");
486 r
= sd_event_add_io(m
->event
, &m
->hostname_event_source
, m
->hostname_fd
, 0, on_hostname_change
, m
);
489 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
490 m
->hostname_fd
= safe_close(m
->hostname_fd
);
492 return log_error_errno(r
, "Failed to add hostname event source: %m");
495 (void) sd_event_source_set_description(m
->hostname_event_source
, "hostname");
497 r
= determine_hostname(&m
->full_hostname
, &m
->llmnr_hostname
, &m
->mdns_hostname
);
499 log_info("Defaulting to hostname '%s'.", fallback_hostname());
501 r
= make_fallback_hostnames(&m
->full_hostname
, &m
->llmnr_hostname
, &m
->mdns_hostname
);
505 log_info("Using system hostname '%s'.", m
->full_hostname
);
510 static int manager_sigusr1(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
511 _cleanup_free_
char *buffer
= NULL
;
512 _cleanup_fclose_
FILE *f
= NULL
;
513 Manager
*m
= userdata
;
523 f
= open_memstream_unlocked(&buffer
, &size
);
527 LIST_FOREACH(scopes
, scope
, m
->dns_scopes
)
528 dns_scope_dump(scope
, f
);
530 LIST_FOREACH(servers
, server
, m
->dns_servers
)
531 dns_server_dump(server
, f
);
532 LIST_FOREACH(servers
, server
, m
->fallback_dns_servers
)
533 dns_server_dump(server
, f
);
534 HASHMAP_FOREACH(l
, m
->links
)
535 LIST_FOREACH(servers
, server
, l
->dns_servers
)
536 dns_server_dump(server
, f
);
538 if (fflush_and_check(f
) < 0)
541 log_dump(LOG_INFO
, buffer
);
545 static int manager_sigusr2(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
546 Manager
*m
= userdata
;
552 manager_flush_caches(m
);
557 static int manager_sigrtmin1(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
558 Manager
*m
= userdata
;
564 manager_reset_server_features(m
);
568 int manager_new(Manager
**ret
) {
569 _cleanup_(manager_freep
) Manager
*m
= NULL
;
579 .llmnr_ipv4_udp_fd
= -1,
580 .llmnr_ipv6_udp_fd
= -1,
581 .llmnr_ipv4_tcp_fd
= -1,
582 .llmnr_ipv6_tcp_fd
= -1,
587 .llmnr_support
= DEFAULT_LLMNR_MODE
,
588 .mdns_support
= DEFAULT_MDNS_MODE
,
589 .dnssec_mode
= DEFAULT_DNSSEC_MODE
,
590 .dns_over_tls_mode
= DEFAULT_DNS_OVER_TLS_MODE
,
591 .enable_cache
= DNS_CACHE_MODE_YES
,
592 .dns_stub_listener_mode
= DNS_STUB_LISTENER_YES
,
593 .read_resolv_conf
= true,
594 .need_builtin_fallbacks
= true,
595 .etc_hosts_last
= USEC_INFINITY
,
596 .etc_hosts_mtime
= USEC_INFINITY
,
599 .read_etc_hosts
= true,
602 r
= dns_trust_anchor_load(&m
->trust_anchor
);
606 r
= manager_parse_config_file(m
);
608 log_warning_errno(r
, "Failed to parse configuration file: %m");
610 #if ENABLE_DNS_OVER_TLS
611 r
= dnstls_manager_init(m
);
616 r
= sd_event_default(&m
->event
);
620 (void) sd_event_add_signal(m
->event
, NULL
, SIGTERM
, NULL
, NULL
);
621 (void) sd_event_add_signal(m
->event
, NULL
, SIGINT
, NULL
, NULL
);
623 (void) sd_event_set_watchdog(m
->event
, true);
625 r
= manager_watch_hostname(m
);
631 log_warning_errno(r
, "Failed to load DNS-SD configuration files: %m");
633 r
= dns_scope_new(m
, &m
->unicast_scope
, NULL
, DNS_PROTOCOL_DNS
, AF_UNSPEC
);
637 r
= manager_network_monitor_listen(m
);
641 r
= manager_rtnl_listen(m
);
645 r
= manager_connect_bus(m
);
649 (void) sd_event_add_signal(m
->event
, &m
->sigusr1_event_source
, SIGUSR1
, manager_sigusr1
, m
);
650 (void) sd_event_add_signal(m
->event
, &m
->sigusr2_event_source
, SIGUSR2
, manager_sigusr2
, m
);
651 (void) sd_event_add_signal(m
->event
, &m
->sigrtmin1_event_source
, SIGRTMIN
+1, manager_sigrtmin1
, m
);
653 manager_cleanup_saved_user(m
);
660 int manager_start(Manager
*m
) {
665 r
= manager_dns_stub_start(m
);
669 r
= manager_varlink_init(m
);
676 Manager
*manager_free(Manager
*m
) {
683 dns_server_unlink_all(m
->dns_servers
);
684 dns_server_unlink_all(m
->fallback_dns_servers
);
685 dns_search_domain_unlink_all(m
->search_domains
);
687 while ((l
= hashmap_first(m
->links
)))
690 while (m
->dns_queries
)
691 dns_query_free(m
->dns_queries
);
693 dns_scope_free(m
->unicast_scope
);
695 /* At this point only orphaned streams should remain. All others should have been freed already by their
697 while (m
->dns_streams
)
698 dns_stream_unref(m
->dns_streams
);
700 #if ENABLE_DNS_OVER_TLS
701 dnstls_manager_free(m
);
704 hashmap_free(m
->links
);
705 hashmap_free(m
->dns_transactions
);
707 sd_event_source_unref(m
->network_event_source
);
708 sd_network_monitor_unref(m
->network_monitor
);
710 sd_netlink_unref(m
->rtnl
);
711 sd_event_source_unref(m
->rtnl_event_source
);
713 manager_llmnr_stop(m
);
714 manager_mdns_stop(m
);
715 manager_dns_stub_stop(m
);
716 manager_varlink_done(m
);
718 ordered_set_free(m
->dns_extra_stub_listeners
);
720 bus_verify_polkit_async_registry_free(m
->polkit_registry
);
722 sd_bus_flush_close_unref(m
->bus
);
724 sd_event_source_unref(m
->sigusr1_event_source
);
725 sd_event_source_unref(m
->sigusr2_event_source
);
726 sd_event_source_unref(m
->sigrtmin1_event_source
);
728 sd_event_unref(m
->event
);
730 dns_resource_key_unref(m
->llmnr_host_ipv4_key
);
731 dns_resource_key_unref(m
->llmnr_host_ipv6_key
);
732 dns_resource_key_unref(m
->mdns_host_ipv4_key
);
733 dns_resource_key_unref(m
->mdns_host_ipv6_key
);
735 sd_event_source_unref(m
->hostname_event_source
);
736 safe_close(m
->hostname_fd
);
738 free(m
->full_hostname
);
739 free(m
->llmnr_hostname
);
740 free(m
->mdns_hostname
);
742 while ((s
= hashmap_first(m
->dnssd_services
)))
743 dnssd_service_free(s
);
744 hashmap_free(m
->dnssd_services
);
746 dns_trust_anchor_flush(&m
->trust_anchor
);
747 manager_etc_hosts_flush(m
);
752 int manager_recv(Manager
*m
, int fd
, DnsProtocol protocol
, DnsPacket
**ret
) {
753 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
754 CMSG_BUFFER_TYPE(CMSG_SPACE(MAXSIZE(struct in_pktinfo
, struct in6_pktinfo
))
755 + CMSG_SPACE(int) /* ttl/hoplimit */
756 + EXTRA_CMSG_SPACE
/* kernel appears to require extra buffer space */) control
;
757 union sockaddr_union sa
;
761 .msg_namelen
= sizeof(sa
),
764 .msg_control
= &control
,
765 .msg_controllen
= sizeof(control
),
767 struct cmsghdr
*cmsg
;
775 ms
= next_datagram_size_fd(fd
);
779 r
= dns_packet_new(&p
, protocol
, ms
, DNS_PACKET_SIZE_MAX
);
783 iov
= IOVEC_MAKE(DNS_PACKET_DATA(p
), p
->allocated
);
785 l
= recvmsg_safe(fd
, &mh
, 0);
786 if (IN_SET(l
, -EAGAIN
, -EINTR
))
791 assert(!(mh
.msg_flags
& MSG_TRUNC
));
793 p
->size
= (size_t) l
;
795 p
->family
= sa
.sa
.sa_family
;
796 p
->ipproto
= IPPROTO_UDP
;
797 if (p
->family
== AF_INET
) {
798 p
->sender
.in
= sa
.in
.sin_addr
;
799 p
->sender_port
= be16toh(sa
.in
.sin_port
);
800 } else if (p
->family
== AF_INET6
) {
801 p
->sender
.in6
= sa
.in6
.sin6_addr
;
802 p
->sender_port
= be16toh(sa
.in6
.sin6_port
);
803 p
->ifindex
= sa
.in6
.sin6_scope_id
;
805 return -EAFNOSUPPORT
;
807 CMSG_FOREACH(cmsg
, &mh
) {
809 if (cmsg
->cmsg_level
== IPPROTO_IPV6
) {
810 assert(p
->family
== AF_INET6
);
812 switch (cmsg
->cmsg_type
) {
815 struct in6_pktinfo
*i
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
818 p
->ifindex
= i
->ipi6_ifindex
;
820 p
->destination
.in6
= i
->ipi6_addr
;
825 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
829 } else if (cmsg
->cmsg_level
== IPPROTO_IP
) {
830 assert(p
->family
== AF_INET
);
832 switch (cmsg
->cmsg_type
) {
835 struct in_pktinfo
*i
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
838 p
->ifindex
= i
->ipi_ifindex
;
840 p
->destination
.in
= i
->ipi_addr
;
845 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
851 /* The Linux kernel sets the interface index to the loopback
852 * device if the packet came from the local host since it
853 * avoids the routing table in such a case. Let's unset the
854 * interface index in such a case. */
855 if (p
->ifindex
== LOOPBACK_IFINDEX
)
858 if (protocol
!= DNS_PROTOCOL_DNS
) {
859 /* If we don't know the interface index still, we look for the
860 * first local interface with a matching address. Yuck! */
862 p
->ifindex
= manager_find_ifindex(m
, p
->family
, &p
->destination
);
870 static int sendmsg_loop(int fd
, struct msghdr
*mh
, int flags
) {
877 if (sendmsg(fd
, mh
, flags
) >= 0)
886 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
894 static int write_loop(int fd
, void *message
, size_t length
) {
901 if (write(fd
, message
, length
) >= 0)
910 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
918 int manager_write(Manager
*m
, int fd
, DnsPacket
*p
) {
921 log_debug("Sending %s%s packet with id %" PRIu16
" of size %zu.",
922 DNS_PACKET_TC(p
) ? "truncated (!) " : "",
923 DNS_PACKET_QR(p
) ? "response" : "query",
927 r
= write_loop(fd
, DNS_PACKET_DATA(p
), p
->size
);
934 static int manager_ipv4_send(
938 const struct in_addr
*destination
,
940 const struct in_addr
*source
,
943 CMSG_BUFFER_TYPE(CMSG_SPACE(sizeof(struct in_pktinfo
))) control
= {};
944 union sockaddr_union sa
;
950 .msg_namelen
= sizeof(sa
.in
),
959 iov
= IOVEC_MAKE(DNS_PACKET_DATA(p
), p
->size
);
961 sa
= (union sockaddr_union
) {
962 .in
.sin_family
= AF_INET
,
963 .in
.sin_addr
= *destination
,
964 .in
.sin_port
= htobe16(port
),
968 struct cmsghdr
*cmsg
;
969 struct in_pktinfo
*pi
;
971 mh
.msg_control
= &control
;
972 mh
.msg_controllen
= sizeof(control
);
974 cmsg
= CMSG_FIRSTHDR(&mh
);
975 cmsg
->cmsg_len
= CMSG_LEN(sizeof(struct in_pktinfo
));
976 cmsg
->cmsg_level
= IPPROTO_IP
;
977 cmsg
->cmsg_type
= IP_PKTINFO
;
979 pi
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
980 pi
->ipi_ifindex
= ifindex
;
983 pi
->ipi_spec_dst
= *source
;
986 return sendmsg_loop(fd
, &mh
, 0);
989 static int manager_ipv6_send(
993 const struct in6_addr
*destination
,
995 const struct in6_addr
*source
,
998 CMSG_BUFFER_TYPE(CMSG_SPACE(sizeof(struct in6_pktinfo
))) control
= {};
999 union sockaddr_union sa
;
1001 struct msghdr mh
= {
1005 .msg_namelen
= sizeof(sa
.in6
),
1010 assert(destination
);
1014 iov
= IOVEC_MAKE(DNS_PACKET_DATA(p
), p
->size
);
1016 sa
= (union sockaddr_union
) {
1017 .in6
.sin6_family
= AF_INET6
,
1018 .in6
.sin6_addr
= *destination
,
1019 .in6
.sin6_port
= htobe16(port
),
1020 .in6
.sin6_scope_id
= ifindex
,
1024 struct cmsghdr
*cmsg
;
1025 struct in6_pktinfo
*pi
;
1027 mh
.msg_control
= &control
;
1028 mh
.msg_controllen
= sizeof(control
);
1030 cmsg
= CMSG_FIRSTHDR(&mh
);
1031 cmsg
->cmsg_len
= CMSG_LEN(sizeof(struct in6_pktinfo
));
1032 cmsg
->cmsg_level
= IPPROTO_IPV6
;
1033 cmsg
->cmsg_type
= IPV6_PKTINFO
;
1035 pi
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
1036 pi
->ipi6_ifindex
= ifindex
;
1039 pi
->ipi6_addr
= *source
;
1042 return sendmsg_loop(fd
, &mh
, 0);
1050 const union in_addr_union
*destination
,
1052 const union in_addr_union
*source
,
1057 assert(destination
);
1061 log_debug("Sending %s%s packet with id %" PRIu16
" on interface %i/%s of size %zu.",
1062 DNS_PACKET_TC(p
) ? "truncated (!) " : "",
1063 DNS_PACKET_QR(p
) ? "response" : "query",
1065 ifindex
, af_to_name(family
),
1068 if (family
== AF_INET
)
1069 return manager_ipv4_send(m
, fd
, ifindex
, &destination
->in
, port
, source
? &source
->in
: NULL
, p
);
1070 if (family
== AF_INET6
)
1071 return manager_ipv6_send(m
, fd
, ifindex
, &destination
->in6
, port
, source
? &source
->in6
: NULL
, p
);
1073 return -EAFNOSUPPORT
;
1076 uint32_t manager_find_mtu(Manager
*m
) {
1080 /* If we don't know on which link a DNS packet would be
1081 * delivered, let's find the largest MTU that works on all
1082 * interfaces we know of */
1084 HASHMAP_FOREACH(l
, m
->links
) {
1088 if (mtu
<= 0 || l
->mtu
< mtu
)
1095 int manager_find_ifindex(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1100 a
= manager_find_link_address(m
, family
, in_addr
);
1102 return a
->link
->ifindex
;
1107 void manager_refresh_rrs(Manager
*m
) {
1113 m
->llmnr_host_ipv4_key
= dns_resource_key_unref(m
->llmnr_host_ipv4_key
);
1114 m
->llmnr_host_ipv6_key
= dns_resource_key_unref(m
->llmnr_host_ipv6_key
);
1115 m
->mdns_host_ipv4_key
= dns_resource_key_unref(m
->mdns_host_ipv4_key
);
1116 m
->mdns_host_ipv6_key
= dns_resource_key_unref(m
->mdns_host_ipv6_key
);
1118 if (m
->mdns_support
== RESOLVE_SUPPORT_YES
)
1119 HASHMAP_FOREACH(s
, m
->dnssd_services
)
1120 if (dnssd_update_rrs(s
) < 0)
1121 log_warning("Failed to refresh DNS-SD service '%s'", s
->name
);
1123 HASHMAP_FOREACH(l
, m
->links
) {
1124 link_add_rrs(l
, true);
1125 link_add_rrs(l
, false);
1129 static int manager_next_random_name(const char *old
, char **ret_new
) {
1138 if (!strchr(DIGITS
, p
[-1]))
1144 if (*p
== 0 || safe_atou64(p
, &u
) < 0 || u
<= 0)
1147 /* Add a random number to the old value. This way we can avoid
1148 * that two hosts pick the same hostname, win on IPv4 and lose
1149 * on IPv6 (or vice versa), and pick the same hostname
1150 * replacement hostname, ad infinitum. We still want the
1151 * numbers to go up monotonically, hence we just add a random
1154 random_bytes(&a
, sizeof(a
));
1157 if (asprintf(&n
, "%.*s%" PRIu64
, (int) (p
- old
), old
, u
) < 0)
1165 int manager_next_hostname(Manager
*m
) {
1166 _cleanup_free_
char *h
= NULL
, *k
= NULL
;
1171 r
= manager_next_random_name(m
->llmnr_hostname
, &h
);
1175 r
= dns_name_concat(h
, "local", 0, &k
);
1179 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m
->llmnr_hostname
, h
);
1181 free_and_replace(m
->llmnr_hostname
, h
);
1182 free_and_replace(m
->mdns_hostname
, k
);
1184 manager_refresh_rrs(m
);
1185 (void) manager_send_changed(m
, "LLMNRHostname");
1190 LinkAddress
* manager_find_link_address(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1195 HASHMAP_FOREACH(l
, m
->links
) {
1198 a
= link_find_address(l
, family
, in_addr
);
1206 bool manager_our_packet(Manager
*m
, DnsPacket
*p
) {
1210 return !!manager_find_link_address(m
, p
->family
, &p
->sender
);
1213 DnsScope
* manager_find_scope(Manager
*m
, DnsPacket
*p
) {
1219 l
= hashmap_get(m
->links
, INT_TO_PTR(p
->ifindex
));
1223 switch (p
->protocol
) {
1224 case DNS_PROTOCOL_LLMNR
:
1225 if (p
->family
== AF_INET
)
1226 return l
->llmnr_ipv4_scope
;
1227 else if (p
->family
== AF_INET6
)
1228 return l
->llmnr_ipv6_scope
;
1232 case DNS_PROTOCOL_MDNS
:
1233 if (p
->family
== AF_INET
)
1234 return l
->mdns_ipv4_scope
;
1235 else if (p
->family
== AF_INET6
)
1236 return l
->mdns_ipv6_scope
;
1247 void manager_verify_all(Manager
*m
) {
1252 LIST_FOREACH(scopes
, s
, m
->dns_scopes
)
1253 dns_zone_verify_all(&s
->zone
);
1256 int manager_is_own_hostname(Manager
*m
, const char *name
) {
1262 if (m
->llmnr_hostname
) {
1263 r
= dns_name_equal(name
, m
->llmnr_hostname
);
1268 if (m
->mdns_hostname
) {
1269 r
= dns_name_equal(name
, m
->mdns_hostname
);
1274 if (m
->full_hostname
)
1275 return dns_name_equal(name
, m
->full_hostname
);
1280 int manager_compile_dns_servers(Manager
*m
, OrderedSet
**dns
) {
1288 r
= ordered_set_ensure_allocated(dns
, &dns_server_hash_ops
);
1292 /* First add the system-wide servers and domains */
1293 LIST_FOREACH(servers
, s
, m
->dns_servers
) {
1294 r
= ordered_set_put(*dns
, s
);
1301 /* Then, add the per-link servers */
1302 HASHMAP_FOREACH(l
, m
->links
) {
1303 LIST_FOREACH(servers
, s
, l
->dns_servers
) {
1304 r
= ordered_set_put(*dns
, s
);
1312 /* If we found nothing, add the fallback servers */
1313 if (ordered_set_isempty(*dns
)) {
1314 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
) {
1315 r
= ordered_set_put(*dns
, s
);
1326 /* filter_route is a tri-state:
1328 * = 0 or false: return only domains which should be used for searching
1329 * > 0 or true: return only domains which are for routing only
1331 int manager_compile_search_domains(Manager
*m
, OrderedSet
**domains
, int filter_route
) {
1339 r
= ordered_set_ensure_allocated(domains
, &dns_name_hash_ops
);
1343 LIST_FOREACH(domains
, d
, m
->search_domains
) {
1345 if (filter_route
>= 0 &&
1346 d
->route_only
!= !!filter_route
)
1349 r
= ordered_set_put(*domains
, d
->name
);
1356 HASHMAP_FOREACH(l
, m
->links
) {
1358 LIST_FOREACH(domains
, d
, l
->search_domains
) {
1360 if (filter_route
>= 0 &&
1361 d
->route_only
!= !!filter_route
)
1364 r
= ordered_set_put(*domains
, d
->name
);
1375 DnssecMode
manager_get_dnssec_mode(Manager
*m
) {
1378 if (m
->dnssec_mode
!= _DNSSEC_MODE_INVALID
)
1379 return m
->dnssec_mode
;
1384 bool manager_dnssec_supported(Manager
*m
) {
1390 if (manager_get_dnssec_mode(m
) == DNSSEC_NO
)
1393 server
= manager_get_dns_server(m
);
1394 if (server
&& !dns_server_dnssec_supported(server
))
1397 HASHMAP_FOREACH(l
, m
->links
)
1398 if (!link_dnssec_supported(l
))
1404 DnsOverTlsMode
manager_get_dns_over_tls_mode(Manager
*m
) {
1407 if (m
->dns_over_tls_mode
!= _DNS_OVER_TLS_MODE_INVALID
)
1408 return m
->dns_over_tls_mode
;
1410 return DNS_OVER_TLS_NO
;
1413 void manager_dnssec_verdict(Manager
*m
, DnssecVerdict verdict
, const DnsResourceKey
*key
) {
1415 assert(verdict
>= 0);
1416 assert(verdict
< _DNSSEC_VERDICT_MAX
);
1418 if (DEBUG_LOGGING
) {
1419 char s
[DNS_RESOURCE_KEY_STRING_MAX
];
1421 log_debug("Found verdict for lookup %s: %s",
1422 dns_resource_key_to_string(key
, s
, sizeof s
),
1423 dnssec_verdict_to_string(verdict
));
1426 m
->n_dnssec_verdict
[verdict
]++;
1429 bool manager_routable(Manager
*m
) {
1434 /* Returns true if the host has at least one interface with a routable address (regardless if IPv4 or IPv6) */
1436 HASHMAP_FOREACH(l
, m
->links
)
1437 if (link_relevant(l
, AF_UNSPEC
, false))
1443 void manager_flush_caches(Manager
*m
) {
1448 LIST_FOREACH(scopes
, scope
, m
->dns_scopes
)
1449 dns_cache_flush(&scope
->cache
);
1451 log_info("Flushed all caches.");
1454 void manager_reset_server_features(Manager
*m
) {
1457 dns_server_reset_features_all(m
->dns_servers
);
1458 dns_server_reset_features_all(m
->fallback_dns_servers
);
1460 HASHMAP_FOREACH(l
, m
->links
)
1461 dns_server_reset_features_all(l
->dns_servers
);
1463 log_info("Resetting learnt feature levels on all servers.");
1466 void manager_cleanup_saved_user(Manager
*m
) {
1467 _cleanup_closedir_
DIR *d
= NULL
;
1472 /* Clean up all saved per-link files in /run/systemd/resolve/netif/ that don't have a matching interface
1473 * anymore. These files are created to persist settings pushed in by the user via the bus, so that resolved can
1474 * be restarted without losing this data. */
1476 d
= opendir("/run/systemd/resolve/netif/");
1478 if (errno
== ENOENT
)
1481 log_warning_errno(errno
, "Failed to open interface directory: %m");
1485 FOREACH_DIRENT_ALL(de
, d
, log_error_errno(errno
, "Failed to read interface directory: %m")) {
1486 _cleanup_free_
char *p
= NULL
;
1490 if (!IN_SET(de
->d_type
, DT_UNKNOWN
, DT_REG
))
1493 if (dot_or_dot_dot(de
->d_name
))
1496 ifindex
= parse_ifindex(de
->d_name
);
1497 if (ifindex
< 0) /* Probably some temporary file from a previous run. Delete it */
1500 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
1501 if (!l
) /* link vanished */
1504 if (l
->is_managed
) /* now managed by networkd, hence the bus settings are useless */
1510 p
= path_join("/run/systemd/resolve/netif", de
->d_name
);
1520 bool manager_next_dnssd_names(Manager
*m
) {
1527 HASHMAP_FOREACH(s
, m
->dnssd_services
) {
1528 _cleanup_free_
char * new_name
= NULL
;
1533 r
= manager_next_random_name(s
->name_template
, &new_name
);
1535 log_warning_errno(r
, "Failed to get new name for service '%s': %m", s
->name
);
1539 free_and_replace(s
->name_template
, new_name
);
1541 s
->withdrawn
= false;
1547 manager_refresh_rrs(m
);