]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #530 from dvdhrm/resolve-host-dbus
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <resolv.h>
23 #include <sys/ioctl.h>
24 #include <poll.h>
25 #include <netinet/in.h>
26
27 #include "netlink-util.h"
28 #include "network-internal.h"
29 #include "socket-util.h"
30 #include "af-list.h"
31 #include "utf8.h"
32 #include "fileio-label.h"
33 #include "ordered-set.h"
34 #include "random-util.h"
35 #include "hostname-util.h"
36
37 #include "dns-domain.h"
38 #include "resolved-conf.h"
39 #include "resolved-bus.h"
40 #include "resolved-manager.h"
41 #include "resolved-llmnr.h"
42
43 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
44
45 static int manager_process_link(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
46 Manager *m = userdata;
47 uint16_t type;
48 Link *l;
49 int ifindex, r;
50
51 assert(rtnl);
52 assert(m);
53 assert(mm);
54
55 r = sd_netlink_message_get_type(mm, &type);
56 if (r < 0)
57 goto fail;
58
59 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
60 if (r < 0)
61 goto fail;
62
63 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
64
65 switch (type) {
66
67 case RTM_NEWLINK:{
68 bool is_new = !l;
69
70 if (!l) {
71 r = link_new(m, &l, ifindex);
72 if (r < 0)
73 goto fail;
74 }
75
76 r = link_update_rtnl(l, mm);
77 if (r < 0)
78 goto fail;
79
80 r = link_update_monitor(l);
81 if (r < 0)
82 goto fail;
83
84 if (is_new)
85 log_debug("Found new link %i/%s", ifindex, l->name);
86
87 break;
88 }
89
90 case RTM_DELLINK:
91 if (l) {
92 log_debug("Removing link %i/%s", l->ifindex, l->name);
93 link_free(l);
94 }
95
96 break;
97 }
98
99 return 0;
100
101 fail:
102 log_warning_errno(r, "Failed to process RTNL link message: %m");
103 return 0;
104 }
105
106 static int manager_process_address(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
107 Manager *m = userdata;
108 union in_addr_union address;
109 uint16_t type;
110 int r, ifindex, family;
111 LinkAddress *a;
112 Link *l;
113
114 assert(rtnl);
115 assert(mm);
116 assert(m);
117
118 r = sd_netlink_message_get_type(mm, &type);
119 if (r < 0)
120 goto fail;
121
122 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
123 if (r < 0)
124 goto fail;
125
126 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
127 if (!l)
128 return 0;
129
130 r = sd_rtnl_message_addr_get_family(mm, &family);
131 if (r < 0)
132 goto fail;
133
134 switch (family) {
135
136 case AF_INET:
137 r = sd_netlink_message_read_in_addr(mm, IFA_LOCAL, &address.in);
138 if (r < 0) {
139 r = sd_netlink_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
140 if (r < 0)
141 goto fail;
142 }
143
144 break;
145
146 case AF_INET6:
147 r = sd_netlink_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
148 if (r < 0) {
149 r = sd_netlink_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
150 if (r < 0)
151 goto fail;
152 }
153
154 break;
155
156 default:
157 return 0;
158 }
159
160 a = link_find_address(l, family, &address);
161
162 switch (type) {
163
164 case RTM_NEWADDR:
165
166 if (!a) {
167 r = link_address_new(l, &a, family, &address);
168 if (r < 0)
169 return r;
170 }
171
172 r = link_address_update_rtnl(a, mm);
173 if (r < 0)
174 return r;
175
176 break;
177
178 case RTM_DELADDR:
179 if (a)
180 link_address_free(a);
181 break;
182 }
183
184 return 0;
185
186 fail:
187 log_warning_errno(r, "Failed to process RTNL address message: %m");
188 return 0;
189 }
190
191 static int manager_rtnl_listen(Manager *m) {
192 _cleanup_netlink_message_unref_ sd_netlink_message *req = NULL, *reply = NULL;
193 sd_netlink_message *i;
194 int r;
195
196 assert(m);
197
198 /* First, subscribe to interfaces coming and going */
199 r = sd_netlink_open(&m->rtnl);
200 if (r < 0)
201 return r;
202
203 r = sd_netlink_attach_event(m->rtnl, m->event, 0);
204 if (r < 0)
205 return r;
206
207 r = sd_netlink_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
208 if (r < 0)
209 return r;
210
211 r = sd_netlink_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
212 if (r < 0)
213 return r;
214
215 r = sd_netlink_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
216 if (r < 0)
217 return r;
218
219 r = sd_netlink_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
220 if (r < 0)
221 return r;
222
223 /* Then, enumerate all links */
224 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
225 if (r < 0)
226 return r;
227
228 r = sd_netlink_message_request_dump(req, true);
229 if (r < 0)
230 return r;
231
232 r = sd_netlink_call(m->rtnl, req, 0, &reply);
233 if (r < 0)
234 return r;
235
236 for (i = reply; i; i = sd_netlink_message_next(i)) {
237 r = manager_process_link(m->rtnl, i, m);
238 if (r < 0)
239 return r;
240 }
241
242 req = sd_netlink_message_unref(req);
243 reply = sd_netlink_message_unref(reply);
244
245 /* Finally, enumerate all addresses, too */
246 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
247 if (r < 0)
248 return r;
249
250 r = sd_netlink_message_request_dump(req, true);
251 if (r < 0)
252 return r;
253
254 r = sd_netlink_call(m->rtnl, req, 0, &reply);
255 if (r < 0)
256 return r;
257
258 for (i = reply; i; i = sd_netlink_message_next(i)) {
259 r = manager_process_address(m->rtnl, i, m);
260 if (r < 0)
261 return r;
262 }
263
264 return r;
265 }
266
267 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
268 Manager *m = userdata;
269 Iterator i;
270 Link *l;
271 int r;
272
273 assert(m);
274
275 sd_network_monitor_flush(m->network_monitor);
276
277 HASHMAP_FOREACH(l, m->links, i) {
278 r = link_update_monitor(l);
279 if (r < 0)
280 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
281 }
282
283 r = manager_write_resolv_conf(m);
284 if (r < 0)
285 log_warning_errno(r, "Could not update resolv.conf: %m");
286
287 return 0;
288 }
289
290 static int manager_network_monitor_listen(Manager *m) {
291 int r, fd, events;
292
293 assert(m);
294
295 r = sd_network_monitor_new(&m->network_monitor, NULL);
296 if (r < 0)
297 return r;
298
299 fd = sd_network_monitor_get_fd(m->network_monitor);
300 if (fd < 0)
301 return fd;
302
303 events = sd_network_monitor_get_events(m->network_monitor);
304 if (events < 0)
305 return events;
306
307 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
308 if (r < 0)
309 return r;
310
311 return 0;
312 }
313
314 static int determine_hostname(char **ret) {
315 _cleanup_free_ char *h = NULL, *n = NULL;
316 int r;
317
318 assert(ret);
319
320 h = gethostname_malloc();
321 if (!h)
322 return log_oom();
323
324 if (!utf8_is_valid(h)) {
325 log_error("System hostname is not UTF-8 clean.");
326 return -EINVAL;
327 }
328
329 r = dns_name_normalize(h, &n);
330 if (r < 0) {
331 log_error("System hostname '%s' cannot be normalized.", h);
332 return r;
333 }
334
335 *ret = n;
336 n = NULL;
337
338 return 0;
339 }
340
341 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
342 _cleanup_free_ char *h = NULL;
343 Manager *m = userdata;
344 int r;
345
346 assert(m);
347
348 r = determine_hostname(&h);
349 if (r < 0)
350 return 0; /* ignore invalid hostnames */
351
352 if (streq(h, m->hostname))
353 return 0;
354
355 log_info("System hostname changed to '%s'.", h);
356 free(m->hostname);
357 m->hostname = h;
358 h = NULL;
359
360 manager_refresh_rrs(m);
361
362 return 0;
363 }
364
365 static int manager_watch_hostname(Manager *m) {
366 int r;
367
368 assert(m);
369
370 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
371 if (m->hostname_fd < 0) {
372 log_warning_errno(errno, "Failed to watch hostname: %m");
373 return 0;
374 }
375
376 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
377 if (r < 0) {
378 if (r == -EPERM)
379 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
380 m->hostname_fd = safe_close(m->hostname_fd);
381 else
382 return log_error_errno(r, "Failed to add hostname event source: %m");
383 }
384
385 r = determine_hostname(&m->hostname);
386 if (r < 0) {
387 log_info("Defaulting to hostname 'linux'.");
388 m->hostname = strdup("linux");
389 if (!m->hostname)
390 return log_oom();
391 } else
392 log_info("Using system hostname '%s'.", m->hostname);
393
394 return 0;
395 }
396
397 int manager_new(Manager **ret) {
398 _cleanup_(manager_freep) Manager *m = NULL;
399 int r;
400
401 assert(ret);
402
403 m = new0(Manager, 1);
404 if (!m)
405 return -ENOMEM;
406
407 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
408 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
409 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
410 m->hostname_fd = -1;
411
412 m->llmnr_support = SUPPORT_YES;
413 m->read_resolv_conf = true;
414
415 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
416 if (r < 0)
417 return r;
418
419 r = sd_event_default(&m->event);
420 if (r < 0)
421 return r;
422
423 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
424 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
425
426 sd_event_set_watchdog(m->event, true);
427
428 r = manager_watch_hostname(m);
429 if (r < 0)
430 return r;
431
432 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
433 if (r < 0)
434 return r;
435
436 r = manager_network_monitor_listen(m);
437 if (r < 0)
438 return r;
439
440 r = manager_rtnl_listen(m);
441 if (r < 0)
442 return r;
443
444 r = manager_connect_bus(m);
445 if (r < 0)
446 return r;
447
448 *ret = m;
449 m = NULL;
450
451 return 0;
452 }
453
454 int manager_start(Manager *m) {
455 int r;
456
457 assert(m);
458
459 r = manager_llmnr_start(m);
460 if (r < 0)
461 return r;
462
463 return 0;
464 }
465
466 Manager *manager_free(Manager *m) {
467 Link *l;
468
469 if (!m)
470 return NULL;
471
472 while ((l = hashmap_first(m->links)))
473 link_free(l);
474
475 while (m->dns_queries)
476 dns_query_free(m->dns_queries);
477
478 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
479 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
480
481 dns_scope_free(m->unicast_scope);
482
483 hashmap_free(m->links);
484 hashmap_free(m->dns_transactions);
485
486 sd_event_source_unref(m->network_event_source);
487 sd_network_monitor_unref(m->network_monitor);
488
489 sd_event_source_unref(m->dns_ipv4_event_source);
490 sd_event_source_unref(m->dns_ipv6_event_source);
491 safe_close(m->dns_ipv4_fd);
492 safe_close(m->dns_ipv6_fd);
493
494 manager_llmnr_stop(m);
495
496 sd_bus_slot_unref(m->prepare_for_sleep_slot);
497 sd_event_source_unref(m->bus_retry_event_source);
498 sd_bus_unref(m->bus);
499
500 sd_event_unref(m->event);
501
502 dns_resource_key_unref(m->host_ipv4_key);
503 dns_resource_key_unref(m->host_ipv6_key);
504
505 safe_close(m->hostname_fd);
506 sd_event_source_unref(m->hostname_event_source);
507 free(m->hostname);
508
509 free(m);
510
511 return NULL;
512 }
513
514 int manager_read_resolv_conf(Manager *m) {
515 _cleanup_fclose_ FILE *f = NULL;
516 struct stat st, own;
517 char line[LINE_MAX];
518 DnsServer *s, *nx;
519 usec_t t;
520 int r;
521
522 assert(m);
523
524 /* Reads the system /etc/resolv.conf, if it exists and is not
525 * symlinked to our own resolv.conf instance */
526
527 if (!m->read_resolv_conf)
528 return 0;
529
530 r = stat("/etc/resolv.conf", &st);
531 if (r < 0) {
532 if (errno != ENOENT)
533 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
534 r = -errno;
535 goto clear;
536 }
537
538 /* Have we already seen the file? */
539 t = timespec_load(&st.st_mtim);
540 if (t == m->resolv_conf_mtime)
541 return 0;
542
543 m->resolv_conf_mtime = t;
544
545 /* Is it symlinked to our own file? */
546 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
547 st.st_dev == own.st_dev &&
548 st.st_ino == own.st_ino) {
549 r = 0;
550 goto clear;
551 }
552
553 f = fopen("/etc/resolv.conf", "re");
554 if (!f) {
555 if (errno != ENOENT)
556 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
557 r = -errno;
558 goto clear;
559 }
560
561 if (fstat(fileno(f), &st) < 0) {
562 log_error_errno(errno, "Failed to stat open file: %m");
563 r = -errno;
564 goto clear;
565 }
566
567 LIST_FOREACH(servers, s, m->dns_servers)
568 s->marked = true;
569
570 FOREACH_LINE(line, f, r = -errno; goto clear) {
571 union in_addr_union address;
572 int family;
573 char *l;
574 const char *a;
575
576 truncate_nl(line);
577
578 l = strstrip(line);
579 if (*l == '#' || *l == ';')
580 continue;
581
582 a = first_word(l, "nameserver");
583 if (!a)
584 continue;
585
586 r = in_addr_from_string_auto(a, &family, &address);
587 if (r < 0) {
588 log_warning("Failed to parse name server %s.", a);
589 continue;
590 }
591
592 LIST_FOREACH(servers, s, m->dns_servers)
593 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
594 break;
595
596 if (s)
597 s->marked = false;
598 else {
599 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
600 if (r < 0)
601 goto clear;
602 }
603 }
604
605 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
606 if (s->marked)
607 dns_server_free(s);
608
609 /* Whenever /etc/resolv.conf changes, start using the first
610 * DNS server of it. This is useful to deal with broken
611 * network managing implementations (like NetworkManager),
612 * that when connecting to a VPN place both the VPN DNS
613 * servers and the local ones in /etc/resolv.conf. Without
614 * resetting the DNS server to use back to the first entry we
615 * will continue to use the local one thus being unable to
616 * resolve VPN domains. */
617 manager_set_dns_server(m, m->dns_servers);
618
619 return 0;
620
621 clear:
622 while (m->dns_servers)
623 dns_server_free(m->dns_servers);
624
625 return r;
626 }
627
628 static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
629 _cleanup_free_ char *t = NULL;
630 int r;
631
632 assert(s);
633 assert(f);
634 assert(count);
635
636 r = in_addr_to_string(s->family, &s->address, &t);
637 if (r < 0) {
638 log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
639 return;
640 }
641
642 if (*count == MAXNS)
643 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
644
645 fprintf(f, "nameserver %s\n", t);
646 (*count) ++;
647 }
648
649 static void write_resolv_conf_search(
650 const char *domain, FILE *f,
651 unsigned *count,
652 unsigned *length) {
653
654 assert(domain);
655 assert(f);
656 assert(length);
657
658 if (*count >= MAXDNSRCH ||
659 *length + strlen(domain) > 256) {
660 if (*count == MAXDNSRCH)
661 fputs(" # Too many search domains configured, remaining ones ignored.", f);
662 if (*length <= 256)
663 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
664
665 return;
666 }
667
668 fprintf(f, " %s", domain);
669
670 (*length) += strlen(domain);
671 (*count) ++;
672 }
673
674 static int write_resolv_conf_contents(FILE *f, OrderedSet *dns, OrderedSet *domains) {
675 Iterator i;
676
677 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
678 "# Third party programs must not access this file directly, but\n"
679 "# only through the symlink at /etc/resolv.conf. To manage\n"
680 "# resolv.conf(5) in a different way, replace the symlink by a\n"
681 "# static file or a different symlink.\n\n", f);
682
683 if (ordered_set_isempty(dns))
684 fputs("# No DNS servers known.\n", f);
685 else {
686 DnsServer *s;
687 unsigned count = 0;
688
689 ORDERED_SET_FOREACH(s, dns, i)
690 write_resolv_conf_server(s, f, &count);
691 }
692
693 if (!ordered_set_isempty(domains)) {
694 unsigned length = 0, count = 0;
695 char *domain;
696
697 fputs("search", f);
698 ORDERED_SET_FOREACH(domain, domains, i)
699 write_resolv_conf_search(domain, f, &count, &length);
700 fputs("\n", f);
701 }
702
703 return fflush_and_check(f);
704 }
705
706 int manager_write_resolv_conf(Manager *m) {
707 static const char path[] = "/run/systemd/resolve/resolv.conf";
708 _cleanup_free_ char *temp_path = NULL;
709 _cleanup_fclose_ FILE *f = NULL;
710 _cleanup_ordered_set_free_ OrderedSet *dns = NULL, *domains = NULL;
711 DnsServer *s;
712 Iterator i;
713 Link *l;
714 int r;
715
716 assert(m);
717
718 /* Read the system /etc/resolv.conf first */
719 manager_read_resolv_conf(m);
720
721 /* Add the full list to a set, to filter out duplicates */
722 dns = ordered_set_new(&dns_server_hash_ops);
723 if (!dns)
724 return -ENOMEM;
725
726 domains = ordered_set_new(&dns_name_hash_ops);
727 if (!domains)
728 return -ENOMEM;
729
730 /* First add the system-wide servers */
731 LIST_FOREACH(servers, s, m->dns_servers) {
732 r = ordered_set_put(dns, s);
733 if (r == -EEXIST)
734 continue;
735 if (r < 0)
736 return r;
737 }
738
739 /* Then, add the per-link servers and domains */
740 HASHMAP_FOREACH(l, m->links, i) {
741 char **domain;
742
743 LIST_FOREACH(servers, s, l->dns_servers) {
744 r = ordered_set_put(dns, s);
745 if (r == -EEXIST)
746 continue;
747 if (r < 0)
748 return r;
749 }
750
751 if (!l->unicast_scope)
752 continue;
753
754 STRV_FOREACH(domain, l->unicast_scope->domains) {
755 r = ordered_set_put(domains, *domain);
756 if (r == -EEXIST)
757 continue;
758 if (r < 0)
759 return r;
760 }
761 }
762
763 /* If we found nothing, add the fallback servers */
764 if (ordered_set_isempty(dns)) {
765 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
766 r = ordered_set_put(dns, s);
767 if (r == -EEXIST)
768 continue;
769 if (r < 0)
770 return r;
771 }
772 }
773
774 r = fopen_temporary_label(path, path, &f, &temp_path);
775 if (r < 0)
776 return r;
777
778 fchmod(fileno(f), 0644);
779
780 r = write_resolv_conf_contents(f, dns, domains);
781 if (r < 0)
782 goto fail;
783
784 if (rename(temp_path, path) < 0) {
785 r = -errno;
786 goto fail;
787 }
788
789 return 0;
790
791 fail:
792 (void) unlink(path);
793 (void) unlink(temp_path);
794 return r;
795 }
796
797 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
798 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
799 union {
800 struct cmsghdr header; /* For alignment */
801 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
802 + CMSG_SPACE(int) /* ttl/hoplimit */
803 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
804 } control;
805 union sockaddr_union sa;
806 struct msghdr mh = {};
807 struct cmsghdr *cmsg;
808 struct iovec iov;
809 int ms = 0, r;
810 ssize_t l;
811
812 assert(m);
813 assert(fd >= 0);
814 assert(ret);
815
816 r = ioctl(fd, FIONREAD, &ms);
817 if (r < 0)
818 return -errno;
819 if (ms < 0)
820 return -EIO;
821
822 r = dns_packet_new(&p, protocol, ms);
823 if (r < 0)
824 return r;
825
826 iov.iov_base = DNS_PACKET_DATA(p);
827 iov.iov_len = p->allocated;
828
829 mh.msg_name = &sa.sa;
830 mh.msg_namelen = sizeof(sa);
831 mh.msg_iov = &iov;
832 mh.msg_iovlen = 1;
833 mh.msg_control = &control;
834 mh.msg_controllen = sizeof(control);
835
836 l = recvmsg(fd, &mh, 0);
837 if (l < 0) {
838 if (errno == EAGAIN || errno == EINTR)
839 return 0;
840
841 return -errno;
842 }
843
844 if (l <= 0)
845 return -EIO;
846
847 assert(!(mh.msg_flags & MSG_CTRUNC));
848 assert(!(mh.msg_flags & MSG_TRUNC));
849
850 p->size = (size_t) l;
851
852 p->family = sa.sa.sa_family;
853 p->ipproto = IPPROTO_UDP;
854 if (p->family == AF_INET) {
855 p->sender.in = sa.in.sin_addr;
856 p->sender_port = be16toh(sa.in.sin_port);
857 } else if (p->family == AF_INET6) {
858 p->sender.in6 = sa.in6.sin6_addr;
859 p->sender_port = be16toh(sa.in6.sin6_port);
860 p->ifindex = sa.in6.sin6_scope_id;
861 } else
862 return -EAFNOSUPPORT;
863
864 CMSG_FOREACH(cmsg, &mh) {
865
866 if (cmsg->cmsg_level == IPPROTO_IPV6) {
867 assert(p->family == AF_INET6);
868
869 switch (cmsg->cmsg_type) {
870
871 case IPV6_PKTINFO: {
872 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
873
874 if (p->ifindex <= 0)
875 p->ifindex = i->ipi6_ifindex;
876
877 p->destination.in6 = i->ipi6_addr;
878 break;
879 }
880
881 case IPV6_HOPLIMIT:
882 p->ttl = *(int *) CMSG_DATA(cmsg);
883 break;
884
885 }
886 } else if (cmsg->cmsg_level == IPPROTO_IP) {
887 assert(p->family == AF_INET);
888
889 switch (cmsg->cmsg_type) {
890
891 case IP_PKTINFO: {
892 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
893
894 if (p->ifindex <= 0)
895 p->ifindex = i->ipi_ifindex;
896
897 p->destination.in = i->ipi_addr;
898 break;
899 }
900
901 case IP_TTL:
902 p->ttl = *(int *) CMSG_DATA(cmsg);
903 break;
904 }
905 }
906 }
907
908 /* The Linux kernel sets the interface index to the loopback
909 * device if the packet came from the local host since it
910 * avoids the routing table in such a case. Let's unset the
911 * interface index in such a case. */
912 if (p->ifindex == LOOPBACK_IFINDEX)
913 p->ifindex = 0;
914
915 /* If we don't know the interface index still, we look for the
916 * first local interface with a matching address. Yuck! */
917 if (p->ifindex <= 0)
918 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
919
920 *ret = p;
921 p = NULL;
922
923 return 1;
924 }
925
926 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
927 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
928 DnsTransaction *t = NULL;
929 Manager *m = userdata;
930 int r;
931
932 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
933 if (r <= 0)
934 return r;
935
936 if (dns_packet_validate_reply(p) > 0) {
937 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
938 if (!t)
939 return 0;
940
941 dns_transaction_process_reply(t, p);
942
943 } else
944 log_debug("Invalid DNS packet.");
945
946 return 0;
947 }
948
949 int manager_dns_ipv4_fd(Manager *m) {
950 const int one = 1;
951 int r;
952
953 assert(m);
954
955 if (m->dns_ipv4_fd >= 0)
956 return m->dns_ipv4_fd;
957
958 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
959 if (m->dns_ipv4_fd < 0)
960 return -errno;
961
962 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
963 if (r < 0) {
964 r = -errno;
965 goto fail;
966 }
967
968 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
969 if (r < 0)
970 goto fail;
971
972 return m->dns_ipv4_fd;
973
974 fail:
975 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
976 return r;
977 }
978
979 int manager_dns_ipv6_fd(Manager *m) {
980 const int one = 1;
981 int r;
982
983 assert(m);
984
985 if (m->dns_ipv6_fd >= 0)
986 return m->dns_ipv6_fd;
987
988 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
989 if (m->dns_ipv6_fd < 0)
990 return -errno;
991
992 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
993 if (r < 0) {
994 r = -errno;
995 goto fail;
996 }
997
998 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
999 if (r < 0)
1000 goto fail;
1001
1002 return m->dns_ipv6_fd;
1003
1004 fail:
1005 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1006 return r;
1007 }
1008
1009 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1010 int r;
1011
1012 assert(fd >= 0);
1013 assert(mh);
1014
1015 for (;;) {
1016 if (sendmsg(fd, mh, flags) >= 0)
1017 return 0;
1018
1019 if (errno == EINTR)
1020 continue;
1021
1022 if (errno != EAGAIN)
1023 return -errno;
1024
1025 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1026 if (r < 0)
1027 return r;
1028 if (r == 0)
1029 return -ETIMEDOUT;
1030 }
1031 }
1032
1033 static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1034 union sockaddr_union sa = {
1035 .in.sin_family = AF_INET,
1036 };
1037 union {
1038 struct cmsghdr header; /* For alignment */
1039 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1040 } control;
1041 struct msghdr mh = {};
1042 struct iovec iov;
1043
1044 assert(m);
1045 assert(fd >= 0);
1046 assert(addr);
1047 assert(port > 0);
1048 assert(p);
1049
1050 iov.iov_base = DNS_PACKET_DATA(p);
1051 iov.iov_len = p->size;
1052
1053 sa.in.sin_addr = *addr;
1054 sa.in.sin_port = htobe16(port),
1055
1056 mh.msg_iov = &iov;
1057 mh.msg_iovlen = 1;
1058 mh.msg_name = &sa.sa;
1059 mh.msg_namelen = sizeof(sa.in);
1060
1061 if (ifindex > 0) {
1062 struct cmsghdr *cmsg;
1063 struct in_pktinfo *pi;
1064
1065 zero(control);
1066
1067 mh.msg_control = &control;
1068 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1069
1070 cmsg = CMSG_FIRSTHDR(&mh);
1071 cmsg->cmsg_len = mh.msg_controllen;
1072 cmsg->cmsg_level = IPPROTO_IP;
1073 cmsg->cmsg_type = IP_PKTINFO;
1074
1075 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1076 pi->ipi_ifindex = ifindex;
1077 }
1078
1079 return sendmsg_loop(fd, &mh, 0);
1080 }
1081
1082 static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1083 union sockaddr_union sa = {
1084 .in6.sin6_family = AF_INET6,
1085 };
1086 union {
1087 struct cmsghdr header; /* For alignment */
1088 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1089 } control;
1090 struct msghdr mh = {};
1091 struct iovec iov;
1092
1093 assert(m);
1094 assert(fd >= 0);
1095 assert(addr);
1096 assert(port > 0);
1097 assert(p);
1098
1099 iov.iov_base = DNS_PACKET_DATA(p);
1100 iov.iov_len = p->size;
1101
1102 sa.in6.sin6_addr = *addr;
1103 sa.in6.sin6_port = htobe16(port),
1104 sa.in6.sin6_scope_id = ifindex;
1105
1106 mh.msg_iov = &iov;
1107 mh.msg_iovlen = 1;
1108 mh.msg_name = &sa.sa;
1109 mh.msg_namelen = sizeof(sa.in6);
1110
1111 if (ifindex > 0) {
1112 struct cmsghdr *cmsg;
1113 struct in6_pktinfo *pi;
1114
1115 zero(control);
1116
1117 mh.msg_control = &control;
1118 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1119
1120 cmsg = CMSG_FIRSTHDR(&mh);
1121 cmsg->cmsg_len = mh.msg_controllen;
1122 cmsg->cmsg_level = IPPROTO_IPV6;
1123 cmsg->cmsg_type = IPV6_PKTINFO;
1124
1125 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1126 pi->ipi6_ifindex = ifindex;
1127 }
1128
1129 return sendmsg_loop(fd, &mh, 0);
1130 }
1131
1132 int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1133 assert(m);
1134 assert(fd >= 0);
1135 assert(addr);
1136 assert(port > 0);
1137 assert(p);
1138
1139 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1140
1141 if (family == AF_INET)
1142 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1143 else if (family == AF_INET6)
1144 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1145
1146 return -EAFNOSUPPORT;
1147 }
1148
1149 DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1150 DnsServer *s;
1151
1152 assert(m);
1153 assert(in_addr);
1154
1155 LIST_FOREACH(servers, s, m->dns_servers)
1156 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1157 return s;
1158
1159 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1160 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1161 return s;
1162
1163 return NULL;
1164 }
1165
1166 DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1167 assert(m);
1168
1169 if (m->current_dns_server == s)
1170 return s;
1171
1172 if (s) {
1173 _cleanup_free_ char *ip = NULL;
1174
1175 in_addr_to_string(s->family, &s->address, &ip);
1176 log_info("Switching to system DNS server %s.", strna(ip));
1177 }
1178
1179 m->current_dns_server = s;
1180
1181 if (m->unicast_scope)
1182 dns_cache_flush(&m->unicast_scope->cache);
1183
1184 return s;
1185 }
1186
1187 DnsServer *manager_get_dns_server(Manager *m) {
1188 Link *l;
1189 assert(m);
1190
1191 /* Try to read updates resolv.conf */
1192 manager_read_resolv_conf(m);
1193
1194 if (!m->current_dns_server)
1195 manager_set_dns_server(m, m->dns_servers);
1196
1197 if (!m->current_dns_server) {
1198 bool found = false;
1199 Iterator i;
1200
1201 /* No DNS servers configured, let's see if there are
1202 * any on any links. If not, we use the fallback
1203 * servers */
1204
1205 HASHMAP_FOREACH(l, m->links, i)
1206 if (l->dns_servers) {
1207 found = true;
1208 break;
1209 }
1210
1211 if (!found)
1212 manager_set_dns_server(m, m->fallback_dns_servers);
1213 }
1214
1215 return m->current_dns_server;
1216 }
1217
1218 void manager_next_dns_server(Manager *m) {
1219 assert(m);
1220
1221 /* If there's currently no DNS server set, then the next
1222 * manager_get_dns_server() will find one */
1223 if (!m->current_dns_server)
1224 return;
1225
1226 /* Change to the next one */
1227 if (m->current_dns_server->servers_next) {
1228 manager_set_dns_server(m, m->current_dns_server->servers_next);
1229 return;
1230 }
1231
1232 /* If there was no next one, then start from the beginning of
1233 * the list */
1234 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1235 manager_set_dns_server(m, m->fallback_dns_servers);
1236 else
1237 manager_set_dns_server(m, m->dns_servers);
1238 }
1239
1240 uint32_t manager_find_mtu(Manager *m) {
1241 uint32_t mtu = 0;
1242 Link *l;
1243 Iterator i;
1244
1245 /* If we don't know on which link a DNS packet would be
1246 * delivered, let's find the largest MTU that works on all
1247 * interfaces we know of */
1248
1249 HASHMAP_FOREACH(l, m->links, i) {
1250 if (l->mtu <= 0)
1251 continue;
1252
1253 if (mtu <= 0 || l->mtu < mtu)
1254 mtu = l->mtu;
1255 }
1256
1257 return mtu;
1258 }
1259
1260 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1261 LinkAddress *a;
1262
1263 assert(m);
1264
1265 a = manager_find_link_address(m, family, in_addr);
1266 if (a)
1267 return a->link->ifindex;
1268
1269 return 0;
1270 }
1271
1272 void manager_refresh_rrs(Manager *m) {
1273 Iterator i;
1274 Link *l;
1275
1276 assert(m);
1277
1278 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1279 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1280
1281 HASHMAP_FOREACH(l, m->links, i) {
1282 link_add_rrs(l, true);
1283 link_add_rrs(l, false);
1284 }
1285 }
1286
1287 int manager_next_hostname(Manager *m) {
1288 const char *p;
1289 uint64_t u, a;
1290 char *h;
1291
1292 assert(m);
1293
1294 p = strchr(m->hostname, 0);
1295 assert(p);
1296
1297 while (p > m->hostname) {
1298 if (!strchr("0123456789", p[-1]))
1299 break;
1300
1301 p--;
1302 }
1303
1304 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1305 u = 1;
1306
1307 /* Add a random number to the old value. This way we can avoid
1308 * that two hosts pick the same hostname, win on IPv4 and lose
1309 * on IPv6 (or vice versa), and pick the same hostname
1310 * replacement hostname, ad infinitum. We still want the
1311 * numbers to go up monotonically, hence we just add a random
1312 * value 1..10 */
1313
1314 random_bytes(&a, sizeof(a));
1315 u += 1 + a % 10;
1316
1317 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1318 return -ENOMEM;
1319
1320 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1321
1322 free(m->hostname);
1323 m->hostname = h;
1324
1325 manager_refresh_rrs(m);
1326
1327 return 0;
1328 }
1329
1330 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1331 Iterator i;
1332 Link *l;
1333
1334 assert(m);
1335
1336 HASHMAP_FOREACH(l, m->links, i) {
1337 LinkAddress *a;
1338
1339 a = link_find_address(l, family, in_addr);
1340 if (a)
1341 return a;
1342 }
1343
1344 return NULL;
1345 }
1346
1347 bool manager_our_packet(Manager *m, DnsPacket *p) {
1348 assert(m);
1349 assert(p);
1350
1351 return !!manager_find_link_address(m, p->family, &p->sender);
1352 }
1353
1354 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1355 Link *l;
1356
1357 assert(m);
1358 assert(p);
1359
1360 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1361 if (!l)
1362 return NULL;
1363
1364 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1365 if (p->family == AF_INET)
1366 return l->llmnr_ipv4_scope;
1367 else if (p->family == AF_INET6)
1368 return l->llmnr_ipv6_scope;
1369 }
1370
1371 return NULL;
1372 }
1373
1374 void manager_verify_all(Manager *m) {
1375 DnsScope *s;
1376
1377 assert(m);
1378
1379 LIST_FOREACH(scopes, s, m->dns_scopes)
1380 dns_zone_verify_all(&s->zone);
1381 }
1382
1383 void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1384 assert(m);
1385
1386 if (t == DNS_SERVER_SYSTEM)
1387 while (m->dns_servers)
1388 dns_server_free(m->dns_servers);
1389
1390 if (t == DNS_SERVER_FALLBACK)
1391 while (m->fallback_dns_servers)
1392 dns_server_free(m->fallback_dns_servers);
1393 }
1394
1395 static const char* const support_table[_SUPPORT_MAX] = {
1396 [SUPPORT_NO] = "no",
1397 [SUPPORT_YES] = "yes",
1398 [SUPPORT_RESOLVE] = "resolve",
1399 };
1400 DEFINE_STRING_TABLE_LOOKUP(support, Support);
Unnamed repository; edit this file 'description' to name the repository.