]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #7569 from keszybz/doc-reverse-settings
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2014 Tom Gundersen <teg@jklm.no>
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <netinet/in.h>
22 #include <poll.h>
23 #include <sys/ioctl.h>
24
25 #if HAVE_LIBIDN2
26 #include <idn2.h>
27 #endif
28
29 #include "af-list.h"
30 #include "alloc-util.h"
31 #include "dirent-util.h"
32 #include "dns-domain.h"
33 #include "fd-util.h"
34 #include "fileio-label.h"
35 #include "hostname-util.h"
36 #include "io-util.h"
37 #include "netlink-util.h"
38 #include "network-internal.h"
39 #include "ordered-set.h"
40 #include "parse-util.h"
41 #include "random-util.h"
42 #include "resolved-bus.h"
43 #include "resolved-conf.h"
44 #include "resolved-dnssd.h"
45 #include "resolved-dns-stub.h"
46 #include "resolved-etc-hosts.h"
47 #include "resolved-llmnr.h"
48 #include "resolved-manager.h"
49 #include "resolved-mdns.h"
50 #include "resolved-resolv-conf.h"
51 #include "socket-util.h"
52 #include "string-table.h"
53 #include "string-util.h"
54 #include "utf8.h"
55
56 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
57
58 static int manager_process_link(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
59 Manager *m = userdata;
60 uint16_t type;
61 Link *l;
62 int ifindex, r;
63
64 assert(rtnl);
65 assert(m);
66 assert(mm);
67
68 r = sd_netlink_message_get_type(mm, &type);
69 if (r < 0)
70 goto fail;
71
72 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
73 if (r < 0)
74 goto fail;
75
76 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
77
78 switch (type) {
79
80 case RTM_NEWLINK:{
81 bool is_new = !l;
82
83 if (!l) {
84 r = link_new(m, &l, ifindex);
85 if (r < 0)
86 goto fail;
87 }
88
89 r = link_process_rtnl(l, mm);
90 if (r < 0)
91 goto fail;
92
93 r = link_update(l);
94 if (r < 0)
95 goto fail;
96
97 if (is_new)
98 log_debug("Found new link %i/%s", ifindex, l->name);
99
100 break;
101 }
102
103 case RTM_DELLINK:
104 if (l) {
105 log_debug("Removing link %i/%s", l->ifindex, l->name);
106 link_remove_user(l);
107 link_free(l);
108 }
109
110 break;
111 }
112
113 return 0;
114
115 fail:
116 log_warning_errno(r, "Failed to process RTNL link message: %m");
117 return 0;
118 }
119
120 static int manager_process_address(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
121 Manager *m = userdata;
122 union in_addr_union address;
123 uint16_t type;
124 int r, ifindex, family;
125 LinkAddress *a;
126 Link *l;
127
128 assert(rtnl);
129 assert(mm);
130 assert(m);
131
132 r = sd_netlink_message_get_type(mm, &type);
133 if (r < 0)
134 goto fail;
135
136 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
137 if (r < 0)
138 goto fail;
139
140 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
141 if (!l)
142 return 0;
143
144 r = sd_rtnl_message_addr_get_family(mm, &family);
145 if (r < 0)
146 goto fail;
147
148 switch (family) {
149
150 case AF_INET:
151 r = sd_netlink_message_read_in_addr(mm, IFA_LOCAL, &address.in);
152 if (r < 0) {
153 r = sd_netlink_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
154 if (r < 0)
155 goto fail;
156 }
157
158 break;
159
160 case AF_INET6:
161 r = sd_netlink_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
162 if (r < 0) {
163 r = sd_netlink_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
164 if (r < 0)
165 goto fail;
166 }
167
168 break;
169
170 default:
171 return 0;
172 }
173
174 a = link_find_address(l, family, &address);
175
176 switch (type) {
177
178 case RTM_NEWADDR:
179
180 if (!a) {
181 r = link_address_new(l, &a, family, &address);
182 if (r < 0)
183 return r;
184 }
185
186 r = link_address_update_rtnl(a, mm);
187 if (r < 0)
188 return r;
189
190 break;
191
192 case RTM_DELADDR:
193 link_address_free(a);
194 break;
195 }
196
197 return 0;
198
199 fail:
200 log_warning_errno(r, "Failed to process RTNL address message: %m");
201 return 0;
202 }
203
204 static int manager_rtnl_listen(Manager *m) {
205 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL, *reply = NULL;
206 sd_netlink_message *i;
207 int r;
208
209 assert(m);
210
211 /* First, subscribe to interfaces coming and going */
212 r = sd_netlink_open(&m->rtnl);
213 if (r < 0)
214 return r;
215
216 r = sd_netlink_attach_event(m->rtnl, m->event, SD_EVENT_PRIORITY_IMPORTANT);
217 if (r < 0)
218 return r;
219
220 r = sd_netlink_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
221 if (r < 0)
222 return r;
223
224 r = sd_netlink_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
225 if (r < 0)
226 return r;
227
228 r = sd_netlink_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
229 if (r < 0)
230 return r;
231
232 r = sd_netlink_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
233 if (r < 0)
234 return r;
235
236 /* Then, enumerate all links */
237 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
238 if (r < 0)
239 return r;
240
241 r = sd_netlink_message_request_dump(req, true);
242 if (r < 0)
243 return r;
244
245 r = sd_netlink_call(m->rtnl, req, 0, &reply);
246 if (r < 0)
247 return r;
248
249 for (i = reply; i; i = sd_netlink_message_next(i)) {
250 r = manager_process_link(m->rtnl, i, m);
251 if (r < 0)
252 return r;
253 }
254
255 req = sd_netlink_message_unref(req);
256 reply = sd_netlink_message_unref(reply);
257
258 /* Finally, enumerate all addresses, too */
259 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
260 if (r < 0)
261 return r;
262
263 r = sd_netlink_message_request_dump(req, true);
264 if (r < 0)
265 return r;
266
267 r = sd_netlink_call(m->rtnl, req, 0, &reply);
268 if (r < 0)
269 return r;
270
271 for (i = reply; i; i = sd_netlink_message_next(i)) {
272 r = manager_process_address(m->rtnl, i, m);
273 if (r < 0)
274 return r;
275 }
276
277 return r;
278 }
279
280 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
281 Manager *m = userdata;
282 Iterator i;
283 Link *l;
284 int r;
285
286 assert(m);
287
288 sd_network_monitor_flush(m->network_monitor);
289
290 HASHMAP_FOREACH(l, m->links, i) {
291 r = link_update(l);
292 if (r < 0)
293 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
294 }
295
296 (void) manager_write_resolv_conf(m);
297
298 return 0;
299 }
300
301 static int manager_network_monitor_listen(Manager *m) {
302 int r, fd, events;
303
304 assert(m);
305
306 r = sd_network_monitor_new(&m->network_monitor, NULL);
307 if (r < 0)
308 return r;
309
310 fd = sd_network_monitor_get_fd(m->network_monitor);
311 if (fd < 0)
312 return fd;
313
314 events = sd_network_monitor_get_events(m->network_monitor);
315 if (events < 0)
316 return events;
317
318 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
319 if (r < 0)
320 return r;
321
322 r = sd_event_source_set_priority(m->network_event_source, SD_EVENT_PRIORITY_IMPORTANT+5);
323 if (r < 0)
324 return r;
325
326 (void) sd_event_source_set_description(m->network_event_source, "network-monitor");
327
328 return 0;
329 }
330
331 static int determine_hostname(char **full_hostname, char **llmnr_hostname, char **mdns_hostname) {
332 _cleanup_free_ char *h = NULL, *n = NULL;
333 #if HAVE_LIBIDN2
334 _cleanup_free_ char *utf8 = NULL;
335 #elif HAVE_LIBIDN
336 int k;
337 #endif
338 char label[DNS_LABEL_MAX];
339 const char *p, *decoded;
340 int r;
341
342 assert(full_hostname);
343 assert(llmnr_hostname);
344 assert(mdns_hostname);
345
346 /* Extract and normalize the first label of the locally configured hostname, and check it's not "localhost". */
347
348 r = gethostname_strict(&h);
349 if (r < 0)
350 return log_debug_errno(r, "Can't determine system hostname: %m");
351
352 p = h;
353 r = dns_label_unescape(&p, label, sizeof label);
354 if (r < 0)
355 return log_error_errno(r, "Failed to unescape host name: %m");
356 if (r == 0) {
357 log_error("Couldn't find a single label in hostname.");
358 return -EINVAL;
359 }
360
361 #if HAVE_LIBIDN2
362 r = idn2_to_unicode_8z8z(label, &utf8, 0);
363 if (r != IDN2_OK)
364 return log_error("Failed to undo IDNA: %s", idn2_strerror(r));
365 assert(utf8_is_valid(utf8));
366
367 r = strlen(utf8);
368 decoded = utf8;
369 #elif HAVE_LIBIDN
370 k = dns_label_undo_idna(label, r, label, sizeof label);
371 if (k < 0)
372 return log_error_errno(k, "Failed to undo IDNA: %m");
373 if (k > 0)
374 r = k;
375
376 if (!utf8_is_valid(label)) {
377 log_error("System hostname is not UTF-8 clean.");
378 return -EINVAL;
379 }
380 decoded = label;
381 #else
382 decoded = label; /* no decoding */
383 #endif
384
385 r = dns_label_escape_new(decoded, r, &n);
386 if (r < 0)
387 return log_error_errno(r, "Failed to escape host name: %m");
388
389 if (is_localhost(n)) {
390 log_debug("System hostname is 'localhost', ignoring.");
391 return -EINVAL;
392 }
393
394 r = dns_name_concat(n, "local", mdns_hostname);
395 if (r < 0)
396 return log_error_errno(r, "Failed to determine mDNS hostname: %m");
397
398 *llmnr_hostname = n;
399 n = NULL;
400
401 *full_hostname = h;
402 h = NULL;
403
404 return 0;
405 }
406
407 static const char *fallback_hostname(void) {
408
409 /* Determine the fall back hostname. For exposing this system to the outside world, we cannot have it to be
410 * "localhost" even if that's the compiled in hostname. In this case, let's revert to "linux" instead. */
411
412 if (is_localhost(FALLBACK_HOSTNAME))
413 return "linux";
414
415 return FALLBACK_HOSTNAME;
416 }
417
418 static int make_fallback_hostnames(char **full_hostname, char **llmnr_hostname, char **mdns_hostname) {
419 _cleanup_free_ char *n = NULL, *m = NULL;
420 char label[DNS_LABEL_MAX], *h;
421 const char *p;
422 int r;
423
424 assert(full_hostname);
425 assert(llmnr_hostname);
426 assert(mdns_hostname);
427
428 p = fallback_hostname();
429 r = dns_label_unescape(&p, label, sizeof(label));
430 if (r < 0)
431 return log_error_errno(r, "Failed to unescape fallback host name: %m");
432
433 assert(r > 0); /* The fallback hostname must have at least one label */
434
435 r = dns_label_escape_new(label, r, &n);
436 if (r < 0)
437 return log_error_errno(r, "Failed to escape fallback hostname: %m");
438
439 r = dns_name_concat(n, "local", &m);
440 if (r < 0)
441 return log_error_errno(r, "Failed to concatenate mDNS hostname: %m");
442
443 h = strdup(fallback_hostname());
444 if (!h)
445 return log_oom();
446
447 *llmnr_hostname = n;
448 n = NULL;
449
450 *mdns_hostname = m;
451 m = NULL;
452
453 *full_hostname = h;
454
455 return 0;
456 }
457
458 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
459 _cleanup_free_ char *full_hostname = NULL, *llmnr_hostname = NULL, *mdns_hostname = NULL;
460 Manager *m = userdata;
461 int r;
462
463 assert(m);
464
465 r = determine_hostname(&full_hostname, &llmnr_hostname, &mdns_hostname);
466 if (r < 0)
467 return 0; /* ignore invalid hostnames */
468
469 if (streq(full_hostname, m->full_hostname) &&
470 streq(llmnr_hostname, m->llmnr_hostname) &&
471 streq(mdns_hostname, m->mdns_hostname))
472 return 0;
473
474 log_info("System hostname changed to '%s'.", full_hostname);
475
476 free_and_replace(m->full_hostname, full_hostname);
477 free_and_replace(m->llmnr_hostname, llmnr_hostname);
478 free_and_replace(m->mdns_hostname, mdns_hostname);
479
480 manager_refresh_rrs(m);
481
482 return 0;
483 }
484
485 static int manager_watch_hostname(Manager *m) {
486 int r;
487
488 assert(m);
489
490 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
491 if (m->hostname_fd < 0) {
492 log_warning_errno(errno, "Failed to watch hostname: %m");
493 return 0;
494 }
495
496 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
497 if (r < 0) {
498 if (r == -EPERM)
499 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
500 m->hostname_fd = safe_close(m->hostname_fd);
501 else
502 return log_error_errno(r, "Failed to add hostname event source: %m");
503 }
504
505 (void) sd_event_source_set_description(m->hostname_event_source, "hostname");
506
507 r = determine_hostname(&m->full_hostname, &m->llmnr_hostname, &m->mdns_hostname);
508 if (r < 0) {
509 log_info("Defaulting to hostname '%s'.", fallback_hostname());
510
511 r = make_fallback_hostnames(&m->full_hostname, &m->llmnr_hostname, &m->mdns_hostname);
512 if (r < 0)
513 return r;
514 } else
515 log_info("Using system hostname '%s'.", m->full_hostname);
516
517 return 0;
518 }
519
520 static int manager_sigusr1(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
521 _cleanup_free_ char *buffer = NULL;
522 _cleanup_fclose_ FILE *f = NULL;
523 Manager *m = userdata;
524 DnsServer *server;
525 size_t size = 0;
526 DnsScope *scope;
527 Iterator i;
528 Link *l;
529
530 assert(s);
531 assert(si);
532 assert(m);
533
534 f = open_memstream(&buffer, &size);
535 if (!f)
536 return log_oom();
537
538 LIST_FOREACH(scopes, scope, m->dns_scopes)
539 dns_scope_dump(scope, f);
540
541 LIST_FOREACH(servers, server, m->dns_servers)
542 dns_server_dump(server, f);
543 LIST_FOREACH(servers, server, m->fallback_dns_servers)
544 dns_server_dump(server, f);
545 HASHMAP_FOREACH(l, m->links, i)
546 LIST_FOREACH(servers, server, l->dns_servers)
547 dns_server_dump(server, f);
548
549 if (fflush_and_check(f) < 0)
550 return log_oom();
551
552 log_dump(LOG_INFO, buffer);
553 return 0;
554 }
555
556 static int manager_sigusr2(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
557 Manager *m = userdata;
558
559 assert(s);
560 assert(si);
561 assert(m);
562
563 manager_flush_caches(m);
564
565 return 0;
566 }
567
568 static int manager_sigrtmin1(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
569 Manager *m = userdata;
570
571 assert(s);
572 assert(si);
573 assert(m);
574
575 manager_reset_server_features(m);
576 return 0;
577 }
578
579 int manager_new(Manager **ret) {
580 _cleanup_(manager_freep) Manager *m = NULL;
581 int r;
582
583 assert(ret);
584
585 m = new0(Manager, 1);
586 if (!m)
587 return -ENOMEM;
588
589 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
590 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
591 m->mdns_ipv4_fd = m->mdns_ipv6_fd = -1;
592 m->dns_stub_udp_fd = m->dns_stub_tcp_fd = -1;
593 m->hostname_fd = -1;
594
595 m->llmnr_support = RESOLVE_SUPPORT_YES;
596 m->mdns_support = RESOLVE_SUPPORT_YES;
597 m->dnssec_mode = DEFAULT_DNSSEC_MODE;
598 m->enable_cache = true;
599 m->dns_stub_listener_mode = DNS_STUB_LISTENER_UDP;
600 m->read_resolv_conf = true;
601 m->need_builtin_fallbacks = true;
602 m->etc_hosts_last = m->etc_hosts_mtime = USEC_INFINITY;
603
604 r = dns_trust_anchor_load(&m->trust_anchor);
605 if (r < 0)
606 return r;
607
608 r = manager_parse_config_file(m);
609 if (r < 0)
610 log_warning_errno(r, "Failed to parse configuration file: %m");
611
612 r = sd_event_default(&m->event);
613 if (r < 0)
614 return r;
615
616 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
617 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
618
619 sd_event_set_watchdog(m->event, true);
620
621 r = manager_watch_hostname(m);
622 if (r < 0)
623 return r;
624
625 r = dnssd_load(m);
626 if (r < 0)
627 log_warning_errno(r, "Failed to load DNS-SD configuration files: %m");
628
629 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
630 if (r < 0)
631 return r;
632
633 r = manager_network_monitor_listen(m);
634 if (r < 0)
635 return r;
636
637 r = manager_rtnl_listen(m);
638 if (r < 0)
639 return r;
640
641 r = manager_connect_bus(m);
642 if (r < 0)
643 return r;
644
645 (void) sd_event_add_signal(m->event, &m->sigusr1_event_source, SIGUSR1, manager_sigusr1, m);
646 (void) sd_event_add_signal(m->event, &m->sigusr2_event_source, SIGUSR2, manager_sigusr2, m);
647 (void) sd_event_add_signal(m->event, &m->sigrtmin1_event_source, SIGRTMIN+1, manager_sigrtmin1, m);
648
649 manager_cleanup_saved_user(m);
650
651 *ret = m;
652 m = NULL;
653
654 return 0;
655 }
656
657 int manager_start(Manager *m) {
658 int r;
659
660 assert(m);
661
662 r = manager_dns_stub_start(m);
663 if (r < 0)
664 return r;
665
666 return 0;
667 }
668
669 Manager *manager_free(Manager *m) {
670 Link *l;
671 DnssdService *s;
672
673 if (!m)
674 return NULL;
675
676 dns_server_unlink_all(m->dns_servers);
677 dns_server_unlink_all(m->fallback_dns_servers);
678 dns_search_domain_unlink_all(m->search_domains);
679
680 while ((l = hashmap_first(m->links)))
681 link_free(l);
682
683 while (m->dns_queries)
684 dns_query_free(m->dns_queries);
685
686 dns_scope_free(m->unicast_scope);
687
688 /* At this point only orphaned streams should remain. All others should have been freed already by their
689 * owners */
690 while (m->dns_streams)
691 dns_stream_unref(m->dns_streams);
692
693 hashmap_free(m->links);
694 hashmap_free(m->dns_transactions);
695
696 sd_event_source_unref(m->network_event_source);
697 sd_network_monitor_unref(m->network_monitor);
698
699 sd_netlink_unref(m->rtnl);
700 sd_event_source_unref(m->rtnl_event_source);
701
702 manager_llmnr_stop(m);
703 manager_mdns_stop(m);
704 manager_dns_stub_stop(m);
705
706 sd_bus_slot_unref(m->prepare_for_sleep_slot);
707 sd_event_source_unref(m->bus_retry_event_source);
708 sd_bus_unref(m->bus);
709
710 sd_event_source_unref(m->sigusr1_event_source);
711 sd_event_source_unref(m->sigusr2_event_source);
712 sd_event_source_unref(m->sigrtmin1_event_source);
713
714 sd_event_unref(m->event);
715
716 dns_resource_key_unref(m->llmnr_host_ipv4_key);
717 dns_resource_key_unref(m->llmnr_host_ipv6_key);
718 dns_resource_key_unref(m->mdns_host_ipv4_key);
719 dns_resource_key_unref(m->mdns_host_ipv6_key);
720
721 sd_event_source_unref(m->hostname_event_source);
722 safe_close(m->hostname_fd);
723
724 free(m->full_hostname);
725 free(m->llmnr_hostname);
726 free(m->mdns_hostname);
727
728 while ((s = hashmap_first(m->dnssd_services)))
729 dnssd_service_free(s);
730 hashmap_free(m->dnssd_services);
731
732 dns_trust_anchor_flush(&m->trust_anchor);
733 manager_etc_hosts_flush(m);
734
735 return mfree(m);
736 }
737
738 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
739 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
740 union {
741 struct cmsghdr header; /* For alignment */
742 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
743 + CMSG_SPACE(int) /* ttl/hoplimit */
744 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
745 } control;
746 union sockaddr_union sa;
747 struct msghdr mh = {};
748 struct cmsghdr *cmsg;
749 struct iovec iov;
750 ssize_t ms, l;
751 int r;
752
753 assert(m);
754 assert(fd >= 0);
755 assert(ret);
756
757 ms = next_datagram_size_fd(fd);
758 if (ms < 0)
759 return ms;
760
761 r = dns_packet_new(&p, protocol, ms, DNS_PACKET_SIZE_MAX);
762 if (r < 0)
763 return r;
764
765 iov.iov_base = DNS_PACKET_DATA(p);
766 iov.iov_len = p->allocated;
767
768 mh.msg_name = &sa.sa;
769 mh.msg_namelen = sizeof(sa);
770 mh.msg_iov = &iov;
771 mh.msg_iovlen = 1;
772 mh.msg_control = &control;
773 mh.msg_controllen = sizeof(control);
774
775 l = recvmsg(fd, &mh, 0);
776 if (l == 0)
777 return 0;
778 if (l < 0) {
779 if (IN_SET(errno, EAGAIN, EINTR))
780 return 0;
781
782 return -errno;
783 }
784
785 assert(!(mh.msg_flags & MSG_CTRUNC));
786 assert(!(mh.msg_flags & MSG_TRUNC));
787
788 p->size = (size_t) l;
789
790 p->family = sa.sa.sa_family;
791 p->ipproto = IPPROTO_UDP;
792 if (p->family == AF_INET) {
793 p->sender.in = sa.in.sin_addr;
794 p->sender_port = be16toh(sa.in.sin_port);
795 } else if (p->family == AF_INET6) {
796 p->sender.in6 = sa.in6.sin6_addr;
797 p->sender_port = be16toh(sa.in6.sin6_port);
798 p->ifindex = sa.in6.sin6_scope_id;
799 } else
800 return -EAFNOSUPPORT;
801
802 CMSG_FOREACH(cmsg, &mh) {
803
804 if (cmsg->cmsg_level == IPPROTO_IPV6) {
805 assert(p->family == AF_INET6);
806
807 switch (cmsg->cmsg_type) {
808
809 case IPV6_PKTINFO: {
810 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
811
812 if (p->ifindex <= 0)
813 p->ifindex = i->ipi6_ifindex;
814
815 p->destination.in6 = i->ipi6_addr;
816 break;
817 }
818
819 case IPV6_HOPLIMIT:
820 p->ttl = *(int *) CMSG_DATA(cmsg);
821 break;
822
823 }
824 } else if (cmsg->cmsg_level == IPPROTO_IP) {
825 assert(p->family == AF_INET);
826
827 switch (cmsg->cmsg_type) {
828
829 case IP_PKTINFO: {
830 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
831
832 if (p->ifindex <= 0)
833 p->ifindex = i->ipi_ifindex;
834
835 p->destination.in = i->ipi_addr;
836 break;
837 }
838
839 case IP_TTL:
840 p->ttl = *(int *) CMSG_DATA(cmsg);
841 break;
842 }
843 }
844 }
845
846 /* The Linux kernel sets the interface index to the loopback
847 * device if the packet came from the local host since it
848 * avoids the routing table in such a case. Let's unset the
849 * interface index in such a case. */
850 if (p->ifindex == LOOPBACK_IFINDEX)
851 p->ifindex = 0;
852
853 if (protocol != DNS_PROTOCOL_DNS) {
854 /* If we don't know the interface index still, we look for the
855 * first local interface with a matching address. Yuck! */
856 if (p->ifindex <= 0)
857 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
858 }
859
860 *ret = p;
861 p = NULL;
862
863 return 1;
864 }
865
866 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
867 int r;
868
869 assert(fd >= 0);
870 assert(mh);
871
872 for (;;) {
873 if (sendmsg(fd, mh, flags) >= 0)
874 return 0;
875
876 if (errno == EINTR)
877 continue;
878
879 if (errno != EAGAIN)
880 return -errno;
881
882 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
883 if (r < 0)
884 return r;
885 if (r == 0)
886 return -ETIMEDOUT;
887 }
888 }
889
890 static int write_loop(int fd, void *message, size_t length) {
891 int r;
892
893 assert(fd >= 0);
894 assert(message);
895
896 for (;;) {
897 if (write(fd, message, length) >= 0)
898 return 0;
899
900 if (errno == EINTR)
901 continue;
902
903 if (errno != EAGAIN)
904 return -errno;
905
906 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
907 if (r < 0)
908 return r;
909 if (r == 0)
910 return -ETIMEDOUT;
911 }
912 }
913
914 int manager_write(Manager *m, int fd, DnsPacket *p) {
915 int r;
916
917 log_debug("Sending %s packet with id %" PRIu16 ".", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p));
918
919 r = write_loop(fd, DNS_PACKET_DATA(p), p->size);
920 if (r < 0)
921 return r;
922
923 return 0;
924 }
925
926 static int manager_ipv4_send(
927 Manager *m,
928 int fd,
929 int ifindex,
930 const struct in_addr *destination,
931 uint16_t port,
932 const struct in_addr *source,
933 DnsPacket *p) {
934 union sockaddr_union sa = {
935 .in.sin_family = AF_INET,
936 };
937 union {
938 struct cmsghdr header; /* For alignment */
939 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
940 } control;
941 struct msghdr mh = {};
942 struct iovec iov;
943
944 assert(m);
945 assert(fd >= 0);
946 assert(destination);
947 assert(port > 0);
948 assert(p);
949
950 iov.iov_base = DNS_PACKET_DATA(p);
951 iov.iov_len = p->size;
952
953 sa.in.sin_addr = *destination;
954 sa.in.sin_port = htobe16(port),
955
956 mh.msg_iov = &iov;
957 mh.msg_iovlen = 1;
958 mh.msg_name = &sa.sa;
959 mh.msg_namelen = sizeof(sa.in);
960
961 if (ifindex > 0) {
962 struct cmsghdr *cmsg;
963 struct in_pktinfo *pi;
964
965 zero(control);
966
967 mh.msg_control = &control;
968 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
969
970 cmsg = CMSG_FIRSTHDR(&mh);
971 cmsg->cmsg_len = mh.msg_controllen;
972 cmsg->cmsg_level = IPPROTO_IP;
973 cmsg->cmsg_type = IP_PKTINFO;
974
975 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
976 pi->ipi_ifindex = ifindex;
977
978 if (source)
979 pi->ipi_spec_dst = *source;
980 }
981
982 return sendmsg_loop(fd, &mh, 0);
983 }
984
985 static int manager_ipv6_send(
986 Manager *m,
987 int fd,
988 int ifindex,
989 const struct in6_addr *destination,
990 uint16_t port,
991 const struct in6_addr *source,
992 DnsPacket *p) {
993
994 union sockaddr_union sa = {
995 .in6.sin6_family = AF_INET6,
996 };
997 union {
998 struct cmsghdr header; /* For alignment */
999 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1000 } control;
1001 struct msghdr mh = {};
1002 struct iovec iov;
1003
1004 assert(m);
1005 assert(fd >= 0);
1006 assert(destination);
1007 assert(port > 0);
1008 assert(p);
1009
1010 iov.iov_base = DNS_PACKET_DATA(p);
1011 iov.iov_len = p->size;
1012
1013 sa.in6.sin6_addr = *destination;
1014 sa.in6.sin6_port = htobe16(port),
1015 sa.in6.sin6_scope_id = ifindex;
1016
1017 mh.msg_iov = &iov;
1018 mh.msg_iovlen = 1;
1019 mh.msg_name = &sa.sa;
1020 mh.msg_namelen = sizeof(sa.in6);
1021
1022 if (ifindex > 0) {
1023 struct cmsghdr *cmsg;
1024 struct in6_pktinfo *pi;
1025
1026 zero(control);
1027
1028 mh.msg_control = &control;
1029 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1030
1031 cmsg = CMSG_FIRSTHDR(&mh);
1032 cmsg->cmsg_len = mh.msg_controllen;
1033 cmsg->cmsg_level = IPPROTO_IPV6;
1034 cmsg->cmsg_type = IPV6_PKTINFO;
1035
1036 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1037 pi->ipi6_ifindex = ifindex;
1038
1039 if (source)
1040 pi->ipi6_addr = *source;
1041 }
1042
1043 return sendmsg_loop(fd, &mh, 0);
1044 }
1045
1046 int manager_send(
1047 Manager *m,
1048 int fd,
1049 int ifindex,
1050 int family,
1051 const union in_addr_union *destination,
1052 uint16_t port,
1053 const union in_addr_union *source,
1054 DnsPacket *p) {
1055
1056 assert(m);
1057 assert(fd >= 0);
1058 assert(destination);
1059 assert(port > 0);
1060 assert(p);
1061
1062 log_debug("Sending %s packet with id %" PRIu16 " on interface %i/%s.", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1063
1064 if (family == AF_INET)
1065 return manager_ipv4_send(m, fd, ifindex, &destination->in, port, &source->in, p);
1066 if (family == AF_INET6)
1067 return manager_ipv6_send(m, fd, ifindex, &destination->in6, port, &source->in6, p);
1068
1069 return -EAFNOSUPPORT;
1070 }
1071
1072 uint32_t manager_find_mtu(Manager *m) {
1073 uint32_t mtu = 0;
1074 Link *l;
1075 Iterator i;
1076
1077 /* If we don't know on which link a DNS packet would be
1078 * delivered, let's find the largest MTU that works on all
1079 * interfaces we know of */
1080
1081 HASHMAP_FOREACH(l, m->links, i) {
1082 if (l->mtu <= 0)
1083 continue;
1084
1085 if (mtu <= 0 || l->mtu < mtu)
1086 mtu = l->mtu;
1087 }
1088
1089 return mtu;
1090 }
1091
1092 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1093 LinkAddress *a;
1094
1095 assert(m);
1096
1097 a = manager_find_link_address(m, family, in_addr);
1098 if (a)
1099 return a->link->ifindex;
1100
1101 return 0;
1102 }
1103
1104 void manager_refresh_rrs(Manager *m) {
1105 Iterator i;
1106 Link *l;
1107 DnssdService *s;
1108
1109 assert(m);
1110
1111 m->llmnr_host_ipv4_key = dns_resource_key_unref(m->llmnr_host_ipv4_key);
1112 m->llmnr_host_ipv6_key = dns_resource_key_unref(m->llmnr_host_ipv6_key);
1113 m->mdns_host_ipv4_key = dns_resource_key_unref(m->mdns_host_ipv4_key);
1114 m->mdns_host_ipv6_key = dns_resource_key_unref(m->mdns_host_ipv6_key);
1115
1116 if (m->mdns_support == RESOLVE_SUPPORT_YES)
1117 HASHMAP_FOREACH(s, m->dnssd_services, i)
1118 if (dnssd_update_rrs(s) < 0)
1119 log_warning("Failed to refresh DNS-SD service '%s'", s->name);
1120
1121 HASHMAP_FOREACH(l, m->links, i) {
1122 link_add_rrs(l, true);
1123 link_add_rrs(l, false);
1124 }
1125 }
1126
1127 static int manager_next_random_name(const char *old, char **ret_new) {
1128 const char *p;
1129 uint64_t u, a;
1130 char *n;
1131
1132 p = strchr(old, 0);
1133 assert(p);
1134
1135 while (p > old) {
1136 if (!strchr(DIGITS, p[-1]))
1137 break;
1138
1139 p--;
1140 }
1141
1142 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1143 u = 1;
1144
1145 /* Add a random number to the old value. This way we can avoid
1146 * that two hosts pick the same hostname, win on IPv4 and lose
1147 * on IPv6 (or vice versa), and pick the same hostname
1148 * replacement hostname, ad infinitum. We still want the
1149 * numbers to go up monotonically, hence we just add a random
1150 * value 1..10 */
1151
1152 random_bytes(&a, sizeof(a));
1153 u += 1 + a % 10;
1154
1155 if (asprintf(&n, "%.*s%" PRIu64, (int) (p - old), old, u) < 0)
1156 return -ENOMEM;
1157
1158 *ret_new = n;
1159
1160 return 0;
1161 }
1162
1163 int manager_next_hostname(Manager *m) {
1164 _cleanup_free_ char *h = NULL, *k = NULL;
1165 int r;
1166
1167 assert(m);
1168
1169 r = manager_next_random_name(m->llmnr_hostname, &h);
1170 if (r < 0)
1171 return r;
1172
1173 r = dns_name_concat(h, "local", &k);
1174 if (r < 0)
1175 return r;
1176
1177 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->llmnr_hostname, h);
1178
1179 free_and_replace(m->llmnr_hostname, h);
1180 free_and_replace(m->mdns_hostname, k);
1181
1182 manager_refresh_rrs(m);
1183
1184 return 0;
1185 }
1186
1187 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1188 Iterator i;
1189 Link *l;
1190
1191 assert(m);
1192
1193 HASHMAP_FOREACH(l, m->links, i) {
1194 LinkAddress *a;
1195
1196 a = link_find_address(l, family, in_addr);
1197 if (a)
1198 return a;
1199 }
1200
1201 return NULL;
1202 }
1203
1204 bool manager_our_packet(Manager *m, DnsPacket *p) {
1205 assert(m);
1206 assert(p);
1207
1208 return !!manager_find_link_address(m, p->family, &p->sender);
1209 }
1210
1211 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1212 Link *l;
1213
1214 assert(m);
1215 assert(p);
1216
1217 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1218 if (!l)
1219 return NULL;
1220
1221 switch (p->protocol) {
1222 case DNS_PROTOCOL_LLMNR:
1223 if (p->family == AF_INET)
1224 return l->llmnr_ipv4_scope;
1225 else if (p->family == AF_INET6)
1226 return l->llmnr_ipv6_scope;
1227
1228 break;
1229
1230 case DNS_PROTOCOL_MDNS:
1231 if (p->family == AF_INET)
1232 return l->mdns_ipv4_scope;
1233 else if (p->family == AF_INET6)
1234 return l->mdns_ipv6_scope;
1235
1236 break;
1237
1238 default:
1239 break;
1240 }
1241
1242 return NULL;
1243 }
1244
1245 void manager_verify_all(Manager *m) {
1246 DnsScope *s;
1247
1248 assert(m);
1249
1250 LIST_FOREACH(scopes, s, m->dns_scopes)
1251 dns_zone_verify_all(&s->zone);
1252 }
1253
1254 int manager_is_own_hostname(Manager *m, const char *name) {
1255 int r;
1256
1257 assert(m);
1258 assert(name);
1259
1260 if (m->llmnr_hostname) {
1261 r = dns_name_equal(name, m->llmnr_hostname);
1262 if (r != 0)
1263 return r;
1264 }
1265
1266 if (m->mdns_hostname) {
1267 r = dns_name_equal(name, m->mdns_hostname);
1268 if (r != 0)
1269 return r;
1270 }
1271
1272 if (m->full_hostname)
1273 return dns_name_equal(name, m->full_hostname);
1274
1275 return 0;
1276 }
1277
1278 int manager_compile_dns_servers(Manager *m, OrderedSet **dns) {
1279 DnsServer *s;
1280 Iterator i;
1281 Link *l;
1282 int r;
1283
1284 assert(m);
1285 assert(dns);
1286
1287 r = ordered_set_ensure_allocated(dns, &dns_server_hash_ops);
1288 if (r < 0)
1289 return r;
1290
1291 /* First add the system-wide servers and domains */
1292 LIST_FOREACH(servers, s, m->dns_servers) {
1293 r = ordered_set_put(*dns, s);
1294 if (r == -EEXIST)
1295 continue;
1296 if (r < 0)
1297 return r;
1298 }
1299
1300 /* Then, add the per-link servers */
1301 HASHMAP_FOREACH(l, m->links, i) {
1302 LIST_FOREACH(servers, s, l->dns_servers) {
1303 r = ordered_set_put(*dns, s);
1304 if (r == -EEXIST)
1305 continue;
1306 if (r < 0)
1307 return r;
1308 }
1309 }
1310
1311 /* If we found nothing, add the fallback servers */
1312 if (ordered_set_isempty(*dns)) {
1313 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
1314 r = ordered_set_put(*dns, s);
1315 if (r == -EEXIST)
1316 continue;
1317 if (r < 0)
1318 return r;
1319 }
1320 }
1321
1322 return 0;
1323 }
1324
1325 /* filter_route is a tri-state:
1326 * < 0: no filtering
1327 * = 0 or false: return only domains which should be used for searching
1328 * > 0 or true: return only domains which are for routing only
1329 */
1330 int manager_compile_search_domains(Manager *m, OrderedSet **domains, int filter_route) {
1331 DnsSearchDomain *d;
1332 Iterator i;
1333 Link *l;
1334 int r;
1335
1336 assert(m);
1337 assert(domains);
1338
1339 r = ordered_set_ensure_allocated(domains, &dns_name_hash_ops);
1340 if (r < 0)
1341 return r;
1342
1343 LIST_FOREACH(domains, d, m->search_domains) {
1344
1345 if (filter_route >= 0 &&
1346 d->route_only != !!filter_route)
1347 continue;
1348
1349 r = ordered_set_put(*domains, d->name);
1350 if (r == -EEXIST)
1351 continue;
1352 if (r < 0)
1353 return r;
1354 }
1355
1356 HASHMAP_FOREACH(l, m->links, i) {
1357
1358 LIST_FOREACH(domains, d, l->search_domains) {
1359
1360 if (filter_route >= 0 &&
1361 d->route_only != !!filter_route)
1362 continue;
1363
1364 r = ordered_set_put(*domains, d->name);
1365 if (r == -EEXIST)
1366 continue;
1367 if (r < 0)
1368 return r;
1369 }
1370 }
1371
1372 return 0;
1373 }
1374
1375 DnssecMode manager_get_dnssec_mode(Manager *m) {
1376 assert(m);
1377
1378 if (m->dnssec_mode != _DNSSEC_MODE_INVALID)
1379 return m->dnssec_mode;
1380
1381 return DNSSEC_NO;
1382 }
1383
1384 bool manager_dnssec_supported(Manager *m) {
1385 DnsServer *server;
1386 Iterator i;
1387 Link *l;
1388
1389 assert(m);
1390
1391 if (manager_get_dnssec_mode(m) == DNSSEC_NO)
1392 return false;
1393
1394 server = manager_get_dns_server(m);
1395 if (server && !dns_server_dnssec_supported(server))
1396 return false;
1397
1398 HASHMAP_FOREACH(l, m->links, i)
1399 if (!link_dnssec_supported(l))
1400 return false;
1401
1402 return true;
1403 }
1404
1405 void manager_dnssec_verdict(Manager *m, DnssecVerdict verdict, const DnsResourceKey *key) {
1406
1407 assert(verdict >= 0);
1408 assert(verdict < _DNSSEC_VERDICT_MAX);
1409
1410 if (log_get_max_level() >= LOG_DEBUG) {
1411 char s[DNS_RESOURCE_KEY_STRING_MAX];
1412
1413 log_debug("Found verdict for lookup %s: %s",
1414 dns_resource_key_to_string(key, s, sizeof s),
1415 dnssec_verdict_to_string(verdict));
1416 }
1417
1418 m->n_dnssec_verdict[verdict]++;
1419 }
1420
1421 bool manager_routable(Manager *m, int family) {
1422 Iterator i;
1423 Link *l;
1424
1425 assert(m);
1426
1427 /* Returns true if the host has at least one interface with a routable address of the specified type */
1428
1429 HASHMAP_FOREACH(l, m->links, i)
1430 if (link_relevant(l, family, false))
1431 return true;
1432
1433 return false;
1434 }
1435
1436 void manager_flush_caches(Manager *m) {
1437 DnsScope *scope;
1438
1439 assert(m);
1440
1441 LIST_FOREACH(scopes, scope, m->dns_scopes)
1442 dns_cache_flush(&scope->cache);
1443
1444 log_info("Flushed all caches.");
1445 }
1446
1447 void manager_reset_server_features(Manager *m) {
1448 Iterator i;
1449 Link *l;
1450
1451 dns_server_reset_features_all(m->dns_servers);
1452 dns_server_reset_features_all(m->fallback_dns_servers);
1453
1454 HASHMAP_FOREACH(l, m->links, i)
1455 dns_server_reset_features_all(l->dns_servers);
1456
1457 log_info("Resetting learnt feature levels on all servers.");
1458 }
1459
1460 void manager_cleanup_saved_user(Manager *m) {
1461 _cleanup_closedir_ DIR *d = NULL;
1462 struct dirent *de;
1463 int r;
1464
1465 assert(m);
1466
1467 /* Clean up all saved per-link files in /run/systemd/resolve/netif/ that don't have a matching interface
1468 * anymore. These files are created to persist settings pushed in by the user via the bus, so that resolved can
1469 * be restarted without losing this data. */
1470
1471 d = opendir("/run/systemd/resolve/netif/");
1472 if (!d) {
1473 if (errno == ENOENT)
1474 return;
1475
1476 log_warning_errno(errno, "Failed to open interface directory: %m");
1477 return;
1478 }
1479
1480 FOREACH_DIRENT_ALL(de, d, log_error_errno(errno, "Failed to read interface directory: %m")) {
1481 _cleanup_free_ char *p = NULL;
1482 int ifindex;
1483 Link *l;
1484
1485 if (!IN_SET(de->d_type, DT_UNKNOWN, DT_REG))
1486 continue;
1487
1488 if (dot_or_dot_dot(de->d_name))
1489 continue;
1490
1491 r = parse_ifindex(de->d_name, &ifindex);
1492 if (r < 0) /* Probably some temporary file from a previous run. Delete it */
1493 goto rm;
1494
1495 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
1496 if (!l) /* link vanished */
1497 goto rm;
1498
1499 if (l->is_managed) /* now managed by networkd, hence the bus settings are useless */
1500 goto rm;
1501
1502 continue;
1503
1504 rm:
1505 p = strappend("/run/systemd/resolve/netif/", de->d_name);
1506 if (!p) {
1507 log_oom();
1508 return;
1509 }
1510
1511 (void) unlink(p);
1512 }
1513 }
1514
1515 bool manager_next_dnssd_names(Manager *m) {
1516 Iterator i;
1517 DnssdService *s;
1518 bool tried = false;
1519 int r;
1520
1521 assert(m);
1522
1523 HASHMAP_FOREACH(s, m->dnssd_services, i) {
1524 _cleanup_free_ char * new_name = NULL;
1525
1526 if (!s->withdrawn)
1527 continue;
1528
1529 r = manager_next_random_name(s->name_template, &new_name);
1530 if (r < 0) {
1531 log_warning_errno(r, "Failed to get new name for service '%s': %m", s->name);
1532 continue;
1533 }
1534
1535 free_and_replace(s->name_template, new_name);
1536
1537 s->withdrawn = false;
1538
1539 tried = true;
1540 }
1541
1542 if (tried)
1543 manager_refresh_rrs(m);
1544
1545 return tried;
1546 }
Unnamed repository; edit this file 'description' to name the repository.