1 /* dnsmasq is Copyright (c) 2000-2015 Simon Kelley
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 /* Declare static char *compiler_opts in config.h */
18 #define DNSMASQ_COMPILE_OPTS
22 struct daemon
*daemon
;
24 static volatile pid_t pid
= 0;
25 static volatile int pipewrite
;
27 static int set_dns_listeners(time_t now
, fd_set
*set
, int *maxfdp
);
28 static void check_dns_listeners(fd_set
*set
, time_t now
);
29 static void sig_handler(int sig
);
30 static void async_event(int pipe
, time_t now
);
31 static void fatal_event(struct event_desc
*ev
, char *msg
);
32 static int read_event(int fd
, struct event_desc
*evp
, char **msg
);
33 static void poll_resolv(int force
, int do_reload
, time_t now
);
35 int main (int argc
, char **argv
)
37 int bind_fallback
= 0;
39 struct sigaction sigact
;
41 int piperead
, pipefd
[2], err_pipe
[2];
42 struct passwd
*ent_pw
= NULL
;
43 #if defined(HAVE_SCRIPT)
47 struct group
*gp
= NULL
;
48 long i
, max_fd
= sysconf(_SC_OPEN_MAX
);
51 #if defined(HAVE_LINUX_NETWORK)
52 cap_user_header_t hdr
= NULL
;
53 cap_user_data_t data
= NULL
;
54 char *bound_device
= NULL
;
57 #if defined(HAVE_DHCP) || defined(HAVE_DHCP6)
58 struct dhcp_context
*context
;
59 struct dhcp_relay
*relay
;
66 setlocale(LC_ALL
, "");
67 bindtextdomain("dnsmasq", LOCALEDIR
);
68 textdomain("dnsmasq");
71 sigact
.sa_handler
= sig_handler
;
73 sigemptyset(&sigact
.sa_mask
);
74 sigaction(SIGUSR1
, &sigact
, NULL
);
75 sigaction(SIGUSR2
, &sigact
, NULL
);
76 sigaction(SIGHUP
, &sigact
, NULL
);
77 sigaction(SIGTERM
, &sigact
, NULL
);
78 sigaction(SIGALRM
, &sigact
, NULL
);
79 sigaction(SIGCHLD
, &sigact
, NULL
);
82 sigact
.sa_handler
= SIG_IGN
;
83 sigaction(SIGPIPE
, &sigact
, NULL
);
85 umask(022); /* known umask, create leases and pid files as 0644 */
87 rand_init(); /* Must precede read_opts() */
89 read_opts(argc
, argv
, compile_opts
);
91 if (daemon
->edns_pktsz
< PACKETSZ
)
92 daemon
->edns_pktsz
= PACKETSZ
;
94 daemon
->packet_buff_sz
= daemon
->edns_pktsz
> DNSMASQ_PACKETSZ
?
95 daemon
->edns_pktsz
: DNSMASQ_PACKETSZ
;
96 daemon
->packet
= safe_malloc(daemon
->packet_buff_sz
);
98 daemon
->addrbuff
= safe_malloc(ADDRSTRLEN
);
99 if (option_bool(OPT_EXTRALOG
))
100 daemon
->addrbuff2
= safe_malloc(ADDRSTRLEN
);
103 if (option_bool(OPT_DNSSEC_VALID
))
105 daemon
->keyname
= safe_malloc(MAXDNAME
);
106 daemon
->workspacename
= safe_malloc(MAXDNAME
);
111 if (!daemon
->lease_file
)
113 if (daemon
->dhcp
|| daemon
->dhcp6
)
114 daemon
->lease_file
= LEASEFILE
;
118 /* Close any file descriptors we inherited apart from std{in|out|err}
120 Ensure that at least stdin, stdout and stderr (fd 0, 1, 2) exist,
121 otherwise file descriptors we create can end up being 0, 1, or 2
122 and then get accidentally closed later when we make 0, 1, and 2
123 open to /dev/null. Normally we'll be started with 0, 1 and 2 open,
124 but it's not guaranteed. By opening /dev/null three times, we
125 ensure that we're not using those fds for real stuff. */
126 for (i
= 0; i
< max_fd
; i
++)
127 if (i
!= STDOUT_FILENO
&& i
!= STDERR_FILENO
&& i
!= STDIN_FILENO
)
130 open("/dev/null", O_RDWR
);
132 #ifndef HAVE_LINUX_NETWORK
133 # if !(defined(IP_RECVDSTADDR) && defined(IP_RECVIF) && defined(IP_SENDSRCADDR))
134 if (!option_bool(OPT_NOWILD
))
137 set_option_bool(OPT_NOWILD
);
141 /* -- bind-dynamic not supported on !Linux, fall back to --bind-interfaces */
142 if (option_bool(OPT_CLEVERBIND
))
145 set_option_bool(OPT_NOWILD
);
146 reset_option_bool(OPT_CLEVERBIND
);
151 if (daemon
->dynamic_dirs
)
152 die(_("dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"), NULL
, EC_BADCONF
);
155 if (option_bool(OPT_DNSSEC_VALID
))
159 die(_("No trust anchors provided for DNSSEC"), NULL
, EC_BADCONF
);
161 if (daemon
->cachesize
< CACHESIZ
)
162 die(_("Cannot reduce cache size from default when DNSSEC enabled"), NULL
, EC_BADCONF
);
164 die(_("DNSSEC not available: set HAVE_DNSSEC in src/config.h"), NULL
, EC_BADCONF
);
169 if (option_bool(OPT_TFTP
))
170 die(_("TFTP server not available: set HAVE_TFTP in src/config.h"), NULL
, EC_BADCONF
);
173 #ifdef HAVE_CONNTRACK
174 if (option_bool(OPT_CONNTRACK
) && (daemon
->query_port
!= 0 || daemon
->osport
))
175 die (_("Cannot use --conntrack AND --query-port"), NULL
, EC_BADCONF
);
177 if (option_bool(OPT_CONNTRACK
))
178 die(_("Conntrack support not available: set HAVE_CONNTRACK in src/config.h"), NULL
, EC_BADCONF
);
181 #ifdef HAVE_SOLARIS_NETWORK
182 if (daemon
->max_logs
!= 0)
183 die(_("asychronous logging is not available under Solaris"), NULL
, EC_BADCONF
);
187 if (daemon
->max_logs
!= 0)
188 die(_("asychronous logging is not available under Android"), NULL
, EC_BADCONF
);
192 if (daemon
->authserver
)
193 die(_("authoritative DNS not available: set HAVE_AUTH in src/config.h"), NULL
, EC_BADCONF
);
197 if (option_bool(OPT_LOOP_DETECT
))
198 die(_("Loop detection not available: set HAVE_LOOP in src/config.h"), NULL
, EC_BADCONF
);
201 now
= dnsmasq_time();
203 /* Create a serial at startup if not configured. */
204 if (daemon
->authinterface
&& daemon
->soa_sn
== 0)
205 #ifdef HAVE_BROKEN_RTC
206 die(_("zone serial must be configured in --auth-soa"), NULL
, EC_BADCONF
);
208 daemon
->soa_sn
= now
;
214 daemon
->doing_ra
= option_bool(OPT_RA
);
216 for (context
= daemon
->dhcp6
; context
; context
= context
->next
)
218 if (context
->flags
& CONTEXT_DHCP
)
219 daemon
->doing_dhcp6
= 1;
220 if (context
->flags
& CONTEXT_RA
)
221 daemon
->doing_ra
= 1;
222 #if !defined(HAVE_LINUX_NETWORK) && !defined(HAVE_BSD_NETWORK)
223 if (context
->flags
& CONTEXT_TEMPLATE
)
224 die (_("dhcp-range constructor not available on this platform"), NULL
, EC_BADCONF
);
231 /* Note that order matters here, we must call lease_init before
232 creating any file descriptors which shouldn't be leaked
233 to the lease-script init process. We need to call common_init
234 before lease_init to allocate buffers it uses.*/
235 if (daemon
->dhcp
|| daemon
->doing_dhcp6
|| daemon
->relay4
|| daemon
->relay6
)
238 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
242 if (daemon
->dhcp
|| daemon
->relay4
)
246 if (daemon
->doing_ra
|| daemon
->doing_dhcp6
|| daemon
->relay6
)
249 if (daemon
->doing_dhcp6
|| daemon
->relay6
)
260 #if defined(HAVE_LINUX_NETWORK)
262 #elif defined(HAVE_BSD_NETWORK)
266 if (option_bool(OPT_NOWILD
) && option_bool(OPT_CLEVERBIND
))
267 die(_("cannot set --bind-interfaces and --bind-dynamic"), NULL
, EC_BADCONF
);
269 if (!enumerate_interfaces(1) || !enumerate_interfaces(0))
270 die(_("failed to find list of interfaces: %s"), NULL
, EC_MISC
);
272 if (option_bool(OPT_NOWILD
) || option_bool(OPT_CLEVERBIND
))
274 create_bound_listeners(1);
276 if (!option_bool(OPT_CLEVERBIND
))
277 for (if_tmp
= daemon
->if_names
; if_tmp
; if_tmp
= if_tmp
->next
)
278 if (if_tmp
->name
&& !if_tmp
->used
)
279 die(_("unknown interface %s"), if_tmp
->name
, EC_BADNET
);
281 #if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP)
282 /* after enumerate_interfaces() */
283 bound_device
= whichdevice();
287 if (!daemon
->relay4
&& bound_device
)
289 bindtodevice(bound_device
, daemon
->dhcpfd
);
292 if (daemon
->enable_pxe
&& bound_device
)
294 bindtodevice(bound_device
, daemon
->pxefd
);
300 #if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP6)
301 if (daemon
->doing_dhcp6
&& !daemon
->relay6
&& bound_device
)
303 bindtodevice(bound_device
, daemon
->dhcp6fd
);
309 create_wildcard_listeners();
312 /* after enumerate_interfaces() */
313 if (daemon
->doing_dhcp6
|| daemon
->relay6
|| daemon
->doing_ra
)
316 /* After netlink_init() and before create_helper() */
317 lease_make_duid(now
);
320 if (daemon
->port
!= 0)
330 if (daemon
->port
!= 0 || daemon
->dhcp
|| daemon
->doing_dhcp6
)
331 inotify_dnsmasq_init();
333 daemon
->inotifyfd
= -1;
336 if (option_bool(OPT_DBUS
))
341 daemon
->watches
= NULL
;
342 if ((err
= dbus_init()))
343 die(_("DBus error: %s"), err
, EC_MISC
);
346 die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL
, EC_BADCONF
);
349 if (daemon
->port
!= 0)
352 #if defined(HAVE_SCRIPT)
353 /* Note getpwnam returns static storage */
354 if ((daemon
->dhcp
|| daemon
->dhcp6
) &&
355 daemon
->scriptuser
&&
356 (daemon
->lease_change_command
|| daemon
->luascript
))
358 if ((ent_pw
= getpwnam(daemon
->scriptuser
)))
360 script_uid
= ent_pw
->pw_uid
;
361 script_gid
= ent_pw
->pw_gid
;
364 baduser
= daemon
->scriptuser
;
368 if (daemon
->username
&& !(ent_pw
= getpwnam(daemon
->username
)))
369 baduser
= daemon
->username
;
370 else if (daemon
->groupname
&& !(gp
= getgrnam(daemon
->groupname
)))
371 baduser
= daemon
->groupname
;
374 die(_("unknown user or group: %s"), baduser
, EC_BADCONF
);
377 badtime
= setup_timestamp(ent_pw
->pw_uid
);
380 /* implement group defaults, "dip" if available, or group associated with uid */
381 if (!daemon
->group_set
&& !gp
)
383 if (!(gp
= getgrnam(CHGRP
)) && ent_pw
)
384 gp
= getgrgid(ent_pw
->pw_gid
);
386 /* for error message */
388 daemon
->groupname
= gp
->gr_name
;
391 #if defined(HAVE_LINUX_NETWORK)
392 /* determine capability API version here, while we can still
394 if (ent_pw
&& ent_pw
->pw_uid
!= 0)
396 int capsize
= 1; /* for header version 1 */
397 hdr
= safe_malloc(sizeof(*hdr
));
399 /* find version supported by kernel */
400 memset(hdr
, 0, sizeof(*hdr
));
403 if (hdr
->version
!= LINUX_CAPABILITY_VERSION_1
)
405 /* if unknown version, use largest supported version (3) */
406 if (hdr
->version
!= LINUX_CAPABILITY_VERSION_2
)
407 hdr
->version
= LINUX_CAPABILITY_VERSION_3
;
411 data
= safe_malloc(sizeof(*data
) * capsize
);
412 memset(data
, 0, sizeof(*data
) * capsize
);
416 /* Use a pipe to carry signals and other events back to the event loop
417 in a race-free manner and another to carry errors to daemon-invoking process */
418 safe_pipe(pipefd
, 1);
420 piperead
= pipefd
[0];
421 pipewrite
= pipefd
[1];
422 /* prime the pipe to load stuff first time. */
423 send_event(pipewrite
, EVENT_INIT
, 0, NULL
);
427 if (!option_bool(OPT_DEBUG
))
429 /* The following code "daemonizes" the process.
430 See Stevens section 12.4 */
433 die(_("cannot chdir to filesystem root: %s"), NULL
, EC_MISC
);
436 if (!option_bool(OPT_NO_FORK
))
440 /* pipe to carry errors back to original process.
441 When startup is complete we close this and the process terminates. */
442 safe_pipe(err_pipe
, 0);
444 if ((pid
= fork()) == -1)
445 /* fd == -1 since we've not forked, never returns. */
446 send_event(-1, EVENT_FORK_ERR
, errno
, NULL
);
450 struct event_desc ev
;
453 /* close our copy of write-end */
456 /* check for errors after the fork */
457 if (read_event(err_pipe
[0], &ev
, &msg
))
458 fatal_event(&ev
, msg
);
465 /* NO calls to die() from here on. */
469 if ((pid
= fork()) == -1)
470 send_event(err_pipe
[1], EVENT_FORK_ERR
, errno
, NULL
);
477 /* write pidfile _after_ forking ! */
482 sprintf(daemon
->namebuff
, "%d\n", (int) getpid());
484 /* Explanation: Some installations of dnsmasq (eg Debian/Ubuntu) locate the pid-file
485 in a directory which is writable by the non-privileged user that dnsmasq runs as. This
486 allows the daemon to delete the file as part of its shutdown. This is a security hole to the
487 extent that an attacker running as the unprivileged user could replace the pidfile with a
488 symlink, and have the target of that symlink overwritten as root next time dnsmasq starts.
490 The folowing code first deletes any existing file, and then opens it with the O_EXCL flag,
491 ensuring that the open() fails should there be any existing file (because the unlink() failed,
492 or an attacker exploited the race between unlink() and open()). This ensures that no symlink
495 Any compromise of the non-privileged user still theoretically allows the pid-file to be
496 replaced whilst dnsmasq is running. The worst that could allow is that the usual
497 "shutdown dnsmasq" shell command could be tricked into stopping any other process.
499 Note that if dnsmasq is started as non-root (eg for testing) it silently ignores
500 failure to write the pid-file.
503 unlink(daemon
->runfile
);
505 if ((fd
= open(daemon
->runfile
, O_WRONLY
|O_CREAT
|O_TRUNC
|O_EXCL
, S_IWUSR
|S_IRUSR
|S_IRGRP
|S_IROTH
)) == -1)
507 /* only complain if started as root */
513 if (!read_write(fd
, (unsigned char *)daemon
->namebuff
, strlen(daemon
->namebuff
), 0))
516 while (!err
&& close(fd
) == -1)
523 send_event(err_pipe
[1], EVENT_PIDFILE
, errno
, daemon
->runfile
);
529 log_err
= log_start(ent_pw
, err_pipe
[1]);
531 if (!option_bool(OPT_DEBUG
))
533 /* open stdout etc to /dev/null */
534 int nullfd
= open("/dev/null", O_RDWR
);
535 dup2(nullfd
, STDOUT_FILENO
);
536 dup2(nullfd
, STDERR_FILENO
);
537 dup2(nullfd
, STDIN_FILENO
);
541 /* if we are to run scripts, we need to fork a helper before dropping root. */
542 daemon
->helperfd
= -1;
544 if ((daemon
->dhcp
|| daemon
->dhcp6
) && (daemon
->lease_change_command
|| daemon
->luascript
))
545 daemon
->helperfd
= create_helper(pipewrite
, err_pipe
[1], script_uid
, script_gid
, max_fd
);
548 if (!option_bool(OPT_DEBUG
) && getuid() == 0)
550 int bad_capabilities
= 0;
553 /* remove all supplimentary groups */
555 (setgroups(0, &dummy
) == -1 ||
556 setgid(gp
->gr_gid
) == -1))
558 send_event(err_pipe
[1], EVENT_GROUP_ERR
, errno
, daemon
->groupname
);
562 if (ent_pw
&& ent_pw
->pw_uid
!= 0)
564 #if defined(HAVE_LINUX_NETWORK)
565 /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
566 CAP_NET_RAW (for icmp) if we're doing dhcp. If we have yet to bind
567 ports because of DAD, or we're doing it dynamically,
568 we need CAP_NET_BIND_SERVICE too. */
569 if (is_dad_listeners() || option_bool(OPT_CLEVERBIND
))
570 data
->effective
= data
->permitted
= data
->inheritable
=
571 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
) |
572 (1 << CAP_SETUID
) | (1 << CAP_NET_BIND_SERVICE
);
574 data
->effective
= data
->permitted
= data
->inheritable
=
575 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
) | (1 << CAP_SETUID
);
577 /* Tell kernel to not clear capabilities when dropping root */
578 if (capset(hdr
, data
) == -1 || prctl(PR_SET_KEEPCAPS
, 1, 0, 0, 0) == -1)
579 bad_capabilities
= errno
;
581 #elif defined(HAVE_SOLARIS_NETWORK)
582 /* http://developers.sun.com/solaris/articles/program_privileges.html */
583 priv_set_t
*priv_set
;
585 if (!(priv_set
= priv_str_to_set("basic", ",", NULL
)) ||
586 priv_addset(priv_set
, PRIV_NET_ICMPACCESS
) == -1 ||
587 priv_addset(priv_set
, PRIV_SYS_NET_CONFIG
) == -1)
588 bad_capabilities
= errno
;
590 if (priv_set
&& bad_capabilities
== 0)
592 priv_inverse(priv_set
);
594 if (setppriv(PRIV_OFF
, PRIV_LIMIT
, priv_set
) == -1)
595 bad_capabilities
= errno
;
599 priv_freeset(priv_set
);
603 if (bad_capabilities
!= 0)
605 send_event(err_pipe
[1], EVENT_CAP_ERR
, bad_capabilities
, NULL
);
609 /* finally drop root */
610 if (setuid(ent_pw
->pw_uid
) == -1)
612 send_event(err_pipe
[1], EVENT_USER_ERR
, errno
, daemon
->username
);
616 #ifdef HAVE_LINUX_NETWORK
617 if (is_dad_listeners() || option_bool(OPT_CLEVERBIND
))
618 data
->effective
= data
->permitted
=
619 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
) | (1 << CAP_NET_BIND_SERVICE
);
621 data
->effective
= data
->permitted
=
622 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
);
623 data
->inheritable
= 0;
625 /* lose the setuid and setgid capbilities */
626 if (capset(hdr
, data
) == -1)
628 send_event(err_pipe
[1], EVENT_CAP_ERR
, errno
, NULL
);
636 #ifdef HAVE_LINUX_NETWORK
639 if (option_bool(OPT_DEBUG
))
640 prctl(PR_SET_DUMPABLE
, 1, 0, 0, 0);
644 if (option_bool(OPT_TFTP
))
647 struct tftp_prefix
*p
;
649 if (daemon
->tftp_prefix
)
651 if (!((dir
= opendir(daemon
->tftp_prefix
))))
653 send_event(err_pipe
[1], EVENT_TFTP_ERR
, errno
, daemon
->tftp_prefix
);
659 for (p
= daemon
->if_prefix
; p
; p
= p
->next
)
661 if (!((dir
= opendir(p
->prefix
))))
663 send_event(err_pipe
[1], EVENT_TFTP_ERR
, errno
, p
->prefix
);
671 if (daemon
->port
== 0)
672 my_syslog(LOG_INFO
, _("started, version %s DNS disabled"), VERSION
);
673 else if (daemon
->cachesize
!= 0)
674 my_syslog(LOG_INFO
, _("started, version %s cachesize %d"), VERSION
, daemon
->cachesize
);
676 my_syslog(LOG_INFO
, _("started, version %s cache disabled"), VERSION
);
678 my_syslog(LOG_INFO
, _("compile time options: %s"), compile_opts
);
681 if (option_bool(OPT_DBUS
))
684 my_syslog(LOG_INFO
, _("DBus support enabled: connected to system bus"));
686 my_syslog(LOG_INFO
, _("DBus support enabled: bus connection pending"));
690 if (option_bool(OPT_LOCAL_SERVICE
))
691 my_syslog(LOG_INFO
, _("DNS service limited to local subnets"));
694 if (option_bool(OPT_DNSSEC_VALID
))
696 my_syslog(LOG_INFO
, _("DNSSEC validation enabled"));
697 if (option_bool(OPT_DNSSEC_TIME
))
698 my_syslog(LOG_INFO
, _("DNSSEC signature timestamps not checked until first cache reload"));
700 my_syslog(LOG_INFO
, _("DNSSEC signature timestamps not checked until system time valid"));
705 my_syslog(LOG_WARNING
, _("warning: failed to change owner of %s: %s"),
706 daemon
->log_file
, strerror(log_err
));
709 my_syslog(LOG_WARNING
, _("setting --bind-interfaces option because of OS limitations"));
711 if (option_bool(OPT_NOWILD
))
712 warn_bound_listeners();
716 if (!option_bool(OPT_NOWILD
))
717 for (if_tmp
= daemon
->if_names
; if_tmp
; if_tmp
= if_tmp
->next
)
718 if (if_tmp
->name
&& !if_tmp
->used
)
719 my_syslog(LOG_WARNING
, _("warning: interface %s does not currently exist"), if_tmp
->name
);
721 if (daemon
->port
!= 0 && option_bool(OPT_NO_RESOLV
))
723 if (daemon
->resolv_files
&& !daemon
->resolv_files
->is_default
)
724 my_syslog(LOG_WARNING
, _("warning: ignoring resolv-file flag because no-resolv is set"));
725 daemon
->resolv_files
= NULL
;
726 if (!daemon
->servers
)
727 my_syslog(LOG_WARNING
, _("warning: no upstream servers configured"));
730 if (daemon
->max_logs
!= 0)
731 my_syslog(LOG_INFO
, _("asynchronous logging enabled, queue limit is %d messages"), daemon
->max_logs
);
735 for (context
= daemon
->dhcp
; context
; context
= context
->next
)
736 log_context(AF_INET
, context
);
738 for (relay
= daemon
->relay4
; relay
; relay
= relay
->next
)
739 log_relay(AF_INET
, relay
);
742 for (context
= daemon
->dhcp6
; context
; context
= context
->next
)
743 log_context(AF_INET6
, context
);
745 for (relay
= daemon
->relay6
; relay
; relay
= relay
->next
)
746 log_relay(AF_INET6
, relay
);
748 if (daemon
->doing_dhcp6
|| daemon
->doing_ra
)
749 dhcp_construct_contexts(now
);
751 if (option_bool(OPT_RA
))
752 my_syslog(MS_DHCP
| LOG_INFO
, _("IPv6 router advertisement enabled"));
755 # ifdef HAVE_LINUX_NETWORK
757 my_syslog(MS_DHCP
| LOG_INFO
, _("DHCP, sockets bound exclusively to interface %s"), bound_device
);
760 /* after dhcp_contruct_contexts */
761 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
762 lease_find_interfaces(now
);
766 if (option_bool(OPT_TFTP
))
769 if (FD_SETSIZE
< (unsigned)max_fd
)
773 my_syslog(MS_TFTP
| LOG_INFO
, "TFTP %s%s %s",
774 daemon
->tftp_prefix
? _("root is ") : _("enabled"),
775 daemon
->tftp_prefix
? daemon
->tftp_prefix
: "",
776 option_bool(OPT_TFTP_SECURE
) ? _("secure mode") : "");
778 /* This is a guess, it assumes that for small limits,
779 disjoint files might be served, but for large limits,
780 a single file will be sent to may clients (the file only needs
783 max_fd
-= 30; /* use other than TFTP */
787 else if (max_fd
< 100)
790 max_fd
= max_fd
- 20;
792 /* if we have to use a limited range of ports,
793 that will limit the number of transfers */
794 if (daemon
->start_tftp_port
!= 0 &&
795 daemon
->end_tftp_port
- daemon
->start_tftp_port
+ 1 < max_fd
)
796 max_fd
= daemon
->end_tftp_port
- daemon
->start_tftp_port
+ 1;
798 if (daemon
->tftp_max
> max_fd
)
800 daemon
->tftp_max
= max_fd
;
801 my_syslog(MS_TFTP
| LOG_WARNING
,
802 _("restricting maximum simultaneous TFTP transfers to %d"),
808 /* finished start-up - release original process */
809 if (err_pipe
[1] != -1)
812 if (daemon
->port
!= 0)
818 /* Using inotify, have to select a resolv file at startup */
819 poll_resolv(1, 0, now
);
825 struct timeval t
, *tp
= NULL
;
826 fd_set rset
, wset
, eset
;
832 /* if we are out of resources, find how long we have to wait
833 for some to come free, we'll loop around then and restart
834 listening for queries */
835 if ((t
.tv_sec
= set_dns_listeners(now
, &rset
, &maxfd
)) != 0)
841 /* Whilst polling for the dbus, or doing a tftp transfer, wake every quarter second */
842 if (daemon
->tftp_trans
||
843 (option_bool(OPT_DBUS
) && !daemon
->dbus
))
849 /* Wake every second whilst waiting for DAD to complete */
850 else if (is_dad_listeners())
858 set_dbus_listeners(&maxfd
, &rset
, &wset
, &eset
);
862 if (daemon
->dhcp
|| daemon
->relay4
)
864 FD_SET(daemon
->dhcpfd
, &rset
);
865 bump_maxfd(daemon
->dhcpfd
, &maxfd
);
866 if (daemon
->pxefd
!= -1)
868 FD_SET(daemon
->pxefd
, &rset
);
869 bump_maxfd(daemon
->pxefd
, &maxfd
);
875 if (daemon
->doing_dhcp6
|| daemon
->relay6
)
877 FD_SET(daemon
->dhcp6fd
, &rset
);
878 bump_maxfd(daemon
->dhcp6fd
, &maxfd
);
881 if (daemon
->doing_ra
)
883 FD_SET(daemon
->icmp6fd
, &rset
);
884 bump_maxfd(daemon
->icmp6fd
, &maxfd
);
889 if (daemon
->inotifyfd
!= -1)
891 FD_SET(daemon
->inotifyfd
, &rset
);
892 bump_maxfd(daemon
->inotifyfd
, &maxfd
);
896 #if defined(HAVE_LINUX_NETWORK)
897 FD_SET(daemon
->netlinkfd
, &rset
);
898 bump_maxfd(daemon
->netlinkfd
, &maxfd
);
899 #elif defined(HAVE_BSD_NETWORK)
900 FD_SET(daemon
->routefd
, &rset
);
901 bump_maxfd(daemon
->routefd
, &maxfd
);
904 FD_SET(piperead
, &rset
);
905 bump_maxfd(piperead
, &maxfd
);
909 while (helper_buf_empty() && do_script_run(now
));
912 while (helper_buf_empty() && do_tftp_script_run());
915 if (!helper_buf_empty())
917 FD_SET(daemon
->helperfd
, &wset
);
918 bump_maxfd(daemon
->helperfd
, &maxfd
);
921 /* need this for other side-effects */
922 while (do_script_run(now
));
925 while (do_tftp_script_run());
931 /* must do this just before select(), when we know no
932 more calls to my_syslog() can occur */
933 set_log_writer(&wset
, &maxfd
);
935 if (select(maxfd
+1, &rset
, &wset
, &eset
, tp
) < 0)
937 /* otherwise undefined after error */
938 FD_ZERO(&rset
); FD_ZERO(&wset
); FD_ZERO(&eset
);
941 now
= dnsmasq_time();
943 check_log_writer(&wset
);
946 enumerate_interfaces(1);
948 /* Check the interfaces to see if any have exited DAD state
949 and if so, bind the address. */
950 if (is_dad_listeners())
952 enumerate_interfaces(0);
953 /* NB, is_dad_listeners() == 1 --> we're binding interfaces */
954 create_bound_listeners(0);
955 warn_bound_listeners();
958 #if defined(HAVE_LINUX_NETWORK)
959 if (FD_ISSET(daemon
->netlinkfd
, &rset
))
961 #elif defined(HAVE_BSD_NETWORK)
962 if (FD_ISSET(daemon
->routefd
, &rset
))
967 if (daemon
->inotifyfd
!= -1 && FD_ISSET(daemon
->inotifyfd
, &rset
) && inotify_check(now
))
969 if (daemon
->port
!= 0 && !option_bool(OPT_NO_POLL
))
970 poll_resolv(1, 1, now
);
973 /* Check for changes to resolv files once per second max. */
974 /* Don't go silent for long periods if the clock goes backwards. */
975 if (daemon
->last_resolv
== 0 ||
976 difftime(now
, daemon
->last_resolv
) > 1.0 ||
977 difftime(now
, daemon
->last_resolv
) < -1.0)
979 /* poll_resolv doesn't need to reload first time through, since
980 that's queued anyway. */
982 poll_resolv(0, daemon
->last_resolv
!= 0, now
);
983 daemon
->last_resolv
= now
;
987 if (FD_ISSET(piperead
, &rset
))
988 async_event(piperead
, now
);
991 /* if we didn't create a DBus connection, retry now. */
992 if (option_bool(OPT_DBUS
) && !daemon
->dbus
)
995 if ((err
= dbus_init()))
996 my_syslog(LOG_WARNING
, _("DBus error: %s"), err
);
998 my_syslog(LOG_INFO
, _("connected to system DBus"));
1000 check_dbus_listeners(&rset
, &wset
, &eset
);
1003 check_dns_listeners(&rset
, now
);
1006 check_tftp_listeners(&rset
, now
);
1010 if (daemon
->dhcp
|| daemon
->relay4
)
1012 if (FD_ISSET(daemon
->dhcpfd
, &rset
))
1013 dhcp_packet(now
, 0);
1014 if (daemon
->pxefd
!= -1 && FD_ISSET(daemon
->pxefd
, &rset
))
1015 dhcp_packet(now
, 1);
1019 if ((daemon
->doing_dhcp6
|| daemon
->relay6
) && FD_ISSET(daemon
->dhcp6fd
, &rset
))
1022 if (daemon
->doing_ra
&& FD_ISSET(daemon
->icmp6fd
, &rset
))
1027 if (daemon
->helperfd
!= -1 && FD_ISSET(daemon
->helperfd
, &wset
))
1035 static void sig_handler(int sig
)
1039 /* ignore anything other than TERM during startup
1040 and in helper proc. (helper ignore TERM too) */
1044 else if (pid
!= getpid())
1046 /* alarm is used to kill TCP children after a fixed time. */
1052 /* master process */
1053 int event
, errsave
= errno
;
1056 event
= EVENT_RELOAD
;
1057 else if (sig
== SIGCHLD
)
1058 event
= EVENT_CHILD
;
1059 else if (sig
== SIGALRM
)
1060 event
= EVENT_ALARM
;
1061 else if (sig
== SIGTERM
)
1063 else if (sig
== SIGUSR1
)
1065 else if (sig
== SIGUSR2
)
1066 event
= EVENT_REOPEN
;
1070 send_event(pipewrite
, event
, 0, NULL
);
1075 /* now == 0 -> queue immediate callback */
1076 void send_alarm(time_t event
, time_t now
)
1078 if (now
== 0 || event
!= 0)
1080 /* alarm(0) or alarm(-ve) doesn't do what we want.... */
1081 if ((now
== 0 || difftime(event
, now
) <= 0.0))
1082 send_event(pipewrite
, EVENT_ALARM
, 0, NULL
);
1084 alarm((unsigned)difftime(event
, now
));
1088 void queue_event(int event
)
1090 send_event(pipewrite
, event
, 0, NULL
);
1093 void send_event(int fd
, int event
, int data
, char *msg
)
1095 struct event_desc ev
;
1096 struct iovec iov
[2];
1100 ev
.msg_sz
= msg
? strlen(msg
) : 0;
1102 iov
[0].iov_base
= &ev
;
1103 iov
[0].iov_len
= sizeof(ev
);
1104 iov
[1].iov_base
= msg
;
1105 iov
[1].iov_len
= ev
.msg_sz
;
1107 /* error pipe, debug mode. */
1109 fatal_event(&ev
, msg
);
1111 /* pipe is non-blocking and struct event_desc is smaller than
1112 PIPE_BUF, so this either fails or writes everything */
1113 while (writev(fd
, iov
, msg
? 2 : 1) == -1 && errno
== EINTR
);
1116 /* NOTE: the memory used to return msg is leaked: use msgs in events only
1117 to describe fatal errors. */
1118 static int read_event(int fd
, struct event_desc
*evp
, char **msg
)
1122 if (!read_write(fd
, (unsigned char *)evp
, sizeof(struct event_desc
), 1))
1127 if (evp
->msg_sz
!= 0 &&
1128 (buf
= malloc(evp
->msg_sz
+ 1)) &&
1129 read_write(fd
, (unsigned char *)buf
, evp
->msg_sz
, 1))
1131 buf
[evp
->msg_sz
] = 0;
1138 static void fatal_event(struct event_desc
*ev
, char *msg
)
1147 case EVENT_FORK_ERR
:
1148 die(_("cannot fork into background: %s"), NULL
, EC_MISC
);
1150 case EVENT_PIPE_ERR
:
1151 die(_("failed to create helper: %s"), NULL
, EC_MISC
);
1154 die(_("setting capabilities failed: %s"), NULL
, EC_MISC
);
1156 case EVENT_USER_ERR
:
1157 die(_("failed to change user-id to %s: %s"), msg
, EC_MISC
);
1159 case EVENT_GROUP_ERR
:
1160 die(_("failed to change group-id to %s: %s"), msg
, EC_MISC
);
1163 die(_("failed to open pidfile %s: %s"), msg
, EC_FILE
);
1166 die(_("cannot open log %s: %s"), msg
, EC_FILE
);
1169 die(_("failed to load Lua script: %s"), msg
, EC_MISC
);
1171 case EVENT_TFTP_ERR
:
1172 die(_("TFTP directory %s inaccessible: %s"), msg
, EC_FILE
);
1176 static void async_event(int pipe
, time_t now
)
1179 struct event_desc ev
;
1183 /* NOTE: the memory used to return msg is leaked: use msgs in events only
1184 to describe fatal errors. */
1186 if (read_event(pipe
, &ev
, &msg
))
1191 if (option_bool(OPT_DNSSEC_VALID
) && option_bool(OPT_DNSSEC_TIME
))
1193 my_syslog(LOG_INFO
, _("now checking DNSSEC signature timestamps"));
1194 reset_option_bool(OPT_DNSSEC_TIME
);
1200 clear_cache_and_reload(now
);
1202 if (daemon
->port
!= 0)
1204 if (daemon
->resolv_files
&& option_bool(OPT_NO_POLL
))
1206 reload_servers(daemon
->resolv_files
->name
);
1210 if (daemon
->servers_file
)
1212 read_servers_file();
1226 if (daemon
->port
!= 0)
1232 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
1234 lease_prune(NULL
, now
);
1235 lease_update_file(now
);
1238 else if (daemon
->doing_ra
)
1239 /* Not doing DHCP, so no lease system, manage alarms for ra only */
1240 send_alarm(periodic_ra(now
), now
);
1246 /* See Stevens 5.10 */
1247 while ((p
= waitpid(-1, NULL
, WNOHANG
)) != 0)
1254 for (i
= 0 ; i
< MAX_PROCS
; i
++)
1255 if (daemon
->tcp_pids
[i
] == p
)
1256 daemon
->tcp_pids
[i
] = 0;
1260 my_syslog(LOG_WARNING
, _("script process killed by signal %d"), ev
.data
);
1264 my_syslog(LOG_WARNING
, _("script process exited with status %d"), ev
.data
);
1267 case EVENT_EXEC_ERR
:
1268 my_syslog(LOG_ERR
, _("failed to execute %s: %s"),
1269 daemon
->lease_change_command
, strerror(ev
.data
));
1272 /* necessary for fatal errors in helper */
1273 case EVENT_USER_ERR
:
1276 fatal_event(&ev
, msg
);
1280 /* Note: this may leave TCP-handling processes with the old file still open.
1281 Since any such process will die in CHILD_LIFETIME or probably much sooner,
1282 we leave them logging to the old file. */
1283 if (daemon
->log_file
!= NULL
)
1284 log_reopen(daemon
->log_file
);
1291 case EVENT_NEWROUTE
:
1293 /* Force re-reading resolv file right now, for luck. */
1294 poll_resolv(0, 1, now
);
1298 /* Knock all our children on the head. */
1299 for (i
= 0; i
< MAX_PROCS
; i
++)
1300 if (daemon
->tcp_pids
[i
] != 0)
1301 kill(daemon
->tcp_pids
[i
], SIGALRM
);
1303 #if defined(HAVE_SCRIPT)
1304 /* handle pending lease transitions */
1305 if (daemon
->helperfd
!= -1)
1307 /* block in writes until all done */
1308 if ((i
= fcntl(daemon
->helperfd
, F_GETFL
)) != -1)
1309 fcntl(daemon
->helperfd
, F_SETFL
, i
& ~O_NONBLOCK
);
1312 } while (!helper_buf_empty() || do_script_run(now
));
1313 close(daemon
->helperfd
);
1317 if (daemon
->lease_stream
)
1318 fclose(daemon
->lease_stream
);
1320 if (daemon
->runfile
)
1321 unlink(daemon
->runfile
);
1323 my_syslog(LOG_INFO
, _("exiting on receipt of SIGTERM"));
1329 static void poll_resolv(int force
, int do_reload
, time_t now
)
1331 struct resolvc
*res
, *latest
;
1332 struct stat statbuf
;
1333 time_t last_change
= 0;
1334 /* There may be more than one possible file.
1335 Go through and find the one which changed _last_.
1336 Warn of any which can't be read. */
1338 if (daemon
->port
== 0 || option_bool(OPT_NO_POLL
))
1341 for (latest
= NULL
, res
= daemon
->resolv_files
; res
; res
= res
->next
)
1342 if (stat(res
->name
, &statbuf
) == -1)
1351 my_syslog(LOG_WARNING
, _("failed to access %s: %s"), res
->name
, strerror(errno
));
1354 if (res
->mtime
!= 0)
1356 /* existing file evaporated, force selection of the latest
1357 file even if its mtime hasn't changed since we last looked */
1358 poll_resolv(1, do_reload
, now
);
1365 if (force
|| (statbuf
.st_mtime
!= res
->mtime
))
1367 res
->mtime
= statbuf
.st_mtime
;
1368 if (difftime(statbuf
.st_mtime
, last_change
) > 0.0)
1370 last_change
= statbuf
.st_mtime
;
1378 static int warned
= 0;
1379 if (reload_servers(latest
->name
))
1381 my_syslog(LOG_INFO
, _("reading %s"), latest
->name
);
1384 if (option_bool(OPT_RELOAD
) && do_reload
)
1385 clear_cache_and_reload(now
);
1392 my_syslog(LOG_WARNING
, _("no servers found in %s, will retry"), latest
->name
);
1399 void clear_cache_and_reload(time_t now
)
1403 if (daemon
->port
!= 0)
1407 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
1409 if (option_bool(OPT_ETHERS
))
1413 set_dynamic_inotify(AH_DHCP_HST
| AH_DHCP_OPT
, 0, NULL
, 0);
1415 dhcp_update_configs(daemon
->dhcp_conf
);
1416 lease_update_from_configs();
1417 lease_update_file(now
);
1418 lease_update_dns(1);
1421 else if (daemon
->doing_ra
)
1422 /* Not doing DHCP, so no lease system, manage
1423 alarms for ra only */
1424 send_alarm(periodic_ra(now
), now
);
1429 static int set_dns_listeners(time_t now
, fd_set
*set
, int *maxfdp
)
1431 struct serverfd
*serverfdp
;
1432 struct listener
*listener
;
1437 struct tftp_transfer
*transfer
;
1438 for (transfer
= daemon
->tftp_trans
; transfer
; transfer
= transfer
->next
)
1441 FD_SET(transfer
->sockfd
, set
);
1442 bump_maxfd(transfer
->sockfd
, maxfdp
);
1446 /* will we be able to get memory? */
1447 if (daemon
->port
!= 0)
1448 get_new_frec(now
, &wait
, 0);
1450 for (serverfdp
= daemon
->sfds
; serverfdp
; serverfdp
= serverfdp
->next
)
1452 FD_SET(serverfdp
->fd
, set
);
1453 bump_maxfd(serverfdp
->fd
, maxfdp
);
1456 if (daemon
->port
!= 0 && !daemon
->osport
)
1457 for (i
= 0; i
< RANDOM_SOCKS
; i
++)
1458 if (daemon
->randomsocks
[i
].refcount
!= 0)
1460 FD_SET(daemon
->randomsocks
[i
].fd
, set
);
1461 bump_maxfd(daemon
->randomsocks
[i
].fd
, maxfdp
);
1464 for (listener
= daemon
->listeners
; listener
; listener
= listener
->next
)
1466 /* only listen for queries if we have resources */
1467 if (listener
->fd
!= -1 && wait
== 0)
1469 FD_SET(listener
->fd
, set
);
1470 bump_maxfd(listener
->fd
, maxfdp
);
1473 /* death of a child goes through the select loop, so
1474 we don't need to explicitly arrange to wake up here */
1475 if (listener
->tcpfd
!= -1)
1476 for (i
= 0; i
< MAX_PROCS
; i
++)
1477 if (daemon
->tcp_pids
[i
] == 0)
1479 FD_SET(listener
->tcpfd
, set
);
1480 bump_maxfd(listener
->tcpfd
, maxfdp
);
1485 if (tftp
<= daemon
->tftp_max
&& listener
->tftpfd
!= -1)
1487 FD_SET(listener
->tftpfd
, set
);
1488 bump_maxfd(listener
->tftpfd
, maxfdp
);
1497 static void check_dns_listeners(fd_set
*set
, time_t now
)
1499 struct serverfd
*serverfdp
;
1500 struct listener
*listener
;
1503 for (serverfdp
= daemon
->sfds
; serverfdp
; serverfdp
= serverfdp
->next
)
1504 if (FD_ISSET(serverfdp
->fd
, set
))
1505 reply_query(serverfdp
->fd
, serverfdp
->source_addr
.sa
.sa_family
, now
);
1507 if (daemon
->port
!= 0 && !daemon
->osport
)
1508 for (i
= 0; i
< RANDOM_SOCKS
; i
++)
1509 if (daemon
->randomsocks
[i
].refcount
!= 0 &&
1510 FD_ISSET(daemon
->randomsocks
[i
].fd
, set
))
1511 reply_query(daemon
->randomsocks
[i
].fd
, daemon
->randomsocks
[i
].family
, now
);
1513 for (listener
= daemon
->listeners
; listener
; listener
= listener
->next
)
1515 if (listener
->fd
!= -1 && FD_ISSET(listener
->fd
, set
))
1516 receive_query(listener
, now
);
1519 if (listener
->tftpfd
!= -1 && FD_ISSET(listener
->tftpfd
, set
))
1520 tftp_request(listener
, now
);
1523 if (listener
->tcpfd
!= -1 && FD_ISSET(listener
->tcpfd
, set
))
1525 int confd
, client_ok
= 1;
1526 struct irec
*iface
= NULL
;
1528 union mysockaddr tcp_addr
;
1529 socklen_t tcp_len
= sizeof(union mysockaddr
);
1531 while ((confd
= accept(listener
->tcpfd
, NULL
, NULL
)) == -1 && errno
== EINTR
);
1536 if (getsockname(confd
, (struct sockaddr
*)&tcp_addr
, &tcp_len
) == -1)
1542 /* Make sure that the interface list is up-to-date.
1544 We do this here as we may need the results below, and
1545 the DNS code needs them for --interface-name stuff.
1547 Multiple calls to enumerate_interfaces() per select loop are
1548 inhibited, so calls to it in the child process (which doesn't select())
1549 have no effect. This avoids two processes reading from the same
1550 netlink fd and screwing the pooch entirely.
1553 enumerate_interfaces(0);
1555 if (option_bool(OPT_NOWILD
))
1556 iface
= listener
->iface
; /* May be NULL */
1560 char intr_name
[IF_NAMESIZE
];
1562 /* if we can find the arrival interface, check it's one that's allowed */
1563 if ((if_index
= tcp_interface(confd
, tcp_addr
.sa
.sa_family
)) != 0 &&
1564 indextoname(listener
->tcpfd
, if_index
, intr_name
))
1566 struct all_addr addr
;
1567 addr
.addr
.addr4
= tcp_addr
.in
.sin_addr
;
1569 if (tcp_addr
.sa
.sa_family
== AF_INET6
)
1570 addr
.addr
.addr6
= tcp_addr
.in6
.sin6_addr
;
1573 for (iface
= daemon
->interfaces
; iface
; iface
= iface
->next
)
1574 if (iface
->index
== if_index
)
1577 if (!iface
&& !loopback_exception(listener
->tcpfd
, tcp_addr
.sa
.sa_family
, &addr
, intr_name
))
1581 if (option_bool(OPT_CLEVERBIND
))
1582 iface
= listener
->iface
; /* May be NULL */
1585 /* Check for allowed interfaces when binding the wildcard address:
1586 we do this by looking for an interface with the same address as
1587 the local address of the TCP connection, then looking to see if that's
1588 an allowed interface. As a side effect, we get the netmask of the
1589 interface too, for localisation. */
1591 for (iface
= daemon
->interfaces
; iface
; iface
= iface
->next
)
1592 if (sockaddr_isequal(&iface
->addr
, &tcp_addr
))
1602 shutdown(confd
, SHUT_RDWR
);
1606 else if (!option_bool(OPT_DEBUG
) && (p
= fork()) != 0)
1611 for (i
= 0; i
< MAX_PROCS
; i
++)
1612 if (daemon
->tcp_pids
[i
] == 0)
1614 daemon
->tcp_pids
[i
] = p
;
1620 /* The child can use up to TCP_MAX_QUERIES ids, so skip that many. */
1621 daemon
->log_id
+= TCP_MAX_QUERIES
;
1626 unsigned char *buff
;
1629 struct in_addr netmask
;
1634 netmask
= iface
->netmask
;
1635 auth_dns
= iface
->dns_auth
;
1644 /* Arrange for SIGALARM after CHILD_LIFETIME seconds to
1645 terminate the process. */
1646 if (!option_bool(OPT_DEBUG
))
1647 alarm(CHILD_LIFETIME
);
1650 /* start with no upstream connections. */
1651 for (s
= daemon
->servers
; s
; s
= s
->next
)
1654 /* The connected socket inherits non-blocking
1655 attribute from the listening socket.
1657 if ((flags
= fcntl(confd
, F_GETFL
, 0)) != -1)
1658 fcntl(confd
, F_SETFL
, flags
& ~O_NONBLOCK
);
1660 buff
= tcp_request(confd
, now
, &tcp_addr
, netmask
, auth_dns
);
1662 shutdown(confd
, SHUT_RDWR
);
1668 for (s
= daemon
->servers
; s
; s
= s
->next
)
1671 shutdown(s
->tcpfd
, SHUT_RDWR
);
1675 if (!option_bool(OPT_DEBUG
))
1687 int make_icmp_sock(void)
1692 if ((fd
= socket (AF_INET
, SOCK_RAW
, IPPROTO_ICMP
)) != -1)
1695 setsockopt(fd
, SOL_SOCKET
, SO_DONTROUTE
, &zeroopt
, sizeof(zeroopt
)) == -1)
1705 int icmp_ping(struct in_addr addr
)
1707 /* Try and get an ICMP echo from a machine. */
1709 /* Note that whilst in the three second wait, we check for
1710 (and service) events on the DNS and TFTP sockets, (so doing that
1711 better not use any resources our caller has in use...)
1712 but we remain deaf to signals or further DHCP packets. */
1715 struct sockaddr_in saddr
;
1720 unsigned short id
= rand16();
1725 #if defined(HAVE_LINUX_NETWORK) || defined (HAVE_SOLARIS_NETWORK)
1726 if ((fd
= make_icmp_sock()) == -1)
1730 fd
= daemon
->dhcp_icmp_fd
;
1731 setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &opt
, sizeof(opt
));
1734 saddr
.sin_family
= AF_INET
;
1736 saddr
.sin_addr
= addr
;
1737 #ifdef HAVE_SOCKADDR_SA_LEN
1738 saddr
.sin_len
= sizeof(struct sockaddr_in
);
1741 memset(&packet
.icmp
, 0, sizeof(packet
.icmp
));
1742 packet
.icmp
.icmp_type
= ICMP_ECHO
;
1743 packet
.icmp
.icmp_id
= id
;
1744 for (j
= 0, i
= 0; i
< sizeof(struct icmp
) / 2; i
++)
1745 j
+= ((u16
*)&packet
.icmp
)[i
];
1747 j
= (j
& 0xffff) + (j
>> 16);
1748 packet
.icmp
.icmp_cksum
= (j
== 0xffff) ? j
: ~j
;
1750 while (sendto(fd
, (char *)&packet
.icmp
, sizeof(struct icmp
), 0,
1751 (struct sockaddr
*)&saddr
, sizeof(saddr
)) == -1 &&
1754 for (now
= start
= dnsmasq_time();
1755 difftime(now
, start
) < (float)PING_WAIT
;)
1759 struct sockaddr_in faddr
;
1761 socklen_t len
= sizeof(faddr
);
1763 tv
.tv_usec
= 250000;
1769 set_dns_listeners(now
, &rset
, &maxfd
);
1770 set_log_writer(&wset
, &maxfd
);
1773 if (daemon
->doing_ra
)
1775 FD_SET(daemon
->icmp6fd
, &rset
);
1776 bump_maxfd(daemon
->icmp6fd
, &maxfd
);
1780 if (select(maxfd
+1, &rset
, &wset
, NULL
, &tv
) < 0)
1786 now
= dnsmasq_time();
1788 check_log_writer(&wset
);
1789 check_dns_listeners(&rset
, now
);
1792 if (daemon
->doing_ra
&& FD_ISSET(daemon
->icmp6fd
, &rset
))
1797 check_tftp_listeners(&rset
, now
);
1800 if (FD_ISSET(fd
, &rset
) &&
1801 recvfrom(fd
, &packet
, sizeof(packet
), 0,
1802 (struct sockaddr
*)&faddr
, &len
) == sizeof(packet
) &&
1803 saddr
.sin_addr
.s_addr
== faddr
.sin_addr
.s_addr
&&
1804 packet
.icmp
.icmp_type
== ICMP_ECHOREPLY
&&
1805 packet
.icmp
.icmp_seq
== 0 &&
1806 packet
.icmp
.icmp_id
== id
)
1813 #if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK)
1817 setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &opt
, sizeof(opt
));