1 /* dnsmasq is Copyright (c) 2000-2015 Simon Kelley
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 /* Declare static char *compiler_opts in config.h */
18 #define DNSMASQ_COMPILE_OPTS
22 struct daemon
*daemon
;
24 static volatile pid_t pid
= 0;
25 static volatile int pipewrite
;
27 static int set_dns_listeners(time_t now
, fd_set
*set
, int *maxfdp
);
28 static void check_dns_listeners(fd_set
*set
, time_t now
);
29 static void sig_handler(int sig
);
30 static void async_event(int pipe
, time_t now
);
31 static void fatal_event(struct event_desc
*ev
, char *msg
);
32 static int read_event(int fd
, struct event_desc
*evp
, char **msg
);
33 static void poll_resolv(int force
, int do_reload
, time_t now
);
35 int main (int argc
, char **argv
)
37 int bind_fallback
= 0;
39 struct sigaction sigact
;
41 int piperead
, pipefd
[2], err_pipe
[2];
42 struct passwd
*ent_pw
= NULL
;
43 #if defined(HAVE_SCRIPT)
47 struct group
*gp
= NULL
;
48 long i
, max_fd
= sysconf(_SC_OPEN_MAX
);
51 #if defined(HAVE_LINUX_NETWORK)
52 cap_user_header_t hdr
= NULL
;
53 cap_user_data_t data
= NULL
;
54 char *bound_device
= NULL
;
57 #if defined(HAVE_DHCP) || defined(HAVE_DHCP6)
58 struct dhcp_context
*context
;
59 struct dhcp_relay
*relay
;
63 setlocale(LC_ALL
, "");
64 bindtextdomain("dnsmasq", LOCALEDIR
);
65 textdomain("dnsmasq");
68 sigact
.sa_handler
= sig_handler
;
70 sigemptyset(&sigact
.sa_mask
);
71 sigaction(SIGUSR1
, &sigact
, NULL
);
72 sigaction(SIGUSR2
, &sigact
, NULL
);
73 sigaction(SIGHUP
, &sigact
, NULL
);
74 sigaction(SIGTERM
, &sigact
, NULL
);
75 sigaction(SIGALRM
, &sigact
, NULL
);
76 sigaction(SIGCHLD
, &sigact
, NULL
);
79 sigact
.sa_handler
= SIG_IGN
;
80 sigaction(SIGPIPE
, &sigact
, NULL
);
82 umask(022); /* known umask, create leases and pid files as 0644 */
84 rand_init(); /* Must precede read_opts() */
86 read_opts(argc
, argv
, compile_opts
);
88 if (daemon
->edns_pktsz
< PACKETSZ
)
89 daemon
->edns_pktsz
= PACKETSZ
;
91 daemon
->packet_buff_sz
= daemon
->edns_pktsz
> DNSMASQ_PACKETSZ
?
92 daemon
->edns_pktsz
: DNSMASQ_PACKETSZ
;
93 daemon
->packet
= safe_malloc(daemon
->packet_buff_sz
);
95 daemon
->addrbuff
= safe_malloc(ADDRSTRLEN
);
96 if (option_bool(OPT_EXTRALOG
))
97 daemon
->addrbuff2
= safe_malloc(ADDRSTRLEN
);
100 if (option_bool(OPT_DNSSEC_VALID
))
102 daemon
->keyname
= safe_malloc(MAXDNAME
);
103 daemon
->workspacename
= safe_malloc(MAXDNAME
);
108 if (!daemon
->lease_file
)
110 if (daemon
->dhcp
|| daemon
->dhcp6
)
111 daemon
->lease_file
= LEASEFILE
;
115 /* Close any file descriptors we inherited apart from std{in|out|err}
117 Ensure that at least stdin, stdout and stderr (fd 0, 1, 2) exist,
118 otherwise file descriptors we create can end up being 0, 1, or 2
119 and then get accidentally closed later when we make 0, 1, and 2
120 open to /dev/null. Normally we'll be started with 0, 1 and 2 open,
121 but it's not guaranteed. By opening /dev/null three times, we
122 ensure that we're not using those fds for real stuff. */
123 for (i
= 0; i
< max_fd
; i
++)
124 if (i
!= STDOUT_FILENO
&& i
!= STDERR_FILENO
&& i
!= STDIN_FILENO
)
127 open("/dev/null", O_RDWR
);
129 #ifndef HAVE_LINUX_NETWORK
130 # if !(defined(IP_RECVDSTADDR) && defined(IP_RECVIF) && defined(IP_SENDSRCADDR))
131 if (!option_bool(OPT_NOWILD
))
134 set_option_bool(OPT_NOWILD
);
138 /* -- bind-dynamic not supported on !Linux, fall back to --bind-interfaces */
139 if (option_bool(OPT_CLEVERBIND
))
142 set_option_bool(OPT_NOWILD
);
143 reset_option_bool(OPT_CLEVERBIND
);
148 if (daemon
->dynamic_dirs
)
149 die(_("dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"), NULL
, EC_BADCONF
);
152 if (option_bool(OPT_DNSSEC_VALID
))
156 die(_("No trust anchors provided for DNSSEC"), NULL
, EC_BADCONF
);
158 if (daemon
->cachesize
< CACHESIZ
)
159 die(_("Cannot reduce cache size from default when DNSSEC enabled"), NULL
, EC_BADCONF
);
161 die(_("DNSSEC not available: set HAVE_DNSSEC in src/config.h"), NULL
, EC_BADCONF
);
166 if (option_bool(OPT_TFTP
))
167 die(_("TFTP server not available: set HAVE_TFTP in src/config.h"), NULL
, EC_BADCONF
);
170 #ifdef HAVE_CONNTRACK
171 if (option_bool(OPT_CONNTRACK
) && (daemon
->query_port
!= 0 || daemon
->osport
))
172 die (_("Cannot use --conntrack AND --query-port"), NULL
, EC_BADCONF
);
174 if (option_bool(OPT_CONNTRACK
))
175 die(_("Conntrack support not available: set HAVE_CONNTRACK in src/config.h"), NULL
, EC_BADCONF
);
178 #ifdef HAVE_SOLARIS_NETWORK
179 if (daemon
->max_logs
!= 0)
180 die(_("asychronous logging is not available under Solaris"), NULL
, EC_BADCONF
);
184 if (daemon
->max_logs
!= 0)
185 die(_("asychronous logging is not available under Android"), NULL
, EC_BADCONF
);
189 if (daemon
->authserver
)
190 die(_("authoritative DNS not available: set HAVE_AUTH in src/config.h"), NULL
, EC_BADCONF
);
194 if (option_bool(OPT_LOOP_DETECT
))
195 die(_("Loop detection not available: set HAVE_LOOP in src/config.h"), NULL
, EC_BADCONF
);
198 now
= dnsmasq_time();
200 /* Create a serial at startup if not configured. */
201 if (daemon
->authinterface
&& daemon
->soa_sn
== 0)
202 #ifdef HAVE_BROKEN_RTC
203 die(_("zone serial must be configured in --auth-soa"), NULL
, EC_BADCONF
);
205 daemon
->soa_sn
= now
;
211 daemon
->doing_ra
= option_bool(OPT_RA
);
213 for (context
= daemon
->dhcp6
; context
; context
= context
->next
)
215 if (context
->flags
& CONTEXT_DHCP
)
216 daemon
->doing_dhcp6
= 1;
217 if (context
->flags
& CONTEXT_RA
)
218 daemon
->doing_ra
= 1;
219 #if !defined(HAVE_LINUX_NETWORK) && !defined(HAVE_BSD_NETWORK)
220 if (context
->flags
& CONTEXT_TEMPLATE
)
221 die (_("dhcp-range constructor not available on this platform"), NULL
, EC_BADCONF
);
228 /* Note that order matters here, we must call lease_init before
229 creating any file descriptors which shouldn't be leaked
230 to the lease-script init process. We need to call common_init
231 before lease_init to allocate buffers it uses.*/
232 if (daemon
->dhcp
|| daemon
->doing_dhcp6
|| daemon
->relay4
|| daemon
->relay6
)
235 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
239 if (daemon
->dhcp
|| daemon
->relay4
)
243 if (daemon
->doing_ra
|| daemon
->doing_dhcp6
|| daemon
->relay6
)
246 if (daemon
->doing_dhcp6
|| daemon
->relay6
)
257 #if defined(HAVE_LINUX_NETWORK)
259 #elif defined(HAVE_BSD_NETWORK)
263 if (option_bool(OPT_NOWILD
) && option_bool(OPT_CLEVERBIND
))
264 die(_("cannot set --bind-interfaces and --bind-dynamic"), NULL
, EC_BADCONF
);
266 if (!enumerate_interfaces(1) || !enumerate_interfaces(0))
267 die(_("failed to find list of interfaces: %s"), NULL
, EC_MISC
);
269 if (option_bool(OPT_NOWILD
) || option_bool(OPT_CLEVERBIND
))
271 create_bound_listeners(1);
273 if (!option_bool(OPT_CLEVERBIND
))
274 for (if_tmp
= daemon
->if_names
; if_tmp
; if_tmp
= if_tmp
->next
)
275 if (if_tmp
->name
&& !if_tmp
->used
)
276 die(_("unknown interface %s"), if_tmp
->name
, EC_BADNET
);
278 #if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP)
279 /* after enumerate_interfaces() */
280 bound_device
= whichdevice();
284 if (!daemon
->relay4
&& bound_device
)
286 bindtodevice(bound_device
, daemon
->dhcpfd
);
289 if (daemon
->enable_pxe
&& bound_device
)
291 bindtodevice(bound_device
, daemon
->pxefd
);
297 #if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP6)
298 if (daemon
->doing_dhcp6
&& !daemon
->relay6
&& bound_device
)
300 bindtodevice(bound_device
, daemon
->dhcp6fd
);
306 create_wildcard_listeners();
309 /* after enumerate_interfaces() */
310 if (daemon
->doing_dhcp6
|| daemon
->relay6
|| daemon
->doing_ra
)
313 /* After netlink_init() and before create_helper() */
314 lease_make_duid(now
);
317 if (daemon
->port
!= 0)
327 if (daemon
->port
!= 0 || daemon
->dhcp
|| daemon
->doing_dhcp6
)
328 inotify_dnsmasq_init();
330 daemon
->inotifyfd
= -1;
333 if (option_bool(OPT_DBUS
))
338 daemon
->watches
= NULL
;
339 if ((err
= dbus_init()))
340 die(_("DBus error: %s"), err
, EC_MISC
);
343 die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL
, EC_BADCONF
);
346 if (daemon
->port
!= 0)
349 #if defined(HAVE_SCRIPT)
350 /* Note getpwnam returns static storage */
351 if ((daemon
->dhcp
|| daemon
->dhcp6
) &&
352 daemon
->scriptuser
&&
353 (daemon
->lease_change_command
|| daemon
->luascript
))
355 if ((ent_pw
= getpwnam(daemon
->scriptuser
)))
357 script_uid
= ent_pw
->pw_uid
;
358 script_gid
= ent_pw
->pw_gid
;
361 baduser
= daemon
->scriptuser
;
365 if (daemon
->username
&& !(ent_pw
= getpwnam(daemon
->username
)))
366 baduser
= daemon
->username
;
367 else if (daemon
->groupname
&& !(gp
= getgrnam(daemon
->groupname
)))
368 baduser
= daemon
->groupname
;
371 die(_("unknown user or group: %s"), baduser
, EC_BADCONF
);
373 /* implement group defaults, "dip" if available, or group associated with uid */
374 if (!daemon
->group_set
&& !gp
)
376 if (!(gp
= getgrnam(CHGRP
)) && ent_pw
)
377 gp
= getgrgid(ent_pw
->pw_gid
);
379 /* for error message */
381 daemon
->groupname
= gp
->gr_name
;
384 #if defined(HAVE_LINUX_NETWORK)
385 /* determine capability API version here, while we can still
387 if (ent_pw
&& ent_pw
->pw_uid
!= 0)
389 int capsize
= 1; /* for header version 1 */
390 hdr
= safe_malloc(sizeof(*hdr
));
392 /* find version supported by kernel */
393 memset(hdr
, 0, sizeof(*hdr
));
396 if (hdr
->version
!= LINUX_CAPABILITY_VERSION_1
)
398 /* if unknown version, use largest supported version (3) */
399 if (hdr
->version
!= LINUX_CAPABILITY_VERSION_2
)
400 hdr
->version
= LINUX_CAPABILITY_VERSION_3
;
404 data
= safe_malloc(sizeof(*data
) * capsize
);
405 memset(data
, 0, sizeof(*data
) * capsize
);
409 /* Use a pipe to carry signals and other events back to the event loop
410 in a race-free manner and another to carry errors to daemon-invoking process */
411 safe_pipe(pipefd
, 1);
413 piperead
= pipefd
[0];
414 pipewrite
= pipefd
[1];
415 /* prime the pipe to load stuff first time. */
416 send_event(pipewrite
, EVENT_INIT
, 0, NULL
);
420 if (!option_bool(OPT_DEBUG
))
422 /* The following code "daemonizes" the process.
423 See Stevens section 12.4 */
426 die(_("cannot chdir to filesystem root: %s"), NULL
, EC_MISC
);
429 if (!option_bool(OPT_NO_FORK
))
433 /* pipe to carry errors back to original process.
434 When startup is complete we close this and the process terminates. */
435 safe_pipe(err_pipe
, 0);
437 if ((pid
= fork()) == -1)
438 /* fd == -1 since we've not forked, never returns. */
439 send_event(-1, EVENT_FORK_ERR
, errno
, NULL
);
443 struct event_desc ev
;
446 /* close our copy of write-end */
449 /* check for errors after the fork */
450 if (read_event(err_pipe
[0], &ev
, &msg
))
451 fatal_event(&ev
, msg
);
458 /* NO calls to die() from here on. */
462 if ((pid
= fork()) == -1)
463 send_event(err_pipe
[1], EVENT_FORK_ERR
, errno
, NULL
);
470 /* write pidfile _after_ forking ! */
475 sprintf(daemon
->namebuff
, "%d\n", (int) getpid());
477 /* Explanation: Some installations of dnsmasq (eg Debian/Ubuntu) locate the pid-file
478 in a directory which is writable by the non-privileged user that dnsmasq runs as. This
479 allows the daemon to delete the file as part of its shutdown. This is a security hole to the
480 extent that an attacker running as the unprivileged user could replace the pidfile with a
481 symlink, and have the target of that symlink overwritten as root next time dnsmasq starts.
483 The folowing code first deletes any existing file, and then opens it with the O_EXCL flag,
484 ensuring that the open() fails should there be any existing file (because the unlink() failed,
485 or an attacker exploited the race between unlink() and open()). This ensures that no symlink
488 Any compromise of the non-privileged user still theoretically allows the pid-file to be
489 replaced whilst dnsmasq is running. The worst that could allow is that the usual
490 "shutdown dnsmasq" shell command could be tricked into stopping any other process.
492 Note that if dnsmasq is started as non-root (eg for testing) it silently ignores
493 failure to write the pid-file.
496 unlink(daemon
->runfile
);
498 if ((fd
= open(daemon
->runfile
, O_WRONLY
|O_CREAT
|O_TRUNC
|O_EXCL
, S_IWUSR
|S_IRUSR
|S_IRGRP
|S_IROTH
)) == -1)
500 /* only complain if started as root */
506 if (!read_write(fd
, (unsigned char *)daemon
->namebuff
, strlen(daemon
->namebuff
), 0))
509 while (!err
&& close(fd
) == -1)
516 send_event(err_pipe
[1], EVENT_PIDFILE
, errno
, daemon
->runfile
);
522 log_err
= log_start(ent_pw
, err_pipe
[1]);
524 if (!option_bool(OPT_DEBUG
))
526 /* open stdout etc to /dev/null */
527 int nullfd
= open("/dev/null", O_RDWR
);
528 dup2(nullfd
, STDOUT_FILENO
);
529 dup2(nullfd
, STDERR_FILENO
);
530 dup2(nullfd
, STDIN_FILENO
);
534 /* if we are to run scripts, we need to fork a helper before dropping root. */
535 daemon
->helperfd
= -1;
537 if ((daemon
->dhcp
|| daemon
->dhcp6
) && (daemon
->lease_change_command
|| daemon
->luascript
))
538 daemon
->helperfd
= create_helper(pipewrite
, err_pipe
[1], script_uid
, script_gid
, max_fd
);
541 if (!option_bool(OPT_DEBUG
) && getuid() == 0)
543 int bad_capabilities
= 0;
546 /* remove all supplimentary groups */
548 (setgroups(0, &dummy
) == -1 ||
549 setgid(gp
->gr_gid
) == -1))
551 send_event(err_pipe
[1], EVENT_GROUP_ERR
, errno
, daemon
->groupname
);
555 if (ent_pw
&& ent_pw
->pw_uid
!= 0)
557 #if defined(HAVE_LINUX_NETWORK)
558 /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
559 CAP_NET_RAW (for icmp) if we're doing dhcp. If we have yet to bind
560 ports because of DAD, or we're doing it dynamically,
561 we need CAP_NET_BIND_SERVICE too. */
562 if (is_dad_listeners() || option_bool(OPT_CLEVERBIND
))
563 data
->effective
= data
->permitted
= data
->inheritable
=
564 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
) |
565 (1 << CAP_SETUID
) | (1 << CAP_NET_BIND_SERVICE
);
567 data
->effective
= data
->permitted
= data
->inheritable
=
568 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
) | (1 << CAP_SETUID
);
570 /* Tell kernel to not clear capabilities when dropping root */
571 if (capset(hdr
, data
) == -1 || prctl(PR_SET_KEEPCAPS
, 1, 0, 0, 0) == -1)
572 bad_capabilities
= errno
;
574 #elif defined(HAVE_SOLARIS_NETWORK)
575 /* http://developers.sun.com/solaris/articles/program_privileges.html */
576 priv_set_t
*priv_set
;
578 if (!(priv_set
= priv_str_to_set("basic", ",", NULL
)) ||
579 priv_addset(priv_set
, PRIV_NET_ICMPACCESS
) == -1 ||
580 priv_addset(priv_set
, PRIV_SYS_NET_CONFIG
) == -1)
581 bad_capabilities
= errno
;
583 if (priv_set
&& bad_capabilities
== 0)
585 priv_inverse(priv_set
);
587 if (setppriv(PRIV_OFF
, PRIV_LIMIT
, priv_set
) == -1)
588 bad_capabilities
= errno
;
592 priv_freeset(priv_set
);
596 if (bad_capabilities
!= 0)
598 send_event(err_pipe
[1], EVENT_CAP_ERR
, bad_capabilities
, NULL
);
602 /* finally drop root */
603 if (setuid(ent_pw
->pw_uid
) == -1)
605 send_event(err_pipe
[1], EVENT_USER_ERR
, errno
, daemon
->username
);
609 #ifdef HAVE_LINUX_NETWORK
610 if (is_dad_listeners() || option_bool(OPT_CLEVERBIND
))
611 data
->effective
= data
->permitted
=
612 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
) | (1 << CAP_NET_BIND_SERVICE
);
614 data
->effective
= data
->permitted
=
615 (1 << CAP_NET_ADMIN
) | (1 << CAP_NET_RAW
);
616 data
->inheritable
= 0;
618 /* lose the setuid and setgid capbilities */
619 if (capset(hdr
, data
) == -1)
621 send_event(err_pipe
[1], EVENT_CAP_ERR
, errno
, NULL
);
629 #ifdef HAVE_LINUX_NETWORK
632 if (option_bool(OPT_DEBUG
))
633 prctl(PR_SET_DUMPABLE
, 1, 0, 0, 0);
637 if (option_bool(OPT_TFTP
))
640 struct tftp_prefix
*p
;
642 if (daemon
->tftp_prefix
)
644 if (!((dir
= opendir(daemon
->tftp_prefix
))))
646 send_event(err_pipe
[1], EVENT_TFTP_ERR
, errno
, daemon
->tftp_prefix
);
652 for (p
= daemon
->if_prefix
; p
; p
= p
->next
)
654 if (!((dir
= opendir(p
->prefix
))))
656 send_event(err_pipe
[1], EVENT_TFTP_ERR
, errno
, p
->prefix
);
664 if (daemon
->port
== 0)
665 my_syslog(LOG_INFO
, _("started, version %s DNS disabled"), VERSION
);
666 else if (daemon
->cachesize
!= 0)
667 my_syslog(LOG_INFO
, _("started, version %s cachesize %d"), VERSION
, daemon
->cachesize
);
669 my_syslog(LOG_INFO
, _("started, version %s cache disabled"), VERSION
);
671 my_syslog(LOG_INFO
, _("compile time options: %s"), compile_opts
);
674 if (option_bool(OPT_DBUS
))
677 my_syslog(LOG_INFO
, _("DBus support enabled: connected to system bus"));
679 my_syslog(LOG_INFO
, _("DBus support enabled: bus connection pending"));
683 if (option_bool(OPT_LOCAL_SERVICE
))
684 my_syslog(LOG_INFO
, _("DNS service limited to local subnets"));
687 if (option_bool(OPT_DNSSEC_VALID
))
689 my_syslog(LOG_INFO
, _("DNSSEC validation enabled"));
690 if (option_bool(OPT_DNSSEC_TIME
))
691 my_syslog(LOG_INFO
, _("DNSSEC signature timestamps not checked until first cache reload"));
696 my_syslog(LOG_WARNING
, _("warning: failed to change owner of %s: %s"),
697 daemon
->log_file
, strerror(log_err
));
700 my_syslog(LOG_WARNING
, _("setting --bind-interfaces option because of OS limitations"));
702 if (option_bool(OPT_NOWILD
))
703 warn_bound_listeners();
707 if (!option_bool(OPT_NOWILD
))
708 for (if_tmp
= daemon
->if_names
; if_tmp
; if_tmp
= if_tmp
->next
)
709 if (if_tmp
->name
&& !if_tmp
->used
)
710 my_syslog(LOG_WARNING
, _("warning: interface %s does not currently exist"), if_tmp
->name
);
712 if (daemon
->port
!= 0 && option_bool(OPT_NO_RESOLV
))
714 if (daemon
->resolv_files
&& !daemon
->resolv_files
->is_default
)
715 my_syslog(LOG_WARNING
, _("warning: ignoring resolv-file flag because no-resolv is set"));
716 daemon
->resolv_files
= NULL
;
717 if (!daemon
->servers
)
718 my_syslog(LOG_WARNING
, _("warning: no upstream servers configured"));
721 if (daemon
->max_logs
!= 0)
722 my_syslog(LOG_INFO
, _("asynchronous logging enabled, queue limit is %d messages"), daemon
->max_logs
);
726 for (context
= daemon
->dhcp
; context
; context
= context
->next
)
727 log_context(AF_INET
, context
);
729 for (relay
= daemon
->relay4
; relay
; relay
= relay
->next
)
730 log_relay(AF_INET
, relay
);
733 for (context
= daemon
->dhcp6
; context
; context
= context
->next
)
734 log_context(AF_INET6
, context
);
736 for (relay
= daemon
->relay6
; relay
; relay
= relay
->next
)
737 log_relay(AF_INET6
, relay
);
739 if (daemon
->doing_dhcp6
|| daemon
->doing_ra
)
740 dhcp_construct_contexts(now
);
742 if (option_bool(OPT_RA
))
743 my_syslog(MS_DHCP
| LOG_INFO
, _("IPv6 router advertisement enabled"));
746 # ifdef HAVE_LINUX_NETWORK
748 my_syslog(MS_DHCP
| LOG_INFO
, _("DHCP, sockets bound exclusively to interface %s"), bound_device
);
751 /* after dhcp_contruct_contexts */
752 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
753 lease_find_interfaces(now
);
757 if (option_bool(OPT_TFTP
))
760 if (FD_SETSIZE
< (unsigned)max_fd
)
764 my_syslog(MS_TFTP
| LOG_INFO
, "TFTP %s%s %s",
765 daemon
->tftp_prefix
? _("root is ") : _("enabled"),
766 daemon
->tftp_prefix
? daemon
->tftp_prefix
: "",
767 option_bool(OPT_TFTP_SECURE
) ? _("secure mode") : "");
769 /* This is a guess, it assumes that for small limits,
770 disjoint files might be served, but for large limits,
771 a single file will be sent to may clients (the file only needs
774 max_fd
-= 30; /* use other than TFTP */
778 else if (max_fd
< 100)
781 max_fd
= max_fd
- 20;
783 /* if we have to use a limited range of ports,
784 that will limit the number of transfers */
785 if (daemon
->start_tftp_port
!= 0 &&
786 daemon
->end_tftp_port
- daemon
->start_tftp_port
+ 1 < max_fd
)
787 max_fd
= daemon
->end_tftp_port
- daemon
->start_tftp_port
+ 1;
789 if (daemon
->tftp_max
> max_fd
)
791 daemon
->tftp_max
= max_fd
;
792 my_syslog(MS_TFTP
| LOG_WARNING
,
793 _("restricting maximum simultaneous TFTP transfers to %d"),
799 /* finished start-up - release original process */
800 if (err_pipe
[1] != -1)
803 if (daemon
->port
!= 0)
809 /* Using inotify, have to select a resolv file at startup */
810 poll_resolv(1, 0, now
);
816 struct timeval t
, *tp
= NULL
;
817 fd_set rset
, wset
, eset
;
823 /* if we are out of resources, find how long we have to wait
824 for some to come free, we'll loop around then and restart
825 listening for queries */
826 if ((t
.tv_sec
= set_dns_listeners(now
, &rset
, &maxfd
)) != 0)
832 /* Whilst polling for the dbus, or doing a tftp transfer, wake every quarter second */
833 if (daemon
->tftp_trans
||
834 (option_bool(OPT_DBUS
) && !daemon
->dbus
))
840 /* Wake every second whilst waiting for DAD to complete */
841 else if (is_dad_listeners())
849 set_dbus_listeners(&maxfd
, &rset
, &wset
, &eset
);
853 if (daemon
->dhcp
|| daemon
->relay4
)
855 FD_SET(daemon
->dhcpfd
, &rset
);
856 bump_maxfd(daemon
->dhcpfd
, &maxfd
);
857 if (daemon
->pxefd
!= -1)
859 FD_SET(daemon
->pxefd
, &rset
);
860 bump_maxfd(daemon
->pxefd
, &maxfd
);
866 if (daemon
->doing_dhcp6
|| daemon
->relay6
)
868 FD_SET(daemon
->dhcp6fd
, &rset
);
869 bump_maxfd(daemon
->dhcp6fd
, &maxfd
);
872 if (daemon
->doing_ra
)
874 FD_SET(daemon
->icmp6fd
, &rset
);
875 bump_maxfd(daemon
->icmp6fd
, &maxfd
);
880 if (daemon
->inotifyfd
!= -1)
882 FD_SET(daemon
->inotifyfd
, &rset
);
883 bump_maxfd(daemon
->inotifyfd
, &maxfd
);
887 #if defined(HAVE_LINUX_NETWORK)
888 FD_SET(daemon
->netlinkfd
, &rset
);
889 bump_maxfd(daemon
->netlinkfd
, &maxfd
);
890 #elif defined(HAVE_BSD_NETWORK)
891 FD_SET(daemon
->routefd
, &rset
);
892 bump_maxfd(daemon
->routefd
, &maxfd
);
895 FD_SET(piperead
, &rset
);
896 bump_maxfd(piperead
, &maxfd
);
900 while (helper_buf_empty() && do_script_run(now
));
903 while (helper_buf_empty() && do_tftp_script_run());
906 if (!helper_buf_empty())
908 FD_SET(daemon
->helperfd
, &wset
);
909 bump_maxfd(daemon
->helperfd
, &maxfd
);
912 /* need this for other side-effects */
913 while (do_script_run(now
));
916 while (do_tftp_script_run());
922 /* must do this just before select(), when we know no
923 more calls to my_syslog() can occur */
924 set_log_writer(&wset
, &maxfd
);
926 if (select(maxfd
+1, &rset
, &wset
, &eset
, tp
) < 0)
928 /* otherwise undefined after error */
929 FD_ZERO(&rset
); FD_ZERO(&wset
); FD_ZERO(&eset
);
932 now
= dnsmasq_time();
934 check_log_writer(&wset
);
937 enumerate_interfaces(1);
939 /* Check the interfaces to see if any have exited DAD state
940 and if so, bind the address. */
941 if (is_dad_listeners())
943 enumerate_interfaces(0);
944 /* NB, is_dad_listeners() == 1 --> we're binding interfaces */
945 create_bound_listeners(0);
946 warn_bound_listeners();
949 #if defined(HAVE_LINUX_NETWORK)
950 if (FD_ISSET(daemon
->netlinkfd
, &rset
))
952 #elif defined(HAVE_BSD_NETWORK)
953 if (FD_ISSET(daemon
->routefd
, &rset
))
958 if (daemon
->inotifyfd
!= -1 && FD_ISSET(daemon
->inotifyfd
, &rset
) && inotify_check(now
))
960 if (daemon
->port
!= 0 && !option_bool(OPT_NO_POLL
))
961 poll_resolv(1, 1, now
);
964 /* Check for changes to resolv files once per second max. */
965 /* Don't go silent for long periods if the clock goes backwards. */
966 if (daemon
->last_resolv
== 0 ||
967 difftime(now
, daemon
->last_resolv
) > 1.0 ||
968 difftime(now
, daemon
->last_resolv
) < -1.0)
970 /* poll_resolv doesn't need to reload first time through, since
971 that's queued anyway. */
973 poll_resolv(0, daemon
->last_resolv
!= 0, now
);
974 daemon
->last_resolv
= now
;
978 if (FD_ISSET(piperead
, &rset
))
979 async_event(piperead
, now
);
982 /* if we didn't create a DBus connection, retry now. */
983 if (option_bool(OPT_DBUS
) && !daemon
->dbus
)
986 if ((err
= dbus_init()))
987 my_syslog(LOG_WARNING
, _("DBus error: %s"), err
);
989 my_syslog(LOG_INFO
, _("connected to system DBus"));
991 check_dbus_listeners(&rset
, &wset
, &eset
);
994 check_dns_listeners(&rset
, now
);
997 check_tftp_listeners(&rset
, now
);
1001 if (daemon
->dhcp
|| daemon
->relay4
)
1003 if (FD_ISSET(daemon
->dhcpfd
, &rset
))
1004 dhcp_packet(now
, 0);
1005 if (daemon
->pxefd
!= -1 && FD_ISSET(daemon
->pxefd
, &rset
))
1006 dhcp_packet(now
, 1);
1010 if ((daemon
->doing_dhcp6
|| daemon
->relay6
) && FD_ISSET(daemon
->dhcp6fd
, &rset
))
1013 if (daemon
->doing_ra
&& FD_ISSET(daemon
->icmp6fd
, &rset
))
1018 if (daemon
->helperfd
!= -1 && FD_ISSET(daemon
->helperfd
, &wset
))
1026 static void sig_handler(int sig
)
1030 /* ignore anything other than TERM during startup
1031 and in helper proc. (helper ignore TERM too) */
1035 else if (pid
!= getpid())
1037 /* alarm is used to kill TCP children after a fixed time. */
1043 /* master process */
1044 int event
, errsave
= errno
;
1047 event
= EVENT_RELOAD
;
1048 else if (sig
== SIGCHLD
)
1049 event
= EVENT_CHILD
;
1050 else if (sig
== SIGALRM
)
1051 event
= EVENT_ALARM
;
1052 else if (sig
== SIGTERM
)
1054 else if (sig
== SIGUSR1
)
1056 else if (sig
== SIGUSR2
)
1057 event
= EVENT_REOPEN
;
1061 send_event(pipewrite
, event
, 0, NULL
);
1066 /* now == 0 -> queue immediate callback */
1067 void send_alarm(time_t event
, time_t now
)
1069 if (now
== 0 || event
!= 0)
1071 /* alarm(0) or alarm(-ve) doesn't do what we want.... */
1072 if ((now
== 0 || difftime(event
, now
) <= 0.0))
1073 send_event(pipewrite
, EVENT_ALARM
, 0, NULL
);
1075 alarm((unsigned)difftime(event
, now
));
1079 void queue_event(int event
)
1081 send_event(pipewrite
, event
, 0, NULL
);
1084 void send_event(int fd
, int event
, int data
, char *msg
)
1086 struct event_desc ev
;
1087 struct iovec iov
[2];
1091 ev
.msg_sz
= msg
? strlen(msg
) : 0;
1093 iov
[0].iov_base
= &ev
;
1094 iov
[0].iov_len
= sizeof(ev
);
1095 iov
[1].iov_base
= msg
;
1096 iov
[1].iov_len
= ev
.msg_sz
;
1098 /* error pipe, debug mode. */
1100 fatal_event(&ev
, msg
);
1102 /* pipe is non-blocking and struct event_desc is smaller than
1103 PIPE_BUF, so this either fails or writes everything */
1104 while (writev(fd
, iov
, msg
? 2 : 1) == -1 && errno
== EINTR
);
1107 /* NOTE: the memory used to return msg is leaked: use msgs in events only
1108 to describe fatal errors. */
1109 static int read_event(int fd
, struct event_desc
*evp
, char **msg
)
1113 if (!read_write(fd
, (unsigned char *)evp
, sizeof(struct event_desc
), 1))
1118 if (evp
->msg_sz
!= 0 &&
1119 (buf
= malloc(evp
->msg_sz
+ 1)) &&
1120 read_write(fd
, (unsigned char *)buf
, evp
->msg_sz
, 1))
1122 buf
[evp
->msg_sz
] = 0;
1129 static void fatal_event(struct event_desc
*ev
, char *msg
)
1138 case EVENT_FORK_ERR
:
1139 die(_("cannot fork into background: %s"), NULL
, EC_MISC
);
1141 case EVENT_PIPE_ERR
:
1142 die(_("failed to create helper: %s"), NULL
, EC_MISC
);
1145 die(_("setting capabilities failed: %s"), NULL
, EC_MISC
);
1147 case EVENT_USER_ERR
:
1148 die(_("failed to change user-id to %s: %s"), msg
, EC_MISC
);
1150 case EVENT_GROUP_ERR
:
1151 die(_("failed to change group-id to %s: %s"), msg
, EC_MISC
);
1154 die(_("failed to open pidfile %s: %s"), msg
, EC_FILE
);
1157 die(_("cannot open log %s: %s"), msg
, EC_FILE
);
1160 die(_("failed to load Lua script: %s"), msg
, EC_MISC
);
1162 case EVENT_TFTP_ERR
:
1163 die(_("TFTP directory %s inaccessible: %s"), msg
, EC_FILE
);
1167 static void async_event(int pipe
, time_t now
)
1170 struct event_desc ev
;
1174 /* NOTE: the memory used to return msg is leaked: use msgs in events only
1175 to describe fatal errors. */
1177 if (read_event(pipe
, &ev
, &msg
))
1182 if (option_bool(OPT_DNSSEC_VALID
) && option_bool(OPT_DNSSEC_TIME
))
1184 my_syslog(LOG_INFO
, _("now checking DNSSEC signature timestamps"));
1185 reset_option_bool(OPT_DNSSEC_TIME
);
1191 clear_cache_and_reload(now
);
1193 if (daemon
->port
!= 0)
1195 if (daemon
->resolv_files
&& option_bool(OPT_NO_POLL
))
1197 reload_servers(daemon
->resolv_files
->name
);
1201 if (daemon
->servers_file
)
1203 read_servers_file();
1217 if (daemon
->port
!= 0)
1223 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
1225 lease_prune(NULL
, now
);
1226 lease_update_file(now
);
1229 else if (daemon
->doing_ra
)
1230 /* Not doing DHCP, so no lease system, manage alarms for ra only */
1231 send_alarm(periodic_ra(now
), now
);
1237 /* See Stevens 5.10 */
1238 while ((p
= waitpid(-1, NULL
, WNOHANG
)) != 0)
1245 for (i
= 0 ; i
< MAX_PROCS
; i
++)
1246 if (daemon
->tcp_pids
[i
] == p
)
1247 daemon
->tcp_pids
[i
] = 0;
1251 my_syslog(LOG_WARNING
, _("script process killed by signal %d"), ev
.data
);
1255 my_syslog(LOG_WARNING
, _("script process exited with status %d"), ev
.data
);
1258 case EVENT_EXEC_ERR
:
1259 my_syslog(LOG_ERR
, _("failed to execute %s: %s"),
1260 daemon
->lease_change_command
, strerror(ev
.data
));
1263 /* necessary for fatal errors in helper */
1264 case EVENT_USER_ERR
:
1267 fatal_event(&ev
, msg
);
1271 /* Note: this may leave TCP-handling processes with the old file still open.
1272 Since any such process will die in CHILD_LIFETIME or probably much sooner,
1273 we leave them logging to the old file. */
1274 if (daemon
->log_file
!= NULL
)
1275 log_reopen(daemon
->log_file
);
1282 case EVENT_NEWROUTE
:
1284 /* Force re-reading resolv file right now, for luck. */
1285 poll_resolv(0, 1, now
);
1289 /* Knock all our children on the head. */
1290 for (i
= 0; i
< MAX_PROCS
; i
++)
1291 if (daemon
->tcp_pids
[i
] != 0)
1292 kill(daemon
->tcp_pids
[i
], SIGALRM
);
1294 #if defined(HAVE_SCRIPT)
1295 /* handle pending lease transitions */
1296 if (daemon
->helperfd
!= -1)
1298 /* block in writes until all done */
1299 if ((i
= fcntl(daemon
->helperfd
, F_GETFL
)) != -1)
1300 fcntl(daemon
->helperfd
, F_SETFL
, i
& ~O_NONBLOCK
);
1303 } while (!helper_buf_empty() || do_script_run(now
));
1304 close(daemon
->helperfd
);
1308 if (daemon
->lease_stream
)
1309 fclose(daemon
->lease_stream
);
1311 if (daemon
->runfile
)
1312 unlink(daemon
->runfile
);
1314 my_syslog(LOG_INFO
, _("exiting on receipt of SIGTERM"));
1320 static void poll_resolv(int force
, int do_reload
, time_t now
)
1322 struct resolvc
*res
, *latest
;
1323 struct stat statbuf
;
1324 time_t last_change
= 0;
1325 /* There may be more than one possible file.
1326 Go through and find the one which changed _last_.
1327 Warn of any which can't be read. */
1329 if (daemon
->port
== 0 || option_bool(OPT_NO_POLL
))
1332 for (latest
= NULL
, res
= daemon
->resolv_files
; res
; res
= res
->next
)
1333 if (stat(res
->name
, &statbuf
) == -1)
1342 my_syslog(LOG_WARNING
, _("failed to access %s: %s"), res
->name
, strerror(errno
));
1345 if (res
->mtime
!= 0)
1347 /* existing file evaporated, force selection of the latest
1348 file even if its mtime hasn't changed since we last looked */
1349 poll_resolv(1, do_reload
, now
);
1356 if (force
|| (statbuf
.st_mtime
!= res
->mtime
))
1358 res
->mtime
= statbuf
.st_mtime
;
1359 if (difftime(statbuf
.st_mtime
, last_change
) > 0.0)
1361 last_change
= statbuf
.st_mtime
;
1369 static int warned
= 0;
1370 if (reload_servers(latest
->name
))
1372 my_syslog(LOG_INFO
, _("reading %s"), latest
->name
);
1375 if (option_bool(OPT_RELOAD
) && do_reload
)
1376 clear_cache_and_reload(now
);
1383 my_syslog(LOG_WARNING
, _("no servers found in %s, will retry"), latest
->name
);
1390 void clear_cache_and_reload(time_t now
)
1394 if (daemon
->port
!= 0)
1398 if (daemon
->dhcp
|| daemon
->doing_dhcp6
)
1400 if (option_bool(OPT_ETHERS
))
1404 set_dynamic_inotify(AH_DHCP_HST
| AH_DHCP_OPT
, 0, NULL
, 0);
1406 dhcp_update_configs(daemon
->dhcp_conf
);
1407 lease_update_from_configs();
1408 lease_update_file(now
);
1409 lease_update_dns(1);
1412 else if (daemon
->doing_ra
)
1413 /* Not doing DHCP, so no lease system, manage
1414 alarms for ra only */
1415 send_alarm(periodic_ra(now
), now
);
1420 static int set_dns_listeners(time_t now
, fd_set
*set
, int *maxfdp
)
1422 struct serverfd
*serverfdp
;
1423 struct listener
*listener
;
1428 struct tftp_transfer
*transfer
;
1429 for (transfer
= daemon
->tftp_trans
; transfer
; transfer
= transfer
->next
)
1432 FD_SET(transfer
->sockfd
, set
);
1433 bump_maxfd(transfer
->sockfd
, maxfdp
);
1437 /* will we be able to get memory? */
1438 if (daemon
->port
!= 0)
1439 get_new_frec(now
, &wait
, 0);
1441 for (serverfdp
= daemon
->sfds
; serverfdp
; serverfdp
= serverfdp
->next
)
1443 FD_SET(serverfdp
->fd
, set
);
1444 bump_maxfd(serverfdp
->fd
, maxfdp
);
1447 if (daemon
->port
!= 0 && !daemon
->osport
)
1448 for (i
= 0; i
< RANDOM_SOCKS
; i
++)
1449 if (daemon
->randomsocks
[i
].refcount
!= 0)
1451 FD_SET(daemon
->randomsocks
[i
].fd
, set
);
1452 bump_maxfd(daemon
->randomsocks
[i
].fd
, maxfdp
);
1455 for (listener
= daemon
->listeners
; listener
; listener
= listener
->next
)
1457 /* only listen for queries if we have resources */
1458 if (listener
->fd
!= -1 && wait
== 0)
1460 FD_SET(listener
->fd
, set
);
1461 bump_maxfd(listener
->fd
, maxfdp
);
1464 /* death of a child goes through the select loop, so
1465 we don't need to explicitly arrange to wake up here */
1466 if (listener
->tcpfd
!= -1)
1467 for (i
= 0; i
< MAX_PROCS
; i
++)
1468 if (daemon
->tcp_pids
[i
] == 0)
1470 FD_SET(listener
->tcpfd
, set
);
1471 bump_maxfd(listener
->tcpfd
, maxfdp
);
1476 if (tftp
<= daemon
->tftp_max
&& listener
->tftpfd
!= -1)
1478 FD_SET(listener
->tftpfd
, set
);
1479 bump_maxfd(listener
->tftpfd
, maxfdp
);
1488 static void check_dns_listeners(fd_set
*set
, time_t now
)
1490 struct serverfd
*serverfdp
;
1491 struct listener
*listener
;
1494 for (serverfdp
= daemon
->sfds
; serverfdp
; serverfdp
= serverfdp
->next
)
1495 if (FD_ISSET(serverfdp
->fd
, set
))
1496 reply_query(serverfdp
->fd
, serverfdp
->source_addr
.sa
.sa_family
, now
);
1498 if (daemon
->port
!= 0 && !daemon
->osport
)
1499 for (i
= 0; i
< RANDOM_SOCKS
; i
++)
1500 if (daemon
->randomsocks
[i
].refcount
!= 0 &&
1501 FD_ISSET(daemon
->randomsocks
[i
].fd
, set
))
1502 reply_query(daemon
->randomsocks
[i
].fd
, daemon
->randomsocks
[i
].family
, now
);
1504 for (listener
= daemon
->listeners
; listener
; listener
= listener
->next
)
1506 if (listener
->fd
!= -1 && FD_ISSET(listener
->fd
, set
))
1507 receive_query(listener
, now
);
1510 if (listener
->tftpfd
!= -1 && FD_ISSET(listener
->tftpfd
, set
))
1511 tftp_request(listener
, now
);
1514 if (listener
->tcpfd
!= -1 && FD_ISSET(listener
->tcpfd
, set
))
1516 int confd
, client_ok
= 1;
1517 struct irec
*iface
= NULL
;
1519 union mysockaddr tcp_addr
;
1520 socklen_t tcp_len
= sizeof(union mysockaddr
);
1522 while ((confd
= accept(listener
->tcpfd
, NULL
, NULL
)) == -1 && errno
== EINTR
);
1527 if (getsockname(confd
, (struct sockaddr
*)&tcp_addr
, &tcp_len
) == -1)
1533 /* Make sure that the interface list is up-to-date.
1535 We do this here as we may need the results below, and
1536 the DNS code needs them for --interface-name stuff.
1538 Multiple calls to enumerate_interfaces() per select loop are
1539 inhibited, so calls to it in the child process (which doesn't select())
1540 have no effect. This avoids two processes reading from the same
1541 netlink fd and screwing the pooch entirely.
1544 enumerate_interfaces(0);
1546 if (option_bool(OPT_NOWILD
))
1547 iface
= listener
->iface
; /* May be NULL */
1551 char intr_name
[IF_NAMESIZE
];
1553 /* if we can find the arrival interface, check it's one that's allowed */
1554 if ((if_index
= tcp_interface(confd
, tcp_addr
.sa
.sa_family
)) != 0 &&
1555 indextoname(listener
->tcpfd
, if_index
, intr_name
))
1557 struct all_addr addr
;
1558 addr
.addr
.addr4
= tcp_addr
.in
.sin_addr
;
1560 if (tcp_addr
.sa
.sa_family
== AF_INET6
)
1561 addr
.addr
.addr6
= tcp_addr
.in6
.sin6_addr
;
1564 for (iface
= daemon
->interfaces
; iface
; iface
= iface
->next
)
1565 if (iface
->index
== if_index
)
1568 if (!iface
&& !loopback_exception(listener
->tcpfd
, tcp_addr
.sa
.sa_family
, &addr
, intr_name
))
1572 if (option_bool(OPT_CLEVERBIND
))
1573 iface
= listener
->iface
; /* May be NULL */
1576 /* Check for allowed interfaces when binding the wildcard address:
1577 we do this by looking for an interface with the same address as
1578 the local address of the TCP connection, then looking to see if that's
1579 an allowed interface. As a side effect, we get the netmask of the
1580 interface too, for localisation. */
1582 for (iface
= daemon
->interfaces
; iface
; iface
= iface
->next
)
1583 if (sockaddr_isequal(&iface
->addr
, &tcp_addr
))
1593 shutdown(confd
, SHUT_RDWR
);
1597 else if (!option_bool(OPT_DEBUG
) && (p
= fork()) != 0)
1602 for (i
= 0; i
< MAX_PROCS
; i
++)
1603 if (daemon
->tcp_pids
[i
] == 0)
1605 daemon
->tcp_pids
[i
] = p
;
1611 /* The child can use up to TCP_MAX_QUERIES ids, so skip that many. */
1612 daemon
->log_id
+= TCP_MAX_QUERIES
;
1617 unsigned char *buff
;
1620 struct in_addr netmask
;
1625 netmask
= iface
->netmask
;
1626 auth_dns
= iface
->dns_auth
;
1635 /* Arrange for SIGALARM after CHILD_LIFETIME seconds to
1636 terminate the process. */
1637 if (!option_bool(OPT_DEBUG
))
1638 alarm(CHILD_LIFETIME
);
1641 /* start with no upstream connections. */
1642 for (s
= daemon
->servers
; s
; s
= s
->next
)
1645 /* The connected socket inherits non-blocking
1646 attribute from the listening socket.
1648 if ((flags
= fcntl(confd
, F_GETFL
, 0)) != -1)
1649 fcntl(confd
, F_SETFL
, flags
& ~O_NONBLOCK
);
1651 buff
= tcp_request(confd
, now
, &tcp_addr
, netmask
, auth_dns
);
1653 shutdown(confd
, SHUT_RDWR
);
1659 for (s
= daemon
->servers
; s
; s
= s
->next
)
1662 shutdown(s
->tcpfd
, SHUT_RDWR
);
1666 if (!option_bool(OPT_DEBUG
))
1678 int make_icmp_sock(void)
1683 if ((fd
= socket (AF_INET
, SOCK_RAW
, IPPROTO_ICMP
)) != -1)
1686 setsockopt(fd
, SOL_SOCKET
, SO_DONTROUTE
, &zeroopt
, sizeof(zeroopt
)) == -1)
1696 int icmp_ping(struct in_addr addr
)
1698 /* Try and get an ICMP echo from a machine. */
1700 /* Note that whilst in the three second wait, we check for
1701 (and service) events on the DNS and TFTP sockets, (so doing that
1702 better not use any resources our caller has in use...)
1703 but we remain deaf to signals or further DHCP packets. */
1706 struct sockaddr_in saddr
;
1711 unsigned short id
= rand16();
1716 #if defined(HAVE_LINUX_NETWORK) || defined (HAVE_SOLARIS_NETWORK)
1717 if ((fd
= make_icmp_sock()) == -1)
1721 fd
= daemon
->dhcp_icmp_fd
;
1722 setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &opt
, sizeof(opt
));
1725 saddr
.sin_family
= AF_INET
;
1727 saddr
.sin_addr
= addr
;
1728 #ifdef HAVE_SOCKADDR_SA_LEN
1729 saddr
.sin_len
= sizeof(struct sockaddr_in
);
1732 memset(&packet
.icmp
, 0, sizeof(packet
.icmp
));
1733 packet
.icmp
.icmp_type
= ICMP_ECHO
;
1734 packet
.icmp
.icmp_id
= id
;
1735 for (j
= 0, i
= 0; i
< sizeof(struct icmp
) / 2; i
++)
1736 j
+= ((u16
*)&packet
.icmp
)[i
];
1738 j
= (j
& 0xffff) + (j
>> 16);
1739 packet
.icmp
.icmp_cksum
= (j
== 0xffff) ? j
: ~j
;
1741 while (sendto(fd
, (char *)&packet
.icmp
, sizeof(struct icmp
), 0,
1742 (struct sockaddr
*)&saddr
, sizeof(saddr
)) == -1 &&
1745 for (now
= start
= dnsmasq_time();
1746 difftime(now
, start
) < (float)PING_WAIT
;)
1750 struct sockaddr_in faddr
;
1752 socklen_t len
= sizeof(faddr
);
1754 tv
.tv_usec
= 250000;
1760 set_dns_listeners(now
, &rset
, &maxfd
);
1761 set_log_writer(&wset
, &maxfd
);
1764 if (daemon
->doing_ra
)
1766 FD_SET(daemon
->icmp6fd
, &rset
);
1767 bump_maxfd(daemon
->icmp6fd
, &maxfd
);
1771 if (select(maxfd
+1, &rset
, &wset
, NULL
, &tv
) < 0)
1777 now
= dnsmasq_time();
1779 check_log_writer(&wset
);
1780 check_dns_listeners(&rset
, now
);
1783 if (daemon
->doing_ra
&& FD_ISSET(daemon
->icmp6fd
, &rset
))
1788 check_tftp_listeners(&rset
, now
);
1791 if (FD_ISSET(fd
, &rset
) &&
1792 recvfrom(fd
, &packet
, sizeof(packet
), 0,
1793 (struct sockaddr
*)&faddr
, &len
) == sizeof(packet
) &&
1794 saddr
.sin_addr
.s_addr
== faddr
.sin_addr
.s_addr
&&
1795 packet
.icmp
.icmp_type
== ICMP_ECHOREPLY
&&
1796 packet
.icmp
.icmp_seq
== 0 &&
1797 packet
.icmp
.icmp_id
== id
)
1804 #if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK)
1808 setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &opt
, sizeof(opt
));