[thirdparty/systemd.git] / src / resolve / resolved-dns-stream.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2014 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <netinet/tcp.h>

#include "missing.h"
#include "resolved-dns-stream.h"

#define DNS_STREAM_TIMEOUT_USEC (10 * USEC_PER_SEC)
#define DNS_STREAMS_MAX 128

static void dns_stream_stop(DnsStream *s) {
        assert(s);

        s->io_event_source = sd_event_source_unref(s->io_event_source);
        s->timeout_event_source = sd_event_source_unref(s->timeout_event_source);
        s->fd = safe_close(s->fd);
}

static int dns_stream_update_io(DnsStream *s) {
        int f = 0;

        assert(s);

        if (s->write_packet && s->n_written < sizeof(s->write_size) + s->write_packet->size)
                f |= EPOLLOUT;
        if (!s->read_packet || s->n_read < sizeof(s->read_size) + s->read_packet->size)
                f |= EPOLLIN;

        return sd_event_source_set_io_events(s->io_event_source, f);
}

static int stream_complete(DnsStream *s, int error) {
        assert(s);

        dns_stream_stop(s);

        if (s->complete)
                s->complete(s, error);
        else
                dns_stream_free(s);

        return 0;
}

static int on_stream_timeout(sd_event_source *es, usec_t usec, void *userdata) {
        DnsStream *s = userdata;

        assert(s);

        return stream_complete(s, ETIMEDOUT);
}

static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
        DnsStream *s = userdata;
        int r;

        assert(s);

        if ((revents & EPOLLOUT) &&
            s->write_packet &&
            s->n_written < sizeof(s->write_size) + s->write_packet->size) {

                struct iovec iov[2];
                ssize_t ss;

                iov[0].iov_base = &s->write_size;
                iov[0].iov_len = sizeof(s->write_size);
                iov[1].iov_base = DNS_PACKET_DATA(s->write_packet);
                iov[1].iov_len = s->write_packet->size;

                IOVEC_INCREMENT(iov, 2, s->n_written);

                ss = writev(fd, iov, 2);
                if (ss < 0) {
                        if (errno != EINTR && errno != EAGAIN)
                                return stream_complete(s, errno);
                } else
                        s->n_written += ss;

                /* Are we done? If so, disable the event source for EPOLLOUT */
                if (s->n_written >= sizeof(s->write_size) + s->write_packet->size) {
                        r = dns_stream_update_io(s);
                        if (r < 0)
                                return stream_complete(s, -r);
                }
        }

        if ((revents & (EPOLLIN|EPOLLHUP|EPOLLRDHUP)) &&
            (!s->read_packet ||
             s->n_read < sizeof(s->read_size) + s->read_packet->size)) {

                if (s->n_read < sizeof(s->read_size)) {
                        ssize_t ss;

                        ss = read(fd, (uint8_t*) &s->read_size + s->n_read, sizeof(s->read_size) - s->n_read);
                        if (ss < 0) {
                                if (errno != EINTR && errno != EAGAIN)
                                        return stream_complete(s, errno);
                        } else if (ss == 0)
                                return stream_complete(s, ECONNRESET);
                        else
                                s->n_read += ss;
                }

                if (s->n_read >= sizeof(s->read_size)) {

                        if (be16toh(s->read_size) < DNS_PACKET_HEADER_SIZE)
                                return stream_complete(s, EBADMSG);

                        if (s->n_read < sizeof(s->read_size) + be16toh(s->read_size)) {
                                ssize_t ss;

                                if (!s->read_packet) {
                                        r = dns_packet_new(&s->read_packet, s->protocol, be16toh(s->read_size));
                                        if (r < 0)
                                                return stream_complete(s, -r);

                                        s->read_packet->size = be16toh(s->read_size);
                                        s->read_packet->ipproto = IPPROTO_TCP;
                                        s->read_packet->family = s->peer.sa.sa_family;
                                        s->read_packet->ttl = s->ttl;
                                        s->read_packet->ifindex = s->ifindex;

                                        if (s->read_packet->family == AF_INET) {
                                                s->read_packet->sender.in = s->peer.in.sin_addr;
                                                s->read_packet->sender_port = be16toh(s->peer.in.sin_port);
                                                s->read_packet->destination.in = s->local.in.sin_addr;
                                                s->read_packet->destination_port = be16toh(s->local.in.sin_port);
                                        } else {
                                                assert(s->read_packet->family == AF_INET6);
                                                s->read_packet->sender.in6 = s->peer.in6.sin6_addr;
                                                s->read_packet->sender_port = be16toh(s->peer.in6.sin6_port);
                                                s->read_packet->destination.in6 = s->local.in6.sin6_addr;
                                                s->read_packet->destination_port = be16toh(s->local.in6.sin6_port);

                                                if (s->read_packet->ifindex == 0)
                                                        s->read_packet->ifindex = s->peer.in6.sin6_scope_id;
                                                if (s->read_packet->ifindex == 0)
                                                        s->read_packet->ifindex = s->local.in6.sin6_scope_id;
                                        }
                                }

                                ss = read(fd,
                                          (uint8_t*) DNS_PACKET_DATA(s->read_packet) + s->n_read - sizeof(s->read_size),
                                          sizeof(s->read_size) + be16toh(s->read_size) - s->n_read);
                                if (ss < 0) {
                                        if (errno != EINTR && errno != EAGAIN)
                                                return stream_complete(s, errno);
                                } else if (ss == 0)
                                        return stream_complete(s, ECONNRESET);
                                else
                                        s->n_read += ss;
                        }

                        /* Are we done? If so, disable the event source for EPOLLIN */
                        if (s->n_read >= sizeof(s->read_size) + be16toh(s->read_size)) {
                                r = dns_stream_update_io(s);
                                if (r < 0)
                                        return stream_complete(s, -r);

                                /* If there's a packet handler
                                 * installed, call that. Note that
                                 * this is optional... */
                                if (s->on_packet)
                                        return s->on_packet(s);
                        }
                }
        }

        if ((s->write_packet && s->n_written >= sizeof(s->write_size) + s->write_packet->size) &&
            (s->read_packet && s->n_read >= sizeof(s->read_size) + s->read_packet->size))
                return stream_complete(s, 0);

        return 0;
}

DnsStream *dns_stream_free(DnsStream *s) {
        if (!s)
                return NULL;

        dns_stream_stop(s);

        if (s->manager) {
                LIST_REMOVE(streams, s->manager->dns_streams, s);
                s->manager->n_dns_streams--;
        }

        dns_packet_unref(s->write_packet);
        dns_packet_unref(s->read_packet);

        free(s);

        return 0;
}

DEFINE_TRIVIAL_CLEANUP_FUNC(DnsStream*, dns_stream_free);

int dns_stream_new(Manager *m, DnsStream **ret, DnsProtocol protocol, int fd) {
        static const int one = 1;
        union {
                struct cmsghdr header; /* For alignment */
                uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
                               + EXTRA_CMSG_SPACE /* kernel appears to require extra space */];
        } control;
        struct msghdr mh = {};
        struct cmsghdr *cmsg;
        _cleanup_(dns_stream_freep) DnsStream *s = NULL;
        socklen_t sl;
        int r;

        assert(m);
        assert(fd >= 0);

        if (m->n_dns_streams > DNS_STREAMS_MAX)
                return -EBUSY;

        s = new0(DnsStream, 1);
        if (!s)
                return -ENOMEM;

        s->fd = -1;
        s->protocol = protocol;

        /* Query the remote side */
        s->peer_salen = sizeof(s->peer);
        r = getpeername(fd, &s->peer.sa, &s->peer_salen);
        if (r < 0)
                return -errno;
        if (s->peer.sa.sa_family == AF_INET6)
                s->ifindex = s->peer.in6.sin6_scope_id;

        /* Query the local side */
        s->local_salen = sizeof(s->local);
        r = getsockname(fd, &s->local.sa, &s->local_salen);
        if (r < 0)
                return -errno;
        if (s->local.sa.sa_family == AF_INET6 && s->ifindex <= 0)
                s->ifindex = s->local.in6.sin6_scope_id;

        /* Check consistency */
        assert(s->peer.sa.sa_family == s->local.sa.sa_family);
        assert(IN_SET(s->peer.sa.sa_family, AF_INET, AF_INET6));

        /* Query connection meta information */
        sl = sizeof(control);
        if (s->peer.sa.sa_family == AF_INET) {
                r = getsockopt(fd, IPPROTO_IP, IP_PKTOPTIONS, &control, &sl);
                if (r < 0)
                        return -errno;
        } else {
                assert(s->peer.sa.sa_family == AF_INET6);

                r = getsockopt(fd, IPPROTO_IPV6, IPV6_2292PKTOPTIONS, &control, &sl);
                if (r < 0)
                        return -errno;
        }

        mh.msg_control = &control;
        mh.msg_controllen = sl;
        for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {

                if (cmsg->cmsg_level == IPPROTO_IPV6) {
                        assert(s->peer.sa.sa_family == AF_INET6);

                        switch (cmsg->cmsg_type) {

                        case IPV6_PKTINFO: {
                                struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);

                                if (s->ifindex <= 0)
                                        s->ifindex = i->ipi6_ifindex;
                                break;
                        }

                        case IPV6_HOPLIMIT:
                                s->ttl = *(int *) CMSG_DATA(cmsg);
                                break;
                        }

                } else if (cmsg->cmsg_level == IPPROTO_IP) {
                        assert(s->peer.sa.sa_family == AF_INET);

                        switch (cmsg->cmsg_type) {

                        case IP_PKTINFO: {
                                struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);

                                if (s->ifindex <= 0)
                                        s->ifindex = i->ipi_ifindex;
                                break;
                        }

                        case IP_TTL:
                                s->ttl = *(int *) CMSG_DATA(cmsg);
                                break;
                        }
                }
        }

        /* The Linux kernel sets the interface index to the loopback
         * device if the connection came from the local host since it
         * avoids the routing table in such a case. Let's unset the
         * interface index in such a case. */
        if (s->ifindex > 0 && manager_ifindex_is_loopback(m, s->ifindex) != 0)
                s->ifindex = 0;

        /* If we don't know the interface index still, we look for the
         * first local interface with a matching address. Yuck! */
        if (s->ifindex <= 0)
                s->ifindex = manager_find_ifindex(m, s->local.sa.sa_family, s->local.sa.sa_family == AF_INET ? (union in_addr_union*) &s->local.in.sin_addr : (union in_addr_union*)  &s->local.in6.sin6_addr);

        r = setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &one, sizeof(one));
        if (r < 0)
                return -errno;

        if (s->protocol == DNS_PROTOCOL_LLMNR && s->ifindex > 0) {
                uint32_t ifindex = htobe32(s->ifindex);

                /* Make sure all packets for this connection are sent on the same interface */
                if (s->local.sa.sa_family == AF_INET) {
                        r = setsockopt(fd, IPPROTO_IP, IP_UNICAST_IF, &ifindex, sizeof(ifindex));
                        if (r < 0)
                                return -errno;
                } else if (s->local.sa.sa_family == AF_INET6) {
                        r = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_IF, &ifindex, sizeof(ifindex));
                        if (r < 0)
                                return -errno;
                }
        }

        r = sd_event_add_io(m->event, &s->io_event_source, fd, EPOLLIN, on_stream_io, s);
        if (r < 0)
                return r;

        r = sd_event_add_time(m->event, &s->timeout_event_source, CLOCK_MONOTONIC, now(CLOCK_MONOTONIC) + DNS_STREAM_TIMEOUT_USEC, 0, on_stream_timeout, s);
        if (r < 0)
                return r;

        LIST_PREPEND(streams, m->dns_streams, s);
        s->manager = m;
        s->fd = fd;
        m->n_dns_streams++;

        *ret = s;
        s = NULL;

        return 0;
}

int dns_stream_write_packet(DnsStream *s, DnsPacket *p) {
        assert(s);

        if (s->write_packet)
                return -EBUSY;

        s->write_packet = dns_packet_ref(p);
        s->write_size = htobe16(p->size);
        s->n_written = 0;

        return dns_stream_update_io(s);
}
Commit	Line	Data
623a4c97 LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2014 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <netinet/tcp.h>
	23
	24	#include "missing.h"
	25	#include "resolved-dns-stream.h"
	26
	27	#define DNS_STREAM_TIMEOUT_USEC (10 * USEC_PER_SEC)
	28	#define DNS_STREAMS_MAX 128
	29
	30	static void dns_stream_stop(DnsStream *s) {
	31	assert(s);
	32
	33	s->io_event_source = sd_event_source_unref(s->io_event_source);
	34	s->timeout_event_source = sd_event_source_unref(s->timeout_event_source);
	35	s->fd = safe_close(s->fd);
	36	}
	37
	38	static int dns_stream_update_io(DnsStream *s) {
	39	int f = 0;
	40
	41	assert(s);
	42
	43	if (s->write_packet && s->n_written < sizeof(s->write_size) + s->write_packet->size)
	44	f \|= EPOLLOUT;
	45	if (!s->read_packet \|\| s->n_read < sizeof(s->read_size) + s->read_packet->size)
	46	f \|= EPOLLIN;
	47
	48	return sd_event_source_set_io_events(s->io_event_source, f);
	49	}
	50
	51	static int stream_complete(DnsStream *s, int error) {
	52	assert(s);
	53
	54	dns_stream_stop(s);
	55
	56	if (s->complete)
	57	s->complete(s, error);
	58	else
	59	dns_stream_free(s);
	60
	61	return 0;
	62	}
	63
	64	static int on_stream_timeout(sd_event_source es, usec_t usec, void userdata) {
65	DnsStream *s = userdata;
66
67	assert(s);
68
69	return stream_complete(s, ETIMEDOUT);
70	}
71
72	static int on_stream_io(sd_event_source es, int fd, uint32_t revents, void userdata) {
73	DnsStream *s = userdata;
74	int r;
75
76	assert(s);
77
78	if ((revents & EPOLLOUT) &&
79	s->write_packet &&
80	s->n_written < sizeof(s->write_size) + s->write_packet->size) {
81
82	struct iovec iov[2];
83	ssize_t ss;
84
85	iov[0].iov_base = &s->write_size;
86	iov[0].iov_len = sizeof(s->write_size);
87	iov[1].iov_base = DNS_PACKET_DATA(s->write_packet);
88	iov[1].iov_len = s->write_packet->size;
89
90	IOVEC_INCREMENT(iov, 2, s->n_written);
91
92	ss = writev(fd, iov, 2);
93	if (ss < 0) {
94	if (errno != EINTR && errno != EAGAIN)
95	return stream_complete(s, errno);
96	} else
97	s->n_written += ss;
98
99	/* Are we done? If so, disable the event source for EPOLLOUT */
100	if (s->n_written >= sizeof(s->write_size) + s->write_packet->size) {
101	r = dns_stream_update_io(s);
102	if (r < 0)
103	return stream_complete(s, -r);
104	}
105	}
106
107	if ((revents & (EPOLLIN\|EPOLLHUP\|EPOLLRDHUP)) &&
108	(!s->read_packet \|\|
109	s->n_read < sizeof(s->read_size) + s->read_packet->size)) {
110
111	if (s->n_read < sizeof(s->read_size)) {
112	ssize_t ss;
113
114	ss = read(fd, (uint8_t*) &s->read_size + s->n_read, sizeof(s->read_size) - s->n_read);
115	if (ss < 0) {
116	if (errno != EINTR && errno != EAGAIN)
117	return stream_complete(s, errno);
118	} else if (ss == 0)
119	return stream_complete(s, ECONNRESET);
120	else
121	s->n_read += ss;
122	}
123
124	if (s->n_read >= sizeof(s->read_size)) {
125
126	if (be16toh(s->read_size) < DNS_PACKET_HEADER_SIZE)
127	return stream_complete(s, EBADMSG);
128
129	if (s->n_read < sizeof(s->read_size) + be16toh(s->read_size)) {
130	ssize_t ss;
131
132	if (!s->read_packet) {
133	r = dns_packet_new(&s->read_packet, s->protocol, be16toh(s->read_size));
134	if (r < 0)
135	return stream_complete(s, -r);
136
137	s->read_packet->size = be16toh(s->read_size);
138	s->read_packet->ipproto = IPPROTO_TCP;
139	s->read_packet->family = s->peer.sa.sa_family;
140	s->read_packet->ttl = s->ttl;
141	s->read_packet->ifindex = s->ifindex;
142
143	if (s->read_packet->family == AF_INET) {
144	s->read_packet->sender.in = s->peer.in.sin_addr;
145	s->read_packet->sender_port = be16toh(s->peer.in.sin_port);
146	s->read_packet->destination.in = s->local.in.sin_addr;
147	s->read_packet->destination_port = be16toh(s->local.in.sin_port);
148	} else {
149	assert(s->read_packet->family == AF_INET6);
150	s->read_packet->sender.in6 = s->peer.in6.sin6_addr;
151	s->read_packet->sender_port = be16toh(s->peer.in6.sin6_port);
152	s->read_packet->destination.in6 = s->local.in6.sin6_addr;
153	s->read_packet->destination_port = be16toh(s->local.in6.sin6_port);
154
155	if (s->read_packet->ifindex == 0)
156	s->read_packet->ifindex = s->peer.in6.sin6_scope_id;
157	if (s->read_packet->ifindex == 0)
158	s->read_packet->ifindex = s->local.in6.sin6_scope_id;
159	}
160	}
161
162	ss = read(fd,
163	(uint8_t*) DNS_PACKET_DATA(s->read_packet) + s->n_read - sizeof(s->read_size),
164	sizeof(s->read_size) + be16toh(s->read_size) - s->n_read);
165	if (ss < 0) {
166	if (errno != EINTR && errno != EAGAIN)
167	return stream_complete(s, errno);
168	} else if (ss == 0)
169	return stream_complete(s, ECONNRESET);
170	else
171	s->n_read += ss;
172	}
173
174	/* Are we done? If so, disable the event source for EPOLLIN */
175	if (s->n_read >= sizeof(s->read_size) + be16toh(s->read_size)) {
176	r = dns_stream_update_io(s);
177	if (r < 0)
178	return stream_complete(s, -r);
179
180	/* If there's a packet handler
181	* installed, call that. Note that
182	* this is optional... */
183	if (s->on_packet)
184	return s->on_packet(s);
185	}
186	}
187	}
188
189	if ((s->write_packet && s->n_written >= sizeof(s->write_size) + s->write_packet->size) &&
190	(s->read_packet && s->n_read >= sizeof(s->read_size) + s->read_packet->size))
191	return stream_complete(s, 0);
192
193	return 0;
194	}
195
196	DnsStream dns_stream_free(DnsStream s) {
197	if (!s)
198	return NULL;
199
200	dns_stream_stop(s);
201
202	if (s->manager) {
203	LIST_REMOVE(streams, s->manager->dns_streams, s);
204	s->manager->n_dns_streams--;
205	}
206
207	dns_packet_unref(s->write_packet);
208	dns_packet_unref(s->read_packet);
209
210	free(s);
211
212	return 0;
213	}
214
215	DEFINE_TRIVIAL_CLEANUP_FUNC(DnsStream*, dns_stream_free);
216
217	int dns_stream_new(Manager m, DnsStream *ret, DnsProtocol protocol, int fd) {
218	static const int one = 1;
219	union {
220	struct cmsghdr header; /* For alignment */
221	uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
222	+ EXTRA_CMSG_SPACE /* kernel appears to require extra space */];
223	} control;
224	struct msghdr mh = {};
225	struct cmsghdr *cmsg;
226	_cleanup_(dns_stream_freep) DnsStream *s = NULL;
227	socklen_t sl;
228	int r;
229
230	assert(m);
231	assert(fd >= 0);
232
233	if (m->n_dns_streams > DNS_STREAMS_MAX)
234	return -EBUSY;
235
236	s = new0(DnsStream, 1);
237	if (!s)
238	return -ENOMEM;
239
240	s->fd = -1;
241	s->protocol = protocol;
242
243	/* Query the remote side */
244	s->peer_salen = sizeof(s->peer);
245	r = getpeername(fd, &s->peer.sa, &s->peer_salen);
246	if (r < 0)
247	return -errno;
248	if (s->peer.sa.sa_family == AF_INET6)
249	s->ifindex = s->peer.in6.sin6_scope_id;
250
251	/* Query the local side */
252	s->local_salen = sizeof(s->local);
253	r = getsockname(fd, &s->local.sa, &s->local_salen);
254	if (r < 0)
255	return -errno;
256	if (s->local.sa.sa_family == AF_INET6 && s->ifindex <= 0)
257	s->ifindex = s->local.in6.sin6_scope_id;
258
259	/* Check consistency */
260	assert(s->peer.sa.sa_family == s->local.sa.sa_family);
261	assert(IN_SET(s->peer.sa.sa_family, AF_INET, AF_INET6));
262
263	/* Query connection meta information */
264	sl = sizeof(control);
265	if (s->peer.sa.sa_family == AF_INET) {
266	r = getsockopt(fd, IPPROTO_IP, IP_PKTOPTIONS, &control, &sl);
267	if (r < 0)
268	return -errno;
269	} else {
270	assert(s->peer.sa.sa_family == AF_INET6);
271
272	r = getsockopt(fd, IPPROTO_IPV6, IPV6_2292PKTOPTIONS, &control, &sl);
273	if (r < 0)
274	return -errno;
275	}
276
277	mh.msg_control = &control;
278	mh.msg_controllen = sl;
279	for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
280
281	if (cmsg->cmsg_level == IPPROTO_IPV6) {
282	assert(s->peer.sa.sa_family == AF_INET6);
283
284	switch (cmsg->cmsg_type) {
285
286	case IPV6_PKTINFO: {
287	struct in6_pktinfo i = (struct in6_pktinfo) CMSG_DATA(cmsg);
288
289	if (s->ifindex <= 0)
290	s->ifindex = i->ipi6_ifindex;
291	break;
292	}
293
294	case IPV6_HOPLIMIT:
295	s->ttl = (int ) CMSG_DATA(cmsg);
296	break;
297	}
298
299	} else if (cmsg->cmsg_level == IPPROTO_IP) {
300	assert(s->peer.sa.sa_family == AF_INET);
301
302	switch (cmsg->cmsg_type) {
303
304	case IP_PKTINFO: {
305	struct in_pktinfo i = (struct in_pktinfo) CMSG_DATA(cmsg);
306
307	if (s->ifindex <= 0)
308	s->ifindex = i->ipi_ifindex;
309	break;
310	}
311
312	case IP_TTL:
313	s->ttl = (int ) CMSG_DATA(cmsg);
314	break;
315	}
316	}
317	}
318
319	/* The Linux kernel sets the interface index to the loopback
320	* device if the connection came from the local host since it
321	* avoids the routing table in such a case. Let's unset the
322	* interface index in such a case. */
323	if (s->ifindex > 0 && manager_ifindex_is_loopback(m, s->ifindex) != 0)
324	s->ifindex = 0;
325
326	/* If we don't know the interface index still, we look for the
327	* first local interface with a matching address. Yuck! */
328	if (s->ifindex <= 0)
329	s->ifindex = manager_find_ifindex(m, s->local.sa.sa_family, s->local.sa.sa_family == AF_INET ? (union in_addr_union) &s->local.in.sin_addr : (union in_addr_union) &s->local.in6.sin6_addr);
330
331	r = setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &one, sizeof(one));
332	if (r < 0)
333	return -errno;
334
335	if (s->protocol == DNS_PROTOCOL_LLMNR && s->ifindex > 0) {
336	uint32_t ifindex = htobe32(s->ifindex);
337
338	/* Make sure all packets for this connection are sent on the same interface */
339	if (s->local.sa.sa_family == AF_INET) {
340	r = setsockopt(fd, IPPROTO_IP, IP_UNICAST_IF, &ifindex, sizeof(ifindex));
341	if (r < 0)
342	return -errno;
343	} else if (s->local.sa.sa_family == AF_INET6) {
344	r = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_IF, &ifindex, sizeof(ifindex));
345	if (r < 0)
346	return -errno;
347	}
348	}
349
350	r = sd_event_add_io(m->event, &s->io_event_source, fd, EPOLLIN, on_stream_io, s);
351	if (r < 0)
352	return r;
353
354	r = sd_event_add_time(m->event, &s->timeout_event_source, CLOCK_MONOTONIC, now(CLOCK_MONOTONIC) + DNS_STREAM_TIMEOUT_USEC, 0, on_stream_timeout, s);
355	if (r < 0)
356	return r;
357
358	LIST_PREPEND(streams, m->dns_streams, s);
359	s->manager = m;
360	s->fd = fd;
361	m->n_dns_streams++;
362
363	*ret = s;
364	s = NULL;
365
366	return 0;
367	}
368
369	int dns_stream_write_packet(DnsStream s, DnsPacket p) {
370	assert(s);
371
372	if (s->write_packet)
373	return -EBUSY;
374
375	s->write_packet = dns_packet_ref(p);
376	s->write_size = htobe16(p->size);
377	s->n_written = 0;
378
379	return dns_stream_update_io(s);
380	}