[thirdparty/systemd.git] / src / resolve / resolved-llmnr.c

/* SPDX-License-Identifier: LGPL-2.1+ */

#include <netinet/in.h>
#include <resolv.h>

#include "errno-util.h"
#include "fd-util.h"
#include "resolved-llmnr.h"
#include "resolved-manager.h"

void manager_llmnr_stop(Manager *m) {
        assert(m);

        m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
        m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);

        m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
        m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);

        m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
        m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);

        m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
        m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
}

int manager_llmnr_start(Manager *m) {
        int r;

        assert(m);

        if (m->llmnr_support == RESOLVE_SUPPORT_NO)
                return 0;

        r = manager_llmnr_ipv4_udp_fd(m);
        if (r == -EADDRINUSE)
                goto eaddrinuse;
        if (r < 0)
                return r;

        r = manager_llmnr_ipv4_tcp_fd(m);
        if (r == -EADDRINUSE)
                goto eaddrinuse;
        if (r < 0)
                return r;

        if (socket_ipv6_is_supported()) {
                r = manager_llmnr_ipv6_udp_fd(m);
                if (r == -EADDRINUSE)
                        goto eaddrinuse;
                if (r < 0)
                        return r;

                r = manager_llmnr_ipv6_tcp_fd(m);
                if (r == -EADDRINUSE)
                        goto eaddrinuse;
                if (r < 0)
                        return r;
        }

        return 0;

eaddrinuse:
        log_warning("Another LLMNR responder prohibits binding the socket to the same port. Turning off LLMNR support.");
        m->llmnr_support = RESOLVE_SUPPORT_NO;
        manager_llmnr_stop(m);

        return 0;
}

static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
        _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
        DnsTransaction *t = NULL;
        Manager *m = userdata;
        DnsScope *scope;
        int r;

        assert(s);
        assert(fd >= 0);
        assert(m);

        r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
        if (r <= 0)
                return r;

        if (manager_our_packet(m, p))
                return 0;

        scope = manager_find_scope(m, p);
        if (!scope) {
                log_debug("Got LLMNR UDP packet on unknown scope. Ignoring.");
                return 0;
        }

        if (dns_packet_validate_reply(p) > 0) {
                log_debug("Got LLMNR UDP reply packet for id %u", DNS_PACKET_ID(p));

                dns_scope_check_conflicts(scope, p);

                t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
                if (t)
                        dns_transaction_process_reply(t, p);

        } else if (dns_packet_validate_query(p) > 0)  {
                log_debug("Got LLMNR UDP query packet for id %u", DNS_PACKET_ID(p));

                dns_scope_process_query(scope, NULL, p);
        } else
                log_debug("Invalid LLMNR UDP packet, ignoring.");

        return 0;
}

int manager_llmnr_ipv4_udp_fd(Manager *m) {
        union sockaddr_union sa = {
                .in.sin_family = AF_INET,
                .in.sin_port = htobe16(LLMNR_PORT),
        };
        _cleanup_close_ int s = -1;
        int r;

        assert(m);

        if (m->llmnr_ipv4_udp_fd >= 0)
                return m->llmnr_ipv4_udp_fd;

        s = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
        if (s < 0)
                return log_error_errno(errno, "LLMNR-IPv4(UDP): Failed to create socket: %m");

        /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
        r = setsockopt_int(s, IPPROTO_IP, IP_TTL, 255);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_TTL: %m");

        r = setsockopt_int(s, IPPROTO_IP, IP_MULTICAST_TTL, 255);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_MULTICAST_TTL: %m");

        r = setsockopt_int(s, IPPROTO_IP, IP_MULTICAST_LOOP, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_MULTICAST_LOOP: %m");

        r = setsockopt_int(s, IPPROTO_IP, IP_PKTINFO, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_PKTINFO: %m");

        r = setsockopt_int(s, IPPROTO_IP, IP_RECVTTL, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_RECVTTL: %m");

        /* Disable Don't-Fragment bit in the IP header */
        r = setsockopt_int(s, IPPROTO_IP, IP_MTU_DISCOVER, IP_PMTUDISC_DONT);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_MTU_DISCOVER: %m");

        /* first try to bind without SO_REUSEADDR to detect another LLMNR responder */
        r = bind(s, &sa.sa, sizeof(sa.in));
        if (r < 0) {
                if (errno != EADDRINUSE)
                        return log_error_errno(errno, "LLMNR-IPv4(UDP): Failed to bind socket: %m");

                log_warning("LLMNR-IPv4(UDP): There appears to be another LLMNR responder running, or previously systemd-resolved crashed with some outstanding transfers.");

                /* try again with SO_REUSEADDR */
                r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
                if (r < 0)
                        return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set SO_REUSEADDR: %m");

                r = bind(s, &sa.sa, sizeof(sa.in));
                if (r < 0)
                        return log_error_errno(errno, "LLMNR-IPv4(UDP): Failed to bind socket: %m");
        } else {
                /* enable SO_REUSEADDR for the case that the user really wants multiple LLMNR responders */
                r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
                if (r < 0)
                        return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set SO_REUSEADDR: %m");
        }

        r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, s, EPOLLIN, on_llmnr_packet, m);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to create event source: %m");

        (void) sd_event_source_set_description(m->llmnr_ipv4_udp_event_source, "llmnr-ipv4-udp");

        return m->llmnr_ipv4_udp_fd = TAKE_FD(s);
}

int manager_llmnr_ipv6_udp_fd(Manager *m) {
        union sockaddr_union sa = {
                .in6.sin6_family = AF_INET6,
                .in6.sin6_port = htobe16(LLMNR_PORT),
        };
        _cleanup_close_ int s = -1;
        int r;

        assert(m);

        if (m->llmnr_ipv6_udp_fd >= 0)
                return m->llmnr_ipv6_udp_fd;

        s = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
        if (s < 0)
                return log_error_errno(errno, "LLMNR-IPv6(UDP): Failed to create socket: %m");

        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_UNICAST_HOPS, 255);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_UNICAST_HOPS: %m");

        /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 255);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_MULTICAST_HOPS: %m");

        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_MULTICAST_LOOP: %m");

        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_V6ONLY, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_V6ONLY: %m");

        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_RECVPKTINFO, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_RECVPKTINFO: %m");

        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_RECVHOPLIMIT: %m");

        /* first try to bind without SO_REUSEADDR to detect another LLMNR responder */
        r = bind(s, &sa.sa, sizeof(sa.in6));
        if (r < 0) {
                if (errno != EADDRINUSE)
                        return log_error_errno(errno, "LLMNR-IPv6(UDP): Failed to bind socket: %m");

                log_warning("LLMNR-IPv6(UDP): There appears to be another LLMNR responder running, or previously systemd-resolved crashed with some outstanding transfers.");

                /* try again with SO_REUSEADDR */
                r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
                if (r < 0)
                        return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set SO_REUSEADDR: %m");

                r = bind(s, &sa.sa, sizeof(sa.in6));
                if (r < 0)
                        return log_error_errno(errno, "LLMNR-IPv6(UDP): Failed to bind socket: %m");
        } else {
                /* enable SO_REUSEADDR for the case that the user really wants multiple LLMNR responders */
                r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
                if (r < 0)
                        return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set SO_REUSEADDR: %m");
        }

        r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, s, EPOLLIN, on_llmnr_packet, m);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to create event source: %m");

        (void) sd_event_source_set_description(m->llmnr_ipv6_udp_event_source, "llmnr-ipv6-udp");

        return m->llmnr_ipv6_udp_fd = TAKE_FD(s);
}

static int on_llmnr_stream_packet(DnsStream *s) {
        _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
        DnsScope *scope;

        assert(s);

        p = dns_stream_take_read_packet(s);
        assert(p);

        scope = manager_find_scope(s->manager, p);
        if (!scope)
                log_debug("Got LLMNR TCP packet on unknown scope. Ignoring.");
        else if (dns_packet_validate_query(p) > 0) {
                log_debug("Got LLMNR TCP query packet for id %u", DNS_PACKET_ID(p));

                dns_scope_process_query(scope, s, p);
        } else
                log_debug("Invalid LLMNR TCP packet, ignoring.");

        dns_stream_unref(s);
        return 0;
}

static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
        DnsStream *stream;
        Manager *m = userdata;
        int cfd, r;

        cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
        if (cfd < 0) {
                if (ERRNO_IS_ACCEPT_AGAIN(errno))
                        return 0;

                return -errno;
        }

        r = dns_stream_new(m, &stream, DNS_STREAM_LLMNR_RECV, DNS_PROTOCOL_LLMNR, cfd, NULL);
        if (r < 0) {
                safe_close(cfd);
                return r;
        }

        stream->on_packet = on_llmnr_stream_packet;
        /* We don't configure a "complete" handler here, we rely on the default handler than simply drops the
         * reference to the stream, thus freeing it */
        return 0;
}

int manager_llmnr_ipv4_tcp_fd(Manager *m) {
        union sockaddr_union sa = {
                .in.sin_family = AF_INET,
                .in.sin_port = htobe16(LLMNR_PORT),
        };
        _cleanup_close_ int s = -1;
        int r;

        assert(m);

        if (m->llmnr_ipv4_tcp_fd >= 0)
                return m->llmnr_ipv4_tcp_fd;

        s = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
        if (s < 0)
                return log_error_errno(errno, "LLMNR-IPv4(TCP): Failed to create socket: %m");

        /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
        r = setsockopt_int(s, IPPROTO_IP, IP_TTL, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set IP_TTL: %m");

        r = setsockopt_int(s, IPPROTO_IP, IP_PKTINFO, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set IP_PKTINFO: %m");

        r = setsockopt_int(s, IPPROTO_IP, IP_RECVTTL, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set IP_RECVTTL: %m");

        /* Disable Don't-Fragment bit in the IP header */
        r = setsockopt_int(s, IPPROTO_IP, IP_MTU_DISCOVER, IP_PMTUDISC_DONT);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set IP_MTU_DISCOVER: %m");

        /* first try to bind without SO_REUSEADDR to detect another LLMNR responder */
        r = bind(s, &sa.sa, sizeof(sa.in));
        if (r < 0) {
                if (errno != EADDRINUSE)
                        return log_error_errno(errno, "LLMNR-IPv4(TCP): Failed to bind socket: %m");

                log_warning("LLMNR-IPv4(TCP): There appears to be another LLMNR responder running, or previously systemd-resolved crashed with some outstanding transfers.");

                /* try again with SO_REUSEADDR */
                r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
                if (r < 0)
                        return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set SO_REUSEADDR: %m");

                r = bind(s, &sa.sa, sizeof(sa.in));
                if (r < 0)
                        return log_error_errno(errno, "LLMNR-IPv4(TCP): Failed to bind socket: %m");
        } else {
                /* enable SO_REUSEADDR for the case that the user really wants multiple LLMNR responders */
                r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
                if (r < 0)
                        return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set SO_REUSEADDR: %m");
        }

        r = listen(s, SOMAXCONN);
        if (r < 0)
                return log_error_errno(errno, "LLMNR-IPv4(TCP): Failed to listen the stream: %m");

        r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, s, EPOLLIN, on_llmnr_stream, m);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to create event source: %m");

        (void) sd_event_source_set_description(m->llmnr_ipv4_tcp_event_source, "llmnr-ipv4-tcp");

        return m->llmnr_ipv4_tcp_fd = TAKE_FD(s);
}

int manager_llmnr_ipv6_tcp_fd(Manager *m) {
        union sockaddr_union sa = {
                .in6.sin6_family = AF_INET6,
                .in6.sin6_port = htobe16(LLMNR_PORT),
        };
        _cleanup_close_ int s = -1;
        int r;

        assert(m);

        if (m->llmnr_ipv6_tcp_fd >= 0)
                return m->llmnr_ipv6_tcp_fd;

        s = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
        if (s < 0)
                return log_error_errno(errno, "LLMNR-IPv6(TCP): Failed to create socket: %m");

        /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_UNICAST_HOPS, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set IPV6_UNICAST_HOPS: %m");

        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_V6ONLY, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set IPV6_V6ONLY: %m");

        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_RECVPKTINFO, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set IPV6_RECVPKTINFO: %m");

        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, true);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set IPV6_RECVHOPLIMIT: %m");

        /* first try to bind without SO_REUSEADDR to detect another LLMNR responder */
        r = bind(s, &sa.sa, sizeof(sa.in6));
        if (r < 0) {
                if (errno != EADDRINUSE)
                        return log_error_errno(errno, "LLMNR-IPv6(TCP): Failed to bind socket: %m");

                log_warning("LLMNR-IPv6(TCP): There appears to be another LLMNR responder running, or previously systemd-resolved crashed with some outstanding transfers.");

                /* try again with SO_REUSEADDR */
                r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
                if (r < 0)
                        return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set SO_REUSEADDR: %m");

                r = bind(s, &sa.sa, sizeof(sa.in6));
                if (r < 0)
                        return log_error_errno(errno, "LLMNR-IPv6(TCP): Failed to bind socket: %m");
        } else {
                /* enable SO_REUSEADDR for the case that the user really wants multiple LLMNR responders */
                r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
                if (r < 0)
                        return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set SO_REUSEADDR: %m");
        }

        r = listen(s, SOMAXCONN);
        if (r < 0)
                return log_error_errno(errno, "LLMNR-IPv6(TCP): Failed to listen the stream: %m");

        r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, s, EPOLLIN, on_llmnr_stream, m);
        if (r < 0)
                return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to create event source: %m");

        (void) sd_event_source_set_description(m->llmnr_ipv6_tcp_event_source, "llmnr-ipv6-tcp");

        return m->llmnr_ipv6_tcp_fd = TAKE_FD(s);
}
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
5f402ae8	2
5f402ae8	3	#include <netinet/in.h>
cf0fbc49	4	#include <resolv.h>
5f402ae8	5
4ff9bc2e	6	#include "errno-util.h"
3ffd4af2	7	#include "fd-util.h"
5f402ae8	8	#include "resolved-llmnr.h"
3ffd4af2	9	#include "resolved-manager.h"
5f402ae8 DM	10
	11	void manager_llmnr_stop(Manager *m) {
	12	assert(m);
	13
	14	m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
	15	m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
	16
	17	m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
	18	m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
	19
	20	m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
	21	m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
	22
	23	m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
	24	m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
	25	}
	26
	27	int manager_llmnr_start(Manager *m) {
	28	int r;
	29
	30	assert(m);
	31
af49ca27	32	if (m->llmnr_support == RESOLVE_SUPPORT_NO)
5f402ae8 DM	33	return 0;
	34
	35	r = manager_llmnr_ipv4_udp_fd(m);
	36	if (r == -EADDRINUSE)
	37	goto eaddrinuse;
	38	if (r < 0)
	39	return r;
	40
	41	r = manager_llmnr_ipv4_tcp_fd(m);
	42	if (r == -EADDRINUSE)
	43	goto eaddrinuse;
	44	if (r < 0)
	45	return r;
	46
	47	if (socket_ipv6_is_supported()) {
	48	r = manager_llmnr_ipv6_udp_fd(m);
	49	if (r == -EADDRINUSE)
	50	goto eaddrinuse;
	51	if (r < 0)
	52	return r;
	53
	54	r = manager_llmnr_ipv6_tcp_fd(m);
	55	if (r == -EADDRINUSE)
	56	goto eaddrinuse;
	57	if (r < 0)
	58	return r;
	59	}
	60
	61	return 0;
	62
	63	eaddrinuse:
007ef0a2	64	log_warning("Another LLMNR responder prohibits binding the socket to the same port. Turning off LLMNR support.");
af49ca27	65	m->llmnr_support = RESOLVE_SUPPORT_NO;
5f402ae8 DM	66	manager_llmnr_stop(m);
	67
	68	return 0;
	69	}
	70
	71	static int on_llmnr_packet(sd_event_source s, int fd, uint32_t revents, void userdata) {
	72	_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
	73	DnsTransaction *t = NULL;
	74	Manager *m = userdata;
	75	DnsScope *scope;
	76	int r;
	77
b30bf55d LP	78	assert(s);
	79	assert(fd >= 0);
	80	assert(m);
	81
5f402ae8 DM	82	r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
	83	if (r <= 0)
	84	return r;
	85
6cae1ebe LP	86	if (manager_our_packet(m, p))
	87	return 0;
	88
5f402ae8	89	scope = manager_find_scope(m, p);
f1b1a5c4 LP	90	if (!scope) {
	91	log_debug("Got LLMNR UDP packet on unknown scope. Ignoring.");
	92	return 0;
	93	}
	94
	95	if (dns_packet_validate_reply(p) > 0) {
b30bf55d	96	log_debug("Got LLMNR UDP reply packet for id %u", DNS_PACKET_ID(p));
5f402ae8 DM	97
	98	dns_scope_check_conflicts(scope, p);
	99
	100	t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
	101	if (t)
	102	dns_transaction_process_reply(t, p);
	103
	104	} else if (dns_packet_validate_query(p) > 0) {
b30bf55d	105	log_debug("Got LLMNR UDP query packet for id %u", DNS_PACKET_ID(p));
5f402ae8 DM	106
	107	dns_scope_process_query(scope, NULL, p);
	108	} else
2c6bf498	109	log_debug("Invalid LLMNR UDP packet, ignoring.");
5f402ae8 DM	110
	111	return 0;
	112	}
	113
	114	int manager_llmnr_ipv4_udp_fd(Manager *m) {
	115	union sockaddr_union sa = {
	116	.in.sin_family = AF_INET,
22a37591	117	.in.sin_port = htobe16(LLMNR_PORT),
5f402ae8	118	};
3f548fff	119	_cleanup_close_ int s = -1;
5f402ae8 DM	120	int r;
	121
	122	assert(m);
	123
	124	if (m->llmnr_ipv4_udp_fd >= 0)
	125	return m->llmnr_ipv4_udp_fd;
	126
3f548fff YW	127	s = socket(AF_INET, SOCK_DGRAM\|SOCK_CLOEXEC\|SOCK_NONBLOCK, 0);
3f548fff YW	128	if (s < 0)
007ef0a2	129	return log_error_errno(errno, "LLMNR-IPv4(UDP): Failed to create socket: %m");
5f402ae8 DM	130
5f402ae8 DM	131	/* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
3f548fff YW	132	r = setsockopt_int(s, IPPROTO_IP, IP_TTL, 255);
	133	if (r < 0)
	134	return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_TTL: %m");
5f402ae8	135
3f548fff YW	136	r = setsockopt_int(s, IPPROTO_IP, IP_MULTICAST_TTL, 255);
	137	if (r < 0)
	138	return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_MULTICAST_TTL: %m");
5f402ae8	139
3f548fff YW	140	r = setsockopt_int(s, IPPROTO_IP, IP_MULTICAST_LOOP, true);
	141	if (r < 0)
	142	return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_MULTICAST_LOOP: %m");
5f402ae8	143
3f548fff YW	144	r = setsockopt_int(s, IPPROTO_IP, IP_PKTINFO, true);
	145	if (r < 0)
	146	return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_PKTINFO: %m");
5f402ae8	147
3f548fff YW	148	r = setsockopt_int(s, IPPROTO_IP, IP_RECVTTL, true);
	149	if (r < 0)
	150	return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_RECVTTL: %m");
5f402ae8 DM	151
5f402ae8 DM	152	/* Disable Don't-Fragment bit in the IP header */
3f548fff YW	153	r = setsockopt_int(s, IPPROTO_IP, IP_MTU_DISCOVER, IP_PMTUDISC_DONT);
	154	if (r < 0)
	155	return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set IP_MTU_DISCOVER: %m");
5f402ae8	156
007ef0a2	157	/* first try to bind without SO_REUSEADDR to detect another LLMNR responder */
3f548fff	158	r = bind(s, &sa.sa, sizeof(sa.in));
5f402ae8	159	if (r < 0) {
3f548fff YW	160	if (errno != EADDRINUSE)
3f548fff YW	161	return log_error_errno(errno, "LLMNR-IPv4(UDP): Failed to bind socket: %m");
007ef0a2 YW	162
	163	log_warning("LLMNR-IPv4(UDP): There appears to be another LLMNR responder running, or previously systemd-resolved crashed with some outstanding transfers.");
	164
	165	/* try again with SO_REUSEADDR */
3f548fff YW	166	r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
	167	if (r < 0)
	168	return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set SO_REUSEADDR: %m");
	169
	170	r = bind(s, &sa.sa, sizeof(sa.in));
	171	if (r < 0)
	172	return log_error_errno(errno, "LLMNR-IPv4(UDP): Failed to bind socket: %m");
007ef0a2 YW	173	} else {
007ef0a2 YW	174	/* enable SO_REUSEADDR for the case that the user really wants multiple LLMNR responders */
3f548fff YW	175	r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
	176	if (r < 0)
	177	return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to set SO_REUSEADDR: %m");
5f402ae8 DM	178	}
5f402ae8 DM	179
3f548fff	180	r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, s, EPOLLIN, on_llmnr_packet, m);
5f402ae8	181	if (r < 0)
3f548fff	182	return log_error_errno(r, "LLMNR-IPv4(UDP): Failed to create event source: %m");
5f402ae8	183
aa4a9deb LP	184	(void) sd_event_source_set_description(m->llmnr_ipv4_udp_event_source, "llmnr-ipv4-udp");
aa4a9deb LP	185
3f548fff	186	return m->llmnr_ipv4_udp_fd = TAKE_FD(s);
5f402ae8 DM	187	}
	188
	189	int manager_llmnr_ipv6_udp_fd(Manager *m) {
	190	union sockaddr_union sa = {
	191	.in6.sin6_family = AF_INET6,
22a37591	192	.in6.sin6_port = htobe16(LLMNR_PORT),
5f402ae8	193	};
3f548fff	194	_cleanup_close_ int s = -1;
5f402ae8 DM	195	int r;
	196
	197	assert(m);
	198
	199	if (m->llmnr_ipv6_udp_fd >= 0)
	200	return m->llmnr_ipv6_udp_fd;
	201
3f548fff YW	202	s = socket(AF_INET6, SOCK_DGRAM\|SOCK_CLOEXEC\|SOCK_NONBLOCK, 0);
3f548fff YW	203	if (s < 0)
007ef0a2	204	return log_error_errno(errno, "LLMNR-IPv6(UDP): Failed to create socket: %m");
5f402ae8	205
3f548fff YW	206	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_UNICAST_HOPS, 255);
	207	if (r < 0)
	208	return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_UNICAST_HOPS: %m");
5f402ae8 DM	209
5f402ae8 DM	210	/* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
3f548fff YW	211	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 255);
	212	if (r < 0)
	213	return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_MULTICAST_HOPS: %m");
5f402ae8	214
3f548fff YW	215	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, true);
	216	if (r < 0)
	217	return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_MULTICAST_LOOP: %m");
5f402ae8	218
3f548fff YW	219	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_V6ONLY, true);
	220	if (r < 0)
	221	return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_V6ONLY: %m");
5f402ae8	222
3f548fff YW	223	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_RECVPKTINFO, true);
	224	if (r < 0)
	225	return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_RECVPKTINFO: %m");
5f402ae8	226
3f548fff YW	227	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, true);
	228	if (r < 0)
	229	return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set IPV6_RECVHOPLIMIT: %m");
5f402ae8	230
007ef0a2	231	/* first try to bind without SO_REUSEADDR to detect another LLMNR responder */
3f548fff	232	r = bind(s, &sa.sa, sizeof(sa.in6));
5f402ae8	233	if (r < 0) {
3f548fff YW	234	if (errno != EADDRINUSE)
3f548fff YW	235	return log_error_errno(errno, "LLMNR-IPv6(UDP): Failed to bind socket: %m");
007ef0a2 YW	236
	237	log_warning("LLMNR-IPv6(UDP): There appears to be another LLMNR responder running, or previously systemd-resolved crashed with some outstanding transfers.");
	238
	239	/* try again with SO_REUSEADDR */
3f548fff YW	240	r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
	241	if (r < 0)
	242	return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set SO_REUSEADDR: %m");
	243
	244	r = bind(s, &sa.sa, sizeof(sa.in6));
	245	if (r < 0)
	246	return log_error_errno(errno, "LLMNR-IPv6(UDP): Failed to bind socket: %m");
007ef0a2 YW	247	} else {
007ef0a2 YW	248	/* enable SO_REUSEADDR for the case that the user really wants multiple LLMNR responders */
3f548fff YW	249	r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
	250	if (r < 0)
	251	return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to set SO_REUSEADDR: %m");
5f402ae8 DM	252	}
5f402ae8 DM	253
3f548fff	254	r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, s, EPOLLIN, on_llmnr_packet, m);
35908b98	255	if (r < 0)
3f548fff	256	return log_error_errno(r, "LLMNR-IPv6(UDP): Failed to create event source: %m");
5f402ae8	257
aa4a9deb LP	258	(void) sd_event_source_set_description(m->llmnr_ipv6_udp_event_source, "llmnr-ipv6-udp");
aa4a9deb LP	259
3f548fff	260	return m->llmnr_ipv6_udp_fd = TAKE_FD(s);
5f402ae8 DM	261	}
	262
	263	static int on_llmnr_stream_packet(DnsStream *s) {
aa337a5e	264	_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
5f402ae8 DM	265	DnsScope *scope;
	266
	267	assert(s);
	268
aa337a5e LP	269	p = dns_stream_take_read_packet(s);
	270	assert(p);
	271
	272	scope = manager_find_scope(s->manager, p);
b30bf55d	273	if (!scope)
f1b1a5c4	274	log_debug("Got LLMNR TCP packet on unknown scope. Ignoring.");
aa337a5e LP	275	else if (dns_packet_validate_query(p) > 0) {
aa337a5e LP	276	log_debug("Got LLMNR TCP query packet for id %u", DNS_PACKET_ID(p));
5f402ae8	277
aa337a5e	278	dns_scope_process_query(scope, s, p);
5f402ae8	279	} else
b30bf55d	280	log_debug("Invalid LLMNR TCP packet, ignoring.");
5f402ae8	281
b30bf55d	282	dns_stream_unref(s);
5f402ae8 DM	283	return 0;
	284	}
	285
	286	static int on_llmnr_stream(sd_event_source s, int fd, uint32_t revents, void userdata) {
	287	DnsStream *stream;
	288	Manager *m = userdata;
	289	int cfd, r;
	290
	291	cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK\|SOCK_CLOEXEC);
	292	if (cfd < 0) {
4ff9bc2e	293	if (ERRNO_IS_ACCEPT_AGAIN(errno))
5f402ae8 DM	294	return 0;
	295
	296	return -errno;
	297	}
	298
652ba568	299	r = dns_stream_new(m, &stream, DNS_STREAM_LLMNR_RECV, DNS_PROTOCOL_LLMNR, cfd, NULL);
5f402ae8 DM	300	if (r < 0) {
	301	safe_close(cfd);
	302	return r;
	303	}
	304
	305	stream->on_packet = on_llmnr_stream_packet;
31f2a5e2 LP	306	/* We don't configure a "complete" handler here, we rely on the default handler than simply drops the
31f2a5e2 LP	307	* reference to the stream, thus freeing it */
5f402ae8 DM	308	return 0;
	309	}
	310
	311	int manager_llmnr_ipv4_tcp_fd(Manager *m) {
	312	union sockaddr_union sa = {
	313	.in.sin_family = AF_INET,
22a37591	314	.in.sin_port = htobe16(LLMNR_PORT),
5f402ae8	315	};
3f548fff	316	_cleanup_close_ int s = -1;
5f402ae8 DM	317	int r;
	318
	319	assert(m);
	320
	321	if (m->llmnr_ipv4_tcp_fd >= 0)
	322	return m->llmnr_ipv4_tcp_fd;
	323
3f548fff YW	324	s = socket(AF_INET, SOCK_STREAM\|SOCK_CLOEXEC\|SOCK_NONBLOCK, 0);
3f548fff YW	325	if (s < 0)
007ef0a2	326	return log_error_errno(errno, "LLMNR-IPv4(TCP): Failed to create socket: %m");
5f402ae8 DM	327
5f402ae8 DM	328	/* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
3f548fff YW	329	r = setsockopt_int(s, IPPROTO_IP, IP_TTL, true);
	330	if (r < 0)
	331	return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set IP_TTL: %m");
5f402ae8	332
3f548fff YW	333	r = setsockopt_int(s, IPPROTO_IP, IP_PKTINFO, true);
	334	if (r < 0)
	335	return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set IP_PKTINFO: %m");
5f402ae8	336
3f548fff YW	337	r = setsockopt_int(s, IPPROTO_IP, IP_RECVTTL, true);
	338	if (r < 0)
	339	return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set IP_RECVTTL: %m");
5f402ae8 DM	340
5f402ae8 DM	341	/* Disable Don't-Fragment bit in the IP header */
3f548fff YW	342	r = setsockopt_int(s, IPPROTO_IP, IP_MTU_DISCOVER, IP_PMTUDISC_DONT);
	343	if (r < 0)
	344	return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set IP_MTU_DISCOVER: %m");
5f402ae8	345
007ef0a2	346	/* first try to bind without SO_REUSEADDR to detect another LLMNR responder */
3f548fff	347	r = bind(s, &sa.sa, sizeof(sa.in));
5f402ae8	348	if (r < 0) {
3f548fff YW	349	if (errno != EADDRINUSE)
3f548fff YW	350	return log_error_errno(errno, "LLMNR-IPv4(TCP): Failed to bind socket: %m");
007ef0a2 YW	351
	352	log_warning("LLMNR-IPv4(TCP): There appears to be another LLMNR responder running, or previously systemd-resolved crashed with some outstanding transfers.");
	353
	354	/* try again with SO_REUSEADDR */
3f548fff YW	355	r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
	356	if (r < 0)
	357	return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set SO_REUSEADDR: %m");
	358
	359	r = bind(s, &sa.sa, sizeof(sa.in));
	360	if (r < 0)
	361	return log_error_errno(errno, "LLMNR-IPv4(TCP): Failed to bind socket: %m");
007ef0a2 YW	362	} else {
007ef0a2 YW	363	/* enable SO_REUSEADDR for the case that the user really wants multiple LLMNR responders */
3f548fff YW	364	r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
	365	if (r < 0)
	366	return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to set SO_REUSEADDR: %m");
5f402ae8 DM	367	}
5f402ae8 DM	368
3f548fff YW	369	r = listen(s, SOMAXCONN);
	370	if (r < 0)
	371	return log_error_errno(errno, "LLMNR-IPv4(TCP): Failed to listen the stream: %m");
5f402ae8	372
3f548fff	373	r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, s, EPOLLIN, on_llmnr_stream, m);
5f402ae8	374	if (r < 0)
3f548fff	375	return log_error_errno(r, "LLMNR-IPv4(TCP): Failed to create event source: %m");
5f402ae8	376
aa4a9deb LP	377	(void) sd_event_source_set_description(m->llmnr_ipv4_tcp_event_source, "llmnr-ipv4-tcp");
aa4a9deb LP	378
3f548fff	379	return m->llmnr_ipv4_tcp_fd = TAKE_FD(s);
5f402ae8 DM	380	}
	381
	382	int manager_llmnr_ipv6_tcp_fd(Manager *m) {
	383	union sockaddr_union sa = {
	384	.in6.sin6_family = AF_INET6,
22a37591	385	.in6.sin6_port = htobe16(LLMNR_PORT),
5f402ae8	386	};
3f548fff	387	_cleanup_close_ int s = -1;
5f402ae8 DM	388	int r;
	389
	390	assert(m);
	391
	392	if (m->llmnr_ipv6_tcp_fd >= 0)
	393	return m->llmnr_ipv6_tcp_fd;
	394
3f548fff YW	395	s = socket(AF_INET6, SOCK_STREAM\|SOCK_CLOEXEC\|SOCK_NONBLOCK, 0);
3f548fff YW	396	if (s < 0)
007ef0a2	397	return log_error_errno(errno, "LLMNR-IPv6(TCP): Failed to create socket: %m");
5f402ae8 DM	398
5f402ae8 DM	399	/* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
3f548fff YW	400	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_UNICAST_HOPS, true);
	401	if (r < 0)
	402	return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set IPV6_UNICAST_HOPS: %m");
5f402ae8	403
3f548fff YW	404	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_V6ONLY, true);
	405	if (r < 0)
	406	return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set IPV6_V6ONLY: %m");
5f402ae8	407
3f548fff YW	408	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_RECVPKTINFO, true);
	409	if (r < 0)
	410	return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set IPV6_RECVPKTINFO: %m");
5f402ae8	411
3f548fff YW	412	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, true);
	413	if (r < 0)
	414	return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set IPV6_RECVHOPLIMIT: %m");
5f402ae8	415
007ef0a2	416	/* first try to bind without SO_REUSEADDR to detect another LLMNR responder */
3f548fff	417	r = bind(s, &sa.sa, sizeof(sa.in6));
5f402ae8	418	if (r < 0) {
3f548fff YW	419	if (errno != EADDRINUSE)
3f548fff YW	420	return log_error_errno(errno, "LLMNR-IPv6(TCP): Failed to bind socket: %m");
007ef0a2 YW	421
	422	log_warning("LLMNR-IPv6(TCP): There appears to be another LLMNR responder running, or previously systemd-resolved crashed with some outstanding transfers.");
	423
	424	/* try again with SO_REUSEADDR */
3f548fff YW	425	r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
	426	if (r < 0)
	427	return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set SO_REUSEADDR: %m");
	428
	429	r = bind(s, &sa.sa, sizeof(sa.in6));
	430	if (r < 0)
	431	return log_error_errno(errno, "LLMNR-IPv6(TCP): Failed to bind socket: %m");
007ef0a2 YW	432	} else {
007ef0a2 YW	433	/* enable SO_REUSEADDR for the case that the user really wants multiple LLMNR responders */
3f548fff YW	434	r = setsockopt_int(s, SOL_SOCKET, SO_REUSEADDR, true);
	435	if (r < 0)
	436	return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to set SO_REUSEADDR: %m");
5f402ae8 DM	437	}
5f402ae8 DM	438
3f548fff YW	439	r = listen(s, SOMAXCONN);
	440	if (r < 0)
	441	return log_error_errno(errno, "LLMNR-IPv6(TCP): Failed to listen the stream: %m");
5f402ae8	442
3f548fff	443	r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, s, EPOLLIN, on_llmnr_stream, m);
ee8d9305	444	if (r < 0)
3f548fff	445	return log_error_errno(r, "LLMNR-IPv6(TCP): Failed to create event source: %m");
5f402ae8	446
aa4a9deb LP	447	(void) sd_event_source_set_description(m->llmnr_ipv6_tcp_event_source, "llmnr-ipv6-tcp");
aa4a9deb LP	448
3f548fff	449	return m->llmnr_ipv6_tcp_fd = TAKE_FD(s);
5f402ae8	450	}