dbus1-generator: properly free the FILE*
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
CommitLineData
091a364c
TG
1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22#include <arpa/inet.h>
23#include <resolv.h>
1716f6dc 24#include <net/if.h>
74b2466e
LP
25#include <sys/ioctl.h>
26#include <sys/poll.h>
27#include <netinet/in.h>
091a364c 28
74b2466e 29#include "rtnl-util.h"
091a364c
TG
30#include "event-util.h"
31#include "network-util.h"
091a364c
TG
32#include "network-internal.h"
33#include "conf-parser.h"
74b2466e 34#include "socket-util.h"
a2a416f7 35#include "af-list.h"
eb60f9cd 36#include "utf8.h"
4e945a6f 37
eb60f9cd 38#include "resolved-dns-domain.h"
39d8db04
LP
39#include "resolved-conf.h"
40#include "resolved-bus.h"
41#include "resolved-manager.h"
74b2466e
LP
42
43#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
44
45static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
46 Manager *m = userdata;
47 uint16_t type;
48 Link *l;
49 int ifindex, r;
50
51 assert(rtnl);
52 assert(m);
53 assert(mm);
54
55 r = sd_rtnl_message_get_type(mm, &type);
56 if (r < 0)
57 goto fail;
58
59 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
60 if (r < 0)
61 goto fail;
62
63 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
64
65 switch (type) {
66
a2a416f7
LP
67 case RTM_NEWLINK:{
68 bool is_new = !l;
74b2466e 69
a2a416f7 70 if (!l) {
74b2466e
LP
71 r = link_new(m, &l, ifindex);
72 if (r < 0)
73 goto fail;
74 }
75
76 r = link_update_rtnl(l, mm);
77 if (r < 0)
78 goto fail;
79
21d73c87
LP
80 r = link_update_monitor(l);
81 if (r < 0)
82 goto fail;
83
a2a416f7
LP
84 if (is_new)
85 log_debug("Found new link %i/%s", ifindex, l->name);
86
74b2466e 87 break;
a2a416f7 88 }
74b2466e
LP
89
90 case RTM_DELLINK:
91 if (l) {
a2a416f7 92 log_debug("Removing link %i/%s", l->ifindex, l->name);
74b2466e
LP
93 link_free(l);
94 }
95
96 break;
97 }
98
99 return 0;
100
101fail:
102 log_warning("Failed to process RTNL link message: %s", strerror(-r));
103 return 0;
104}
105
106static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
107 Manager *m = userdata;
108 union in_addr_union address;
74b2466e 109 uint16_t type;
0dd25fb9 110 int r, ifindex, family;
74b2466e
LP
111 LinkAddress *a;
112 Link *l;
113
114 assert(rtnl);
115 assert(mm);
116 assert(m);
117
118 r = sd_rtnl_message_get_type(mm, &type);
119 if (r < 0)
120 goto fail;
121
122 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
123 if (r < 0)
124 goto fail;
125
126 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
127 if (!l)
128 return 0;
129
130 r = sd_rtnl_message_addr_get_family(mm, &family);
131 if (r < 0)
132 goto fail;
133
134 switch (family) {
135
136 case AF_INET:
137 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
138 if (r < 0) {
139 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
140 if (r < 0)
141 goto fail;
142 }
143
144 break;
145
146 case AF_INET6:
147 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
148 if (r < 0) {
149 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
150 if (r < 0)
151 goto fail;
152 }
153
154 break;
155
156 default:
157 return 0;
158 }
159
160 a = link_find_address(l, family, &address);
161
162 switch (type) {
163
164 case RTM_NEWADDR:
165
166 if (!a) {
167 r = link_address_new(l, &a, family, &address);
168 if (r < 0)
169 return r;
170 }
171
172 r = link_address_update_rtnl(a, mm);
173 if (r < 0)
174 return r;
175
176 break;
177
178 case RTM_DELADDR:
179 if (a)
180 link_address_free(a);
181 break;
182 }
183
184 return 0;
185
186fail:
187 log_warning("Failed to process RTNL address message: %s", strerror(-r));
188 return 0;
189}
190
74b2466e
LP
191static int manager_rtnl_listen(Manager *m) {
192 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
193 sd_rtnl_message *i;
194 int r;
195
196 assert(m);
197
198 /* First, subscibe to interfaces coming and going */
199 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
200 if (r < 0)
201 return r;
202
203 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
204 if (r < 0)
205 return r;
206
207 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
208 if (r < 0)
209 return r;
210
211 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
212 if (r < 0)
213 return r;
214
215 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
216 if (r < 0)
217 return r;
091a364c 218
74b2466e
LP
219 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
220 if (r < 0)
221 return r;
222
223 /* Then, enumerate all links */
224 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
225 if (r < 0)
226 return r;
227
228 r = sd_rtnl_message_request_dump(req, true);
229 if (r < 0)
230 return r;
231
232 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
233 if (r < 0)
234 return r;
235
236 for (i = reply; i; i = sd_rtnl_message_next(i)) {
237 r = manager_process_link(m->rtnl, i, m);
238 if (r < 0)
239 return r;
240 }
241
242 req = sd_rtnl_message_unref(req);
243 reply = sd_rtnl_message_unref(reply);
244
245 /* Finally, enumerate all addresses, too */
246 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
247 if (r < 0)
248 return r;
249
250 r = sd_rtnl_message_request_dump(req, true);
251 if (r < 0)
252 return r;
253
254 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
255 if (r < 0)
256 return r;
257
258 for (i = reply; i; i = sd_rtnl_message_next(i)) {
259 r = manager_process_address(m->rtnl, i, m);
260 if (r < 0)
261 return r;
262 }
263
264 return r;
265}
266
267static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
268 Manager *m = userdata;
269 Iterator i;
270 Link *l;
271 int r;
272
273 assert(m);
274
275 sd_network_monitor_flush(m->network_monitor);
276
277 HASHMAP_FOREACH(l, m->links, i) {
278 r = link_update_monitor(l);
279 if (r < 0)
280 log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
281 }
282
283 r = manager_write_resolv_conf(m);
284 if (r < 0)
285 log_warning("Could not update resolv.conf: %s", strerror(-r));
286
287 return 0;
288}
289
290static int manager_network_monitor_listen(Manager *m) {
291 int r, fd, events;
292
293 assert(m);
294
0014a4ad 295 r = sd_network_monitor_new(&m->network_monitor, NULL);
74b2466e
LP
296 if (r < 0)
297 return r;
298
299 fd = sd_network_monitor_get_fd(m->network_monitor);
300 if (fd < 0)
301 return fd;
302
303 events = sd_network_monitor_get_events(m->network_monitor);
304 if (events < 0)
305 return events;
306
307 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
308 if (r < 0)
309 return r;
310
311 return 0;
312}
313
eb60f9cd
LP
314static int determine_hostname(char **ret) {
315 _cleanup_free_ char *h = NULL, *n = NULL;
316 int r;
317
318 assert(ret);
319
320 h = gethostname_malloc();
321 if (!h)
322 return log_oom();
323
324 if (!utf8_is_valid(h)) {
325 log_error("System hostname is not UTF-8 clean.");
326 return -EINVAL;
327 }
328
329 r = dns_name_normalize(h, &n);
330 if (r < 0) {
331 log_error("System hostname '%s' cannot be normalized.", h);
332 return r;
333 }
334
335 *ret = n;
336 n = NULL;
337
338 return 0;
339}
340
341static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
342 _cleanup_free_ char *h = NULL;
343 Manager *m = userdata;
344 int r;
345
346 assert(m);
347
348 r = determine_hostname(&h);
349 if (r < 0)
350 return 0; /* ignore invalid hostnames */
351
352 if (streq(h, m->hostname))
353 return 0;
354
355 log_info("System hostname changed to '%s'.", h);
356 free(m->hostname);
357 m->hostname = h;
358 h = NULL;
359
360 manager_refresh_rrs(m);
361
362 return 0;
363}
364
365static int manager_watch_hostname(Manager *m) {
eb60f9cd
LP
366 int r;
367
368 assert(m);
369
370 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
371 if (m->hostname_fd < 0) {
372 log_warning("Failed to watch hostname: %m");
373 return 0;
374 }
375
376 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
377 if (r < 0) {
378 if (r == -EPERM)
379 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
380 m->hostname_fd = safe_close(m->hostname_fd);
381 else {
382 log_error("Failed to add hostname event source: %s", strerror(-r));
383 return r;
384 }
385 }
386
387 r = determine_hostname(&m->hostname);
388 if (r < 0) {
389 log_info("Defaulting to hostname 'linux'.");
390 m->hostname = strdup("linux");
391 if (!m->hostname)
392 return log_oom();
393 } else
394 log_info("Using system hostname '%s'.", m->hostname);
395
396 return 0;
397}
398
edc501d4
LP
399static void manager_llmnr_stop(Manager *m) {
400 assert(m);
401
402 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
403 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
404
405 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
406 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
407
408 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
409 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
410
411 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
412 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
413}
414
415static int manager_llmnr_start(Manager *m) {
416 int r;
417
418 assert(m);
419
420 if (m->llmnr_support == SUPPORT_NO)
421 return 0;
422
423 r = manager_llmnr_ipv4_udp_fd(m);
424 if (r == -EADDRINUSE)
425 goto eaddrinuse;
426 if (r < 0)
427 return r;
428
edc501d4
LP
429 r = manager_llmnr_ipv4_tcp_fd(m);
430 if (r == -EADDRINUSE)
431 goto eaddrinuse;
432 if (r < 0)
433 return r;
434
90ab5042
LP
435 if (socket_ipv6_is_supported()) {
436 r = manager_llmnr_ipv6_udp_fd(m);
437 if (r == -EADDRINUSE)
438 goto eaddrinuse;
439 if (r < 0)
440 return r;
441
442 r = manager_llmnr_ipv6_tcp_fd(m);
443 if (r == -EADDRINUSE)
444 goto eaddrinuse;
445 if (r < 0)
446 return r;
447 }
edc501d4
LP
448
449 return 0;
450
451eaddrinuse:
452 log_warning("There appears to be another LLMNR respondering running. Turning off LLMNR support.");
453 m->llmnr_support = SUPPORT_NO;
454 manager_llmnr_stop(m);
90ab5042 455
edc501d4
LP
456 return 0;
457}
458
091a364c 459int manager_new(Manager **ret) {
74b2466e 460 _cleanup_(manager_freep) Manager *m = NULL;
091a364c
TG
461 int r;
462
c92e531c
LP
463 assert(ret);
464
091a364c
TG
465 m = new0(Manager, 1);
466 if (!m)
467 return -ENOMEM;
468
74b2466e 469 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
1716f6dc 470 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
623a4c97 471 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
eb60f9cd 472 m->hostname_fd = -1;
1716f6dc 473
4e945a6f 474 m->llmnr_support = SUPPORT_YES;
5cb36f41 475 m->read_resolv_conf = true;
091a364c 476
4e945a6f 477 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
091a364c
TG
478 if (r < 0)
479 return r;
480
481 r = sd_event_default(&m->event);
482 if (r < 0)
483 return r;
484
485 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
486 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
487
488 sd_event_set_watchdog(m->event, true);
489
eb60f9cd
LP
490 r = manager_watch_hostname(m);
491 if (r < 0)
492 return r;
493
1716f6dc 494 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
74b2466e
LP
495 if (r < 0)
496 return r;
497
498 r = manager_network_monitor_listen(m);
499 if (r < 0)
500 return r;
501
502 r = manager_rtnl_listen(m);
503 if (r < 0)
504 return r;
505
506 r = manager_connect_bus(m);
507 if (r < 0)
508 return r;
509
091a364c
TG
510 *ret = m;
511 m = NULL;
512
513 return 0;
514}
515
edc501d4
LP
516int manager_start(Manager *m) {
517 int r;
518
519 assert(m);
520
521 r = manager_llmnr_start(m);
522 if (r < 0)
523 return r;
524
525 return 0;
526}
527
74b2466e
LP
528Manager *manager_free(Manager *m) {
529 Link *l;
091a364c
TG
530
531 if (!m)
74b2466e
LP
532 return NULL;
533
74b2466e
LP
534 while ((l = hashmap_first(m->links)))
535 link_free(l);
f0e15467
LP
536
537 while (m->dns_queries)
538 dns_query_free(m->dns_queries);
74b2466e
LP
539
540 dns_scope_free(m->unicast_scope);
541
3e684349
LP
542 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
543 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
091a364c 544
f0e15467
LP
545 hashmap_free(m->links);
546 hashmap_free(m->dns_transactions);
547
096b6773
LP
548 sd_event_source_unref(m->network_event_source);
549 sd_network_monitor_unref(m->network_monitor);
091a364c 550
74b2466e
LP
551 sd_event_source_unref(m->dns_ipv4_event_source);
552 sd_event_source_unref(m->dns_ipv6_event_source);
74b2466e
LP
553 safe_close(m->dns_ipv4_fd);
554 safe_close(m->dns_ipv6_fd);
555
edc501d4 556 manager_llmnr_stop(m);
623a4c97 557
902bb5d8 558 sd_bus_slot_unref(m->prepare_for_sleep_slot);
74b2466e
LP
559 sd_event_source_unref(m->bus_retry_event_source);
560 sd_bus_unref(m->bus);
091a364c 561
74b2466e 562 sd_event_unref(m->event);
623a4c97
LP
563
564 dns_resource_key_unref(m->host_ipv4_key);
565 dns_resource_key_unref(m->host_ipv6_key);
eb60f9cd
LP
566
567 safe_close(m->hostname_fd);
568 sd_event_source_unref(m->hostname_event_source);
623a4c97 569 free(m->hostname);
eb60f9cd 570
091a364c 571 free(m);
74b2466e
LP
572
573 return NULL;
091a364c
TG
574}
575
5cb36f41
LP
576int manager_read_resolv_conf(Manager *m) {
577 _cleanup_fclose_ FILE *f = NULL;
578 struct stat st, own;
579 char line[LINE_MAX];
580 DnsServer *s, *nx;
581 usec_t t;
582 int r;
583
584 assert(m);
585
586 /* Reads the system /etc/resolv.conf, if it exists and is not
587 * symlinked to our own resolv.conf instance */
588
589 if (!m->read_resolv_conf)
590 return 0;
591
592 r = stat("/etc/resolv.conf", &st);
593 if (r < 0) {
594 if (errno != ENOENT)
595 log_warning("Failed to open /etc/resolv.conf: %m");
596 r = -errno;
597 goto clear;
598 }
599
600 /* Have we already seen the file? */
601 t = timespec_load(&st.st_mtim);
602 if (t == m->resolv_conf_mtime)
603 return 0;
604
605 m->resolv_conf_mtime = t;
606
607 /* Is it symlinked to our own file? */
608 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
609 st.st_dev == own.st_dev &&
610 st.st_ino == own.st_ino) {
611 r = 0;
612 goto clear;
613 }
614
615 f = fopen("/etc/resolv.conf", "re");
616 if (!f) {
617 if (errno != ENOENT)
618 log_warning("Failed to open /etc/resolv.conf: %m");
619 r = -errno;
620 goto clear;
621 }
622
623 if (fstat(fileno(f), &st) < 0) {
624 log_error("Failed to stat open file: %m");
625 r = -errno;
626 goto clear;
627 }
628
629 LIST_FOREACH(servers, s, m->dns_servers)
630 s->marked = true;
631
632 FOREACH_LINE(line, f, r = -errno; goto clear) {
633 union in_addr_union address;
634 int family;
635 char *l;
636 const char *a;
637
638 truncate_nl(line);
639
640 l = strstrip(line);
641 if (*l == '#' || *l == ';')
642 continue;
643
644 a = first_word(l, "nameserver");
645 if (!a)
646 continue;
647
648 r = in_addr_from_string_auto(a, &family, &address);
649 if (r < 0) {
650 log_warning("Failed to parse name server %s.", a);
651 continue;
652 }
653
654 LIST_FOREACH(servers, s, m->dns_servers)
655 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
656 break;
657
658 if (s)
659 s->marked = false;
660 else {
661 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
662 if (r < 0)
663 goto clear;
664 }
665 }
666
667 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
668 if (s->marked)
669 dns_server_free(s);
670
671 return 0;
672
673clear:
674 while (m->dns_servers)
675 dns_server_free(m->dns_servers);
676
677 return r;
678}
679
bda2c408 680static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
74b2466e
LP
681 _cleanup_free_ char *t = NULL;
682 int r;
091a364c 683
74b2466e 684 assert(s);
091a364c 685 assert(f);
091a364c
TG
686 assert(count);
687
74b2466e 688 r = in_addr_to_string(s->family, &s->address, &t);
4e945a6f
LP
689 if (r < 0) {
690 log_warning("Invalid DNS address. Ignoring: %s", strerror(-r));
091a364c
TG
691 return;
692 }
693
694 if (*count == MAXNS)
87f5a193 695 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
091a364c 696
74b2466e 697 fprintf(f, "nameserver %s\n", t);
091a364c
TG
698 (*count) ++;
699}
700
bda2c408 701static void write_resolv_conf_search(const char *domain, FILE *f,
a9feff3d 702 unsigned *count, unsigned *length) {
bda2c408
TG
703 assert(domain);
704 assert(f);
705 assert(length);
706
707 if (*count >= MAXDNSRCH ||
708 *length + strlen(domain) > 256) {
709 if (*count == MAXDNSRCH)
710 fputs(" # Too many search domains configured, remaining ones ignored.", f);
711 if (*length <= 256)
712 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
713
714 return;
715 }
716
717 fprintf(f, " %s", domain);
718
719 (*length) += strlen(domain);
720 (*count) ++;
721}
722
74b2466e 723int manager_write_resolv_conf(Manager *m) {
4e945a6f 724 static const char path[] = "/run/systemd/resolve/resolv.conf";
091a364c
TG
725 _cleanup_free_ char *temp_path = NULL;
726 _cleanup_fclose_ FILE *f = NULL;
bda2c408 727 _cleanup_set_free_ Set *dns = NULL, *domains = NULL;
091a364c 728 unsigned count = 0;
74b2466e
LP
729 DnsServer *s;
730 Iterator i;
731 Link *l;
732 int r;
091a364c
TG
733
734 assert(m);
735
5cb36f41
LP
736 /* Read the system /etc/resolv.conf first */
737 manager_read_resolv_conf(m);
738
87f5a193
LP
739 /* Add the full list to a set, to filter out duplicates */
740 dns = set_new(dns_server_hash_func, dns_server_compare_func);
741 if (!dns)
742 return -ENOMEM;
743
bda2c408
TG
744 domains = set_new(dns_name_hash_func, dns_name_compare_func);
745 if (!domains)
746 return -ENOMEM;
747
87f5a193
LP
748 /* First add the system-wide servers */
749 LIST_FOREACH(servers, s, m->dns_servers) {
750 r = set_put(dns, s);
751 if (r == -EEXIST)
752 continue;
753 if (r < 0)
754 return r;
755 }
756
bda2c408
TG
757 /* Then, add the per-link servers and domains */
758 HASHMAP_FOREACH(l, m->links, i) {
759 char **domain;
760
87f5a193
LP
761 LIST_FOREACH(servers, s, l->dns_servers) {
762 r = set_put(dns, s);
763 if (r == -EEXIST)
764 continue;
765 if (r < 0)
766 return r;
767 }
768
bda2c408
TG
769 if (!l->unicast_scope)
770 continue;
771
772 STRV_FOREACH(domain, l->unicast_scope->domains) {
773 r = set_put(domains, *domain);
774 if (r == -EEXIST)
775 continue;
776 if (r < 0)
777 return r;
778 }
779 }
780
87f5a193
LP
781 /* If we found nothing, add the fallback servers */
782 if (set_isempty(dns)) {
783 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
784 r = set_put(dns, s);
785 if (r == -EEXIST)
786 continue;
787 if (r < 0)
788 return r;
789 }
790 }
791
b686acb2 792 r = fopen_temporary(path, &f, &temp_path);
091a364c
TG
793 if (r < 0)
794 return r;
795
796 fchmod(fileno(f), 0644);
797
798 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
799 "# Third party programs must not access this file directly, but\n"
800 "# only through the symlink at /etc/resolv.conf. To manage\n"
801 "# resolv.conf(5) in a different way, replace the symlink by a\n"
802 "# static file or a different symlink.\n\n", f);
803
87f5a193
LP
804 if (set_isempty(dns))
805 fputs("# No DNS servers known.\n", f);
806 else {
807 SET_FOREACH(s, dns, i)
bda2c408
TG
808 write_resolv_conf_server(s, f, &count);
809 }
810
811 if (!set_isempty(domains)) {
812 unsigned length = 0;
813 char *domain;
814
815 count = 0;
816
817 fputs("search", f);
818 SET_FOREACH(domain, domains, i)
819 write_resolv_conf_search(domain, f, &count, &length);
820 fputs("\n", f);
4e945a6f 821 }
091a364c 822
74b2466e
LP
823 r = fflush_and_check(f);
824 if (r < 0)
825 goto fail;
826
827 if (rename(temp_path, path) < 0) {
828 r = -errno;
829 goto fail;
830 }
091a364c 831
74b2466e 832 return 0;
091a364c 833
74b2466e
LP
834fail:
835 unlink(path);
836 unlink(temp_path);
837 return r;
838}
091a364c 839
1716f6dc 840int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
74b2466e 841 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1716f6dc
LP
842 union {
843 struct cmsghdr header; /* For alignment */
bf32f99f 844 uint8_t buffer[CMSG_SPACE(CONST_MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
1716f6dc 845 + CMSG_SPACE(int) /* ttl/hoplimit */
623a4c97 846 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
1716f6dc
LP
847 } control;
848 union sockaddr_union sa;
74b2466e 849 struct msghdr mh = {};
1716f6dc 850 struct cmsghdr *cmsg;
74b2466e 851 struct iovec iov;
1716f6dc 852 int ms = 0, r;
74b2466e
LP
853 ssize_t l;
854
855 assert(m);
1716f6dc 856 assert(fd >= 0);
74b2466e
LP
857 assert(ret);
858
74b2466e
LP
859 r = ioctl(fd, FIONREAD, &ms);
860 if (r < 0)
861 return -errno;
862 if (ms < 0)
863 return -EIO;
864
1716f6dc 865 r = dns_packet_new(&p, protocol, ms);
74b2466e
LP
866 if (r < 0)
867 return r;
868
869 iov.iov_base = DNS_PACKET_DATA(p);
870 iov.iov_len = p->allocated;
871
1716f6dc
LP
872 mh.msg_name = &sa.sa;
873 mh.msg_namelen = sizeof(sa);
74b2466e
LP
874 mh.msg_iov = &iov;
875 mh.msg_iovlen = 1;
1716f6dc
LP
876 mh.msg_control = &control;
877 mh.msg_controllen = sizeof(control);
74b2466e
LP
878
879 l = recvmsg(fd, &mh, 0);
880 if (l < 0) {
ad867662 881 if (errno == EAGAIN || errno == EINTR)
74b2466e
LP
882 return 0;
883
884 return -errno;
091a364c
TG
885 }
886
74b2466e
LP
887 if (l <= 0)
888 return -EIO;
091a364c 889
1716f6dc
LP
890 assert(!(mh.msg_flags & MSG_CTRUNC));
891 assert(!(mh.msg_flags & MSG_TRUNC));
892
74b2466e 893 p->size = (size_t) l;
091a364c 894
1716f6dc 895 p->family = sa.sa.sa_family;
623a4c97
LP
896 p->ipproto = IPPROTO_UDP;
897 if (p->family == AF_INET) {
1716f6dc 898 p->sender.in = sa.in.sin_addr;
623a4c97
LP
899 p->sender_port = be16toh(sa.in.sin_port);
900 } else if (p->family == AF_INET6) {
1716f6dc 901 p->sender.in6 = sa.in6.sin6_addr;
623a4c97
LP
902 p->sender_port = be16toh(sa.in6.sin6_port);
903 p->ifindex = sa.in6.sin6_scope_id;
904 } else
1716f6dc 905 return -EAFNOSUPPORT;
74b2466e 906
1716f6dc 907 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
74b2466e 908
1716f6dc
LP
909 if (cmsg->cmsg_level == IPPROTO_IPV6) {
910 assert(p->family == AF_INET6);
74b2466e 911
1716f6dc 912 switch (cmsg->cmsg_type) {
74b2466e 913
1716f6dc
LP
914 case IPV6_PKTINFO: {
915 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
74b2466e 916
623a4c97
LP
917 if (p->ifindex <= 0)
918 p->ifindex = i->ipi6_ifindex;
919
1716f6dc
LP
920 p->destination.in6 = i->ipi6_addr;
921 break;
922 }
74b2466e 923
1716f6dc
LP
924 case IPV6_HOPLIMIT:
925 p->ttl = *(int *) CMSG_DATA(cmsg);
926 break;
74b2466e 927
1716f6dc
LP
928 }
929 } else if (cmsg->cmsg_level == IPPROTO_IP) {
930 assert(p->family == AF_INET);
74b2466e 931
1716f6dc 932 switch (cmsg->cmsg_type) {
74b2466e 933
1716f6dc
LP
934 case IP_PKTINFO: {
935 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
091a364c 936
623a4c97
LP
937 if (p->ifindex <= 0)
938 p->ifindex = i->ipi_ifindex;
939
1716f6dc
LP
940 p->destination.in = i->ipi_addr;
941 break;
942 }
74b2466e 943
623a4c97 944 case IP_TTL:
1716f6dc
LP
945 p->ttl = *(int *) CMSG_DATA(cmsg);
946 break;
947 }
948 }
949 }
74b2466e 950
623a4c97
LP
951 /* The Linux kernel sets the interface index to the loopback
952 * device if the packet came from the local host since it
953 * avoids the routing table in such a case. Let's unset the
954 * interface index in such a case. */
955 if (p->ifindex > 0 && manager_ifindex_is_loopback(m, p->ifindex) != 0)
956 p->ifindex = 0;
957
958 /* If we don't know the interface index still, we look for the
959 * first local interface with a matching address. Yuck! */
960 if (p->ifindex <= 0)
961 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
962
74b2466e
LP
963 *ret = p;
964 p = NULL;
965
966 return 1;
967}
968
1716f6dc 969static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
74b2466e 970 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 971 DnsTransaction *t = NULL;
74b2466e
LP
972 Manager *m = userdata;
973 int r;
974
1716f6dc 975 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
74b2466e
LP
976 if (r <= 0)
977 return r;
978
623a4c97 979 if (dns_packet_validate_reply(p) > 0) {
ec2c5e43 980 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1716f6dc
LP
981 if (!t)
982 return 0;
74b2466e 983
ec2c5e43 984 dns_transaction_process_reply(t, p);
623a4c97 985
1716f6dc 986 } else
623a4c97 987 log_debug("Invalid DNS packet.");
74b2466e 988
ad867662 989 return 0;
74b2466e
LP
990}
991
992int manager_dns_ipv4_fd(Manager *m) {
1716f6dc 993 const int one = 1;
74b2466e
LP
994 int r;
995
091a364c
TG
996 assert(m);
997
74b2466e
LP
998 if (m->dns_ipv4_fd >= 0)
999 return m->dns_ipv4_fd;
091a364c 1000
74b2466e
LP
1001 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1002 if (m->dns_ipv4_fd < 0)
1003 return -errno;
091a364c 1004
1716f6dc
LP
1005 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1006 if (r < 0) {
1007 r = -errno;
1008 goto fail;
1009 }
1010
1011 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
74b2466e 1012 if (r < 0)
1716f6dc 1013 goto fail;
74b2466e
LP
1014
1015 return m->dns_ipv4_fd;
1716f6dc
LP
1016
1017fail:
1018 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1019 return r;
091a364c
TG
1020}
1021
74b2466e 1022int manager_dns_ipv6_fd(Manager *m) {
1716f6dc 1023 const int one = 1;
74b2466e
LP
1024 int r;
1025
1026 assert(m);
091a364c 1027
74b2466e
LP
1028 if (m->dns_ipv6_fd >= 0)
1029 return m->dns_ipv6_fd;
1030
1031 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1032 if (m->dns_ipv6_fd < 0)
1033 return -errno;
1034
1716f6dc
LP
1035 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1036 if (r < 0) {
1037 r = -errno;
1038 goto fail;
1039 }
1040
1041 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
091a364c 1042 if (r < 0)
1716f6dc 1043 goto fail;
091a364c 1044
74b2466e 1045 return m->dns_ipv6_fd;
1716f6dc
LP
1046
1047fail:
1048 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1049 return r;
74b2466e
LP
1050}
1051
1052static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1053 int r;
1054
1055 assert(fd >= 0);
1056 assert(mh);
1057
1058 for (;;) {
1059 if (sendmsg(fd, mh, flags) >= 0)
1060 return 0;
1061
1062 if (errno == EINTR)
1063 continue;
1064
1065 if (errno != EAGAIN)
1066 return -errno;
1067
1068 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1069 if (r < 0)
1070 return r;
1071 if (r == 0)
1072 return -ETIMEDOUT;
1073 }
1074}
1075
623a4c97 1076static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP
1077 union sockaddr_union sa = {
1078 .in.sin_family = AF_INET,
74b2466e 1079 };
1716f6dc
LP
1080 union {
1081 struct cmsghdr header; /* For alignment */
1082 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1083 } control;
74b2466e
LP
1084 struct msghdr mh = {};
1085 struct iovec iov;
74b2466e
LP
1086
1087 assert(m);
1716f6dc
LP
1088 assert(fd >= 0);
1089 assert(addr);
1090 assert(port > 0);
74b2466e
LP
1091 assert(p);
1092
74b2466e
LP
1093 iov.iov_base = DNS_PACKET_DATA(p);
1094 iov.iov_len = p->size;
091a364c 1095
1716f6dc
LP
1096 sa.in.sin_addr = *addr;
1097 sa.in.sin_port = htobe16(port),
091a364c 1098
74b2466e
LP
1099 mh.msg_iov = &iov;
1100 mh.msg_iovlen = 1;
1101 mh.msg_name = &sa.sa;
1102 mh.msg_namelen = sizeof(sa.in);
091a364c 1103
74b2466e
LP
1104 if (ifindex > 0) {
1105 struct cmsghdr *cmsg;
1106 struct in_pktinfo *pi;
1107
1108 zero(control);
1109
1716f6dc 1110 mh.msg_control = &control;
74b2466e
LP
1111 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1112
1113 cmsg = CMSG_FIRSTHDR(&mh);
1114 cmsg->cmsg_len = mh.msg_controllen;
1115 cmsg->cmsg_level = IPPROTO_IP;
1116 cmsg->cmsg_type = IP_PKTINFO;
1117
1118 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1119 pi->ipi_ifindex = ifindex;
1120 }
1121
1122 return sendmsg_loop(fd, &mh, 0);
1123}
1124
623a4c97 1125static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP
1126 union sockaddr_union sa = {
1127 .in6.sin6_family = AF_INET6,
74b2466e 1128 };
1716f6dc
LP
1129 union {
1130 struct cmsghdr header; /* For alignment */
1131 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1132 } control;
74b2466e
LP
1133 struct msghdr mh = {};
1134 struct iovec iov;
74b2466e
LP
1135
1136 assert(m);
1716f6dc
LP
1137 assert(fd >= 0);
1138 assert(addr);
1139 assert(port > 0);
74b2466e
LP
1140 assert(p);
1141
74b2466e
LP
1142 iov.iov_base = DNS_PACKET_DATA(p);
1143 iov.iov_len = p->size;
1144
1716f6dc
LP
1145 sa.in6.sin6_addr = *addr;
1146 sa.in6.sin6_port = htobe16(port),
74b2466e
LP
1147 sa.in6.sin6_scope_id = ifindex;
1148
1149 mh.msg_iov = &iov;
1150 mh.msg_iovlen = 1;
1151 mh.msg_name = &sa.sa;
1152 mh.msg_namelen = sizeof(sa.in6);
1153
1154 if (ifindex > 0) {
1155 struct cmsghdr *cmsg;
1156 struct in6_pktinfo *pi;
1157
1158 zero(control);
1159
1716f6dc 1160 mh.msg_control = &control;
74b2466e
LP
1161 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1162
1163 cmsg = CMSG_FIRSTHDR(&mh);
1164 cmsg->cmsg_len = mh.msg_controllen;
1165 cmsg->cmsg_level = IPPROTO_IPV6;
1166 cmsg->cmsg_type = IPV6_PKTINFO;
1167
1168 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1169 pi->ipi6_ifindex = ifindex;
1170 }
1171
1172 return sendmsg_loop(fd, &mh, 0);
1173}
1174
623a4c97 1175int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1716f6dc
LP
1176 assert(m);
1177 assert(fd >= 0);
1178 assert(addr);
1179 assert(port > 0);
1180 assert(p);
1181
a2a416f7
LP
1182 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1183
1716f6dc
LP
1184 if (family == AF_INET)
1185 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1186 else if (family == AF_INET6)
1187 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1188
1189 return -EAFNOSUPPORT;
1190}
1191
2c27fbca 1192DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
74b2466e
LP
1193 DnsServer *s;
1194
1195 assert(m);
1196 assert(in_addr);
1197
4e945a6f 1198 LIST_FOREACH(servers, s, m->dns_servers)
5cb36f41 1199 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1200 return s;
74b2466e 1201
4e945a6f 1202 LIST_FOREACH(servers, s, m->fallback_dns_servers)
5cb36f41 1203 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1204 return s;
74b2466e 1205
2c27fbca 1206 return NULL;
4e945a6f
LP
1207}
1208
2c27fbca 1209DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
4e945a6f
LP
1210 assert(m);
1211
1212 if (m->current_dns_server == s)
1213 return s;
1214
1215 if (s) {
1216 _cleanup_free_ char *ip = NULL;
1217
1218 in_addr_to_string(s->family, &s->address, &ip);
1219 log_info("Switching to system DNS server %s.", strna(ip));
2c27fbca 1220 }
4e945a6f
LP
1221
1222 m->current_dns_server = s;
2c27fbca
LP
1223
1224 if (m->unicast_scope)
1225 dns_cache_flush(&m->unicast_scope->cache);
1226
4e945a6f 1227 return s;
74b2466e
LP
1228}
1229
1230DnsServer *manager_get_dns_server(Manager *m) {
4e945a6f 1231 Link *l;
74b2466e
LP
1232 assert(m);
1233
5cb36f41
LP
1234 /* Try to read updates resolv.conf */
1235 manager_read_resolv_conf(m);
1236
74b2466e 1237 if (!m->current_dns_server)
4e945a6f
LP
1238 manager_set_dns_server(m, m->dns_servers);
1239
1240 if (!m->current_dns_server) {
1241 bool found = false;
1242 Iterator i;
1243
1244 /* No DNS servers configured, let's see if there are
1245 * any on any links. If not, we use the fallback
1246 * servers */
1247
1248 HASHMAP_FOREACH(l, m->links, i)
1249 if (l->dns_servers) {
1250 found = true;
1251 break;
1252 }
1253
1254 if (!found)
1255 manager_set_dns_server(m, m->fallback_dns_servers);
1256 }
74b2466e
LP
1257
1258 return m->current_dns_server;
1259}
1260
1261void manager_next_dns_server(Manager *m) {
1262 assert(m);
1263
4e945a6f
LP
1264 /* If there's currently no DNS server set, then the next
1265 * manager_get_dns_server() will find one */
74b2466e
LP
1266 if (!m->current_dns_server)
1267 return;
1268
4e945a6f 1269 /* Change to the next one */
74b2466e 1270 if (m->current_dns_server->servers_next) {
4e945a6f 1271 manager_set_dns_server(m, m->current_dns_server->servers_next);
74b2466e
LP
1272 return;
1273 }
1274
4e945a6f
LP
1275 /* If there was no next one, then start from the beginning of
1276 * the list */
1277 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1278 manager_set_dns_server(m, m->fallback_dns_servers);
1279 else
1280 manager_set_dns_server(m, m->dns_servers);
091a364c 1281}
e1c95994
LP
1282
1283uint32_t manager_find_mtu(Manager *m) {
1284 uint32_t mtu = 0;
1285 Link *l;
1286 Iterator i;
1287
1288 /* If we don't know on which link a DNS packet would be
1289 * delivered, let's find the largest MTU that works on all
1290 * interfaces we know of */
1291
1292 HASHMAP_FOREACH(l, m->links, i) {
1293 if (l->mtu <= 0)
1294 continue;
1295
1296 if (mtu <= 0 || l->mtu < mtu)
1297 mtu = l->mtu;
1298 }
1299
1300 return mtu;
1301}
1716f6dc
LP
1302
1303static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1304 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 1305 DnsTransaction *t = NULL;
1716f6dc 1306 Manager *m = userdata;
a4076574 1307 DnsScope *scope;
1716f6dc
LP
1308 int r;
1309
1310 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1311 if (r <= 0)
1312 return r;
1313
a4076574
LP
1314 scope = manager_find_scope(m, p);
1315 if (!scope) {
1316 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1317 return 0;
1318 }
1319
623a4c97 1320 if (dns_packet_validate_reply(p) > 0) {
a2a416f7
LP
1321 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1322
a4076574 1323 dns_scope_check_conflicts(scope, p);
623a4c97 1324
a4076574
LP
1325 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1326 if (t)
1327 dns_transaction_process_reply(t, p);
623a4c97 1328
a4076574
LP
1329 } else if (dns_packet_validate_query(p) > 0) {
1330 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
623a4c97 1331
a4076574 1332 dns_scope_process_query(scope, NULL, p);
623a4c97 1333 } else
a4076574 1334 log_debug("Invalid LLMNR UDP packet.");
1716f6dc
LP
1335
1336 return 0;
1337}
1338
1339int manager_llmnr_ipv4_udp_fd(Manager *m) {
1340 union sockaddr_union sa = {
1341 .in.sin_family = AF_INET,
1342 .in.sin_port = htobe16(5355),
1343 };
bf3f1271 1344 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1716f6dc
LP
1345 int r;
1346
1347 assert(m);
1348
1349 if (m->llmnr_ipv4_udp_fd >= 0)
1350 return m->llmnr_ipv4_udp_fd;
1351
1352 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1353 if (m->llmnr_ipv4_udp_fd < 0)
1354 return -errno;
1355
bf3f1271
LP
1356 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1357 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1716f6dc
LP
1358 if (r < 0) {
1359 r = -errno;
1360 goto fail;
1361 }
1362
bf3f1271 1363 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1716f6dc
LP
1364 if (r < 0) {
1365 r = -errno;
1366 goto fail;
1367 }
1368
1369 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1370 if (r < 0) {
1371 r = -errno;
1372 goto fail;
1373 }
1374
1375 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1376 if (r < 0) {
1377 r = -errno;
1378 goto fail;
1379 }
1380
1381 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1382 if (r < 0) {
1383 r = -errno;
1384 goto fail;
1385 }
1386
1387 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1388 if (r < 0) {
1389 r = -errno;
1390 goto fail;
1391 }
1392
1393 /* Disable Don't-Fragment bit in the IP header */
1394 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1395 if (r < 0) {
1396 r = -errno;
1397 goto fail;
1398 }
1399
1400 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1401 if (r < 0) {
1402 r = -errno;
1403 goto fail;
1404 }
1405
1406 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1407 if (r < 0)
1408 goto fail;
1409
1410 return m->llmnr_ipv4_udp_fd;
1411
1412fail:
1413 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1414 return r;
1415}
1416
1417int manager_llmnr_ipv6_udp_fd(Manager *m) {
1418 union sockaddr_union sa = {
1419 .in6.sin6_family = AF_INET6,
1420 .in6.sin6_port = htobe16(5355),
1421 };
bf3f1271 1422 static const int one = 1, ttl = 255;
1716f6dc
LP
1423 int r;
1424
1425 assert(m);
1426
1427 if (m->llmnr_ipv6_udp_fd >= 0)
1428 return m->llmnr_ipv6_udp_fd;
1429
1430 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1431 if (m->llmnr_ipv6_udp_fd < 0)
1432 return -errno;
1433
bf3f1271 1434 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP
1435 if (r < 0) {
1436 r = -errno;
1437 goto fail;
1438 }
1439
bf3f1271
LP
1440 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1441 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP
1442 if (r < 0) {
1443 r = -errno;
1444 goto fail;
1445 }
1446
1447 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1448 if (r < 0) {
1449 r = -errno;
1450 goto fail;
1451 }
1452
1453 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1454 if (r < 0) {
1455 r = -errno;
1456 goto fail;
1457 }
1458
1459 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1460 if (r < 0) {
1461 r = -errno;
1462 goto fail;
1463 }
1464
1465 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1466 if (r < 0) {
1467 r = -errno;
1468 goto fail;
1469 }
1470
1471 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1472 if (r < 0) {
1473 r = -errno;
1474 goto fail;
1475 }
1476
1477 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1478 if (r < 0) {
1479 r = -errno;
1480 goto fail;
1481 }
1482
1483 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1484 if (r < 0) {
1485 r = -errno;
1486 goto fail;
1487 }
1488
1489 return m->llmnr_ipv6_udp_fd;
1490
1491fail:
1492 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1493 return r;
1494}
623a4c97
LP
1495
1496static int on_llmnr_stream_packet(DnsStream *s) {
a4076574 1497 DnsScope *scope;
623a4c97 1498
a4076574 1499 assert(s);
623a4c97 1500
a4076574
LP
1501 scope = manager_find_scope(s->manager, s->read_packet);
1502 if (!scope) {
1503 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1504 return 0;
1505 }
623a4c97 1506
a4076574
LP
1507 if (dns_packet_validate_query(s->read_packet) > 0) {
1508 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
623a4c97 1509
a4076574 1510 dns_scope_process_query(scope, s, s->read_packet);
623a4c97 1511
a4076574
LP
1512 /* If no reply packet was set, we free the stream */
1513 if (s->write_packet)
1514 return 0;
1515 } else
1516 log_debug("Invalid LLMNR TCP packet.");
623a4c97
LP
1517
1518 dns_stream_free(s);
1519 return 0;
1520}
1521
1522static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1523 DnsStream *stream;
1524 Manager *m = userdata;
1525 int cfd, r;
1526
1527 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1528 if (cfd < 0) {
1529 if (errno == EAGAIN || errno == EINTR)
1530 return 0;
1531
1532 return -errno;
1533 }
1534
1535 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1536 if (r < 0) {
1537 safe_close(cfd);
1538 return r;
1539 }
1540
1541 stream->on_packet = on_llmnr_stream_packet;
1542 return 0;
1543}
1544
1545int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1546 union sockaddr_union sa = {
1547 .in.sin_family = AF_INET,
1548 .in.sin_port = htobe16(5355),
1549 };
1550 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1551 int r;
1552
1553 assert(m);
1554
1555 if (m->llmnr_ipv4_tcp_fd >= 0)
1556 return m->llmnr_ipv4_tcp_fd;
1557
1558 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1559 if (m->llmnr_ipv4_tcp_fd < 0)
1560 return -errno;
1561
bf3f1271 1562 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP
1563 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1564 if (r < 0) {
1565 r = -errno;
1566 goto fail;
1567 }
1568
1569 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1570 if (r < 0) {
1571 r = -errno;
1572 goto fail;
1573 }
1574
1575 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1576 if (r < 0) {
1577 r = -errno;
1578 goto fail;
1579 }
1580
1581 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1582 if (r < 0) {
1583 r = -errno;
1584 goto fail;
1585 }
1586
1587 /* Disable Don't-Fragment bit in the IP header */
1588 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1589 if (r < 0) {
1590 r = -errno;
1591 goto fail;
1592 }
1593
1594 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1595 if (r < 0) {
1596 r = -errno;
1597 goto fail;
1598 }
1599
1600 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1601 if (r < 0) {
1602 r = -errno;
1603 goto fail;
1604 }
1605
1606 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1607 if (r < 0)
1608 goto fail;
1609
1610 return m->llmnr_ipv4_tcp_fd;
1611
1612fail:
1613 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1614 return r;
1615}
1616
1617int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1618 union sockaddr_union sa = {
1619 .in6.sin6_family = AF_INET6,
1620 .in6.sin6_port = htobe16(5355),
1621 };
1622 static const int one = 1;
1623 int r;
1624
1625 assert(m);
1626
1627 if (m->llmnr_ipv6_tcp_fd >= 0)
1628 return m->llmnr_ipv6_tcp_fd;
1629
1630 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1631 if (m->llmnr_ipv6_tcp_fd < 0)
1632 return -errno;
1633
bf3f1271 1634 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP
1635 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1636 if (r < 0) {
1637 r = -errno;
1638 goto fail;
1639 }
1640
1641 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1642 if (r < 0) {
1643 r = -errno;
1644 goto fail;
1645 }
1646
1647 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1648 if (r < 0) {
1649 r = -errno;
1650 goto fail;
1651 }
1652
1653 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1654 if (r < 0) {
1655 r = -errno;
1656 goto fail;
1657 }
1658
1659 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1660 if (r < 0) {
1661 r = -errno;
1662 goto fail;
1663 }
1664
1665 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1666 if (r < 0) {
1667 r = -errno;
1668 goto fail;
1669 }
1670
1671 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1672 if (r < 0) {
1673 r = -errno;
1674 goto fail;
1675 }
1676
1677 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1678 if (r < 0) {
1679 r = -errno;
1680 goto fail;
1681 }
1682
1683 return m->llmnr_ipv6_tcp_fd;
1684
1685fail:
1686 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1687 return r;
1688}
1689
1690int manager_ifindex_is_loopback(Manager *m, int ifindex) {
1691 Link *l;
1692 assert(m);
1693
1694 if (ifindex <= 0)
1695 return -EINVAL;
1696
1697 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
1698 if (l->flags & IFF_LOOPBACK)
1699 return 1;
1700
1701 return 0;
1702}
1703
1704int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP
1705 LinkAddress *a;
1706
1707 assert(m);
1708
4e945a6f 1709 a = manager_find_link_address(m, family, in_addr);
ec2c5e43
LP
1710 if (a)
1711 return a->link->ifindex;
1712
1713 return 0;
1714}
1715
eb60f9cd
LP
1716void manager_refresh_rrs(Manager *m) {
1717 Iterator i;
1718 Link *l;
1719
1720 assert(m);
1721
1722 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1723 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1724
1725 HASHMAP_FOREACH(l, m->links, i) {
1726 link_add_rrs(l, true);
1727 link_add_rrs(l, false);
1728 }
1729}
1730
ec2c5e43
LP
1731int manager_next_hostname(Manager *m) {
1732 const char *p;
556a2294 1733 uint64_t u, a;
ec2c5e43 1734 char *h;
623a4c97
LP
1735
1736 assert(m);
1737
ec2c5e43
LP
1738 p = strchr(m->hostname, 0);
1739 assert(p);
1740
1741 while (p > m->hostname) {
1742 if (!strchr("0123456789", p[-1]))
1743 break;
1744
1745 p--;
1746 }
1747
1748 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1749 u = 1;
1750
556a2294
LP
1751 /* Add a random number to the old value. This way we can avoid
1752 * that two hosts pick the same hostname, win on IPv4 and lose
1753 * on IPv6 (or vice versa), and pick the same hostname
1754 * replacement hostname, ad infinitum. We still want the
1755 * numbers to go up monotonically, hence we just add a random
1756 * value 1..10 */
1757
1758 random_bytes(&a, sizeof(a));
1759 u += 1 + a % 10;
ec2c5e43
LP
1760
1761 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1762 return -ENOMEM;
1763
eb60f9cd 1764 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
ec2c5e43
LP
1765
1766 free(m->hostname);
1767 m->hostname = h;
1768
eb60f9cd 1769 manager_refresh_rrs(m);
623a4c97
LP
1770
1771 return 0;
1772}
ec2c5e43 1773
4e945a6f 1774LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP
1775 Iterator i;
1776 Link *l;
1777
1778 assert(m);
1779
1780 HASHMAP_FOREACH(l, m->links, i) {
1781 LinkAddress *a;
1782
1783 a = link_find_address(l, family, in_addr);
1784 if (a)
1785 return a;
1786 }
1787
1788 return NULL;
1789}
1790
a4076574 1791bool manager_our_packet(Manager *m, DnsPacket *p) {
ec2c5e43
LP
1792 assert(m);
1793 assert(p);
1794
4e945a6f 1795 return !!manager_find_link_address(m, p->family, &p->sender);
ec2c5e43 1796}
4e945a6f 1797
a4076574
LP
1798DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1799 Link *l;
1800
1801 assert(m);
1802 assert(p);
1803
1804 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1805 if (!l)
1806 return NULL;
1807
1808 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1809 if (p->family == AF_INET)
1810 return l->llmnr_ipv4_scope;
1811 else if (p->family == AF_INET6)
1812 return l->llmnr_ipv6_scope;
1813 }
1814
1815 return NULL;
1816}
1817
902bb5d8
LP
1818void manager_verify_all(Manager *m) {
1819 DnsScope *s;
1820
1821 assert(m);
1822
1823 LIST_FOREACH(scopes, s, m->dns_scopes)
1824 dns_zone_verify_all(&s->zone);
1825}
1826
3e684349
LP
1827void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1828 assert(m);
1829
1830 if (t == DNS_SERVER_SYSTEM)
1831 while (m->dns_servers)
1832 dns_server_free(m->dns_servers);
1833
1834 if (t == DNS_SERVER_FALLBACK)
1835 while (m->fallback_dns_servers)
1836 dns_server_free(m->fallback_dns_servers);
1837}
1838
4e945a6f
LP
1839static const char* const support_table[_SUPPORT_MAX] = {
1840 [SUPPORT_NO] = "no",
1841 [SUPPORT_YES] = "yes",
1842 [SUPPORT_RESOLVE] = "resolve",
1843};
1844DEFINE_STRING_TABLE_LOOKUP(support, Support);