treewide: auto-convert the simple cases to log_*_errno()
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
CommitLineData
091a364c
TG
1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22#include <arpa/inet.h>
23#include <resolv.h>
1716f6dc 24#include <net/if.h>
74b2466e
LP
25#include <sys/ioctl.h>
26#include <sys/poll.h>
27#include <netinet/in.h>
091a364c 28
74b2466e 29#include "rtnl-util.h"
091a364c
TG
30#include "event-util.h"
31#include "network-util.h"
091a364c
TG
32#include "network-internal.h"
33#include "conf-parser.h"
74b2466e 34#include "socket-util.h"
a2a416f7 35#include "af-list.h"
eb60f9cd 36#include "utf8.h"
a5a807e6 37#include "fileio-label.h"
4e945a6f 38
eb60f9cd 39#include "resolved-dns-domain.h"
39d8db04
LP
40#include "resolved-conf.h"
41#include "resolved-bus.h"
42#include "resolved-manager.h"
74b2466e
LP
43
44#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
45
46static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
47 Manager *m = userdata;
48 uint16_t type;
49 Link *l;
50 int ifindex, r;
51
52 assert(rtnl);
53 assert(m);
54 assert(mm);
55
56 r = sd_rtnl_message_get_type(mm, &type);
57 if (r < 0)
58 goto fail;
59
60 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
61 if (r < 0)
62 goto fail;
63
64 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
65
66 switch (type) {
67
a2a416f7
LP
68 case RTM_NEWLINK:{
69 bool is_new = !l;
74b2466e 70
a2a416f7 71 if (!l) {
74b2466e
LP
72 r = link_new(m, &l, ifindex);
73 if (r < 0)
74 goto fail;
75 }
76
77 r = link_update_rtnl(l, mm);
78 if (r < 0)
79 goto fail;
80
21d73c87
LP
81 r = link_update_monitor(l);
82 if (r < 0)
83 goto fail;
84
a2a416f7
LP
85 if (is_new)
86 log_debug("Found new link %i/%s", ifindex, l->name);
87
74b2466e 88 break;
a2a416f7 89 }
74b2466e
LP
90
91 case RTM_DELLINK:
92 if (l) {
a2a416f7 93 log_debug("Removing link %i/%s", l->ifindex, l->name);
74b2466e
LP
94 link_free(l);
95 }
96
97 break;
98 }
99
100 return 0;
101
102fail:
0a1beeb6 103 log_warning_errno(-r, "Failed to process RTNL link message: %m");
74b2466e
LP
104 return 0;
105}
106
107static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
108 Manager *m = userdata;
109 union in_addr_union address;
74b2466e 110 uint16_t type;
0dd25fb9 111 int r, ifindex, family;
74b2466e
LP
112 LinkAddress *a;
113 Link *l;
114
115 assert(rtnl);
116 assert(mm);
117 assert(m);
118
119 r = sd_rtnl_message_get_type(mm, &type);
120 if (r < 0)
121 goto fail;
122
123 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
124 if (r < 0)
125 goto fail;
126
127 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
128 if (!l)
129 return 0;
130
131 r = sd_rtnl_message_addr_get_family(mm, &family);
132 if (r < 0)
133 goto fail;
134
135 switch (family) {
136
137 case AF_INET:
138 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
139 if (r < 0) {
140 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
141 if (r < 0)
142 goto fail;
143 }
144
145 break;
146
147 case AF_INET6:
148 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
149 if (r < 0) {
150 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
151 if (r < 0)
152 goto fail;
153 }
154
155 break;
156
157 default:
158 return 0;
159 }
160
161 a = link_find_address(l, family, &address);
162
163 switch (type) {
164
165 case RTM_NEWADDR:
166
167 if (!a) {
168 r = link_address_new(l, &a, family, &address);
169 if (r < 0)
170 return r;
171 }
172
173 r = link_address_update_rtnl(a, mm);
174 if (r < 0)
175 return r;
176
177 break;
178
179 case RTM_DELADDR:
180 if (a)
181 link_address_free(a);
182 break;
183 }
184
185 return 0;
186
187fail:
0a1beeb6 188 log_warning_errno(-r, "Failed to process RTNL address message: %m");
74b2466e
LP
189 return 0;
190}
191
74b2466e
LP
192static int manager_rtnl_listen(Manager *m) {
193 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
194 sd_rtnl_message *i;
195 int r;
196
197 assert(m);
198
199 /* First, subscibe to interfaces coming and going */
200 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
201 if (r < 0)
202 return r;
203
204 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
205 if (r < 0)
206 return r;
207
208 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
209 if (r < 0)
210 return r;
211
212 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
213 if (r < 0)
214 return r;
215
216 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
217 if (r < 0)
218 return r;
091a364c 219
74b2466e
LP
220 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
221 if (r < 0)
222 return r;
223
224 /* Then, enumerate all links */
225 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
226 if (r < 0)
227 return r;
228
229 r = sd_rtnl_message_request_dump(req, true);
230 if (r < 0)
231 return r;
232
233 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
234 if (r < 0)
235 return r;
236
237 for (i = reply; i; i = sd_rtnl_message_next(i)) {
238 r = manager_process_link(m->rtnl, i, m);
239 if (r < 0)
240 return r;
241 }
242
243 req = sd_rtnl_message_unref(req);
244 reply = sd_rtnl_message_unref(reply);
245
246 /* Finally, enumerate all addresses, too */
247 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
248 if (r < 0)
249 return r;
250
251 r = sd_rtnl_message_request_dump(req, true);
252 if (r < 0)
253 return r;
254
255 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
256 if (r < 0)
257 return r;
258
259 for (i = reply; i; i = sd_rtnl_message_next(i)) {
260 r = manager_process_address(m->rtnl, i, m);
261 if (r < 0)
262 return r;
263 }
264
265 return r;
266}
267
268static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
269 Manager *m = userdata;
270 Iterator i;
271 Link *l;
272 int r;
273
274 assert(m);
275
276 sd_network_monitor_flush(m->network_monitor);
277
278 HASHMAP_FOREACH(l, m->links, i) {
279 r = link_update_monitor(l);
280 if (r < 0)
0a1beeb6 281 log_warning_errno(-r, "Failed to update monitor information for %i: %m", l->ifindex);
74b2466e
LP
282 }
283
284 r = manager_write_resolv_conf(m);
285 if (r < 0)
0a1beeb6 286 log_warning_errno(-r, "Could not update resolv.conf: %m");
74b2466e
LP
287
288 return 0;
289}
290
291static int manager_network_monitor_listen(Manager *m) {
292 int r, fd, events;
293
294 assert(m);
295
0014a4ad 296 r = sd_network_monitor_new(&m->network_monitor, NULL);
74b2466e
LP
297 if (r < 0)
298 return r;
299
300 fd = sd_network_monitor_get_fd(m->network_monitor);
301 if (fd < 0)
302 return fd;
303
304 events = sd_network_monitor_get_events(m->network_monitor);
305 if (events < 0)
306 return events;
307
308 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
309 if (r < 0)
310 return r;
311
312 return 0;
313}
314
eb60f9cd
LP
315static int determine_hostname(char **ret) {
316 _cleanup_free_ char *h = NULL, *n = NULL;
317 int r;
318
319 assert(ret);
320
321 h = gethostname_malloc();
322 if (!h)
323 return log_oom();
324
325 if (!utf8_is_valid(h)) {
326 log_error("System hostname is not UTF-8 clean.");
327 return -EINVAL;
328 }
329
330 r = dns_name_normalize(h, &n);
331 if (r < 0) {
332 log_error("System hostname '%s' cannot be normalized.", h);
333 return r;
334 }
335
336 *ret = n;
337 n = NULL;
338
339 return 0;
340}
341
342static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
343 _cleanup_free_ char *h = NULL;
344 Manager *m = userdata;
345 int r;
346
347 assert(m);
348
349 r = determine_hostname(&h);
350 if (r < 0)
351 return 0; /* ignore invalid hostnames */
352
353 if (streq(h, m->hostname))
354 return 0;
355
356 log_info("System hostname changed to '%s'.", h);
357 free(m->hostname);
358 m->hostname = h;
359 h = NULL;
360
361 manager_refresh_rrs(m);
362
363 return 0;
364}
365
366static int manager_watch_hostname(Manager *m) {
eb60f9cd
LP
367 int r;
368
369 assert(m);
370
371 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
372 if (m->hostname_fd < 0) {
373 log_warning("Failed to watch hostname: %m");
374 return 0;
375 }
376
377 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
378 if (r < 0) {
379 if (r == -EPERM)
380 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
381 m->hostname_fd = safe_close(m->hostname_fd);
382 else {
0a1beeb6 383 log_error_errno(-r, "Failed to add hostname event source: %m");
eb60f9cd
LP
384 return r;
385 }
386 }
387
388 r = determine_hostname(&m->hostname);
389 if (r < 0) {
390 log_info("Defaulting to hostname 'linux'.");
391 m->hostname = strdup("linux");
392 if (!m->hostname)
393 return log_oom();
394 } else
395 log_info("Using system hostname '%s'.", m->hostname);
396
397 return 0;
398}
399
edc501d4
LP
400static void manager_llmnr_stop(Manager *m) {
401 assert(m);
402
403 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
404 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
405
406 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
407 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
408
409 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
410 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
411
412 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
413 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
414}
415
416static int manager_llmnr_start(Manager *m) {
417 int r;
418
419 assert(m);
420
421 if (m->llmnr_support == SUPPORT_NO)
422 return 0;
423
424 r = manager_llmnr_ipv4_udp_fd(m);
425 if (r == -EADDRINUSE)
426 goto eaddrinuse;
427 if (r < 0)
428 return r;
429
edc501d4
LP
430 r = manager_llmnr_ipv4_tcp_fd(m);
431 if (r == -EADDRINUSE)
432 goto eaddrinuse;
433 if (r < 0)
434 return r;
435
90ab5042
LP
436 if (socket_ipv6_is_supported()) {
437 r = manager_llmnr_ipv6_udp_fd(m);
438 if (r == -EADDRINUSE)
439 goto eaddrinuse;
440 if (r < 0)
441 return r;
442
443 r = manager_llmnr_ipv6_tcp_fd(m);
444 if (r == -EADDRINUSE)
445 goto eaddrinuse;
446 if (r < 0)
447 return r;
448 }
edc501d4
LP
449
450 return 0;
451
452eaddrinuse:
c4147df1 453 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
edc501d4
LP
454 m->llmnr_support = SUPPORT_NO;
455 manager_llmnr_stop(m);
90ab5042 456
edc501d4
LP
457 return 0;
458}
459
091a364c 460int manager_new(Manager **ret) {
74b2466e 461 _cleanup_(manager_freep) Manager *m = NULL;
091a364c
TG
462 int r;
463
c92e531c
LP
464 assert(ret);
465
091a364c
TG
466 m = new0(Manager, 1);
467 if (!m)
468 return -ENOMEM;
469
74b2466e 470 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
1716f6dc 471 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
623a4c97 472 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
eb60f9cd 473 m->hostname_fd = -1;
1716f6dc 474
4e945a6f 475 m->llmnr_support = SUPPORT_YES;
5cb36f41 476 m->read_resolv_conf = true;
091a364c 477
4e945a6f 478 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
091a364c
TG
479 if (r < 0)
480 return r;
481
482 r = sd_event_default(&m->event);
483 if (r < 0)
484 return r;
485
486 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
487 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
488
489 sd_event_set_watchdog(m->event, true);
490
eb60f9cd
LP
491 r = manager_watch_hostname(m);
492 if (r < 0)
493 return r;
494
1716f6dc 495 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
74b2466e
LP
496 if (r < 0)
497 return r;
498
499 r = manager_network_monitor_listen(m);
500 if (r < 0)
501 return r;
502
503 r = manager_rtnl_listen(m);
504 if (r < 0)
505 return r;
506
507 r = manager_connect_bus(m);
508 if (r < 0)
509 return r;
510
091a364c
TG
511 *ret = m;
512 m = NULL;
513
514 return 0;
515}
516
edc501d4
LP
517int manager_start(Manager *m) {
518 int r;
519
520 assert(m);
521
522 r = manager_llmnr_start(m);
523 if (r < 0)
524 return r;
525
526 return 0;
527}
528
74b2466e
LP
529Manager *manager_free(Manager *m) {
530 Link *l;
091a364c
TG
531
532 if (!m)
74b2466e
LP
533 return NULL;
534
74b2466e
LP
535 while ((l = hashmap_first(m->links)))
536 link_free(l);
f0e15467
LP
537
538 while (m->dns_queries)
539 dns_query_free(m->dns_queries);
74b2466e
LP
540
541 dns_scope_free(m->unicast_scope);
542
3e684349
LP
543 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
544 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
091a364c 545
f0e15467
LP
546 hashmap_free(m->links);
547 hashmap_free(m->dns_transactions);
548
096b6773
LP
549 sd_event_source_unref(m->network_event_source);
550 sd_network_monitor_unref(m->network_monitor);
091a364c 551
74b2466e
LP
552 sd_event_source_unref(m->dns_ipv4_event_source);
553 sd_event_source_unref(m->dns_ipv6_event_source);
74b2466e
LP
554 safe_close(m->dns_ipv4_fd);
555 safe_close(m->dns_ipv6_fd);
556
edc501d4 557 manager_llmnr_stop(m);
623a4c97 558
902bb5d8 559 sd_bus_slot_unref(m->prepare_for_sleep_slot);
74b2466e
LP
560 sd_event_source_unref(m->bus_retry_event_source);
561 sd_bus_unref(m->bus);
091a364c 562
74b2466e 563 sd_event_unref(m->event);
623a4c97
LP
564
565 dns_resource_key_unref(m->host_ipv4_key);
566 dns_resource_key_unref(m->host_ipv6_key);
eb60f9cd
LP
567
568 safe_close(m->hostname_fd);
569 sd_event_source_unref(m->hostname_event_source);
623a4c97 570 free(m->hostname);
eb60f9cd 571
091a364c 572 free(m);
74b2466e
LP
573
574 return NULL;
091a364c
TG
575}
576
5cb36f41
LP
577int manager_read_resolv_conf(Manager *m) {
578 _cleanup_fclose_ FILE *f = NULL;
579 struct stat st, own;
580 char line[LINE_MAX];
581 DnsServer *s, *nx;
582 usec_t t;
583 int r;
584
585 assert(m);
586
587 /* Reads the system /etc/resolv.conf, if it exists and is not
588 * symlinked to our own resolv.conf instance */
589
590 if (!m->read_resolv_conf)
591 return 0;
592
593 r = stat("/etc/resolv.conf", &st);
594 if (r < 0) {
595 if (errno != ENOENT)
596 log_warning("Failed to open /etc/resolv.conf: %m");
597 r = -errno;
598 goto clear;
599 }
600
601 /* Have we already seen the file? */
602 t = timespec_load(&st.st_mtim);
603 if (t == m->resolv_conf_mtime)
604 return 0;
605
606 m->resolv_conf_mtime = t;
607
608 /* Is it symlinked to our own file? */
609 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
610 st.st_dev == own.st_dev &&
611 st.st_ino == own.st_ino) {
612 r = 0;
613 goto clear;
614 }
615
616 f = fopen("/etc/resolv.conf", "re");
617 if (!f) {
618 if (errno != ENOENT)
619 log_warning("Failed to open /etc/resolv.conf: %m");
620 r = -errno;
621 goto clear;
622 }
623
624 if (fstat(fileno(f), &st) < 0) {
625 log_error("Failed to stat open file: %m");
626 r = -errno;
627 goto clear;
628 }
629
630 LIST_FOREACH(servers, s, m->dns_servers)
631 s->marked = true;
632
633 FOREACH_LINE(line, f, r = -errno; goto clear) {
634 union in_addr_union address;
635 int family;
636 char *l;
637 const char *a;
638
639 truncate_nl(line);
640
641 l = strstrip(line);
642 if (*l == '#' || *l == ';')
643 continue;
644
645 a = first_word(l, "nameserver");
646 if (!a)
647 continue;
648
649 r = in_addr_from_string_auto(a, &family, &address);
650 if (r < 0) {
651 log_warning("Failed to parse name server %s.", a);
652 continue;
653 }
654
655 LIST_FOREACH(servers, s, m->dns_servers)
656 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
657 break;
658
659 if (s)
660 s->marked = false;
661 else {
662 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
663 if (r < 0)
664 goto clear;
665 }
666 }
667
668 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
669 if (s->marked)
670 dns_server_free(s);
671
672 return 0;
673
674clear:
675 while (m->dns_servers)
676 dns_server_free(m->dns_servers);
677
678 return r;
679}
680
bda2c408 681static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
74b2466e
LP
682 _cleanup_free_ char *t = NULL;
683 int r;
091a364c 684
74b2466e 685 assert(s);
091a364c 686 assert(f);
091a364c
TG
687 assert(count);
688
74b2466e 689 r = in_addr_to_string(s->family, &s->address, &t);
4e945a6f 690 if (r < 0) {
0a1beeb6 691 log_warning_errno(-r, "Invalid DNS address. Ignoring: %m");
091a364c
TG
692 return;
693 }
694
695 if (*count == MAXNS)
87f5a193 696 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
091a364c 697
74b2466e 698 fprintf(f, "nameserver %s\n", t);
091a364c
TG
699 (*count) ++;
700}
701
bda2c408 702static void write_resolv_conf_search(const char *domain, FILE *f,
a9feff3d 703 unsigned *count, unsigned *length) {
bda2c408
TG
704 assert(domain);
705 assert(f);
706 assert(length);
707
708 if (*count >= MAXDNSRCH ||
709 *length + strlen(domain) > 256) {
710 if (*count == MAXDNSRCH)
711 fputs(" # Too many search domains configured, remaining ones ignored.", f);
712 if (*length <= 256)
713 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
714
715 return;
716 }
717
718 fprintf(f, " %s", domain);
719
720 (*length) += strlen(domain);
721 (*count) ++;
722}
723
4713135e
ZJS
724static int write_resolv_conf_contents(FILE *f, Set *dns, Set *domains) {
725 Iterator i;
726
727 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
728 "# Third party programs must not access this file directly, but\n"
729 "# only through the symlink at /etc/resolv.conf. To manage\n"
730 "# resolv.conf(5) in a different way, replace the symlink by a\n"
731 "# static file or a different symlink.\n\n", f);
732
733 if (set_isempty(dns))
734 fputs("# No DNS servers known.\n", f);
735 else {
736 DnsServer *s;
737 unsigned count = 0;
738
739 SET_FOREACH(s, dns, i)
740 write_resolv_conf_server(s, f, &count);
741 }
742
743 if (!set_isempty(domains)) {
744 unsigned length = 0, count = 0;
745 char *domain;
746
747 fputs("search", f);
748 SET_FOREACH(domain, domains, i)
749 write_resolv_conf_search(domain, f, &count, &length);
750 fputs("\n", f);
751 }
752
753 return fflush_and_check(f);
754}
755
756
74b2466e 757int manager_write_resolv_conf(Manager *m) {
4e945a6f 758 static const char path[] = "/run/systemd/resolve/resolv.conf";
091a364c
TG
759 _cleanup_free_ char *temp_path = NULL;
760 _cleanup_fclose_ FILE *f = NULL;
bda2c408 761 _cleanup_set_free_ Set *dns = NULL, *domains = NULL;
74b2466e
LP
762 DnsServer *s;
763 Iterator i;
764 Link *l;
765 int r;
091a364c
TG
766
767 assert(m);
768
5cb36f41
LP
769 /* Read the system /etc/resolv.conf first */
770 manager_read_resolv_conf(m);
771
87f5a193 772 /* Add the full list to a set, to filter out duplicates */
d5099efc 773 dns = set_new(&dns_server_hash_ops);
87f5a193
LP
774 if (!dns)
775 return -ENOMEM;
776
d5099efc 777 domains = set_new(&dns_name_hash_ops);
bda2c408
TG
778 if (!domains)
779 return -ENOMEM;
780
87f5a193
LP
781 /* First add the system-wide servers */
782 LIST_FOREACH(servers, s, m->dns_servers) {
783 r = set_put(dns, s);
784 if (r == -EEXIST)
785 continue;
786 if (r < 0)
787 return r;
788 }
789
bda2c408
TG
790 /* Then, add the per-link servers and domains */
791 HASHMAP_FOREACH(l, m->links, i) {
792 char **domain;
793
87f5a193
LP
794 LIST_FOREACH(servers, s, l->dns_servers) {
795 r = set_put(dns, s);
796 if (r == -EEXIST)
797 continue;
798 if (r < 0)
799 return r;
800 }
801
bda2c408
TG
802 if (!l->unicast_scope)
803 continue;
804
805 STRV_FOREACH(domain, l->unicast_scope->domains) {
806 r = set_put(domains, *domain);
807 if (r == -EEXIST)
808 continue;
809 if (r < 0)
810 return r;
811 }
812 }
813
87f5a193
LP
814 /* If we found nothing, add the fallback servers */
815 if (set_isempty(dns)) {
816 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
817 r = set_put(dns, s);
818 if (r == -EEXIST)
819 continue;
820 if (r < 0)
821 return r;
822 }
823 }
824
a5a807e6 825 r = fopen_temporary_label(path, path, &f, &temp_path);
091a364c
TG
826 if (r < 0)
827 return r;
828
829 fchmod(fileno(f), 0644);
830
4713135e 831 r = write_resolv_conf_contents(f, dns, domains);
74b2466e
LP
832 if (r < 0)
833 goto fail;
834
835 if (rename(temp_path, path) < 0) {
836 r = -errno;
837 goto fail;
838 }
091a364c 839
74b2466e 840 return 0;
091a364c 841
74b2466e
LP
842fail:
843 unlink(path);
844 unlink(temp_path);
845 return r;
846}
091a364c 847
1716f6dc 848int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
74b2466e 849 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1716f6dc
LP
850 union {
851 struct cmsghdr header; /* For alignment */
40a1eebd 852 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
1716f6dc 853 + CMSG_SPACE(int) /* ttl/hoplimit */
623a4c97 854 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
1716f6dc
LP
855 } control;
856 union sockaddr_union sa;
74b2466e 857 struct msghdr mh = {};
1716f6dc 858 struct cmsghdr *cmsg;
74b2466e 859 struct iovec iov;
1716f6dc 860 int ms = 0, r;
74b2466e
LP
861 ssize_t l;
862
863 assert(m);
1716f6dc 864 assert(fd >= 0);
74b2466e
LP
865 assert(ret);
866
74b2466e
LP
867 r = ioctl(fd, FIONREAD, &ms);
868 if (r < 0)
869 return -errno;
870 if (ms < 0)
871 return -EIO;
872
1716f6dc 873 r = dns_packet_new(&p, protocol, ms);
74b2466e
LP
874 if (r < 0)
875 return r;
876
877 iov.iov_base = DNS_PACKET_DATA(p);
878 iov.iov_len = p->allocated;
879
1716f6dc
LP
880 mh.msg_name = &sa.sa;
881 mh.msg_namelen = sizeof(sa);
74b2466e
LP
882 mh.msg_iov = &iov;
883 mh.msg_iovlen = 1;
1716f6dc
LP
884 mh.msg_control = &control;
885 mh.msg_controllen = sizeof(control);
74b2466e
LP
886
887 l = recvmsg(fd, &mh, 0);
888 if (l < 0) {
ad867662 889 if (errno == EAGAIN || errno == EINTR)
74b2466e
LP
890 return 0;
891
892 return -errno;
091a364c
TG
893 }
894
74b2466e
LP
895 if (l <= 0)
896 return -EIO;
091a364c 897
1716f6dc
LP
898 assert(!(mh.msg_flags & MSG_CTRUNC));
899 assert(!(mh.msg_flags & MSG_TRUNC));
900
74b2466e 901 p->size = (size_t) l;
091a364c 902
1716f6dc 903 p->family = sa.sa.sa_family;
623a4c97
LP
904 p->ipproto = IPPROTO_UDP;
905 if (p->family == AF_INET) {
1716f6dc 906 p->sender.in = sa.in.sin_addr;
623a4c97
LP
907 p->sender_port = be16toh(sa.in.sin_port);
908 } else if (p->family == AF_INET6) {
1716f6dc 909 p->sender.in6 = sa.in6.sin6_addr;
623a4c97
LP
910 p->sender_port = be16toh(sa.in6.sin6_port);
911 p->ifindex = sa.in6.sin6_scope_id;
912 } else
1716f6dc 913 return -EAFNOSUPPORT;
74b2466e 914
1716f6dc 915 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
74b2466e 916
1716f6dc
LP
917 if (cmsg->cmsg_level == IPPROTO_IPV6) {
918 assert(p->family == AF_INET6);
74b2466e 919
1716f6dc 920 switch (cmsg->cmsg_type) {
74b2466e 921
1716f6dc
LP
922 case IPV6_PKTINFO: {
923 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
74b2466e 924
623a4c97
LP
925 if (p->ifindex <= 0)
926 p->ifindex = i->ipi6_ifindex;
927
1716f6dc
LP
928 p->destination.in6 = i->ipi6_addr;
929 break;
930 }
74b2466e 931
1716f6dc
LP
932 case IPV6_HOPLIMIT:
933 p->ttl = *(int *) CMSG_DATA(cmsg);
934 break;
74b2466e 935
1716f6dc
LP
936 }
937 } else if (cmsg->cmsg_level == IPPROTO_IP) {
938 assert(p->family == AF_INET);
74b2466e 939
1716f6dc 940 switch (cmsg->cmsg_type) {
74b2466e 941
1716f6dc
LP
942 case IP_PKTINFO: {
943 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
091a364c 944
623a4c97
LP
945 if (p->ifindex <= 0)
946 p->ifindex = i->ipi_ifindex;
947
1716f6dc
LP
948 p->destination.in = i->ipi_addr;
949 break;
950 }
74b2466e 951
623a4c97 952 case IP_TTL:
1716f6dc
LP
953 p->ttl = *(int *) CMSG_DATA(cmsg);
954 break;
955 }
956 }
957 }
74b2466e 958
623a4c97
LP
959 /* The Linux kernel sets the interface index to the loopback
960 * device if the packet came from the local host since it
961 * avoids the routing table in such a case. Let's unset the
962 * interface index in such a case. */
a5f03596 963 if (p->ifindex == LOOPBACK_IFINDEX)
623a4c97
LP
964 p->ifindex = 0;
965
966 /* If we don't know the interface index still, we look for the
967 * first local interface with a matching address. Yuck! */
968 if (p->ifindex <= 0)
969 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
970
74b2466e
LP
971 *ret = p;
972 p = NULL;
973
974 return 1;
975}
976
1716f6dc 977static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
74b2466e 978 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 979 DnsTransaction *t = NULL;
74b2466e
LP
980 Manager *m = userdata;
981 int r;
982
1716f6dc 983 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
74b2466e
LP
984 if (r <= 0)
985 return r;
986
623a4c97 987 if (dns_packet_validate_reply(p) > 0) {
ec2c5e43 988 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1716f6dc
LP
989 if (!t)
990 return 0;
74b2466e 991
ec2c5e43 992 dns_transaction_process_reply(t, p);
623a4c97 993
1716f6dc 994 } else
623a4c97 995 log_debug("Invalid DNS packet.");
74b2466e 996
ad867662 997 return 0;
74b2466e
LP
998}
999
1000int manager_dns_ipv4_fd(Manager *m) {
1716f6dc 1001 const int one = 1;
74b2466e
LP
1002 int r;
1003
091a364c
TG
1004 assert(m);
1005
74b2466e
LP
1006 if (m->dns_ipv4_fd >= 0)
1007 return m->dns_ipv4_fd;
091a364c 1008
74b2466e
LP
1009 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1010 if (m->dns_ipv4_fd < 0)
1011 return -errno;
091a364c 1012
1716f6dc
LP
1013 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1014 if (r < 0) {
1015 r = -errno;
1016 goto fail;
1017 }
1018
1019 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
74b2466e 1020 if (r < 0)
1716f6dc 1021 goto fail;
74b2466e
LP
1022
1023 return m->dns_ipv4_fd;
1716f6dc
LP
1024
1025fail:
1026 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1027 return r;
091a364c
TG
1028}
1029
74b2466e 1030int manager_dns_ipv6_fd(Manager *m) {
1716f6dc 1031 const int one = 1;
74b2466e
LP
1032 int r;
1033
1034 assert(m);
091a364c 1035
74b2466e
LP
1036 if (m->dns_ipv6_fd >= 0)
1037 return m->dns_ipv6_fd;
1038
1039 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1040 if (m->dns_ipv6_fd < 0)
1041 return -errno;
1042
1716f6dc
LP
1043 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1044 if (r < 0) {
1045 r = -errno;
1046 goto fail;
1047 }
1048
1049 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
091a364c 1050 if (r < 0)
1716f6dc 1051 goto fail;
091a364c 1052
74b2466e 1053 return m->dns_ipv6_fd;
1716f6dc
LP
1054
1055fail:
1056 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1057 return r;
74b2466e
LP
1058}
1059
1060static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1061 int r;
1062
1063 assert(fd >= 0);
1064 assert(mh);
1065
1066 for (;;) {
1067 if (sendmsg(fd, mh, flags) >= 0)
1068 return 0;
1069
1070 if (errno == EINTR)
1071 continue;
1072
1073 if (errno != EAGAIN)
1074 return -errno;
1075
1076 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1077 if (r < 0)
1078 return r;
1079 if (r == 0)
1080 return -ETIMEDOUT;
1081 }
1082}
1083
623a4c97 1084static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP
1085 union sockaddr_union sa = {
1086 .in.sin_family = AF_INET,
74b2466e 1087 };
1716f6dc
LP
1088 union {
1089 struct cmsghdr header; /* For alignment */
1090 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1091 } control;
74b2466e
LP
1092 struct msghdr mh = {};
1093 struct iovec iov;
74b2466e
LP
1094
1095 assert(m);
1716f6dc
LP
1096 assert(fd >= 0);
1097 assert(addr);
1098 assert(port > 0);
74b2466e
LP
1099 assert(p);
1100
74b2466e
LP
1101 iov.iov_base = DNS_PACKET_DATA(p);
1102 iov.iov_len = p->size;
091a364c 1103
1716f6dc
LP
1104 sa.in.sin_addr = *addr;
1105 sa.in.sin_port = htobe16(port),
091a364c 1106
74b2466e
LP
1107 mh.msg_iov = &iov;
1108 mh.msg_iovlen = 1;
1109 mh.msg_name = &sa.sa;
1110 mh.msg_namelen = sizeof(sa.in);
091a364c 1111
74b2466e
LP
1112 if (ifindex > 0) {
1113 struct cmsghdr *cmsg;
1114 struct in_pktinfo *pi;
1115
1116 zero(control);
1117
1716f6dc 1118 mh.msg_control = &control;
74b2466e
LP
1119 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1120
1121 cmsg = CMSG_FIRSTHDR(&mh);
1122 cmsg->cmsg_len = mh.msg_controllen;
1123 cmsg->cmsg_level = IPPROTO_IP;
1124 cmsg->cmsg_type = IP_PKTINFO;
1125
1126 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1127 pi->ipi_ifindex = ifindex;
1128 }
1129
1130 return sendmsg_loop(fd, &mh, 0);
1131}
1132
623a4c97 1133static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP
1134 union sockaddr_union sa = {
1135 .in6.sin6_family = AF_INET6,
74b2466e 1136 };
1716f6dc
LP
1137 union {
1138 struct cmsghdr header; /* For alignment */
1139 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1140 } control;
74b2466e
LP
1141 struct msghdr mh = {};
1142 struct iovec iov;
74b2466e
LP
1143
1144 assert(m);
1716f6dc
LP
1145 assert(fd >= 0);
1146 assert(addr);
1147 assert(port > 0);
74b2466e
LP
1148 assert(p);
1149
74b2466e
LP
1150 iov.iov_base = DNS_PACKET_DATA(p);
1151 iov.iov_len = p->size;
1152
1716f6dc
LP
1153 sa.in6.sin6_addr = *addr;
1154 sa.in6.sin6_port = htobe16(port),
74b2466e
LP
1155 sa.in6.sin6_scope_id = ifindex;
1156
1157 mh.msg_iov = &iov;
1158 mh.msg_iovlen = 1;
1159 mh.msg_name = &sa.sa;
1160 mh.msg_namelen = sizeof(sa.in6);
1161
1162 if (ifindex > 0) {
1163 struct cmsghdr *cmsg;
1164 struct in6_pktinfo *pi;
1165
1166 zero(control);
1167
1716f6dc 1168 mh.msg_control = &control;
74b2466e
LP
1169 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1170
1171 cmsg = CMSG_FIRSTHDR(&mh);
1172 cmsg->cmsg_len = mh.msg_controllen;
1173 cmsg->cmsg_level = IPPROTO_IPV6;
1174 cmsg->cmsg_type = IPV6_PKTINFO;
1175
1176 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1177 pi->ipi6_ifindex = ifindex;
1178 }
1179
1180 return sendmsg_loop(fd, &mh, 0);
1181}
1182
623a4c97 1183int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1716f6dc
LP
1184 assert(m);
1185 assert(fd >= 0);
1186 assert(addr);
1187 assert(port > 0);
1188 assert(p);
1189
a2a416f7
LP
1190 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1191
1716f6dc
LP
1192 if (family == AF_INET)
1193 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1194 else if (family == AF_INET6)
1195 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1196
1197 return -EAFNOSUPPORT;
1198}
1199
2c27fbca 1200DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
74b2466e
LP
1201 DnsServer *s;
1202
1203 assert(m);
1204 assert(in_addr);
1205
4e945a6f 1206 LIST_FOREACH(servers, s, m->dns_servers)
5cb36f41 1207 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1208 return s;
74b2466e 1209
4e945a6f 1210 LIST_FOREACH(servers, s, m->fallback_dns_servers)
5cb36f41 1211 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1212 return s;
74b2466e 1213
2c27fbca 1214 return NULL;
4e945a6f
LP
1215}
1216
2c27fbca 1217DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
4e945a6f
LP
1218 assert(m);
1219
1220 if (m->current_dns_server == s)
1221 return s;
1222
1223 if (s) {
1224 _cleanup_free_ char *ip = NULL;
1225
1226 in_addr_to_string(s->family, &s->address, &ip);
1227 log_info("Switching to system DNS server %s.", strna(ip));
2c27fbca 1228 }
4e945a6f
LP
1229
1230 m->current_dns_server = s;
2c27fbca
LP
1231
1232 if (m->unicast_scope)
1233 dns_cache_flush(&m->unicast_scope->cache);
1234
4e945a6f 1235 return s;
74b2466e
LP
1236}
1237
1238DnsServer *manager_get_dns_server(Manager *m) {
4e945a6f 1239 Link *l;
74b2466e
LP
1240 assert(m);
1241
5cb36f41
LP
1242 /* Try to read updates resolv.conf */
1243 manager_read_resolv_conf(m);
1244
74b2466e 1245 if (!m->current_dns_server)
4e945a6f
LP
1246 manager_set_dns_server(m, m->dns_servers);
1247
1248 if (!m->current_dns_server) {
1249 bool found = false;
1250 Iterator i;
1251
1252 /* No DNS servers configured, let's see if there are
1253 * any on any links. If not, we use the fallback
1254 * servers */
1255
1256 HASHMAP_FOREACH(l, m->links, i)
1257 if (l->dns_servers) {
1258 found = true;
1259 break;
1260 }
1261
1262 if (!found)
1263 manager_set_dns_server(m, m->fallback_dns_servers);
1264 }
74b2466e
LP
1265
1266 return m->current_dns_server;
1267}
1268
1269void manager_next_dns_server(Manager *m) {
1270 assert(m);
1271
4e945a6f
LP
1272 /* If there's currently no DNS server set, then the next
1273 * manager_get_dns_server() will find one */
74b2466e
LP
1274 if (!m->current_dns_server)
1275 return;
1276
4e945a6f 1277 /* Change to the next one */
74b2466e 1278 if (m->current_dns_server->servers_next) {
4e945a6f 1279 manager_set_dns_server(m, m->current_dns_server->servers_next);
74b2466e
LP
1280 return;
1281 }
1282
4e945a6f
LP
1283 /* If there was no next one, then start from the beginning of
1284 * the list */
1285 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1286 manager_set_dns_server(m, m->fallback_dns_servers);
1287 else
1288 manager_set_dns_server(m, m->dns_servers);
091a364c 1289}
e1c95994
LP
1290
1291uint32_t manager_find_mtu(Manager *m) {
1292 uint32_t mtu = 0;
1293 Link *l;
1294 Iterator i;
1295
1296 /* If we don't know on which link a DNS packet would be
1297 * delivered, let's find the largest MTU that works on all
1298 * interfaces we know of */
1299
1300 HASHMAP_FOREACH(l, m->links, i) {
1301 if (l->mtu <= 0)
1302 continue;
1303
1304 if (mtu <= 0 || l->mtu < mtu)
1305 mtu = l->mtu;
1306 }
1307
1308 return mtu;
1309}
1716f6dc
LP
1310
1311static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1312 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 1313 DnsTransaction *t = NULL;
1716f6dc 1314 Manager *m = userdata;
a4076574 1315 DnsScope *scope;
1716f6dc
LP
1316 int r;
1317
1318 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1319 if (r <= 0)
1320 return r;
1321
a4076574
LP
1322 scope = manager_find_scope(m, p);
1323 if (!scope) {
1324 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1325 return 0;
1326 }
1327
623a4c97 1328 if (dns_packet_validate_reply(p) > 0) {
a2a416f7
LP
1329 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1330
a4076574 1331 dns_scope_check_conflicts(scope, p);
623a4c97 1332
a4076574
LP
1333 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1334 if (t)
1335 dns_transaction_process_reply(t, p);
623a4c97 1336
a4076574
LP
1337 } else if (dns_packet_validate_query(p) > 0) {
1338 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
623a4c97 1339
a4076574 1340 dns_scope_process_query(scope, NULL, p);
623a4c97 1341 } else
a4076574 1342 log_debug("Invalid LLMNR UDP packet.");
1716f6dc
LP
1343
1344 return 0;
1345}
1346
1347int manager_llmnr_ipv4_udp_fd(Manager *m) {
1348 union sockaddr_union sa = {
1349 .in.sin_family = AF_INET,
1350 .in.sin_port = htobe16(5355),
1351 };
bf3f1271 1352 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1716f6dc
LP
1353 int r;
1354
1355 assert(m);
1356
1357 if (m->llmnr_ipv4_udp_fd >= 0)
1358 return m->llmnr_ipv4_udp_fd;
1359
1360 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1361 if (m->llmnr_ipv4_udp_fd < 0)
1362 return -errno;
1363
bf3f1271
LP
1364 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1365 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1716f6dc
LP
1366 if (r < 0) {
1367 r = -errno;
1368 goto fail;
1369 }
1370
bf3f1271 1371 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1716f6dc
LP
1372 if (r < 0) {
1373 r = -errno;
1374 goto fail;
1375 }
1376
1377 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1378 if (r < 0) {
1379 r = -errno;
1380 goto fail;
1381 }
1382
1383 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1384 if (r < 0) {
1385 r = -errno;
1386 goto fail;
1387 }
1388
1389 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1390 if (r < 0) {
1391 r = -errno;
1392 goto fail;
1393 }
1394
1395 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1396 if (r < 0) {
1397 r = -errno;
1398 goto fail;
1399 }
1400
1401 /* Disable Don't-Fragment bit in the IP header */
1402 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1403 if (r < 0) {
1404 r = -errno;
1405 goto fail;
1406 }
1407
1408 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1409 if (r < 0) {
1410 r = -errno;
1411 goto fail;
1412 }
1413
1414 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1415 if (r < 0)
1416 goto fail;
1417
1418 return m->llmnr_ipv4_udp_fd;
1419
1420fail:
1421 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1422 return r;
1423}
1424
1425int manager_llmnr_ipv6_udp_fd(Manager *m) {
1426 union sockaddr_union sa = {
1427 .in6.sin6_family = AF_INET6,
1428 .in6.sin6_port = htobe16(5355),
1429 };
bf3f1271 1430 static const int one = 1, ttl = 255;
1716f6dc
LP
1431 int r;
1432
1433 assert(m);
1434
1435 if (m->llmnr_ipv6_udp_fd >= 0)
1436 return m->llmnr_ipv6_udp_fd;
1437
1438 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1439 if (m->llmnr_ipv6_udp_fd < 0)
1440 return -errno;
1441
bf3f1271 1442 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP
1443 if (r < 0) {
1444 r = -errno;
1445 goto fail;
1446 }
1447
bf3f1271
LP
1448 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1449 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP
1450 if (r < 0) {
1451 r = -errno;
1452 goto fail;
1453 }
1454
1455 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1456 if (r < 0) {
1457 r = -errno;
1458 goto fail;
1459 }
1460
1461 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1462 if (r < 0) {
1463 r = -errno;
1464 goto fail;
1465 }
1466
1467 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1468 if (r < 0) {
1469 r = -errno;
1470 goto fail;
1471 }
1472
1473 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1474 if (r < 0) {
1475 r = -errno;
1476 goto fail;
1477 }
1478
1479 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1480 if (r < 0) {
1481 r = -errno;
1482 goto fail;
1483 }
1484
1485 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1486 if (r < 0) {
1487 r = -errno;
1488 goto fail;
1489 }
1490
1491 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1492 if (r < 0) {
1493 r = -errno;
1494 goto fail;
1495 }
1496
1497 return m->llmnr_ipv6_udp_fd;
1498
1499fail:
1500 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1501 return r;
1502}
623a4c97
LP
1503
1504static int on_llmnr_stream_packet(DnsStream *s) {
a4076574 1505 DnsScope *scope;
623a4c97 1506
a4076574 1507 assert(s);
623a4c97 1508
a4076574
LP
1509 scope = manager_find_scope(s->manager, s->read_packet);
1510 if (!scope) {
1511 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1512 return 0;
1513 }
623a4c97 1514
a4076574
LP
1515 if (dns_packet_validate_query(s->read_packet) > 0) {
1516 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
623a4c97 1517
a4076574 1518 dns_scope_process_query(scope, s, s->read_packet);
623a4c97 1519
a4076574
LP
1520 /* If no reply packet was set, we free the stream */
1521 if (s->write_packet)
1522 return 0;
1523 } else
1524 log_debug("Invalid LLMNR TCP packet.");
623a4c97
LP
1525
1526 dns_stream_free(s);
1527 return 0;
1528}
1529
1530static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1531 DnsStream *stream;
1532 Manager *m = userdata;
1533 int cfd, r;
1534
1535 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1536 if (cfd < 0) {
1537 if (errno == EAGAIN || errno == EINTR)
1538 return 0;
1539
1540 return -errno;
1541 }
1542
1543 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1544 if (r < 0) {
1545 safe_close(cfd);
1546 return r;
1547 }
1548
1549 stream->on_packet = on_llmnr_stream_packet;
1550 return 0;
1551}
1552
1553int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1554 union sockaddr_union sa = {
1555 .in.sin_family = AF_INET,
1556 .in.sin_port = htobe16(5355),
1557 };
1558 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1559 int r;
1560
1561 assert(m);
1562
1563 if (m->llmnr_ipv4_tcp_fd >= 0)
1564 return m->llmnr_ipv4_tcp_fd;
1565
1566 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1567 if (m->llmnr_ipv4_tcp_fd < 0)
1568 return -errno;
1569
bf3f1271 1570 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP
1571 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1572 if (r < 0) {
1573 r = -errno;
1574 goto fail;
1575 }
1576
1577 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1578 if (r < 0) {
1579 r = -errno;
1580 goto fail;
1581 }
1582
1583 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1584 if (r < 0) {
1585 r = -errno;
1586 goto fail;
1587 }
1588
1589 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1590 if (r < 0) {
1591 r = -errno;
1592 goto fail;
1593 }
1594
1595 /* Disable Don't-Fragment bit in the IP header */
1596 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1597 if (r < 0) {
1598 r = -errno;
1599 goto fail;
1600 }
1601
1602 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1603 if (r < 0) {
1604 r = -errno;
1605 goto fail;
1606 }
1607
1608 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1609 if (r < 0) {
1610 r = -errno;
1611 goto fail;
1612 }
1613
1614 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1615 if (r < 0)
1616 goto fail;
1617
1618 return m->llmnr_ipv4_tcp_fd;
1619
1620fail:
1621 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1622 return r;
1623}
1624
1625int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1626 union sockaddr_union sa = {
1627 .in6.sin6_family = AF_INET6,
1628 .in6.sin6_port = htobe16(5355),
1629 };
1630 static const int one = 1;
1631 int r;
1632
1633 assert(m);
1634
1635 if (m->llmnr_ipv6_tcp_fd >= 0)
1636 return m->llmnr_ipv6_tcp_fd;
1637
1638 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1639 if (m->llmnr_ipv6_tcp_fd < 0)
1640 return -errno;
1641
bf3f1271 1642 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP
1643 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1644 if (r < 0) {
1645 r = -errno;
1646 goto fail;
1647 }
1648
1649 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1650 if (r < 0) {
1651 r = -errno;
1652 goto fail;
1653 }
1654
1655 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1656 if (r < 0) {
1657 r = -errno;
1658 goto fail;
1659 }
1660
1661 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1662 if (r < 0) {
1663 r = -errno;
1664 goto fail;
1665 }
1666
1667 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1668 if (r < 0) {
1669 r = -errno;
1670 goto fail;
1671 }
1672
1673 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1674 if (r < 0) {
1675 r = -errno;
1676 goto fail;
1677 }
1678
1679 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1680 if (r < 0) {
1681 r = -errno;
1682 goto fail;
1683 }
1684
1685 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1686 if (r < 0) {
1687 r = -errno;
1688 goto fail;
1689 }
1690
1691 return m->llmnr_ipv6_tcp_fd;
1692
1693fail:
1694 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1695 return r;
1696}
1697
623a4c97 1698int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP
1699 LinkAddress *a;
1700
1701 assert(m);
1702
4e945a6f 1703 a = manager_find_link_address(m, family, in_addr);
ec2c5e43
LP
1704 if (a)
1705 return a->link->ifindex;
1706
1707 return 0;
1708}
1709
eb60f9cd
LP
1710void manager_refresh_rrs(Manager *m) {
1711 Iterator i;
1712 Link *l;
1713
1714 assert(m);
1715
1716 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1717 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1718
1719 HASHMAP_FOREACH(l, m->links, i) {
1720 link_add_rrs(l, true);
1721 link_add_rrs(l, false);
1722 }
1723}
1724
ec2c5e43
LP
1725int manager_next_hostname(Manager *m) {
1726 const char *p;
556a2294 1727 uint64_t u, a;
ec2c5e43 1728 char *h;
623a4c97
LP
1729
1730 assert(m);
1731
ec2c5e43
LP
1732 p = strchr(m->hostname, 0);
1733 assert(p);
1734
1735 while (p > m->hostname) {
1736 if (!strchr("0123456789", p[-1]))
1737 break;
1738
1739 p--;
1740 }
1741
1742 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1743 u = 1;
1744
556a2294
LP
1745 /* Add a random number to the old value. This way we can avoid
1746 * that two hosts pick the same hostname, win on IPv4 and lose
1747 * on IPv6 (or vice versa), and pick the same hostname
1748 * replacement hostname, ad infinitum. We still want the
1749 * numbers to go up monotonically, hence we just add a random
1750 * value 1..10 */
1751
1752 random_bytes(&a, sizeof(a));
1753 u += 1 + a % 10;
ec2c5e43
LP
1754
1755 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1756 return -ENOMEM;
1757
eb60f9cd 1758 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
ec2c5e43
LP
1759
1760 free(m->hostname);
1761 m->hostname = h;
1762
eb60f9cd 1763 manager_refresh_rrs(m);
623a4c97
LP
1764
1765 return 0;
1766}
ec2c5e43 1767
4e945a6f 1768LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP
1769 Iterator i;
1770 Link *l;
1771
1772 assert(m);
1773
1774 HASHMAP_FOREACH(l, m->links, i) {
1775 LinkAddress *a;
1776
1777 a = link_find_address(l, family, in_addr);
1778 if (a)
1779 return a;
1780 }
1781
1782 return NULL;
1783}
1784
a4076574 1785bool manager_our_packet(Manager *m, DnsPacket *p) {
ec2c5e43
LP
1786 assert(m);
1787 assert(p);
1788
4e945a6f 1789 return !!manager_find_link_address(m, p->family, &p->sender);
ec2c5e43 1790}
4e945a6f 1791
a4076574
LP
1792DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1793 Link *l;
1794
1795 assert(m);
1796 assert(p);
1797
1798 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1799 if (!l)
1800 return NULL;
1801
1802 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1803 if (p->family == AF_INET)
1804 return l->llmnr_ipv4_scope;
1805 else if (p->family == AF_INET6)
1806 return l->llmnr_ipv6_scope;
1807 }
1808
1809 return NULL;
1810}
1811
902bb5d8
LP
1812void manager_verify_all(Manager *m) {
1813 DnsScope *s;
1814
1815 assert(m);
1816
1817 LIST_FOREACH(scopes, s, m->dns_scopes)
1818 dns_zone_verify_all(&s->zone);
1819}
1820
3e684349
LP
1821void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1822 assert(m);
1823
1824 if (t == DNS_SERVER_SYSTEM)
1825 while (m->dns_servers)
1826 dns_server_free(m->dns_servers);
1827
1828 if (t == DNS_SERVER_FALLBACK)
1829 while (m->fallback_dns_servers)
1830 dns_server_free(m->fallback_dns_servers);
1831}
1832
4e945a6f
LP
1833static const char* const support_table[_SUPPORT_MAX] = {
1834 [SUPPORT_NO] = "no",
1835 [SUPPORT_YES] = "yes",
1836 [SUPPORT_RESOLVE] = "resolve",
1837};
1838DEFINE_STRING_TABLE_LOOKUP(support, Support);