]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
shared: add process-util.[ch]
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
CommitLineData
091a364c
TG		 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
091a364c 22#include <resolv.h>
74b2466e 23#include <sys/ioctl.h>
0a6f50c0 24#include <poll.h>
74b2466e 25#include <netinet/in.h>
091a364c 26
74b2466e 27#include "rtnl-util.h"
091a364c 28#include "network-internal.h"
74b2466e 29#include "socket-util.h"
a2a416f7 30#include "af-list.h"
eb60f9cd 31#include "utf8.h"
a5a807e6 32#include "fileio-label.h"
822db23c 33#include "ordered-set.h"
4e945a6f 34
eb60f9cd 35#include "resolved-dns-domain.h"
39d8db04
LP		 36#include "resolved-conf.h"
37#include "resolved-bus.h"
38#include "resolved-manager.h"
74b2466e
LP		 39
40#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
41
42static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
43 Manager *m = userdata;
44 uint16_t type;
45 Link *l;
46 int ifindex, r;
47
48 assert(rtnl);
49 assert(m);
50 assert(mm);
51
52 r = sd_rtnl_message_get_type(mm, &type);
53 if (r < 0)
54 goto fail;
55
56 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
57 if (r < 0)
58 goto fail;
59
60 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
61
62 switch (type) {
63
a2a416f7
LP		 64 case RTM_NEWLINK:{
65 bool is_new = !l;
74b2466e 66
a2a416f7 67 if (!l) {
74b2466e
LP		 68 r = link_new(m, &l, ifindex);
69 if (r < 0)
70 goto fail;
71 }
72
73 r = link_update_rtnl(l, mm);
74 if (r < 0)
75 goto fail;
76
21d73c87
LP		 77 r = link_update_monitor(l);
78 if (r < 0)
79 goto fail;
80
a2a416f7
LP		 81 if (is_new)
82 log_debug("Found new link %i/%s", ifindex, l->name);
83
74b2466e 84 break;
a2a416f7 85 }
74b2466e
LP		 86
87 case RTM_DELLINK:
88 if (l) {
a2a416f7 89 log_debug("Removing link %i/%s", l->ifindex, l->name);
74b2466e
LP		 90 link_free(l);
91 }
92
93 break;
94 }
95
96 return 0;
97
98fail:
da927ba9 99 log_warning_errno(r, "Failed to process RTNL link message: %m");
74b2466e
LP		 100 return 0;
101}
102
103static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
104 Manager *m = userdata;
105 union in_addr_union address;
74b2466e 106 uint16_t type;
0dd25fb9 107 int r, ifindex, family;
74b2466e
LP		 108 LinkAddress *a;
109 Link *l;
110
111 assert(rtnl);
112 assert(mm);
113 assert(m);
114
115 r = sd_rtnl_message_get_type(mm, &type);
116 if (r < 0)
117 goto fail;
118
119 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
120 if (r < 0)
121 goto fail;
122
123 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
124 if (!l)
125 return 0;
126
127 r = sd_rtnl_message_addr_get_family(mm, &family);
128 if (r < 0)
129 goto fail;
130
131 switch (family) {
132
133 case AF_INET:
134 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
135 if (r < 0) {
136 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
137 if (r < 0)
138 goto fail;
139 }
140
141 break;
142
143 case AF_INET6:
144 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
145 if (r < 0) {
146 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
147 if (r < 0)
148 goto fail;
149 }
150
151 break;
152
153 default:
154 return 0;
155 }
156
157 a = link_find_address(l, family, &address);
158
159 switch (type) {
160
161 case RTM_NEWADDR:
162
163 if (!a) {
164 r = link_address_new(l, &a, family, &address);
165 if (r < 0)
166 return r;
167 }
168
169 r = link_address_update_rtnl(a, mm);
170 if (r < 0)
171 return r;
172
173 break;
174
175 case RTM_DELADDR:
176 if (a)
177 link_address_free(a);
178 break;
179 }
180
181 return 0;
182
183fail:
da927ba9 184 log_warning_errno(r, "Failed to process RTNL address message: %m");
74b2466e
LP		 185 return 0;
186}
187
74b2466e
LP		 188static int manager_rtnl_listen(Manager *m) {
189 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
190 sd_rtnl_message *i;
191 int r;
192
193 assert(m);
194
cc98b302 195 /* First, subscribe to interfaces coming and going */
74b2466e
LP		 196 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
197 if (r < 0)
198 return r;
199
200 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
201 if (r < 0)
202 return r;
203
204 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
205 if (r < 0)
206 return r;
207
208 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
209 if (r < 0)
210 return r;
211
212 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
213 if (r < 0)
214 return r;
091a364c 215
74b2466e
LP		 216 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
217 if (r < 0)
218 return r;
219
220 /* Then, enumerate all links */
221 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
222 if (r < 0)
223 return r;
224
225 r = sd_rtnl_message_request_dump(req, true);
226 if (r < 0)
227 return r;
228
229 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
230 if (r < 0)
231 return r;
232
233 for (i = reply; i; i = sd_rtnl_message_next(i)) {
234 r = manager_process_link(m->rtnl, i, m);
235 if (r < 0)
236 return r;
237 }
238
239 req = sd_rtnl_message_unref(req);
240 reply = sd_rtnl_message_unref(reply);
241
242 /* Finally, enumerate all addresses, too */
243 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
244 if (r < 0)
245 return r;
246
247 r = sd_rtnl_message_request_dump(req, true);
248 if (r < 0)
249 return r;
250
251 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
252 if (r < 0)
253 return r;
254
255 for (i = reply; i; i = sd_rtnl_message_next(i)) {
256 r = manager_process_address(m->rtnl, i, m);
257 if (r < 0)
258 return r;
259 }
260
261 return r;
262}
263
264static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
265 Manager *m = userdata;
266 Iterator i;
267 Link *l;
268 int r;
269
270 assert(m);
271
272 sd_network_monitor_flush(m->network_monitor);
273
274 HASHMAP_FOREACH(l, m->links, i) {
275 r = link_update_monitor(l);
276 if (r < 0)
da927ba9 277 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
74b2466e
LP		 278 }
279
280 r = manager_write_resolv_conf(m);
281 if (r < 0)
da927ba9 282 log_warning_errno(r, "Could not update resolv.conf: %m");
74b2466e
LP		 283
284 return 0;
285}
286
287static int manager_network_monitor_listen(Manager *m) {
288 int r, fd, events;
289
290 assert(m);
291
0014a4ad 292 r = sd_network_monitor_new(&m->network_monitor, NULL);
74b2466e
LP		 293 if (r < 0)
294 return r;
295
296 fd = sd_network_monitor_get_fd(m->network_monitor);
297 if (fd < 0)
298 return fd;
299
300 events = sd_network_monitor_get_events(m->network_monitor);
301 if (events < 0)
302 return events;
303
304 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
305 if (r < 0)
306 return r;
307
308 return 0;
309}
310
eb60f9cd
LP		 311static int determine_hostname(char **ret) {
312 _cleanup_free_ char *h = NULL, *n = NULL;
313 int r;
314
315 assert(ret);
316
317 h = gethostname_malloc();
318 if (!h)
319 return log_oom();
320
321 if (!utf8_is_valid(h)) {
322 log_error("System hostname is not UTF-8 clean.");
323 return -EINVAL;
324 }
325
326 r = dns_name_normalize(h, &n);
327 if (r < 0) {
328 log_error("System hostname '%s' cannot be normalized.", h);
329 return r;
330 }
331
332 *ret = n;
333 n = NULL;
334
335 return 0;
336}
337
338static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
339 _cleanup_free_ char *h = NULL;
340 Manager *m = userdata;
341 int r;
342
343 assert(m);
344
345 r = determine_hostname(&h);
346 if (r < 0)
347 return 0; /* ignore invalid hostnames */
348
349 if (streq(h, m->hostname))
350 return 0;
351
352 log_info("System hostname changed to '%s'.", h);
353 free(m->hostname);
354 m->hostname = h;
355 h = NULL;
356
357 manager_refresh_rrs(m);
358
359 return 0;
360}
361
362static int manager_watch_hostname(Manager *m) {
eb60f9cd
LP		 363 int r;
364
365 assert(m);
366
367 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
368 if (m->hostname_fd < 0) {
56f64d95 369 log_warning_errno(errno, "Failed to watch hostname: %m");
eb60f9cd
LP		 370 return 0;
371 }
372
373 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
374 if (r < 0) {
375 if (r == -EPERM)
376 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
377 m->hostname_fd = safe_close(m->hostname_fd);
8d3d7072
MS		 378 else
379 return log_error_errno(r, "Failed to add hostname event source: %m");
eb60f9cd
LP		 380 }
381
382 r = determine_hostname(&m->hostname);
383 if (r < 0) {
384 log_info("Defaulting to hostname 'linux'.");
385 m->hostname = strdup("linux");
386 if (!m->hostname)
387 return log_oom();
388 } else
389 log_info("Using system hostname '%s'.", m->hostname);
390
391 return 0;
392}
393
edc501d4
LP		 394static void manager_llmnr_stop(Manager *m) {
395 assert(m);
396
397 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
398 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
399
400 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
401 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
402
403 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
404 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
405
406 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
407 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
408}
409
410static int manager_llmnr_start(Manager *m) {
411 int r;
412
413 assert(m);
414
415 if (m->llmnr_support == SUPPORT_NO)
416 return 0;
417
418 r = manager_llmnr_ipv4_udp_fd(m);
419 if (r == -EADDRINUSE)
420 goto eaddrinuse;
421 if (r < 0)
422 return r;
423
edc501d4
LP		 424 r = manager_llmnr_ipv4_tcp_fd(m);
425 if (r == -EADDRINUSE)
426 goto eaddrinuse;
427 if (r < 0)
428 return r;
429
90ab5042
LP		 430 if (socket_ipv6_is_supported()) {
431 r = manager_llmnr_ipv6_udp_fd(m);
432 if (r == -EADDRINUSE)
433 goto eaddrinuse;
434 if (r < 0)
435 return r;
436
437 r = manager_llmnr_ipv6_tcp_fd(m);
438 if (r == -EADDRINUSE)
439 goto eaddrinuse;
440 if (r < 0)
441 return r;
442 }
edc501d4
LP		 443
444 return 0;
445
446eaddrinuse:
c4147df1 447 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
edc501d4
LP		 448 m->llmnr_support = SUPPORT_NO;
449 manager_llmnr_stop(m);
90ab5042 450
edc501d4
LP		 451 return 0;
452}
453
091a364c 454int manager_new(Manager **ret) {
74b2466e 455 _cleanup_(manager_freep) Manager *m = NULL;
091a364c
TG		 456 int r;
457
c92e531c
LP		 458 assert(ret);
459
091a364c
TG		 460 m = new0(Manager, 1);
461 if (!m)
462 return -ENOMEM;
463
74b2466e 464 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
1716f6dc 465 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
623a4c97 466 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
eb60f9cd 467 m->hostname_fd = -1;
1716f6dc 468
4e945a6f 469 m->llmnr_support = SUPPORT_YES;
5cb36f41 470 m->read_resolv_conf = true;
091a364c 471
4e945a6f 472 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
091a364c
TG		 473 if (r < 0)
474 return r;
475
476 r = sd_event_default(&m->event);
477 if (r < 0)
478 return r;
479
480 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
481 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
482
483 sd_event_set_watchdog(m->event, true);
484
eb60f9cd
LP		 485 r = manager_watch_hostname(m);
486 if (r < 0)
487 return r;
488
1716f6dc 489 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
74b2466e
LP		 490 if (r < 0)
491 return r;
492
493 r = manager_network_monitor_listen(m);
494 if (r < 0)
495 return r;
496
497 r = manager_rtnl_listen(m);
498 if (r < 0)
499 return r;
500
501 r = manager_connect_bus(m);
502 if (r < 0)
503 return r;
504
091a364c
TG		 505 *ret = m;
506 m = NULL;
507
508 return 0;
509}
510
edc501d4
LP		 511int manager_start(Manager *m) {
512 int r;
513
514 assert(m);
515
516 r = manager_llmnr_start(m);
517 if (r < 0)
518 return r;
519
520 return 0;
521}
522
74b2466e
LP		 523Manager *manager_free(Manager *m) {
524 Link *l;
091a364c
TG		 525
526 if (!m)
74b2466e
LP		 527 return NULL;
528
74b2466e
LP		 529 while ((l = hashmap_first(m->links)))
530 link_free(l);
f0e15467
LP		 531
532 while (m->dns_queries)
533 dns_query_free(m->dns_queries);
74b2466e
LP		 534
535 dns_scope_free(m->unicast_scope);
536
3e684349
LP		 537 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
538 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
091a364c 539
f0e15467
LP		 540 hashmap_free(m->links);
541 hashmap_free(m->dns_transactions);
542
096b6773
LP		 543 sd_event_source_unref(m->network_event_source);
544 sd_network_monitor_unref(m->network_monitor);
091a364c 545
74b2466e
LP		 546 sd_event_source_unref(m->dns_ipv4_event_source);
547 sd_event_source_unref(m->dns_ipv6_event_source);
74b2466e
LP		 548 safe_close(m->dns_ipv4_fd);
549 safe_close(m->dns_ipv6_fd);
550
edc501d4 551 manager_llmnr_stop(m);
623a4c97 552
902bb5d8 553 sd_bus_slot_unref(m->prepare_for_sleep_slot);
74b2466e
LP		 554 sd_event_source_unref(m->bus_retry_event_source);
555 sd_bus_unref(m->bus);
091a364c 556
74b2466e 557 sd_event_unref(m->event);
623a4c97
LP		 558
559 dns_resource_key_unref(m->host_ipv4_key);
560 dns_resource_key_unref(m->host_ipv6_key);
eb60f9cd
LP		 561
562 safe_close(m->hostname_fd);
563 sd_event_source_unref(m->hostname_event_source);
623a4c97 564 free(m->hostname);
eb60f9cd 565
091a364c 566 free(m);
74b2466e
LP		 567
568 return NULL;
091a364c
TG		 569}
570
5cb36f41
LP		 571int manager_read_resolv_conf(Manager *m) {
572 _cleanup_fclose_ FILE *f = NULL;
573 struct stat st, own;
574 char line[LINE_MAX];
575 DnsServer *s, *nx;
576 usec_t t;
577 int r;
578
579 assert(m);
580
581 /* Reads the system /etc/resolv.conf, if it exists and is not
582 * symlinked to our own resolv.conf instance */
583
584 if (!m->read_resolv_conf)
585 return 0;
586
587 r = stat("/etc/resolv.conf", &st);
588 if (r < 0) {
589 if (errno != ENOENT)
56f64d95 590 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
5cb36f41
LP		 591 r = -errno;
592 goto clear;
593 }
594
595 /* Have we already seen the file? */
596 t = timespec_load(&st.st_mtim);
597 if (t == m->resolv_conf_mtime)
598 return 0;
599
600 m->resolv_conf_mtime = t;
601
602 /* Is it symlinked to our own file? */
603 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
604 st.st_dev == own.st_dev &&
605 st.st_ino == own.st_ino) {
606 r = 0;
607 goto clear;
608 }
609
610 f = fopen("/etc/resolv.conf", "re");
611 if (!f) {
612 if (errno != ENOENT)
56f64d95 613 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
5cb36f41
LP		 614 r = -errno;
615 goto clear;
616 }
617
618 if (fstat(fileno(f), &st) < 0) {
56f64d95 619 log_error_errno(errno, "Failed to stat open file: %m");
5cb36f41
LP		 620 r = -errno;
621 goto clear;
622 }
623
624 LIST_FOREACH(servers, s, m->dns_servers)
625 s->marked = true;
626
627 FOREACH_LINE(line, f, r = -errno; goto clear) {
628 union in_addr_union address;
629 int family;
630 char *l;
631 const char *a;
632
633 truncate_nl(line);
634
635 l = strstrip(line);
636 if (*l == '#' || *l == ';')
637 continue;
638
639 a = first_word(l, "nameserver");
640 if (!a)
641 continue;
642
643 r = in_addr_from_string_auto(a, &family, &address);
644 if (r < 0) {
645 log_warning("Failed to parse name server %s.", a);
646 continue;
647 }
648
649 LIST_FOREACH(servers, s, m->dns_servers)
650 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
651 break;
652
653 if (s)
654 s->marked = false;
655 else {
656 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
657 if (r < 0)
658 goto clear;
659 }
660 }
661
662 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
663 if (s->marked)
664 dns_server_free(s);
665
36a03ca2
LP		 666 /* Whenever /etc/resolv.conf changes, start using the first
667 * DNS server of it. This is useful to deal with broken
668 * network managing implementations (like NetworkManager),
669 * that when connecting to a VPN place both the VPN DNS
670 * servers and the local ones in /etc/resolv.conf. Without
671 * resetting the DNS server to use back to the first entry we
672 * will continue to use the local one thus being unable to
673 * resolve VPN domains. */
674 manager_set_dns_server(m, m->dns_servers);
675
5cb36f41
LP		 676 return 0;
677
678clear:
679 while (m->dns_servers)
680 dns_server_free(m->dns_servers);
681
682 return r;
683}
684
bda2c408 685static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
74b2466e
LP		 686 _cleanup_free_ char *t = NULL;
687 int r;
091a364c 688
74b2466e 689 assert(s);
091a364c 690 assert(f);
091a364c
TG		 691 assert(count);
692
74b2466e 693 r = in_addr_to_string(s->family, &s->address, &t);
4e945a6f 694 if (r < 0) {
da927ba9 695 log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
091a364c
TG		 696 return;
697 }
698
699 if (*count == MAXNS)
87f5a193 700 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
091a364c 701
74b2466e 702 fprintf(f, "nameserver %s\n", t);
091a364c
TG		 703 (*count) ++;
704}
705
822db23c
LP		 706static void write_resolv_conf_search(
707 const char *domain, FILE *f,
708 unsigned *count,
709 unsigned *length) {
710
bda2c408
TG		 711 assert(domain);
712 assert(f);
713 assert(length);
714
715 if (*count >= MAXDNSRCH ||
716 *length + strlen(domain) > 256) {
717 if (*count == MAXDNSRCH)
718 fputs(" # Too many search domains configured, remaining ones ignored.", f);
719 if (*length <= 256)
720 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
721
722 return;
723 }
724
725 fprintf(f, " %s", domain);
726
727 (*length) += strlen(domain);
728 (*count) ++;
729}
730
822db23c 731static int write_resolv_conf_contents(FILE *f, OrderedSet *dns, OrderedSet *domains) {
4713135e
ZJS		 732 Iterator i;
733
734 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
735 "# Third party programs must not access this file directly, but\n"
736 "# only through the symlink at /etc/resolv.conf. To manage\n"
737 "# resolv.conf(5) in a different way, replace the symlink by a\n"
738 "# static file or a different symlink.\n\n", f);
739
822db23c 740 if (ordered_set_isempty(dns))
4713135e
ZJS		 741 fputs("# No DNS servers known.\n", f);
742 else {
743 DnsServer *s;
744 unsigned count = 0;
745
822db23c 746 ORDERED_SET_FOREACH(s, dns, i)
4713135e
ZJS		 747 write_resolv_conf_server(s, f, &count);
748 }
749
822db23c 750 if (!ordered_set_isempty(domains)) {
4713135e
ZJS		 751 unsigned length = 0, count = 0;
752 char *domain;
753
754 fputs("search", f);
822db23c 755 ORDERED_SET_FOREACH(domain, domains, i)
4713135e
ZJS		 756 write_resolv_conf_search(domain, f, &count, &length);
757 fputs("\n", f);
758 }
759
760 return fflush_and_check(f);
761}
762
74b2466e 763int manager_write_resolv_conf(Manager *m) {
4e945a6f 764 static const char path[] = "/run/systemd/resolve/resolv.conf";
091a364c
TG		 765 _cleanup_free_ char *temp_path = NULL;
766 _cleanup_fclose_ FILE *f = NULL;
822db23c 767 _cleanup_ordered_set_free_ OrderedSet *dns = NULL, *domains = NULL;
74b2466e
LP		 768 DnsServer *s;
769 Iterator i;
770 Link *l;
771 int r;
091a364c
TG		 772
773 assert(m);
774
5cb36f41
LP		 775 /* Read the system /etc/resolv.conf first */
776 manager_read_resolv_conf(m);
777
87f5a193 778 /* Add the full list to a set, to filter out duplicates */
822db23c 779 dns = ordered_set_new(&dns_server_hash_ops);
87f5a193
LP		 780 if (!dns)
781 return -ENOMEM;
782
822db23c 783 domains = ordered_set_new(&dns_name_hash_ops);
bda2c408
TG		 784 if (!domains)
785 return -ENOMEM;
786
87f5a193
LP		 787 /* First add the system-wide servers */
788 LIST_FOREACH(servers, s, m->dns_servers) {
822db23c 789 r = ordered_set_put(dns, s);
87f5a193
LP		 790 if (r == -EEXIST)
791 continue;
792 if (r < 0)
793 return r;
794 }
795
bda2c408
TG		 796 /* Then, add the per-link servers and domains */
797 HASHMAP_FOREACH(l, m->links, i) {
798 char **domain;
799
87f5a193 800 LIST_FOREACH(servers, s, l->dns_servers) {
822db23c 801 r = ordered_set_put(dns, s);
87f5a193
LP		 802 if (r == -EEXIST)
803 continue;
804 if (r < 0)
805 return r;
806 }
807
bda2c408
TG		 808 if (!l->unicast_scope)
809 continue;
810
811 STRV_FOREACH(domain, l->unicast_scope->domains) {
822db23c 812 r = ordered_set_put(domains, *domain);
bda2c408
TG		 813 if (r == -EEXIST)
814 continue;
815 if (r < 0)
816 return r;
817 }
818 }
819
87f5a193 820 /* If we found nothing, add the fallback servers */
822db23c 821 if (ordered_set_isempty(dns)) {
87f5a193 822 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
822db23c 823 r = ordered_set_put(dns, s);
87f5a193
LP		 824 if (r == -EEXIST)
825 continue;
826 if (r < 0)
827 return r;
828 }
829 }
830
a5a807e6 831 r = fopen_temporary_label(path, path, &f, &temp_path);
091a364c
TG		 832 if (r < 0)
833 return r;
834
835 fchmod(fileno(f), 0644);
836
4713135e 837 r = write_resolv_conf_contents(f, dns, domains);
74b2466e
LP		 838 if (r < 0)
839 goto fail;
840
841 if (rename(temp_path, path) < 0) {
842 r = -errno;
843 goto fail;
844 }
091a364c 845
74b2466e 846 return 0;
091a364c 847
74b2466e 848fail:
822db23c
LP		 849 (void) unlink(path);
850 (void) unlink(temp_path);
74b2466e
LP		 851 return r;
852}
091a364c 853
1716f6dc 854int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
74b2466e 855 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1716f6dc
LP		 856 union {
857 struct cmsghdr header; /* For alignment */
40a1eebd 858 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
1716f6dc 859 + CMSG_SPACE(int) /* ttl/hoplimit */
623a4c97 860 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
1716f6dc
LP		 861 } control;
862 union sockaddr_union sa;
74b2466e 863 struct msghdr mh = {};
1716f6dc 864 struct cmsghdr *cmsg;
74b2466e 865 struct iovec iov;
1716f6dc 866 int ms = 0, r;
74b2466e
LP		 867 ssize_t l;
868
869 assert(m);
1716f6dc 870 assert(fd >= 0);
74b2466e
LP		 871 assert(ret);
872
74b2466e
LP		 873 r = ioctl(fd, FIONREAD, &ms);
874 if (r < 0)
875 return -errno;
876 if (ms < 0)
877 return -EIO;
878
1716f6dc 879 r = dns_packet_new(&p, protocol, ms);
74b2466e
LP		 880 if (r < 0)
881 return r;
882
883 iov.iov_base = DNS_PACKET_DATA(p);
884 iov.iov_len = p->allocated;
885
1716f6dc
LP		 886 mh.msg_name = &sa.sa;
887 mh.msg_namelen = sizeof(sa);
74b2466e
LP		 888 mh.msg_iov = &iov;
889 mh.msg_iovlen = 1;
1716f6dc
LP		 890 mh.msg_control = &control;
891 mh.msg_controllen = sizeof(control);
74b2466e 892
a38d9945 893 l = recvmsg(fd, &mh, 0);
74b2466e 894 if (l < 0) {
ad867662 895 if (errno == EAGAIN || errno == EINTR)
74b2466e
LP		 896 return 0;
897
898 return -errno;
091a364c
TG		 899 }
900
74b2466e
LP		 901 if (l <= 0)
902 return -EIO;
091a364c 903
1716f6dc
LP		 904 assert(!(mh.msg_flags & MSG_CTRUNC));
905 assert(!(mh.msg_flags & MSG_TRUNC));
906
74b2466e 907 p->size = (size_t) l;
091a364c 908
1716f6dc 909 p->family = sa.sa.sa_family;
623a4c97
LP		 910 p->ipproto = IPPROTO_UDP;
911 if (p->family == AF_INET) {
1716f6dc 912 p->sender.in = sa.in.sin_addr;
623a4c97
LP		 913 p->sender_port = be16toh(sa.in.sin_port);
914 } else if (p->family == AF_INET6) {
1716f6dc 915 p->sender.in6 = sa.in6.sin6_addr;
623a4c97
LP		 916 p->sender_port = be16toh(sa.in6.sin6_port);
917 p->ifindex = sa.in6.sin6_scope_id;
918 } else
1716f6dc 919 return -EAFNOSUPPORT;
74b2466e 920
1716f6dc 921 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
74b2466e 922
1716f6dc
LP		 923 if (cmsg->cmsg_level == IPPROTO_IPV6) {
924 assert(p->family == AF_INET6);
74b2466e 925
1716f6dc 926 switch (cmsg->cmsg_type) {
74b2466e 927
1716f6dc
LP		 928 case IPV6_PKTINFO: {
929 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
74b2466e 930
623a4c97
LP		 931 if (p->ifindex <= 0)
932 p->ifindex = i->ipi6_ifindex;
933
1716f6dc
LP		 934 p->destination.in6 = i->ipi6_addr;
935 break;
936 }
74b2466e 937
1716f6dc
LP		 938 case IPV6_HOPLIMIT:
939 p->ttl = *(int *) CMSG_DATA(cmsg);
940 break;
74b2466e 941
1716f6dc
LP		 942 }
943 } else if (cmsg->cmsg_level == IPPROTO_IP) {
944 assert(p->family == AF_INET);
74b2466e 945
1716f6dc 946 switch (cmsg->cmsg_type) {
74b2466e 947
1716f6dc
LP		 948 case IP_PKTINFO: {
949 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
091a364c 950
623a4c97
LP		 951 if (p->ifindex <= 0)
952 p->ifindex = i->ipi_ifindex;
953
1716f6dc
LP		 954 p->destination.in = i->ipi_addr;
955 break;
956 }
74b2466e 957
623a4c97 958 case IP_TTL:
1716f6dc
LP		 959 p->ttl = *(int *) CMSG_DATA(cmsg);
960 break;
961 }
962 }
963 }
74b2466e 964
623a4c97
LP		 965 /* The Linux kernel sets the interface index to the loopback
966 * device if the packet came from the local host since it
967 * avoids the routing table in such a case. Let's unset the
968 * interface index in such a case. */
a5f03596 969 if (p->ifindex == LOOPBACK_IFINDEX)
623a4c97
LP		 970 p->ifindex = 0;
971
972 /* If we don't know the interface index still, we look for the
973 * first local interface with a matching address. Yuck! */
974 if (p->ifindex <= 0)
975 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
976
74b2466e
LP		 977 *ret = p;
978 p = NULL;
979
980 return 1;
981}
982
1716f6dc 983static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
74b2466e 984 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 985 DnsTransaction *t = NULL;
74b2466e
LP		 986 Manager *m = userdata;
987 int r;
988
1716f6dc 989 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
74b2466e
LP		 990 if (r <= 0)
991 return r;
992
623a4c97 993 if (dns_packet_validate_reply(p) > 0) {
ec2c5e43 994 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1716f6dc
LP		 995 if (!t)
996 return 0;
74b2466e 997
ec2c5e43 998 dns_transaction_process_reply(t, p);
623a4c97 999
1716f6dc 1000 } else
623a4c97 1001 log_debug("Invalid DNS packet.");
74b2466e 1002
ad867662 1003 return 0;
74b2466e
LP		 1004}
1005
1006int manager_dns_ipv4_fd(Manager *m) {
1716f6dc 1007 const int one = 1;
74b2466e
LP		 1008 int r;
1009
091a364c
TG		 1010 assert(m);
1011
74b2466e
LP		 1012 if (m->dns_ipv4_fd >= 0)
1013 return m->dns_ipv4_fd;
091a364c 1014
74b2466e
LP		 1015 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1016 if (m->dns_ipv4_fd < 0)
1017 return -errno;
091a364c 1018
1716f6dc
LP		 1019 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1020 if (r < 0) {
1021 r = -errno;
1022 goto fail;
1023 }
1024
1025 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
74b2466e 1026 if (r < 0)
1716f6dc 1027 goto fail;
74b2466e
LP		 1028
1029 return m->dns_ipv4_fd;
1716f6dc
LP		 1030
1031fail:
1032 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1033 return r;
091a364c
TG		 1034}
1035
74b2466e 1036int manager_dns_ipv6_fd(Manager *m) {
1716f6dc 1037 const int one = 1;
74b2466e
LP		 1038 int r;
1039
1040 assert(m);
091a364c 1041
74b2466e
LP		 1042 if (m->dns_ipv6_fd >= 0)
1043 return m->dns_ipv6_fd;
1044
1045 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1046 if (m->dns_ipv6_fd < 0)
1047 return -errno;
1048
1716f6dc
LP		 1049 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1050 if (r < 0) {
1051 r = -errno;
1052 goto fail;
1053 }
1054
1055 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
091a364c 1056 if (r < 0)
1716f6dc 1057 goto fail;
091a364c 1058
74b2466e 1059 return m->dns_ipv6_fd;
1716f6dc
LP		 1060
1061fail:
1062 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1063 return r;
74b2466e
LP		 1064}
1065
1066static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1067 int r;
1068
1069 assert(fd >= 0);
1070 assert(mh);
1071
1072 for (;;) {
1073 if (sendmsg(fd, mh, flags) >= 0)
1074 return 0;
1075
1076 if (errno == EINTR)
1077 continue;
1078
1079 if (errno != EAGAIN)
1080 return -errno;
1081
1082 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1083 if (r < 0)
1084 return r;
1085 if (r == 0)
1086 return -ETIMEDOUT;
1087 }
1088}
1089
623a4c97 1090static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP		 1091 union sockaddr_union sa = {
1092 .in.sin_family = AF_INET,
74b2466e 1093 };
1716f6dc
LP		 1094 union {
1095 struct cmsghdr header; /* For alignment */
1096 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1097 } control;
74b2466e
LP		 1098 struct msghdr mh = {};
1099 struct iovec iov;
74b2466e
LP		 1100
1101 assert(m);
1716f6dc
LP		 1102 assert(fd >= 0);
1103 assert(addr);
1104 assert(port > 0);
74b2466e
LP		 1105 assert(p);
1106
74b2466e
LP		 1107 iov.iov_base = DNS_PACKET_DATA(p);
1108 iov.iov_len = p->size;
091a364c 1109
1716f6dc
LP		 1110 sa.in.sin_addr = *addr;
1111 sa.in.sin_port = htobe16(port),
091a364c 1112
74b2466e
LP		 1113 mh.msg_iov = &iov;
1114 mh.msg_iovlen = 1;
1115 mh.msg_name = &sa.sa;
1116 mh.msg_namelen = sizeof(sa.in);
091a364c 1117
74b2466e
LP		 1118 if (ifindex > 0) {
1119 struct cmsghdr *cmsg;
1120 struct in_pktinfo *pi;
1121
1122 zero(control);
1123
1716f6dc 1124 mh.msg_control = &control;
74b2466e
LP		 1125 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1126
1127 cmsg = CMSG_FIRSTHDR(&mh);
1128 cmsg->cmsg_len = mh.msg_controllen;
1129 cmsg->cmsg_level = IPPROTO_IP;
1130 cmsg->cmsg_type = IP_PKTINFO;
1131
1132 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1133 pi->ipi_ifindex = ifindex;
1134 }
1135
1136 return sendmsg_loop(fd, &mh, 0);
1137}
1138
623a4c97 1139static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP		 1140 union sockaddr_union sa = {
1141 .in6.sin6_family = AF_INET6,
74b2466e 1142 };
1716f6dc
LP		 1143 union {
1144 struct cmsghdr header; /* For alignment */
1145 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1146 } control;
74b2466e
LP		 1147 struct msghdr mh = {};
1148 struct iovec iov;
74b2466e
LP		 1149
1150 assert(m);
1716f6dc
LP		 1151 assert(fd >= 0);
1152 assert(addr);
1153 assert(port > 0);
74b2466e
LP		 1154 assert(p);
1155
74b2466e
LP		 1156 iov.iov_base = DNS_PACKET_DATA(p);
1157 iov.iov_len = p->size;
1158
1716f6dc
LP		 1159 sa.in6.sin6_addr = *addr;
1160 sa.in6.sin6_port = htobe16(port),
74b2466e
LP		 1161 sa.in6.sin6_scope_id = ifindex;
1162
1163 mh.msg_iov = &iov;
1164 mh.msg_iovlen = 1;
1165 mh.msg_name = &sa.sa;
1166 mh.msg_namelen = sizeof(sa.in6);
1167
1168 if (ifindex > 0) {
1169 struct cmsghdr *cmsg;
1170 struct in6_pktinfo *pi;
1171
1172 zero(control);
1173
1716f6dc 1174 mh.msg_control = &control;
74b2466e
LP		 1175 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1176
1177 cmsg = CMSG_FIRSTHDR(&mh);
1178 cmsg->cmsg_len = mh.msg_controllen;
1179 cmsg->cmsg_level = IPPROTO_IPV6;
1180 cmsg->cmsg_type = IPV6_PKTINFO;
1181
1182 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1183 pi->ipi6_ifindex = ifindex;
1184 }
1185
1186 return sendmsg_loop(fd, &mh, 0);
1187}
1188
623a4c97 1189int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1716f6dc
LP		 1190 assert(m);
1191 assert(fd >= 0);
1192 assert(addr);
1193 assert(port > 0);
1194 assert(p);
1195
a2a416f7
LP		 1196 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1197
1716f6dc
LP		 1198 if (family == AF_INET)
1199 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1200 else if (family == AF_INET6)
1201 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1202
1203 return -EAFNOSUPPORT;
1204}
1205
2c27fbca 1206DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
74b2466e
LP		 1207 DnsServer *s;
1208
1209 assert(m);
1210 assert(in_addr);
1211
4e945a6f 1212 LIST_FOREACH(servers, s, m->dns_servers)
5cb36f41 1213 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1214 return s;
74b2466e 1215
4e945a6f 1216 LIST_FOREACH(servers, s, m->fallback_dns_servers)
5cb36f41 1217 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1218 return s;
74b2466e 1219
2c27fbca 1220 return NULL;
4e945a6f
LP		 1221}
1222
2c27fbca 1223DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
4e945a6f
LP		 1224 assert(m);
1225
1226 if (m->current_dns_server == s)
1227 return s;
1228
1229 if (s) {
1230 _cleanup_free_ char *ip = NULL;
1231
1232 in_addr_to_string(s->family, &s->address, &ip);
1233 log_info("Switching to system DNS server %s.", strna(ip));
2c27fbca 1234 }
4e945a6f
LP		 1235
1236 m->current_dns_server = s;
2c27fbca
LP		 1237
1238 if (m->unicast_scope)
1239 dns_cache_flush(&m->unicast_scope->cache);
1240
4e945a6f 1241 return s;
74b2466e
LP		 1242}
1243
1244DnsServer *manager_get_dns_server(Manager *m) {
4e945a6f 1245 Link *l;
74b2466e
LP		 1246 assert(m);
1247
5cb36f41
LP		 1248 /* Try to read updates resolv.conf */
1249 manager_read_resolv_conf(m);
1250
74b2466e 1251 if (!m->current_dns_server)
4e945a6f
LP		 1252 manager_set_dns_server(m, m->dns_servers);
1253
1254 if (!m->current_dns_server) {
1255 bool found = false;
1256 Iterator i;
1257
1258 /* No DNS servers configured, let's see if there are
1259 * any on any links. If not, we use the fallback
1260 * servers */
1261
1262 HASHMAP_FOREACH(l, m->links, i)
1263 if (l->dns_servers) {
1264 found = true;
1265 break;
1266 }
1267
1268 if (!found)
1269 manager_set_dns_server(m, m->fallback_dns_servers);
1270 }
74b2466e
LP		 1271
1272 return m->current_dns_server;
1273}
1274
1275void manager_next_dns_server(Manager *m) {
1276 assert(m);
1277
4e945a6f
LP		 1278 /* If there's currently no DNS server set, then the next
1279 * manager_get_dns_server() will find one */
74b2466e
LP		 1280 if (!m->current_dns_server)
1281 return;
1282
4e945a6f 1283 /* Change to the next one */
74b2466e 1284 if (m->current_dns_server->servers_next) {
4e945a6f 1285 manager_set_dns_server(m, m->current_dns_server->servers_next);
74b2466e
LP		 1286 return;
1287 }
1288
4e945a6f
LP		 1289 /* If there was no next one, then start from the beginning of
1290 * the list */
1291 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1292 manager_set_dns_server(m, m->fallback_dns_servers);
1293 else
1294 manager_set_dns_server(m, m->dns_servers);
091a364c 1295}
e1c95994
LP		 1296
1297uint32_t manager_find_mtu(Manager *m) {
1298 uint32_t mtu = 0;
1299 Link *l;
1300 Iterator i;
1301
1302 /* If we don't know on which link a DNS packet would be
1303 * delivered, let's find the largest MTU that works on all
1304 * interfaces we know of */
1305
1306 HASHMAP_FOREACH(l, m->links, i) {
1307 if (l->mtu <= 0)
1308 continue;
1309
1310 if (mtu <= 0 || l->mtu < mtu)
1311 mtu = l->mtu;
1312 }
1313
1314 return mtu;
1315}
1716f6dc
LP		 1316
1317static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1318 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 1319 DnsTransaction *t = NULL;
1716f6dc 1320 Manager *m = userdata;
a4076574 1321 DnsScope *scope;
1716f6dc
LP		 1322 int r;
1323
1324 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1325 if (r <= 0)
1326 return r;
1327
a4076574
LP		 1328 scope = manager_find_scope(m, p);
1329 if (!scope) {
1330 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1331 return 0;
1332 }
1333
623a4c97 1334 if (dns_packet_validate_reply(p) > 0) {
a2a416f7
LP		 1335 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1336
a4076574 1337 dns_scope_check_conflicts(scope, p);
623a4c97 1338
a4076574
LP		 1339 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1340 if (t)
1341 dns_transaction_process_reply(t, p);
623a4c97 1342
a4076574
LP		 1343 } else if (dns_packet_validate_query(p) > 0) {
1344 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
623a4c97 1345
a4076574 1346 dns_scope_process_query(scope, NULL, p);
623a4c97 1347 } else
a4076574 1348 log_debug("Invalid LLMNR UDP packet.");
1716f6dc
LP		 1349
1350 return 0;
1351}
1352
1353int manager_llmnr_ipv4_udp_fd(Manager *m) {
1354 union sockaddr_union sa = {
1355 .in.sin_family = AF_INET,
1356 .in.sin_port = htobe16(5355),
1357 };
bf3f1271 1358 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1716f6dc
LP		 1359 int r;
1360
1361 assert(m);
1362
1363 if (m->llmnr_ipv4_udp_fd >= 0)
1364 return m->llmnr_ipv4_udp_fd;
1365
1366 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1367 if (m->llmnr_ipv4_udp_fd < 0)
1368 return -errno;
1369
bf3f1271
LP		 1370 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1371 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1716f6dc
LP		 1372 if (r < 0) {
1373 r = -errno;
1374 goto fail;
1375 }
1376
bf3f1271 1377 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1716f6dc
LP		 1378 if (r < 0) {
1379 r = -errno;
1380 goto fail;
1381 }
1382
1383 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1384 if (r < 0) {
1385 r = -errno;
1386 goto fail;
1387 }
1388
1389 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1390 if (r < 0) {
1391 r = -errno;
1392 goto fail;
1393 }
1394
1395 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1396 if (r < 0) {
1397 r = -errno;
1398 goto fail;
1399 }
1400
1401 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1402 if (r < 0) {
1403 r = -errno;
1404 goto fail;
1405 }
1406
1407 /* Disable Don't-Fragment bit in the IP header */
1408 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1409 if (r < 0) {
1410 r = -errno;
1411 goto fail;
1412 }
1413
1414 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1415 if (r < 0) {
1416 r = -errno;
1417 goto fail;
1418 }
1419
1420 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1421 if (r < 0)
1422 goto fail;
1423
1424 return m->llmnr_ipv4_udp_fd;
1425
1426fail:
1427 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1428 return r;
1429}
1430
1431int manager_llmnr_ipv6_udp_fd(Manager *m) {
1432 union sockaddr_union sa = {
1433 .in6.sin6_family = AF_INET6,
1434 .in6.sin6_port = htobe16(5355),
1435 };
bf3f1271 1436 static const int one = 1, ttl = 255;
1716f6dc
LP		 1437 int r;
1438
1439 assert(m);
1440
1441 if (m->llmnr_ipv6_udp_fd >= 0)
1442 return m->llmnr_ipv6_udp_fd;
1443
1444 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1445 if (m->llmnr_ipv6_udp_fd < 0)
1446 return -errno;
1447
bf3f1271 1448 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP		 1449 if (r < 0) {
1450 r = -errno;
1451 goto fail;
1452 }
1453
bf3f1271
LP		 1454 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1455 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP		 1456 if (r < 0) {
1457 r = -errno;
1458 goto fail;
1459 }
1460
1461 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1462 if (r < 0) {
1463 r = -errno;
1464 goto fail;
1465 }
1466
1467 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1468 if (r < 0) {
1469 r = -errno;
1470 goto fail;
1471 }
1472
1473 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1474 if (r < 0) {
1475 r = -errno;
1476 goto fail;
1477 }
1478
1479 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1480 if (r < 0) {
1481 r = -errno;
1482 goto fail;
1483 }
1484
1485 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1486 if (r < 0) {
1487 r = -errno;
1488 goto fail;
1489 }
1490
1491 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1492 if (r < 0) {
1493 r = -errno;
1494 goto fail;
1495 }
1496
1497 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1498 if (r < 0) {
1499 r = -errno;
1500 goto fail;
1501 }
1502
1503 return m->llmnr_ipv6_udp_fd;
1504
1505fail:
1506 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1507 return r;
1508}
623a4c97
LP		 1509
1510static int on_llmnr_stream_packet(DnsStream *s) {
a4076574 1511 DnsScope *scope;
623a4c97 1512
a4076574 1513 assert(s);
623a4c97 1514
a4076574
LP		 1515 scope = manager_find_scope(s->manager, s->read_packet);
1516 if (!scope) {
1517 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1518 return 0;
1519 }
623a4c97 1520
a4076574
LP		 1521 if (dns_packet_validate_query(s->read_packet) > 0) {
1522 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
623a4c97 1523
a4076574 1524 dns_scope_process_query(scope, s, s->read_packet);
623a4c97 1525
a4076574
LP		 1526 /* If no reply packet was set, we free the stream */
1527 if (s->write_packet)
1528 return 0;
1529 } else
1530 log_debug("Invalid LLMNR TCP packet.");
623a4c97
LP		 1531
1532 dns_stream_free(s);
1533 return 0;
1534}
1535
1536static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1537 DnsStream *stream;
1538 Manager *m = userdata;
1539 int cfd, r;
1540
1541 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1542 if (cfd < 0) {
1543 if (errno == EAGAIN || errno == EINTR)
1544 return 0;
1545
1546 return -errno;
1547 }
1548
1549 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1550 if (r < 0) {
1551 safe_close(cfd);
1552 return r;
1553 }
1554
1555 stream->on_packet = on_llmnr_stream_packet;
1556 return 0;
1557}
1558
1559int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1560 union sockaddr_union sa = {
1561 .in.sin_family = AF_INET,
1562 .in.sin_port = htobe16(5355),
1563 };
1564 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1565 int r;
1566
1567 assert(m);
1568
1569 if (m->llmnr_ipv4_tcp_fd >= 0)
1570 return m->llmnr_ipv4_tcp_fd;
1571
1572 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1573 if (m->llmnr_ipv4_tcp_fd < 0)
1574 return -errno;
1575
bf3f1271 1576 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP		 1577 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1578 if (r < 0) {
1579 r = -errno;
1580 goto fail;
1581 }
1582
1583 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1584 if (r < 0) {
1585 r = -errno;
1586 goto fail;
1587 }
1588
1589 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1590 if (r < 0) {
1591 r = -errno;
1592 goto fail;
1593 }
1594
1595 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1596 if (r < 0) {
1597 r = -errno;
1598 goto fail;
1599 }
1600
1601 /* Disable Don't-Fragment bit in the IP header */
1602 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1603 if (r < 0) {
1604 r = -errno;
1605 goto fail;
1606 }
1607
1608 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1609 if (r < 0) {
1610 r = -errno;
1611 goto fail;
1612 }
1613
1614 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1615 if (r < 0) {
1616 r = -errno;
1617 goto fail;
1618 }
1619
1620 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1621 if (r < 0)
1622 goto fail;
1623
1624 return m->llmnr_ipv4_tcp_fd;
1625
1626fail:
1627 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1628 return r;
1629}
1630
1631int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1632 union sockaddr_union sa = {
1633 .in6.sin6_family = AF_INET6,
1634 .in6.sin6_port = htobe16(5355),
1635 };
1636 static const int one = 1;
1637 int r;
1638
1639 assert(m);
1640
1641 if (m->llmnr_ipv6_tcp_fd >= 0)
1642 return m->llmnr_ipv6_tcp_fd;
1643
1644 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1645 if (m->llmnr_ipv6_tcp_fd < 0)
1646 return -errno;
1647
bf3f1271 1648 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP		 1649 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1650 if (r < 0) {
1651 r = -errno;
1652 goto fail;
1653 }
1654
1655 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1656 if (r < 0) {
1657 r = -errno;
1658 goto fail;
1659 }
1660
1661 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1662 if (r < 0) {
1663 r = -errno;
1664 goto fail;
1665 }
1666
1667 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1668 if (r < 0) {
1669 r = -errno;
1670 goto fail;
1671 }
1672
1673 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1674 if (r < 0) {
1675 r = -errno;
1676 goto fail;
1677 }
1678
1679 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1680 if (r < 0) {
1681 r = -errno;
1682 goto fail;
1683 }
1684
1685 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1686 if (r < 0) {
1687 r = -errno;
1688 goto fail;
1689 }
1690
1691 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1692 if (r < 0) {
1693 r = -errno;
1694 goto fail;
1695 }
1696
1697 return m->llmnr_ipv6_tcp_fd;
1698
1699fail:
1700 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1701 return r;
1702}
1703
623a4c97 1704int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP		 1705 LinkAddress *a;
1706
1707 assert(m);
1708
4e945a6f 1709 a = manager_find_link_address(m, family, in_addr);
ec2c5e43
LP		 1710 if (a)
1711 return a->link->ifindex;
1712
1713 return 0;
1714}
1715
eb60f9cd
LP		 1716void manager_refresh_rrs(Manager *m) {
1717 Iterator i;
1718 Link *l;
1719
1720 assert(m);
1721
1722 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1723 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1724
1725 HASHMAP_FOREACH(l, m->links, i) {
1726 link_add_rrs(l, true);
1727 link_add_rrs(l, false);
1728 }
1729}
1730
ec2c5e43
LP		 1731int manager_next_hostname(Manager *m) {
1732 const char *p;
556a2294 1733 uint64_t u, a;
ec2c5e43 1734 char *h;
623a4c97
LP		 1735
1736 assert(m);
1737
ec2c5e43
LP		 1738 p = strchr(m->hostname, 0);
1739 assert(p);
1740
1741 while (p > m->hostname) {
1742 if (!strchr("0123456789", p[-1]))
1743 break;
1744
1745 p--;
1746 }
1747
1748 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1749 u = 1;
1750
556a2294
LP		 1751 /* Add a random number to the old value. This way we can avoid
1752 * that two hosts pick the same hostname, win on IPv4 and lose
1753 * on IPv6 (or vice versa), and pick the same hostname
1754 * replacement hostname, ad infinitum. We still want the
1755 * numbers to go up monotonically, hence we just add a random
1756 * value 1..10 */
1757
1758 random_bytes(&a, sizeof(a));
1759 u += 1 + a % 10;
ec2c5e43
LP		 1760
1761 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1762 return -ENOMEM;
1763
eb60f9cd 1764 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
ec2c5e43
LP		 1765
1766 free(m->hostname);
1767 m->hostname = h;
1768
eb60f9cd 1769 manager_refresh_rrs(m);
623a4c97
LP		 1770
1771 return 0;
1772}
ec2c5e43 1773
4e945a6f 1774LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP		 1775 Iterator i;
1776 Link *l;
1777
1778 assert(m);
1779
1780 HASHMAP_FOREACH(l, m->links, i) {
1781 LinkAddress *a;
1782
1783 a = link_find_address(l, family, in_addr);
1784 if (a)
1785 return a;
1786 }
1787
1788 return NULL;
1789}
1790
a4076574 1791bool manager_our_packet(Manager *m, DnsPacket *p) {
ec2c5e43
LP		 1792 assert(m);
1793 assert(p);
1794
4e945a6f 1795 return !!manager_find_link_address(m, p->family, &p->sender);
ec2c5e43 1796}
4e945a6f 1797
a4076574
LP		 1798DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1799 Link *l;
1800
1801 assert(m);
1802 assert(p);
1803
1804 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1805 if (!l)
1806 return NULL;
1807
1808 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1809 if (p->family == AF_INET)
1810 return l->llmnr_ipv4_scope;
1811 else if (p->family == AF_INET6)
1812 return l->llmnr_ipv6_scope;
1813 }
1814
1815 return NULL;
1816}
1817
902bb5d8
LP		 1818void manager_verify_all(Manager *m) {
1819 DnsScope *s;
1820
1821 assert(m);
1822
1823 LIST_FOREACH(scopes, s, m->dns_scopes)
1824 dns_zone_verify_all(&s->zone);
1825}
1826
3e684349
LP		 1827void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1828 assert(m);
1829
1830 if (t == DNS_SERVER_SYSTEM)
1831 while (m->dns_servers)
1832 dns_server_free(m->dns_servers);
1833
1834 if (t == DNS_SERVER_FALLBACK)
1835 while (m->fallback_dns_servers)
1836 dns_server_free(m->fallback_dns_servers);
1837}
1838
4e945a6f
LP		 1839static const char* const support_table[_SUPPORT_MAX] = {
1840 [SUPPORT_NO] = "no",
1841 [SUPPORT_YES] = "yes",
1842 [SUPPORT_RESOLVE] = "resolve",
1843};
1844DEFINE_STRING_TABLE_LOOKUP(support, Support);
Unnamed repository; edit this file 'description' to name the repository.