]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
README: document that we prefer if CONFIG_CHECKPOINT_RESTORE is turned on, for the...
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
CommitLineData
091a364c
TG		 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
091a364c 22#include <resolv.h>
74b2466e 23#include <sys/ioctl.h>
0a6f50c0 24#include <poll.h>
74b2466e 25#include <netinet/in.h>
091a364c 26
74b2466e 27#include "rtnl-util.h"
091a364c 28#include "network-internal.h"
74b2466e 29#include "socket-util.h"
a2a416f7 30#include "af-list.h"
eb60f9cd 31#include "utf8.h"
a5a807e6 32#include "fileio-label.h"
822db23c 33#include "ordered-set.h"
3df3e884 34#include "random-util.h"
4e945a6f 35
eb60f9cd 36#include "resolved-dns-domain.h"
39d8db04
LP		 37#include "resolved-conf.h"
38#include "resolved-bus.h"
39#include "resolved-manager.h"
74b2466e
LP		 40
41#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
42
43static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
44 Manager *m = userdata;
45 uint16_t type;
46 Link *l;
47 int ifindex, r;
48
49 assert(rtnl);
50 assert(m);
51 assert(mm);
52
53 r = sd_rtnl_message_get_type(mm, &type);
54 if (r < 0)
55 goto fail;
56
57 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
58 if (r < 0)
59 goto fail;
60
61 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
62
63 switch (type) {
64
a2a416f7
LP		 65 case RTM_NEWLINK:{
66 bool is_new = !l;
74b2466e 67
a2a416f7 68 if (!l) {
74b2466e
LP		 69 r = link_new(m, &l, ifindex);
70 if (r < 0)
71 goto fail;
72 }
73
74 r = link_update_rtnl(l, mm);
75 if (r < 0)
76 goto fail;
77
21d73c87
LP		 78 r = link_update_monitor(l);
79 if (r < 0)
80 goto fail;
81
a2a416f7
LP		 82 if (is_new)
83 log_debug("Found new link %i/%s", ifindex, l->name);
84
74b2466e 85 break;
a2a416f7 86 }
74b2466e
LP		 87
88 case RTM_DELLINK:
89 if (l) {
a2a416f7 90 log_debug("Removing link %i/%s", l->ifindex, l->name);
74b2466e
LP		 91 link_free(l);
92 }
93
94 break;
95 }
96
97 return 0;
98
99fail:
da927ba9 100 log_warning_errno(r, "Failed to process RTNL link message: %m");
74b2466e
LP		 101 return 0;
102}
103
104static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
105 Manager *m = userdata;
106 union in_addr_union address;
74b2466e 107 uint16_t type;
0dd25fb9 108 int r, ifindex, family;
74b2466e
LP		 109 LinkAddress *a;
110 Link *l;
111
112 assert(rtnl);
113 assert(mm);
114 assert(m);
115
116 r = sd_rtnl_message_get_type(mm, &type);
117 if (r < 0)
118 goto fail;
119
120 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
121 if (r < 0)
122 goto fail;
123
124 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
125 if (!l)
126 return 0;
127
128 r = sd_rtnl_message_addr_get_family(mm, &family);
129 if (r < 0)
130 goto fail;
131
132 switch (family) {
133
134 case AF_INET:
135 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
136 if (r < 0) {
137 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
138 if (r < 0)
139 goto fail;
140 }
141
142 break;
143
144 case AF_INET6:
145 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
146 if (r < 0) {
147 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
148 if (r < 0)
149 goto fail;
150 }
151
152 break;
153
154 default:
155 return 0;
156 }
157
158 a = link_find_address(l, family, &address);
159
160 switch (type) {
161
162 case RTM_NEWADDR:
163
164 if (!a) {
165 r = link_address_new(l, &a, family, &address);
166 if (r < 0)
167 return r;
168 }
169
170 r = link_address_update_rtnl(a, mm);
171 if (r < 0)
172 return r;
173
174 break;
175
176 case RTM_DELADDR:
177 if (a)
178 link_address_free(a);
179 break;
180 }
181
182 return 0;
183
184fail:
da927ba9 185 log_warning_errno(r, "Failed to process RTNL address message: %m");
74b2466e
LP		 186 return 0;
187}
188
74b2466e
LP		 189static int manager_rtnl_listen(Manager *m) {
190 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
191 sd_rtnl_message *i;
192 int r;
193
194 assert(m);
195
cc98b302 196 /* First, subscribe to interfaces coming and going */
74b2466e
LP		 197 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
198 if (r < 0)
199 return r;
200
201 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
202 if (r < 0)
203 return r;
204
205 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
206 if (r < 0)
207 return r;
208
209 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
210 if (r < 0)
211 return r;
212
213 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
214 if (r < 0)
215 return r;
091a364c 216
74b2466e
LP		 217 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
218 if (r < 0)
219 return r;
220
221 /* Then, enumerate all links */
222 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
223 if (r < 0)
224 return r;
225
226 r = sd_rtnl_message_request_dump(req, true);
227 if (r < 0)
228 return r;
229
230 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
231 if (r < 0)
232 return r;
233
234 for (i = reply; i; i = sd_rtnl_message_next(i)) {
235 r = manager_process_link(m->rtnl, i, m);
236 if (r < 0)
237 return r;
238 }
239
240 req = sd_rtnl_message_unref(req);
241 reply = sd_rtnl_message_unref(reply);
242
243 /* Finally, enumerate all addresses, too */
244 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
245 if (r < 0)
246 return r;
247
248 r = sd_rtnl_message_request_dump(req, true);
249 if (r < 0)
250 return r;
251
252 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
253 if (r < 0)
254 return r;
255
256 for (i = reply; i; i = sd_rtnl_message_next(i)) {
257 r = manager_process_address(m->rtnl, i, m);
258 if (r < 0)
259 return r;
260 }
261
262 return r;
263}
264
265static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
266 Manager *m = userdata;
267 Iterator i;
268 Link *l;
269 int r;
270
271 assert(m);
272
273 sd_network_monitor_flush(m->network_monitor);
274
275 HASHMAP_FOREACH(l, m->links, i) {
276 r = link_update_monitor(l);
277 if (r < 0)
da927ba9 278 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
74b2466e
LP		 279 }
280
281 r = manager_write_resolv_conf(m);
282 if (r < 0)
da927ba9 283 log_warning_errno(r, "Could not update resolv.conf: %m");
74b2466e
LP		 284
285 return 0;
286}
287
288static int manager_network_monitor_listen(Manager *m) {
289 int r, fd, events;
290
291 assert(m);
292
0014a4ad 293 r = sd_network_monitor_new(&m->network_monitor, NULL);
74b2466e
LP		 294 if (r < 0)
295 return r;
296
297 fd = sd_network_monitor_get_fd(m->network_monitor);
298 if (fd < 0)
299 return fd;
300
301 events = sd_network_monitor_get_events(m->network_monitor);
302 if (events < 0)
303 return events;
304
305 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
306 if (r < 0)
307 return r;
308
309 return 0;
310}
311
eb60f9cd
LP		 312static int determine_hostname(char **ret) {
313 _cleanup_free_ char *h = NULL, *n = NULL;
314 int r;
315
316 assert(ret);
317
318 h = gethostname_malloc();
319 if (!h)
320 return log_oom();
321
322 if (!utf8_is_valid(h)) {
323 log_error("System hostname is not UTF-8 clean.");
324 return -EINVAL;
325 }
326
327 r = dns_name_normalize(h, &n);
328 if (r < 0) {
329 log_error("System hostname '%s' cannot be normalized.", h);
330 return r;
331 }
332
333 *ret = n;
334 n = NULL;
335
336 return 0;
337}
338
339static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
340 _cleanup_free_ char *h = NULL;
341 Manager *m = userdata;
342 int r;
343
344 assert(m);
345
346 r = determine_hostname(&h);
347 if (r < 0)
348 return 0; /* ignore invalid hostnames */
349
350 if (streq(h, m->hostname))
351 return 0;
352
353 log_info("System hostname changed to '%s'.", h);
354 free(m->hostname);
355 m->hostname = h;
356 h = NULL;
357
358 manager_refresh_rrs(m);
359
360 return 0;
361}
362
363static int manager_watch_hostname(Manager *m) {
eb60f9cd
LP		 364 int r;
365
366 assert(m);
367
368 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
369 if (m->hostname_fd < 0) {
56f64d95 370 log_warning_errno(errno, "Failed to watch hostname: %m");
eb60f9cd
LP		 371 return 0;
372 }
373
374 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
375 if (r < 0) {
376 if (r == -EPERM)
377 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
378 m->hostname_fd = safe_close(m->hostname_fd);
8d3d7072
MS		 379 else
380 return log_error_errno(r, "Failed to add hostname event source: %m");
eb60f9cd
LP		 381 }
382
383 r = determine_hostname(&m->hostname);
384 if (r < 0) {
385 log_info("Defaulting to hostname 'linux'.");
386 m->hostname = strdup("linux");
387 if (!m->hostname)
388 return log_oom();
389 } else
390 log_info("Using system hostname '%s'.", m->hostname);
391
392 return 0;
393}
394
edc501d4
LP		 395static void manager_llmnr_stop(Manager *m) {
396 assert(m);
397
398 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
399 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
400
401 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
402 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
403
404 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
405 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
406
407 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
408 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
409}
410
411static int manager_llmnr_start(Manager *m) {
412 int r;
413
414 assert(m);
415
416 if (m->llmnr_support == SUPPORT_NO)
417 return 0;
418
419 r = manager_llmnr_ipv4_udp_fd(m);
420 if (r == -EADDRINUSE)
421 goto eaddrinuse;
422 if (r < 0)
423 return r;
424
edc501d4
LP		 425 r = manager_llmnr_ipv4_tcp_fd(m);
426 if (r == -EADDRINUSE)
427 goto eaddrinuse;
428 if (r < 0)
429 return r;
430
90ab5042
LP		 431 if (socket_ipv6_is_supported()) {
432 r = manager_llmnr_ipv6_udp_fd(m);
433 if (r == -EADDRINUSE)
434 goto eaddrinuse;
435 if (r < 0)
436 return r;
437
438 r = manager_llmnr_ipv6_tcp_fd(m);
439 if (r == -EADDRINUSE)
440 goto eaddrinuse;
441 if (r < 0)
442 return r;
443 }
edc501d4
LP		 444
445 return 0;
446
447eaddrinuse:
c4147df1 448 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
edc501d4
LP		 449 m->llmnr_support = SUPPORT_NO;
450 manager_llmnr_stop(m);
90ab5042 451
edc501d4
LP		 452 return 0;
453}
454
091a364c 455int manager_new(Manager **ret) {
74b2466e 456 _cleanup_(manager_freep) Manager *m = NULL;
091a364c
TG		 457 int r;
458
c92e531c
LP		 459 assert(ret);
460
091a364c
TG		 461 m = new0(Manager, 1);
462 if (!m)
463 return -ENOMEM;
464
74b2466e 465 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
1716f6dc 466 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
623a4c97 467 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
eb60f9cd 468 m->hostname_fd = -1;
1716f6dc 469
4e945a6f 470 m->llmnr_support = SUPPORT_YES;
5cb36f41 471 m->read_resolv_conf = true;
091a364c 472
4e945a6f 473 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
091a364c
TG		 474 if (r < 0)
475 return r;
476
477 r = sd_event_default(&m->event);
478 if (r < 0)
479 return r;
480
481 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
482 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
483
484 sd_event_set_watchdog(m->event, true);
485
eb60f9cd
LP		 486 r = manager_watch_hostname(m);
487 if (r < 0)
488 return r;
489
1716f6dc 490 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
74b2466e
LP		 491 if (r < 0)
492 return r;
493
494 r = manager_network_monitor_listen(m);
495 if (r < 0)
496 return r;
497
498 r = manager_rtnl_listen(m);
499 if (r < 0)
500 return r;
501
502 r = manager_connect_bus(m);
503 if (r < 0)
504 return r;
505
091a364c
TG		 506 *ret = m;
507 m = NULL;
508
509 return 0;
510}
511
edc501d4
LP		 512int manager_start(Manager *m) {
513 int r;
514
515 assert(m);
516
517 r = manager_llmnr_start(m);
518 if (r < 0)
519 return r;
520
521 return 0;
522}
523
74b2466e
LP		 524Manager *manager_free(Manager *m) {
525 Link *l;
091a364c
TG		 526
527 if (!m)
74b2466e
LP		 528 return NULL;
529
74b2466e
LP		 530 while ((l = hashmap_first(m->links)))
531 link_free(l);
f0e15467
LP		 532
533 while (m->dns_queries)
534 dns_query_free(m->dns_queries);
74b2466e
LP		 535
536 dns_scope_free(m->unicast_scope);
537
3e684349
LP		 538 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
539 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
091a364c 540
f0e15467
LP		 541 hashmap_free(m->links);
542 hashmap_free(m->dns_transactions);
543
096b6773
LP		 544 sd_event_source_unref(m->network_event_source);
545 sd_network_monitor_unref(m->network_monitor);
091a364c 546
74b2466e
LP		 547 sd_event_source_unref(m->dns_ipv4_event_source);
548 sd_event_source_unref(m->dns_ipv6_event_source);
74b2466e
LP		 549 safe_close(m->dns_ipv4_fd);
550 safe_close(m->dns_ipv6_fd);
551
edc501d4 552 manager_llmnr_stop(m);
623a4c97 553
902bb5d8 554 sd_bus_slot_unref(m->prepare_for_sleep_slot);
74b2466e
LP		 555 sd_event_source_unref(m->bus_retry_event_source);
556 sd_bus_unref(m->bus);
091a364c 557
74b2466e 558 sd_event_unref(m->event);
623a4c97
LP		 559
560 dns_resource_key_unref(m->host_ipv4_key);
561 dns_resource_key_unref(m->host_ipv6_key);
eb60f9cd
LP		 562
563 safe_close(m->hostname_fd);
564 sd_event_source_unref(m->hostname_event_source);
623a4c97 565 free(m->hostname);
eb60f9cd 566
091a364c 567 free(m);
74b2466e
LP		 568
569 return NULL;
091a364c
TG		 570}
571
5cb36f41
LP		 572int manager_read_resolv_conf(Manager *m) {
573 _cleanup_fclose_ FILE *f = NULL;
574 struct stat st, own;
575 char line[LINE_MAX];
576 DnsServer *s, *nx;
577 usec_t t;
578 int r;
579
580 assert(m);
581
582 /* Reads the system /etc/resolv.conf, if it exists and is not
583 * symlinked to our own resolv.conf instance */
584
585 if (!m->read_resolv_conf)
586 return 0;
587
588 r = stat("/etc/resolv.conf", &st);
589 if (r < 0) {
590 if (errno != ENOENT)
56f64d95 591 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
5cb36f41
LP		 592 r = -errno;
593 goto clear;
594 }
595
596 /* Have we already seen the file? */
597 t = timespec_load(&st.st_mtim);
598 if (t == m->resolv_conf_mtime)
599 return 0;
600
601 m->resolv_conf_mtime = t;
602
603 /* Is it symlinked to our own file? */
604 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
605 st.st_dev == own.st_dev &&
606 st.st_ino == own.st_ino) {
607 r = 0;
608 goto clear;
609 }
610
611 f = fopen("/etc/resolv.conf", "re");
612 if (!f) {
613 if (errno != ENOENT)
56f64d95 614 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
5cb36f41
LP		 615 r = -errno;
616 goto clear;
617 }
618
619 if (fstat(fileno(f), &st) < 0) {
56f64d95 620 log_error_errno(errno, "Failed to stat open file: %m");
5cb36f41
LP		 621 r = -errno;
622 goto clear;
623 }
624
625 LIST_FOREACH(servers, s, m->dns_servers)
626 s->marked = true;
627
628 FOREACH_LINE(line, f, r = -errno; goto clear) {
629 union in_addr_union address;
630 int family;
631 char *l;
632 const char *a;
633
634 truncate_nl(line);
635
636 l = strstrip(line);
637 if (*l == '#' || *l == ';')
638 continue;
639
640 a = first_word(l, "nameserver");
641 if (!a)
642 continue;
643
644 r = in_addr_from_string_auto(a, &family, &address);
645 if (r < 0) {
646 log_warning("Failed to parse name server %s.", a);
647 continue;
648 }
649
650 LIST_FOREACH(servers, s, m->dns_servers)
651 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
652 break;
653
654 if (s)
655 s->marked = false;
656 else {
657 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
658 if (r < 0)
659 goto clear;
660 }
661 }
662
663 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
664 if (s->marked)
665 dns_server_free(s);
666
36a03ca2
LP		 667 /* Whenever /etc/resolv.conf changes, start using the first
668 * DNS server of it. This is useful to deal with broken
669 * network managing implementations (like NetworkManager),
670 * that when connecting to a VPN place both the VPN DNS
671 * servers and the local ones in /etc/resolv.conf. Without
672 * resetting the DNS server to use back to the first entry we
673 * will continue to use the local one thus being unable to
674 * resolve VPN domains. */
675 manager_set_dns_server(m, m->dns_servers);
676
5cb36f41
LP		 677 return 0;
678
679clear:
680 while (m->dns_servers)
681 dns_server_free(m->dns_servers);
682
683 return r;
684}
685
bda2c408 686static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
74b2466e
LP		 687 _cleanup_free_ char *t = NULL;
688 int r;
091a364c 689
74b2466e 690 assert(s);
091a364c 691 assert(f);
091a364c
TG		 692 assert(count);
693
74b2466e 694 r = in_addr_to_string(s->family, &s->address, &t);
4e945a6f 695 if (r < 0) {
da927ba9 696 log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
091a364c
TG		 697 return;
698 }
699
700 if (*count == MAXNS)
87f5a193 701 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
091a364c 702
74b2466e 703 fprintf(f, "nameserver %s\n", t);
091a364c
TG		 704 (*count) ++;
705}
706
822db23c
LP		 707static void write_resolv_conf_search(
708 const char *domain, FILE *f,
709 unsigned *count,
710 unsigned *length) {
711
bda2c408
TG		 712 assert(domain);
713 assert(f);
714 assert(length);
715
716 if (*count >= MAXDNSRCH ||
717 *length + strlen(domain) > 256) {
718 if (*count == MAXDNSRCH)
719 fputs(" # Too many search domains configured, remaining ones ignored.", f);
720 if (*length <= 256)
721 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
722
723 return;
724 }
725
726 fprintf(f, " %s", domain);
727
728 (*length) += strlen(domain);
729 (*count) ++;
730}
731
822db23c 732static int write_resolv_conf_contents(FILE *f, OrderedSet *dns, OrderedSet *domains) {
4713135e
ZJS		 733 Iterator i;
734
735 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
736 "# Third party programs must not access this file directly, but\n"
737 "# only through the symlink at /etc/resolv.conf. To manage\n"
738 "# resolv.conf(5) in a different way, replace the symlink by a\n"
739 "# static file or a different symlink.\n\n", f);
740
822db23c 741 if (ordered_set_isempty(dns))
4713135e
ZJS		 742 fputs("# No DNS servers known.\n", f);
743 else {
744 DnsServer *s;
745 unsigned count = 0;
746
822db23c 747 ORDERED_SET_FOREACH(s, dns, i)
4713135e
ZJS		 748 write_resolv_conf_server(s, f, &count);
749 }
750
822db23c 751 if (!ordered_set_isempty(domains)) {
4713135e
ZJS		 752 unsigned length = 0, count = 0;
753 char *domain;
754
755 fputs("search", f);
822db23c 756 ORDERED_SET_FOREACH(domain, domains, i)
4713135e
ZJS		 757 write_resolv_conf_search(domain, f, &count, &length);
758 fputs("\n", f);
759 }
760
761 return fflush_and_check(f);
762}
763
74b2466e 764int manager_write_resolv_conf(Manager *m) {
4e945a6f 765 static const char path[] = "/run/systemd/resolve/resolv.conf";
091a364c
TG		 766 _cleanup_free_ char *temp_path = NULL;
767 _cleanup_fclose_ FILE *f = NULL;
822db23c 768 _cleanup_ordered_set_free_ OrderedSet *dns = NULL, *domains = NULL;
74b2466e
LP		 769 DnsServer *s;
770 Iterator i;
771 Link *l;
772 int r;
091a364c
TG		 773
774 assert(m);
775
5cb36f41
LP		 776 /* Read the system /etc/resolv.conf first */
777 manager_read_resolv_conf(m);
778
87f5a193 779 /* Add the full list to a set, to filter out duplicates */
822db23c 780 dns = ordered_set_new(&dns_server_hash_ops);
87f5a193
LP		 781 if (!dns)
782 return -ENOMEM;
783
822db23c 784 domains = ordered_set_new(&dns_name_hash_ops);
bda2c408
TG		 785 if (!domains)
786 return -ENOMEM;
787
87f5a193
LP		 788 /* First add the system-wide servers */
789 LIST_FOREACH(servers, s, m->dns_servers) {
822db23c 790 r = ordered_set_put(dns, s);
87f5a193
LP		 791 if (r == -EEXIST)
792 continue;
793 if (r < 0)
794 return r;
795 }
796
bda2c408
TG		 797 /* Then, add the per-link servers and domains */
798 HASHMAP_FOREACH(l, m->links, i) {
799 char **domain;
800
87f5a193 801 LIST_FOREACH(servers, s, l->dns_servers) {
822db23c 802 r = ordered_set_put(dns, s);
87f5a193
LP		 803 if (r == -EEXIST)
804 continue;
805 if (r < 0)
806 return r;
807 }
808
bda2c408
TG		 809 if (!l->unicast_scope)
810 continue;
811
812 STRV_FOREACH(domain, l->unicast_scope->domains) {
822db23c 813 r = ordered_set_put(domains, *domain);
bda2c408
TG		 814 if (r == -EEXIST)
815 continue;
816 if (r < 0)
817 return r;
818 }
819 }
820
87f5a193 821 /* If we found nothing, add the fallback servers */
822db23c 822 if (ordered_set_isempty(dns)) {
87f5a193 823 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
822db23c 824 r = ordered_set_put(dns, s);
87f5a193
LP		 825 if (r == -EEXIST)
826 continue;
827 if (r < 0)
828 return r;
829 }
830 }
831
a5a807e6 832 r = fopen_temporary_label(path, path, &f, &temp_path);
091a364c
TG		 833 if (r < 0)
834 return r;
835
836 fchmod(fileno(f), 0644);
837
4713135e 838 r = write_resolv_conf_contents(f, dns, domains);
74b2466e
LP		 839 if (r < 0)
840 goto fail;
841
842 if (rename(temp_path, path) < 0) {
843 r = -errno;
844 goto fail;
845 }
091a364c 846
74b2466e 847 return 0;
091a364c 848
74b2466e 849fail:
822db23c
LP		 850 (void) unlink(path);
851 (void) unlink(temp_path);
74b2466e
LP		 852 return r;
853}
091a364c 854
1716f6dc 855int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
74b2466e 856 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1716f6dc
LP		 857 union {
858 struct cmsghdr header; /* For alignment */
40a1eebd 859 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
1716f6dc 860 + CMSG_SPACE(int) /* ttl/hoplimit */
623a4c97 861 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
1716f6dc
LP		 862 } control;
863 union sockaddr_union sa;
74b2466e 864 struct msghdr mh = {};
1716f6dc 865 struct cmsghdr *cmsg;
74b2466e 866 struct iovec iov;
1716f6dc 867 int ms = 0, r;
74b2466e
LP		 868 ssize_t l;
869
870 assert(m);
1716f6dc 871 assert(fd >= 0);
74b2466e
LP		 872 assert(ret);
873
74b2466e
LP		 874 r = ioctl(fd, FIONREAD, &ms);
875 if (r < 0)
876 return -errno;
877 if (ms < 0)
878 return -EIO;
879
1716f6dc 880 r = dns_packet_new(&p, protocol, ms);
74b2466e
LP		 881 if (r < 0)
882 return r;
883
884 iov.iov_base = DNS_PACKET_DATA(p);
885 iov.iov_len = p->allocated;
886
1716f6dc
LP		 887 mh.msg_name = &sa.sa;
888 mh.msg_namelen = sizeof(sa);
74b2466e
LP		 889 mh.msg_iov = &iov;
890 mh.msg_iovlen = 1;
1716f6dc
LP		 891 mh.msg_control = &control;
892 mh.msg_controllen = sizeof(control);
74b2466e 893
a38d9945 894 l = recvmsg(fd, &mh, 0);
74b2466e 895 if (l < 0) {
ad867662 896 if (errno == EAGAIN || errno == EINTR)
74b2466e
LP		 897 return 0;
898
899 return -errno;
091a364c
TG		 900 }
901
74b2466e
LP		 902 if (l <= 0)
903 return -EIO;
091a364c 904
1716f6dc
LP		 905 assert(!(mh.msg_flags & MSG_CTRUNC));
906 assert(!(mh.msg_flags & MSG_TRUNC));
907
74b2466e 908 p->size = (size_t) l;
091a364c 909
1716f6dc 910 p->family = sa.sa.sa_family;
623a4c97
LP		 911 p->ipproto = IPPROTO_UDP;
912 if (p->family == AF_INET) {
1716f6dc 913 p->sender.in = sa.in.sin_addr;
623a4c97
LP		 914 p->sender_port = be16toh(sa.in.sin_port);
915 } else if (p->family == AF_INET6) {
1716f6dc 916 p->sender.in6 = sa.in6.sin6_addr;
623a4c97
LP		 917 p->sender_port = be16toh(sa.in6.sin6_port);
918 p->ifindex = sa.in6.sin6_scope_id;
919 } else
1716f6dc 920 return -EAFNOSUPPORT;
74b2466e 921
1716f6dc 922 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
74b2466e 923
1716f6dc
LP		 924 if (cmsg->cmsg_level == IPPROTO_IPV6) {
925 assert(p->family == AF_INET6);
74b2466e 926
1716f6dc 927 switch (cmsg->cmsg_type) {
74b2466e 928
1716f6dc
LP		 929 case IPV6_PKTINFO: {
930 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
74b2466e 931
623a4c97
LP		 932 if (p->ifindex <= 0)
933 p->ifindex = i->ipi6_ifindex;
934
1716f6dc
LP		 935 p->destination.in6 = i->ipi6_addr;
936 break;
937 }
74b2466e 938
1716f6dc
LP		 939 case IPV6_HOPLIMIT:
940 p->ttl = *(int *) CMSG_DATA(cmsg);
941 break;
74b2466e 942
1716f6dc
LP		 943 }
944 } else if (cmsg->cmsg_level == IPPROTO_IP) {
945 assert(p->family == AF_INET);
74b2466e 946
1716f6dc 947 switch (cmsg->cmsg_type) {
74b2466e 948
1716f6dc
LP		 949 case IP_PKTINFO: {
950 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
091a364c 951
623a4c97
LP		 952 if (p->ifindex <= 0)
953 p->ifindex = i->ipi_ifindex;
954
1716f6dc
LP		 955 p->destination.in = i->ipi_addr;
956 break;
957 }
74b2466e 958
623a4c97 959 case IP_TTL:
1716f6dc
LP		 960 p->ttl = *(int *) CMSG_DATA(cmsg);
961 break;
962 }
963 }
964 }
74b2466e 965
623a4c97
LP		 966 /* The Linux kernel sets the interface index to the loopback
967 * device if the packet came from the local host since it
968 * avoids the routing table in such a case. Let's unset the
969 * interface index in such a case. */
a5f03596 970 if (p->ifindex == LOOPBACK_IFINDEX)
623a4c97
LP		 971 p->ifindex = 0;
972
973 /* If we don't know the interface index still, we look for the
974 * first local interface with a matching address. Yuck! */
975 if (p->ifindex <= 0)
976 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
977
74b2466e
LP		 978 *ret = p;
979 p = NULL;
980
981 return 1;
982}
983
1716f6dc 984static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
74b2466e 985 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 986 DnsTransaction *t = NULL;
74b2466e
LP		 987 Manager *m = userdata;
988 int r;
989
1716f6dc 990 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
74b2466e
LP		 991 if (r <= 0)
992 return r;
993
623a4c97 994 if (dns_packet_validate_reply(p) > 0) {
ec2c5e43 995 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1716f6dc
LP		 996 if (!t)
997 return 0;
74b2466e 998
ec2c5e43 999 dns_transaction_process_reply(t, p);
623a4c97 1000
1716f6dc 1001 } else
623a4c97 1002 log_debug("Invalid DNS packet.");
74b2466e 1003
ad867662 1004 return 0;
74b2466e
LP		 1005}
1006
1007int manager_dns_ipv4_fd(Manager *m) {
1716f6dc 1008 const int one = 1;
74b2466e
LP		 1009 int r;
1010
091a364c
TG		 1011 assert(m);
1012
74b2466e
LP		 1013 if (m->dns_ipv4_fd >= 0)
1014 return m->dns_ipv4_fd;
091a364c 1015
74b2466e
LP		 1016 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1017 if (m->dns_ipv4_fd < 0)
1018 return -errno;
091a364c 1019
1716f6dc
LP		 1020 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1021 if (r < 0) {
1022 r = -errno;
1023 goto fail;
1024 }
1025
1026 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
74b2466e 1027 if (r < 0)
1716f6dc 1028 goto fail;
74b2466e
LP		 1029
1030 return m->dns_ipv4_fd;
1716f6dc
LP		 1031
1032fail:
1033 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1034 return r;
091a364c
TG		 1035}
1036
74b2466e 1037int manager_dns_ipv6_fd(Manager *m) {
1716f6dc 1038 const int one = 1;
74b2466e
LP		 1039 int r;
1040
1041 assert(m);
091a364c 1042
74b2466e
LP		 1043 if (m->dns_ipv6_fd >= 0)
1044 return m->dns_ipv6_fd;
1045
1046 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1047 if (m->dns_ipv6_fd < 0)
1048 return -errno;
1049
1716f6dc
LP		 1050 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1051 if (r < 0) {
1052 r = -errno;
1053 goto fail;
1054 }
1055
1056 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
091a364c 1057 if (r < 0)
1716f6dc 1058 goto fail;
091a364c 1059
74b2466e 1060 return m->dns_ipv6_fd;
1716f6dc
LP		 1061
1062fail:
1063 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1064 return r;
74b2466e
LP		 1065}
1066
1067static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1068 int r;
1069
1070 assert(fd >= 0);
1071 assert(mh);
1072
1073 for (;;) {
1074 if (sendmsg(fd, mh, flags) >= 0)
1075 return 0;
1076
1077 if (errno == EINTR)
1078 continue;
1079
1080 if (errno != EAGAIN)
1081 return -errno;
1082
1083 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1084 if (r < 0)
1085 return r;
1086 if (r == 0)
1087 return -ETIMEDOUT;
1088 }
1089}
1090
623a4c97 1091static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP		 1092 union sockaddr_union sa = {
1093 .in.sin_family = AF_INET,
74b2466e 1094 };
1716f6dc
LP		 1095 union {
1096 struct cmsghdr header; /* For alignment */
1097 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1098 } control;
74b2466e
LP		 1099 struct msghdr mh = {};
1100 struct iovec iov;
74b2466e
LP		 1101
1102 assert(m);
1716f6dc
LP		 1103 assert(fd >= 0);
1104 assert(addr);
1105 assert(port > 0);
74b2466e
LP		 1106 assert(p);
1107
74b2466e
LP		 1108 iov.iov_base = DNS_PACKET_DATA(p);
1109 iov.iov_len = p->size;
091a364c 1110
1716f6dc
LP		 1111 sa.in.sin_addr = *addr;
1112 sa.in.sin_port = htobe16(port),
091a364c 1113
74b2466e
LP		 1114 mh.msg_iov = &iov;
1115 mh.msg_iovlen = 1;
1116 mh.msg_name = &sa.sa;
1117 mh.msg_namelen = sizeof(sa.in);
091a364c 1118
74b2466e
LP		 1119 if (ifindex > 0) {
1120 struct cmsghdr *cmsg;
1121 struct in_pktinfo *pi;
1122
1123 zero(control);
1124
1716f6dc 1125 mh.msg_control = &control;
74b2466e
LP		 1126 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1127
1128 cmsg = CMSG_FIRSTHDR(&mh);
1129 cmsg->cmsg_len = mh.msg_controllen;
1130 cmsg->cmsg_level = IPPROTO_IP;
1131 cmsg->cmsg_type = IP_PKTINFO;
1132
1133 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1134 pi->ipi_ifindex = ifindex;
1135 }
1136
1137 return sendmsg_loop(fd, &mh, 0);
1138}
1139
623a4c97 1140static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP		 1141 union sockaddr_union sa = {
1142 .in6.sin6_family = AF_INET6,
74b2466e 1143 };
1716f6dc
LP		 1144 union {
1145 struct cmsghdr header; /* For alignment */
1146 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1147 } control;
74b2466e
LP		 1148 struct msghdr mh = {};
1149 struct iovec iov;
74b2466e
LP		 1150
1151 assert(m);
1716f6dc
LP		 1152 assert(fd >= 0);
1153 assert(addr);
1154 assert(port > 0);
74b2466e
LP		 1155 assert(p);
1156
74b2466e
LP		 1157 iov.iov_base = DNS_PACKET_DATA(p);
1158 iov.iov_len = p->size;
1159
1716f6dc
LP		 1160 sa.in6.sin6_addr = *addr;
1161 sa.in6.sin6_port = htobe16(port),
74b2466e
LP		 1162 sa.in6.sin6_scope_id = ifindex;
1163
1164 mh.msg_iov = &iov;
1165 mh.msg_iovlen = 1;
1166 mh.msg_name = &sa.sa;
1167 mh.msg_namelen = sizeof(sa.in6);
1168
1169 if (ifindex > 0) {
1170 struct cmsghdr *cmsg;
1171 struct in6_pktinfo *pi;
1172
1173 zero(control);
1174
1716f6dc 1175 mh.msg_control = &control;
74b2466e
LP		 1176 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1177
1178 cmsg = CMSG_FIRSTHDR(&mh);
1179 cmsg->cmsg_len = mh.msg_controllen;
1180 cmsg->cmsg_level = IPPROTO_IPV6;
1181 cmsg->cmsg_type = IPV6_PKTINFO;
1182
1183 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1184 pi->ipi6_ifindex = ifindex;
1185 }
1186
1187 return sendmsg_loop(fd, &mh, 0);
1188}
1189
623a4c97 1190int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1716f6dc
LP		 1191 assert(m);
1192 assert(fd >= 0);
1193 assert(addr);
1194 assert(port > 0);
1195 assert(p);
1196
a2a416f7
LP		 1197 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1198
1716f6dc
LP		 1199 if (family == AF_INET)
1200 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1201 else if (family == AF_INET6)
1202 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1203
1204 return -EAFNOSUPPORT;
1205}
1206
2c27fbca 1207DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
74b2466e
LP		 1208 DnsServer *s;
1209
1210 assert(m);
1211 assert(in_addr);
1212
4e945a6f 1213 LIST_FOREACH(servers, s, m->dns_servers)
5cb36f41 1214 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1215 return s;
74b2466e 1216
4e945a6f 1217 LIST_FOREACH(servers, s, m->fallback_dns_servers)
5cb36f41 1218 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1219 return s;
74b2466e 1220
2c27fbca 1221 return NULL;
4e945a6f
LP		 1222}
1223
2c27fbca 1224DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
4e945a6f
LP		 1225 assert(m);
1226
1227 if (m->current_dns_server == s)
1228 return s;
1229
1230 if (s) {
1231 _cleanup_free_ char *ip = NULL;
1232
1233 in_addr_to_string(s->family, &s->address, &ip);
1234 log_info("Switching to system DNS server %s.", strna(ip));
2c27fbca 1235 }
4e945a6f
LP		 1236
1237 m->current_dns_server = s;
2c27fbca
LP		 1238
1239 if (m->unicast_scope)
1240 dns_cache_flush(&m->unicast_scope->cache);
1241
4e945a6f 1242 return s;
74b2466e
LP		 1243}
1244
1245DnsServer *manager_get_dns_server(Manager *m) {
4e945a6f 1246 Link *l;
74b2466e
LP		 1247 assert(m);
1248
5cb36f41
LP		 1249 /* Try to read updates resolv.conf */
1250 manager_read_resolv_conf(m);
1251
74b2466e 1252 if (!m->current_dns_server)
4e945a6f
LP		 1253 manager_set_dns_server(m, m->dns_servers);
1254
1255 if (!m->current_dns_server) {
1256 bool found = false;
1257 Iterator i;
1258
1259 /* No DNS servers configured, let's see if there are
1260 * any on any links. If not, we use the fallback
1261 * servers */
1262
1263 HASHMAP_FOREACH(l, m->links, i)
1264 if (l->dns_servers) {
1265 found = true;
1266 break;
1267 }
1268
1269 if (!found)
1270 manager_set_dns_server(m, m->fallback_dns_servers);
1271 }
74b2466e
LP		 1272
1273 return m->current_dns_server;
1274}
1275
1276void manager_next_dns_server(Manager *m) {
1277 assert(m);
1278
4e945a6f
LP		 1279 /* If there's currently no DNS server set, then the next
1280 * manager_get_dns_server() will find one */
74b2466e
LP		 1281 if (!m->current_dns_server)
1282 return;
1283
4e945a6f 1284 /* Change to the next one */
74b2466e 1285 if (m->current_dns_server->servers_next) {
4e945a6f 1286 manager_set_dns_server(m, m->current_dns_server->servers_next);
74b2466e
LP		 1287 return;
1288 }
1289
4e945a6f
LP		 1290 /* If there was no next one, then start from the beginning of
1291 * the list */
1292 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1293 manager_set_dns_server(m, m->fallback_dns_servers);
1294 else
1295 manager_set_dns_server(m, m->dns_servers);
091a364c 1296}
e1c95994
LP		 1297
1298uint32_t manager_find_mtu(Manager *m) {
1299 uint32_t mtu = 0;
1300 Link *l;
1301 Iterator i;
1302
1303 /* If we don't know on which link a DNS packet would be
1304 * delivered, let's find the largest MTU that works on all
1305 * interfaces we know of */
1306
1307 HASHMAP_FOREACH(l, m->links, i) {
1308 if (l->mtu <= 0)
1309 continue;
1310
1311 if (mtu <= 0 || l->mtu < mtu)
1312 mtu = l->mtu;
1313 }
1314
1315 return mtu;
1316}
1716f6dc
LP		 1317
1318static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1319 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 1320 DnsTransaction *t = NULL;
1716f6dc 1321 Manager *m = userdata;
a4076574 1322 DnsScope *scope;
1716f6dc
LP		 1323 int r;
1324
1325 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1326 if (r <= 0)
1327 return r;
1328
a4076574
LP		 1329 scope = manager_find_scope(m, p);
1330 if (!scope) {
1331 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1332 return 0;
1333 }
1334
623a4c97 1335 if (dns_packet_validate_reply(p) > 0) {
a2a416f7
LP		 1336 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1337
a4076574 1338 dns_scope_check_conflicts(scope, p);
623a4c97 1339
a4076574
LP		 1340 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1341 if (t)
1342 dns_transaction_process_reply(t, p);
623a4c97 1343
a4076574
LP		 1344 } else if (dns_packet_validate_query(p) > 0) {
1345 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
623a4c97 1346
a4076574 1347 dns_scope_process_query(scope, NULL, p);
623a4c97 1348 } else
a4076574 1349 log_debug("Invalid LLMNR UDP packet.");
1716f6dc
LP		 1350
1351 return 0;
1352}
1353
1354int manager_llmnr_ipv4_udp_fd(Manager *m) {
1355 union sockaddr_union sa = {
1356 .in.sin_family = AF_INET,
1357 .in.sin_port = htobe16(5355),
1358 };
bf3f1271 1359 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1716f6dc
LP		 1360 int r;
1361
1362 assert(m);
1363
1364 if (m->llmnr_ipv4_udp_fd >= 0)
1365 return m->llmnr_ipv4_udp_fd;
1366
1367 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1368 if (m->llmnr_ipv4_udp_fd < 0)
1369 return -errno;
1370
bf3f1271
LP		 1371 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1372 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1716f6dc
LP		 1373 if (r < 0) {
1374 r = -errno;
1375 goto fail;
1376 }
1377
bf3f1271 1378 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1716f6dc
LP		 1379 if (r < 0) {
1380 r = -errno;
1381 goto fail;
1382 }
1383
1384 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1385 if (r < 0) {
1386 r = -errno;
1387 goto fail;
1388 }
1389
1390 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1391 if (r < 0) {
1392 r = -errno;
1393 goto fail;
1394 }
1395
1396 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1397 if (r < 0) {
1398 r = -errno;
1399 goto fail;
1400 }
1401
1402 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1403 if (r < 0) {
1404 r = -errno;
1405 goto fail;
1406 }
1407
1408 /* Disable Don't-Fragment bit in the IP header */
1409 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1410 if (r < 0) {
1411 r = -errno;
1412 goto fail;
1413 }
1414
1415 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1416 if (r < 0) {
1417 r = -errno;
1418 goto fail;
1419 }
1420
1421 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1422 if (r < 0)
1423 goto fail;
1424
1425 return m->llmnr_ipv4_udp_fd;
1426
1427fail:
1428 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1429 return r;
1430}
1431
1432int manager_llmnr_ipv6_udp_fd(Manager *m) {
1433 union sockaddr_union sa = {
1434 .in6.sin6_family = AF_INET6,
1435 .in6.sin6_port = htobe16(5355),
1436 };
bf3f1271 1437 static const int one = 1, ttl = 255;
1716f6dc
LP		 1438 int r;
1439
1440 assert(m);
1441
1442 if (m->llmnr_ipv6_udp_fd >= 0)
1443 return m->llmnr_ipv6_udp_fd;
1444
1445 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1446 if (m->llmnr_ipv6_udp_fd < 0)
1447 return -errno;
1448
bf3f1271 1449 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP		 1450 if (r < 0) {
1451 r = -errno;
1452 goto fail;
1453 }
1454
bf3f1271
LP		 1455 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1456 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP		 1457 if (r < 0) {
1458 r = -errno;
1459 goto fail;
1460 }
1461
1462 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1463 if (r < 0) {
1464 r = -errno;
1465 goto fail;
1466 }
1467
1468 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1469 if (r < 0) {
1470 r = -errno;
1471 goto fail;
1472 }
1473
1474 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1475 if (r < 0) {
1476 r = -errno;
1477 goto fail;
1478 }
1479
1480 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1481 if (r < 0) {
1482 r = -errno;
1483 goto fail;
1484 }
1485
1486 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1487 if (r < 0) {
1488 r = -errno;
1489 goto fail;
1490 }
1491
1492 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1493 if (r < 0) {
1494 r = -errno;
1495 goto fail;
1496 }
1497
1498 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1499 if (r < 0) {
1500 r = -errno;
1501 goto fail;
1502 }
1503
1504 return m->llmnr_ipv6_udp_fd;
1505
1506fail:
1507 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1508 return r;
1509}
623a4c97
LP		 1510
1511static int on_llmnr_stream_packet(DnsStream *s) {
a4076574 1512 DnsScope *scope;
623a4c97 1513
a4076574 1514 assert(s);
623a4c97 1515
a4076574
LP		 1516 scope = manager_find_scope(s->manager, s->read_packet);
1517 if (!scope) {
1518 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1519 return 0;
1520 }
623a4c97 1521
a4076574
LP		 1522 if (dns_packet_validate_query(s->read_packet) > 0) {
1523 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
623a4c97 1524
a4076574 1525 dns_scope_process_query(scope, s, s->read_packet);
623a4c97 1526
a4076574
LP		 1527 /* If no reply packet was set, we free the stream */
1528 if (s->write_packet)
1529 return 0;
1530 } else
1531 log_debug("Invalid LLMNR TCP packet.");
623a4c97
LP		 1532
1533 dns_stream_free(s);
1534 return 0;
1535}
1536
1537static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1538 DnsStream *stream;
1539 Manager *m = userdata;
1540 int cfd, r;
1541
1542 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1543 if (cfd < 0) {
1544 if (errno == EAGAIN || errno == EINTR)
1545 return 0;
1546
1547 return -errno;
1548 }
1549
1550 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1551 if (r < 0) {
1552 safe_close(cfd);
1553 return r;
1554 }
1555
1556 stream->on_packet = on_llmnr_stream_packet;
1557 return 0;
1558}
1559
1560int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1561 union sockaddr_union sa = {
1562 .in.sin_family = AF_INET,
1563 .in.sin_port = htobe16(5355),
1564 };
1565 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1566 int r;
1567
1568 assert(m);
1569
1570 if (m->llmnr_ipv4_tcp_fd >= 0)
1571 return m->llmnr_ipv4_tcp_fd;
1572
1573 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1574 if (m->llmnr_ipv4_tcp_fd < 0)
1575 return -errno;
1576
bf3f1271 1577 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP		 1578 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1579 if (r < 0) {
1580 r = -errno;
1581 goto fail;
1582 }
1583
1584 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1585 if (r < 0) {
1586 r = -errno;
1587 goto fail;
1588 }
1589
1590 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1591 if (r < 0) {
1592 r = -errno;
1593 goto fail;
1594 }
1595
1596 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1597 if (r < 0) {
1598 r = -errno;
1599 goto fail;
1600 }
1601
1602 /* Disable Don't-Fragment bit in the IP header */
1603 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1604 if (r < 0) {
1605 r = -errno;
1606 goto fail;
1607 }
1608
1609 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1610 if (r < 0) {
1611 r = -errno;
1612 goto fail;
1613 }
1614
1615 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1616 if (r < 0) {
1617 r = -errno;
1618 goto fail;
1619 }
1620
1621 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1622 if (r < 0)
1623 goto fail;
1624
1625 return m->llmnr_ipv4_tcp_fd;
1626
1627fail:
1628 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1629 return r;
1630}
1631
1632int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1633 union sockaddr_union sa = {
1634 .in6.sin6_family = AF_INET6,
1635 .in6.sin6_port = htobe16(5355),
1636 };
1637 static const int one = 1;
1638 int r;
1639
1640 assert(m);
1641
1642 if (m->llmnr_ipv6_tcp_fd >= 0)
1643 return m->llmnr_ipv6_tcp_fd;
1644
1645 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1646 if (m->llmnr_ipv6_tcp_fd < 0)
1647 return -errno;
1648
bf3f1271 1649 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP		 1650 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1651 if (r < 0) {
1652 r = -errno;
1653 goto fail;
1654 }
1655
1656 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1657 if (r < 0) {
1658 r = -errno;
1659 goto fail;
1660 }
1661
1662 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1663 if (r < 0) {
1664 r = -errno;
1665 goto fail;
1666 }
1667
1668 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1669 if (r < 0) {
1670 r = -errno;
1671 goto fail;
1672 }
1673
1674 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1675 if (r < 0) {
1676 r = -errno;
1677 goto fail;
1678 }
1679
1680 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1681 if (r < 0) {
1682 r = -errno;
1683 goto fail;
1684 }
1685
1686 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1687 if (r < 0) {
1688 r = -errno;
1689 goto fail;
1690 }
1691
1692 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1693 if (r < 0) {
1694 r = -errno;
1695 goto fail;
1696 }
1697
1698 return m->llmnr_ipv6_tcp_fd;
1699
1700fail:
1701 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1702 return r;
1703}
1704
623a4c97 1705int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP		 1706 LinkAddress *a;
1707
1708 assert(m);
1709
4e945a6f 1710 a = manager_find_link_address(m, family, in_addr);
ec2c5e43
LP		 1711 if (a)
1712 return a->link->ifindex;
1713
1714 return 0;
1715}
1716
eb60f9cd
LP		 1717void manager_refresh_rrs(Manager *m) {
1718 Iterator i;
1719 Link *l;
1720
1721 assert(m);
1722
1723 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1724 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1725
1726 HASHMAP_FOREACH(l, m->links, i) {
1727 link_add_rrs(l, true);
1728 link_add_rrs(l, false);
1729 }
1730}
1731
ec2c5e43
LP		 1732int manager_next_hostname(Manager *m) {
1733 const char *p;
556a2294 1734 uint64_t u, a;
ec2c5e43 1735 char *h;
623a4c97
LP		 1736
1737 assert(m);
1738
ec2c5e43
LP		 1739 p = strchr(m->hostname, 0);
1740 assert(p);
1741
1742 while (p > m->hostname) {
1743 if (!strchr("0123456789", p[-1]))
1744 break;
1745
1746 p--;
1747 }
1748
1749 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1750 u = 1;
1751
556a2294
LP		 1752 /* Add a random number to the old value. This way we can avoid
1753 * that two hosts pick the same hostname, win on IPv4 and lose
1754 * on IPv6 (or vice versa), and pick the same hostname
1755 * replacement hostname, ad infinitum. We still want the
1756 * numbers to go up monotonically, hence we just add a random
1757 * value 1..10 */
1758
1759 random_bytes(&a, sizeof(a));
1760 u += 1 + a % 10;
ec2c5e43
LP		 1761
1762 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1763 return -ENOMEM;
1764
eb60f9cd 1765 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
ec2c5e43
LP		 1766
1767 free(m->hostname);
1768 m->hostname = h;
1769
eb60f9cd 1770 manager_refresh_rrs(m);
623a4c97
LP		 1771
1772 return 0;
1773}
ec2c5e43 1774
4e945a6f 1775LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP		 1776 Iterator i;
1777 Link *l;
1778
1779 assert(m);
1780
1781 HASHMAP_FOREACH(l, m->links, i) {
1782 LinkAddress *a;
1783
1784 a = link_find_address(l, family, in_addr);
1785 if (a)
1786 return a;
1787 }
1788
1789 return NULL;
1790}
1791
a4076574 1792bool manager_our_packet(Manager *m, DnsPacket *p) {
ec2c5e43
LP		 1793 assert(m);
1794 assert(p);
1795
4e945a6f 1796 return !!manager_find_link_address(m, p->family, &p->sender);
ec2c5e43 1797}
4e945a6f 1798
a4076574
LP		 1799DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1800 Link *l;
1801
1802 assert(m);
1803 assert(p);
1804
1805 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1806 if (!l)
1807 return NULL;
1808
1809 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1810 if (p->family == AF_INET)
1811 return l->llmnr_ipv4_scope;
1812 else if (p->family == AF_INET6)
1813 return l->llmnr_ipv6_scope;
1814 }
1815
1816 return NULL;
1817}
1818
902bb5d8
LP		 1819void manager_verify_all(Manager *m) {
1820 DnsScope *s;
1821
1822 assert(m);
1823
1824 LIST_FOREACH(scopes, s, m->dns_scopes)
1825 dns_zone_verify_all(&s->zone);
1826}
1827
3e684349
LP		 1828void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1829 assert(m);
1830
1831 if (t == DNS_SERVER_SYSTEM)
1832 while (m->dns_servers)
1833 dns_server_free(m->dns_servers);
1834
1835 if (t == DNS_SERVER_FALLBACK)
1836 while (m->fallback_dns_servers)
1837 dns_server_free(m->fallback_dns_servers);
1838}
1839
4e945a6f
LP		 1840static const char* const support_table[_SUPPORT_MAX] = {
1841 [SUPPORT_NO] = "no",
1842 [SUPPORT_YES] = "yes",
1843 [SUPPORT_RESOLVE] = "resolve",
1844};
1845DEFINE_STRING_TABLE_LOOKUP(support, Support);
Unnamed repository; edit this file 'description' to name the repository.