util: add minimal OrderedSet type
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
CommitLineData
091a364c
TG
1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
091a364c 22#include <resolv.h>
74b2466e 23#include <sys/ioctl.h>
0a6f50c0 24#include <poll.h>
74b2466e 25#include <netinet/in.h>
091a364c 26
74b2466e 27#include "rtnl-util.h"
091a364c 28#include "network-internal.h"
74b2466e 29#include "socket-util.h"
a2a416f7 30#include "af-list.h"
eb60f9cd 31#include "utf8.h"
a5a807e6 32#include "fileio-label.h"
4e945a6f 33
eb60f9cd 34#include "resolved-dns-domain.h"
39d8db04
LP
35#include "resolved-conf.h"
36#include "resolved-bus.h"
37#include "resolved-manager.h"
74b2466e
LP
38
39#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
40
41static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
42 Manager *m = userdata;
43 uint16_t type;
44 Link *l;
45 int ifindex, r;
46
47 assert(rtnl);
48 assert(m);
49 assert(mm);
50
51 r = sd_rtnl_message_get_type(mm, &type);
52 if (r < 0)
53 goto fail;
54
55 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
56 if (r < 0)
57 goto fail;
58
59 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
60
61 switch (type) {
62
a2a416f7
LP
63 case RTM_NEWLINK:{
64 bool is_new = !l;
74b2466e 65
a2a416f7 66 if (!l) {
74b2466e
LP
67 r = link_new(m, &l, ifindex);
68 if (r < 0)
69 goto fail;
70 }
71
72 r = link_update_rtnl(l, mm);
73 if (r < 0)
74 goto fail;
75
21d73c87
LP
76 r = link_update_monitor(l);
77 if (r < 0)
78 goto fail;
79
a2a416f7
LP
80 if (is_new)
81 log_debug("Found new link %i/%s", ifindex, l->name);
82
74b2466e 83 break;
a2a416f7 84 }
74b2466e
LP
85
86 case RTM_DELLINK:
87 if (l) {
a2a416f7 88 log_debug("Removing link %i/%s", l->ifindex, l->name);
74b2466e
LP
89 link_free(l);
90 }
91
92 break;
93 }
94
95 return 0;
96
97fail:
da927ba9 98 log_warning_errno(r, "Failed to process RTNL link message: %m");
74b2466e
LP
99 return 0;
100}
101
102static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
103 Manager *m = userdata;
104 union in_addr_union address;
74b2466e 105 uint16_t type;
0dd25fb9 106 int r, ifindex, family;
74b2466e
LP
107 LinkAddress *a;
108 Link *l;
109
110 assert(rtnl);
111 assert(mm);
112 assert(m);
113
114 r = sd_rtnl_message_get_type(mm, &type);
115 if (r < 0)
116 goto fail;
117
118 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
119 if (r < 0)
120 goto fail;
121
122 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
123 if (!l)
124 return 0;
125
126 r = sd_rtnl_message_addr_get_family(mm, &family);
127 if (r < 0)
128 goto fail;
129
130 switch (family) {
131
132 case AF_INET:
133 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
134 if (r < 0) {
135 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
136 if (r < 0)
137 goto fail;
138 }
139
140 break;
141
142 case AF_INET6:
143 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
144 if (r < 0) {
145 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
146 if (r < 0)
147 goto fail;
148 }
149
150 break;
151
152 default:
153 return 0;
154 }
155
156 a = link_find_address(l, family, &address);
157
158 switch (type) {
159
160 case RTM_NEWADDR:
161
162 if (!a) {
163 r = link_address_new(l, &a, family, &address);
164 if (r < 0)
165 return r;
166 }
167
168 r = link_address_update_rtnl(a, mm);
169 if (r < 0)
170 return r;
171
172 break;
173
174 case RTM_DELADDR:
175 if (a)
176 link_address_free(a);
177 break;
178 }
179
180 return 0;
181
182fail:
da927ba9 183 log_warning_errno(r, "Failed to process RTNL address message: %m");
74b2466e
LP
184 return 0;
185}
186
74b2466e
LP
187static int manager_rtnl_listen(Manager *m) {
188 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
189 sd_rtnl_message *i;
190 int r;
191
192 assert(m);
193
cc98b302 194 /* First, subscribe to interfaces coming and going */
74b2466e
LP
195 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
196 if (r < 0)
197 return r;
198
199 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
200 if (r < 0)
201 return r;
202
203 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
204 if (r < 0)
205 return r;
206
207 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
208 if (r < 0)
209 return r;
210
211 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
212 if (r < 0)
213 return r;
091a364c 214
74b2466e
LP
215 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
216 if (r < 0)
217 return r;
218
219 /* Then, enumerate all links */
220 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
221 if (r < 0)
222 return r;
223
224 r = sd_rtnl_message_request_dump(req, true);
225 if (r < 0)
226 return r;
227
228 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
229 if (r < 0)
230 return r;
231
232 for (i = reply; i; i = sd_rtnl_message_next(i)) {
233 r = manager_process_link(m->rtnl, i, m);
234 if (r < 0)
235 return r;
236 }
237
238 req = sd_rtnl_message_unref(req);
239 reply = sd_rtnl_message_unref(reply);
240
241 /* Finally, enumerate all addresses, too */
242 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
243 if (r < 0)
244 return r;
245
246 r = sd_rtnl_message_request_dump(req, true);
247 if (r < 0)
248 return r;
249
250 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
251 if (r < 0)
252 return r;
253
254 for (i = reply; i; i = sd_rtnl_message_next(i)) {
255 r = manager_process_address(m->rtnl, i, m);
256 if (r < 0)
257 return r;
258 }
259
260 return r;
261}
262
263static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
264 Manager *m = userdata;
265 Iterator i;
266 Link *l;
267 int r;
268
269 assert(m);
270
271 sd_network_monitor_flush(m->network_monitor);
272
273 HASHMAP_FOREACH(l, m->links, i) {
274 r = link_update_monitor(l);
275 if (r < 0)
da927ba9 276 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
74b2466e
LP
277 }
278
279 r = manager_write_resolv_conf(m);
280 if (r < 0)
da927ba9 281 log_warning_errno(r, "Could not update resolv.conf: %m");
74b2466e
LP
282
283 return 0;
284}
285
286static int manager_network_monitor_listen(Manager *m) {
287 int r, fd, events;
288
289 assert(m);
290
0014a4ad 291 r = sd_network_monitor_new(&m->network_monitor, NULL);
74b2466e
LP
292 if (r < 0)
293 return r;
294
295 fd = sd_network_monitor_get_fd(m->network_monitor);
296 if (fd < 0)
297 return fd;
298
299 events = sd_network_monitor_get_events(m->network_monitor);
300 if (events < 0)
301 return events;
302
303 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
304 if (r < 0)
305 return r;
306
307 return 0;
308}
309
eb60f9cd
LP
310static int determine_hostname(char **ret) {
311 _cleanup_free_ char *h = NULL, *n = NULL;
312 int r;
313
314 assert(ret);
315
316 h = gethostname_malloc();
317 if (!h)
318 return log_oom();
319
320 if (!utf8_is_valid(h)) {
321 log_error("System hostname is not UTF-8 clean.");
322 return -EINVAL;
323 }
324
325 r = dns_name_normalize(h, &n);
326 if (r < 0) {
327 log_error("System hostname '%s' cannot be normalized.", h);
328 return r;
329 }
330
331 *ret = n;
332 n = NULL;
333
334 return 0;
335}
336
337static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
338 _cleanup_free_ char *h = NULL;
339 Manager *m = userdata;
340 int r;
341
342 assert(m);
343
344 r = determine_hostname(&h);
345 if (r < 0)
346 return 0; /* ignore invalid hostnames */
347
348 if (streq(h, m->hostname))
349 return 0;
350
351 log_info("System hostname changed to '%s'.", h);
352 free(m->hostname);
353 m->hostname = h;
354 h = NULL;
355
356 manager_refresh_rrs(m);
357
358 return 0;
359}
360
361static int manager_watch_hostname(Manager *m) {
eb60f9cd
LP
362 int r;
363
364 assert(m);
365
366 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
367 if (m->hostname_fd < 0) {
56f64d95 368 log_warning_errno(errno, "Failed to watch hostname: %m");
eb60f9cd
LP
369 return 0;
370 }
371
372 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
373 if (r < 0) {
374 if (r == -EPERM)
375 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
376 m->hostname_fd = safe_close(m->hostname_fd);
8d3d7072
MS
377 else
378 return log_error_errno(r, "Failed to add hostname event source: %m");
eb60f9cd
LP
379 }
380
381 r = determine_hostname(&m->hostname);
382 if (r < 0) {
383 log_info("Defaulting to hostname 'linux'.");
384 m->hostname = strdup("linux");
385 if (!m->hostname)
386 return log_oom();
387 } else
388 log_info("Using system hostname '%s'.", m->hostname);
389
390 return 0;
391}
392
edc501d4
LP
393static void manager_llmnr_stop(Manager *m) {
394 assert(m);
395
396 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
397 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
398
399 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
400 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
401
402 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
403 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
404
405 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
406 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
407}
408
409static int manager_llmnr_start(Manager *m) {
410 int r;
411
412 assert(m);
413
414 if (m->llmnr_support == SUPPORT_NO)
415 return 0;
416
417 r = manager_llmnr_ipv4_udp_fd(m);
418 if (r == -EADDRINUSE)
419 goto eaddrinuse;
420 if (r < 0)
421 return r;
422
edc501d4
LP
423 r = manager_llmnr_ipv4_tcp_fd(m);
424 if (r == -EADDRINUSE)
425 goto eaddrinuse;
426 if (r < 0)
427 return r;
428
90ab5042
LP
429 if (socket_ipv6_is_supported()) {
430 r = manager_llmnr_ipv6_udp_fd(m);
431 if (r == -EADDRINUSE)
432 goto eaddrinuse;
433 if (r < 0)
434 return r;
435
436 r = manager_llmnr_ipv6_tcp_fd(m);
437 if (r == -EADDRINUSE)
438 goto eaddrinuse;
439 if (r < 0)
440 return r;
441 }
edc501d4
LP
442
443 return 0;
444
445eaddrinuse:
c4147df1 446 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
edc501d4
LP
447 m->llmnr_support = SUPPORT_NO;
448 manager_llmnr_stop(m);
90ab5042 449
edc501d4
LP
450 return 0;
451}
452
091a364c 453int manager_new(Manager **ret) {
74b2466e 454 _cleanup_(manager_freep) Manager *m = NULL;
091a364c
TG
455 int r;
456
c92e531c
LP
457 assert(ret);
458
091a364c
TG
459 m = new0(Manager, 1);
460 if (!m)
461 return -ENOMEM;
462
74b2466e 463 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
1716f6dc 464 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
623a4c97 465 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
eb60f9cd 466 m->hostname_fd = -1;
1716f6dc 467
4e945a6f 468 m->llmnr_support = SUPPORT_YES;
5cb36f41 469 m->read_resolv_conf = true;
091a364c 470
4e945a6f 471 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
091a364c
TG
472 if (r < 0)
473 return r;
474
475 r = sd_event_default(&m->event);
476 if (r < 0)
477 return r;
478
479 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
480 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
481
482 sd_event_set_watchdog(m->event, true);
483
eb60f9cd
LP
484 r = manager_watch_hostname(m);
485 if (r < 0)
486 return r;
487
1716f6dc 488 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
74b2466e
LP
489 if (r < 0)
490 return r;
491
492 r = manager_network_monitor_listen(m);
493 if (r < 0)
494 return r;
495
496 r = manager_rtnl_listen(m);
497 if (r < 0)
498 return r;
499
500 r = manager_connect_bus(m);
501 if (r < 0)
502 return r;
503
091a364c
TG
504 *ret = m;
505 m = NULL;
506
507 return 0;
508}
509
edc501d4
LP
510int manager_start(Manager *m) {
511 int r;
512
513 assert(m);
514
515 r = manager_llmnr_start(m);
516 if (r < 0)
517 return r;
518
519 return 0;
520}
521
74b2466e
LP
522Manager *manager_free(Manager *m) {
523 Link *l;
091a364c
TG
524
525 if (!m)
74b2466e
LP
526 return NULL;
527
74b2466e
LP
528 while ((l = hashmap_first(m->links)))
529 link_free(l);
f0e15467
LP
530
531 while (m->dns_queries)
532 dns_query_free(m->dns_queries);
74b2466e
LP
533
534 dns_scope_free(m->unicast_scope);
535
3e684349
LP
536 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
537 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
091a364c 538
f0e15467
LP
539 hashmap_free(m->links);
540 hashmap_free(m->dns_transactions);
541
096b6773
LP
542 sd_event_source_unref(m->network_event_source);
543 sd_network_monitor_unref(m->network_monitor);
091a364c 544
74b2466e
LP
545 sd_event_source_unref(m->dns_ipv4_event_source);
546 sd_event_source_unref(m->dns_ipv6_event_source);
74b2466e
LP
547 safe_close(m->dns_ipv4_fd);
548 safe_close(m->dns_ipv6_fd);
549
edc501d4 550 manager_llmnr_stop(m);
623a4c97 551
902bb5d8 552 sd_bus_slot_unref(m->prepare_for_sleep_slot);
74b2466e
LP
553 sd_event_source_unref(m->bus_retry_event_source);
554 sd_bus_unref(m->bus);
091a364c 555
74b2466e 556 sd_event_unref(m->event);
623a4c97
LP
557
558 dns_resource_key_unref(m->host_ipv4_key);
559 dns_resource_key_unref(m->host_ipv6_key);
eb60f9cd
LP
560
561 safe_close(m->hostname_fd);
562 sd_event_source_unref(m->hostname_event_source);
623a4c97 563 free(m->hostname);
eb60f9cd 564
091a364c 565 free(m);
74b2466e
LP
566
567 return NULL;
091a364c
TG
568}
569
5cb36f41
LP
570int manager_read_resolv_conf(Manager *m) {
571 _cleanup_fclose_ FILE *f = NULL;
572 struct stat st, own;
573 char line[LINE_MAX];
574 DnsServer *s, *nx;
575 usec_t t;
576 int r;
577
578 assert(m);
579
580 /* Reads the system /etc/resolv.conf, if it exists and is not
581 * symlinked to our own resolv.conf instance */
582
583 if (!m->read_resolv_conf)
584 return 0;
585
586 r = stat("/etc/resolv.conf", &st);
587 if (r < 0) {
588 if (errno != ENOENT)
56f64d95 589 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
5cb36f41
LP
590 r = -errno;
591 goto clear;
592 }
593
594 /* Have we already seen the file? */
595 t = timespec_load(&st.st_mtim);
596 if (t == m->resolv_conf_mtime)
597 return 0;
598
599 m->resolv_conf_mtime = t;
600
601 /* Is it symlinked to our own file? */
602 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
603 st.st_dev == own.st_dev &&
604 st.st_ino == own.st_ino) {
605 r = 0;
606 goto clear;
607 }
608
609 f = fopen("/etc/resolv.conf", "re");
610 if (!f) {
611 if (errno != ENOENT)
56f64d95 612 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
5cb36f41
LP
613 r = -errno;
614 goto clear;
615 }
616
617 if (fstat(fileno(f), &st) < 0) {
56f64d95 618 log_error_errno(errno, "Failed to stat open file: %m");
5cb36f41
LP
619 r = -errno;
620 goto clear;
621 }
622
623 LIST_FOREACH(servers, s, m->dns_servers)
624 s->marked = true;
625
626 FOREACH_LINE(line, f, r = -errno; goto clear) {
627 union in_addr_union address;
628 int family;
629 char *l;
630 const char *a;
631
632 truncate_nl(line);
633
634 l = strstrip(line);
635 if (*l == '#' || *l == ';')
636 continue;
637
638 a = first_word(l, "nameserver");
639 if (!a)
640 continue;
641
642 r = in_addr_from_string_auto(a, &family, &address);
643 if (r < 0) {
644 log_warning("Failed to parse name server %s.", a);
645 continue;
646 }
647
648 LIST_FOREACH(servers, s, m->dns_servers)
649 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
650 break;
651
652 if (s)
653 s->marked = false;
654 else {
655 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
656 if (r < 0)
657 goto clear;
658 }
659 }
660
661 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
662 if (s->marked)
663 dns_server_free(s);
664
36a03ca2
LP
665 /* Whenever /etc/resolv.conf changes, start using the first
666 * DNS server of it. This is useful to deal with broken
667 * network managing implementations (like NetworkManager),
668 * that when connecting to a VPN place both the VPN DNS
669 * servers and the local ones in /etc/resolv.conf. Without
670 * resetting the DNS server to use back to the first entry we
671 * will continue to use the local one thus being unable to
672 * resolve VPN domains. */
673 manager_set_dns_server(m, m->dns_servers);
674
5cb36f41
LP
675 return 0;
676
677clear:
678 while (m->dns_servers)
679 dns_server_free(m->dns_servers);
680
681 return r;
682}
683
bda2c408 684static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
74b2466e
LP
685 _cleanup_free_ char *t = NULL;
686 int r;
091a364c 687
74b2466e 688 assert(s);
091a364c 689 assert(f);
091a364c
TG
690 assert(count);
691
74b2466e 692 r = in_addr_to_string(s->family, &s->address, &t);
4e945a6f 693 if (r < 0) {
da927ba9 694 log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
091a364c
TG
695 return;
696 }
697
698 if (*count == MAXNS)
87f5a193 699 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
091a364c 700
74b2466e 701 fprintf(f, "nameserver %s\n", t);
091a364c
TG
702 (*count) ++;
703}
704
bda2c408 705static void write_resolv_conf_search(const char *domain, FILE *f,
a9feff3d 706 unsigned *count, unsigned *length) {
bda2c408
TG
707 assert(domain);
708 assert(f);
709 assert(length);
710
711 if (*count >= MAXDNSRCH ||
712 *length + strlen(domain) > 256) {
713 if (*count == MAXDNSRCH)
714 fputs(" # Too many search domains configured, remaining ones ignored.", f);
715 if (*length <= 256)
716 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
717
718 return;
719 }
720
721 fprintf(f, " %s", domain);
722
723 (*length) += strlen(domain);
724 (*count) ++;
725}
726
4713135e
ZJS
727static int write_resolv_conf_contents(FILE *f, Set *dns, Set *domains) {
728 Iterator i;
729
730 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
731 "# Third party programs must not access this file directly, but\n"
732 "# only through the symlink at /etc/resolv.conf. To manage\n"
733 "# resolv.conf(5) in a different way, replace the symlink by a\n"
734 "# static file or a different symlink.\n\n", f);
735
736 if (set_isempty(dns))
737 fputs("# No DNS servers known.\n", f);
738 else {
739 DnsServer *s;
740 unsigned count = 0;
741
742 SET_FOREACH(s, dns, i)
743 write_resolv_conf_server(s, f, &count);
744 }
745
746 if (!set_isempty(domains)) {
747 unsigned length = 0, count = 0;
748 char *domain;
749
750 fputs("search", f);
751 SET_FOREACH(domain, domains, i)
752 write_resolv_conf_search(domain, f, &count, &length);
753 fputs("\n", f);
754 }
755
756 return fflush_and_check(f);
757}
758
759
74b2466e 760int manager_write_resolv_conf(Manager *m) {
4e945a6f 761 static const char path[] = "/run/systemd/resolve/resolv.conf";
091a364c
TG
762 _cleanup_free_ char *temp_path = NULL;
763 _cleanup_fclose_ FILE *f = NULL;
bda2c408 764 _cleanup_set_free_ Set *dns = NULL, *domains = NULL;
74b2466e
LP
765 DnsServer *s;
766 Iterator i;
767 Link *l;
768 int r;
091a364c
TG
769
770 assert(m);
771
5cb36f41
LP
772 /* Read the system /etc/resolv.conf first */
773 manager_read_resolv_conf(m);
774
87f5a193 775 /* Add the full list to a set, to filter out duplicates */
d5099efc 776 dns = set_new(&dns_server_hash_ops);
87f5a193
LP
777 if (!dns)
778 return -ENOMEM;
779
d5099efc 780 domains = set_new(&dns_name_hash_ops);
bda2c408
TG
781 if (!domains)
782 return -ENOMEM;
783
87f5a193
LP
784 /* First add the system-wide servers */
785 LIST_FOREACH(servers, s, m->dns_servers) {
786 r = set_put(dns, s);
787 if (r == -EEXIST)
788 continue;
789 if (r < 0)
790 return r;
791 }
792
bda2c408
TG
793 /* Then, add the per-link servers and domains */
794 HASHMAP_FOREACH(l, m->links, i) {
795 char **domain;
796
87f5a193
LP
797 LIST_FOREACH(servers, s, l->dns_servers) {
798 r = set_put(dns, s);
799 if (r == -EEXIST)
800 continue;
801 if (r < 0)
802 return r;
803 }
804
bda2c408
TG
805 if (!l->unicast_scope)
806 continue;
807
808 STRV_FOREACH(domain, l->unicast_scope->domains) {
809 r = set_put(domains, *domain);
810 if (r == -EEXIST)
811 continue;
812 if (r < 0)
813 return r;
814 }
815 }
816
87f5a193
LP
817 /* If we found nothing, add the fallback servers */
818 if (set_isempty(dns)) {
819 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
820 r = set_put(dns, s);
821 if (r == -EEXIST)
822 continue;
823 if (r < 0)
824 return r;
825 }
826 }
827
a5a807e6 828 r = fopen_temporary_label(path, path, &f, &temp_path);
091a364c
TG
829 if (r < 0)
830 return r;
831
832 fchmod(fileno(f), 0644);
833
4713135e 834 r = write_resolv_conf_contents(f, dns, domains);
74b2466e
LP
835 if (r < 0)
836 goto fail;
837
838 if (rename(temp_path, path) < 0) {
839 r = -errno;
840 goto fail;
841 }
091a364c 842
74b2466e 843 return 0;
091a364c 844
74b2466e
LP
845fail:
846 unlink(path);
847 unlink(temp_path);
848 return r;
849}
091a364c 850
1716f6dc 851int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
74b2466e 852 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1716f6dc
LP
853 union {
854 struct cmsghdr header; /* For alignment */
40a1eebd 855 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
1716f6dc 856 + CMSG_SPACE(int) /* ttl/hoplimit */
623a4c97 857 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
1716f6dc
LP
858 } control;
859 union sockaddr_union sa;
74b2466e 860 struct msghdr mh = {};
1716f6dc 861 struct cmsghdr *cmsg;
74b2466e 862 struct iovec iov;
1716f6dc 863 int ms = 0, r;
74b2466e
LP
864 ssize_t l;
865
866 assert(m);
1716f6dc 867 assert(fd >= 0);
74b2466e
LP
868 assert(ret);
869
74b2466e
LP
870 r = ioctl(fd, FIONREAD, &ms);
871 if (r < 0)
872 return -errno;
873 if (ms < 0)
874 return -EIO;
875
1716f6dc 876 r = dns_packet_new(&p, protocol, ms);
74b2466e
LP
877 if (r < 0)
878 return r;
879
880 iov.iov_base = DNS_PACKET_DATA(p);
881 iov.iov_len = p->allocated;
882
1716f6dc
LP
883 mh.msg_name = &sa.sa;
884 mh.msg_namelen = sizeof(sa);
74b2466e
LP
885 mh.msg_iov = &iov;
886 mh.msg_iovlen = 1;
1716f6dc
LP
887 mh.msg_control = &control;
888 mh.msg_controllen = sizeof(control);
74b2466e 889
a38d9945 890 l = recvmsg(fd, &mh, 0);
74b2466e 891 if (l < 0) {
ad867662 892 if (errno == EAGAIN || errno == EINTR)
74b2466e
LP
893 return 0;
894
895 return -errno;
091a364c
TG
896 }
897
74b2466e
LP
898 if (l <= 0)
899 return -EIO;
091a364c 900
1716f6dc
LP
901 assert(!(mh.msg_flags & MSG_CTRUNC));
902 assert(!(mh.msg_flags & MSG_TRUNC));
903
74b2466e 904 p->size = (size_t) l;
091a364c 905
1716f6dc 906 p->family = sa.sa.sa_family;
623a4c97
LP
907 p->ipproto = IPPROTO_UDP;
908 if (p->family == AF_INET) {
1716f6dc 909 p->sender.in = sa.in.sin_addr;
623a4c97
LP
910 p->sender_port = be16toh(sa.in.sin_port);
911 } else if (p->family == AF_INET6) {
1716f6dc 912 p->sender.in6 = sa.in6.sin6_addr;
623a4c97
LP
913 p->sender_port = be16toh(sa.in6.sin6_port);
914 p->ifindex = sa.in6.sin6_scope_id;
915 } else
1716f6dc 916 return -EAFNOSUPPORT;
74b2466e 917
1716f6dc 918 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
74b2466e 919
1716f6dc
LP
920 if (cmsg->cmsg_level == IPPROTO_IPV6) {
921 assert(p->family == AF_INET6);
74b2466e 922
1716f6dc 923 switch (cmsg->cmsg_type) {
74b2466e 924
1716f6dc
LP
925 case IPV6_PKTINFO: {
926 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
74b2466e 927
623a4c97
LP
928 if (p->ifindex <= 0)
929 p->ifindex = i->ipi6_ifindex;
930
1716f6dc
LP
931 p->destination.in6 = i->ipi6_addr;
932 break;
933 }
74b2466e 934
1716f6dc
LP
935 case IPV6_HOPLIMIT:
936 p->ttl = *(int *) CMSG_DATA(cmsg);
937 break;
74b2466e 938
1716f6dc
LP
939 }
940 } else if (cmsg->cmsg_level == IPPROTO_IP) {
941 assert(p->family == AF_INET);
74b2466e 942
1716f6dc 943 switch (cmsg->cmsg_type) {
74b2466e 944
1716f6dc
LP
945 case IP_PKTINFO: {
946 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
091a364c 947
623a4c97
LP
948 if (p->ifindex <= 0)
949 p->ifindex = i->ipi_ifindex;
950
1716f6dc
LP
951 p->destination.in = i->ipi_addr;
952 break;
953 }
74b2466e 954
623a4c97 955 case IP_TTL:
1716f6dc
LP
956 p->ttl = *(int *) CMSG_DATA(cmsg);
957 break;
958 }
959 }
960 }
74b2466e 961
623a4c97
LP
962 /* The Linux kernel sets the interface index to the loopback
963 * device if the packet came from the local host since it
964 * avoids the routing table in such a case. Let's unset the
965 * interface index in such a case. */
a5f03596 966 if (p->ifindex == LOOPBACK_IFINDEX)
623a4c97
LP
967 p->ifindex = 0;
968
969 /* If we don't know the interface index still, we look for the
970 * first local interface with a matching address. Yuck! */
971 if (p->ifindex <= 0)
972 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
973
74b2466e
LP
974 *ret = p;
975 p = NULL;
976
977 return 1;
978}
979
1716f6dc 980static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
74b2466e 981 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 982 DnsTransaction *t = NULL;
74b2466e
LP
983 Manager *m = userdata;
984 int r;
985
1716f6dc 986 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
74b2466e
LP
987 if (r <= 0)
988 return r;
989
623a4c97 990 if (dns_packet_validate_reply(p) > 0) {
ec2c5e43 991 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1716f6dc
LP
992 if (!t)
993 return 0;
74b2466e 994
ec2c5e43 995 dns_transaction_process_reply(t, p);
623a4c97 996
1716f6dc 997 } else
623a4c97 998 log_debug("Invalid DNS packet.");
74b2466e 999
ad867662 1000 return 0;
74b2466e
LP
1001}
1002
1003int manager_dns_ipv4_fd(Manager *m) {
1716f6dc 1004 const int one = 1;
74b2466e
LP
1005 int r;
1006
091a364c
TG
1007 assert(m);
1008
74b2466e
LP
1009 if (m->dns_ipv4_fd >= 0)
1010 return m->dns_ipv4_fd;
091a364c 1011
74b2466e
LP
1012 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1013 if (m->dns_ipv4_fd < 0)
1014 return -errno;
091a364c 1015
1716f6dc
LP
1016 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1017 if (r < 0) {
1018 r = -errno;
1019 goto fail;
1020 }
1021
1022 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
74b2466e 1023 if (r < 0)
1716f6dc 1024 goto fail;
74b2466e
LP
1025
1026 return m->dns_ipv4_fd;
1716f6dc
LP
1027
1028fail:
1029 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1030 return r;
091a364c
TG
1031}
1032
74b2466e 1033int manager_dns_ipv6_fd(Manager *m) {
1716f6dc 1034 const int one = 1;
74b2466e
LP
1035 int r;
1036
1037 assert(m);
091a364c 1038
74b2466e
LP
1039 if (m->dns_ipv6_fd >= 0)
1040 return m->dns_ipv6_fd;
1041
1042 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1043 if (m->dns_ipv6_fd < 0)
1044 return -errno;
1045
1716f6dc
LP
1046 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1047 if (r < 0) {
1048 r = -errno;
1049 goto fail;
1050 }
1051
1052 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
091a364c 1053 if (r < 0)
1716f6dc 1054 goto fail;
091a364c 1055
74b2466e 1056 return m->dns_ipv6_fd;
1716f6dc
LP
1057
1058fail:
1059 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1060 return r;
74b2466e
LP
1061}
1062
1063static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1064 int r;
1065
1066 assert(fd >= 0);
1067 assert(mh);
1068
1069 for (;;) {
1070 if (sendmsg(fd, mh, flags) >= 0)
1071 return 0;
1072
1073 if (errno == EINTR)
1074 continue;
1075
1076 if (errno != EAGAIN)
1077 return -errno;
1078
1079 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1080 if (r < 0)
1081 return r;
1082 if (r == 0)
1083 return -ETIMEDOUT;
1084 }
1085}
1086
623a4c97 1087static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP
1088 union sockaddr_union sa = {
1089 .in.sin_family = AF_INET,
74b2466e 1090 };
1716f6dc
LP
1091 union {
1092 struct cmsghdr header; /* For alignment */
1093 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1094 } control;
74b2466e
LP
1095 struct msghdr mh = {};
1096 struct iovec iov;
74b2466e
LP
1097
1098 assert(m);
1716f6dc
LP
1099 assert(fd >= 0);
1100 assert(addr);
1101 assert(port > 0);
74b2466e
LP
1102 assert(p);
1103
74b2466e
LP
1104 iov.iov_base = DNS_PACKET_DATA(p);
1105 iov.iov_len = p->size;
091a364c 1106
1716f6dc
LP
1107 sa.in.sin_addr = *addr;
1108 sa.in.sin_port = htobe16(port),
091a364c 1109
74b2466e
LP
1110 mh.msg_iov = &iov;
1111 mh.msg_iovlen = 1;
1112 mh.msg_name = &sa.sa;
1113 mh.msg_namelen = sizeof(sa.in);
091a364c 1114
74b2466e
LP
1115 if (ifindex > 0) {
1116 struct cmsghdr *cmsg;
1117 struct in_pktinfo *pi;
1118
1119 zero(control);
1120
1716f6dc 1121 mh.msg_control = &control;
74b2466e
LP
1122 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1123
1124 cmsg = CMSG_FIRSTHDR(&mh);
1125 cmsg->cmsg_len = mh.msg_controllen;
1126 cmsg->cmsg_level = IPPROTO_IP;
1127 cmsg->cmsg_type = IP_PKTINFO;
1128
1129 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1130 pi->ipi_ifindex = ifindex;
1131 }
1132
1133 return sendmsg_loop(fd, &mh, 0);
1134}
1135
623a4c97 1136static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP
1137 union sockaddr_union sa = {
1138 .in6.sin6_family = AF_INET6,
74b2466e 1139 };
1716f6dc
LP
1140 union {
1141 struct cmsghdr header; /* For alignment */
1142 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1143 } control;
74b2466e
LP
1144 struct msghdr mh = {};
1145 struct iovec iov;
74b2466e
LP
1146
1147 assert(m);
1716f6dc
LP
1148 assert(fd >= 0);
1149 assert(addr);
1150 assert(port > 0);
74b2466e
LP
1151 assert(p);
1152
74b2466e
LP
1153 iov.iov_base = DNS_PACKET_DATA(p);
1154 iov.iov_len = p->size;
1155
1716f6dc
LP
1156 sa.in6.sin6_addr = *addr;
1157 sa.in6.sin6_port = htobe16(port),
74b2466e
LP
1158 sa.in6.sin6_scope_id = ifindex;
1159
1160 mh.msg_iov = &iov;
1161 mh.msg_iovlen = 1;
1162 mh.msg_name = &sa.sa;
1163 mh.msg_namelen = sizeof(sa.in6);
1164
1165 if (ifindex > 0) {
1166 struct cmsghdr *cmsg;
1167 struct in6_pktinfo *pi;
1168
1169 zero(control);
1170
1716f6dc 1171 mh.msg_control = &control;
74b2466e
LP
1172 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1173
1174 cmsg = CMSG_FIRSTHDR(&mh);
1175 cmsg->cmsg_len = mh.msg_controllen;
1176 cmsg->cmsg_level = IPPROTO_IPV6;
1177 cmsg->cmsg_type = IPV6_PKTINFO;
1178
1179 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1180 pi->ipi6_ifindex = ifindex;
1181 }
1182
1183 return sendmsg_loop(fd, &mh, 0);
1184}
1185
623a4c97 1186int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1716f6dc
LP
1187 assert(m);
1188 assert(fd >= 0);
1189 assert(addr);
1190 assert(port > 0);
1191 assert(p);
1192
a2a416f7
LP
1193 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1194
1716f6dc
LP
1195 if (family == AF_INET)
1196 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1197 else if (family == AF_INET6)
1198 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1199
1200 return -EAFNOSUPPORT;
1201}
1202
2c27fbca 1203DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
74b2466e
LP
1204 DnsServer *s;
1205
1206 assert(m);
1207 assert(in_addr);
1208
4e945a6f 1209 LIST_FOREACH(servers, s, m->dns_servers)
5cb36f41 1210 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1211 return s;
74b2466e 1212
4e945a6f 1213 LIST_FOREACH(servers, s, m->fallback_dns_servers)
5cb36f41 1214 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1215 return s;
74b2466e 1216
2c27fbca 1217 return NULL;
4e945a6f
LP
1218}
1219
2c27fbca 1220DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
4e945a6f
LP
1221 assert(m);
1222
1223 if (m->current_dns_server == s)
1224 return s;
1225
1226 if (s) {
1227 _cleanup_free_ char *ip = NULL;
1228
1229 in_addr_to_string(s->family, &s->address, &ip);
1230 log_info("Switching to system DNS server %s.", strna(ip));
2c27fbca 1231 }
4e945a6f
LP
1232
1233 m->current_dns_server = s;
2c27fbca
LP
1234
1235 if (m->unicast_scope)
1236 dns_cache_flush(&m->unicast_scope->cache);
1237
4e945a6f 1238 return s;
74b2466e
LP
1239}
1240
1241DnsServer *manager_get_dns_server(Manager *m) {
4e945a6f 1242 Link *l;
74b2466e
LP
1243 assert(m);
1244
5cb36f41
LP
1245 /* Try to read updates resolv.conf */
1246 manager_read_resolv_conf(m);
1247
74b2466e 1248 if (!m->current_dns_server)
4e945a6f
LP
1249 manager_set_dns_server(m, m->dns_servers);
1250
1251 if (!m->current_dns_server) {
1252 bool found = false;
1253 Iterator i;
1254
1255 /* No DNS servers configured, let's see if there are
1256 * any on any links. If not, we use the fallback
1257 * servers */
1258
1259 HASHMAP_FOREACH(l, m->links, i)
1260 if (l->dns_servers) {
1261 found = true;
1262 break;
1263 }
1264
1265 if (!found)
1266 manager_set_dns_server(m, m->fallback_dns_servers);
1267 }
74b2466e
LP
1268
1269 return m->current_dns_server;
1270}
1271
1272void manager_next_dns_server(Manager *m) {
1273 assert(m);
1274
4e945a6f
LP
1275 /* If there's currently no DNS server set, then the next
1276 * manager_get_dns_server() will find one */
74b2466e
LP
1277 if (!m->current_dns_server)
1278 return;
1279
4e945a6f 1280 /* Change to the next one */
74b2466e 1281 if (m->current_dns_server->servers_next) {
4e945a6f 1282 manager_set_dns_server(m, m->current_dns_server->servers_next);
74b2466e
LP
1283 return;
1284 }
1285
4e945a6f
LP
1286 /* If there was no next one, then start from the beginning of
1287 * the list */
1288 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1289 manager_set_dns_server(m, m->fallback_dns_servers);
1290 else
1291 manager_set_dns_server(m, m->dns_servers);
091a364c 1292}
e1c95994
LP
1293
1294uint32_t manager_find_mtu(Manager *m) {
1295 uint32_t mtu = 0;
1296 Link *l;
1297 Iterator i;
1298
1299 /* If we don't know on which link a DNS packet would be
1300 * delivered, let's find the largest MTU that works on all
1301 * interfaces we know of */
1302
1303 HASHMAP_FOREACH(l, m->links, i) {
1304 if (l->mtu <= 0)
1305 continue;
1306
1307 if (mtu <= 0 || l->mtu < mtu)
1308 mtu = l->mtu;
1309 }
1310
1311 return mtu;
1312}
1716f6dc
LP
1313
1314static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1315 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 1316 DnsTransaction *t = NULL;
1716f6dc 1317 Manager *m = userdata;
a4076574 1318 DnsScope *scope;
1716f6dc
LP
1319 int r;
1320
1321 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1322 if (r <= 0)
1323 return r;
1324
a4076574
LP
1325 scope = manager_find_scope(m, p);
1326 if (!scope) {
1327 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1328 return 0;
1329 }
1330
623a4c97 1331 if (dns_packet_validate_reply(p) > 0) {
a2a416f7
LP
1332 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1333
a4076574 1334 dns_scope_check_conflicts(scope, p);
623a4c97 1335
a4076574
LP
1336 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1337 if (t)
1338 dns_transaction_process_reply(t, p);
623a4c97 1339
a4076574
LP
1340 } else if (dns_packet_validate_query(p) > 0) {
1341 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
623a4c97 1342
a4076574 1343 dns_scope_process_query(scope, NULL, p);
623a4c97 1344 } else
a4076574 1345 log_debug("Invalid LLMNR UDP packet.");
1716f6dc
LP
1346
1347 return 0;
1348}
1349
1350int manager_llmnr_ipv4_udp_fd(Manager *m) {
1351 union sockaddr_union sa = {
1352 .in.sin_family = AF_INET,
1353 .in.sin_port = htobe16(5355),
1354 };
bf3f1271 1355 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1716f6dc
LP
1356 int r;
1357
1358 assert(m);
1359
1360 if (m->llmnr_ipv4_udp_fd >= 0)
1361 return m->llmnr_ipv4_udp_fd;
1362
1363 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1364 if (m->llmnr_ipv4_udp_fd < 0)
1365 return -errno;
1366
bf3f1271
LP
1367 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1368 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1716f6dc
LP
1369 if (r < 0) {
1370 r = -errno;
1371 goto fail;
1372 }
1373
bf3f1271 1374 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1716f6dc
LP
1375 if (r < 0) {
1376 r = -errno;
1377 goto fail;
1378 }
1379
1380 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1381 if (r < 0) {
1382 r = -errno;
1383 goto fail;
1384 }
1385
1386 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1387 if (r < 0) {
1388 r = -errno;
1389 goto fail;
1390 }
1391
1392 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1393 if (r < 0) {
1394 r = -errno;
1395 goto fail;
1396 }
1397
1398 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1399 if (r < 0) {
1400 r = -errno;
1401 goto fail;
1402 }
1403
1404 /* Disable Don't-Fragment bit in the IP header */
1405 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1406 if (r < 0) {
1407 r = -errno;
1408 goto fail;
1409 }
1410
1411 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1412 if (r < 0) {
1413 r = -errno;
1414 goto fail;
1415 }
1416
1417 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1418 if (r < 0)
1419 goto fail;
1420
1421 return m->llmnr_ipv4_udp_fd;
1422
1423fail:
1424 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1425 return r;
1426}
1427
1428int manager_llmnr_ipv6_udp_fd(Manager *m) {
1429 union sockaddr_union sa = {
1430 .in6.sin6_family = AF_INET6,
1431 .in6.sin6_port = htobe16(5355),
1432 };
bf3f1271 1433 static const int one = 1, ttl = 255;
1716f6dc
LP
1434 int r;
1435
1436 assert(m);
1437
1438 if (m->llmnr_ipv6_udp_fd >= 0)
1439 return m->llmnr_ipv6_udp_fd;
1440
1441 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1442 if (m->llmnr_ipv6_udp_fd < 0)
1443 return -errno;
1444
bf3f1271 1445 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP
1446 if (r < 0) {
1447 r = -errno;
1448 goto fail;
1449 }
1450
bf3f1271
LP
1451 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1452 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP
1453 if (r < 0) {
1454 r = -errno;
1455 goto fail;
1456 }
1457
1458 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1459 if (r < 0) {
1460 r = -errno;
1461 goto fail;
1462 }
1463
1464 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1465 if (r < 0) {
1466 r = -errno;
1467 goto fail;
1468 }
1469
1470 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1471 if (r < 0) {
1472 r = -errno;
1473 goto fail;
1474 }
1475
1476 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1477 if (r < 0) {
1478 r = -errno;
1479 goto fail;
1480 }
1481
1482 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1483 if (r < 0) {
1484 r = -errno;
1485 goto fail;
1486 }
1487
1488 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1489 if (r < 0) {
1490 r = -errno;
1491 goto fail;
1492 }
1493
1494 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1495 if (r < 0) {
1496 r = -errno;
1497 goto fail;
1498 }
1499
1500 return m->llmnr_ipv6_udp_fd;
1501
1502fail:
1503 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1504 return r;
1505}
623a4c97
LP
1506
1507static int on_llmnr_stream_packet(DnsStream *s) {
a4076574 1508 DnsScope *scope;
623a4c97 1509
a4076574 1510 assert(s);
623a4c97 1511
a4076574
LP
1512 scope = manager_find_scope(s->manager, s->read_packet);
1513 if (!scope) {
1514 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1515 return 0;
1516 }
623a4c97 1517
a4076574
LP
1518 if (dns_packet_validate_query(s->read_packet) > 0) {
1519 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
623a4c97 1520
a4076574 1521 dns_scope_process_query(scope, s, s->read_packet);
623a4c97 1522
a4076574
LP
1523 /* If no reply packet was set, we free the stream */
1524 if (s->write_packet)
1525 return 0;
1526 } else
1527 log_debug("Invalid LLMNR TCP packet.");
623a4c97
LP
1528
1529 dns_stream_free(s);
1530 return 0;
1531}
1532
1533static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1534 DnsStream *stream;
1535 Manager *m = userdata;
1536 int cfd, r;
1537
1538 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1539 if (cfd < 0) {
1540 if (errno == EAGAIN || errno == EINTR)
1541 return 0;
1542
1543 return -errno;
1544 }
1545
1546 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1547 if (r < 0) {
1548 safe_close(cfd);
1549 return r;
1550 }
1551
1552 stream->on_packet = on_llmnr_stream_packet;
1553 return 0;
1554}
1555
1556int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1557 union sockaddr_union sa = {
1558 .in.sin_family = AF_INET,
1559 .in.sin_port = htobe16(5355),
1560 };
1561 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1562 int r;
1563
1564 assert(m);
1565
1566 if (m->llmnr_ipv4_tcp_fd >= 0)
1567 return m->llmnr_ipv4_tcp_fd;
1568
1569 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1570 if (m->llmnr_ipv4_tcp_fd < 0)
1571 return -errno;
1572
bf3f1271 1573 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP
1574 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1575 if (r < 0) {
1576 r = -errno;
1577 goto fail;
1578 }
1579
1580 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1581 if (r < 0) {
1582 r = -errno;
1583 goto fail;
1584 }
1585
1586 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1587 if (r < 0) {
1588 r = -errno;
1589 goto fail;
1590 }
1591
1592 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1593 if (r < 0) {
1594 r = -errno;
1595 goto fail;
1596 }
1597
1598 /* Disable Don't-Fragment bit in the IP header */
1599 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1600 if (r < 0) {
1601 r = -errno;
1602 goto fail;
1603 }
1604
1605 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1606 if (r < 0) {
1607 r = -errno;
1608 goto fail;
1609 }
1610
1611 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1612 if (r < 0) {
1613 r = -errno;
1614 goto fail;
1615 }
1616
1617 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1618 if (r < 0)
1619 goto fail;
1620
1621 return m->llmnr_ipv4_tcp_fd;
1622
1623fail:
1624 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1625 return r;
1626}
1627
1628int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1629 union sockaddr_union sa = {
1630 .in6.sin6_family = AF_INET6,
1631 .in6.sin6_port = htobe16(5355),
1632 };
1633 static const int one = 1;
1634 int r;
1635
1636 assert(m);
1637
1638 if (m->llmnr_ipv6_tcp_fd >= 0)
1639 return m->llmnr_ipv6_tcp_fd;
1640
1641 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1642 if (m->llmnr_ipv6_tcp_fd < 0)
1643 return -errno;
1644
bf3f1271 1645 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP
1646 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1647 if (r < 0) {
1648 r = -errno;
1649 goto fail;
1650 }
1651
1652 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1653 if (r < 0) {
1654 r = -errno;
1655 goto fail;
1656 }
1657
1658 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1659 if (r < 0) {
1660 r = -errno;
1661 goto fail;
1662 }
1663
1664 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1665 if (r < 0) {
1666 r = -errno;
1667 goto fail;
1668 }
1669
1670 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1671 if (r < 0) {
1672 r = -errno;
1673 goto fail;
1674 }
1675
1676 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1677 if (r < 0) {
1678 r = -errno;
1679 goto fail;
1680 }
1681
1682 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1683 if (r < 0) {
1684 r = -errno;
1685 goto fail;
1686 }
1687
1688 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1689 if (r < 0) {
1690 r = -errno;
1691 goto fail;
1692 }
1693
1694 return m->llmnr_ipv6_tcp_fd;
1695
1696fail:
1697 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1698 return r;
1699}
1700
623a4c97 1701int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP
1702 LinkAddress *a;
1703
1704 assert(m);
1705
4e945a6f 1706 a = manager_find_link_address(m, family, in_addr);
ec2c5e43
LP
1707 if (a)
1708 return a->link->ifindex;
1709
1710 return 0;
1711}
1712
eb60f9cd
LP
1713void manager_refresh_rrs(Manager *m) {
1714 Iterator i;
1715 Link *l;
1716
1717 assert(m);
1718
1719 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1720 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1721
1722 HASHMAP_FOREACH(l, m->links, i) {
1723 link_add_rrs(l, true);
1724 link_add_rrs(l, false);
1725 }
1726}
1727
ec2c5e43
LP
1728int manager_next_hostname(Manager *m) {
1729 const char *p;
556a2294 1730 uint64_t u, a;
ec2c5e43 1731 char *h;
623a4c97
LP
1732
1733 assert(m);
1734
ec2c5e43
LP
1735 p = strchr(m->hostname, 0);
1736 assert(p);
1737
1738 while (p > m->hostname) {
1739 if (!strchr("0123456789", p[-1]))
1740 break;
1741
1742 p--;
1743 }
1744
1745 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1746 u = 1;
1747
556a2294
LP
1748 /* Add a random number to the old value. This way we can avoid
1749 * that two hosts pick the same hostname, win on IPv4 and lose
1750 * on IPv6 (or vice versa), and pick the same hostname
1751 * replacement hostname, ad infinitum. We still want the
1752 * numbers to go up monotonically, hence we just add a random
1753 * value 1..10 */
1754
1755 random_bytes(&a, sizeof(a));
1756 u += 1 + a % 10;
ec2c5e43
LP
1757
1758 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1759 return -ENOMEM;
1760
eb60f9cd 1761 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
ec2c5e43
LP
1762
1763 free(m->hostname);
1764 m->hostname = h;
1765
eb60f9cd 1766 manager_refresh_rrs(m);
623a4c97
LP
1767
1768 return 0;
1769}
ec2c5e43 1770
4e945a6f 1771LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP
1772 Iterator i;
1773 Link *l;
1774
1775 assert(m);
1776
1777 HASHMAP_FOREACH(l, m->links, i) {
1778 LinkAddress *a;
1779
1780 a = link_find_address(l, family, in_addr);
1781 if (a)
1782 return a;
1783 }
1784
1785 return NULL;
1786}
1787
a4076574 1788bool manager_our_packet(Manager *m, DnsPacket *p) {
ec2c5e43
LP
1789 assert(m);
1790 assert(p);
1791
4e945a6f 1792 return !!manager_find_link_address(m, p->family, &p->sender);
ec2c5e43 1793}
4e945a6f 1794
a4076574
LP
1795DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1796 Link *l;
1797
1798 assert(m);
1799 assert(p);
1800
1801 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1802 if (!l)
1803 return NULL;
1804
1805 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1806 if (p->family == AF_INET)
1807 return l->llmnr_ipv4_scope;
1808 else if (p->family == AF_INET6)
1809 return l->llmnr_ipv6_scope;
1810 }
1811
1812 return NULL;
1813}
1814
902bb5d8
LP
1815void manager_verify_all(Manager *m) {
1816 DnsScope *s;
1817
1818 assert(m);
1819
1820 LIST_FOREACH(scopes, s, m->dns_scopes)
1821 dns_zone_verify_all(&s->zone);
1822}
1823
3e684349
LP
1824void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1825 assert(m);
1826
1827 if (t == DNS_SERVER_SYSTEM)
1828 while (m->dns_servers)
1829 dns_server_free(m->dns_servers);
1830
1831 if (t == DNS_SERVER_FALLBACK)
1832 while (m->fallback_dns_servers)
1833 dns_server_free(m->fallback_dns_servers);
1834}
1835
4e945a6f
LP
1836static const char* const support_table[_SUPPORT_MAX] = {
1837 [SUPPORT_NO] = "no",
1838 [SUPPORT_YES] = "yes",
1839 [SUPPORT_RESOLVE] = "resolve",
1840};
1841DEFINE_STRING_TABLE_LOOKUP(support, Support);