]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #142 from teg/sd-network-unref-NULL
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
CommitLineData
091a364c
TG		 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
091a364c 22#include <resolv.h>
74b2466e 23#include <sys/ioctl.h>
0a6f50c0 24#include <poll.h>
74b2466e 25#include <netinet/in.h>
091a364c 26
74b2466e 27#include "rtnl-util.h"
091a364c 28#include "network-internal.h"
74b2466e 29#include "socket-util.h"
a2a416f7 30#include "af-list.h"
eb60f9cd 31#include "utf8.h"
a5a807e6 32#include "fileio-label.h"
822db23c 33#include "ordered-set.h"
3df3e884 34#include "random-util.h"
958b66ea 35#include "hostname-util.h"
4e945a6f 36
eb60f9cd 37#include "resolved-dns-domain.h"
39d8db04
LP		 38#include "resolved-conf.h"
39#include "resolved-bus.h"
40#include "resolved-manager.h"
74b2466e
LP		 41
42#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
43
44static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
45 Manager *m = userdata;
46 uint16_t type;
47 Link *l;
48 int ifindex, r;
49
50 assert(rtnl);
51 assert(m);
52 assert(mm);
53
54 r = sd_rtnl_message_get_type(mm, &type);
55 if (r < 0)
56 goto fail;
57
58 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
59 if (r < 0)
60 goto fail;
61
62 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
63
64 switch (type) {
65
a2a416f7
LP		 66 case RTM_NEWLINK:{
67 bool is_new = !l;
74b2466e 68
a2a416f7 69 if (!l) {
74b2466e
LP		 70 r = link_new(m, &l, ifindex);
71 if (r < 0)
72 goto fail;
73 }
74
75 r = link_update_rtnl(l, mm);
76 if (r < 0)
77 goto fail;
78
21d73c87
LP		 79 r = link_update_monitor(l);
80 if (r < 0)
81 goto fail;
82
a2a416f7
LP		 83 if (is_new)
84 log_debug("Found new link %i/%s", ifindex, l->name);
85
74b2466e 86 break;
a2a416f7 87 }
74b2466e
LP		 88
89 case RTM_DELLINK:
90 if (l) {
a2a416f7 91 log_debug("Removing link %i/%s", l->ifindex, l->name);
74b2466e
LP		 92 link_free(l);
93 }
94
95 break;
96 }
97
98 return 0;
99
100fail:
da927ba9 101 log_warning_errno(r, "Failed to process RTNL link message: %m");
74b2466e
LP		 102 return 0;
103}
104
105static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
106 Manager *m = userdata;
107 union in_addr_union address;
74b2466e 108 uint16_t type;
0dd25fb9 109 int r, ifindex, family;
74b2466e
LP		 110 LinkAddress *a;
111 Link *l;
112
113 assert(rtnl);
114 assert(mm);
115 assert(m);
116
117 r = sd_rtnl_message_get_type(mm, &type);
118 if (r < 0)
119 goto fail;
120
121 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
122 if (r < 0)
123 goto fail;
124
125 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
126 if (!l)
127 return 0;
128
129 r = sd_rtnl_message_addr_get_family(mm, &family);
130 if (r < 0)
131 goto fail;
132
133 switch (family) {
134
135 case AF_INET:
136 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
137 if (r < 0) {
138 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
139 if (r < 0)
140 goto fail;
141 }
142
143 break;
144
145 case AF_INET6:
146 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
147 if (r < 0) {
148 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
149 if (r < 0)
150 goto fail;
151 }
152
153 break;
154
155 default:
156 return 0;
157 }
158
159 a = link_find_address(l, family, &address);
160
161 switch (type) {
162
163 case RTM_NEWADDR:
164
165 if (!a) {
166 r = link_address_new(l, &a, family, &address);
167 if (r < 0)
168 return r;
169 }
170
171 r = link_address_update_rtnl(a, mm);
172 if (r < 0)
173 return r;
174
175 break;
176
177 case RTM_DELADDR:
178 if (a)
179 link_address_free(a);
180 break;
181 }
182
183 return 0;
184
185fail:
da927ba9 186 log_warning_errno(r, "Failed to process RTNL address message: %m");
74b2466e
LP		 187 return 0;
188}
189
74b2466e
LP		 190static int manager_rtnl_listen(Manager *m) {
191 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
192 sd_rtnl_message *i;
193 int r;
194
195 assert(m);
196
cc98b302 197 /* First, subscribe to interfaces coming and going */
74b2466e
LP		 198 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
199 if (r < 0)
200 return r;
201
202 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
203 if (r < 0)
204 return r;
205
206 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
207 if (r < 0)
208 return r;
209
210 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
211 if (r < 0)
212 return r;
213
214 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
215 if (r < 0)
216 return r;
091a364c 217
74b2466e
LP		 218 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
219 if (r < 0)
220 return r;
221
222 /* Then, enumerate all links */
223 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
224 if (r < 0)
225 return r;
226
227 r = sd_rtnl_message_request_dump(req, true);
228 if (r < 0)
229 return r;
230
231 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
232 if (r < 0)
233 return r;
234
235 for (i = reply; i; i = sd_rtnl_message_next(i)) {
236 r = manager_process_link(m->rtnl, i, m);
237 if (r < 0)
238 return r;
239 }
240
241 req = sd_rtnl_message_unref(req);
242 reply = sd_rtnl_message_unref(reply);
243
244 /* Finally, enumerate all addresses, too */
245 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
246 if (r < 0)
247 return r;
248
249 r = sd_rtnl_message_request_dump(req, true);
250 if (r < 0)
251 return r;
252
253 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
254 if (r < 0)
255 return r;
256
257 for (i = reply; i; i = sd_rtnl_message_next(i)) {
258 r = manager_process_address(m->rtnl, i, m);
259 if (r < 0)
260 return r;
261 }
262
263 return r;
264}
265
266static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
267 Manager *m = userdata;
268 Iterator i;
269 Link *l;
270 int r;
271
272 assert(m);
273
274 sd_network_monitor_flush(m->network_monitor);
275
276 HASHMAP_FOREACH(l, m->links, i) {
277 r = link_update_monitor(l);
278 if (r < 0)
da927ba9 279 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
74b2466e
LP		 280 }
281
282 r = manager_write_resolv_conf(m);
283 if (r < 0)
da927ba9 284 log_warning_errno(r, "Could not update resolv.conf: %m");
74b2466e
LP		 285
286 return 0;
287}
288
289static int manager_network_monitor_listen(Manager *m) {
290 int r, fd, events;
291
292 assert(m);
293
0014a4ad 294 r = sd_network_monitor_new(&m->network_monitor, NULL);
74b2466e
LP		 295 if (r < 0)
296 return r;
297
298 fd = sd_network_monitor_get_fd(m->network_monitor);
299 if (fd < 0)
300 return fd;
301
302 events = sd_network_monitor_get_events(m->network_monitor);
303 if (events < 0)
304 return events;
305
306 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
307 if (r < 0)
308 return r;
309
310 return 0;
311}
312
eb60f9cd
LP		 313static int determine_hostname(char **ret) {
314 _cleanup_free_ char *h = NULL, *n = NULL;
315 int r;
316
317 assert(ret);
318
319 h = gethostname_malloc();
320 if (!h)
321 return log_oom();
322
323 if (!utf8_is_valid(h)) {
324 log_error("System hostname is not UTF-8 clean.");
325 return -EINVAL;
326 }
327
328 r = dns_name_normalize(h, &n);
329 if (r < 0) {
330 log_error("System hostname '%s' cannot be normalized.", h);
331 return r;
332 }
333
334 *ret = n;
335 n = NULL;
336
337 return 0;
338}
339
340static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
341 _cleanup_free_ char *h = NULL;
342 Manager *m = userdata;
343 int r;
344
345 assert(m);
346
347 r = determine_hostname(&h);
348 if (r < 0)
349 return 0; /* ignore invalid hostnames */
350
351 if (streq(h, m->hostname))
352 return 0;
353
354 log_info("System hostname changed to '%s'.", h);
355 free(m->hostname);
356 m->hostname = h;
357 h = NULL;
358
359 manager_refresh_rrs(m);
360
361 return 0;
362}
363
364static int manager_watch_hostname(Manager *m) {
eb60f9cd
LP		 365 int r;
366
367 assert(m);
368
369 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
370 if (m->hostname_fd < 0) {
56f64d95 371 log_warning_errno(errno, "Failed to watch hostname: %m");
eb60f9cd
LP		 372 return 0;
373 }
374
375 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
376 if (r < 0) {
377 if (r == -EPERM)
378 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
379 m->hostname_fd = safe_close(m->hostname_fd);
8d3d7072
MS		 380 else
381 return log_error_errno(r, "Failed to add hostname event source: %m");
eb60f9cd
LP		 382 }
383
384 r = determine_hostname(&m->hostname);
385 if (r < 0) {
386 log_info("Defaulting to hostname 'linux'.");
387 m->hostname = strdup("linux");
388 if (!m->hostname)
389 return log_oom();
390 } else
391 log_info("Using system hostname '%s'.", m->hostname);
392
393 return 0;
394}
395
edc501d4
LP		 396static void manager_llmnr_stop(Manager *m) {
397 assert(m);
398
399 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
400 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
401
402 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
403 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
404
405 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
406 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
407
408 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
409 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
410}
411
412static int manager_llmnr_start(Manager *m) {
413 int r;
414
415 assert(m);
416
417 if (m->llmnr_support == SUPPORT_NO)
418 return 0;
419
420 r = manager_llmnr_ipv4_udp_fd(m);
421 if (r == -EADDRINUSE)
422 goto eaddrinuse;
423 if (r < 0)
424 return r;
425
edc501d4
LP		 426 r = manager_llmnr_ipv4_tcp_fd(m);
427 if (r == -EADDRINUSE)
428 goto eaddrinuse;
429 if (r < 0)
430 return r;
431
90ab5042
LP		 432 if (socket_ipv6_is_supported()) {
433 r = manager_llmnr_ipv6_udp_fd(m);
434 if (r == -EADDRINUSE)
435 goto eaddrinuse;
436 if (r < 0)
437 return r;
438
439 r = manager_llmnr_ipv6_tcp_fd(m);
440 if (r == -EADDRINUSE)
441 goto eaddrinuse;
442 if (r < 0)
443 return r;
444 }
edc501d4
LP		 445
446 return 0;
447
448eaddrinuse:
c4147df1 449 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
edc501d4
LP		 450 m->llmnr_support = SUPPORT_NO;
451 manager_llmnr_stop(m);
90ab5042 452
edc501d4
LP		 453 return 0;
454}
455
091a364c 456int manager_new(Manager **ret) {
74b2466e 457 _cleanup_(manager_freep) Manager *m = NULL;
091a364c
TG		 458 int r;
459
c92e531c
LP		 460 assert(ret);
461
091a364c
TG		 462 m = new0(Manager, 1);
463 if (!m)
464 return -ENOMEM;
465
74b2466e 466 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
1716f6dc 467 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
623a4c97 468 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
eb60f9cd 469 m->hostname_fd = -1;
1716f6dc 470
4e945a6f 471 m->llmnr_support = SUPPORT_YES;
5cb36f41 472 m->read_resolv_conf = true;
091a364c 473
4e945a6f 474 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
091a364c
TG		 475 if (r < 0)
476 return r;
477
478 r = sd_event_default(&m->event);
479 if (r < 0)
480 return r;
481
482 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
483 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
484
485 sd_event_set_watchdog(m->event, true);
486
eb60f9cd
LP		 487 r = manager_watch_hostname(m);
488 if (r < 0)
489 return r;
490
1716f6dc 491 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
74b2466e
LP		 492 if (r < 0)
493 return r;
494
495 r = manager_network_monitor_listen(m);
496 if (r < 0)
497 return r;
498
499 r = manager_rtnl_listen(m);
500 if (r < 0)
501 return r;
502
503 r = manager_connect_bus(m);
504 if (r < 0)
505 return r;
506
091a364c
TG		 507 *ret = m;
508 m = NULL;
509
510 return 0;
511}
512
edc501d4
LP		 513int manager_start(Manager *m) {
514 int r;
515
516 assert(m);
517
518 r = manager_llmnr_start(m);
519 if (r < 0)
520 return r;
521
522 return 0;
523}
524
74b2466e
LP		 525Manager *manager_free(Manager *m) {
526 Link *l;
091a364c
TG		 527
528 if (!m)
74b2466e
LP		 529 return NULL;
530
74b2466e
LP		 531 while ((l = hashmap_first(m->links)))
532 link_free(l);
f0e15467
LP		 533
534 while (m->dns_queries)
535 dns_query_free(m->dns_queries);
74b2466e 536
3e684349
LP		 537 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
538 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
091a364c 539
cab5b059
LP		 540 dns_scope_free(m->unicast_scope);
541
f0e15467
LP		 542 hashmap_free(m->links);
543 hashmap_free(m->dns_transactions);
544
096b6773
LP		 545 sd_event_source_unref(m->network_event_source);
546 sd_network_monitor_unref(m->network_monitor);
091a364c 547
74b2466e
LP		 548 sd_event_source_unref(m->dns_ipv4_event_source);
549 sd_event_source_unref(m->dns_ipv6_event_source);
74b2466e
LP		 550 safe_close(m->dns_ipv4_fd);
551 safe_close(m->dns_ipv6_fd);
552
edc501d4 553 manager_llmnr_stop(m);
623a4c97 554
902bb5d8 555 sd_bus_slot_unref(m->prepare_for_sleep_slot);
74b2466e
LP		 556 sd_event_source_unref(m->bus_retry_event_source);
557 sd_bus_unref(m->bus);
091a364c 558
74b2466e 559 sd_event_unref(m->event);
623a4c97
LP		 560
561 dns_resource_key_unref(m->host_ipv4_key);
562 dns_resource_key_unref(m->host_ipv6_key);
eb60f9cd
LP		 563
564 safe_close(m->hostname_fd);
565 sd_event_source_unref(m->hostname_event_source);
623a4c97 566 free(m->hostname);
eb60f9cd 567
091a364c 568 free(m);
74b2466e
LP		 569
570 return NULL;
091a364c
TG		 571}
572
5cb36f41
LP		 573int manager_read_resolv_conf(Manager *m) {
574 _cleanup_fclose_ FILE *f = NULL;
575 struct stat st, own;
576 char line[LINE_MAX];
577 DnsServer *s, *nx;
578 usec_t t;
579 int r;
580
581 assert(m);
582
583 /* Reads the system /etc/resolv.conf, if it exists and is not
584 * symlinked to our own resolv.conf instance */
585
586 if (!m->read_resolv_conf)
587 return 0;
588
589 r = stat("/etc/resolv.conf", &st);
590 if (r < 0) {
591 if (errno != ENOENT)
56f64d95 592 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
5cb36f41
LP		 593 r = -errno;
594 goto clear;
595 }
596
597 /* Have we already seen the file? */
598 t = timespec_load(&st.st_mtim);
599 if (t == m->resolv_conf_mtime)
600 return 0;
601
602 m->resolv_conf_mtime = t;
603
604 /* Is it symlinked to our own file? */
605 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
606 st.st_dev == own.st_dev &&
607 st.st_ino == own.st_ino) {
608 r = 0;
609 goto clear;
610 }
611
612 f = fopen("/etc/resolv.conf", "re");
613 if (!f) {
614 if (errno != ENOENT)
56f64d95 615 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
5cb36f41
LP		 616 r = -errno;
617 goto clear;
618 }
619
620 if (fstat(fileno(f), &st) < 0) {
56f64d95 621 log_error_errno(errno, "Failed to stat open file: %m");
5cb36f41
LP		 622 r = -errno;
623 goto clear;
624 }
625
626 LIST_FOREACH(servers, s, m->dns_servers)
627 s->marked = true;
628
629 FOREACH_LINE(line, f, r = -errno; goto clear) {
630 union in_addr_union address;
631 int family;
632 char *l;
633 const char *a;
634
635 truncate_nl(line);
636
637 l = strstrip(line);
638 if (*l == '#' || *l == ';')
639 continue;
640
641 a = first_word(l, "nameserver");
642 if (!a)
643 continue;
644
645 r = in_addr_from_string_auto(a, &family, &address);
646 if (r < 0) {
647 log_warning("Failed to parse name server %s.", a);
648 continue;
649 }
650
651 LIST_FOREACH(servers, s, m->dns_servers)
652 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
653 break;
654
655 if (s)
656 s->marked = false;
657 else {
658 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
659 if (r < 0)
660 goto clear;
661 }
662 }
663
664 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
665 if (s->marked)
666 dns_server_free(s);
667
36a03ca2
LP		 668 /* Whenever /etc/resolv.conf changes, start using the first
669 * DNS server of it. This is useful to deal with broken
670 * network managing implementations (like NetworkManager),
671 * that when connecting to a VPN place both the VPN DNS
672 * servers and the local ones in /etc/resolv.conf. Without
673 * resetting the DNS server to use back to the first entry we
674 * will continue to use the local one thus being unable to
675 * resolve VPN domains. */
676 manager_set_dns_server(m, m->dns_servers);
677
5cb36f41
LP		 678 return 0;
679
680clear:
681 while (m->dns_servers)
682 dns_server_free(m->dns_servers);
683
684 return r;
685}
686
bda2c408 687static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
74b2466e
LP		 688 _cleanup_free_ char *t = NULL;
689 int r;
091a364c 690
74b2466e 691 assert(s);
091a364c 692 assert(f);
091a364c
TG		 693 assert(count);
694
74b2466e 695 r = in_addr_to_string(s->family, &s->address, &t);
4e945a6f 696 if (r < 0) {
da927ba9 697 log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
091a364c
TG		 698 return;
699 }
700
701 if (*count == MAXNS)
87f5a193 702 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
091a364c 703
74b2466e 704 fprintf(f, "nameserver %s\n", t);
091a364c
TG		 705 (*count) ++;
706}
707
822db23c
LP		 708static void write_resolv_conf_search(
709 const char *domain, FILE *f,
710 unsigned *count,
711 unsigned *length) {
712
bda2c408
TG		 713 assert(domain);
714 assert(f);
715 assert(length);
716
717 if (*count >= MAXDNSRCH ||
718 *length + strlen(domain) > 256) {
719 if (*count == MAXDNSRCH)
720 fputs(" # Too many search domains configured, remaining ones ignored.", f);
721 if (*length <= 256)
722 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
723
724 return;
725 }
726
727 fprintf(f, " %s", domain);
728
729 (*length) += strlen(domain);
730 (*count) ++;
731}
732
822db23c 733static int write_resolv_conf_contents(FILE *f, OrderedSet *dns, OrderedSet *domains) {
4713135e
ZJS		 734 Iterator i;
735
736 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
737 "# Third party programs must not access this file directly, but\n"
738 "# only through the symlink at /etc/resolv.conf. To manage\n"
739 "# resolv.conf(5) in a different way, replace the symlink by a\n"
740 "# static file or a different symlink.\n\n", f);
741
822db23c 742 if (ordered_set_isempty(dns))
4713135e
ZJS		 743 fputs("# No DNS servers known.\n", f);
744 else {
745 DnsServer *s;
746 unsigned count = 0;
747
822db23c 748 ORDERED_SET_FOREACH(s, dns, i)
4713135e
ZJS		 749 write_resolv_conf_server(s, f, &count);
750 }
751
822db23c 752 if (!ordered_set_isempty(domains)) {
4713135e
ZJS		 753 unsigned length = 0, count = 0;
754 char *domain;
755
756 fputs("search", f);
822db23c 757 ORDERED_SET_FOREACH(domain, domains, i)
4713135e
ZJS		 758 write_resolv_conf_search(domain, f, &count, &length);
759 fputs("\n", f);
760 }
761
762 return fflush_and_check(f);
763}
764
74b2466e 765int manager_write_resolv_conf(Manager *m) {
4e945a6f 766 static const char path[] = "/run/systemd/resolve/resolv.conf";
091a364c
TG		 767 _cleanup_free_ char *temp_path = NULL;
768 _cleanup_fclose_ FILE *f = NULL;
822db23c 769 _cleanup_ordered_set_free_ OrderedSet *dns = NULL, *domains = NULL;
74b2466e
LP		 770 DnsServer *s;
771 Iterator i;
772 Link *l;
773 int r;
091a364c
TG		 774
775 assert(m);
776
5cb36f41
LP		 777 /* Read the system /etc/resolv.conf first */
778 manager_read_resolv_conf(m);
779
87f5a193 780 /* Add the full list to a set, to filter out duplicates */
822db23c 781 dns = ordered_set_new(&dns_server_hash_ops);
87f5a193
LP		 782 if (!dns)
783 return -ENOMEM;
784
822db23c 785 domains = ordered_set_new(&dns_name_hash_ops);
bda2c408
TG		 786 if (!domains)
787 return -ENOMEM;
788
87f5a193
LP		 789 /* First add the system-wide servers */
790 LIST_FOREACH(servers, s, m->dns_servers) {
822db23c 791 r = ordered_set_put(dns, s);
87f5a193
LP		 792 if (r == -EEXIST)
793 continue;
794 if (r < 0)
795 return r;
796 }
797
bda2c408
TG		 798 /* Then, add the per-link servers and domains */
799 HASHMAP_FOREACH(l, m->links, i) {
800 char **domain;
801
87f5a193 802 LIST_FOREACH(servers, s, l->dns_servers) {
822db23c 803 r = ordered_set_put(dns, s);
87f5a193
LP		 804 if (r == -EEXIST)
805 continue;
806 if (r < 0)
807 return r;
808 }
809
bda2c408
TG		 810 if (!l->unicast_scope)
811 continue;
812
813 STRV_FOREACH(domain, l->unicast_scope->domains) {
822db23c 814 r = ordered_set_put(domains, *domain);
bda2c408
TG		 815 if (r == -EEXIST)
816 continue;
817 if (r < 0)
818 return r;
819 }
820 }
821
87f5a193 822 /* If we found nothing, add the fallback servers */
822db23c 823 if (ordered_set_isempty(dns)) {
87f5a193 824 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
822db23c 825 r = ordered_set_put(dns, s);
87f5a193
LP		 826 if (r == -EEXIST)
827 continue;
828 if (r < 0)
829 return r;
830 }
831 }
832
a5a807e6 833 r = fopen_temporary_label(path, path, &f, &temp_path);
091a364c
TG		 834 if (r < 0)
835 return r;
836
837 fchmod(fileno(f), 0644);
838
4713135e 839 r = write_resolv_conf_contents(f, dns, domains);
74b2466e
LP		 840 if (r < 0)
841 goto fail;
842
843 if (rename(temp_path, path) < 0) {
844 r = -errno;
845 goto fail;
846 }
091a364c 847
74b2466e 848 return 0;
091a364c 849
74b2466e 850fail:
822db23c
LP		 851 (void) unlink(path);
852 (void) unlink(temp_path);
74b2466e
LP		 853 return r;
854}
091a364c 855
1716f6dc 856int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
74b2466e 857 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1716f6dc
LP		 858 union {
859 struct cmsghdr header; /* For alignment */
40a1eebd 860 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
1716f6dc 861 + CMSG_SPACE(int) /* ttl/hoplimit */
623a4c97 862 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
1716f6dc
LP		 863 } control;
864 union sockaddr_union sa;
74b2466e 865 struct msghdr mh = {};
1716f6dc 866 struct cmsghdr *cmsg;
74b2466e 867 struct iovec iov;
1716f6dc 868 int ms = 0, r;
74b2466e
LP		 869 ssize_t l;
870
871 assert(m);
1716f6dc 872 assert(fd >= 0);
74b2466e
LP		 873 assert(ret);
874
74b2466e
LP		 875 r = ioctl(fd, FIONREAD, &ms);
876 if (r < 0)
877 return -errno;
878 if (ms < 0)
879 return -EIO;
880
1716f6dc 881 r = dns_packet_new(&p, protocol, ms);
74b2466e
LP		 882 if (r < 0)
883 return r;
884
885 iov.iov_base = DNS_PACKET_DATA(p);
886 iov.iov_len = p->allocated;
887
1716f6dc
LP		 888 mh.msg_name = &sa.sa;
889 mh.msg_namelen = sizeof(sa);
74b2466e
LP		 890 mh.msg_iov = &iov;
891 mh.msg_iovlen = 1;
1716f6dc
LP		 892 mh.msg_control = &control;
893 mh.msg_controllen = sizeof(control);
74b2466e 894
a38d9945 895 l = recvmsg(fd, &mh, 0);
74b2466e 896 if (l < 0) {
ad867662 897 if (errno == EAGAIN || errno == EINTR)
74b2466e
LP		 898 return 0;
899
900 return -errno;
091a364c
TG		 901 }
902
74b2466e
LP		 903 if (l <= 0)
904 return -EIO;
091a364c 905
1716f6dc
LP		 906 assert(!(mh.msg_flags & MSG_CTRUNC));
907 assert(!(mh.msg_flags & MSG_TRUNC));
908
74b2466e 909 p->size = (size_t) l;
091a364c 910
1716f6dc 911 p->family = sa.sa.sa_family;
623a4c97
LP		 912 p->ipproto = IPPROTO_UDP;
913 if (p->family == AF_INET) {
1716f6dc 914 p->sender.in = sa.in.sin_addr;
623a4c97
LP		 915 p->sender_port = be16toh(sa.in.sin_port);
916 } else if (p->family == AF_INET6) {
1716f6dc 917 p->sender.in6 = sa.in6.sin6_addr;
623a4c97
LP		 918 p->sender_port = be16toh(sa.in6.sin6_port);
919 p->ifindex = sa.in6.sin6_scope_id;
920 } else
1716f6dc 921 return -EAFNOSUPPORT;
74b2466e 922
1716f6dc 923 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
74b2466e 924
1716f6dc
LP		 925 if (cmsg->cmsg_level == IPPROTO_IPV6) {
926 assert(p->family == AF_INET6);
74b2466e 927
1716f6dc 928 switch (cmsg->cmsg_type) {
74b2466e 929
1716f6dc
LP		 930 case IPV6_PKTINFO: {
931 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
74b2466e 932
623a4c97
LP		 933 if (p->ifindex <= 0)
934 p->ifindex = i->ipi6_ifindex;
935
1716f6dc
LP		 936 p->destination.in6 = i->ipi6_addr;
937 break;
938 }
74b2466e 939
1716f6dc
LP		 940 case IPV6_HOPLIMIT:
941 p->ttl = *(int *) CMSG_DATA(cmsg);
942 break;
74b2466e 943
1716f6dc
LP		 944 }
945 } else if (cmsg->cmsg_level == IPPROTO_IP) {
946 assert(p->family == AF_INET);
74b2466e 947
1716f6dc 948 switch (cmsg->cmsg_type) {
74b2466e 949
1716f6dc
LP		 950 case IP_PKTINFO: {
951 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
091a364c 952
623a4c97
LP		 953 if (p->ifindex <= 0)
954 p->ifindex = i->ipi_ifindex;
955
1716f6dc
LP		 956 p->destination.in = i->ipi_addr;
957 break;
958 }
74b2466e 959
623a4c97 960 case IP_TTL:
1716f6dc
LP		 961 p->ttl = *(int *) CMSG_DATA(cmsg);
962 break;
963 }
964 }
965 }
74b2466e 966
623a4c97
LP		 967 /* The Linux kernel sets the interface index to the loopback
968 * device if the packet came from the local host since it
969 * avoids the routing table in such a case. Let's unset the
970 * interface index in such a case. */
a5f03596 971 if (p->ifindex == LOOPBACK_IFINDEX)
623a4c97
LP		 972 p->ifindex = 0;
973
974 /* If we don't know the interface index still, we look for the
975 * first local interface with a matching address. Yuck! */
976 if (p->ifindex <= 0)
977 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
978
74b2466e
LP		 979 *ret = p;
980 p = NULL;
981
982 return 1;
983}
984
1716f6dc 985static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
74b2466e 986 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 987 DnsTransaction *t = NULL;
74b2466e
LP		 988 Manager *m = userdata;
989 int r;
990
1716f6dc 991 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
74b2466e
LP		 992 if (r <= 0)
993 return r;
994
623a4c97 995 if (dns_packet_validate_reply(p) > 0) {
ec2c5e43 996 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1716f6dc
LP		 997 if (!t)
998 return 0;
74b2466e 999
ec2c5e43 1000 dns_transaction_process_reply(t, p);
623a4c97 1001
1716f6dc 1002 } else
623a4c97 1003 log_debug("Invalid DNS packet.");
74b2466e 1004
ad867662 1005 return 0;
74b2466e
LP		 1006}
1007
1008int manager_dns_ipv4_fd(Manager *m) {
1716f6dc 1009 const int one = 1;
74b2466e
LP		 1010 int r;
1011
091a364c
TG		 1012 assert(m);
1013
74b2466e
LP		 1014 if (m->dns_ipv4_fd >= 0)
1015 return m->dns_ipv4_fd;
091a364c 1016
74b2466e
LP		 1017 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1018 if (m->dns_ipv4_fd < 0)
1019 return -errno;
091a364c 1020
1716f6dc
LP		 1021 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1022 if (r < 0) {
1023 r = -errno;
1024 goto fail;
1025 }
1026
1027 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
74b2466e 1028 if (r < 0)
1716f6dc 1029 goto fail;
74b2466e
LP		 1030
1031 return m->dns_ipv4_fd;
1716f6dc
LP		 1032
1033fail:
1034 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1035 return r;
091a364c
TG		 1036}
1037
74b2466e 1038int manager_dns_ipv6_fd(Manager *m) {
1716f6dc 1039 const int one = 1;
74b2466e
LP		 1040 int r;
1041
1042 assert(m);
091a364c 1043
74b2466e
LP		 1044 if (m->dns_ipv6_fd >= 0)
1045 return m->dns_ipv6_fd;
1046
1047 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1048 if (m->dns_ipv6_fd < 0)
1049 return -errno;
1050
1716f6dc
LP		 1051 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1052 if (r < 0) {
1053 r = -errno;
1054 goto fail;
1055 }
1056
1057 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
091a364c 1058 if (r < 0)
1716f6dc 1059 goto fail;
091a364c 1060
74b2466e 1061 return m->dns_ipv6_fd;
1716f6dc
LP		 1062
1063fail:
1064 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1065 return r;
74b2466e
LP		 1066}
1067
1068static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1069 int r;
1070
1071 assert(fd >= 0);
1072 assert(mh);
1073
1074 for (;;) {
1075 if (sendmsg(fd, mh, flags) >= 0)
1076 return 0;
1077
1078 if (errno == EINTR)
1079 continue;
1080
1081 if (errno != EAGAIN)
1082 return -errno;
1083
1084 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1085 if (r < 0)
1086 return r;
1087 if (r == 0)
1088 return -ETIMEDOUT;
1089 }
1090}
1091
623a4c97 1092static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP		 1093 union sockaddr_union sa = {
1094 .in.sin_family = AF_INET,
74b2466e 1095 };
1716f6dc
LP		 1096 union {
1097 struct cmsghdr header; /* For alignment */
1098 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1099 } control;
74b2466e
LP		 1100 struct msghdr mh = {};
1101 struct iovec iov;
74b2466e
LP		 1102
1103 assert(m);
1716f6dc
LP		 1104 assert(fd >= 0);
1105 assert(addr);
1106 assert(port > 0);
74b2466e
LP		 1107 assert(p);
1108
74b2466e
LP		 1109 iov.iov_base = DNS_PACKET_DATA(p);
1110 iov.iov_len = p->size;
091a364c 1111
1716f6dc
LP		 1112 sa.in.sin_addr = *addr;
1113 sa.in.sin_port = htobe16(port),
091a364c 1114
74b2466e
LP		 1115 mh.msg_iov = &iov;
1116 mh.msg_iovlen = 1;
1117 mh.msg_name = &sa.sa;
1118 mh.msg_namelen = sizeof(sa.in);
091a364c 1119
74b2466e
LP		 1120 if (ifindex > 0) {
1121 struct cmsghdr *cmsg;
1122 struct in_pktinfo *pi;
1123
1124 zero(control);
1125
1716f6dc 1126 mh.msg_control = &control;
74b2466e
LP		 1127 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1128
1129 cmsg = CMSG_FIRSTHDR(&mh);
1130 cmsg->cmsg_len = mh.msg_controllen;
1131 cmsg->cmsg_level = IPPROTO_IP;
1132 cmsg->cmsg_type = IP_PKTINFO;
1133
1134 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1135 pi->ipi_ifindex = ifindex;
1136 }
1137
1138 return sendmsg_loop(fd, &mh, 0);
1139}
1140
623a4c97 1141static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP		 1142 union sockaddr_union sa = {
1143 .in6.sin6_family = AF_INET6,
74b2466e 1144 };
1716f6dc
LP		 1145 union {
1146 struct cmsghdr header; /* For alignment */
1147 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1148 } control;
74b2466e
LP		 1149 struct msghdr mh = {};
1150 struct iovec iov;
74b2466e
LP		 1151
1152 assert(m);
1716f6dc
LP		 1153 assert(fd >= 0);
1154 assert(addr);
1155 assert(port > 0);
74b2466e
LP		 1156 assert(p);
1157
74b2466e
LP		 1158 iov.iov_base = DNS_PACKET_DATA(p);
1159 iov.iov_len = p->size;
1160
1716f6dc
LP		 1161 sa.in6.sin6_addr = *addr;
1162 sa.in6.sin6_port = htobe16(port),
74b2466e
LP		 1163 sa.in6.sin6_scope_id = ifindex;
1164
1165 mh.msg_iov = &iov;
1166 mh.msg_iovlen = 1;
1167 mh.msg_name = &sa.sa;
1168 mh.msg_namelen = sizeof(sa.in6);
1169
1170 if (ifindex > 0) {
1171 struct cmsghdr *cmsg;
1172 struct in6_pktinfo *pi;
1173
1174 zero(control);
1175
1716f6dc 1176 mh.msg_control = &control;
74b2466e
LP		 1177 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1178
1179 cmsg = CMSG_FIRSTHDR(&mh);
1180 cmsg->cmsg_len = mh.msg_controllen;
1181 cmsg->cmsg_level = IPPROTO_IPV6;
1182 cmsg->cmsg_type = IPV6_PKTINFO;
1183
1184 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1185 pi->ipi6_ifindex = ifindex;
1186 }
1187
1188 return sendmsg_loop(fd, &mh, 0);
1189}
1190
623a4c97 1191int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1716f6dc
LP		 1192 assert(m);
1193 assert(fd >= 0);
1194 assert(addr);
1195 assert(port > 0);
1196 assert(p);
1197
a2a416f7
LP		 1198 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1199
1716f6dc
LP		 1200 if (family == AF_INET)
1201 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1202 else if (family == AF_INET6)
1203 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1204
1205 return -EAFNOSUPPORT;
1206}
1207
2c27fbca 1208DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
74b2466e
LP		 1209 DnsServer *s;
1210
1211 assert(m);
1212 assert(in_addr);
1213
4e945a6f 1214 LIST_FOREACH(servers, s, m->dns_servers)
5cb36f41 1215 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1216 return s;
74b2466e 1217
4e945a6f 1218 LIST_FOREACH(servers, s, m->fallback_dns_servers)
5cb36f41 1219 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1220 return s;
74b2466e 1221
2c27fbca 1222 return NULL;
4e945a6f
LP		 1223}
1224
2c27fbca 1225DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
4e945a6f
LP		 1226 assert(m);
1227
1228 if (m->current_dns_server == s)
1229 return s;
1230
1231 if (s) {
1232 _cleanup_free_ char *ip = NULL;
1233
1234 in_addr_to_string(s->family, &s->address, &ip);
1235 log_info("Switching to system DNS server %s.", strna(ip));
2c27fbca 1236 }
4e945a6f
LP		 1237
1238 m->current_dns_server = s;
2c27fbca
LP		 1239
1240 if (m->unicast_scope)
1241 dns_cache_flush(&m->unicast_scope->cache);
1242
4e945a6f 1243 return s;
74b2466e
LP		 1244}
1245
1246DnsServer *manager_get_dns_server(Manager *m) {
4e945a6f 1247 Link *l;
74b2466e
LP		 1248 assert(m);
1249
5cb36f41
LP		 1250 /* Try to read updates resolv.conf */
1251 manager_read_resolv_conf(m);
1252
74b2466e 1253 if (!m->current_dns_server)
4e945a6f
LP		 1254 manager_set_dns_server(m, m->dns_servers);
1255
1256 if (!m->current_dns_server) {
1257 bool found = false;
1258 Iterator i;
1259
1260 /* No DNS servers configured, let's see if there are
1261 * any on any links. If not, we use the fallback
1262 * servers */
1263
1264 HASHMAP_FOREACH(l, m->links, i)
1265 if (l->dns_servers) {
1266 found = true;
1267 break;
1268 }
1269
1270 if (!found)
1271 manager_set_dns_server(m, m->fallback_dns_servers);
1272 }
74b2466e
LP		 1273
1274 return m->current_dns_server;
1275}
1276
1277void manager_next_dns_server(Manager *m) {
1278 assert(m);
1279
4e945a6f
LP		 1280 /* If there's currently no DNS server set, then the next
1281 * manager_get_dns_server() will find one */
74b2466e
LP		 1282 if (!m->current_dns_server)
1283 return;
1284
4e945a6f 1285 /* Change to the next one */
74b2466e 1286 if (m->current_dns_server->servers_next) {
4e945a6f 1287 manager_set_dns_server(m, m->current_dns_server->servers_next);
74b2466e
LP		 1288 return;
1289 }
1290
4e945a6f
LP		 1291 /* If there was no next one, then start from the beginning of
1292 * the list */
1293 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1294 manager_set_dns_server(m, m->fallback_dns_servers);
1295 else
1296 manager_set_dns_server(m, m->dns_servers);
091a364c 1297}
e1c95994
LP		 1298
1299uint32_t manager_find_mtu(Manager *m) {
1300 uint32_t mtu = 0;
1301 Link *l;
1302 Iterator i;
1303
1304 /* If we don't know on which link a DNS packet would be
1305 * delivered, let's find the largest MTU that works on all
1306 * interfaces we know of */
1307
1308 HASHMAP_FOREACH(l, m->links, i) {
1309 if (l->mtu <= 0)
1310 continue;
1311
1312 if (mtu <= 0 || l->mtu < mtu)
1313 mtu = l->mtu;
1314 }
1315
1316 return mtu;
1317}
1716f6dc
LP		 1318
1319static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1320 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 1321 DnsTransaction *t = NULL;
1716f6dc 1322 Manager *m = userdata;
a4076574 1323 DnsScope *scope;
1716f6dc
LP		 1324 int r;
1325
1326 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1327 if (r <= 0)
1328 return r;
1329
a4076574
LP		 1330 scope = manager_find_scope(m, p);
1331 if (!scope) {
1332 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1333 return 0;
1334 }
1335
623a4c97 1336 if (dns_packet_validate_reply(p) > 0) {
a2a416f7
LP		 1337 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1338
a4076574 1339 dns_scope_check_conflicts(scope, p);
623a4c97 1340
a4076574
LP		 1341 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1342 if (t)
1343 dns_transaction_process_reply(t, p);
623a4c97 1344
a4076574
LP		 1345 } else if (dns_packet_validate_query(p) > 0) {
1346 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
623a4c97 1347
a4076574 1348 dns_scope_process_query(scope, NULL, p);
623a4c97 1349 } else
a4076574 1350 log_debug("Invalid LLMNR UDP packet.");
1716f6dc
LP		 1351
1352 return 0;
1353}
1354
1355int manager_llmnr_ipv4_udp_fd(Manager *m) {
1356 union sockaddr_union sa = {
1357 .in.sin_family = AF_INET,
1358 .in.sin_port = htobe16(5355),
1359 };
bf3f1271 1360 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1716f6dc
LP		 1361 int r;
1362
1363 assert(m);
1364
1365 if (m->llmnr_ipv4_udp_fd >= 0)
1366 return m->llmnr_ipv4_udp_fd;
1367
1368 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1369 if (m->llmnr_ipv4_udp_fd < 0)
1370 return -errno;
1371
bf3f1271
LP		 1372 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1373 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1716f6dc
LP		 1374 if (r < 0) {
1375 r = -errno;
1376 goto fail;
1377 }
1378
bf3f1271 1379 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1716f6dc
LP		 1380 if (r < 0) {
1381 r = -errno;
1382 goto fail;
1383 }
1384
1385 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1386 if (r < 0) {
1387 r = -errno;
1388 goto fail;
1389 }
1390
1391 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1392 if (r < 0) {
1393 r = -errno;
1394 goto fail;
1395 }
1396
1397 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1398 if (r < 0) {
1399 r = -errno;
1400 goto fail;
1401 }
1402
1403 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1404 if (r < 0) {
1405 r = -errno;
1406 goto fail;
1407 }
1408
1409 /* Disable Don't-Fragment bit in the IP header */
1410 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1411 if (r < 0) {
1412 r = -errno;
1413 goto fail;
1414 }
1415
1416 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1417 if (r < 0) {
1418 r = -errno;
1419 goto fail;
1420 }
1421
1422 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1423 if (r < 0)
1424 goto fail;
1425
1426 return m->llmnr_ipv4_udp_fd;
1427
1428fail:
1429 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1430 return r;
1431}
1432
1433int manager_llmnr_ipv6_udp_fd(Manager *m) {
1434 union sockaddr_union sa = {
1435 .in6.sin6_family = AF_INET6,
1436 .in6.sin6_port = htobe16(5355),
1437 };
bf3f1271 1438 static const int one = 1, ttl = 255;
1716f6dc
LP		 1439 int r;
1440
1441 assert(m);
1442
1443 if (m->llmnr_ipv6_udp_fd >= 0)
1444 return m->llmnr_ipv6_udp_fd;
1445
1446 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1447 if (m->llmnr_ipv6_udp_fd < 0)
1448 return -errno;
1449
bf3f1271 1450 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP		 1451 if (r < 0) {
1452 r = -errno;
1453 goto fail;
1454 }
1455
bf3f1271
LP		 1456 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1457 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP		 1458 if (r < 0) {
1459 r = -errno;
1460 goto fail;
1461 }
1462
1463 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1464 if (r < 0) {
1465 r = -errno;
1466 goto fail;
1467 }
1468
1469 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1470 if (r < 0) {
1471 r = -errno;
1472 goto fail;
1473 }
1474
1475 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1476 if (r < 0) {
1477 r = -errno;
1478 goto fail;
1479 }
1480
1481 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1482 if (r < 0) {
1483 r = -errno;
1484 goto fail;
1485 }
1486
1487 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1488 if (r < 0) {
1489 r = -errno;
1490 goto fail;
1491 }
1492
1493 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1494 if (r < 0) {
1495 r = -errno;
1496 goto fail;
1497 }
1498
1499 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1500 if (r < 0) {
1501 r = -errno;
1502 goto fail;
1503 }
1504
1505 return m->llmnr_ipv6_udp_fd;
1506
1507fail:
1508 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1509 return r;
1510}
623a4c97
LP		 1511
1512static int on_llmnr_stream_packet(DnsStream *s) {
a4076574 1513 DnsScope *scope;
623a4c97 1514
a4076574 1515 assert(s);
623a4c97 1516
a4076574
LP		 1517 scope = manager_find_scope(s->manager, s->read_packet);
1518 if (!scope) {
1519 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1520 return 0;
1521 }
623a4c97 1522
a4076574
LP		 1523 if (dns_packet_validate_query(s->read_packet) > 0) {
1524 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
623a4c97 1525
a4076574 1526 dns_scope_process_query(scope, s, s->read_packet);
623a4c97 1527
a4076574
LP		 1528 /* If no reply packet was set, we free the stream */
1529 if (s->write_packet)
1530 return 0;
1531 } else
1532 log_debug("Invalid LLMNR TCP packet.");
623a4c97
LP		 1533
1534 dns_stream_free(s);
1535 return 0;
1536}
1537
1538static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1539 DnsStream *stream;
1540 Manager *m = userdata;
1541 int cfd, r;
1542
1543 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1544 if (cfd < 0) {
1545 if (errno == EAGAIN || errno == EINTR)
1546 return 0;
1547
1548 return -errno;
1549 }
1550
1551 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1552 if (r < 0) {
1553 safe_close(cfd);
1554 return r;
1555 }
1556
1557 stream->on_packet = on_llmnr_stream_packet;
1558 return 0;
1559}
1560
1561int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1562 union sockaddr_union sa = {
1563 .in.sin_family = AF_INET,
1564 .in.sin_port = htobe16(5355),
1565 };
1566 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1567 int r;
1568
1569 assert(m);
1570
1571 if (m->llmnr_ipv4_tcp_fd >= 0)
1572 return m->llmnr_ipv4_tcp_fd;
1573
1574 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1575 if (m->llmnr_ipv4_tcp_fd < 0)
1576 return -errno;
1577
bf3f1271 1578 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP		 1579 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1580 if (r < 0) {
1581 r = -errno;
1582 goto fail;
1583 }
1584
1585 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1586 if (r < 0) {
1587 r = -errno;
1588 goto fail;
1589 }
1590
1591 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1592 if (r < 0) {
1593 r = -errno;
1594 goto fail;
1595 }
1596
1597 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1598 if (r < 0) {
1599 r = -errno;
1600 goto fail;
1601 }
1602
1603 /* Disable Don't-Fragment bit in the IP header */
1604 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1605 if (r < 0) {
1606 r = -errno;
1607 goto fail;
1608 }
1609
1610 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1611 if (r < 0) {
1612 r = -errno;
1613 goto fail;
1614 }
1615
1616 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1617 if (r < 0) {
1618 r = -errno;
1619 goto fail;
1620 }
1621
1622 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1623 if (r < 0)
1624 goto fail;
1625
1626 return m->llmnr_ipv4_tcp_fd;
1627
1628fail:
1629 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1630 return r;
1631}
1632
1633int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1634 union sockaddr_union sa = {
1635 .in6.sin6_family = AF_INET6,
1636 .in6.sin6_port = htobe16(5355),
1637 };
1638 static const int one = 1;
1639 int r;
1640
1641 assert(m);
1642
1643 if (m->llmnr_ipv6_tcp_fd >= 0)
1644 return m->llmnr_ipv6_tcp_fd;
1645
1646 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1647 if (m->llmnr_ipv6_tcp_fd < 0)
1648 return -errno;
1649
bf3f1271 1650 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP		 1651 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1652 if (r < 0) {
1653 r = -errno;
1654 goto fail;
1655 }
1656
1657 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1658 if (r < 0) {
1659 r = -errno;
1660 goto fail;
1661 }
1662
1663 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1664 if (r < 0) {
1665 r = -errno;
1666 goto fail;
1667 }
1668
1669 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1670 if (r < 0) {
1671 r = -errno;
1672 goto fail;
1673 }
1674
1675 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1676 if (r < 0) {
1677 r = -errno;
1678 goto fail;
1679 }
1680
1681 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1682 if (r < 0) {
1683 r = -errno;
1684 goto fail;
1685 }
1686
1687 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1688 if (r < 0) {
1689 r = -errno;
1690 goto fail;
1691 }
1692
1693 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1694 if (r < 0) {
1695 r = -errno;
1696 goto fail;
1697 }
1698
1699 return m->llmnr_ipv6_tcp_fd;
1700
1701fail:
1702 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1703 return r;
1704}
1705
623a4c97 1706int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP		 1707 LinkAddress *a;
1708
1709 assert(m);
1710
4e945a6f 1711 a = manager_find_link_address(m, family, in_addr);
ec2c5e43
LP		 1712 if (a)
1713 return a->link->ifindex;
1714
1715 return 0;
1716}
1717
eb60f9cd
LP		 1718void manager_refresh_rrs(Manager *m) {
1719 Iterator i;
1720 Link *l;
1721
1722 assert(m);
1723
1724 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1725 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1726
1727 HASHMAP_FOREACH(l, m->links, i) {
1728 link_add_rrs(l, true);
1729 link_add_rrs(l, false);
1730 }
1731}
1732
ec2c5e43
LP		 1733int manager_next_hostname(Manager *m) {
1734 const char *p;
556a2294 1735 uint64_t u, a;
ec2c5e43 1736 char *h;
623a4c97
LP		 1737
1738 assert(m);
1739
ec2c5e43
LP		 1740 p = strchr(m->hostname, 0);
1741 assert(p);
1742
1743 while (p > m->hostname) {
1744 if (!strchr("0123456789", p[-1]))
1745 break;
1746
1747 p--;
1748 }
1749
1750 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1751 u = 1;
1752
556a2294
LP		 1753 /* Add a random number to the old value. This way we can avoid
1754 * that two hosts pick the same hostname, win on IPv4 and lose
1755 * on IPv6 (or vice versa), and pick the same hostname
1756 * replacement hostname, ad infinitum. We still want the
1757 * numbers to go up monotonically, hence we just add a random
1758 * value 1..10 */
1759
1760 random_bytes(&a, sizeof(a));
1761 u += 1 + a % 10;
ec2c5e43
LP		 1762
1763 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1764 return -ENOMEM;
1765
eb60f9cd 1766 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
ec2c5e43
LP		 1767
1768 free(m->hostname);
1769 m->hostname = h;
1770
eb60f9cd 1771 manager_refresh_rrs(m);
623a4c97
LP		 1772
1773 return 0;
1774}
ec2c5e43 1775
4e945a6f 1776LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP		 1777 Iterator i;
1778 Link *l;
1779
1780 assert(m);
1781
1782 HASHMAP_FOREACH(l, m->links, i) {
1783 LinkAddress *a;
1784
1785 a = link_find_address(l, family, in_addr);
1786 if (a)
1787 return a;
1788 }
1789
1790 return NULL;
1791}
1792
a4076574 1793bool manager_our_packet(Manager *m, DnsPacket *p) {
ec2c5e43
LP		 1794 assert(m);
1795 assert(p);
1796
4e945a6f 1797 return !!manager_find_link_address(m, p->family, &p->sender);
ec2c5e43 1798}
4e945a6f 1799
a4076574
LP		 1800DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1801 Link *l;
1802
1803 assert(m);
1804 assert(p);
1805
1806 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1807 if (!l)
1808 return NULL;
1809
1810 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1811 if (p->family == AF_INET)
1812 return l->llmnr_ipv4_scope;
1813 else if (p->family == AF_INET6)
1814 return l->llmnr_ipv6_scope;
1815 }
1816
1817 return NULL;
1818}
1819
902bb5d8
LP		 1820void manager_verify_all(Manager *m) {
1821 DnsScope *s;
1822
1823 assert(m);
1824
1825 LIST_FOREACH(scopes, s, m->dns_scopes)
1826 dns_zone_verify_all(&s->zone);
1827}
1828
3e684349
LP		 1829void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1830 assert(m);
1831
1832 if (t == DNS_SERVER_SYSTEM)
1833 while (m->dns_servers)
1834 dns_server_free(m->dns_servers);
1835
1836 if (t == DNS_SERVER_FALLBACK)
1837 while (m->fallback_dns_servers)
1838 dns_server_free(m->fallback_dns_servers);
1839}
1840
4e945a6f
LP		 1841static const char* const support_table[_SUPPORT_MAX] = {
1842 [SUPPORT_NO] = "no",
1843 [SUPPORT_YES] = "yes",
1844 [SUPPORT_RESOLVE] = "resolve",
1845};
1846DEFINE_STRING_TABLE_LOOKUP(support, Support);
Unnamed repository; edit this file 'description' to name the repository.