sd-network: add sd_network_linkg_get_domains()
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
CommitLineData
091a364c
TG
1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22#include <arpa/inet.h>
23#include <resolv.h>
1716f6dc 24#include <net/if.h>
74b2466e
LP
25#include <sys/ioctl.h>
26#include <sys/poll.h>
27#include <netinet/in.h>
091a364c 28
74b2466e 29#include "rtnl-util.h"
091a364c
TG
30#include "event-util.h"
31#include "network-util.h"
091a364c
TG
32#include "network-internal.h"
33#include "conf-parser.h"
74b2466e 34#include "socket-util.h"
a2a416f7 35#include "af-list.h"
eb60f9cd 36#include "utf8.h"
4e945a6f 37
eb60f9cd 38#include "resolved-dns-domain.h"
39d8db04
LP
39#include "resolved-conf.h"
40#include "resolved-bus.h"
41#include "resolved-manager.h"
74b2466e
LP
42
43#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
44
45static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
46 Manager *m = userdata;
47 uint16_t type;
48 Link *l;
49 int ifindex, r;
50
51 assert(rtnl);
52 assert(m);
53 assert(mm);
54
55 r = sd_rtnl_message_get_type(mm, &type);
56 if (r < 0)
57 goto fail;
58
59 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
60 if (r < 0)
61 goto fail;
62
63 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
64
65 switch (type) {
66
a2a416f7
LP
67 case RTM_NEWLINK:{
68 bool is_new = !l;
74b2466e 69
a2a416f7 70 if (!l) {
74b2466e
LP
71 r = link_new(m, &l, ifindex);
72 if (r < 0)
73 goto fail;
74 }
75
76 r = link_update_rtnl(l, mm);
77 if (r < 0)
78 goto fail;
79
21d73c87
LP
80 r = link_update_monitor(l);
81 if (r < 0)
82 goto fail;
83
a2a416f7
LP
84 if (is_new)
85 log_debug("Found new link %i/%s", ifindex, l->name);
86
74b2466e 87 break;
a2a416f7 88 }
74b2466e
LP
89
90 case RTM_DELLINK:
91 if (l) {
a2a416f7 92 log_debug("Removing link %i/%s", l->ifindex, l->name);
74b2466e
LP
93 link_free(l);
94 }
95
96 break;
97 }
98
99 return 0;
100
101fail:
102 log_warning("Failed to process RTNL link message: %s", strerror(-r));
103 return 0;
104}
105
106static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
107 Manager *m = userdata;
108 union in_addr_union address;
74b2466e 109 uint16_t type;
0dd25fb9 110 int r, ifindex, family;
74b2466e
LP
111 LinkAddress *a;
112 Link *l;
113
114 assert(rtnl);
115 assert(mm);
116 assert(m);
117
118 r = sd_rtnl_message_get_type(mm, &type);
119 if (r < 0)
120 goto fail;
121
122 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
123 if (r < 0)
124 goto fail;
125
126 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
127 if (!l)
128 return 0;
129
130 r = sd_rtnl_message_addr_get_family(mm, &family);
131 if (r < 0)
132 goto fail;
133
134 switch (family) {
135
136 case AF_INET:
137 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
138 if (r < 0) {
139 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
140 if (r < 0)
141 goto fail;
142 }
143
144 break;
145
146 case AF_INET6:
147 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
148 if (r < 0) {
149 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
150 if (r < 0)
151 goto fail;
152 }
153
154 break;
155
156 default:
157 return 0;
158 }
159
160 a = link_find_address(l, family, &address);
161
162 switch (type) {
163
164 case RTM_NEWADDR:
165
166 if (!a) {
167 r = link_address_new(l, &a, family, &address);
168 if (r < 0)
169 return r;
170 }
171
172 r = link_address_update_rtnl(a, mm);
173 if (r < 0)
174 return r;
175
176 break;
177
178 case RTM_DELADDR:
179 if (a)
180 link_address_free(a);
181 break;
182 }
183
184 return 0;
185
186fail:
187 log_warning("Failed to process RTNL address message: %s", strerror(-r));
188 return 0;
189}
190
74b2466e
LP
191static int manager_rtnl_listen(Manager *m) {
192 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
193 sd_rtnl_message *i;
194 int r;
195
196 assert(m);
197
198 /* First, subscibe to interfaces coming and going */
199 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
200 if (r < 0)
201 return r;
202
203 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
204 if (r < 0)
205 return r;
206
207 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
208 if (r < 0)
209 return r;
210
211 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
212 if (r < 0)
213 return r;
214
215 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
216 if (r < 0)
217 return r;
091a364c 218
74b2466e
LP
219 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
220 if (r < 0)
221 return r;
222
223 /* Then, enumerate all links */
224 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
225 if (r < 0)
226 return r;
227
228 r = sd_rtnl_message_request_dump(req, true);
229 if (r < 0)
230 return r;
231
232 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
233 if (r < 0)
234 return r;
235
236 for (i = reply; i; i = sd_rtnl_message_next(i)) {
237 r = manager_process_link(m->rtnl, i, m);
238 if (r < 0)
239 return r;
240 }
241
242 req = sd_rtnl_message_unref(req);
243 reply = sd_rtnl_message_unref(reply);
244
245 /* Finally, enumerate all addresses, too */
246 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
247 if (r < 0)
248 return r;
249
250 r = sd_rtnl_message_request_dump(req, true);
251 if (r < 0)
252 return r;
253
254 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
255 if (r < 0)
256 return r;
257
258 for (i = reply; i; i = sd_rtnl_message_next(i)) {
259 r = manager_process_address(m->rtnl, i, m);
260 if (r < 0)
261 return r;
262 }
263
264 return r;
265}
266
267static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
268 Manager *m = userdata;
269 Iterator i;
270 Link *l;
271 int r;
272
273 assert(m);
274
275 sd_network_monitor_flush(m->network_monitor);
276
277 HASHMAP_FOREACH(l, m->links, i) {
278 r = link_update_monitor(l);
279 if (r < 0)
280 log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
281 }
282
283 r = manager_write_resolv_conf(m);
284 if (r < 0)
285 log_warning("Could not update resolv.conf: %s", strerror(-r));
286
287 return 0;
288}
289
290static int manager_network_monitor_listen(Manager *m) {
291 int r, fd, events;
292
293 assert(m);
294
0014a4ad 295 r = sd_network_monitor_new(&m->network_monitor, NULL);
74b2466e
LP
296 if (r < 0)
297 return r;
298
299 fd = sd_network_monitor_get_fd(m->network_monitor);
300 if (fd < 0)
301 return fd;
302
303 events = sd_network_monitor_get_events(m->network_monitor);
304 if (events < 0)
305 return events;
306
307 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
308 if (r < 0)
309 return r;
310
311 return 0;
312}
313
eb60f9cd
LP
314static int determine_hostname(char **ret) {
315 _cleanup_free_ char *h = NULL, *n = NULL;
316 int r;
317
318 assert(ret);
319
320 h = gethostname_malloc();
321 if (!h)
322 return log_oom();
323
324 if (!utf8_is_valid(h)) {
325 log_error("System hostname is not UTF-8 clean.");
326 return -EINVAL;
327 }
328
329 r = dns_name_normalize(h, &n);
330 if (r < 0) {
331 log_error("System hostname '%s' cannot be normalized.", h);
332 return r;
333 }
334
335 *ret = n;
336 n = NULL;
337
338 return 0;
339}
340
341static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
342 _cleanup_free_ char *h = NULL;
343 Manager *m = userdata;
344 int r;
345
346 assert(m);
347
348 r = determine_hostname(&h);
349 if (r < 0)
350 return 0; /* ignore invalid hostnames */
351
352 if (streq(h, m->hostname))
353 return 0;
354
355 log_info("System hostname changed to '%s'.", h);
356 free(m->hostname);
357 m->hostname = h;
358 h = NULL;
359
360 manager_refresh_rrs(m);
361
362 return 0;
363}
364
365static int manager_watch_hostname(Manager *m) {
eb60f9cd
LP
366 int r;
367
368 assert(m);
369
370 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
371 if (m->hostname_fd < 0) {
372 log_warning("Failed to watch hostname: %m");
373 return 0;
374 }
375
376 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
377 if (r < 0) {
378 if (r == -EPERM)
379 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
380 m->hostname_fd = safe_close(m->hostname_fd);
381 else {
382 log_error("Failed to add hostname event source: %s", strerror(-r));
383 return r;
384 }
385 }
386
387 r = determine_hostname(&m->hostname);
388 if (r < 0) {
389 log_info("Defaulting to hostname 'linux'.");
390 m->hostname = strdup("linux");
391 if (!m->hostname)
392 return log_oom();
393 } else
394 log_info("Using system hostname '%s'.", m->hostname);
395
396 return 0;
397}
398
edc501d4
LP
399static void manager_llmnr_stop(Manager *m) {
400 assert(m);
401
402 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
403 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
404
405 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
406 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
407
408 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
409 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
410
411 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
412 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
413}
414
415static int manager_llmnr_start(Manager *m) {
416 int r;
417
418 assert(m);
419
420 if (m->llmnr_support == SUPPORT_NO)
421 return 0;
422
423 r = manager_llmnr_ipv4_udp_fd(m);
424 if (r == -EADDRINUSE)
425 goto eaddrinuse;
426 if (r < 0)
427 return r;
428
edc501d4
LP
429 r = manager_llmnr_ipv4_tcp_fd(m);
430 if (r == -EADDRINUSE)
431 goto eaddrinuse;
432 if (r < 0)
433 return r;
434
90ab5042
LP
435 if (socket_ipv6_is_supported()) {
436 r = manager_llmnr_ipv6_udp_fd(m);
437 if (r == -EADDRINUSE)
438 goto eaddrinuse;
439 if (r < 0)
440 return r;
441
442 r = manager_llmnr_ipv6_tcp_fd(m);
443 if (r == -EADDRINUSE)
444 goto eaddrinuse;
445 if (r < 0)
446 return r;
447 }
edc501d4
LP
448
449 return 0;
450
451eaddrinuse:
452 log_warning("There appears to be another LLMNR respondering running. Turning off LLMNR support.");
453 m->llmnr_support = SUPPORT_NO;
454 manager_llmnr_stop(m);
90ab5042 455
edc501d4
LP
456 return 0;
457}
458
091a364c 459int manager_new(Manager **ret) {
74b2466e 460 _cleanup_(manager_freep) Manager *m = NULL;
091a364c
TG
461 int r;
462
c92e531c
LP
463 assert(ret);
464
091a364c
TG
465 m = new0(Manager, 1);
466 if (!m)
467 return -ENOMEM;
468
74b2466e 469 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
1716f6dc 470 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
623a4c97 471 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
eb60f9cd 472 m->hostname_fd = -1;
1716f6dc 473
4e945a6f 474 m->llmnr_support = SUPPORT_YES;
5cb36f41 475 m->read_resolv_conf = true;
091a364c 476
4e945a6f 477 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
091a364c
TG
478 if (r < 0)
479 return r;
480
481 r = sd_event_default(&m->event);
482 if (r < 0)
483 return r;
484
485 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
486 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
487
488 sd_event_set_watchdog(m->event, true);
489
eb60f9cd
LP
490 r = manager_watch_hostname(m);
491 if (r < 0)
492 return r;
493
1716f6dc 494 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
74b2466e
LP
495 if (r < 0)
496 return r;
497
498 r = manager_network_monitor_listen(m);
499 if (r < 0)
500 return r;
501
502 r = manager_rtnl_listen(m);
503 if (r < 0)
504 return r;
505
506 r = manager_connect_bus(m);
507 if (r < 0)
508 return r;
509
091a364c
TG
510 *ret = m;
511 m = NULL;
512
513 return 0;
514}
515
edc501d4
LP
516int manager_start(Manager *m) {
517 int r;
518
519 assert(m);
520
521 r = manager_llmnr_start(m);
522 if (r < 0)
523 return r;
524
525 return 0;
526}
527
74b2466e
LP
528Manager *manager_free(Manager *m) {
529 Link *l;
091a364c
TG
530
531 if (!m)
74b2466e
LP
532 return NULL;
533
74b2466e
LP
534 while ((l = hashmap_first(m->links)))
535 link_free(l);
f0e15467
LP
536
537 while (m->dns_queries)
538 dns_query_free(m->dns_queries);
74b2466e
LP
539
540 dns_scope_free(m->unicast_scope);
541
3e684349
LP
542 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
543 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
091a364c 544
f0e15467
LP
545 hashmap_free(m->links);
546 hashmap_free(m->dns_transactions);
547
096b6773
LP
548 sd_event_source_unref(m->network_event_source);
549 sd_network_monitor_unref(m->network_monitor);
091a364c 550
74b2466e
LP
551 sd_event_source_unref(m->dns_ipv4_event_source);
552 sd_event_source_unref(m->dns_ipv6_event_source);
74b2466e
LP
553 safe_close(m->dns_ipv4_fd);
554 safe_close(m->dns_ipv6_fd);
555
edc501d4 556 manager_llmnr_stop(m);
623a4c97 557
902bb5d8 558 sd_bus_slot_unref(m->prepare_for_sleep_slot);
74b2466e
LP
559 sd_event_source_unref(m->bus_retry_event_source);
560 sd_bus_unref(m->bus);
091a364c 561
74b2466e 562 sd_event_unref(m->event);
623a4c97
LP
563
564 dns_resource_key_unref(m->host_ipv4_key);
565 dns_resource_key_unref(m->host_ipv6_key);
eb60f9cd
LP
566
567 safe_close(m->hostname_fd);
568 sd_event_source_unref(m->hostname_event_source);
623a4c97 569 free(m->hostname);
eb60f9cd 570
091a364c 571 free(m);
74b2466e
LP
572
573 return NULL;
091a364c
TG
574}
575
5cb36f41
LP
576int manager_read_resolv_conf(Manager *m) {
577 _cleanup_fclose_ FILE *f = NULL;
578 struct stat st, own;
579 char line[LINE_MAX];
580 DnsServer *s, *nx;
581 usec_t t;
582 int r;
583
584 assert(m);
585
586 /* Reads the system /etc/resolv.conf, if it exists and is not
587 * symlinked to our own resolv.conf instance */
588
589 if (!m->read_resolv_conf)
590 return 0;
591
592 r = stat("/etc/resolv.conf", &st);
593 if (r < 0) {
594 if (errno != ENOENT)
595 log_warning("Failed to open /etc/resolv.conf: %m");
596 r = -errno;
597 goto clear;
598 }
599
600 /* Have we already seen the file? */
601 t = timespec_load(&st.st_mtim);
602 if (t == m->resolv_conf_mtime)
603 return 0;
604
605 m->resolv_conf_mtime = t;
606
607 /* Is it symlinked to our own file? */
608 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
609 st.st_dev == own.st_dev &&
610 st.st_ino == own.st_ino) {
611 r = 0;
612 goto clear;
613 }
614
615 f = fopen("/etc/resolv.conf", "re");
616 if (!f) {
617 if (errno != ENOENT)
618 log_warning("Failed to open /etc/resolv.conf: %m");
619 r = -errno;
620 goto clear;
621 }
622
623 if (fstat(fileno(f), &st) < 0) {
624 log_error("Failed to stat open file: %m");
625 r = -errno;
626 goto clear;
627 }
628
629 LIST_FOREACH(servers, s, m->dns_servers)
630 s->marked = true;
631
632 FOREACH_LINE(line, f, r = -errno; goto clear) {
633 union in_addr_union address;
634 int family;
635 char *l;
636 const char *a;
637
638 truncate_nl(line);
639
640 l = strstrip(line);
641 if (*l == '#' || *l == ';')
642 continue;
643
644 a = first_word(l, "nameserver");
645 if (!a)
646 continue;
647
648 r = in_addr_from_string_auto(a, &family, &address);
649 if (r < 0) {
650 log_warning("Failed to parse name server %s.", a);
651 continue;
652 }
653
654 LIST_FOREACH(servers, s, m->dns_servers)
655 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
656 break;
657
658 if (s)
659 s->marked = false;
660 else {
661 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
662 if (r < 0)
663 goto clear;
664 }
665 }
666
667 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
668 if (s->marked)
669 dns_server_free(s);
670
671 return 0;
672
673clear:
674 while (m->dns_servers)
675 dns_server_free(m->dns_servers);
676
677 return r;
678}
679
74b2466e
LP
680static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
681 _cleanup_free_ char *t = NULL;
682 int r;
091a364c 683
74b2466e 684 assert(s);
091a364c 685 assert(f);
091a364c
TG
686 assert(count);
687
74b2466e 688 r = in_addr_to_string(s->family, &s->address, &t);
4e945a6f
LP
689 if (r < 0) {
690 log_warning("Invalid DNS address. Ignoring: %s", strerror(-r));
091a364c
TG
691 return;
692 }
693
694 if (*count == MAXNS)
87f5a193 695 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
091a364c 696
74b2466e 697 fprintf(f, "nameserver %s\n", t);
091a364c
TG
698 (*count) ++;
699}
700
74b2466e 701int manager_write_resolv_conf(Manager *m) {
4e945a6f 702 static const char path[] = "/run/systemd/resolve/resolv.conf";
091a364c
TG
703 _cleanup_free_ char *temp_path = NULL;
704 _cleanup_fclose_ FILE *f = NULL;
87f5a193 705 _cleanup_set_free_ Set *dns = NULL;
091a364c 706 unsigned count = 0;
74b2466e
LP
707 DnsServer *s;
708 Iterator i;
709 Link *l;
710 int r;
091a364c
TG
711
712 assert(m);
713
5cb36f41
LP
714 /* Read the system /etc/resolv.conf first */
715 manager_read_resolv_conf(m);
716
87f5a193
LP
717 /* Add the full list to a set, to filter out duplicates */
718 dns = set_new(dns_server_hash_func, dns_server_compare_func);
719 if (!dns)
720 return -ENOMEM;
721
722 /* First add the system-wide servers */
723 LIST_FOREACH(servers, s, m->dns_servers) {
724 r = set_put(dns, s);
725 if (r == -EEXIST)
726 continue;
727 if (r < 0)
728 return r;
729 }
730
731 /* Then, add the per-link servers */
732 HASHMAP_FOREACH(l, m->links, i)
733 LIST_FOREACH(servers, s, l->dns_servers) {
734 r = set_put(dns, s);
735 if (r == -EEXIST)
736 continue;
737 if (r < 0)
738 return r;
739 }
740
741 /* If we found nothing, add the fallback servers */
742 if (set_isempty(dns)) {
743 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
744 r = set_put(dns, s);
745 if (r == -EEXIST)
746 continue;
747 if (r < 0)
748 return r;
749 }
750 }
751
b686acb2 752 r = fopen_temporary(path, &f, &temp_path);
091a364c
TG
753 if (r < 0)
754 return r;
755
756 fchmod(fileno(f), 0644);
757
758 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
759 "# Third party programs must not access this file directly, but\n"
760 "# only through the symlink at /etc/resolv.conf. To manage\n"
761 "# resolv.conf(5) in a different way, replace the symlink by a\n"
762 "# static file or a different symlink.\n\n", f);
763
87f5a193
LP
764 if (set_isempty(dns))
765 fputs("# No DNS servers known.\n", f);
766 else {
767 SET_FOREACH(s, dns, i)
4e945a6f
LP
768 write_resolve_conf_server(s, f, &count);
769 }
091a364c 770
74b2466e
LP
771 r = fflush_and_check(f);
772 if (r < 0)
773 goto fail;
774
775 if (rename(temp_path, path) < 0) {
776 r = -errno;
777 goto fail;
778 }
091a364c 779
74b2466e 780 return 0;
091a364c 781
74b2466e
LP
782fail:
783 unlink(path);
784 unlink(temp_path);
785 return r;
786}
091a364c 787
1716f6dc 788int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
74b2466e 789 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1716f6dc
LP
790 union {
791 struct cmsghdr header; /* For alignment */
792 uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
793 + CMSG_SPACE(int) /* ttl/hoplimit */
623a4c97 794 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
1716f6dc
LP
795 } control;
796 union sockaddr_union sa;
74b2466e 797 struct msghdr mh = {};
1716f6dc 798 struct cmsghdr *cmsg;
74b2466e 799 struct iovec iov;
1716f6dc 800 int ms = 0, r;
74b2466e
LP
801 ssize_t l;
802
803 assert(m);
1716f6dc 804 assert(fd >= 0);
74b2466e
LP
805 assert(ret);
806
74b2466e
LP
807 r = ioctl(fd, FIONREAD, &ms);
808 if (r < 0)
809 return -errno;
810 if (ms < 0)
811 return -EIO;
812
1716f6dc 813 r = dns_packet_new(&p, protocol, ms);
74b2466e
LP
814 if (r < 0)
815 return r;
816
817 iov.iov_base = DNS_PACKET_DATA(p);
818 iov.iov_len = p->allocated;
819
1716f6dc
LP
820 mh.msg_name = &sa.sa;
821 mh.msg_namelen = sizeof(sa);
74b2466e
LP
822 mh.msg_iov = &iov;
823 mh.msg_iovlen = 1;
1716f6dc
LP
824 mh.msg_control = &control;
825 mh.msg_controllen = sizeof(control);
74b2466e
LP
826
827 l = recvmsg(fd, &mh, 0);
828 if (l < 0) {
ad867662 829 if (errno == EAGAIN || errno == EINTR)
74b2466e
LP
830 return 0;
831
832 return -errno;
091a364c
TG
833 }
834
74b2466e
LP
835 if (l <= 0)
836 return -EIO;
091a364c 837
1716f6dc
LP
838 assert(!(mh.msg_flags & MSG_CTRUNC));
839 assert(!(mh.msg_flags & MSG_TRUNC));
840
74b2466e 841 p->size = (size_t) l;
091a364c 842
1716f6dc 843 p->family = sa.sa.sa_family;
623a4c97
LP
844 p->ipproto = IPPROTO_UDP;
845 if (p->family == AF_INET) {
1716f6dc 846 p->sender.in = sa.in.sin_addr;
623a4c97
LP
847 p->sender_port = be16toh(sa.in.sin_port);
848 } else if (p->family == AF_INET6) {
1716f6dc 849 p->sender.in6 = sa.in6.sin6_addr;
623a4c97
LP
850 p->sender_port = be16toh(sa.in6.sin6_port);
851 p->ifindex = sa.in6.sin6_scope_id;
852 } else
1716f6dc 853 return -EAFNOSUPPORT;
74b2466e 854
1716f6dc 855 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
74b2466e 856
1716f6dc
LP
857 if (cmsg->cmsg_level == IPPROTO_IPV6) {
858 assert(p->family == AF_INET6);
74b2466e 859
1716f6dc 860 switch (cmsg->cmsg_type) {
74b2466e 861
1716f6dc
LP
862 case IPV6_PKTINFO: {
863 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
74b2466e 864
623a4c97
LP
865 if (p->ifindex <= 0)
866 p->ifindex = i->ipi6_ifindex;
867
1716f6dc
LP
868 p->destination.in6 = i->ipi6_addr;
869 break;
870 }
74b2466e 871
1716f6dc
LP
872 case IPV6_HOPLIMIT:
873 p->ttl = *(int *) CMSG_DATA(cmsg);
874 break;
74b2466e 875
1716f6dc
LP
876 }
877 } else if (cmsg->cmsg_level == IPPROTO_IP) {
878 assert(p->family == AF_INET);
74b2466e 879
1716f6dc 880 switch (cmsg->cmsg_type) {
74b2466e 881
1716f6dc
LP
882 case IP_PKTINFO: {
883 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
091a364c 884
623a4c97
LP
885 if (p->ifindex <= 0)
886 p->ifindex = i->ipi_ifindex;
887
1716f6dc
LP
888 p->destination.in = i->ipi_addr;
889 break;
890 }
74b2466e 891
623a4c97 892 case IP_TTL:
1716f6dc
LP
893 p->ttl = *(int *) CMSG_DATA(cmsg);
894 break;
895 }
896 }
897 }
74b2466e 898
623a4c97
LP
899 /* The Linux kernel sets the interface index to the loopback
900 * device if the packet came from the local host since it
901 * avoids the routing table in such a case. Let's unset the
902 * interface index in such a case. */
903 if (p->ifindex > 0 && manager_ifindex_is_loopback(m, p->ifindex) != 0)
904 p->ifindex = 0;
905
906 /* If we don't know the interface index still, we look for the
907 * first local interface with a matching address. Yuck! */
908 if (p->ifindex <= 0)
909 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
910
74b2466e
LP
911 *ret = p;
912 p = NULL;
913
914 return 1;
915}
916
1716f6dc 917static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
74b2466e 918 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 919 DnsTransaction *t = NULL;
74b2466e
LP
920 Manager *m = userdata;
921 int r;
922
1716f6dc 923 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
74b2466e
LP
924 if (r <= 0)
925 return r;
926
623a4c97 927 if (dns_packet_validate_reply(p) > 0) {
ec2c5e43 928 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1716f6dc
LP
929 if (!t)
930 return 0;
74b2466e 931
ec2c5e43 932 dns_transaction_process_reply(t, p);
623a4c97 933
1716f6dc 934 } else
623a4c97 935 log_debug("Invalid DNS packet.");
74b2466e 936
ad867662 937 return 0;
74b2466e
LP
938}
939
940int manager_dns_ipv4_fd(Manager *m) {
1716f6dc 941 const int one = 1;
74b2466e
LP
942 int r;
943
091a364c
TG
944 assert(m);
945
74b2466e
LP
946 if (m->dns_ipv4_fd >= 0)
947 return m->dns_ipv4_fd;
091a364c 948
74b2466e
LP
949 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
950 if (m->dns_ipv4_fd < 0)
951 return -errno;
091a364c 952
1716f6dc
LP
953 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
954 if (r < 0) {
955 r = -errno;
956 goto fail;
957 }
958
959 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
74b2466e 960 if (r < 0)
1716f6dc 961 goto fail;
74b2466e
LP
962
963 return m->dns_ipv4_fd;
1716f6dc
LP
964
965fail:
966 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
967 return r;
091a364c
TG
968}
969
74b2466e 970int manager_dns_ipv6_fd(Manager *m) {
1716f6dc 971 const int one = 1;
74b2466e
LP
972 int r;
973
974 assert(m);
091a364c 975
74b2466e
LP
976 if (m->dns_ipv6_fd >= 0)
977 return m->dns_ipv6_fd;
978
979 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
980 if (m->dns_ipv6_fd < 0)
981 return -errno;
982
1716f6dc
LP
983 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
984 if (r < 0) {
985 r = -errno;
986 goto fail;
987 }
988
989 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
091a364c 990 if (r < 0)
1716f6dc 991 goto fail;
091a364c 992
74b2466e 993 return m->dns_ipv6_fd;
1716f6dc
LP
994
995fail:
996 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
997 return r;
74b2466e
LP
998}
999
1000static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1001 int r;
1002
1003 assert(fd >= 0);
1004 assert(mh);
1005
1006 for (;;) {
1007 if (sendmsg(fd, mh, flags) >= 0)
1008 return 0;
1009
1010 if (errno == EINTR)
1011 continue;
1012
1013 if (errno != EAGAIN)
1014 return -errno;
1015
1016 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1017 if (r < 0)
1018 return r;
1019 if (r == 0)
1020 return -ETIMEDOUT;
1021 }
1022}
1023
623a4c97 1024static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP
1025 union sockaddr_union sa = {
1026 .in.sin_family = AF_INET,
74b2466e 1027 };
1716f6dc
LP
1028 union {
1029 struct cmsghdr header; /* For alignment */
1030 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1031 } control;
74b2466e
LP
1032 struct msghdr mh = {};
1033 struct iovec iov;
74b2466e
LP
1034
1035 assert(m);
1716f6dc
LP
1036 assert(fd >= 0);
1037 assert(addr);
1038 assert(port > 0);
74b2466e
LP
1039 assert(p);
1040
74b2466e
LP
1041 iov.iov_base = DNS_PACKET_DATA(p);
1042 iov.iov_len = p->size;
091a364c 1043
1716f6dc
LP
1044 sa.in.sin_addr = *addr;
1045 sa.in.sin_port = htobe16(port),
091a364c 1046
74b2466e
LP
1047 mh.msg_iov = &iov;
1048 mh.msg_iovlen = 1;
1049 mh.msg_name = &sa.sa;
1050 mh.msg_namelen = sizeof(sa.in);
091a364c 1051
74b2466e
LP
1052 if (ifindex > 0) {
1053 struct cmsghdr *cmsg;
1054 struct in_pktinfo *pi;
1055
1056 zero(control);
1057
1716f6dc 1058 mh.msg_control = &control;
74b2466e
LP
1059 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1060
1061 cmsg = CMSG_FIRSTHDR(&mh);
1062 cmsg->cmsg_len = mh.msg_controllen;
1063 cmsg->cmsg_level = IPPROTO_IP;
1064 cmsg->cmsg_type = IP_PKTINFO;
1065
1066 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1067 pi->ipi_ifindex = ifindex;
1068 }
1069
1070 return sendmsg_loop(fd, &mh, 0);
1071}
1072
623a4c97 1073static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP
1074 union sockaddr_union sa = {
1075 .in6.sin6_family = AF_INET6,
74b2466e 1076 };
1716f6dc
LP
1077 union {
1078 struct cmsghdr header; /* For alignment */
1079 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1080 } control;
74b2466e
LP
1081 struct msghdr mh = {};
1082 struct iovec iov;
74b2466e
LP
1083
1084 assert(m);
1716f6dc
LP
1085 assert(fd >= 0);
1086 assert(addr);
1087 assert(port > 0);
74b2466e
LP
1088 assert(p);
1089
74b2466e
LP
1090 iov.iov_base = DNS_PACKET_DATA(p);
1091 iov.iov_len = p->size;
1092
1716f6dc
LP
1093 sa.in6.sin6_addr = *addr;
1094 sa.in6.sin6_port = htobe16(port),
74b2466e
LP
1095 sa.in6.sin6_scope_id = ifindex;
1096
1097 mh.msg_iov = &iov;
1098 mh.msg_iovlen = 1;
1099 mh.msg_name = &sa.sa;
1100 mh.msg_namelen = sizeof(sa.in6);
1101
1102 if (ifindex > 0) {
1103 struct cmsghdr *cmsg;
1104 struct in6_pktinfo *pi;
1105
1106 zero(control);
1107
1716f6dc 1108 mh.msg_control = &control;
74b2466e
LP
1109 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1110
1111 cmsg = CMSG_FIRSTHDR(&mh);
1112 cmsg->cmsg_len = mh.msg_controllen;
1113 cmsg->cmsg_level = IPPROTO_IPV6;
1114 cmsg->cmsg_type = IPV6_PKTINFO;
1115
1116 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1117 pi->ipi6_ifindex = ifindex;
1118 }
1119
1120 return sendmsg_loop(fd, &mh, 0);
1121}
1122
623a4c97 1123int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1716f6dc
LP
1124 assert(m);
1125 assert(fd >= 0);
1126 assert(addr);
1127 assert(port > 0);
1128 assert(p);
1129
a2a416f7
LP
1130 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1131
1716f6dc
LP
1132 if (family == AF_INET)
1133 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1134 else if (family == AF_INET6)
1135 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1136
1137 return -EAFNOSUPPORT;
1138}
1139
2c27fbca 1140DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
74b2466e
LP
1141 DnsServer *s;
1142
1143 assert(m);
1144 assert(in_addr);
1145
4e945a6f 1146 LIST_FOREACH(servers, s, m->dns_servers)
5cb36f41 1147 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1148 return s;
74b2466e 1149
4e945a6f 1150 LIST_FOREACH(servers, s, m->fallback_dns_servers)
5cb36f41 1151 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1152 return s;
74b2466e 1153
2c27fbca 1154 return NULL;
4e945a6f
LP
1155}
1156
2c27fbca 1157DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
4e945a6f
LP
1158 assert(m);
1159
1160 if (m->current_dns_server == s)
1161 return s;
1162
1163 if (s) {
1164 _cleanup_free_ char *ip = NULL;
1165
1166 in_addr_to_string(s->family, &s->address, &ip);
1167 log_info("Switching to system DNS server %s.", strna(ip));
2c27fbca 1168 }
4e945a6f
LP
1169
1170 m->current_dns_server = s;
2c27fbca
LP
1171
1172 if (m->unicast_scope)
1173 dns_cache_flush(&m->unicast_scope->cache);
1174
4e945a6f 1175 return s;
74b2466e
LP
1176}
1177
1178DnsServer *manager_get_dns_server(Manager *m) {
4e945a6f 1179 Link *l;
74b2466e
LP
1180 assert(m);
1181
5cb36f41
LP
1182 /* Try to read updates resolv.conf */
1183 manager_read_resolv_conf(m);
1184
74b2466e 1185 if (!m->current_dns_server)
4e945a6f
LP
1186 manager_set_dns_server(m, m->dns_servers);
1187
1188 if (!m->current_dns_server) {
1189 bool found = false;
1190 Iterator i;
1191
1192 /* No DNS servers configured, let's see if there are
1193 * any on any links. If not, we use the fallback
1194 * servers */
1195
1196 HASHMAP_FOREACH(l, m->links, i)
1197 if (l->dns_servers) {
1198 found = true;
1199 break;
1200 }
1201
1202 if (!found)
1203 manager_set_dns_server(m, m->fallback_dns_servers);
1204 }
74b2466e
LP
1205
1206 return m->current_dns_server;
1207}
1208
1209void manager_next_dns_server(Manager *m) {
1210 assert(m);
1211
4e945a6f
LP
1212 /* If there's currently no DNS server set, then the next
1213 * manager_get_dns_server() will find one */
74b2466e
LP
1214 if (!m->current_dns_server)
1215 return;
1216
4e945a6f 1217 /* Change to the next one */
74b2466e 1218 if (m->current_dns_server->servers_next) {
4e945a6f 1219 manager_set_dns_server(m, m->current_dns_server->servers_next);
74b2466e
LP
1220 return;
1221 }
1222
4e945a6f
LP
1223 /* If there was no next one, then start from the beginning of
1224 * the list */
1225 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1226 manager_set_dns_server(m, m->fallback_dns_servers);
1227 else
1228 manager_set_dns_server(m, m->dns_servers);
091a364c 1229}
e1c95994
LP
1230
1231uint32_t manager_find_mtu(Manager *m) {
1232 uint32_t mtu = 0;
1233 Link *l;
1234 Iterator i;
1235
1236 /* If we don't know on which link a DNS packet would be
1237 * delivered, let's find the largest MTU that works on all
1238 * interfaces we know of */
1239
1240 HASHMAP_FOREACH(l, m->links, i) {
1241 if (l->mtu <= 0)
1242 continue;
1243
1244 if (mtu <= 0 || l->mtu < mtu)
1245 mtu = l->mtu;
1246 }
1247
1248 return mtu;
1249}
1716f6dc
LP
1250
1251static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1252 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 1253 DnsTransaction *t = NULL;
1716f6dc 1254 Manager *m = userdata;
a4076574 1255 DnsScope *scope;
1716f6dc
LP
1256 int r;
1257
1258 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1259 if (r <= 0)
1260 return r;
1261
a4076574
LP
1262 scope = manager_find_scope(m, p);
1263 if (!scope) {
1264 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1265 return 0;
1266 }
1267
623a4c97 1268 if (dns_packet_validate_reply(p) > 0) {
a2a416f7
LP
1269 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1270
a4076574 1271 dns_scope_check_conflicts(scope, p);
623a4c97 1272
a4076574
LP
1273 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1274 if (t)
1275 dns_transaction_process_reply(t, p);
623a4c97 1276
a4076574
LP
1277 } else if (dns_packet_validate_query(p) > 0) {
1278 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
623a4c97 1279
a4076574 1280 dns_scope_process_query(scope, NULL, p);
623a4c97 1281 } else
a4076574 1282 log_debug("Invalid LLMNR UDP packet.");
1716f6dc
LP
1283
1284 return 0;
1285}
1286
1287int manager_llmnr_ipv4_udp_fd(Manager *m) {
1288 union sockaddr_union sa = {
1289 .in.sin_family = AF_INET,
1290 .in.sin_port = htobe16(5355),
1291 };
bf3f1271 1292 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1716f6dc
LP
1293 int r;
1294
1295 assert(m);
1296
1297 if (m->llmnr_ipv4_udp_fd >= 0)
1298 return m->llmnr_ipv4_udp_fd;
1299
1300 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1301 if (m->llmnr_ipv4_udp_fd < 0)
1302 return -errno;
1303
bf3f1271
LP
1304 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1305 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1716f6dc
LP
1306 if (r < 0) {
1307 r = -errno;
1308 goto fail;
1309 }
1310
bf3f1271 1311 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1716f6dc
LP
1312 if (r < 0) {
1313 r = -errno;
1314 goto fail;
1315 }
1316
1317 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1318 if (r < 0) {
1319 r = -errno;
1320 goto fail;
1321 }
1322
1323 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1324 if (r < 0) {
1325 r = -errno;
1326 goto fail;
1327 }
1328
1329 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1330 if (r < 0) {
1331 r = -errno;
1332 goto fail;
1333 }
1334
1335 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1336 if (r < 0) {
1337 r = -errno;
1338 goto fail;
1339 }
1340
1341 /* Disable Don't-Fragment bit in the IP header */
1342 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1343 if (r < 0) {
1344 r = -errno;
1345 goto fail;
1346 }
1347
1348 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1349 if (r < 0) {
1350 r = -errno;
1351 goto fail;
1352 }
1353
1354 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1355 if (r < 0)
1356 goto fail;
1357
1358 return m->llmnr_ipv4_udp_fd;
1359
1360fail:
1361 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1362 return r;
1363}
1364
1365int manager_llmnr_ipv6_udp_fd(Manager *m) {
1366 union sockaddr_union sa = {
1367 .in6.sin6_family = AF_INET6,
1368 .in6.sin6_port = htobe16(5355),
1369 };
bf3f1271 1370 static const int one = 1, ttl = 255;
1716f6dc
LP
1371 int r;
1372
1373 assert(m);
1374
1375 if (m->llmnr_ipv6_udp_fd >= 0)
1376 return m->llmnr_ipv6_udp_fd;
1377
1378 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1379 if (m->llmnr_ipv6_udp_fd < 0)
1380 return -errno;
1381
bf3f1271 1382 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP
1383 if (r < 0) {
1384 r = -errno;
1385 goto fail;
1386 }
1387
bf3f1271
LP
1388 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1389 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP
1390 if (r < 0) {
1391 r = -errno;
1392 goto fail;
1393 }
1394
1395 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1396 if (r < 0) {
1397 r = -errno;
1398 goto fail;
1399 }
1400
1401 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1402 if (r < 0) {
1403 r = -errno;
1404 goto fail;
1405 }
1406
1407 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1408 if (r < 0) {
1409 r = -errno;
1410 goto fail;
1411 }
1412
1413 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1414 if (r < 0) {
1415 r = -errno;
1416 goto fail;
1417 }
1418
1419 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1420 if (r < 0) {
1421 r = -errno;
1422 goto fail;
1423 }
1424
1425 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1426 if (r < 0) {
1427 r = -errno;
1428 goto fail;
1429 }
1430
1431 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1432 if (r < 0) {
1433 r = -errno;
1434 goto fail;
1435 }
1436
1437 return m->llmnr_ipv6_udp_fd;
1438
1439fail:
1440 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1441 return r;
1442}
623a4c97
LP
1443
1444static int on_llmnr_stream_packet(DnsStream *s) {
a4076574 1445 DnsScope *scope;
623a4c97 1446
a4076574 1447 assert(s);
623a4c97 1448
a4076574
LP
1449 scope = manager_find_scope(s->manager, s->read_packet);
1450 if (!scope) {
1451 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1452 return 0;
1453 }
623a4c97 1454
a4076574
LP
1455 if (dns_packet_validate_query(s->read_packet) > 0) {
1456 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
623a4c97 1457
a4076574 1458 dns_scope_process_query(scope, s, s->read_packet);
623a4c97 1459
a4076574
LP
1460 /* If no reply packet was set, we free the stream */
1461 if (s->write_packet)
1462 return 0;
1463 } else
1464 log_debug("Invalid LLMNR TCP packet.");
623a4c97
LP
1465
1466 dns_stream_free(s);
1467 return 0;
1468}
1469
1470static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1471 DnsStream *stream;
1472 Manager *m = userdata;
1473 int cfd, r;
1474
1475 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1476 if (cfd < 0) {
1477 if (errno == EAGAIN || errno == EINTR)
1478 return 0;
1479
1480 return -errno;
1481 }
1482
1483 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1484 if (r < 0) {
1485 safe_close(cfd);
1486 return r;
1487 }
1488
1489 stream->on_packet = on_llmnr_stream_packet;
1490 return 0;
1491}
1492
1493int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1494 union sockaddr_union sa = {
1495 .in.sin_family = AF_INET,
1496 .in.sin_port = htobe16(5355),
1497 };
1498 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1499 int r;
1500
1501 assert(m);
1502
1503 if (m->llmnr_ipv4_tcp_fd >= 0)
1504 return m->llmnr_ipv4_tcp_fd;
1505
1506 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1507 if (m->llmnr_ipv4_tcp_fd < 0)
1508 return -errno;
1509
bf3f1271 1510 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP
1511 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1512 if (r < 0) {
1513 r = -errno;
1514 goto fail;
1515 }
1516
1517 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1518 if (r < 0) {
1519 r = -errno;
1520 goto fail;
1521 }
1522
1523 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1524 if (r < 0) {
1525 r = -errno;
1526 goto fail;
1527 }
1528
1529 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1530 if (r < 0) {
1531 r = -errno;
1532 goto fail;
1533 }
1534
1535 /* Disable Don't-Fragment bit in the IP header */
1536 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1537 if (r < 0) {
1538 r = -errno;
1539 goto fail;
1540 }
1541
1542 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1543 if (r < 0) {
1544 r = -errno;
1545 goto fail;
1546 }
1547
1548 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1549 if (r < 0) {
1550 r = -errno;
1551 goto fail;
1552 }
1553
1554 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1555 if (r < 0)
1556 goto fail;
1557
1558 return m->llmnr_ipv4_tcp_fd;
1559
1560fail:
1561 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1562 return r;
1563}
1564
1565int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1566 union sockaddr_union sa = {
1567 .in6.sin6_family = AF_INET6,
1568 .in6.sin6_port = htobe16(5355),
1569 };
1570 static const int one = 1;
1571 int r;
1572
1573 assert(m);
1574
1575 if (m->llmnr_ipv6_tcp_fd >= 0)
1576 return m->llmnr_ipv6_tcp_fd;
1577
1578 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1579 if (m->llmnr_ipv6_tcp_fd < 0)
1580 return -errno;
1581
bf3f1271 1582 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP
1583 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1584 if (r < 0) {
1585 r = -errno;
1586 goto fail;
1587 }
1588
1589 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1590 if (r < 0) {
1591 r = -errno;
1592 goto fail;
1593 }
1594
1595 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1596 if (r < 0) {
1597 r = -errno;
1598 goto fail;
1599 }
1600
1601 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1602 if (r < 0) {
1603 r = -errno;
1604 goto fail;
1605 }
1606
1607 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1608 if (r < 0) {
1609 r = -errno;
1610 goto fail;
1611 }
1612
1613 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1614 if (r < 0) {
1615 r = -errno;
1616 goto fail;
1617 }
1618
1619 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1620 if (r < 0) {
1621 r = -errno;
1622 goto fail;
1623 }
1624
1625 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1626 if (r < 0) {
1627 r = -errno;
1628 goto fail;
1629 }
1630
1631 return m->llmnr_ipv6_tcp_fd;
1632
1633fail:
1634 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1635 return r;
1636}
1637
1638int manager_ifindex_is_loopback(Manager *m, int ifindex) {
1639 Link *l;
1640 assert(m);
1641
1642 if (ifindex <= 0)
1643 return -EINVAL;
1644
1645 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
1646 if (l->flags & IFF_LOOPBACK)
1647 return 1;
1648
1649 return 0;
1650}
1651
1652int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP
1653 LinkAddress *a;
1654
1655 assert(m);
1656
4e945a6f 1657 a = manager_find_link_address(m, family, in_addr);
ec2c5e43
LP
1658 if (a)
1659 return a->link->ifindex;
1660
1661 return 0;
1662}
1663
eb60f9cd
LP
1664void manager_refresh_rrs(Manager *m) {
1665 Iterator i;
1666 Link *l;
1667
1668 assert(m);
1669
1670 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1671 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1672
1673 HASHMAP_FOREACH(l, m->links, i) {
1674 link_add_rrs(l, true);
1675 link_add_rrs(l, false);
1676 }
1677}
1678
ec2c5e43
LP
1679int manager_next_hostname(Manager *m) {
1680 const char *p;
556a2294 1681 uint64_t u, a;
ec2c5e43 1682 char *h;
623a4c97
LP
1683
1684 assert(m);
1685
ec2c5e43
LP
1686 p = strchr(m->hostname, 0);
1687 assert(p);
1688
1689 while (p > m->hostname) {
1690 if (!strchr("0123456789", p[-1]))
1691 break;
1692
1693 p--;
1694 }
1695
1696 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1697 u = 1;
1698
556a2294
LP
1699 /* Add a random number to the old value. This way we can avoid
1700 * that two hosts pick the same hostname, win on IPv4 and lose
1701 * on IPv6 (or vice versa), and pick the same hostname
1702 * replacement hostname, ad infinitum. We still want the
1703 * numbers to go up monotonically, hence we just add a random
1704 * value 1..10 */
1705
1706 random_bytes(&a, sizeof(a));
1707 u += 1 + a % 10;
ec2c5e43
LP
1708
1709 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1710 return -ENOMEM;
1711
eb60f9cd 1712 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
ec2c5e43
LP
1713
1714 free(m->hostname);
1715 m->hostname = h;
1716
eb60f9cd 1717 manager_refresh_rrs(m);
623a4c97
LP
1718
1719 return 0;
1720}
ec2c5e43 1721
4e945a6f 1722LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP
1723 Iterator i;
1724 Link *l;
1725
1726 assert(m);
1727
1728 HASHMAP_FOREACH(l, m->links, i) {
1729 LinkAddress *a;
1730
1731 a = link_find_address(l, family, in_addr);
1732 if (a)
1733 return a;
1734 }
1735
1736 return NULL;
1737}
1738
a4076574 1739bool manager_our_packet(Manager *m, DnsPacket *p) {
ec2c5e43
LP
1740 assert(m);
1741 assert(p);
1742
4e945a6f 1743 return !!manager_find_link_address(m, p->family, &p->sender);
ec2c5e43 1744}
4e945a6f 1745
a4076574
LP
1746DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1747 Link *l;
1748
1749 assert(m);
1750 assert(p);
1751
1752 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1753 if (!l)
1754 return NULL;
1755
1756 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1757 if (p->family == AF_INET)
1758 return l->llmnr_ipv4_scope;
1759 else if (p->family == AF_INET6)
1760 return l->llmnr_ipv6_scope;
1761 }
1762
1763 return NULL;
1764}
1765
902bb5d8
LP
1766void manager_verify_all(Manager *m) {
1767 DnsScope *s;
1768
1769 assert(m);
1770
1771 LIST_FOREACH(scopes, s, m->dns_scopes)
1772 dns_zone_verify_all(&s->zone);
1773}
1774
3e684349
LP
1775void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1776 assert(m);
1777
1778 if (t == DNS_SERVER_SYSTEM)
1779 while (m->dns_servers)
1780 dns_server_free(m->dns_servers);
1781
1782 if (t == DNS_SERVER_FALLBACK)
1783 while (m->fallback_dns_servers)
1784 dns_server_free(m->fallback_dns_servers);
1785}
1786
4e945a6f
LP
1787static const char* const support_table[_SUPPORT_MAX] = {
1788 [SUPPORT_NO] = "no",
1789 [SUPPORT_YES] = "yes",
1790 [SUPPORT_RESOLVE] = "resolve",
1791};
1792DEFINE_STRING_TABLE_LOOKUP(support, Support);