tmpfiles: use casts instead of warning suppression
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
CommitLineData
091a364c
TG
1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22#include <arpa/inet.h>
23#include <resolv.h>
1716f6dc 24#include <net/if.h>
74b2466e
LP
25#include <sys/ioctl.h>
26#include <sys/poll.h>
27#include <netinet/in.h>
091a364c 28
74b2466e 29#include "rtnl-util.h"
091a364c
TG
30#include "event-util.h"
31#include "network-util.h"
091a364c
TG
32#include "network-internal.h"
33#include "conf-parser.h"
74b2466e 34#include "socket-util.h"
a2a416f7 35#include "af-list.h"
eb60f9cd 36#include "utf8.h"
a5a807e6 37#include "fileio-label.h"
4e945a6f 38
eb60f9cd 39#include "resolved-dns-domain.h"
39d8db04
LP
40#include "resolved-conf.h"
41#include "resolved-bus.h"
42#include "resolved-manager.h"
74b2466e
LP
43
44#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
45
46static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
47 Manager *m = userdata;
48 uint16_t type;
49 Link *l;
50 int ifindex, r;
51
52 assert(rtnl);
53 assert(m);
54 assert(mm);
55
56 r = sd_rtnl_message_get_type(mm, &type);
57 if (r < 0)
58 goto fail;
59
60 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
61 if (r < 0)
62 goto fail;
63
64 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
65
66 switch (type) {
67
a2a416f7
LP
68 case RTM_NEWLINK:{
69 bool is_new = !l;
74b2466e 70
a2a416f7 71 if (!l) {
74b2466e
LP
72 r = link_new(m, &l, ifindex);
73 if (r < 0)
74 goto fail;
75 }
76
77 r = link_update_rtnl(l, mm);
78 if (r < 0)
79 goto fail;
80
21d73c87
LP
81 r = link_update_monitor(l);
82 if (r < 0)
83 goto fail;
84
a2a416f7
LP
85 if (is_new)
86 log_debug("Found new link %i/%s", ifindex, l->name);
87
74b2466e 88 break;
a2a416f7 89 }
74b2466e
LP
90
91 case RTM_DELLINK:
92 if (l) {
a2a416f7 93 log_debug("Removing link %i/%s", l->ifindex, l->name);
74b2466e
LP
94 link_free(l);
95 }
96
97 break;
98 }
99
100 return 0;
101
102fail:
da927ba9 103 log_warning_errno(r, "Failed to process RTNL link message: %m");
74b2466e
LP
104 return 0;
105}
106
107static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
108 Manager *m = userdata;
109 union in_addr_union address;
74b2466e 110 uint16_t type;
0dd25fb9 111 int r, ifindex, family;
74b2466e
LP
112 LinkAddress *a;
113 Link *l;
114
115 assert(rtnl);
116 assert(mm);
117 assert(m);
118
119 r = sd_rtnl_message_get_type(mm, &type);
120 if (r < 0)
121 goto fail;
122
123 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
124 if (r < 0)
125 goto fail;
126
127 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
128 if (!l)
129 return 0;
130
131 r = sd_rtnl_message_addr_get_family(mm, &family);
132 if (r < 0)
133 goto fail;
134
135 switch (family) {
136
137 case AF_INET:
138 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
139 if (r < 0) {
140 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
141 if (r < 0)
142 goto fail;
143 }
144
145 break;
146
147 case AF_INET6:
148 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
149 if (r < 0) {
150 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
151 if (r < 0)
152 goto fail;
153 }
154
155 break;
156
157 default:
158 return 0;
159 }
160
161 a = link_find_address(l, family, &address);
162
163 switch (type) {
164
165 case RTM_NEWADDR:
166
167 if (!a) {
168 r = link_address_new(l, &a, family, &address);
169 if (r < 0)
170 return r;
171 }
172
173 r = link_address_update_rtnl(a, mm);
174 if (r < 0)
175 return r;
176
177 break;
178
179 case RTM_DELADDR:
180 if (a)
181 link_address_free(a);
182 break;
183 }
184
185 return 0;
186
187fail:
da927ba9 188 log_warning_errno(r, "Failed to process RTNL address message: %m");
74b2466e
LP
189 return 0;
190}
191
74b2466e
LP
192static int manager_rtnl_listen(Manager *m) {
193 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
194 sd_rtnl_message *i;
195 int r;
196
197 assert(m);
198
199 /* First, subscibe to interfaces coming and going */
200 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
201 if (r < 0)
202 return r;
203
204 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
205 if (r < 0)
206 return r;
207
208 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
209 if (r < 0)
210 return r;
211
212 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
213 if (r < 0)
214 return r;
215
216 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
217 if (r < 0)
218 return r;
091a364c 219
74b2466e
LP
220 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
221 if (r < 0)
222 return r;
223
224 /* Then, enumerate all links */
225 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
226 if (r < 0)
227 return r;
228
229 r = sd_rtnl_message_request_dump(req, true);
230 if (r < 0)
231 return r;
232
233 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
234 if (r < 0)
235 return r;
236
237 for (i = reply; i; i = sd_rtnl_message_next(i)) {
238 r = manager_process_link(m->rtnl, i, m);
239 if (r < 0)
240 return r;
241 }
242
243 req = sd_rtnl_message_unref(req);
244 reply = sd_rtnl_message_unref(reply);
245
246 /* Finally, enumerate all addresses, too */
247 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
248 if (r < 0)
249 return r;
250
251 r = sd_rtnl_message_request_dump(req, true);
252 if (r < 0)
253 return r;
254
255 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
256 if (r < 0)
257 return r;
258
259 for (i = reply; i; i = sd_rtnl_message_next(i)) {
260 r = manager_process_address(m->rtnl, i, m);
261 if (r < 0)
262 return r;
263 }
264
265 return r;
266}
267
268static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
269 Manager *m = userdata;
270 Iterator i;
271 Link *l;
272 int r;
273
274 assert(m);
275
276 sd_network_monitor_flush(m->network_monitor);
277
278 HASHMAP_FOREACH(l, m->links, i) {
279 r = link_update_monitor(l);
280 if (r < 0)
da927ba9 281 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
74b2466e
LP
282 }
283
284 r = manager_write_resolv_conf(m);
285 if (r < 0)
da927ba9 286 log_warning_errno(r, "Could not update resolv.conf: %m");
74b2466e
LP
287
288 return 0;
289}
290
291static int manager_network_monitor_listen(Manager *m) {
292 int r, fd, events;
293
294 assert(m);
295
0014a4ad 296 r = sd_network_monitor_new(&m->network_monitor, NULL);
74b2466e
LP
297 if (r < 0)
298 return r;
299
300 fd = sd_network_monitor_get_fd(m->network_monitor);
301 if (fd < 0)
302 return fd;
303
304 events = sd_network_monitor_get_events(m->network_monitor);
305 if (events < 0)
306 return events;
307
308 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
309 if (r < 0)
310 return r;
311
312 return 0;
313}
314
eb60f9cd
LP
315static int determine_hostname(char **ret) {
316 _cleanup_free_ char *h = NULL, *n = NULL;
317 int r;
318
319 assert(ret);
320
321 h = gethostname_malloc();
322 if (!h)
323 return log_oom();
324
325 if (!utf8_is_valid(h)) {
326 log_error("System hostname is not UTF-8 clean.");
327 return -EINVAL;
328 }
329
330 r = dns_name_normalize(h, &n);
331 if (r < 0) {
332 log_error("System hostname '%s' cannot be normalized.", h);
333 return r;
334 }
335
336 *ret = n;
337 n = NULL;
338
339 return 0;
340}
341
342static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
343 _cleanup_free_ char *h = NULL;
344 Manager *m = userdata;
345 int r;
346
347 assert(m);
348
349 r = determine_hostname(&h);
350 if (r < 0)
351 return 0; /* ignore invalid hostnames */
352
353 if (streq(h, m->hostname))
354 return 0;
355
356 log_info("System hostname changed to '%s'.", h);
357 free(m->hostname);
358 m->hostname = h;
359 h = NULL;
360
361 manager_refresh_rrs(m);
362
363 return 0;
364}
365
366static int manager_watch_hostname(Manager *m) {
eb60f9cd
LP
367 int r;
368
369 assert(m);
370
371 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
372 if (m->hostname_fd < 0) {
56f64d95 373 log_warning_errno(errno, "Failed to watch hostname: %m");
eb60f9cd
LP
374 return 0;
375 }
376
377 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
378 if (r < 0) {
379 if (r == -EPERM)
380 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
381 m->hostname_fd = safe_close(m->hostname_fd);
8d3d7072
MS
382 else
383 return log_error_errno(r, "Failed to add hostname event source: %m");
eb60f9cd
LP
384 }
385
386 r = determine_hostname(&m->hostname);
387 if (r < 0) {
388 log_info("Defaulting to hostname 'linux'.");
389 m->hostname = strdup("linux");
390 if (!m->hostname)
391 return log_oom();
392 } else
393 log_info("Using system hostname '%s'.", m->hostname);
394
395 return 0;
396}
397
edc501d4
LP
398static void manager_llmnr_stop(Manager *m) {
399 assert(m);
400
401 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
402 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
403
404 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
405 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
406
407 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
408 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
409
410 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
411 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
412}
413
414static int manager_llmnr_start(Manager *m) {
415 int r;
416
417 assert(m);
418
419 if (m->llmnr_support == SUPPORT_NO)
420 return 0;
421
422 r = manager_llmnr_ipv4_udp_fd(m);
423 if (r == -EADDRINUSE)
424 goto eaddrinuse;
425 if (r < 0)
426 return r;
427
edc501d4
LP
428 r = manager_llmnr_ipv4_tcp_fd(m);
429 if (r == -EADDRINUSE)
430 goto eaddrinuse;
431 if (r < 0)
432 return r;
433
90ab5042
LP
434 if (socket_ipv6_is_supported()) {
435 r = manager_llmnr_ipv6_udp_fd(m);
436 if (r == -EADDRINUSE)
437 goto eaddrinuse;
438 if (r < 0)
439 return r;
440
441 r = manager_llmnr_ipv6_tcp_fd(m);
442 if (r == -EADDRINUSE)
443 goto eaddrinuse;
444 if (r < 0)
445 return r;
446 }
edc501d4
LP
447
448 return 0;
449
450eaddrinuse:
c4147df1 451 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
edc501d4
LP
452 m->llmnr_support = SUPPORT_NO;
453 manager_llmnr_stop(m);
90ab5042 454
edc501d4
LP
455 return 0;
456}
457
091a364c 458int manager_new(Manager **ret) {
74b2466e 459 _cleanup_(manager_freep) Manager *m = NULL;
091a364c
TG
460 int r;
461
c92e531c
LP
462 assert(ret);
463
091a364c
TG
464 m = new0(Manager, 1);
465 if (!m)
466 return -ENOMEM;
467
74b2466e 468 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
1716f6dc 469 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
623a4c97 470 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
eb60f9cd 471 m->hostname_fd = -1;
1716f6dc 472
4e945a6f 473 m->llmnr_support = SUPPORT_YES;
5cb36f41 474 m->read_resolv_conf = true;
091a364c 475
4e945a6f 476 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
091a364c
TG
477 if (r < 0)
478 return r;
479
480 r = sd_event_default(&m->event);
481 if (r < 0)
482 return r;
483
484 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
485 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
486
487 sd_event_set_watchdog(m->event, true);
488
eb60f9cd
LP
489 r = manager_watch_hostname(m);
490 if (r < 0)
491 return r;
492
1716f6dc 493 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
74b2466e
LP
494 if (r < 0)
495 return r;
496
497 r = manager_network_monitor_listen(m);
498 if (r < 0)
499 return r;
500
501 r = manager_rtnl_listen(m);
502 if (r < 0)
503 return r;
504
505 r = manager_connect_bus(m);
506 if (r < 0)
507 return r;
508
091a364c
TG
509 *ret = m;
510 m = NULL;
511
512 return 0;
513}
514
edc501d4
LP
515int manager_start(Manager *m) {
516 int r;
517
518 assert(m);
519
520 r = manager_llmnr_start(m);
521 if (r < 0)
522 return r;
523
524 return 0;
525}
526
74b2466e
LP
527Manager *manager_free(Manager *m) {
528 Link *l;
091a364c
TG
529
530 if (!m)
74b2466e
LP
531 return NULL;
532
74b2466e
LP
533 while ((l = hashmap_first(m->links)))
534 link_free(l);
f0e15467
LP
535
536 while (m->dns_queries)
537 dns_query_free(m->dns_queries);
74b2466e
LP
538
539 dns_scope_free(m->unicast_scope);
540
3e684349
LP
541 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
542 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
091a364c 543
f0e15467
LP
544 hashmap_free(m->links);
545 hashmap_free(m->dns_transactions);
546
096b6773
LP
547 sd_event_source_unref(m->network_event_source);
548 sd_network_monitor_unref(m->network_monitor);
091a364c 549
74b2466e
LP
550 sd_event_source_unref(m->dns_ipv4_event_source);
551 sd_event_source_unref(m->dns_ipv6_event_source);
74b2466e
LP
552 safe_close(m->dns_ipv4_fd);
553 safe_close(m->dns_ipv6_fd);
554
edc501d4 555 manager_llmnr_stop(m);
623a4c97 556
902bb5d8 557 sd_bus_slot_unref(m->prepare_for_sleep_slot);
74b2466e
LP
558 sd_event_source_unref(m->bus_retry_event_source);
559 sd_bus_unref(m->bus);
091a364c 560
74b2466e 561 sd_event_unref(m->event);
623a4c97
LP
562
563 dns_resource_key_unref(m->host_ipv4_key);
564 dns_resource_key_unref(m->host_ipv6_key);
eb60f9cd
LP
565
566 safe_close(m->hostname_fd);
567 sd_event_source_unref(m->hostname_event_source);
623a4c97 568 free(m->hostname);
eb60f9cd 569
091a364c 570 free(m);
74b2466e
LP
571
572 return NULL;
091a364c
TG
573}
574
5cb36f41
LP
575int manager_read_resolv_conf(Manager *m) {
576 _cleanup_fclose_ FILE *f = NULL;
577 struct stat st, own;
578 char line[LINE_MAX];
579 DnsServer *s, *nx;
580 usec_t t;
581 int r;
582
583 assert(m);
584
585 /* Reads the system /etc/resolv.conf, if it exists and is not
586 * symlinked to our own resolv.conf instance */
587
588 if (!m->read_resolv_conf)
589 return 0;
590
591 r = stat("/etc/resolv.conf", &st);
592 if (r < 0) {
593 if (errno != ENOENT)
56f64d95 594 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
5cb36f41
LP
595 r = -errno;
596 goto clear;
597 }
598
599 /* Have we already seen the file? */
600 t = timespec_load(&st.st_mtim);
601 if (t == m->resolv_conf_mtime)
602 return 0;
603
604 m->resolv_conf_mtime = t;
605
606 /* Is it symlinked to our own file? */
607 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
608 st.st_dev == own.st_dev &&
609 st.st_ino == own.st_ino) {
610 r = 0;
611 goto clear;
612 }
613
614 f = fopen("/etc/resolv.conf", "re");
615 if (!f) {
616 if (errno != ENOENT)
56f64d95 617 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
5cb36f41
LP
618 r = -errno;
619 goto clear;
620 }
621
622 if (fstat(fileno(f), &st) < 0) {
56f64d95 623 log_error_errno(errno, "Failed to stat open file: %m");
5cb36f41
LP
624 r = -errno;
625 goto clear;
626 }
627
628 LIST_FOREACH(servers, s, m->dns_servers)
629 s->marked = true;
630
631 FOREACH_LINE(line, f, r = -errno; goto clear) {
632 union in_addr_union address;
633 int family;
634 char *l;
635 const char *a;
636
637 truncate_nl(line);
638
639 l = strstrip(line);
640 if (*l == '#' || *l == ';')
641 continue;
642
643 a = first_word(l, "nameserver");
644 if (!a)
645 continue;
646
647 r = in_addr_from_string_auto(a, &family, &address);
648 if (r < 0) {
649 log_warning("Failed to parse name server %s.", a);
650 continue;
651 }
652
653 LIST_FOREACH(servers, s, m->dns_servers)
654 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
655 break;
656
657 if (s)
658 s->marked = false;
659 else {
660 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
661 if (r < 0)
662 goto clear;
663 }
664 }
665
666 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
667 if (s->marked)
668 dns_server_free(s);
669
36a03ca2
LP
670 /* Whenever /etc/resolv.conf changes, start using the first
671 * DNS server of it. This is useful to deal with broken
672 * network managing implementations (like NetworkManager),
673 * that when connecting to a VPN place both the VPN DNS
674 * servers and the local ones in /etc/resolv.conf. Without
675 * resetting the DNS server to use back to the first entry we
676 * will continue to use the local one thus being unable to
677 * resolve VPN domains. */
678 manager_set_dns_server(m, m->dns_servers);
679
5cb36f41
LP
680 return 0;
681
682clear:
683 while (m->dns_servers)
684 dns_server_free(m->dns_servers);
685
686 return r;
687}
688
bda2c408 689static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
74b2466e
LP
690 _cleanup_free_ char *t = NULL;
691 int r;
091a364c 692
74b2466e 693 assert(s);
091a364c 694 assert(f);
091a364c
TG
695 assert(count);
696
74b2466e 697 r = in_addr_to_string(s->family, &s->address, &t);
4e945a6f 698 if (r < 0) {
da927ba9 699 log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
091a364c
TG
700 return;
701 }
702
703 if (*count == MAXNS)
87f5a193 704 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
091a364c 705
74b2466e 706 fprintf(f, "nameserver %s\n", t);
091a364c
TG
707 (*count) ++;
708}
709
bda2c408 710static void write_resolv_conf_search(const char *domain, FILE *f,
a9feff3d 711 unsigned *count, unsigned *length) {
bda2c408
TG
712 assert(domain);
713 assert(f);
714 assert(length);
715
716 if (*count >= MAXDNSRCH ||
717 *length + strlen(domain) > 256) {
718 if (*count == MAXDNSRCH)
719 fputs(" # Too many search domains configured, remaining ones ignored.", f);
720 if (*length <= 256)
721 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
722
723 return;
724 }
725
726 fprintf(f, " %s", domain);
727
728 (*length) += strlen(domain);
729 (*count) ++;
730}
731
4713135e
ZJS
732static int write_resolv_conf_contents(FILE *f, Set *dns, Set *domains) {
733 Iterator i;
734
735 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
736 "# Third party programs must not access this file directly, but\n"
737 "# only through the symlink at /etc/resolv.conf. To manage\n"
738 "# resolv.conf(5) in a different way, replace the symlink by a\n"
739 "# static file or a different symlink.\n\n", f);
740
741 if (set_isempty(dns))
742 fputs("# No DNS servers known.\n", f);
743 else {
744 DnsServer *s;
745 unsigned count = 0;
746
747 SET_FOREACH(s, dns, i)
748 write_resolv_conf_server(s, f, &count);
749 }
750
751 if (!set_isempty(domains)) {
752 unsigned length = 0, count = 0;
753 char *domain;
754
755 fputs("search", f);
756 SET_FOREACH(domain, domains, i)
757 write_resolv_conf_search(domain, f, &count, &length);
758 fputs("\n", f);
759 }
760
761 return fflush_and_check(f);
762}
763
764
74b2466e 765int manager_write_resolv_conf(Manager *m) {
4e945a6f 766 static const char path[] = "/run/systemd/resolve/resolv.conf";
091a364c
TG
767 _cleanup_free_ char *temp_path = NULL;
768 _cleanup_fclose_ FILE *f = NULL;
bda2c408 769 _cleanup_set_free_ Set *dns = NULL, *domains = NULL;
74b2466e
LP
770 DnsServer *s;
771 Iterator i;
772 Link *l;
773 int r;
091a364c
TG
774
775 assert(m);
776
5cb36f41
LP
777 /* Read the system /etc/resolv.conf first */
778 manager_read_resolv_conf(m);
779
87f5a193 780 /* Add the full list to a set, to filter out duplicates */
d5099efc 781 dns = set_new(&dns_server_hash_ops);
87f5a193
LP
782 if (!dns)
783 return -ENOMEM;
784
d5099efc 785 domains = set_new(&dns_name_hash_ops);
bda2c408
TG
786 if (!domains)
787 return -ENOMEM;
788
87f5a193
LP
789 /* First add the system-wide servers */
790 LIST_FOREACH(servers, s, m->dns_servers) {
791 r = set_put(dns, s);
792 if (r == -EEXIST)
793 continue;
794 if (r < 0)
795 return r;
796 }
797
bda2c408
TG
798 /* Then, add the per-link servers and domains */
799 HASHMAP_FOREACH(l, m->links, i) {
800 char **domain;
801
87f5a193
LP
802 LIST_FOREACH(servers, s, l->dns_servers) {
803 r = set_put(dns, s);
804 if (r == -EEXIST)
805 continue;
806 if (r < 0)
807 return r;
808 }
809
bda2c408
TG
810 if (!l->unicast_scope)
811 continue;
812
813 STRV_FOREACH(domain, l->unicast_scope->domains) {
814 r = set_put(domains, *domain);
815 if (r == -EEXIST)
816 continue;
817 if (r < 0)
818 return r;
819 }
820 }
821
87f5a193
LP
822 /* If we found nothing, add the fallback servers */
823 if (set_isempty(dns)) {
824 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
825 r = set_put(dns, s);
826 if (r == -EEXIST)
827 continue;
828 if (r < 0)
829 return r;
830 }
831 }
832
a5a807e6 833 r = fopen_temporary_label(path, path, &f, &temp_path);
091a364c
TG
834 if (r < 0)
835 return r;
836
837 fchmod(fileno(f), 0644);
838
4713135e 839 r = write_resolv_conf_contents(f, dns, domains);
74b2466e
LP
840 if (r < 0)
841 goto fail;
842
843 if (rename(temp_path, path) < 0) {
844 r = -errno;
845 goto fail;
846 }
091a364c 847
74b2466e 848 return 0;
091a364c 849
74b2466e
LP
850fail:
851 unlink(path);
852 unlink(temp_path);
853 return r;
854}
091a364c 855
1716f6dc 856int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
74b2466e 857 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1716f6dc
LP
858 union {
859 struct cmsghdr header; /* For alignment */
40a1eebd 860 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
1716f6dc 861 + CMSG_SPACE(int) /* ttl/hoplimit */
623a4c97 862 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
1716f6dc
LP
863 } control;
864 union sockaddr_union sa;
74b2466e 865 struct msghdr mh = {};
1716f6dc 866 struct cmsghdr *cmsg;
74b2466e 867 struct iovec iov;
1716f6dc 868 int ms = 0, r;
74b2466e
LP
869 ssize_t l;
870
871 assert(m);
1716f6dc 872 assert(fd >= 0);
74b2466e
LP
873 assert(ret);
874
74b2466e
LP
875 r = ioctl(fd, FIONREAD, &ms);
876 if (r < 0)
877 return -errno;
878 if (ms < 0)
879 return -EIO;
880
1716f6dc 881 r = dns_packet_new(&p, protocol, ms);
74b2466e
LP
882 if (r < 0)
883 return r;
884
885 iov.iov_base = DNS_PACKET_DATA(p);
886 iov.iov_len = p->allocated;
887
1716f6dc
LP
888 mh.msg_name = &sa.sa;
889 mh.msg_namelen = sizeof(sa);
74b2466e
LP
890 mh.msg_iov = &iov;
891 mh.msg_iovlen = 1;
1716f6dc
LP
892 mh.msg_control = &control;
893 mh.msg_controllen = sizeof(control);
74b2466e
LP
894
895 l = recvmsg(fd, &mh, 0);
896 if (l < 0) {
ad867662 897 if (errno == EAGAIN || errno == EINTR)
74b2466e
LP
898 return 0;
899
900 return -errno;
091a364c
TG
901 }
902
74b2466e
LP
903 if (l <= 0)
904 return -EIO;
091a364c 905
1716f6dc
LP
906 assert(!(mh.msg_flags & MSG_CTRUNC));
907 assert(!(mh.msg_flags & MSG_TRUNC));
908
74b2466e 909 p->size = (size_t) l;
091a364c 910
1716f6dc 911 p->family = sa.sa.sa_family;
623a4c97
LP
912 p->ipproto = IPPROTO_UDP;
913 if (p->family == AF_INET) {
1716f6dc 914 p->sender.in = sa.in.sin_addr;
623a4c97
LP
915 p->sender_port = be16toh(sa.in.sin_port);
916 } else if (p->family == AF_INET6) {
1716f6dc 917 p->sender.in6 = sa.in6.sin6_addr;
623a4c97
LP
918 p->sender_port = be16toh(sa.in6.sin6_port);
919 p->ifindex = sa.in6.sin6_scope_id;
920 } else
1716f6dc 921 return -EAFNOSUPPORT;
74b2466e 922
1716f6dc 923 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
74b2466e 924
1716f6dc
LP
925 if (cmsg->cmsg_level == IPPROTO_IPV6) {
926 assert(p->family == AF_INET6);
74b2466e 927
1716f6dc 928 switch (cmsg->cmsg_type) {
74b2466e 929
1716f6dc
LP
930 case IPV6_PKTINFO: {
931 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
74b2466e 932
623a4c97
LP
933 if (p->ifindex <= 0)
934 p->ifindex = i->ipi6_ifindex;
935
1716f6dc
LP
936 p->destination.in6 = i->ipi6_addr;
937 break;
938 }
74b2466e 939
1716f6dc
LP
940 case IPV6_HOPLIMIT:
941 p->ttl = *(int *) CMSG_DATA(cmsg);
942 break;
74b2466e 943
1716f6dc
LP
944 }
945 } else if (cmsg->cmsg_level == IPPROTO_IP) {
946 assert(p->family == AF_INET);
74b2466e 947
1716f6dc 948 switch (cmsg->cmsg_type) {
74b2466e 949
1716f6dc
LP
950 case IP_PKTINFO: {
951 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
091a364c 952
623a4c97
LP
953 if (p->ifindex <= 0)
954 p->ifindex = i->ipi_ifindex;
955
1716f6dc
LP
956 p->destination.in = i->ipi_addr;
957 break;
958 }
74b2466e 959
623a4c97 960 case IP_TTL:
1716f6dc
LP
961 p->ttl = *(int *) CMSG_DATA(cmsg);
962 break;
963 }
964 }
965 }
74b2466e 966
623a4c97
LP
967 /* The Linux kernel sets the interface index to the loopback
968 * device if the packet came from the local host since it
969 * avoids the routing table in such a case. Let's unset the
970 * interface index in such a case. */
a5f03596 971 if (p->ifindex == LOOPBACK_IFINDEX)
623a4c97
LP
972 p->ifindex = 0;
973
974 /* If we don't know the interface index still, we look for the
975 * first local interface with a matching address. Yuck! */
976 if (p->ifindex <= 0)
977 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
978
74b2466e
LP
979 *ret = p;
980 p = NULL;
981
982 return 1;
983}
984
1716f6dc 985static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
74b2466e 986 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 987 DnsTransaction *t = NULL;
74b2466e
LP
988 Manager *m = userdata;
989 int r;
990
1716f6dc 991 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
74b2466e
LP
992 if (r <= 0)
993 return r;
994
623a4c97 995 if (dns_packet_validate_reply(p) > 0) {
ec2c5e43 996 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1716f6dc
LP
997 if (!t)
998 return 0;
74b2466e 999
ec2c5e43 1000 dns_transaction_process_reply(t, p);
623a4c97 1001
1716f6dc 1002 } else
623a4c97 1003 log_debug("Invalid DNS packet.");
74b2466e 1004
ad867662 1005 return 0;
74b2466e
LP
1006}
1007
1008int manager_dns_ipv4_fd(Manager *m) {
1716f6dc 1009 const int one = 1;
74b2466e
LP
1010 int r;
1011
091a364c
TG
1012 assert(m);
1013
74b2466e
LP
1014 if (m->dns_ipv4_fd >= 0)
1015 return m->dns_ipv4_fd;
091a364c 1016
74b2466e
LP
1017 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1018 if (m->dns_ipv4_fd < 0)
1019 return -errno;
091a364c 1020
1716f6dc
LP
1021 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1022 if (r < 0) {
1023 r = -errno;
1024 goto fail;
1025 }
1026
1027 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
74b2466e 1028 if (r < 0)
1716f6dc 1029 goto fail;
74b2466e
LP
1030
1031 return m->dns_ipv4_fd;
1716f6dc
LP
1032
1033fail:
1034 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1035 return r;
091a364c
TG
1036}
1037
74b2466e 1038int manager_dns_ipv6_fd(Manager *m) {
1716f6dc 1039 const int one = 1;
74b2466e
LP
1040 int r;
1041
1042 assert(m);
091a364c 1043
74b2466e
LP
1044 if (m->dns_ipv6_fd >= 0)
1045 return m->dns_ipv6_fd;
1046
1047 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1048 if (m->dns_ipv6_fd < 0)
1049 return -errno;
1050
1716f6dc
LP
1051 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1052 if (r < 0) {
1053 r = -errno;
1054 goto fail;
1055 }
1056
1057 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
091a364c 1058 if (r < 0)
1716f6dc 1059 goto fail;
091a364c 1060
74b2466e 1061 return m->dns_ipv6_fd;
1716f6dc
LP
1062
1063fail:
1064 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1065 return r;
74b2466e
LP
1066}
1067
1068static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1069 int r;
1070
1071 assert(fd >= 0);
1072 assert(mh);
1073
1074 for (;;) {
1075 if (sendmsg(fd, mh, flags) >= 0)
1076 return 0;
1077
1078 if (errno == EINTR)
1079 continue;
1080
1081 if (errno != EAGAIN)
1082 return -errno;
1083
1084 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1085 if (r < 0)
1086 return r;
1087 if (r == 0)
1088 return -ETIMEDOUT;
1089 }
1090}
1091
623a4c97 1092static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP
1093 union sockaddr_union sa = {
1094 .in.sin_family = AF_INET,
74b2466e 1095 };
1716f6dc
LP
1096 union {
1097 struct cmsghdr header; /* For alignment */
1098 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1099 } control;
74b2466e
LP
1100 struct msghdr mh = {};
1101 struct iovec iov;
74b2466e
LP
1102
1103 assert(m);
1716f6dc
LP
1104 assert(fd >= 0);
1105 assert(addr);
1106 assert(port > 0);
74b2466e
LP
1107 assert(p);
1108
74b2466e
LP
1109 iov.iov_base = DNS_PACKET_DATA(p);
1110 iov.iov_len = p->size;
091a364c 1111
1716f6dc
LP
1112 sa.in.sin_addr = *addr;
1113 sa.in.sin_port = htobe16(port),
091a364c 1114
74b2466e
LP
1115 mh.msg_iov = &iov;
1116 mh.msg_iovlen = 1;
1117 mh.msg_name = &sa.sa;
1118 mh.msg_namelen = sizeof(sa.in);
091a364c 1119
74b2466e
LP
1120 if (ifindex > 0) {
1121 struct cmsghdr *cmsg;
1122 struct in_pktinfo *pi;
1123
1124 zero(control);
1125
1716f6dc 1126 mh.msg_control = &control;
74b2466e
LP
1127 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1128
1129 cmsg = CMSG_FIRSTHDR(&mh);
1130 cmsg->cmsg_len = mh.msg_controllen;
1131 cmsg->cmsg_level = IPPROTO_IP;
1132 cmsg->cmsg_type = IP_PKTINFO;
1133
1134 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1135 pi->ipi_ifindex = ifindex;
1136 }
1137
1138 return sendmsg_loop(fd, &mh, 0);
1139}
1140
623a4c97 1141static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
74b2466e
LP
1142 union sockaddr_union sa = {
1143 .in6.sin6_family = AF_INET6,
74b2466e 1144 };
1716f6dc
LP
1145 union {
1146 struct cmsghdr header; /* For alignment */
1147 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1148 } control;
74b2466e
LP
1149 struct msghdr mh = {};
1150 struct iovec iov;
74b2466e
LP
1151
1152 assert(m);
1716f6dc
LP
1153 assert(fd >= 0);
1154 assert(addr);
1155 assert(port > 0);
74b2466e
LP
1156 assert(p);
1157
74b2466e
LP
1158 iov.iov_base = DNS_PACKET_DATA(p);
1159 iov.iov_len = p->size;
1160
1716f6dc
LP
1161 sa.in6.sin6_addr = *addr;
1162 sa.in6.sin6_port = htobe16(port),
74b2466e
LP
1163 sa.in6.sin6_scope_id = ifindex;
1164
1165 mh.msg_iov = &iov;
1166 mh.msg_iovlen = 1;
1167 mh.msg_name = &sa.sa;
1168 mh.msg_namelen = sizeof(sa.in6);
1169
1170 if (ifindex > 0) {
1171 struct cmsghdr *cmsg;
1172 struct in6_pktinfo *pi;
1173
1174 zero(control);
1175
1716f6dc 1176 mh.msg_control = &control;
74b2466e
LP
1177 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1178
1179 cmsg = CMSG_FIRSTHDR(&mh);
1180 cmsg->cmsg_len = mh.msg_controllen;
1181 cmsg->cmsg_level = IPPROTO_IPV6;
1182 cmsg->cmsg_type = IPV6_PKTINFO;
1183
1184 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1185 pi->ipi6_ifindex = ifindex;
1186 }
1187
1188 return sendmsg_loop(fd, &mh, 0);
1189}
1190
623a4c97 1191int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1716f6dc
LP
1192 assert(m);
1193 assert(fd >= 0);
1194 assert(addr);
1195 assert(port > 0);
1196 assert(p);
1197
a2a416f7
LP
1198 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1199
1716f6dc
LP
1200 if (family == AF_INET)
1201 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1202 else if (family == AF_INET6)
1203 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1204
1205 return -EAFNOSUPPORT;
1206}
1207
2c27fbca 1208DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
74b2466e
LP
1209 DnsServer *s;
1210
1211 assert(m);
1212 assert(in_addr);
1213
4e945a6f 1214 LIST_FOREACH(servers, s, m->dns_servers)
5cb36f41 1215 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1216 return s;
74b2466e 1217
4e945a6f 1218 LIST_FOREACH(servers, s, m->fallback_dns_servers)
5cb36f41 1219 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
2c27fbca 1220 return s;
74b2466e 1221
2c27fbca 1222 return NULL;
4e945a6f
LP
1223}
1224
2c27fbca 1225DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
4e945a6f
LP
1226 assert(m);
1227
1228 if (m->current_dns_server == s)
1229 return s;
1230
1231 if (s) {
1232 _cleanup_free_ char *ip = NULL;
1233
1234 in_addr_to_string(s->family, &s->address, &ip);
1235 log_info("Switching to system DNS server %s.", strna(ip));
2c27fbca 1236 }
4e945a6f
LP
1237
1238 m->current_dns_server = s;
2c27fbca
LP
1239
1240 if (m->unicast_scope)
1241 dns_cache_flush(&m->unicast_scope->cache);
1242
4e945a6f 1243 return s;
74b2466e
LP
1244}
1245
1246DnsServer *manager_get_dns_server(Manager *m) {
4e945a6f 1247 Link *l;
74b2466e
LP
1248 assert(m);
1249
5cb36f41
LP
1250 /* Try to read updates resolv.conf */
1251 manager_read_resolv_conf(m);
1252
74b2466e 1253 if (!m->current_dns_server)
4e945a6f
LP
1254 manager_set_dns_server(m, m->dns_servers);
1255
1256 if (!m->current_dns_server) {
1257 bool found = false;
1258 Iterator i;
1259
1260 /* No DNS servers configured, let's see if there are
1261 * any on any links. If not, we use the fallback
1262 * servers */
1263
1264 HASHMAP_FOREACH(l, m->links, i)
1265 if (l->dns_servers) {
1266 found = true;
1267 break;
1268 }
1269
1270 if (!found)
1271 manager_set_dns_server(m, m->fallback_dns_servers);
1272 }
74b2466e
LP
1273
1274 return m->current_dns_server;
1275}
1276
1277void manager_next_dns_server(Manager *m) {
1278 assert(m);
1279
4e945a6f
LP
1280 /* If there's currently no DNS server set, then the next
1281 * manager_get_dns_server() will find one */
74b2466e
LP
1282 if (!m->current_dns_server)
1283 return;
1284
4e945a6f 1285 /* Change to the next one */
74b2466e 1286 if (m->current_dns_server->servers_next) {
4e945a6f 1287 manager_set_dns_server(m, m->current_dns_server->servers_next);
74b2466e
LP
1288 return;
1289 }
1290
4e945a6f
LP
1291 /* If there was no next one, then start from the beginning of
1292 * the list */
1293 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1294 manager_set_dns_server(m, m->fallback_dns_servers);
1295 else
1296 manager_set_dns_server(m, m->dns_servers);
091a364c 1297}
e1c95994
LP
1298
1299uint32_t manager_find_mtu(Manager *m) {
1300 uint32_t mtu = 0;
1301 Link *l;
1302 Iterator i;
1303
1304 /* If we don't know on which link a DNS packet would be
1305 * delivered, let's find the largest MTU that works on all
1306 * interfaces we know of */
1307
1308 HASHMAP_FOREACH(l, m->links, i) {
1309 if (l->mtu <= 0)
1310 continue;
1311
1312 if (mtu <= 0 || l->mtu < mtu)
1313 mtu = l->mtu;
1314 }
1315
1316 return mtu;
1317}
1716f6dc
LP
1318
1319static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1320 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
ec2c5e43 1321 DnsTransaction *t = NULL;
1716f6dc 1322 Manager *m = userdata;
a4076574 1323 DnsScope *scope;
1716f6dc
LP
1324 int r;
1325
1326 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1327 if (r <= 0)
1328 return r;
1329
a4076574
LP
1330 scope = manager_find_scope(m, p);
1331 if (!scope) {
1332 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1333 return 0;
1334 }
1335
623a4c97 1336 if (dns_packet_validate_reply(p) > 0) {
a2a416f7
LP
1337 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1338
a4076574 1339 dns_scope_check_conflicts(scope, p);
623a4c97 1340
a4076574
LP
1341 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1342 if (t)
1343 dns_transaction_process_reply(t, p);
623a4c97 1344
a4076574
LP
1345 } else if (dns_packet_validate_query(p) > 0) {
1346 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
623a4c97 1347
a4076574 1348 dns_scope_process_query(scope, NULL, p);
623a4c97 1349 } else
a4076574 1350 log_debug("Invalid LLMNR UDP packet.");
1716f6dc
LP
1351
1352 return 0;
1353}
1354
1355int manager_llmnr_ipv4_udp_fd(Manager *m) {
1356 union sockaddr_union sa = {
1357 .in.sin_family = AF_INET,
1358 .in.sin_port = htobe16(5355),
1359 };
bf3f1271 1360 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1716f6dc
LP
1361 int r;
1362
1363 assert(m);
1364
1365 if (m->llmnr_ipv4_udp_fd >= 0)
1366 return m->llmnr_ipv4_udp_fd;
1367
1368 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1369 if (m->llmnr_ipv4_udp_fd < 0)
1370 return -errno;
1371
bf3f1271
LP
1372 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1373 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1716f6dc
LP
1374 if (r < 0) {
1375 r = -errno;
1376 goto fail;
1377 }
1378
bf3f1271 1379 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1716f6dc
LP
1380 if (r < 0) {
1381 r = -errno;
1382 goto fail;
1383 }
1384
1385 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1386 if (r < 0) {
1387 r = -errno;
1388 goto fail;
1389 }
1390
1391 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1392 if (r < 0) {
1393 r = -errno;
1394 goto fail;
1395 }
1396
1397 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1398 if (r < 0) {
1399 r = -errno;
1400 goto fail;
1401 }
1402
1403 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1404 if (r < 0) {
1405 r = -errno;
1406 goto fail;
1407 }
1408
1409 /* Disable Don't-Fragment bit in the IP header */
1410 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1411 if (r < 0) {
1412 r = -errno;
1413 goto fail;
1414 }
1415
1416 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1417 if (r < 0) {
1418 r = -errno;
1419 goto fail;
1420 }
1421
1422 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1423 if (r < 0)
1424 goto fail;
1425
1426 return m->llmnr_ipv4_udp_fd;
1427
1428fail:
1429 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1430 return r;
1431}
1432
1433int manager_llmnr_ipv6_udp_fd(Manager *m) {
1434 union sockaddr_union sa = {
1435 .in6.sin6_family = AF_INET6,
1436 .in6.sin6_port = htobe16(5355),
1437 };
bf3f1271 1438 static const int one = 1, ttl = 255;
1716f6dc
LP
1439 int r;
1440
1441 assert(m);
1442
1443 if (m->llmnr_ipv6_udp_fd >= 0)
1444 return m->llmnr_ipv6_udp_fd;
1445
1446 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1447 if (m->llmnr_ipv6_udp_fd < 0)
1448 return -errno;
1449
bf3f1271 1450 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP
1451 if (r < 0) {
1452 r = -errno;
1453 goto fail;
1454 }
1455
bf3f1271
LP
1456 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1457 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1716f6dc
LP
1458 if (r < 0) {
1459 r = -errno;
1460 goto fail;
1461 }
1462
1463 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1464 if (r < 0) {
1465 r = -errno;
1466 goto fail;
1467 }
1468
1469 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1470 if (r < 0) {
1471 r = -errno;
1472 goto fail;
1473 }
1474
1475 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1476 if (r < 0) {
1477 r = -errno;
1478 goto fail;
1479 }
1480
1481 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1482 if (r < 0) {
1483 r = -errno;
1484 goto fail;
1485 }
1486
1487 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1488 if (r < 0) {
1489 r = -errno;
1490 goto fail;
1491 }
1492
1493 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1494 if (r < 0) {
1495 r = -errno;
1496 goto fail;
1497 }
1498
1499 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1500 if (r < 0) {
1501 r = -errno;
1502 goto fail;
1503 }
1504
1505 return m->llmnr_ipv6_udp_fd;
1506
1507fail:
1508 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1509 return r;
1510}
623a4c97
LP
1511
1512static int on_llmnr_stream_packet(DnsStream *s) {
a4076574 1513 DnsScope *scope;
623a4c97 1514
a4076574 1515 assert(s);
623a4c97 1516
a4076574
LP
1517 scope = manager_find_scope(s->manager, s->read_packet);
1518 if (!scope) {
1519 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1520 return 0;
1521 }
623a4c97 1522
a4076574
LP
1523 if (dns_packet_validate_query(s->read_packet) > 0) {
1524 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
623a4c97 1525
a4076574 1526 dns_scope_process_query(scope, s, s->read_packet);
623a4c97 1527
a4076574
LP
1528 /* If no reply packet was set, we free the stream */
1529 if (s->write_packet)
1530 return 0;
1531 } else
1532 log_debug("Invalid LLMNR TCP packet.");
623a4c97
LP
1533
1534 dns_stream_free(s);
1535 return 0;
1536}
1537
1538static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1539 DnsStream *stream;
1540 Manager *m = userdata;
1541 int cfd, r;
1542
1543 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1544 if (cfd < 0) {
1545 if (errno == EAGAIN || errno == EINTR)
1546 return 0;
1547
1548 return -errno;
1549 }
1550
1551 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1552 if (r < 0) {
1553 safe_close(cfd);
1554 return r;
1555 }
1556
1557 stream->on_packet = on_llmnr_stream_packet;
1558 return 0;
1559}
1560
1561int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1562 union sockaddr_union sa = {
1563 .in.sin_family = AF_INET,
1564 .in.sin_port = htobe16(5355),
1565 };
1566 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1567 int r;
1568
1569 assert(m);
1570
1571 if (m->llmnr_ipv4_tcp_fd >= 0)
1572 return m->llmnr_ipv4_tcp_fd;
1573
1574 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1575 if (m->llmnr_ipv4_tcp_fd < 0)
1576 return -errno;
1577
bf3f1271 1578 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP
1579 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1580 if (r < 0) {
1581 r = -errno;
1582 goto fail;
1583 }
1584
1585 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1586 if (r < 0) {
1587 r = -errno;
1588 goto fail;
1589 }
1590
1591 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1592 if (r < 0) {
1593 r = -errno;
1594 goto fail;
1595 }
1596
1597 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1598 if (r < 0) {
1599 r = -errno;
1600 goto fail;
1601 }
1602
1603 /* Disable Don't-Fragment bit in the IP header */
1604 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1605 if (r < 0) {
1606 r = -errno;
1607 goto fail;
1608 }
1609
1610 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1611 if (r < 0) {
1612 r = -errno;
1613 goto fail;
1614 }
1615
1616 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1617 if (r < 0) {
1618 r = -errno;
1619 goto fail;
1620 }
1621
1622 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1623 if (r < 0)
1624 goto fail;
1625
1626 return m->llmnr_ipv4_tcp_fd;
1627
1628fail:
1629 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1630 return r;
1631}
1632
1633int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1634 union sockaddr_union sa = {
1635 .in6.sin6_family = AF_INET6,
1636 .in6.sin6_port = htobe16(5355),
1637 };
1638 static const int one = 1;
1639 int r;
1640
1641 assert(m);
1642
1643 if (m->llmnr_ipv6_tcp_fd >= 0)
1644 return m->llmnr_ipv6_tcp_fd;
1645
1646 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1647 if (m->llmnr_ipv6_tcp_fd < 0)
1648 return -errno;
1649
bf3f1271 1650 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
623a4c97
LP
1651 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1652 if (r < 0) {
1653 r = -errno;
1654 goto fail;
1655 }
1656
1657 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1658 if (r < 0) {
1659 r = -errno;
1660 goto fail;
1661 }
1662
1663 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1664 if (r < 0) {
1665 r = -errno;
1666 goto fail;
1667 }
1668
1669 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1670 if (r < 0) {
1671 r = -errno;
1672 goto fail;
1673 }
1674
1675 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1676 if (r < 0) {
1677 r = -errno;
1678 goto fail;
1679 }
1680
1681 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1682 if (r < 0) {
1683 r = -errno;
1684 goto fail;
1685 }
1686
1687 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1688 if (r < 0) {
1689 r = -errno;
1690 goto fail;
1691 }
1692
1693 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1694 if (r < 0) {
1695 r = -errno;
1696 goto fail;
1697 }
1698
1699 return m->llmnr_ipv6_tcp_fd;
1700
1701fail:
1702 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1703 return r;
1704}
1705
623a4c97 1706int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP
1707 LinkAddress *a;
1708
1709 assert(m);
1710
4e945a6f 1711 a = manager_find_link_address(m, family, in_addr);
ec2c5e43
LP
1712 if (a)
1713 return a->link->ifindex;
1714
1715 return 0;
1716}
1717
eb60f9cd
LP
1718void manager_refresh_rrs(Manager *m) {
1719 Iterator i;
1720 Link *l;
1721
1722 assert(m);
1723
1724 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1725 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1726
1727 HASHMAP_FOREACH(l, m->links, i) {
1728 link_add_rrs(l, true);
1729 link_add_rrs(l, false);
1730 }
1731}
1732
ec2c5e43
LP
1733int manager_next_hostname(Manager *m) {
1734 const char *p;
556a2294 1735 uint64_t u, a;
ec2c5e43 1736 char *h;
623a4c97
LP
1737
1738 assert(m);
1739
ec2c5e43
LP
1740 p = strchr(m->hostname, 0);
1741 assert(p);
1742
1743 while (p > m->hostname) {
1744 if (!strchr("0123456789", p[-1]))
1745 break;
1746
1747 p--;
1748 }
1749
1750 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1751 u = 1;
1752
556a2294
LP
1753 /* Add a random number to the old value. This way we can avoid
1754 * that two hosts pick the same hostname, win on IPv4 and lose
1755 * on IPv6 (or vice versa), and pick the same hostname
1756 * replacement hostname, ad infinitum. We still want the
1757 * numbers to go up monotonically, hence we just add a random
1758 * value 1..10 */
1759
1760 random_bytes(&a, sizeof(a));
1761 u += 1 + a % 10;
ec2c5e43
LP
1762
1763 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1764 return -ENOMEM;
1765
eb60f9cd 1766 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
ec2c5e43
LP
1767
1768 free(m->hostname);
1769 m->hostname = h;
1770
eb60f9cd 1771 manager_refresh_rrs(m);
623a4c97
LP
1772
1773 return 0;
1774}
ec2c5e43 1775
4e945a6f 1776LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
ec2c5e43
LP
1777 Iterator i;
1778 Link *l;
1779
1780 assert(m);
1781
1782 HASHMAP_FOREACH(l, m->links, i) {
1783 LinkAddress *a;
1784
1785 a = link_find_address(l, family, in_addr);
1786 if (a)
1787 return a;
1788 }
1789
1790 return NULL;
1791}
1792
a4076574 1793bool manager_our_packet(Manager *m, DnsPacket *p) {
ec2c5e43
LP
1794 assert(m);
1795 assert(p);
1796
4e945a6f 1797 return !!manager_find_link_address(m, p->family, &p->sender);
ec2c5e43 1798}
4e945a6f 1799
a4076574
LP
1800DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1801 Link *l;
1802
1803 assert(m);
1804 assert(p);
1805
1806 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1807 if (!l)
1808 return NULL;
1809
1810 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1811 if (p->family == AF_INET)
1812 return l->llmnr_ipv4_scope;
1813 else if (p->family == AF_INET6)
1814 return l->llmnr_ipv6_scope;
1815 }
1816
1817 return NULL;
1818}
1819
902bb5d8
LP
1820void manager_verify_all(Manager *m) {
1821 DnsScope *s;
1822
1823 assert(m);
1824
1825 LIST_FOREACH(scopes, s, m->dns_scopes)
1826 dns_zone_verify_all(&s->zone);
1827}
1828
3e684349
LP
1829void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1830 assert(m);
1831
1832 if (t == DNS_SERVER_SYSTEM)
1833 while (m->dns_servers)
1834 dns_server_free(m->dns_servers);
1835
1836 if (t == DNS_SERVER_FALLBACK)
1837 while (m->fallback_dns_servers)
1838 dns_server_free(m->fallback_dns_servers);
1839}
1840
4e945a6f
LP
1841static const char* const support_table[_SUPPORT_MAX] = {
1842 [SUPPORT_NO] = "no",
1843 [SUPPORT_YES] = "yes",
1844 [SUPPORT_RESOLVE] = "resolve",
1845};
1846DEFINE_STRING_TABLE_LOOKUP(support, Support);