[thirdparty/systemd.git] / src / resolve / resolved-mdns.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2015 Daniel Mack

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
 ***/

#include <resolv.h>
#include <netinet/in.h>
#include <arpa/inet.h>

#include "fd-util.h"
#include "resolved-manager.h"
#include "resolved-mdns.h"

void manager_mdns_stop(Manager *m) {
        assert(m);

        m->mdns_ipv4_event_source = sd_event_source_unref(m->mdns_ipv4_event_source);
        m->mdns_ipv4_fd = safe_close(m->mdns_ipv4_fd);

        m->mdns_ipv6_event_source = sd_event_source_unref(m->mdns_ipv6_event_source);
        m->mdns_ipv6_fd = safe_close(m->mdns_ipv6_fd);
}

int manager_mdns_start(Manager *m) {
        int r;

        assert(m);

        if (m->mdns_support == SUPPORT_NO)
                return 0;

        r = manager_mdns_ipv4_fd(m);
        if (r == -EADDRINUSE)
                goto eaddrinuse;
        if (r < 0)
                return r;

        if (socket_ipv6_is_supported()) {
                r = manager_mdns_ipv6_fd(m);
                if (r == -EADDRINUSE)
                        goto eaddrinuse;
                if (r < 0)
                        return r;
        }

        return 0;

eaddrinuse:
        log_warning("There appears to be another mDNS responder running. Turning off mDNS support.");
        m->mdns_support = SUPPORT_NO;
        manager_mdns_stop(m);

        return 0;
}

static int on_mdns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
        _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
        Manager *m = userdata;
        DnsScope *scope;
        int r;

        r = manager_recv(m, fd, DNS_PROTOCOL_MDNS, &p);
        if (r <= 0)
                return r;

        scope = manager_find_scope(m, p);
        if (!scope) {
                log_warning("Got mDNS UDP packet on unknown scope. Ignoring.");
                return 0;
        }

        if (dns_packet_validate_reply(p) > 0) {
                DnsResourceRecord *rr;

                log_debug("Got mDNS reply packet");

                /*
                 * mDNS is different from regular DNS and LLMNR with regard to handling responses.
                 * While on other protocols, we can ignore every answer that doesn't match a question
                 * we broadcast earlier, RFC6762, section 18.1 recommends looking at and caching all
                 * incoming information, regardless of the DNS packet ID.
                 *
                 * Hence, extract the packet here, and try to find a transaction for answer the we got
                 * and complete it. Also store the new information in scope's cache.
                 */
                r = dns_packet_extract(p);
                if (r < 0) {
                        log_debug("mDNS packet extraction failed.");
                        return 0;
                }

                dns_scope_check_conflicts(scope, p);

                DNS_ANSWER_FOREACH(rr, p->answer) {
                        const char *name = DNS_RESOURCE_KEY_NAME(rr->key);
                        DnsTransaction *t;

                        /* If the received reply packet contains ANY record that is not .local or .in-addr.arpa,
                         * we assume someone's playing tricks on us and discard the packet completely. */
                        if (!(dns_name_endswith(name, "in-addr.arpa") > 0 ||
                              dns_name_endswith(name, "local") > 0))
                                return 0;

                        t = dns_scope_find_transaction(scope, rr->key, false);
                        if (t)
                                dns_transaction_process_reply(t, p);
                }

                dns_cache_put(&scope->cache, NULL, DNS_PACKET_RCODE(p), p->answer,
                              p->answer->n_rrs, false, 0, p->family, &p->sender);

        } else if (dns_packet_validate_query(p) > 0)  {
                log_debug("Got mDNS query packet for id %u", DNS_PACKET_ID(p));

                dns_scope_process_query(scope, NULL, p);
        } else
                log_debug("Invalid mDNS UDP packet.");

        return 0;
}

int manager_mdns_ipv4_fd(Manager *m) {
        union sockaddr_union sa = {
                .in.sin_family = AF_INET,
                .in.sin_port = htobe16(MDNS_PORT),
        };
        static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
        int r;

        assert(m);

        if (m->mdns_ipv4_fd >= 0)
                return m->mdns_ipv4_fd;

        m->mdns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
        if (m->mdns_ipv4_fd < 0)
                return -errno;

        r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = setsockopt(m->mdns_ipv4_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        /* Disable Don't-Fragment bit in the IP header */
        r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = bind(m->mdns_ipv4_fd, &sa.sa, sizeof(sa.in));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = sd_event_add_io(m->event, &m->mdns_ipv4_event_source, m->mdns_ipv4_fd, EPOLLIN, on_mdns_packet, m);
        if (r < 0)
                goto fail;

        return m->mdns_ipv4_fd;

fail:
        m->mdns_ipv4_fd = safe_close(m->mdns_ipv4_fd);
        return r;
}

int manager_mdns_ipv6_fd(Manager *m) {
        union sockaddr_union sa = {
                .in6.sin6_family = AF_INET6,
                .in6.sin6_port = htobe16(MDNS_PORT),
        };
        static const int one = 1, ttl = 255;
        int r;

        assert(m);

        if (m->mdns_ipv6_fd >= 0)
                return m->mdns_ipv6_fd;

        m->mdns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
        if (m->mdns_ipv6_fd < 0)
                return -errno;

        r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
        r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = setsockopt(m->mdns_ipv6_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = bind(m->mdns_ipv6_fd, &sa.sa, sizeof(sa.in6));
        if (r < 0) {
                r = -errno;
                goto fail;
        }

        r = sd_event_add_io(m->event, &m->mdns_ipv6_event_source, m->mdns_ipv6_fd, EPOLLIN, on_mdns_packet, m);
        if (r < 0)
                goto fail;

        return m->mdns_ipv6_fd;

fail:
        m->mdns_ipv6_fd = safe_close(m->mdns_ipv6_fd);
        return r;
}
Commit	Line	Data
bc7702b0 DM	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2015 Daniel Mack
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <resolv.h>
	23	#include <netinet/in.h>
	24	#include <arpa/inet.h>
	25
	26	#include "fd-util.h"
	27	#include "resolved-manager.h"
	28	#include "resolved-mdns.h"
	29
	30	void manager_mdns_stop(Manager *m) {
	31	assert(m);
	32
	33	m->mdns_ipv4_event_source = sd_event_source_unref(m->mdns_ipv4_event_source);
	34	m->mdns_ipv4_fd = safe_close(m->mdns_ipv4_fd);
	35
	36	m->mdns_ipv6_event_source = sd_event_source_unref(m->mdns_ipv6_event_source);
	37	m->mdns_ipv6_fd = safe_close(m->mdns_ipv6_fd);
	38	}
	39
	40	int manager_mdns_start(Manager *m) {
	41	int r;
	42
	43	assert(m);
	44
	45	if (m->mdns_support == SUPPORT_NO)
	46	return 0;
	47
	48	r = manager_mdns_ipv4_fd(m);
	49	if (r == -EADDRINUSE)
	50	goto eaddrinuse;
	51	if (r < 0)
	52	return r;
	53
	54	if (socket_ipv6_is_supported()) {
	55	r = manager_mdns_ipv6_fd(m);
	56	if (r == -EADDRINUSE)
	57	goto eaddrinuse;
	58	if (r < 0)
	59	return r;
	60	}
	61
	62	return 0;
	63
	64	eaddrinuse:
65	log_warning("There appears to be another mDNS responder running. Turning off mDNS support.");
66	m->mdns_support = SUPPORT_NO;
67	manager_mdns_stop(m);
68
69	return 0;
70	}
71
72	static int on_mdns_packet(sd_event_source s, int fd, uint32_t revents, void userdata) {
124602ae DM	73	_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
	74	Manager *m = userdata;
	75	DnsScope *scope;
	76	int r;
	77
	78	r = manager_recv(m, fd, DNS_PROTOCOL_MDNS, &p);
	79	if (r <= 0)
	80	return r;
	81
	82	scope = manager_find_scope(m, p);
	83	if (!scope) {
	84	log_warning("Got mDNS UDP packet on unknown scope. Ignoring.");
	85	return 0;
	86	}
	87
	88	if (dns_packet_validate_reply(p) > 0) {
40fa4728	89	DnsResourceRecord *rr;
124602ae DM	90
	91	log_debug("Got mDNS reply packet");
	92
	93	/*
	94	* mDNS is different from regular DNS and LLMNR with regard to handling responses.
	95	* While on other protocols, we can ignore every answer that doesn't match a question
	96	* we broadcast earlier, RFC6762, section 18.1 recommends looking at and caching all
	97	* incoming information, regardless of the DNS packet ID.
	98	*
	99	* Hence, extract the packet here, and try to find a transaction for answer the we got
	100	* and complete it. Also store the new information in scope's cache.
	101	*/
	102	r = dns_packet_extract(p);
	103	if (r < 0) {
	104	log_debug("mDNS packet extraction failed.");
	105	return 0;
	106	}
	107
	108	dns_scope_check_conflicts(scope, p);
	109
40fa4728 DM	110	DNS_ANSWER_FOREACH(rr, p->answer) {
40fa4728 DM	111	const char *name = DNS_RESOURCE_KEY_NAME(rr->key);
124602ae DM	112	DnsTransaction *t;
124602ae DM	113
40fa4728 DM	114	/* If the received reply packet contains ANY record that is not .local or .in-addr.arpa,
	115	* we assume someone's playing tricks on us and discard the packet completely. */
	116	if (!(dns_name_endswith(name, "in-addr.arpa") > 0 \|\|
	117	dns_name_endswith(name, "local") > 0))
	118	return 0;
124602ae DM	119
	120	t = dns_scope_find_transaction(scope, rr->key, false);
	121	if (t)
	122	dns_transaction_process_reply(t, p);
	123	}
	124
	125	dns_cache_put(&scope->cache, NULL, DNS_PACKET_RCODE(p), p->answer,
	126	p->answer->n_rrs, false, 0, p->family, &p->sender);
	127
	128	} else if (dns_packet_validate_query(p) > 0) {
	129	log_debug("Got mDNS query packet for id %u", DNS_PACKET_ID(p));
	130
	131	dns_scope_process_query(scope, NULL, p);
	132	} else
	133	log_debug("Invalid mDNS UDP packet.");
	134
bc7702b0 DM	135	return 0;
	136	}
	137
	138	int manager_mdns_ipv4_fd(Manager *m) {
	139	union sockaddr_union sa = {
	140	.in.sin_family = AF_INET,
	141	.in.sin_port = htobe16(MDNS_PORT),
	142	};
	143	static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
	144	int r;
	145
	146	assert(m);
	147
	148	if (m->mdns_ipv4_fd >= 0)
	149	return m->mdns_ipv4_fd;
	150
	151	m->mdns_ipv4_fd = socket(AF_INET, SOCK_DGRAM\|SOCK_CLOEXEC\|SOCK_NONBLOCK, 0);
	152	if (m->mdns_ipv4_fd < 0)
	153	return -errno;
	154
	155	r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
	156	if (r < 0) {
	157	r = -errno;
	158	goto fail;
	159	}
	160
	161	r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
	162	if (r < 0) {
	163	r = -errno;
	164	goto fail;
	165	}
	166
	167	r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
	168	if (r < 0) {
	169	r = -errno;
	170	goto fail;
	171	}
	172
	173	r = setsockopt(m->mdns_ipv4_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
	174	if (r < 0) {
	175	r = -errno;
	176	goto fail;
	177	}
	178
	179	r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
	180	if (r < 0) {
	181	r = -errno;
	182	goto fail;
	183	}
	184
	185	r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
	186	if (r < 0) {
	187	r = -errno;
	188	goto fail;
	189	}
	190
	191	/* Disable Don't-Fragment bit in the IP header */
	192	r = setsockopt(m->mdns_ipv4_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
	193	if (r < 0) {
	194	r = -errno;
	195	goto fail;
	196	}
	197
	198	r = bind(m->mdns_ipv4_fd, &sa.sa, sizeof(sa.in));
199	if (r < 0) {
200	r = -errno;
201	goto fail;
202	}
203
204	r = sd_event_add_io(m->event, &m->mdns_ipv4_event_source, m->mdns_ipv4_fd, EPOLLIN, on_mdns_packet, m);
205	if (r < 0)
206	goto fail;
207
208	return m->mdns_ipv4_fd;
209
210	fail:
211	m->mdns_ipv4_fd = safe_close(m->mdns_ipv4_fd);
212	return r;
213	}
214
215	int manager_mdns_ipv6_fd(Manager *m) {
216	union sockaddr_union sa = {
217	.in6.sin6_family = AF_INET6,
218	.in6.sin6_port = htobe16(MDNS_PORT),
219	};
220	static const int one = 1, ttl = 255;
221	int r;
222
223	assert(m);
224
225	if (m->mdns_ipv6_fd >= 0)
226	return m->mdns_ipv6_fd;
227
228	m->mdns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM\|SOCK_CLOEXEC\|SOCK_NONBLOCK, 0);
229	if (m->mdns_ipv6_fd < 0)
230	return -errno;
231
232	r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
233	if (r < 0) {
234	r = -errno;
235	goto fail;
236	}
237
238	/* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
239	r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
240	if (r < 0) {
241	r = -errno;
242	goto fail;
243	}
244
245	r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
246	if (r < 0) {
247	r = -errno;
248	goto fail;
249	}
250
251	r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
252	if (r < 0) {
253	r = -errno;
254	goto fail;
255	}
256
257	r = setsockopt(m->mdns_ipv6_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
258	if (r < 0) {
259	r = -errno;
260	goto fail;
261	}
262
263	r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
264	if (r < 0) {
265	r = -errno;
266	goto fail;
267	}
268
269	r = setsockopt(m->mdns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
270	if (r < 0) {
271	r = -errno;
272	goto fail;
273	}
274
275	r = bind(m->mdns_ipv6_fd, &sa.sa, sizeof(sa.in6));
276	if (r < 0) {
277	r = -errno;
278	goto fail;
279	}
280
281	r = sd_event_add_io(m->event, &m->mdns_ipv6_event_source, m->mdns_ipv6_fd, EPOLLIN, on_mdns_packet, m);
ee8d9305	282	if (r < 0)
bc7702b0	283	goto fail;
bc7702b0 DM	284
	285	return m->mdns_ipv6_fd;
	286
	287	fail:
	288	m->mdns_ipv6_fd = safe_close(m->mdns_ipv6_fd);
	289	return r;
	290	}