]> git.ipfire.org Git - thirdparty/systemd.git/blame_incremental - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
README: document that we prefer if CONFIG_CHECKPOINT_RESTORE is turned on, for the...
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
... / ...
CommitLineData
1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22#include <resolv.h>
23#include <sys/ioctl.h>
24#include <poll.h>
25#include <netinet/in.h>
26
27#include "rtnl-util.h"
28#include "network-internal.h"
29#include "socket-util.h"
30#include "af-list.h"
31#include "utf8.h"
32#include "fileio-label.h"
33#include "ordered-set.h"
34#include "random-util.h"
35
36#include "resolved-dns-domain.h"
37#include "resolved-conf.h"
38#include "resolved-bus.h"
39#include "resolved-manager.h"
40
41#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
42
43static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
44 Manager *m = userdata;
45 uint16_t type;
46 Link *l;
47 int ifindex, r;
48
49 assert(rtnl);
50 assert(m);
51 assert(mm);
52
53 r = sd_rtnl_message_get_type(mm, &type);
54 if (r < 0)
55 goto fail;
56
57 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
58 if (r < 0)
59 goto fail;
60
61 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
62
63 switch (type) {
64
65 case RTM_NEWLINK:{
66 bool is_new = !l;
67
68 if (!l) {
69 r = link_new(m, &l, ifindex);
70 if (r < 0)
71 goto fail;
72 }
73
74 r = link_update_rtnl(l, mm);
75 if (r < 0)
76 goto fail;
77
78 r = link_update_monitor(l);
79 if (r < 0)
80 goto fail;
81
82 if (is_new)
83 log_debug("Found new link %i/%s", ifindex, l->name);
84
85 break;
86 }
87
88 case RTM_DELLINK:
89 if (l) {
90 log_debug("Removing link %i/%s", l->ifindex, l->name);
91 link_free(l);
92 }
93
94 break;
95 }
96
97 return 0;
98
99fail:
100 log_warning_errno(r, "Failed to process RTNL link message: %m");
101 return 0;
102}
103
104static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
105 Manager *m = userdata;
106 union in_addr_union address;
107 uint16_t type;
108 int r, ifindex, family;
109 LinkAddress *a;
110 Link *l;
111
112 assert(rtnl);
113 assert(mm);
114 assert(m);
115
116 r = sd_rtnl_message_get_type(mm, &type);
117 if (r < 0)
118 goto fail;
119
120 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
121 if (r < 0)
122 goto fail;
123
124 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
125 if (!l)
126 return 0;
127
128 r = sd_rtnl_message_addr_get_family(mm, &family);
129 if (r < 0)
130 goto fail;
131
132 switch (family) {
133
134 case AF_INET:
135 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
136 if (r < 0) {
137 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
138 if (r < 0)
139 goto fail;
140 }
141
142 break;
143
144 case AF_INET6:
145 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
146 if (r < 0) {
147 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
148 if (r < 0)
149 goto fail;
150 }
151
152 break;
153
154 default:
155 return 0;
156 }
157
158 a = link_find_address(l, family, &address);
159
160 switch (type) {
161
162 case RTM_NEWADDR:
163
164 if (!a) {
165 r = link_address_new(l, &a, family, &address);
166 if (r < 0)
167 return r;
168 }
169
170 r = link_address_update_rtnl(a, mm);
171 if (r < 0)
172 return r;
173
174 break;
175
176 case RTM_DELADDR:
177 if (a)
178 link_address_free(a);
179 break;
180 }
181
182 return 0;
183
184fail:
185 log_warning_errno(r, "Failed to process RTNL address message: %m");
186 return 0;
187}
188
189static int manager_rtnl_listen(Manager *m) {
190 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
191 sd_rtnl_message *i;
192 int r;
193
194 assert(m);
195
196 /* First, subscribe to interfaces coming and going */
197 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
198 if (r < 0)
199 return r;
200
201 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
202 if (r < 0)
203 return r;
204
205 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
206 if (r < 0)
207 return r;
208
209 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
210 if (r < 0)
211 return r;
212
213 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
214 if (r < 0)
215 return r;
216
217 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
218 if (r < 0)
219 return r;
220
221 /* Then, enumerate all links */
222 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
223 if (r < 0)
224 return r;
225
226 r = sd_rtnl_message_request_dump(req, true);
227 if (r < 0)
228 return r;
229
230 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
231 if (r < 0)
232 return r;
233
234 for (i = reply; i; i = sd_rtnl_message_next(i)) {
235 r = manager_process_link(m->rtnl, i, m);
236 if (r < 0)
237 return r;
238 }
239
240 req = sd_rtnl_message_unref(req);
241 reply = sd_rtnl_message_unref(reply);
242
243 /* Finally, enumerate all addresses, too */
244 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
245 if (r < 0)
246 return r;
247
248 r = sd_rtnl_message_request_dump(req, true);
249 if (r < 0)
250 return r;
251
252 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
253 if (r < 0)
254 return r;
255
256 for (i = reply; i; i = sd_rtnl_message_next(i)) {
257 r = manager_process_address(m->rtnl, i, m);
258 if (r < 0)
259 return r;
260 }
261
262 return r;
263}
264
265static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
266 Manager *m = userdata;
267 Iterator i;
268 Link *l;
269 int r;
270
271 assert(m);
272
273 sd_network_monitor_flush(m->network_monitor);
274
275 HASHMAP_FOREACH(l, m->links, i) {
276 r = link_update_monitor(l);
277 if (r < 0)
278 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
279 }
280
281 r = manager_write_resolv_conf(m);
282 if (r < 0)
283 log_warning_errno(r, "Could not update resolv.conf: %m");
284
285 return 0;
286}
287
288static int manager_network_monitor_listen(Manager *m) {
289 int r, fd, events;
290
291 assert(m);
292
293 r = sd_network_monitor_new(&m->network_monitor, NULL);
294 if (r < 0)
295 return r;
296
297 fd = sd_network_monitor_get_fd(m->network_monitor);
298 if (fd < 0)
299 return fd;
300
301 events = sd_network_monitor_get_events(m->network_monitor);
302 if (events < 0)
303 return events;
304
305 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
306 if (r < 0)
307 return r;
308
309 return 0;
310}
311
312static int determine_hostname(char **ret) {
313 _cleanup_free_ char *h = NULL, *n = NULL;
314 int r;
315
316 assert(ret);
317
318 h = gethostname_malloc();
319 if (!h)
320 return log_oom();
321
322 if (!utf8_is_valid(h)) {
323 log_error("System hostname is not UTF-8 clean.");
324 return -EINVAL;
325 }
326
327 r = dns_name_normalize(h, &n);
328 if (r < 0) {
329 log_error("System hostname '%s' cannot be normalized.", h);
330 return r;
331 }
332
333 *ret = n;
334 n = NULL;
335
336 return 0;
337}
338
339static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
340 _cleanup_free_ char *h = NULL;
341 Manager *m = userdata;
342 int r;
343
344 assert(m);
345
346 r = determine_hostname(&h);
347 if (r < 0)
348 return 0; /* ignore invalid hostnames */
349
350 if (streq(h, m->hostname))
351 return 0;
352
353 log_info("System hostname changed to '%s'.", h);
354 free(m->hostname);
355 m->hostname = h;
356 h = NULL;
357
358 manager_refresh_rrs(m);
359
360 return 0;
361}
362
363static int manager_watch_hostname(Manager *m) {
364 int r;
365
366 assert(m);
367
368 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
369 if (m->hostname_fd < 0) {
370 log_warning_errno(errno, "Failed to watch hostname: %m");
371 return 0;
372 }
373
374 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
375 if (r < 0) {
376 if (r == -EPERM)
377 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
378 m->hostname_fd = safe_close(m->hostname_fd);
379 else
380 return log_error_errno(r, "Failed to add hostname event source: %m");
381 }
382
383 r = determine_hostname(&m->hostname);
384 if (r < 0) {
385 log_info("Defaulting to hostname 'linux'.");
386 m->hostname = strdup("linux");
387 if (!m->hostname)
388 return log_oom();
389 } else
390 log_info("Using system hostname '%s'.", m->hostname);
391
392 return 0;
393}
394
395static void manager_llmnr_stop(Manager *m) {
396 assert(m);
397
398 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
399 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
400
401 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
402 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
403
404 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
405 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
406
407 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
408 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
409}
410
411static int manager_llmnr_start(Manager *m) {
412 int r;
413
414 assert(m);
415
416 if (m->llmnr_support == SUPPORT_NO)
417 return 0;
418
419 r = manager_llmnr_ipv4_udp_fd(m);
420 if (r == -EADDRINUSE)
421 goto eaddrinuse;
422 if (r < 0)
423 return r;
424
425 r = manager_llmnr_ipv4_tcp_fd(m);
426 if (r == -EADDRINUSE)
427 goto eaddrinuse;
428 if (r < 0)
429 return r;
430
431 if (socket_ipv6_is_supported()) {
432 r = manager_llmnr_ipv6_udp_fd(m);
433 if (r == -EADDRINUSE)
434 goto eaddrinuse;
435 if (r < 0)
436 return r;
437
438 r = manager_llmnr_ipv6_tcp_fd(m);
439 if (r == -EADDRINUSE)
440 goto eaddrinuse;
441 if (r < 0)
442 return r;
443 }
444
445 return 0;
446
447eaddrinuse:
448 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
449 m->llmnr_support = SUPPORT_NO;
450 manager_llmnr_stop(m);
451
452 return 0;
453}
454
455int manager_new(Manager **ret) {
456 _cleanup_(manager_freep) Manager *m = NULL;
457 int r;
458
459 assert(ret);
460
461 m = new0(Manager, 1);
462 if (!m)
463 return -ENOMEM;
464
465 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
466 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
467 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
468 m->hostname_fd = -1;
469
470 m->llmnr_support = SUPPORT_YES;
471 m->read_resolv_conf = true;
472
473 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
474 if (r < 0)
475 return r;
476
477 r = sd_event_default(&m->event);
478 if (r < 0)
479 return r;
480
481 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
482 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
483
484 sd_event_set_watchdog(m->event, true);
485
486 r = manager_watch_hostname(m);
487 if (r < 0)
488 return r;
489
490 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
491 if (r < 0)
492 return r;
493
494 r = manager_network_monitor_listen(m);
495 if (r < 0)
496 return r;
497
498 r = manager_rtnl_listen(m);
499 if (r < 0)
500 return r;
501
502 r = manager_connect_bus(m);
503 if (r < 0)
504 return r;
505
506 *ret = m;
507 m = NULL;
508
509 return 0;
510}
511
512int manager_start(Manager *m) {
513 int r;
514
515 assert(m);
516
517 r = manager_llmnr_start(m);
518 if (r < 0)
519 return r;
520
521 return 0;
522}
523
524Manager *manager_free(Manager *m) {
525 Link *l;
526
527 if (!m)
528 return NULL;
529
530 while ((l = hashmap_first(m->links)))
531 link_free(l);
532
533 while (m->dns_queries)
534 dns_query_free(m->dns_queries);
535
536 dns_scope_free(m->unicast_scope);
537
538 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
539 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
540
541 hashmap_free(m->links);
542 hashmap_free(m->dns_transactions);
543
544 sd_event_source_unref(m->network_event_source);
545 sd_network_monitor_unref(m->network_monitor);
546
547 sd_event_source_unref(m->dns_ipv4_event_source);
548 sd_event_source_unref(m->dns_ipv6_event_source);
549 safe_close(m->dns_ipv4_fd);
550 safe_close(m->dns_ipv6_fd);
551
552 manager_llmnr_stop(m);
553
554 sd_bus_slot_unref(m->prepare_for_sleep_slot);
555 sd_event_source_unref(m->bus_retry_event_source);
556 sd_bus_unref(m->bus);
557
558 sd_event_unref(m->event);
559
560 dns_resource_key_unref(m->host_ipv4_key);
561 dns_resource_key_unref(m->host_ipv6_key);
562
563 safe_close(m->hostname_fd);
564 sd_event_source_unref(m->hostname_event_source);
565 free(m->hostname);
566
567 free(m);
568
569 return NULL;
570}
571
572int manager_read_resolv_conf(Manager *m) {
573 _cleanup_fclose_ FILE *f = NULL;
574 struct stat st, own;
575 char line[LINE_MAX];
576 DnsServer *s, *nx;
577 usec_t t;
578 int r;
579
580 assert(m);
581
582 /* Reads the system /etc/resolv.conf, if it exists and is not
583 * symlinked to our own resolv.conf instance */
584
585 if (!m->read_resolv_conf)
586 return 0;
587
588 r = stat("/etc/resolv.conf", &st);
589 if (r < 0) {
590 if (errno != ENOENT)
591 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
592 r = -errno;
593 goto clear;
594 }
595
596 /* Have we already seen the file? */
597 t = timespec_load(&st.st_mtim);
598 if (t == m->resolv_conf_mtime)
599 return 0;
600
601 m->resolv_conf_mtime = t;
602
603 /* Is it symlinked to our own file? */
604 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
605 st.st_dev == own.st_dev &&
606 st.st_ino == own.st_ino) {
607 r = 0;
608 goto clear;
609 }
610
611 f = fopen("/etc/resolv.conf", "re");
612 if (!f) {
613 if (errno != ENOENT)
614 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
615 r = -errno;
616 goto clear;
617 }
618
619 if (fstat(fileno(f), &st) < 0) {
620 log_error_errno(errno, "Failed to stat open file: %m");
621 r = -errno;
622 goto clear;
623 }
624
625 LIST_FOREACH(servers, s, m->dns_servers)
626 s->marked = true;
627
628 FOREACH_LINE(line, f, r = -errno; goto clear) {
629 union in_addr_union address;
630 int family;
631 char *l;
632 const char *a;
633
634 truncate_nl(line);
635
636 l = strstrip(line);
637 if (*l == '#' || *l == ';')
638 continue;
639
640 a = first_word(l, "nameserver");
641 if (!a)
642 continue;
643
644 r = in_addr_from_string_auto(a, &family, &address);
645 if (r < 0) {
646 log_warning("Failed to parse name server %s.", a);
647 continue;
648 }
649
650 LIST_FOREACH(servers, s, m->dns_servers)
651 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
652 break;
653
654 if (s)
655 s->marked = false;
656 else {
657 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
658 if (r < 0)
659 goto clear;
660 }
661 }
662
663 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
664 if (s->marked)
665 dns_server_free(s);
666
667 /* Whenever /etc/resolv.conf changes, start using the first
668 * DNS server of it. This is useful to deal with broken
669 * network managing implementations (like NetworkManager),
670 * that when connecting to a VPN place both the VPN DNS
671 * servers and the local ones in /etc/resolv.conf. Without
672 * resetting the DNS server to use back to the first entry we
673 * will continue to use the local one thus being unable to
674 * resolve VPN domains. */
675 manager_set_dns_server(m, m->dns_servers);
676
677 return 0;
678
679clear:
680 while (m->dns_servers)
681 dns_server_free(m->dns_servers);
682
683 return r;
684}
685
686static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
687 _cleanup_free_ char *t = NULL;
688 int r;
689
690 assert(s);
691 assert(f);
692 assert(count);
693
694 r = in_addr_to_string(s->family, &s->address, &t);
695 if (r < 0) {
696 log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
697 return;
698 }
699
700 if (*count == MAXNS)
701 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
702
703 fprintf(f, "nameserver %s\n", t);
704 (*count) ++;
705}
706
707static void write_resolv_conf_search(
708 const char *domain, FILE *f,
709 unsigned *count,
710 unsigned *length) {
711
712 assert(domain);
713 assert(f);
714 assert(length);
715
716 if (*count >= MAXDNSRCH ||
717 *length + strlen(domain) > 256) {
718 if (*count == MAXDNSRCH)
719 fputs(" # Too many search domains configured, remaining ones ignored.", f);
720 if (*length <= 256)
721 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
722
723 return;
724 }
725
726 fprintf(f, " %s", domain);
727
728 (*length) += strlen(domain);
729 (*count) ++;
730}
731
732static int write_resolv_conf_contents(FILE *f, OrderedSet *dns, OrderedSet *domains) {
733 Iterator i;
734
735 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
736 "# Third party programs must not access this file directly, but\n"
737 "# only through the symlink at /etc/resolv.conf. To manage\n"
738 "# resolv.conf(5) in a different way, replace the symlink by a\n"
739 "# static file or a different symlink.\n\n", f);
740
741 if (ordered_set_isempty(dns))
742 fputs("# No DNS servers known.\n", f);
743 else {
744 DnsServer *s;
745 unsigned count = 0;
746
747 ORDERED_SET_FOREACH(s, dns, i)
748 write_resolv_conf_server(s, f, &count);
749 }
750
751 if (!ordered_set_isempty(domains)) {
752 unsigned length = 0, count = 0;
753 char *domain;
754
755 fputs("search", f);
756 ORDERED_SET_FOREACH(domain, domains, i)
757 write_resolv_conf_search(domain, f, &count, &length);
758 fputs("\n", f);
759 }
760
761 return fflush_and_check(f);
762}
763
764int manager_write_resolv_conf(Manager *m) {
765 static const char path[] = "/run/systemd/resolve/resolv.conf";
766 _cleanup_free_ char *temp_path = NULL;
767 _cleanup_fclose_ FILE *f = NULL;
768 _cleanup_ordered_set_free_ OrderedSet *dns = NULL, *domains = NULL;
769 DnsServer *s;
770 Iterator i;
771 Link *l;
772 int r;
773
774 assert(m);
775
776 /* Read the system /etc/resolv.conf first */
777 manager_read_resolv_conf(m);
778
779 /* Add the full list to a set, to filter out duplicates */
780 dns = ordered_set_new(&dns_server_hash_ops);
781 if (!dns)
782 return -ENOMEM;
783
784 domains = ordered_set_new(&dns_name_hash_ops);
785 if (!domains)
786 return -ENOMEM;
787
788 /* First add the system-wide servers */
789 LIST_FOREACH(servers, s, m->dns_servers) {
790 r = ordered_set_put(dns, s);
791 if (r == -EEXIST)
792 continue;
793 if (r < 0)
794 return r;
795 }
796
797 /* Then, add the per-link servers and domains */
798 HASHMAP_FOREACH(l, m->links, i) {
799 char **domain;
800
801 LIST_FOREACH(servers, s, l->dns_servers) {
802 r = ordered_set_put(dns, s);
803 if (r == -EEXIST)
804 continue;
805 if (r < 0)
806 return r;
807 }
808
809 if (!l->unicast_scope)
810 continue;
811
812 STRV_FOREACH(domain, l->unicast_scope->domains) {
813 r = ordered_set_put(domains, *domain);
814 if (r == -EEXIST)
815 continue;
816 if (r < 0)
817 return r;
818 }
819 }
820
821 /* If we found nothing, add the fallback servers */
822 if (ordered_set_isempty(dns)) {
823 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
824 r = ordered_set_put(dns, s);
825 if (r == -EEXIST)
826 continue;
827 if (r < 0)
828 return r;
829 }
830 }
831
832 r = fopen_temporary_label(path, path, &f, &temp_path);
833 if (r < 0)
834 return r;
835
836 fchmod(fileno(f), 0644);
837
838 r = write_resolv_conf_contents(f, dns, domains);
839 if (r < 0)
840 goto fail;
841
842 if (rename(temp_path, path) < 0) {
843 r = -errno;
844 goto fail;
845 }
846
847 return 0;
848
849fail:
850 (void) unlink(path);
851 (void) unlink(temp_path);
852 return r;
853}
854
855int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
856 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
857 union {
858 struct cmsghdr header; /* For alignment */
859 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
860 + CMSG_SPACE(int) /* ttl/hoplimit */
861 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
862 } control;
863 union sockaddr_union sa;
864 struct msghdr mh = {};
865 struct cmsghdr *cmsg;
866 struct iovec iov;
867 int ms = 0, r;
868 ssize_t l;
869
870 assert(m);
871 assert(fd >= 0);
872 assert(ret);
873
874 r = ioctl(fd, FIONREAD, &ms);
875 if (r < 0)
876 return -errno;
877 if (ms < 0)
878 return -EIO;
879
880 r = dns_packet_new(&p, protocol, ms);
881 if (r < 0)
882 return r;
883
884 iov.iov_base = DNS_PACKET_DATA(p);
885 iov.iov_len = p->allocated;
886
887 mh.msg_name = &sa.sa;
888 mh.msg_namelen = sizeof(sa);
889 mh.msg_iov = &iov;
890 mh.msg_iovlen = 1;
891 mh.msg_control = &control;
892 mh.msg_controllen = sizeof(control);
893
894 l = recvmsg(fd, &mh, 0);
895 if (l < 0) {
896 if (errno == EAGAIN || errno == EINTR)
897 return 0;
898
899 return -errno;
900 }
901
902 if (l <= 0)
903 return -EIO;
904
905 assert(!(mh.msg_flags & MSG_CTRUNC));
906 assert(!(mh.msg_flags & MSG_TRUNC));
907
908 p->size = (size_t) l;
909
910 p->family = sa.sa.sa_family;
911 p->ipproto = IPPROTO_UDP;
912 if (p->family == AF_INET) {
913 p->sender.in = sa.in.sin_addr;
914 p->sender_port = be16toh(sa.in.sin_port);
915 } else if (p->family == AF_INET6) {
916 p->sender.in6 = sa.in6.sin6_addr;
917 p->sender_port = be16toh(sa.in6.sin6_port);
918 p->ifindex = sa.in6.sin6_scope_id;
919 } else
920 return -EAFNOSUPPORT;
921
922 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
923
924 if (cmsg->cmsg_level == IPPROTO_IPV6) {
925 assert(p->family == AF_INET6);
926
927 switch (cmsg->cmsg_type) {
928
929 case IPV6_PKTINFO: {
930 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
931
932 if (p->ifindex <= 0)
933 p->ifindex = i->ipi6_ifindex;
934
935 p->destination.in6 = i->ipi6_addr;
936 break;
937 }
938
939 case IPV6_HOPLIMIT:
940 p->ttl = *(int *) CMSG_DATA(cmsg);
941 break;
942
943 }
944 } else if (cmsg->cmsg_level == IPPROTO_IP) {
945 assert(p->family == AF_INET);
946
947 switch (cmsg->cmsg_type) {
948
949 case IP_PKTINFO: {
950 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
951
952 if (p->ifindex <= 0)
953 p->ifindex = i->ipi_ifindex;
954
955 p->destination.in = i->ipi_addr;
956 break;
957 }
958
959 case IP_TTL:
960 p->ttl = *(int *) CMSG_DATA(cmsg);
961 break;
962 }
963 }
964 }
965
966 /* The Linux kernel sets the interface index to the loopback
967 * device if the packet came from the local host since it
968 * avoids the routing table in such a case. Let's unset the
969 * interface index in such a case. */
970 if (p->ifindex == LOOPBACK_IFINDEX)
971 p->ifindex = 0;
972
973 /* If we don't know the interface index still, we look for the
974 * first local interface with a matching address. Yuck! */
975 if (p->ifindex <= 0)
976 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
977
978 *ret = p;
979 p = NULL;
980
981 return 1;
982}
983
984static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
985 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
986 DnsTransaction *t = NULL;
987 Manager *m = userdata;
988 int r;
989
990 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
991 if (r <= 0)
992 return r;
993
994 if (dns_packet_validate_reply(p) > 0) {
995 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
996 if (!t)
997 return 0;
998
999 dns_transaction_process_reply(t, p);
1000
1001 } else
1002 log_debug("Invalid DNS packet.");
1003
1004 return 0;
1005}
1006
1007int manager_dns_ipv4_fd(Manager *m) {
1008 const int one = 1;
1009 int r;
1010
1011 assert(m);
1012
1013 if (m->dns_ipv4_fd >= 0)
1014 return m->dns_ipv4_fd;
1015
1016 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1017 if (m->dns_ipv4_fd < 0)
1018 return -errno;
1019
1020 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1021 if (r < 0) {
1022 r = -errno;
1023 goto fail;
1024 }
1025
1026 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
1027 if (r < 0)
1028 goto fail;
1029
1030 return m->dns_ipv4_fd;
1031
1032fail:
1033 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1034 return r;
1035}
1036
1037int manager_dns_ipv6_fd(Manager *m) {
1038 const int one = 1;
1039 int r;
1040
1041 assert(m);
1042
1043 if (m->dns_ipv6_fd >= 0)
1044 return m->dns_ipv6_fd;
1045
1046 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1047 if (m->dns_ipv6_fd < 0)
1048 return -errno;
1049
1050 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1051 if (r < 0) {
1052 r = -errno;
1053 goto fail;
1054 }
1055
1056 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
1057 if (r < 0)
1058 goto fail;
1059
1060 return m->dns_ipv6_fd;
1061
1062fail:
1063 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1064 return r;
1065}
1066
1067static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1068 int r;
1069
1070 assert(fd >= 0);
1071 assert(mh);
1072
1073 for (;;) {
1074 if (sendmsg(fd, mh, flags) >= 0)
1075 return 0;
1076
1077 if (errno == EINTR)
1078 continue;
1079
1080 if (errno != EAGAIN)
1081 return -errno;
1082
1083 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1084 if (r < 0)
1085 return r;
1086 if (r == 0)
1087 return -ETIMEDOUT;
1088 }
1089}
1090
1091static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1092 union sockaddr_union sa = {
1093 .in.sin_family = AF_INET,
1094 };
1095 union {
1096 struct cmsghdr header; /* For alignment */
1097 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1098 } control;
1099 struct msghdr mh = {};
1100 struct iovec iov;
1101
1102 assert(m);
1103 assert(fd >= 0);
1104 assert(addr);
1105 assert(port > 0);
1106 assert(p);
1107
1108 iov.iov_base = DNS_PACKET_DATA(p);
1109 iov.iov_len = p->size;
1110
1111 sa.in.sin_addr = *addr;
1112 sa.in.sin_port = htobe16(port),
1113
1114 mh.msg_iov = &iov;
1115 mh.msg_iovlen = 1;
1116 mh.msg_name = &sa.sa;
1117 mh.msg_namelen = sizeof(sa.in);
1118
1119 if (ifindex > 0) {
1120 struct cmsghdr *cmsg;
1121 struct in_pktinfo *pi;
1122
1123 zero(control);
1124
1125 mh.msg_control = &control;
1126 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1127
1128 cmsg = CMSG_FIRSTHDR(&mh);
1129 cmsg->cmsg_len = mh.msg_controllen;
1130 cmsg->cmsg_level = IPPROTO_IP;
1131 cmsg->cmsg_type = IP_PKTINFO;
1132
1133 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1134 pi->ipi_ifindex = ifindex;
1135 }
1136
1137 return sendmsg_loop(fd, &mh, 0);
1138}
1139
1140static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1141 union sockaddr_union sa = {
1142 .in6.sin6_family = AF_INET6,
1143 };
1144 union {
1145 struct cmsghdr header; /* For alignment */
1146 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1147 } control;
1148 struct msghdr mh = {};
1149 struct iovec iov;
1150
1151 assert(m);
1152 assert(fd >= 0);
1153 assert(addr);
1154 assert(port > 0);
1155 assert(p);
1156
1157 iov.iov_base = DNS_PACKET_DATA(p);
1158 iov.iov_len = p->size;
1159
1160 sa.in6.sin6_addr = *addr;
1161 sa.in6.sin6_port = htobe16(port),
1162 sa.in6.sin6_scope_id = ifindex;
1163
1164 mh.msg_iov = &iov;
1165 mh.msg_iovlen = 1;
1166 mh.msg_name = &sa.sa;
1167 mh.msg_namelen = sizeof(sa.in6);
1168
1169 if (ifindex > 0) {
1170 struct cmsghdr *cmsg;
1171 struct in6_pktinfo *pi;
1172
1173 zero(control);
1174
1175 mh.msg_control = &control;
1176 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1177
1178 cmsg = CMSG_FIRSTHDR(&mh);
1179 cmsg->cmsg_len = mh.msg_controllen;
1180 cmsg->cmsg_level = IPPROTO_IPV6;
1181 cmsg->cmsg_type = IPV6_PKTINFO;
1182
1183 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1184 pi->ipi6_ifindex = ifindex;
1185 }
1186
1187 return sendmsg_loop(fd, &mh, 0);
1188}
1189
1190int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1191 assert(m);
1192 assert(fd >= 0);
1193 assert(addr);
1194 assert(port > 0);
1195 assert(p);
1196
1197 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1198
1199 if (family == AF_INET)
1200 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1201 else if (family == AF_INET6)
1202 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1203
1204 return -EAFNOSUPPORT;
1205}
1206
1207DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1208 DnsServer *s;
1209
1210 assert(m);
1211 assert(in_addr);
1212
1213 LIST_FOREACH(servers, s, m->dns_servers)
1214 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1215 return s;
1216
1217 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1218 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1219 return s;
1220
1221 return NULL;
1222}
1223
1224DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1225 assert(m);
1226
1227 if (m->current_dns_server == s)
1228 return s;
1229
1230 if (s) {
1231 _cleanup_free_ char *ip = NULL;
1232
1233 in_addr_to_string(s->family, &s->address, &ip);
1234 log_info("Switching to system DNS server %s.", strna(ip));
1235 }
1236
1237 m->current_dns_server = s;
1238
1239 if (m->unicast_scope)
1240 dns_cache_flush(&m->unicast_scope->cache);
1241
1242 return s;
1243}
1244
1245DnsServer *manager_get_dns_server(Manager *m) {
1246 Link *l;
1247 assert(m);
1248
1249 /* Try to read updates resolv.conf */
1250 manager_read_resolv_conf(m);
1251
1252 if (!m->current_dns_server)
1253 manager_set_dns_server(m, m->dns_servers);
1254
1255 if (!m->current_dns_server) {
1256 bool found = false;
1257 Iterator i;
1258
1259 /* No DNS servers configured, let's see if there are
1260 * any on any links. If not, we use the fallback
1261 * servers */
1262
1263 HASHMAP_FOREACH(l, m->links, i)
1264 if (l->dns_servers) {
1265 found = true;
1266 break;
1267 }
1268
1269 if (!found)
1270 manager_set_dns_server(m, m->fallback_dns_servers);
1271 }
1272
1273 return m->current_dns_server;
1274}
1275
1276void manager_next_dns_server(Manager *m) {
1277 assert(m);
1278
1279 /* If there's currently no DNS server set, then the next
1280 * manager_get_dns_server() will find one */
1281 if (!m->current_dns_server)
1282 return;
1283
1284 /* Change to the next one */
1285 if (m->current_dns_server->servers_next) {
1286 manager_set_dns_server(m, m->current_dns_server->servers_next);
1287 return;
1288 }
1289
1290 /* If there was no next one, then start from the beginning of
1291 * the list */
1292 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1293 manager_set_dns_server(m, m->fallback_dns_servers);
1294 else
1295 manager_set_dns_server(m, m->dns_servers);
1296}
1297
1298uint32_t manager_find_mtu(Manager *m) {
1299 uint32_t mtu = 0;
1300 Link *l;
1301 Iterator i;
1302
1303 /* If we don't know on which link a DNS packet would be
1304 * delivered, let's find the largest MTU that works on all
1305 * interfaces we know of */
1306
1307 HASHMAP_FOREACH(l, m->links, i) {
1308 if (l->mtu <= 0)
1309 continue;
1310
1311 if (mtu <= 0 || l->mtu < mtu)
1312 mtu = l->mtu;
1313 }
1314
1315 return mtu;
1316}
1317
1318static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1319 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1320 DnsTransaction *t = NULL;
1321 Manager *m = userdata;
1322 DnsScope *scope;
1323 int r;
1324
1325 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1326 if (r <= 0)
1327 return r;
1328
1329 scope = manager_find_scope(m, p);
1330 if (!scope) {
1331 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1332 return 0;
1333 }
1334
1335 if (dns_packet_validate_reply(p) > 0) {
1336 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1337
1338 dns_scope_check_conflicts(scope, p);
1339
1340 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1341 if (t)
1342 dns_transaction_process_reply(t, p);
1343
1344 } else if (dns_packet_validate_query(p) > 0) {
1345 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
1346
1347 dns_scope_process_query(scope, NULL, p);
1348 } else
1349 log_debug("Invalid LLMNR UDP packet.");
1350
1351 return 0;
1352}
1353
1354int manager_llmnr_ipv4_udp_fd(Manager *m) {
1355 union sockaddr_union sa = {
1356 .in.sin_family = AF_INET,
1357 .in.sin_port = htobe16(5355),
1358 };
1359 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1360 int r;
1361
1362 assert(m);
1363
1364 if (m->llmnr_ipv4_udp_fd >= 0)
1365 return m->llmnr_ipv4_udp_fd;
1366
1367 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1368 if (m->llmnr_ipv4_udp_fd < 0)
1369 return -errno;
1370
1371 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1372 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1373 if (r < 0) {
1374 r = -errno;
1375 goto fail;
1376 }
1377
1378 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1379 if (r < 0) {
1380 r = -errno;
1381 goto fail;
1382 }
1383
1384 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1385 if (r < 0) {
1386 r = -errno;
1387 goto fail;
1388 }
1389
1390 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1391 if (r < 0) {
1392 r = -errno;
1393 goto fail;
1394 }
1395
1396 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1397 if (r < 0) {
1398 r = -errno;
1399 goto fail;
1400 }
1401
1402 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1403 if (r < 0) {
1404 r = -errno;
1405 goto fail;
1406 }
1407
1408 /* Disable Don't-Fragment bit in the IP header */
1409 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1410 if (r < 0) {
1411 r = -errno;
1412 goto fail;
1413 }
1414
1415 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1416 if (r < 0) {
1417 r = -errno;
1418 goto fail;
1419 }
1420
1421 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1422 if (r < 0)
1423 goto fail;
1424
1425 return m->llmnr_ipv4_udp_fd;
1426
1427fail:
1428 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1429 return r;
1430}
1431
1432int manager_llmnr_ipv6_udp_fd(Manager *m) {
1433 union sockaddr_union sa = {
1434 .in6.sin6_family = AF_INET6,
1435 .in6.sin6_port = htobe16(5355),
1436 };
1437 static const int one = 1, ttl = 255;
1438 int r;
1439
1440 assert(m);
1441
1442 if (m->llmnr_ipv6_udp_fd >= 0)
1443 return m->llmnr_ipv6_udp_fd;
1444
1445 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1446 if (m->llmnr_ipv6_udp_fd < 0)
1447 return -errno;
1448
1449 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1450 if (r < 0) {
1451 r = -errno;
1452 goto fail;
1453 }
1454
1455 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1456 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1457 if (r < 0) {
1458 r = -errno;
1459 goto fail;
1460 }
1461
1462 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1463 if (r < 0) {
1464 r = -errno;
1465 goto fail;
1466 }
1467
1468 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1469 if (r < 0) {
1470 r = -errno;
1471 goto fail;
1472 }
1473
1474 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1475 if (r < 0) {
1476 r = -errno;
1477 goto fail;
1478 }
1479
1480 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1481 if (r < 0) {
1482 r = -errno;
1483 goto fail;
1484 }
1485
1486 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1487 if (r < 0) {
1488 r = -errno;
1489 goto fail;
1490 }
1491
1492 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1493 if (r < 0) {
1494 r = -errno;
1495 goto fail;
1496 }
1497
1498 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1499 if (r < 0) {
1500 r = -errno;
1501 goto fail;
1502 }
1503
1504 return m->llmnr_ipv6_udp_fd;
1505
1506fail:
1507 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1508 return r;
1509}
1510
1511static int on_llmnr_stream_packet(DnsStream *s) {
1512 DnsScope *scope;
1513
1514 assert(s);
1515
1516 scope = manager_find_scope(s->manager, s->read_packet);
1517 if (!scope) {
1518 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1519 return 0;
1520 }
1521
1522 if (dns_packet_validate_query(s->read_packet) > 0) {
1523 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
1524
1525 dns_scope_process_query(scope, s, s->read_packet);
1526
1527 /* If no reply packet was set, we free the stream */
1528 if (s->write_packet)
1529 return 0;
1530 } else
1531 log_debug("Invalid LLMNR TCP packet.");
1532
1533 dns_stream_free(s);
1534 return 0;
1535}
1536
1537static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1538 DnsStream *stream;
1539 Manager *m = userdata;
1540 int cfd, r;
1541
1542 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1543 if (cfd < 0) {
1544 if (errno == EAGAIN || errno == EINTR)
1545 return 0;
1546
1547 return -errno;
1548 }
1549
1550 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1551 if (r < 0) {
1552 safe_close(cfd);
1553 return r;
1554 }
1555
1556 stream->on_packet = on_llmnr_stream_packet;
1557 return 0;
1558}
1559
1560int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1561 union sockaddr_union sa = {
1562 .in.sin_family = AF_INET,
1563 .in.sin_port = htobe16(5355),
1564 };
1565 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1566 int r;
1567
1568 assert(m);
1569
1570 if (m->llmnr_ipv4_tcp_fd >= 0)
1571 return m->llmnr_ipv4_tcp_fd;
1572
1573 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1574 if (m->llmnr_ipv4_tcp_fd < 0)
1575 return -errno;
1576
1577 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1578 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1579 if (r < 0) {
1580 r = -errno;
1581 goto fail;
1582 }
1583
1584 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1585 if (r < 0) {
1586 r = -errno;
1587 goto fail;
1588 }
1589
1590 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1591 if (r < 0) {
1592 r = -errno;
1593 goto fail;
1594 }
1595
1596 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1597 if (r < 0) {
1598 r = -errno;
1599 goto fail;
1600 }
1601
1602 /* Disable Don't-Fragment bit in the IP header */
1603 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1604 if (r < 0) {
1605 r = -errno;
1606 goto fail;
1607 }
1608
1609 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1610 if (r < 0) {
1611 r = -errno;
1612 goto fail;
1613 }
1614
1615 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1616 if (r < 0) {
1617 r = -errno;
1618 goto fail;
1619 }
1620
1621 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1622 if (r < 0)
1623 goto fail;
1624
1625 return m->llmnr_ipv4_tcp_fd;
1626
1627fail:
1628 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1629 return r;
1630}
1631
1632int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1633 union sockaddr_union sa = {
1634 .in6.sin6_family = AF_INET6,
1635 .in6.sin6_port = htobe16(5355),
1636 };
1637 static const int one = 1;
1638 int r;
1639
1640 assert(m);
1641
1642 if (m->llmnr_ipv6_tcp_fd >= 0)
1643 return m->llmnr_ipv6_tcp_fd;
1644
1645 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1646 if (m->llmnr_ipv6_tcp_fd < 0)
1647 return -errno;
1648
1649 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1650 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1651 if (r < 0) {
1652 r = -errno;
1653 goto fail;
1654 }
1655
1656 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1657 if (r < 0) {
1658 r = -errno;
1659 goto fail;
1660 }
1661
1662 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1663 if (r < 0) {
1664 r = -errno;
1665 goto fail;
1666 }
1667
1668 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1669 if (r < 0) {
1670 r = -errno;
1671 goto fail;
1672 }
1673
1674 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1675 if (r < 0) {
1676 r = -errno;
1677 goto fail;
1678 }
1679
1680 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1681 if (r < 0) {
1682 r = -errno;
1683 goto fail;
1684 }
1685
1686 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1687 if (r < 0) {
1688 r = -errno;
1689 goto fail;
1690 }
1691
1692 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1693 if (r < 0) {
1694 r = -errno;
1695 goto fail;
1696 }
1697
1698 return m->llmnr_ipv6_tcp_fd;
1699
1700fail:
1701 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1702 return r;
1703}
1704
1705int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1706 LinkAddress *a;
1707
1708 assert(m);
1709
1710 a = manager_find_link_address(m, family, in_addr);
1711 if (a)
1712 return a->link->ifindex;
1713
1714 return 0;
1715}
1716
1717void manager_refresh_rrs(Manager *m) {
1718 Iterator i;
1719 Link *l;
1720
1721 assert(m);
1722
1723 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1724 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1725
1726 HASHMAP_FOREACH(l, m->links, i) {
1727 link_add_rrs(l, true);
1728 link_add_rrs(l, false);
1729 }
1730}
1731
1732int manager_next_hostname(Manager *m) {
1733 const char *p;
1734 uint64_t u, a;
1735 char *h;
1736
1737 assert(m);
1738
1739 p = strchr(m->hostname, 0);
1740 assert(p);
1741
1742 while (p > m->hostname) {
1743 if (!strchr("0123456789", p[-1]))
1744 break;
1745
1746 p--;
1747 }
1748
1749 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1750 u = 1;
1751
1752 /* Add a random number to the old value. This way we can avoid
1753 * that two hosts pick the same hostname, win on IPv4 and lose
1754 * on IPv6 (or vice versa), and pick the same hostname
1755 * replacement hostname, ad infinitum. We still want the
1756 * numbers to go up monotonically, hence we just add a random
1757 * value 1..10 */
1758
1759 random_bytes(&a, sizeof(a));
1760 u += 1 + a % 10;
1761
1762 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1763 return -ENOMEM;
1764
1765 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1766
1767 free(m->hostname);
1768 m->hostname = h;
1769
1770 manager_refresh_rrs(m);
1771
1772 return 0;
1773}
1774
1775LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1776 Iterator i;
1777 Link *l;
1778
1779 assert(m);
1780
1781 HASHMAP_FOREACH(l, m->links, i) {
1782 LinkAddress *a;
1783
1784 a = link_find_address(l, family, in_addr);
1785 if (a)
1786 return a;
1787 }
1788
1789 return NULL;
1790}
1791
1792bool manager_our_packet(Manager *m, DnsPacket *p) {
1793 assert(m);
1794 assert(p);
1795
1796 return !!manager_find_link_address(m, p->family, &p->sender);
1797}
1798
1799DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1800 Link *l;
1801
1802 assert(m);
1803 assert(p);
1804
1805 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1806 if (!l)
1807 return NULL;
1808
1809 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1810 if (p->family == AF_INET)
1811 return l->llmnr_ipv4_scope;
1812 else if (p->family == AF_INET6)
1813 return l->llmnr_ipv6_scope;
1814 }
1815
1816 return NULL;
1817}
1818
1819void manager_verify_all(Manager *m) {
1820 DnsScope *s;
1821
1822 assert(m);
1823
1824 LIST_FOREACH(scopes, s, m->dns_scopes)
1825 dns_zone_verify_all(&s->zone);
1826}
1827
1828void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1829 assert(m);
1830
1831 if (t == DNS_SERVER_SYSTEM)
1832 while (m->dns_servers)
1833 dns_server_free(m->dns_servers);
1834
1835 if (t == DNS_SERVER_FALLBACK)
1836 while (m->fallback_dns_servers)
1837 dns_server_free(m->fallback_dns_servers);
1838}
1839
1840static const char* const support_table[_SUPPORT_MAX] = {
1841 [SUPPORT_NO] = "no",
1842 [SUPPORT_YES] = "yes",
1843 [SUPPORT_RESOLVE] = "resolve",
1844};
1845DEFINE_STRING_TABLE_LOOKUP(support, Support);
Unnamed repository; edit this file 'description' to name the repository.