]> git.ipfire.org Git - thirdparty/systemd.git/blame_incremental - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Merge pull request #179 from l10n-tw/master
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
... / ...
CommitLineData
1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22#include <resolv.h>
23#include <sys/ioctl.h>
24#include <poll.h>
25#include <netinet/in.h>
26
27#include "rtnl-util.h"
28#include "network-internal.h"
29#include "socket-util.h"
30#include "af-list.h"
31#include "utf8.h"
32#include "fileio-label.h"
33#include "ordered-set.h"
34#include "random-util.h"
35#include "hostname-util.h"
36
37#include "dns-domain.h"
38#include "resolved-conf.h"
39#include "resolved-bus.h"
40#include "resolved-manager.h"
41
42#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
43
44static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
45 Manager *m = userdata;
46 uint16_t type;
47 Link *l;
48 int ifindex, r;
49
50 assert(rtnl);
51 assert(m);
52 assert(mm);
53
54 r = sd_rtnl_message_get_type(mm, &type);
55 if (r < 0)
56 goto fail;
57
58 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
59 if (r < 0)
60 goto fail;
61
62 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
63
64 switch (type) {
65
66 case RTM_NEWLINK:{
67 bool is_new = !l;
68
69 if (!l) {
70 r = link_new(m, &l, ifindex);
71 if (r < 0)
72 goto fail;
73 }
74
75 r = link_update_rtnl(l, mm);
76 if (r < 0)
77 goto fail;
78
79 r = link_update_monitor(l);
80 if (r < 0)
81 goto fail;
82
83 if (is_new)
84 log_debug("Found new link %i/%s", ifindex, l->name);
85
86 break;
87 }
88
89 case RTM_DELLINK:
90 if (l) {
91 log_debug("Removing link %i/%s", l->ifindex, l->name);
92 link_free(l);
93 }
94
95 break;
96 }
97
98 return 0;
99
100fail:
101 log_warning_errno(r, "Failed to process RTNL link message: %m");
102 return 0;
103}
104
105static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
106 Manager *m = userdata;
107 union in_addr_union address;
108 uint16_t type;
109 int r, ifindex, family;
110 LinkAddress *a;
111 Link *l;
112
113 assert(rtnl);
114 assert(mm);
115 assert(m);
116
117 r = sd_rtnl_message_get_type(mm, &type);
118 if (r < 0)
119 goto fail;
120
121 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
122 if (r < 0)
123 goto fail;
124
125 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
126 if (!l)
127 return 0;
128
129 r = sd_rtnl_message_addr_get_family(mm, &family);
130 if (r < 0)
131 goto fail;
132
133 switch (family) {
134
135 case AF_INET:
136 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
137 if (r < 0) {
138 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
139 if (r < 0)
140 goto fail;
141 }
142
143 break;
144
145 case AF_INET6:
146 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
147 if (r < 0) {
148 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
149 if (r < 0)
150 goto fail;
151 }
152
153 break;
154
155 default:
156 return 0;
157 }
158
159 a = link_find_address(l, family, &address);
160
161 switch (type) {
162
163 case RTM_NEWADDR:
164
165 if (!a) {
166 r = link_address_new(l, &a, family, &address);
167 if (r < 0)
168 return r;
169 }
170
171 r = link_address_update_rtnl(a, mm);
172 if (r < 0)
173 return r;
174
175 break;
176
177 case RTM_DELADDR:
178 if (a)
179 link_address_free(a);
180 break;
181 }
182
183 return 0;
184
185fail:
186 log_warning_errno(r, "Failed to process RTNL address message: %m");
187 return 0;
188}
189
190static int manager_rtnl_listen(Manager *m) {
191 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
192 sd_rtnl_message *i;
193 int r;
194
195 assert(m);
196
197 /* First, subscribe to interfaces coming and going */
198 r = sd_rtnl_open(&m->rtnl);
199 if (r < 0)
200 return r;
201
202 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
203 if (r < 0)
204 return r;
205
206 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
207 if (r < 0)
208 return r;
209
210 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
211 if (r < 0)
212 return r;
213
214 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
215 if (r < 0)
216 return r;
217
218 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
219 if (r < 0)
220 return r;
221
222 /* Then, enumerate all links */
223 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
224 if (r < 0)
225 return r;
226
227 r = sd_rtnl_message_request_dump(req, true);
228 if (r < 0)
229 return r;
230
231 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
232 if (r < 0)
233 return r;
234
235 for (i = reply; i; i = sd_rtnl_message_next(i)) {
236 r = manager_process_link(m->rtnl, i, m);
237 if (r < 0)
238 return r;
239 }
240
241 req = sd_rtnl_message_unref(req);
242 reply = sd_rtnl_message_unref(reply);
243
244 /* Finally, enumerate all addresses, too */
245 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
246 if (r < 0)
247 return r;
248
249 r = sd_rtnl_message_request_dump(req, true);
250 if (r < 0)
251 return r;
252
253 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
254 if (r < 0)
255 return r;
256
257 for (i = reply; i; i = sd_rtnl_message_next(i)) {
258 r = manager_process_address(m->rtnl, i, m);
259 if (r < 0)
260 return r;
261 }
262
263 return r;
264}
265
266static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
267 Manager *m = userdata;
268 Iterator i;
269 Link *l;
270 int r;
271
272 assert(m);
273
274 sd_network_monitor_flush(m->network_monitor);
275
276 HASHMAP_FOREACH(l, m->links, i) {
277 r = link_update_monitor(l);
278 if (r < 0)
279 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
280 }
281
282 r = manager_write_resolv_conf(m);
283 if (r < 0)
284 log_warning_errno(r, "Could not update resolv.conf: %m");
285
286 return 0;
287}
288
289static int manager_network_monitor_listen(Manager *m) {
290 int r, fd, events;
291
292 assert(m);
293
294 r = sd_network_monitor_new(&m->network_monitor, NULL);
295 if (r < 0)
296 return r;
297
298 fd = sd_network_monitor_get_fd(m->network_monitor);
299 if (fd < 0)
300 return fd;
301
302 events = sd_network_monitor_get_events(m->network_monitor);
303 if (events < 0)
304 return events;
305
306 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
307 if (r < 0)
308 return r;
309
310 return 0;
311}
312
313static int determine_hostname(char **ret) {
314 _cleanup_free_ char *h = NULL, *n = NULL;
315 int r;
316
317 assert(ret);
318
319 h = gethostname_malloc();
320 if (!h)
321 return log_oom();
322
323 if (!utf8_is_valid(h)) {
324 log_error("System hostname is not UTF-8 clean.");
325 return -EINVAL;
326 }
327
328 r = dns_name_normalize(h, &n);
329 if (r < 0) {
330 log_error("System hostname '%s' cannot be normalized.", h);
331 return r;
332 }
333
334 *ret = n;
335 n = NULL;
336
337 return 0;
338}
339
340static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
341 _cleanup_free_ char *h = NULL;
342 Manager *m = userdata;
343 int r;
344
345 assert(m);
346
347 r = determine_hostname(&h);
348 if (r < 0)
349 return 0; /* ignore invalid hostnames */
350
351 if (streq(h, m->hostname))
352 return 0;
353
354 log_info("System hostname changed to '%s'.", h);
355 free(m->hostname);
356 m->hostname = h;
357 h = NULL;
358
359 manager_refresh_rrs(m);
360
361 return 0;
362}
363
364static int manager_watch_hostname(Manager *m) {
365 int r;
366
367 assert(m);
368
369 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
370 if (m->hostname_fd < 0) {
371 log_warning_errno(errno, "Failed to watch hostname: %m");
372 return 0;
373 }
374
375 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
376 if (r < 0) {
377 if (r == -EPERM)
378 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
379 m->hostname_fd = safe_close(m->hostname_fd);
380 else
381 return log_error_errno(r, "Failed to add hostname event source: %m");
382 }
383
384 r = determine_hostname(&m->hostname);
385 if (r < 0) {
386 log_info("Defaulting to hostname 'linux'.");
387 m->hostname = strdup("linux");
388 if (!m->hostname)
389 return log_oom();
390 } else
391 log_info("Using system hostname '%s'.", m->hostname);
392
393 return 0;
394}
395
396static void manager_llmnr_stop(Manager *m) {
397 assert(m);
398
399 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
400 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
401
402 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
403 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
404
405 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
406 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
407
408 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
409 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
410}
411
412static int manager_llmnr_start(Manager *m) {
413 int r;
414
415 assert(m);
416
417 if (m->llmnr_support == SUPPORT_NO)
418 return 0;
419
420 r = manager_llmnr_ipv4_udp_fd(m);
421 if (r == -EADDRINUSE)
422 goto eaddrinuse;
423 if (r < 0)
424 return r;
425
426 r = manager_llmnr_ipv4_tcp_fd(m);
427 if (r == -EADDRINUSE)
428 goto eaddrinuse;
429 if (r < 0)
430 return r;
431
432 if (socket_ipv6_is_supported()) {
433 r = manager_llmnr_ipv6_udp_fd(m);
434 if (r == -EADDRINUSE)
435 goto eaddrinuse;
436 if (r < 0)
437 return r;
438
439 r = manager_llmnr_ipv6_tcp_fd(m);
440 if (r == -EADDRINUSE)
441 goto eaddrinuse;
442 if (r < 0)
443 return r;
444 }
445
446 return 0;
447
448eaddrinuse:
449 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
450 m->llmnr_support = SUPPORT_NO;
451 manager_llmnr_stop(m);
452
453 return 0;
454}
455
456int manager_new(Manager **ret) {
457 _cleanup_(manager_freep) Manager *m = NULL;
458 int r;
459
460 assert(ret);
461
462 m = new0(Manager, 1);
463 if (!m)
464 return -ENOMEM;
465
466 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
467 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
468 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
469 m->hostname_fd = -1;
470
471 m->llmnr_support = SUPPORT_YES;
472 m->read_resolv_conf = true;
473
474 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
475 if (r < 0)
476 return r;
477
478 r = sd_event_default(&m->event);
479 if (r < 0)
480 return r;
481
482 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
483 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
484
485 sd_event_set_watchdog(m->event, true);
486
487 r = manager_watch_hostname(m);
488 if (r < 0)
489 return r;
490
491 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
492 if (r < 0)
493 return r;
494
495 r = manager_network_monitor_listen(m);
496 if (r < 0)
497 return r;
498
499 r = manager_rtnl_listen(m);
500 if (r < 0)
501 return r;
502
503 r = manager_connect_bus(m);
504 if (r < 0)
505 return r;
506
507 *ret = m;
508 m = NULL;
509
510 return 0;
511}
512
513int manager_start(Manager *m) {
514 int r;
515
516 assert(m);
517
518 r = manager_llmnr_start(m);
519 if (r < 0)
520 return r;
521
522 return 0;
523}
524
525Manager *manager_free(Manager *m) {
526 Link *l;
527
528 if (!m)
529 return NULL;
530
531 while ((l = hashmap_first(m->links)))
532 link_free(l);
533
534 while (m->dns_queries)
535 dns_query_free(m->dns_queries);
536
537 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
538 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
539
540 dns_scope_free(m->unicast_scope);
541
542 hashmap_free(m->links);
543 hashmap_free(m->dns_transactions);
544
545 sd_event_source_unref(m->network_event_source);
546 sd_network_monitor_unref(m->network_monitor);
547
548 sd_event_source_unref(m->dns_ipv4_event_source);
549 sd_event_source_unref(m->dns_ipv6_event_source);
550 safe_close(m->dns_ipv4_fd);
551 safe_close(m->dns_ipv6_fd);
552
553 manager_llmnr_stop(m);
554
555 sd_bus_slot_unref(m->prepare_for_sleep_slot);
556 sd_event_source_unref(m->bus_retry_event_source);
557 sd_bus_unref(m->bus);
558
559 sd_event_unref(m->event);
560
561 dns_resource_key_unref(m->host_ipv4_key);
562 dns_resource_key_unref(m->host_ipv6_key);
563
564 safe_close(m->hostname_fd);
565 sd_event_source_unref(m->hostname_event_source);
566 free(m->hostname);
567
568 free(m);
569
570 return NULL;
571}
572
573int manager_read_resolv_conf(Manager *m) {
574 _cleanup_fclose_ FILE *f = NULL;
575 struct stat st, own;
576 char line[LINE_MAX];
577 DnsServer *s, *nx;
578 usec_t t;
579 int r;
580
581 assert(m);
582
583 /* Reads the system /etc/resolv.conf, if it exists and is not
584 * symlinked to our own resolv.conf instance */
585
586 if (!m->read_resolv_conf)
587 return 0;
588
589 r = stat("/etc/resolv.conf", &st);
590 if (r < 0) {
591 if (errno != ENOENT)
592 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
593 r = -errno;
594 goto clear;
595 }
596
597 /* Have we already seen the file? */
598 t = timespec_load(&st.st_mtim);
599 if (t == m->resolv_conf_mtime)
600 return 0;
601
602 m->resolv_conf_mtime = t;
603
604 /* Is it symlinked to our own file? */
605 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
606 st.st_dev == own.st_dev &&
607 st.st_ino == own.st_ino) {
608 r = 0;
609 goto clear;
610 }
611
612 f = fopen("/etc/resolv.conf", "re");
613 if (!f) {
614 if (errno != ENOENT)
615 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
616 r = -errno;
617 goto clear;
618 }
619
620 if (fstat(fileno(f), &st) < 0) {
621 log_error_errno(errno, "Failed to stat open file: %m");
622 r = -errno;
623 goto clear;
624 }
625
626 LIST_FOREACH(servers, s, m->dns_servers)
627 s->marked = true;
628
629 FOREACH_LINE(line, f, r = -errno; goto clear) {
630 union in_addr_union address;
631 int family;
632 char *l;
633 const char *a;
634
635 truncate_nl(line);
636
637 l = strstrip(line);
638 if (*l == '#' || *l == ';')
639 continue;
640
641 a = first_word(l, "nameserver");
642 if (!a)
643 continue;
644
645 r = in_addr_from_string_auto(a, &family, &address);
646 if (r < 0) {
647 log_warning("Failed to parse name server %s.", a);
648 continue;
649 }
650
651 LIST_FOREACH(servers, s, m->dns_servers)
652 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
653 break;
654
655 if (s)
656 s->marked = false;
657 else {
658 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
659 if (r < 0)
660 goto clear;
661 }
662 }
663
664 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
665 if (s->marked)
666 dns_server_free(s);
667
668 /* Whenever /etc/resolv.conf changes, start using the first
669 * DNS server of it. This is useful to deal with broken
670 * network managing implementations (like NetworkManager),
671 * that when connecting to a VPN place both the VPN DNS
672 * servers and the local ones in /etc/resolv.conf. Without
673 * resetting the DNS server to use back to the first entry we
674 * will continue to use the local one thus being unable to
675 * resolve VPN domains. */
676 manager_set_dns_server(m, m->dns_servers);
677
678 return 0;
679
680clear:
681 while (m->dns_servers)
682 dns_server_free(m->dns_servers);
683
684 return r;
685}
686
687static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
688 _cleanup_free_ char *t = NULL;
689 int r;
690
691 assert(s);
692 assert(f);
693 assert(count);
694
695 r = in_addr_to_string(s->family, &s->address, &t);
696 if (r < 0) {
697 log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
698 return;
699 }
700
701 if (*count == MAXNS)
702 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
703
704 fprintf(f, "nameserver %s\n", t);
705 (*count) ++;
706}
707
708static void write_resolv_conf_search(
709 const char *domain, FILE *f,
710 unsigned *count,
711 unsigned *length) {
712
713 assert(domain);
714 assert(f);
715 assert(length);
716
717 if (*count >= MAXDNSRCH ||
718 *length + strlen(domain) > 256) {
719 if (*count == MAXDNSRCH)
720 fputs(" # Too many search domains configured, remaining ones ignored.", f);
721 if (*length <= 256)
722 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
723
724 return;
725 }
726
727 fprintf(f, " %s", domain);
728
729 (*length) += strlen(domain);
730 (*count) ++;
731}
732
733static int write_resolv_conf_contents(FILE *f, OrderedSet *dns, OrderedSet *domains) {
734 Iterator i;
735
736 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
737 "# Third party programs must not access this file directly, but\n"
738 "# only through the symlink at /etc/resolv.conf. To manage\n"
739 "# resolv.conf(5) in a different way, replace the symlink by a\n"
740 "# static file or a different symlink.\n\n", f);
741
742 if (ordered_set_isempty(dns))
743 fputs("# No DNS servers known.\n", f);
744 else {
745 DnsServer *s;
746 unsigned count = 0;
747
748 ORDERED_SET_FOREACH(s, dns, i)
749 write_resolv_conf_server(s, f, &count);
750 }
751
752 if (!ordered_set_isempty(domains)) {
753 unsigned length = 0, count = 0;
754 char *domain;
755
756 fputs("search", f);
757 ORDERED_SET_FOREACH(domain, domains, i)
758 write_resolv_conf_search(domain, f, &count, &length);
759 fputs("\n", f);
760 }
761
762 return fflush_and_check(f);
763}
764
765int manager_write_resolv_conf(Manager *m) {
766 static const char path[] = "/run/systemd/resolve/resolv.conf";
767 _cleanup_free_ char *temp_path = NULL;
768 _cleanup_fclose_ FILE *f = NULL;
769 _cleanup_ordered_set_free_ OrderedSet *dns = NULL, *domains = NULL;
770 DnsServer *s;
771 Iterator i;
772 Link *l;
773 int r;
774
775 assert(m);
776
777 /* Read the system /etc/resolv.conf first */
778 manager_read_resolv_conf(m);
779
780 /* Add the full list to a set, to filter out duplicates */
781 dns = ordered_set_new(&dns_server_hash_ops);
782 if (!dns)
783 return -ENOMEM;
784
785 domains = ordered_set_new(&dns_name_hash_ops);
786 if (!domains)
787 return -ENOMEM;
788
789 /* First add the system-wide servers */
790 LIST_FOREACH(servers, s, m->dns_servers) {
791 r = ordered_set_put(dns, s);
792 if (r == -EEXIST)
793 continue;
794 if (r < 0)
795 return r;
796 }
797
798 /* Then, add the per-link servers and domains */
799 HASHMAP_FOREACH(l, m->links, i) {
800 char **domain;
801
802 LIST_FOREACH(servers, s, l->dns_servers) {
803 r = ordered_set_put(dns, s);
804 if (r == -EEXIST)
805 continue;
806 if (r < 0)
807 return r;
808 }
809
810 if (!l->unicast_scope)
811 continue;
812
813 STRV_FOREACH(domain, l->unicast_scope->domains) {
814 r = ordered_set_put(domains, *domain);
815 if (r == -EEXIST)
816 continue;
817 if (r < 0)
818 return r;
819 }
820 }
821
822 /* If we found nothing, add the fallback servers */
823 if (ordered_set_isempty(dns)) {
824 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
825 r = ordered_set_put(dns, s);
826 if (r == -EEXIST)
827 continue;
828 if (r < 0)
829 return r;
830 }
831 }
832
833 r = fopen_temporary_label(path, path, &f, &temp_path);
834 if (r < 0)
835 return r;
836
837 fchmod(fileno(f), 0644);
838
839 r = write_resolv_conf_contents(f, dns, domains);
840 if (r < 0)
841 goto fail;
842
843 if (rename(temp_path, path) < 0) {
844 r = -errno;
845 goto fail;
846 }
847
848 return 0;
849
850fail:
851 (void) unlink(path);
852 (void) unlink(temp_path);
853 return r;
854}
855
856int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
857 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
858 union {
859 struct cmsghdr header; /* For alignment */
860 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
861 + CMSG_SPACE(int) /* ttl/hoplimit */
862 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
863 } control;
864 union sockaddr_union sa;
865 struct msghdr mh = {};
866 struct cmsghdr *cmsg;
867 struct iovec iov;
868 int ms = 0, r;
869 ssize_t l;
870
871 assert(m);
872 assert(fd >= 0);
873 assert(ret);
874
875 r = ioctl(fd, FIONREAD, &ms);
876 if (r < 0)
877 return -errno;
878 if (ms < 0)
879 return -EIO;
880
881 r = dns_packet_new(&p, protocol, ms);
882 if (r < 0)
883 return r;
884
885 iov.iov_base = DNS_PACKET_DATA(p);
886 iov.iov_len = p->allocated;
887
888 mh.msg_name = &sa.sa;
889 mh.msg_namelen = sizeof(sa);
890 mh.msg_iov = &iov;
891 mh.msg_iovlen = 1;
892 mh.msg_control = &control;
893 mh.msg_controllen = sizeof(control);
894
895 l = recvmsg(fd, &mh, 0);
896 if (l < 0) {
897 if (errno == EAGAIN || errno == EINTR)
898 return 0;
899
900 return -errno;
901 }
902
903 if (l <= 0)
904 return -EIO;
905
906 assert(!(mh.msg_flags & MSG_CTRUNC));
907 assert(!(mh.msg_flags & MSG_TRUNC));
908
909 p->size = (size_t) l;
910
911 p->family = sa.sa.sa_family;
912 p->ipproto = IPPROTO_UDP;
913 if (p->family == AF_INET) {
914 p->sender.in = sa.in.sin_addr;
915 p->sender_port = be16toh(sa.in.sin_port);
916 } else if (p->family == AF_INET6) {
917 p->sender.in6 = sa.in6.sin6_addr;
918 p->sender_port = be16toh(sa.in6.sin6_port);
919 p->ifindex = sa.in6.sin6_scope_id;
920 } else
921 return -EAFNOSUPPORT;
922
923 CMSG_FOREACH(cmsg, &mh) {
924
925 if (cmsg->cmsg_level == IPPROTO_IPV6) {
926 assert(p->family == AF_INET6);
927
928 switch (cmsg->cmsg_type) {
929
930 case IPV6_PKTINFO: {
931 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
932
933 if (p->ifindex <= 0)
934 p->ifindex = i->ipi6_ifindex;
935
936 p->destination.in6 = i->ipi6_addr;
937 break;
938 }
939
940 case IPV6_HOPLIMIT:
941 p->ttl = *(int *) CMSG_DATA(cmsg);
942 break;
943
944 }
945 } else if (cmsg->cmsg_level == IPPROTO_IP) {
946 assert(p->family == AF_INET);
947
948 switch (cmsg->cmsg_type) {
949
950 case IP_PKTINFO: {
951 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
952
953 if (p->ifindex <= 0)
954 p->ifindex = i->ipi_ifindex;
955
956 p->destination.in = i->ipi_addr;
957 break;
958 }
959
960 case IP_TTL:
961 p->ttl = *(int *) CMSG_DATA(cmsg);
962 break;
963 }
964 }
965 }
966
967 /* The Linux kernel sets the interface index to the loopback
968 * device if the packet came from the local host since it
969 * avoids the routing table in such a case. Let's unset the
970 * interface index in such a case. */
971 if (p->ifindex == LOOPBACK_IFINDEX)
972 p->ifindex = 0;
973
974 /* If we don't know the interface index still, we look for the
975 * first local interface with a matching address. Yuck! */
976 if (p->ifindex <= 0)
977 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
978
979 *ret = p;
980 p = NULL;
981
982 return 1;
983}
984
985static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
986 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
987 DnsTransaction *t = NULL;
988 Manager *m = userdata;
989 int r;
990
991 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
992 if (r <= 0)
993 return r;
994
995 if (dns_packet_validate_reply(p) > 0) {
996 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
997 if (!t)
998 return 0;
999
1000 dns_transaction_process_reply(t, p);
1001
1002 } else
1003 log_debug("Invalid DNS packet.");
1004
1005 return 0;
1006}
1007
1008int manager_dns_ipv4_fd(Manager *m) {
1009 const int one = 1;
1010 int r;
1011
1012 assert(m);
1013
1014 if (m->dns_ipv4_fd >= 0)
1015 return m->dns_ipv4_fd;
1016
1017 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1018 if (m->dns_ipv4_fd < 0)
1019 return -errno;
1020
1021 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1022 if (r < 0) {
1023 r = -errno;
1024 goto fail;
1025 }
1026
1027 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
1028 if (r < 0)
1029 goto fail;
1030
1031 return m->dns_ipv4_fd;
1032
1033fail:
1034 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1035 return r;
1036}
1037
1038int manager_dns_ipv6_fd(Manager *m) {
1039 const int one = 1;
1040 int r;
1041
1042 assert(m);
1043
1044 if (m->dns_ipv6_fd >= 0)
1045 return m->dns_ipv6_fd;
1046
1047 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1048 if (m->dns_ipv6_fd < 0)
1049 return -errno;
1050
1051 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1052 if (r < 0) {
1053 r = -errno;
1054 goto fail;
1055 }
1056
1057 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
1058 if (r < 0)
1059 goto fail;
1060
1061 return m->dns_ipv6_fd;
1062
1063fail:
1064 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1065 return r;
1066}
1067
1068static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1069 int r;
1070
1071 assert(fd >= 0);
1072 assert(mh);
1073
1074 for (;;) {
1075 if (sendmsg(fd, mh, flags) >= 0)
1076 return 0;
1077
1078 if (errno == EINTR)
1079 continue;
1080
1081 if (errno != EAGAIN)
1082 return -errno;
1083
1084 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1085 if (r < 0)
1086 return r;
1087 if (r == 0)
1088 return -ETIMEDOUT;
1089 }
1090}
1091
1092static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1093 union sockaddr_union sa = {
1094 .in.sin_family = AF_INET,
1095 };
1096 union {
1097 struct cmsghdr header; /* For alignment */
1098 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1099 } control;
1100 struct msghdr mh = {};
1101 struct iovec iov;
1102
1103 assert(m);
1104 assert(fd >= 0);
1105 assert(addr);
1106 assert(port > 0);
1107 assert(p);
1108
1109 iov.iov_base = DNS_PACKET_DATA(p);
1110 iov.iov_len = p->size;
1111
1112 sa.in.sin_addr = *addr;
1113 sa.in.sin_port = htobe16(port),
1114
1115 mh.msg_iov = &iov;
1116 mh.msg_iovlen = 1;
1117 mh.msg_name = &sa.sa;
1118 mh.msg_namelen = sizeof(sa.in);
1119
1120 if (ifindex > 0) {
1121 struct cmsghdr *cmsg;
1122 struct in_pktinfo *pi;
1123
1124 zero(control);
1125
1126 mh.msg_control = &control;
1127 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1128
1129 cmsg = CMSG_FIRSTHDR(&mh);
1130 cmsg->cmsg_len = mh.msg_controllen;
1131 cmsg->cmsg_level = IPPROTO_IP;
1132 cmsg->cmsg_type = IP_PKTINFO;
1133
1134 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1135 pi->ipi_ifindex = ifindex;
1136 }
1137
1138 return sendmsg_loop(fd, &mh, 0);
1139}
1140
1141static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1142 union sockaddr_union sa = {
1143 .in6.sin6_family = AF_INET6,
1144 };
1145 union {
1146 struct cmsghdr header; /* For alignment */
1147 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1148 } control;
1149 struct msghdr mh = {};
1150 struct iovec iov;
1151
1152 assert(m);
1153 assert(fd >= 0);
1154 assert(addr);
1155 assert(port > 0);
1156 assert(p);
1157
1158 iov.iov_base = DNS_PACKET_DATA(p);
1159 iov.iov_len = p->size;
1160
1161 sa.in6.sin6_addr = *addr;
1162 sa.in6.sin6_port = htobe16(port),
1163 sa.in6.sin6_scope_id = ifindex;
1164
1165 mh.msg_iov = &iov;
1166 mh.msg_iovlen = 1;
1167 mh.msg_name = &sa.sa;
1168 mh.msg_namelen = sizeof(sa.in6);
1169
1170 if (ifindex > 0) {
1171 struct cmsghdr *cmsg;
1172 struct in6_pktinfo *pi;
1173
1174 zero(control);
1175
1176 mh.msg_control = &control;
1177 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1178
1179 cmsg = CMSG_FIRSTHDR(&mh);
1180 cmsg->cmsg_len = mh.msg_controllen;
1181 cmsg->cmsg_level = IPPROTO_IPV6;
1182 cmsg->cmsg_type = IPV6_PKTINFO;
1183
1184 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1185 pi->ipi6_ifindex = ifindex;
1186 }
1187
1188 return sendmsg_loop(fd, &mh, 0);
1189}
1190
1191int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1192 assert(m);
1193 assert(fd >= 0);
1194 assert(addr);
1195 assert(port > 0);
1196 assert(p);
1197
1198 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1199
1200 if (family == AF_INET)
1201 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1202 else if (family == AF_INET6)
1203 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1204
1205 return -EAFNOSUPPORT;
1206}
1207
1208DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1209 DnsServer *s;
1210
1211 assert(m);
1212 assert(in_addr);
1213
1214 LIST_FOREACH(servers, s, m->dns_servers)
1215 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1216 return s;
1217
1218 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1219 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1220 return s;
1221
1222 return NULL;
1223}
1224
1225DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1226 assert(m);
1227
1228 if (m->current_dns_server == s)
1229 return s;
1230
1231 if (s) {
1232 _cleanup_free_ char *ip = NULL;
1233
1234 in_addr_to_string(s->family, &s->address, &ip);
1235 log_info("Switching to system DNS server %s.", strna(ip));
1236 }
1237
1238 m->current_dns_server = s;
1239
1240 if (m->unicast_scope)
1241 dns_cache_flush(&m->unicast_scope->cache);
1242
1243 return s;
1244}
1245
1246DnsServer *manager_get_dns_server(Manager *m) {
1247 Link *l;
1248 assert(m);
1249
1250 /* Try to read updates resolv.conf */
1251 manager_read_resolv_conf(m);
1252
1253 if (!m->current_dns_server)
1254 manager_set_dns_server(m, m->dns_servers);
1255
1256 if (!m->current_dns_server) {
1257 bool found = false;
1258 Iterator i;
1259
1260 /* No DNS servers configured, let's see if there are
1261 * any on any links. If not, we use the fallback
1262 * servers */
1263
1264 HASHMAP_FOREACH(l, m->links, i)
1265 if (l->dns_servers) {
1266 found = true;
1267 break;
1268 }
1269
1270 if (!found)
1271 manager_set_dns_server(m, m->fallback_dns_servers);
1272 }
1273
1274 return m->current_dns_server;
1275}
1276
1277void manager_next_dns_server(Manager *m) {
1278 assert(m);
1279
1280 /* If there's currently no DNS server set, then the next
1281 * manager_get_dns_server() will find one */
1282 if (!m->current_dns_server)
1283 return;
1284
1285 /* Change to the next one */
1286 if (m->current_dns_server->servers_next) {
1287 manager_set_dns_server(m, m->current_dns_server->servers_next);
1288 return;
1289 }
1290
1291 /* If there was no next one, then start from the beginning of
1292 * the list */
1293 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1294 manager_set_dns_server(m, m->fallback_dns_servers);
1295 else
1296 manager_set_dns_server(m, m->dns_servers);
1297}
1298
1299uint32_t manager_find_mtu(Manager *m) {
1300 uint32_t mtu = 0;
1301 Link *l;
1302 Iterator i;
1303
1304 /* If we don't know on which link a DNS packet would be
1305 * delivered, let's find the largest MTU that works on all
1306 * interfaces we know of */
1307
1308 HASHMAP_FOREACH(l, m->links, i) {
1309 if (l->mtu <= 0)
1310 continue;
1311
1312 if (mtu <= 0 || l->mtu < mtu)
1313 mtu = l->mtu;
1314 }
1315
1316 return mtu;
1317}
1318
1319static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1320 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1321 DnsTransaction *t = NULL;
1322 Manager *m = userdata;
1323 DnsScope *scope;
1324 int r;
1325
1326 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1327 if (r <= 0)
1328 return r;
1329
1330 scope = manager_find_scope(m, p);
1331 if (!scope) {
1332 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1333 return 0;
1334 }
1335
1336 if (dns_packet_validate_reply(p) > 0) {
1337 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1338
1339 dns_scope_check_conflicts(scope, p);
1340
1341 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1342 if (t)
1343 dns_transaction_process_reply(t, p);
1344
1345 } else if (dns_packet_validate_query(p) > 0) {
1346 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
1347
1348 dns_scope_process_query(scope, NULL, p);
1349 } else
1350 log_debug("Invalid LLMNR UDP packet.");
1351
1352 return 0;
1353}
1354
1355int manager_llmnr_ipv4_udp_fd(Manager *m) {
1356 union sockaddr_union sa = {
1357 .in.sin_family = AF_INET,
1358 .in.sin_port = htobe16(5355),
1359 };
1360 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1361 int r;
1362
1363 assert(m);
1364
1365 if (m->llmnr_ipv4_udp_fd >= 0)
1366 return m->llmnr_ipv4_udp_fd;
1367
1368 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1369 if (m->llmnr_ipv4_udp_fd < 0)
1370 return -errno;
1371
1372 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1373 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1374 if (r < 0) {
1375 r = -errno;
1376 goto fail;
1377 }
1378
1379 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1380 if (r < 0) {
1381 r = -errno;
1382 goto fail;
1383 }
1384
1385 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1386 if (r < 0) {
1387 r = -errno;
1388 goto fail;
1389 }
1390
1391 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1392 if (r < 0) {
1393 r = -errno;
1394 goto fail;
1395 }
1396
1397 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1398 if (r < 0) {
1399 r = -errno;
1400 goto fail;
1401 }
1402
1403 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1404 if (r < 0) {
1405 r = -errno;
1406 goto fail;
1407 }
1408
1409 /* Disable Don't-Fragment bit in the IP header */
1410 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1411 if (r < 0) {
1412 r = -errno;
1413 goto fail;
1414 }
1415
1416 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1417 if (r < 0) {
1418 r = -errno;
1419 goto fail;
1420 }
1421
1422 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1423 if (r < 0)
1424 goto fail;
1425
1426 return m->llmnr_ipv4_udp_fd;
1427
1428fail:
1429 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1430 return r;
1431}
1432
1433int manager_llmnr_ipv6_udp_fd(Manager *m) {
1434 union sockaddr_union sa = {
1435 .in6.sin6_family = AF_INET6,
1436 .in6.sin6_port = htobe16(5355),
1437 };
1438 static const int one = 1, ttl = 255;
1439 int r;
1440
1441 assert(m);
1442
1443 if (m->llmnr_ipv6_udp_fd >= 0)
1444 return m->llmnr_ipv6_udp_fd;
1445
1446 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1447 if (m->llmnr_ipv6_udp_fd < 0)
1448 return -errno;
1449
1450 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1451 if (r < 0) {
1452 r = -errno;
1453 goto fail;
1454 }
1455
1456 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1457 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1458 if (r < 0) {
1459 r = -errno;
1460 goto fail;
1461 }
1462
1463 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1464 if (r < 0) {
1465 r = -errno;
1466 goto fail;
1467 }
1468
1469 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1470 if (r < 0) {
1471 r = -errno;
1472 goto fail;
1473 }
1474
1475 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1476 if (r < 0) {
1477 r = -errno;
1478 goto fail;
1479 }
1480
1481 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1482 if (r < 0) {
1483 r = -errno;
1484 goto fail;
1485 }
1486
1487 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1488 if (r < 0) {
1489 r = -errno;
1490 goto fail;
1491 }
1492
1493 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1494 if (r < 0) {
1495 r = -errno;
1496 goto fail;
1497 }
1498
1499 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1500 if (r < 0) {
1501 r = -errno;
1502 goto fail;
1503 }
1504
1505 return m->llmnr_ipv6_udp_fd;
1506
1507fail:
1508 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1509 return r;
1510}
1511
1512static int on_llmnr_stream_packet(DnsStream *s) {
1513 DnsScope *scope;
1514
1515 assert(s);
1516
1517 scope = manager_find_scope(s->manager, s->read_packet);
1518 if (!scope) {
1519 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1520 return 0;
1521 }
1522
1523 if (dns_packet_validate_query(s->read_packet) > 0) {
1524 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
1525
1526 dns_scope_process_query(scope, s, s->read_packet);
1527
1528 /* If no reply packet was set, we free the stream */
1529 if (s->write_packet)
1530 return 0;
1531 } else
1532 log_debug("Invalid LLMNR TCP packet.");
1533
1534 dns_stream_free(s);
1535 return 0;
1536}
1537
1538static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1539 DnsStream *stream;
1540 Manager *m = userdata;
1541 int cfd, r;
1542
1543 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1544 if (cfd < 0) {
1545 if (errno == EAGAIN || errno == EINTR)
1546 return 0;
1547
1548 return -errno;
1549 }
1550
1551 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1552 if (r < 0) {
1553 safe_close(cfd);
1554 return r;
1555 }
1556
1557 stream->on_packet = on_llmnr_stream_packet;
1558 return 0;
1559}
1560
1561int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1562 union sockaddr_union sa = {
1563 .in.sin_family = AF_INET,
1564 .in.sin_port = htobe16(5355),
1565 };
1566 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1567 int r;
1568
1569 assert(m);
1570
1571 if (m->llmnr_ipv4_tcp_fd >= 0)
1572 return m->llmnr_ipv4_tcp_fd;
1573
1574 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1575 if (m->llmnr_ipv4_tcp_fd < 0)
1576 return -errno;
1577
1578 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1579 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1580 if (r < 0) {
1581 r = -errno;
1582 goto fail;
1583 }
1584
1585 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1586 if (r < 0) {
1587 r = -errno;
1588 goto fail;
1589 }
1590
1591 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1592 if (r < 0) {
1593 r = -errno;
1594 goto fail;
1595 }
1596
1597 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1598 if (r < 0) {
1599 r = -errno;
1600 goto fail;
1601 }
1602
1603 /* Disable Don't-Fragment bit in the IP header */
1604 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1605 if (r < 0) {
1606 r = -errno;
1607 goto fail;
1608 }
1609
1610 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1611 if (r < 0) {
1612 r = -errno;
1613 goto fail;
1614 }
1615
1616 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1617 if (r < 0) {
1618 r = -errno;
1619 goto fail;
1620 }
1621
1622 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1623 if (r < 0)
1624 goto fail;
1625
1626 return m->llmnr_ipv4_tcp_fd;
1627
1628fail:
1629 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1630 return r;
1631}
1632
1633int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1634 union sockaddr_union sa = {
1635 .in6.sin6_family = AF_INET6,
1636 .in6.sin6_port = htobe16(5355),
1637 };
1638 static const int one = 1;
1639 int r;
1640
1641 assert(m);
1642
1643 if (m->llmnr_ipv6_tcp_fd >= 0)
1644 return m->llmnr_ipv6_tcp_fd;
1645
1646 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1647 if (m->llmnr_ipv6_tcp_fd < 0)
1648 return -errno;
1649
1650 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1651 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1652 if (r < 0) {
1653 r = -errno;
1654 goto fail;
1655 }
1656
1657 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1658 if (r < 0) {
1659 r = -errno;
1660 goto fail;
1661 }
1662
1663 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1664 if (r < 0) {
1665 r = -errno;
1666 goto fail;
1667 }
1668
1669 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1670 if (r < 0) {
1671 r = -errno;
1672 goto fail;
1673 }
1674
1675 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1676 if (r < 0) {
1677 r = -errno;
1678 goto fail;
1679 }
1680
1681 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1682 if (r < 0) {
1683 r = -errno;
1684 goto fail;
1685 }
1686
1687 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1688 if (r < 0) {
1689 r = -errno;
1690 goto fail;
1691 }
1692
1693 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1694 if (r < 0) {
1695 r = -errno;
1696 goto fail;
1697 }
1698
1699 return m->llmnr_ipv6_tcp_fd;
1700
1701fail:
1702 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1703 return r;
1704}
1705
1706int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1707 LinkAddress *a;
1708
1709 assert(m);
1710
1711 a = manager_find_link_address(m, family, in_addr);
1712 if (a)
1713 return a->link->ifindex;
1714
1715 return 0;
1716}
1717
1718void manager_refresh_rrs(Manager *m) {
1719 Iterator i;
1720 Link *l;
1721
1722 assert(m);
1723
1724 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1725 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1726
1727 HASHMAP_FOREACH(l, m->links, i) {
1728 link_add_rrs(l, true);
1729 link_add_rrs(l, false);
1730 }
1731}
1732
1733int manager_next_hostname(Manager *m) {
1734 const char *p;
1735 uint64_t u, a;
1736 char *h;
1737
1738 assert(m);
1739
1740 p = strchr(m->hostname, 0);
1741 assert(p);
1742
1743 while (p > m->hostname) {
1744 if (!strchr("0123456789", p[-1]))
1745 break;
1746
1747 p--;
1748 }
1749
1750 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1751 u = 1;
1752
1753 /* Add a random number to the old value. This way we can avoid
1754 * that two hosts pick the same hostname, win on IPv4 and lose
1755 * on IPv6 (or vice versa), and pick the same hostname
1756 * replacement hostname, ad infinitum. We still want the
1757 * numbers to go up monotonically, hence we just add a random
1758 * value 1..10 */
1759
1760 random_bytes(&a, sizeof(a));
1761 u += 1 + a % 10;
1762
1763 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1764 return -ENOMEM;
1765
1766 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1767
1768 free(m->hostname);
1769 m->hostname = h;
1770
1771 manager_refresh_rrs(m);
1772
1773 return 0;
1774}
1775
1776LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1777 Iterator i;
1778 Link *l;
1779
1780 assert(m);
1781
1782 HASHMAP_FOREACH(l, m->links, i) {
1783 LinkAddress *a;
1784
1785 a = link_find_address(l, family, in_addr);
1786 if (a)
1787 return a;
1788 }
1789
1790 return NULL;
1791}
1792
1793bool manager_our_packet(Manager *m, DnsPacket *p) {
1794 assert(m);
1795 assert(p);
1796
1797 return !!manager_find_link_address(m, p->family, &p->sender);
1798}
1799
1800DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1801 Link *l;
1802
1803 assert(m);
1804 assert(p);
1805
1806 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1807 if (!l)
1808 return NULL;
1809
1810 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1811 if (p->family == AF_INET)
1812 return l->llmnr_ipv4_scope;
1813 else if (p->family == AF_INET6)
1814 return l->llmnr_ipv6_scope;
1815 }
1816
1817 return NULL;
1818}
1819
1820void manager_verify_all(Manager *m) {
1821 DnsScope *s;
1822
1823 assert(m);
1824
1825 LIST_FOREACH(scopes, s, m->dns_scopes)
1826 dns_zone_verify_all(&s->zone);
1827}
1828
1829void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1830 assert(m);
1831
1832 if (t == DNS_SERVER_SYSTEM)
1833 while (m->dns_servers)
1834 dns_server_free(m->dns_servers);
1835
1836 if (t == DNS_SERVER_FALLBACK)
1837 while (m->fallback_dns_servers)
1838 dns_server_free(m->fallback_dns_servers);
1839}
1840
1841static const char* const support_table[_SUPPORT_MAX] = {
1842 [SUPPORT_NO] = "no",
1843 [SUPPORT_YES] = "yes",
1844 [SUPPORT_RESOLVE] = "resolve",
1845};
1846DEFINE_STRING_TABLE_LOOKUP(support, Support);
Unnamed repository; edit this file 'description' to name the repository.