]> git.ipfire.org Git - thirdparty/systemd.git/blame_incremental - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
tmpfiles: use casts instead of warning suppression
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
... / ...
CommitLineData
1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22#include <arpa/inet.h>
23#include <resolv.h>
24#include <net/if.h>
25#include <sys/ioctl.h>
26#include <sys/poll.h>
27#include <netinet/in.h>
28
29#include "rtnl-util.h"
30#include "event-util.h"
31#include "network-util.h"
32#include "network-internal.h"
33#include "conf-parser.h"
34#include "socket-util.h"
35#include "af-list.h"
36#include "utf8.h"
37#include "fileio-label.h"
38
39#include "resolved-dns-domain.h"
40#include "resolved-conf.h"
41#include "resolved-bus.h"
42#include "resolved-manager.h"
43
44#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
45
46static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
47 Manager *m = userdata;
48 uint16_t type;
49 Link *l;
50 int ifindex, r;
51
52 assert(rtnl);
53 assert(m);
54 assert(mm);
55
56 r = sd_rtnl_message_get_type(mm, &type);
57 if (r < 0)
58 goto fail;
59
60 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
61 if (r < 0)
62 goto fail;
63
64 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
65
66 switch (type) {
67
68 case RTM_NEWLINK:{
69 bool is_new = !l;
70
71 if (!l) {
72 r = link_new(m, &l, ifindex);
73 if (r < 0)
74 goto fail;
75 }
76
77 r = link_update_rtnl(l, mm);
78 if (r < 0)
79 goto fail;
80
81 r = link_update_monitor(l);
82 if (r < 0)
83 goto fail;
84
85 if (is_new)
86 log_debug("Found new link %i/%s", ifindex, l->name);
87
88 break;
89 }
90
91 case RTM_DELLINK:
92 if (l) {
93 log_debug("Removing link %i/%s", l->ifindex, l->name);
94 link_free(l);
95 }
96
97 break;
98 }
99
100 return 0;
101
102fail:
103 log_warning_errno(r, "Failed to process RTNL link message: %m");
104 return 0;
105}
106
107static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
108 Manager *m = userdata;
109 union in_addr_union address;
110 uint16_t type;
111 int r, ifindex, family;
112 LinkAddress *a;
113 Link *l;
114
115 assert(rtnl);
116 assert(mm);
117 assert(m);
118
119 r = sd_rtnl_message_get_type(mm, &type);
120 if (r < 0)
121 goto fail;
122
123 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
124 if (r < 0)
125 goto fail;
126
127 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
128 if (!l)
129 return 0;
130
131 r = sd_rtnl_message_addr_get_family(mm, &family);
132 if (r < 0)
133 goto fail;
134
135 switch (family) {
136
137 case AF_INET:
138 r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
139 if (r < 0) {
140 r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
141 if (r < 0)
142 goto fail;
143 }
144
145 break;
146
147 case AF_INET6:
148 r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
149 if (r < 0) {
150 r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
151 if (r < 0)
152 goto fail;
153 }
154
155 break;
156
157 default:
158 return 0;
159 }
160
161 a = link_find_address(l, family, &address);
162
163 switch (type) {
164
165 case RTM_NEWADDR:
166
167 if (!a) {
168 r = link_address_new(l, &a, family, &address);
169 if (r < 0)
170 return r;
171 }
172
173 r = link_address_update_rtnl(a, mm);
174 if (r < 0)
175 return r;
176
177 break;
178
179 case RTM_DELADDR:
180 if (a)
181 link_address_free(a);
182 break;
183 }
184
185 return 0;
186
187fail:
188 log_warning_errno(r, "Failed to process RTNL address message: %m");
189 return 0;
190}
191
192static int manager_rtnl_listen(Manager *m) {
193 _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
194 sd_rtnl_message *i;
195 int r;
196
197 assert(m);
198
199 /* First, subscibe to interfaces coming and going */
200 r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
201 if (r < 0)
202 return r;
203
204 r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
205 if (r < 0)
206 return r;
207
208 r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
209 if (r < 0)
210 return r;
211
212 r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
213 if (r < 0)
214 return r;
215
216 r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
217 if (r < 0)
218 return r;
219
220 r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
221 if (r < 0)
222 return r;
223
224 /* Then, enumerate all links */
225 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
226 if (r < 0)
227 return r;
228
229 r = sd_rtnl_message_request_dump(req, true);
230 if (r < 0)
231 return r;
232
233 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
234 if (r < 0)
235 return r;
236
237 for (i = reply; i; i = sd_rtnl_message_next(i)) {
238 r = manager_process_link(m->rtnl, i, m);
239 if (r < 0)
240 return r;
241 }
242
243 req = sd_rtnl_message_unref(req);
244 reply = sd_rtnl_message_unref(reply);
245
246 /* Finally, enumerate all addresses, too */
247 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
248 if (r < 0)
249 return r;
250
251 r = sd_rtnl_message_request_dump(req, true);
252 if (r < 0)
253 return r;
254
255 r = sd_rtnl_call(m->rtnl, req, 0, &reply);
256 if (r < 0)
257 return r;
258
259 for (i = reply; i; i = sd_rtnl_message_next(i)) {
260 r = manager_process_address(m->rtnl, i, m);
261 if (r < 0)
262 return r;
263 }
264
265 return r;
266}
267
268static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
269 Manager *m = userdata;
270 Iterator i;
271 Link *l;
272 int r;
273
274 assert(m);
275
276 sd_network_monitor_flush(m->network_monitor);
277
278 HASHMAP_FOREACH(l, m->links, i) {
279 r = link_update_monitor(l);
280 if (r < 0)
281 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
282 }
283
284 r = manager_write_resolv_conf(m);
285 if (r < 0)
286 log_warning_errno(r, "Could not update resolv.conf: %m");
287
288 return 0;
289}
290
291static int manager_network_monitor_listen(Manager *m) {
292 int r, fd, events;
293
294 assert(m);
295
296 r = sd_network_monitor_new(&m->network_monitor, NULL);
297 if (r < 0)
298 return r;
299
300 fd = sd_network_monitor_get_fd(m->network_monitor);
301 if (fd < 0)
302 return fd;
303
304 events = sd_network_monitor_get_events(m->network_monitor);
305 if (events < 0)
306 return events;
307
308 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
309 if (r < 0)
310 return r;
311
312 return 0;
313}
314
315static int determine_hostname(char **ret) {
316 _cleanup_free_ char *h = NULL, *n = NULL;
317 int r;
318
319 assert(ret);
320
321 h = gethostname_malloc();
322 if (!h)
323 return log_oom();
324
325 if (!utf8_is_valid(h)) {
326 log_error("System hostname is not UTF-8 clean.");
327 return -EINVAL;
328 }
329
330 r = dns_name_normalize(h, &n);
331 if (r < 0) {
332 log_error("System hostname '%s' cannot be normalized.", h);
333 return r;
334 }
335
336 *ret = n;
337 n = NULL;
338
339 return 0;
340}
341
342static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
343 _cleanup_free_ char *h = NULL;
344 Manager *m = userdata;
345 int r;
346
347 assert(m);
348
349 r = determine_hostname(&h);
350 if (r < 0)
351 return 0; /* ignore invalid hostnames */
352
353 if (streq(h, m->hostname))
354 return 0;
355
356 log_info("System hostname changed to '%s'.", h);
357 free(m->hostname);
358 m->hostname = h;
359 h = NULL;
360
361 manager_refresh_rrs(m);
362
363 return 0;
364}
365
366static int manager_watch_hostname(Manager *m) {
367 int r;
368
369 assert(m);
370
371 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
372 if (m->hostname_fd < 0) {
373 log_warning_errno(errno, "Failed to watch hostname: %m");
374 return 0;
375 }
376
377 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
378 if (r < 0) {
379 if (r == -EPERM)
380 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
381 m->hostname_fd = safe_close(m->hostname_fd);
382 else
383 return log_error_errno(r, "Failed to add hostname event source: %m");
384 }
385
386 r = determine_hostname(&m->hostname);
387 if (r < 0) {
388 log_info("Defaulting to hostname 'linux'.");
389 m->hostname = strdup("linux");
390 if (!m->hostname)
391 return log_oom();
392 } else
393 log_info("Using system hostname '%s'.", m->hostname);
394
395 return 0;
396}
397
398static void manager_llmnr_stop(Manager *m) {
399 assert(m);
400
401 m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
402 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
403
404 m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
405 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
406
407 m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
408 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
409
410 m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
411 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
412}
413
414static int manager_llmnr_start(Manager *m) {
415 int r;
416
417 assert(m);
418
419 if (m->llmnr_support == SUPPORT_NO)
420 return 0;
421
422 r = manager_llmnr_ipv4_udp_fd(m);
423 if (r == -EADDRINUSE)
424 goto eaddrinuse;
425 if (r < 0)
426 return r;
427
428 r = manager_llmnr_ipv4_tcp_fd(m);
429 if (r == -EADDRINUSE)
430 goto eaddrinuse;
431 if (r < 0)
432 return r;
433
434 if (socket_ipv6_is_supported()) {
435 r = manager_llmnr_ipv6_udp_fd(m);
436 if (r == -EADDRINUSE)
437 goto eaddrinuse;
438 if (r < 0)
439 return r;
440
441 r = manager_llmnr_ipv6_tcp_fd(m);
442 if (r == -EADDRINUSE)
443 goto eaddrinuse;
444 if (r < 0)
445 return r;
446 }
447
448 return 0;
449
450eaddrinuse:
451 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
452 m->llmnr_support = SUPPORT_NO;
453 manager_llmnr_stop(m);
454
455 return 0;
456}
457
458int manager_new(Manager **ret) {
459 _cleanup_(manager_freep) Manager *m = NULL;
460 int r;
461
462 assert(ret);
463
464 m = new0(Manager, 1);
465 if (!m)
466 return -ENOMEM;
467
468 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
469 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
470 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
471 m->hostname_fd = -1;
472
473 m->llmnr_support = SUPPORT_YES;
474 m->read_resolv_conf = true;
475
476 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
477 if (r < 0)
478 return r;
479
480 r = sd_event_default(&m->event);
481 if (r < 0)
482 return r;
483
484 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
485 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
486
487 sd_event_set_watchdog(m->event, true);
488
489 r = manager_watch_hostname(m);
490 if (r < 0)
491 return r;
492
493 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
494 if (r < 0)
495 return r;
496
497 r = manager_network_monitor_listen(m);
498 if (r < 0)
499 return r;
500
501 r = manager_rtnl_listen(m);
502 if (r < 0)
503 return r;
504
505 r = manager_connect_bus(m);
506 if (r < 0)
507 return r;
508
509 *ret = m;
510 m = NULL;
511
512 return 0;
513}
514
515int manager_start(Manager *m) {
516 int r;
517
518 assert(m);
519
520 r = manager_llmnr_start(m);
521 if (r < 0)
522 return r;
523
524 return 0;
525}
526
527Manager *manager_free(Manager *m) {
528 Link *l;
529
530 if (!m)
531 return NULL;
532
533 while ((l = hashmap_first(m->links)))
534 link_free(l);
535
536 while (m->dns_queries)
537 dns_query_free(m->dns_queries);
538
539 dns_scope_free(m->unicast_scope);
540
541 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
542 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
543
544 hashmap_free(m->links);
545 hashmap_free(m->dns_transactions);
546
547 sd_event_source_unref(m->network_event_source);
548 sd_network_monitor_unref(m->network_monitor);
549
550 sd_event_source_unref(m->dns_ipv4_event_source);
551 sd_event_source_unref(m->dns_ipv6_event_source);
552 safe_close(m->dns_ipv4_fd);
553 safe_close(m->dns_ipv6_fd);
554
555 manager_llmnr_stop(m);
556
557 sd_bus_slot_unref(m->prepare_for_sleep_slot);
558 sd_event_source_unref(m->bus_retry_event_source);
559 sd_bus_unref(m->bus);
560
561 sd_event_unref(m->event);
562
563 dns_resource_key_unref(m->host_ipv4_key);
564 dns_resource_key_unref(m->host_ipv6_key);
565
566 safe_close(m->hostname_fd);
567 sd_event_source_unref(m->hostname_event_source);
568 free(m->hostname);
569
570 free(m);
571
572 return NULL;
573}
574
575int manager_read_resolv_conf(Manager *m) {
576 _cleanup_fclose_ FILE *f = NULL;
577 struct stat st, own;
578 char line[LINE_MAX];
579 DnsServer *s, *nx;
580 usec_t t;
581 int r;
582
583 assert(m);
584
585 /* Reads the system /etc/resolv.conf, if it exists and is not
586 * symlinked to our own resolv.conf instance */
587
588 if (!m->read_resolv_conf)
589 return 0;
590
591 r = stat("/etc/resolv.conf", &st);
592 if (r < 0) {
593 if (errno != ENOENT)
594 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
595 r = -errno;
596 goto clear;
597 }
598
599 /* Have we already seen the file? */
600 t = timespec_load(&st.st_mtim);
601 if (t == m->resolv_conf_mtime)
602 return 0;
603
604 m->resolv_conf_mtime = t;
605
606 /* Is it symlinked to our own file? */
607 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
608 st.st_dev == own.st_dev &&
609 st.st_ino == own.st_ino) {
610 r = 0;
611 goto clear;
612 }
613
614 f = fopen("/etc/resolv.conf", "re");
615 if (!f) {
616 if (errno != ENOENT)
617 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
618 r = -errno;
619 goto clear;
620 }
621
622 if (fstat(fileno(f), &st) < 0) {
623 log_error_errno(errno, "Failed to stat open file: %m");
624 r = -errno;
625 goto clear;
626 }
627
628 LIST_FOREACH(servers, s, m->dns_servers)
629 s->marked = true;
630
631 FOREACH_LINE(line, f, r = -errno; goto clear) {
632 union in_addr_union address;
633 int family;
634 char *l;
635 const char *a;
636
637 truncate_nl(line);
638
639 l = strstrip(line);
640 if (*l == '#' || *l == ';')
641 continue;
642
643 a = first_word(l, "nameserver");
644 if (!a)
645 continue;
646
647 r = in_addr_from_string_auto(a, &family, &address);
648 if (r < 0) {
649 log_warning("Failed to parse name server %s.", a);
650 continue;
651 }
652
653 LIST_FOREACH(servers, s, m->dns_servers)
654 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
655 break;
656
657 if (s)
658 s->marked = false;
659 else {
660 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
661 if (r < 0)
662 goto clear;
663 }
664 }
665
666 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
667 if (s->marked)
668 dns_server_free(s);
669
670 /* Whenever /etc/resolv.conf changes, start using the first
671 * DNS server of it. This is useful to deal with broken
672 * network managing implementations (like NetworkManager),
673 * that when connecting to a VPN place both the VPN DNS
674 * servers and the local ones in /etc/resolv.conf. Without
675 * resetting the DNS server to use back to the first entry we
676 * will continue to use the local one thus being unable to
677 * resolve VPN domains. */
678 manager_set_dns_server(m, m->dns_servers);
679
680 return 0;
681
682clear:
683 while (m->dns_servers)
684 dns_server_free(m->dns_servers);
685
686 return r;
687}
688
689static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
690 _cleanup_free_ char *t = NULL;
691 int r;
692
693 assert(s);
694 assert(f);
695 assert(count);
696
697 r = in_addr_to_string(s->family, &s->address, &t);
698 if (r < 0) {
699 log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
700 return;
701 }
702
703 if (*count == MAXNS)
704 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
705
706 fprintf(f, "nameserver %s\n", t);
707 (*count) ++;
708}
709
710static void write_resolv_conf_search(const char *domain, FILE *f,
711 unsigned *count, unsigned *length) {
712 assert(domain);
713 assert(f);
714 assert(length);
715
716 if (*count >= MAXDNSRCH ||
717 *length + strlen(domain) > 256) {
718 if (*count == MAXDNSRCH)
719 fputs(" # Too many search domains configured, remaining ones ignored.", f);
720 if (*length <= 256)
721 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
722
723 return;
724 }
725
726 fprintf(f, " %s", domain);
727
728 (*length) += strlen(domain);
729 (*count) ++;
730}
731
732static int write_resolv_conf_contents(FILE *f, Set *dns, Set *domains) {
733 Iterator i;
734
735 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
736 "# Third party programs must not access this file directly, but\n"
737 "# only through the symlink at /etc/resolv.conf. To manage\n"
738 "# resolv.conf(5) in a different way, replace the symlink by a\n"
739 "# static file or a different symlink.\n\n", f);
740
741 if (set_isempty(dns))
742 fputs("# No DNS servers known.\n", f);
743 else {
744 DnsServer *s;
745 unsigned count = 0;
746
747 SET_FOREACH(s, dns, i)
748 write_resolv_conf_server(s, f, &count);
749 }
750
751 if (!set_isempty(domains)) {
752 unsigned length = 0, count = 0;
753 char *domain;
754
755 fputs("search", f);
756 SET_FOREACH(domain, domains, i)
757 write_resolv_conf_search(domain, f, &count, &length);
758 fputs("\n", f);
759 }
760
761 return fflush_and_check(f);
762}
763
764
765int manager_write_resolv_conf(Manager *m) {
766 static const char path[] = "/run/systemd/resolve/resolv.conf";
767 _cleanup_free_ char *temp_path = NULL;
768 _cleanup_fclose_ FILE *f = NULL;
769 _cleanup_set_free_ Set *dns = NULL, *domains = NULL;
770 DnsServer *s;
771 Iterator i;
772 Link *l;
773 int r;
774
775 assert(m);
776
777 /* Read the system /etc/resolv.conf first */
778 manager_read_resolv_conf(m);
779
780 /* Add the full list to a set, to filter out duplicates */
781 dns = set_new(&dns_server_hash_ops);
782 if (!dns)
783 return -ENOMEM;
784
785 domains = set_new(&dns_name_hash_ops);
786 if (!domains)
787 return -ENOMEM;
788
789 /* First add the system-wide servers */
790 LIST_FOREACH(servers, s, m->dns_servers) {
791 r = set_put(dns, s);
792 if (r == -EEXIST)
793 continue;
794 if (r < 0)
795 return r;
796 }
797
798 /* Then, add the per-link servers and domains */
799 HASHMAP_FOREACH(l, m->links, i) {
800 char **domain;
801
802 LIST_FOREACH(servers, s, l->dns_servers) {
803 r = set_put(dns, s);
804 if (r == -EEXIST)
805 continue;
806 if (r < 0)
807 return r;
808 }
809
810 if (!l->unicast_scope)
811 continue;
812
813 STRV_FOREACH(domain, l->unicast_scope->domains) {
814 r = set_put(domains, *domain);
815 if (r == -EEXIST)
816 continue;
817 if (r < 0)
818 return r;
819 }
820 }
821
822 /* If we found nothing, add the fallback servers */
823 if (set_isempty(dns)) {
824 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
825 r = set_put(dns, s);
826 if (r == -EEXIST)
827 continue;
828 if (r < 0)
829 return r;
830 }
831 }
832
833 r = fopen_temporary_label(path, path, &f, &temp_path);
834 if (r < 0)
835 return r;
836
837 fchmod(fileno(f), 0644);
838
839 r = write_resolv_conf_contents(f, dns, domains);
840 if (r < 0)
841 goto fail;
842
843 if (rename(temp_path, path) < 0) {
844 r = -errno;
845 goto fail;
846 }
847
848 return 0;
849
850fail:
851 unlink(path);
852 unlink(temp_path);
853 return r;
854}
855
856int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
857 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
858 union {
859 struct cmsghdr header; /* For alignment */
860 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
861 + CMSG_SPACE(int) /* ttl/hoplimit */
862 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
863 } control;
864 union sockaddr_union sa;
865 struct msghdr mh = {};
866 struct cmsghdr *cmsg;
867 struct iovec iov;
868 int ms = 0, r;
869 ssize_t l;
870
871 assert(m);
872 assert(fd >= 0);
873 assert(ret);
874
875 r = ioctl(fd, FIONREAD, &ms);
876 if (r < 0)
877 return -errno;
878 if (ms < 0)
879 return -EIO;
880
881 r = dns_packet_new(&p, protocol, ms);
882 if (r < 0)
883 return r;
884
885 iov.iov_base = DNS_PACKET_DATA(p);
886 iov.iov_len = p->allocated;
887
888 mh.msg_name = &sa.sa;
889 mh.msg_namelen = sizeof(sa);
890 mh.msg_iov = &iov;
891 mh.msg_iovlen = 1;
892 mh.msg_control = &control;
893 mh.msg_controllen = sizeof(control);
894
895 l = recvmsg(fd, &mh, 0);
896 if (l < 0) {
897 if (errno == EAGAIN || errno == EINTR)
898 return 0;
899
900 return -errno;
901 }
902
903 if (l <= 0)
904 return -EIO;
905
906 assert(!(mh.msg_flags & MSG_CTRUNC));
907 assert(!(mh.msg_flags & MSG_TRUNC));
908
909 p->size = (size_t) l;
910
911 p->family = sa.sa.sa_family;
912 p->ipproto = IPPROTO_UDP;
913 if (p->family == AF_INET) {
914 p->sender.in = sa.in.sin_addr;
915 p->sender_port = be16toh(sa.in.sin_port);
916 } else if (p->family == AF_INET6) {
917 p->sender.in6 = sa.in6.sin6_addr;
918 p->sender_port = be16toh(sa.in6.sin6_port);
919 p->ifindex = sa.in6.sin6_scope_id;
920 } else
921 return -EAFNOSUPPORT;
922
923 for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
924
925 if (cmsg->cmsg_level == IPPROTO_IPV6) {
926 assert(p->family == AF_INET6);
927
928 switch (cmsg->cmsg_type) {
929
930 case IPV6_PKTINFO: {
931 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
932
933 if (p->ifindex <= 0)
934 p->ifindex = i->ipi6_ifindex;
935
936 p->destination.in6 = i->ipi6_addr;
937 break;
938 }
939
940 case IPV6_HOPLIMIT:
941 p->ttl = *(int *) CMSG_DATA(cmsg);
942 break;
943
944 }
945 } else if (cmsg->cmsg_level == IPPROTO_IP) {
946 assert(p->family == AF_INET);
947
948 switch (cmsg->cmsg_type) {
949
950 case IP_PKTINFO: {
951 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
952
953 if (p->ifindex <= 0)
954 p->ifindex = i->ipi_ifindex;
955
956 p->destination.in = i->ipi_addr;
957 break;
958 }
959
960 case IP_TTL:
961 p->ttl = *(int *) CMSG_DATA(cmsg);
962 break;
963 }
964 }
965 }
966
967 /* The Linux kernel sets the interface index to the loopback
968 * device if the packet came from the local host since it
969 * avoids the routing table in such a case. Let's unset the
970 * interface index in such a case. */
971 if (p->ifindex == LOOPBACK_IFINDEX)
972 p->ifindex = 0;
973
974 /* If we don't know the interface index still, we look for the
975 * first local interface with a matching address. Yuck! */
976 if (p->ifindex <= 0)
977 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
978
979 *ret = p;
980 p = NULL;
981
982 return 1;
983}
984
985static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
986 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
987 DnsTransaction *t = NULL;
988 Manager *m = userdata;
989 int r;
990
991 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
992 if (r <= 0)
993 return r;
994
995 if (dns_packet_validate_reply(p) > 0) {
996 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
997 if (!t)
998 return 0;
999
1000 dns_transaction_process_reply(t, p);
1001
1002 } else
1003 log_debug("Invalid DNS packet.");
1004
1005 return 0;
1006}
1007
1008int manager_dns_ipv4_fd(Manager *m) {
1009 const int one = 1;
1010 int r;
1011
1012 assert(m);
1013
1014 if (m->dns_ipv4_fd >= 0)
1015 return m->dns_ipv4_fd;
1016
1017 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1018 if (m->dns_ipv4_fd < 0)
1019 return -errno;
1020
1021 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1022 if (r < 0) {
1023 r = -errno;
1024 goto fail;
1025 }
1026
1027 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
1028 if (r < 0)
1029 goto fail;
1030
1031 return m->dns_ipv4_fd;
1032
1033fail:
1034 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
1035 return r;
1036}
1037
1038int manager_dns_ipv6_fd(Manager *m) {
1039 const int one = 1;
1040 int r;
1041
1042 assert(m);
1043
1044 if (m->dns_ipv6_fd >= 0)
1045 return m->dns_ipv6_fd;
1046
1047 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1048 if (m->dns_ipv6_fd < 0)
1049 return -errno;
1050
1051 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1052 if (r < 0) {
1053 r = -errno;
1054 goto fail;
1055 }
1056
1057 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
1058 if (r < 0)
1059 goto fail;
1060
1061 return m->dns_ipv6_fd;
1062
1063fail:
1064 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1065 return r;
1066}
1067
1068static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1069 int r;
1070
1071 assert(fd >= 0);
1072 assert(mh);
1073
1074 for (;;) {
1075 if (sendmsg(fd, mh, flags) >= 0)
1076 return 0;
1077
1078 if (errno == EINTR)
1079 continue;
1080
1081 if (errno != EAGAIN)
1082 return -errno;
1083
1084 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1085 if (r < 0)
1086 return r;
1087 if (r == 0)
1088 return -ETIMEDOUT;
1089 }
1090}
1091
1092static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1093 union sockaddr_union sa = {
1094 .in.sin_family = AF_INET,
1095 };
1096 union {
1097 struct cmsghdr header; /* For alignment */
1098 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1099 } control;
1100 struct msghdr mh = {};
1101 struct iovec iov;
1102
1103 assert(m);
1104 assert(fd >= 0);
1105 assert(addr);
1106 assert(port > 0);
1107 assert(p);
1108
1109 iov.iov_base = DNS_PACKET_DATA(p);
1110 iov.iov_len = p->size;
1111
1112 sa.in.sin_addr = *addr;
1113 sa.in.sin_port = htobe16(port),
1114
1115 mh.msg_iov = &iov;
1116 mh.msg_iovlen = 1;
1117 mh.msg_name = &sa.sa;
1118 mh.msg_namelen = sizeof(sa.in);
1119
1120 if (ifindex > 0) {
1121 struct cmsghdr *cmsg;
1122 struct in_pktinfo *pi;
1123
1124 zero(control);
1125
1126 mh.msg_control = &control;
1127 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1128
1129 cmsg = CMSG_FIRSTHDR(&mh);
1130 cmsg->cmsg_len = mh.msg_controllen;
1131 cmsg->cmsg_level = IPPROTO_IP;
1132 cmsg->cmsg_type = IP_PKTINFO;
1133
1134 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1135 pi->ipi_ifindex = ifindex;
1136 }
1137
1138 return sendmsg_loop(fd, &mh, 0);
1139}
1140
1141static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1142 union sockaddr_union sa = {
1143 .in6.sin6_family = AF_INET6,
1144 };
1145 union {
1146 struct cmsghdr header; /* For alignment */
1147 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1148 } control;
1149 struct msghdr mh = {};
1150 struct iovec iov;
1151
1152 assert(m);
1153 assert(fd >= 0);
1154 assert(addr);
1155 assert(port > 0);
1156 assert(p);
1157
1158 iov.iov_base = DNS_PACKET_DATA(p);
1159 iov.iov_len = p->size;
1160
1161 sa.in6.sin6_addr = *addr;
1162 sa.in6.sin6_port = htobe16(port),
1163 sa.in6.sin6_scope_id = ifindex;
1164
1165 mh.msg_iov = &iov;
1166 mh.msg_iovlen = 1;
1167 mh.msg_name = &sa.sa;
1168 mh.msg_namelen = sizeof(sa.in6);
1169
1170 if (ifindex > 0) {
1171 struct cmsghdr *cmsg;
1172 struct in6_pktinfo *pi;
1173
1174 zero(control);
1175
1176 mh.msg_control = &control;
1177 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1178
1179 cmsg = CMSG_FIRSTHDR(&mh);
1180 cmsg->cmsg_len = mh.msg_controllen;
1181 cmsg->cmsg_level = IPPROTO_IPV6;
1182 cmsg->cmsg_type = IPV6_PKTINFO;
1183
1184 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1185 pi->ipi6_ifindex = ifindex;
1186 }
1187
1188 return sendmsg_loop(fd, &mh, 0);
1189}
1190
1191int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1192 assert(m);
1193 assert(fd >= 0);
1194 assert(addr);
1195 assert(port > 0);
1196 assert(p);
1197
1198 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1199
1200 if (family == AF_INET)
1201 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1202 else if (family == AF_INET6)
1203 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1204
1205 return -EAFNOSUPPORT;
1206}
1207
1208DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1209 DnsServer *s;
1210
1211 assert(m);
1212 assert(in_addr);
1213
1214 LIST_FOREACH(servers, s, m->dns_servers)
1215 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1216 return s;
1217
1218 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1219 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1220 return s;
1221
1222 return NULL;
1223}
1224
1225DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1226 assert(m);
1227
1228 if (m->current_dns_server == s)
1229 return s;
1230
1231 if (s) {
1232 _cleanup_free_ char *ip = NULL;
1233
1234 in_addr_to_string(s->family, &s->address, &ip);
1235 log_info("Switching to system DNS server %s.", strna(ip));
1236 }
1237
1238 m->current_dns_server = s;
1239
1240 if (m->unicast_scope)
1241 dns_cache_flush(&m->unicast_scope->cache);
1242
1243 return s;
1244}
1245
1246DnsServer *manager_get_dns_server(Manager *m) {
1247 Link *l;
1248 assert(m);
1249
1250 /* Try to read updates resolv.conf */
1251 manager_read_resolv_conf(m);
1252
1253 if (!m->current_dns_server)
1254 manager_set_dns_server(m, m->dns_servers);
1255
1256 if (!m->current_dns_server) {
1257 bool found = false;
1258 Iterator i;
1259
1260 /* No DNS servers configured, let's see if there are
1261 * any on any links. If not, we use the fallback
1262 * servers */
1263
1264 HASHMAP_FOREACH(l, m->links, i)
1265 if (l->dns_servers) {
1266 found = true;
1267 break;
1268 }
1269
1270 if (!found)
1271 manager_set_dns_server(m, m->fallback_dns_servers);
1272 }
1273
1274 return m->current_dns_server;
1275}
1276
1277void manager_next_dns_server(Manager *m) {
1278 assert(m);
1279
1280 /* If there's currently no DNS server set, then the next
1281 * manager_get_dns_server() will find one */
1282 if (!m->current_dns_server)
1283 return;
1284
1285 /* Change to the next one */
1286 if (m->current_dns_server->servers_next) {
1287 manager_set_dns_server(m, m->current_dns_server->servers_next);
1288 return;
1289 }
1290
1291 /* If there was no next one, then start from the beginning of
1292 * the list */
1293 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1294 manager_set_dns_server(m, m->fallback_dns_servers);
1295 else
1296 manager_set_dns_server(m, m->dns_servers);
1297}
1298
1299uint32_t manager_find_mtu(Manager *m) {
1300 uint32_t mtu = 0;
1301 Link *l;
1302 Iterator i;
1303
1304 /* If we don't know on which link a DNS packet would be
1305 * delivered, let's find the largest MTU that works on all
1306 * interfaces we know of */
1307
1308 HASHMAP_FOREACH(l, m->links, i) {
1309 if (l->mtu <= 0)
1310 continue;
1311
1312 if (mtu <= 0 || l->mtu < mtu)
1313 mtu = l->mtu;
1314 }
1315
1316 return mtu;
1317}
1318
1319static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1320 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
1321 DnsTransaction *t = NULL;
1322 Manager *m = userdata;
1323 DnsScope *scope;
1324 int r;
1325
1326 r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
1327 if (r <= 0)
1328 return r;
1329
1330 scope = manager_find_scope(m, p);
1331 if (!scope) {
1332 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1333 return 0;
1334 }
1335
1336 if (dns_packet_validate_reply(p) > 0) {
1337 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
1338
1339 dns_scope_check_conflicts(scope, p);
1340
1341 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
1342 if (t)
1343 dns_transaction_process_reply(t, p);
1344
1345 } else if (dns_packet_validate_query(p) > 0) {
1346 log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
1347
1348 dns_scope_process_query(scope, NULL, p);
1349 } else
1350 log_debug("Invalid LLMNR UDP packet.");
1351
1352 return 0;
1353}
1354
1355int manager_llmnr_ipv4_udp_fd(Manager *m) {
1356 union sockaddr_union sa = {
1357 .in.sin_family = AF_INET,
1358 .in.sin_port = htobe16(5355),
1359 };
1360 static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
1361 int r;
1362
1363 assert(m);
1364
1365 if (m->llmnr_ipv4_udp_fd >= 0)
1366 return m->llmnr_ipv4_udp_fd;
1367
1368 m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1369 if (m->llmnr_ipv4_udp_fd < 0)
1370 return -errno;
1371
1372 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1373 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
1374 if (r < 0) {
1375 r = -errno;
1376 goto fail;
1377 }
1378
1379 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
1380 if (r < 0) {
1381 r = -errno;
1382 goto fail;
1383 }
1384
1385 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
1386 if (r < 0) {
1387 r = -errno;
1388 goto fail;
1389 }
1390
1391 r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1392 if (r < 0) {
1393 r = -errno;
1394 goto fail;
1395 }
1396
1397 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1398 if (r < 0) {
1399 r = -errno;
1400 goto fail;
1401 }
1402
1403 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1404 if (r < 0) {
1405 r = -errno;
1406 goto fail;
1407 }
1408
1409 /* Disable Don't-Fragment bit in the IP header */
1410 r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1411 if (r < 0) {
1412 r = -errno;
1413 goto fail;
1414 }
1415
1416 r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
1417 if (r < 0) {
1418 r = -errno;
1419 goto fail;
1420 }
1421
1422 r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
1423 if (r < 0)
1424 goto fail;
1425
1426 return m->llmnr_ipv4_udp_fd;
1427
1428fail:
1429 m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
1430 return r;
1431}
1432
1433int manager_llmnr_ipv6_udp_fd(Manager *m) {
1434 union sockaddr_union sa = {
1435 .in6.sin6_family = AF_INET6,
1436 .in6.sin6_port = htobe16(5355),
1437 };
1438 static const int one = 1, ttl = 255;
1439 int r;
1440
1441 assert(m);
1442
1443 if (m->llmnr_ipv6_udp_fd >= 0)
1444 return m->llmnr_ipv6_udp_fd;
1445
1446 m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1447 if (m->llmnr_ipv6_udp_fd < 0)
1448 return -errno;
1449
1450 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
1451 if (r < 0) {
1452 r = -errno;
1453 goto fail;
1454 }
1455
1456 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1457 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
1458 if (r < 0) {
1459 r = -errno;
1460 goto fail;
1461 }
1462
1463 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
1464 if (r < 0) {
1465 r = -errno;
1466 goto fail;
1467 }
1468
1469 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1470 if (r < 0) {
1471 r = -errno;
1472 goto fail;
1473 }
1474
1475 r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1476 if (r < 0) {
1477 r = -errno;
1478 goto fail;
1479 }
1480
1481 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1482 if (r < 0) {
1483 r = -errno;
1484 goto fail;
1485 }
1486
1487 r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1488 if (r < 0) {
1489 r = -errno;
1490 goto fail;
1491 }
1492
1493 r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
1494 if (r < 0) {
1495 r = -errno;
1496 goto fail;
1497 }
1498
1499 r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
1500 if (r < 0) {
1501 r = -errno;
1502 goto fail;
1503 }
1504
1505 return m->llmnr_ipv6_udp_fd;
1506
1507fail:
1508 m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
1509 return r;
1510}
1511
1512static int on_llmnr_stream_packet(DnsStream *s) {
1513 DnsScope *scope;
1514
1515 assert(s);
1516
1517 scope = manager_find_scope(s->manager, s->read_packet);
1518 if (!scope) {
1519 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1520 return 0;
1521 }
1522
1523 if (dns_packet_validate_query(s->read_packet) > 0) {
1524 log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
1525
1526 dns_scope_process_query(scope, s, s->read_packet);
1527
1528 /* If no reply packet was set, we free the stream */
1529 if (s->write_packet)
1530 return 0;
1531 } else
1532 log_debug("Invalid LLMNR TCP packet.");
1533
1534 dns_stream_free(s);
1535 return 0;
1536}
1537
1538static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
1539 DnsStream *stream;
1540 Manager *m = userdata;
1541 int cfd, r;
1542
1543 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1544 if (cfd < 0) {
1545 if (errno == EAGAIN || errno == EINTR)
1546 return 0;
1547
1548 return -errno;
1549 }
1550
1551 r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
1552 if (r < 0) {
1553 safe_close(cfd);
1554 return r;
1555 }
1556
1557 stream->on_packet = on_llmnr_stream_packet;
1558 return 0;
1559}
1560
1561int manager_llmnr_ipv4_tcp_fd(Manager *m) {
1562 union sockaddr_union sa = {
1563 .in.sin_family = AF_INET,
1564 .in.sin_port = htobe16(5355),
1565 };
1566 static const int one = 1, pmtu = IP_PMTUDISC_DONT;
1567 int r;
1568
1569 assert(m);
1570
1571 if (m->llmnr_ipv4_tcp_fd >= 0)
1572 return m->llmnr_ipv4_tcp_fd;
1573
1574 m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1575 if (m->llmnr_ipv4_tcp_fd < 0)
1576 return -errno;
1577
1578 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1579 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
1580 if (r < 0) {
1581 r = -errno;
1582 goto fail;
1583 }
1584
1585 r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1586 if (r < 0) {
1587 r = -errno;
1588 goto fail;
1589 }
1590
1591 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
1592 if (r < 0) {
1593 r = -errno;
1594 goto fail;
1595 }
1596
1597 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
1598 if (r < 0) {
1599 r = -errno;
1600 goto fail;
1601 }
1602
1603 /* Disable Don't-Fragment bit in the IP header */
1604 r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
1605 if (r < 0) {
1606 r = -errno;
1607 goto fail;
1608 }
1609
1610 r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
1611 if (r < 0) {
1612 r = -errno;
1613 goto fail;
1614 }
1615
1616 r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
1617 if (r < 0) {
1618 r = -errno;
1619 goto fail;
1620 }
1621
1622 r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1623 if (r < 0)
1624 goto fail;
1625
1626 return m->llmnr_ipv4_tcp_fd;
1627
1628fail:
1629 m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
1630 return r;
1631}
1632
1633int manager_llmnr_ipv6_tcp_fd(Manager *m) {
1634 union sockaddr_union sa = {
1635 .in6.sin6_family = AF_INET6,
1636 .in6.sin6_port = htobe16(5355),
1637 };
1638 static const int one = 1;
1639 int r;
1640
1641 assert(m);
1642
1643 if (m->llmnr_ipv6_tcp_fd >= 0)
1644 return m->llmnr_ipv6_tcp_fd;
1645
1646 m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1647 if (m->llmnr_ipv6_tcp_fd < 0)
1648 return -errno;
1649
1650 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1651 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
1652 if (r < 0) {
1653 r = -errno;
1654 goto fail;
1655 }
1656
1657 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
1658 if (r < 0) {
1659 r = -errno;
1660 goto fail;
1661 }
1662
1663 r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
1664 if (r < 0) {
1665 r = -errno;
1666 goto fail;
1667 }
1668
1669 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
1670 if (r < 0) {
1671 r = -errno;
1672 goto fail;
1673 }
1674
1675 r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
1676 if (r < 0) {
1677 r = -errno;
1678 goto fail;
1679 }
1680
1681 r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
1682 if (r < 0) {
1683 r = -errno;
1684 goto fail;
1685 }
1686
1687 r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
1688 if (r < 0) {
1689 r = -errno;
1690 goto fail;
1691 }
1692
1693 r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
1694 if (r < 0) {
1695 r = -errno;
1696 goto fail;
1697 }
1698
1699 return m->llmnr_ipv6_tcp_fd;
1700
1701fail:
1702 m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
1703 return r;
1704}
1705
1706int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1707 LinkAddress *a;
1708
1709 assert(m);
1710
1711 a = manager_find_link_address(m, family, in_addr);
1712 if (a)
1713 return a->link->ifindex;
1714
1715 return 0;
1716}
1717
1718void manager_refresh_rrs(Manager *m) {
1719 Iterator i;
1720 Link *l;
1721
1722 assert(m);
1723
1724 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1725 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1726
1727 HASHMAP_FOREACH(l, m->links, i) {
1728 link_add_rrs(l, true);
1729 link_add_rrs(l, false);
1730 }
1731}
1732
1733int manager_next_hostname(Manager *m) {
1734 const char *p;
1735 uint64_t u, a;
1736 char *h;
1737
1738 assert(m);
1739
1740 p = strchr(m->hostname, 0);
1741 assert(p);
1742
1743 while (p > m->hostname) {
1744 if (!strchr("0123456789", p[-1]))
1745 break;
1746
1747 p--;
1748 }
1749
1750 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1751 u = 1;
1752
1753 /* Add a random number to the old value. This way we can avoid
1754 * that two hosts pick the same hostname, win on IPv4 and lose
1755 * on IPv6 (or vice versa), and pick the same hostname
1756 * replacement hostname, ad infinitum. We still want the
1757 * numbers to go up monotonically, hence we just add a random
1758 * value 1..10 */
1759
1760 random_bytes(&a, sizeof(a));
1761 u += 1 + a % 10;
1762
1763 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1764 return -ENOMEM;
1765
1766 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1767
1768 free(m->hostname);
1769 m->hostname = h;
1770
1771 manager_refresh_rrs(m);
1772
1773 return 0;
1774}
1775
1776LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1777 Iterator i;
1778 Link *l;
1779
1780 assert(m);
1781
1782 HASHMAP_FOREACH(l, m->links, i) {
1783 LinkAddress *a;
1784
1785 a = link_find_address(l, family, in_addr);
1786 if (a)
1787 return a;
1788 }
1789
1790 return NULL;
1791}
1792
1793bool manager_our_packet(Manager *m, DnsPacket *p) {
1794 assert(m);
1795 assert(p);
1796
1797 return !!manager_find_link_address(m, p->family, &p->sender);
1798}
1799
1800DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1801 Link *l;
1802
1803 assert(m);
1804 assert(p);
1805
1806 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1807 if (!l)
1808 return NULL;
1809
1810 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1811 if (p->family == AF_INET)
1812 return l->llmnr_ipv4_scope;
1813 else if (p->family == AF_INET6)
1814 return l->llmnr_ipv6_scope;
1815 }
1816
1817 return NULL;
1818}
1819
1820void manager_verify_all(Manager *m) {
1821 DnsScope *s;
1822
1823 assert(m);
1824
1825 LIST_FOREACH(scopes, s, m->dns_scopes)
1826 dns_zone_verify_all(&s->zone);
1827}
1828
1829void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1830 assert(m);
1831
1832 if (t == DNS_SERVER_SYSTEM)
1833 while (m->dns_servers)
1834 dns_server_free(m->dns_servers);
1835
1836 if (t == DNS_SERVER_FALLBACK)
1837 while (m->fallback_dns_servers)
1838 dns_server_free(m->fallback_dns_servers);
1839}
1840
1841static const char* const support_table[_SUPPORT_MAX] = {
1842 [SUPPORT_NO] = "no",
1843 [SUPPORT_YES] = "yes",
1844 [SUPPORT_RESOLVE] = "resolve",
1845};
1846DEFINE_STRING_TABLE_LOOKUP(support, Support);
Unnamed repository; edit this file 'description' to name the repository.