1 /* SPDX-License-Identifier: LGPL-2.1+ */
4 #include <netinet/in.h>
16 #include "alloc-util.h"
17 #include "dirent-util.h"
18 #include "dns-domain.h"
21 #include "hostname-util.h"
23 #include "missing_network.h"
24 #include "netlink-util.h"
25 #include "network-internal.h"
26 #include "ordered-set.h"
27 #include "parse-util.h"
28 #include "random-util.h"
29 #include "resolved-bus.h"
30 #include "resolved-conf.h"
31 #include "resolved-dns-stub.h"
32 #include "resolved-dnssd.h"
33 #include "resolved-etc-hosts.h"
34 #include "resolved-llmnr.h"
35 #include "resolved-manager.h"
36 #include "resolved-mdns.h"
37 #include "resolved-resolv-conf.h"
38 #include "socket-util.h"
39 #include "string-table.h"
40 #include "string-util.h"
43 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
45 static int manager_process_link(sd_netlink
*rtnl
, sd_netlink_message
*mm
, void *userdata
) {
46 Manager
*m
= userdata
;
55 r
= sd_netlink_message_get_type(mm
, &type
);
59 r
= sd_rtnl_message_link_get_ifindex(mm
, &ifindex
);
63 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
71 r
= link_new(m
, &l
, ifindex
);
76 r
= link_process_rtnl(l
, mm
);
85 log_debug("Found new link %i/%s", ifindex
, l
->ifname
);
92 log_debug("Removing link %i/%s", l
->ifindex
, l
->ifname
);
103 log_warning_errno(r
, "Failed to process RTNL link message: %m");
107 static int manager_process_address(sd_netlink
*rtnl
, sd_netlink_message
*mm
, void *userdata
) {
108 Manager
*m
= userdata
;
109 union in_addr_union address
;
111 int r
, ifindex
, family
;
119 r
= sd_netlink_message_get_type(mm
, &type
);
123 r
= sd_rtnl_message_addr_get_ifindex(mm
, &ifindex
);
127 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
131 r
= sd_rtnl_message_addr_get_family(mm
, &family
);
138 r
= sd_netlink_message_read_in_addr(mm
, IFA_LOCAL
, &address
.in
);
140 r
= sd_netlink_message_read_in_addr(mm
, IFA_ADDRESS
, &address
.in
);
148 r
= sd_netlink_message_read_in6_addr(mm
, IFA_LOCAL
, &address
.in6
);
150 r
= sd_netlink_message_read_in6_addr(mm
, IFA_ADDRESS
, &address
.in6
);
161 a
= link_find_address(l
, family
, &address
);
168 r
= link_address_new(l
, &a
, family
, &address
);
173 r
= link_address_update_rtnl(a
, mm
);
180 link_address_free(a
);
187 log_warning_errno(r
, "Failed to process RTNL address message: %m");
191 static int manager_rtnl_listen(Manager
*m
) {
192 _cleanup_(sd_netlink_message_unrefp
) sd_netlink_message
*req
= NULL
, *reply
= NULL
;
193 sd_netlink_message
*i
;
198 /* First, subscribe to interfaces coming and going */
199 r
= sd_netlink_open(&m
->rtnl
);
203 r
= sd_netlink_attach_event(m
->rtnl
, m
->event
, SD_EVENT_PRIORITY_IMPORTANT
);
207 r
= sd_netlink_add_match(m
->rtnl
, NULL
, RTM_NEWLINK
, manager_process_link
, NULL
, m
, "resolve-NEWLINK");
211 r
= sd_netlink_add_match(m
->rtnl
, NULL
, RTM_DELLINK
, manager_process_link
, NULL
, m
, "resolve-DELLINK");
215 r
= sd_netlink_add_match(m
->rtnl
, NULL
, RTM_NEWADDR
, manager_process_address
, NULL
, m
, "resolve-NEWADDR");
219 r
= sd_netlink_add_match(m
->rtnl
, NULL
, RTM_DELADDR
, manager_process_address
, NULL
, m
, "resolve-DELADDR");
223 /* Then, enumerate all links */
224 r
= sd_rtnl_message_new_link(m
->rtnl
, &req
, RTM_GETLINK
, 0);
228 r
= sd_netlink_message_request_dump(req
, true);
232 r
= sd_netlink_call(m
->rtnl
, req
, 0, &reply
);
236 for (i
= reply
; i
; i
= sd_netlink_message_next(i
)) {
237 r
= manager_process_link(m
->rtnl
, i
, m
);
242 req
= sd_netlink_message_unref(req
);
243 reply
= sd_netlink_message_unref(reply
);
245 /* Finally, enumerate all addresses, too */
246 r
= sd_rtnl_message_new_addr(m
->rtnl
, &req
, RTM_GETADDR
, 0, AF_UNSPEC
);
250 r
= sd_netlink_message_request_dump(req
, true);
254 r
= sd_netlink_call(m
->rtnl
, req
, 0, &reply
);
258 for (i
= reply
; i
; i
= sd_netlink_message_next(i
)) {
259 r
= manager_process_address(m
->rtnl
, i
, m
);
267 static int on_network_event(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
268 Manager
*m
= userdata
;
275 sd_network_monitor_flush(m
->network_monitor
);
277 HASHMAP_FOREACH(l
, m
->links
, i
) {
280 log_warning_errno(r
, "Failed to update monitor information for %i: %m", l
->ifindex
);
283 (void) manager_write_resolv_conf(m
);
288 static int manager_network_monitor_listen(Manager
*m
) {
293 r
= sd_network_monitor_new(&m
->network_monitor
, NULL
);
297 fd
= sd_network_monitor_get_fd(m
->network_monitor
);
301 events
= sd_network_monitor_get_events(m
->network_monitor
);
305 r
= sd_event_add_io(m
->event
, &m
->network_event_source
, fd
, events
, &on_network_event
, m
);
309 r
= sd_event_source_set_priority(m
->network_event_source
, SD_EVENT_PRIORITY_IMPORTANT
+5);
313 (void) sd_event_source_set_description(m
->network_event_source
, "network-monitor");
318 static int determine_hostname(char **full_hostname
, char **llmnr_hostname
, char **mdns_hostname
) {
319 _cleanup_free_
char *h
= NULL
, *n
= NULL
;
321 _cleanup_free_
char *utf8
= NULL
;
325 char label
[DNS_LABEL_MAX
];
326 const char *p
, *decoded
;
329 assert(full_hostname
);
330 assert(llmnr_hostname
);
331 assert(mdns_hostname
);
333 /* Extract and normalize the first label of the locally configured hostname, and check it's not "localhost". */
335 r
= gethostname_strict(&h
);
337 return log_debug_errno(r
, "Can't determine system hostname: %m");
340 r
= dns_label_unescape(&p
, label
, sizeof label
, 0);
342 return log_error_errno(r
, "Failed to unescape host name: %m");
344 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
),
345 "Couldn't find a single label in hostname.");
348 r
= idn2_to_unicode_8z8z(label
, &utf8
, 0);
350 return log_error("Failed to undo IDNA: %s", idn2_strerror(r
));
351 assert(utf8_is_valid(utf8
));
356 k
= dns_label_undo_idna(label
, r
, label
, sizeof label
);
358 return log_error_errno(k
, "Failed to undo IDNA: %m");
362 if (!utf8_is_valid(label
))
363 return log_error_errno(SYNTHETIC_ERRNO(EINVAL
),
364 "System hostname is not UTF-8 clean.");
367 decoded
= label
; /* no decoding */
370 r
= dns_label_escape_new(decoded
, r
, &n
);
372 return log_error_errno(r
, "Failed to escape host name: %m");
375 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL
),
376 "System hostname is 'localhost', ignoring.");
378 r
= dns_name_concat(n
, "local", 0, mdns_hostname
);
380 return log_error_errno(r
, "Failed to determine mDNS hostname: %m");
382 *llmnr_hostname
= TAKE_PTR(n
);
383 *full_hostname
= TAKE_PTR(h
);
388 static const char *fallback_hostname(void) {
390 /* Determine the fall back hostname. For exposing this system to the outside world, we cannot have it to be
391 * "localhost" even if that's the compiled in hostname. In this case, let's revert to "linux" instead. */
393 if (is_localhost(FALLBACK_HOSTNAME
))
396 return FALLBACK_HOSTNAME
;
399 static int make_fallback_hostnames(char **full_hostname
, char **llmnr_hostname
, char **mdns_hostname
) {
400 _cleanup_free_
char *n
= NULL
, *m
= NULL
;
401 char label
[DNS_LABEL_MAX
], *h
;
405 assert(full_hostname
);
406 assert(llmnr_hostname
);
407 assert(mdns_hostname
);
409 p
= fallback_hostname();
410 r
= dns_label_unescape(&p
, label
, sizeof label
, 0);
412 return log_error_errno(r
, "Failed to unescape fallback host name: %m");
414 assert(r
> 0); /* The fallback hostname must have at least one label */
416 r
= dns_label_escape_new(label
, r
, &n
);
418 return log_error_errno(r
, "Failed to escape fallback hostname: %m");
420 r
= dns_name_concat(n
, "local", 0, &m
);
422 return log_error_errno(r
, "Failed to concatenate mDNS hostname: %m");
424 h
= strdup(fallback_hostname());
428 *llmnr_hostname
= TAKE_PTR(n
);
429 *mdns_hostname
= TAKE_PTR(m
);
436 static int on_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
437 _cleanup_free_
char *full_hostname
= NULL
, *llmnr_hostname
= NULL
, *mdns_hostname
= NULL
;
438 Manager
*m
= userdata
;
443 r
= determine_hostname(&full_hostname
, &llmnr_hostname
, &mdns_hostname
);
445 return 0; /* ignore invalid hostnames */
447 if (streq(full_hostname
, m
->full_hostname
) &&
448 streq(llmnr_hostname
, m
->llmnr_hostname
) &&
449 streq(mdns_hostname
, m
->mdns_hostname
))
452 log_info("System hostname changed to '%s'.", full_hostname
);
454 free_and_replace(m
->full_hostname
, full_hostname
);
455 free_and_replace(m
->llmnr_hostname
, llmnr_hostname
);
456 free_and_replace(m
->mdns_hostname
, mdns_hostname
);
458 manager_refresh_rrs(m
);
463 static int manager_watch_hostname(Manager
*m
) {
468 m
->hostname_fd
= open("/proc/sys/kernel/hostname",
469 O_RDONLY
|O_CLOEXEC
|O_NONBLOCK
|O_NOCTTY
);
470 if (m
->hostname_fd
< 0) {
471 log_warning_errno(errno
, "Failed to watch hostname: %m");
475 r
= sd_event_add_io(m
->event
, &m
->hostname_event_source
, m
->hostname_fd
, 0, on_hostname_change
, m
);
478 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
479 m
->hostname_fd
= safe_close(m
->hostname_fd
);
481 return log_error_errno(r
, "Failed to add hostname event source: %m");
484 (void) sd_event_source_set_description(m
->hostname_event_source
, "hostname");
486 r
= determine_hostname(&m
->full_hostname
, &m
->llmnr_hostname
, &m
->mdns_hostname
);
488 log_info("Defaulting to hostname '%s'.", fallback_hostname());
490 r
= make_fallback_hostnames(&m
->full_hostname
, &m
->llmnr_hostname
, &m
->mdns_hostname
);
494 log_info("Using system hostname '%s'.", m
->full_hostname
);
499 static int manager_sigusr1(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
500 _cleanup_free_
char *buffer
= NULL
;
501 _cleanup_fclose_
FILE *f
= NULL
;
502 Manager
*m
= userdata
;
513 f
= open_memstream_unlocked(&buffer
, &size
);
517 LIST_FOREACH(scopes
, scope
, m
->dns_scopes
)
518 dns_scope_dump(scope
, f
);
520 LIST_FOREACH(servers
, server
, m
->dns_servers
)
521 dns_server_dump(server
, f
);
522 LIST_FOREACH(servers
, server
, m
->fallback_dns_servers
)
523 dns_server_dump(server
, f
);
524 HASHMAP_FOREACH(l
, m
->links
, i
)
525 LIST_FOREACH(servers
, server
, l
->dns_servers
)
526 dns_server_dump(server
, f
);
528 if (fflush_and_check(f
) < 0)
531 log_dump(LOG_INFO
, buffer
);
535 static int manager_sigusr2(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
536 Manager
*m
= userdata
;
542 manager_flush_caches(m
);
547 static int manager_sigrtmin1(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
548 Manager
*m
= userdata
;
554 manager_reset_server_features(m
);
558 int manager_new(Manager
**ret
) {
559 _cleanup_(manager_freep
) Manager
*m
= NULL
;
569 .llmnr_ipv4_udp_fd
= -1,
570 .llmnr_ipv6_udp_fd
= -1,
571 .llmnr_ipv4_tcp_fd
= -1,
572 .llmnr_ipv6_tcp_fd
= -1,
575 .dns_stub_udp_fd
= -1,
576 .dns_stub_tcp_fd
= -1,
579 .llmnr_support
= RESOLVE_SUPPORT_YES
,
580 .mdns_support
= RESOLVE_SUPPORT_YES
,
581 .dnssec_mode
= DEFAULT_DNSSEC_MODE
,
582 .dns_over_tls_mode
= DEFAULT_DNS_OVER_TLS_MODE
,
583 .enable_cache
= true,
584 .dns_stub_listener_mode
= DNS_STUB_LISTENER_YES
,
585 .read_resolv_conf
= true,
586 .need_builtin_fallbacks
= true,
587 .etc_hosts_last
= USEC_INFINITY
,
588 .etc_hosts_mtime
= USEC_INFINITY
,
589 .read_etc_hosts
= true,
592 r
= dns_trust_anchor_load(&m
->trust_anchor
);
596 r
= manager_parse_config_file(m
);
598 log_warning_errno(r
, "Failed to parse configuration file: %m");
600 #if ENABLE_DNS_OVER_TLS
601 r
= dnstls_manager_init(m
);
606 r
= sd_event_default(&m
->event
);
610 (void) sd_event_add_signal(m
->event
, NULL
, SIGTERM
, NULL
, NULL
);
611 (void) sd_event_add_signal(m
->event
, NULL
, SIGINT
, NULL
, NULL
);
613 (void) sd_event_set_watchdog(m
->event
, true);
615 r
= manager_watch_hostname(m
);
621 log_warning_errno(r
, "Failed to load DNS-SD configuration files: %m");
623 r
= dns_scope_new(m
, &m
->unicast_scope
, NULL
, DNS_PROTOCOL_DNS
, AF_UNSPEC
);
627 r
= manager_network_monitor_listen(m
);
631 r
= manager_rtnl_listen(m
);
635 r
= manager_connect_bus(m
);
639 (void) sd_event_add_signal(m
->event
, &m
->sigusr1_event_source
, SIGUSR1
, manager_sigusr1
, m
);
640 (void) sd_event_add_signal(m
->event
, &m
->sigusr2_event_source
, SIGUSR2
, manager_sigusr2
, m
);
641 (void) sd_event_add_signal(m
->event
, &m
->sigrtmin1_event_source
, SIGRTMIN
+1, manager_sigrtmin1
, m
);
643 manager_cleanup_saved_user(m
);
650 int manager_start(Manager
*m
) {
655 r
= manager_dns_stub_start(m
);
662 Manager
*manager_free(Manager
*m
) {
669 dns_server_unlink_all(m
->dns_servers
);
670 dns_server_unlink_all(m
->fallback_dns_servers
);
671 dns_search_domain_unlink_all(m
->search_domains
);
673 while ((l
= hashmap_first(m
->links
)))
676 while (m
->dns_queries
)
677 dns_query_free(m
->dns_queries
);
679 dns_scope_free(m
->unicast_scope
);
681 /* At this point only orphaned streams should remain. All others should have been freed already by their
683 while (m
->dns_streams
)
684 dns_stream_unref(m
->dns_streams
);
686 #if ENABLE_DNS_OVER_TLS
687 dnstls_manager_free(m
);
690 hashmap_free(m
->links
);
691 hashmap_free(m
->dns_transactions
);
693 sd_event_source_unref(m
->network_event_source
);
694 sd_network_monitor_unref(m
->network_monitor
);
696 sd_netlink_unref(m
->rtnl
);
697 sd_event_source_unref(m
->rtnl_event_source
);
699 manager_llmnr_stop(m
);
700 manager_mdns_stop(m
);
701 manager_dns_stub_stop(m
);
703 sd_bus_flush_close_unref(m
->bus
);
705 sd_event_source_unref(m
->sigusr1_event_source
);
706 sd_event_source_unref(m
->sigusr2_event_source
);
707 sd_event_source_unref(m
->sigrtmin1_event_source
);
709 sd_event_unref(m
->event
);
711 dns_resource_key_unref(m
->llmnr_host_ipv4_key
);
712 dns_resource_key_unref(m
->llmnr_host_ipv6_key
);
713 dns_resource_key_unref(m
->mdns_host_ipv4_key
);
714 dns_resource_key_unref(m
->mdns_host_ipv6_key
);
716 sd_event_source_unref(m
->hostname_event_source
);
717 safe_close(m
->hostname_fd
);
719 free(m
->full_hostname
);
720 free(m
->llmnr_hostname
);
721 free(m
->mdns_hostname
);
723 while ((s
= hashmap_first(m
->dnssd_services
)))
724 dnssd_service_free(s
);
725 hashmap_free(m
->dnssd_services
);
727 dns_trust_anchor_flush(&m
->trust_anchor
);
728 manager_etc_hosts_flush(m
);
733 int manager_recv(Manager
*m
, int fd
, DnsProtocol protocol
, DnsPacket
**ret
) {
734 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
736 struct cmsghdr header
; /* For alignment */
737 uint8_t buffer
[CMSG_SPACE(MAXSIZE(struct in_pktinfo
, struct in6_pktinfo
))
738 + CMSG_SPACE(int) /* ttl/hoplimit */
739 + EXTRA_CMSG_SPACE
/* kernel appears to require extra buffer space */];
741 union sockaddr_union sa
;
745 .msg_namelen
= sizeof(sa
),
748 .msg_control
= &control
,
749 .msg_controllen
= sizeof(control
),
751 struct cmsghdr
*cmsg
;
759 ms
= next_datagram_size_fd(fd
);
763 r
= dns_packet_new(&p
, protocol
, ms
, DNS_PACKET_SIZE_MAX
);
767 iov
= IOVEC_MAKE(DNS_PACKET_DATA(p
), p
->allocated
);
769 l
= recvmsg(fd
, &mh
, 0);
771 if (IN_SET(errno
, EAGAIN
, EINTR
))
779 assert(!(mh
.msg_flags
& MSG_CTRUNC
));
780 assert(!(mh
.msg_flags
& MSG_TRUNC
));
782 p
->size
= (size_t) l
;
784 p
->family
= sa
.sa
.sa_family
;
785 p
->ipproto
= IPPROTO_UDP
;
786 if (p
->family
== AF_INET
) {
787 p
->sender
.in
= sa
.in
.sin_addr
;
788 p
->sender_port
= be16toh(sa
.in
.sin_port
);
789 } else if (p
->family
== AF_INET6
) {
790 p
->sender
.in6
= sa
.in6
.sin6_addr
;
791 p
->sender_port
= be16toh(sa
.in6
.sin6_port
);
792 p
->ifindex
= sa
.in6
.sin6_scope_id
;
794 return -EAFNOSUPPORT
;
796 CMSG_FOREACH(cmsg
, &mh
) {
798 if (cmsg
->cmsg_level
== IPPROTO_IPV6
) {
799 assert(p
->family
== AF_INET6
);
801 switch (cmsg
->cmsg_type
) {
804 struct in6_pktinfo
*i
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
807 p
->ifindex
= i
->ipi6_ifindex
;
809 p
->destination
.in6
= i
->ipi6_addr
;
814 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
818 } else if (cmsg
->cmsg_level
== IPPROTO_IP
) {
819 assert(p
->family
== AF_INET
);
821 switch (cmsg
->cmsg_type
) {
824 struct in_pktinfo
*i
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
827 p
->ifindex
= i
->ipi_ifindex
;
829 p
->destination
.in
= i
->ipi_addr
;
834 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
840 /* The Linux kernel sets the interface index to the loopback
841 * device if the packet came from the local host since it
842 * avoids the routing table in such a case. Let's unset the
843 * interface index in such a case. */
844 if (p
->ifindex
== LOOPBACK_IFINDEX
)
847 if (protocol
!= DNS_PROTOCOL_DNS
) {
848 /* If we don't know the interface index still, we look for the
849 * first local interface with a matching address. Yuck! */
851 p
->ifindex
= manager_find_ifindex(m
, p
->family
, &p
->destination
);
859 static int sendmsg_loop(int fd
, struct msghdr
*mh
, int flags
) {
866 if (sendmsg(fd
, mh
, flags
) >= 0)
875 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
883 static int write_loop(int fd
, void *message
, size_t length
) {
890 if (write(fd
, message
, length
) >= 0)
899 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
907 int manager_write(Manager
*m
, int fd
, DnsPacket
*p
) {
910 log_debug("Sending %s packet with id %" PRIu16
".", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
));
912 r
= write_loop(fd
, DNS_PACKET_DATA(p
), p
->size
);
919 static int manager_ipv4_send(
923 const struct in_addr
*destination
,
925 const struct in_addr
*source
,
928 struct cmsghdr header
; /* For alignment */
929 uint8_t buffer
[CMSG_SPACE(sizeof(struct in_pktinfo
))];
931 union sockaddr_union sa
;
937 .msg_namelen
= sizeof(sa
.in
),
946 iov
= IOVEC_MAKE(DNS_PACKET_DATA(p
), p
->size
);
948 sa
= (union sockaddr_union
) {
949 .in
.sin_family
= AF_INET
,
950 .in
.sin_addr
= *destination
,
951 .in
.sin_port
= htobe16(port
),
955 struct cmsghdr
*cmsg
;
956 struct in_pktinfo
*pi
;
958 mh
.msg_control
= &control
;
959 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in_pktinfo
));
961 cmsg
= CMSG_FIRSTHDR(&mh
);
962 cmsg
->cmsg_len
= mh
.msg_controllen
;
963 cmsg
->cmsg_level
= IPPROTO_IP
;
964 cmsg
->cmsg_type
= IP_PKTINFO
;
966 pi
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
967 pi
->ipi_ifindex
= ifindex
;
970 pi
->ipi_spec_dst
= *source
;
973 return sendmsg_loop(fd
, &mh
, 0);
976 static int manager_ipv6_send(
980 const struct in6_addr
*destination
,
982 const struct in6_addr
*source
,
986 struct cmsghdr header
; /* For alignment */
987 uint8_t buffer
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
989 union sockaddr_union sa
;
995 .msg_namelen
= sizeof(sa
.in6
),
1000 assert(destination
);
1004 iov
= IOVEC_MAKE(DNS_PACKET_DATA(p
), p
->size
);
1006 sa
= (union sockaddr_union
) {
1007 .in6
.sin6_family
= AF_INET6
,
1008 .in6
.sin6_addr
= *destination
,
1009 .in6
.sin6_port
= htobe16(port
),
1010 .in6
.sin6_scope_id
= ifindex
,
1014 struct cmsghdr
*cmsg
;
1015 struct in6_pktinfo
*pi
;
1017 mh
.msg_control
= &control
;
1018 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in6_pktinfo
));
1020 cmsg
= CMSG_FIRSTHDR(&mh
);
1021 cmsg
->cmsg_len
= mh
.msg_controllen
;
1022 cmsg
->cmsg_level
= IPPROTO_IPV6
;
1023 cmsg
->cmsg_type
= IPV6_PKTINFO
;
1025 pi
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
1026 pi
->ipi6_ifindex
= ifindex
;
1029 pi
->ipi6_addr
= *source
;
1032 return sendmsg_loop(fd
, &mh
, 0);
1040 const union in_addr_union
*destination
,
1042 const union in_addr_union
*source
,
1047 assert(destination
);
1051 log_debug("Sending %s packet with id %" PRIu16
" on interface %i/%s.", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
), ifindex
, af_to_name(family
));
1053 if (family
== AF_INET
)
1054 return manager_ipv4_send(m
, fd
, ifindex
, &destination
->in
, port
, source
? &source
->in
: NULL
, p
);
1055 if (family
== AF_INET6
)
1056 return manager_ipv6_send(m
, fd
, ifindex
, &destination
->in6
, port
, source
? &source
->in6
: NULL
, p
);
1058 return -EAFNOSUPPORT
;
1061 uint32_t manager_find_mtu(Manager
*m
) {
1066 /* If we don't know on which link a DNS packet would be
1067 * delivered, let's find the largest MTU that works on all
1068 * interfaces we know of */
1070 HASHMAP_FOREACH(l
, m
->links
, i
) {
1074 if (mtu
<= 0 || l
->mtu
< mtu
)
1081 int manager_find_ifindex(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1086 a
= manager_find_link_address(m
, family
, in_addr
);
1088 return a
->link
->ifindex
;
1093 void manager_refresh_rrs(Manager
*m
) {
1100 m
->llmnr_host_ipv4_key
= dns_resource_key_unref(m
->llmnr_host_ipv4_key
);
1101 m
->llmnr_host_ipv6_key
= dns_resource_key_unref(m
->llmnr_host_ipv6_key
);
1102 m
->mdns_host_ipv4_key
= dns_resource_key_unref(m
->mdns_host_ipv4_key
);
1103 m
->mdns_host_ipv6_key
= dns_resource_key_unref(m
->mdns_host_ipv6_key
);
1105 if (m
->mdns_support
== RESOLVE_SUPPORT_YES
)
1106 HASHMAP_FOREACH(s
, m
->dnssd_services
, i
)
1107 if (dnssd_update_rrs(s
) < 0)
1108 log_warning("Failed to refresh DNS-SD service '%s'", s
->name
);
1110 HASHMAP_FOREACH(l
, m
->links
, i
) {
1111 link_add_rrs(l
, true);
1112 link_add_rrs(l
, false);
1116 static int manager_next_random_name(const char *old
, char **ret_new
) {
1125 if (!strchr(DIGITS
, p
[-1]))
1131 if (*p
== 0 || safe_atou64(p
, &u
) < 0 || u
<= 0)
1134 /* Add a random number to the old value. This way we can avoid
1135 * that two hosts pick the same hostname, win on IPv4 and lose
1136 * on IPv6 (or vice versa), and pick the same hostname
1137 * replacement hostname, ad infinitum. We still want the
1138 * numbers to go up monotonically, hence we just add a random
1141 random_bytes(&a
, sizeof(a
));
1144 if (asprintf(&n
, "%.*s%" PRIu64
, (int) (p
- old
), old
, u
) < 0)
1152 int manager_next_hostname(Manager
*m
) {
1153 _cleanup_free_
char *h
= NULL
, *k
= NULL
;
1158 r
= manager_next_random_name(m
->llmnr_hostname
, &h
);
1162 r
= dns_name_concat(h
, "local", 0, &k
);
1166 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m
->llmnr_hostname
, h
);
1168 free_and_replace(m
->llmnr_hostname
, h
);
1169 free_and_replace(m
->mdns_hostname
, k
);
1171 manager_refresh_rrs(m
);
1176 LinkAddress
* manager_find_link_address(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1182 HASHMAP_FOREACH(l
, m
->links
, i
) {
1185 a
= link_find_address(l
, family
, in_addr
);
1193 bool manager_our_packet(Manager
*m
, DnsPacket
*p
) {
1197 return !!manager_find_link_address(m
, p
->family
, &p
->sender
);
1200 DnsScope
* manager_find_scope(Manager
*m
, DnsPacket
*p
) {
1206 l
= hashmap_get(m
->links
, INT_TO_PTR(p
->ifindex
));
1210 switch (p
->protocol
) {
1211 case DNS_PROTOCOL_LLMNR
:
1212 if (p
->family
== AF_INET
)
1213 return l
->llmnr_ipv4_scope
;
1214 else if (p
->family
== AF_INET6
)
1215 return l
->llmnr_ipv6_scope
;
1219 case DNS_PROTOCOL_MDNS
:
1220 if (p
->family
== AF_INET
)
1221 return l
->mdns_ipv4_scope
;
1222 else if (p
->family
== AF_INET6
)
1223 return l
->mdns_ipv6_scope
;
1234 void manager_verify_all(Manager
*m
) {
1239 LIST_FOREACH(scopes
, s
, m
->dns_scopes
)
1240 dns_zone_verify_all(&s
->zone
);
1243 int manager_is_own_hostname(Manager
*m
, const char *name
) {
1249 if (m
->llmnr_hostname
) {
1250 r
= dns_name_equal(name
, m
->llmnr_hostname
);
1255 if (m
->mdns_hostname
) {
1256 r
= dns_name_equal(name
, m
->mdns_hostname
);
1261 if (m
->full_hostname
)
1262 return dns_name_equal(name
, m
->full_hostname
);
1267 int manager_compile_dns_servers(Manager
*m
, OrderedSet
**dns
) {
1276 r
= ordered_set_ensure_allocated(dns
, &dns_server_hash_ops
);
1280 /* First add the system-wide servers and domains */
1281 LIST_FOREACH(servers
, s
, m
->dns_servers
) {
1282 r
= ordered_set_put(*dns
, s
);
1289 /* Then, add the per-link servers */
1290 HASHMAP_FOREACH(l
, m
->links
, i
) {
1291 LIST_FOREACH(servers
, s
, l
->dns_servers
) {
1292 r
= ordered_set_put(*dns
, s
);
1300 /* If we found nothing, add the fallback servers */
1301 if (ordered_set_isempty(*dns
)) {
1302 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
) {
1303 r
= ordered_set_put(*dns
, s
);
1314 /* filter_route is a tri-state:
1316 * = 0 or false: return only domains which should be used for searching
1317 * > 0 or true: return only domains which are for routing only
1319 int manager_compile_search_domains(Manager
*m
, OrderedSet
**domains
, int filter_route
) {
1328 r
= ordered_set_ensure_allocated(domains
, &dns_name_hash_ops
);
1332 LIST_FOREACH(domains
, d
, m
->search_domains
) {
1334 if (filter_route
>= 0 &&
1335 d
->route_only
!= !!filter_route
)
1338 r
= ordered_set_put(*domains
, d
->name
);
1345 HASHMAP_FOREACH(l
, m
->links
, i
) {
1347 LIST_FOREACH(domains
, d
, l
->search_domains
) {
1349 if (filter_route
>= 0 &&
1350 d
->route_only
!= !!filter_route
)
1353 r
= ordered_set_put(*domains
, d
->name
);
1364 DnssecMode
manager_get_dnssec_mode(Manager
*m
) {
1367 if (m
->dnssec_mode
!= _DNSSEC_MODE_INVALID
)
1368 return m
->dnssec_mode
;
1373 bool manager_dnssec_supported(Manager
*m
) {
1380 if (manager_get_dnssec_mode(m
) == DNSSEC_NO
)
1383 server
= manager_get_dns_server(m
);
1384 if (server
&& !dns_server_dnssec_supported(server
))
1387 HASHMAP_FOREACH(l
, m
->links
, i
)
1388 if (!link_dnssec_supported(l
))
1394 DnsOverTlsMode
manager_get_dns_over_tls_mode(Manager
*m
) {
1397 if (m
->dns_over_tls_mode
!= _DNS_OVER_TLS_MODE_INVALID
)
1398 return m
->dns_over_tls_mode
;
1400 return DNS_OVER_TLS_NO
;
1403 void manager_dnssec_verdict(Manager
*m
, DnssecVerdict verdict
, const DnsResourceKey
*key
) {
1405 assert(verdict
>= 0);
1406 assert(verdict
< _DNSSEC_VERDICT_MAX
);
1408 if (DEBUG_LOGGING
) {
1409 char s
[DNS_RESOURCE_KEY_STRING_MAX
];
1411 log_debug("Found verdict for lookup %s: %s",
1412 dns_resource_key_to_string(key
, s
, sizeof s
),
1413 dnssec_verdict_to_string(verdict
));
1416 m
->n_dnssec_verdict
[verdict
]++;
1419 bool manager_routable(Manager
*m
, int family
) {
1425 /* Returns true if the host has at least one interface with a routable address of the specified type */
1427 HASHMAP_FOREACH(l
, m
->links
, i
)
1428 if (link_relevant(l
, family
, false))
1434 void manager_flush_caches(Manager
*m
) {
1439 LIST_FOREACH(scopes
, scope
, m
->dns_scopes
)
1440 dns_cache_flush(&scope
->cache
);
1442 log_info("Flushed all caches.");
1445 void manager_reset_server_features(Manager
*m
) {
1449 dns_server_reset_features_all(m
->dns_servers
);
1450 dns_server_reset_features_all(m
->fallback_dns_servers
);
1452 HASHMAP_FOREACH(l
, m
->links
, i
)
1453 dns_server_reset_features_all(l
->dns_servers
);
1455 log_info("Resetting learnt feature levels on all servers.");
1458 void manager_cleanup_saved_user(Manager
*m
) {
1459 _cleanup_closedir_
DIR *d
= NULL
;
1465 /* Clean up all saved per-link files in /run/systemd/resolve/netif/ that don't have a matching interface
1466 * anymore. These files are created to persist settings pushed in by the user via the bus, so that resolved can
1467 * be restarted without losing this data. */
1469 d
= opendir("/run/systemd/resolve/netif/");
1471 if (errno
== ENOENT
)
1474 log_warning_errno(errno
, "Failed to open interface directory: %m");
1478 FOREACH_DIRENT_ALL(de
, d
, log_error_errno(errno
, "Failed to read interface directory: %m")) {
1479 _cleanup_free_
char *p
= NULL
;
1483 if (!IN_SET(de
->d_type
, DT_UNKNOWN
, DT_REG
))
1486 if (dot_or_dot_dot(de
->d_name
))
1489 r
= parse_ifindex(de
->d_name
, &ifindex
);
1490 if (r
< 0) /* Probably some temporary file from a previous run. Delete it */
1493 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
1494 if (!l
) /* link vanished */
1497 if (l
->is_managed
) /* now managed by networkd, hence the bus settings are useless */
1503 p
= strappend("/run/systemd/resolve/netif/", de
->d_name
);
1513 bool manager_next_dnssd_names(Manager
*m
) {
1521 HASHMAP_FOREACH(s
, m
->dnssd_services
, i
) {
1522 _cleanup_free_
char * new_name
= NULL
;
1527 r
= manager_next_random_name(s
->name_template
, &new_name
);
1529 log_warning_errno(r
, "Failed to get new name for service '%s': %m", s
->name
);
1533 free_and_replace(s
->name_template
, new_name
);
1535 s
->withdrawn
= false;
1541 manager_refresh_rrs(m
);