1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <sys/ioctl.h>
25 #include <netinet/in.h>
27 #include "rtnl-util.h"
28 #include "network-internal.h"
29 #include "socket-util.h"
32 #include "fileio-label.h"
33 #include "ordered-set.h"
34 #include "random-util.h"
36 #include "resolved-dns-domain.h"
37 #include "resolved-conf.h"
38 #include "resolved-bus.h"
39 #include "resolved-manager.h"
41 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
43 static int manager_process_link(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
44 Manager
*m
= userdata
;
53 r
= sd_rtnl_message_get_type(mm
, &type
);
57 r
= sd_rtnl_message_link_get_ifindex(mm
, &ifindex
);
61 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
69 r
= link_new(m
, &l
, ifindex
);
74 r
= link_update_rtnl(l
, mm
);
78 r
= link_update_monitor(l
);
83 log_debug("Found new link %i/%s", ifindex
, l
->name
);
90 log_debug("Removing link %i/%s", l
->ifindex
, l
->name
);
100 log_warning_errno(r
, "Failed to process RTNL link message: %m");
104 static int manager_process_address(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
105 Manager
*m
= userdata
;
106 union in_addr_union address
;
108 int r
, ifindex
, family
;
116 r
= sd_rtnl_message_get_type(mm
, &type
);
120 r
= sd_rtnl_message_addr_get_ifindex(mm
, &ifindex
);
124 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
128 r
= sd_rtnl_message_addr_get_family(mm
, &family
);
135 r
= sd_rtnl_message_read_in_addr(mm
, IFA_LOCAL
, &address
.in
);
137 r
= sd_rtnl_message_read_in_addr(mm
, IFA_ADDRESS
, &address
.in
);
145 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_LOCAL
, &address
.in6
);
147 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_ADDRESS
, &address
.in6
);
158 a
= link_find_address(l
, family
, &address
);
165 r
= link_address_new(l
, &a
, family
, &address
);
170 r
= link_address_update_rtnl(a
, mm
);
178 link_address_free(a
);
185 log_warning_errno(r
, "Failed to process RTNL address message: %m");
189 static int manager_rtnl_listen(Manager
*m
) {
190 _cleanup_rtnl_message_unref_ sd_rtnl_message
*req
= NULL
, *reply
= NULL
;
196 /* First, subscribe to interfaces coming and going */
197 r
= sd_rtnl_open(&m
->rtnl
, 3, RTNLGRP_LINK
, RTNLGRP_IPV4_IFADDR
, RTNLGRP_IPV6_IFADDR
);
201 r
= sd_rtnl_attach_event(m
->rtnl
, m
->event
, 0);
205 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWLINK
, manager_process_link
, m
);
209 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELLINK
, manager_process_link
, m
);
213 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWADDR
, manager_process_address
, m
);
217 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELADDR
, manager_process_address
, m
);
221 /* Then, enumerate all links */
222 r
= sd_rtnl_message_new_link(m
->rtnl
, &req
, RTM_GETLINK
, 0);
226 r
= sd_rtnl_message_request_dump(req
, true);
230 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
234 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
235 r
= manager_process_link(m
->rtnl
, i
, m
);
240 req
= sd_rtnl_message_unref(req
);
241 reply
= sd_rtnl_message_unref(reply
);
243 /* Finally, enumerate all addresses, too */
244 r
= sd_rtnl_message_new_addr(m
->rtnl
, &req
, RTM_GETADDR
, 0, AF_UNSPEC
);
248 r
= sd_rtnl_message_request_dump(req
, true);
252 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
256 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
257 r
= manager_process_address(m
->rtnl
, i
, m
);
265 static int on_network_event(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
266 Manager
*m
= userdata
;
273 sd_network_monitor_flush(m
->network_monitor
);
275 HASHMAP_FOREACH(l
, m
->links
, i
) {
276 r
= link_update_monitor(l
);
278 log_warning_errno(r
, "Failed to update monitor information for %i: %m", l
->ifindex
);
281 r
= manager_write_resolv_conf(m
);
283 log_warning_errno(r
, "Could not update resolv.conf: %m");
288 static int manager_network_monitor_listen(Manager
*m
) {
293 r
= sd_network_monitor_new(&m
->network_monitor
, NULL
);
297 fd
= sd_network_monitor_get_fd(m
->network_monitor
);
301 events
= sd_network_monitor_get_events(m
->network_monitor
);
305 r
= sd_event_add_io(m
->event
, &m
->network_event_source
, fd
, events
, &on_network_event
, m
);
312 static int determine_hostname(char **ret
) {
313 _cleanup_free_
char *h
= NULL
, *n
= NULL
;
318 h
= gethostname_malloc();
322 if (!utf8_is_valid(h
)) {
323 log_error("System hostname is not UTF-8 clean.");
327 r
= dns_name_normalize(h
, &n
);
329 log_error("System hostname '%s' cannot be normalized.", h
);
339 static int on_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
340 _cleanup_free_
char *h
= NULL
;
341 Manager
*m
= userdata
;
346 r
= determine_hostname(&h
);
348 return 0; /* ignore invalid hostnames */
350 if (streq(h
, m
->hostname
))
353 log_info("System hostname changed to '%s'.", h
);
358 manager_refresh_rrs(m
);
363 static int manager_watch_hostname(Manager
*m
) {
368 m
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
369 if (m
->hostname_fd
< 0) {
370 log_warning_errno(errno
, "Failed to watch hostname: %m");
374 r
= sd_event_add_io(m
->event
, &m
->hostname_event_source
, m
->hostname_fd
, 0, on_hostname_change
, m
);
377 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
378 m
->hostname_fd
= safe_close(m
->hostname_fd
);
380 return log_error_errno(r
, "Failed to add hostname event source: %m");
383 r
= determine_hostname(&m
->hostname
);
385 log_info("Defaulting to hostname 'linux'.");
386 m
->hostname
= strdup("linux");
390 log_info("Using system hostname '%s'.", m
->hostname
);
395 static void manager_llmnr_stop(Manager
*m
) {
398 m
->llmnr_ipv4_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_udp_event_source
);
399 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
401 m
->llmnr_ipv6_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_udp_event_source
);
402 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
404 m
->llmnr_ipv4_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_tcp_event_source
);
405 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
407 m
->llmnr_ipv6_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_tcp_event_source
);
408 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
411 static int manager_llmnr_start(Manager
*m
) {
416 if (m
->llmnr_support
== SUPPORT_NO
)
419 r
= manager_llmnr_ipv4_udp_fd(m
);
420 if (r
== -EADDRINUSE
)
425 r
= manager_llmnr_ipv4_tcp_fd(m
);
426 if (r
== -EADDRINUSE
)
431 if (socket_ipv6_is_supported()) {
432 r
= manager_llmnr_ipv6_udp_fd(m
);
433 if (r
== -EADDRINUSE
)
438 r
= manager_llmnr_ipv6_tcp_fd(m
);
439 if (r
== -EADDRINUSE
)
448 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
449 m
->llmnr_support
= SUPPORT_NO
;
450 manager_llmnr_stop(m
);
455 int manager_new(Manager
**ret
) {
456 _cleanup_(manager_freep
) Manager
*m
= NULL
;
461 m
= new0(Manager
, 1);
465 m
->dns_ipv4_fd
= m
->dns_ipv6_fd
= -1;
466 m
->llmnr_ipv4_udp_fd
= m
->llmnr_ipv6_udp_fd
= -1;
467 m
->llmnr_ipv4_tcp_fd
= m
->llmnr_ipv6_tcp_fd
= -1;
470 m
->llmnr_support
= SUPPORT_YES
;
471 m
->read_resolv_conf
= true;
473 r
= manager_parse_dns_server(m
, DNS_SERVER_FALLBACK
, DNS_SERVERS
);
477 r
= sd_event_default(&m
->event
);
481 sd_event_add_signal(m
->event
, NULL
, SIGTERM
, NULL
, NULL
);
482 sd_event_add_signal(m
->event
, NULL
, SIGINT
, NULL
, NULL
);
484 sd_event_set_watchdog(m
->event
, true);
486 r
= manager_watch_hostname(m
);
490 r
= dns_scope_new(m
, &m
->unicast_scope
, NULL
, DNS_PROTOCOL_DNS
, AF_UNSPEC
);
494 r
= manager_network_monitor_listen(m
);
498 r
= manager_rtnl_listen(m
);
502 r
= manager_connect_bus(m
);
512 int manager_start(Manager
*m
) {
517 r
= manager_llmnr_start(m
);
524 Manager
*manager_free(Manager
*m
) {
530 while ((l
= hashmap_first(m
->links
)))
533 while (m
->dns_queries
)
534 dns_query_free(m
->dns_queries
);
536 dns_scope_free(m
->unicast_scope
);
538 manager_flush_dns_servers(m
, DNS_SERVER_SYSTEM
);
539 manager_flush_dns_servers(m
, DNS_SERVER_FALLBACK
);
541 hashmap_free(m
->links
);
542 hashmap_free(m
->dns_transactions
);
544 sd_event_source_unref(m
->network_event_source
);
545 sd_network_monitor_unref(m
->network_monitor
);
547 sd_event_source_unref(m
->dns_ipv4_event_source
);
548 sd_event_source_unref(m
->dns_ipv6_event_source
);
549 safe_close(m
->dns_ipv4_fd
);
550 safe_close(m
->dns_ipv6_fd
);
552 manager_llmnr_stop(m
);
554 sd_bus_slot_unref(m
->prepare_for_sleep_slot
);
555 sd_event_source_unref(m
->bus_retry_event_source
);
556 sd_bus_unref(m
->bus
);
558 sd_event_unref(m
->event
);
560 dns_resource_key_unref(m
->host_ipv4_key
);
561 dns_resource_key_unref(m
->host_ipv6_key
);
563 safe_close(m
->hostname_fd
);
564 sd_event_source_unref(m
->hostname_event_source
);
572 int manager_read_resolv_conf(Manager
*m
) {
573 _cleanup_fclose_
FILE *f
= NULL
;
582 /* Reads the system /etc/resolv.conf, if it exists and is not
583 * symlinked to our own resolv.conf instance */
585 if (!m
->read_resolv_conf
)
588 r
= stat("/etc/resolv.conf", &st
);
591 log_warning_errno(errno
, "Failed to open /etc/resolv.conf: %m");
596 /* Have we already seen the file? */
597 t
= timespec_load(&st
.st_mtim
);
598 if (t
== m
->resolv_conf_mtime
)
601 m
->resolv_conf_mtime
= t
;
603 /* Is it symlinked to our own file? */
604 if (stat("/run/systemd/resolve/resolv.conf", &own
) >= 0 &&
605 st
.st_dev
== own
.st_dev
&&
606 st
.st_ino
== own
.st_ino
) {
611 f
= fopen("/etc/resolv.conf", "re");
614 log_warning_errno(errno
, "Failed to open /etc/resolv.conf: %m");
619 if (fstat(fileno(f
), &st
) < 0) {
620 log_error_errno(errno
, "Failed to stat open file: %m");
625 LIST_FOREACH(servers
, s
, m
->dns_servers
)
628 FOREACH_LINE(line
, f
, r
= -errno
; goto clear
) {
629 union in_addr_union address
;
637 if (*l
== '#' || *l
== ';')
640 a
= first_word(l
, "nameserver");
644 r
= in_addr_from_string_auto(a
, &family
, &address
);
646 log_warning("Failed to parse name server %s.", a
);
650 LIST_FOREACH(servers
, s
, m
->dns_servers
)
651 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, &address
) > 0)
657 r
= dns_server_new(m
, NULL
, DNS_SERVER_SYSTEM
, NULL
, family
, &address
);
663 LIST_FOREACH_SAFE(servers
, s
, nx
, m
->dns_servers
)
667 /* Whenever /etc/resolv.conf changes, start using the first
668 * DNS server of it. This is useful to deal with broken
669 * network managing implementations (like NetworkManager),
670 * that when connecting to a VPN place both the VPN DNS
671 * servers and the local ones in /etc/resolv.conf. Without
672 * resetting the DNS server to use back to the first entry we
673 * will continue to use the local one thus being unable to
674 * resolve VPN domains. */
675 manager_set_dns_server(m
, m
->dns_servers
);
680 while (m
->dns_servers
)
681 dns_server_free(m
->dns_servers
);
686 static void write_resolv_conf_server(DnsServer
*s
, FILE *f
, unsigned *count
) {
687 _cleanup_free_
char *t
= NULL
;
694 r
= in_addr_to_string(s
->family
, &s
->address
, &t
);
696 log_warning_errno(r
, "Invalid DNS address. Ignoring: %m");
701 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f
);
703 fprintf(f
, "nameserver %s\n", t
);
707 static void write_resolv_conf_search(
708 const char *domain
, FILE *f
,
716 if (*count
>= MAXDNSRCH
||
717 *length
+ strlen(domain
) > 256) {
718 if (*count
== MAXDNSRCH
)
719 fputs(" # Too many search domains configured, remaining ones ignored.", f
);
721 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f
);
726 fprintf(f
, " %s", domain
);
728 (*length
) += strlen(domain
);
732 static int write_resolv_conf_contents(FILE *f
, OrderedSet
*dns
, OrderedSet
*domains
) {
735 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
736 "# Third party programs must not access this file directly, but\n"
737 "# only through the symlink at /etc/resolv.conf. To manage\n"
738 "# resolv.conf(5) in a different way, replace the symlink by a\n"
739 "# static file or a different symlink.\n\n", f
);
741 if (ordered_set_isempty(dns
))
742 fputs("# No DNS servers known.\n", f
);
747 ORDERED_SET_FOREACH(s
, dns
, i
)
748 write_resolv_conf_server(s
, f
, &count
);
751 if (!ordered_set_isempty(domains
)) {
752 unsigned length
= 0, count
= 0;
756 ORDERED_SET_FOREACH(domain
, domains
, i
)
757 write_resolv_conf_search(domain
, f
, &count
, &length
);
761 return fflush_and_check(f
);
764 int manager_write_resolv_conf(Manager
*m
) {
765 static const char path
[] = "/run/systemd/resolve/resolv.conf";
766 _cleanup_free_
char *temp_path
= NULL
;
767 _cleanup_fclose_
FILE *f
= NULL
;
768 _cleanup_ordered_set_free_ OrderedSet
*dns
= NULL
, *domains
= NULL
;
776 /* Read the system /etc/resolv.conf first */
777 manager_read_resolv_conf(m
);
779 /* Add the full list to a set, to filter out duplicates */
780 dns
= ordered_set_new(&dns_server_hash_ops
);
784 domains
= ordered_set_new(&dns_name_hash_ops
);
788 /* First add the system-wide servers */
789 LIST_FOREACH(servers
, s
, m
->dns_servers
) {
790 r
= ordered_set_put(dns
, s
);
797 /* Then, add the per-link servers and domains */
798 HASHMAP_FOREACH(l
, m
->links
, i
) {
801 LIST_FOREACH(servers
, s
, l
->dns_servers
) {
802 r
= ordered_set_put(dns
, s
);
809 if (!l
->unicast_scope
)
812 STRV_FOREACH(domain
, l
->unicast_scope
->domains
) {
813 r
= ordered_set_put(domains
, *domain
);
821 /* If we found nothing, add the fallback servers */
822 if (ordered_set_isempty(dns
)) {
823 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
) {
824 r
= ordered_set_put(dns
, s
);
832 r
= fopen_temporary_label(path
, path
, &f
, &temp_path
);
836 fchmod(fileno(f
), 0644);
838 r
= write_resolv_conf_contents(f
, dns
, domains
);
842 if (rename(temp_path
, path
) < 0) {
851 (void) unlink(temp_path
);
855 int manager_recv(Manager
*m
, int fd
, DnsProtocol protocol
, DnsPacket
**ret
) {
856 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
858 struct cmsghdr header
; /* For alignment */
859 uint8_t buffer
[CMSG_SPACE(MAXSIZE(struct in_pktinfo
, struct in6_pktinfo
))
860 + CMSG_SPACE(int) /* ttl/hoplimit */
861 + EXTRA_CMSG_SPACE
/* kernel appears to require extra buffer space */];
863 union sockaddr_union sa
;
864 struct msghdr mh
= {};
865 struct cmsghdr
*cmsg
;
874 r
= ioctl(fd
, FIONREAD
, &ms
);
880 r
= dns_packet_new(&p
, protocol
, ms
);
884 iov
.iov_base
= DNS_PACKET_DATA(p
);
885 iov
.iov_len
= p
->allocated
;
887 mh
.msg_name
= &sa
.sa
;
888 mh
.msg_namelen
= sizeof(sa
);
891 mh
.msg_control
= &control
;
892 mh
.msg_controllen
= sizeof(control
);
894 l
= recvmsg(fd
, &mh
, 0);
896 if (errno
== EAGAIN
|| errno
== EINTR
)
905 assert(!(mh
.msg_flags
& MSG_CTRUNC
));
906 assert(!(mh
.msg_flags
& MSG_TRUNC
));
908 p
->size
= (size_t) l
;
910 p
->family
= sa
.sa
.sa_family
;
911 p
->ipproto
= IPPROTO_UDP
;
912 if (p
->family
== AF_INET
) {
913 p
->sender
.in
= sa
.in
.sin_addr
;
914 p
->sender_port
= be16toh(sa
.in
.sin_port
);
915 } else if (p
->family
== AF_INET6
) {
916 p
->sender
.in6
= sa
.in6
.sin6_addr
;
917 p
->sender_port
= be16toh(sa
.in6
.sin6_port
);
918 p
->ifindex
= sa
.in6
.sin6_scope_id
;
920 return -EAFNOSUPPORT
;
922 for (cmsg
= CMSG_FIRSTHDR(&mh
); cmsg
; cmsg
= CMSG_NXTHDR(&mh
, cmsg
)) {
924 if (cmsg
->cmsg_level
== IPPROTO_IPV6
) {
925 assert(p
->family
== AF_INET6
);
927 switch (cmsg
->cmsg_type
) {
930 struct in6_pktinfo
*i
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
933 p
->ifindex
= i
->ipi6_ifindex
;
935 p
->destination
.in6
= i
->ipi6_addr
;
940 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
944 } else if (cmsg
->cmsg_level
== IPPROTO_IP
) {
945 assert(p
->family
== AF_INET
);
947 switch (cmsg
->cmsg_type
) {
950 struct in_pktinfo
*i
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
953 p
->ifindex
= i
->ipi_ifindex
;
955 p
->destination
.in
= i
->ipi_addr
;
960 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
966 /* The Linux kernel sets the interface index to the loopback
967 * device if the packet came from the local host since it
968 * avoids the routing table in such a case. Let's unset the
969 * interface index in such a case. */
970 if (p
->ifindex
== LOOPBACK_IFINDEX
)
973 /* If we don't know the interface index still, we look for the
974 * first local interface with a matching address. Yuck! */
976 p
->ifindex
= manager_find_ifindex(m
, p
->family
, &p
->destination
);
984 static int on_dns_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
985 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
986 DnsTransaction
*t
= NULL
;
987 Manager
*m
= userdata
;
990 r
= manager_recv(m
, fd
, DNS_PROTOCOL_DNS
, &p
);
994 if (dns_packet_validate_reply(p
) > 0) {
995 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
999 dns_transaction_process_reply(t
, p
);
1002 log_debug("Invalid DNS packet.");
1007 int manager_dns_ipv4_fd(Manager
*m
) {
1013 if (m
->dns_ipv4_fd
>= 0)
1014 return m
->dns_ipv4_fd
;
1016 m
->dns_ipv4_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1017 if (m
->dns_ipv4_fd
< 0)
1020 r
= setsockopt(m
->dns_ipv4_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1026 r
= sd_event_add_io(m
->event
, &m
->dns_ipv4_event_source
, m
->dns_ipv4_fd
, EPOLLIN
, on_dns_packet
, m
);
1030 return m
->dns_ipv4_fd
;
1033 m
->dns_ipv4_fd
= safe_close(m
->dns_ipv4_fd
);
1037 int manager_dns_ipv6_fd(Manager
*m
) {
1043 if (m
->dns_ipv6_fd
>= 0)
1044 return m
->dns_ipv6_fd
;
1046 m
->dns_ipv6_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1047 if (m
->dns_ipv6_fd
< 0)
1050 r
= setsockopt(m
->dns_ipv6_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1056 r
= sd_event_add_io(m
->event
, &m
->dns_ipv6_event_source
, m
->dns_ipv6_fd
, EPOLLIN
, on_dns_packet
, m
);
1060 return m
->dns_ipv6_fd
;
1063 m
->dns_ipv6_fd
= safe_close(m
->dns_ipv6_fd
);
1067 static int sendmsg_loop(int fd
, struct msghdr
*mh
, int flags
) {
1074 if (sendmsg(fd
, mh
, flags
) >= 0)
1080 if (errno
!= EAGAIN
)
1083 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
1091 static int manager_ipv4_send(Manager
*m
, int fd
, int ifindex
, const struct in_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
1092 union sockaddr_union sa
= {
1093 .in
.sin_family
= AF_INET
,
1096 struct cmsghdr header
; /* For alignment */
1097 uint8_t buffer
[CMSG_SPACE(sizeof(struct in_pktinfo
))];
1099 struct msghdr mh
= {};
1108 iov
.iov_base
= DNS_PACKET_DATA(p
);
1109 iov
.iov_len
= p
->size
;
1111 sa
.in
.sin_addr
= *addr
;
1112 sa
.in
.sin_port
= htobe16(port
),
1116 mh
.msg_name
= &sa
.sa
;
1117 mh
.msg_namelen
= sizeof(sa
.in
);
1120 struct cmsghdr
*cmsg
;
1121 struct in_pktinfo
*pi
;
1125 mh
.msg_control
= &control
;
1126 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in_pktinfo
));
1128 cmsg
= CMSG_FIRSTHDR(&mh
);
1129 cmsg
->cmsg_len
= mh
.msg_controllen
;
1130 cmsg
->cmsg_level
= IPPROTO_IP
;
1131 cmsg
->cmsg_type
= IP_PKTINFO
;
1133 pi
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
1134 pi
->ipi_ifindex
= ifindex
;
1137 return sendmsg_loop(fd
, &mh
, 0);
1140 static int manager_ipv6_send(Manager
*m
, int fd
, int ifindex
, const struct in6_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
1141 union sockaddr_union sa
= {
1142 .in6
.sin6_family
= AF_INET6
,
1145 struct cmsghdr header
; /* For alignment */
1146 uint8_t buffer
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
1148 struct msghdr mh
= {};
1157 iov
.iov_base
= DNS_PACKET_DATA(p
);
1158 iov
.iov_len
= p
->size
;
1160 sa
.in6
.sin6_addr
= *addr
;
1161 sa
.in6
.sin6_port
= htobe16(port
),
1162 sa
.in6
.sin6_scope_id
= ifindex
;
1166 mh
.msg_name
= &sa
.sa
;
1167 mh
.msg_namelen
= sizeof(sa
.in6
);
1170 struct cmsghdr
*cmsg
;
1171 struct in6_pktinfo
*pi
;
1175 mh
.msg_control
= &control
;
1176 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in6_pktinfo
));
1178 cmsg
= CMSG_FIRSTHDR(&mh
);
1179 cmsg
->cmsg_len
= mh
.msg_controllen
;
1180 cmsg
->cmsg_level
= IPPROTO_IPV6
;
1181 cmsg
->cmsg_type
= IPV6_PKTINFO
;
1183 pi
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
1184 pi
->ipi6_ifindex
= ifindex
;
1187 return sendmsg_loop(fd
, &mh
, 0);
1190 int manager_send(Manager
*m
, int fd
, int ifindex
, int family
, const union in_addr_union
*addr
, uint16_t port
, DnsPacket
*p
) {
1197 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
), ifindex
, af_to_name(family
));
1199 if (family
== AF_INET
)
1200 return manager_ipv4_send(m
, fd
, ifindex
, &addr
->in
, port
, p
);
1201 else if (family
== AF_INET6
)
1202 return manager_ipv6_send(m
, fd
, ifindex
, &addr
->in6
, port
, p
);
1204 return -EAFNOSUPPORT
;
1207 DnsServer
* manager_find_dns_server(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1213 LIST_FOREACH(servers
, s
, m
->dns_servers
)
1214 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1217 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
)
1218 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1224 DnsServer
*manager_set_dns_server(Manager
*m
, DnsServer
*s
) {
1227 if (m
->current_dns_server
== s
)
1231 _cleanup_free_
char *ip
= NULL
;
1233 in_addr_to_string(s
->family
, &s
->address
, &ip
);
1234 log_info("Switching to system DNS server %s.", strna(ip
));
1237 m
->current_dns_server
= s
;
1239 if (m
->unicast_scope
)
1240 dns_cache_flush(&m
->unicast_scope
->cache
);
1245 DnsServer
*manager_get_dns_server(Manager
*m
) {
1249 /* Try to read updates resolv.conf */
1250 manager_read_resolv_conf(m
);
1252 if (!m
->current_dns_server
)
1253 manager_set_dns_server(m
, m
->dns_servers
);
1255 if (!m
->current_dns_server
) {
1259 /* No DNS servers configured, let's see if there are
1260 * any on any links. If not, we use the fallback
1263 HASHMAP_FOREACH(l
, m
->links
, i
)
1264 if (l
->dns_servers
) {
1270 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1273 return m
->current_dns_server
;
1276 void manager_next_dns_server(Manager
*m
) {
1279 /* If there's currently no DNS server set, then the next
1280 * manager_get_dns_server() will find one */
1281 if (!m
->current_dns_server
)
1284 /* Change to the next one */
1285 if (m
->current_dns_server
->servers_next
) {
1286 manager_set_dns_server(m
, m
->current_dns_server
->servers_next
);
1290 /* If there was no next one, then start from the beginning of
1292 if (m
->current_dns_server
->type
== DNS_SERVER_FALLBACK
)
1293 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1295 manager_set_dns_server(m
, m
->dns_servers
);
1298 uint32_t manager_find_mtu(Manager
*m
) {
1303 /* If we don't know on which link a DNS packet would be
1304 * delivered, let's find the largest MTU that works on all
1305 * interfaces we know of */
1307 HASHMAP_FOREACH(l
, m
->links
, i
) {
1311 if (mtu
<= 0 || l
->mtu
< mtu
)
1318 static int on_llmnr_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1319 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
1320 DnsTransaction
*t
= NULL
;
1321 Manager
*m
= userdata
;
1325 r
= manager_recv(m
, fd
, DNS_PROTOCOL_LLMNR
, &p
);
1329 scope
= manager_find_scope(m
, p
);
1331 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1335 if (dns_packet_validate_reply(p
) > 0) {
1336 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p
));
1338 dns_scope_check_conflicts(scope
, p
);
1340 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
1342 dns_transaction_process_reply(t
, p
);
1344 } else if (dns_packet_validate_query(p
) > 0) {
1345 log_debug("Got query packet for id %u", DNS_PACKET_ID(p
));
1347 dns_scope_process_query(scope
, NULL
, p
);
1349 log_debug("Invalid LLMNR UDP packet.");
1354 int manager_llmnr_ipv4_udp_fd(Manager
*m
) {
1355 union sockaddr_union sa
= {
1356 .in
.sin_family
= AF_INET
,
1357 .in
.sin_port
= htobe16(5355),
1359 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
, ttl
= 255;
1364 if (m
->llmnr_ipv4_udp_fd
>= 0)
1365 return m
->llmnr_ipv4_udp_fd
;
1367 m
->llmnr_ipv4_udp_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1368 if (m
->llmnr_ipv4_udp_fd
< 0)
1371 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1372 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_TTL
, &ttl
, sizeof(ttl
));
1378 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_TTL
, &ttl
, sizeof(ttl
));
1384 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_LOOP
, &one
, sizeof(one
));
1390 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1396 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1402 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1408 /* Disable Don't-Fragment bit in the IP header */
1409 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1415 r
= bind(m
->llmnr_ipv4_udp_fd
, &sa
.sa
, sizeof(sa
.in
));
1421 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_udp_event_source
, m
->llmnr_ipv4_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1425 return m
->llmnr_ipv4_udp_fd
;
1428 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
1432 int manager_llmnr_ipv6_udp_fd(Manager
*m
) {
1433 union sockaddr_union sa
= {
1434 .in6
.sin6_family
= AF_INET6
,
1435 .in6
.sin6_port
= htobe16(5355),
1437 static const int one
= 1, ttl
= 255;
1442 if (m
->llmnr_ipv6_udp_fd
>= 0)
1443 return m
->llmnr_ipv6_udp_fd
;
1445 m
->llmnr_ipv6_udp_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1446 if (m
->llmnr_ipv6_udp_fd
< 0)
1449 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &ttl
, sizeof(ttl
));
1455 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1456 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_HOPS
, &ttl
, sizeof(ttl
));
1462 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_LOOP
, &one
, sizeof(one
));
1468 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1474 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1480 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1486 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1492 r
= bind(m
->llmnr_ipv6_udp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1498 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_udp_event_source
, m
->llmnr_ipv6_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1504 return m
->llmnr_ipv6_udp_fd
;
1507 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
1511 static int on_llmnr_stream_packet(DnsStream
*s
) {
1516 scope
= manager_find_scope(s
->manager
, s
->read_packet
);
1518 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1522 if (dns_packet_validate_query(s
->read_packet
) > 0) {
1523 log_debug("Got query packet for id %u", DNS_PACKET_ID(s
->read_packet
));
1525 dns_scope_process_query(scope
, s
, s
->read_packet
);
1527 /* If no reply packet was set, we free the stream */
1528 if (s
->write_packet
)
1531 log_debug("Invalid LLMNR TCP packet.");
1537 static int on_llmnr_stream(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1539 Manager
*m
= userdata
;
1542 cfd
= accept4(fd
, NULL
, NULL
, SOCK_NONBLOCK
|SOCK_CLOEXEC
);
1544 if (errno
== EAGAIN
|| errno
== EINTR
)
1550 r
= dns_stream_new(m
, &stream
, DNS_PROTOCOL_LLMNR
, cfd
);
1556 stream
->on_packet
= on_llmnr_stream_packet
;
1560 int manager_llmnr_ipv4_tcp_fd(Manager
*m
) {
1561 union sockaddr_union sa
= {
1562 .in
.sin_family
= AF_INET
,
1563 .in
.sin_port
= htobe16(5355),
1565 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
;
1570 if (m
->llmnr_ipv4_tcp_fd
>= 0)
1571 return m
->llmnr_ipv4_tcp_fd
;
1573 m
->llmnr_ipv4_tcp_fd
= socket(AF_INET
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1574 if (m
->llmnr_ipv4_tcp_fd
< 0)
1577 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1578 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_TTL
, &one
, sizeof(one
));
1584 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1590 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1596 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1602 /* Disable Don't-Fragment bit in the IP header */
1603 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1609 r
= bind(m
->llmnr_ipv4_tcp_fd
, &sa
.sa
, sizeof(sa
.in
));
1615 r
= listen(m
->llmnr_ipv4_tcp_fd
, SOMAXCONN
);
1621 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_tcp_event_source
, m
->llmnr_ipv4_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1625 return m
->llmnr_ipv4_tcp_fd
;
1628 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
1632 int manager_llmnr_ipv6_tcp_fd(Manager
*m
) {
1633 union sockaddr_union sa
= {
1634 .in6
.sin6_family
= AF_INET6
,
1635 .in6
.sin6_port
= htobe16(5355),
1637 static const int one
= 1;
1642 if (m
->llmnr_ipv6_tcp_fd
>= 0)
1643 return m
->llmnr_ipv6_tcp_fd
;
1645 m
->llmnr_ipv6_tcp_fd
= socket(AF_INET6
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1646 if (m
->llmnr_ipv6_tcp_fd
< 0)
1649 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1650 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &one
, sizeof(one
));
1656 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1662 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1668 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1674 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1680 r
= bind(m
->llmnr_ipv6_tcp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1686 r
= listen(m
->llmnr_ipv6_tcp_fd
, SOMAXCONN
);
1692 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_tcp_event_source
, m
->llmnr_ipv6_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1698 return m
->llmnr_ipv6_tcp_fd
;
1701 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
1705 int manager_find_ifindex(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1710 a
= manager_find_link_address(m
, family
, in_addr
);
1712 return a
->link
->ifindex
;
1717 void manager_refresh_rrs(Manager
*m
) {
1723 m
->host_ipv4_key
= dns_resource_key_unref(m
->host_ipv4_key
);
1724 m
->host_ipv6_key
= dns_resource_key_unref(m
->host_ipv6_key
);
1726 HASHMAP_FOREACH(l
, m
->links
, i
) {
1727 link_add_rrs(l
, true);
1728 link_add_rrs(l
, false);
1732 int manager_next_hostname(Manager
*m
) {
1739 p
= strchr(m
->hostname
, 0);
1742 while (p
> m
->hostname
) {
1743 if (!strchr("0123456789", p
[-1]))
1749 if (*p
== 0 || safe_atou64(p
, &u
) < 0 || u
<= 0)
1752 /* Add a random number to the old value. This way we can avoid
1753 * that two hosts pick the same hostname, win on IPv4 and lose
1754 * on IPv6 (or vice versa), and pick the same hostname
1755 * replacement hostname, ad infinitum. We still want the
1756 * numbers to go up monotonically, hence we just add a random
1759 random_bytes(&a
, sizeof(a
));
1762 if (asprintf(&h
, "%.*s%" PRIu64
, (int) (p
- m
->hostname
), m
->hostname
, u
) < 0)
1765 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m
->hostname
, h
);
1770 manager_refresh_rrs(m
);
1775 LinkAddress
* manager_find_link_address(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1781 HASHMAP_FOREACH(l
, m
->links
, i
) {
1784 a
= link_find_address(l
, family
, in_addr
);
1792 bool manager_our_packet(Manager
*m
, DnsPacket
*p
) {
1796 return !!manager_find_link_address(m
, p
->family
, &p
->sender
);
1799 DnsScope
* manager_find_scope(Manager
*m
, DnsPacket
*p
) {
1805 l
= hashmap_get(m
->links
, INT_TO_PTR(p
->ifindex
));
1809 if (p
->protocol
== DNS_PROTOCOL_LLMNR
) {
1810 if (p
->family
== AF_INET
)
1811 return l
->llmnr_ipv4_scope
;
1812 else if (p
->family
== AF_INET6
)
1813 return l
->llmnr_ipv6_scope
;
1819 void manager_verify_all(Manager
*m
) {
1824 LIST_FOREACH(scopes
, s
, m
->dns_scopes
)
1825 dns_zone_verify_all(&s
->zone
);
1828 void manager_flush_dns_servers(Manager
*m
, DnsServerType t
) {
1831 if (t
== DNS_SERVER_SYSTEM
)
1832 while (m
->dns_servers
)
1833 dns_server_free(m
->dns_servers
);
1835 if (t
== DNS_SERVER_FALLBACK
)
1836 while (m
->fallback_dns_servers
)
1837 dns_server_free(m
->fallback_dns_servers
);
1840 static const char* const support_table
[_SUPPORT_MAX
] = {
1841 [SUPPORT_NO
] = "no",
1842 [SUPPORT_YES
] = "yes",
1843 [SUPPORT_RESOLVE
] = "resolve",
1845 DEFINE_STRING_TABLE_LOOKUP(support
, Support
);