1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <sys/ioctl.h>
25 #include <netinet/in.h>
27 #include "rtnl-util.h"
28 #include "network-internal.h"
29 #include "socket-util.h"
32 #include "fileio-label.h"
33 #include "ordered-set.h"
35 #include "resolved-dns-domain.h"
36 #include "resolved-conf.h"
37 #include "resolved-bus.h"
38 #include "resolved-manager.h"
40 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
42 static int manager_process_link(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
43 Manager
*m
= userdata
;
52 r
= sd_rtnl_message_get_type(mm
, &type
);
56 r
= sd_rtnl_message_link_get_ifindex(mm
, &ifindex
);
60 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
68 r
= link_new(m
, &l
, ifindex
);
73 r
= link_update_rtnl(l
, mm
);
77 r
= link_update_monitor(l
);
82 log_debug("Found new link %i/%s", ifindex
, l
->name
);
89 log_debug("Removing link %i/%s", l
->ifindex
, l
->name
);
99 log_warning_errno(r
, "Failed to process RTNL link message: %m");
103 static int manager_process_address(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
104 Manager
*m
= userdata
;
105 union in_addr_union address
;
107 int r
, ifindex
, family
;
115 r
= sd_rtnl_message_get_type(mm
, &type
);
119 r
= sd_rtnl_message_addr_get_ifindex(mm
, &ifindex
);
123 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
127 r
= sd_rtnl_message_addr_get_family(mm
, &family
);
134 r
= sd_rtnl_message_read_in_addr(mm
, IFA_LOCAL
, &address
.in
);
136 r
= sd_rtnl_message_read_in_addr(mm
, IFA_ADDRESS
, &address
.in
);
144 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_LOCAL
, &address
.in6
);
146 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_ADDRESS
, &address
.in6
);
157 a
= link_find_address(l
, family
, &address
);
164 r
= link_address_new(l
, &a
, family
, &address
);
169 r
= link_address_update_rtnl(a
, mm
);
177 link_address_free(a
);
184 log_warning_errno(r
, "Failed to process RTNL address message: %m");
188 static int manager_rtnl_listen(Manager
*m
) {
189 _cleanup_rtnl_message_unref_ sd_rtnl_message
*req
= NULL
, *reply
= NULL
;
195 /* First, subscribe to interfaces coming and going */
196 r
= sd_rtnl_open(&m
->rtnl
, 3, RTNLGRP_LINK
, RTNLGRP_IPV4_IFADDR
, RTNLGRP_IPV6_IFADDR
);
200 r
= sd_rtnl_attach_event(m
->rtnl
, m
->event
, 0);
204 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWLINK
, manager_process_link
, m
);
208 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELLINK
, manager_process_link
, m
);
212 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWADDR
, manager_process_address
, m
);
216 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELADDR
, manager_process_address
, m
);
220 /* Then, enumerate all links */
221 r
= sd_rtnl_message_new_link(m
->rtnl
, &req
, RTM_GETLINK
, 0);
225 r
= sd_rtnl_message_request_dump(req
, true);
229 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
233 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
234 r
= manager_process_link(m
->rtnl
, i
, m
);
239 req
= sd_rtnl_message_unref(req
);
240 reply
= sd_rtnl_message_unref(reply
);
242 /* Finally, enumerate all addresses, too */
243 r
= sd_rtnl_message_new_addr(m
->rtnl
, &req
, RTM_GETADDR
, 0, AF_UNSPEC
);
247 r
= sd_rtnl_message_request_dump(req
, true);
251 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
255 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
256 r
= manager_process_address(m
->rtnl
, i
, m
);
264 static int on_network_event(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
265 Manager
*m
= userdata
;
272 sd_network_monitor_flush(m
->network_monitor
);
274 HASHMAP_FOREACH(l
, m
->links
, i
) {
275 r
= link_update_monitor(l
);
277 log_warning_errno(r
, "Failed to update monitor information for %i: %m", l
->ifindex
);
280 r
= manager_write_resolv_conf(m
);
282 log_warning_errno(r
, "Could not update resolv.conf: %m");
287 static int manager_network_monitor_listen(Manager
*m
) {
292 r
= sd_network_monitor_new(&m
->network_monitor
, NULL
);
296 fd
= sd_network_monitor_get_fd(m
->network_monitor
);
300 events
= sd_network_monitor_get_events(m
->network_monitor
);
304 r
= sd_event_add_io(m
->event
, &m
->network_event_source
, fd
, events
, &on_network_event
, m
);
311 static int determine_hostname(char **ret
) {
312 _cleanup_free_
char *h
= NULL
, *n
= NULL
;
317 h
= gethostname_malloc();
321 if (!utf8_is_valid(h
)) {
322 log_error("System hostname is not UTF-8 clean.");
326 r
= dns_name_normalize(h
, &n
);
328 log_error("System hostname '%s' cannot be normalized.", h
);
338 static int on_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
339 _cleanup_free_
char *h
= NULL
;
340 Manager
*m
= userdata
;
345 r
= determine_hostname(&h
);
347 return 0; /* ignore invalid hostnames */
349 if (streq(h
, m
->hostname
))
352 log_info("System hostname changed to '%s'.", h
);
357 manager_refresh_rrs(m
);
362 static int manager_watch_hostname(Manager
*m
) {
367 m
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
368 if (m
->hostname_fd
< 0) {
369 log_warning_errno(errno
, "Failed to watch hostname: %m");
373 r
= sd_event_add_io(m
->event
, &m
->hostname_event_source
, m
->hostname_fd
, 0, on_hostname_change
, m
);
376 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
377 m
->hostname_fd
= safe_close(m
->hostname_fd
);
379 return log_error_errno(r
, "Failed to add hostname event source: %m");
382 r
= determine_hostname(&m
->hostname
);
384 log_info("Defaulting to hostname 'linux'.");
385 m
->hostname
= strdup("linux");
389 log_info("Using system hostname '%s'.", m
->hostname
);
394 static void manager_llmnr_stop(Manager
*m
) {
397 m
->llmnr_ipv4_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_udp_event_source
);
398 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
400 m
->llmnr_ipv6_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_udp_event_source
);
401 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
403 m
->llmnr_ipv4_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_tcp_event_source
);
404 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
406 m
->llmnr_ipv6_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_tcp_event_source
);
407 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
410 static int manager_llmnr_start(Manager
*m
) {
415 if (m
->llmnr_support
== SUPPORT_NO
)
418 r
= manager_llmnr_ipv4_udp_fd(m
);
419 if (r
== -EADDRINUSE
)
424 r
= manager_llmnr_ipv4_tcp_fd(m
);
425 if (r
== -EADDRINUSE
)
430 if (socket_ipv6_is_supported()) {
431 r
= manager_llmnr_ipv6_udp_fd(m
);
432 if (r
== -EADDRINUSE
)
437 r
= manager_llmnr_ipv6_tcp_fd(m
);
438 if (r
== -EADDRINUSE
)
447 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
448 m
->llmnr_support
= SUPPORT_NO
;
449 manager_llmnr_stop(m
);
454 int manager_new(Manager
**ret
) {
455 _cleanup_(manager_freep
) Manager
*m
= NULL
;
460 m
= new0(Manager
, 1);
464 m
->dns_ipv4_fd
= m
->dns_ipv6_fd
= -1;
465 m
->llmnr_ipv4_udp_fd
= m
->llmnr_ipv6_udp_fd
= -1;
466 m
->llmnr_ipv4_tcp_fd
= m
->llmnr_ipv6_tcp_fd
= -1;
469 m
->llmnr_support
= SUPPORT_YES
;
470 m
->read_resolv_conf
= true;
472 r
= manager_parse_dns_server(m
, DNS_SERVER_FALLBACK
, DNS_SERVERS
);
476 r
= sd_event_default(&m
->event
);
480 sd_event_add_signal(m
->event
, NULL
, SIGTERM
, NULL
, NULL
);
481 sd_event_add_signal(m
->event
, NULL
, SIGINT
, NULL
, NULL
);
483 sd_event_set_watchdog(m
->event
, true);
485 r
= manager_watch_hostname(m
);
489 r
= dns_scope_new(m
, &m
->unicast_scope
, NULL
, DNS_PROTOCOL_DNS
, AF_UNSPEC
);
493 r
= manager_network_monitor_listen(m
);
497 r
= manager_rtnl_listen(m
);
501 r
= manager_connect_bus(m
);
511 int manager_start(Manager
*m
) {
516 r
= manager_llmnr_start(m
);
523 Manager
*manager_free(Manager
*m
) {
529 while ((l
= hashmap_first(m
->links
)))
532 while (m
->dns_queries
)
533 dns_query_free(m
->dns_queries
);
535 dns_scope_free(m
->unicast_scope
);
537 manager_flush_dns_servers(m
, DNS_SERVER_SYSTEM
);
538 manager_flush_dns_servers(m
, DNS_SERVER_FALLBACK
);
540 hashmap_free(m
->links
);
541 hashmap_free(m
->dns_transactions
);
543 sd_event_source_unref(m
->network_event_source
);
544 sd_network_monitor_unref(m
->network_monitor
);
546 sd_event_source_unref(m
->dns_ipv4_event_source
);
547 sd_event_source_unref(m
->dns_ipv6_event_source
);
548 safe_close(m
->dns_ipv4_fd
);
549 safe_close(m
->dns_ipv6_fd
);
551 manager_llmnr_stop(m
);
553 sd_bus_slot_unref(m
->prepare_for_sleep_slot
);
554 sd_event_source_unref(m
->bus_retry_event_source
);
555 sd_bus_unref(m
->bus
);
557 sd_event_unref(m
->event
);
559 dns_resource_key_unref(m
->host_ipv4_key
);
560 dns_resource_key_unref(m
->host_ipv6_key
);
562 safe_close(m
->hostname_fd
);
563 sd_event_source_unref(m
->hostname_event_source
);
571 int manager_read_resolv_conf(Manager
*m
) {
572 _cleanup_fclose_
FILE *f
= NULL
;
581 /* Reads the system /etc/resolv.conf, if it exists and is not
582 * symlinked to our own resolv.conf instance */
584 if (!m
->read_resolv_conf
)
587 r
= stat("/etc/resolv.conf", &st
);
590 log_warning_errno(errno
, "Failed to open /etc/resolv.conf: %m");
595 /* Have we already seen the file? */
596 t
= timespec_load(&st
.st_mtim
);
597 if (t
== m
->resolv_conf_mtime
)
600 m
->resolv_conf_mtime
= t
;
602 /* Is it symlinked to our own file? */
603 if (stat("/run/systemd/resolve/resolv.conf", &own
) >= 0 &&
604 st
.st_dev
== own
.st_dev
&&
605 st
.st_ino
== own
.st_ino
) {
610 f
= fopen("/etc/resolv.conf", "re");
613 log_warning_errno(errno
, "Failed to open /etc/resolv.conf: %m");
618 if (fstat(fileno(f
), &st
) < 0) {
619 log_error_errno(errno
, "Failed to stat open file: %m");
624 LIST_FOREACH(servers
, s
, m
->dns_servers
)
627 FOREACH_LINE(line
, f
, r
= -errno
; goto clear
) {
628 union in_addr_union address
;
636 if (*l
== '#' || *l
== ';')
639 a
= first_word(l
, "nameserver");
643 r
= in_addr_from_string_auto(a
, &family
, &address
);
645 log_warning("Failed to parse name server %s.", a
);
649 LIST_FOREACH(servers
, s
, m
->dns_servers
)
650 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, &address
) > 0)
656 r
= dns_server_new(m
, NULL
, DNS_SERVER_SYSTEM
, NULL
, family
, &address
);
662 LIST_FOREACH_SAFE(servers
, s
, nx
, m
->dns_servers
)
666 /* Whenever /etc/resolv.conf changes, start using the first
667 * DNS server of it. This is useful to deal with broken
668 * network managing implementations (like NetworkManager),
669 * that when connecting to a VPN place both the VPN DNS
670 * servers and the local ones in /etc/resolv.conf. Without
671 * resetting the DNS server to use back to the first entry we
672 * will continue to use the local one thus being unable to
673 * resolve VPN domains. */
674 manager_set_dns_server(m
, m
->dns_servers
);
679 while (m
->dns_servers
)
680 dns_server_free(m
->dns_servers
);
685 static void write_resolv_conf_server(DnsServer
*s
, FILE *f
, unsigned *count
) {
686 _cleanup_free_
char *t
= NULL
;
693 r
= in_addr_to_string(s
->family
, &s
->address
, &t
);
695 log_warning_errno(r
, "Invalid DNS address. Ignoring: %m");
700 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f
);
702 fprintf(f
, "nameserver %s\n", t
);
706 static void write_resolv_conf_search(
707 const char *domain
, FILE *f
,
715 if (*count
>= MAXDNSRCH
||
716 *length
+ strlen(domain
) > 256) {
717 if (*count
== MAXDNSRCH
)
718 fputs(" # Too many search domains configured, remaining ones ignored.", f
);
720 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f
);
725 fprintf(f
, " %s", domain
);
727 (*length
) += strlen(domain
);
731 static int write_resolv_conf_contents(FILE *f
, OrderedSet
*dns
, OrderedSet
*domains
) {
734 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
735 "# Third party programs must not access this file directly, but\n"
736 "# only through the symlink at /etc/resolv.conf. To manage\n"
737 "# resolv.conf(5) in a different way, replace the symlink by a\n"
738 "# static file or a different symlink.\n\n", f
);
740 if (ordered_set_isempty(dns
))
741 fputs("# No DNS servers known.\n", f
);
746 ORDERED_SET_FOREACH(s
, dns
, i
)
747 write_resolv_conf_server(s
, f
, &count
);
750 if (!ordered_set_isempty(domains
)) {
751 unsigned length
= 0, count
= 0;
755 ORDERED_SET_FOREACH(domain
, domains
, i
)
756 write_resolv_conf_search(domain
, f
, &count
, &length
);
760 return fflush_and_check(f
);
763 int manager_write_resolv_conf(Manager
*m
) {
764 static const char path
[] = "/run/systemd/resolve/resolv.conf";
765 _cleanup_free_
char *temp_path
= NULL
;
766 _cleanup_fclose_
FILE *f
= NULL
;
767 _cleanup_ordered_set_free_ OrderedSet
*dns
= NULL
, *domains
= NULL
;
775 /* Read the system /etc/resolv.conf first */
776 manager_read_resolv_conf(m
);
778 /* Add the full list to a set, to filter out duplicates */
779 dns
= ordered_set_new(&dns_server_hash_ops
);
783 domains
= ordered_set_new(&dns_name_hash_ops
);
787 /* First add the system-wide servers */
788 LIST_FOREACH(servers
, s
, m
->dns_servers
) {
789 r
= ordered_set_put(dns
, s
);
796 /* Then, add the per-link servers and domains */
797 HASHMAP_FOREACH(l
, m
->links
, i
) {
800 LIST_FOREACH(servers
, s
, l
->dns_servers
) {
801 r
= ordered_set_put(dns
, s
);
808 if (!l
->unicast_scope
)
811 STRV_FOREACH(domain
, l
->unicast_scope
->domains
) {
812 r
= ordered_set_put(domains
, *domain
);
820 /* If we found nothing, add the fallback servers */
821 if (ordered_set_isempty(dns
)) {
822 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
) {
823 r
= ordered_set_put(dns
, s
);
831 r
= fopen_temporary_label(path
, path
, &f
, &temp_path
);
835 fchmod(fileno(f
), 0644);
837 r
= write_resolv_conf_contents(f
, dns
, domains
);
841 if (rename(temp_path
, path
) < 0) {
850 (void) unlink(temp_path
);
854 int manager_recv(Manager
*m
, int fd
, DnsProtocol protocol
, DnsPacket
**ret
) {
855 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
857 struct cmsghdr header
; /* For alignment */
858 uint8_t buffer
[CMSG_SPACE(MAXSIZE(struct in_pktinfo
, struct in6_pktinfo
))
859 + CMSG_SPACE(int) /* ttl/hoplimit */
860 + EXTRA_CMSG_SPACE
/* kernel appears to require extra buffer space */];
862 union sockaddr_union sa
;
863 struct msghdr mh
= {};
864 struct cmsghdr
*cmsg
;
873 r
= ioctl(fd
, FIONREAD
, &ms
);
879 r
= dns_packet_new(&p
, protocol
, ms
);
883 iov
.iov_base
= DNS_PACKET_DATA(p
);
884 iov
.iov_len
= p
->allocated
;
886 mh
.msg_name
= &sa
.sa
;
887 mh
.msg_namelen
= sizeof(sa
);
890 mh
.msg_control
= &control
;
891 mh
.msg_controllen
= sizeof(control
);
893 l
= recvmsg(fd
, &mh
, 0);
895 if (errno
== EAGAIN
|| errno
== EINTR
)
904 assert(!(mh
.msg_flags
& MSG_CTRUNC
));
905 assert(!(mh
.msg_flags
& MSG_TRUNC
));
907 p
->size
= (size_t) l
;
909 p
->family
= sa
.sa
.sa_family
;
910 p
->ipproto
= IPPROTO_UDP
;
911 if (p
->family
== AF_INET
) {
912 p
->sender
.in
= sa
.in
.sin_addr
;
913 p
->sender_port
= be16toh(sa
.in
.sin_port
);
914 } else if (p
->family
== AF_INET6
) {
915 p
->sender
.in6
= sa
.in6
.sin6_addr
;
916 p
->sender_port
= be16toh(sa
.in6
.sin6_port
);
917 p
->ifindex
= sa
.in6
.sin6_scope_id
;
919 return -EAFNOSUPPORT
;
921 for (cmsg
= CMSG_FIRSTHDR(&mh
); cmsg
; cmsg
= CMSG_NXTHDR(&mh
, cmsg
)) {
923 if (cmsg
->cmsg_level
== IPPROTO_IPV6
) {
924 assert(p
->family
== AF_INET6
);
926 switch (cmsg
->cmsg_type
) {
929 struct in6_pktinfo
*i
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
932 p
->ifindex
= i
->ipi6_ifindex
;
934 p
->destination
.in6
= i
->ipi6_addr
;
939 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
943 } else if (cmsg
->cmsg_level
== IPPROTO_IP
) {
944 assert(p
->family
== AF_INET
);
946 switch (cmsg
->cmsg_type
) {
949 struct in_pktinfo
*i
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
952 p
->ifindex
= i
->ipi_ifindex
;
954 p
->destination
.in
= i
->ipi_addr
;
959 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
965 /* The Linux kernel sets the interface index to the loopback
966 * device if the packet came from the local host since it
967 * avoids the routing table in such a case. Let's unset the
968 * interface index in such a case. */
969 if (p
->ifindex
== LOOPBACK_IFINDEX
)
972 /* If we don't know the interface index still, we look for the
973 * first local interface with a matching address. Yuck! */
975 p
->ifindex
= manager_find_ifindex(m
, p
->family
, &p
->destination
);
983 static int on_dns_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
984 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
985 DnsTransaction
*t
= NULL
;
986 Manager
*m
= userdata
;
989 r
= manager_recv(m
, fd
, DNS_PROTOCOL_DNS
, &p
);
993 if (dns_packet_validate_reply(p
) > 0) {
994 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
998 dns_transaction_process_reply(t
, p
);
1001 log_debug("Invalid DNS packet.");
1006 int manager_dns_ipv4_fd(Manager
*m
) {
1012 if (m
->dns_ipv4_fd
>= 0)
1013 return m
->dns_ipv4_fd
;
1015 m
->dns_ipv4_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1016 if (m
->dns_ipv4_fd
< 0)
1019 r
= setsockopt(m
->dns_ipv4_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1025 r
= sd_event_add_io(m
->event
, &m
->dns_ipv4_event_source
, m
->dns_ipv4_fd
, EPOLLIN
, on_dns_packet
, m
);
1029 return m
->dns_ipv4_fd
;
1032 m
->dns_ipv4_fd
= safe_close(m
->dns_ipv4_fd
);
1036 int manager_dns_ipv6_fd(Manager
*m
) {
1042 if (m
->dns_ipv6_fd
>= 0)
1043 return m
->dns_ipv6_fd
;
1045 m
->dns_ipv6_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1046 if (m
->dns_ipv6_fd
< 0)
1049 r
= setsockopt(m
->dns_ipv6_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1055 r
= sd_event_add_io(m
->event
, &m
->dns_ipv6_event_source
, m
->dns_ipv6_fd
, EPOLLIN
, on_dns_packet
, m
);
1059 return m
->dns_ipv6_fd
;
1062 m
->dns_ipv6_fd
= safe_close(m
->dns_ipv6_fd
);
1066 static int sendmsg_loop(int fd
, struct msghdr
*mh
, int flags
) {
1073 if (sendmsg(fd
, mh
, flags
) >= 0)
1079 if (errno
!= EAGAIN
)
1082 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
1090 static int manager_ipv4_send(Manager
*m
, int fd
, int ifindex
, const struct in_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
1091 union sockaddr_union sa
= {
1092 .in
.sin_family
= AF_INET
,
1095 struct cmsghdr header
; /* For alignment */
1096 uint8_t buffer
[CMSG_SPACE(sizeof(struct in_pktinfo
))];
1098 struct msghdr mh
= {};
1107 iov
.iov_base
= DNS_PACKET_DATA(p
);
1108 iov
.iov_len
= p
->size
;
1110 sa
.in
.sin_addr
= *addr
;
1111 sa
.in
.sin_port
= htobe16(port
),
1115 mh
.msg_name
= &sa
.sa
;
1116 mh
.msg_namelen
= sizeof(sa
.in
);
1119 struct cmsghdr
*cmsg
;
1120 struct in_pktinfo
*pi
;
1124 mh
.msg_control
= &control
;
1125 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in_pktinfo
));
1127 cmsg
= CMSG_FIRSTHDR(&mh
);
1128 cmsg
->cmsg_len
= mh
.msg_controllen
;
1129 cmsg
->cmsg_level
= IPPROTO_IP
;
1130 cmsg
->cmsg_type
= IP_PKTINFO
;
1132 pi
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
1133 pi
->ipi_ifindex
= ifindex
;
1136 return sendmsg_loop(fd
, &mh
, 0);
1139 static int manager_ipv6_send(Manager
*m
, int fd
, int ifindex
, const struct in6_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
1140 union sockaddr_union sa
= {
1141 .in6
.sin6_family
= AF_INET6
,
1144 struct cmsghdr header
; /* For alignment */
1145 uint8_t buffer
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
1147 struct msghdr mh
= {};
1156 iov
.iov_base
= DNS_PACKET_DATA(p
);
1157 iov
.iov_len
= p
->size
;
1159 sa
.in6
.sin6_addr
= *addr
;
1160 sa
.in6
.sin6_port
= htobe16(port
),
1161 sa
.in6
.sin6_scope_id
= ifindex
;
1165 mh
.msg_name
= &sa
.sa
;
1166 mh
.msg_namelen
= sizeof(sa
.in6
);
1169 struct cmsghdr
*cmsg
;
1170 struct in6_pktinfo
*pi
;
1174 mh
.msg_control
= &control
;
1175 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in6_pktinfo
));
1177 cmsg
= CMSG_FIRSTHDR(&mh
);
1178 cmsg
->cmsg_len
= mh
.msg_controllen
;
1179 cmsg
->cmsg_level
= IPPROTO_IPV6
;
1180 cmsg
->cmsg_type
= IPV6_PKTINFO
;
1182 pi
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
1183 pi
->ipi6_ifindex
= ifindex
;
1186 return sendmsg_loop(fd
, &mh
, 0);
1189 int manager_send(Manager
*m
, int fd
, int ifindex
, int family
, const union in_addr_union
*addr
, uint16_t port
, DnsPacket
*p
) {
1196 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
), ifindex
, af_to_name(family
));
1198 if (family
== AF_INET
)
1199 return manager_ipv4_send(m
, fd
, ifindex
, &addr
->in
, port
, p
);
1200 else if (family
== AF_INET6
)
1201 return manager_ipv6_send(m
, fd
, ifindex
, &addr
->in6
, port
, p
);
1203 return -EAFNOSUPPORT
;
1206 DnsServer
* manager_find_dns_server(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1212 LIST_FOREACH(servers
, s
, m
->dns_servers
)
1213 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1216 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
)
1217 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1223 DnsServer
*manager_set_dns_server(Manager
*m
, DnsServer
*s
) {
1226 if (m
->current_dns_server
== s
)
1230 _cleanup_free_
char *ip
= NULL
;
1232 in_addr_to_string(s
->family
, &s
->address
, &ip
);
1233 log_info("Switching to system DNS server %s.", strna(ip
));
1236 m
->current_dns_server
= s
;
1238 if (m
->unicast_scope
)
1239 dns_cache_flush(&m
->unicast_scope
->cache
);
1244 DnsServer
*manager_get_dns_server(Manager
*m
) {
1248 /* Try to read updates resolv.conf */
1249 manager_read_resolv_conf(m
);
1251 if (!m
->current_dns_server
)
1252 manager_set_dns_server(m
, m
->dns_servers
);
1254 if (!m
->current_dns_server
) {
1258 /* No DNS servers configured, let's see if there are
1259 * any on any links. If not, we use the fallback
1262 HASHMAP_FOREACH(l
, m
->links
, i
)
1263 if (l
->dns_servers
) {
1269 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1272 return m
->current_dns_server
;
1275 void manager_next_dns_server(Manager
*m
) {
1278 /* If there's currently no DNS server set, then the next
1279 * manager_get_dns_server() will find one */
1280 if (!m
->current_dns_server
)
1283 /* Change to the next one */
1284 if (m
->current_dns_server
->servers_next
) {
1285 manager_set_dns_server(m
, m
->current_dns_server
->servers_next
);
1289 /* If there was no next one, then start from the beginning of
1291 if (m
->current_dns_server
->type
== DNS_SERVER_FALLBACK
)
1292 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1294 manager_set_dns_server(m
, m
->dns_servers
);
1297 uint32_t manager_find_mtu(Manager
*m
) {
1302 /* If we don't know on which link a DNS packet would be
1303 * delivered, let's find the largest MTU that works on all
1304 * interfaces we know of */
1306 HASHMAP_FOREACH(l
, m
->links
, i
) {
1310 if (mtu
<= 0 || l
->mtu
< mtu
)
1317 static int on_llmnr_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1318 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
1319 DnsTransaction
*t
= NULL
;
1320 Manager
*m
= userdata
;
1324 r
= manager_recv(m
, fd
, DNS_PROTOCOL_LLMNR
, &p
);
1328 scope
= manager_find_scope(m
, p
);
1330 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1334 if (dns_packet_validate_reply(p
) > 0) {
1335 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p
));
1337 dns_scope_check_conflicts(scope
, p
);
1339 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
1341 dns_transaction_process_reply(t
, p
);
1343 } else if (dns_packet_validate_query(p
) > 0) {
1344 log_debug("Got query packet for id %u", DNS_PACKET_ID(p
));
1346 dns_scope_process_query(scope
, NULL
, p
);
1348 log_debug("Invalid LLMNR UDP packet.");
1353 int manager_llmnr_ipv4_udp_fd(Manager
*m
) {
1354 union sockaddr_union sa
= {
1355 .in
.sin_family
= AF_INET
,
1356 .in
.sin_port
= htobe16(5355),
1358 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
, ttl
= 255;
1363 if (m
->llmnr_ipv4_udp_fd
>= 0)
1364 return m
->llmnr_ipv4_udp_fd
;
1366 m
->llmnr_ipv4_udp_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1367 if (m
->llmnr_ipv4_udp_fd
< 0)
1370 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1371 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_TTL
, &ttl
, sizeof(ttl
));
1377 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_TTL
, &ttl
, sizeof(ttl
));
1383 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_LOOP
, &one
, sizeof(one
));
1389 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1395 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1401 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1407 /* Disable Don't-Fragment bit in the IP header */
1408 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1414 r
= bind(m
->llmnr_ipv4_udp_fd
, &sa
.sa
, sizeof(sa
.in
));
1420 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_udp_event_source
, m
->llmnr_ipv4_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1424 return m
->llmnr_ipv4_udp_fd
;
1427 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
1431 int manager_llmnr_ipv6_udp_fd(Manager
*m
) {
1432 union sockaddr_union sa
= {
1433 .in6
.sin6_family
= AF_INET6
,
1434 .in6
.sin6_port
= htobe16(5355),
1436 static const int one
= 1, ttl
= 255;
1441 if (m
->llmnr_ipv6_udp_fd
>= 0)
1442 return m
->llmnr_ipv6_udp_fd
;
1444 m
->llmnr_ipv6_udp_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1445 if (m
->llmnr_ipv6_udp_fd
< 0)
1448 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &ttl
, sizeof(ttl
));
1454 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1455 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_HOPS
, &ttl
, sizeof(ttl
));
1461 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_LOOP
, &one
, sizeof(one
));
1467 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1473 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1479 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1485 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1491 r
= bind(m
->llmnr_ipv6_udp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1497 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_udp_event_source
, m
->llmnr_ipv6_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1503 return m
->llmnr_ipv6_udp_fd
;
1506 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
1510 static int on_llmnr_stream_packet(DnsStream
*s
) {
1515 scope
= manager_find_scope(s
->manager
, s
->read_packet
);
1517 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1521 if (dns_packet_validate_query(s
->read_packet
) > 0) {
1522 log_debug("Got query packet for id %u", DNS_PACKET_ID(s
->read_packet
));
1524 dns_scope_process_query(scope
, s
, s
->read_packet
);
1526 /* If no reply packet was set, we free the stream */
1527 if (s
->write_packet
)
1530 log_debug("Invalid LLMNR TCP packet.");
1536 static int on_llmnr_stream(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1538 Manager
*m
= userdata
;
1541 cfd
= accept4(fd
, NULL
, NULL
, SOCK_NONBLOCK
|SOCK_CLOEXEC
);
1543 if (errno
== EAGAIN
|| errno
== EINTR
)
1549 r
= dns_stream_new(m
, &stream
, DNS_PROTOCOL_LLMNR
, cfd
);
1555 stream
->on_packet
= on_llmnr_stream_packet
;
1559 int manager_llmnr_ipv4_tcp_fd(Manager
*m
) {
1560 union sockaddr_union sa
= {
1561 .in
.sin_family
= AF_INET
,
1562 .in
.sin_port
= htobe16(5355),
1564 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
;
1569 if (m
->llmnr_ipv4_tcp_fd
>= 0)
1570 return m
->llmnr_ipv4_tcp_fd
;
1572 m
->llmnr_ipv4_tcp_fd
= socket(AF_INET
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1573 if (m
->llmnr_ipv4_tcp_fd
< 0)
1576 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1577 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_TTL
, &one
, sizeof(one
));
1583 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1589 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1595 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1601 /* Disable Don't-Fragment bit in the IP header */
1602 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1608 r
= bind(m
->llmnr_ipv4_tcp_fd
, &sa
.sa
, sizeof(sa
.in
));
1614 r
= listen(m
->llmnr_ipv4_tcp_fd
, SOMAXCONN
);
1620 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_tcp_event_source
, m
->llmnr_ipv4_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1624 return m
->llmnr_ipv4_tcp_fd
;
1627 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
1631 int manager_llmnr_ipv6_tcp_fd(Manager
*m
) {
1632 union sockaddr_union sa
= {
1633 .in6
.sin6_family
= AF_INET6
,
1634 .in6
.sin6_port
= htobe16(5355),
1636 static const int one
= 1;
1641 if (m
->llmnr_ipv6_tcp_fd
>= 0)
1642 return m
->llmnr_ipv6_tcp_fd
;
1644 m
->llmnr_ipv6_tcp_fd
= socket(AF_INET6
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1645 if (m
->llmnr_ipv6_tcp_fd
< 0)
1648 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1649 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &one
, sizeof(one
));
1655 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1661 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1667 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1673 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1679 r
= bind(m
->llmnr_ipv6_tcp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1685 r
= listen(m
->llmnr_ipv6_tcp_fd
, SOMAXCONN
);
1691 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_tcp_event_source
, m
->llmnr_ipv6_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1697 return m
->llmnr_ipv6_tcp_fd
;
1700 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
1704 int manager_find_ifindex(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1709 a
= manager_find_link_address(m
, family
, in_addr
);
1711 return a
->link
->ifindex
;
1716 void manager_refresh_rrs(Manager
*m
) {
1722 m
->host_ipv4_key
= dns_resource_key_unref(m
->host_ipv4_key
);
1723 m
->host_ipv6_key
= dns_resource_key_unref(m
->host_ipv6_key
);
1725 HASHMAP_FOREACH(l
, m
->links
, i
) {
1726 link_add_rrs(l
, true);
1727 link_add_rrs(l
, false);
1731 int manager_next_hostname(Manager
*m
) {
1738 p
= strchr(m
->hostname
, 0);
1741 while (p
> m
->hostname
) {
1742 if (!strchr("0123456789", p
[-1]))
1748 if (*p
== 0 || safe_atou64(p
, &u
) < 0 || u
<= 0)
1751 /* Add a random number to the old value. This way we can avoid
1752 * that two hosts pick the same hostname, win on IPv4 and lose
1753 * on IPv6 (or vice versa), and pick the same hostname
1754 * replacement hostname, ad infinitum. We still want the
1755 * numbers to go up monotonically, hence we just add a random
1758 random_bytes(&a
, sizeof(a
));
1761 if (asprintf(&h
, "%.*s%" PRIu64
, (int) (p
- m
->hostname
), m
->hostname
, u
) < 0)
1764 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m
->hostname
, h
);
1769 manager_refresh_rrs(m
);
1774 LinkAddress
* manager_find_link_address(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1780 HASHMAP_FOREACH(l
, m
->links
, i
) {
1783 a
= link_find_address(l
, family
, in_addr
);
1791 bool manager_our_packet(Manager
*m
, DnsPacket
*p
) {
1795 return !!manager_find_link_address(m
, p
->family
, &p
->sender
);
1798 DnsScope
* manager_find_scope(Manager
*m
, DnsPacket
*p
) {
1804 l
= hashmap_get(m
->links
, INT_TO_PTR(p
->ifindex
));
1808 if (p
->protocol
== DNS_PROTOCOL_LLMNR
) {
1809 if (p
->family
== AF_INET
)
1810 return l
->llmnr_ipv4_scope
;
1811 else if (p
->family
== AF_INET6
)
1812 return l
->llmnr_ipv6_scope
;
1818 void manager_verify_all(Manager
*m
) {
1823 LIST_FOREACH(scopes
, s
, m
->dns_scopes
)
1824 dns_zone_verify_all(&s
->zone
);
1827 void manager_flush_dns_servers(Manager
*m
, DnsServerType t
) {
1830 if (t
== DNS_SERVER_SYSTEM
)
1831 while (m
->dns_servers
)
1832 dns_server_free(m
->dns_servers
);
1834 if (t
== DNS_SERVER_FALLBACK
)
1835 while (m
->fallback_dns_servers
)
1836 dns_server_free(m
->fallback_dns_servers
);
1839 static const char* const support_table
[_SUPPORT_MAX
] = {
1840 [SUPPORT_NO
] = "no",
1841 [SUPPORT_YES
] = "yes",
1842 [SUPPORT_RESOLVE
] = "resolve",
1844 DEFINE_STRING_TABLE_LOOKUP(support
, Support
);