]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
resolved: reference count the dns servers
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <resolv.h>
23 #include <sys/ioctl.h>
24 #include <poll.h>
25 #include <netinet/in.h>
26
27 #include "netlink-util.h"
28 #include "network-internal.h"
29 #include "socket-util.h"
30 #include "af-list.h"
31 #include "utf8.h"
32 #include "fileio-label.h"
33 #include "ordered-set.h"
34 #include "random-util.h"
35 #include "hostname-util.h"
36
37 #include "dns-domain.h"
38 #include "resolved-conf.h"
39 #include "resolved-bus.h"
40 #include "resolved-manager.h"
41 #include "resolved-llmnr.h"
42
43 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
44
45 static int manager_process_link(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
46 Manager *m = userdata;
47 uint16_t type;
48 Link *l;
49 int ifindex, r;
50
51 assert(rtnl);
52 assert(m);
53 assert(mm);
54
55 r = sd_netlink_message_get_type(mm, &type);
56 if (r < 0)
57 goto fail;
58
59 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
60 if (r < 0)
61 goto fail;
62
63 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
64
65 switch (type) {
66
67 case RTM_NEWLINK:{
68 bool is_new = !l;
69
70 if (!l) {
71 r = link_new(m, &l, ifindex);
72 if (r < 0)
73 goto fail;
74 }
75
76 r = link_update_rtnl(l, mm);
77 if (r < 0)
78 goto fail;
79
80 r = link_update_monitor(l);
81 if (r < 0)
82 goto fail;
83
84 if (is_new)
85 log_debug("Found new link %i/%s", ifindex, l->name);
86
87 break;
88 }
89
90 case RTM_DELLINK:
91 if (l) {
92 log_debug("Removing link %i/%s", l->ifindex, l->name);
93 link_free(l);
94 }
95
96 break;
97 }
98
99 return 0;
100
101 fail:
102 log_warning_errno(r, "Failed to process RTNL link message: %m");
103 return 0;
104 }
105
106 static int manager_process_address(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
107 Manager *m = userdata;
108 union in_addr_union address;
109 uint16_t type;
110 int r, ifindex, family;
111 LinkAddress *a;
112 Link *l;
113
114 assert(rtnl);
115 assert(mm);
116 assert(m);
117
118 r = sd_netlink_message_get_type(mm, &type);
119 if (r < 0)
120 goto fail;
121
122 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
123 if (r < 0)
124 goto fail;
125
126 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
127 if (!l)
128 return 0;
129
130 r = sd_rtnl_message_addr_get_family(mm, &family);
131 if (r < 0)
132 goto fail;
133
134 switch (family) {
135
136 case AF_INET:
137 r = sd_netlink_message_read_in_addr(mm, IFA_LOCAL, &address.in);
138 if (r < 0) {
139 r = sd_netlink_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
140 if (r < 0)
141 goto fail;
142 }
143
144 break;
145
146 case AF_INET6:
147 r = sd_netlink_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
148 if (r < 0) {
149 r = sd_netlink_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
150 if (r < 0)
151 goto fail;
152 }
153
154 break;
155
156 default:
157 return 0;
158 }
159
160 a = link_find_address(l, family, &address);
161
162 switch (type) {
163
164 case RTM_NEWADDR:
165
166 if (!a) {
167 r = link_address_new(l, &a, family, &address);
168 if (r < 0)
169 return r;
170 }
171
172 r = link_address_update_rtnl(a, mm);
173 if (r < 0)
174 return r;
175
176 break;
177
178 case RTM_DELADDR:
179 if (a)
180 link_address_free(a);
181 break;
182 }
183
184 return 0;
185
186 fail:
187 log_warning_errno(r, "Failed to process RTNL address message: %m");
188 return 0;
189 }
190
191 static int manager_rtnl_listen(Manager *m) {
192 _cleanup_netlink_message_unref_ sd_netlink_message *req = NULL, *reply = NULL;
193 sd_netlink_message *i;
194 int r;
195
196 assert(m);
197
198 /* First, subscribe to interfaces coming and going */
199 r = sd_netlink_open(&m->rtnl);
200 if (r < 0)
201 return r;
202
203 r = sd_netlink_attach_event(m->rtnl, m->event, 0);
204 if (r < 0)
205 return r;
206
207 r = sd_netlink_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
208 if (r < 0)
209 return r;
210
211 r = sd_netlink_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
212 if (r < 0)
213 return r;
214
215 r = sd_netlink_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
216 if (r < 0)
217 return r;
218
219 r = sd_netlink_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
220 if (r < 0)
221 return r;
222
223 /* Then, enumerate all links */
224 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
225 if (r < 0)
226 return r;
227
228 r = sd_netlink_message_request_dump(req, true);
229 if (r < 0)
230 return r;
231
232 r = sd_netlink_call(m->rtnl, req, 0, &reply);
233 if (r < 0)
234 return r;
235
236 for (i = reply; i; i = sd_netlink_message_next(i)) {
237 r = manager_process_link(m->rtnl, i, m);
238 if (r < 0)
239 return r;
240 }
241
242 req = sd_netlink_message_unref(req);
243 reply = sd_netlink_message_unref(reply);
244
245 /* Finally, enumerate all addresses, too */
246 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
247 if (r < 0)
248 return r;
249
250 r = sd_netlink_message_request_dump(req, true);
251 if (r < 0)
252 return r;
253
254 r = sd_netlink_call(m->rtnl, req, 0, &reply);
255 if (r < 0)
256 return r;
257
258 for (i = reply; i; i = sd_netlink_message_next(i)) {
259 r = manager_process_address(m->rtnl, i, m);
260 if (r < 0)
261 return r;
262 }
263
264 return r;
265 }
266
267 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
268 Manager *m = userdata;
269 Iterator i;
270 Link *l;
271 int r;
272
273 assert(m);
274
275 sd_network_monitor_flush(m->network_monitor);
276
277 HASHMAP_FOREACH(l, m->links, i) {
278 r = link_update_monitor(l);
279 if (r < 0)
280 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
281 }
282
283 r = manager_write_resolv_conf(m);
284 if (r < 0)
285 log_warning_errno(r, "Could not update resolv.conf: %m");
286
287 return 0;
288 }
289
290 static int manager_network_monitor_listen(Manager *m) {
291 int r, fd, events;
292
293 assert(m);
294
295 r = sd_network_monitor_new(&m->network_monitor, NULL);
296 if (r < 0)
297 return r;
298
299 fd = sd_network_monitor_get_fd(m->network_monitor);
300 if (fd < 0)
301 return fd;
302
303 events = sd_network_monitor_get_events(m->network_monitor);
304 if (events < 0)
305 return events;
306
307 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
308 if (r < 0)
309 return r;
310
311 return 0;
312 }
313
314 static int determine_hostname(char **ret) {
315 _cleanup_free_ char *h = NULL, *n = NULL;
316 int r;
317
318 assert(ret);
319
320 h = gethostname_malloc();
321 if (!h)
322 return log_oom();
323
324 if (!utf8_is_valid(h)) {
325 log_error("System hostname is not UTF-8 clean.");
326 return -EINVAL;
327 }
328
329 r = dns_name_normalize(h, &n);
330 if (r < 0) {
331 log_error("System hostname '%s' cannot be normalized.", h);
332 return r;
333 }
334
335 *ret = n;
336 n = NULL;
337
338 return 0;
339 }
340
341 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
342 _cleanup_free_ char *h = NULL;
343 Manager *m = userdata;
344 int r;
345
346 assert(m);
347
348 r = determine_hostname(&h);
349 if (r < 0)
350 return 0; /* ignore invalid hostnames */
351
352 if (streq(h, m->hostname))
353 return 0;
354
355 log_info("System hostname changed to '%s'.", h);
356 free(m->hostname);
357 m->hostname = h;
358 h = NULL;
359
360 manager_refresh_rrs(m);
361
362 return 0;
363 }
364
365 static int manager_watch_hostname(Manager *m) {
366 int r;
367
368 assert(m);
369
370 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
371 if (m->hostname_fd < 0) {
372 log_warning_errno(errno, "Failed to watch hostname: %m");
373 return 0;
374 }
375
376 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
377 if (r < 0) {
378 if (r == -EPERM)
379 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
380 m->hostname_fd = safe_close(m->hostname_fd);
381 else
382 return log_error_errno(r, "Failed to add hostname event source: %m");
383 }
384
385 r = determine_hostname(&m->hostname);
386 if (r < 0) {
387 log_info("Defaulting to hostname 'linux'.");
388 m->hostname = strdup("linux");
389 if (!m->hostname)
390 return log_oom();
391 } else
392 log_info("Using system hostname '%s'.", m->hostname);
393
394 return 0;
395 }
396
397 int manager_new(Manager **ret) {
398 _cleanup_(manager_freep) Manager *m = NULL;
399 int r;
400
401 assert(ret);
402
403 m = new0(Manager, 1);
404 if (!m)
405 return -ENOMEM;
406
407 m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
408 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
409 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
410 m->hostname_fd = -1;
411
412 m->llmnr_support = SUPPORT_YES;
413 m->read_resolv_conf = true;
414
415 r = manager_parse_dns_server(m, DNS_SERVER_FALLBACK, DNS_SERVERS);
416 if (r < 0)
417 return r;
418
419 r = sd_event_default(&m->event);
420 if (r < 0)
421 return r;
422
423 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
424 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
425
426 sd_event_set_watchdog(m->event, true);
427
428 r = manager_watch_hostname(m);
429 if (r < 0)
430 return r;
431
432 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
433 if (r < 0)
434 return r;
435
436 r = manager_network_monitor_listen(m);
437 if (r < 0)
438 return r;
439
440 r = manager_rtnl_listen(m);
441 if (r < 0)
442 return r;
443
444 r = manager_connect_bus(m);
445 if (r < 0)
446 return r;
447
448 *ret = m;
449 m = NULL;
450
451 return 0;
452 }
453
454 int manager_start(Manager *m) {
455 int r;
456
457 assert(m);
458
459 r = manager_llmnr_start(m);
460 if (r < 0)
461 return r;
462
463 return 0;
464 }
465
466 Manager *manager_free(Manager *m) {
467 Link *l;
468
469 if (!m)
470 return NULL;
471
472 while ((l = hashmap_first(m->links)))
473 link_free(l);
474
475 while (m->dns_queries)
476 dns_query_free(m->dns_queries);
477
478 manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
479 manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
480
481 dns_scope_free(m->unicast_scope);
482
483 hashmap_free(m->links);
484 hashmap_free(m->dns_transactions);
485
486 sd_event_source_unref(m->network_event_source);
487 sd_network_monitor_unref(m->network_monitor);
488
489 sd_event_source_unref(m->dns_ipv4_event_source);
490 sd_event_source_unref(m->dns_ipv6_event_source);
491 safe_close(m->dns_ipv4_fd);
492 safe_close(m->dns_ipv6_fd);
493
494 manager_llmnr_stop(m);
495
496 sd_bus_slot_unref(m->prepare_for_sleep_slot);
497 sd_event_source_unref(m->bus_retry_event_source);
498 sd_bus_unref(m->bus);
499
500 sd_event_unref(m->event);
501
502 dns_resource_key_unref(m->host_ipv4_key);
503 dns_resource_key_unref(m->host_ipv6_key);
504
505 safe_close(m->hostname_fd);
506 sd_event_source_unref(m->hostname_event_source);
507 free(m->hostname);
508
509 free(m);
510
511 return NULL;
512 }
513
514 int manager_read_resolv_conf(Manager *m) {
515 _cleanup_fclose_ FILE *f = NULL;
516 struct stat st, own;
517 char line[LINE_MAX];
518 DnsServer *s, *nx;
519 usec_t t;
520 int r;
521
522 assert(m);
523
524 /* Reads the system /etc/resolv.conf, if it exists and is not
525 * symlinked to our own resolv.conf instance */
526
527 if (!m->read_resolv_conf)
528 return 0;
529
530 r = stat("/etc/resolv.conf", &st);
531 if (r < 0) {
532 if (errno != ENOENT)
533 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
534 r = -errno;
535 goto clear;
536 }
537
538 /* Have we already seen the file? */
539 t = timespec_load(&st.st_mtim);
540 if (t == m->resolv_conf_mtime)
541 return 0;
542
543 m->resolv_conf_mtime = t;
544
545 /* Is it symlinked to our own file? */
546 if (stat("/run/systemd/resolve/resolv.conf", &own) >= 0 &&
547 st.st_dev == own.st_dev &&
548 st.st_ino == own.st_ino) {
549 r = 0;
550 goto clear;
551 }
552
553 f = fopen("/etc/resolv.conf", "re");
554 if (!f) {
555 if (errno != ENOENT)
556 log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
557 r = -errno;
558 goto clear;
559 }
560
561 if (fstat(fileno(f), &st) < 0) {
562 log_error_errno(errno, "Failed to stat open file: %m");
563 r = -errno;
564 goto clear;
565 }
566
567 LIST_FOREACH(servers, s, m->dns_servers)
568 s->marked = true;
569
570 FOREACH_LINE(line, f, r = -errno; goto clear) {
571 union in_addr_union address;
572 int family;
573 char *l;
574 const char *a;
575
576 truncate_nl(line);
577
578 l = strstrip(line);
579 if (*l == '#' || *l == ';')
580 continue;
581
582 a = first_word(l, "nameserver");
583 if (!a)
584 continue;
585
586 r = in_addr_from_string_auto(a, &family, &address);
587 if (r < 0) {
588 log_warning("Failed to parse name server %s.", a);
589 continue;
590 }
591
592 LIST_FOREACH(servers, s, m->dns_servers)
593 if (s->family == family && in_addr_equal(family, &s->address, &address) > 0)
594 break;
595
596 if (s)
597 s->marked = false;
598 else {
599 r = dns_server_new(m, NULL, DNS_SERVER_SYSTEM, NULL, family, &address);
600 if (r < 0)
601 goto clear;
602 }
603 }
604
605 LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
606 if (s->marked) {
607 LIST_REMOVE(servers, m->dns_servers, s);
608 dns_server_unref(s);
609 }
610
611 /* Whenever /etc/resolv.conf changes, start using the first
612 * DNS server of it. This is useful to deal with broken
613 * network managing implementations (like NetworkManager),
614 * that when connecting to a VPN place both the VPN DNS
615 * servers and the local ones in /etc/resolv.conf. Without
616 * resetting the DNS server to use back to the first entry we
617 * will continue to use the local one thus being unable to
618 * resolve VPN domains. */
619 manager_set_dns_server(m, m->dns_servers);
620
621 return 0;
622
623 clear:
624 while (m->dns_servers) {
625 s = m->dns_servers;
626
627 LIST_REMOVE(servers, m->dns_servers, s);
628 dns_server_unref(s);
629 }
630
631 return r;
632 }
633
634 static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
635 _cleanup_free_ char *t = NULL;
636 int r;
637
638 assert(s);
639 assert(f);
640 assert(count);
641
642 r = in_addr_to_string(s->family, &s->address, &t);
643 if (r < 0) {
644 log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
645 return;
646 }
647
648 if (*count == MAXNS)
649 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f);
650
651 fprintf(f, "nameserver %s\n", t);
652 (*count) ++;
653 }
654
655 static void write_resolv_conf_search(
656 const char *domain, FILE *f,
657 unsigned *count,
658 unsigned *length) {
659
660 assert(domain);
661 assert(f);
662 assert(length);
663
664 if (*count >= MAXDNSRCH ||
665 *length + strlen(domain) > 256) {
666 if (*count == MAXDNSRCH)
667 fputs(" # Too many search domains configured, remaining ones ignored.", f);
668 if (*length <= 256)
669 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
670
671 return;
672 }
673
674 fprintf(f, " %s", domain);
675
676 (*length) += strlen(domain);
677 (*count) ++;
678 }
679
680 static int write_resolv_conf_contents(FILE *f, OrderedSet *dns, OrderedSet *domains) {
681 Iterator i;
682
683 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
684 "# Third party programs must not access this file directly, but\n"
685 "# only through the symlink at /etc/resolv.conf. To manage\n"
686 "# resolv.conf(5) in a different way, replace the symlink by a\n"
687 "# static file or a different symlink.\n\n", f);
688
689 if (ordered_set_isempty(dns))
690 fputs("# No DNS servers known.\n", f);
691 else {
692 DnsServer *s;
693 unsigned count = 0;
694
695 ORDERED_SET_FOREACH(s, dns, i)
696 write_resolv_conf_server(s, f, &count);
697 }
698
699 if (!ordered_set_isempty(domains)) {
700 unsigned length = 0, count = 0;
701 char *domain;
702
703 fputs("search", f);
704 ORDERED_SET_FOREACH(domain, domains, i)
705 write_resolv_conf_search(domain, f, &count, &length);
706 fputs("\n", f);
707 }
708
709 return fflush_and_check(f);
710 }
711
712 int manager_write_resolv_conf(Manager *m) {
713 static const char path[] = "/run/systemd/resolve/resolv.conf";
714 _cleanup_free_ char *temp_path = NULL;
715 _cleanup_fclose_ FILE *f = NULL;
716 _cleanup_ordered_set_free_ OrderedSet *dns = NULL, *domains = NULL;
717 DnsServer *s;
718 Iterator i;
719 Link *l;
720 int r;
721
722 assert(m);
723
724 /* Read the system /etc/resolv.conf first */
725 manager_read_resolv_conf(m);
726
727 /* Add the full list to a set, to filter out duplicates */
728 dns = ordered_set_new(&dns_server_hash_ops);
729 if (!dns)
730 return -ENOMEM;
731
732 domains = ordered_set_new(&dns_name_hash_ops);
733 if (!domains)
734 return -ENOMEM;
735
736 /* First add the system-wide servers */
737 LIST_FOREACH(servers, s, m->dns_servers) {
738 r = ordered_set_put(dns, s);
739 if (r == -EEXIST)
740 continue;
741 if (r < 0)
742 return r;
743 }
744
745 /* Then, add the per-link servers and domains */
746 HASHMAP_FOREACH(l, m->links, i) {
747 char **domain;
748
749 LIST_FOREACH(servers, s, l->dns_servers) {
750 r = ordered_set_put(dns, s);
751 if (r == -EEXIST)
752 continue;
753 if (r < 0)
754 return r;
755 }
756
757 if (!l->unicast_scope)
758 continue;
759
760 STRV_FOREACH(domain, l->unicast_scope->domains) {
761 r = ordered_set_put(domains, *domain);
762 if (r == -EEXIST)
763 continue;
764 if (r < 0)
765 return r;
766 }
767 }
768
769 /* If we found nothing, add the fallback servers */
770 if (ordered_set_isempty(dns)) {
771 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
772 r = ordered_set_put(dns, s);
773 if (r == -EEXIST)
774 continue;
775 if (r < 0)
776 return r;
777 }
778 }
779
780 r = fopen_temporary_label(path, path, &f, &temp_path);
781 if (r < 0)
782 return r;
783
784 fchmod(fileno(f), 0644);
785
786 r = write_resolv_conf_contents(f, dns, domains);
787 if (r < 0)
788 goto fail;
789
790 if (rename(temp_path, path) < 0) {
791 r = -errno;
792 goto fail;
793 }
794
795 return 0;
796
797 fail:
798 (void) unlink(path);
799 (void) unlink(temp_path);
800 return r;
801 }
802
803 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
804 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
805 union {
806 struct cmsghdr header; /* For alignment */
807 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
808 + CMSG_SPACE(int) /* ttl/hoplimit */
809 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
810 } control;
811 union sockaddr_union sa;
812 struct msghdr mh = {};
813 struct cmsghdr *cmsg;
814 struct iovec iov;
815 int ms = 0, r;
816 ssize_t l;
817
818 assert(m);
819 assert(fd >= 0);
820 assert(ret);
821
822 r = ioctl(fd, FIONREAD, &ms);
823 if (r < 0)
824 return -errno;
825 if (ms < 0)
826 return -EIO;
827
828 r = dns_packet_new(&p, protocol, ms);
829 if (r < 0)
830 return r;
831
832 iov.iov_base = DNS_PACKET_DATA(p);
833 iov.iov_len = p->allocated;
834
835 mh.msg_name = &sa.sa;
836 mh.msg_namelen = sizeof(sa);
837 mh.msg_iov = &iov;
838 mh.msg_iovlen = 1;
839 mh.msg_control = &control;
840 mh.msg_controllen = sizeof(control);
841
842 l = recvmsg(fd, &mh, 0);
843 if (l < 0) {
844 if (errno == EAGAIN || errno == EINTR)
845 return 0;
846
847 return -errno;
848 }
849
850 if (l <= 0)
851 return -EIO;
852
853 assert(!(mh.msg_flags & MSG_CTRUNC));
854 assert(!(mh.msg_flags & MSG_TRUNC));
855
856 p->size = (size_t) l;
857
858 p->family = sa.sa.sa_family;
859 p->ipproto = IPPROTO_UDP;
860 if (p->family == AF_INET) {
861 p->sender.in = sa.in.sin_addr;
862 p->sender_port = be16toh(sa.in.sin_port);
863 } else if (p->family == AF_INET6) {
864 p->sender.in6 = sa.in6.sin6_addr;
865 p->sender_port = be16toh(sa.in6.sin6_port);
866 p->ifindex = sa.in6.sin6_scope_id;
867 } else
868 return -EAFNOSUPPORT;
869
870 CMSG_FOREACH(cmsg, &mh) {
871
872 if (cmsg->cmsg_level == IPPROTO_IPV6) {
873 assert(p->family == AF_INET6);
874
875 switch (cmsg->cmsg_type) {
876
877 case IPV6_PKTINFO: {
878 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
879
880 if (p->ifindex <= 0)
881 p->ifindex = i->ipi6_ifindex;
882
883 p->destination.in6 = i->ipi6_addr;
884 break;
885 }
886
887 case IPV6_HOPLIMIT:
888 p->ttl = *(int *) CMSG_DATA(cmsg);
889 break;
890
891 }
892 } else if (cmsg->cmsg_level == IPPROTO_IP) {
893 assert(p->family == AF_INET);
894
895 switch (cmsg->cmsg_type) {
896
897 case IP_PKTINFO: {
898 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
899
900 if (p->ifindex <= 0)
901 p->ifindex = i->ipi_ifindex;
902
903 p->destination.in = i->ipi_addr;
904 break;
905 }
906
907 case IP_TTL:
908 p->ttl = *(int *) CMSG_DATA(cmsg);
909 break;
910 }
911 }
912 }
913
914 /* The Linux kernel sets the interface index to the loopback
915 * device if the packet came from the local host since it
916 * avoids the routing table in such a case. Let's unset the
917 * interface index in such a case. */
918 if (p->ifindex == LOOPBACK_IFINDEX)
919 p->ifindex = 0;
920
921 /* If we don't know the interface index still, we look for the
922 * first local interface with a matching address. Yuck! */
923 if (p->ifindex <= 0)
924 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
925
926 *ret = p;
927 p = NULL;
928
929 return 1;
930 }
931
932 static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
933 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
934 DnsTransaction *t = NULL;
935 Manager *m = userdata;
936 int r;
937
938 r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
939 if (r <= 0)
940 return r;
941
942 if (dns_packet_validate_reply(p) > 0) {
943 t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
944 if (!t)
945 return 0;
946
947 dns_transaction_process_reply(t, p);
948
949 } else
950 log_debug("Invalid DNS packet.");
951
952 return 0;
953 }
954
955 int manager_dns_ipv4_fd(Manager *m) {
956 const int one = 1;
957 int r;
958
959 assert(m);
960
961 if (m->dns_ipv4_fd >= 0)
962 return m->dns_ipv4_fd;
963
964 m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
965 if (m->dns_ipv4_fd < 0)
966 return -errno;
967
968 r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
969 if (r < 0) {
970 r = -errno;
971 goto fail;
972 }
973
974 r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
975 if (r < 0)
976 goto fail;
977
978 return m->dns_ipv4_fd;
979
980 fail:
981 m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
982 return r;
983 }
984
985 int manager_dns_ipv6_fd(Manager *m) {
986 const int one = 1;
987 int r;
988
989 assert(m);
990
991 if (m->dns_ipv6_fd >= 0)
992 return m->dns_ipv6_fd;
993
994 m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
995 if (m->dns_ipv6_fd < 0)
996 return -errno;
997
998 r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
999 if (r < 0) {
1000 r = -errno;
1001 goto fail;
1002 }
1003
1004 r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
1005 if (r < 0)
1006 goto fail;
1007
1008 return m->dns_ipv6_fd;
1009
1010 fail:
1011 m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
1012 return r;
1013 }
1014
1015 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
1016 int r;
1017
1018 assert(fd >= 0);
1019 assert(mh);
1020
1021 for (;;) {
1022 if (sendmsg(fd, mh, flags) >= 0)
1023 return 0;
1024
1025 if (errno == EINTR)
1026 continue;
1027
1028 if (errno != EAGAIN)
1029 return -errno;
1030
1031 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
1032 if (r < 0)
1033 return r;
1034 if (r == 0)
1035 return -ETIMEDOUT;
1036 }
1037 }
1038
1039 static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
1040 union sockaddr_union sa = {
1041 .in.sin_family = AF_INET,
1042 };
1043 union {
1044 struct cmsghdr header; /* For alignment */
1045 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
1046 } control;
1047 struct msghdr mh = {};
1048 struct iovec iov;
1049
1050 assert(m);
1051 assert(fd >= 0);
1052 assert(addr);
1053 assert(port > 0);
1054 assert(p);
1055
1056 iov.iov_base = DNS_PACKET_DATA(p);
1057 iov.iov_len = p->size;
1058
1059 sa.in.sin_addr = *addr;
1060 sa.in.sin_port = htobe16(port),
1061
1062 mh.msg_iov = &iov;
1063 mh.msg_iovlen = 1;
1064 mh.msg_name = &sa.sa;
1065 mh.msg_namelen = sizeof(sa.in);
1066
1067 if (ifindex > 0) {
1068 struct cmsghdr *cmsg;
1069 struct in_pktinfo *pi;
1070
1071 zero(control);
1072
1073 mh.msg_control = &control;
1074 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
1075
1076 cmsg = CMSG_FIRSTHDR(&mh);
1077 cmsg->cmsg_len = mh.msg_controllen;
1078 cmsg->cmsg_level = IPPROTO_IP;
1079 cmsg->cmsg_type = IP_PKTINFO;
1080
1081 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
1082 pi->ipi_ifindex = ifindex;
1083 }
1084
1085 return sendmsg_loop(fd, &mh, 0);
1086 }
1087
1088 static int manager_ipv6_send(Manager *m, int fd, int ifindex, const struct in6_addr *addr, uint16_t port, DnsPacket *p) {
1089 union sockaddr_union sa = {
1090 .in6.sin6_family = AF_INET6,
1091 };
1092 union {
1093 struct cmsghdr header; /* For alignment */
1094 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1095 } control;
1096 struct msghdr mh = {};
1097 struct iovec iov;
1098
1099 assert(m);
1100 assert(fd >= 0);
1101 assert(addr);
1102 assert(port > 0);
1103 assert(p);
1104
1105 iov.iov_base = DNS_PACKET_DATA(p);
1106 iov.iov_len = p->size;
1107
1108 sa.in6.sin6_addr = *addr;
1109 sa.in6.sin6_port = htobe16(port),
1110 sa.in6.sin6_scope_id = ifindex;
1111
1112 mh.msg_iov = &iov;
1113 mh.msg_iovlen = 1;
1114 mh.msg_name = &sa.sa;
1115 mh.msg_namelen = sizeof(sa.in6);
1116
1117 if (ifindex > 0) {
1118 struct cmsghdr *cmsg;
1119 struct in6_pktinfo *pi;
1120
1121 zero(control);
1122
1123 mh.msg_control = &control;
1124 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1125
1126 cmsg = CMSG_FIRSTHDR(&mh);
1127 cmsg->cmsg_len = mh.msg_controllen;
1128 cmsg->cmsg_level = IPPROTO_IPV6;
1129 cmsg->cmsg_type = IPV6_PKTINFO;
1130
1131 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1132 pi->ipi6_ifindex = ifindex;
1133 }
1134
1135 return sendmsg_loop(fd, &mh, 0);
1136 }
1137
1138 int manager_send(Manager *m, int fd, int ifindex, int family, const union in_addr_union *addr, uint16_t port, DnsPacket *p) {
1139 assert(m);
1140 assert(fd >= 0);
1141 assert(addr);
1142 assert(port > 0);
1143 assert(p);
1144
1145 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1146
1147 if (family == AF_INET)
1148 return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
1149 else if (family == AF_INET6)
1150 return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
1151
1152 return -EAFNOSUPPORT;
1153 }
1154
1155 DnsServer* manager_find_dns_server(Manager *m, int family, const union in_addr_union *in_addr) {
1156 DnsServer *s;
1157
1158 assert(m);
1159 assert(in_addr);
1160
1161 LIST_FOREACH(servers, s, m->dns_servers)
1162 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1163 return s;
1164
1165 LIST_FOREACH(servers, s, m->fallback_dns_servers)
1166 if (s->family == family && in_addr_equal(family, &s->address, in_addr) > 0)
1167 return s;
1168
1169 return NULL;
1170 }
1171
1172 DnsServer *manager_set_dns_server(Manager *m, DnsServer *s) {
1173 assert(m);
1174
1175 if (m->current_dns_server == s)
1176 return s;
1177
1178 if (s) {
1179 _cleanup_free_ char *ip = NULL;
1180
1181 in_addr_to_string(s->family, &s->address, &ip);
1182 log_info("Switching to system DNS server %s.", strna(ip));
1183 }
1184
1185 m->current_dns_server = s;
1186
1187 if (m->unicast_scope)
1188 dns_cache_flush(&m->unicast_scope->cache);
1189
1190 return s;
1191 }
1192
1193 DnsServer *manager_get_dns_server(Manager *m) {
1194 Link *l;
1195 assert(m);
1196
1197 /* Try to read updates resolv.conf */
1198 manager_read_resolv_conf(m);
1199
1200 if (!m->current_dns_server)
1201 manager_set_dns_server(m, m->dns_servers);
1202
1203 if (!m->current_dns_server) {
1204 bool found = false;
1205 Iterator i;
1206
1207 /* No DNS servers configured, let's see if there are
1208 * any on any links. If not, we use the fallback
1209 * servers */
1210
1211 HASHMAP_FOREACH(l, m->links, i)
1212 if (l->dns_servers) {
1213 found = true;
1214 break;
1215 }
1216
1217 if (!found)
1218 manager_set_dns_server(m, m->fallback_dns_servers);
1219 }
1220
1221 return m->current_dns_server;
1222 }
1223
1224 void manager_next_dns_server(Manager *m) {
1225 assert(m);
1226
1227 /* If there's currently no DNS server set, then the next
1228 * manager_get_dns_server() will find one */
1229 if (!m->current_dns_server)
1230 return;
1231
1232 /* Change to the next one */
1233 if (m->current_dns_server->servers_next) {
1234 manager_set_dns_server(m, m->current_dns_server->servers_next);
1235 return;
1236 }
1237
1238 /* If there was no next one, then start from the beginning of
1239 * the list */
1240 if (m->current_dns_server->type == DNS_SERVER_FALLBACK)
1241 manager_set_dns_server(m, m->fallback_dns_servers);
1242 else
1243 manager_set_dns_server(m, m->dns_servers);
1244 }
1245
1246 uint32_t manager_find_mtu(Manager *m) {
1247 uint32_t mtu = 0;
1248 Link *l;
1249 Iterator i;
1250
1251 /* If we don't know on which link a DNS packet would be
1252 * delivered, let's find the largest MTU that works on all
1253 * interfaces we know of */
1254
1255 HASHMAP_FOREACH(l, m->links, i) {
1256 if (l->mtu <= 0)
1257 continue;
1258
1259 if (mtu <= 0 || l->mtu < mtu)
1260 mtu = l->mtu;
1261 }
1262
1263 return mtu;
1264 }
1265
1266 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1267 LinkAddress *a;
1268
1269 assert(m);
1270
1271 a = manager_find_link_address(m, family, in_addr);
1272 if (a)
1273 return a->link->ifindex;
1274
1275 return 0;
1276 }
1277
1278 void manager_refresh_rrs(Manager *m) {
1279 Iterator i;
1280 Link *l;
1281
1282 assert(m);
1283
1284 m->host_ipv4_key = dns_resource_key_unref(m->host_ipv4_key);
1285 m->host_ipv6_key = dns_resource_key_unref(m->host_ipv6_key);
1286
1287 HASHMAP_FOREACH(l, m->links, i) {
1288 link_add_rrs(l, true);
1289 link_add_rrs(l, false);
1290 }
1291 }
1292
1293 int manager_next_hostname(Manager *m) {
1294 const char *p;
1295 uint64_t u, a;
1296 char *h;
1297
1298 assert(m);
1299
1300 p = strchr(m->hostname, 0);
1301 assert(p);
1302
1303 while (p > m->hostname) {
1304 if (!strchr("0123456789", p[-1]))
1305 break;
1306
1307 p--;
1308 }
1309
1310 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1311 u = 1;
1312
1313 /* Add a random number to the old value. This way we can avoid
1314 * that two hosts pick the same hostname, win on IPv4 and lose
1315 * on IPv6 (or vice versa), and pick the same hostname
1316 * replacement hostname, ad infinitum. We still want the
1317 * numbers to go up monotonically, hence we just add a random
1318 * value 1..10 */
1319
1320 random_bytes(&a, sizeof(a));
1321 u += 1 + a % 10;
1322
1323 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->hostname), m->hostname, u) < 0)
1324 return -ENOMEM;
1325
1326 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->hostname, h);
1327
1328 free(m->hostname);
1329 m->hostname = h;
1330
1331 manager_refresh_rrs(m);
1332
1333 return 0;
1334 }
1335
1336 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1337 Iterator i;
1338 Link *l;
1339
1340 assert(m);
1341
1342 HASHMAP_FOREACH(l, m->links, i) {
1343 LinkAddress *a;
1344
1345 a = link_find_address(l, family, in_addr);
1346 if (a)
1347 return a;
1348 }
1349
1350 return NULL;
1351 }
1352
1353 bool manager_our_packet(Manager *m, DnsPacket *p) {
1354 assert(m);
1355 assert(p);
1356
1357 return !!manager_find_link_address(m, p->family, &p->sender);
1358 }
1359
1360 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1361 Link *l;
1362
1363 assert(m);
1364 assert(p);
1365
1366 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1367 if (!l)
1368 return NULL;
1369
1370 if (p->protocol == DNS_PROTOCOL_LLMNR) {
1371 if (p->family == AF_INET)
1372 return l->llmnr_ipv4_scope;
1373 else if (p->family == AF_INET6)
1374 return l->llmnr_ipv6_scope;
1375 }
1376
1377 return NULL;
1378 }
1379
1380 void manager_verify_all(Manager *m) {
1381 DnsScope *s;
1382
1383 assert(m);
1384
1385 LIST_FOREACH(scopes, s, m->dns_scopes)
1386 dns_zone_verify_all(&s->zone);
1387 }
1388
1389 void manager_flush_dns_servers(Manager *m, DnsServerType t) {
1390 DnsServer *s;
1391
1392 assert(m);
1393
1394 if (t == DNS_SERVER_SYSTEM)
1395 while (m->dns_servers) {
1396 s = m->dns_servers;
1397
1398 LIST_REMOVE(servers, m->dns_servers, s);
1399 dns_server_unref(s);
1400 }
1401
1402 if (t == DNS_SERVER_FALLBACK)
1403 while (m->fallback_dns_servers) {
1404 s = m->fallback_dns_servers;
1405
1406 LIST_REMOVE(servers, m->fallback_dns_servers, s);
1407 dns_server_unref(s);
1408 }
1409 }
1410
1411 static const char* const support_table[_SUPPORT_MAX] = {
1412 [SUPPORT_NO] = "no",
1413 [SUPPORT_YES] = "yes",
1414 [SUPPORT_RESOLVE] = "resolve",
1415 };
1416 DEFINE_STRING_TABLE_LOOKUP(support, Support);
Unnamed repository; edit this file 'description' to name the repository.