]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/resolve/resolved-manager.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
resolved: don't check conflicts for DNS-SD enumeration RRs
[thirdparty/systemd.git] / src / resolve / resolved-manager.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2014 Tom Gundersen <teg@jklm.no>
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <netinet/in.h>
22 #include <poll.h>
23 #include <sys/ioctl.h>
24
25 #if HAVE_LIBIDN2
26 #include <idn2.h>
27 #endif
28
29 #include "af-list.h"
30 #include "alloc-util.h"
31 #include "dirent-util.h"
32 #include "dns-domain.h"
33 #include "fd-util.h"
34 #include "fileio-label.h"
35 #include "hostname-util.h"
36 #include "io-util.h"
37 #include "netlink-util.h"
38 #include "network-internal.h"
39 #include "ordered-set.h"
40 #include "parse-util.h"
41 #include "random-util.h"
42 #include "resolved-bus.h"
43 #include "resolved-conf.h"
44 #include "resolved-dnssd.h"
45 #include "resolved-dns-stub.h"
46 #include "resolved-etc-hosts.h"
47 #include "resolved-llmnr.h"
48 #include "resolved-manager.h"
49 #include "resolved-mdns.h"
50 #include "resolved-resolv-conf.h"
51 #include "socket-util.h"
52 #include "string-table.h"
53 #include "string-util.h"
54 #include "utf8.h"
55
56 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
57
58 static int manager_process_link(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
59 Manager *m = userdata;
60 uint16_t type;
61 Link *l;
62 int ifindex, r;
63
64 assert(rtnl);
65 assert(m);
66 assert(mm);
67
68 r = sd_netlink_message_get_type(mm, &type);
69 if (r < 0)
70 goto fail;
71
72 r = sd_rtnl_message_link_get_ifindex(mm, &ifindex);
73 if (r < 0)
74 goto fail;
75
76 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
77
78 switch (type) {
79
80 case RTM_NEWLINK:{
81 bool is_new = !l;
82
83 if (!l) {
84 r = link_new(m, &l, ifindex);
85 if (r < 0)
86 goto fail;
87 }
88
89 r = link_process_rtnl(l, mm);
90 if (r < 0)
91 goto fail;
92
93 r = link_update(l);
94 if (r < 0)
95 goto fail;
96
97 if (is_new)
98 log_debug("Found new link %i/%s", ifindex, l->name);
99
100 break;
101 }
102
103 case RTM_DELLINK:
104 if (l) {
105 log_debug("Removing link %i/%s", l->ifindex, l->name);
106 link_remove_user(l);
107 link_free(l);
108 }
109
110 break;
111 }
112
113 return 0;
114
115 fail:
116 log_warning_errno(r, "Failed to process RTNL link message: %m");
117 return 0;
118 }
119
120 static int manager_process_address(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
121 Manager *m = userdata;
122 union in_addr_union address;
123 uint16_t type;
124 int r, ifindex, family;
125 LinkAddress *a;
126 Link *l;
127
128 assert(rtnl);
129 assert(mm);
130 assert(m);
131
132 r = sd_netlink_message_get_type(mm, &type);
133 if (r < 0)
134 goto fail;
135
136 r = sd_rtnl_message_addr_get_ifindex(mm, &ifindex);
137 if (r < 0)
138 goto fail;
139
140 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
141 if (!l)
142 return 0;
143
144 r = sd_rtnl_message_addr_get_family(mm, &family);
145 if (r < 0)
146 goto fail;
147
148 switch (family) {
149
150 case AF_INET:
151 r = sd_netlink_message_read_in_addr(mm, IFA_LOCAL, &address.in);
152 if (r < 0) {
153 r = sd_netlink_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
154 if (r < 0)
155 goto fail;
156 }
157
158 break;
159
160 case AF_INET6:
161 r = sd_netlink_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
162 if (r < 0) {
163 r = sd_netlink_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
164 if (r < 0)
165 goto fail;
166 }
167
168 break;
169
170 default:
171 return 0;
172 }
173
174 a = link_find_address(l, family, &address);
175
176 switch (type) {
177
178 case RTM_NEWADDR:
179
180 if (!a) {
181 r = link_address_new(l, &a, family, &address);
182 if (r < 0)
183 return r;
184 }
185
186 r = link_address_update_rtnl(a, mm);
187 if (r < 0)
188 return r;
189
190 break;
191
192 case RTM_DELADDR:
193 link_address_free(a);
194 break;
195 }
196
197 return 0;
198
199 fail:
200 log_warning_errno(r, "Failed to process RTNL address message: %m");
201 return 0;
202 }
203
204 static int manager_rtnl_listen(Manager *m) {
205 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL, *reply = NULL;
206 sd_netlink_message *i;
207 int r;
208
209 assert(m);
210
211 /* First, subscribe to interfaces coming and going */
212 r = sd_netlink_open(&m->rtnl);
213 if (r < 0)
214 return r;
215
216 r = sd_netlink_attach_event(m->rtnl, m->event, SD_EVENT_PRIORITY_IMPORTANT);
217 if (r < 0)
218 return r;
219
220 r = sd_netlink_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
221 if (r < 0)
222 return r;
223
224 r = sd_netlink_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
225 if (r < 0)
226 return r;
227
228 r = sd_netlink_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
229 if (r < 0)
230 return r;
231
232 r = sd_netlink_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
233 if (r < 0)
234 return r;
235
236 /* Then, enumerate all links */
237 r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
238 if (r < 0)
239 return r;
240
241 r = sd_netlink_message_request_dump(req, true);
242 if (r < 0)
243 return r;
244
245 r = sd_netlink_call(m->rtnl, req, 0, &reply);
246 if (r < 0)
247 return r;
248
249 for (i = reply; i; i = sd_netlink_message_next(i)) {
250 r = manager_process_link(m->rtnl, i, m);
251 if (r < 0)
252 return r;
253 }
254
255 req = sd_netlink_message_unref(req);
256 reply = sd_netlink_message_unref(reply);
257
258 /* Finally, enumerate all addresses, too */
259 r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
260 if (r < 0)
261 return r;
262
263 r = sd_netlink_message_request_dump(req, true);
264 if (r < 0)
265 return r;
266
267 r = sd_netlink_call(m->rtnl, req, 0, &reply);
268 if (r < 0)
269 return r;
270
271 for (i = reply; i; i = sd_netlink_message_next(i)) {
272 r = manager_process_address(m->rtnl, i, m);
273 if (r < 0)
274 return r;
275 }
276
277 return r;
278 }
279
280 static int on_network_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
281 Manager *m = userdata;
282 Iterator i;
283 Link *l;
284 int r;
285
286 assert(m);
287
288 sd_network_monitor_flush(m->network_monitor);
289
290 HASHMAP_FOREACH(l, m->links, i) {
291 r = link_update(l);
292 if (r < 0)
293 log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
294 }
295
296 (void) manager_write_resolv_conf(m);
297
298 return 0;
299 }
300
301 static int manager_network_monitor_listen(Manager *m) {
302 int r, fd, events;
303
304 assert(m);
305
306 r = sd_network_monitor_new(&m->network_monitor, NULL);
307 if (r < 0)
308 return r;
309
310 fd = sd_network_monitor_get_fd(m->network_monitor);
311 if (fd < 0)
312 return fd;
313
314 events = sd_network_monitor_get_events(m->network_monitor);
315 if (events < 0)
316 return events;
317
318 r = sd_event_add_io(m->event, &m->network_event_source, fd, events, &on_network_event, m);
319 if (r < 0)
320 return r;
321
322 r = sd_event_source_set_priority(m->network_event_source, SD_EVENT_PRIORITY_IMPORTANT+5);
323 if (r < 0)
324 return r;
325
326 (void) sd_event_source_set_description(m->network_event_source, "network-monitor");
327
328 return 0;
329 }
330
331 static int determine_hostname(char **full_hostname, char **llmnr_hostname, char **mdns_hostname) {
332 _cleanup_free_ char *h = NULL, *n = NULL;
333 #if HAVE_LIBIDN2
334 _cleanup_free_ char *utf8 = NULL;
335 #elif HAVE_LIBIDN
336 int k;
337 #endif
338 char label[DNS_LABEL_MAX];
339 const char *p, *decoded;
340 int r;
341
342 assert(full_hostname);
343 assert(llmnr_hostname);
344 assert(mdns_hostname);
345
346 /* Extract and normalize the first label of the locally configured hostname, and check it's not "localhost". */
347
348 r = gethostname_strict(&h);
349 if (r < 0)
350 return log_debug_errno(r, "Can't determine system hostname: %m");
351
352 p = h;
353 r = dns_label_unescape(&p, label, sizeof label);
354 if (r < 0)
355 return log_error_errno(r, "Failed to unescape host name: %m");
356 if (r == 0) {
357 log_error("Couldn't find a single label in hostname.");
358 return -EINVAL;
359 }
360
361 #if HAVE_LIBIDN2
362 r = idn2_to_unicode_8z8z(label, &utf8, 0);
363 if (r != IDN2_OK)
364 return log_error("Failed to undo IDNA: %s", idn2_strerror(r));
365 assert(utf8_is_valid(utf8));
366
367 r = strlen(utf8);
368 decoded = utf8;
369 #elif HAVE_LIBIDN
370 k = dns_label_undo_idna(label, r, label, sizeof label);
371 if (k < 0)
372 return log_error_errno(k, "Failed to undo IDNA: %m");
373 if (k > 0)
374 r = k;
375
376 if (!utf8_is_valid(label)) {
377 log_error("System hostname is not UTF-8 clean.");
378 return -EINVAL;
379 }
380 decoded = label;
381 #else
382 decoded = label; /* no decoding */
383 #endif
384
385 r = dns_label_escape_new(decoded, r, &n);
386 if (r < 0)
387 return log_error_errno(r, "Failed to escape host name: %m");
388
389 if (is_localhost(n)) {
390 log_debug("System hostname is 'localhost', ignoring.");
391 return -EINVAL;
392 }
393
394 r = dns_name_concat(n, "local", mdns_hostname);
395 if (r < 0)
396 return log_error_errno(r, "Failed to determine mDNS hostname: %m");
397
398 *llmnr_hostname = n;
399 n = NULL;
400
401 *full_hostname = h;
402 h = NULL;
403
404 return 0;
405 }
406
407 static const char *fallback_hostname(void) {
408
409 /* Determine the fall back hostname. For exposing this system to the outside world, we cannot have it to be
410 * "localhost" even if that's the compiled in hostname. In this case, let's revert to "linux" instead. */
411
412 if (is_localhost(FALLBACK_HOSTNAME))
413 return "linux";
414
415 return FALLBACK_HOSTNAME;
416 }
417
418 static int make_fallback_hostnames(char **full_hostname, char **llmnr_hostname, char **mdns_hostname) {
419 _cleanup_free_ char *n = NULL, *m = NULL;
420 char label[DNS_LABEL_MAX], *h;
421 const char *p;
422 int r;
423
424 assert(full_hostname);
425 assert(llmnr_hostname);
426 assert(mdns_hostname);
427
428 p = fallback_hostname();
429 r = dns_label_unescape(&p, label, sizeof(label));
430 if (r < 0)
431 return log_error_errno(r, "Failed to unescape fallback host name: %m");
432
433 assert(r > 0); /* The fallback hostname must have at least one label */
434
435 r = dns_label_escape_new(label, r, &n);
436 if (r < 0)
437 return log_error_errno(r, "Failed to escape fallback hostname: %m");
438
439 r = dns_name_concat(n, "local", &m);
440 if (r < 0)
441 return log_error_errno(r, "Failed to concatenate mDNS hostname: %m");
442
443 h = strdup(fallback_hostname());
444 if (!h)
445 return log_oom();
446
447 *llmnr_hostname = n;
448 n = NULL;
449
450 *mdns_hostname = m;
451 m = NULL;
452
453 *full_hostname = h;
454
455 return 0;
456 }
457
458 static int on_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
459 _cleanup_free_ char *full_hostname = NULL, *llmnr_hostname = NULL, *mdns_hostname = NULL;
460 Manager *m = userdata;
461 int r;
462
463 assert(m);
464
465 r = determine_hostname(&full_hostname, &llmnr_hostname, &mdns_hostname);
466 if (r < 0)
467 return 0; /* ignore invalid hostnames */
468
469 if (streq(full_hostname, m->full_hostname) &&
470 streq(llmnr_hostname, m->llmnr_hostname) &&
471 streq(mdns_hostname, m->mdns_hostname))
472 return 0;
473
474 log_info("System hostname changed to '%s'.", full_hostname);
475
476 free_and_replace(m->full_hostname, full_hostname);
477 free_and_replace(m->llmnr_hostname, llmnr_hostname);
478 free_and_replace(m->mdns_hostname, mdns_hostname);
479
480 manager_refresh_rrs(m);
481
482 return 0;
483 }
484
485 static int manager_watch_hostname(Manager *m) {
486 int r;
487
488 assert(m);
489
490 m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
491 if (m->hostname_fd < 0) {
492 log_warning_errno(errno, "Failed to watch hostname: %m");
493 return 0;
494 }
495
496 r = sd_event_add_io(m->event, &m->hostname_event_source, m->hostname_fd, 0, on_hostname_change, m);
497 if (r < 0) {
498 if (r == -EPERM)
499 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
500 m->hostname_fd = safe_close(m->hostname_fd);
501 else
502 return log_error_errno(r, "Failed to add hostname event source: %m");
503 }
504
505 (void) sd_event_source_set_description(m->hostname_event_source, "hostname");
506
507 r = determine_hostname(&m->full_hostname, &m->llmnr_hostname, &m->mdns_hostname);
508 if (r < 0) {
509 log_info("Defaulting to hostname '%s'.", fallback_hostname());
510
511 r = make_fallback_hostnames(&m->full_hostname, &m->llmnr_hostname, &m->mdns_hostname);
512 if (r < 0)
513 return r;
514 } else
515 log_info("Using system hostname '%s'.", m->full_hostname);
516
517 return 0;
518 }
519
520 static int manager_sigusr1(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
521 _cleanup_free_ char *buffer = NULL;
522 _cleanup_fclose_ FILE *f = NULL;
523 Manager *m = userdata;
524 DnsServer *server;
525 size_t size = 0;
526 DnsScope *scope;
527 Iterator i;
528 Link *l;
529
530 assert(s);
531 assert(si);
532 assert(m);
533
534 f = open_memstream(&buffer, &size);
535 if (!f)
536 return log_oom();
537
538 LIST_FOREACH(scopes, scope, m->dns_scopes)
539 dns_scope_dump(scope, f);
540
541 LIST_FOREACH(servers, server, m->dns_servers)
542 dns_server_dump(server, f);
543 LIST_FOREACH(servers, server, m->fallback_dns_servers)
544 dns_server_dump(server, f);
545 HASHMAP_FOREACH(l, m->links, i)
546 LIST_FOREACH(servers, server, l->dns_servers)
547 dns_server_dump(server, f);
548
549 if (fflush_and_check(f) < 0)
550 return log_oom();
551
552 log_dump(LOG_INFO, buffer);
553 return 0;
554 }
555
556 static int manager_sigusr2(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
557 Manager *m = userdata;
558
559 assert(s);
560 assert(si);
561 assert(m);
562
563 manager_flush_caches(m);
564
565 return 0;
566 }
567
568 static int manager_sigrtmin1(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
569 Manager *m = userdata;
570
571 assert(s);
572 assert(si);
573 assert(m);
574
575 manager_reset_server_features(m);
576 return 0;
577 }
578
579 int manager_new(Manager **ret) {
580 _cleanup_(manager_freep) Manager *m = NULL;
581 int r;
582
583 assert(ret);
584
585 m = new0(Manager, 1);
586 if (!m)
587 return -ENOMEM;
588
589 m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
590 m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
591 m->mdns_ipv4_fd = m->mdns_ipv6_fd = -1;
592 m->dns_stub_udp_fd = m->dns_stub_tcp_fd = -1;
593 m->hostname_fd = -1;
594
595 m->llmnr_support = RESOLVE_SUPPORT_YES;
596 m->mdns_support = RESOLVE_SUPPORT_YES;
597 m->dnssec_mode = DEFAULT_DNSSEC_MODE;
598 m->enable_cache = true;
599 m->dns_stub_listener_mode = DNS_STUB_LISTENER_UDP;
600 m->read_resolv_conf = true;
601 m->need_builtin_fallbacks = true;
602 m->etc_hosts_last = m->etc_hosts_mtime = USEC_INFINITY;
603
604 r = dns_trust_anchor_load(&m->trust_anchor);
605 if (r < 0)
606 return r;
607
608 r = manager_parse_config_file(m);
609 if (r < 0)
610 log_warning_errno(r, "Failed to parse configuration file: %m");
611
612 r = sd_event_default(&m->event);
613 if (r < 0)
614 return r;
615
616 sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
617 sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
618
619 sd_event_set_watchdog(m->event, true);
620
621 r = manager_watch_hostname(m);
622 if (r < 0)
623 return r;
624
625 r = dnssd_load(m);
626 if (r < 0)
627 log_warning_errno(r, "Failed to load DNS-SD configuration files: %m");
628
629 r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
630 if (r < 0)
631 return r;
632
633 r = manager_network_monitor_listen(m);
634 if (r < 0)
635 return r;
636
637 r = manager_rtnl_listen(m);
638 if (r < 0)
639 return r;
640
641 r = manager_connect_bus(m);
642 if (r < 0)
643 return r;
644
645 (void) sd_event_add_signal(m->event, &m->sigusr1_event_source, SIGUSR1, manager_sigusr1, m);
646 (void) sd_event_add_signal(m->event, &m->sigusr2_event_source, SIGUSR2, manager_sigusr2, m);
647 (void) sd_event_add_signal(m->event, &m->sigrtmin1_event_source, SIGRTMIN+1, manager_sigrtmin1, m);
648
649 manager_cleanup_saved_user(m);
650
651 *ret = m;
652 m = NULL;
653
654 return 0;
655 }
656
657 int manager_start(Manager *m) {
658 int r;
659
660 assert(m);
661
662 r = manager_dns_stub_start(m);
663 if (r < 0)
664 return r;
665
666 return 0;
667 }
668
669 Manager *manager_free(Manager *m) {
670 Link *l;
671 DnssdService *s;
672
673 if (!m)
674 return NULL;
675
676 dns_server_unlink_all(m->dns_servers);
677 dns_server_unlink_all(m->fallback_dns_servers);
678 dns_search_domain_unlink_all(m->search_domains);
679
680 while ((l = hashmap_first(m->links)))
681 link_free(l);
682
683 while (m->dns_queries)
684 dns_query_free(m->dns_queries);
685
686 dns_scope_free(m->unicast_scope);
687
688 /* At this point only orphaned streams should remain. All others should have been freed already by their
689 * owners */
690 while (m->dns_streams)
691 dns_stream_unref(m->dns_streams);
692
693 hashmap_free(m->links);
694 hashmap_free(m->dns_transactions);
695
696 sd_event_source_unref(m->network_event_source);
697 sd_network_monitor_unref(m->network_monitor);
698
699 sd_netlink_unref(m->rtnl);
700 sd_event_source_unref(m->rtnl_event_source);
701
702 manager_llmnr_stop(m);
703 manager_mdns_stop(m);
704 manager_dns_stub_stop(m);
705
706 sd_bus_slot_unref(m->prepare_for_sleep_slot);
707 sd_event_source_unref(m->bus_retry_event_source);
708 sd_bus_unref(m->bus);
709
710 sd_event_source_unref(m->sigusr1_event_source);
711 sd_event_source_unref(m->sigusr2_event_source);
712 sd_event_source_unref(m->sigrtmin1_event_source);
713
714 sd_event_unref(m->event);
715
716 dns_resource_key_unref(m->llmnr_host_ipv4_key);
717 dns_resource_key_unref(m->llmnr_host_ipv6_key);
718 dns_resource_key_unref(m->mdns_host_ipv4_key);
719 dns_resource_key_unref(m->mdns_host_ipv6_key);
720
721 sd_event_source_unref(m->hostname_event_source);
722 safe_close(m->hostname_fd);
723
724 free(m->full_hostname);
725 free(m->llmnr_hostname);
726 free(m->mdns_hostname);
727
728 while ((s = hashmap_first(m->dnssd_services)))
729 dnssd_service_free(s);
730 hashmap_free(m->dnssd_services);
731
732 dns_trust_anchor_flush(&m->trust_anchor);
733 manager_etc_hosts_flush(m);
734
735 return mfree(m);
736 }
737
738 int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
739 _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
740 union {
741 struct cmsghdr header; /* For alignment */
742 uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
743 + CMSG_SPACE(int) /* ttl/hoplimit */
744 + EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
745 } control;
746 union sockaddr_union sa;
747 struct msghdr mh = {};
748 struct cmsghdr *cmsg;
749 struct iovec iov;
750 ssize_t ms, l;
751 int r;
752
753 assert(m);
754 assert(fd >= 0);
755 assert(ret);
756
757 ms = next_datagram_size_fd(fd);
758 if (ms < 0)
759 return ms;
760
761 r = dns_packet_new(&p, protocol, ms, DNS_PACKET_SIZE_MAX);
762 if (r < 0)
763 return r;
764
765 iov.iov_base = DNS_PACKET_DATA(p);
766 iov.iov_len = p->allocated;
767
768 mh.msg_name = &sa.sa;
769 mh.msg_namelen = sizeof(sa);
770 mh.msg_iov = &iov;
771 mh.msg_iovlen = 1;
772 mh.msg_control = &control;
773 mh.msg_controllen = sizeof(control);
774
775 l = recvmsg(fd, &mh, 0);
776 if (l == 0)
777 return 0;
778 if (l < 0) {
779 if (IN_SET(errno, EAGAIN, EINTR))
780 return 0;
781
782 return -errno;
783 }
784
785 assert(!(mh.msg_flags & MSG_CTRUNC));
786 assert(!(mh.msg_flags & MSG_TRUNC));
787
788 p->size = (size_t) l;
789
790 p->family = sa.sa.sa_family;
791 p->ipproto = IPPROTO_UDP;
792 if (p->family == AF_INET) {
793 p->sender.in = sa.in.sin_addr;
794 p->sender_port = be16toh(sa.in.sin_port);
795 } else if (p->family == AF_INET6) {
796 p->sender.in6 = sa.in6.sin6_addr;
797 p->sender_port = be16toh(sa.in6.sin6_port);
798 p->ifindex = sa.in6.sin6_scope_id;
799 } else
800 return -EAFNOSUPPORT;
801
802 CMSG_FOREACH(cmsg, &mh) {
803
804 if (cmsg->cmsg_level == IPPROTO_IPV6) {
805 assert(p->family == AF_INET6);
806
807 switch (cmsg->cmsg_type) {
808
809 case IPV6_PKTINFO: {
810 struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
811
812 if (p->ifindex <= 0)
813 p->ifindex = i->ipi6_ifindex;
814
815 p->destination.in6 = i->ipi6_addr;
816 break;
817 }
818
819 case IPV6_HOPLIMIT:
820 p->ttl = *(int *) CMSG_DATA(cmsg);
821 break;
822
823 }
824 } else if (cmsg->cmsg_level == IPPROTO_IP) {
825 assert(p->family == AF_INET);
826
827 switch (cmsg->cmsg_type) {
828
829 case IP_PKTINFO: {
830 struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
831
832 if (p->ifindex <= 0)
833 p->ifindex = i->ipi_ifindex;
834
835 p->destination.in = i->ipi_addr;
836 break;
837 }
838
839 case IP_TTL:
840 p->ttl = *(int *) CMSG_DATA(cmsg);
841 break;
842 }
843 }
844 }
845
846 /* The Linux kernel sets the interface index to the loopback
847 * device if the packet came from the local host since it
848 * avoids the routing table in such a case. Let's unset the
849 * interface index in such a case. */
850 if (p->ifindex == LOOPBACK_IFINDEX)
851 p->ifindex = 0;
852
853 if (protocol != DNS_PROTOCOL_DNS) {
854 /* If we don't know the interface index still, we look for the
855 * first local interface with a matching address. Yuck! */
856 if (p->ifindex <= 0)
857 p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
858 }
859
860 *ret = p;
861 p = NULL;
862
863 return 1;
864 }
865
866 static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
867 int r;
868
869 assert(fd >= 0);
870 assert(mh);
871
872 for (;;) {
873 if (sendmsg(fd, mh, flags) >= 0)
874 return 0;
875
876 if (errno == EINTR)
877 continue;
878
879 if (errno != EAGAIN)
880 return -errno;
881
882 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
883 if (r < 0)
884 return r;
885 if (r == 0)
886 return -ETIMEDOUT;
887 }
888 }
889
890 static int write_loop(int fd, void *message, size_t length) {
891 int r;
892
893 assert(fd >= 0);
894 assert(message);
895
896 for (;;) {
897 if (write(fd, message, length) >= 0)
898 return 0;
899
900 if (errno == EINTR)
901 continue;
902
903 if (errno != EAGAIN)
904 return -errno;
905
906 r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
907 if (r < 0)
908 return r;
909 if (r == 0)
910 return -ETIMEDOUT;
911 }
912 }
913
914 int manager_write(Manager *m, int fd, DnsPacket *p) {
915 int r;
916
917 log_debug("Sending %s packet with id %" PRIu16 ".", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p));
918
919 r = write_loop(fd, DNS_PACKET_DATA(p), p->size);
920 if (r < 0)
921 return r;
922
923 return 0;
924 }
925
926 static int manager_ipv4_send(
927 Manager *m,
928 int fd,
929 int ifindex,
930 const struct in_addr *destination,
931 uint16_t port,
932 const struct in_addr *source,
933 DnsPacket *p) {
934 union sockaddr_union sa = {
935 .in.sin_family = AF_INET,
936 };
937 union {
938 struct cmsghdr header; /* For alignment */
939 uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
940 } control;
941 struct msghdr mh = {};
942 struct iovec iov;
943
944 assert(m);
945 assert(fd >= 0);
946 assert(destination);
947 assert(port > 0);
948 assert(p);
949
950 iov.iov_base = DNS_PACKET_DATA(p);
951 iov.iov_len = p->size;
952
953 sa.in.sin_addr = *destination;
954 sa.in.sin_port = htobe16(port),
955
956 mh.msg_iov = &iov;
957 mh.msg_iovlen = 1;
958 mh.msg_name = &sa.sa;
959 mh.msg_namelen = sizeof(sa.in);
960
961 if (ifindex > 0) {
962 struct cmsghdr *cmsg;
963 struct in_pktinfo *pi;
964
965 zero(control);
966
967 mh.msg_control = &control;
968 mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
969
970 cmsg = CMSG_FIRSTHDR(&mh);
971 cmsg->cmsg_len = mh.msg_controllen;
972 cmsg->cmsg_level = IPPROTO_IP;
973 cmsg->cmsg_type = IP_PKTINFO;
974
975 pi = (struct in_pktinfo*) CMSG_DATA(cmsg);
976 pi->ipi_ifindex = ifindex;
977
978 if (source)
979 pi->ipi_spec_dst = *source;
980 }
981
982 return sendmsg_loop(fd, &mh, 0);
983 }
984
985 static int manager_ipv6_send(
986 Manager *m,
987 int fd,
988 int ifindex,
989 const struct in6_addr *destination,
990 uint16_t port,
991 const struct in6_addr *source,
992 DnsPacket *p) {
993
994 union sockaddr_union sa = {
995 .in6.sin6_family = AF_INET6,
996 };
997 union {
998 struct cmsghdr header; /* For alignment */
999 uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
1000 } control;
1001 struct msghdr mh = {};
1002 struct iovec iov;
1003
1004 assert(m);
1005 assert(fd >= 0);
1006 assert(destination);
1007 assert(port > 0);
1008 assert(p);
1009
1010 iov.iov_base = DNS_PACKET_DATA(p);
1011 iov.iov_len = p->size;
1012
1013 sa.in6.sin6_addr = *destination;
1014 sa.in6.sin6_port = htobe16(port),
1015 sa.in6.sin6_scope_id = ifindex;
1016
1017 mh.msg_iov = &iov;
1018 mh.msg_iovlen = 1;
1019 mh.msg_name = &sa.sa;
1020 mh.msg_namelen = sizeof(sa.in6);
1021
1022 if (ifindex > 0) {
1023 struct cmsghdr *cmsg;
1024 struct in6_pktinfo *pi;
1025
1026 zero(control);
1027
1028 mh.msg_control = &control;
1029 mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
1030
1031 cmsg = CMSG_FIRSTHDR(&mh);
1032 cmsg->cmsg_len = mh.msg_controllen;
1033 cmsg->cmsg_level = IPPROTO_IPV6;
1034 cmsg->cmsg_type = IPV6_PKTINFO;
1035
1036 pi = (struct in6_pktinfo*) CMSG_DATA(cmsg);
1037 pi->ipi6_ifindex = ifindex;
1038
1039 if (source)
1040 pi->ipi6_addr = *source;
1041 }
1042
1043 return sendmsg_loop(fd, &mh, 0);
1044 }
1045
1046 int manager_send(
1047 Manager *m,
1048 int fd,
1049 int ifindex,
1050 int family,
1051 const union in_addr_union *destination,
1052 uint16_t port,
1053 const union in_addr_union *source,
1054 DnsPacket *p) {
1055
1056 assert(m);
1057 assert(fd >= 0);
1058 assert(destination);
1059 assert(port > 0);
1060 assert(p);
1061
1062 log_debug("Sending %s packet with id %" PRIu16 " on interface %i/%s.", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p), ifindex, af_to_name(family));
1063
1064 if (family == AF_INET)
1065 return manager_ipv4_send(m, fd, ifindex, &destination->in, port, &source->in, p);
1066 if (family == AF_INET6)
1067 return manager_ipv6_send(m, fd, ifindex, &destination->in6, port, &source->in6, p);
1068
1069 return -EAFNOSUPPORT;
1070 }
1071
1072 uint32_t manager_find_mtu(Manager *m) {
1073 uint32_t mtu = 0;
1074 Link *l;
1075 Iterator i;
1076
1077 /* If we don't know on which link a DNS packet would be
1078 * delivered, let's find the largest MTU that works on all
1079 * interfaces we know of */
1080
1081 HASHMAP_FOREACH(l, m->links, i) {
1082 if (l->mtu <= 0)
1083 continue;
1084
1085 if (mtu <= 0 || l->mtu < mtu)
1086 mtu = l->mtu;
1087 }
1088
1089 return mtu;
1090 }
1091
1092 int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
1093 LinkAddress *a;
1094
1095 assert(m);
1096
1097 a = manager_find_link_address(m, family, in_addr);
1098 if (a)
1099 return a->link->ifindex;
1100
1101 return 0;
1102 }
1103
1104 void manager_refresh_rrs(Manager *m) {
1105 Iterator i;
1106 Link *l;
1107 DnssdService *s;
1108
1109 assert(m);
1110
1111 m->llmnr_host_ipv4_key = dns_resource_key_unref(m->llmnr_host_ipv4_key);
1112 m->llmnr_host_ipv6_key = dns_resource_key_unref(m->llmnr_host_ipv6_key);
1113 m->mdns_host_ipv4_key = dns_resource_key_unref(m->mdns_host_ipv4_key);
1114 m->mdns_host_ipv6_key = dns_resource_key_unref(m->mdns_host_ipv6_key);
1115
1116 if (m->mdns_support == RESOLVE_SUPPORT_YES)
1117 HASHMAP_FOREACH(s, m->dnssd_services, i)
1118 if (dnssd_update_rrs(s) < 0)
1119 log_warning("Failed to refresh DNS-SD service '%s'", s->name);
1120
1121 HASHMAP_FOREACH(l, m->links, i) {
1122 link_add_rrs(l, true);
1123 link_add_rrs(l, false);
1124 }
1125 }
1126
1127 int manager_next_hostname(Manager *m) {
1128 const char *p;
1129 uint64_t u, a;
1130 char *h, *k;
1131 int r;
1132
1133 assert(m);
1134
1135 p = strchr(m->llmnr_hostname, 0);
1136 assert(p);
1137
1138 while (p > m->llmnr_hostname) {
1139 if (!strchr("0123456789", p[-1]))
1140 break;
1141
1142 p--;
1143 }
1144
1145 if (*p == 0 || safe_atou64(p, &u) < 0 || u <= 0)
1146 u = 1;
1147
1148 /* Add a random number to the old value. This way we can avoid
1149 * that two hosts pick the same hostname, win on IPv4 and lose
1150 * on IPv6 (or vice versa), and pick the same hostname
1151 * replacement hostname, ad infinitum. We still want the
1152 * numbers to go up monotonically, hence we just add a random
1153 * value 1..10 */
1154
1155 random_bytes(&a, sizeof(a));
1156 u += 1 + a % 10;
1157
1158 if (asprintf(&h, "%.*s%" PRIu64, (int) (p - m->llmnr_hostname), m->llmnr_hostname, u) < 0)
1159 return -ENOMEM;
1160
1161 r = dns_name_concat(h, "local", &k);
1162 if (r < 0) {
1163 free(h);
1164 return r;
1165 }
1166
1167 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m->llmnr_hostname, h);
1168
1169 free(m->llmnr_hostname);
1170 m->llmnr_hostname = h;
1171
1172 free(m->mdns_hostname);
1173 m->mdns_hostname = k;
1174
1175 manager_refresh_rrs(m);
1176
1177 return 0;
1178 }
1179
1180 LinkAddress* manager_find_link_address(Manager *m, int family, const union in_addr_union *in_addr) {
1181 Iterator i;
1182 Link *l;
1183
1184 assert(m);
1185
1186 HASHMAP_FOREACH(l, m->links, i) {
1187 LinkAddress *a;
1188
1189 a = link_find_address(l, family, in_addr);
1190 if (a)
1191 return a;
1192 }
1193
1194 return NULL;
1195 }
1196
1197 bool manager_our_packet(Manager *m, DnsPacket *p) {
1198 assert(m);
1199 assert(p);
1200
1201 return !!manager_find_link_address(m, p->family, &p->sender);
1202 }
1203
1204 DnsScope* manager_find_scope(Manager *m, DnsPacket *p) {
1205 Link *l;
1206
1207 assert(m);
1208 assert(p);
1209
1210 l = hashmap_get(m->links, INT_TO_PTR(p->ifindex));
1211 if (!l)
1212 return NULL;
1213
1214 switch (p->protocol) {
1215 case DNS_PROTOCOL_LLMNR:
1216 if (p->family == AF_INET)
1217 return l->llmnr_ipv4_scope;
1218 else if (p->family == AF_INET6)
1219 return l->llmnr_ipv6_scope;
1220
1221 break;
1222
1223 case DNS_PROTOCOL_MDNS:
1224 if (p->family == AF_INET)
1225 return l->mdns_ipv4_scope;
1226 else if (p->family == AF_INET6)
1227 return l->mdns_ipv6_scope;
1228
1229 break;
1230
1231 default:
1232 break;
1233 }
1234
1235 return NULL;
1236 }
1237
1238 void manager_verify_all(Manager *m) {
1239 DnsScope *s;
1240
1241 assert(m);
1242
1243 LIST_FOREACH(scopes, s, m->dns_scopes)
1244 dns_zone_verify_all(&s->zone);
1245 }
1246
1247 int manager_is_own_hostname(Manager *m, const char *name) {
1248 int r;
1249
1250 assert(m);
1251 assert(name);
1252
1253 if (m->llmnr_hostname) {
1254 r = dns_name_equal(name, m->llmnr_hostname);
1255 if (r != 0)
1256 return r;
1257 }
1258
1259 if (m->mdns_hostname) {
1260 r = dns_name_equal(name, m->mdns_hostname);
1261 if (r != 0)
1262 return r;
1263 }
1264
1265 if (m->full_hostname)
1266 return dns_name_equal(name, m->full_hostname);
1267
1268 return 0;
1269 }
1270
1271 int manager_compile_dns_servers(Manager *m, OrderedSet **dns) {
1272 DnsServer *s;
1273 Iterator i;
1274 Link *l;
1275 int r;
1276
1277 assert(m);
1278 assert(dns);
1279
1280 r = ordered_set_ensure_allocated(dns, &dns_server_hash_ops);
1281 if (r < 0)
1282 return r;
1283
1284 /* First add the system-wide servers and domains */
1285 LIST_FOREACH(servers, s, m->dns_servers) {
1286 r = ordered_set_put(*dns, s);
1287 if (r == -EEXIST)
1288 continue;
1289 if (r < 0)
1290 return r;
1291 }
1292
1293 /* Then, add the per-link servers */
1294 HASHMAP_FOREACH(l, m->links, i) {
1295 LIST_FOREACH(servers, s, l->dns_servers) {
1296 r = ordered_set_put(*dns, s);
1297 if (r == -EEXIST)
1298 continue;
1299 if (r < 0)
1300 return r;
1301 }
1302 }
1303
1304 /* If we found nothing, add the fallback servers */
1305 if (ordered_set_isempty(*dns)) {
1306 LIST_FOREACH(servers, s, m->fallback_dns_servers) {
1307 r = ordered_set_put(*dns, s);
1308 if (r == -EEXIST)
1309 continue;
1310 if (r < 0)
1311 return r;
1312 }
1313 }
1314
1315 return 0;
1316 }
1317
1318 /* filter_route is a tri-state:
1319 * < 0: no filtering
1320 * = 0 or false: return only domains which should be used for searching
1321 * > 0 or true: return only domains which are for routing only
1322 */
1323 int manager_compile_search_domains(Manager *m, OrderedSet **domains, int filter_route) {
1324 DnsSearchDomain *d;
1325 Iterator i;
1326 Link *l;
1327 int r;
1328
1329 assert(m);
1330 assert(domains);
1331
1332 r = ordered_set_ensure_allocated(domains, &dns_name_hash_ops);
1333 if (r < 0)
1334 return r;
1335
1336 LIST_FOREACH(domains, d, m->search_domains) {
1337
1338 if (filter_route >= 0 &&
1339 d->route_only != !!filter_route)
1340 continue;
1341
1342 r = ordered_set_put(*domains, d->name);
1343 if (r == -EEXIST)
1344 continue;
1345 if (r < 0)
1346 return r;
1347 }
1348
1349 HASHMAP_FOREACH(l, m->links, i) {
1350
1351 LIST_FOREACH(domains, d, l->search_domains) {
1352
1353 if (filter_route >= 0 &&
1354 d->route_only != !!filter_route)
1355 continue;
1356
1357 r = ordered_set_put(*domains, d->name);
1358 if (r == -EEXIST)
1359 continue;
1360 if (r < 0)
1361 return r;
1362 }
1363 }
1364
1365 return 0;
1366 }
1367
1368 DnssecMode manager_get_dnssec_mode(Manager *m) {
1369 assert(m);
1370
1371 if (m->dnssec_mode != _DNSSEC_MODE_INVALID)
1372 return m->dnssec_mode;
1373
1374 return DNSSEC_NO;
1375 }
1376
1377 bool manager_dnssec_supported(Manager *m) {
1378 DnsServer *server;
1379 Iterator i;
1380 Link *l;
1381
1382 assert(m);
1383
1384 if (manager_get_dnssec_mode(m) == DNSSEC_NO)
1385 return false;
1386
1387 server = manager_get_dns_server(m);
1388 if (server && !dns_server_dnssec_supported(server))
1389 return false;
1390
1391 HASHMAP_FOREACH(l, m->links, i)
1392 if (!link_dnssec_supported(l))
1393 return false;
1394
1395 return true;
1396 }
1397
1398 void manager_dnssec_verdict(Manager *m, DnssecVerdict verdict, const DnsResourceKey *key) {
1399
1400 assert(verdict >= 0);
1401 assert(verdict < _DNSSEC_VERDICT_MAX);
1402
1403 if (log_get_max_level() >= LOG_DEBUG) {
1404 char s[DNS_RESOURCE_KEY_STRING_MAX];
1405
1406 log_debug("Found verdict for lookup %s: %s",
1407 dns_resource_key_to_string(key, s, sizeof s),
1408 dnssec_verdict_to_string(verdict));
1409 }
1410
1411 m->n_dnssec_verdict[verdict]++;
1412 }
1413
1414 bool manager_routable(Manager *m, int family) {
1415 Iterator i;
1416 Link *l;
1417
1418 assert(m);
1419
1420 /* Returns true if the host has at least one interface with a routable address of the specified type */
1421
1422 HASHMAP_FOREACH(l, m->links, i)
1423 if (link_relevant(l, family, false))
1424 return true;
1425
1426 return false;
1427 }
1428
1429 void manager_flush_caches(Manager *m) {
1430 DnsScope *scope;
1431
1432 assert(m);
1433
1434 LIST_FOREACH(scopes, scope, m->dns_scopes)
1435 dns_cache_flush(&scope->cache);
1436
1437 log_info("Flushed all caches.");
1438 }
1439
1440 void manager_reset_server_features(Manager *m) {
1441 Iterator i;
1442 Link *l;
1443
1444 dns_server_reset_features_all(m->dns_servers);
1445 dns_server_reset_features_all(m->fallback_dns_servers);
1446
1447 HASHMAP_FOREACH(l, m->links, i)
1448 dns_server_reset_features_all(l->dns_servers);
1449
1450 log_info("Resetting learnt feature levels on all servers.");
1451 }
1452
1453 void manager_cleanup_saved_user(Manager *m) {
1454 _cleanup_closedir_ DIR *d = NULL;
1455 struct dirent *de;
1456 int r;
1457
1458 assert(m);
1459
1460 /* Clean up all saved per-link files in /run/systemd/resolve/netif/ that don't have a matching interface
1461 * anymore. These files are created to persist settings pushed in by the user via the bus, so that resolved can
1462 * be restarted without losing this data. */
1463
1464 d = opendir("/run/systemd/resolve/netif/");
1465 if (!d) {
1466 if (errno == ENOENT)
1467 return;
1468
1469 log_warning_errno(errno, "Failed to open interface directory: %m");
1470 return;
1471 }
1472
1473 FOREACH_DIRENT_ALL(de, d, log_error_errno(errno, "Failed to read interface directory: %m")) {
1474 _cleanup_free_ char *p = NULL;
1475 int ifindex;
1476 Link *l;
1477
1478 if (!IN_SET(de->d_type, DT_UNKNOWN, DT_REG))
1479 continue;
1480
1481 if (dot_or_dot_dot(de->d_name))
1482 continue;
1483
1484 r = parse_ifindex(de->d_name, &ifindex);
1485 if (r < 0) /* Probably some temporary file from a previous run. Delete it */
1486 goto rm;
1487
1488 l = hashmap_get(m->links, INT_TO_PTR(ifindex));
1489 if (!l) /* link vanished */
1490 goto rm;
1491
1492 if (l->is_managed) /* now managed by networkd, hence the bus settings are useless */
1493 goto rm;
1494
1495 continue;
1496
1497 rm:
1498 p = strappend("/run/systemd/resolve/netif/", de->d_name);
1499 if (!p) {
1500 log_oom();
1501 return;
1502 }
1503
1504 (void) unlink(p);
1505 }
1506 }
Unnamed repository; edit this file 'description' to name the repository.