1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2014 Tom Gundersen <teg@jklm.no>
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
21 #include <netinet/in.h>
23 #include <stdio_ext.h>
24 #include <sys/ioctl.h>
31 #include "alloc-util.h"
32 #include "dirent-util.h"
33 #include "dns-domain.h"
35 #include "fileio-label.h"
36 #include "hostname-util.h"
38 #include "netlink-util.h"
39 #include "network-internal.h"
40 #include "ordered-set.h"
41 #include "parse-util.h"
42 #include "random-util.h"
43 #include "resolved-bus.h"
44 #include "resolved-conf.h"
45 #include "resolved-dnssd.h"
46 #include "resolved-dns-stub.h"
47 #include "resolved-etc-hosts.h"
48 #include "resolved-llmnr.h"
49 #include "resolved-manager.h"
50 #include "resolved-mdns.h"
51 #include "resolved-resolv-conf.h"
52 #include "socket-util.h"
53 #include "string-table.h"
54 #include "string-util.h"
57 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
59 static int manager_process_link(sd_netlink
*rtnl
, sd_netlink_message
*mm
, void *userdata
) {
60 Manager
*m
= userdata
;
69 r
= sd_netlink_message_get_type(mm
, &type
);
73 r
= sd_rtnl_message_link_get_ifindex(mm
, &ifindex
);
77 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
85 r
= link_new(m
, &l
, ifindex
);
90 r
= link_process_rtnl(l
, mm
);
99 log_debug("Found new link %i/%s", ifindex
, l
->name
);
106 log_debug("Removing link %i/%s", l
->ifindex
, l
->name
);
117 log_warning_errno(r
, "Failed to process RTNL link message: %m");
121 static int manager_process_address(sd_netlink
*rtnl
, sd_netlink_message
*mm
, void *userdata
) {
122 Manager
*m
= userdata
;
123 union in_addr_union address
;
125 int r
, ifindex
, family
;
133 r
= sd_netlink_message_get_type(mm
, &type
);
137 r
= sd_rtnl_message_addr_get_ifindex(mm
, &ifindex
);
141 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
145 r
= sd_rtnl_message_addr_get_family(mm
, &family
);
152 r
= sd_netlink_message_read_in_addr(mm
, IFA_LOCAL
, &address
.in
);
154 r
= sd_netlink_message_read_in_addr(mm
, IFA_ADDRESS
, &address
.in
);
162 r
= sd_netlink_message_read_in6_addr(mm
, IFA_LOCAL
, &address
.in6
);
164 r
= sd_netlink_message_read_in6_addr(mm
, IFA_ADDRESS
, &address
.in6
);
175 a
= link_find_address(l
, family
, &address
);
182 r
= link_address_new(l
, &a
, family
, &address
);
187 r
= link_address_update_rtnl(a
, mm
);
194 link_address_free(a
);
201 log_warning_errno(r
, "Failed to process RTNL address message: %m");
205 static int manager_rtnl_listen(Manager
*m
) {
206 _cleanup_(sd_netlink_message_unrefp
) sd_netlink_message
*req
= NULL
, *reply
= NULL
;
207 sd_netlink_message
*i
;
212 /* First, subscribe to interfaces coming and going */
213 r
= sd_netlink_open(&m
->rtnl
);
217 r
= sd_netlink_attach_event(m
->rtnl
, m
->event
, SD_EVENT_PRIORITY_IMPORTANT
);
221 r
= sd_netlink_add_match(m
->rtnl
, RTM_NEWLINK
, manager_process_link
, m
);
225 r
= sd_netlink_add_match(m
->rtnl
, RTM_DELLINK
, manager_process_link
, m
);
229 r
= sd_netlink_add_match(m
->rtnl
, RTM_NEWADDR
, manager_process_address
, m
);
233 r
= sd_netlink_add_match(m
->rtnl
, RTM_DELADDR
, manager_process_address
, m
);
237 /* Then, enumerate all links */
238 r
= sd_rtnl_message_new_link(m
->rtnl
, &req
, RTM_GETLINK
, 0);
242 r
= sd_netlink_message_request_dump(req
, true);
246 r
= sd_netlink_call(m
->rtnl
, req
, 0, &reply
);
250 for (i
= reply
; i
; i
= sd_netlink_message_next(i
)) {
251 r
= manager_process_link(m
->rtnl
, i
, m
);
256 req
= sd_netlink_message_unref(req
);
257 reply
= sd_netlink_message_unref(reply
);
259 /* Finally, enumerate all addresses, too */
260 r
= sd_rtnl_message_new_addr(m
->rtnl
, &req
, RTM_GETADDR
, 0, AF_UNSPEC
);
264 r
= sd_netlink_message_request_dump(req
, true);
268 r
= sd_netlink_call(m
->rtnl
, req
, 0, &reply
);
272 for (i
= reply
; i
; i
= sd_netlink_message_next(i
)) {
273 r
= manager_process_address(m
->rtnl
, i
, m
);
281 static int on_network_event(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
282 Manager
*m
= userdata
;
289 sd_network_monitor_flush(m
->network_monitor
);
291 HASHMAP_FOREACH(l
, m
->links
, i
) {
294 log_warning_errno(r
, "Failed to update monitor information for %i: %m", l
->ifindex
);
297 (void) manager_write_resolv_conf(m
);
302 static int manager_network_monitor_listen(Manager
*m
) {
307 r
= sd_network_monitor_new(&m
->network_monitor
, NULL
);
311 fd
= sd_network_monitor_get_fd(m
->network_monitor
);
315 events
= sd_network_monitor_get_events(m
->network_monitor
);
319 r
= sd_event_add_io(m
->event
, &m
->network_event_source
, fd
, events
, &on_network_event
, m
);
323 r
= sd_event_source_set_priority(m
->network_event_source
, SD_EVENT_PRIORITY_IMPORTANT
+5);
327 (void) sd_event_source_set_description(m
->network_event_source
, "network-monitor");
332 static int determine_hostname(char **full_hostname
, char **llmnr_hostname
, char **mdns_hostname
) {
333 _cleanup_free_
char *h
= NULL
, *n
= NULL
;
335 _cleanup_free_
char *utf8
= NULL
;
339 char label
[DNS_LABEL_MAX
];
340 const char *p
, *decoded
;
343 assert(full_hostname
);
344 assert(llmnr_hostname
);
345 assert(mdns_hostname
);
347 /* Extract and normalize the first label of the locally configured hostname, and check it's not "localhost". */
349 r
= gethostname_strict(&h
);
351 return log_debug_errno(r
, "Can't determine system hostname: %m");
354 r
= dns_label_unescape(&p
, label
, sizeof label
);
356 return log_error_errno(r
, "Failed to unescape host name: %m");
358 log_error("Couldn't find a single label in hostname.");
363 r
= idn2_to_unicode_8z8z(label
, &utf8
, 0);
365 return log_error("Failed to undo IDNA: %s", idn2_strerror(r
));
366 assert(utf8_is_valid(utf8
));
371 k
= dns_label_undo_idna(label
, r
, label
, sizeof label
);
373 return log_error_errno(k
, "Failed to undo IDNA: %m");
377 if (!utf8_is_valid(label
)) {
378 log_error("System hostname is not UTF-8 clean.");
383 decoded
= label
; /* no decoding */
386 r
= dns_label_escape_new(decoded
, r
, &n
);
388 return log_error_errno(r
, "Failed to escape host name: %m");
390 if (is_localhost(n
)) {
391 log_debug("System hostname is 'localhost', ignoring.");
395 r
= dns_name_concat(n
, "local", mdns_hostname
);
397 return log_error_errno(r
, "Failed to determine mDNS hostname: %m");
408 static const char *fallback_hostname(void) {
410 /* Determine the fall back hostname. For exposing this system to the outside world, we cannot have it to be
411 * "localhost" even if that's the compiled in hostname. In this case, let's revert to "linux" instead. */
413 if (is_localhost(FALLBACK_HOSTNAME
))
416 return FALLBACK_HOSTNAME
;
419 static int make_fallback_hostnames(char **full_hostname
, char **llmnr_hostname
, char **mdns_hostname
) {
420 _cleanup_free_
char *n
= NULL
, *m
= NULL
;
421 char label
[DNS_LABEL_MAX
], *h
;
425 assert(full_hostname
);
426 assert(llmnr_hostname
);
427 assert(mdns_hostname
);
429 p
= fallback_hostname();
430 r
= dns_label_unescape(&p
, label
, sizeof(label
));
432 return log_error_errno(r
, "Failed to unescape fallback host name: %m");
434 assert(r
> 0); /* The fallback hostname must have at least one label */
436 r
= dns_label_escape_new(label
, r
, &n
);
438 return log_error_errno(r
, "Failed to escape fallback hostname: %m");
440 r
= dns_name_concat(n
, "local", &m
);
442 return log_error_errno(r
, "Failed to concatenate mDNS hostname: %m");
444 h
= strdup(fallback_hostname());
459 static int on_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
460 _cleanup_free_
char *full_hostname
= NULL
, *llmnr_hostname
= NULL
, *mdns_hostname
= NULL
;
461 Manager
*m
= userdata
;
466 r
= determine_hostname(&full_hostname
, &llmnr_hostname
, &mdns_hostname
);
468 return 0; /* ignore invalid hostnames */
470 if (streq(full_hostname
, m
->full_hostname
) &&
471 streq(llmnr_hostname
, m
->llmnr_hostname
) &&
472 streq(mdns_hostname
, m
->mdns_hostname
))
475 log_info("System hostname changed to '%s'.", full_hostname
);
477 free_and_replace(m
->full_hostname
, full_hostname
);
478 free_and_replace(m
->llmnr_hostname
, llmnr_hostname
);
479 free_and_replace(m
->mdns_hostname
, mdns_hostname
);
481 manager_refresh_rrs(m
);
486 static int manager_watch_hostname(Manager
*m
) {
491 m
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
492 if (m
->hostname_fd
< 0) {
493 log_warning_errno(errno
, "Failed to watch hostname: %m");
497 r
= sd_event_add_io(m
->event
, &m
->hostname_event_source
, m
->hostname_fd
, 0, on_hostname_change
, m
);
500 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
501 m
->hostname_fd
= safe_close(m
->hostname_fd
);
503 return log_error_errno(r
, "Failed to add hostname event source: %m");
506 (void) sd_event_source_set_description(m
->hostname_event_source
, "hostname");
508 r
= determine_hostname(&m
->full_hostname
, &m
->llmnr_hostname
, &m
->mdns_hostname
);
510 log_info("Defaulting to hostname '%s'.", fallback_hostname());
512 r
= make_fallback_hostnames(&m
->full_hostname
, &m
->llmnr_hostname
, &m
->mdns_hostname
);
516 log_info("Using system hostname '%s'.", m
->full_hostname
);
521 static int manager_sigusr1(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
522 _cleanup_free_
char *buffer
= NULL
;
523 _cleanup_fclose_
FILE *f
= NULL
;
524 Manager
*m
= userdata
;
535 f
= open_memstream(&buffer
, &size
);
539 (void) __fsetlocking(f
, FSETLOCKING_BYCALLER
);
541 LIST_FOREACH(scopes
, scope
, m
->dns_scopes
)
542 dns_scope_dump(scope
, f
);
544 LIST_FOREACH(servers
, server
, m
->dns_servers
)
545 dns_server_dump(server
, f
);
546 LIST_FOREACH(servers
, server
, m
->fallback_dns_servers
)
547 dns_server_dump(server
, f
);
548 HASHMAP_FOREACH(l
, m
->links
, i
)
549 LIST_FOREACH(servers
, server
, l
->dns_servers
)
550 dns_server_dump(server
, f
);
552 if (fflush_and_check(f
) < 0)
555 log_dump(LOG_INFO
, buffer
);
559 static int manager_sigusr2(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
560 Manager
*m
= userdata
;
566 manager_flush_caches(m
);
571 static int manager_sigrtmin1(sd_event_source
*s
, const struct signalfd_siginfo
*si
, void *userdata
) {
572 Manager
*m
= userdata
;
578 manager_reset_server_features(m
);
582 int manager_new(Manager
**ret
) {
583 _cleanup_(manager_freep
) Manager
*m
= NULL
;
588 m
= new0(Manager
, 1);
592 m
->llmnr_ipv4_udp_fd
= m
->llmnr_ipv6_udp_fd
= -1;
593 m
->llmnr_ipv4_tcp_fd
= m
->llmnr_ipv6_tcp_fd
= -1;
594 m
->mdns_ipv4_fd
= m
->mdns_ipv6_fd
= -1;
595 m
->dns_stub_udp_fd
= m
->dns_stub_tcp_fd
= -1;
598 m
->llmnr_support
= RESOLVE_SUPPORT_YES
;
599 m
->mdns_support
= RESOLVE_SUPPORT_YES
;
600 m
->dnssec_mode
= DEFAULT_DNSSEC_MODE
;
601 m
->enable_cache
= true;
602 m
->dns_stub_listener_mode
= DNS_STUB_LISTENER_UDP
;
603 m
->read_resolv_conf
= true;
604 m
->need_builtin_fallbacks
= true;
605 m
->etc_hosts_last
= m
->etc_hosts_mtime
= USEC_INFINITY
;
607 r
= dns_trust_anchor_load(&m
->trust_anchor
);
611 r
= manager_parse_config_file(m
);
613 log_warning_errno(r
, "Failed to parse configuration file: %m");
615 r
= sd_event_default(&m
->event
);
619 sd_event_add_signal(m
->event
, NULL
, SIGTERM
, NULL
, NULL
);
620 sd_event_add_signal(m
->event
, NULL
, SIGINT
, NULL
, NULL
);
622 sd_event_set_watchdog(m
->event
, true);
624 r
= manager_watch_hostname(m
);
630 log_warning_errno(r
, "Failed to load DNS-SD configuration files: %m");
632 r
= dns_scope_new(m
, &m
->unicast_scope
, NULL
, DNS_PROTOCOL_DNS
, AF_UNSPEC
);
636 r
= manager_network_monitor_listen(m
);
640 r
= manager_rtnl_listen(m
);
644 r
= manager_connect_bus(m
);
648 (void) sd_event_add_signal(m
->event
, &m
->sigusr1_event_source
, SIGUSR1
, manager_sigusr1
, m
);
649 (void) sd_event_add_signal(m
->event
, &m
->sigusr2_event_source
, SIGUSR2
, manager_sigusr2
, m
);
650 (void) sd_event_add_signal(m
->event
, &m
->sigrtmin1_event_source
, SIGRTMIN
+1, manager_sigrtmin1
, m
);
652 manager_cleanup_saved_user(m
);
660 int manager_start(Manager
*m
) {
665 r
= manager_dns_stub_start(m
);
672 Manager
*manager_free(Manager
*m
) {
679 dns_server_unlink_all(m
->dns_servers
);
680 dns_server_unlink_all(m
->fallback_dns_servers
);
681 dns_search_domain_unlink_all(m
->search_domains
);
683 while ((l
= hashmap_first(m
->links
)))
686 while (m
->dns_queries
)
687 dns_query_free(m
->dns_queries
);
689 dns_scope_free(m
->unicast_scope
);
691 /* At this point only orphaned streams should remain. All others should have been freed already by their
693 while (m
->dns_streams
)
694 dns_stream_unref(m
->dns_streams
);
696 hashmap_free(m
->links
);
697 hashmap_free(m
->dns_transactions
);
699 sd_event_source_unref(m
->network_event_source
);
700 sd_network_monitor_unref(m
->network_monitor
);
702 sd_netlink_unref(m
->rtnl
);
703 sd_event_source_unref(m
->rtnl_event_source
);
705 manager_llmnr_stop(m
);
706 manager_mdns_stop(m
);
707 manager_dns_stub_stop(m
);
709 sd_bus_slot_unref(m
->prepare_for_sleep_slot
);
710 sd_event_source_unref(m
->bus_retry_event_source
);
711 sd_bus_unref(m
->bus
);
713 sd_event_source_unref(m
->sigusr1_event_source
);
714 sd_event_source_unref(m
->sigusr2_event_source
);
715 sd_event_source_unref(m
->sigrtmin1_event_source
);
717 sd_event_unref(m
->event
);
719 dns_resource_key_unref(m
->llmnr_host_ipv4_key
);
720 dns_resource_key_unref(m
->llmnr_host_ipv6_key
);
721 dns_resource_key_unref(m
->mdns_host_ipv4_key
);
722 dns_resource_key_unref(m
->mdns_host_ipv6_key
);
724 sd_event_source_unref(m
->hostname_event_source
);
725 safe_close(m
->hostname_fd
);
727 free(m
->full_hostname
);
728 free(m
->llmnr_hostname
);
729 free(m
->mdns_hostname
);
731 while ((s
= hashmap_first(m
->dnssd_services
)))
732 dnssd_service_free(s
);
733 hashmap_free(m
->dnssd_services
);
735 dns_trust_anchor_flush(&m
->trust_anchor
);
736 manager_etc_hosts_flush(m
);
741 int manager_recv(Manager
*m
, int fd
, DnsProtocol protocol
, DnsPacket
**ret
) {
742 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
744 struct cmsghdr header
; /* For alignment */
745 uint8_t buffer
[CMSG_SPACE(MAXSIZE(struct in_pktinfo
, struct in6_pktinfo
))
746 + CMSG_SPACE(int) /* ttl/hoplimit */
747 + EXTRA_CMSG_SPACE
/* kernel appears to require extra buffer space */];
749 union sockaddr_union sa
;
750 struct msghdr mh
= {};
751 struct cmsghdr
*cmsg
;
760 ms
= next_datagram_size_fd(fd
);
764 r
= dns_packet_new(&p
, protocol
, ms
, DNS_PACKET_SIZE_MAX
);
768 iov
.iov_base
= DNS_PACKET_DATA(p
);
769 iov
.iov_len
= p
->allocated
;
771 mh
.msg_name
= &sa
.sa
;
772 mh
.msg_namelen
= sizeof(sa
);
775 mh
.msg_control
= &control
;
776 mh
.msg_controllen
= sizeof(control
);
778 l
= recvmsg(fd
, &mh
, 0);
782 if (IN_SET(errno
, EAGAIN
, EINTR
))
788 assert(!(mh
.msg_flags
& MSG_CTRUNC
));
789 assert(!(mh
.msg_flags
& MSG_TRUNC
));
791 p
->size
= (size_t) l
;
793 p
->family
= sa
.sa
.sa_family
;
794 p
->ipproto
= IPPROTO_UDP
;
795 if (p
->family
== AF_INET
) {
796 p
->sender
.in
= sa
.in
.sin_addr
;
797 p
->sender_port
= be16toh(sa
.in
.sin_port
);
798 } else if (p
->family
== AF_INET6
) {
799 p
->sender
.in6
= sa
.in6
.sin6_addr
;
800 p
->sender_port
= be16toh(sa
.in6
.sin6_port
);
801 p
->ifindex
= sa
.in6
.sin6_scope_id
;
803 return -EAFNOSUPPORT
;
805 CMSG_FOREACH(cmsg
, &mh
) {
807 if (cmsg
->cmsg_level
== IPPROTO_IPV6
) {
808 assert(p
->family
== AF_INET6
);
810 switch (cmsg
->cmsg_type
) {
813 struct in6_pktinfo
*i
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
816 p
->ifindex
= i
->ipi6_ifindex
;
818 p
->destination
.in6
= i
->ipi6_addr
;
823 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
827 } else if (cmsg
->cmsg_level
== IPPROTO_IP
) {
828 assert(p
->family
== AF_INET
);
830 switch (cmsg
->cmsg_type
) {
833 struct in_pktinfo
*i
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
836 p
->ifindex
= i
->ipi_ifindex
;
838 p
->destination
.in
= i
->ipi_addr
;
843 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
849 /* The Linux kernel sets the interface index to the loopback
850 * device if the packet came from the local host since it
851 * avoids the routing table in such a case. Let's unset the
852 * interface index in such a case. */
853 if (p
->ifindex
== LOOPBACK_IFINDEX
)
856 if (protocol
!= DNS_PROTOCOL_DNS
) {
857 /* If we don't know the interface index still, we look for the
858 * first local interface with a matching address. Yuck! */
860 p
->ifindex
= manager_find_ifindex(m
, p
->family
, &p
->destination
);
869 static int sendmsg_loop(int fd
, struct msghdr
*mh
, int flags
) {
876 if (sendmsg(fd
, mh
, flags
) >= 0)
885 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
893 static int write_loop(int fd
, void *message
, size_t length
) {
900 if (write(fd
, message
, length
) >= 0)
909 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
917 int manager_write(Manager
*m
, int fd
, DnsPacket
*p
) {
920 log_debug("Sending %s packet with id %" PRIu16
".", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
));
922 r
= write_loop(fd
, DNS_PACKET_DATA(p
), p
->size
);
929 static int manager_ipv4_send(
933 const struct in_addr
*destination
,
935 const struct in_addr
*source
,
937 union sockaddr_union sa
= {
938 .in
.sin_family
= AF_INET
,
941 struct cmsghdr header
; /* For alignment */
942 uint8_t buffer
[CMSG_SPACE(sizeof(struct in_pktinfo
))];
944 struct msghdr mh
= {};
953 iov
.iov_base
= DNS_PACKET_DATA(p
);
954 iov
.iov_len
= p
->size
;
956 sa
.in
.sin_addr
= *destination
;
957 sa
.in
.sin_port
= htobe16(port
),
961 mh
.msg_name
= &sa
.sa
;
962 mh
.msg_namelen
= sizeof(sa
.in
);
965 struct cmsghdr
*cmsg
;
966 struct in_pktinfo
*pi
;
970 mh
.msg_control
= &control
;
971 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in_pktinfo
));
973 cmsg
= CMSG_FIRSTHDR(&mh
);
974 cmsg
->cmsg_len
= mh
.msg_controllen
;
975 cmsg
->cmsg_level
= IPPROTO_IP
;
976 cmsg
->cmsg_type
= IP_PKTINFO
;
978 pi
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
979 pi
->ipi_ifindex
= ifindex
;
982 pi
->ipi_spec_dst
= *source
;
985 return sendmsg_loop(fd
, &mh
, 0);
988 static int manager_ipv6_send(
992 const struct in6_addr
*destination
,
994 const struct in6_addr
*source
,
997 union sockaddr_union sa
= {
998 .in6
.sin6_family
= AF_INET6
,
1001 struct cmsghdr header
; /* For alignment */
1002 uint8_t buffer
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
1004 struct msghdr mh
= {};
1009 assert(destination
);
1013 iov
.iov_base
= DNS_PACKET_DATA(p
);
1014 iov
.iov_len
= p
->size
;
1016 sa
.in6
.sin6_addr
= *destination
;
1017 sa
.in6
.sin6_port
= htobe16(port
),
1018 sa
.in6
.sin6_scope_id
= ifindex
;
1022 mh
.msg_name
= &sa
.sa
;
1023 mh
.msg_namelen
= sizeof(sa
.in6
);
1026 struct cmsghdr
*cmsg
;
1027 struct in6_pktinfo
*pi
;
1031 mh
.msg_control
= &control
;
1032 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in6_pktinfo
));
1034 cmsg
= CMSG_FIRSTHDR(&mh
);
1035 cmsg
->cmsg_len
= mh
.msg_controllen
;
1036 cmsg
->cmsg_level
= IPPROTO_IPV6
;
1037 cmsg
->cmsg_type
= IPV6_PKTINFO
;
1039 pi
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
1040 pi
->ipi6_ifindex
= ifindex
;
1043 pi
->ipi6_addr
= *source
;
1046 return sendmsg_loop(fd
, &mh
, 0);
1054 const union in_addr_union
*destination
,
1056 const union in_addr_union
*source
,
1061 assert(destination
);
1065 log_debug("Sending %s packet with id %" PRIu16
" on interface %i/%s.", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
), ifindex
, af_to_name(family
));
1067 if (family
== AF_INET
)
1068 return manager_ipv4_send(m
, fd
, ifindex
, &destination
->in
, port
, &source
->in
, p
);
1069 if (family
== AF_INET6
)
1070 return manager_ipv6_send(m
, fd
, ifindex
, &destination
->in6
, port
, &source
->in6
, p
);
1072 return -EAFNOSUPPORT
;
1075 uint32_t manager_find_mtu(Manager
*m
) {
1080 /* If we don't know on which link a DNS packet would be
1081 * delivered, let's find the largest MTU that works on all
1082 * interfaces we know of */
1084 HASHMAP_FOREACH(l
, m
->links
, i
) {
1088 if (mtu
<= 0 || l
->mtu
< mtu
)
1095 int manager_find_ifindex(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1100 a
= manager_find_link_address(m
, family
, in_addr
);
1102 return a
->link
->ifindex
;
1107 void manager_refresh_rrs(Manager
*m
) {
1114 m
->llmnr_host_ipv4_key
= dns_resource_key_unref(m
->llmnr_host_ipv4_key
);
1115 m
->llmnr_host_ipv6_key
= dns_resource_key_unref(m
->llmnr_host_ipv6_key
);
1116 m
->mdns_host_ipv4_key
= dns_resource_key_unref(m
->mdns_host_ipv4_key
);
1117 m
->mdns_host_ipv6_key
= dns_resource_key_unref(m
->mdns_host_ipv6_key
);
1119 if (m
->mdns_support
== RESOLVE_SUPPORT_YES
)
1120 HASHMAP_FOREACH(s
, m
->dnssd_services
, i
)
1121 if (dnssd_update_rrs(s
) < 0)
1122 log_warning("Failed to refresh DNS-SD service '%s'", s
->name
);
1124 HASHMAP_FOREACH(l
, m
->links
, i
) {
1125 link_add_rrs(l
, true);
1126 link_add_rrs(l
, false);
1130 static int manager_next_random_name(const char *old
, char **ret_new
) {
1139 if (!strchr(DIGITS
, p
[-1]))
1145 if (*p
== 0 || safe_atou64(p
, &u
) < 0 || u
<= 0)
1148 /* Add a random number to the old value. This way we can avoid
1149 * that two hosts pick the same hostname, win on IPv4 and lose
1150 * on IPv6 (or vice versa), and pick the same hostname
1151 * replacement hostname, ad infinitum. We still want the
1152 * numbers to go up monotonically, hence we just add a random
1155 random_bytes(&a
, sizeof(a
));
1158 if (asprintf(&n
, "%.*s%" PRIu64
, (int) (p
- old
), old
, u
) < 0)
1166 int manager_next_hostname(Manager
*m
) {
1167 _cleanup_free_
char *h
= NULL
, *k
= NULL
;
1172 r
= manager_next_random_name(m
->llmnr_hostname
, &h
);
1176 r
= dns_name_concat(h
, "local", &k
);
1180 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m
->llmnr_hostname
, h
);
1182 free_and_replace(m
->llmnr_hostname
, h
);
1183 free_and_replace(m
->mdns_hostname
, k
);
1185 manager_refresh_rrs(m
);
1190 LinkAddress
* manager_find_link_address(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1196 HASHMAP_FOREACH(l
, m
->links
, i
) {
1199 a
= link_find_address(l
, family
, in_addr
);
1207 bool manager_our_packet(Manager
*m
, DnsPacket
*p
) {
1211 return !!manager_find_link_address(m
, p
->family
, &p
->sender
);
1214 DnsScope
* manager_find_scope(Manager
*m
, DnsPacket
*p
) {
1220 l
= hashmap_get(m
->links
, INT_TO_PTR(p
->ifindex
));
1224 switch (p
->protocol
) {
1225 case DNS_PROTOCOL_LLMNR
:
1226 if (p
->family
== AF_INET
)
1227 return l
->llmnr_ipv4_scope
;
1228 else if (p
->family
== AF_INET6
)
1229 return l
->llmnr_ipv6_scope
;
1233 case DNS_PROTOCOL_MDNS
:
1234 if (p
->family
== AF_INET
)
1235 return l
->mdns_ipv4_scope
;
1236 else if (p
->family
== AF_INET6
)
1237 return l
->mdns_ipv6_scope
;
1248 void manager_verify_all(Manager
*m
) {
1253 LIST_FOREACH(scopes
, s
, m
->dns_scopes
)
1254 dns_zone_verify_all(&s
->zone
);
1257 int manager_is_own_hostname(Manager
*m
, const char *name
) {
1263 if (m
->llmnr_hostname
) {
1264 r
= dns_name_equal(name
, m
->llmnr_hostname
);
1269 if (m
->mdns_hostname
) {
1270 r
= dns_name_equal(name
, m
->mdns_hostname
);
1275 if (m
->full_hostname
)
1276 return dns_name_equal(name
, m
->full_hostname
);
1281 int manager_compile_dns_servers(Manager
*m
, OrderedSet
**dns
) {
1290 r
= ordered_set_ensure_allocated(dns
, &dns_server_hash_ops
);
1294 /* First add the system-wide servers and domains */
1295 LIST_FOREACH(servers
, s
, m
->dns_servers
) {
1296 r
= ordered_set_put(*dns
, s
);
1303 /* Then, add the per-link servers */
1304 HASHMAP_FOREACH(l
, m
->links
, i
) {
1305 LIST_FOREACH(servers
, s
, l
->dns_servers
) {
1306 r
= ordered_set_put(*dns
, s
);
1314 /* If we found nothing, add the fallback servers */
1315 if (ordered_set_isempty(*dns
)) {
1316 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
) {
1317 r
= ordered_set_put(*dns
, s
);
1328 /* filter_route is a tri-state:
1330 * = 0 or false: return only domains which should be used for searching
1331 * > 0 or true: return only domains which are for routing only
1333 int manager_compile_search_domains(Manager
*m
, OrderedSet
**domains
, int filter_route
) {
1342 r
= ordered_set_ensure_allocated(domains
, &dns_name_hash_ops
);
1346 LIST_FOREACH(domains
, d
, m
->search_domains
) {
1348 if (filter_route
>= 0 &&
1349 d
->route_only
!= !!filter_route
)
1352 r
= ordered_set_put(*domains
, d
->name
);
1359 HASHMAP_FOREACH(l
, m
->links
, i
) {
1361 LIST_FOREACH(domains
, d
, l
->search_domains
) {
1363 if (filter_route
>= 0 &&
1364 d
->route_only
!= !!filter_route
)
1367 r
= ordered_set_put(*domains
, d
->name
);
1378 DnssecMode
manager_get_dnssec_mode(Manager
*m
) {
1381 if (m
->dnssec_mode
!= _DNSSEC_MODE_INVALID
)
1382 return m
->dnssec_mode
;
1387 bool manager_dnssec_supported(Manager
*m
) {
1394 if (manager_get_dnssec_mode(m
) == DNSSEC_NO
)
1397 server
= manager_get_dns_server(m
);
1398 if (server
&& !dns_server_dnssec_supported(server
))
1401 HASHMAP_FOREACH(l
, m
->links
, i
)
1402 if (!link_dnssec_supported(l
))
1408 void manager_dnssec_verdict(Manager
*m
, DnssecVerdict verdict
, const DnsResourceKey
*key
) {
1410 assert(verdict
>= 0);
1411 assert(verdict
< _DNSSEC_VERDICT_MAX
);
1413 if (log_get_max_level() >= LOG_DEBUG
) {
1414 char s
[DNS_RESOURCE_KEY_STRING_MAX
];
1416 log_debug("Found verdict for lookup %s: %s",
1417 dns_resource_key_to_string(key
, s
, sizeof s
),
1418 dnssec_verdict_to_string(verdict
));
1421 m
->n_dnssec_verdict
[verdict
]++;
1424 bool manager_routable(Manager
*m
, int family
) {
1430 /* Returns true if the host has at least one interface with a routable address of the specified type */
1432 HASHMAP_FOREACH(l
, m
->links
, i
)
1433 if (link_relevant(l
, family
, false))
1439 void manager_flush_caches(Manager
*m
) {
1444 LIST_FOREACH(scopes
, scope
, m
->dns_scopes
)
1445 dns_cache_flush(&scope
->cache
);
1447 log_info("Flushed all caches.");
1450 void manager_reset_server_features(Manager
*m
) {
1454 dns_server_reset_features_all(m
->dns_servers
);
1455 dns_server_reset_features_all(m
->fallback_dns_servers
);
1457 HASHMAP_FOREACH(l
, m
->links
, i
)
1458 dns_server_reset_features_all(l
->dns_servers
);
1460 log_info("Resetting learnt feature levels on all servers.");
1463 void manager_cleanup_saved_user(Manager
*m
) {
1464 _cleanup_closedir_
DIR *d
= NULL
;
1470 /* Clean up all saved per-link files in /run/systemd/resolve/netif/ that don't have a matching interface
1471 * anymore. These files are created to persist settings pushed in by the user via the bus, so that resolved can
1472 * be restarted without losing this data. */
1474 d
= opendir("/run/systemd/resolve/netif/");
1476 if (errno
== ENOENT
)
1479 log_warning_errno(errno
, "Failed to open interface directory: %m");
1483 FOREACH_DIRENT_ALL(de
, d
, log_error_errno(errno
, "Failed to read interface directory: %m")) {
1484 _cleanup_free_
char *p
= NULL
;
1488 if (!IN_SET(de
->d_type
, DT_UNKNOWN
, DT_REG
))
1491 if (dot_or_dot_dot(de
->d_name
))
1494 r
= parse_ifindex(de
->d_name
, &ifindex
);
1495 if (r
< 0) /* Probably some temporary file from a previous run. Delete it */
1498 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
1499 if (!l
) /* link vanished */
1502 if (l
->is_managed
) /* now managed by networkd, hence the bus settings are useless */
1508 p
= strappend("/run/systemd/resolve/netif/", de
->d_name
);
1518 bool manager_next_dnssd_names(Manager
*m
) {
1526 HASHMAP_FOREACH(s
, m
->dnssd_services
, i
) {
1527 _cleanup_free_
char * new_name
= NULL
;
1532 r
= manager_next_random_name(s
->name_template
, &new_name
);
1534 log_warning_errno(r
, "Failed to get new name for service '%s': %m", s
->name
);
1538 free_and_replace(s
->name_template
, new_name
);
1540 s
->withdrawn
= false;
1546 manager_refresh_rrs(m
);