along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <arpa/inet.h>
#include <resolv.h>
-#include <net/if.h>
#include <sys/ioctl.h>
-#include <sys/poll.h>
+#include <poll.h>
#include <netinet/in.h>
-#include "rtnl-util.h"
-#include "event-util.h"
-#include "network-util.h"
+#include "netlink-util.h"
#include "network-internal.h"
-#include "conf-parser.h"
#include "socket-util.h"
#include "af-list.h"
#include "utf8.h"
+#include "fileio-label.h"
+#include "ordered-set.h"
+#include "random-util.h"
+#include "hostname-util.h"
-#include "resolved-dns-domain.h"
+#include "dns-domain.h"
#include "resolved-conf.h"
#include "resolved-bus.h"
#include "resolved-manager.h"
+#include "resolved-llmnr.h"
#define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
-static int manager_process_link(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
+static int manager_process_link(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
Manager *m = userdata;
uint16_t type;
Link *l;
assert(m);
assert(mm);
- r = sd_rtnl_message_get_type(mm, &type);
+ r = sd_netlink_message_get_type(mm, &type);
if (r < 0)
goto fail;
return 0;
fail:
- log_warning("Failed to process RTNL link message: %s", strerror(-r));
+ log_warning_errno(r, "Failed to process RTNL link message: %m");
return 0;
}
-static int manager_process_address(sd_rtnl *rtnl, sd_rtnl_message *mm, void *userdata) {
+static int manager_process_address(sd_netlink *rtnl, sd_netlink_message *mm, void *userdata) {
Manager *m = userdata;
union in_addr_union address;
uint16_t type;
assert(mm);
assert(m);
- r = sd_rtnl_message_get_type(mm, &type);
+ r = sd_netlink_message_get_type(mm, &type);
if (r < 0)
goto fail;
switch (family) {
case AF_INET:
- r = sd_rtnl_message_read_in_addr(mm, IFA_LOCAL, &address.in);
+ r = sd_netlink_message_read_in_addr(mm, IFA_LOCAL, &address.in);
if (r < 0) {
- r = sd_rtnl_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
+ r = sd_netlink_message_read_in_addr(mm, IFA_ADDRESS, &address.in);
if (r < 0)
goto fail;
}
break;
case AF_INET6:
- r = sd_rtnl_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
+ r = sd_netlink_message_read_in6_addr(mm, IFA_LOCAL, &address.in6);
if (r < 0) {
- r = sd_rtnl_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
+ r = sd_netlink_message_read_in6_addr(mm, IFA_ADDRESS, &address.in6);
if (r < 0)
goto fail;
}
return 0;
fail:
- log_warning("Failed to process RTNL address message: %s", strerror(-r));
+ log_warning_errno(r, "Failed to process RTNL address message: %m");
return 0;
}
static int manager_rtnl_listen(Manager *m) {
- _cleanup_rtnl_message_unref_ sd_rtnl_message *req = NULL, *reply = NULL;
- sd_rtnl_message *i;
+ _cleanup_netlink_message_unref_ sd_netlink_message *req = NULL, *reply = NULL;
+ sd_netlink_message *i;
int r;
assert(m);
- /* First, subscibe to interfaces coming and going */
- r = sd_rtnl_open(&m->rtnl, 3, RTNLGRP_LINK, RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR);
+ /* First, subscribe to interfaces coming and going */
+ r = sd_netlink_open(&m->rtnl);
if (r < 0)
return r;
- r = sd_rtnl_attach_event(m->rtnl, m->event, 0);
+ r = sd_netlink_attach_event(m->rtnl, m->event, 0);
if (r < 0)
return r;
- r = sd_rtnl_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
+ r = sd_netlink_add_match(m->rtnl, RTM_NEWLINK, manager_process_link, m);
if (r < 0)
return r;
- r = sd_rtnl_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
+ r = sd_netlink_add_match(m->rtnl, RTM_DELLINK, manager_process_link, m);
if (r < 0)
return r;
- r = sd_rtnl_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
+ r = sd_netlink_add_match(m->rtnl, RTM_NEWADDR, manager_process_address, m);
if (r < 0)
return r;
- r = sd_rtnl_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
+ r = sd_netlink_add_match(m->rtnl, RTM_DELADDR, manager_process_address, m);
if (r < 0)
return r;
if (r < 0)
return r;
- r = sd_rtnl_message_request_dump(req, true);
+ r = sd_netlink_message_request_dump(req, true);
if (r < 0)
return r;
- r = sd_rtnl_call(m->rtnl, req, 0, &reply);
+ r = sd_netlink_call(m->rtnl, req, 0, &reply);
if (r < 0)
return r;
- for (i = reply; i; i = sd_rtnl_message_next(i)) {
+ for (i = reply; i; i = sd_netlink_message_next(i)) {
r = manager_process_link(m->rtnl, i, m);
if (r < 0)
return r;
}
- req = sd_rtnl_message_unref(req);
- reply = sd_rtnl_message_unref(reply);
+ req = sd_netlink_message_unref(req);
+ reply = sd_netlink_message_unref(reply);
/* Finally, enumerate all addresses, too */
r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC);
if (r < 0)
return r;
- r = sd_rtnl_message_request_dump(req, true);
+ r = sd_netlink_message_request_dump(req, true);
if (r < 0)
return r;
- r = sd_rtnl_call(m->rtnl, req, 0, &reply);
+ r = sd_netlink_call(m->rtnl, req, 0, &reply);
if (r < 0)
return r;
- for (i = reply; i; i = sd_rtnl_message_next(i)) {
+ for (i = reply; i; i = sd_netlink_message_next(i)) {
r = manager_process_address(m->rtnl, i, m);
if (r < 0)
return r;
HASHMAP_FOREACH(l, m->links, i) {
r = link_update_monitor(l);
if (r < 0)
- log_warning("Failed to update monitor information for %i: %s", l->ifindex, strerror(-r));
+ log_warning_errno(r, "Failed to update monitor information for %i: %m", l->ifindex);
}
r = manager_write_resolv_conf(m);
if (r < 0)
- log_warning("Could not update resolv.conf: %s", strerror(-r));
+ log_warning_errno(r, "Could not update resolv.conf: %m");
return 0;
}
m->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
if (m->hostname_fd < 0) {
- log_warning("Failed to watch hostname: %m");
+ log_warning_errno(errno, "Failed to watch hostname: %m");
return 0;
}
if (r == -EPERM)
/* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
m->hostname_fd = safe_close(m->hostname_fd);
- else {
- log_error("Failed to add hostname event source: %s", strerror(-r));
- return r;
- }
+ else
+ return log_error_errno(r, "Failed to add hostname event source: %m");
}
r = determine_hostname(&m->hostname);
return 0;
}
-static void manager_llmnr_stop(Manager *m) {
- assert(m);
-
- m->llmnr_ipv4_udp_event_source = sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
- m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
-
- m->llmnr_ipv6_udp_event_source = sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
- m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
-
- m->llmnr_ipv4_tcp_event_source = sd_event_source_unref(m->llmnr_ipv4_tcp_event_source);
- m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
-
- m->llmnr_ipv6_tcp_event_source = sd_event_source_unref(m->llmnr_ipv6_tcp_event_source);
- m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
-}
-
-static int manager_llmnr_start(Manager *m) {
- int r;
-
- assert(m);
-
- if (m->llmnr_support == SUPPORT_NO)
- return 0;
-
- r = manager_llmnr_ipv4_udp_fd(m);
- if (r == -EADDRINUSE)
- goto eaddrinuse;
- if (r < 0)
- return r;
-
- r = manager_llmnr_ipv6_udp_fd(m);
- if (r == -EADDRINUSE)
- goto eaddrinuse;
- if (r < 0)
- return r;
-
- r = manager_llmnr_ipv4_tcp_fd(m);
- if (r == -EADDRINUSE)
- goto eaddrinuse;
- if (r < 0)
- return r;
-
- r = manager_llmnr_ipv6_tcp_fd(m);
- if (r == -EADDRINUSE)
- goto eaddrinuse;
- if (r < 0)
- return r;
-
- return 0;
-
-eaddrinuse:
- log_warning("There appears to be another LLMNR respondering running. Turning off LLMNR support.");
- m->llmnr_support = SUPPORT_NO;
- manager_llmnr_stop(m);
- return 0;
-}
-
int manager_new(Manager **ret) {
_cleanup_(manager_freep) Manager *m = NULL;
int r;
if (!m)
return -ENOMEM;
- m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
m->llmnr_ipv4_tcp_fd = m->llmnr_ipv6_tcp_fd = -1;
m->hostname_fd = -1;
while (m->dns_queries)
dns_query_free(m->dns_queries);
- dns_scope_free(m->unicast_scope);
-
manager_flush_dns_servers(m, DNS_SERVER_SYSTEM);
manager_flush_dns_servers(m, DNS_SERVER_FALLBACK);
+ dns_scope_free(m->unicast_scope);
+
hashmap_free(m->links);
hashmap_free(m->dns_transactions);
sd_event_source_unref(m->network_event_source);
sd_network_monitor_unref(m->network_monitor);
- sd_event_source_unref(m->dns_ipv4_event_source);
- sd_event_source_unref(m->dns_ipv6_event_source);
- safe_close(m->dns_ipv4_fd);
- safe_close(m->dns_ipv6_fd);
-
manager_llmnr_stop(m);
sd_bus_slot_unref(m->prepare_for_sleep_slot);
r = stat("/etc/resolv.conf", &st);
if (r < 0) {
if (errno != ENOENT)
- log_warning("Failed to open /etc/resolv.conf: %m");
+ log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
r = -errno;
goto clear;
}
f = fopen("/etc/resolv.conf", "re");
if (!f) {
if (errno != ENOENT)
- log_warning("Failed to open /etc/resolv.conf: %m");
+ log_warning_errno(errno, "Failed to open /etc/resolv.conf: %m");
r = -errno;
goto clear;
}
if (fstat(fileno(f), &st) < 0) {
- log_error("Failed to stat open file: %m");
+ log_error_errno(errno, "Failed to stat open file: %m");
r = -errno;
goto clear;
}
}
LIST_FOREACH_SAFE(servers, s, nx, m->dns_servers)
- if (s->marked)
- dns_server_free(s);
+ if (s->marked) {
+ LIST_REMOVE(servers, m->dns_servers, s);
+ dns_server_unref(s);
+ }
+
+ /* Whenever /etc/resolv.conf changes, start using the first
+ * DNS server of it. This is useful to deal with broken
+ * network managing implementations (like NetworkManager),
+ * that when connecting to a VPN place both the VPN DNS
+ * servers and the local ones in /etc/resolv.conf. Without
+ * resetting the DNS server to use back to the first entry we
+ * will continue to use the local one thus being unable to
+ * resolve VPN domains. */
+ manager_set_dns_server(m, m->dns_servers);
return 0;
clear:
- while (m->dns_servers)
- dns_server_free(m->dns_servers);
+ while (m->dns_servers) {
+ s = m->dns_servers;
+
+ LIST_REMOVE(servers, m->dns_servers, s);
+ dns_server_unref(s);
+ }
return r;
}
-static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
+static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
_cleanup_free_ char *t = NULL;
int r;
r = in_addr_to_string(s->family, &s->address, &t);
if (r < 0) {
- log_warning("Invalid DNS address. Ignoring: %s", strerror(-r));
+ log_warning_errno(r, "Invalid DNS address. Ignoring: %m");
return;
}
(*count) ++;
}
+static void write_resolv_conf_search(
+ const char *domain, FILE *f,
+ unsigned *count,
+ unsigned *length) {
+
+ assert(domain);
+ assert(f);
+ assert(length);
+
+ if (*count >= MAXDNSRCH ||
+ *length + strlen(domain) > 256) {
+ if (*count == MAXDNSRCH)
+ fputs(" # Too many search domains configured, remaining ones ignored.", f);
+ if (*length <= 256)
+ fputs(" # Total length of all search domains is too long, remaining ones ignored.", f);
+
+ return;
+ }
+
+ fprintf(f, " %s", domain);
+
+ (*length) += strlen(domain);
+ (*count) ++;
+}
+
+static int write_resolv_conf_contents(FILE *f, OrderedSet *dns, OrderedSet *domains) {
+ Iterator i;
+
+ fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
+ "# Third party programs must not access this file directly, but\n"
+ "# only through the symlink at /etc/resolv.conf. To manage\n"
+ "# resolv.conf(5) in a different way, replace the symlink by a\n"
+ "# static file or a different symlink.\n\n", f);
+
+ if (ordered_set_isempty(dns))
+ fputs("# No DNS servers known.\n", f);
+ else {
+ DnsServer *s;
+ unsigned count = 0;
+
+ ORDERED_SET_FOREACH(s, dns, i)
+ write_resolv_conf_server(s, f, &count);
+ }
+
+ if (!ordered_set_isempty(domains)) {
+ unsigned length = 0, count = 0;
+ char *domain;
+
+ fputs("search", f);
+ ORDERED_SET_FOREACH(domain, domains, i)
+ write_resolv_conf_search(domain, f, &count, &length);
+ fputs("\n", f);
+ }
+
+ return fflush_and_check(f);
+}
+
int manager_write_resolv_conf(Manager *m) {
static const char path[] = "/run/systemd/resolve/resolv.conf";
_cleanup_free_ char *temp_path = NULL;
_cleanup_fclose_ FILE *f = NULL;
- _cleanup_set_free_ Set *dns = NULL;
- unsigned count = 0;
+ _cleanup_ordered_set_free_ OrderedSet *dns = NULL, *domains = NULL;
DnsServer *s;
Iterator i;
Link *l;
manager_read_resolv_conf(m);
/* Add the full list to a set, to filter out duplicates */
- dns = set_new(dns_server_hash_func, dns_server_compare_func);
+ dns = ordered_set_new(&dns_server_hash_ops);
if (!dns)
return -ENOMEM;
+ domains = ordered_set_new(&dns_name_hash_ops);
+ if (!domains)
+ return -ENOMEM;
+
/* First add the system-wide servers */
LIST_FOREACH(servers, s, m->dns_servers) {
- r = set_put(dns, s);
+ r = ordered_set_put(dns, s);
if (r == -EEXIST)
continue;
if (r < 0)
return r;
}
- /* Then, add the per-link servers */
- HASHMAP_FOREACH(l, m->links, i)
+ /* Then, add the per-link servers and domains */
+ HASHMAP_FOREACH(l, m->links, i) {
+ char **domain;
+
LIST_FOREACH(servers, s, l->dns_servers) {
- r = set_put(dns, s);
+ r = ordered_set_put(dns, s);
+ if (r == -EEXIST)
+ continue;
+ if (r < 0)
+ return r;
+ }
+
+ if (!l->unicast_scope)
+ continue;
+
+ STRV_FOREACH(domain, l->unicast_scope->domains) {
+ r = ordered_set_put(domains, *domain);
if (r == -EEXIST)
continue;
if (r < 0)
return r;
}
+ }
/* If we found nothing, add the fallback servers */
- if (set_isempty(dns)) {
+ if (ordered_set_isempty(dns)) {
LIST_FOREACH(servers, s, m->fallback_dns_servers) {
- r = set_put(dns, s);
+ r = ordered_set_put(dns, s);
if (r == -EEXIST)
continue;
if (r < 0)
}
}
- r = fopen_temporary(path, &f, &temp_path);
+ r = fopen_temporary_label(path, path, &f, &temp_path);
if (r < 0)
return r;
fchmod(fileno(f), 0644);
- fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
- "# Third party programs must not access this file directly, but\n"
- "# only through the symlink at /etc/resolv.conf. To manage\n"
- "# resolv.conf(5) in a different way, replace the symlink by a\n"
- "# static file or a different symlink.\n\n", f);
-
- if (set_isempty(dns))
- fputs("# No DNS servers known.\n", f);
- else {
- SET_FOREACH(s, dns, i)
- write_resolve_conf_server(s, f, &count);
- }
-
- r = fflush_and_check(f);
+ r = write_resolv_conf_contents(f, dns, domains);
if (r < 0)
goto fail;
return 0;
fail:
- unlink(path);
- unlink(temp_path);
+ (void) unlink(path);
+ (void) unlink(temp_path);
return r;
}
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
union {
struct cmsghdr header; /* For alignment */
- uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
+ uint8_t buffer[CMSG_SPACE(MAXSIZE(struct in_pktinfo, struct in6_pktinfo))
+ CMSG_SPACE(int) /* ttl/hoplimit */
+ EXTRA_CMSG_SPACE /* kernel appears to require extra buffer space */];
} control;
} else
return -EAFNOSUPPORT;
- for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
+ CMSG_FOREACH(cmsg, &mh) {
if (cmsg->cmsg_level == IPPROTO_IPV6) {
assert(p->family == AF_INET6);
* device if the packet came from the local host since it
* avoids the routing table in such a case. Let's unset the
* interface index in such a case. */
- if (p->ifindex > 0 && manager_ifindex_is_loopback(m, p->ifindex) != 0)
+ if (p->ifindex == LOOPBACK_IFINDEX)
p->ifindex = 0;
- /* If we don't know the interface index still, we look for the
- * first local interface with a matching address. Yuck! */
- if (p->ifindex <= 0)
- p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
+ if (protocol != DNS_PROTOCOL_DNS) {
+ /* If we don't know the interface index still, we look for the
+ * first local interface with a matching address. Yuck! */
+ if (p->ifindex <= 0)
+ p->ifindex = manager_find_ifindex(m, p->family, &p->destination);
+ }
*ret = p;
p = NULL;
return 1;
}
-static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
- _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
- DnsTransaction *t = NULL;
- Manager *m = userdata;
+static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
int r;
- r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
- if (r <= 0)
- return r;
+ assert(fd >= 0);
+ assert(mh);
- if (dns_packet_validate_reply(p) > 0) {
- t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
- if (!t)
+ for (;;) {
+ if (sendmsg(fd, mh, flags) >= 0)
return 0;
- dns_transaction_process_reply(t, p);
-
- } else
- log_debug("Invalid DNS packet.");
-
- return 0;
-}
-
-int manager_dns_ipv4_fd(Manager *m) {
- const int one = 1;
- int r;
-
- assert(m);
-
- if (m->dns_ipv4_fd >= 0)
- return m->dns_ipv4_fd;
-
- m->dns_ipv4_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
- if (m->dns_ipv4_fd < 0)
- return -errno;
-
- r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
- if (r < 0)
- goto fail;
-
- return m->dns_ipv4_fd;
-
-fail:
- m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
- return r;
-}
-
-int manager_dns_ipv6_fd(Manager *m) {
- const int one = 1;
- int r;
-
- assert(m);
-
- if (m->dns_ipv6_fd >= 0)
- return m->dns_ipv6_fd;
+ if (errno == EINTR)
+ continue;
- m->dns_ipv6_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
- if (m->dns_ipv6_fd < 0)
- return -errno;
+ if (errno != EAGAIN)
+ return -errno;
- r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
+ r = fd_wait_for_event(fd, POLLOUT, SEND_TIMEOUT_USEC);
+ if (r < 0)
+ return r;
+ if (r == 0)
+ return -ETIMEDOUT;
}
-
- r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
- if (r < 0)
- goto fail;
-
- return m->dns_ipv6_fd;
-
-fail:
- m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
- return r;
}
-static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
+static int write_loop(int fd, void *message, size_t length) {
int r;
assert(fd >= 0);
- assert(mh);
+ assert(message);
for (;;) {
- if (sendmsg(fd, mh, flags) >= 0)
+ if (write(fd, message, length) >= 0)
return 0;
if (errno == EINTR)
}
}
+int manager_write(Manager *m, int fd, DnsPacket *p) {
+ int r;
+
+ log_debug("Sending %s packet with id %u", DNS_PACKET_QR(p) ? "response" : "query", DNS_PACKET_ID(p));
+
+ r = write_loop(fd, DNS_PACKET_DATA(p), p->size);
+ if (r < 0)
+ return r;
+
+ return 0;
+}
+
static int manager_ipv4_send(Manager *m, int fd, int ifindex, const struct in_addr *addr, uint16_t port, DnsPacket *p) {
union sockaddr_union sa = {
.in.sin_family = AF_INET,
return mtu;
}
-static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
- _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
- DnsTransaction *t = NULL;
- Manager *m = userdata;
- DnsScope *scope;
- int r;
-
- r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
- if (r <= 0)
- return r;
-
- scope = manager_find_scope(m, p);
- if (!scope) {
- log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
- return 0;
- }
-
- if (dns_packet_validate_reply(p) > 0) {
- log_debug("Got reply packet for id %u", DNS_PACKET_ID(p));
-
- dns_scope_check_conflicts(scope, p);
-
- t = hashmap_get(m->dns_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
- if (t)
- dns_transaction_process_reply(t, p);
-
- } else if (dns_packet_validate_query(p) > 0) {
- log_debug("Got query packet for id %u", DNS_PACKET_ID(p));
-
- dns_scope_process_query(scope, NULL, p);
- } else
- log_debug("Invalid LLMNR UDP packet.");
-
- return 0;
-}
-
-int manager_llmnr_ipv4_udp_fd(Manager *m) {
- union sockaddr_union sa = {
- .in.sin_family = AF_INET,
- .in.sin_port = htobe16(5355),
- };
- static const int one = 1, pmtu = IP_PMTUDISC_DONT, ttl = 255;
- int r;
-
- assert(m);
-
- if (m->llmnr_ipv4_udp_fd >= 0)
- return m->llmnr_ipv4_udp_fd;
-
- m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
- if (m->llmnr_ipv4_udp_fd < 0)
- return -errno;
-
- /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
- r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- /* Disable Don't-Fragment bit in the IP header */
- r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
- if (r < 0)
- goto fail;
-
- return m->llmnr_ipv4_udp_fd;
-
-fail:
- m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
- return r;
-}
-
-int manager_llmnr_ipv6_udp_fd(Manager *m) {
- union sockaddr_union sa = {
- .in6.sin6_family = AF_INET6,
- .in6.sin6_port = htobe16(5355),
- };
- static const int one = 1, ttl = 255;
- int r;
-
- assert(m);
-
- if (m->llmnr_ipv6_udp_fd >= 0)
- return m->llmnr_ipv6_udp_fd;
-
- m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
- if (m->llmnr_ipv6_udp_fd < 0)
- return -errno;
-
- r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &ttl, sizeof(ttl));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
- r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- return m->llmnr_ipv6_udp_fd;
-
-fail:
- m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
- return r;
-}
-
-static int on_llmnr_stream_packet(DnsStream *s) {
- DnsScope *scope;
-
- assert(s);
-
- scope = manager_find_scope(s->manager, s->read_packet);
- if (!scope) {
- log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
- return 0;
- }
-
- if (dns_packet_validate_query(s->read_packet) > 0) {
- log_debug("Got query packet for id %u", DNS_PACKET_ID(s->read_packet));
-
- dns_scope_process_query(scope, s, s->read_packet);
-
- /* If no reply packet was set, we free the stream */
- if (s->write_packet)
- return 0;
- } else
- log_debug("Invalid LLMNR TCP packet.");
-
- dns_stream_free(s);
- return 0;
-}
-
-static int on_llmnr_stream(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
- DnsStream *stream;
- Manager *m = userdata;
- int cfd, r;
-
- cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
- if (cfd < 0) {
- if (errno == EAGAIN || errno == EINTR)
- return 0;
-
- return -errno;
- }
-
- r = dns_stream_new(m, &stream, DNS_PROTOCOL_LLMNR, cfd);
- if (r < 0) {
- safe_close(cfd);
- return r;
- }
-
- stream->on_packet = on_llmnr_stream_packet;
- return 0;
-}
-
-int manager_llmnr_ipv4_tcp_fd(Manager *m) {
- union sockaddr_union sa = {
- .in.sin_family = AF_INET,
- .in.sin_port = htobe16(5355),
- };
- static const int one = 1, pmtu = IP_PMTUDISC_DONT;
- int r;
-
- assert(m);
-
- if (m->llmnr_ipv4_tcp_fd >= 0)
- return m->llmnr_ipv4_tcp_fd;
-
- m->llmnr_ipv4_tcp_fd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
- if (m->llmnr_ipv4_tcp_fd < 0)
- return -errno;
-
- /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
- r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv4_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- /* Disable Don't-Fragment bit in the IP header */
- r = setsockopt(m->llmnr_ipv4_tcp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = bind(m->llmnr_ipv4_tcp_fd, &sa.sa, sizeof(sa.in));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = listen(m->llmnr_ipv4_tcp_fd, SOMAXCONN);
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = sd_event_add_io(m->event, &m->llmnr_ipv4_tcp_event_source, m->llmnr_ipv4_tcp_fd, EPOLLIN, on_llmnr_stream, m);
- if (r < 0)
- goto fail;
-
- return m->llmnr_ipv4_tcp_fd;
-
-fail:
- m->llmnr_ipv4_tcp_fd = safe_close(m->llmnr_ipv4_tcp_fd);
- return r;
-}
-
-int manager_llmnr_ipv6_tcp_fd(Manager *m) {
- union sockaddr_union sa = {
- .in6.sin6_family = AF_INET6,
- .in6.sin6_port = htobe16(5355),
- };
- static const int one = 1;
- int r;
-
- assert(m);
-
- if (m->llmnr_ipv6_tcp_fd >= 0)
- return m->llmnr_ipv6_tcp_fd;
-
- m->llmnr_ipv6_tcp_fd = socket(AF_INET6, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
- if (m->llmnr_ipv6_tcp_fd < 0)
- return -errno;
-
- /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
- r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv6_tcp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = setsockopt(m->llmnr_ipv6_tcp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = bind(m->llmnr_ipv6_tcp_fd, &sa.sa, sizeof(sa.in6));
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = listen(m->llmnr_ipv6_tcp_fd, SOMAXCONN);
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- r = sd_event_add_io(m->event, &m->llmnr_ipv6_tcp_event_source, m->llmnr_ipv6_tcp_fd, EPOLLIN, on_llmnr_stream, m);
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- return m->llmnr_ipv6_tcp_fd;
-
-fail:
- m->llmnr_ipv6_tcp_fd = safe_close(m->llmnr_ipv6_tcp_fd);
- return r;
-}
-
-int manager_ifindex_is_loopback(Manager *m, int ifindex) {
- Link *l;
- assert(m);
-
- if (ifindex <= 0)
- return -EINVAL;
-
- l = hashmap_get(m->links, INT_TO_PTR(ifindex));
- if (l->flags & IFF_LOOPBACK)
- return 1;
-
- return 0;
-}
-
int manager_find_ifindex(Manager *m, int family, const union in_addr_union *in_addr) {
LinkAddress *a;
}
void manager_flush_dns_servers(Manager *m, DnsServerType t) {
+ DnsServer *s;
+
assert(m);
if (t == DNS_SERVER_SYSTEM)
- while (m->dns_servers)
- dns_server_free(m->dns_servers);
+ while (m->dns_servers) {
+ s = m->dns_servers;
+
+ LIST_REMOVE(servers, m->dns_servers, s);
+ dns_server_unref(s);
+ }
if (t == DNS_SERVER_FALLBACK)
- while (m->fallback_dns_servers)
- dns_server_free(m->fallback_dns_servers);
+ while (m->fallback_dns_servers) {
+ s = m->fallback_dns_servers;
+
+ LIST_REMOVE(servers, m->fallback_dns_servers, s);
+ dns_server_unref(s);
+ }
}
static const char* const support_table[_SUPPORT_MAX] = {
projects / thirdparty / systemd.git / blobdiff