1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <sys/ioctl.h>
25 #include <netinet/in.h>
27 #include "rtnl-util.h"
28 #include "network-internal.h"
29 #include "socket-util.h"
32 #include "fileio-label.h"
33 #include "ordered-set.h"
34 #include "random-util.h"
35 #include "hostname-util.h"
37 #include "resolved-dns-domain.h"
38 #include "resolved-conf.h"
39 #include "resolved-bus.h"
40 #include "resolved-manager.h"
42 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
44 static int manager_process_link(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
45 Manager
*m
= userdata
;
54 r
= sd_rtnl_message_get_type(mm
, &type
);
58 r
= sd_rtnl_message_link_get_ifindex(mm
, &ifindex
);
62 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
70 r
= link_new(m
, &l
, ifindex
);
75 r
= link_update_rtnl(l
, mm
);
79 r
= link_update_monitor(l
);
84 log_debug("Found new link %i/%s", ifindex
, l
->name
);
91 log_debug("Removing link %i/%s", l
->ifindex
, l
->name
);
101 log_warning_errno(r
, "Failed to process RTNL link message: %m");
105 static int manager_process_address(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
106 Manager
*m
= userdata
;
107 union in_addr_union address
;
109 int r
, ifindex
, family
;
117 r
= sd_rtnl_message_get_type(mm
, &type
);
121 r
= sd_rtnl_message_addr_get_ifindex(mm
, &ifindex
);
125 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
129 r
= sd_rtnl_message_addr_get_family(mm
, &family
);
136 r
= sd_rtnl_message_read_in_addr(mm
, IFA_LOCAL
, &address
.in
);
138 r
= sd_rtnl_message_read_in_addr(mm
, IFA_ADDRESS
, &address
.in
);
146 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_LOCAL
, &address
.in6
);
148 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_ADDRESS
, &address
.in6
);
159 a
= link_find_address(l
, family
, &address
);
166 r
= link_address_new(l
, &a
, family
, &address
);
171 r
= link_address_update_rtnl(a
, mm
);
179 link_address_free(a
);
186 log_warning_errno(r
, "Failed to process RTNL address message: %m");
190 static int manager_rtnl_listen(Manager
*m
) {
191 _cleanup_rtnl_message_unref_ sd_rtnl_message
*req
= NULL
, *reply
= NULL
;
197 /* First, subscribe to interfaces coming and going */
198 r
= sd_rtnl_open(&m
->rtnl
, 3, RTNLGRP_LINK
, RTNLGRP_IPV4_IFADDR
, RTNLGRP_IPV6_IFADDR
);
202 r
= sd_rtnl_attach_event(m
->rtnl
, m
->event
, 0);
206 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWLINK
, manager_process_link
, m
);
210 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELLINK
, manager_process_link
, m
);
214 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWADDR
, manager_process_address
, m
);
218 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELADDR
, manager_process_address
, m
);
222 /* Then, enumerate all links */
223 r
= sd_rtnl_message_new_link(m
->rtnl
, &req
, RTM_GETLINK
, 0);
227 r
= sd_rtnl_message_request_dump(req
, true);
231 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
235 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
236 r
= manager_process_link(m
->rtnl
, i
, m
);
241 req
= sd_rtnl_message_unref(req
);
242 reply
= sd_rtnl_message_unref(reply
);
244 /* Finally, enumerate all addresses, too */
245 r
= sd_rtnl_message_new_addr(m
->rtnl
, &req
, RTM_GETADDR
, 0, AF_UNSPEC
);
249 r
= sd_rtnl_message_request_dump(req
, true);
253 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
257 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
258 r
= manager_process_address(m
->rtnl
, i
, m
);
266 static int on_network_event(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
267 Manager
*m
= userdata
;
274 sd_network_monitor_flush(m
->network_monitor
);
276 HASHMAP_FOREACH(l
, m
->links
, i
) {
277 r
= link_update_monitor(l
);
279 log_warning_errno(r
, "Failed to update monitor information for %i: %m", l
->ifindex
);
282 r
= manager_write_resolv_conf(m
);
284 log_warning_errno(r
, "Could not update resolv.conf: %m");
289 static int manager_network_monitor_listen(Manager
*m
) {
294 r
= sd_network_monitor_new(&m
->network_monitor
, NULL
);
298 fd
= sd_network_monitor_get_fd(m
->network_monitor
);
302 events
= sd_network_monitor_get_events(m
->network_monitor
);
306 r
= sd_event_add_io(m
->event
, &m
->network_event_source
, fd
, events
, &on_network_event
, m
);
313 static int determine_hostname(char **ret
) {
314 _cleanup_free_
char *h
= NULL
, *n
= NULL
;
319 h
= gethostname_malloc();
323 if (!utf8_is_valid(h
)) {
324 log_error("System hostname is not UTF-8 clean.");
328 r
= dns_name_normalize(h
, &n
);
330 log_error("System hostname '%s' cannot be normalized.", h
);
340 static int on_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
341 _cleanup_free_
char *h
= NULL
;
342 Manager
*m
= userdata
;
347 r
= determine_hostname(&h
);
349 return 0; /* ignore invalid hostnames */
351 if (streq(h
, m
->hostname
))
354 log_info("System hostname changed to '%s'.", h
);
359 manager_refresh_rrs(m
);
364 static int manager_watch_hostname(Manager
*m
) {
369 m
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
370 if (m
->hostname_fd
< 0) {
371 log_warning_errno(errno
, "Failed to watch hostname: %m");
375 r
= sd_event_add_io(m
->event
, &m
->hostname_event_source
, m
->hostname_fd
, 0, on_hostname_change
, m
);
378 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
379 m
->hostname_fd
= safe_close(m
->hostname_fd
);
381 return log_error_errno(r
, "Failed to add hostname event source: %m");
384 r
= determine_hostname(&m
->hostname
);
386 log_info("Defaulting to hostname 'linux'.");
387 m
->hostname
= strdup("linux");
391 log_info("Using system hostname '%s'.", m
->hostname
);
396 static void manager_llmnr_stop(Manager
*m
) {
399 m
->llmnr_ipv4_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_udp_event_source
);
400 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
402 m
->llmnr_ipv6_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_udp_event_source
);
403 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
405 m
->llmnr_ipv4_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_tcp_event_source
);
406 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
408 m
->llmnr_ipv6_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_tcp_event_source
);
409 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
412 static int manager_llmnr_start(Manager
*m
) {
417 if (m
->llmnr_support
== SUPPORT_NO
)
420 r
= manager_llmnr_ipv4_udp_fd(m
);
421 if (r
== -EADDRINUSE
)
426 r
= manager_llmnr_ipv4_tcp_fd(m
);
427 if (r
== -EADDRINUSE
)
432 if (socket_ipv6_is_supported()) {
433 r
= manager_llmnr_ipv6_udp_fd(m
);
434 if (r
== -EADDRINUSE
)
439 r
= manager_llmnr_ipv6_tcp_fd(m
);
440 if (r
== -EADDRINUSE
)
449 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
450 m
->llmnr_support
= SUPPORT_NO
;
451 manager_llmnr_stop(m
);
456 int manager_new(Manager
**ret
) {
457 _cleanup_(manager_freep
) Manager
*m
= NULL
;
462 m
= new0(Manager
, 1);
466 m
->dns_ipv4_fd
= m
->dns_ipv6_fd
= -1;
467 m
->llmnr_ipv4_udp_fd
= m
->llmnr_ipv6_udp_fd
= -1;
468 m
->llmnr_ipv4_tcp_fd
= m
->llmnr_ipv6_tcp_fd
= -1;
471 m
->llmnr_support
= SUPPORT_YES
;
472 m
->read_resolv_conf
= true;
474 r
= manager_parse_dns_server(m
, DNS_SERVER_FALLBACK
, DNS_SERVERS
);
478 r
= sd_event_default(&m
->event
);
482 sd_event_add_signal(m
->event
, NULL
, SIGTERM
, NULL
, NULL
);
483 sd_event_add_signal(m
->event
, NULL
, SIGINT
, NULL
, NULL
);
485 sd_event_set_watchdog(m
->event
, true);
487 r
= manager_watch_hostname(m
);
491 r
= dns_scope_new(m
, &m
->unicast_scope
, NULL
, DNS_PROTOCOL_DNS
, AF_UNSPEC
);
495 r
= manager_network_monitor_listen(m
);
499 r
= manager_rtnl_listen(m
);
503 r
= manager_connect_bus(m
);
513 int manager_start(Manager
*m
) {
518 r
= manager_llmnr_start(m
);
525 Manager
*manager_free(Manager
*m
) {
531 while ((l
= hashmap_first(m
->links
)))
534 while (m
->dns_queries
)
535 dns_query_free(m
->dns_queries
);
537 manager_flush_dns_servers(m
, DNS_SERVER_SYSTEM
);
538 manager_flush_dns_servers(m
, DNS_SERVER_FALLBACK
);
540 dns_scope_free(m
->unicast_scope
);
542 hashmap_free(m
->links
);
543 hashmap_free(m
->dns_transactions
);
545 sd_event_source_unref(m
->network_event_source
);
546 sd_network_monitor_unref(m
->network_monitor
);
548 sd_event_source_unref(m
->dns_ipv4_event_source
);
549 sd_event_source_unref(m
->dns_ipv6_event_source
);
550 safe_close(m
->dns_ipv4_fd
);
551 safe_close(m
->dns_ipv6_fd
);
553 manager_llmnr_stop(m
);
555 sd_bus_slot_unref(m
->prepare_for_sleep_slot
);
556 sd_event_source_unref(m
->bus_retry_event_source
);
557 sd_bus_unref(m
->bus
);
559 sd_event_unref(m
->event
);
561 dns_resource_key_unref(m
->host_ipv4_key
);
562 dns_resource_key_unref(m
->host_ipv6_key
);
564 safe_close(m
->hostname_fd
);
565 sd_event_source_unref(m
->hostname_event_source
);
573 int manager_read_resolv_conf(Manager
*m
) {
574 _cleanup_fclose_
FILE *f
= NULL
;
583 /* Reads the system /etc/resolv.conf, if it exists and is not
584 * symlinked to our own resolv.conf instance */
586 if (!m
->read_resolv_conf
)
589 r
= stat("/etc/resolv.conf", &st
);
592 log_warning_errno(errno
, "Failed to open /etc/resolv.conf: %m");
597 /* Have we already seen the file? */
598 t
= timespec_load(&st
.st_mtim
);
599 if (t
== m
->resolv_conf_mtime
)
602 m
->resolv_conf_mtime
= t
;
604 /* Is it symlinked to our own file? */
605 if (stat("/run/systemd/resolve/resolv.conf", &own
) >= 0 &&
606 st
.st_dev
== own
.st_dev
&&
607 st
.st_ino
== own
.st_ino
) {
612 f
= fopen("/etc/resolv.conf", "re");
615 log_warning_errno(errno
, "Failed to open /etc/resolv.conf: %m");
620 if (fstat(fileno(f
), &st
) < 0) {
621 log_error_errno(errno
, "Failed to stat open file: %m");
626 LIST_FOREACH(servers
, s
, m
->dns_servers
)
629 FOREACH_LINE(line
, f
, r
= -errno
; goto clear
) {
630 union in_addr_union address
;
638 if (*l
== '#' || *l
== ';')
641 a
= first_word(l
, "nameserver");
645 r
= in_addr_from_string_auto(a
, &family
, &address
);
647 log_warning("Failed to parse name server %s.", a
);
651 LIST_FOREACH(servers
, s
, m
->dns_servers
)
652 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, &address
) > 0)
658 r
= dns_server_new(m
, NULL
, DNS_SERVER_SYSTEM
, NULL
, family
, &address
);
664 LIST_FOREACH_SAFE(servers
, s
, nx
, m
->dns_servers
)
668 /* Whenever /etc/resolv.conf changes, start using the first
669 * DNS server of it. This is useful to deal with broken
670 * network managing implementations (like NetworkManager),
671 * that when connecting to a VPN place both the VPN DNS
672 * servers and the local ones in /etc/resolv.conf. Without
673 * resetting the DNS server to use back to the first entry we
674 * will continue to use the local one thus being unable to
675 * resolve VPN domains. */
676 manager_set_dns_server(m
, m
->dns_servers
);
681 while (m
->dns_servers
)
682 dns_server_free(m
->dns_servers
);
687 static void write_resolv_conf_server(DnsServer
*s
, FILE *f
, unsigned *count
) {
688 _cleanup_free_
char *t
= NULL
;
695 r
= in_addr_to_string(s
->family
, &s
->address
, &t
);
697 log_warning_errno(r
, "Invalid DNS address. Ignoring: %m");
702 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f
);
704 fprintf(f
, "nameserver %s\n", t
);
708 static void write_resolv_conf_search(
709 const char *domain
, FILE *f
,
717 if (*count
>= MAXDNSRCH
||
718 *length
+ strlen(domain
) > 256) {
719 if (*count
== MAXDNSRCH
)
720 fputs(" # Too many search domains configured, remaining ones ignored.", f
);
722 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f
);
727 fprintf(f
, " %s", domain
);
729 (*length
) += strlen(domain
);
733 static int write_resolv_conf_contents(FILE *f
, OrderedSet
*dns
, OrderedSet
*domains
) {
736 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
737 "# Third party programs must not access this file directly, but\n"
738 "# only through the symlink at /etc/resolv.conf. To manage\n"
739 "# resolv.conf(5) in a different way, replace the symlink by a\n"
740 "# static file or a different symlink.\n\n", f
);
742 if (ordered_set_isempty(dns
))
743 fputs("# No DNS servers known.\n", f
);
748 ORDERED_SET_FOREACH(s
, dns
, i
)
749 write_resolv_conf_server(s
, f
, &count
);
752 if (!ordered_set_isempty(domains
)) {
753 unsigned length
= 0, count
= 0;
757 ORDERED_SET_FOREACH(domain
, domains
, i
)
758 write_resolv_conf_search(domain
, f
, &count
, &length
);
762 return fflush_and_check(f
);
765 int manager_write_resolv_conf(Manager
*m
) {
766 static const char path
[] = "/run/systemd/resolve/resolv.conf";
767 _cleanup_free_
char *temp_path
= NULL
;
768 _cleanup_fclose_
FILE *f
= NULL
;
769 _cleanup_ordered_set_free_ OrderedSet
*dns
= NULL
, *domains
= NULL
;
777 /* Read the system /etc/resolv.conf first */
778 manager_read_resolv_conf(m
);
780 /* Add the full list to a set, to filter out duplicates */
781 dns
= ordered_set_new(&dns_server_hash_ops
);
785 domains
= ordered_set_new(&dns_name_hash_ops
);
789 /* First add the system-wide servers */
790 LIST_FOREACH(servers
, s
, m
->dns_servers
) {
791 r
= ordered_set_put(dns
, s
);
798 /* Then, add the per-link servers and domains */
799 HASHMAP_FOREACH(l
, m
->links
, i
) {
802 LIST_FOREACH(servers
, s
, l
->dns_servers
) {
803 r
= ordered_set_put(dns
, s
);
810 if (!l
->unicast_scope
)
813 STRV_FOREACH(domain
, l
->unicast_scope
->domains
) {
814 r
= ordered_set_put(domains
, *domain
);
822 /* If we found nothing, add the fallback servers */
823 if (ordered_set_isempty(dns
)) {
824 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
) {
825 r
= ordered_set_put(dns
, s
);
833 r
= fopen_temporary_label(path
, path
, &f
, &temp_path
);
837 fchmod(fileno(f
), 0644);
839 r
= write_resolv_conf_contents(f
, dns
, domains
);
843 if (rename(temp_path
, path
) < 0) {
852 (void) unlink(temp_path
);
856 int manager_recv(Manager
*m
, int fd
, DnsProtocol protocol
, DnsPacket
**ret
) {
857 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
859 struct cmsghdr header
; /* For alignment */
860 uint8_t buffer
[CMSG_SPACE(MAXSIZE(struct in_pktinfo
, struct in6_pktinfo
))
861 + CMSG_SPACE(int) /* ttl/hoplimit */
862 + EXTRA_CMSG_SPACE
/* kernel appears to require extra buffer space */];
864 union sockaddr_union sa
;
865 struct msghdr mh
= {};
866 struct cmsghdr
*cmsg
;
875 r
= ioctl(fd
, FIONREAD
, &ms
);
881 r
= dns_packet_new(&p
, protocol
, ms
);
885 iov
.iov_base
= DNS_PACKET_DATA(p
);
886 iov
.iov_len
= p
->allocated
;
888 mh
.msg_name
= &sa
.sa
;
889 mh
.msg_namelen
= sizeof(sa
);
892 mh
.msg_control
= &control
;
893 mh
.msg_controllen
= sizeof(control
);
895 l
= recvmsg(fd
, &mh
, 0);
897 if (errno
== EAGAIN
|| errno
== EINTR
)
906 assert(!(mh
.msg_flags
& MSG_CTRUNC
));
907 assert(!(mh
.msg_flags
& MSG_TRUNC
));
909 p
->size
= (size_t) l
;
911 p
->family
= sa
.sa
.sa_family
;
912 p
->ipproto
= IPPROTO_UDP
;
913 if (p
->family
== AF_INET
) {
914 p
->sender
.in
= sa
.in
.sin_addr
;
915 p
->sender_port
= be16toh(sa
.in
.sin_port
);
916 } else if (p
->family
== AF_INET6
) {
917 p
->sender
.in6
= sa
.in6
.sin6_addr
;
918 p
->sender_port
= be16toh(sa
.in6
.sin6_port
);
919 p
->ifindex
= sa
.in6
.sin6_scope_id
;
921 return -EAFNOSUPPORT
;
923 for (cmsg
= CMSG_FIRSTHDR(&mh
); cmsg
; cmsg
= CMSG_NXTHDR(&mh
, cmsg
)) {
925 if (cmsg
->cmsg_level
== IPPROTO_IPV6
) {
926 assert(p
->family
== AF_INET6
);
928 switch (cmsg
->cmsg_type
) {
931 struct in6_pktinfo
*i
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
934 p
->ifindex
= i
->ipi6_ifindex
;
936 p
->destination
.in6
= i
->ipi6_addr
;
941 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
945 } else if (cmsg
->cmsg_level
== IPPROTO_IP
) {
946 assert(p
->family
== AF_INET
);
948 switch (cmsg
->cmsg_type
) {
951 struct in_pktinfo
*i
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
954 p
->ifindex
= i
->ipi_ifindex
;
956 p
->destination
.in
= i
->ipi_addr
;
961 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
967 /* The Linux kernel sets the interface index to the loopback
968 * device if the packet came from the local host since it
969 * avoids the routing table in such a case. Let's unset the
970 * interface index in such a case. */
971 if (p
->ifindex
== LOOPBACK_IFINDEX
)
974 /* If we don't know the interface index still, we look for the
975 * first local interface with a matching address. Yuck! */
977 p
->ifindex
= manager_find_ifindex(m
, p
->family
, &p
->destination
);
985 static int on_dns_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
986 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
987 DnsTransaction
*t
= NULL
;
988 Manager
*m
= userdata
;
991 r
= manager_recv(m
, fd
, DNS_PROTOCOL_DNS
, &p
);
995 if (dns_packet_validate_reply(p
) > 0) {
996 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
1000 dns_transaction_process_reply(t
, p
);
1003 log_debug("Invalid DNS packet.");
1008 int manager_dns_ipv4_fd(Manager
*m
) {
1014 if (m
->dns_ipv4_fd
>= 0)
1015 return m
->dns_ipv4_fd
;
1017 m
->dns_ipv4_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1018 if (m
->dns_ipv4_fd
< 0)
1021 r
= setsockopt(m
->dns_ipv4_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1027 r
= sd_event_add_io(m
->event
, &m
->dns_ipv4_event_source
, m
->dns_ipv4_fd
, EPOLLIN
, on_dns_packet
, m
);
1031 return m
->dns_ipv4_fd
;
1034 m
->dns_ipv4_fd
= safe_close(m
->dns_ipv4_fd
);
1038 int manager_dns_ipv6_fd(Manager
*m
) {
1044 if (m
->dns_ipv6_fd
>= 0)
1045 return m
->dns_ipv6_fd
;
1047 m
->dns_ipv6_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1048 if (m
->dns_ipv6_fd
< 0)
1051 r
= setsockopt(m
->dns_ipv6_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1057 r
= sd_event_add_io(m
->event
, &m
->dns_ipv6_event_source
, m
->dns_ipv6_fd
, EPOLLIN
, on_dns_packet
, m
);
1061 return m
->dns_ipv6_fd
;
1064 m
->dns_ipv6_fd
= safe_close(m
->dns_ipv6_fd
);
1068 static int sendmsg_loop(int fd
, struct msghdr
*mh
, int flags
) {
1075 if (sendmsg(fd
, mh
, flags
) >= 0)
1081 if (errno
!= EAGAIN
)
1084 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
1092 static int manager_ipv4_send(Manager
*m
, int fd
, int ifindex
, const struct in_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
1093 union sockaddr_union sa
= {
1094 .in
.sin_family
= AF_INET
,
1097 struct cmsghdr header
; /* For alignment */
1098 uint8_t buffer
[CMSG_SPACE(sizeof(struct in_pktinfo
))];
1100 struct msghdr mh
= {};
1109 iov
.iov_base
= DNS_PACKET_DATA(p
);
1110 iov
.iov_len
= p
->size
;
1112 sa
.in
.sin_addr
= *addr
;
1113 sa
.in
.sin_port
= htobe16(port
),
1117 mh
.msg_name
= &sa
.sa
;
1118 mh
.msg_namelen
= sizeof(sa
.in
);
1121 struct cmsghdr
*cmsg
;
1122 struct in_pktinfo
*pi
;
1126 mh
.msg_control
= &control
;
1127 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in_pktinfo
));
1129 cmsg
= CMSG_FIRSTHDR(&mh
);
1130 cmsg
->cmsg_len
= mh
.msg_controllen
;
1131 cmsg
->cmsg_level
= IPPROTO_IP
;
1132 cmsg
->cmsg_type
= IP_PKTINFO
;
1134 pi
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
1135 pi
->ipi_ifindex
= ifindex
;
1138 return sendmsg_loop(fd
, &mh
, 0);
1141 static int manager_ipv6_send(Manager
*m
, int fd
, int ifindex
, const struct in6_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
1142 union sockaddr_union sa
= {
1143 .in6
.sin6_family
= AF_INET6
,
1146 struct cmsghdr header
; /* For alignment */
1147 uint8_t buffer
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
1149 struct msghdr mh
= {};
1158 iov
.iov_base
= DNS_PACKET_DATA(p
);
1159 iov
.iov_len
= p
->size
;
1161 sa
.in6
.sin6_addr
= *addr
;
1162 sa
.in6
.sin6_port
= htobe16(port
),
1163 sa
.in6
.sin6_scope_id
= ifindex
;
1167 mh
.msg_name
= &sa
.sa
;
1168 mh
.msg_namelen
= sizeof(sa
.in6
);
1171 struct cmsghdr
*cmsg
;
1172 struct in6_pktinfo
*pi
;
1176 mh
.msg_control
= &control
;
1177 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in6_pktinfo
));
1179 cmsg
= CMSG_FIRSTHDR(&mh
);
1180 cmsg
->cmsg_len
= mh
.msg_controllen
;
1181 cmsg
->cmsg_level
= IPPROTO_IPV6
;
1182 cmsg
->cmsg_type
= IPV6_PKTINFO
;
1184 pi
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
1185 pi
->ipi6_ifindex
= ifindex
;
1188 return sendmsg_loop(fd
, &mh
, 0);
1191 int manager_send(Manager
*m
, int fd
, int ifindex
, int family
, const union in_addr_union
*addr
, uint16_t port
, DnsPacket
*p
) {
1198 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
), ifindex
, af_to_name(family
));
1200 if (family
== AF_INET
)
1201 return manager_ipv4_send(m
, fd
, ifindex
, &addr
->in
, port
, p
);
1202 else if (family
== AF_INET6
)
1203 return manager_ipv6_send(m
, fd
, ifindex
, &addr
->in6
, port
, p
);
1205 return -EAFNOSUPPORT
;
1208 DnsServer
* manager_find_dns_server(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1214 LIST_FOREACH(servers
, s
, m
->dns_servers
)
1215 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1218 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
)
1219 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1225 DnsServer
*manager_set_dns_server(Manager
*m
, DnsServer
*s
) {
1228 if (m
->current_dns_server
== s
)
1232 _cleanup_free_
char *ip
= NULL
;
1234 in_addr_to_string(s
->family
, &s
->address
, &ip
);
1235 log_info("Switching to system DNS server %s.", strna(ip
));
1238 m
->current_dns_server
= s
;
1240 if (m
->unicast_scope
)
1241 dns_cache_flush(&m
->unicast_scope
->cache
);
1246 DnsServer
*manager_get_dns_server(Manager
*m
) {
1250 /* Try to read updates resolv.conf */
1251 manager_read_resolv_conf(m
);
1253 if (!m
->current_dns_server
)
1254 manager_set_dns_server(m
, m
->dns_servers
);
1256 if (!m
->current_dns_server
) {
1260 /* No DNS servers configured, let's see if there are
1261 * any on any links. If not, we use the fallback
1264 HASHMAP_FOREACH(l
, m
->links
, i
)
1265 if (l
->dns_servers
) {
1271 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1274 return m
->current_dns_server
;
1277 void manager_next_dns_server(Manager
*m
) {
1280 /* If there's currently no DNS server set, then the next
1281 * manager_get_dns_server() will find one */
1282 if (!m
->current_dns_server
)
1285 /* Change to the next one */
1286 if (m
->current_dns_server
->servers_next
) {
1287 manager_set_dns_server(m
, m
->current_dns_server
->servers_next
);
1291 /* If there was no next one, then start from the beginning of
1293 if (m
->current_dns_server
->type
== DNS_SERVER_FALLBACK
)
1294 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1296 manager_set_dns_server(m
, m
->dns_servers
);
1299 uint32_t manager_find_mtu(Manager
*m
) {
1304 /* If we don't know on which link a DNS packet would be
1305 * delivered, let's find the largest MTU that works on all
1306 * interfaces we know of */
1308 HASHMAP_FOREACH(l
, m
->links
, i
) {
1312 if (mtu
<= 0 || l
->mtu
< mtu
)
1319 static int on_llmnr_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1320 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
1321 DnsTransaction
*t
= NULL
;
1322 Manager
*m
= userdata
;
1326 r
= manager_recv(m
, fd
, DNS_PROTOCOL_LLMNR
, &p
);
1330 scope
= manager_find_scope(m
, p
);
1332 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1336 if (dns_packet_validate_reply(p
) > 0) {
1337 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p
));
1339 dns_scope_check_conflicts(scope
, p
);
1341 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
1343 dns_transaction_process_reply(t
, p
);
1345 } else if (dns_packet_validate_query(p
) > 0) {
1346 log_debug("Got query packet for id %u", DNS_PACKET_ID(p
));
1348 dns_scope_process_query(scope
, NULL
, p
);
1350 log_debug("Invalid LLMNR UDP packet.");
1355 int manager_llmnr_ipv4_udp_fd(Manager
*m
) {
1356 union sockaddr_union sa
= {
1357 .in
.sin_family
= AF_INET
,
1358 .in
.sin_port
= htobe16(5355),
1360 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
, ttl
= 255;
1365 if (m
->llmnr_ipv4_udp_fd
>= 0)
1366 return m
->llmnr_ipv4_udp_fd
;
1368 m
->llmnr_ipv4_udp_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1369 if (m
->llmnr_ipv4_udp_fd
< 0)
1372 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1373 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_TTL
, &ttl
, sizeof(ttl
));
1379 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_TTL
, &ttl
, sizeof(ttl
));
1385 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_LOOP
, &one
, sizeof(one
));
1391 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1397 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1403 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1409 /* Disable Don't-Fragment bit in the IP header */
1410 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1416 r
= bind(m
->llmnr_ipv4_udp_fd
, &sa
.sa
, sizeof(sa
.in
));
1422 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_udp_event_source
, m
->llmnr_ipv4_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1426 return m
->llmnr_ipv4_udp_fd
;
1429 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
1433 int manager_llmnr_ipv6_udp_fd(Manager
*m
) {
1434 union sockaddr_union sa
= {
1435 .in6
.sin6_family
= AF_INET6
,
1436 .in6
.sin6_port
= htobe16(5355),
1438 static const int one
= 1, ttl
= 255;
1443 if (m
->llmnr_ipv6_udp_fd
>= 0)
1444 return m
->llmnr_ipv6_udp_fd
;
1446 m
->llmnr_ipv6_udp_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1447 if (m
->llmnr_ipv6_udp_fd
< 0)
1450 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &ttl
, sizeof(ttl
));
1456 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1457 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_HOPS
, &ttl
, sizeof(ttl
));
1463 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_LOOP
, &one
, sizeof(one
));
1469 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1475 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1481 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1487 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1493 r
= bind(m
->llmnr_ipv6_udp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1499 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_udp_event_source
, m
->llmnr_ipv6_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1505 return m
->llmnr_ipv6_udp_fd
;
1508 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
1512 static int on_llmnr_stream_packet(DnsStream
*s
) {
1517 scope
= manager_find_scope(s
->manager
, s
->read_packet
);
1519 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1523 if (dns_packet_validate_query(s
->read_packet
) > 0) {
1524 log_debug("Got query packet for id %u", DNS_PACKET_ID(s
->read_packet
));
1526 dns_scope_process_query(scope
, s
, s
->read_packet
);
1528 /* If no reply packet was set, we free the stream */
1529 if (s
->write_packet
)
1532 log_debug("Invalid LLMNR TCP packet.");
1538 static int on_llmnr_stream(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1540 Manager
*m
= userdata
;
1543 cfd
= accept4(fd
, NULL
, NULL
, SOCK_NONBLOCK
|SOCK_CLOEXEC
);
1545 if (errno
== EAGAIN
|| errno
== EINTR
)
1551 r
= dns_stream_new(m
, &stream
, DNS_PROTOCOL_LLMNR
, cfd
);
1557 stream
->on_packet
= on_llmnr_stream_packet
;
1561 int manager_llmnr_ipv4_tcp_fd(Manager
*m
) {
1562 union sockaddr_union sa
= {
1563 .in
.sin_family
= AF_INET
,
1564 .in
.sin_port
= htobe16(5355),
1566 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
;
1571 if (m
->llmnr_ipv4_tcp_fd
>= 0)
1572 return m
->llmnr_ipv4_tcp_fd
;
1574 m
->llmnr_ipv4_tcp_fd
= socket(AF_INET
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1575 if (m
->llmnr_ipv4_tcp_fd
< 0)
1578 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1579 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_TTL
, &one
, sizeof(one
));
1585 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1591 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1597 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1603 /* Disable Don't-Fragment bit in the IP header */
1604 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1610 r
= bind(m
->llmnr_ipv4_tcp_fd
, &sa
.sa
, sizeof(sa
.in
));
1616 r
= listen(m
->llmnr_ipv4_tcp_fd
, SOMAXCONN
);
1622 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_tcp_event_source
, m
->llmnr_ipv4_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1626 return m
->llmnr_ipv4_tcp_fd
;
1629 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
1633 int manager_llmnr_ipv6_tcp_fd(Manager
*m
) {
1634 union sockaddr_union sa
= {
1635 .in6
.sin6_family
= AF_INET6
,
1636 .in6
.sin6_port
= htobe16(5355),
1638 static const int one
= 1;
1643 if (m
->llmnr_ipv6_tcp_fd
>= 0)
1644 return m
->llmnr_ipv6_tcp_fd
;
1646 m
->llmnr_ipv6_tcp_fd
= socket(AF_INET6
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1647 if (m
->llmnr_ipv6_tcp_fd
< 0)
1650 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1651 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &one
, sizeof(one
));
1657 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1663 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1669 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1675 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1681 r
= bind(m
->llmnr_ipv6_tcp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1687 r
= listen(m
->llmnr_ipv6_tcp_fd
, SOMAXCONN
);
1693 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_tcp_event_source
, m
->llmnr_ipv6_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1699 return m
->llmnr_ipv6_tcp_fd
;
1702 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
1706 int manager_find_ifindex(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1711 a
= manager_find_link_address(m
, family
, in_addr
);
1713 return a
->link
->ifindex
;
1718 void manager_refresh_rrs(Manager
*m
) {
1724 m
->host_ipv4_key
= dns_resource_key_unref(m
->host_ipv4_key
);
1725 m
->host_ipv6_key
= dns_resource_key_unref(m
->host_ipv6_key
);
1727 HASHMAP_FOREACH(l
, m
->links
, i
) {
1728 link_add_rrs(l
, true);
1729 link_add_rrs(l
, false);
1733 int manager_next_hostname(Manager
*m
) {
1740 p
= strchr(m
->hostname
, 0);
1743 while (p
> m
->hostname
) {
1744 if (!strchr("0123456789", p
[-1]))
1750 if (*p
== 0 || safe_atou64(p
, &u
) < 0 || u
<= 0)
1753 /* Add a random number to the old value. This way we can avoid
1754 * that two hosts pick the same hostname, win on IPv4 and lose
1755 * on IPv6 (or vice versa), and pick the same hostname
1756 * replacement hostname, ad infinitum. We still want the
1757 * numbers to go up monotonically, hence we just add a random
1760 random_bytes(&a
, sizeof(a
));
1763 if (asprintf(&h
, "%.*s%" PRIu64
, (int) (p
- m
->hostname
), m
->hostname
, u
) < 0)
1766 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m
->hostname
, h
);
1771 manager_refresh_rrs(m
);
1776 LinkAddress
* manager_find_link_address(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1782 HASHMAP_FOREACH(l
, m
->links
, i
) {
1785 a
= link_find_address(l
, family
, in_addr
);
1793 bool manager_our_packet(Manager
*m
, DnsPacket
*p
) {
1797 return !!manager_find_link_address(m
, p
->family
, &p
->sender
);
1800 DnsScope
* manager_find_scope(Manager
*m
, DnsPacket
*p
) {
1806 l
= hashmap_get(m
->links
, INT_TO_PTR(p
->ifindex
));
1810 if (p
->protocol
== DNS_PROTOCOL_LLMNR
) {
1811 if (p
->family
== AF_INET
)
1812 return l
->llmnr_ipv4_scope
;
1813 else if (p
->family
== AF_INET6
)
1814 return l
->llmnr_ipv6_scope
;
1820 void manager_verify_all(Manager
*m
) {
1825 LIST_FOREACH(scopes
, s
, m
->dns_scopes
)
1826 dns_zone_verify_all(&s
->zone
);
1829 void manager_flush_dns_servers(Manager
*m
, DnsServerType t
) {
1832 if (t
== DNS_SERVER_SYSTEM
)
1833 while (m
->dns_servers
)
1834 dns_server_free(m
->dns_servers
);
1836 if (t
== DNS_SERVER_FALLBACK
)
1837 while (m
->fallback_dns_servers
)
1838 dns_server_free(m
->fallback_dns_servers
);
1841 static const char* const support_table
[_SUPPORT_MAX
] = {
1842 [SUPPORT_NO
] = "no",
1843 [SUPPORT_YES
] = "yes",
1844 [SUPPORT_RESOLVE
] = "resolve",
1846 DEFINE_STRING_TABLE_LOOKUP(support
, Support
);