1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2014 Tom Gundersen <teg@jklm.no>
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <arpa/inet.h>
25 #include <sys/ioctl.h>
27 #include <netinet/in.h>
29 #include "rtnl-util.h"
30 #include "event-util.h"
31 #include "network-util.h"
32 #include "network-internal.h"
33 #include "conf-parser.h"
34 #include "socket-util.h"
37 #include "fileio-label.h"
39 #include "resolved-dns-domain.h"
40 #include "resolved-conf.h"
41 #include "resolved-bus.h"
42 #include "resolved-manager.h"
44 #define SEND_TIMEOUT_USEC (200 * USEC_PER_MSEC)
46 static int manager_process_link(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
47 Manager
*m
= userdata
;
56 r
= sd_rtnl_message_get_type(mm
, &type
);
60 r
= sd_rtnl_message_link_get_ifindex(mm
, &ifindex
);
64 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
72 r
= link_new(m
, &l
, ifindex
);
77 r
= link_update_rtnl(l
, mm
);
81 r
= link_update_monitor(l
);
86 log_debug("Found new link %i/%s", ifindex
, l
->name
);
93 log_debug("Removing link %i/%s", l
->ifindex
, l
->name
);
103 log_warning_errno(r
, "Failed to process RTNL link message: %m");
107 static int manager_process_address(sd_rtnl
*rtnl
, sd_rtnl_message
*mm
, void *userdata
) {
108 Manager
*m
= userdata
;
109 union in_addr_union address
;
111 int r
, ifindex
, family
;
119 r
= sd_rtnl_message_get_type(mm
, &type
);
123 r
= sd_rtnl_message_addr_get_ifindex(mm
, &ifindex
);
127 l
= hashmap_get(m
->links
, INT_TO_PTR(ifindex
));
131 r
= sd_rtnl_message_addr_get_family(mm
, &family
);
138 r
= sd_rtnl_message_read_in_addr(mm
, IFA_LOCAL
, &address
.in
);
140 r
= sd_rtnl_message_read_in_addr(mm
, IFA_ADDRESS
, &address
.in
);
148 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_LOCAL
, &address
.in6
);
150 r
= sd_rtnl_message_read_in6_addr(mm
, IFA_ADDRESS
, &address
.in6
);
161 a
= link_find_address(l
, family
, &address
);
168 r
= link_address_new(l
, &a
, family
, &address
);
173 r
= link_address_update_rtnl(a
, mm
);
181 link_address_free(a
);
188 log_warning_errno(r
, "Failed to process RTNL address message: %m");
192 static int manager_rtnl_listen(Manager
*m
) {
193 _cleanup_rtnl_message_unref_ sd_rtnl_message
*req
= NULL
, *reply
= NULL
;
199 /* First, subscibe to interfaces coming and going */
200 r
= sd_rtnl_open(&m
->rtnl
, 3, RTNLGRP_LINK
, RTNLGRP_IPV4_IFADDR
, RTNLGRP_IPV6_IFADDR
);
204 r
= sd_rtnl_attach_event(m
->rtnl
, m
->event
, 0);
208 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWLINK
, manager_process_link
, m
);
212 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELLINK
, manager_process_link
, m
);
216 r
= sd_rtnl_add_match(m
->rtnl
, RTM_NEWADDR
, manager_process_address
, m
);
220 r
= sd_rtnl_add_match(m
->rtnl
, RTM_DELADDR
, manager_process_address
, m
);
224 /* Then, enumerate all links */
225 r
= sd_rtnl_message_new_link(m
->rtnl
, &req
, RTM_GETLINK
, 0);
229 r
= sd_rtnl_message_request_dump(req
, true);
233 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
237 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
238 r
= manager_process_link(m
->rtnl
, i
, m
);
243 req
= sd_rtnl_message_unref(req
);
244 reply
= sd_rtnl_message_unref(reply
);
246 /* Finally, enumerate all addresses, too */
247 r
= sd_rtnl_message_new_addr(m
->rtnl
, &req
, RTM_GETADDR
, 0, AF_UNSPEC
);
251 r
= sd_rtnl_message_request_dump(req
, true);
255 r
= sd_rtnl_call(m
->rtnl
, req
, 0, &reply
);
259 for (i
= reply
; i
; i
= sd_rtnl_message_next(i
)) {
260 r
= manager_process_address(m
->rtnl
, i
, m
);
268 static int on_network_event(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
269 Manager
*m
= userdata
;
276 sd_network_monitor_flush(m
->network_monitor
);
278 HASHMAP_FOREACH(l
, m
->links
, i
) {
279 r
= link_update_monitor(l
);
281 log_warning_errno(r
, "Failed to update monitor information for %i: %m", l
->ifindex
);
284 r
= manager_write_resolv_conf(m
);
286 log_warning_errno(r
, "Could not update resolv.conf: %m");
291 static int manager_network_monitor_listen(Manager
*m
) {
296 r
= sd_network_monitor_new(&m
->network_monitor
, NULL
);
300 fd
= sd_network_monitor_get_fd(m
->network_monitor
);
304 events
= sd_network_monitor_get_events(m
->network_monitor
);
308 r
= sd_event_add_io(m
->event
, &m
->network_event_source
, fd
, events
, &on_network_event
, m
);
315 static int determine_hostname(char **ret
) {
316 _cleanup_free_
char *h
= NULL
, *n
= NULL
;
321 h
= gethostname_malloc();
325 if (!utf8_is_valid(h
)) {
326 log_error("System hostname is not UTF-8 clean.");
330 r
= dns_name_normalize(h
, &n
);
332 log_error("System hostname '%s' cannot be normalized.", h
);
342 static int on_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
343 _cleanup_free_
char *h
= NULL
;
344 Manager
*m
= userdata
;
349 r
= determine_hostname(&h
);
351 return 0; /* ignore invalid hostnames */
353 if (streq(h
, m
->hostname
))
356 log_info("System hostname changed to '%s'.", h
);
361 manager_refresh_rrs(m
);
366 static int manager_watch_hostname(Manager
*m
) {
371 m
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
372 if (m
->hostname_fd
< 0) {
373 log_warning_errno(errno
, "Failed to watch hostname: %m");
377 r
= sd_event_add_io(m
->event
, &m
->hostname_event_source
, m
->hostname_fd
, 0, on_hostname_change
, m
);
380 /* kernels prior to 3.2 don't support polling this file. Ignore the failure. */
381 m
->hostname_fd
= safe_close(m
->hostname_fd
);
383 return log_error_errno(r
, "Failed to add hostname event source: %m");
386 r
= determine_hostname(&m
->hostname
);
388 log_info("Defaulting to hostname 'linux'.");
389 m
->hostname
= strdup("linux");
393 log_info("Using system hostname '%s'.", m
->hostname
);
398 static void manager_llmnr_stop(Manager
*m
) {
401 m
->llmnr_ipv4_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_udp_event_source
);
402 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
404 m
->llmnr_ipv6_udp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_udp_event_source
);
405 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
407 m
->llmnr_ipv4_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv4_tcp_event_source
);
408 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
410 m
->llmnr_ipv6_tcp_event_source
= sd_event_source_unref(m
->llmnr_ipv6_tcp_event_source
);
411 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
414 static int manager_llmnr_start(Manager
*m
) {
419 if (m
->llmnr_support
== SUPPORT_NO
)
422 r
= manager_llmnr_ipv4_udp_fd(m
);
423 if (r
== -EADDRINUSE
)
428 r
= manager_llmnr_ipv4_tcp_fd(m
);
429 if (r
== -EADDRINUSE
)
434 if (socket_ipv6_is_supported()) {
435 r
= manager_llmnr_ipv6_udp_fd(m
);
436 if (r
== -EADDRINUSE
)
441 r
= manager_llmnr_ipv6_tcp_fd(m
);
442 if (r
== -EADDRINUSE
)
451 log_warning("There appears to be another LLMNR responder running. Turning off LLMNR support.");
452 m
->llmnr_support
= SUPPORT_NO
;
453 manager_llmnr_stop(m
);
458 int manager_new(Manager
**ret
) {
459 _cleanup_(manager_freep
) Manager
*m
= NULL
;
464 m
= new0(Manager
, 1);
468 m
->dns_ipv4_fd
= m
->dns_ipv6_fd
= -1;
469 m
->llmnr_ipv4_udp_fd
= m
->llmnr_ipv6_udp_fd
= -1;
470 m
->llmnr_ipv4_tcp_fd
= m
->llmnr_ipv6_tcp_fd
= -1;
473 m
->llmnr_support
= SUPPORT_YES
;
474 m
->read_resolv_conf
= true;
476 r
= manager_parse_dns_server(m
, DNS_SERVER_FALLBACK
, DNS_SERVERS
);
480 r
= sd_event_default(&m
->event
);
484 sd_event_add_signal(m
->event
, NULL
, SIGTERM
, NULL
, NULL
);
485 sd_event_add_signal(m
->event
, NULL
, SIGINT
, NULL
, NULL
);
487 sd_event_set_watchdog(m
->event
, true);
489 r
= manager_watch_hostname(m
);
493 r
= dns_scope_new(m
, &m
->unicast_scope
, NULL
, DNS_PROTOCOL_DNS
, AF_UNSPEC
);
497 r
= manager_network_monitor_listen(m
);
501 r
= manager_rtnl_listen(m
);
505 r
= manager_connect_bus(m
);
515 int manager_start(Manager
*m
) {
520 r
= manager_llmnr_start(m
);
527 Manager
*manager_free(Manager
*m
) {
533 while ((l
= hashmap_first(m
->links
)))
536 while (m
->dns_queries
)
537 dns_query_free(m
->dns_queries
);
539 dns_scope_free(m
->unicast_scope
);
541 manager_flush_dns_servers(m
, DNS_SERVER_SYSTEM
);
542 manager_flush_dns_servers(m
, DNS_SERVER_FALLBACK
);
544 hashmap_free(m
->links
);
545 hashmap_free(m
->dns_transactions
);
547 sd_event_source_unref(m
->network_event_source
);
548 sd_network_monitor_unref(m
->network_monitor
);
550 sd_event_source_unref(m
->dns_ipv4_event_source
);
551 sd_event_source_unref(m
->dns_ipv6_event_source
);
552 safe_close(m
->dns_ipv4_fd
);
553 safe_close(m
->dns_ipv6_fd
);
555 manager_llmnr_stop(m
);
557 sd_bus_slot_unref(m
->prepare_for_sleep_slot
);
558 sd_event_source_unref(m
->bus_retry_event_source
);
559 sd_bus_unref(m
->bus
);
561 sd_event_unref(m
->event
);
563 dns_resource_key_unref(m
->host_ipv4_key
);
564 dns_resource_key_unref(m
->host_ipv6_key
);
566 safe_close(m
->hostname_fd
);
567 sd_event_source_unref(m
->hostname_event_source
);
575 int manager_read_resolv_conf(Manager
*m
) {
576 _cleanup_fclose_
FILE *f
= NULL
;
585 /* Reads the system /etc/resolv.conf, if it exists and is not
586 * symlinked to our own resolv.conf instance */
588 if (!m
->read_resolv_conf
)
591 r
= stat("/etc/resolv.conf", &st
);
594 log_warning_errno(errno
, "Failed to open /etc/resolv.conf: %m");
599 /* Have we already seen the file? */
600 t
= timespec_load(&st
.st_mtim
);
601 if (t
== m
->resolv_conf_mtime
)
604 m
->resolv_conf_mtime
= t
;
606 /* Is it symlinked to our own file? */
607 if (stat("/run/systemd/resolve/resolv.conf", &own
) >= 0 &&
608 st
.st_dev
== own
.st_dev
&&
609 st
.st_ino
== own
.st_ino
) {
614 f
= fopen("/etc/resolv.conf", "re");
617 log_warning_errno(errno
, "Failed to open /etc/resolv.conf: %m");
622 if (fstat(fileno(f
), &st
) < 0) {
623 log_error_errno(errno
, "Failed to stat open file: %m");
628 LIST_FOREACH(servers
, s
, m
->dns_servers
)
631 FOREACH_LINE(line
, f
, r
= -errno
; goto clear
) {
632 union in_addr_union address
;
640 if (*l
== '#' || *l
== ';')
643 a
= first_word(l
, "nameserver");
647 r
= in_addr_from_string_auto(a
, &family
, &address
);
649 log_warning("Failed to parse name server %s.", a
);
653 LIST_FOREACH(servers
, s
, m
->dns_servers
)
654 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, &address
) > 0)
660 r
= dns_server_new(m
, NULL
, DNS_SERVER_SYSTEM
, NULL
, family
, &address
);
666 LIST_FOREACH_SAFE(servers
, s
, nx
, m
->dns_servers
)
673 while (m
->dns_servers
)
674 dns_server_free(m
->dns_servers
);
679 static void write_resolv_conf_server(DnsServer
*s
, FILE *f
, unsigned *count
) {
680 _cleanup_free_
char *t
= NULL
;
687 r
= in_addr_to_string(s
->family
, &s
->address
, &t
);
689 log_warning_errno(r
, "Invalid DNS address. Ignoring: %m");
694 fputs("# Too many DNS servers configured, the following entries may be ignored.\n", f
);
696 fprintf(f
, "nameserver %s\n", t
);
700 static void write_resolv_conf_search(const char *domain
, FILE *f
,
701 unsigned *count
, unsigned *length
) {
706 if (*count
>= MAXDNSRCH
||
707 *length
+ strlen(domain
) > 256) {
708 if (*count
== MAXDNSRCH
)
709 fputs(" # Too many search domains configured, remaining ones ignored.", f
);
711 fputs(" # Total length of all search domains is too long, remaining ones ignored.", f
);
716 fprintf(f
, " %s", domain
);
718 (*length
) += strlen(domain
);
722 static int write_resolv_conf_contents(FILE *f
, Set
*dns
, Set
*domains
) {
725 fputs("# This file is managed by systemd-resolved(8). Do not edit.\n#\n"
726 "# Third party programs must not access this file directly, but\n"
727 "# only through the symlink at /etc/resolv.conf. To manage\n"
728 "# resolv.conf(5) in a different way, replace the symlink by a\n"
729 "# static file or a different symlink.\n\n", f
);
731 if (set_isempty(dns
))
732 fputs("# No DNS servers known.\n", f
);
737 SET_FOREACH(s
, dns
, i
)
738 write_resolv_conf_server(s
, f
, &count
);
741 if (!set_isempty(domains
)) {
742 unsigned length
= 0, count
= 0;
746 SET_FOREACH(domain
, domains
, i
)
747 write_resolv_conf_search(domain
, f
, &count
, &length
);
751 return fflush_and_check(f
);
755 int manager_write_resolv_conf(Manager
*m
) {
756 static const char path
[] = "/run/systemd/resolve/resolv.conf";
757 _cleanup_free_
char *temp_path
= NULL
;
758 _cleanup_fclose_
FILE *f
= NULL
;
759 _cleanup_set_free_ Set
*dns
= NULL
, *domains
= NULL
;
767 /* Read the system /etc/resolv.conf first */
768 manager_read_resolv_conf(m
);
770 /* Add the full list to a set, to filter out duplicates */
771 dns
= set_new(&dns_server_hash_ops
);
775 domains
= set_new(&dns_name_hash_ops
);
779 /* First add the system-wide servers */
780 LIST_FOREACH(servers
, s
, m
->dns_servers
) {
788 /* Then, add the per-link servers and domains */
789 HASHMAP_FOREACH(l
, m
->links
, i
) {
792 LIST_FOREACH(servers
, s
, l
->dns_servers
) {
800 if (!l
->unicast_scope
)
803 STRV_FOREACH(domain
, l
->unicast_scope
->domains
) {
804 r
= set_put(domains
, *domain
);
812 /* If we found nothing, add the fallback servers */
813 if (set_isempty(dns
)) {
814 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
) {
823 r
= fopen_temporary_label(path
, path
, &f
, &temp_path
);
827 fchmod(fileno(f
), 0644);
829 r
= write_resolv_conf_contents(f
, dns
, domains
);
833 if (rename(temp_path
, path
) < 0) {
846 int manager_recv(Manager
*m
, int fd
, DnsProtocol protocol
, DnsPacket
**ret
) {
847 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
849 struct cmsghdr header
; /* For alignment */
850 uint8_t buffer
[CMSG_SPACE(MAXSIZE(struct in_pktinfo
, struct in6_pktinfo
))
851 + CMSG_SPACE(int) /* ttl/hoplimit */
852 + EXTRA_CMSG_SPACE
/* kernel appears to require extra buffer space */];
854 union sockaddr_union sa
;
855 struct msghdr mh
= {};
856 struct cmsghdr
*cmsg
;
865 r
= ioctl(fd
, FIONREAD
, &ms
);
871 r
= dns_packet_new(&p
, protocol
, ms
);
875 iov
.iov_base
= DNS_PACKET_DATA(p
);
876 iov
.iov_len
= p
->allocated
;
878 mh
.msg_name
= &sa
.sa
;
879 mh
.msg_namelen
= sizeof(sa
);
882 mh
.msg_control
= &control
;
883 mh
.msg_controllen
= sizeof(control
);
885 l
= recvmsg(fd
, &mh
, 0);
887 if (errno
== EAGAIN
|| errno
== EINTR
)
896 assert(!(mh
.msg_flags
& MSG_CTRUNC
));
897 assert(!(mh
.msg_flags
& MSG_TRUNC
));
899 p
->size
= (size_t) l
;
901 p
->family
= sa
.sa
.sa_family
;
902 p
->ipproto
= IPPROTO_UDP
;
903 if (p
->family
== AF_INET
) {
904 p
->sender
.in
= sa
.in
.sin_addr
;
905 p
->sender_port
= be16toh(sa
.in
.sin_port
);
906 } else if (p
->family
== AF_INET6
) {
907 p
->sender
.in6
= sa
.in6
.sin6_addr
;
908 p
->sender_port
= be16toh(sa
.in6
.sin6_port
);
909 p
->ifindex
= sa
.in6
.sin6_scope_id
;
911 return -EAFNOSUPPORT
;
913 for (cmsg
= CMSG_FIRSTHDR(&mh
); cmsg
; cmsg
= CMSG_NXTHDR(&mh
, cmsg
)) {
915 if (cmsg
->cmsg_level
== IPPROTO_IPV6
) {
916 assert(p
->family
== AF_INET6
);
918 switch (cmsg
->cmsg_type
) {
921 struct in6_pktinfo
*i
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
924 p
->ifindex
= i
->ipi6_ifindex
;
926 p
->destination
.in6
= i
->ipi6_addr
;
931 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
935 } else if (cmsg
->cmsg_level
== IPPROTO_IP
) {
936 assert(p
->family
== AF_INET
);
938 switch (cmsg
->cmsg_type
) {
941 struct in_pktinfo
*i
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
944 p
->ifindex
= i
->ipi_ifindex
;
946 p
->destination
.in
= i
->ipi_addr
;
951 p
->ttl
= *(int *) CMSG_DATA(cmsg
);
957 /* The Linux kernel sets the interface index to the loopback
958 * device if the packet came from the local host since it
959 * avoids the routing table in such a case. Let's unset the
960 * interface index in such a case. */
961 if (p
->ifindex
== LOOPBACK_IFINDEX
)
964 /* If we don't know the interface index still, we look for the
965 * first local interface with a matching address. Yuck! */
967 p
->ifindex
= manager_find_ifindex(m
, p
->family
, &p
->destination
);
975 static int on_dns_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
976 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
977 DnsTransaction
*t
= NULL
;
978 Manager
*m
= userdata
;
981 r
= manager_recv(m
, fd
, DNS_PROTOCOL_DNS
, &p
);
985 if (dns_packet_validate_reply(p
) > 0) {
986 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
990 dns_transaction_process_reply(t
, p
);
993 log_debug("Invalid DNS packet.");
998 int manager_dns_ipv4_fd(Manager
*m
) {
1004 if (m
->dns_ipv4_fd
>= 0)
1005 return m
->dns_ipv4_fd
;
1007 m
->dns_ipv4_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1008 if (m
->dns_ipv4_fd
< 0)
1011 r
= setsockopt(m
->dns_ipv4_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1017 r
= sd_event_add_io(m
->event
, &m
->dns_ipv4_event_source
, m
->dns_ipv4_fd
, EPOLLIN
, on_dns_packet
, m
);
1021 return m
->dns_ipv4_fd
;
1024 m
->dns_ipv4_fd
= safe_close(m
->dns_ipv4_fd
);
1028 int manager_dns_ipv6_fd(Manager
*m
) {
1034 if (m
->dns_ipv6_fd
>= 0)
1035 return m
->dns_ipv6_fd
;
1037 m
->dns_ipv6_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1038 if (m
->dns_ipv6_fd
< 0)
1041 r
= setsockopt(m
->dns_ipv6_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1047 r
= sd_event_add_io(m
->event
, &m
->dns_ipv6_event_source
, m
->dns_ipv6_fd
, EPOLLIN
, on_dns_packet
, m
);
1051 return m
->dns_ipv6_fd
;
1054 m
->dns_ipv6_fd
= safe_close(m
->dns_ipv6_fd
);
1058 static int sendmsg_loop(int fd
, struct msghdr
*mh
, int flags
) {
1065 if (sendmsg(fd
, mh
, flags
) >= 0)
1071 if (errno
!= EAGAIN
)
1074 r
= fd_wait_for_event(fd
, POLLOUT
, SEND_TIMEOUT_USEC
);
1082 static int manager_ipv4_send(Manager
*m
, int fd
, int ifindex
, const struct in_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
1083 union sockaddr_union sa
= {
1084 .in
.sin_family
= AF_INET
,
1087 struct cmsghdr header
; /* For alignment */
1088 uint8_t buffer
[CMSG_SPACE(sizeof(struct in_pktinfo
))];
1090 struct msghdr mh
= {};
1099 iov
.iov_base
= DNS_PACKET_DATA(p
);
1100 iov
.iov_len
= p
->size
;
1102 sa
.in
.sin_addr
= *addr
;
1103 sa
.in
.sin_port
= htobe16(port
),
1107 mh
.msg_name
= &sa
.sa
;
1108 mh
.msg_namelen
= sizeof(sa
.in
);
1111 struct cmsghdr
*cmsg
;
1112 struct in_pktinfo
*pi
;
1116 mh
.msg_control
= &control
;
1117 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in_pktinfo
));
1119 cmsg
= CMSG_FIRSTHDR(&mh
);
1120 cmsg
->cmsg_len
= mh
.msg_controllen
;
1121 cmsg
->cmsg_level
= IPPROTO_IP
;
1122 cmsg
->cmsg_type
= IP_PKTINFO
;
1124 pi
= (struct in_pktinfo
*) CMSG_DATA(cmsg
);
1125 pi
->ipi_ifindex
= ifindex
;
1128 return sendmsg_loop(fd
, &mh
, 0);
1131 static int manager_ipv6_send(Manager
*m
, int fd
, int ifindex
, const struct in6_addr
*addr
, uint16_t port
, DnsPacket
*p
) {
1132 union sockaddr_union sa
= {
1133 .in6
.sin6_family
= AF_INET6
,
1136 struct cmsghdr header
; /* For alignment */
1137 uint8_t buffer
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
1139 struct msghdr mh
= {};
1148 iov
.iov_base
= DNS_PACKET_DATA(p
);
1149 iov
.iov_len
= p
->size
;
1151 sa
.in6
.sin6_addr
= *addr
;
1152 sa
.in6
.sin6_port
= htobe16(port
),
1153 sa
.in6
.sin6_scope_id
= ifindex
;
1157 mh
.msg_name
= &sa
.sa
;
1158 mh
.msg_namelen
= sizeof(sa
.in6
);
1161 struct cmsghdr
*cmsg
;
1162 struct in6_pktinfo
*pi
;
1166 mh
.msg_control
= &control
;
1167 mh
.msg_controllen
= CMSG_LEN(sizeof(struct in6_pktinfo
));
1169 cmsg
= CMSG_FIRSTHDR(&mh
);
1170 cmsg
->cmsg_len
= mh
.msg_controllen
;
1171 cmsg
->cmsg_level
= IPPROTO_IPV6
;
1172 cmsg
->cmsg_type
= IPV6_PKTINFO
;
1174 pi
= (struct in6_pktinfo
*) CMSG_DATA(cmsg
);
1175 pi
->ipi6_ifindex
= ifindex
;
1178 return sendmsg_loop(fd
, &mh
, 0);
1181 int manager_send(Manager
*m
, int fd
, int ifindex
, int family
, const union in_addr_union
*addr
, uint16_t port
, DnsPacket
*p
) {
1188 log_debug("Sending %s packet with id %u on interface %i/%s", DNS_PACKET_QR(p
) ? "response" : "query", DNS_PACKET_ID(p
), ifindex
, af_to_name(family
));
1190 if (family
== AF_INET
)
1191 return manager_ipv4_send(m
, fd
, ifindex
, &addr
->in
, port
, p
);
1192 else if (family
== AF_INET6
)
1193 return manager_ipv6_send(m
, fd
, ifindex
, &addr
->in6
, port
, p
);
1195 return -EAFNOSUPPORT
;
1198 DnsServer
* manager_find_dns_server(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1204 LIST_FOREACH(servers
, s
, m
->dns_servers
)
1205 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1208 LIST_FOREACH(servers
, s
, m
->fallback_dns_servers
)
1209 if (s
->family
== family
&& in_addr_equal(family
, &s
->address
, in_addr
) > 0)
1215 DnsServer
*manager_set_dns_server(Manager
*m
, DnsServer
*s
) {
1218 if (m
->current_dns_server
== s
)
1222 _cleanup_free_
char *ip
= NULL
;
1224 in_addr_to_string(s
->family
, &s
->address
, &ip
);
1225 log_info("Switching to system DNS server %s.", strna(ip
));
1228 m
->current_dns_server
= s
;
1230 if (m
->unicast_scope
)
1231 dns_cache_flush(&m
->unicast_scope
->cache
);
1236 DnsServer
*manager_get_dns_server(Manager
*m
) {
1240 /* Try to read updates resolv.conf */
1241 manager_read_resolv_conf(m
);
1243 if (!m
->current_dns_server
)
1244 manager_set_dns_server(m
, m
->dns_servers
);
1246 if (!m
->current_dns_server
) {
1250 /* No DNS servers configured, let's see if there are
1251 * any on any links. If not, we use the fallback
1254 HASHMAP_FOREACH(l
, m
->links
, i
)
1255 if (l
->dns_servers
) {
1261 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1264 return m
->current_dns_server
;
1267 void manager_next_dns_server(Manager
*m
) {
1270 /* If there's currently no DNS server set, then the next
1271 * manager_get_dns_server() will find one */
1272 if (!m
->current_dns_server
)
1275 /* Change to the next one */
1276 if (m
->current_dns_server
->servers_next
) {
1277 manager_set_dns_server(m
, m
->current_dns_server
->servers_next
);
1281 /* If there was no next one, then start from the beginning of
1283 if (m
->current_dns_server
->type
== DNS_SERVER_FALLBACK
)
1284 manager_set_dns_server(m
, m
->fallback_dns_servers
);
1286 manager_set_dns_server(m
, m
->dns_servers
);
1289 uint32_t manager_find_mtu(Manager
*m
) {
1294 /* If we don't know on which link a DNS packet would be
1295 * delivered, let's find the largest MTU that works on all
1296 * interfaces we know of */
1298 HASHMAP_FOREACH(l
, m
->links
, i
) {
1302 if (mtu
<= 0 || l
->mtu
< mtu
)
1309 static int on_llmnr_packet(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1310 _cleanup_(dns_packet_unrefp
) DnsPacket
*p
= NULL
;
1311 DnsTransaction
*t
= NULL
;
1312 Manager
*m
= userdata
;
1316 r
= manager_recv(m
, fd
, DNS_PROTOCOL_LLMNR
, &p
);
1320 scope
= manager_find_scope(m
, p
);
1322 log_warning("Got LLMNR UDP packet on unknown scope. Ignoring.");
1326 if (dns_packet_validate_reply(p
) > 0) {
1327 log_debug("Got reply packet for id %u", DNS_PACKET_ID(p
));
1329 dns_scope_check_conflicts(scope
, p
);
1331 t
= hashmap_get(m
->dns_transactions
, UINT_TO_PTR(DNS_PACKET_ID(p
)));
1333 dns_transaction_process_reply(t
, p
);
1335 } else if (dns_packet_validate_query(p
) > 0) {
1336 log_debug("Got query packet for id %u", DNS_PACKET_ID(p
));
1338 dns_scope_process_query(scope
, NULL
, p
);
1340 log_debug("Invalid LLMNR UDP packet.");
1345 int manager_llmnr_ipv4_udp_fd(Manager
*m
) {
1346 union sockaddr_union sa
= {
1347 .in
.sin_family
= AF_INET
,
1348 .in
.sin_port
= htobe16(5355),
1350 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
, ttl
= 255;
1355 if (m
->llmnr_ipv4_udp_fd
>= 0)
1356 return m
->llmnr_ipv4_udp_fd
;
1358 m
->llmnr_ipv4_udp_fd
= socket(AF_INET
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1359 if (m
->llmnr_ipv4_udp_fd
< 0)
1362 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1363 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_TTL
, &ttl
, sizeof(ttl
));
1369 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_TTL
, &ttl
, sizeof(ttl
));
1375 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MULTICAST_LOOP
, &one
, sizeof(one
));
1381 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1387 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1393 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1399 /* Disable Don't-Fragment bit in the IP header */
1400 r
= setsockopt(m
->llmnr_ipv4_udp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1406 r
= bind(m
->llmnr_ipv4_udp_fd
, &sa
.sa
, sizeof(sa
.in
));
1412 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_udp_event_source
, m
->llmnr_ipv4_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1416 return m
->llmnr_ipv4_udp_fd
;
1419 m
->llmnr_ipv4_udp_fd
= safe_close(m
->llmnr_ipv4_udp_fd
);
1423 int manager_llmnr_ipv6_udp_fd(Manager
*m
) {
1424 union sockaddr_union sa
= {
1425 .in6
.sin6_family
= AF_INET6
,
1426 .in6
.sin6_port
= htobe16(5355),
1428 static const int one
= 1, ttl
= 255;
1433 if (m
->llmnr_ipv6_udp_fd
>= 0)
1434 return m
->llmnr_ipv6_udp_fd
;
1436 m
->llmnr_ipv6_udp_fd
= socket(AF_INET6
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1437 if (m
->llmnr_ipv6_udp_fd
< 0)
1440 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &ttl
, sizeof(ttl
));
1446 /* RFC 4795, section 2.5 recommends setting the TTL of UDP packets to 255. */
1447 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_HOPS
, &ttl
, sizeof(ttl
));
1453 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_MULTICAST_LOOP
, &one
, sizeof(one
));
1459 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1465 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1471 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1477 r
= setsockopt(m
->llmnr_ipv6_udp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1483 r
= bind(m
->llmnr_ipv6_udp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1489 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_udp_event_source
, m
->llmnr_ipv6_udp_fd
, EPOLLIN
, on_llmnr_packet
, m
);
1495 return m
->llmnr_ipv6_udp_fd
;
1498 m
->llmnr_ipv6_udp_fd
= safe_close(m
->llmnr_ipv6_udp_fd
);
1502 static int on_llmnr_stream_packet(DnsStream
*s
) {
1507 scope
= manager_find_scope(s
->manager
, s
->read_packet
);
1509 log_warning("Got LLMNR TCP packet on unknown scope. Ignroing.");
1513 if (dns_packet_validate_query(s
->read_packet
) > 0) {
1514 log_debug("Got query packet for id %u", DNS_PACKET_ID(s
->read_packet
));
1516 dns_scope_process_query(scope
, s
, s
->read_packet
);
1518 /* If no reply packet was set, we free the stream */
1519 if (s
->write_packet
)
1522 log_debug("Invalid LLMNR TCP packet.");
1528 static int on_llmnr_stream(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
1530 Manager
*m
= userdata
;
1533 cfd
= accept4(fd
, NULL
, NULL
, SOCK_NONBLOCK
|SOCK_CLOEXEC
);
1535 if (errno
== EAGAIN
|| errno
== EINTR
)
1541 r
= dns_stream_new(m
, &stream
, DNS_PROTOCOL_LLMNR
, cfd
);
1547 stream
->on_packet
= on_llmnr_stream_packet
;
1551 int manager_llmnr_ipv4_tcp_fd(Manager
*m
) {
1552 union sockaddr_union sa
= {
1553 .in
.sin_family
= AF_INET
,
1554 .in
.sin_port
= htobe16(5355),
1556 static const int one
= 1, pmtu
= IP_PMTUDISC_DONT
;
1561 if (m
->llmnr_ipv4_tcp_fd
>= 0)
1562 return m
->llmnr_ipv4_tcp_fd
;
1564 m
->llmnr_ipv4_tcp_fd
= socket(AF_INET
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1565 if (m
->llmnr_ipv4_tcp_fd
< 0)
1568 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1569 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_TTL
, &one
, sizeof(one
));
1575 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1581 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_PKTINFO
, &one
, sizeof(one
));
1587 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_RECVTTL
, &one
, sizeof(one
));
1593 /* Disable Don't-Fragment bit in the IP header */
1594 r
= setsockopt(m
->llmnr_ipv4_tcp_fd
, IPPROTO_IP
, IP_MTU_DISCOVER
, &pmtu
, sizeof(pmtu
));
1600 r
= bind(m
->llmnr_ipv4_tcp_fd
, &sa
.sa
, sizeof(sa
.in
));
1606 r
= listen(m
->llmnr_ipv4_tcp_fd
, SOMAXCONN
);
1612 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv4_tcp_event_source
, m
->llmnr_ipv4_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1616 return m
->llmnr_ipv4_tcp_fd
;
1619 m
->llmnr_ipv4_tcp_fd
= safe_close(m
->llmnr_ipv4_tcp_fd
);
1623 int manager_llmnr_ipv6_tcp_fd(Manager
*m
) {
1624 union sockaddr_union sa
= {
1625 .in6
.sin6_family
= AF_INET6
,
1626 .in6
.sin6_port
= htobe16(5355),
1628 static const int one
= 1;
1633 if (m
->llmnr_ipv6_tcp_fd
>= 0)
1634 return m
->llmnr_ipv6_tcp_fd
;
1636 m
->llmnr_ipv6_tcp_fd
= socket(AF_INET6
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1637 if (m
->llmnr_ipv6_tcp_fd
< 0)
1640 /* RFC 4795, section 2.5. requires setting the TTL of TCP streams to 1 */
1641 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &one
, sizeof(one
));
1647 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_V6ONLY
, &one
, sizeof(one
));
1653 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, SOL_SOCKET
, SO_REUSEADDR
, &one
, sizeof(one
));
1659 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &one
, sizeof(one
));
1665 r
= setsockopt(m
->llmnr_ipv6_tcp_fd
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &one
, sizeof(one
));
1671 r
= bind(m
->llmnr_ipv6_tcp_fd
, &sa
.sa
, sizeof(sa
.in6
));
1677 r
= listen(m
->llmnr_ipv6_tcp_fd
, SOMAXCONN
);
1683 r
= sd_event_add_io(m
->event
, &m
->llmnr_ipv6_tcp_event_source
, m
->llmnr_ipv6_tcp_fd
, EPOLLIN
, on_llmnr_stream
, m
);
1689 return m
->llmnr_ipv6_tcp_fd
;
1692 m
->llmnr_ipv6_tcp_fd
= safe_close(m
->llmnr_ipv6_tcp_fd
);
1696 int manager_find_ifindex(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1701 a
= manager_find_link_address(m
, family
, in_addr
);
1703 return a
->link
->ifindex
;
1708 void manager_refresh_rrs(Manager
*m
) {
1714 m
->host_ipv4_key
= dns_resource_key_unref(m
->host_ipv4_key
);
1715 m
->host_ipv6_key
= dns_resource_key_unref(m
->host_ipv6_key
);
1717 HASHMAP_FOREACH(l
, m
->links
, i
) {
1718 link_add_rrs(l
, true);
1719 link_add_rrs(l
, false);
1723 int manager_next_hostname(Manager
*m
) {
1730 p
= strchr(m
->hostname
, 0);
1733 while (p
> m
->hostname
) {
1734 if (!strchr("0123456789", p
[-1]))
1740 if (*p
== 0 || safe_atou64(p
, &u
) < 0 || u
<= 0)
1743 /* Add a random number to the old value. This way we can avoid
1744 * that two hosts pick the same hostname, win on IPv4 and lose
1745 * on IPv6 (or vice versa), and pick the same hostname
1746 * replacement hostname, ad infinitum. We still want the
1747 * numbers to go up monotonically, hence we just add a random
1750 random_bytes(&a
, sizeof(a
));
1753 if (asprintf(&h
, "%.*s%" PRIu64
, (int) (p
- m
->hostname
), m
->hostname
, u
) < 0)
1756 log_info("Hostname conflict, changing published hostname from '%s' to '%s'.", m
->hostname
, h
);
1761 manager_refresh_rrs(m
);
1766 LinkAddress
* manager_find_link_address(Manager
*m
, int family
, const union in_addr_union
*in_addr
) {
1772 HASHMAP_FOREACH(l
, m
->links
, i
) {
1775 a
= link_find_address(l
, family
, in_addr
);
1783 bool manager_our_packet(Manager
*m
, DnsPacket
*p
) {
1787 return !!manager_find_link_address(m
, p
->family
, &p
->sender
);
1790 DnsScope
* manager_find_scope(Manager
*m
, DnsPacket
*p
) {
1796 l
= hashmap_get(m
->links
, INT_TO_PTR(p
->ifindex
));
1800 if (p
->protocol
== DNS_PROTOCOL_LLMNR
) {
1801 if (p
->family
== AF_INET
)
1802 return l
->llmnr_ipv4_scope
;
1803 else if (p
->family
== AF_INET6
)
1804 return l
->llmnr_ipv6_scope
;
1810 void manager_verify_all(Manager
*m
) {
1815 LIST_FOREACH(scopes
, s
, m
->dns_scopes
)
1816 dns_zone_verify_all(&s
->zone
);
1819 void manager_flush_dns_servers(Manager
*m
, DnsServerType t
) {
1822 if (t
== DNS_SERVER_SYSTEM
)
1823 while (m
->dns_servers
)
1824 dns_server_free(m
->dns_servers
);
1826 if (t
== DNS_SERVER_FALLBACK
)
1827 while (m
->fallback_dns_servers
)
1828 dns_server_free(m
->fallback_dns_servers
);
1831 static const char* const support_table
[_SUPPORT_MAX
] = {
1832 [SUPPORT_NO
] = "no",
1833 [SUPPORT_YES
] = "yes",
1834 [SUPPORT_RESOLVE
] = "resolve",
1836 DEFINE_STRING_TABLE_LOOKUP(support
, Support
);