picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

resolved: add LLMNR support for looking up names

This commit is contained in:
Lennart Poettering 2014-07-18 12:34:02 +02:00
parent 9d48598533
commit 1716f6dcf5
11 changed files with 641 additions and 204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/resolve/resolved-dns-packet.c
View File

@ -24,7 +24,7 @@
#include "resolved-dns-domain.h"
#include "resolved-dns-packet.h"
int dns_packet_new(DnsPacket **ret, size_t mtu) {
int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) {
DnsPacket *p;
size_t a;
@ -51,6 +51,7 @@ int dns_packet_new(DnsPacket **ret, size_t mtu) {
p->size = p->rindex = DNS_PACKET_HEADER_SIZE;
p->allocated = a;
p->protocol = protocol;
p->n_ref = 1;
*ret = p;
@ -58,19 +59,23 @@ int dns_packet_new(DnsPacket **ret, size_t mtu) {
return 0;
}
int dns_packet_new_query(DnsPacket **ret, size_t mtu) {
int dns_packet_new_query(DnsPacket **ret, DnsProtocol protocol, size_t mtu) {
DnsPacket *p;
DnsPacketHeader *h;
int r;
assert(ret);
r = dns_packet_new(&p, mtu);
r = dns_packet_new(&p, protocol, mtu);
if (r < 0)
return r;
h = DNS_PACKET_HEADER(p);
h->flags = htobe16(DNS_PACKET_MAKE_FLAGS(0, 0, 0, 0, 1, 0, 0, 0, 0));
if (protocol == DNS_PROTOCOL_DNS)
h->flags = htobe16(DNS_PACKET_MAKE_FLAGS(0, 0, 0, 0, 1, 0, 0, 0, 0)); /* ask for recursion */
else
h->flags = htobe16(DNS_PACKET_MAKE_FLAGS(0, 0, 0, 0, 0, 0, 0, 0, 0));
*ret = p;
return 0;
@ -812,3 +817,10 @@ static const char* const dns_rcode_table[_DNS_RCODE_MAX_DEFINED] = {
[DNS_RCODE_BADTRUNC] = "BADTRUNC",
};
DEFINE_STRING_TABLE_LOOKUP(dns_rcode, int);
static const char* const dns_protocol_table[_DNS_PROTOCOL_MAX] = {
[DNS_PROTOCOL_DNS] = "dns",
[DNS_PROTOCOL_MDNS] = "mdns",
[DNS_PROTOCOL_LLMNR] = "llmnr",
};
DEFINE_STRING_TABLE_LOOKUP(dns_protocol, DnsProtocol);

28
src/resolve/resolved-dns-packet.h
View File

@ -31,6 +31,14 @@ typedef struct DnsPacket DnsPacket;
#include "hashmap.h"
#include "resolved-dns-rr.h"
typedef enum DnsProtocol {
DNS_PROTOCOL_DNS,
DNS_PROTOCOL_MDNS,
DNS_PROTOCOL_LLMNR,
_DNS_PROTOCOL_MAX,
_DNS_PROTOCOL_INVALID = -1
} DnsProtocol;
struct DnsPacketHeader {
uint16_t id;
be16_t flags;
@ -54,11 +62,17 @@ struct DnsPacketHeader {
struct DnsPacket {
int n_ref;
int ifindex;
DnsProtocol protocol;
size_t size, allocated, rindex;
void *data;
Hashmap *names; /* For name compression */
DnsResourceRecord **rrs;
void *data;
/* Packet reception meta data */
int ifindex;
unsigned char family;
union in_addr_union sender, destination;
unsigned ttl;
};
static inline uint8_t* DNS_PACKET_DATA(DnsPacket *p) {
@ -100,8 +114,8 @@ static inline unsigned DNS_PACKET_RRCOUNT(DnsPacket *p) {
(unsigned) DNS_PACKET_ARCOUNT(p);
}
int dns_packet_new(DnsPacket **p, size_t mtu);
int dns_packet_new_query(DnsPacket **p, size_t mtu);
int dns_packet_new(DnsPacket **p, DnsProtocol protocol, size_t mtu);
int dns_packet_new_query(DnsPacket **p, DnsProtocol protocol, size_t mtu);
DnsPacket *dns_packet_ref(DnsPacket *p);
DnsPacket *dns_packet_unref(DnsPacket *p);
@ -157,3 +171,9 @@ enum {
const char* dns_rcode_to_string(int i) _const_;
int dns_rcode_from_string(const char *s) _pure_;
const char* dns_protocol_to_string(DnsProtocol p) _const_;
DnsProtocol dns_protocol_from_string(const char *s) _pure_;
#define LLMNR_MULTICAST_IPV4_ADDRESS ((struct in_addr) { .s_addr = htobe32(224U << 24 | 252U) })
#define LLMNR_MULTICAST_IPV6_ADDRESS ((struct in6_addr) { .s6_addr = { 0xFF, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x03 } })

34
src/resolve/resolved-dns-query.c
View File

@ -191,7 +191,7 @@ static int on_tcp_ready(sd_event_source *s, int fd, uint32_t revents, void *user
ssize_t ss;
if (!t->received) {
r = dns_packet_new(&t->received, be16toh(t->tcp_read_size));
r = dns_packet_new(&t->received, t->scope->protocol, be16toh(t->tcp_read_size));
if (r < 0) {
dns_query_transaction_complete(t, DNS_QUERY_RESOURCES);
return r;
@ -229,6 +229,9 @@ static int dns_query_transaction_open_tcp(DnsQueryTransaction *t) {
assert(t);
if (t->scope->protocol == DNS_PROTOCOL_DNS)
return -ENOTSUP;
if (t->tcp_fd >= 0)
return 0;
@ -334,7 +337,7 @@ static int on_transaction_timeout(sd_event_source *s, usec_t usec, void *userdat
static int dns_query_make_packet(DnsQueryTransaction *t) {
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
unsigned n;
unsigned n, added = 0;
int r;
assert(t);
@ -342,17 +345,28 @@ static int dns_query_make_packet(DnsQueryTransaction *t) {
if (t->sent)
return 0;
r = dns_packet_new_query(&p, 0);
r = dns_packet_new_query(&p, t->scope->protocol, 0);
if (r < 0)
return r;
for (n = 0; n < t->query->n_keys; n++) {
r = dns_scope_good_key(t->scope, &t->query->keys[n]);
if (r < 0)
return r;
if (r == 0)
continue;
r = dns_packet_append_key(p, &t->query->keys[n], NULL);
if (r < 0)
return r;
added++;
}
DNS_PACKET_HEADER(p)->qdcount = htobe16(t->query->n_keys);
if (added <= 0)
return -EDOM;
DNS_PACKET_HEADER(p)->qdcount = htobe16(added);
DNS_PACKET_HEADER(p)->id = t->id;
t->sent = p;
@ -391,6 +405,13 @@ static int dns_query_transaction_go(DnsQueryTransaction *t) {
/* Otherwise, we need to ask the network */
r = dns_query_make_packet(t);
if (r == -EDOM) {
/* Not the right request to make on this network?
* (i.e. an A request made on IPv6 or an AAAA request
* made on IPv4, on LLMNR or mDNS.) */
dns_query_transaction_complete(t, DNS_QUERY_NO_SERVERS);
return 0;
}
if (r < 0)
return r;
@ -399,6 +420,7 @@ static int dns_query_transaction_go(DnsQueryTransaction *t) {
if (r == -EMSGSIZE)
r = dns_query_transaction_open_tcp(t);
if (r == -ESRCH) {
/* No servers to send this to? */
dns_query_transaction_complete(t, DNS_QUERY_NO_SERVERS);
return 0;
}
@ -548,7 +570,7 @@ int dns_query_go(DnsQuery *q) {
LIST_FOREACH(scopes, s, q->manager->dns_scopes) {
DnsScopeMatch match;
match = dns_scope_test(s, q->keys[0].name);
match = dns_scope_good_domain(s, q->keys[0].name);
if (match < 0)
return match;
@ -578,7 +600,7 @@ int dns_query_go(DnsQuery *q) {
LIST_FOREACH(scopes, s, first->scopes_next) {
DnsScopeMatch match;
match = dns_scope_test(s, q->keys[0].name);
match = dns_scope_good_domain(s, q->keys[0].name);
if (match < 0)
return match;

187
src/resolve/resolved-dns-scope.c
View File

@ -28,7 +28,7 @@
#define SEND_TIMEOUT_USEC (2*USEC_PER_SEC)
int dns_scope_new(Manager *m, DnsScope **ret, DnsScopeType t) {
int dns_scope_new(Manager *m, DnsScope **ret, Link *l, DnsProtocol protocol, unsigned char family) {
DnsScope *s;
assert(m);
@ -39,10 +39,16 @@ int dns_scope_new(Manager *m, DnsScope **ret, DnsScopeType t) {
return -ENOMEM;
s->manager = m;
s->type = t;
s->link = l;
s->protocol = protocol;
s->family = family;
LIST_PREPEND(scopes, m->dns_scopes, s);
dns_scope_llmnr_membership(s, true);
log_debug("New scope on link %s, protocol %s, family %s", strna(l ? l->name : NULL), dns_protocol_to_string(protocol), family_to_string(family));
*ret = s;
return 0;
}
@ -51,6 +57,10 @@ DnsScope* dns_scope_free(DnsScope *s) {
if (!s)
return NULL;
log_debug("Removing scope on link %s, protocol %s, family %s", strna(s->link ? s->link->name : NULL), dns_protocol_to_string(s->protocol), family_to_string(s->family));
dns_scope_llmnr_membership(s, false);
while (s->transactions) {
DnsQuery *q;
@ -72,6 +82,9 @@ DnsScope* dns_scope_free(DnsScope *s) {
DnsServer *dns_scope_get_server(DnsScope *s) {
assert(s);
if (s->protocol != DNS_PROTOCOL_DNS)
return NULL;
if (s->link)
return link_get_dns_server(s->link);
else
@ -81,6 +94,9 @@ DnsServer *dns_scope_get_server(DnsScope *s) {
void dns_scope_next_dns_server(DnsScope *s) {
assert(s);
if (s->protocol != DNS_PROTOCOL_DNS)
return;
if (s->link)
link_next_dns_server(s->link);
else
@ -88,42 +104,73 @@ void dns_scope_next_dns_server(DnsScope *s) {
}
int dns_scope_send(DnsScope *s, DnsPacket *p) {
int ifindex = 0;
DnsServer *srv;
int r;
union in_addr_union addr;
int ifindex = 0, r;
unsigned char family;
uint16_t port;
uint32_t mtu;
int fd;
assert(s);
assert(p);
srv = dns_scope_get_server(s);
if (!srv)
return -ESRCH;
assert(p->protocol == s->protocol);
if (s->link) {
if (p->size > s->link->mtu)
mtu = s->link->mtu;
ifindex = s->link->ifindex;
} else
mtu = manager_find_mtu(s->manager);
if (s->protocol == DNS_PROTOCOL_DNS) {
DnsServer *srv;
srv = dns_scope_get_server(s);
if (!srv)
return -ESRCH;
family = srv->family;
addr = srv->address;
port = 53;
if (p->size > DNS_PACKET_UNICAST_SIZE_MAX)
return -EMSGSIZE;
ifindex = s->link->ifindex;
} else {
uint32_t mtu;
if (p->size > mtu)
return -EMSGSIZE;
mtu = manager_find_mtu(s->manager);
if (mtu > 0) {
if (p->size > mtu)
return -EMSGSIZE;
}
}
if (family == AF_INET)
fd = manager_dns_ipv4_fd(s->manager);
else if (family == AF_INET6)
fd = manager_dns_ipv6_fd(s->manager);
else
return -EAFNOSUPPORT;
if (fd < 0)
return fd;
if (p->size > DNS_PACKET_UNICAST_SIZE_MAX)
return -EMSGSIZE;
} else if (s->protocol == DNS_PROTOCOL_LLMNR) {
if (srv->family == AF_INET)
r = manager_dns_ipv4_send(s->manager, srv, ifindex, p);
else if (srv->family == AF_INET6)
r = manager_dns_ipv6_send(s->manager, srv, ifindex, p);
else
if (DNS_PACKET_QDCOUNT(p) > 1)
return -ENOTSUP;
family = s->family;
port = 5355;
if (family == AF_INET) {
addr.in = LLMNR_MULTICAST_IPV4_ADDRESS;
/* fd = manager_dns_ipv4_fd(s->manager); */
fd = manager_llmnr_ipv4_udp_fd(s->manager);
} else if (family == AF_INET6) {
addr.in6 = LLMNR_MULTICAST_IPV6_ADDRESS;
fd = manager_llmnr_ipv6_udp_fd(s->manager);
/* fd = manager_dns_ipv6_fd(s->manager); */
} else
return -EAFNOSUPPORT;
if (fd < 0)
return fd;
} else
return -EAFNOSUPPORT;
r = manager_send(s->manager, fd, ifindex, family, &addr, port, p);
if (r < 0)
return r;
@ -176,7 +223,7 @@ int dns_scope_tcp_socket(DnsScope *s) {
return ret;
}
DnsScopeMatch dns_scope_test(DnsScope *s, const char *domain) {
DnsScopeMatch dns_scope_good_domain(DnsScope *s, const char *domain) {
char **i;
assert(s);
@ -192,18 +239,7 @@ DnsScopeMatch dns_scope_test(DnsScope *s, const char *domain) {
if (is_localhost(domain))
return DNS_SCOPE_NO;
if (s->type == DNS_SCOPE_MDNS) {
if (dns_name_endswith(domain, "254.169.in-addr.arpa") ||
dns_name_endswith(domain, "0.8.e.f.ip6.arpa"))
return DNS_SCOPE_YES;
else if (dns_name_endswith(domain, "local") &&
!dns_name_single_label(domain))
return DNS_SCOPE_MAYBE;
return DNS_SCOPE_NO;
}
if (s->type == DNS_SCOPE_DNS) {
if (s->protocol == DNS_PROTOCOL_DNS) {
if (dns_name_endswith(domain, "254.169.in-addr.arpa") ||
dns_name_endswith(domain, "0.8.e.f.ip6.arpa") ||
dns_name_single_label(domain))
@ -212,5 +248,76 @@ DnsScopeMatch dns_scope_test(DnsScope *s, const char *domain) {
return DNS_SCOPE_MAYBE;
}
assert_not_reached("Unknown scope type");
if (s->protocol == DNS_PROTOCOL_MDNS) {
if (dns_name_endswith(domain, "254.169.in-addr.arpa") ||
dns_name_endswith(domain, "0.8.e.f.ip6.arpa") ||
dns_name_endswith(domain, "local"))
return DNS_SCOPE_MAYBE;
return DNS_SCOPE_NO;
}
if (s->protocol == DNS_PROTOCOL_LLMNR) {
if (dns_name_endswith(domain, "254.169.in-addr.arpa") ||
dns_name_endswith(domain, "0.8.e.f.ip6.arpa") ||
dns_name_single_label(domain))
return DNS_SCOPE_MAYBE;
return DNS_SCOPE_NO;
}
assert_not_reached("Unknown scope protocol");
}
int dns_scope_good_key(DnsScope *s, DnsResourceKey *key) {
assert(s);
assert(key);
if (s->protocol == DNS_PROTOCOL_DNS)
return true;
/* On mDNS and LLMNR, send A and AAAA queries only on the
* respective scopes */
if (s->family == AF_INET && key->class == DNS_CLASS_IN && key->type == DNS_TYPE_AAAA)
return false;
if (s->family == AF_INET6 && key->class == DNS_CLASS_IN && key->type == DNS_TYPE_A)
return false;
return true;
}
int dns_scope_llmnr_membership(DnsScope *s, bool b) {
int fd;
if (s->family == AF_INET) {
struct ip_mreqn mreqn = {
.imr_multiaddr = LLMNR_MULTICAST_IPV4_ADDRESS,
.imr_ifindex = s->link->ifindex,
};
fd = manager_llmnr_ipv4_udp_fd(s->manager);
if (fd < 0)
return fd;
if (setsockopt(fd, IPPROTO_IP, b ? IP_ADD_MEMBERSHIP : IP_DROP_MEMBERSHIP, &mreqn, sizeof(mreqn)) < 0)
return -errno;
} else if (s->family == AF_INET6) {
struct ipv6_mreq mreq = {
.ipv6mr_multiaddr = LLMNR_MULTICAST_IPV6_ADDRESS,
.ipv6mr_interface = s->link->ifindex,
};
fd = manager_llmnr_ipv6_udp_fd(s->manager);
if (fd < 0)
return fd;
if (setsockopt(fd, IPPROTO_IPV6, b ? IPV6_ADD_MEMBERSHIP : IPV6_DROP_MEMBERSHIP, &mreq, sizeof(mreq)) < 0)
return -errno;
} else
return -EAFNOSUPPORT;
return 0;
}

14
src/resolve/resolved-dns-scope.h
View File

@ -32,11 +32,6 @@ typedef struct DnsScope DnsScope;
#include "resolved-dns-query.h"
#include "resolved-dns-cache.h"
typedef enum DnsScopeType {
DNS_SCOPE_DNS,
DNS_SCOPE_MDNS,
} DnsScopeType;
typedef enum DnsScopeMatch {
DNS_SCOPE_NO,
DNS_SCOPE_MAYBE,
@ -48,7 +43,7 @@ typedef enum DnsScopeMatch {
struct DnsScope {
Manager *manager;
DnsScopeType type;
DnsProtocol protocol;
unsigned char family;
Link *link;
@ -62,13 +57,16 @@ struct DnsScope {
LIST_FIELDS(DnsScope, scopes);
};
int dns_scope_new(Manager *m, DnsScope **ret, DnsScopeType t);
int dns_scope_new(Manager *m, DnsScope **ret, Link *l, DnsProtocol p, unsigned char family);
DnsScope* dns_scope_free(DnsScope *s);
int dns_scope_send(DnsScope *s, DnsPacket *p);
int dns_scope_tcp_socket(DnsScope *s);
DnsScopeMatch dns_scope_test(DnsScope *s, const char *domain);
DnsScopeMatch dns_scope_good_domain(DnsScope *s, const char *domain);
int dns_scope_good_key(DnsScope *s, DnsResourceKey *key);
DnsServer *dns_scope_get_server(DnsScope *s);
void dns_scope_next_dns_server(DnsScope *s);
int dns_scope_llmnr_membership(DnsScope *s, bool b);

88
src/resolve/resolved-link.c
View File

@ -68,8 +68,8 @@ Link *link_free(Link *l) {
hashmap_remove(l->manager->links, INT_TO_PTR(l->ifindex));
dns_scope_free(l->unicast_scope);
dns_scope_free(l->mdns_ipv4_scope);
dns_scope_free(l->mdns_ipv6_scope);
dns_scope_free(l->llmnr_ipv4_scope);
dns_scope_free(l->llmnr_ipv6_scope);
while (l->dhcp_dns_servers)
dns_server_free(l->dhcp_dns_servers);
@ -79,9 +79,43 @@ Link *link_free(Link *l) {
free(l);
return NULL;
}
}
static void link_allocate_scopes(Link *l) {
int r;
assert(l);
if (l->link_dns_servers || l->dhcp_dns_servers) {
if (!l->unicast_scope) {
r = dns_scope_new(l->manager, &l->unicast_scope, l, DNS_PROTOCOL_DNS, AF_UNSPEC);
if (r < 0)
log_warning("Failed to allocate DNS scope: %s", strerror(-r));
}
} else
l->unicast_scope = dns_scope_free(l->unicast_scope);
if (link_relevant(l, AF_INET) && l->manager->use_llmnr) {
if (!l->llmnr_ipv4_scope) {
r = dns_scope_new(l->manager, &l->llmnr_ipv4_scope, l, DNS_PROTOCOL_LLMNR, AF_INET);
if (r < 0)
log_warning("Failed to allocate LLMNR IPv4 scope: %s", strerror(-r));
}
} else
l->llmnr_ipv4_scope = dns_scope_free(l->llmnr_ipv4_scope);
if (link_relevant(l, AF_INET6) && l->manager->use_llmnr) {
if (!l->llmnr_ipv6_scope) {
r = dns_scope_new(l->manager, &l->llmnr_ipv6_scope, l, DNS_PROTOCOL_LLMNR, AF_INET6);
if (r < 0)
log_warning("Failed to allocate LLMNR IPv6 scope: %s", strerror(-r));
}
} else
l->llmnr_ipv6_scope = dns_scope_free(l->llmnr_ipv6_scope);
}
int link_update_rtnl(Link *l, sd_rtnl_message *m) {
const char *n = NULL;
int r;
assert(l);
@ -92,10 +126,17 @@ int link_update_rtnl(Link *l, sd_rtnl_message *m) {
return r;
sd_rtnl_message_read_u32(m, IFLA_MTU, &l->mtu);
if (sd_rtnl_message_read_string(m, IFLA_IFNAME, &n) >= 0) {
strncpy(l->name, n, sizeof(l->name));
char_array_0(l->name);
}
link_allocate_scopes(l);
return 0;
}
static int update_dhcp_dns_servers(Link *l) {
static int link_update_dhcp_dns_servers(Link *l) {
_cleanup_dhcp_lease_unref_ sd_dhcp_lease *lease = NULL;
const struct in_addr *nameservers = NULL;
DnsServer *s, *nx;
@ -146,7 +187,7 @@ clear:
return r;
}
static int update_link_dns_servers(Link *l) {
static int link_update_link_dns_servers(Link *l) {
_cleanup_free_ struct in_addr *nameservers = NULL;
_cleanup_free_ struct in6_addr *nameservers6 = NULL;
DnsServer *s, *nx;
@ -211,18 +252,15 @@ clear:
int link_update_monitor(Link *l) {
assert(l);
free(l->operational_state);
l->operational_state = NULL;
sd_network_get_link_operational_state(l->ifindex, &l->operational_state);
update_dhcp_dns_servers(l);
update_link_dns_servers(l);
link_update_dhcp_dns_servers(l);
link_update_link_dns_servers(l);
link_allocate_scopes(l);
return 0;
}
bool link_relevant(Link *l) {
bool link_relevant(Link *l, unsigned char family) {
_cleanup_free_ char *state = NULL;
LinkAddress *a;
assert(l);
@ -233,11 +271,12 @@ bool link_relevant(Link *l) {
if (l->flags & IFF_LOOPBACK)
return false;
if (l->operational_state && !STR_IN_SET(l->operational_state, "unknown", "degraded", "routable"))
sd_network_get_link_operational_state(l->ifindex, &state);
if (state && !STR_IN_SET(state, "unknown", "degraded", "routable"))
return false;
LIST_FOREACH(addresses, a, l->addresses)
if (link_address_relevant(a))
if (a->family == family && link_address_relevant(a))
return true;
return false;
@ -248,12 +287,9 @@ LinkAddress *link_find_address(Link *l, unsigned char family, union in_addr_unio
assert(l);
LIST_FOREACH(addresses, a, l->addresses) {
if (a->family == family &&
in_addr_equal(family, &a->in_addr, in_addr))
LIST_FOREACH(addresses, a, l->addresses)
if (a->family == family && in_addr_equal(family, &a->in_addr, in_addr))
return a;
}
return NULL;
}
@ -265,12 +301,9 @@ DnsServer* link_find_dns_server(Link *l, DnsServerSource source, unsigned char f
first = source == DNS_SERVER_DHCP ? l->dhcp_dns_servers : l->link_dns_servers;
LIST_FOREACH(servers, s, first) {
if (s->family == family &&
in_addr_equal(family, &s->address, in_addr))
LIST_FOREACH(servers, s, first)
if (s->family == family && in_addr_equal(family, &s->address, in_addr))
return s;
}
return NULL;
}
@ -361,10 +394,9 @@ int link_address_update_rtnl(LinkAddress *a, sd_rtnl_message *m) {
if (r < 0)
return r;
r = sd_rtnl_message_addr_get_scope(m, &a->scope);
if (r < 0)
return r;
sd_rtnl_message_addr_get_scope(m, &a->scope);
link_allocate_scopes(a->link);
return 0;
}

12
src/resolve/resolved-link.h
View File

@ -21,6 +21,8 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <net/if.h>
#include "in-addr-util.h"
#include "ratelimit.h"
@ -55,21 +57,21 @@ struct Link {
DnsServer *current_dns_server;
DnsScope *unicast_scope;
DnsScope *mdns_ipv4_scope;
DnsScope *mdns_ipv6_scope;
DnsScope *llmnr_ipv4_scope;
DnsScope *llmnr_ipv6_scope;
char name[IF_NAMESIZE];
uint32_t mtu;
char *operational_state;
RateLimit mdns_ratelimit;
RateLimit llmnr_ratelimit;
};
int link_new(Manager *m, Link **ret, int ifindex);
Link *link_free(Link *l);
int link_update_rtnl(Link *l, sd_rtnl_message *m);
int link_update_monitor(Link *l);
bool link_relevant(Link *l);
bool link_relevant(Link *l, unsigned char family);
LinkAddress* link_find_address(Link *l, unsigned char family, union in_addr_union *in_addr);
DnsServer* link_find_dns_server(Link *l, DnsServerSource source, unsigned char family, union in_addr_union *in_addr);

413
src/resolve/resolved-manager.c
View File

@ -21,7 +21,7 @@
#include <arpa/inet.h>
#include <resolv.h>
#include <linux/if.h>
#include <net/if.h>
#include <sys/ioctl.h>
#include <sys/poll.h>
#include <netinet/in.h>
@ -392,6 +392,9 @@ int manager_new(Manager **ret) {
return -ENOMEM;
m->dns_ipv4_fd = m->dns_ipv6_fd = -1;
m->llmnr_ipv4_udp_fd = m->llmnr_ipv6_udp_fd = -1;
m->use_llmnr = true;
r = parse_dns_server_string(m, /* "172.31.0.125 2001:4860:4860::8888 2001:4860:4860::8889" */ DNS_SERVERS);
if (r < 0)
@ -406,7 +409,7 @@ int manager_new(Manager **ret) {
sd_event_set_watchdog(m->event, true);
r = dns_scope_new(m, &m->unicast_scope, DNS_SCOPE_DNS);
r = dns_scope_new(m, &m->unicast_scope, NULL, DNS_PROTOCOL_DNS, AF_UNSPEC);
if (r < 0)
return r;
@ -453,10 +456,14 @@ Manager *manager_free(Manager *m) {
sd_event_source_unref(m->dns_ipv4_event_source);
sd_event_source_unref(m->dns_ipv6_event_source);
safe_close(m->dns_ipv4_fd);
safe_close(m->dns_ipv6_fd);
sd_event_source_unref(m->llmnr_ipv4_udp_event_source);
sd_event_source_unref(m->llmnr_ipv6_udp_event_source);
safe_close(m->llmnr_ipv4_udp_fd);
safe_close(m->llmnr_ipv6_udp_fd);
sd_event_source_unref(m->bus_retry_event_source);
sd_bus_unref(m->bus);
@ -475,7 +482,7 @@ static void write_resolve_conf_server(DnsServer *s, FILE *f, unsigned *count) {
assert(count);
r = in_addr_to_string(s->family, &s->address, &t);
if (r < 0) {
if (r < 0) {
log_warning("Invalid DNS address. Ignoring.");
return;
}
@ -539,35 +546,44 @@ fail:
return r;
}
int manager_dns_ipv4_recv(Manager *m, DnsPacket **ret) {
int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) {
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
union {
struct cmsghdr header; /* For alignment */
uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
+ CMSG_SPACE(int) /* ttl/hoplimit */
+ 1024 /* kernel appears to require extra buffer space */];
} control;
union sockaddr_union sa;
struct msghdr mh = {};
int fd, ms = 0, r;
struct cmsghdr *cmsg;
struct iovec iov;
int ms = 0, r;
ssize_t l;
assert(m);
assert(fd >= 0);
assert(ret);
fd = manager_dns_ipv4_fd(m);
if (fd < 0)
return fd;
r = ioctl(fd, FIONREAD, &ms);
if (r < 0)
return -errno;
if (ms < 0)
return -EIO;
r = dns_packet_new(&p, ms);
r = dns_packet_new(&p, protocol, ms);
if (r < 0)
return r;
iov.iov_base = DNS_PACKET_DATA(p);
iov.iov_len = p->allocated;
mh.msg_name = &sa.sa;
mh.msg_namelen = sizeof(sa);
mh.msg_iov = &iov;
mh.msg_iovlen = 1;
mh.msg_control = &control;
mh.msg_controllen = sizeof(control);
l = recvmsg(fd, &mh, 0);
if (l < 0) {
@ -580,100 +596,89 @@ int manager_dns_ipv4_recv(Manager *m, DnsPacket **ret) {
if (l <= 0)
return -EIO;
assert(!(mh.msg_flags & MSG_CTRUNC));
assert(!(mh.msg_flags & MSG_TRUNC));
p->size = (size_t) l;
*ret = p;
p = NULL;
p->family = sa.sa.sa_family;
if (p->family == AF_INET)
p->sender.in = sa.in.sin_addr;
else if (p->family == AF_INET6)
p->sender.in6 = sa.in6.sin6_addr;
else
return -EAFNOSUPPORT;
return 1;
}
for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
int manager_dns_ipv6_recv(Manager *m, DnsPacket **ret) {
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
struct msghdr mh = {};
struct iovec iov;
int fd, ms = 0, r;
ssize_t l;
if (cmsg->cmsg_level == IPPROTO_IPV6) {
assert(p->family == AF_INET6);
assert(m);
assert(ret);
switch (cmsg->cmsg_type) {
fd = manager_dns_ipv6_fd(m);
if (fd < 0)
return fd;
case IPV6_PKTINFO: {
struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
r = ioctl(fd, FIONREAD, &ms);
if (r < 0)
return -errno;
if (ms < 0)
return -EIO;
p->ifindex = i->ipi6_ifindex;
p->destination.in6 = i->ipi6_addr;
break;
}
r = dns_packet_new(&p, ms);
if (r < 0)
return r;
case IPV6_HOPLIMIT:
p->ttl = *(int *) CMSG_DATA(cmsg);
break;
iov.iov_base = DNS_PACKET_DATA(p);
iov.iov_len = p->allocated;
}
} else if (cmsg->cmsg_level == IPPROTO_IP) {
assert(p->family == AF_INET);
mh.msg_iov = &iov;
mh.msg_iovlen = 1;
switch (cmsg->cmsg_type) {
l = recvmsg(fd, &mh, 0);
if (l < 0) {
if (errno == EAGAIN || errno == EINTR)
return 0;
case IP_PKTINFO: {
struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
return -errno;
p->ifindex = i->ipi_ifindex;
p->destination.in = i->ipi_addr;
break;
}
case IP_RECVTTL:
p->ttl = *(int *) CMSG_DATA(cmsg);
break;
}
}
}
if (l <= 0)
return -EIO;
p->size = (size_t) l;
*ret = p;
p = NULL;
return 1;
}
static int on_dns_ipv4_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
static int on_dns_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
DnsQueryTransaction *t = NULL;
Manager *m = userdata;
int r;
r = manager_dns_ipv4_recv(m, &p);
r = manager_recv(m, fd, DNS_PROTOCOL_DNS, &p);
if (r <= 0)
return r;
t = hashmap_get(m->dns_query_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
if (!t)
return 0;
if (dns_packet_validate_reply(p) >= 0) {
t = hashmap_get(m->dns_query_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
if (!t)
return 0;
dns_query_transaction_reply(t, p);
return 0;
}
dns_query_transaction_reply(t, p);
} else
log_debug("Invalid reply packet.");
static int on_dns_ipv6_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
DnsQueryTransaction *t = NULL;
Manager *m = userdata;
int r;
r = manager_dns_ipv6_recv(m, &p);
if (r <= 0)
return r;
t = hashmap_get(m->dns_query_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
if (!t)
return 0;
dns_query_transaction_reply(t, p);
return 0;
}
int manager_dns_ipv4_fd(Manager *m) {
const int one = 1;
int r;
assert(m);
@ -685,14 +690,25 @@ int manager_dns_ipv4_fd(Manager *m) {
if (m->dns_ipv4_fd < 0)
return -errno;
r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_ipv4_packet, m);
r = setsockopt(m->dns_ipv4_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = sd_event_add_io(m->event, &m->dns_ipv4_event_source, m->dns_ipv4_fd, EPOLLIN, on_dns_packet, m);
if (r < 0)
return r;
goto fail;
return m->dns_ipv4_fd;
fail:
m->dns_ipv4_fd = safe_close(m->dns_ipv4_fd);
return r;
}
int manager_dns_ipv6_fd(Manager *m) {
const int one = 1;
int r;
assert(m);
@ -704,11 +720,21 @@ int manager_dns_ipv6_fd(Manager *m) {
if (m->dns_ipv6_fd < 0)
return -errno;
r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_ipv6_packet, m);
r = setsockopt(m->dns_ipv6_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = sd_event_add_io(m->event, &m->dns_ipv6_event_source, m->dns_ipv6_fd, EPOLLIN, on_dns_packet, m);
if (r < 0)
return r;
goto fail;
return m->dns_ipv6_fd;
fail:
m->dns_ipv6_fd = safe_close(m->dns_ipv6_fd);
return r;
}
static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
@ -735,28 +761,28 @@ static int sendmsg_loop(int fd, struct msghdr *mh, int flags) {
}
}
int manager_dns_ipv4_send(Manager *m, DnsServer *srv, int ifindex, DnsPacket *p) {
static int manager_ipv4_send(Manager *m, int fd, int ifindex, struct in_addr *addr, uint16_t port, DnsPacket *p) {
union sockaddr_union sa = {
.in.sin_family = AF_INET,
.in.sin_port = htobe16(53),
};
union {
struct cmsghdr header; /* For alignment */
uint8_t buffer[CMSG_SPACE(sizeof(struct in_pktinfo))];
} control;
struct msghdr mh = {};
struct iovec iov;
uint8_t control[CMSG_SPACE(sizeof(struct in_pktinfo))];
int fd;
assert(m);
assert(srv);
assert(fd >= 0);
assert(addr);
assert(port > 0);
assert(p);
fd = manager_dns_ipv4_fd(m);
if (fd < 0)
return fd;
iov.iov_base = DNS_PACKET_DATA(p);
iov.iov_len = p->size;
sa.in.sin_addr = srv->address.in;
sa.in.sin_addr = *addr;
sa.in.sin_port = htobe16(port),
mh.msg_iov = &iov;
mh.msg_iovlen = 1;
@ -769,7 +795,7 @@ int manager_dns_ipv4_send(Manager *m, DnsServer *srv, int ifindex, DnsPacket *p)
zero(control);
mh.msg_control = control;
mh.msg_control = &control;
mh.msg_controllen = CMSG_LEN(sizeof(struct in_pktinfo));
cmsg = CMSG_FIRSTHDR(&mh);
@ -784,29 +810,28 @@ int manager_dns_ipv4_send(Manager *m, DnsServer *srv, int ifindex, DnsPacket *p)
return sendmsg_loop(fd, &mh, 0);
}
int manager_dns_ipv6_send(Manager *m, DnsServer *srv, int ifindex, DnsPacket *p) {
static int manager_ipv6_send(Manager *m, int fd, int ifindex, struct in6_addr *addr, uint16_t port, DnsPacket *p) {
union sockaddr_union sa = {
.in6.sin6_family = AF_INET6,
.in6.sin6_port = htobe16(53),
};
union {
struct cmsghdr header; /* For alignment */
uint8_t buffer[CMSG_SPACE(sizeof(struct in6_pktinfo))];
} control;
struct msghdr mh = {};
struct iovec iov;
uint8_t control[CMSG_SPACE(sizeof(struct in6_pktinfo))];
int fd;
assert(m);
assert(srv);
assert(fd >= 0);
assert(addr);
assert(port > 0);
assert(p);
fd = manager_dns_ipv6_fd(m);
if (fd < 0)
return fd;
iov.iov_base = DNS_PACKET_DATA(p);
iov.iov_len = p->size;
sa.in6.sin6_addr = srv->address.in6;
sa.in6.sin6_addr = *addr;
sa.in6.sin6_port = htobe16(port),
sa.in6.sin6_scope_id = ifindex;
mh.msg_iov = &iov;
@ -820,7 +845,7 @@ int manager_dns_ipv6_send(Manager *m, DnsServer *srv, int ifindex, DnsPacket *p)
zero(control);
mh.msg_control = control;
mh.msg_control = &control;
mh.msg_controllen = CMSG_LEN(sizeof(struct in6_pktinfo));
cmsg = CMSG_FIRSTHDR(&mh);
@ -835,6 +860,22 @@ int manager_dns_ipv6_send(Manager *m, DnsServer *srv, int ifindex, DnsPacket *p)
return sendmsg_loop(fd, &mh, 0);
}
int manager_send(Manager *m, int fd, int ifindex, unsigned char family, union in_addr_union *addr, uint16_t port, DnsPacket *p) {
assert(m);
assert(fd >= 0);
assert(addr);
assert(port > 0);
assert(p);
if (family == AF_INET)
return manager_ipv4_send(m, fd, ifindex, &addr->in, port, p);
else if (family == AF_INET6)
return manager_ipv6_send(m, fd, ifindex, &addr->in6, port, p);
return -EAFNOSUPPORT;
}
DnsServer* manager_find_dns_server(Manager *m, unsigned char family, union in_addr_union *in_addr) {
DnsServer *s;
@ -898,3 +939,179 @@ uint32_t manager_find_mtu(Manager *m) {
return mtu;
}
static int on_llmnr_packet(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
_cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;
DnsQueryTransaction *t = NULL;
Manager *m = userdata;
int r;
r = manager_recv(m, fd, DNS_PROTOCOL_LLMNR, &p);
if (r <= 0)
return r;
if (dns_packet_validate_reply(p) >= 0) {
t = hashmap_get(m->dns_query_transactions, UINT_TO_PTR(DNS_PACKET_ID(p)));
if (!t)
return 0;
dns_query_transaction_reply(t, p);
}
return 0;
}
int manager_llmnr_ipv4_udp_fd(Manager *m) {
union sockaddr_union sa = {
.in.sin_family = AF_INET,
.in.sin_port = htobe16(5355),
};
static const int one = 1, pmtu = IP_PMTUDISC_DONT;
int r;
assert(m);
if (m->llmnr_ipv4_udp_fd >= 0)
return m->llmnr_ipv4_udp_fd;
m->llmnr_ipv4_udp_fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
if (m->llmnr_ipv4_udp_fd < 0)
return -errno;
r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_TTL, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_TTL, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MULTICAST_LOOP, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = setsockopt(m->llmnr_ipv4_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_PKTINFO, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_RECVTTL, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
/* Disable Don't-Fragment bit in the IP header */
r = setsockopt(m->llmnr_ipv4_udp_fd, IPPROTO_IP, IP_MTU_DISCOVER, &pmtu, sizeof(pmtu));
if (r < 0) {
r = -errno;
goto fail;
}
r = bind(m->llmnr_ipv4_udp_fd, &sa.sa, sizeof(sa.in));
if (r < 0) {
r = -errno;
goto fail;
}
r = sd_event_add_io(m->event, &m->llmnr_ipv4_udp_event_source, m->llmnr_ipv4_udp_fd, EPOLLIN, on_llmnr_packet, m);
if (r < 0)
goto fail;
return m->llmnr_ipv4_udp_fd;
fail:
m->llmnr_ipv4_udp_fd = safe_close(m->llmnr_ipv4_udp_fd);
return r;
}
int manager_llmnr_ipv6_udp_fd(Manager *m) {
union sockaddr_union sa = {
.in6.sin6_family = AF_INET6,
.in6.sin6_port = htobe16(5355),
};
static const int one = 1;
int r;
assert(m);
if (m->llmnr_ipv6_udp_fd >= 0)
return m->llmnr_ipv6_udp_fd;
m->llmnr_ipv6_udp_fd = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
if (m->llmnr_ipv6_udp_fd < 0)
return -errno;
r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = setsockopt(m->llmnr_ipv6_udp_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = setsockopt(m->llmnr_ipv6_udp_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &one, sizeof(one));
if (r < 0) {
r = -errno;
goto fail;
}
r = bind(m->llmnr_ipv6_udp_fd, &sa.sa, sizeof(sa.in6));
if (r < 0) {
r = -errno;
goto fail;
}
r = sd_event_add_io(m->event, &m->llmnr_ipv6_udp_event_source, m->llmnr_ipv6_udp_fd, EPOLLIN, on_llmnr_packet, m);
if (r < 0) {
r = -errno;
goto fail;
}
return m->llmnr_ipv6_udp_fd;
fail:
m->llmnr_ipv6_udp_fd = safe_close(m->llmnr_ipv6_udp_fd);
return r;
}

34
src/resolve/resolved.h
View File

@ -38,7 +38,9 @@ typedef struct Manager Manager;
struct Manager {
sd_event *event;
/* network */
bool use_llmnr:1;
/* Network */
Hashmap *links;
sd_rtnl *rtnl;
@ -47,23 +49,33 @@ struct Manager {
sd_network_monitor *network_monitor;
sd_event_source *network_event_source;
/* unicast dns */
/* DNS query management */
Hashmap *dns_query_transactions;
LIST_HEAD(DnsQuery, dns_queries);
unsigned n_dns_queries;
/* Unicast dns */
int dns_ipv4_fd;
int dns_ipv6_fd;
sd_event_source *dns_ipv4_event_source;
sd_event_source *dns_ipv6_event_source;
Hashmap *dns_query_transactions;
LIST_HEAD(DnsQuery, dns_queries);
unsigned n_dns_queries;
LIST_HEAD(DnsServer, dns_servers);
DnsServer *current_dns_server;
LIST_HEAD(DnsScope, dns_scopes);
DnsScope *unicast_scope;
/* LLMNR */
int llmnr_ipv4_udp_fd;
int llmnr_ipv6_udp_fd;
/* int llmnr_ipv4_tcp_fd; */
/* int llmnr_ipv6_tcp_fd; */
sd_event_source *llmnr_ipv4_udp_event_source;
sd_event_source *llmnr_ipv6_udp_event_source;
/* dbus */
sd_bus *bus;
sd_event_source *bus_retry_event_source;
@ -82,13 +94,13 @@ DnsServer *manager_get_dns_server(Manager *m);
void manager_next_dns_server(Manager *m);
uint32_t manager_find_mtu(Manager *m);
int manager_dns_ipv4_fd(Manager *m);
int manager_dns_ipv4_send(Manager *m, DnsServer *srv, int ifindex, DnsPacket *p);
int manager_dns_ipv4_recv(Manager *m, DnsPacket **ret);
int manager_send(Manager *m, int fd, int ifindex, unsigned char family, union in_addr_union *addr, uint16_t port, DnsPacket *p);
int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret);
int manager_dns_ipv4_fd(Manager *m);
int manager_dns_ipv6_fd(Manager *m);
int manager_dns_ipv6_send(Manager *m, DnsServer *srv, int ifindex, DnsPacket *p);
int manager_dns_ipv6_recv(Manager *m, DnsPacket **ret);
int manager_llmnr_ipv4_udp_fd(Manager *m);
int manager_llmnr_ipv6_udp_fd(Manager *m);
int manager_connect_bus(Manager *m);

12
src/shared/in-addr-util.c
View File

@ -231,3 +231,15 @@ int in_addr_from_string_auto(const char *s, unsigned *family, union in_addr_unio
return -EINVAL;
}
static const char* const family_table[] = {
[AF_UNSPEC] = "unspec",
[AF_UNIX] = "unix",
[AF_INET] = "inet",
[AF_INET6] = "inet6",
[AF_NETLINK] = "netlink",
[AF_PACKET] = "packet",
[AF_BLUETOOTH] = "bluetooth",
[AF_NFC] = "nfc",
};
DEFINE_STRING_TABLE_LOOKUP(family, int);

3
src/shared/in-addr-util.h
View File

@ -43,3 +43,6 @@ static inline size_t FAMILY_ADDRESS_SIZE(int family) {
assert(family == AF_INET || family == AF_INET6);
return family == AF_INET6 ? 16 : 4;
}
const char* family_to_string(int i) _const_;
int family_from_string(const char *s) _pure_;