1 /* dnsmasq is Copyright (c) 2000-2009 Simon Kelley 2 3 This program is free software; you can redistribute it and/or modify 4 it under the terms of the GNU General Public License as published by 5 the Free Software Foundation; version 2 dated June, 1991, or 6 (at your option) version 3 dated 29 June, 2007. 7 8 This program is distributed in the hope that it will be useful, 9 but WITHOUT ANY WARRANTY; without even the implied warranty of 10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 GNU General Public License for more details. 12 13 You should have received a copy of the GNU General Public License 14 along with this program. If not, see <http://www.gnu.org/licenses/>. 15 */ 16 17 #include "dnsmasq.h" 18 19 #ifdef HAVE_LINUX_NETWORK 20 21 int indextoname(int fd, int index, char *name) 22 { 23 struct ifreq ifr; 24 25 if (index == 0) 26 return 0; 27 28 ifr.ifr_ifindex = index; 29 if (ioctl(fd, SIOCGIFNAME, &ifr) == -1) 30 return 0; 31 32 strncpy(name, ifr.ifr_name, IF_NAMESIZE); 33 34 return 1; 35 } 36 37 #else 38 39 int indextoname(int fd, int index, char *name) 40 { 41 if (index == 0 || !if_indextoname(index, name)) 42 return 0; 43 44 return 1; 45 } 46 47 #endif 48 49 int iface_check(int family, struct all_addr *addr, char *name, int *indexp) 50 { 51 struct iname *tmp; 52 int ret = 1; 53 54 /* Note: have to check all and not bail out early, so that we set the 55 "used" flags. */ 56 57 if (indexp) 58 { 59 /* One form of bridging on BSD has the property that packets 60 can be recieved on bridge interfaces which do not have an IP address. 61 We allow these to be treated as aliases of another interface which does have 62 an IP address with --dhcp-bridge=interface,alias,alias */ 63 struct dhcp_bridge *bridge, *alias; 64 for (bridge = daemon->bridges; bridge; bridge = bridge->next) 65 { 66 for (alias = bridge->alias; alias; alias = alias->next) 67 if (strncmp(name, alias->iface, IF_NAMESIZE) == 0) 68 { 69 int newindex; 70 71 if (!(newindex = if_nametoindex(bridge->iface))) 72 { 73 my_syslog(LOG_WARNING, _("unknown interface %s in bridge-interface"), name); 74 return 0; 75 } 76 else 77 { 78 *indexp = newindex; 79 strncpy(name, bridge->iface, IF_NAMESIZE); 80 break; 81 } 82 } 83 if (alias) 84 break; 85 } 86 } 87 88 if (daemon->if_names || (addr && daemon->if_addrs)) 89 { 90 ret = 0; 91 92 for (tmp = daemon->if_names; tmp; tmp = tmp->next) 93 if (tmp->name && (strcmp(tmp->name, name) == 0)) 94 ret = tmp->used = 1; 95 96 for (tmp = daemon->if_addrs; tmp; tmp = tmp->next) 97 if (addr && tmp->addr.sa.sa_family == family) 98 { 99 if (family == AF_INET && 100 tmp->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr) 101 ret = tmp->used = 1; 102 #ifdef HAVE_IPV6 103 else if (family == AF_INET6 && 104 IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr, 105 &addr->addr.addr6)) 106 ret = tmp->used = 1; 107 #endif 108 } 109 } 110 111 for (tmp = daemon->if_except; tmp; tmp = tmp->next) 112 if (tmp->name && (strcmp(tmp->name, name) == 0)) 113 ret = 0; 114 115 return ret; 116 } 117 118 static int iface_allowed(struct irec **irecp, int if_index, 119 union mysockaddr *addr, struct in_addr netmask) 120 { 121 struct irec *iface; 122 int fd, mtu = 0, loopback; 123 struct ifreq ifr; 124 int dhcp_ok = 1; 125 struct iname *tmp; 126 127 /* check whether the interface IP has been added already 128 we call this routine multiple times. */ 129 for (iface = *irecp; iface; iface = iface->next) 130 if (sockaddr_isequal(&iface->addr, addr)) 131 return 1; 132 133 if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) == -1 || 134 !indextoname(fd, if_index, ifr.ifr_name) || 135 ioctl(fd, SIOCGIFFLAGS, &ifr) == -1) 136 { 137 if (fd != -1) 138 { 139 int errsave = errno; 140 close(fd); 141 errno = errsave; 142 } 143 return 0; 144 } 145 146 loopback = ifr.ifr_flags & IFF_LOOPBACK; 147 148 if (ioctl(fd, SIOCGIFMTU, &ifr) != -1) 149 mtu = ifr.ifr_mtu; 150 151 close(fd); 152 153 /* If we are restricting the set of interfaces to use, make 154 sure that loopback interfaces are in that set. */ 155 if (daemon->if_names && loopback) 156 { 157 struct iname *lo; 158 for (lo = daemon->if_names; lo; lo = lo->next) 159 if (lo->name && strcmp(lo->name, ifr.ifr_name) == 0) 160 { 161 lo->isloop = 1; 162 break; 163 } 164 165 if (!lo && 166 (lo = whine_malloc(sizeof(struct iname))) && 167 (lo->name = whine_malloc(strlen(ifr.ifr_name)+1))) 168 { 169 strcpy(lo->name, ifr.ifr_name); 170 lo->isloop = lo->used = 1; 171 lo->next = daemon->if_names; 172 daemon->if_names = lo; 173 } 174 } 175 176 if (addr->sa.sa_family == AF_INET && 177 !iface_check(AF_INET, (struct all_addr *)&addr->in.sin_addr, ifr.ifr_name, NULL)) 178 return 1; 179 180 for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next) 181 if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0)) 182 dhcp_ok = 0; 183 184 #ifdef HAVE_IPV6 185 if (addr->sa.sa_family == AF_INET6 && 186 !iface_check(AF_INET6, (struct all_addr *)&addr->in6.sin6_addr, ifr.ifr_name, NULL)) 187 return 1; 188 #endif 189 190 /* add to list */ 191 if ((iface = whine_malloc(sizeof(struct irec)))) 192 { 193 iface->addr = *addr; 194 iface->netmask = netmask; 195 iface->dhcp_ok = dhcp_ok; 196 iface->mtu = mtu; 197 iface->next = *irecp; 198 *irecp = iface; 199 return 1; 200 } 201 202 errno = ENOMEM; 203 return 0; 204 } 205 206 #ifdef HAVE_IPV6 207 static int iface_allowed_v6(struct in6_addr *local, 208 int scope, int if_index, void *vparam) 209 { 210 union mysockaddr addr; 211 struct in_addr netmask; /* dummy */ 212 213 netmask.s_addr = 0; 214 215 memset(&addr, 0, sizeof(addr)); 216 #ifdef HAVE_SOCKADDR_SA_LEN 217 addr.in6.sin6_len = sizeof(addr.in6); 218 #endif 219 addr.in6.sin6_family = AF_INET6; 220 addr.in6.sin6_addr = *local; 221 addr.in6.sin6_port = htons(daemon->port); 222 addr.in6.sin6_scope_id = scope; 223 224 return iface_allowed((struct irec **)vparam, if_index, &addr, netmask); 225 } 226 #endif 227 228 static int iface_allowed_v4(struct in_addr local, int if_index, 229 struct in_addr netmask, struct in_addr broadcast, void *vparam) 230 { 231 union mysockaddr addr; 232 233 memset(&addr, 0, sizeof(addr)); 234 #ifdef HAVE_SOCKADDR_SA_LEN 235 addr.in.sin_len = sizeof(addr.in); 236 #endif 237 addr.in.sin_family = AF_INET; 238 addr.in.sin_addr = broadcast; /* warning */ 239 addr.in.sin_addr = local; 240 addr.in.sin_port = htons(daemon->port); 241 242 return iface_allowed((struct irec **)vparam, if_index, &addr, netmask); 243 } 244 245 int enumerate_interfaces(void) 246 { 247 #ifdef HAVE_IPV6 248 return iface_enumerate(&daemon->interfaces, iface_allowed_v4, iface_allowed_v6); 249 #else 250 return iface_enumerate(&daemon->interfaces, iface_allowed_v4, NULL); 251 #endif 252 } 253 254 /* set NONBLOCK bit on fd: See Stevens 16.6 */ 255 int fix_fd(int fd) 256 { 257 int flags; 258 259 if ((flags = fcntl(fd, F_GETFL)) == -1 || 260 fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1) 261 return 0; 262 263 return 1; 264 } 265 266 #if defined(HAVE_IPV6) 267 static int create_ipv6_listener(struct listener **link, int port) 268 { 269 union mysockaddr addr; 270 int tcpfd, fd; 271 struct listener *l; 272 int opt = 1; 273 274 memset(&addr, 0, sizeof(addr)); 275 addr.in6.sin6_family = AF_INET6; 276 addr.in6.sin6_addr = in6addr_any; 277 addr.in6.sin6_port = htons(port); 278 #ifdef HAVE_SOCKADDR_SA_LEN 279 addr.in6.sin6_len = sizeof(addr.in6); 280 #endif 281 282 /* No error of the kernel doesn't support IPv6 */ 283 if ((fd = socket(AF_INET6, SOCK_DGRAM, 0)) == -1) 284 return (errno == EPROTONOSUPPORT || 285 errno == EAFNOSUPPORT || 286 errno == EINVAL); 287 288 if ((tcpfd = socket(AF_INET6, SOCK_STREAM, 0)) == -1) 289 return 0; 290 291 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 || 292 setsockopt(tcpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 || 293 setsockopt(fd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1 || 294 setsockopt(tcpfd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1 || 295 !fix_fd(fd) || 296 !fix_fd(tcpfd) || 297 #ifdef IPV6_RECVPKTINFO 298 setsockopt(fd, IPV6_LEVEL, IPV6_RECVPKTINFO, &opt, sizeof(opt)) == -1 || 299 #else 300 setsockopt(fd, IPV6_LEVEL, IPV6_PKTINFO, &opt, sizeof(opt)) == -1 || 301 #endif 302 bind(tcpfd, (struct sockaddr *)&addr, sa_len(&addr)) == -1 || 303 listen(tcpfd, 5) == -1 || 304 bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == -1) 305 return 0; 306 307 l = safe_malloc(sizeof(struct listener)); 308 l->fd = fd; 309 l->tcpfd = tcpfd; 310 l->tftpfd = -1; 311 l->family = AF_INET6; 312 l->next = NULL; 313 *link = l; 314 315 return 1; 316 } 317 #endif 318 319 struct listener *create_wildcard_listeners(void) 320 { 321 union mysockaddr addr; 322 int opt = 1; 323 struct listener *l, *l6 = NULL; 324 int tcpfd = -1, fd = -1, tftpfd = -1; 325 326 memset(&addr, 0, sizeof(addr)); 327 addr.in.sin_family = AF_INET; 328 addr.in.sin_addr.s_addr = INADDR_ANY; 329 addr.in.sin_port = htons(daemon->port); 330 #ifdef HAVE_SOCKADDR_SA_LEN 331 addr.in.sin_len = sizeof(struct sockaddr_in); 332 #endif 333 334 if (daemon->port != 0) 335 { 336 337 if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1 || 338 (tcpfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) 339 return NULL; 340 341 if (setsockopt(tcpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 || 342 bind(tcpfd, (struct sockaddr *)&addr, sa_len(&addr)) == -1 || 343 listen(tcpfd, 5) == -1 || 344 !fix_fd(tcpfd) || 345 #ifdef HAVE_IPV6 346 !create_ipv6_listener(&l6, daemon->port) || 347 #endif 348 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 || 349 !fix_fd(fd) || 350 #if defined(HAVE_LINUX_NETWORK) 351 setsockopt(fd, SOL_IP, IP_PKTINFO, &opt, sizeof(opt)) == -1 || 352 #elif defined(IP_RECVDSTADDR) && defined(IP_RECVIF) 353 setsockopt(fd, IPPROTO_IP, IP_RECVDSTADDR, &opt, sizeof(opt)) == -1 || 354 setsockopt(fd, IPPROTO_IP, IP_RECVIF, &opt, sizeof(opt)) == -1 || 355 #endif 356 bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == -1) 357 return NULL; 358 } 359 360 #ifdef HAVE_TFTP 361 if (daemon->options & OPT_TFTP) 362 { 363 addr.in.sin_port = htons(TFTP_PORT); 364 if ((tftpfd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) 365 return NULL; 366 367 if (!fix_fd(tftpfd) || 368 #if defined(HAVE_LINUX_NETWORK) 369 setsockopt(tftpfd, SOL_IP, IP_PKTINFO, &opt, sizeof(opt)) == -1 || 370 #elif defined(IP_RECVDSTADDR) && defined(IP_RECVIF) 371 setsockopt(tftpfd, IPPROTO_IP, IP_RECVDSTADDR, &opt, sizeof(opt)) == -1 || 372 setsockopt(tftpfd, IPPROTO_IP, IP_RECVIF, &opt, sizeof(opt)) == -1 || 373 #endif 374 bind(tftpfd, (struct sockaddr *)&addr, sa_len(&addr)) == -1) 375 return NULL; 376 } 377 #endif 378 379 l = safe_malloc(sizeof(struct listener)); 380 l->family = AF_INET; 381 l->fd = fd; 382 l->tcpfd = tcpfd; 383 l->tftpfd = tftpfd; 384 l->next = l6; 385 386 return l; 387 } 388 389 struct listener *create_bound_listeners(void) 390 { 391 struct listener *listeners = NULL; 392 struct irec *iface; 393 int rc, opt = 1; 394 #ifdef HAVE_IPV6 395 static int dad_count = 0; 396 #endif 397 398 for (iface = daemon->interfaces; iface; iface = iface->next) 399 { 400 struct listener *new = safe_malloc(sizeof(struct listener)); 401 new->family = iface->addr.sa.sa_family; 402 new->iface = iface; 403 new->next = listeners; 404 new->tftpfd = -1; 405 new->tcpfd = -1; 406 new->fd = -1; 407 listeners = new; 408 409 if (daemon->port != 0) 410 { 411 if ((new->tcpfd = socket(iface->addr.sa.sa_family, SOCK_STREAM, 0)) == -1 || 412 (new->fd = socket(iface->addr.sa.sa_family, SOCK_DGRAM, 0)) == -1 || 413 setsockopt(new->fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 || 414 setsockopt(new->tcpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 || 415 !fix_fd(new->tcpfd) || 416 !fix_fd(new->fd)) 417 die(_("failed to create listening socket: %s"), NULL, EC_BADNET); 418 419 #ifdef HAVE_IPV6 420 if (iface->addr.sa.sa_family == AF_INET6) 421 { 422 if (setsockopt(new->fd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1 || 423 setsockopt(new->tcpfd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1) 424 die(_("failed to set IPV6 options on listening socket: %s"), NULL, EC_BADNET); 425 } 426 #endif 427 428 while(1) 429 { 430 if ((rc = bind(new->fd, &iface->addr.sa, sa_len(&iface->addr))) != -1) 431 break; 432 433 #ifdef HAVE_IPV6 434 /* An interface may have an IPv6 address which is still undergoing DAD. 435 If so, the bind will fail until the DAD completes, so we try over 20 seconds 436 before failing. */ 437 if (iface->addr.sa.sa_family == AF_INET6 && (errno == ENODEV || errno == EADDRNOTAVAIL) && 438 dad_count++ < DAD_WAIT) 439 { 440 sleep(1); 441 continue; 442 } 443 #endif 444 break; 445 } 446 447 if (rc == -1 || bind(new->tcpfd, &iface->addr.sa, sa_len(&iface->addr)) == -1) 448 { 449 prettyprint_addr(&iface->addr, daemon->namebuff); 450 die(_("failed to bind listening socket for %s: %s"), 451 daemon->namebuff, EC_BADNET); 452 } 453 454 if (listen(new->tcpfd, 5) == -1) 455 die(_("failed to listen on socket: %s"), NULL, EC_BADNET); 456 } 457 458 #ifdef HAVE_TFTP 459 if ((daemon->options & OPT_TFTP) && iface->addr.sa.sa_family == AF_INET && iface->dhcp_ok) 460 { 461 short save = iface->addr.in.sin_port; 462 iface->addr.in.sin_port = htons(TFTP_PORT); 463 if ((new->tftpfd = socket(AF_INET, SOCK_DGRAM, 0)) == -1 || 464 setsockopt(new->tftpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 || 465 !fix_fd(new->tftpfd) || 466 bind(new->tftpfd, &iface->addr.sa, sa_len(&iface->addr)) == -1) 467 die(_("failed to create TFTP socket: %s"), NULL, EC_BADNET); 468 iface->addr.in.sin_port = save; 469 } 470 #endif 471 472 } 473 474 return listeners; 475 } 476 477 478 /* return a UDP socket bound to a random port, have to cope with straying into 479 occupied port nos and reserved ones. */ 480 int random_sock(int family) 481 { 482 int fd; 483 484 if ((fd = socket(family, SOCK_DGRAM, 0)) != -1) 485 { 486 union mysockaddr addr; 487 unsigned int ports_avail = 65536u - (unsigned short)daemon->min_port; 488 int tries = ports_avail < 30 ? 3 * ports_avail : 100; 489 490 memset(&addr, 0, sizeof(addr)); 491 addr.sa.sa_family = family; 492 493 /* don't loop forever if all ports in use. */ 494 495 if (fix_fd(fd)) 496 while(tries--) 497 { 498 unsigned short port = rand16(); 499 500 if (daemon->min_port != 0) 501 port = htons(daemon->min_port + (port % ((unsigned short)ports_avail))); 502 503 if (family == AF_INET) 504 { 505 addr.in.sin_addr.s_addr = INADDR_ANY; 506 addr.in.sin_port = port; 507 #ifdef HAVE_SOCKADDR_SA_LEN 508 addr.in.sin_len = sizeof(struct sockaddr_in); 509 #endif 510 } 511 #ifdef HAVE_IPV6 512 else 513 { 514 addr.in6.sin6_addr = in6addr_any; 515 addr.in6.sin6_port = port; 516 #ifdef HAVE_SOCKADDR_SA_LEN 517 addr.in6.sin6_len = sizeof(struct sockaddr_in6); 518 #endif 519 } 520 #endif 521 522 if (bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == 0) 523 return fd; 524 525 if (errno != EADDRINUSE && errno != EACCES) 526 break; 527 } 528 529 close(fd); 530 } 531 532 return -1; 533 } 534 535 536 int local_bind(int fd, union mysockaddr *addr, char *intname, int is_tcp) 537 { 538 union mysockaddr addr_copy = *addr; 539 540 /* cannot set source _port_ for TCP connections. */ 541 if (is_tcp) 542 { 543 if (addr_copy.sa.sa_family == AF_INET) 544 addr_copy.in.sin_port = 0; 545 #ifdef HAVE_IPV6 546 else 547 addr_copy.in6.sin6_port = 0; 548 #endif 549 } 550 551 if (bind(fd, (struct sockaddr *)&addr_copy, sa_len(&addr_copy)) == -1) 552 return 0; 553 554 #if defined(SO_BINDTODEVICE) 555 if (intname[0] != 0 && 556 setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, intname, strlen(intname)) == -1) 557 return 0; 558 #endif 559 560 return 1; 561 } 562 563 static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) 564 { 565 struct serverfd *sfd; 566 int errsave; 567 568 /* when using random ports, servers which would otherwise use 569 the INADDR_ANY/port0 socket have sfd set to NULL */ 570 if (!daemon->osport && intname[0] == 0) 571 { 572 errno = 0; 573 574 if (addr->sa.sa_family == AF_INET && 575 addr->in.sin_addr.s_addr == INADDR_ANY && 576 addr->in.sin_port == htons(0)) 577 return NULL; 578 579 #ifdef HAVE_IPV6 580 if (addr->sa.sa_family == AF_INET6 && 581 memcmp(&addr->in6.sin6_addr, &in6addr_any, sizeof(in6addr_any)) == 0 && 582 addr->in6.sin6_port == htons(0)) 583 return NULL; 584 #endif 585 } 586 587 /* may have a suitable one already */ 588 for (sfd = daemon->sfds; sfd; sfd = sfd->next ) 589 if (sockaddr_isequal(&sfd->source_addr, addr) && 590 strcmp(intname, sfd->interface) == 0) 591 return sfd; 592 593 /* need to make a new one. */ 594 errno = ENOMEM; /* in case malloc fails. */ 595 if (!(sfd = whine_malloc(sizeof(struct serverfd)))) 596 return NULL; 597 598 if ((sfd->fd = socket(addr->sa.sa_family, SOCK_DGRAM, 0)) == -1) 599 { 600 free(sfd); 601 return NULL; 602 } 603 604 if (!local_bind(sfd->fd, addr, intname, 0) || !fix_fd(sfd->fd)) 605 { 606 errsave = errno; /* save error from bind. */ 607 close(sfd->fd); 608 free(sfd); 609 errno = errsave; 610 return NULL; 611 } 612 613 strcpy(sfd->interface, intname); 614 sfd->source_addr = *addr; 615 sfd->next = daemon->sfds; 616 daemon->sfds = sfd; 617 return sfd; 618 } 619 620 /* create upstream sockets during startup, before root is dropped which may be needed 621 this allows query_port to be a low port and interface binding */ 622 void pre_allocate_sfds(void) 623 { 624 struct server *srv; 625 626 if (daemon->query_port != 0) 627 { 628 union mysockaddr addr; 629 memset(&addr, 0, sizeof(addr)); 630 addr.in.sin_family = AF_INET; 631 addr.in.sin_addr.s_addr = INADDR_ANY; 632 addr.in.sin_port = htons(daemon->query_port); 633 #ifdef HAVE_SOCKADDR_SA_LEN 634 addr.in.sin_len = sizeof(struct sockaddr_in); 635 #endif 636 allocate_sfd(&addr, ""); 637 #ifdef HAVE_IPV6 638 memset(&addr, 0, sizeof(addr)); 639 addr.in6.sin6_family = AF_INET6; 640 addr.in6.sin6_addr = in6addr_any; 641 addr.in6.sin6_port = htons(daemon->query_port); 642 #ifdef HAVE_SOCKADDR_SA_LEN 643 addr.in6.sin6_len = sizeof(struct sockaddr_in6); 644 #endif 645 allocate_sfd(&addr, ""); 646 #endif 647 } 648 649 for (srv = daemon->servers; srv; srv = srv->next) 650 if (!(srv->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR)) && 651 !allocate_sfd(&srv->source_addr, srv->interface) && 652 errno != 0 && 653 (daemon->options & OPT_NOWILD)) 654 { 655 prettyprint_addr(&srv->addr, daemon->namebuff); 656 if (srv->interface[0] != 0) 657 { 658 strcat(daemon->namebuff, " "); 659 strcat(daemon->namebuff, srv->interface); 660 } 661 die(_("failed to bind server socket for %s: %s"), 662 daemon->namebuff, EC_BADNET); 663 } 664 } 665 666 667 void check_servers(void) 668 { 669 struct irec *iface; 670 struct server *new, *tmp, *ret = NULL; 671 int port = 0; 672 673 for (new = daemon->servers; new; new = tmp) 674 { 675 tmp = new->next; 676 677 if (!(new->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR))) 678 { 679 port = prettyprint_addr(&new->addr, daemon->namebuff); 680 681 /* 0.0.0.0 is nothing, the stack treats it like 127.0.0.1 */ 682 if (new->addr.sa.sa_family == AF_INET && 683 new->addr.in.sin_addr.s_addr == 0) 684 { 685 free(new); 686 continue; 687 } 688 689 for (iface = daemon->interfaces; iface; iface = iface->next) 690 if (sockaddr_isequal(&new->addr, &iface->addr)) 691 break; 692 if (iface) 693 { 694 my_syslog(LOG_WARNING, _("ignoring nameserver %s - local interface"), daemon->namebuff); 695 free(new); 696 continue; 697 } 698 699 /* Do we need a socket set? */ 700 if (!new->sfd && 701 !(new->sfd = allocate_sfd(&new->source_addr, new->interface)) && 702 errno != 0) 703 { 704 my_syslog(LOG_WARNING, 705 _("ignoring nameserver %s - cannot make/bind socket: %s"), 706 daemon->namebuff, strerror(errno)); 707 free(new); 708 continue; 709 } 710 } 711 712 /* reverse order - gets it right. */ 713 new->next = ret; 714 ret = new; 715 716 if (new->flags & (SERV_HAS_DOMAIN | SERV_FOR_NODOTS)) 717 { 718 char *s1, *s2; 719 if (!(new->flags & SERV_HAS_DOMAIN)) 720 s1 = _("unqualified"), s2 = _("names"); 721 else if (strlen(new->domain) == 0) 722 s1 = _("default"), s2 = ""; 723 else 724 s1 = _("domain"), s2 = new->domain; 725 726 if (new->flags & SERV_NO_ADDR) 727 my_syslog(LOG_INFO, _("using local addresses only for %s %s"), s1, s2); 728 else if (!(new->flags & SERV_LITERAL_ADDRESS)) 729 my_syslog(LOG_INFO, _("using nameserver %s#%d for %s %s"), daemon->namebuff, port, s1, s2); 730 } 731 else if (new->interface[0] != 0) 732 my_syslog(LOG_INFO, _("using nameserver %s#%d(via %s)"), daemon->namebuff, port, new->interface); 733 else 734 my_syslog(LOG_INFO, _("using nameserver %s#%d"), daemon->namebuff, port); 735 } 736 737 daemon->servers = ret; 738 } 739 740 #ifdef __ANDROID__ 741 /* 742 * Takes a string in the format "1.2.3.4:1.2.3.4:..." - up to 1024 bytes in length 743 */ 744 int set_servers(const char *servers) 745 { 746 char s[1024]; 747 struct server *old_servers = NULL; 748 struct server *new_servers = NULL; 749 struct server *serv; 750 751 strncpy(s, servers, sizeof(s)); 752 753 /* move old servers to free list - we can reuse the memory 754 and not risk malloc if there are the same or fewer new servers. 755 Servers which were specced on the command line go to the new list. */ 756 for (serv = daemon->servers; serv;) 757 { 758 struct server *tmp = serv->next; 759 if (serv->flags & SERV_FROM_RESOLV) 760 { 761 serv->next = old_servers; 762 old_servers = serv; 763 /* forward table rules reference servers, so have to blow them away */ 764 server_gone(serv); 765 } 766 else 767 { 768 serv->next = new_servers; 769 new_servers = serv; 770 } 771 serv = tmp; 772 } 773 774 char *next = s; 775 char *saddr; 776 777 while ((saddr = strsep(&next, ":"))) { 778 union mysockaddr addr, source_addr; 779 memset(&addr, 0, sizeof(addr)); 780 memset(&source_addr, 0, sizeof(source_addr)); 781 782 if ((addr.in.sin_addr.s_addr = inet_addr(saddr)) != (in_addr_t) -1) 783 { 784 #ifdef HAVE_SOCKADDR_SA_LEN 785 source_addr.in.sin_len = addr.in.sin_len = sizeof(source_addr.in); 786 #endif 787 source_addr.in.sin_family = addr.in.sin_family = AF_INET; 788 addr.in.sin_port = htons(NAMESERVER_PORT); 789 source_addr.in.sin_addr.s_addr = INADDR_ANY; 790 source_addr.in.sin_port = htons(daemon->query_port); 791 } 792 #ifdef HAVE_IPV6 793 else if (inet_pton(AF_INET6, saddr, &addr.in6.sin6_addr) > 0) 794 { 795 #ifdef HAVE_SOCKADDR_SA_LEN 796 source_addr.in6.sin6_len = addr.in6.sin6_len = sizeof(source_addr.in6); 797 #endif 798 source_addr.in6.sin6_family = addr.in6.sin6_family = AF_INET6; 799 addr.in6.sin6_port = htons(NAMESERVER_PORT); 800 source_addr.in6.sin6_addr = in6addr_any; 801 source_addr.in6.sin6_port = htons(daemon->query_port); 802 } 803 #endif /* IPV6 */ 804 else 805 continue; 806 807 if (old_servers) 808 { 809 serv = old_servers; 810 old_servers = old_servers->next; 811 } 812 else if (!(serv = whine_malloc(sizeof (struct server)))) 813 continue; 814 815 /* this list is reverse ordered: 816 it gets reversed again in check_servers */ 817 serv->next = new_servers; 818 new_servers = serv; 819 serv->addr = addr; 820 serv->source_addr = source_addr; 821 serv->domain = NULL; 822 serv->interface[0] = 0; 823 serv->sfd = NULL; 824 serv->flags = SERV_FROM_RESOLV; 825 serv->queries = serv->failed_queries = 0; 826 } 827 828 /* Free any memory not used. */ 829 while (old_servers) 830 { 831 struct server *tmp = old_servers->next; 832 free(old_servers); 833 old_servers = tmp; 834 } 835 836 daemon->servers = new_servers; 837 return 0; 838 } 839 #endif 840 841 /* Return zero if no servers found, in that case we keep polling. 842 This is a protection against an update-time/write race on resolv.conf */ 843 int reload_servers(char *fname) 844 { 845 FILE *f; 846 char *line; 847 struct server *old_servers = NULL; 848 struct server *new_servers = NULL; 849 struct server *serv; 850 int gotone = 0; 851 852 /* buff happens to be MAXDNAME long... */ 853 if (!(f = fopen(fname, "r"))) 854 { 855 my_syslog(LOG_ERR, _("failed to read %s: %s"), fname, strerror(errno)); 856 return 0; 857 } 858 859 /* move old servers to free list - we can reuse the memory 860 and not risk malloc if there are the same or fewer new servers. 861 Servers which were specced on the command line go to the new list. */ 862 for (serv = daemon->servers; serv;) 863 { 864 struct server *tmp = serv->next; 865 if (serv->flags & SERV_FROM_RESOLV) 866 { 867 serv->next = old_servers; 868 old_servers = serv; 869 /* forward table rules reference servers, so have to blow them away */ 870 server_gone(serv); 871 } 872 else 873 { 874 serv->next = new_servers; 875 new_servers = serv; 876 } 877 serv = tmp; 878 } 879 880 while ((line = fgets(daemon->namebuff, MAXDNAME, f))) 881 { 882 union mysockaddr addr, source_addr; 883 char *token = strtok(line, " \t\n\r"); 884 885 if (!token) 886 continue; 887 if (strcmp(token, "nameserver") != 0 && strcmp(token, "server") != 0) 888 continue; 889 if (!(token = strtok(NULL, " \t\n\r"))) 890 continue; 891 892 memset(&addr, 0, sizeof(addr)); 893 memset(&source_addr, 0, sizeof(source_addr)); 894 895 if ((addr.in.sin_addr.s_addr = inet_addr(token)) != (in_addr_t) -1) 896 { 897 #ifdef HAVE_SOCKADDR_SA_LEN 898 source_addr.in.sin_len = addr.in.sin_len = sizeof(source_addr.in); 899 #endif 900 source_addr.in.sin_family = addr.in.sin_family = AF_INET; 901 addr.in.sin_port = htons(NAMESERVER_PORT); 902 source_addr.in.sin_addr.s_addr = INADDR_ANY; 903 source_addr.in.sin_port = htons(daemon->query_port); 904 } 905 #ifdef HAVE_IPV6 906 else if (inet_pton(AF_INET6, token, &addr.in6.sin6_addr) > 0) 907 { 908 #ifdef HAVE_SOCKADDR_SA_LEN 909 source_addr.in6.sin6_len = addr.in6.sin6_len = sizeof(source_addr.in6); 910 #endif 911 source_addr.in6.sin6_family = addr.in6.sin6_family = AF_INET6; 912 addr.in6.sin6_port = htons(NAMESERVER_PORT); 913 source_addr.in6.sin6_addr = in6addr_any; 914 source_addr.in6.sin6_port = htons(daemon->query_port); 915 } 916 #endif /* IPV6 */ 917 else 918 continue; 919 920 if (old_servers) 921 { 922 serv = old_servers; 923 old_servers = old_servers->next; 924 } 925 else if (!(serv = whine_malloc(sizeof (struct server)))) 926 continue; 927 928 /* this list is reverse ordered: 929 it gets reversed again in check_servers */ 930 serv->next = new_servers; 931 new_servers = serv; 932 serv->addr = addr; 933 serv->source_addr = source_addr; 934 serv->domain = NULL; 935 serv->interface[0] = 0; 936 serv->sfd = NULL; 937 serv->flags = SERV_FROM_RESOLV; 938 serv->queries = serv->failed_queries = 0; 939 gotone = 1; 940 } 941 942 /* Free any memory not used. */ 943 while (old_servers) 944 { 945 struct server *tmp = old_servers->next; 946 free(old_servers); 947 old_servers = tmp; 948 } 949 950 daemon->servers = new_servers; 951 fclose(f); 952 953 return gotone; 954 } 955 956 957 /* Use an IPv4 listener socket for ioctling */ 958 struct in_addr get_ifaddr(char *intr) 959 { 960 struct listener *l; 961 struct ifreq ifr; 962 963 for (l = daemon->listeners; l && l->family != AF_INET; l = l->next); 964 965 strncpy(ifr.ifr_name, intr, IF_NAMESIZE); 966 ifr.ifr_addr.sa_family = AF_INET; 967 968 if (!l || ioctl(l->fd, SIOCGIFADDR, &ifr) == -1) 969 ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr.s_addr = -1; 970 971 return ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr; 972 } 973 974 975 976
