1 /* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
7
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
12
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
15 */
16
17 #include "dnsmasq.h"
18
19 #ifdef HAVE_LINUX_NETWORK
20
indextoname(int fd,int index,char * name)21 int indextoname(int fd, int index, char *name)
22 {
23 struct ifreq ifr;
24
25 if (index == 0)
26 return 0;
27
28 ifr.ifr_ifindex = index;
29 if (ioctl(fd, SIOCGIFNAME, &ifr) == -1)
30 return 0;
31
32 strncpy(name, ifr.ifr_name, IF_NAMESIZE);
33
34 return 1;
35 }
36
37 #else
38
indextoname(int fd,int index,char * name)39 int indextoname(int fd, int index, char *name)
40 {
41 if (index == 0 || !if_indextoname(index, name))
42 return 0;
43
44 return 1;
45 }
46
47 #endif
48
iface_check(int family,struct all_addr * addr,char * name,int * indexp)49 int iface_check(int family, struct all_addr *addr, char *name, int *indexp)
50 {
51 struct iname *tmp;
52 int ret = 1;
53
54 /* Note: have to check all and not bail out early, so that we set the
55 "used" flags. */
56
57 if (indexp)
58 {
59 /* One form of bridging on BSD has the property that packets
60 can be recieved on bridge interfaces which do not have an IP address.
61 We allow these to be treated as aliases of another interface which does have
62 an IP address with --dhcp-bridge=interface,alias,alias */
63 struct dhcp_bridge *bridge, *alias;
64 for (bridge = daemon->bridges; bridge; bridge = bridge->next)
65 {
66 for (alias = bridge->alias; alias; alias = alias->next)
67 if (strncmp(name, alias->iface, IF_NAMESIZE) == 0)
68 {
69 int newindex;
70
71 if (!(newindex = if_nametoindex(bridge->iface)))
72 {
73 my_syslog(LOG_WARNING, _("unknown interface %s in bridge-interface"), name);
74 return 0;
75 }
76 else
77 {
78 *indexp = newindex;
79 strncpy(name, bridge->iface, IF_NAMESIZE);
80 break;
81 }
82 }
83 if (alias)
84 break;
85 }
86 }
87
88 if (daemon->if_names || (addr && daemon->if_addrs))
89 {
90 ret = 0;
91
92 for (tmp = daemon->if_names; tmp; tmp = tmp->next)
93 if (tmp->name && (strcmp(tmp->name, name) == 0))
94 ret = tmp->used = 1;
95
96 for (tmp = daemon->if_addrs; tmp; tmp = tmp->next)
97 if (addr && tmp->addr.sa.sa_family == family)
98 {
99 if (family == AF_INET &&
100 tmp->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
101 ret = tmp->used = 1;
102 #ifdef HAVE_IPV6
103 else if (family == AF_INET6 &&
104 IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr,
105 &addr->addr.addr6))
106 ret = tmp->used = 1;
107 #endif
108 }
109 }
110
111 for (tmp = daemon->if_except; tmp; tmp = tmp->next)
112 if (tmp->name && (strcmp(tmp->name, name) == 0))
113 ret = 0;
114
115 return ret;
116 }
117
iface_allowed(struct irec ** irecp,int if_index,union mysockaddr * addr,struct in_addr netmask)118 static int iface_allowed(struct irec **irecp, int if_index,
119 union mysockaddr *addr, struct in_addr netmask)
120 {
121 struct irec *iface;
122 int fd, mtu = 0, loopback;
123 struct ifreq ifr;
124 int dhcp_ok = 1;
125 struct iname *tmp;
126
127 /* check whether the interface IP has been added already
128 we call this routine multiple times. */
129 for (iface = *irecp; iface; iface = iface->next)
130 if (sockaddr_isequal(&iface->addr, addr))
131 return 1;
132
133 if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) == -1 ||
134 !indextoname(fd, if_index, ifr.ifr_name) ||
135 ioctl(fd, SIOCGIFFLAGS, &ifr) == -1)
136 {
137 if (fd != -1)
138 {
139 int errsave = errno;
140 close(fd);
141 errno = errsave;
142 }
143 return 0;
144 }
145
146 loopback = ifr.ifr_flags & IFF_LOOPBACK;
147
148 if (ioctl(fd, SIOCGIFMTU, &ifr) != -1)
149 mtu = ifr.ifr_mtu;
150
151 close(fd);
152
153 /* If we are restricting the set of interfaces to use, make
154 sure that loopback interfaces are in that set. */
155 if (daemon->if_names && loopback)
156 {
157 struct iname *lo;
158 for (lo = daemon->if_names; lo; lo = lo->next)
159 if (lo->name && strcmp(lo->name, ifr.ifr_name) == 0)
160 {
161 lo->isloop = 1;
162 break;
163 }
164
165 if (!lo &&
166 (lo = whine_malloc(sizeof(struct iname))) &&
167 (lo->name = whine_malloc(strlen(ifr.ifr_name)+1)))
168 {
169 strcpy(lo->name, ifr.ifr_name);
170 lo->isloop = lo->used = 1;
171 lo->next = daemon->if_names;
172 daemon->if_names = lo;
173 }
174 }
175
176 if (addr->sa.sa_family == AF_INET &&
177 !iface_check(AF_INET, (struct all_addr *)&addr->in.sin_addr, ifr.ifr_name, NULL))
178 return 1;
179
180 for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
181 if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
182 dhcp_ok = 0;
183
184 #ifdef HAVE_IPV6
185 if (addr->sa.sa_family == AF_INET6 &&
186 !iface_check(AF_INET6, (struct all_addr *)&addr->in6.sin6_addr, ifr.ifr_name, NULL))
187 return 1;
188 #endif
189
190 /* add to list */
191 if ((iface = whine_malloc(sizeof(struct irec))))
192 {
193 iface->addr = *addr;
194 iface->netmask = netmask;
195 iface->dhcp_ok = dhcp_ok;
196 iface->mtu = mtu;
197 iface->next = *irecp;
198 *irecp = iface;
199 return 1;
200 }
201
202 errno = ENOMEM;
203 return 0;
204 }
205
206 #ifdef HAVE_IPV6
iface_allowed_v6(struct in6_addr * local,int scope,int if_index,void * vparam)207 static int iface_allowed_v6(struct in6_addr *local,
208 int scope, int if_index, void *vparam)
209 {
210 union mysockaddr addr;
211 struct in_addr netmask; /* dummy */
212
213 netmask.s_addr = 0;
214
215 memset(&addr, 0, sizeof(addr));
216 #ifdef HAVE_SOCKADDR_SA_LEN
217 addr.in6.sin6_len = sizeof(addr.in6);
218 #endif
219 addr.in6.sin6_family = AF_INET6;
220 addr.in6.sin6_addr = *local;
221 addr.in6.sin6_port = htons(daemon->port);
222 addr.in6.sin6_scope_id = scope;
223
224 return iface_allowed((struct irec **)vparam, if_index, &addr, netmask);
225 }
226 #endif
227
iface_allowed_v4(struct in_addr local,int if_index,struct in_addr netmask,struct in_addr broadcast,void * vparam)228 static int iface_allowed_v4(struct in_addr local, int if_index,
229 struct in_addr netmask, struct in_addr broadcast, void *vparam)
230 {
231 union mysockaddr addr;
232
233 memset(&addr, 0, sizeof(addr));
234 #ifdef HAVE_SOCKADDR_SA_LEN
235 addr.in.sin_len = sizeof(addr.in);
236 #endif
237 addr.in.sin_family = AF_INET;
238 addr.in.sin_addr = broadcast; /* warning */
239 addr.in.sin_addr = local;
240 addr.in.sin_port = htons(daemon->port);
241
242 return iface_allowed((struct irec **)vparam, if_index, &addr, netmask);
243 }
244
enumerate_interfaces(void)245 int enumerate_interfaces(void)
246 {
247 #ifdef HAVE_IPV6
248 return iface_enumerate(&daemon->interfaces, iface_allowed_v4, iface_allowed_v6);
249 #else
250 return iface_enumerate(&daemon->interfaces, iface_allowed_v4, NULL);
251 #endif
252 }
253
254 /* set NONBLOCK bit on fd: See Stevens 16.6 */
fix_fd(int fd)255 int fix_fd(int fd)
256 {
257 int flags;
258
259 if ((flags = fcntl(fd, F_GETFL)) == -1 ||
260 fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1)
261 return 0;
262
263 return 1;
264 }
265
266 #if defined(HAVE_IPV6)
create_ipv6_listener(struct listener ** link,int port)267 static int create_ipv6_listener(struct listener **link, int port)
268 {
269 union mysockaddr addr;
270 int tcpfd, fd;
271 struct listener *l;
272 int opt = 1;
273
274 memset(&addr, 0, sizeof(addr));
275 addr.in6.sin6_family = AF_INET6;
276 addr.in6.sin6_addr = in6addr_any;
277 addr.in6.sin6_port = htons(port);
278 #ifdef HAVE_SOCKADDR_SA_LEN
279 addr.in6.sin6_len = sizeof(addr.in6);
280 #endif
281
282 /* No error of the kernel doesn't support IPv6 */
283 if ((fd = socket(AF_INET6, SOCK_DGRAM, 0)) == -1)
284 return (errno == EPROTONOSUPPORT ||
285 errno == EAFNOSUPPORT ||
286 errno == EINVAL);
287
288 if ((tcpfd = socket(AF_INET6, SOCK_STREAM, 0)) == -1)
289 return 0;
290
291 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
292 setsockopt(tcpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
293 setsockopt(fd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1 ||
294 setsockopt(tcpfd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1 ||
295 !fix_fd(fd) ||
296 !fix_fd(tcpfd) ||
297 #ifdef IPV6_RECVPKTINFO
298 setsockopt(fd, IPV6_LEVEL, IPV6_RECVPKTINFO, &opt, sizeof(opt)) == -1 ||
299 #else
300 setsockopt(fd, IPV6_LEVEL, IPV6_PKTINFO, &opt, sizeof(opt)) == -1 ||
301 #endif
302 bind(tcpfd, (struct sockaddr *)&addr, sa_len(&addr)) == -1 ||
303 listen(tcpfd, 5) == -1 ||
304 bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == -1)
305 return 0;
306
307 l = safe_malloc(sizeof(struct listener));
308 l->fd = fd;
309 l->tcpfd = tcpfd;
310 l->tftpfd = -1;
311 l->family = AF_INET6;
312 l->next = NULL;
313 *link = l;
314
315 return 1;
316 }
317 #endif
318
create_wildcard_listeners(void)319 struct listener *create_wildcard_listeners(void)
320 {
321 union mysockaddr addr;
322 int opt = 1;
323 struct listener *l, *l6 = NULL;
324 int tcpfd = -1, fd = -1, tftpfd = -1;
325
326 memset(&addr, 0, sizeof(addr));
327 addr.in.sin_family = AF_INET;
328 addr.in.sin_addr.s_addr = INADDR_ANY;
329 addr.in.sin_port = htons(daemon->port);
330 #ifdef HAVE_SOCKADDR_SA_LEN
331 addr.in.sin_len = sizeof(struct sockaddr_in);
332 #endif
333
334 if (daemon->port != 0)
335 {
336
337 if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1 ||
338 (tcpfd = socket(AF_INET, SOCK_STREAM, 0)) == -1)
339 return NULL;
340
341 if (setsockopt(tcpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
342 bind(tcpfd, (struct sockaddr *)&addr, sa_len(&addr)) == -1 ||
343 listen(tcpfd, 5) == -1 ||
344 !fix_fd(tcpfd) ||
345 #ifdef HAVE_IPV6
346 !create_ipv6_listener(&l6, daemon->port) ||
347 #endif
348 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
349 !fix_fd(fd) ||
350 #if defined(HAVE_LINUX_NETWORK)
351 setsockopt(fd, SOL_IP, IP_PKTINFO, &opt, sizeof(opt)) == -1 ||
352 #elif defined(IP_RECVDSTADDR) && defined(IP_RECVIF)
353 setsockopt(fd, IPPROTO_IP, IP_RECVDSTADDR, &opt, sizeof(opt)) == -1 ||
354 setsockopt(fd, IPPROTO_IP, IP_RECVIF, &opt, sizeof(opt)) == -1 ||
355 #endif
356 bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == -1)
357 return NULL;
358 }
359
360 #ifdef HAVE_TFTP
361 if (daemon->options & OPT_TFTP)
362 {
363 addr.in.sin_port = htons(TFTP_PORT);
364 if ((tftpfd = socket(AF_INET, SOCK_DGRAM, 0)) == -1)
365 return NULL;
366
367 if (!fix_fd(tftpfd) ||
368 #if defined(HAVE_LINUX_NETWORK)
369 setsockopt(tftpfd, SOL_IP, IP_PKTINFO, &opt, sizeof(opt)) == -1 ||
370 #elif defined(IP_RECVDSTADDR) && defined(IP_RECVIF)
371 setsockopt(tftpfd, IPPROTO_IP, IP_RECVDSTADDR, &opt, sizeof(opt)) == -1 ||
372 setsockopt(tftpfd, IPPROTO_IP, IP_RECVIF, &opt, sizeof(opt)) == -1 ||
373 #endif
374 bind(tftpfd, (struct sockaddr *)&addr, sa_len(&addr)) == -1)
375 return NULL;
376 }
377 #endif
378
379 l = safe_malloc(sizeof(struct listener));
380 l->family = AF_INET;
381 l->fd = fd;
382 l->tcpfd = tcpfd;
383 l->tftpfd = tftpfd;
384 l->next = l6;
385
386 return l;
387 }
388
create_bound_listeners(void)389 struct listener *create_bound_listeners(void)
390 {
391 struct listener *listeners = NULL;
392 struct irec *iface;
393 int rc, opt = 1;
394 #ifdef HAVE_IPV6
395 static int dad_count = 0;
396 #endif
397
398 for (iface = daemon->interfaces; iface; iface = iface->next)
399 {
400 struct listener *new = safe_malloc(sizeof(struct listener));
401 new->family = iface->addr.sa.sa_family;
402 new->iface = iface;
403 new->next = listeners;
404 new->tftpfd = -1;
405 new->tcpfd = -1;
406 new->fd = -1;
407 listeners = new;
408
409 if (daemon->port != 0)
410 {
411 if ((new->tcpfd = socket(iface->addr.sa.sa_family, SOCK_STREAM, 0)) == -1 ||
412 (new->fd = socket(iface->addr.sa.sa_family, SOCK_DGRAM, 0)) == -1 ||
413 setsockopt(new->fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
414 setsockopt(new->tcpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
415 !fix_fd(new->tcpfd) ||
416 !fix_fd(new->fd))
417 die(_("failed to create listening socket: %s"), NULL, EC_BADNET);
418
419 #ifdef HAVE_IPV6
420 if (iface->addr.sa.sa_family == AF_INET6)
421 {
422 if (setsockopt(new->fd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1 ||
423 setsockopt(new->tcpfd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1)
424 die(_("failed to set IPV6 options on listening socket: %s"), NULL, EC_BADNET);
425 }
426 #endif
427
428 while(1)
429 {
430 if ((rc = bind(new->fd, &iface->addr.sa, sa_len(&iface->addr))) != -1)
431 break;
432
433 #ifdef HAVE_IPV6
434 /* An interface may have an IPv6 address which is still undergoing DAD.
435 If so, the bind will fail until the DAD completes, so we try over 20 seconds
436 before failing. */
437 if (iface->addr.sa.sa_family == AF_INET6 && (errno == ENODEV || errno == EADDRNOTAVAIL) &&
438 dad_count++ < DAD_WAIT)
439 {
440 sleep(1);
441 continue;
442 }
443 #endif
444 break;
445 }
446
447 if (rc == -1 || bind(new->tcpfd, &iface->addr.sa, sa_len(&iface->addr)) == -1)
448 {
449 prettyprint_addr(&iface->addr, daemon->namebuff);
450 die(_("failed to bind listening socket for %s: %s"),
451 daemon->namebuff, EC_BADNET);
452 }
453
454 if (listen(new->tcpfd, 5) == -1)
455 die(_("failed to listen on socket: %s"), NULL, EC_BADNET);
456 }
457
458 #ifdef HAVE_TFTP
459 if ((daemon->options & OPT_TFTP) && iface->addr.sa.sa_family == AF_INET && iface->dhcp_ok)
460 {
461 short save = iface->addr.in.sin_port;
462 iface->addr.in.sin_port = htons(TFTP_PORT);
463 if ((new->tftpfd = socket(AF_INET, SOCK_DGRAM, 0)) == -1 ||
464 setsockopt(new->tftpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
465 !fix_fd(new->tftpfd) ||
466 bind(new->tftpfd, &iface->addr.sa, sa_len(&iface->addr)) == -1)
467 die(_("failed to create TFTP socket: %s"), NULL, EC_BADNET);
468 iface->addr.in.sin_port = save;
469 }
470 #endif
471
472 }
473
474 return listeners;
475 }
476
477
478 /* return a UDP socket bound to a random port, have to cope with straying into
479 occupied port nos and reserved ones. */
random_sock(int family)480 int random_sock(int family)
481 {
482 int fd;
483
484 if ((fd = socket(family, SOCK_DGRAM, 0)) != -1)
485 {
486 union mysockaddr addr;
487 unsigned int ports_avail = 65536u - (unsigned short)daemon->min_port;
488 int tries = ports_avail < 30 ? 3 * ports_avail : 100;
489
490 memset(&addr, 0, sizeof(addr));
491 addr.sa.sa_family = family;
492
493 /* don't loop forever if all ports in use. */
494
495 if (fix_fd(fd))
496 while(tries--)
497 {
498 unsigned short port = rand16();
499
500 if (daemon->min_port != 0)
501 port = htons(daemon->min_port + (port % ((unsigned short)ports_avail)));
502
503 if (family == AF_INET)
504 {
505 addr.in.sin_addr.s_addr = INADDR_ANY;
506 addr.in.sin_port = port;
507 #ifdef HAVE_SOCKADDR_SA_LEN
508 addr.in.sin_len = sizeof(struct sockaddr_in);
509 #endif
510 }
511 #ifdef HAVE_IPV6
512 else
513 {
514 addr.in6.sin6_addr = in6addr_any;
515 addr.in6.sin6_port = port;
516 #ifdef HAVE_SOCKADDR_SA_LEN
517 addr.in6.sin6_len = sizeof(struct sockaddr_in6);
518 #endif
519 }
520 #endif
521
522 if (bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == 0)
523 return fd;
524
525 if (errno != EADDRINUSE && errno != EACCES)
526 break;
527 }
528
529 close(fd);
530 }
531
532 return -1;
533 }
534
535
local_bind(int fd,union mysockaddr * addr,char * intname,int is_tcp)536 int local_bind(int fd, union mysockaddr *addr, char *intname, int is_tcp)
537 {
538 union mysockaddr addr_copy = *addr;
539
540 /* cannot set source _port_ for TCP connections. */
541 if (is_tcp)
542 {
543 if (addr_copy.sa.sa_family == AF_INET)
544 addr_copy.in.sin_port = 0;
545 #ifdef HAVE_IPV6
546 else
547 addr_copy.in6.sin6_port = 0;
548 #endif
549 }
550
551 if (bind(fd, (struct sockaddr *)&addr_copy, sa_len(&addr_copy)) == -1)
552 return 0;
553
554 #if defined(SO_BINDTODEVICE)
555 if (intname[0] != 0 &&
556 setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, intname, strlen(intname)) == -1)
557 return 0;
558 #endif
559
560 return 1;
561 }
562
allocate_sfd(union mysockaddr * addr,char * intname)563 static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname)
564 {
565 struct serverfd *sfd;
566 int errsave;
567
568 /* when using random ports, servers which would otherwise use
569 the INADDR_ANY/port0 socket have sfd set to NULL */
570 if (!daemon->osport && intname[0] == 0)
571 {
572 errno = 0;
573
574 if (addr->sa.sa_family == AF_INET &&
575 addr->in.sin_addr.s_addr == INADDR_ANY &&
576 addr->in.sin_port == htons(0))
577 return NULL;
578
579 #ifdef HAVE_IPV6
580 if (addr->sa.sa_family == AF_INET6 &&
581 memcmp(&addr->in6.sin6_addr, &in6addr_any, sizeof(in6addr_any)) == 0 &&
582 addr->in6.sin6_port == htons(0))
583 return NULL;
584 #endif
585 }
586
587 /* may have a suitable one already */
588 for (sfd = daemon->sfds; sfd; sfd = sfd->next )
589 if (sockaddr_isequal(&sfd->source_addr, addr) &&
590 strcmp(intname, sfd->interface) == 0)
591 return sfd;
592
593 /* need to make a new one. */
594 errno = ENOMEM; /* in case malloc fails. */
595 if (!(sfd = whine_malloc(sizeof(struct serverfd))))
596 return NULL;
597
598 if ((sfd->fd = socket(addr->sa.sa_family, SOCK_DGRAM, 0)) == -1)
599 {
600 free(sfd);
601 return NULL;
602 }
603
604 if (!local_bind(sfd->fd, addr, intname, 0) || !fix_fd(sfd->fd))
605 {
606 errsave = errno; /* save error from bind. */
607 close(sfd->fd);
608 free(sfd);
609 errno = errsave;
610 return NULL;
611 }
612
613 strcpy(sfd->interface, intname);
614 sfd->source_addr = *addr;
615 sfd->next = daemon->sfds;
616 daemon->sfds = sfd;
617 return sfd;
618 }
619
620 /* create upstream sockets during startup, before root is dropped which may be needed
621 this allows query_port to be a low port and interface binding */
pre_allocate_sfds(void)622 void pre_allocate_sfds(void)
623 {
624 struct server *srv;
625
626 if (daemon->query_port != 0)
627 {
628 union mysockaddr addr;
629 memset(&addr, 0, sizeof(addr));
630 addr.in.sin_family = AF_INET;
631 addr.in.sin_addr.s_addr = INADDR_ANY;
632 addr.in.sin_port = htons(daemon->query_port);
633 #ifdef HAVE_SOCKADDR_SA_LEN
634 addr.in.sin_len = sizeof(struct sockaddr_in);
635 #endif
636 allocate_sfd(&addr, "");
637 #ifdef HAVE_IPV6
638 memset(&addr, 0, sizeof(addr));
639 addr.in6.sin6_family = AF_INET6;
640 addr.in6.sin6_addr = in6addr_any;
641 addr.in6.sin6_port = htons(daemon->query_port);
642 #ifdef HAVE_SOCKADDR_SA_LEN
643 addr.in6.sin6_len = sizeof(struct sockaddr_in6);
644 #endif
645 allocate_sfd(&addr, "");
646 #endif
647 }
648
649 for (srv = daemon->servers; srv; srv = srv->next)
650 if (!(srv->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR)) &&
651 !allocate_sfd(&srv->source_addr, srv->interface) &&
652 errno != 0 &&
653 (daemon->options & OPT_NOWILD))
654 {
655 prettyprint_addr(&srv->addr, daemon->namebuff);
656 if (srv->interface[0] != 0)
657 {
658 strcat(daemon->namebuff, " ");
659 strcat(daemon->namebuff, srv->interface);
660 }
661 die(_("failed to bind server socket for %s: %s"),
662 daemon->namebuff, EC_BADNET);
663 }
664 }
665
666
check_servers(void)667 void check_servers(void)
668 {
669 struct irec *iface;
670 struct server *new, *tmp, *ret = NULL;
671 int port = 0;
672
673 for (new = daemon->servers; new; new = tmp)
674 {
675 tmp = new->next;
676
677 if (!(new->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR)))
678 {
679 port = prettyprint_addr(&new->addr, daemon->namebuff);
680
681 /* 0.0.0.0 is nothing, the stack treats it like 127.0.0.1 */
682 if (new->addr.sa.sa_family == AF_INET &&
683 new->addr.in.sin_addr.s_addr == 0)
684 {
685 free(new);
686 continue;
687 }
688
689 for (iface = daemon->interfaces; iface; iface = iface->next)
690 if (sockaddr_isequal(&new->addr, &iface->addr))
691 break;
692 if (iface)
693 {
694 my_syslog(LOG_WARNING, _("ignoring nameserver %s - local interface"), daemon->namebuff);
695 free(new);
696 continue;
697 }
698
699 /* Do we need a socket set? */
700 if (!new->sfd &&
701 !(new->sfd = allocate_sfd(&new->source_addr, new->interface)) &&
702 errno != 0)
703 {
704 my_syslog(LOG_WARNING,
705 _("ignoring nameserver %s - cannot make/bind socket: %s"),
706 daemon->namebuff, strerror(errno));
707 free(new);
708 continue;
709 }
710 }
711
712 /* reverse order - gets it right. */
713 new->next = ret;
714 ret = new;
715
716 if (new->flags & (SERV_HAS_DOMAIN | SERV_FOR_NODOTS))
717 {
718 char *s1, *s2;
719 if (!(new->flags & SERV_HAS_DOMAIN))
720 s1 = _("unqualified"), s2 = _("names");
721 else if (strlen(new->domain) == 0)
722 s1 = _("default"), s2 = "";
723 else
724 s1 = _("domain"), s2 = new->domain;
725
726 if (new->flags & SERV_NO_ADDR)
727 my_syslog(LOG_INFO, _("using local addresses only for %s %s"), s1, s2);
728 else if (!(new->flags & SERV_LITERAL_ADDRESS))
729 my_syslog(LOG_INFO, _("using nameserver %s#%d for %s %s"), daemon->namebuff, port, s1, s2);
730 }
731 else if (new->interface[0] != 0)
732 my_syslog(LOG_INFO, _("using nameserver %s#%d(via %s)"), daemon->namebuff, port, new->interface);
733 else
734 my_syslog(LOG_INFO, _("using nameserver %s#%d"), daemon->namebuff, port);
735 }
736
737 daemon->servers = ret;
738 }
739
740 #ifdef __ANDROID__
741 /*
742 * Takes a string in the format "1.2.3.4:1.2.3.4:..." - up to 1024 bytes in length
743 */
set_servers(const char * servers)744 int set_servers(const char *servers)
745 {
746 char s[1024];
747 struct server *old_servers = NULL;
748 struct server *new_servers = NULL;
749 struct server *serv;
750
751 strncpy(s, servers, sizeof(s));
752
753 /* move old servers to free list - we can reuse the memory
754 and not risk malloc if there are the same or fewer new servers.
755 Servers which were specced on the command line go to the new list. */
756 for (serv = daemon->servers; serv;)
757 {
758 struct server *tmp = serv->next;
759 if (serv->flags & SERV_FROM_RESOLV)
760 {
761 serv->next = old_servers;
762 old_servers = serv;
763 /* forward table rules reference servers, so have to blow them away */
764 server_gone(serv);
765 }
766 else
767 {
768 serv->next = new_servers;
769 new_servers = serv;
770 }
771 serv = tmp;
772 }
773
774 char *next = s;
775 char *saddr;
776
777 while ((saddr = strsep(&next, ":"))) {
778 union mysockaddr addr, source_addr;
779 memset(&addr, 0, sizeof(addr));
780 memset(&source_addr, 0, sizeof(source_addr));
781
782 if ((addr.in.sin_addr.s_addr = inet_addr(saddr)) != (in_addr_t) -1)
783 {
784 #ifdef HAVE_SOCKADDR_SA_LEN
785 source_addr.in.sin_len = addr.in.sin_len = sizeof(source_addr.in);
786 #endif
787 source_addr.in.sin_family = addr.in.sin_family = AF_INET;
788 addr.in.sin_port = htons(NAMESERVER_PORT);
789 source_addr.in.sin_addr.s_addr = INADDR_ANY;
790 source_addr.in.sin_port = htons(daemon->query_port);
791 }
792 #ifdef HAVE_IPV6
793 else if (inet_pton(AF_INET6, saddr, &addr.in6.sin6_addr) > 0)
794 {
795 #ifdef HAVE_SOCKADDR_SA_LEN
796 source_addr.in6.sin6_len = addr.in6.sin6_len = sizeof(source_addr.in6);
797 #endif
798 source_addr.in6.sin6_family = addr.in6.sin6_family = AF_INET6;
799 addr.in6.sin6_port = htons(NAMESERVER_PORT);
800 source_addr.in6.sin6_addr = in6addr_any;
801 source_addr.in6.sin6_port = htons(daemon->query_port);
802 }
803 #endif /* IPV6 */
804 else
805 continue;
806
807 if (old_servers)
808 {
809 serv = old_servers;
810 old_servers = old_servers->next;
811 }
812 else if (!(serv = whine_malloc(sizeof (struct server))))
813 continue;
814
815 /* this list is reverse ordered:
816 it gets reversed again in check_servers */
817 serv->next = new_servers;
818 new_servers = serv;
819 serv->addr = addr;
820 serv->source_addr = source_addr;
821 serv->domain = NULL;
822 serv->interface[0] = 0;
823 serv->sfd = NULL;
824 serv->flags = SERV_FROM_RESOLV;
825 serv->queries = serv->failed_queries = 0;
826 }
827
828 /* Free any memory not used. */
829 while (old_servers)
830 {
831 struct server *tmp = old_servers->next;
832 free(old_servers);
833 old_servers = tmp;
834 }
835
836 daemon->servers = new_servers;
837 return 0;
838 }
839 #endif
840
841 /* Return zero if no servers found, in that case we keep polling.
842 This is a protection against an update-time/write race on resolv.conf */
reload_servers(char * fname)843 int reload_servers(char *fname)
844 {
845 FILE *f;
846 char *line;
847 struct server *old_servers = NULL;
848 struct server *new_servers = NULL;
849 struct server *serv;
850 int gotone = 0;
851
852 /* buff happens to be MAXDNAME long... */
853 if (!(f = fopen(fname, "r")))
854 {
855 my_syslog(LOG_ERR, _("failed to read %s: %s"), fname, strerror(errno));
856 return 0;
857 }
858
859 /* move old servers to free list - we can reuse the memory
860 and not risk malloc if there are the same or fewer new servers.
861 Servers which were specced on the command line go to the new list. */
862 for (serv = daemon->servers; serv;)
863 {
864 struct server *tmp = serv->next;
865 if (serv->flags & SERV_FROM_RESOLV)
866 {
867 serv->next = old_servers;
868 old_servers = serv;
869 /* forward table rules reference servers, so have to blow them away */
870 server_gone(serv);
871 }
872 else
873 {
874 serv->next = new_servers;
875 new_servers = serv;
876 }
877 serv = tmp;
878 }
879
880 while ((line = fgets(daemon->namebuff, MAXDNAME, f)))
881 {
882 union mysockaddr addr, source_addr;
883 char *token = strtok(line, " \t\n\r");
884
885 if (!token)
886 continue;
887 if (strcmp(token, "nameserver") != 0 && strcmp(token, "server") != 0)
888 continue;
889 if (!(token = strtok(NULL, " \t\n\r")))
890 continue;
891
892 memset(&addr, 0, sizeof(addr));
893 memset(&source_addr, 0, sizeof(source_addr));
894
895 if ((addr.in.sin_addr.s_addr = inet_addr(token)) != (in_addr_t) -1)
896 {
897 #ifdef HAVE_SOCKADDR_SA_LEN
898 source_addr.in.sin_len = addr.in.sin_len = sizeof(source_addr.in);
899 #endif
900 source_addr.in.sin_family = addr.in.sin_family = AF_INET;
901 addr.in.sin_port = htons(NAMESERVER_PORT);
902 source_addr.in.sin_addr.s_addr = INADDR_ANY;
903 source_addr.in.sin_port = htons(daemon->query_port);
904 }
905 #ifdef HAVE_IPV6
906 else if (inet_pton(AF_INET6, token, &addr.in6.sin6_addr) > 0)
907 {
908 #ifdef HAVE_SOCKADDR_SA_LEN
909 source_addr.in6.sin6_len = addr.in6.sin6_len = sizeof(source_addr.in6);
910 #endif
911 source_addr.in6.sin6_family = addr.in6.sin6_family = AF_INET6;
912 addr.in6.sin6_port = htons(NAMESERVER_PORT);
913 source_addr.in6.sin6_addr = in6addr_any;
914 source_addr.in6.sin6_port = htons(daemon->query_port);
915 }
916 #endif /* IPV6 */
917 else
918 continue;
919
920 if (old_servers)
921 {
922 serv = old_servers;
923 old_servers = old_servers->next;
924 }
925 else if (!(serv = whine_malloc(sizeof (struct server))))
926 continue;
927
928 /* this list is reverse ordered:
929 it gets reversed again in check_servers */
930 serv->next = new_servers;
931 new_servers = serv;
932 serv->addr = addr;
933 serv->source_addr = source_addr;
934 serv->domain = NULL;
935 serv->interface[0] = 0;
936 serv->sfd = NULL;
937 serv->flags = SERV_FROM_RESOLV;
938 serv->queries = serv->failed_queries = 0;
939 gotone = 1;
940 }
941
942 /* Free any memory not used. */
943 while (old_servers)
944 {
945 struct server *tmp = old_servers->next;
946 free(old_servers);
947 old_servers = tmp;
948 }
949
950 daemon->servers = new_servers;
951 fclose(f);
952
953 return gotone;
954 }
955
956
957 /* Use an IPv4 listener socket for ioctling */
get_ifaddr(char * intr)958 struct in_addr get_ifaddr(char *intr)
959 {
960 struct listener *l;
961 struct ifreq ifr;
962
963 for (l = daemon->listeners; l && l->family != AF_INET; l = l->next);
964
965 strncpy(ifr.ifr_name, intr, IF_NAMESIZE);
966 ifr.ifr_addr.sa_family = AF_INET;
967
968 if (!l || ioctl(l->fd, SIOCGIFADDR, &ifr) == -1)
969 ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr.s_addr = -1;
970
971 return ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
972 }
973
974
975
976