1 /* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
7
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
12
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
15 */
16
17 #include "dnsmasq.h"
18
19 #ifdef HAVE_LINUX_NETWORK
20
indextoname(int fd,int index,char * name)21 int indextoname(int fd, int index, char *name)
22 {
23 struct ifreq ifr;
24
25 if (index == 0)
26 return 0;
27
28 ifr.ifr_ifindex = index;
29 if (ioctl(fd, SIOCGIFNAME, &ifr) == -1)
30 return 0;
31
32 strncpy(name, ifr.ifr_name, IF_NAMESIZE);
33
34 return 1;
35 }
36
37 #else
38
indextoname(int fd,int index,char * name)39 int indextoname(int fd, int index, char *name)
40 {
41 if (index == 0 || !if_indextoname(index, name))
42 return 0;
43
44 return 1;
45 }
46
47 #endif
48
iface_check(int family,struct all_addr * addr,char * name,int * indexp)49 int iface_check(int family, struct all_addr *addr, char *name, int *indexp)
50 {
51 struct iname *tmp;
52 int ret = 1;
53
54 /* Note: have to check all and not bail out early, so that we set the
55 "used" flags. */
56
57 if (indexp)
58 {
59 /* One form of bridging on BSD has the property that packets
60 can be recieved on bridge interfaces which do not have an IP address.
61 We allow these to be treated as aliases of another interface which does have
62 an IP address with --dhcp-bridge=interface,alias,alias */
63 struct dhcp_bridge *bridge, *alias;
64 for (bridge = daemon->bridges; bridge; bridge = bridge->next)
65 {
66 for (alias = bridge->alias; alias; alias = alias->next)
67 if (strncmp(name, alias->iface, IF_NAMESIZE) == 0)
68 {
69 int newindex;
70
71 if (!(newindex = if_nametoindex(bridge->iface)))
72 {
73 my_syslog(LOG_WARNING, _("unknown interface %s in bridge-interface"), name);
74 return 0;
75 }
76 else
77 {
78 *indexp = newindex;
79 strncpy(name, bridge->iface, IF_NAMESIZE);
80 break;
81 }
82 }
83 if (alias)
84 break;
85 }
86 }
87
88 if (daemon->if_names || (addr && daemon->if_addrs))
89 {
90 ret = 0;
91
92 for (tmp = daemon->if_names; tmp; tmp = tmp->next)
93 if (tmp->name && (strcmp(tmp->name, name) == 0))
94 ret = tmp->used = 1;
95
96 for (tmp = daemon->if_addrs; tmp; tmp = tmp->next)
97 if (addr && tmp->addr.sa.sa_family == family)
98 {
99 if (family == AF_INET &&
100 tmp->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
101 ret = tmp->used = 1;
102 #ifdef HAVE_IPV6
103 else if (family == AF_INET6 &&
104 IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr,
105 &addr->addr.addr6))
106 ret = tmp->used = 1;
107 #endif
108 }
109 }
110
111 for (tmp = daemon->if_except; tmp; tmp = tmp->next)
112 if (tmp->name && (strcmp(tmp->name, name) == 0))
113 ret = 0;
114
115 return ret;
116 }
117
iface_allowed(struct irec ** irecp,int if_index,union mysockaddr * addr,struct in_addr netmask)118 static int iface_allowed(struct irec **irecp, int if_index,
119 union mysockaddr *addr, struct in_addr netmask)
120 {
121 struct irec *iface;
122 int fd, mtu = 0, loopback;
123 struct ifreq ifr;
124 int dhcp_ok = 1;
125 struct iname *tmp;
126
127 /* check whether the interface IP has been added already
128 we call this routine multiple times. */
129 for (iface = *irecp; iface; iface = iface->next)
130 if (sockaddr_isequal(&iface->addr, addr))
131 return 1;
132
133 if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) == -1 ||
134 !indextoname(fd, if_index, ifr.ifr_name) ||
135 ioctl(fd, SIOCGIFFLAGS, &ifr) == -1)
136 {
137 if (fd != -1)
138 {
139 int errsave = errno;
140 close(fd);
141 errno = errsave;
142 }
143 return 0;
144 }
145
146 loopback = ifr.ifr_flags & IFF_LOOPBACK;
147
148 if (ioctl(fd, SIOCGIFMTU, &ifr) != -1)
149 mtu = ifr.ifr_mtu;
150
151 close(fd);
152
153 /* If we are restricting the set of interfaces to use, make
154 sure that loopback interfaces are in that set. */
155 if (daemon->if_names && loopback)
156 {
157 struct iname *lo;
158 for (lo = daemon->if_names; lo; lo = lo->next)
159 if (lo->name && strcmp(lo->name, ifr.ifr_name) == 0)
160 {
161 lo->isloop = 1;
162 break;
163 }
164
165 if (!lo &&
166 (lo = whine_malloc(sizeof(struct iname))) &&
167 (lo->name = whine_malloc(strlen(ifr.ifr_name)+1)))
168 {
169 strcpy(lo->name, ifr.ifr_name);
170 lo->isloop = lo->used = 1;
171 lo->next = daemon->if_names;
172 daemon->if_names = lo;
173 }
174 }
175
176 if (addr->sa.sa_family == AF_INET &&
177 !iface_check(AF_INET, (struct all_addr *)&addr->in.sin_addr, ifr.ifr_name, NULL))
178 return 1;
179
180 for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
181 if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
182 dhcp_ok = 0;
183
184 #ifdef HAVE_IPV6
185 if (addr->sa.sa_family == AF_INET6 &&
186 !iface_check(AF_INET6, (struct all_addr *)&addr->in6.sin6_addr, ifr.ifr_name, NULL))
187 return 1;
188 #endif
189
190 /* add to list */
191 if ((iface = whine_malloc(sizeof(struct irec))))
192 {
193 iface->addr = *addr;
194 iface->netmask = netmask;
195 iface->dhcp_ok = dhcp_ok;
196 iface->mtu = mtu;
197 iface->next = *irecp;
198 *irecp = iface;
199 return 1;
200 }
201
202 errno = ENOMEM;
203 return 0;
204 }
205
206 #ifdef HAVE_IPV6
iface_allowed_v6(struct in6_addr * local,int scope,int if_index,void * vparam)207 static int iface_allowed_v6(struct in6_addr *local,
208 int scope, int if_index, void *vparam)
209 {
210 union mysockaddr addr;
211 struct in_addr netmask; /* dummy */
212
213 netmask.s_addr = 0;
214
215 memset(&addr, 0, sizeof(addr));
216 #ifdef HAVE_SOCKADDR_SA_LEN
217 addr.in6.sin6_len = sizeof(addr.in6);
218 #endif
219 addr.in6.sin6_family = AF_INET6;
220 addr.in6.sin6_addr = *local;
221 addr.in6.sin6_port = htons(daemon->port);
222 addr.in6.sin6_scope_id = scope;
223
224 return iface_allowed((struct irec **)vparam, if_index, &addr, netmask);
225 }
226 #endif
227
iface_allowed_v4(struct in_addr local,int if_index,struct in_addr netmask,struct in_addr broadcast,void * vparam)228 static int iface_allowed_v4(struct in_addr local, int if_index,
229 struct in_addr netmask, struct in_addr broadcast, void *vparam)
230 {
231 union mysockaddr addr;
232
233 memset(&addr, 0, sizeof(addr));
234 #ifdef HAVE_SOCKADDR_SA_LEN
235 addr.in.sin_len = sizeof(addr.in);
236 #endif
237 addr.in.sin_family = AF_INET;
238 addr.in.sin_addr = broadcast; /* warning */
239 addr.in.sin_addr = local;
240 addr.in.sin_port = htons(daemon->port);
241
242 return iface_allowed((struct irec **)vparam, if_index, &addr, netmask);
243 }
244
enumerate_interfaces(void)245 int enumerate_interfaces(void)
246 {
247 #ifdef HAVE_IPV6
248 return iface_enumerate(&daemon->interfaces, iface_allowed_v4, iface_allowed_v6);
249 #else
250 return iface_enumerate(&daemon->interfaces, iface_allowed_v4, NULL);
251 #endif
252 }
253
254 /* set NONBLOCK bit on fd: See Stevens 16.6 */
fix_fd(int fd)255 int fix_fd(int fd)
256 {
257 int flags;
258
259 if ((flags = fcntl(fd, F_GETFL)) == -1 ||
260 fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1)
261 return 0;
262
263 return 1;
264 }
265
266 #if defined(HAVE_IPV6)
create_ipv6_listener(struct listener ** link,int port)267 static int create_ipv6_listener(struct listener **link, int port)
268 {
269 union mysockaddr addr;
270 int tcpfd, fd;
271 struct listener *l;
272 int opt = 1;
273
274 memset(&addr, 0, sizeof(addr));
275 addr.in6.sin6_family = AF_INET6;
276 addr.in6.sin6_addr = in6addr_any;
277 addr.in6.sin6_port = htons(port);
278 #ifdef HAVE_SOCKADDR_SA_LEN
279 addr.in6.sin6_len = sizeof(addr.in6);
280 #endif
281
282 /* No error of the kernel doesn't support IPv6 */
283 if ((fd = socket(AF_INET6, SOCK_DGRAM, 0)) == -1)
284 return (errno == EPROTONOSUPPORT ||
285 errno == EAFNOSUPPORT ||
286 errno == EINVAL);
287
288 if ((tcpfd = socket(AF_INET6, SOCK_STREAM, 0)) == -1)
289 return 0;
290
291 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
292 setsockopt(tcpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
293 setsockopt(fd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1 ||
294 setsockopt(tcpfd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1 ||
295 !fix_fd(fd) ||
296 !fix_fd(tcpfd) ||
297 #ifdef IPV6_RECVPKTINFO
298 setsockopt(fd, IPV6_LEVEL, IPV6_RECVPKTINFO, &opt, sizeof(opt)) == -1 ||
299 #else
300 setsockopt(fd, IPV6_LEVEL, IPV6_PKTINFO, &opt, sizeof(opt)) == -1 ||
301 #endif
302 bind(tcpfd, (struct sockaddr *)&addr, sa_len(&addr)) == -1 ||
303 listen(tcpfd, 5) == -1 ||
304 bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == -1)
305 return 0;
306
307 l = safe_malloc(sizeof(struct listener));
308 l->fd = fd;
309 l->tcpfd = tcpfd;
310 l->tftpfd = -1;
311 l->family = AF_INET6;
312 l->next = NULL;
313 *link = l;
314
315 return 1;
316 }
317 #endif
318
create_wildcard_listeners(void)319 struct listener *create_wildcard_listeners(void)
320 {
321 union mysockaddr addr;
322 int opt = 1;
323 struct listener *l, *l6 = NULL;
324 int tcpfd = -1, fd = -1, tftpfd = -1;
325
326 memset(&addr, 0, sizeof(addr));
327 addr.in.sin_family = AF_INET;
328 addr.in.sin_addr.s_addr = INADDR_ANY;
329 addr.in.sin_port = htons(daemon->port);
330 #ifdef HAVE_SOCKADDR_SA_LEN
331 addr.in.sin_len = sizeof(struct sockaddr_in);
332 #endif
333
334 if (daemon->port != 0)
335 {
336
337 if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1 ||
338 (tcpfd = socket(AF_INET, SOCK_STREAM, 0)) == -1)
339 return NULL;
340
341 if (setsockopt(tcpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
342 bind(tcpfd, (struct sockaddr *)&addr, sa_len(&addr)) == -1 ||
343 listen(tcpfd, 5) == -1 ||
344 !fix_fd(tcpfd) ||
345 #ifdef HAVE_IPV6
346 !create_ipv6_listener(&l6, daemon->port) ||
347 #endif
348 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
349 !fix_fd(fd) ||
350 #if defined(HAVE_LINUX_NETWORK)
351 setsockopt(fd, SOL_IP, IP_PKTINFO, &opt, sizeof(opt)) == -1 ||
352 #elif defined(IP_RECVDSTADDR) && defined(IP_RECVIF)
353 setsockopt(fd, IPPROTO_IP, IP_RECVDSTADDR, &opt, sizeof(opt)) == -1 ||
354 setsockopt(fd, IPPROTO_IP, IP_RECVIF, &opt, sizeof(opt)) == -1 ||
355 #endif
356 bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == -1)
357 return NULL;
358 }
359
360 #ifdef HAVE_TFTP
361 if (daemon->options & OPT_TFTP)
362 {
363 addr.in.sin_port = htons(TFTP_PORT);
364 if ((tftpfd = socket(AF_INET, SOCK_DGRAM, 0)) == -1)
365 return NULL;
366
367 if (!fix_fd(tftpfd) ||
368 #if defined(HAVE_LINUX_NETWORK)
369 setsockopt(tftpfd, SOL_IP, IP_PKTINFO, &opt, sizeof(opt)) == -1 ||
370 #elif defined(IP_RECVDSTADDR) && defined(IP_RECVIF)
371 setsockopt(tftpfd, IPPROTO_IP, IP_RECVDSTADDR, &opt, sizeof(opt)) == -1 ||
372 setsockopt(tftpfd, IPPROTO_IP, IP_RECVIF, &opt, sizeof(opt)) == -1 ||
373 #endif
374 bind(tftpfd, (struct sockaddr *)&addr, sa_len(&addr)) == -1)
375 return NULL;
376 }
377 #endif
378
379 l = safe_malloc(sizeof(struct listener));
380 l->family = AF_INET;
381 l->fd = fd;
382 l->tcpfd = tcpfd;
383 l->tftpfd = tftpfd;
384 l->next = l6;
385
386 return l;
387 }
388
389 #ifdef __ANDROID__
390 /**
391 * for a single given irec (interface name and address) create
392 * a set of sockets listening. This is a copy of the code inside the loop
393 * of create_bound_listeners below and is added here to allow us
394 * to create just a single new listener dynamically when our interface
395 * list is changed.
396 *
397 * iface - input of the new interface details to listen on
398 * listeners - output. Creates a new struct listener and inserts at head of the list
399 *
400 * die's on errors, so don't pass bad data.
401 */
create_bound_listener(struct listener ** listeners,struct irec * iface)402 void create_bound_listener(struct listener **listeners, struct irec *iface)
403 {
404 int rc, opt = 1;
405 #ifdef HAVE_IPV6
406 static int dad_count = 0;
407 #endif
408
409 struct listener *new = safe_malloc(sizeof(struct listener));
410 new->family = iface->addr.sa.sa_family;
411 new->iface = iface;
412 new->next = *listeners;
413 new->tftpfd = -1;
414 new->tcpfd = -1;
415 new->fd = -1;
416 *listeners = new;
417
418 if (daemon->port != 0)
419 {
420 if ((new->tcpfd = socket(iface->addr.sa.sa_family, SOCK_STREAM, 0)) == -1 ||
421 (new->fd = socket(iface->addr.sa.sa_family, SOCK_DGRAM, 0)) == -1 ||
422 setsockopt(new->fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
423 setsockopt(new->tcpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
424 !fix_fd(new->tcpfd) ||
425 !fix_fd(new->fd))
426 die(_("failed to create listening socket: %s"), NULL, EC_BADNET);
427
428 #ifdef HAVE_IPV6
429 if (iface->addr.sa.sa_family == AF_INET6)
430 {
431 if (setsockopt(new->fd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1 ||
432 setsockopt(new->tcpfd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1)
433 die(_("failed to set IPV6 options on listening socket: %s"), NULL, EC_BADNET);\
434 }
435 #endif
436
437 while(1)
438 {
439 if ((rc = bind(new->fd, &iface->addr.sa, sa_len(&iface->addr))) != -1)
440 break;
441
442 #ifdef HAVE_IPV6
443 /* An interface may have an IPv6 address which is still undergoing DAD.
444 If so, the bind will fail until the DAD completes, so we try over 20 seconds
445 before failing. */
446 if (iface->addr.sa.sa_family == AF_INET6 && (errno == ENODEV || errno == EADDRNOTAVAIL) &&
447 dad_count++ < DAD_WAIT)
448 {
449 sleep(1);
450 continue;
451 }
452 #endif
453 break;
454 }
455
456 if (rc == -1 || bind(new->tcpfd, &iface->addr.sa, sa_len(&iface->addr)) == -1)
457 {
458 prettyprint_addr(&iface->addr, daemon->namebuff);
459 die(_("failed to bind listening socket for %s: %s"), daemon->namebuff, EC_BADNET);
460 }
461
462 if (listen(new->tcpfd, 5) == -1)
463 die(_("failed to listen on socket: %s"), NULL, EC_BADNET);
464 }
465
466 #ifdef HAVE_TFTP
467 if ((daemon->options & OPT_TFTP) && iface->addr.sa.sa_family == AF_INET && iface->dhcp_ok)
468 {
469 short save = iface->addr.in.sin_port;
470 iface->addr.in.sin_port = htons(TFTP_PORT);
471 if ((new->tftpfd = socket(AF_INET, SOCK_DGRAM, 0)) == -1 ||
472 setsockopt(new->tftpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
473 !fix_fd(new->tftpfd) ||
474 bind(new->tftpfd, &iface->addr.sa, sa_len(&iface->addr)) == -1)
475 die(_("failed to create TFTP socket: %s"), NULL, EC_BADNET);
476 iface->addr.in.sin_port = save;
477 }
478 #endif
479 }
480
481 /**
482 * Close the sockets listening on the given interface
483 *
484 * This new function is needed as we're dynamically changing the interfaces
485 * we listen on. Before they'd be opened once in create_bound_listeners and stay
486 * until we exited. Now, if an interface moves off the to-listen list we need to
487 * close out the listeners and keep trucking.
488 *
489 * interface - input of the interface details to listen on
490 */
close_bound_listener(struct irec * interface)491 int close_bound_listener(struct irec *interface)
492 {
493 /* find the listener */
494 struct listener **l, *listener;
495 for (l = &(daemon->listeners); *l; l = &((*l)->next)) {
496 struct irec *listener_iface = (*l)->iface;
497 if (listener_iface && interface) {
498 if (sockaddr_isequal(&listener_iface->addr, &interface->addr)) {
499 break;
500 }
501 } else {
502 if (interface == NULL && listener_iface == NULL) {
503 break;
504 }
505 }
506 }
507 listener = *l;
508 if (listener == NULL) return 0;
509
510 if (listener->tftpfd != -1)
511 {
512 close(listener->tftpfd);
513 listener->tftpfd = -1;
514 }
515 if (listener->tcpfd != -1)
516 {
517 close(listener->tcpfd);
518 listener->tcpfd = -1;
519 }
520 if (listener->fd != -1)
521 {
522 close(listener->fd);
523 listener->fd = -1;
524 }
525 *l = listener->next;
526 free(listener);
527 return -1;
528 }
529 #endif /* __ANDROID__ */
530
create_bound_listeners(void)531 struct listener *create_bound_listeners(void)
532 {
533 struct listener *listeners = NULL;
534 struct irec *iface;
535 #ifndef __ANDROID__
536 int rc, opt = 1;
537 #ifdef HAVE_IPV6
538 static int dad_count = 0;
539 #endif
540 #endif
541
542 for (iface = daemon->interfaces; iface; iface = iface->next)
543 {
544 #ifdef __ANDROID__
545 create_bound_listener(&listeners, iface);
546 #else
547 struct listener *new = safe_malloc(sizeof(struct listener));
548 new->family = iface->addr.sa.sa_family;
549 new->iface = iface;
550 new->next = listeners;
551 new->tftpfd = -1;
552 new->tcpfd = -1;
553 new->fd = -1;
554 listeners = new;
555
556 if (daemon->port != 0)
557 {
558 if ((new->tcpfd = socket(iface->addr.sa.sa_family, SOCK_STREAM, 0)) == -1 ||
559 (new->fd = socket(iface->addr.sa.sa_family, SOCK_DGRAM, 0)) == -1 ||
560 setsockopt(new->fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
561 setsockopt(new->tcpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
562 !fix_fd(new->tcpfd) ||
563 !fix_fd(new->fd))
564 die(_("failed to create listening socket: %s"), NULL, EC_BADNET);
565
566 #ifdef HAVE_IPV6
567 if (iface->addr.sa.sa_family == AF_INET6)
568 {
569 if (setsockopt(new->fd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1 ||
570 setsockopt(new->tcpfd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1)
571 die(_("failed to set IPV6 options on listening socket: %s"), NULL, EC_BADNET);
572 }
573 #endif
574
575 while(1)
576 {
577 if ((rc = bind(new->fd, &iface->addr.sa, sa_len(&iface->addr))) != -1)
578 break;
579
580 #ifdef HAVE_IPV6
581 /* An interface may have an IPv6 address which is still undergoing DAD.
582 If so, the bind will fail until the DAD completes, so we try over 20 seconds
583 before failing. */
584 if (iface->addr.sa.sa_family == AF_INET6 && (errno == ENODEV || errno == EADDRNOTAVAIL) &&
585 dad_count++ < DAD_WAIT)
586 {
587 sleep(1);
588 continue;
589 }
590 #endif
591 break;
592 }
593
594 if (rc == -1 || bind(new->tcpfd, &iface->addr.sa, sa_len(&iface->addr)) == -1)
595 {
596 prettyprint_addr(&iface->addr, daemon->namebuff);
597 die(_("failed to bind listening socket for %s: %s"),
598 daemon->namebuff, EC_BADNET);
599 }
600
601 if (listen(new->tcpfd, 5) == -1)
602 die(_("failed to listen on socket: %s"), NULL, EC_BADNET);
603 }
604
605 #ifdef HAVE_TFTP
606 if ((daemon->options & OPT_TFTP) && iface->addr.sa.sa_family == AF_INET && iface->dhcp_ok)
607 {
608 short save = iface->addr.in.sin_port;
609 iface->addr.in.sin_port = htons(TFTP_PORT);
610 if ((new->tftpfd = socket(AF_INET, SOCK_DGRAM, 0)) == -1 ||
611 setsockopt(new->tftpfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
612 !fix_fd(new->tftpfd) ||
613 bind(new->tftpfd, &iface->addr.sa, sa_len(&iface->addr)) == -1)
614 die(_("failed to create TFTP socket: %s"), NULL, EC_BADNET);
615 iface->addr.in.sin_port = save;
616 }
617 #endif
618 #endif /* !__ANDROID */
619 }
620
621 return listeners;
622 }
623
624
625 /* return a UDP socket bound to a random port, have to cope with straying into
626 occupied port nos and reserved ones. */
random_sock(int family)627 int random_sock(int family)
628 {
629 int fd;
630
631 if ((fd = socket(family, SOCK_DGRAM, 0)) != -1)
632 {
633 union mysockaddr addr;
634 unsigned int ports_avail = 65536u - (unsigned short)daemon->min_port;
635 int tries = ports_avail < 30 ? 3 * ports_avail : 100;
636
637 memset(&addr, 0, sizeof(addr));
638 addr.sa.sa_family = family;
639
640 /* don't loop forever if all ports in use. */
641
642 if (fix_fd(fd))
643 while(tries--)
644 {
645 unsigned short port = rand16();
646
647 if (daemon->min_port != 0)
648 port = htons(daemon->min_port + (port % ((unsigned short)ports_avail)));
649
650 if (family == AF_INET)
651 {
652 addr.in.sin_addr.s_addr = INADDR_ANY;
653 addr.in.sin_port = port;
654 #ifdef HAVE_SOCKADDR_SA_LEN
655 addr.in.sin_len = sizeof(struct sockaddr_in);
656 #endif
657 }
658 #ifdef HAVE_IPV6
659 else
660 {
661 addr.in6.sin6_addr = in6addr_any;
662 addr.in6.sin6_port = port;
663 #ifdef HAVE_SOCKADDR_SA_LEN
664 addr.in6.sin6_len = sizeof(struct sockaddr_in6);
665 #endif
666 }
667 #endif
668
669 if (bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == 0)
670 return fd;
671
672 if (errno != EADDRINUSE && errno != EACCES)
673 break;
674 }
675
676 close(fd);
677 }
678
679 return -1;
680 }
681
682
local_bind(int fd,union mysockaddr * addr,char * intname,int is_tcp)683 int local_bind(int fd, union mysockaddr *addr, char *intname, int is_tcp)
684 {
685 union mysockaddr addr_copy = *addr;
686
687 /* cannot set source _port_ for TCP connections. */
688 if (is_tcp)
689 {
690 if (addr_copy.sa.sa_family == AF_INET)
691 addr_copy.in.sin_port = 0;
692 #ifdef HAVE_IPV6
693 else
694 addr_copy.in6.sin6_port = 0;
695 #endif
696 }
697
698 if (bind(fd, (struct sockaddr *)&addr_copy, sa_len(&addr_copy)) == -1)
699 return 0;
700
701 #if defined(SO_BINDTODEVICE)
702 if (intname[0] != 0 &&
703 setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, intname, strlen(intname)) == -1)
704 return 0;
705 #endif
706
707 return 1;
708 }
709
allocate_sfd(union mysockaddr * addr,char * intname)710 static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname)
711 {
712 struct serverfd *sfd;
713 int errsave;
714
715 /* when using random ports, servers which would otherwise use
716 the INADDR_ANY/port0 socket have sfd set to NULL */
717 if (!daemon->osport && intname[0] == 0)
718 {
719 errno = 0;
720
721 if (addr->sa.sa_family == AF_INET &&
722 addr->in.sin_addr.s_addr == INADDR_ANY &&
723 addr->in.sin_port == htons(0))
724 return NULL;
725
726 #ifdef HAVE_IPV6
727 if (addr->sa.sa_family == AF_INET6 &&
728 memcmp(&addr->in6.sin6_addr, &in6addr_any, sizeof(in6addr_any)) == 0 &&
729 addr->in6.sin6_port == htons(0))
730 return NULL;
731 #endif
732 }
733
734 /* may have a suitable one already */
735 for (sfd = daemon->sfds; sfd; sfd = sfd->next )
736 if (sockaddr_isequal(&sfd->source_addr, addr) &&
737 strcmp(intname, sfd->interface) == 0)
738 return sfd;
739
740 /* need to make a new one. */
741 errno = ENOMEM; /* in case malloc fails. */
742 if (!(sfd = whine_malloc(sizeof(struct serverfd))))
743 return NULL;
744
745 if ((sfd->fd = socket(addr->sa.sa_family, SOCK_DGRAM, 0)) == -1)
746 {
747 free(sfd);
748 return NULL;
749 }
750
751 if (!local_bind(sfd->fd, addr, intname, 0) || !fix_fd(sfd->fd))
752 {
753 errsave = errno; /* save error from bind. */
754 close(sfd->fd);
755 free(sfd);
756 errno = errsave;
757 return NULL;
758 }
759
760 strcpy(sfd->interface, intname);
761 sfd->source_addr = *addr;
762 sfd->next = daemon->sfds;
763 daemon->sfds = sfd;
764 return sfd;
765 }
766
767 /* create upstream sockets during startup, before root is dropped which may be needed
768 this allows query_port to be a low port and interface binding */
pre_allocate_sfds(void)769 void pre_allocate_sfds(void)
770 {
771 struct server *srv;
772
773 if (daemon->query_port != 0)
774 {
775 union mysockaddr addr;
776 memset(&addr, 0, sizeof(addr));
777 addr.in.sin_family = AF_INET;
778 addr.in.sin_addr.s_addr = INADDR_ANY;
779 addr.in.sin_port = htons(daemon->query_port);
780 #ifdef HAVE_SOCKADDR_SA_LEN
781 addr.in.sin_len = sizeof(struct sockaddr_in);
782 #endif
783 allocate_sfd(&addr, "");
784 #ifdef HAVE_IPV6
785 memset(&addr, 0, sizeof(addr));
786 addr.in6.sin6_family = AF_INET6;
787 addr.in6.sin6_addr = in6addr_any;
788 addr.in6.sin6_port = htons(daemon->query_port);
789 #ifdef HAVE_SOCKADDR_SA_LEN
790 addr.in6.sin6_len = sizeof(struct sockaddr_in6);
791 #endif
792 allocate_sfd(&addr, "");
793 #endif
794 }
795
796 for (srv = daemon->servers; srv; srv = srv->next)
797 if (!(srv->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR)) &&
798 !allocate_sfd(&srv->source_addr, srv->interface) &&
799 errno != 0 &&
800 (daemon->options & OPT_NOWILD))
801 {
802 prettyprint_addr(&srv->addr, daemon->namebuff);
803 if (srv->interface[0] != 0)
804 {
805 strcat(daemon->namebuff, " ");
806 strcat(daemon->namebuff, srv->interface);
807 }
808 die(_("failed to bind server socket for %s: %s"),
809 daemon->namebuff, EC_BADNET);
810 }
811 }
812
813
check_servers(void)814 void check_servers(void)
815 {
816 struct irec *iface;
817 struct server *new, *tmp, *ret = NULL;
818 int port = 0;
819
820 for (new = daemon->servers; new; new = tmp)
821 {
822 tmp = new->next;
823
824 if (!(new->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR)))
825 {
826 port = prettyprint_addr(&new->addr, daemon->namebuff);
827
828 /* 0.0.0.0 is nothing, the stack treats it like 127.0.0.1 */
829 if (new->addr.sa.sa_family == AF_INET &&
830 new->addr.in.sin_addr.s_addr == 0)
831 {
832 free(new);
833 continue;
834 }
835
836 for (iface = daemon->interfaces; iface; iface = iface->next)
837 if (sockaddr_isequal(&new->addr, &iface->addr))
838 break;
839 if (iface)
840 {
841 my_syslog(LOG_WARNING, _("ignoring nameserver %s - local interface"), daemon->namebuff);
842 free(new);
843 continue;
844 }
845
846 /* Do we need a socket set? */
847 if (!new->sfd &&
848 !(new->sfd = allocate_sfd(&new->source_addr, new->interface)) &&
849 errno != 0)
850 {
851 my_syslog(LOG_WARNING,
852 _("ignoring nameserver %s - cannot make/bind socket: %s"),
853 daemon->namebuff, strerror(errno));
854 free(new);
855 continue;
856 }
857 }
858
859 /* reverse order - gets it right. */
860 new->next = ret;
861 ret = new;
862
863 if (new->flags & (SERV_HAS_DOMAIN | SERV_FOR_NODOTS))
864 {
865 char *s1, *s2;
866 if (!(new->flags & SERV_HAS_DOMAIN))
867 s1 = _("unqualified"), s2 = _("names");
868 else if (strlen(new->domain) == 0)
869 s1 = _("default"), s2 = "";
870 else
871 s1 = _("domain"), s2 = new->domain;
872
873 if (new->flags & SERV_NO_ADDR)
874 my_syslog(LOG_INFO, _("using local addresses only for %s %s"), s1, s2);
875 else if (!(new->flags & SERV_LITERAL_ADDRESS))
876 my_syslog(LOG_INFO, _("using nameserver %s#%d for %s %s"), daemon->namebuff, port, s1, s2);
877 }
878 else if (new->interface[0] != 0)
879 my_syslog(LOG_INFO, _("using nameserver %s#%d(via %s)"), daemon->namebuff, port, new->interface);
880 else
881 my_syslog(LOG_INFO, _("using nameserver %s#%d"), daemon->namebuff, port);
882 }
883
884 daemon->servers = ret;
885 }
886
887 #ifdef __ANDROID__
888 /* #define __ANDROID_DEBUG__ 1 */
889 /*
890 * Ingests a new list of interfaces and starts to listen on them, adding only the new
891 * and stopping to listen to any interfaces not on the new list.
892 *
893 * interfaces - input in the format "bt-pan:eth0:wlan0:..>" up to 1024 bytes long
894 */
set_interfaces(const char * interfaces)895 void set_interfaces(const char *interfaces)
896 {
897 struct iname *if_tmp;
898 struct iname *prev_if_names;
899 struct irec *old_iface, *new_iface, *prev_interfaces;
900 char s[1024];
901 char *next = s;
902 char *interface;
903 int was_wild = 0;
904
905 #ifdef __ANDROID_DEBUG__
906 my_syslog(LOG_DEBUG, _("set_interfaces(%s)"), interfaces);
907 #endif
908 prev_if_names = daemon->if_names;
909 daemon->if_names = NULL;
910
911 prev_interfaces = daemon->interfaces;
912 daemon->interfaces = NULL;
913
914 if (strlen(interfaces) > sizeof(s)) {
915 die(_("interface string too long: %s"), NULL, EC_BADNET);
916 }
917 strncpy(s, interfaces, sizeof(s));
918 while((interface = strsep(&next, ":"))) {
919 if_tmp = safe_malloc(sizeof(struct iname));
920 memset(if_tmp, sizeof(struct iname), 0);
921 if ((if_tmp->name = strdup(interface)) == NULL) {
922 die(_("malloc failure in set_interfaces: %s"), NULL, EC_BADNET);
923 }
924 if_tmp->next = daemon->if_names;
925 daemon->if_names = if_tmp;
926 }
927
928 if (!enumerate_interfaces()) {
929 die(_("enumerate interfaces error in set_interfaces: %s"), NULL, EC_BADNET);
930 }
931
932 for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next) {
933 if (if_tmp->name && !if_tmp->used) {
934 die(_("unknown interface given %s in set_interfaces: %s"), if_tmp->name, EC_BADNET);
935 }
936 }
937 /* success! - setup to free the old */
938 /* check for any that have been removed */
939 for (old_iface = prev_interfaces; old_iface; old_iface=old_iface->next) {
940 int found = 0;
941 for (new_iface = daemon->interfaces; new_iface; new_iface = new_iface->next) {
942 if (sockaddr_isequal(&old_iface->addr, &new_iface->addr)) {
943 found = -1;
944 break;
945 }
946 }
947 if (!found) {
948 #ifdef __ANDROID_DEBUG__
949 char debug_buff[MAXDNAME];
950 prettyprint_addr(&old_iface->addr, debug_buff);
951 my_syslog(LOG_DEBUG, _("closing listener for %s"), debug_buff);
952 #endif
953
954 close_bound_listener(old_iface);
955 }
956 }
957
958 /* remove wildchar listeners */
959 was_wild = close_bound_listener(NULL);
960 if (was_wild) daemon->options |= OPT_NOWILD;
961
962 /* check for any that have been added */
963 for (new_iface = daemon->interfaces; new_iface; new_iface = new_iface->next) {
964 int found = 0;
965
966 /* if the previous setup used a wildchar, then add any current interfaces */
967 if (!was_wild) {
968 for (old_iface = prev_interfaces; old_iface; old_iface = old_iface->next) {
969 if(sockaddr_isequal(&old_iface->addr, &new_iface->addr)) {
970 found = -1;
971 break;
972 }
973 }
974 }
975 if (!found) {
976 #ifdef __ANDROID_DEBUG__
977 char debug_buff[MAXDNAME];
978 prettyprint_addr(&new_iface->addr, debug_buff);
979 my_syslog(LOG_DEBUG, _("adding listener for %s"), debug_buff);
980 #endif
981 create_bound_listener(&(daemon->listeners), new_iface);
982 }
983 }
984
985 while (prev_if_names) {
986 if (prev_if_names->name) free(prev_if_names->name);
987 if_tmp = prev_if_names->next;
988 free(prev_if_names);
989 prev_if_names = if_tmp;
990 }
991 while (prev_interfaces) {
992 struct irec *tmp_irec = prev_interfaces->next;
993 free(prev_interfaces);
994 prev_interfaces = tmp_irec;
995 }
996 #ifdef __ANDROID_DEBUG__
997 my_syslog(LOG_DEBUG, _("done with setInterfaces"));
998 #endif
999 }
1000
1001 /*
1002 * Takes a string in the format "1.2.3.4:1.2.3.4:..." - up to 1024 bytes in length
1003 */
set_servers(const char * servers)1004 int set_servers(const char *servers)
1005 {
1006 char s[1024];
1007 struct server *old_servers = NULL;
1008 struct server *new_servers = NULL;
1009 struct server *serv;
1010
1011 strncpy(s, servers, sizeof(s));
1012
1013 /* move old servers to free list - we can reuse the memory
1014 and not risk malloc if there are the same or fewer new servers.
1015 Servers which were specced on the command line go to the new list. */
1016 for (serv = daemon->servers; serv;)
1017 {
1018 struct server *tmp = serv->next;
1019 if (serv->flags & SERV_FROM_RESOLV)
1020 {
1021 serv->next = old_servers;
1022 old_servers = serv;
1023 /* forward table rules reference servers, so have to blow them away */
1024 server_gone(serv);
1025 }
1026 else
1027 {
1028 serv->next = new_servers;
1029 new_servers = serv;
1030 }
1031 serv = tmp;
1032 }
1033
1034 char *next = s;
1035 char *saddr;
1036
1037 while ((saddr = strsep(&next, ":"))) {
1038 union mysockaddr addr, source_addr;
1039 memset(&addr, 0, sizeof(addr));
1040 memset(&source_addr, 0, sizeof(source_addr));
1041
1042 if ((addr.in.sin_addr.s_addr = inet_addr(saddr)) != (in_addr_t) -1)
1043 {
1044 #ifdef HAVE_SOCKADDR_SA_LEN
1045 source_addr.in.sin_len = addr.in.sin_len = sizeof(source_addr.in);
1046 #endif
1047 source_addr.in.sin_family = addr.in.sin_family = AF_INET;
1048 addr.in.sin_port = htons(NAMESERVER_PORT);
1049 source_addr.in.sin_addr.s_addr = INADDR_ANY;
1050 source_addr.in.sin_port = htons(daemon->query_port);
1051 }
1052 #ifdef HAVE_IPV6
1053 else if (inet_pton(AF_INET6, saddr, &addr.in6.sin6_addr) > 0)
1054 {
1055 #ifdef HAVE_SOCKADDR_SA_LEN
1056 source_addr.in6.sin6_len = addr.in6.sin6_len = sizeof(source_addr.in6);
1057 #endif
1058 source_addr.in6.sin6_family = addr.in6.sin6_family = AF_INET6;
1059 addr.in6.sin6_port = htons(NAMESERVER_PORT);
1060 source_addr.in6.sin6_addr = in6addr_any;
1061 source_addr.in6.sin6_port = htons(daemon->query_port);
1062 }
1063 #endif /* IPV6 */
1064 else
1065 continue;
1066
1067 if (old_servers)
1068 {
1069 serv = old_servers;
1070 old_servers = old_servers->next;
1071 }
1072 else if (!(serv = whine_malloc(sizeof (struct server))))
1073 continue;
1074
1075 /* this list is reverse ordered:
1076 it gets reversed again in check_servers */
1077 serv->next = new_servers;
1078 new_servers = serv;
1079 serv->addr = addr;
1080 serv->source_addr = source_addr;
1081 serv->domain = NULL;
1082 serv->interface[0] = 0;
1083 serv->sfd = NULL;
1084 serv->flags = SERV_FROM_RESOLV;
1085 serv->queries = serv->failed_queries = 0;
1086 }
1087
1088 /* Free any memory not used. */
1089 while (old_servers)
1090 {
1091 struct server *tmp = old_servers->next;
1092 free(old_servers);
1093 old_servers = tmp;
1094 }
1095
1096 daemon->servers = new_servers;
1097 return 0;
1098 }
1099 #endif
1100
1101 /* Return zero if no servers found, in that case we keep polling.
1102 This is a protection against an update-time/write race on resolv.conf */
reload_servers(char * fname)1103 int reload_servers(char *fname)
1104 {
1105 FILE *f;
1106 char *line;
1107 struct server *old_servers = NULL;
1108 struct server *new_servers = NULL;
1109 struct server *serv;
1110 int gotone = 0;
1111
1112 /* buff happens to be MAXDNAME long... */
1113 if (!(f = fopen(fname, "r")))
1114 {
1115 my_syslog(LOG_ERR, _("failed to read %s: %s"), fname, strerror(errno));
1116 return 0;
1117 }
1118
1119 /* move old servers to free list - we can reuse the memory
1120 and not risk malloc if there are the same or fewer new servers.
1121 Servers which were specced on the command line go to the new list. */
1122 for (serv = daemon->servers; serv;)
1123 {
1124 struct server *tmp = serv->next;
1125 if (serv->flags & SERV_FROM_RESOLV)
1126 {
1127 serv->next = old_servers;
1128 old_servers = serv;
1129 /* forward table rules reference servers, so have to blow them away */
1130 server_gone(serv);
1131 }
1132 else
1133 {
1134 serv->next = new_servers;
1135 new_servers = serv;
1136 }
1137 serv = tmp;
1138 }
1139
1140 while ((line = fgets(daemon->namebuff, MAXDNAME, f)))
1141 {
1142 union mysockaddr addr, source_addr;
1143 char *token = strtok(line, " \t\n\r");
1144
1145 if (!token)
1146 continue;
1147 if (strcmp(token, "nameserver") != 0 && strcmp(token, "server") != 0)
1148 continue;
1149 if (!(token = strtok(NULL, " \t\n\r")))
1150 continue;
1151
1152 memset(&addr, 0, sizeof(addr));
1153 memset(&source_addr, 0, sizeof(source_addr));
1154
1155 if ((addr.in.sin_addr.s_addr = inet_addr(token)) != (in_addr_t) -1)
1156 {
1157 #ifdef HAVE_SOCKADDR_SA_LEN
1158 source_addr.in.sin_len = addr.in.sin_len = sizeof(source_addr.in);
1159 #endif
1160 source_addr.in.sin_family = addr.in.sin_family = AF_INET;
1161 addr.in.sin_port = htons(NAMESERVER_PORT);
1162 source_addr.in.sin_addr.s_addr = INADDR_ANY;
1163 source_addr.in.sin_port = htons(daemon->query_port);
1164 }
1165 #ifdef HAVE_IPV6
1166 else if (inet_pton(AF_INET6, token, &addr.in6.sin6_addr) > 0)
1167 {
1168 #ifdef HAVE_SOCKADDR_SA_LEN
1169 source_addr.in6.sin6_len = addr.in6.sin6_len = sizeof(source_addr.in6);
1170 #endif
1171 source_addr.in6.sin6_family = addr.in6.sin6_family = AF_INET6;
1172 addr.in6.sin6_port = htons(NAMESERVER_PORT);
1173 source_addr.in6.sin6_addr = in6addr_any;
1174 source_addr.in6.sin6_port = htons(daemon->query_port);
1175 }
1176 #endif /* IPV6 */
1177 else
1178 continue;
1179
1180 if (old_servers)
1181 {
1182 serv = old_servers;
1183 old_servers = old_servers->next;
1184 }
1185 else if (!(serv = whine_malloc(sizeof (struct server))))
1186 continue;
1187
1188 /* this list is reverse ordered:
1189 it gets reversed again in check_servers */
1190 serv->next = new_servers;
1191 new_servers = serv;
1192 serv->addr = addr;
1193 serv->source_addr = source_addr;
1194 serv->domain = NULL;
1195 serv->interface[0] = 0;
1196 serv->sfd = NULL;
1197 serv->flags = SERV_FROM_RESOLV;
1198 serv->queries = serv->failed_queries = 0;
1199 gotone = 1;
1200 }
1201
1202 /* Free any memory not used. */
1203 while (old_servers)
1204 {
1205 struct server *tmp = old_servers->next;
1206 free(old_servers);
1207 old_servers = tmp;
1208 }
1209
1210 daemon->servers = new_servers;
1211 fclose(f);
1212
1213 return gotone;
1214 }
1215
1216
1217 /* Use an IPv4 listener socket for ioctling */
get_ifaddr(char * intr)1218 struct in_addr get_ifaddr(char *intr)
1219 {
1220 struct listener *l;
1221 struct ifreq ifr;
1222
1223 for (l = daemon->listeners; l && l->family != AF_INET; l = l->next);
1224
1225 strncpy(ifr.ifr_name, intr, IF_NAMESIZE);
1226 ifr.ifr_addr.sa_family = AF_INET;
1227
1228 if (!l || ioctl(l->fd, SIOCGIFADDR, &ifr) == -1)
1229 ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr.s_addr = -1;
1230
1231 return ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
1232 }
1233