1 /* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
7
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
12
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
15 */
16
17 #include "dnsmasq.h"
18
19 struct daemon *daemon;
20
21 static char *compile_opts =
22 #ifndef HAVE_IPV6
23 "no-"
24 #endif
25 "IPv6 "
26 #ifndef HAVE_GETOPT_LONG
27 "no-"
28 #endif
29 "GNU-getopt "
30 #ifdef HAVE_BROKEN_RTC
31 "no-RTC "
32 #endif
33 #ifdef NO_FORK
34 "no-MMU "
35 #endif
36 #ifndef LOCALEDIR
37 "no-"
38 #endif
39 "I18N "
40 #ifndef HAVE_DHCP
41 "no-"
42 #endif
43 "DHCP "
44 #if defined(HAVE_DHCP) && !defined(HAVE_SCRIPT)
45 "no-scripts"
46 #endif
47 "";
48
49
50
51 static volatile pid_t pid = 0;
52 static volatile int pipewrite;
53
54 static int set_dns_listeners(time_t now, fd_set *set, int *maxfdp);
55 static void check_dns_listeners(fd_set *set, time_t now);
56 static void sig_handler(int sig);
57 static void async_event(int pipe, time_t now);
58 static void fatal_event(struct event_desc *ev);
59 static void poll_resolv(void);
60 #if defined(__ANDROID__) && !defined(__BRILLO__)
61 static int set_android_listeners(fd_set *set, int *maxfdp);
62 static int check_android_listeners(fd_set *set);
63 #endif
64
main(int argc,char ** argv)65 int main (int argc, char **argv)
66 {
67 int bind_fallback = 0;
68 time_t now;
69 struct sigaction sigact;
70 struct iname *if_tmp;
71 int piperead, pipefd[2], err_pipe[2];
72 struct passwd *ent_pw = NULL;
73 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
74 uid_t script_uid = 0;
75 gid_t script_gid = 0;
76 #endif
77 struct group *gp = NULL;
78 long i, max_fd = sysconf(_SC_OPEN_MAX);
79 char *baduser = NULL;
80 int log_err;
81 #if defined(HAVE_LINUX_NETWORK)
82 cap_user_header_t hdr = NULL;
83 cap_user_data_t data = NULL;
84 #endif
85
86 #ifdef LOCALEDIR
87 setlocale(LC_ALL, "");
88 bindtextdomain("dnsmasq", LOCALEDIR);
89 textdomain("dnsmasq");
90 #endif
91
92 sigact.sa_handler = sig_handler;
93 sigact.sa_flags = 0;
94 sigemptyset(&sigact.sa_mask);
95 sigaction(SIGUSR1, &sigact, NULL);
96 sigaction(SIGUSR2, &sigact, NULL);
97 sigaction(SIGHUP, &sigact, NULL);
98 sigaction(SIGTERM, &sigact, NULL);
99 sigaction(SIGALRM, &sigact, NULL);
100 sigaction(SIGCHLD, &sigact, NULL);
101
102 /* ignore SIGPIPE */
103 sigact.sa_handler = SIG_IGN;
104 sigaction(SIGPIPE, &sigact, NULL);
105
106 umask(022); /* known umask, create leases and pid files as 0644 */
107
108 read_opts(argc, argv, compile_opts);
109
110 if (daemon->edns_pktsz < PACKETSZ)
111 daemon->edns_pktsz = PACKETSZ;
112 daemon->packet_buff_sz = daemon->edns_pktsz > DNSMASQ_PACKETSZ ?
113 daemon->edns_pktsz : DNSMASQ_PACKETSZ;
114 daemon->packet = safe_malloc(daemon->packet_buff_sz);
115
116 #ifdef HAVE_DHCP
117 if (!daemon->lease_file)
118 {
119 if (daemon->dhcp)
120 daemon->lease_file = LEASEFILE;
121 }
122 #endif
123
124 /* Close any file descriptors we inherited apart from std{in|out|err} */
125 for (i = 0; i < max_fd; i++)
126 if (i != STDOUT_FILENO && i != STDERR_FILENO && i != STDIN_FILENO)
127 close(i);
128
129 #ifdef HAVE_LINUX_NETWORK
130 netlink_init();
131 #elif !(defined(IP_RECVDSTADDR) && \
132 defined(IP_RECVIF) && \
133 defined(IP_SENDSRCADDR))
134 if (!(daemon->options & OPT_NOWILD))
135 {
136 bind_fallback = 1;
137 daemon->options |= OPT_NOWILD;
138 }
139 #endif
140
141 #ifdef HAVE_SOLARIS_NETWORK
142 if (daemon->max_logs != 0)
143 die(_("asychronous logging is not available under Solaris"), NULL, EC_BADCONF);
144 #endif
145
146 rand_init();
147
148 now = dnsmasq_time();
149
150 #ifdef HAVE_DHCP
151 if (daemon->dhcp)
152 {
153 /* Note that order matters here, we must call lease_init before
154 creating any file descriptors which shouldn't be leaked
155 to the lease-script init process. */
156 lease_init(now);
157 dhcp_init();
158 }
159 #endif
160
161 if (!enumerate_interfaces())
162 die(_("failed to find list of interfaces: %s"), NULL, EC_MISC);
163
164 if (daemon->options & OPT_NOWILD)
165 {
166 daemon->listeners = create_bound_listeners();
167
168 for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
169 if (if_tmp->name && !if_tmp->used)
170 die(_("unknown interface %s"), if_tmp->name, EC_BADNET);
171
172 for (if_tmp = daemon->if_addrs; if_tmp; if_tmp = if_tmp->next)
173 if (!if_tmp->used)
174 {
175 prettyprint_addr(&if_tmp->addr, daemon->namebuff);
176 die(_("no interface with address %s"), daemon->namebuff, EC_BADNET);
177 }
178 }
179 else if ((daemon->port != 0 || (daemon->options & OPT_TFTP)) &&
180 !(daemon->listeners = create_wildcard_listeners()))
181 die(_("failed to create listening socket: %s"), NULL, EC_BADNET);
182
183 if (daemon->port != 0)
184 cache_init();
185
186 if (daemon->port != 0)
187 pre_allocate_sfds();
188
189 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
190 /* Note getpwnam returns static storage */
191 if (daemon->dhcp && daemon->lease_change_command && daemon->scriptuser)
192 {
193 if ((ent_pw = getpwnam(daemon->scriptuser)))
194 {
195 script_uid = ent_pw->pw_uid;
196 script_gid = ent_pw->pw_gid;
197 }
198 else
199 baduser = daemon->scriptuser;
200 }
201 #endif
202
203 if (daemon->username && !(ent_pw = getpwnam(daemon->username)))
204 baduser = daemon->username;
205 else if (daemon->groupname && !(gp = getgrnam(daemon->groupname)))
206 baduser = daemon->groupname;
207
208 if (baduser)
209 die(_("unknown user or group: %s"), baduser, EC_BADCONF);
210
211 /* implement group defaults, "dip" if available, or group associated with uid */
212 if (!daemon->group_set && !gp)
213 {
214 if (!(gp = getgrnam(CHGRP)) && ent_pw)
215 gp = getgrgid(ent_pw->pw_gid);
216
217 /* for error message */
218 if (gp)
219 daemon->groupname = gp->gr_name;
220 }
221
222 #if defined(HAVE_LINUX_NETWORK)
223 /* determine capability API version here, while we can still
224 call safe_malloc */
225 if (ent_pw && ent_pw->pw_uid != 0)
226 {
227 int capsize = 1; /* for header version 1 */
228 hdr = safe_malloc(sizeof(*hdr));
229
230 /* find version supported by kernel */
231 memset(hdr, 0, sizeof(*hdr));
232 capget(hdr, NULL);
233
234 if (hdr->version != LINUX_CAPABILITY_VERSION_1)
235 {
236 /* if unknown version, use largest supported version (3) */
237 if (hdr->version != LINUX_CAPABILITY_VERSION_2)
238 hdr->version = LINUX_CAPABILITY_VERSION_3;
239 capsize = 2;
240 }
241
242 data = safe_malloc(sizeof(*data) * capsize);
243 memset(data, 0, sizeof(*data) * capsize);
244 }
245 #endif
246
247 /* Use a pipe to carry signals and other events back to the event loop
248 in a race-free manner and another to carry errors to daemon-invoking process */
249 safe_pipe(pipefd, 1);
250
251 piperead = pipefd[0];
252 pipewrite = pipefd[1];
253 /* prime the pipe to load stuff first time. */
254 send_event(pipewrite, EVENT_RELOAD, 0);
255
256 err_pipe[1] = -1;
257
258 if (!(daemon->options & OPT_DEBUG))
259 {
260 #if !defined(__ANDROID__) || defined(__BRILLO__)
261 int nullfd;
262 #endif
263
264 /* The following code "daemonizes" the process.
265 See Stevens section 12.4 */
266
267 if (chdir("/") != 0)
268 die(_("cannot chdir to filesystem root: %s"), NULL, EC_MISC);
269
270 #ifndef NO_FORK
271 if (!(daemon->options & OPT_NO_FORK))
272 {
273 pid_t pid;
274
275 /* pipe to carry errors back to original process.
276 When startup is complete we close this and the process terminates. */
277 safe_pipe(err_pipe, 0);
278
279 if ((pid = fork()) == -1)
280 /* fd == -1 since we've not forked, never returns. */
281 send_event(-1, EVENT_FORK_ERR, errno);
282
283 if (pid != 0)
284 {
285 struct event_desc ev;
286
287 /* close our copy of write-end */
288 close(err_pipe[1]);
289
290 /* check for errors after the fork */
291 if (read_write(err_pipe[0], (unsigned char *)&ev, sizeof(ev), 1))
292 fatal_event(&ev);
293
294 _exit(EC_GOOD);
295 }
296
297 close(err_pipe[0]);
298
299 /* NO calls to die() from here on. */
300
301 setsid();
302
303 if ((pid = fork()) == -1)
304 send_event(err_pipe[1], EVENT_FORK_ERR, errno);
305
306 if (pid != 0)
307 _exit(0);
308 }
309 #endif
310
311 /* write pidfile _after_ forking ! */
312 if (daemon->runfile)
313 {
314 FILE *pidfile;
315
316 /* only complain if started as root */
317 if ((pidfile = fopen(daemon->runfile, "w")))
318 {
319 fprintf(pidfile, "%d\n", (int) getpid());
320 fclose(pidfile);
321 }
322 else if (getuid() == 0)
323 {
324 send_event(err_pipe[1], EVENT_PIDFILE, errno);
325 _exit(0);
326 }
327 }
328
329 #if !defined(__ANDROID__) || defined(__BRILLO__)
330 /* open stdout etc to /dev/null */
331 nullfd = open("/dev/null", O_RDWR);
332 dup2(nullfd, STDOUT_FILENO);
333 dup2(nullfd, STDERR_FILENO);
334 dup2(nullfd, STDIN_FILENO);
335 close(nullfd);
336 #endif
337 }
338
339 log_err = log_start(ent_pw, err_pipe[1]);
340
341 /* if we are to run scripts, we need to fork a helper before dropping root. */
342 daemon->helperfd = -1;
343 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
344 if (daemon->dhcp && daemon->lease_change_command)
345 daemon->helperfd = create_helper(pipewrite, err_pipe[1], script_uid, script_gid, max_fd);
346 #endif
347
348 if (!(daemon->options & OPT_DEBUG) && getuid() == 0)
349 {
350 int bad_capabilities = 0;
351 gid_t dummy;
352
353 /* remove all supplimentary groups */
354 if (gp &&
355 (setgroups(0, &dummy) == -1 ||
356 setgid(gp->gr_gid) == -1))
357 {
358 send_event(err_pipe[1], EVENT_GROUP_ERR, errno);
359 _exit(0);
360 }
361
362 if (ent_pw && ent_pw->pw_uid != 0)
363 {
364 #if defined(HAVE_LINUX_NETWORK)
365 /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
366 CAP_NET_RAW (for icmp) if we're doing dhcp */
367 data->effective = data->permitted = data->inheritable =
368 #ifdef __ANDROID__
369 (1 << CAP_NET_BIND_SERVICE) |
370 #endif
371 (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID);
372
373 /* Tell kernel to not clear capabilities when dropping root */
374 if (capset(hdr, data) == -1 || prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1)
375 bad_capabilities = errno;
376
377 #elif defined(HAVE_SOLARIS_NETWORK)
378 /* http://developers.sun.com/solaris/articles/program_privileges.html */
379 priv_set_t *priv_set;
380
381 if (!(priv_set = priv_str_to_set("basic", ",", NULL)) ||
382 priv_addset(priv_set, PRIV_NET_ICMPACCESS) == -1 ||
383 priv_addset(priv_set, PRIV_SYS_NET_CONFIG) == -1)
384 bad_capabilities = errno;
385
386 if (priv_set && bad_capabilities == 0)
387 {
388 priv_inverse(priv_set);
389
390 if (setppriv(PRIV_OFF, PRIV_LIMIT, priv_set) == -1)
391 bad_capabilities = errno;
392 }
393
394 if (priv_set)
395 priv_freeset(priv_set);
396
397 #endif
398
399 if (bad_capabilities != 0)
400 {
401 send_event(err_pipe[1], EVENT_CAP_ERR, bad_capabilities);
402 _exit(0);
403 }
404
405 /* finally drop root */
406 if (setuid(ent_pw->pw_uid) == -1)
407 {
408 send_event(err_pipe[1], EVENT_USER_ERR, errno);
409 _exit(0);
410 }
411
412 #ifdef HAVE_LINUX_NETWORK
413 data->effective = data->permitted =
414 #ifdef __ANDROID__
415 (1 << CAP_NET_BIND_SERVICE) |
416 #endif
417 (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW);
418 data->inheritable = 0;
419
420 /* lose the setuid and setgid capbilities */
421 if (capset(hdr, data) == -1)
422 {
423 send_event(err_pipe[1], EVENT_CAP_ERR, errno);
424 _exit(0);
425 }
426 #endif
427
428 }
429 }
430
431 #ifdef HAVE_LINUX_NETWORK
432 if (daemon->options & OPT_DEBUG)
433 prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
434 #endif
435
436 if (daemon->port == 0)
437 my_syslog(LOG_INFO, _("started, version %s DNS disabled"), VERSION);
438 else if (daemon->cachesize != 0)
439 my_syslog(LOG_INFO, _("started, version %s cachesize %d"), VERSION, daemon->cachesize);
440 else
441 my_syslog(LOG_INFO, _("started, version %s cache disabled"), VERSION);
442
443 my_syslog(LOG_INFO, _("compile time options: %s"), compile_opts);
444
445 if (log_err != 0)
446 my_syslog(LOG_WARNING, _("warning: failed to change owner of %s: %s"),
447 daemon->log_file, strerror(log_err));
448
449 if (bind_fallback)
450 my_syslog(LOG_WARNING, _("setting --bind-interfaces option because of OS limitations"));
451
452 if (!(daemon->options & OPT_NOWILD))
453 for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
454 if (if_tmp->name && !if_tmp->used)
455 my_syslog(LOG_WARNING, _("warning: interface %s does not currently exist"), if_tmp->name);
456
457 if (daemon->port != 0 && (daemon->options & OPT_NO_RESOLV))
458 {
459 if (daemon->resolv_files && !daemon->resolv_files->is_default)
460 my_syslog(LOG_WARNING, _("warning: ignoring resolv-file flag because no-resolv is set"));
461 daemon->resolv_files = NULL;
462 if (!daemon->servers)
463 my_syslog(LOG_WARNING, _("warning: no upstream servers configured"));
464 }
465
466 if (daemon->max_logs != 0)
467 my_syslog(LOG_INFO, _("asynchronous logging enabled, queue limit is %d messages"), daemon->max_logs);
468
469 #ifdef HAVE_DHCP
470 if (daemon->dhcp)
471 {
472 struct dhcp_context *dhcp_tmp;
473
474 for (dhcp_tmp = daemon->dhcp; dhcp_tmp; dhcp_tmp = dhcp_tmp->next)
475 {
476 prettyprint_time(daemon->dhcp_buff2, dhcp_tmp->lease_time);
477 strcpy(daemon->dhcp_buff, inet_ntoa(dhcp_tmp->start));
478 my_syslog(MS_DHCP | LOG_INFO,
479 (dhcp_tmp->flags & CONTEXT_STATIC) ?
480 _("DHCP, static leases only on %.0s%s, lease time %s") :
481 (dhcp_tmp->flags & CONTEXT_PROXY) ?
482 _("DHCP, proxy on subnet %.0s%s%.0s") :
483 _("DHCP, IP range %s -- %s, lease time %s"),
484 daemon->dhcp_buff, inet_ntoa(dhcp_tmp->end), daemon->dhcp_buff2);
485 }
486 }
487 #endif
488
489 /* finished start-up - release original process */
490 if (err_pipe[1] != -1)
491 close(err_pipe[1]);
492
493 if (daemon->port != 0)
494 check_servers();
495
496 pid = getpid();
497
498 while (1)
499 {
500 int maxfd = -1;
501 struct timeval t, *tp = NULL;
502 fd_set rset, wset, eset;
503
504 FD_ZERO(&rset);
505 FD_ZERO(&wset);
506 FD_ZERO(&eset);
507
508 /* if we are out of resources, find how long we have to wait
509 for some to come free, we'll loop around then and restart
510 listening for queries */
511 if ((t.tv_sec = set_dns_listeners(now, &rset, &maxfd)) != 0)
512 {
513 t.tv_usec = 0;
514 tp = &t;
515 }
516 #if defined(__ANDROID__) && !defined(__BRILLO__)
517 set_android_listeners(&rset, &maxfd);
518 #endif
519
520 #ifdef HAVE_DHCP
521 if (daemon->dhcp)
522 {
523 FD_SET(daemon->dhcpfd, &rset);
524 bump_maxfd(daemon->dhcpfd, &maxfd);
525 }
526 #endif
527
528 #ifdef HAVE_LINUX_NETWORK
529 FD_SET(daemon->netlinkfd, &rset);
530 bump_maxfd(daemon->netlinkfd, &maxfd);
531 #endif
532
533 FD_SET(piperead, &rset);
534 bump_maxfd(piperead, &maxfd);
535
536 #ifdef HAVE_DHCP
537 # ifdef HAVE_SCRIPT
538 while (helper_buf_empty() && do_script_run(now));
539
540 if (!helper_buf_empty())
541 {
542 FD_SET(daemon->helperfd, &wset);
543 bump_maxfd(daemon->helperfd, &maxfd);
544 }
545 # else
546 /* need this for other side-effects */
547 while (do_script_run(now));
548 # endif
549 #endif
550
551 /* must do this just before select(), when we know no
552 more calls to my_syslog() can occur */
553 set_log_writer(&wset, &maxfd);
554
555 if (select(maxfd+1, &rset, &wset, &eset, tp) < 0)
556 {
557 /* otherwise undefined after error */
558 FD_ZERO(&rset); FD_ZERO(&wset); FD_ZERO(&eset);
559 }
560
561 now = dnsmasq_time();
562
563 check_log_writer(&wset);
564
565 /* Check for changes to resolv files once per second max. */
566 /* Don't go silent for long periods if the clock goes backwards. */
567 if (daemon->last_resolv == 0 ||
568 difftime(now, daemon->last_resolv) > 1.0 ||
569 difftime(now, daemon->last_resolv) < -1.0)
570 {
571 daemon->last_resolv = now;
572
573 if (daemon->port != 0 && !(daemon->options & OPT_NO_POLL))
574 poll_resolv();
575 }
576
577 if (FD_ISSET(piperead, &rset))
578 async_event(piperead, now);
579
580 #ifdef HAVE_LINUX_NETWORK
581 if (FD_ISSET(daemon->netlinkfd, &rset))
582 netlink_multicast();
583 #endif
584
585 #if defined(__ANDROID__) && !defined(__BRILLO__)
586 check_android_listeners(&rset);
587 #endif
588
589 check_dns_listeners(&rset, now);
590
591 #ifdef HAVE_DHCP
592 if (daemon->dhcp && FD_ISSET(daemon->dhcpfd, &rset))
593 dhcp_packet(now);
594
595 # ifdef HAVE_SCRIPT
596 if (daemon->helperfd != -1 && FD_ISSET(daemon->helperfd, &wset))
597 helper_write();
598 # endif
599 #endif
600
601 }
602 }
603
sig_handler(int sig)604 static void sig_handler(int sig)
605 {
606 if (pid == 0)
607 {
608 /* ignore anything other than TERM during startup
609 and in helper proc. (helper ignore TERM too) */
610 if (sig == SIGTERM)
611 exit(EC_MISC);
612 }
613 else if (pid != getpid())
614 {
615 /* alarm is used to kill TCP children after a fixed time. */
616 if (sig == SIGALRM)
617 _exit(0);
618 }
619 else
620 {
621 /* master process */
622 int event, errsave = errno;
623
624 if (sig == SIGHUP)
625 event = EVENT_RELOAD;
626 else if (sig == SIGCHLD)
627 event = EVENT_CHILD;
628 else if (sig == SIGALRM)
629 event = EVENT_ALARM;
630 else if (sig == SIGTERM)
631 event = EVENT_TERM;
632 else if (sig == SIGUSR1)
633 event = EVENT_DUMP;
634 else if (sig == SIGUSR2)
635 event = EVENT_REOPEN;
636 else
637 return;
638
639 send_event(pipewrite, event, 0);
640 errno = errsave;
641 }
642 }
643
send_event(int fd,int event,int data)644 void send_event(int fd, int event, int data)
645 {
646 struct event_desc ev;
647
648 ev.event = event;
649 ev.data = data;
650
651 /* error pipe, debug mode. */
652 if (fd == -1)
653 fatal_event(&ev);
654 else
655 /* pipe is non-blocking and struct event_desc is smaller than
656 PIPE_BUF, so this either fails or writes everything */
657 while (write(fd, &ev, sizeof(ev)) == -1 && errno == EINTR);
658 }
659
fatal_event(struct event_desc * ev)660 static void fatal_event(struct event_desc *ev)
661 {
662 errno = ev->data;
663
664 switch (ev->event)
665 {
666 case EVENT_DIE:
667 exit(0);
668
669 case EVENT_FORK_ERR:
670 die(_("cannot fork into background: %s"), NULL, EC_MISC);
671
672 case EVENT_PIPE_ERR:
673 die(_("failed to create helper: %s"), NULL, EC_MISC);
674
675 case EVENT_CAP_ERR:
676 die(_("setting capabilities failed: %s"), NULL, EC_MISC);
677
678 case EVENT_USER_ERR:
679 case EVENT_HUSER_ERR:
680 die(_("failed to change user-id to %s: %s"),
681 ev->event == EVENT_USER_ERR ? daemon->username : daemon->scriptuser,
682 EC_MISC);
683
684 case EVENT_GROUP_ERR:
685 die(_("failed to change group-id to %s: %s"), daemon->groupname, EC_MISC);
686
687 case EVENT_PIDFILE:
688 die(_("failed to open pidfile %s: %s"), daemon->runfile, EC_FILE);
689
690 case EVENT_LOG_ERR:
691 die(_("cannot open %s: %s"), daemon->log_file ? daemon->log_file : "log", EC_FILE);
692 }
693 }
694
async_event(int pipe,time_t now)695 static void async_event(int pipe, time_t now)
696 {
697 pid_t p;
698 struct event_desc ev;
699 int i;
700
701 if (read_write(pipe, (unsigned char *)&ev, sizeof(ev), 1))
702 switch (ev.event)
703 {
704 case EVENT_RELOAD:
705 clear_cache_and_reload(now);
706 if (daemon->port != 0 && daemon->resolv_files && (daemon->options & OPT_NO_POLL))
707 {
708 reload_servers(daemon->resolv_files->name);
709 check_servers();
710 }
711 #ifdef HAVE_DHCP
712 rerun_scripts();
713 #endif
714 break;
715
716 case EVENT_DUMP:
717 if (daemon->port != 0)
718 dump_cache(now);
719 break;
720
721 case EVENT_ALARM:
722 #ifdef HAVE_DHCP
723 if (daemon->dhcp)
724 {
725 lease_prune(NULL, now);
726 lease_update_file(now);
727 }
728 #endif
729 break;
730
731 case EVENT_CHILD:
732 /* See Stevens 5.10 */
733 while ((p = waitpid(-1, NULL, WNOHANG)) != 0)
734 if (p == -1)
735 {
736 if (errno != EINTR)
737 break;
738 }
739 else
740 for (i = 0 ; i < MAX_PROCS; i++)
741 if (daemon->tcp_pids[i] == p)
742 daemon->tcp_pids[i] = 0;
743 break;
744
745 case EVENT_KILLED:
746 my_syslog(LOG_WARNING, _("child process killed by signal %d"), ev.data);
747 break;
748
749 case EVENT_EXITED:
750 my_syslog(LOG_WARNING, _("child process exited with status %d"), ev.data);
751 break;
752
753 case EVENT_EXEC_ERR:
754 my_syslog(LOG_ERR, _("failed to execute %s: %s"),
755 daemon->lease_change_command, strerror(ev.data));
756 break;
757
758 /* necessary for fatal errors in helper */
759 case EVENT_HUSER_ERR:
760 case EVENT_DIE:
761 fatal_event(&ev);
762 break;
763
764 case EVENT_REOPEN:
765 /* Note: this may leave TCP-handling processes with the old file still open.
766 Since any such process will die in CHILD_LIFETIME or probably much sooner,
767 we leave them logging to the old file. */
768 if (daemon->log_file != NULL)
769 log_reopen(daemon->log_file);
770 break;
771
772 case EVENT_TERM:
773 /* Knock all our children on the head. */
774 for (i = 0; i < MAX_PROCS; i++)
775 if (daemon->tcp_pids[i] != 0)
776 kill(daemon->tcp_pids[i], SIGALRM);
777
778 #if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
779 /* handle pending lease transitions */
780 if (daemon->helperfd != -1)
781 {
782 /* block in writes until all done */
783 if ((i = fcntl(daemon->helperfd, F_GETFL)) != -1)
784 fcntl(daemon->helperfd, F_SETFL, i & ~O_NONBLOCK);
785 do {
786 helper_write();
787 } while (!helper_buf_empty() || do_script_run(now));
788 close(daemon->helperfd);
789 }
790 #endif
791
792 if (daemon->lease_stream)
793 fclose(daemon->lease_stream);
794
795 if (daemon->runfile)
796 unlink(daemon->runfile);
797
798 my_syslog(LOG_INFO, _("exiting on receipt of SIGTERM"));
799 flush_log();
800 exit(EC_GOOD);
801 }
802 }
803
poll_resolv()804 static void poll_resolv()
805 {
806 struct resolvc *res, *latest;
807 struct stat statbuf;
808 time_t last_change = 0;
809 /* There may be more than one possible file.
810 Go through and find the one which changed _last_.
811 Warn of any which can't be read. */
812 for (latest = NULL, res = daemon->resolv_files; res; res = res->next)
813 if (stat(res->name, &statbuf) == -1)
814 {
815 if (!res->logged)
816 my_syslog(LOG_WARNING, _("failed to access %s: %s"), res->name, strerror(errno));
817 res->logged = 1;
818 }
819 else
820 {
821 res->logged = 0;
822 if (statbuf.st_mtime != res->mtime)
823 {
824 res->mtime = statbuf.st_mtime;
825 if (difftime(statbuf.st_mtime, last_change) > 0.0)
826 {
827 last_change = statbuf.st_mtime;
828 latest = res;
829 }
830 }
831 }
832
833 if (latest)
834 {
835 static int warned = 0;
836 if (reload_servers(latest->name))
837 {
838 my_syslog(LOG_INFO, _("reading %s"), latest->name);
839 warned = 0;
840 check_servers();
841 if (daemon->options & OPT_RELOAD)
842 cache_reload();
843 }
844 else
845 {
846 latest->mtime = 0;
847 if (!warned)
848 {
849 my_syslog(LOG_WARNING, _("no servers found in %s, will retry"), latest->name);
850 warned = 1;
851 }
852 }
853 }
854 }
855
clear_cache_and_reload(time_t now)856 void clear_cache_and_reload(time_t now)
857 {
858 if (daemon->port != 0)
859 cache_reload();
860
861 #ifdef HAVE_DHCP
862 if (daemon->dhcp)
863 {
864 if (daemon->options & OPT_ETHERS)
865 dhcp_read_ethers();
866 reread_dhcp();
867 dhcp_update_configs(daemon->dhcp_conf);
868 check_dhcp_hosts(0);
869 lease_update_from_configs();
870 lease_update_file(now);
871 lease_update_dns();
872 }
873 #endif
874 }
875
876 #if defined(__ANDROID__) && !defined(__BRILLO__)
877
set_android_listeners(fd_set * set,int * maxfdp)878 static int set_android_listeners(fd_set *set, int *maxfdp) {
879 FD_SET(STDIN_FILENO, set);
880 bump_maxfd(STDIN_FILENO, maxfdp);
881 return 0;
882 }
883
check_android_listeners(fd_set * set)884 static int check_android_listeners(fd_set *set) {
885 int retcode = 0;
886 if (FD_ISSET(STDIN_FILENO, set)) {
887 char buffer[1024];
888 int rc;
889 int consumed = 0;
890
891 if ((rc = read(STDIN_FILENO, buffer, sizeof(buffer) -1)) < 0) {
892 my_syslog(LOG_ERR, _("Error reading from stdin (%s)"), strerror(errno));
893 return -1;
894 }
895 buffer[rc] = '\0';
896 while(consumed < rc) {
897 char *cmd;
898 char *current_cmd = &buffer[consumed];
899 char *params = current_cmd;
900 int len = strlen(current_cmd);
901
902 cmd = strsep(¶ms, "|");
903 if (!strcmp(cmd, "update_dns")) {
904 if (params != NULL) {
905 set_servers(params);
906 check_servers();
907 } else {
908 my_syslog(LOG_ERR, _("Misformatted msg '%s'"), current_cmd);
909 retcode = -1;
910 }
911 } else if (!strcmp(cmd, "update_ifaces")) {
912 if (params != NULL) {
913 set_interfaces(params);
914 } else {
915 my_syslog(LOG_ERR, _("Misformatted msg '%s'"), current_cmd);
916 retcode = -1;
917 }
918 } else {
919 my_syslog(LOG_ERR, _("Unknown cmd '%s'"), cmd);
920 retcode = -1;
921 }
922 consumed += len + 1;
923 }
924 }
925 return retcode;
926 }
927 #endif
928
set_dns_listeners(time_t now,fd_set * set,int * maxfdp)929 static int set_dns_listeners(time_t now, fd_set *set, int *maxfdp)
930 {
931 struct serverfd *serverfdp;
932 struct listener *listener;
933 int wait = 0, i;
934
935 /* will we be able to get memory? */
936 if (daemon->port != 0)
937 get_new_frec(now, &wait);
938
939 for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
940 {
941 FD_SET(serverfdp->fd, set);
942 bump_maxfd(serverfdp->fd, maxfdp);
943 }
944
945 if (daemon->port != 0 && !daemon->osport)
946 for (i = 0; i < RANDOM_SOCKS; i++)
947 if (daemon->randomsocks[i].refcount != 0)
948 {
949 FD_SET(daemon->randomsocks[i].fd, set);
950 bump_maxfd(daemon->randomsocks[i].fd, maxfdp);
951 }
952
953 for (listener = daemon->listeners; listener; listener = listener->next)
954 {
955 /* only listen for queries if we have resources */
956 if (listener->fd != -1 && wait == 0)
957 {
958 FD_SET(listener->fd, set);
959 bump_maxfd(listener->fd, maxfdp);
960 }
961
962 /* death of a child goes through the select loop, so
963 we don't need to explicitly arrange to wake up here */
964 if (listener->tcpfd != -1)
965 for (i = 0; i < MAX_PROCS; i++)
966 if (daemon->tcp_pids[i] == 0)
967 {
968 FD_SET(listener->tcpfd, set);
969 bump_maxfd(listener->tcpfd, maxfdp);
970 break;
971 }
972 }
973
974 return wait;
975 }
976
check_dns_listeners(fd_set * set,time_t now)977 static void check_dns_listeners(fd_set *set, time_t now)
978 {
979 struct serverfd *serverfdp;
980 struct listener *listener;
981 int i;
982
983 for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
984 if (FD_ISSET(serverfdp->fd, set))
985 reply_query(serverfdp->fd, serverfdp->source_addr.sa.sa_family, now);
986
987 if (daemon->port != 0 && !daemon->osport)
988 for (i = 0; i < RANDOM_SOCKS; i++)
989 if (daemon->randomsocks[i].refcount != 0 &&
990 FD_ISSET(daemon->randomsocks[i].fd, set))
991 reply_query(daemon->randomsocks[i].fd, daemon->randomsocks[i].family, now);
992
993 for (listener = daemon->listeners; listener; listener = listener->next)
994 {
995 if (listener->fd != -1 && FD_ISSET(listener->fd, set))
996 receive_query(listener, now);
997
998 if (listener->tcpfd != -1 && FD_ISSET(listener->tcpfd, set))
999 {
1000 int confd;
1001 struct irec *iface = NULL;
1002 pid_t p;
1003
1004 while((confd = accept(listener->tcpfd, NULL, NULL)) == -1 && errno == EINTR);
1005
1006 if (confd == -1)
1007 continue;
1008
1009 if (daemon->options & OPT_NOWILD)
1010 iface = listener->iface;
1011 else
1012 {
1013 union mysockaddr tcp_addr;
1014 socklen_t tcp_len = sizeof(union mysockaddr);
1015 /* Check for allowed interfaces when binding the wildcard address:
1016 we do this by looking for an interface with the same address as
1017 the local address of the TCP connection, then looking to see if that's
1018 an allowed interface. As a side effect, we get the netmask of the
1019 interface too, for localisation. */
1020
1021 /* interface may be new since startup */
1022 if (enumerate_interfaces() &&
1023 getsockname(confd, (struct sockaddr *)&tcp_addr, &tcp_len) != -1)
1024 for (iface = daemon->interfaces; iface; iface = iface->next)
1025 if (sockaddr_isequal(&iface->addr, &tcp_addr))
1026 break;
1027 }
1028
1029 if (!iface)
1030 {
1031 shutdown(confd, SHUT_RDWR);
1032 close(confd);
1033 }
1034 #ifndef NO_FORK
1035 else if (!(daemon->options & OPT_DEBUG) && (p = fork()) != 0)
1036 {
1037 if (p != -1)
1038 {
1039 int i;
1040 for (i = 0; i < MAX_PROCS; i++)
1041 if (daemon->tcp_pids[i] == 0)
1042 {
1043 daemon->tcp_pids[i] = p;
1044 break;
1045 }
1046 }
1047 close(confd);
1048 }
1049 #endif
1050 else
1051 {
1052 unsigned char *buff;
1053 struct server *s;
1054 int flags;
1055 struct in_addr dst_addr_4;
1056
1057 dst_addr_4.s_addr = 0;
1058
1059 /* Arrange for SIGALARM after CHILD_LIFETIME seconds to
1060 terminate the process. */
1061 if (!(daemon->options & OPT_DEBUG))
1062 alarm(CHILD_LIFETIME);
1063
1064 /* start with no upstream connections. */
1065 for (s = daemon->servers; s; s = s->next)
1066 s->tcpfd = -1;
1067
1068 /* The connected socket inherits non-blocking
1069 attribute from the listening socket.
1070 Reset that here. */
1071 if ((flags = fcntl(confd, F_GETFL, 0)) != -1)
1072 fcntl(confd, F_SETFL, flags & ~O_NONBLOCK);
1073
1074 if (listener->family == AF_INET)
1075 dst_addr_4 = iface->addr.in.sin_addr;
1076
1077 buff = tcp_request(confd, now, dst_addr_4, iface->netmask);
1078
1079 shutdown(confd, SHUT_RDWR);
1080 close(confd);
1081
1082 if (buff)
1083 free(buff);
1084
1085 for (s = daemon->servers; s; s = s->next)
1086 if (s->tcpfd != -1)
1087 {
1088 shutdown(s->tcpfd, SHUT_RDWR);
1089 close(s->tcpfd);
1090 }
1091 #ifndef NO_FORK
1092 if (!(daemon->options & OPT_DEBUG))
1093 {
1094 flush_log();
1095 _exit(0);
1096 }
1097 #endif
1098 }
1099 }
1100 }
1101 }
1102
1103 #ifdef HAVE_DHCP
make_icmp_sock(void)1104 int make_icmp_sock(void)
1105 {
1106 int fd;
1107 int zeroopt = 0;
1108
1109 if ((fd = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP)) != -1)
1110 {
1111 if (!fix_fd(fd) ||
1112 setsockopt(fd, SOL_SOCKET, SO_DONTROUTE, &zeroopt, sizeof(zeroopt)) == -1)
1113 {
1114 close(fd);
1115 fd = -1;
1116 }
1117 }
1118
1119 return fd;
1120 }
1121
icmp_ping(struct in_addr addr)1122 int icmp_ping(struct in_addr addr)
1123 {
1124 /* Try and get an ICMP echo from a machine. */
1125
1126 /* Note that whilst in the three second wait, we check for
1127 (and service) events on the DNS sockets, (so doing that
1128 better not use any resources our caller has in use...)
1129 but we remain deaf to signals or further DHCP packets. */
1130
1131 int fd;
1132 struct sockaddr_in saddr;
1133 struct {
1134 struct ip ip;
1135 struct icmp icmp;
1136 } packet;
1137 unsigned short id = rand16();
1138 unsigned int i, j;
1139 int gotreply = 0;
1140 time_t start, now;
1141
1142 #if defined(HAVE_LINUX_NETWORK) || defined (HAVE_SOLARIS_NETWORK)
1143 if ((fd = make_icmp_sock()) == -1)
1144 return 0;
1145 #else
1146 int opt = 2000;
1147 fd = daemon->dhcp_icmp_fd;
1148 setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
1149 #endif
1150
1151 saddr.sin_family = AF_INET;
1152 saddr.sin_port = 0;
1153 saddr.sin_addr = addr;
1154 #ifdef HAVE_SOCKADDR_SA_LEN
1155 saddr.sin_len = sizeof(struct sockaddr_in);
1156 #endif
1157
1158 memset(&packet.icmp, 0, sizeof(packet.icmp));
1159 packet.icmp.icmp_type = ICMP_ECHO;
1160 packet.icmp.icmp_id = id;
1161 for (j = 0, i = 0; i < sizeof(struct icmp) / 2; i++)
1162 j += ((u16 *)&packet.icmp)[i];
1163 while (j>>16)
1164 j = (j & 0xffff) + (j >> 16);
1165 packet.icmp.icmp_cksum = (j == 0xffff) ? j : ~j;
1166
1167 while (sendto(fd, (char *)&packet.icmp, sizeof(struct icmp), 0,
1168 (struct sockaddr *)&saddr, sizeof(saddr)) == -1 &&
1169 retry_send());
1170
1171 for (now = start = dnsmasq_time();
1172 difftime(now, start) < (float)PING_WAIT;)
1173 {
1174 struct timeval tv;
1175 fd_set rset, wset;
1176 struct sockaddr_in faddr;
1177 int maxfd = fd;
1178 socklen_t len = sizeof(faddr);
1179
1180 tv.tv_usec = 250000;
1181 tv.tv_sec = 0;
1182
1183 FD_ZERO(&rset);
1184 FD_ZERO(&wset);
1185 FD_SET(fd, &rset);
1186 set_dns_listeners(now, &rset, &maxfd);
1187 set_log_writer(&wset, &maxfd);
1188
1189 if (select(maxfd+1, &rset, &wset, NULL, &tv) < 0)
1190 {
1191 FD_ZERO(&rset);
1192 FD_ZERO(&wset);
1193 }
1194
1195 now = dnsmasq_time();
1196
1197 check_log_writer(&wset);
1198 check_dns_listeners(&rset, now);
1199
1200 if (FD_ISSET(fd, &rset) &&
1201 recvfrom(fd, &packet, sizeof(packet), 0,
1202 (struct sockaddr *)&faddr, &len) == sizeof(packet) &&
1203 saddr.sin_addr.s_addr == faddr.sin_addr.s_addr &&
1204 packet.icmp.icmp_type == ICMP_ECHOREPLY &&
1205 packet.icmp.icmp_seq == 0 &&
1206 packet.icmp.icmp_id == id)
1207 {
1208 gotreply = 1;
1209 break;
1210 }
1211 }
1212
1213 #if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK)
1214 close(fd);
1215 #else
1216 opt = 1;
1217 setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
1218 #endif
1219
1220 return gotreply;
1221 }
1222 #endif
1223