summaryrefslogtreecommitdiff
path: root/src/resolve/resolved-dns-stream.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-07-29 19:49:45 +0200
committerLennart Poettering <lennart@poettering.net>2014-07-29 20:57:58 +0200
commitb914e211f3a40f507b3cdc572838ec7f3fd5e4cf (patch)
treec1a0ec49b99a76c0108f2072b5a77eb398d99777 /src/resolve/resolved-dns-stream.c
parent623a4c97b9175f95c4b1c6fc34e36c56f1e4ddbf (diff)
resolved: when resolving an address PTR record via llmnr, make a tcp connection by default
Diffstat (limited to 'src/resolve/resolved-dns-stream.c')
-rw-r--r--src/resolve/resolved-dns-stream.c263
1 files changed, 140 insertions, 123 deletions
diff --git a/src/resolve/resolved-dns-stream.c b/src/resolve/resolved-dns-stream.c
index 24a2288428..47130c4231 100644
--- a/src/resolve/resolved-dns-stream.c
+++ b/src/resolve/resolved-dns-stream.c
@@ -48,7 +48,7 @@ static int dns_stream_update_io(DnsStream *s) {
return sd_event_source_set_io_events(s->io_event_source, f);
}
-static int stream_complete(DnsStream *s, int error) {
+static int dns_stream_complete(DnsStream *s, int error) {
assert(s);
dns_stream_stop(s);
@@ -61,12 +61,136 @@ static int stream_complete(DnsStream *s, int error) {
return 0;
}
+static int dns_stream_identify(DnsStream *s) {
+ union {
+ struct cmsghdr header; /* For alignment */
+ uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
+ + EXTRA_CMSG_SPACE /* kernel appears to require extra space */];
+ } control;
+ struct msghdr mh = {};
+ struct cmsghdr *cmsg;
+ socklen_t sl;
+ int r;
+
+ assert(s);
+
+ if (s->identified)
+ return 0;
+
+ /* Query the local side */
+ s->local_salen = sizeof(s->local);
+ r = getsockname(s->fd, &s->local.sa, &s->local_salen);
+ if (r < 0)
+ return -errno;
+ if (s->local.sa.sa_family == AF_INET6 && s->ifindex <= 0)
+ s->ifindex = s->local.in6.sin6_scope_id;
+
+ /* Query the remote side */
+ s->peer_salen = sizeof(s->peer);
+ r = getpeername(s->fd, &s->peer.sa, &s->peer_salen);
+ if (r < 0)
+ return -errno;
+ if (s->peer.sa.sa_family == AF_INET6 && s->ifindex <= 0)
+ s->ifindex = s->peer.in6.sin6_scope_id;
+
+ /* Check consistency */
+ assert(s->peer.sa.sa_family == s->local.sa.sa_family);
+ assert(IN_SET(s->peer.sa.sa_family, AF_INET, AF_INET6));
+
+ /* Query connection meta information */
+ sl = sizeof(control);
+ if (s->peer.sa.sa_family == AF_INET) {
+ r = getsockopt(s->fd, IPPROTO_IP, IP_PKTOPTIONS, &control, &sl);
+ if (r < 0)
+ return -errno;
+ } else if (s->peer.sa.sa_family == AF_INET6) {
+
+ r = getsockopt(s->fd, IPPROTO_IPV6, IPV6_2292PKTOPTIONS, &control, &sl);
+ if (r < 0)
+ return -errno;
+ } else
+ return -EAFNOSUPPORT;
+
+ mh.msg_control = &control;
+ mh.msg_controllen = sl;
+ for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
+
+ if (cmsg->cmsg_level == IPPROTO_IPV6) {
+ assert(s->peer.sa.sa_family == AF_INET6);
+
+ switch (cmsg->cmsg_type) {
+
+ case IPV6_PKTINFO: {
+ struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
+
+ if (s->ifindex <= 0)
+ s->ifindex = i->ipi6_ifindex;
+ break;
+ }
+
+ case IPV6_HOPLIMIT:
+ s->ttl = *(int *) CMSG_DATA(cmsg);
+ break;
+ }
+
+ } else if (cmsg->cmsg_level == IPPROTO_IP) {
+ assert(s->peer.sa.sa_family == AF_INET);
+
+ switch (cmsg->cmsg_type) {
+
+ case IP_PKTINFO: {
+ struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
+
+ if (s->ifindex <= 0)
+ s->ifindex = i->ipi_ifindex;
+ break;
+ }
+
+ case IP_TTL:
+ s->ttl = *(int *) CMSG_DATA(cmsg);
+ break;
+ }
+ }
+ }
+
+ /* The Linux kernel sets the interface index to the loopback
+ * device if the connection came from the local host since it
+ * avoids the routing table in such a case. Let's unset the
+ * interface index in such a case. */
+ if (s->ifindex > 0 && manager_ifindex_is_loopback(s->manager, s->ifindex) != 0)
+ s->ifindex = 0;
+
+ /* If we don't know the interface index still, we look for the
+ * first local interface with a matching address. Yuck! */
+ if (s->ifindex <= 0)
+ s->ifindex = manager_find_ifindex(s->manager, s->local.sa.sa_family, s->local.sa.sa_family == AF_INET ? (union in_addr_union*) &s->local.in.sin_addr : (union in_addr_union*) &s->local.in6.sin6_addr);
+
+ if (s->protocol == DNS_PROTOCOL_LLMNR && s->ifindex > 0) {
+ uint32_t ifindex = htobe32(s->ifindex);
+
+ /* Make sure all packets for this connection are sent on the same interface */
+ if (s->local.sa.sa_family == AF_INET) {
+ r = setsockopt(s->fd, IPPROTO_IP, IP_UNICAST_IF, &ifindex, sizeof(ifindex));
+ if (r < 0)
+ return -errno;
+ } else if (s->local.sa.sa_family == AF_INET6) {
+ r = setsockopt(s->fd, IPPROTO_IPV6, IPV6_UNICAST_IF, &ifindex, sizeof(ifindex));
+ if (r < 0)
+ return -errno;
+ }
+ }
+
+ s->identified = true;
+
+ return 0;
+}
+
static int on_stream_timeout(sd_event_source *es, usec_t usec, void *userdata) {
DnsStream *s = userdata;
assert(s);
- return stream_complete(s, ETIMEDOUT);
+ return dns_stream_complete(s, ETIMEDOUT);
}
static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
@@ -75,6 +199,10 @@ static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *use
assert(s);
+ r = dns_stream_identify(s);
+ if (r < 0)
+ return dns_stream_complete(s, -r);
+
if ((revents & EPOLLOUT) &&
s->write_packet &&
s->n_written < sizeof(s->write_size) + s->write_packet->size) {
@@ -92,7 +220,7 @@ static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *use
ss = writev(fd, iov, 2);
if (ss < 0) {
if (errno != EINTR && errno != EAGAIN)
- return stream_complete(s, errno);
+ return dns_stream_complete(s, errno);
} else
s->n_written += ss;
@@ -100,7 +228,7 @@ static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *use
if (s->n_written >= sizeof(s->write_size) + s->write_packet->size) {
r = dns_stream_update_io(s);
if (r < 0)
- return stream_complete(s, -r);
+ return dns_stream_complete(s, -r);
}
}
@@ -114,9 +242,9 @@ static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *use
ss = read(fd, (uint8_t*) &s->read_size + s->n_read, sizeof(s->read_size) - s->n_read);
if (ss < 0) {
if (errno != EINTR && errno != EAGAIN)
- return stream_complete(s, errno);
+ return dns_stream_complete(s, errno);
} else if (ss == 0)
- return stream_complete(s, ECONNRESET);
+ return dns_stream_complete(s, ECONNRESET);
else
s->n_read += ss;
}
@@ -124,7 +252,7 @@ static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *use
if (s->n_read >= sizeof(s->read_size)) {
if (be16toh(s->read_size) < DNS_PACKET_HEADER_SIZE)
- return stream_complete(s, EBADMSG);
+ return dns_stream_complete(s, EBADMSG);
if (s->n_read < sizeof(s->read_size) + be16toh(s->read_size)) {
ssize_t ss;
@@ -132,7 +260,7 @@ static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *use
if (!s->read_packet) {
r = dns_packet_new(&s->read_packet, s->protocol, be16toh(s->read_size));
if (r < 0)
- return stream_complete(s, -r);
+ return dns_stream_complete(s, -r);
s->read_packet->size = be16toh(s->read_size);
s->read_packet->ipproto = IPPROTO_TCP;
@@ -164,9 +292,9 @@ static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *use
sizeof(s->read_size) + be16toh(s->read_size) - s->n_read);
if (ss < 0) {
if (errno != EINTR && errno != EAGAIN)
- return stream_complete(s, errno);
+ return dns_stream_complete(s, errno);
} else if (ss == 0)
- return stream_complete(s, ECONNRESET);
+ return dns_stream_complete(s, ECONNRESET);
else
s->n_read += ss;
}
@@ -175,7 +303,7 @@ static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *use
if (s->n_read >= sizeof(s->read_size) + be16toh(s->read_size)) {
r = dns_stream_update_io(s);
if (r < 0)
- return stream_complete(s, -r);
+ return dns_stream_complete(s, -r);
/* If there's a packet handler
* installed, call that. Note that
@@ -188,7 +316,7 @@ static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *use
if ((s->write_packet && s->n_written >= sizeof(s->write_size) + s->write_packet->size) &&
(s->read_packet && s->n_read >= sizeof(s->read_size) + s->read_packet->size))
- return stream_complete(s, 0);
+ return dns_stream_complete(s, 0);
return 0;
}
@@ -216,15 +344,7 @@ DEFINE_TRIVIAL_CLEANUP_FUNC(DnsStream*, dns_stream_free);
int dns_stream_new(Manager *m, DnsStream **ret, DnsProtocol protocol, int fd) {
static const int one = 1;
- union {
- struct cmsghdr header; /* For alignment */
- uint8_t buffer[CMSG_SPACE(MAX(sizeof(struct in_pktinfo), sizeof(struct in6_pktinfo)))
- + EXTRA_CMSG_SPACE /* kernel appears to require extra space */];
- } control;
- struct msghdr mh = {};
- struct cmsghdr *cmsg;
_cleanup_(dns_stream_freep) DnsStream *s = NULL;
- socklen_t sl;
int r;
assert(m);
@@ -240,113 +360,10 @@ int dns_stream_new(Manager *m, DnsStream **ret, DnsProtocol protocol, int fd) {
s->fd = -1;
s->protocol = protocol;
- /* Query the remote side */
- s->peer_salen = sizeof(s->peer);
- r = getpeername(fd, &s->peer.sa, &s->peer_salen);
- if (r < 0)
- return -errno;
- if (s->peer.sa.sa_family == AF_INET6)
- s->ifindex = s->peer.in6.sin6_scope_id;
-
- /* Query the local side */
- s->local_salen = sizeof(s->local);
- r = getsockname(fd, &s->local.sa, &s->local_salen);
- if (r < 0)
- return -errno;
- if (s->local.sa.sa_family == AF_INET6 && s->ifindex <= 0)
- s->ifindex = s->local.in6.sin6_scope_id;
-
- /* Check consistency */
- assert(s->peer.sa.sa_family == s->local.sa.sa_family);
- assert(IN_SET(s->peer.sa.sa_family, AF_INET, AF_INET6));
-
- /* Query connection meta information */
- sl = sizeof(control);
- if (s->peer.sa.sa_family == AF_INET) {
- r = getsockopt(fd, IPPROTO_IP, IP_PKTOPTIONS, &control, &sl);
- if (r < 0)
- return -errno;
- } else {
- assert(s->peer.sa.sa_family == AF_INET6);
-
- r = getsockopt(fd, IPPROTO_IPV6, IPV6_2292PKTOPTIONS, &control, &sl);
- if (r < 0)
- return -errno;
- }
-
- mh.msg_control = &control;
- mh.msg_controllen = sl;
- for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
-
- if (cmsg->cmsg_level == IPPROTO_IPV6) {
- assert(s->peer.sa.sa_family == AF_INET6);
-
- switch (cmsg->cmsg_type) {
-
- case IPV6_PKTINFO: {
- struct in6_pktinfo *i = (struct in6_pktinfo*) CMSG_DATA(cmsg);
-
- if (s->ifindex <= 0)
- s->ifindex = i->ipi6_ifindex;
- break;
- }
-
- case IPV6_HOPLIMIT:
- s->ttl = *(int *) CMSG_DATA(cmsg);
- break;
- }
-
- } else if (cmsg->cmsg_level == IPPROTO_IP) {
- assert(s->peer.sa.sa_family == AF_INET);
-
- switch (cmsg->cmsg_type) {
-
- case IP_PKTINFO: {
- struct in_pktinfo *i = (struct in_pktinfo*) CMSG_DATA(cmsg);
-
- if (s->ifindex <= 0)
- s->ifindex = i->ipi_ifindex;
- break;
- }
-
- case IP_TTL:
- s->ttl = *(int *) CMSG_DATA(cmsg);
- break;
- }
- }
- }
-
- /* The Linux kernel sets the interface index to the loopback
- * device if the connection came from the local host since it
- * avoids the routing table in such a case. Let's unset the
- * interface index in such a case. */
- if (s->ifindex > 0 && manager_ifindex_is_loopback(m, s->ifindex) != 0)
- s->ifindex = 0;
-
- /* If we don't know the interface index still, we look for the
- * first local interface with a matching address. Yuck! */
- if (s->ifindex <= 0)
- s->ifindex = manager_find_ifindex(m, s->local.sa.sa_family, s->local.sa.sa_family == AF_INET ? (union in_addr_union*) &s->local.in.sin_addr : (union in_addr_union*) &s->local.in6.sin6_addr);
-
r = setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &one, sizeof(one));
if (r < 0)
return -errno;
- if (s->protocol == DNS_PROTOCOL_LLMNR && s->ifindex > 0) {
- uint32_t ifindex = htobe32(s->ifindex);
-
- /* Make sure all packets for this connection are sent on the same interface */
- if (s->local.sa.sa_family == AF_INET) {
- r = setsockopt(fd, IPPROTO_IP, IP_UNICAST_IF, &ifindex, sizeof(ifindex));
- if (r < 0)
- return -errno;
- } else if (s->local.sa.sa_family == AF_INET6) {
- r = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_IF, &ifindex, sizeof(ifindex));
- if (r < 0)
- return -errno;
- }
- }
-
r = sd_event_add_io(m->event, &s->io_event_source, fd, EPOLLIN, on_stream_io, s);
if (r < 0)
return r;