Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / dnsmasq / 33b344454b95ed99bad7d3fe4d493870923deaf6 / . / src / dnsmasq.c
blob: 1a9d80820cfcb5b0418b714b398b45c3662e7e91 [file] [log] [blame]
San Mehatffd68722010-01-20 09:56:15 -0800[diff] [blame]1/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; version 2 dated June, 1991, or
6 (at your option) version 3 dated 29 June, 2007.
7
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
12
13 You should have received a copy of the GNU General Public License
14 along with this program. If not, see <http://www.gnu.org/licenses/>.
15*/
16
17#include "dnsmasq.h"
18
19struct daemon *daemon;
20
21static char *compile_opts =
22#ifndef HAVE_IPV6
23"no-"
24#endif
25"IPv6 "
26#ifndef HAVE_GETOPT_LONG
27"no-"
28#endif
29"GNU-getopt "
30#ifdef HAVE_BROKEN_RTC
31"no-RTC "
32#endif
33#ifdef NO_FORK
34"no-MMU "
35#endif
36#ifndef HAVE_DBUS
37"no-"
38#endif
39"DBus "
40#ifndef LOCALEDIR
41"no-"
42#endif
43"I18N "
44#ifndef HAVE_DHCP
45"no-"
46#endif
47"DHCP "
48#if defined(HAVE_DHCP) && !defined(HAVE_SCRIPT)
49"no-scripts "
50#endif
51#ifndef HAVE_TFTP
52"no-"
53#endif
54"TFTP";
55
56
57
58static volatile pid_t pid = 0;
59static volatile int pipewrite;
60
61static int set_dns_listeners(time_t now, fd_set *set, int *maxfdp);
62static void check_dns_listeners(fd_set *set, time_t now);
63static void sig_handler(int sig);
64static void async_event(int pipe, time_t now);
65static void fatal_event(struct event_desc *ev);
66static void poll_resolv(void);
San Mehat33b34442010-01-20 10:54:48 -0800[diff] [blame^]67#ifdef __ANDROID__
68static int set_android_listeners(fd_set *set, int *maxfdp);
69static int check_android_listeners(fd_set *set);
70#endif
San Mehatffd68722010-01-20 09:56:15 -0800[diff] [blame]71
72int main (int argc, char **argv)
73{
74 int bind_fallback = 0;
75 time_t now;
76 struct sigaction sigact;
77 struct iname *if_tmp;
78 int piperead, pipefd[2], err_pipe[2];
79 struct passwd *ent_pw = NULL;
80#if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
81 uid_t script_uid = 0;
82 gid_t script_gid = 0;
83#endif
84 struct group *gp = NULL;
85 long i, max_fd = sysconf(_SC_OPEN_MAX);
86 char *baduser = NULL;
87 int log_err;
88#if defined(HAVE_LINUX_NETWORK)
89 cap_user_header_t hdr = NULL;
90 cap_user_data_t data = NULL;
91#endif
92
93#ifdef LOCALEDIR
94 setlocale(LC_ALL, "");
95 bindtextdomain("dnsmasq", LOCALEDIR);
96 textdomain("dnsmasq");
97#endif
98
99 sigact.sa_handler = sig_handler;
100 sigact.sa_flags = 0;
101 sigemptyset(&sigact.sa_mask);
102 sigaction(SIGUSR1, &sigact, NULL);
103 sigaction(SIGUSR2, &sigact, NULL);
104 sigaction(SIGHUP, &sigact, NULL);
105 sigaction(SIGTERM, &sigact, NULL);
106 sigaction(SIGALRM, &sigact, NULL);
107 sigaction(SIGCHLD, &sigact, NULL);
108
109 /* ignore SIGPIPE */
110 sigact.sa_handler = SIG_IGN;
111 sigaction(SIGPIPE, &sigact, NULL);
112
113 umask(022); /* known umask, create leases and pid files as 0644 */
114
115 read_opts(argc, argv, compile_opts);
116
117 if (daemon->edns_pktsz < PACKETSZ)
118 daemon->edns_pktsz = PACKETSZ;
119 daemon->packet_buff_sz = daemon->edns_pktsz > DNSMASQ_PACKETSZ ?
120 daemon->edns_pktsz : DNSMASQ_PACKETSZ;
121 daemon->packet = safe_malloc(daemon->packet_buff_sz);
122
123#ifdef HAVE_DHCP
124 if (!daemon->lease_file)
125 {
126 if (daemon->dhcp)
127 daemon->lease_file = LEASEFILE;
128 }
129#endif
130
131 /* Close any file descriptors we inherited apart from std{in|out|err} */
132 for (i = 0; i < max_fd; i++)
133 if (i != STDOUT_FILENO && i != STDERR_FILENO && i != STDIN_FILENO)
134 close(i);
135
136#ifdef HAVE_LINUX_NETWORK
137 netlink_init();
138#elif !(defined(IP_RECVDSTADDR) && \
139 defined(IP_RECVIF) && \
140 defined(IP_SENDSRCADDR))
141 if (!(daemon->options & OPT_NOWILD))
142 {
143 bind_fallback = 1;
144 daemon->options |= OPT_NOWILD;
145 }
146#endif
147
148#ifndef HAVE_TFTP
149 if (daemon->options & OPT_TFTP)
150 die(_("TFTP server not available: set HAVE_TFTP in src/config.h"), NULL, EC_BADCONF);
151#endif
152
153#ifdef HAVE_SOLARIS_NETWORK
154 if (daemon->max_logs != 0)
155 die(_("asychronous logging is not available under Solaris"), NULL, EC_BADCONF);
156#endif
157
158 rand_init();
159
160 now = dnsmasq_time();
161
162#ifdef HAVE_DHCP
163 if (daemon->dhcp)
164 {
165 /* Note that order matters here, we must call lease_init before
166 creating any file descriptors which shouldn't be leaked
167 to the lease-script init process. */
168 lease_init(now);
169 dhcp_init();
170 }
171#endif
172
173 if (!enumerate_interfaces())
174 die(_("failed to find list of interfaces: %s"), NULL, EC_MISC);
175
176 if (daemon->options & OPT_NOWILD)
177 {
178 daemon->listeners = create_bound_listeners();
179
180 for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
181 if (if_tmp->name && !if_tmp->used)
182 die(_("unknown interface %s"), if_tmp->name, EC_BADNET);
183
184 for (if_tmp = daemon->if_addrs; if_tmp; if_tmp = if_tmp->next)
185 if (!if_tmp->used)
186 {
187 prettyprint_addr(&if_tmp->addr, daemon->namebuff);
188 die(_("no interface with address %s"), daemon->namebuff, EC_BADNET);
189 }
190 }
191 else if ((daemon->port != 0 || (daemon->options & OPT_TFTP)) &&
192 !(daemon->listeners = create_wildcard_listeners()))
193 die(_("failed to create listening socket: %s"), NULL, EC_BADNET);
194
195 if (daemon->port != 0)
196 cache_init();
197
198 if (daemon->options & OPT_DBUS)
199#ifdef HAVE_DBUS
200 {
201 char *err;
202 daemon->dbus = NULL;
203 daemon->watches = NULL;
204 if ((err = dbus_init()))
205 die(_("DBus error: %s"), err, EC_MISC);
206 }
207#else
208 die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL, EC_BADCONF);
209#endif
210
211 if (daemon->port != 0)
212 pre_allocate_sfds();
213
214#if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
215 /* Note getpwnam returns static storage */
216 if (daemon->dhcp && daemon->lease_change_command && daemon->scriptuser)
217 {
218 if ((ent_pw = getpwnam(daemon->scriptuser)))
219 {
220 script_uid = ent_pw->pw_uid;
221 script_gid = ent_pw->pw_gid;
222 }
223 else
224 baduser = daemon->scriptuser;
225 }
226#endif
227
228 if (daemon->username && !(ent_pw = getpwnam(daemon->username)))
229 baduser = daemon->username;
230 else if (daemon->groupname && !(gp = getgrnam(daemon->groupname)))
231 baduser = daemon->groupname;
232
233 if (baduser)
234 die(_("unknown user or group: %s"), baduser, EC_BADCONF);
235
236 /* implement group defaults, "dip" if available, or group associated with uid */
237 if (!daemon->group_set && !gp)
238 {
239 if (!(gp = getgrnam(CHGRP)) && ent_pw)
240 gp = getgrgid(ent_pw->pw_gid);
241
242 /* for error message */
243 if (gp)
244 daemon->groupname = gp->gr_name;
245 }
246
247#if defined(HAVE_LINUX_NETWORK)
248 /* determine capability API version here, while we can still
249 call safe_malloc */
250 if (ent_pw && ent_pw->pw_uid != 0)
251 {
252 int capsize = 1; /* for header version 1 */
253 hdr = safe_malloc(sizeof(*hdr));
254
255 /* find version supported by kernel */
256 memset(hdr, 0, sizeof(*hdr));
257 capget(hdr, NULL);
258
259 if (hdr->version != LINUX_CAPABILITY_VERSION_1)
260 {
261 /* if unknown version, use largest supported version (3) */
262 if (hdr->version != LINUX_CAPABILITY_VERSION_2)
263 hdr->version = LINUX_CAPABILITY_VERSION_3;
264 capsize = 2;
265 }
266
267 data = safe_malloc(sizeof(*data) * capsize);
268 memset(data, 0, sizeof(*data) * capsize);
269 }
270#endif
271
272 /* Use a pipe to carry signals and other events back to the event loop
273 in a race-free manner and another to carry errors to daemon-invoking process */
274 safe_pipe(pipefd, 1);
275
276 piperead = pipefd[0];
277 pipewrite = pipefd[1];
278 /* prime the pipe to load stuff first time. */
279 send_event(pipewrite, EVENT_RELOAD, 0);
280
281 err_pipe[1] = -1;
282
283 if (!(daemon->options & OPT_DEBUG))
284 {
San Mehat33b34442010-01-20 10:54:48 -0800[diff] [blame^]285#ifndef __ANDROID__
San Mehatffd68722010-01-20 09:56:15 -0800[diff] [blame]286 int nullfd;
San Mehat33b34442010-01-20 10:54:48 -0800[diff] [blame^]287#endif
San Mehatffd68722010-01-20 09:56:15 -0800[diff] [blame]288
289 /* The following code "daemonizes" the process.
290 See Stevens section 12.4 */
291
292 if (chdir("/") != 0)
293 die(_("cannot chdir to filesystem root: %s"), NULL, EC_MISC);
294
295#ifndef NO_FORK
296 if (!(daemon->options & OPT_NO_FORK))
297 {
298 pid_t pid;
299
300 /* pipe to carry errors back to original process.
301 When startup is complete we close this and the process terminates. */
302 safe_pipe(err_pipe, 0);
303
304 if ((pid = fork()) == -1)
305 /* fd == -1 since we've not forked, never returns. */
306 send_event(-1, EVENT_FORK_ERR, errno);
307
308 if (pid != 0)
309 {
310 struct event_desc ev;
311
312 /* close our copy of write-end */
313 close(err_pipe[1]);
314
315 /* check for errors after the fork */
316 if (read_write(err_pipe[0], (unsigned char *)&ev, sizeof(ev), 1))
317 fatal_event(&ev);
318
319 _exit(EC_GOOD);
320 }
321
322 close(err_pipe[0]);
323
324 /* NO calls to die() from here on. */
325
326 setsid();
327
328 if ((pid = fork()) == -1)
329 send_event(err_pipe[1], EVENT_FORK_ERR, errno);
330
331 if (pid != 0)
332 _exit(0);
333 }
334#endif
335
336 /* write pidfile _after_ forking ! */
337 if (daemon->runfile)
338 {
339 FILE *pidfile;
340
341 /* only complain if started as root */
342 if ((pidfile = fopen(daemon->runfile, "w")))
343 {
344 fprintf(pidfile, "%d\n", (int) getpid());
345 fclose(pidfile);
346 }
347 else if (getuid() == 0)
348 {
349 send_event(err_pipe[1], EVENT_PIDFILE, errno);
350 _exit(0);
351 }
352 }
San Mehat33b34442010-01-20 10:54:48 -0800[diff] [blame^]353
354#ifndef __ANDROID__
San Mehatffd68722010-01-20 09:56:15 -0800[diff] [blame]355 /* open stdout etc to /dev/null */
356 nullfd = open("/dev/null", O_RDWR);
357 dup2(nullfd, STDOUT_FILENO);
358 dup2(nullfd, STDERR_FILENO);
359 dup2(nullfd, STDIN_FILENO);
360 close(nullfd);
San Mehat33b34442010-01-20 10:54:48 -0800[diff] [blame^]361#endif
San Mehatffd68722010-01-20 09:56:15 -0800[diff] [blame]362 }
363
364 log_err = log_start(ent_pw, err_pipe[1]);
365
366 /* if we are to run scripts, we need to fork a helper before dropping root. */
367 daemon->helperfd = -1;
368#if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
369 if (daemon->dhcp && daemon->lease_change_command)
370 daemon->helperfd = create_helper(pipewrite, err_pipe[1], script_uid, script_gid, max_fd);
371#endif
372
373 if (!(daemon->options & OPT_DEBUG) && getuid() == 0)
374 {
375 int bad_capabilities = 0;
376 gid_t dummy;
377
378 /* remove all supplimentary groups */
379 if (gp &&
380 (setgroups(0, &dummy) == -1 ||
381 setgid(gp->gr_gid) == -1))
382 {
383 send_event(err_pipe[1], EVENT_GROUP_ERR, errno);
384 _exit(0);
385 }
386
387 if (ent_pw && ent_pw->pw_uid != 0)
388 {
389#if defined(HAVE_LINUX_NETWORK)
390 /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
391 CAP_NET_RAW (for icmp) if we're doing dhcp */
392 data->effective = data->permitted = data->inheritable =
393 (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID);
394
395 /* Tell kernel to not clear capabilities when dropping root */
San Mehat5658bcb2010-01-20 10:16:30 -0800[diff] [blame]396 if (capset(hdr, data) == -1 || prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1)
San Mehatffd68722010-01-20 09:56:15 -0800[diff] [blame]397 bad_capabilities = errno;
398
399#elif defined(HAVE_SOLARIS_NETWORK)
400 /* http://developers.sun.com/solaris/articles/program_privileges.html */
401 priv_set_t *priv_set;
402
403 if (!(priv_set = priv_str_to_set("basic", ",", NULL)) ||
404 priv_addset(priv_set, PRIV_NET_ICMPACCESS) == -1 ||
405 priv_addset(priv_set, PRIV_SYS_NET_CONFIG) == -1)
406 bad_capabilities = errno;
407
408 if (priv_set && bad_capabilities == 0)
409 {
410 priv_inverse(priv_set);
411
412 if (setppriv(PRIV_OFF, PRIV_LIMIT, priv_set) == -1)
413 bad_capabilities = errno;
414 }
415
416 if (priv_set)
417 priv_freeset(priv_set);
418
419#endif
420
421 if (bad_capabilities != 0)
422 {
423 send_event(err_pipe[1], EVENT_CAP_ERR, bad_capabilities);
424 _exit(0);
425 }
426
427 /* finally drop root */
428 if (setuid(ent_pw->pw_uid) == -1)
429 {
430 send_event(err_pipe[1], EVENT_USER_ERR, errno);
431 _exit(0);
432 }
433
434#ifdef HAVE_LINUX_NETWORK
435 data->effective = data->permitted =
436 (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW);
437 data->inheritable = 0;
438
439 /* lose the setuid and setgid capbilities */
440 if (capset(hdr, data) == -1)
441 {
442 send_event(err_pipe[1], EVENT_CAP_ERR, errno);
443 _exit(0);
444 }
445#endif
446
447 }
448 }
449
450#ifdef HAVE_LINUX_NETWORK
451 if (daemon->options & OPT_DEBUG)
San Mehat5658bcb2010-01-20 10:16:30 -0800[diff] [blame]452 prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
San Mehatffd68722010-01-20 09:56:15 -0800[diff] [blame]453#endif
454
455 if (daemon->port == 0)
456 my_syslog(LOG_INFO, _("started, version %s DNS disabled"), VERSION);
457 else if (daemon->cachesize != 0)
458 my_syslog(LOG_INFO, _("started, version %s cachesize %d"), VERSION, daemon->cachesize);
459 else
460 my_syslog(LOG_INFO, _("started, version %s cache disabled"), VERSION);
461
462 my_syslog(LOG_INFO, _("compile time options: %s"), compile_opts);
463
464#ifdef HAVE_DBUS
465 if (daemon->options & OPT_DBUS)
466 {
467 if (daemon->dbus)
468 my_syslog(LOG_INFO, _("DBus support enabled: connected to system bus"));
469 else
470 my_syslog(LOG_INFO, _("DBus support enabled: bus connection pending"));
471 }
472#endif
473
474 if (log_err != 0)
475 my_syslog(LOG_WARNING, _("warning: failed to change owner of %s: %s"),
476 daemon->log_file, strerror(log_err));
477
478 if (bind_fallback)
479 my_syslog(LOG_WARNING, _("setting --bind-interfaces option because of OS limitations"));
480
481 if (!(daemon->options & OPT_NOWILD))
482 for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
483 if (if_tmp->name && !if_tmp->used)
484 my_syslog(LOG_WARNING, _("warning: interface %s does not currently exist"), if_tmp->name);
485
486 if (daemon->port != 0 && (daemon->options & OPT_NO_RESOLV))
487 {
488 if (daemon->resolv_files && !daemon->resolv_files->is_default)
489 my_syslog(LOG_WARNING, _("warning: ignoring resolv-file flag because no-resolv is set"));
490 daemon->resolv_files = NULL;
491 if (!daemon->servers)
492 my_syslog(LOG_WARNING, _("warning: no upstream servers configured"));
493 }
494
495 if (daemon->max_logs != 0)
496 my_syslog(LOG_INFO, _("asynchronous logging enabled, queue limit is %d messages"), daemon->max_logs);
497
498#ifdef HAVE_DHCP
499 if (daemon->dhcp)
500 {
501 struct dhcp_context *dhcp_tmp;
502
503 for (dhcp_tmp = daemon->dhcp; dhcp_tmp; dhcp_tmp = dhcp_tmp->next)
504 {
505 prettyprint_time(daemon->dhcp_buff2, dhcp_tmp->lease_time);
506 strcpy(daemon->dhcp_buff, inet_ntoa(dhcp_tmp->start));
507 my_syslog(MS_DHCP | LOG_INFO,
508 (dhcp_tmp->flags & CONTEXT_STATIC) ?
509 _("DHCP, static leases only on %.0s%s, lease time %s") :
510 (dhcp_tmp->flags & CONTEXT_PROXY) ?
511 _("DHCP, proxy on subnet %.0s%s%.0s") :
512 _("DHCP, IP range %s -- %s, lease time %s"),
513 daemon->dhcp_buff, inet_ntoa(dhcp_tmp->end), daemon->dhcp_buff2);
514 }
515 }
516#endif
517
518#ifdef HAVE_TFTP
519 if (daemon->options & OPT_TFTP)
520 {
521#ifdef FD_SETSIZE
522 if (FD_SETSIZE < (unsigned)max_fd)
523 max_fd = FD_SETSIZE;
524#endif
525
526 my_syslog(MS_TFTP | LOG_INFO, "TFTP %s%s %s",
527 daemon->tftp_prefix ? _("root is ") : _("enabled"),
528 daemon->tftp_prefix ? daemon->tftp_prefix: "",
529 daemon->options & OPT_TFTP_SECURE ? _("secure mode") : "");
530
531 /* This is a guess, it assumes that for small limits,
532 disjoint files might be served, but for large limits,
533 a single file will be sent to may clients (the file only needs
534 one fd). */
535
536 max_fd -= 30; /* use other than TFTP */
537
538 if (max_fd < 0)
539 max_fd = 5;
540 else if (max_fd < 100)
541 max_fd = max_fd/2;
542 else
543 max_fd = max_fd - 20;
544
545 /* if we have to use a limited range of ports,
546 that will limit the number of transfers */
547 if (daemon->start_tftp_port != 0 &&
548 daemon->end_tftp_port - daemon->start_tftp_port + 1 < max_fd)
549 max_fd = daemon->end_tftp_port - daemon->start_tftp_port + 1;
550
551 if (daemon->tftp_max > max_fd)
552 {
553 daemon->tftp_max = max_fd;
554 my_syslog(MS_TFTP | LOG_WARNING,
555 _("restricting maximum simultaneous TFTP transfers to %d"),
556 daemon->tftp_max);
557 }
558 }
559#endif
560
561 /* finished start-up - release original process */
562 if (err_pipe[1] != -1)
563 close(err_pipe[1]);
564
565 if (daemon->port != 0)
566 check_servers();
567
568 pid = getpid();
569
570 while (1)
571 {
572 int maxfd = -1;
573 struct timeval t, *tp = NULL;
574 fd_set rset, wset, eset;
575
576 FD_ZERO(&rset);
577 FD_ZERO(&wset);
578 FD_ZERO(&eset);
579
580 /* if we are out of resources, find how long we have to wait
581 for some to come free, we'll loop around then and restart
582 listening for queries */
583 if ((t.tv_sec = set_dns_listeners(now, &rset, &maxfd)) != 0)
584 {
585 t.tv_usec = 0;
586 tp = &t;
587 }
San Mehat33b34442010-01-20 10:54:48 -0800[diff] [blame^]588#ifdef __ANDROID__
589 set_android_listeners(&rset, &maxfd);
590#endif
San Mehatffd68722010-01-20 09:56:15 -0800[diff] [blame]591
592 /* Whilst polling for the dbus, or doing a tftp transfer, wake every quarter second */
593 if (daemon->tftp_trans ||
594 ((daemon->options & OPT_DBUS) && !daemon->dbus))
595 {
596 t.tv_sec = 0;
597 t.tv_usec = 250000;
598 tp = &t;
599 }
600
601#ifdef HAVE_DBUS
602 set_dbus_listeners(&maxfd, &rset, &wset, &eset);
603#endif
604
605#ifdef HAVE_DHCP
606 if (daemon->dhcp)
607 {
608 FD_SET(daemon->dhcpfd, &rset);
609 bump_maxfd(daemon->dhcpfd, &maxfd);
610 }
611#endif
612
613#ifdef HAVE_LINUX_NETWORK
614 FD_SET(daemon->netlinkfd, &rset);
615 bump_maxfd(daemon->netlinkfd, &maxfd);
616#endif
617
618 FD_SET(piperead, &rset);
619 bump_maxfd(piperead, &maxfd);
620
621#ifdef HAVE_DHCP
622# ifdef HAVE_SCRIPT
623 while (helper_buf_empty() && do_script_run(now));
624
625 if (!helper_buf_empty())
626 {
627 FD_SET(daemon->helperfd, &wset);
628 bump_maxfd(daemon->helperfd, &maxfd);
629 }
630# else
631 /* need this for other side-effects */
632 while (do_script_run(now));
633# endif
634#endif
635
636 /* must do this just before select(), when we know no
637 more calls to my_syslog() can occur */
638 set_log_writer(&wset, &maxfd);
639
640 if (select(maxfd+1, &rset, &wset, &eset, tp) < 0)
641 {
642 /* otherwise undefined after error */
643 FD_ZERO(&rset); FD_ZERO(&wset); FD_ZERO(&eset);
644 }
645
646 now = dnsmasq_time();
647
648 check_log_writer(&wset);
649
650 /* Check for changes to resolv files once per second max. */
651 /* Don't go silent for long periods if the clock goes backwards. */
652 if (daemon->last_resolv == 0 ||
653 difftime(now, daemon->last_resolv) > 1.0 ||
654 difftime(now, daemon->last_resolv) < -1.0)
655 {
656 daemon->last_resolv = now;
657
658 if (daemon->port != 0 && !(daemon->options & OPT_NO_POLL))
659 poll_resolv();
660 }
661
662 if (FD_ISSET(piperead, &rset))
663 async_event(piperead, now);
664
665#ifdef HAVE_LINUX_NETWORK
666 if (FD_ISSET(daemon->netlinkfd, &rset))
667 netlink_multicast();
668#endif
669
670#ifdef HAVE_DBUS
671 /* if we didn't create a DBus connection, retry now. */
672 if ((daemon->options & OPT_DBUS) && !daemon->dbus)
673 {
674 char *err;
675 if ((err = dbus_init()))
676 my_syslog(LOG_WARNING, _("DBus error: %s"), err);
677 if (daemon->dbus)
678 my_syslog(LOG_INFO, _("connected to system DBus"));
679 }
680 check_dbus_listeners(&rset, &wset, &eset);
681#endif
San Mehat33b34442010-01-20 10:54:48 -0800[diff] [blame^]682
683#ifdef __ANDROID__
684 check_android_listeners(&rset);
685#endif
San Mehatffd68722010-01-20 09:56:15 -0800[diff] [blame]686
687 check_dns_listeners(&rset, now);
688
689#ifdef HAVE_TFTP
690 check_tftp_listeners(&rset, now);
691#endif
692
693#ifdef HAVE_DHCP
694 if (daemon->dhcp && FD_ISSET(daemon->dhcpfd, &rset))
695 dhcp_packet(now);
696
697# ifdef HAVE_SCRIPT
698 if (daemon->helperfd != -1 && FD_ISSET(daemon->helperfd, &wset))
699 helper_write();
700# endif
701#endif
702
703 }
704}
705
706static void sig_handler(int sig)
707{
708 if (pid == 0)
709 {
710 /* ignore anything other than TERM during startup
711 and in helper proc. (helper ignore TERM too) */
712 if (sig == SIGTERM)
713 exit(EC_MISC);
714 }
715 else if (pid != getpid())
716 {
717 /* alarm is used to kill TCP children after a fixed time. */
718 if (sig == SIGALRM)
719 _exit(0);
720 }
721 else
722 {
723 /* master process */
724 int event, errsave = errno;
725
726 if (sig == SIGHUP)
727 event = EVENT_RELOAD;
728 else if (sig == SIGCHLD)
729 event = EVENT_CHILD;
730 else if (sig == SIGALRM)
731 event = EVENT_ALARM;
732 else if (sig == SIGTERM)
733 event = EVENT_TERM;
734 else if (sig == SIGUSR1)
735 event = EVENT_DUMP;
736 else if (sig == SIGUSR2)
737 event = EVENT_REOPEN;
738 else
739 return;
740
741 send_event(pipewrite, event, 0);
742 errno = errsave;
743 }
744}
745
746void send_event(int fd, int event, int data)
747{
748 struct event_desc ev;
749
750 ev.event = event;
751 ev.data = data;
752
753 /* error pipe, debug mode. */
754 if (fd == -1)
755 fatal_event(&ev);
756 else
757 /* pipe is non-blocking and struct event_desc is smaller than
758 PIPE_BUF, so this either fails or writes everything */
759 while (write(fd, &ev, sizeof(ev)) == -1 && errno == EINTR);
760}
761
762static void fatal_event(struct event_desc *ev)
763{
764 errno = ev->data;
765
766 switch (ev->event)
767 {
768 case EVENT_DIE:
769 exit(0);
770
771 case EVENT_FORK_ERR:
772 die(_("cannot fork into background: %s"), NULL, EC_MISC);
773
774 case EVENT_PIPE_ERR:
775 die(_("failed to create helper: %s"), NULL, EC_MISC);
776
777 case EVENT_CAP_ERR:
778 die(_("setting capabilities failed: %s"), NULL, EC_MISC);
779
780 case EVENT_USER_ERR:
781 case EVENT_HUSER_ERR:
782 die(_("failed to change user-id to %s: %s"),
783 ev->event == EVENT_USER_ERR ? daemon->username : daemon->scriptuser,
784 EC_MISC);
785
786 case EVENT_GROUP_ERR:
787 die(_("failed to change group-id to %s: %s"), daemon->groupname, EC_MISC);
788
789 case EVENT_PIDFILE:
790 die(_("failed to open pidfile %s: %s"), daemon->runfile, EC_FILE);
791
792 case EVENT_LOG_ERR:
793 die(_("cannot open %s: %s"), daemon->log_file ? daemon->log_file : "log", EC_FILE);
794 }
795}
796
797static void async_event(int pipe, time_t now)
798{
799 pid_t p;
800 struct event_desc ev;
801 int i;
802
803 if (read_write(pipe, (unsigned char *)&ev, sizeof(ev), 1))
804 switch (ev.event)
805 {
806 case EVENT_RELOAD:
807 clear_cache_and_reload(now);
808 if (daemon->port != 0 && daemon->resolv_files && (daemon->options & OPT_NO_POLL))
809 {
810 reload_servers(daemon->resolv_files->name);
811 check_servers();
812 }
813#ifdef HAVE_DHCP
814 rerun_scripts();
815#endif
816 break;
817
818 case EVENT_DUMP:
819 if (daemon->port != 0)
820 dump_cache(now);
821 break;
822
823 case EVENT_ALARM:
824#ifdef HAVE_DHCP
825 if (daemon->dhcp)
826 {
827 lease_prune(NULL, now);
828 lease_update_file(now);
829 }
830#endif
831 break;
832
833 case EVENT_CHILD:
834 /* See Stevens 5.10 */
835 while ((p = waitpid(-1, NULL, WNOHANG)) != 0)
836 if (p == -1)
837 {
838 if (errno != EINTR)
839 break;
840 }
841 else
842 for (i = 0 ; i < MAX_PROCS; i++)
843 if (daemon->tcp_pids[i] == p)
844 daemon->tcp_pids[i] = 0;
845 break;
846
847 case EVENT_KILLED:
848 my_syslog(LOG_WARNING, _("child process killed by signal %d"), ev.data);
849 break;
850
851 case EVENT_EXITED:
852 my_syslog(LOG_WARNING, _("child process exited with status %d"), ev.data);
853 break;
854
855 case EVENT_EXEC_ERR:
856 my_syslog(LOG_ERR, _("failed to execute %s: %s"),
857 daemon->lease_change_command, strerror(ev.data));
858 break;
859
860 /* necessary for fatal errors in helper */
861 case EVENT_HUSER_ERR:
862 case EVENT_DIE:
863 fatal_event(&ev);
864 break;
865
866 case EVENT_REOPEN:
867 /* Note: this may leave TCP-handling processes with the old file still open.
868 Since any such process will die in CHILD_LIFETIME or probably much sooner,
869 we leave them logging to the old file. */
870 if (daemon->log_file != NULL)
871 log_reopen(daemon->log_file);
872 break;
873
874 case EVENT_TERM:
875 /* Knock all our children on the head. */
876 for (i = 0; i < MAX_PROCS; i++)
877 if (daemon->tcp_pids[i] != 0)
878 kill(daemon->tcp_pids[i], SIGALRM);
879
880#if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
881 /* handle pending lease transitions */
882 if (daemon->helperfd != -1)
883 {
884 /* block in writes until all done */
885 if ((i = fcntl(daemon->helperfd, F_GETFL)) != -1)
886 fcntl(daemon->helperfd, F_SETFL, i & ~O_NONBLOCK);
887 do {
888 helper_write();
889 } while (!helper_buf_empty() || do_script_run(now));
890 close(daemon->helperfd);
891 }
892#endif
893
894 if (daemon->lease_stream)
895 fclose(daemon->lease_stream);
896
897 if (daemon->runfile)
898 unlink(daemon->runfile);
899
900 my_syslog(LOG_INFO, _("exiting on receipt of SIGTERM"));
901 flush_log();
902 exit(EC_GOOD);
903 }
904}
905
906static void poll_resolv()
907{
908 struct resolvc *res, *latest;
909 struct stat statbuf;
910 time_t last_change = 0;
911 /* There may be more than one possible file.
912 Go through and find the one which changed _last_.
913 Warn of any which can't be read. */
914 for (latest = NULL, res = daemon->resolv_files; res; res = res->next)
915 if (stat(res->name, &statbuf) == -1)
916 {
917 if (!res->logged)
918 my_syslog(LOG_WARNING, _("failed to access %s: %s"), res->name, strerror(errno));
919 res->logged = 1;
920 }
921 else
922 {
923 res->logged = 0;
924 if (statbuf.st_mtime != res->mtime)
925 {
926 res->mtime = statbuf.st_mtime;
927 if (difftime(statbuf.st_mtime, last_change) > 0.0)
928 {
929 last_change = statbuf.st_mtime;
930 latest = res;
931 }
932 }
933 }
934
935 if (latest)
936 {
937 static int warned = 0;
938 if (reload_servers(latest->name))
939 {
940 my_syslog(LOG_INFO, _("reading %s"), latest->name);
941 warned = 0;
942 check_servers();
943 if (daemon->options & OPT_RELOAD)
944 cache_reload();
945 }
946 else
947 {
948 latest->mtime = 0;
949 if (!warned)
950 {
951 my_syslog(LOG_WARNING, _("no servers found in %s, will retry"), latest->name);
952 warned = 1;
953 }
954 }
955 }
956}
957
958void clear_cache_and_reload(time_t now)
959{
960 if (daemon->port != 0)
961 cache_reload();
962
963#ifdef HAVE_DHCP
964 if (daemon->dhcp)
965 {
966 if (daemon->options & OPT_ETHERS)
967 dhcp_read_ethers();
968 reread_dhcp();
969 dhcp_update_configs(daemon->dhcp_conf);
970 check_dhcp_hosts(0);
971 lease_update_from_configs();
972 lease_update_file(now);
973 lease_update_dns();
974 }
975#endif
976}
977
San Mehat33b34442010-01-20 10:54:48 -0800[diff] [blame^]978#ifdef __ANDROID__
979
980static int set_android_listeners(fd_set *set, int *maxfdp) {
981 FD_SET(STDIN_FILENO, set);
982 bump_maxfd(STDIN_FILENO, maxfdp);
983 return 0;
984}
985
986static int check_android_listeners(fd_set *set) {
987 if (FD_ISSET(STDIN_FILENO, set)) {
988 char buffer[1024];
989 int rc;
990
991 if ((rc = read(STDIN_FILENO, buffer, sizeof(buffer) -1)) < 0) {
992 my_syslog(LOG_ERR, _("Error reading from stdin (%s)"), strerror(errno));
993 return -1;
994 }
995 buffer[rc] = '\0';
996 char *next = buffer;
997 char *cmd;
998
999 if (!(cmd = strsep(&next, ":"))) {
1000 my_syslog(LOG_ERR, _("Malformatted msg '%s'"), buffer);
1001 return -1;
1002 }
1003
1004 if (!strcmp(buffer, "update_dns")) {
1005 set_servers(&buffer[11]);
1006 check_servers();
1007 } else {
1008 my_syslog(LOG_ERR, _("Unknown cmd '%s'"), cmd);
1009 return -1;
1010 }
1011 }
1012 return 0;
1013}
1014#endif
1015
San Mehatffd68722010-01-20 09:56:15 -0800[diff] [blame]1016static int set_dns_listeners(time_t now, fd_set *set, int *maxfdp)
1017{
1018 struct serverfd *serverfdp;
1019 struct listener *listener;
1020 int wait = 0, i;
1021
1022#ifdef HAVE_TFTP
1023 int tftp = 0;
1024 struct tftp_transfer *transfer;
1025 for (transfer = daemon->tftp_trans; transfer; transfer = transfer->next)
1026 {
1027 tftp++;
1028 FD_SET(transfer->sockfd, set);
1029 bump_maxfd(transfer->sockfd, maxfdp);
1030 }
1031#endif
1032
1033 /* will we be able to get memory? */
1034 if (daemon->port != 0)
1035 get_new_frec(now, &wait);
1036
1037 for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
1038 {
1039 FD_SET(serverfdp->fd, set);
1040 bump_maxfd(serverfdp->fd, maxfdp);
1041 }
1042
1043 if (daemon->port != 0 && !daemon->osport)
1044 for (i = 0; i < RANDOM_SOCKS; i++)
1045 if (daemon->randomsocks[i].refcount != 0)
1046 {
1047 FD_SET(daemon->randomsocks[i].fd, set);
1048 bump_maxfd(daemon->randomsocks[i].fd, maxfdp);
1049 }
1050
1051 for (listener = daemon->listeners; listener; listener = listener->next)
1052 {
1053 /* only listen for queries if we have resources */
1054 if (listener->fd != -1 && wait == 0)
1055 {
1056 FD_SET(listener->fd, set);
1057 bump_maxfd(listener->fd, maxfdp);
1058 }
1059
1060 /* death of a child goes through the select loop, so
1061 we don't need to explicitly arrange to wake up here */
1062 if (listener->tcpfd != -1)
1063 for (i = 0; i < MAX_PROCS; i++)
1064 if (daemon->tcp_pids[i] == 0)
1065 {
1066 FD_SET(listener->tcpfd, set);
1067 bump_maxfd(listener->tcpfd, maxfdp);
1068 break;
1069 }
1070
1071#ifdef HAVE_TFTP
1072 if (tftp <= daemon->tftp_max && listener->tftpfd != -1)
1073 {
1074 FD_SET(listener->tftpfd, set);
1075 bump_maxfd(listener->tftpfd, maxfdp);
1076 }
1077#endif
1078
1079 }
1080
1081 return wait;
1082}
1083
1084static void check_dns_listeners(fd_set *set, time_t now)
1085{
1086 struct serverfd *serverfdp;
1087 struct listener *listener;
1088 int i;
1089
1090 for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
1091 if (FD_ISSET(serverfdp->fd, set))
1092 reply_query(serverfdp->fd, serverfdp->source_addr.sa.sa_family, now);
1093
1094 if (daemon->port != 0 && !daemon->osport)
1095 for (i = 0; i < RANDOM_SOCKS; i++)
1096 if (daemon->randomsocks[i].refcount != 0 &&
1097 FD_ISSET(daemon->randomsocks[i].fd, set))
1098 reply_query(daemon->randomsocks[i].fd, daemon->randomsocks[i].family, now);
1099
1100 for (listener = daemon->listeners; listener; listener = listener->next)
1101 {
1102 if (listener->fd != -1 && FD_ISSET(listener->fd, set))
1103 receive_query(listener, now);
1104
1105#ifdef HAVE_TFTP
1106 if (listener->tftpfd != -1 && FD_ISSET(listener->tftpfd, set))
1107 tftp_request(listener, now);
1108#endif
1109
1110 if (listener->tcpfd != -1 && FD_ISSET(listener->tcpfd, set))
1111 {
1112 int confd;
1113 struct irec *iface = NULL;
1114 pid_t p;
1115
1116 while((confd = accept(listener->tcpfd, NULL, NULL)) == -1 && errno == EINTR);
1117
1118 if (confd == -1)
1119 continue;
1120
1121 if (daemon->options & OPT_NOWILD)
1122 iface = listener->iface;
1123 else
1124 {
1125 union mysockaddr tcp_addr;
1126 socklen_t tcp_len = sizeof(union mysockaddr);
1127 /* Check for allowed interfaces when binding the wildcard address:
1128 we do this by looking for an interface with the same address as
1129 the local address of the TCP connection, then looking to see if that's
1130 an allowed interface. As a side effect, we get the netmask of the
1131 interface too, for localisation. */
1132
1133 /* interface may be new since startup */
1134 if (enumerate_interfaces() &&
1135 getsockname(confd, (struct sockaddr *)&tcp_addr, &tcp_len) != -1)
1136 for (iface = daemon->interfaces; iface; iface = iface->next)
1137 if (sockaddr_isequal(&iface->addr, &tcp_addr))
1138 break;
1139 }
1140
1141 if (!iface)
1142 {
1143 shutdown(confd, SHUT_RDWR);
1144 close(confd);
1145 }
1146#ifndef NO_FORK
1147 else if (!(daemon->options & OPT_DEBUG) && (p = fork()) != 0)
1148 {
1149 if (p != -1)
1150 {
1151 int i;
1152 for (i = 0; i < MAX_PROCS; i++)
1153 if (daemon->tcp_pids[i] == 0)
1154 {
1155 daemon->tcp_pids[i] = p;
1156 break;
1157 }
1158 }
1159 close(confd);
1160 }
1161#endif
1162 else
1163 {
1164 unsigned char *buff;
1165 struct server *s;
1166 int flags;
1167 struct in_addr dst_addr_4;
1168
1169 dst_addr_4.s_addr = 0;
1170
1171 /* Arrange for SIGALARM after CHILD_LIFETIME seconds to
1172 terminate the process. */
1173 if (!(daemon->options & OPT_DEBUG))
1174 alarm(CHILD_LIFETIME);
1175
1176 /* start with no upstream connections. */
1177 for (s = daemon->servers; s; s = s->next)
1178 s->tcpfd = -1;
1179
1180 /* The connected socket inherits non-blocking
1181 attribute from the listening socket.
1182 Reset that here. */
1183 if ((flags = fcntl(confd, F_GETFL, 0)) != -1)
1184 fcntl(confd, F_SETFL, flags & ~O_NONBLOCK);
1185
1186 if (listener->family == AF_INET)
1187 dst_addr_4 = iface->addr.in.sin_addr;
1188
1189 buff = tcp_request(confd, now, dst_addr_4, iface->netmask);
1190
1191 shutdown(confd, SHUT_RDWR);
1192 close(confd);
1193
1194 if (buff)
1195 free(buff);
1196
1197 for (s = daemon->servers; s; s = s->next)
1198 if (s->tcpfd != -1)
1199 {
1200 shutdown(s->tcpfd, SHUT_RDWR);
1201 close(s->tcpfd);
1202 }
1203#ifndef NO_FORK
1204 if (!(daemon->options & OPT_DEBUG))
1205 {
1206 flush_log();
1207 _exit(0);
1208 }
1209#endif
1210 }
1211 }
1212 }
1213}
1214
1215#ifdef HAVE_DHCP
1216int make_icmp_sock(void)
1217{
1218 int fd;
1219 int zeroopt = 0;
1220
1221 if ((fd = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP)) != -1)
1222 {
1223 if (!fix_fd(fd) ||
1224 setsockopt(fd, SOL_SOCKET, SO_DONTROUTE, &zeroopt, sizeof(zeroopt)) == -1)
1225 {
1226 close(fd);
1227 fd = -1;
1228 }
1229 }
1230
1231 return fd;
1232}
1233
1234int icmp_ping(struct in_addr addr)
1235{
1236 /* Try and get an ICMP echo from a machine. */
1237
1238 /* Note that whilst in the three second wait, we check for
1239 (and service) events on the DNS and TFTP sockets, (so doing that
1240 better not use any resources our caller has in use...)
1241 but we remain deaf to signals or further DHCP packets. */
1242
1243 int fd;
1244 struct sockaddr_in saddr;
1245 struct {
1246 struct ip ip;
1247 struct icmp icmp;
1248 } packet;
1249 unsigned short id = rand16();
1250 unsigned int i, j;
1251 int gotreply = 0;
1252 time_t start, now;
1253
1254#if defined(HAVE_LINUX_NETWORK) || defined (HAVE_SOLARIS_NETWORK)
1255 if ((fd = make_icmp_sock()) == -1)
1256 return 0;
1257#else
1258 int opt = 2000;
1259 fd = daemon->dhcp_icmp_fd;
1260 setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
1261#endif
1262
1263 saddr.sin_family = AF_INET;
1264 saddr.sin_port = 0;
1265 saddr.sin_addr = addr;
1266#ifdef HAVE_SOCKADDR_SA_LEN
1267 saddr.sin_len = sizeof(struct sockaddr_in);
1268#endif
1269
1270 memset(&packet.icmp, 0, sizeof(packet.icmp));
1271 packet.icmp.icmp_type = ICMP_ECHO;
1272 packet.icmp.icmp_id = id;
1273 for (j = 0, i = 0; i < sizeof(struct icmp) / 2; i++)
1274 j += ((u16 *)&packet.icmp)[i];
1275 while (j>>16)
1276 j = (j & 0xffff) + (j >> 16);
1277 packet.icmp.icmp_cksum = (j == 0xffff) ? j : ~j;
1278
1279 while (sendto(fd, (char *)&packet.icmp, sizeof(struct icmp), 0,
1280 (struct sockaddr *)&saddr, sizeof(saddr)) == -1 &&
1281 retry_send());
1282
1283 for (now = start = dnsmasq_time();
1284 difftime(now, start) < (float)PING_WAIT;)
1285 {
1286 struct timeval tv;
1287 fd_set rset, wset;
1288 struct sockaddr_in faddr;
1289 int maxfd = fd;
1290 socklen_t len = sizeof(faddr);
1291
1292 tv.tv_usec = 250000;
1293 tv.tv_sec = 0;
1294
1295 FD_ZERO(&rset);
1296 FD_ZERO(&wset);
1297 FD_SET(fd, &rset);
1298 set_dns_listeners(now, &rset, &maxfd);
1299 set_log_writer(&wset, &maxfd);
1300
1301 if (select(maxfd+1, &rset, &wset, NULL, &tv) < 0)
1302 {
1303 FD_ZERO(&rset);
1304 FD_ZERO(&wset);
1305 }
1306
1307 now = dnsmasq_time();
1308
1309 check_log_writer(&wset);
1310 check_dns_listeners(&rset, now);
1311
1312#ifdef HAVE_TFTP
1313 check_tftp_listeners(&rset, now);
1314#endif
1315
1316 if (FD_ISSET(fd, &rset) &&
1317 recvfrom(fd, &packet, sizeof(packet), 0,
1318 (struct sockaddr *)&faddr, &len) == sizeof(packet) &&
1319 saddr.sin_addr.s_addr == faddr.sin_addr.s_addr &&
1320 packet.icmp.icmp_type == ICMP_ECHOREPLY &&
1321 packet.icmp.icmp_seq == 0 &&
1322 packet.icmp.icmp_id == id)
1323 {
1324 gotreply = 1;
1325 break;
1326 }
1327 }
1328
1329#if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK)
1330 close(fd);
1331#else
1332 opt = 1;
1333 setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
1334#endif
1335
1336 return gotreply;
1337}
1338#endif
1339
1340