Simon Kelley | d1ced3a | 2018-01-01 22:18:03 +0000 | [diff] [blame] | 1 | /* dnsmasq is Copyright (c) 2000-2018 Simon Kelley |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 2 | |
| 3 | This program is free software; you can redistribute it and/or modify |
| 4 | it under the terms of the GNU General Public License as published by |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 5 | the Free Software Foundation; version 2 dated June, 1991, or |
| 6 | (at your option) version 3 dated 29 June, 2007. |
| 7 | |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 8 | This program is distributed in the hope that it will be useful, |
| 9 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 10 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 11 | GNU General Public License for more details. |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 12 | |
Simon Kelley | 73a08a2 | 2009-02-05 20:28:08 +0000 | [diff] [blame] | 13 | You should have received a copy of the GNU General Public License |
| 14 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 15 | */ |
| 16 | |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 17 | /* Declare static char *compiler_opts in config.h */ |
| 18 | #define DNSMASQ_COMPILE_OPTS |
| 19 | |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 20 | #include "dnsmasq.h" |
| 21 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 22 | struct daemon *daemon; |
| 23 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 24 | static volatile pid_t pid = 0; |
| 25 | static volatile int pipewrite; |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 26 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 27 | static int set_dns_listeners(time_t now); |
| 28 | static void check_dns_listeners(time_t now); |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 29 | static void sig_handler(int sig); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 30 | static void async_event(int pipe, time_t now); |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 31 | static void fatal_event(struct event_desc *ev, char *msg); |
| 32 | static int read_event(int fd, struct event_desc *evp, char **msg); |
Simon Kelley | 47a9516 | 2014-07-08 22:22:02 +0100 | [diff] [blame] | 33 | static void poll_resolv(int force, int do_reload, time_t now); |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 34 | |
| 35 | int main (int argc, char **argv) |
| 36 | { |
Simon Kelley | de37951 | 2004-06-22 20:23:33 +0100 | [diff] [blame] | 37 | int bind_fallback = 0; |
Simon Kelley | 9009d74 | 2008-11-14 20:04:27 +0000 | [diff] [blame] | 38 | time_t now; |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 39 | struct sigaction sigact; |
Simon Kelley | 26128d2 | 2004-11-14 16:43:54 +0000 | [diff] [blame] | 40 | struct iname *if_tmp; |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 41 | int piperead, pipefd[2], err_pipe[2]; |
| 42 | struct passwd *ent_pw = NULL; |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 43 | #if defined(HAVE_SCRIPT) |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 44 | uid_t script_uid = 0; |
| 45 | gid_t script_gid = 0; |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 46 | #endif |
| 47 | struct group *gp = NULL; |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 48 | long i, max_fd = sysconf(_SC_OPEN_MAX); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 49 | char *baduser = NULL; |
| 50 | int log_err; |
Simon Kelley | 6b54d69 | 2018-02-08 21:23:05 +0000 | [diff] [blame] | 51 | int chown_warn = 0; |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 52 | #if defined(HAVE_LINUX_NETWORK) |
| 53 | cap_user_header_t hdr = NULL; |
| 54 | cap_user_data_t data = NULL; |
Simon Kelley | 3b3f441 | 2013-10-11 16:33:28 +0100 | [diff] [blame] | 55 | char *bound_device = NULL; |
| 56 | int did_bind = 0; |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 57 | #endif |
Vladislav Grishenko | 408c368 | 2013-09-24 16:18:49 +0100 | [diff] [blame] | 58 | #if defined(HAVE_DHCP) || defined(HAVE_DHCP6) |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 59 | struct dhcp_context *context; |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 60 | struct dhcp_relay *relay; |
Vladislav Grishenko | 408c368 | 2013-09-24 16:18:49 +0100 | [diff] [blame] | 61 | #endif |
Stefan Tomanek | 30d0879 | 2015-03-31 22:32:11 +0100 | [diff] [blame] | 62 | #ifdef HAVE_TFTP |
| 63 | int tftp_prefix_missing = 0; |
| 64 | #endif |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 65 | |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 66 | #ifdef LOCALEDIR |
Simon Kelley | b8187c8 | 2005-11-26 21:46:27 +0000 | [diff] [blame] | 67 | setlocale(LC_ALL, ""); |
| 68 | bindtextdomain("dnsmasq", LOCALEDIR); |
| 69 | textdomain("dnsmasq"); |
| 70 | #endif |
| 71 | |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 72 | sigact.sa_handler = sig_handler; |
| 73 | sigact.sa_flags = 0; |
| 74 | sigemptyset(&sigact.sa_mask); |
| 75 | sigaction(SIGUSR1, &sigact, NULL); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 76 | sigaction(SIGUSR2, &sigact, NULL); |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 77 | sigaction(SIGHUP, &sigact, NULL); |
| 78 | sigaction(SIGTERM, &sigact, NULL); |
Simon Kelley | 44a2a31 | 2004-03-10 20:04:35 +0000 | [diff] [blame] | 79 | sigaction(SIGALRM, &sigact, NULL); |
Simon Kelley | feba5c1 | 2004-07-27 20:28:58 +0100 | [diff] [blame] | 80 | sigaction(SIGCHLD, &sigact, NULL); |
Simon Kelley | 3c973ad | 2018-01-14 21:05:37 +0000 | [diff] [blame] | 81 | sigaction(SIGINT, &sigact, NULL); |
| 82 | |
Simon Kelley | feba5c1 | 2004-07-27 20:28:58 +0100 | [diff] [blame] | 83 | /* ignore SIGPIPE */ |
| 84 | sigact.sa_handler = SIG_IGN; |
| 85 | sigaction(SIGPIPE, &sigact, NULL); |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 86 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 87 | umask(022); /* known umask, create leases and pid files as 0644 */ |
Simon Kelley | b5ea1cc | 2014-07-29 16:34:14 +0100 | [diff] [blame] | 88 | |
| 89 | rand_init(); /* Must precede read_opts() */ |
| 90 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 91 | read_opts(argc, argv, compile_opts); |
Simon Kelley | c3e0b9b | 2013-12-31 13:50:39 +0000 | [diff] [blame] | 92 | |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 93 | if (daemon->edns_pktsz < PACKETSZ) |
Simon Kelley | 60b6806 | 2014-01-08 12:10:28 +0000 | [diff] [blame] | 94 | daemon->edns_pktsz = PACKETSZ; |
Simon Kelley | 3ddacb8 | 2014-01-08 14:32:03 +0000 | [diff] [blame] | 95 | |
Simon Kelley | d3a8b39 | 2015-12-23 12:27:37 +0000 | [diff] [blame] | 96 | /* Min buffer size: we check after adding each record, so there must be |
| 97 | memory for the largest packet, and the largest record so the |
| 98 | min for DNS is PACKETSZ+MAXDNAME+RRFIXEDSZ which is < 1000. |
| 99 | This might be increased is EDNS packet size if greater than the minimum. */ |
| 100 | daemon->packet_buff_sz = daemon->edns_pktsz + MAXDNAME + RRFIXEDSZ; |
Simon Kelley | 0a85254 | 2005-03-23 20:28:59 +0000 | [diff] [blame] | 101 | daemon->packet = safe_malloc(daemon->packet_buff_sz); |
Simon Kelley | 3ddacb8 | 2014-01-08 14:32:03 +0000 | [diff] [blame] | 102 | |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 103 | daemon->addrbuff = safe_malloc(ADDRSTRLEN); |
Simon Kelley | 25cf5e3 | 2015-01-09 15:53:03 +0000 | [diff] [blame] | 104 | if (option_bool(OPT_EXTRALOG)) |
| 105 | daemon->addrbuff2 = safe_malloc(ADDRSTRLEN); |
Simon Kelley | 3ddacb8 | 2014-01-08 14:32:03 +0000 | [diff] [blame] | 106 | |
| 107 | #ifdef HAVE_DNSSEC |
| 108 | if (option_bool(OPT_DNSSEC_VALID)) |
Simon Kelley | 5107ace | 2014-02-23 10:48:32 +0000 | [diff] [blame] | 109 | { |
Simon Kelley | cbe379a | 2015-04-21 22:57:06 +0100 | [diff] [blame] | 110 | /* Note that both /000 and '.' are allowed within labels. These get |
| 111 | represented in presentation format using NAME_ESCAPE as an escape |
| 112 | character when in DNSSEC mode. |
| 113 | In theory, if all the characters in a name were /000 or |
| 114 | '.' or NAME_ESCAPE then all would have to be escaped, so the |
| 115 | presentation format would be twice as long as the spec. |
| 116 | |
| 117 | daemon->namebuff was previously allocated by the option-reading |
| 118 | code before we knew if we're in DNSSEC mode, so reallocate here. */ |
| 119 | free(daemon->namebuff); |
| 120 | daemon->namebuff = safe_malloc(MAXDNAME * 2); |
| 121 | daemon->keyname = safe_malloc(MAXDNAME * 2); |
| 122 | daemon->workspacename = safe_malloc(MAXDNAME * 2); |
Simon Kelley | 373e917 | 2017-12-01 22:40:56 +0000 | [diff] [blame] | 123 | /* one char flag per possible RR in answer section (may get extended). */ |
| 124 | daemon->rr_status_sz = 64; |
| 125 | daemon->rr_status = safe_malloc(daemon->rr_status_sz); |
Simon Kelley | 5107ace | 2014-02-23 10:48:32 +0000 | [diff] [blame] | 126 | } |
Simon Kelley | 3ddacb8 | 2014-01-08 14:32:03 +0000 | [diff] [blame] | 127 | #endif |
Simon Kelley | 4f7b304 | 2012-11-28 21:27:02 +0000 | [diff] [blame] | 128 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 129 | #ifdef HAVE_DHCP |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 130 | if (!daemon->lease_file) |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 131 | { |
Simon Kelley | 52b92f4 | 2012-01-22 16:05:15 +0000 | [diff] [blame] | 132 | if (daemon->dhcp || daemon->dhcp6) |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 133 | daemon->lease_file = LEASEFILE; |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 134 | } |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 135 | #endif |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 136 | |
Simon Kelley | a276175 | 2012-01-18 16:07:21 +0000 | [diff] [blame] | 137 | /* Close any file descriptors we inherited apart from std{in|out|err} |
| 138 | |
| 139 | Ensure that at least stdin, stdout and stderr (fd 0, 1, 2) exist, |
| 140 | otherwise file descriptors we create can end up being 0, 1, or 2 |
| 141 | and then get accidentally closed later when we make 0, 1, and 2 |
| 142 | open to /dev/null. Normally we'll be started with 0, 1 and 2 open, |
| 143 | but it's not guaranteed. By opening /dev/null three times, we |
| 144 | ensure that we're not using those fds for real stuff. */ |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 145 | for (i = 0; i < max_fd; i++) |
| 146 | if (i != STDOUT_FILENO && i != STDERR_FILENO && i != STDIN_FILENO) |
| 147 | close(i); |
Simon Kelley | a276175 | 2012-01-18 16:07:21 +0000 | [diff] [blame] | 148 | else |
| 149 | open("/dev/null", O_RDWR); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 150 | |
Simon Kelley | 801ca9a | 2012-03-06 19:30:17 +0000 | [diff] [blame] | 151 | #ifndef HAVE_LINUX_NETWORK |
| 152 | # if !(defined(IP_RECVDSTADDR) && defined(IP_RECVIF) && defined(IP_SENDSRCADDR)) |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 153 | if (!option_bool(OPT_NOWILD)) |
Simon Kelley | de37951 | 2004-06-22 20:23:33 +0100 | [diff] [blame] | 154 | { |
| 155 | bind_fallback = 1; |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 156 | set_option_bool(OPT_NOWILD); |
Simon Kelley | de37951 | 2004-06-22 20:23:33 +0100 | [diff] [blame] | 157 | } |
Simon Kelley | 801ca9a | 2012-03-06 19:30:17 +0000 | [diff] [blame] | 158 | # endif |
Simon Kelley | 2b5bae9 | 2012-06-26 16:55:23 +0100 | [diff] [blame] | 159 | |
| 160 | /* -- bind-dynamic not supported on !Linux, fall back to --bind-interfaces */ |
Simon Kelley | 54dd393 | 2012-06-20 11:23:38 +0100 | [diff] [blame] | 161 | if (option_bool(OPT_CLEVERBIND)) |
Simon Kelley | 2b5bae9 | 2012-06-26 16:55:23 +0100 | [diff] [blame] | 162 | { |
| 163 | bind_fallback = 1; |
| 164 | set_option_bool(OPT_NOWILD); |
Simon Kelley | 236e072 | 2012-06-26 21:33:01 +0100 | [diff] [blame] | 165 | reset_option_bool(OPT_CLEVERBIND); |
Simon Kelley | 2b5bae9 | 2012-06-26 16:55:23 +0100 | [diff] [blame] | 166 | } |
Simon Kelley | 0491805 | 2015-01-26 11:23:43 +0000 | [diff] [blame] | 167 | #endif |
Simon Kelley | 5f4dc5c | 2015-01-20 20:51:02 +0000 | [diff] [blame] | 168 | |
Simon Kelley | 0491805 | 2015-01-26 11:23:43 +0000 | [diff] [blame] | 169 | #ifndef HAVE_INOTIFY |
Simon Kelley | 70d1873 | 2015-01-31 19:59:29 +0000 | [diff] [blame] | 170 | if (daemon->dynamic_dirs) |
| 171 | die(_("dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"), NULL, EC_BADCONF); |
Simon Kelley | 309331f | 2006-04-22 15:05:01 +0100 | [diff] [blame] | 172 | #endif |
Simon Kelley | 2b5bae9 | 2012-06-26 16:55:23 +0100 | [diff] [blame] | 173 | |
Simon Kelley | 0744ca6 | 2014-01-25 16:40:15 +0000 | [diff] [blame] | 174 | if (option_bool(OPT_DNSSEC_VALID)) |
| 175 | { |
Simon Kelley | 3ddacb8 | 2014-01-08 14:32:03 +0000 | [diff] [blame] | 176 | #ifdef HAVE_DNSSEC |
Simon Kelley | a63b8b8 | 2016-01-12 11:28:58 +0000 | [diff] [blame] | 177 | struct ds_config *ds; |
| 178 | |
| 179 | /* Must have at least a root trust anchor, or the DNSSEC code |
| 180 | can loop forever. */ |
| 181 | for (ds = daemon->ds; ds; ds = ds->next) |
| 182 | if (ds->name[0] == 0) |
| 183 | break; |
| 184 | |
| 185 | if (!ds) |
| 186 | die(_("no root trust anchor provided for DNSSEC"), NULL, EC_BADCONF); |
Simon Kelley | 0744ca6 | 2014-01-25 16:40:15 +0000 | [diff] [blame] | 187 | |
| 188 | if (daemon->cachesize < CACHESIZ) |
Simon Kelley | 360f251 | 2015-03-07 18:28:06 +0000 | [diff] [blame] | 189 | die(_("cannot reduce cache size from default when DNSSEC enabled"), NULL, EC_BADCONF); |
Simon Kelley | 0744ca6 | 2014-01-25 16:40:15 +0000 | [diff] [blame] | 190 | #else |
| 191 | die(_("DNSSEC not available: set HAVE_DNSSEC in src/config.h"), NULL, EC_BADCONF); |
Simon Kelley | 3ddacb8 | 2014-01-08 14:32:03 +0000 | [diff] [blame] | 192 | #endif |
Simon Kelley | 0744ca6 | 2014-01-25 16:40:15 +0000 | [diff] [blame] | 193 | } |
Simon Kelley | 3ddacb8 | 2014-01-08 14:32:03 +0000 | [diff] [blame] | 194 | |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 195 | #ifndef HAVE_TFTP |
Simon Kelley | 9b40cbf | 2012-07-13 19:58:26 +0100 | [diff] [blame] | 196 | if (option_bool(OPT_TFTP)) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 197 | die(_("TFTP server not available: set HAVE_TFTP in src/config.h"), NULL, EC_BADCONF); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 198 | #endif |
| 199 | |
Simon Kelley | 7de060b | 2011-08-26 17:24:52 +0100 | [diff] [blame] | 200 | #ifdef HAVE_CONNTRACK |
| 201 | if (option_bool(OPT_CONNTRACK) && (daemon->query_port != 0 || daemon->osport)) |
Simon Kelley | 360f251 | 2015-03-07 18:28:06 +0000 | [diff] [blame] | 202 | die (_("cannot use --conntrack AND --query-port"), NULL, EC_BADCONF); |
Simon Kelley | 7de060b | 2011-08-26 17:24:52 +0100 | [diff] [blame] | 203 | #else |
| 204 | if (option_bool(OPT_CONNTRACK)) |
Simon Kelley | 360f251 | 2015-03-07 18:28:06 +0000 | [diff] [blame] | 205 | die(_("conntrack support not available: set HAVE_CONNTRACK in src/config.h"), NULL, EC_BADCONF); |
Simon Kelley | 7de060b | 2011-08-26 17:24:52 +0100 | [diff] [blame] | 206 | #endif |
| 207 | |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 208 | #ifdef HAVE_SOLARIS_NETWORK |
| 209 | if (daemon->max_logs != 0) |
Josh Soref | 730c674 | 2017-02-06 16:14:04 +0000 | [diff] [blame] | 210 | die(_("asynchronous logging is not available under Solaris"), NULL, EC_BADCONF); |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 211 | #endif |
| 212 | |
Simon Kelley | 572b41e | 2011-02-18 18:11:18 +0000 | [diff] [blame] | 213 | #ifdef __ANDROID__ |
| 214 | if (daemon->max_logs != 0) |
Josh Soref | 730c674 | 2017-02-06 16:14:04 +0000 | [diff] [blame] | 215 | die(_("asynchronous logging is not available under Android"), NULL, EC_BADCONF); |
Simon Kelley | 572b41e | 2011-02-18 18:11:18 +0000 | [diff] [blame] | 216 | #endif |
| 217 | |
Simon Kelley | 4820dce | 2012-12-18 18:30:30 +0000 | [diff] [blame] | 218 | #ifndef HAVE_AUTH |
| 219 | if (daemon->authserver) |
| 220 | die(_("authoritative DNS not available: set HAVE_AUTH in src/config.h"), NULL, EC_BADCONF); |
| 221 | #endif |
| 222 | |
Simon Kelley | b5ea1cc | 2014-07-29 16:34:14 +0100 | [diff] [blame] | 223 | #ifndef HAVE_LOOP |
| 224 | if (option_bool(OPT_LOOP_DETECT)) |
Simon Kelley | 360f251 | 2015-03-07 18:28:06 +0000 | [diff] [blame] | 225 | die(_("loop detection not available: set HAVE_LOOP in src/config.h"), NULL, EC_BADCONF); |
Simon Kelley | b5ea1cc | 2014-07-29 16:34:14 +0100 | [diff] [blame] | 226 | #endif |
Hans Dedecker | 926332a | 2016-01-23 10:48:12 +0000 | [diff] [blame] | 227 | |
Hans Dedecker | 926332a | 2016-01-23 10:48:12 +0000 | [diff] [blame] | 228 | if (daemon->max_port < daemon->min_port) |
| 229 | die(_("max_port cannot be smaller than min_port"), NULL, EC_BADCONF); |
| 230 | |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 231 | now = dnsmasq_time(); |
Simon Kelley | 4f7b304 | 2012-11-28 21:27:02 +0000 | [diff] [blame] | 232 | |
Simon Kelley | b0ff858 | 2013-02-06 09:57:47 +0000 | [diff] [blame] | 233 | /* Create a serial at startup if not configured. */ |
Simon Kelley | 4f7b304 | 2012-11-28 21:27:02 +0000 | [diff] [blame] | 234 | if (daemon->authinterface && daemon->soa_sn == 0) |
| 235 | #ifdef HAVE_BROKEN_RTC |
Simon Kelley | b0ff858 | 2013-02-06 09:57:47 +0000 | [diff] [blame] | 236 | die(_("zone serial must be configured in --auth-soa"), NULL, EC_BADCONF); |
Simon Kelley | 4f7b304 | 2012-11-28 21:27:02 +0000 | [diff] [blame] | 237 | #else |
| 238 | daemon->soa_sn = now; |
| 239 | #endif |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 240 | |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 241 | #ifdef HAVE_DHCP6 |
| 242 | if (daemon->dhcp6) |
| 243 | { |
| 244 | daemon->doing_ra = option_bool(OPT_RA); |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 245 | |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 246 | for (context = daemon->dhcp6; context; context = context->next) |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 247 | { |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 248 | if (context->flags & CONTEXT_DHCP) |
| 249 | daemon->doing_dhcp6 = 1; |
| 250 | if (context->flags & CONTEXT_RA) |
| 251 | daemon->doing_ra = 1; |
Simon Kelley | 1ee9be4 | 2013-12-09 16:50:19 +0000 | [diff] [blame] | 252 | #if !defined(HAVE_LINUX_NETWORK) && !defined(HAVE_BSD_NETWORK) |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 253 | if (context->flags & CONTEXT_TEMPLATE) |
| 254 | die (_("dhcp-range constructor not available on this platform"), NULL, EC_BADCONF); |
Simon Kelley | bb86e85 | 2012-12-17 22:00:53 +0000 | [diff] [blame] | 255 | #endif |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 256 | } |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 257 | } |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 258 | #endif |
| 259 | |
| 260 | #ifdef HAVE_DHCP |
| 261 | /* Note that order matters here, we must call lease_init before |
| 262 | creating any file descriptors which shouldn't be leaked |
| 263 | to the lease-script init process. We need to call common_init |
Simon Kelley | 33702ab | 2015-12-28 23:17:15 +0000 | [diff] [blame] | 264 | before lease_init to allocate buffers it uses. |
Simon Kelley | 1e50512 | 2016-01-25 21:29:23 +0000 | [diff] [blame] | 265 | The script subsystem relies on DHCP buffers, hence the last two |
Simon Kelley | 33702ab | 2015-12-28 23:17:15 +0000 | [diff] [blame] | 266 | conditions below. */ |
| 267 | if (daemon->dhcp || daemon->doing_dhcp6 || daemon->relay4 || |
Simon Kelley | 1e50512 | 2016-01-25 21:29:23 +0000 | [diff] [blame] | 268 | daemon->relay6 || option_bool(OPT_TFTP) || option_bool(OPT_SCRIPT_ARP)) |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 269 | { |
| 270 | dhcp_common_init(); |
| 271 | if (daemon->dhcp || daemon->doing_dhcp6) |
| 272 | lease_init(now); |
| 273 | } |
| 274 | |
| 275 | if (daemon->dhcp || daemon->relay4) |
| 276 | dhcp_init(); |
| 277 | |
| 278 | # ifdef HAVE_DHCP6 |
Simon Kelley | 89500e3 | 2013-09-20 16:29:20 +0100 | [diff] [blame] | 279 | if (daemon->doing_ra || daemon->doing_dhcp6 || daemon->relay6) |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 280 | ra_init(now); |
| 281 | |
| 282 | if (daemon->doing_dhcp6 || daemon->relay6) |
| 283 | dhcp6_init(); |
| 284 | # endif |
Simon Kelley | 843c96b | 2012-02-27 17:42:38 +0000 | [diff] [blame] | 285 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 286 | #endif |
Simon Kelley | feba5c1 | 2004-07-27 20:28:58 +0100 | [diff] [blame] | 287 | |
Jason A. Donenfeld | 13d86c7 | 2013-02-22 18:20:53 +0000 | [diff] [blame] | 288 | #ifdef HAVE_IPSET |
| 289 | if (daemon->ipsets) |
| 290 | ipset_init(); |
| 291 | #endif |
| 292 | |
Simon Kelley | 1ee9be4 | 2013-12-09 16:50:19 +0000 | [diff] [blame] | 293 | #if defined(HAVE_LINUX_NETWORK) |
Simon Kelley | 801ca9a | 2012-03-06 19:30:17 +0000 | [diff] [blame] | 294 | netlink_init(); |
Simon Kelley | 1ee9be4 | 2013-12-09 16:50:19 +0000 | [diff] [blame] | 295 | #elif defined(HAVE_BSD_NETWORK) |
| 296 | route_init(); |
Simon Kelley | 801ca9a | 2012-03-06 19:30:17 +0000 | [diff] [blame] | 297 | #endif |
| 298 | |
Simon Kelley | 1ee9be4 | 2013-12-09 16:50:19 +0000 | [diff] [blame] | 299 | if (option_bool(OPT_NOWILD) && option_bool(OPT_CLEVERBIND)) |
| 300 | die(_("cannot set --bind-interfaces and --bind-dynamic"), NULL, EC_BADCONF); |
| 301 | |
Simon Kelley | 115ac3e | 2013-05-20 11:28:32 +0100 | [diff] [blame] | 302 | if (!enumerate_interfaces(1) || !enumerate_interfaces(0)) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 303 | die(_("failed to find list of interfaces: %s"), NULL, EC_MISC); |
Simon Kelley | 843c96b | 2012-02-27 17:42:38 +0000 | [diff] [blame] | 304 | |
Simon Kelley | 54dd393 | 2012-06-20 11:23:38 +0100 | [diff] [blame] | 305 | if (option_bool(OPT_NOWILD) || option_bool(OPT_CLEVERBIND)) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 306 | { |
Simon Kelley | 74c95c2 | 2011-10-19 09:33:39 +0100 | [diff] [blame] | 307 | create_bound_listeners(1); |
Simon Kelley | 54dd393 | 2012-06-20 11:23:38 +0100 | [diff] [blame] | 308 | |
| 309 | if (!option_bool(OPT_CLEVERBIND)) |
| 310 | for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next) |
| 311 | if (if_tmp->name && !if_tmp->used) |
| 312 | die(_("unknown interface %s"), if_tmp->name, EC_BADNET); |
Simon Kelley | 9380ba7 | 2012-04-16 14:41:56 +0100 | [diff] [blame] | 313 | |
| 314 | #if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP) |
| 315 | /* after enumerate_interfaces() */ |
Simon Kelley | 3b3f441 | 2013-10-11 16:33:28 +0100 | [diff] [blame] | 316 | bound_device = whichdevice(); |
| 317 | |
Simon Kelley | 9380ba7 | 2012-04-16 14:41:56 +0100 | [diff] [blame] | 318 | if (daemon->dhcp) |
| 319 | { |
Simon Kelley | 3b3f441 | 2013-10-11 16:33:28 +0100 | [diff] [blame] | 320 | if (!daemon->relay4 && bound_device) |
| 321 | { |
| 322 | bindtodevice(bound_device, daemon->dhcpfd); |
| 323 | did_bind = 1; |
| 324 | } |
| 325 | if (daemon->enable_pxe && bound_device) |
| 326 | { |
| 327 | bindtodevice(bound_device, daemon->pxefd); |
| 328 | did_bind = 1; |
| 329 | } |
Simon Kelley | 9380ba7 | 2012-04-16 14:41:56 +0100 | [diff] [blame] | 330 | } |
| 331 | #endif |
| 332 | |
| 333 | #if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP6) |
Simon Kelley | 3b3f441 | 2013-10-11 16:33:28 +0100 | [diff] [blame] | 334 | if (daemon->doing_dhcp6 && !daemon->relay6 && bound_device) |
| 335 | { |
| 336 | bindtodevice(bound_device, daemon->dhcp6fd); |
| 337 | did_bind = 1; |
| 338 | } |
Simon Kelley | 9380ba7 | 2012-04-16 14:41:56 +0100 | [diff] [blame] | 339 | #endif |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 340 | } |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 341 | else |
Simon Kelley | 74c95c2 | 2011-10-19 09:33:39 +0100 | [diff] [blame] | 342 | create_wildcard_listeners(); |
Simon Kelley | 5d162f2 | 2012-12-20 14:55:46 +0000 | [diff] [blame] | 343 | |
| 344 | #ifdef HAVE_DHCP6 |
| 345 | /* after enumerate_interfaces() */ |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 346 | if (daemon->doing_dhcp6 || daemon->relay6 || daemon->doing_ra) |
Simon Kelley | 5d162f2 | 2012-12-20 14:55:46 +0000 | [diff] [blame] | 347 | join_multicast(1); |
Simon Kelley | 3511a92 | 2013-11-07 10:28:11 +0000 | [diff] [blame] | 348 | |
| 349 | /* After netlink_init() and before create_helper() */ |
| 350 | lease_make_duid(now); |
Simon Kelley | 5d162f2 | 2012-12-20 14:55:46 +0000 | [diff] [blame] | 351 | #endif |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 352 | |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 353 | if (daemon->port != 0) |
Simon Kelley | 82e3f45 | 2014-01-31 21:05:48 +0000 | [diff] [blame] | 354 | { |
| 355 | cache_init(); |
Simon Kelley | 193de4a | 2014-12-10 17:32:16 +0000 | [diff] [blame] | 356 | |
Simon Kelley | 82e3f45 | 2014-01-31 21:05:48 +0000 | [diff] [blame] | 357 | #ifdef HAVE_DNSSEC |
| 358 | blockdata_init(); |
| 359 | #endif |
Simon Kelley | 5f4dc5c | 2015-01-20 20:51:02 +0000 | [diff] [blame] | 360 | } |
Simon Kelley | 193de4a | 2014-12-10 17:32:16 +0000 | [diff] [blame] | 361 | |
Simon Kelley | 0491805 | 2015-01-26 11:23:43 +0000 | [diff] [blame] | 362 | #ifdef HAVE_INOTIFY |
Petr MenÅ¡Ãk | 075366a | 2017-11-05 16:05:39 +0000 | [diff] [blame] | 363 | if ((daemon->port != 0 || daemon->dhcp || daemon->doing_dhcp6) |
| 364 | && (!option_bool(OPT_NO_RESOLV) || daemon->dynamic_dirs)) |
Simon Kelley | 5f4dc5c | 2015-01-20 20:51:02 +0000 | [diff] [blame] | 365 | inotify_dnsmasq_init(); |
| 366 | else |
| 367 | daemon->inotifyfd = -1; |
Simon Kelley | 193de4a | 2014-12-10 17:32:16 +0000 | [diff] [blame] | 368 | #endif |
Simon Kelley | 5f4dc5c | 2015-01-20 20:51:02 +0000 | [diff] [blame] | 369 | |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 370 | if (option_bool(OPT_DBUS)) |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 371 | #ifdef HAVE_DBUS |
| 372 | { |
| 373 | char *err; |
| 374 | daemon->dbus = NULL; |
| 375 | daemon->watches = NULL; |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 376 | if ((err = dbus_init())) |
| 377 | die(_("DBus error: %s"), err, EC_MISC); |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 378 | } |
| 379 | #else |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 380 | die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL, EC_BADCONF); |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 381 | #endif |
Stefan Tomanek | 7aa970e | 2015-04-01 17:55:07 +0100 | [diff] [blame] | 382 | |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 383 | if (daemon->port != 0) |
| 384 | pre_allocate_sfds(); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 385 | |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 386 | #if defined(HAVE_SCRIPT) |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 387 | /* Note getpwnam returns static storage */ |
Simon Kelley | 843c96b | 2012-02-27 17:42:38 +0000 | [diff] [blame] | 388 | if ((daemon->dhcp || daemon->dhcp6) && |
| 389 | daemon->scriptuser && |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 390 | (daemon->lease_change_command || daemon->luascript)) |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 391 | { |
Simon Kelley | 83e4b73 | 2018-02-06 16:57:15 +0000 | [diff] [blame] | 392 | struct passwd *scr_pw; |
| 393 | |
| 394 | if ((scr_pw = getpwnam(daemon->scriptuser))) |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 395 | { |
Simon Kelley | 83e4b73 | 2018-02-06 16:57:15 +0000 | [diff] [blame] | 396 | script_uid = scr_pw->pw_uid; |
| 397 | script_gid = scr_pw->pw_gid; |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 398 | } |
| 399 | else |
| 400 | baduser = daemon->scriptuser; |
| 401 | } |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 402 | #endif |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 403 | |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 404 | if (daemon->username && !(ent_pw = getpwnam(daemon->username))) |
| 405 | baduser = daemon->username; |
| 406 | else if (daemon->groupname && !(gp = getgrnam(daemon->groupname))) |
| 407 | baduser = daemon->groupname; |
| 408 | |
| 409 | if (baduser) |
| 410 | die(_("unknown user or group: %s"), baduser, EC_BADCONF); |
Simon Kelley | f6e62e2 | 2015-03-01 18:17:54 +0000 | [diff] [blame] | 411 | |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 412 | /* implement group defaults, "dip" if available, or group associated with uid */ |
| 413 | if (!daemon->group_set && !gp) |
| 414 | { |
| 415 | if (!(gp = getgrnam(CHGRP)) && ent_pw) |
| 416 | gp = getgrgid(ent_pw->pw_gid); |
| 417 | |
| 418 | /* for error message */ |
| 419 | if (gp) |
| 420 | daemon->groupname = gp->gr_name; |
| 421 | } |
| 422 | |
| 423 | #if defined(HAVE_LINUX_NETWORK) |
| 424 | /* determine capability API version here, while we can still |
| 425 | call safe_malloc */ |
| 426 | if (ent_pw && ent_pw->pw_uid != 0) |
| 427 | { |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 428 | int capsize = 1; /* for header version 1 */ |
Simon Kelley | 3927da4 | 2008-07-20 15:10:39 +0100 | [diff] [blame] | 429 | hdr = safe_malloc(sizeof(*hdr)); |
| 430 | |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 431 | /* find version supported by kernel */ |
| 432 | memset(hdr, 0, sizeof(*hdr)); |
| 433 | capget(hdr, NULL); |
| 434 | |
| 435 | if (hdr->version != LINUX_CAPABILITY_VERSION_1) |
| 436 | { |
| 437 | /* if unknown version, use largest supported version (3) */ |
| 438 | if (hdr->version != LINUX_CAPABILITY_VERSION_2) |
| 439 | hdr->version = LINUX_CAPABILITY_VERSION_3; |
| 440 | capsize = 2; |
| 441 | } |
| 442 | |
| 443 | data = safe_malloc(sizeof(*data) * capsize); |
| 444 | memset(data, 0, sizeof(*data) * capsize); |
| 445 | } |
| 446 | #endif |
| 447 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 448 | /* Use a pipe to carry signals and other events back to the event loop |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 449 | in a race-free manner and another to carry errors to daemon-invoking process */ |
| 450 | safe_pipe(pipefd, 1); |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 451 | |
| 452 | piperead = pipefd[0]; |
| 453 | pipewrite = pipefd[1]; |
| 454 | /* prime the pipe to load stuff first time. */ |
Simon Kelley | e98bd52 | 2014-03-28 20:41:23 +0000 | [diff] [blame] | 455 | send_event(pipewrite, EVENT_INIT, 0, NULL); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 456 | |
| 457 | err_pipe[1] = -1; |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 458 | |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 459 | if (!option_bool(OPT_DEBUG)) |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 460 | { |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 461 | /* The following code "daemonizes" the process. |
| 462 | See Stevens section 12.4 */ |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 463 | |
Simon Kelley | 9e03894 | 2008-05-30 20:06:34 +0100 | [diff] [blame] | 464 | if (chdir("/") != 0) |
| 465 | die(_("cannot chdir to filesystem root: %s"), NULL, EC_MISC); |
| 466 | |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 467 | #ifndef NO_FORK |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 468 | if (!option_bool(OPT_NO_FORK)) |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 469 | { |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 470 | pid_t pid; |
| 471 | |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 472 | /* pipe to carry errors back to original process. |
| 473 | When startup is complete we close this and the process terminates. */ |
| 474 | safe_pipe(err_pipe, 0); |
| 475 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 476 | if ((pid = fork()) == -1) |
| 477 | /* fd == -1 since we've not forked, never returns. */ |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 478 | send_event(-1, EVENT_FORK_ERR, errno, NULL); |
Simon Kelley | 9e03894 | 2008-05-30 20:06:34 +0100 | [diff] [blame] | 479 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 480 | if (pid != 0) |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 481 | { |
| 482 | struct event_desc ev; |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 483 | char *msg; |
| 484 | |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 485 | /* close our copy of write-end */ |
Simon Kelley | ff841eb | 2015-03-11 21:36:30 +0000 | [diff] [blame] | 486 | while (retry_send(close(err_pipe[1]))); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 487 | |
| 488 | /* check for errors after the fork */ |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 489 | if (read_event(err_pipe[0], &ev, &msg)) |
| 490 | fatal_event(&ev, msg); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 491 | |
| 492 | _exit(EC_GOOD); |
| 493 | } |
| 494 | |
Simon Kelley | ff841eb | 2015-03-11 21:36:30 +0000 | [diff] [blame] | 495 | while (retry_send(close(err_pipe[0]))); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 496 | |
| 497 | /* NO calls to die() from here on. */ |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 498 | |
| 499 | setsid(); |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 500 | |
| 501 | if ((pid = fork()) == -1) |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 502 | send_event(err_pipe[1], EVENT_FORK_ERR, errno, NULL); |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 503 | |
| 504 | if (pid != 0) |
Simon Kelley | 7cebd20 | 2006-05-06 14:13:33 +0100 | [diff] [blame] | 505 | _exit(0); |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 506 | } |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 507 | #endif |
Simon Kelley | 9e03894 | 2008-05-30 20:06:34 +0100 | [diff] [blame] | 508 | |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 509 | /* write pidfile _after_ forking ! */ |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 510 | if (daemon->runfile) |
| 511 | { |
Simon Kelley | 79cfefd | 2012-09-02 13:29:51 +0100 | [diff] [blame] | 512 | int fd, err = 0; |
| 513 | |
| 514 | sprintf(daemon->namebuff, "%d\n", (int) getpid()); |
| 515 | |
| 516 | /* Explanation: Some installations of dnsmasq (eg Debian/Ubuntu) locate the pid-file |
| 517 | in a directory which is writable by the non-privileged user that dnsmasq runs as. This |
| 518 | allows the daemon to delete the file as part of its shutdown. This is a security hole to the |
| 519 | extent that an attacker running as the unprivileged user could replace the pidfile with a |
| 520 | symlink, and have the target of that symlink overwritten as root next time dnsmasq starts. |
| 521 | |
Josh Soref | 730c674 | 2017-02-06 16:14:04 +0000 | [diff] [blame] | 522 | The following code first deletes any existing file, and then opens it with the O_EXCL flag, |
Simon Kelley | 79cfefd | 2012-09-02 13:29:51 +0100 | [diff] [blame] | 523 | ensuring that the open() fails should there be any existing file (because the unlink() failed, |
| 524 | or an attacker exploited the race between unlink() and open()). This ensures that no symlink |
| 525 | attack can succeed. |
| 526 | |
| 527 | Any compromise of the non-privileged user still theoretically allows the pid-file to be |
| 528 | replaced whilst dnsmasq is running. The worst that could allow is that the usual |
| 529 | "shutdown dnsmasq" shell command could be tricked into stopping any other process. |
| 530 | |
| 531 | Note that if dnsmasq is started as non-root (eg for testing) it silently ignores |
| 532 | failure to write the pid-file. |
| 533 | */ |
| 534 | |
| 535 | unlink(daemon->runfile); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 536 | |
Simon Kelley | 79cfefd | 2012-09-02 13:29:51 +0100 | [diff] [blame] | 537 | if ((fd = open(daemon->runfile, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH)) == -1) |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 538 | { |
Simon Kelley | 79cfefd | 2012-09-02 13:29:51 +0100 | [diff] [blame] | 539 | /* only complain if started as root */ |
| 540 | if (getuid() == 0) |
| 541 | err = 1; |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 542 | } |
Simon Kelley | 79cfefd | 2012-09-02 13:29:51 +0100 | [diff] [blame] | 543 | else |
| 544 | { |
Simon Kelley | 246a31c | 2018-02-06 17:27:55 +0000 | [diff] [blame] | 545 | /* We're still running as root here. Change the ownership of the PID file |
| 546 | to the user we will be running as. Note that this is not to allow |
| 547 | us to delete the file, since that depends on the permissions |
| 548 | of the directory containing the file. That directory will |
| 549 | need to by owned by the dnsmasq user, and the ownership of the |
| 550 | file has to match, to keep systemd >273 happy. */ |
Simon Kelley | 6b54d69 | 2018-02-08 21:23:05 +0000 | [diff] [blame] | 551 | if (getuid() == 0 && ent_pw && ent_pw->pw_uid != 0 && fchown(fd, ent_pw->pw_uid, ent_pw->pw_gid) == -1) |
| 552 | chown_warn = errno; |
| 553 | |
| 554 | if (!read_write(fd, (unsigned char *)daemon->namebuff, strlen(daemon->namebuff), 0)) |
Simon Kelley | 79cfefd | 2012-09-02 13:29:51 +0100 | [diff] [blame] | 555 | err = 1; |
Simon Kelley | 83e4b73 | 2018-02-06 16:57:15 +0000 | [diff] [blame] | 556 | else |
Simon Kelley | ff841eb | 2015-03-11 21:36:30 +0000 | [diff] [blame] | 557 | { |
| 558 | while (retry_send(close(fd))); |
| 559 | if (errno != 0) |
| 560 | err = 1; |
| 561 | } |
Simon Kelley | 79cfefd | 2012-09-02 13:29:51 +0100 | [diff] [blame] | 562 | } |
| 563 | |
| 564 | if (err) |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 565 | { |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 566 | send_event(err_pipe[1], EVENT_PIDFILE, errno, daemon->runfile); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 567 | _exit(0); |
| 568 | } |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 569 | } |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 570 | } |
| 571 | |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 572 | log_err = log_start(ent_pw, err_pipe[1]); |
| 573 | |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 574 | if (!option_bool(OPT_DEBUG)) |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 575 | { |
| 576 | /* open stdout etc to /dev/null */ |
| 577 | int nullfd = open("/dev/null", O_RDWR); |
Simon Kelley | f7cf749 | 2016-03-01 16:19:23 +0000 | [diff] [blame] | 578 | if (nullfd != -1) |
| 579 | { |
| 580 | dup2(nullfd, STDOUT_FILENO); |
| 581 | dup2(nullfd, STDERR_FILENO); |
| 582 | dup2(nullfd, STDIN_FILENO); |
| 583 | close(nullfd); |
| 584 | } |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 585 | } |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 586 | |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 587 | /* if we are to run scripts, we need to fork a helper before dropping root. */ |
| 588 | daemon->helperfd = -1; |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 589 | #ifdef HAVE_SCRIPT |
Simon Kelley | 1e50512 | 2016-01-25 21:29:23 +0000 | [diff] [blame] | 590 | if ((daemon->dhcp || daemon->dhcp6 || option_bool(OPT_TFTP) || option_bool(OPT_SCRIPT_ARP)) && |
Simon Kelley | 33702ab | 2015-12-28 23:17:15 +0000 | [diff] [blame] | 591 | (daemon->lease_change_command || daemon->luascript)) |
| 592 | daemon->helperfd = create_helper(pipewrite, err_pipe[1], script_uid, script_gid, max_fd); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 593 | #endif |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 594 | |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 595 | if (!option_bool(OPT_DEBUG) && getuid() == 0) |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 596 | { |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 597 | int bad_capabilities = 0; |
| 598 | gid_t dummy; |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 599 | |
Josh Soref | 730c674 | 2017-02-06 16:14:04 +0000 | [diff] [blame] | 600 | /* remove all supplementary groups */ |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 601 | if (gp && |
| 602 | (setgroups(0, &dummy) == -1 || |
| 603 | setgid(gp->gr_gid) == -1)) |
| 604 | { |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 605 | send_event(err_pipe[1], EVENT_GROUP_ERR, errno, daemon->groupname); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 606 | _exit(0); |
| 607 | } |
| 608 | |
Simon Kelley | 7cebd20 | 2006-05-06 14:13:33 +0100 | [diff] [blame] | 609 | if (ent_pw && ent_pw->pw_uid != 0) |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 610 | { |
Simon Kelley | 74c95c2 | 2011-10-19 09:33:39 +0100 | [diff] [blame] | 611 | #if defined(HAVE_LINUX_NETWORK) |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 612 | /* On linux, we keep CAP_NETADMIN (for ARP-injection) and |
Simon Kelley | 74c95c2 | 2011-10-19 09:33:39 +0100 | [diff] [blame] | 613 | CAP_NET_RAW (for icmp) if we're doing dhcp. If we have yet to bind |
Simon Kelley | 54dd393 | 2012-06-20 11:23:38 +0100 | [diff] [blame] | 614 | ports because of DAD, or we're doing it dynamically, |
| 615 | we need CAP_NET_BIND_SERVICE too. */ |
| 616 | if (is_dad_listeners() || option_bool(OPT_CLEVERBIND)) |
Simon Kelley | 74c95c2 | 2011-10-19 09:33:39 +0100 | [diff] [blame] | 617 | data->effective = data->permitted = data->inheritable = |
| 618 | (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | |
| 619 | (1 << CAP_SETUID) | (1 << CAP_NET_BIND_SERVICE); |
| 620 | else |
| 621 | data->effective = data->permitted = data->inheritable = |
| 622 | (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID); |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 623 | |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 624 | /* Tell kernel to not clear capabilities when dropping root */ |
Simon Kelley | 572b41e | 2011-02-18 18:11:18 +0000 | [diff] [blame] | 625 | if (capset(hdr, data) == -1 || prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1) |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 626 | bad_capabilities = errno; |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 627 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 628 | #elif defined(HAVE_SOLARIS_NETWORK) |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 629 | /* http://developers.sun.com/solaris/articles/program_privileges.html */ |
| 630 | priv_set_t *priv_set; |
| 631 | |
| 632 | if (!(priv_set = priv_str_to_set("basic", ",", NULL)) || |
| 633 | priv_addset(priv_set, PRIV_NET_ICMPACCESS) == -1 || |
| 634 | priv_addset(priv_set, PRIV_SYS_NET_CONFIG) == -1) |
| 635 | bad_capabilities = errno; |
| 636 | |
| 637 | if (priv_set && bad_capabilities == 0) |
| 638 | { |
| 639 | priv_inverse(priv_set); |
| 640 | |
| 641 | if (setppriv(PRIV_OFF, PRIV_LIMIT, priv_set) == -1) |
| 642 | bad_capabilities = errno; |
| 643 | } |
| 644 | |
| 645 | if (priv_set) |
| 646 | priv_freeset(priv_set); |
| 647 | |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 648 | #endif |
| 649 | |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 650 | if (bad_capabilities != 0) |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 651 | { |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 652 | send_event(err_pipe[1], EVENT_CAP_ERR, bad_capabilities, NULL); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 653 | _exit(0); |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 654 | } |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 655 | |
| 656 | /* finally drop root */ |
| 657 | if (setuid(ent_pw->pw_uid) == -1) |
| 658 | { |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 659 | send_event(err_pipe[1], EVENT_USER_ERR, errno, daemon->username); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 660 | _exit(0); |
| 661 | } |
| 662 | |
| 663 | #ifdef HAVE_LINUX_NETWORK |
Simon Kelley | 54dd393 | 2012-06-20 11:23:38 +0100 | [diff] [blame] | 664 | if (is_dad_listeners() || option_bool(OPT_CLEVERBIND)) |
Simon Kelley | 74c95c2 | 2011-10-19 09:33:39 +0100 | [diff] [blame] | 665 | data->effective = data->permitted = |
| 666 | (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_NET_BIND_SERVICE); |
| 667 | else |
| 668 | data->effective = data->permitted = |
| 669 | (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 670 | data->inheritable = 0; |
| 671 | |
Josh Soref | 730c674 | 2017-02-06 16:14:04 +0000 | [diff] [blame] | 672 | /* lose the setuid and setgid capabilities */ |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 673 | if (capset(hdr, data) == -1) |
| 674 | { |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 675 | send_event(err_pipe[1], EVENT_CAP_ERR, errno, NULL); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 676 | _exit(0); |
| 677 | } |
| 678 | #endif |
| 679 | |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 680 | } |
Simon Kelley | 849a835 | 2006-06-09 21:02:31 +0100 | [diff] [blame] | 681 | } |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 682 | |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 683 | #ifdef HAVE_LINUX_NETWORK |
Chen Wei | 28b879a | 2015-02-17 22:07:35 +0000 | [diff] [blame] | 684 | free(hdr); |
| 685 | free(data); |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 686 | if (option_bool(OPT_DEBUG)) |
Simon Kelley | 572b41e | 2011-02-18 18:11:18 +0000 | [diff] [blame] | 687 | prctl(PR_SET_DUMPABLE, 1, 0, 0, 0); |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 688 | #endif |
Simon Kelley | 849a835 | 2006-06-09 21:02:31 +0100 | [diff] [blame] | 689 | |
Simon Kelley | 8b3ae2f | 2012-06-13 13:43:49 +0100 | [diff] [blame] | 690 | #ifdef HAVE_TFTP |
Stefan Tomanek | 30d0879 | 2015-03-31 22:32:11 +0100 | [diff] [blame] | 691 | if (option_bool(OPT_TFTP)) |
Simon Kelley | 8b3ae2f | 2012-06-13 13:43:49 +0100 | [diff] [blame] | 692 | { |
| 693 | DIR *dir; |
| 694 | struct tftp_prefix *p; |
| 695 | |
| 696 | if (daemon->tftp_prefix) |
| 697 | { |
| 698 | if (!((dir = opendir(daemon->tftp_prefix)))) |
| 699 | { |
Stefan Tomanek | 30d0879 | 2015-03-31 22:32:11 +0100 | [diff] [blame] | 700 | tftp_prefix_missing = 1; |
| 701 | if (!option_bool(OPT_TFTP_NO_FAIL)) |
| 702 | { |
| 703 | send_event(err_pipe[1], EVENT_TFTP_ERR, errno, daemon->tftp_prefix); |
| 704 | _exit(0); |
| 705 | } |
Simon Kelley | 8b3ae2f | 2012-06-13 13:43:49 +0100 | [diff] [blame] | 706 | } |
Stefan Tomanek | b4c0f09 | 2015-04-16 15:20:59 +0100 | [diff] [blame] | 707 | else |
| 708 | closedir(dir); |
Simon Kelley | 8b3ae2f | 2012-06-13 13:43:49 +0100 | [diff] [blame] | 709 | } |
Stefan Tomanek | 7aa970e | 2015-04-01 17:55:07 +0100 | [diff] [blame] | 710 | |
Simon Kelley | 8b3ae2f | 2012-06-13 13:43:49 +0100 | [diff] [blame] | 711 | for (p = daemon->if_prefix; p; p = p->next) |
| 712 | { |
Stefan Tomanek | 30d0879 | 2015-03-31 22:32:11 +0100 | [diff] [blame] | 713 | p->missing = 0; |
Simon Kelley | 8b3ae2f | 2012-06-13 13:43:49 +0100 | [diff] [blame] | 714 | if (!((dir = opendir(p->prefix)))) |
Stefan Tomanek | 30d0879 | 2015-03-31 22:32:11 +0100 | [diff] [blame] | 715 | { |
| 716 | p->missing = 1; |
| 717 | if (!option_bool(OPT_TFTP_NO_FAIL)) |
| 718 | { |
| 719 | send_event(err_pipe[1], EVENT_TFTP_ERR, errno, p->prefix); |
| 720 | _exit(0); |
| 721 | } |
Stefan Tomanek | 7aa970e | 2015-04-01 17:55:07 +0100 | [diff] [blame] | 722 | } |
Stefan Tomanek | b4c0f09 | 2015-04-16 15:20:59 +0100 | [diff] [blame] | 723 | else |
| 724 | closedir(dir); |
Simon Kelley | 8b3ae2f | 2012-06-13 13:43:49 +0100 | [diff] [blame] | 725 | } |
| 726 | } |
| 727 | #endif |
Stefan Tomanek | 7aa970e | 2015-04-01 17:55:07 +0100 | [diff] [blame] | 728 | |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 729 | if (daemon->port == 0) |
| 730 | my_syslog(LOG_INFO, _("started, version %s DNS disabled"), VERSION); |
Simon Kelley | 0ef1334 | 2017-01-15 16:42:39 +0000 | [diff] [blame] | 731 | else |
| 732 | { |
| 733 | if (daemon->cachesize != 0) |
| 734 | my_syslog(LOG_INFO, _("started, version %s cachesize %d"), VERSION, daemon->cachesize); |
| 735 | else |
| 736 | my_syslog(LOG_INFO, _("started, version %s cache disabled"), VERSION); |
| 737 | |
| 738 | if (option_bool(OPT_LOCAL_SERVICE)) |
| 739 | my_syslog(LOG_INFO, _("DNS service limited to local subnets")); |
| 740 | } |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 741 | |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 742 | my_syslog(LOG_INFO, _("compile time options: %s"), compile_opts); |
Simon Kelley | 6b54d69 | 2018-02-08 21:23:05 +0000 | [diff] [blame] | 743 | |
| 744 | if (chown_warn != 0) |
| 745 | my_syslog(LOG_WARNING, "chown of PID file %s failed: %s", daemon->runfile, strerror(chown_warn)); |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 746 | |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 747 | #ifdef HAVE_DBUS |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 748 | if (option_bool(OPT_DBUS)) |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 749 | { |
| 750 | if (daemon->dbus) |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 751 | my_syslog(LOG_INFO, _("DBus support enabled: connected to system bus")); |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 752 | else |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 753 | my_syslog(LOG_INFO, _("DBus support enabled: bus connection pending")); |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 754 | } |
| 755 | #endif |
Simon Kelley | 1a9a348 | 2014-03-05 15:01:08 +0000 | [diff] [blame] | 756 | |
Simon Kelley | 1d97ac4 | 2014-01-31 11:12:27 +0000 | [diff] [blame] | 757 | #ifdef HAVE_DNSSEC |
Simon Kelley | db73746 | 2014-01-31 10:32:45 +0000 | [diff] [blame] | 758 | if (option_bool(OPT_DNSSEC_VALID)) |
Simon Kelley | e98bd52 | 2014-03-28 20:41:23 +0000 | [diff] [blame] | 759 | { |
Simon Kelley | 360f251 | 2015-03-07 18:28:06 +0000 | [diff] [blame] | 760 | int rc; |
| 761 | |
| 762 | /* Delay creating the timestamp file until here, after we've changed user, so that |
| 763 | it has the correct owner to allow updating the mtime later. |
| 764 | This means we have to report fatal errors via the pipe. */ |
| 765 | if ((rc = setup_timestamp()) == -1) |
| 766 | { |
| 767 | send_event(err_pipe[1], EVENT_TIME_ERR, errno, daemon->timestamp_file); |
| 768 | _exit(0); |
| 769 | } |
| 770 | |
Simon Kelley | e98bd52 | 2014-03-28 20:41:23 +0000 | [diff] [blame] | 771 | my_syslog(LOG_INFO, _("DNSSEC validation enabled")); |
Simon Kelley | 360f251 | 2015-03-07 18:28:06 +0000 | [diff] [blame] | 772 | |
Kevin Darbyshire-Bryant | 06093a9 | 2016-07-11 21:03:27 +0100 | [diff] [blame] | 773 | daemon->dnssec_no_time_check = option_bool(OPT_DNSSEC_TIME); |
| 774 | if (option_bool(OPT_DNSSEC_TIME) && !daemon->back_to_the_future) |
Simon Kelley | 3c973ad | 2018-01-14 21:05:37 +0000 | [diff] [blame] | 775 | my_syslog(LOG_INFO, _("DNSSEC signature timestamps not checked until receipt of SIGINT")); |
Simon Kelley | 360f251 | 2015-03-07 18:28:06 +0000 | [diff] [blame] | 776 | |
| 777 | if (rc == 1) |
Simon Kelley | f6e62e2 | 2015-03-01 18:17:54 +0000 | [diff] [blame] | 778 | my_syslog(LOG_INFO, _("DNSSEC signature timestamps not checked until system time valid")); |
Simon Kelley | e98bd52 | 2014-03-28 20:41:23 +0000 | [diff] [blame] | 779 | } |
Simon Kelley | db73746 | 2014-01-31 10:32:45 +0000 | [diff] [blame] | 780 | #endif |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 781 | |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 782 | if (log_err != 0) |
| 783 | my_syslog(LOG_WARNING, _("warning: failed to change owner of %s: %s"), |
| 784 | daemon->log_file, strerror(log_err)); |
Simon Kelley | db73746 | 2014-01-31 10:32:45 +0000 | [diff] [blame] | 785 | |
Simon Kelley | de37951 | 2004-06-22 20:23:33 +0100 | [diff] [blame] | 786 | if (bind_fallback) |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 787 | my_syslog(LOG_WARNING, _("setting --bind-interfaces option because of OS limitations")); |
Simon Kelley | dc27e14 | 2013-10-16 13:09:53 +0100 | [diff] [blame] | 788 | |
Simon Kelley | f7029f5 | 2013-11-21 15:09:09 +0000 | [diff] [blame] | 789 | if (option_bool(OPT_NOWILD)) |
| 790 | warn_bound_listeners(); |
Petr MenÅ¡Ãk | ad59f27 | 2017-03-17 17:22:19 +0000 | [diff] [blame] | 791 | else if (!option_bool(OPT_CLEVERBIND)) |
| 792 | warn_wild_labels(); |
Simon Kelley | f7029f5 | 2013-11-21 15:09:09 +0000 | [diff] [blame] | 793 | |
| 794 | warn_int_names(); |
Simon Kelley | de37951 | 2004-06-22 20:23:33 +0100 | [diff] [blame] | 795 | |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 796 | if (!option_bool(OPT_NOWILD)) |
Simon Kelley | 26128d2 | 2004-11-14 16:43:54 +0000 | [diff] [blame] | 797 | for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next) |
| 798 | if (if_tmp->name && !if_tmp->used) |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 799 | my_syslog(LOG_WARNING, _("warning: interface %s does not currently exist"), if_tmp->name); |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 800 | |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 801 | if (daemon->port != 0 && option_bool(OPT_NO_RESOLV)) |
Simon Kelley | 208b65c | 2006-08-05 21:41:37 +0100 | [diff] [blame] | 802 | { |
| 803 | if (daemon->resolv_files && !daemon->resolv_files->is_default) |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 804 | my_syslog(LOG_WARNING, _("warning: ignoring resolv-file flag because no-resolv is set")); |
Simon Kelley | 208b65c | 2006-08-05 21:41:37 +0100 | [diff] [blame] | 805 | daemon->resolv_files = NULL; |
Simon Kelley | 1b7ecd1 | 2007-02-05 14:57:57 +0000 | [diff] [blame] | 806 | if (!daemon->servers) |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 807 | my_syslog(LOG_WARNING, _("warning: no upstream servers configured")); |
Simon Kelley | 208b65c | 2006-08-05 21:41:37 +0100 | [diff] [blame] | 808 | } |
| 809 | |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 810 | if (daemon->max_logs != 0) |
| 811 | my_syslog(LOG_INFO, _("asynchronous logging enabled, queue limit is %d messages"), daemon->max_logs); |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 812 | |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 813 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 814 | #ifdef HAVE_DHCP |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 815 | for (context = daemon->dhcp; context; context = context->next) |
| 816 | log_context(AF_INET, context); |
Simon Kelley | c825754 | 2012-03-28 21:15:41 +0100 | [diff] [blame] | 817 | |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 818 | for (relay = daemon->relay4; relay; relay = relay->next) |
| 819 | log_relay(AF_INET, relay); |
| 820 | |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 821 | # ifdef HAVE_DHCP6 |
| 822 | for (context = daemon->dhcp6; context; context = context->next) |
| 823 | log_context(AF_INET6, context); |
Simon Kelley | 52b92f4 | 2012-01-22 16:05:15 +0000 | [diff] [blame] | 824 | |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 825 | for (relay = daemon->relay6; relay; relay = relay->next) |
| 826 | log_relay(AF_INET6, relay); |
| 827 | |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 828 | if (daemon->doing_dhcp6 || daemon->doing_ra) |
| 829 | dhcp_construct_contexts(now); |
| 830 | |
| 831 | if (option_bool(OPT_RA)) |
| 832 | my_syslog(MS_DHCP | LOG_INFO, _("IPv6 router advertisement enabled")); |
| 833 | # endif |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 834 | |
Simon Kelley | 3b3f441 | 2013-10-11 16:33:28 +0100 | [diff] [blame] | 835 | # ifdef HAVE_LINUX_NETWORK |
| 836 | if (did_bind) |
| 837 | my_syslog(MS_DHCP | LOG_INFO, _("DHCP, sockets bound exclusively to interface %s"), bound_device); |
| 838 | # endif |
| 839 | |
Josh Soref | 730c674 | 2017-02-06 16:14:04 +0000 | [diff] [blame] | 840 | /* after dhcp_construct_contexts */ |
Simon Kelley | 8445f5d | 2012-12-17 21:54:08 +0000 | [diff] [blame] | 841 | if (daemon->dhcp || daemon->doing_dhcp6) |
| 842 | lease_find_interfaces(now); |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 843 | #endif |
Simon Kelley | 52b92f4 | 2012-01-22 16:05:15 +0000 | [diff] [blame] | 844 | |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 845 | #ifdef HAVE_TFTP |
Simon Kelley | 5f4dc5c | 2015-01-20 20:51:02 +0000 | [diff] [blame] | 846 | if (option_bool(OPT_TFTP)) |
Stefan Tomanek | 7aa970e | 2015-04-01 17:55:07 +0100 | [diff] [blame] | 847 | { |
Stefan Tomanek | 30d0879 | 2015-03-31 22:32:11 +0100 | [diff] [blame] | 848 | struct tftp_prefix *p; |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 849 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 850 | my_syslog(MS_TFTP | LOG_INFO, "TFTP %s%s %s", |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 851 | daemon->tftp_prefix ? _("root is ") : _("enabled"), |
| 852 | daemon->tftp_prefix ? daemon->tftp_prefix: "", |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 853 | option_bool(OPT_TFTP_SECURE) ? _("secure mode") : ""); |
Stefan Tomanek | 7aa970e | 2015-04-01 17:55:07 +0100 | [diff] [blame] | 854 | |
Stefan Tomanek | 30d0879 | 2015-03-31 22:32:11 +0100 | [diff] [blame] | 855 | if (tftp_prefix_missing) |
| 856 | my_syslog(MS_TFTP | LOG_WARNING, _("warning: %s inaccessible"), daemon->tftp_prefix); |
Stefan Tomanek | 7aa970e | 2015-04-01 17:55:07 +0100 | [diff] [blame] | 857 | |
Stefan Tomanek | 30d0879 | 2015-03-31 22:32:11 +0100 | [diff] [blame] | 858 | for (p = daemon->if_prefix; p; p = p->next) |
| 859 | if (p->missing) |
| 860 | my_syslog(MS_TFTP | LOG_WARNING, _("warning: TFTP directory %s inaccessible"), p->prefix); |
| 861 | |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 862 | /* This is a guess, it assumes that for small limits, |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 863 | disjoint files might be served, but for large limits, |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 864 | a single file will be sent to may clients (the file only needs |
| 865 | one fd). */ |
| 866 | |
| 867 | max_fd -= 30; /* use other than TFTP */ |
| 868 | |
| 869 | if (max_fd < 0) |
| 870 | max_fd = 5; |
| 871 | else if (max_fd < 100) |
| 872 | max_fd = max_fd/2; |
| 873 | else |
| 874 | max_fd = max_fd - 20; |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 875 | |
| 876 | /* if we have to use a limited range of ports, |
| 877 | that will limit the number of transfers */ |
| 878 | if (daemon->start_tftp_port != 0 && |
| 879 | daemon->end_tftp_port - daemon->start_tftp_port + 1 < max_fd) |
| 880 | max_fd = daemon->end_tftp_port - daemon->start_tftp_port + 1; |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 881 | |
| 882 | if (daemon->tftp_max > max_fd) |
| 883 | { |
| 884 | daemon->tftp_max = max_fd; |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 885 | my_syslog(MS_TFTP | LOG_WARNING, |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 886 | _("restricting maximum simultaneous TFTP transfers to %d"), |
| 887 | daemon->tftp_max); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 888 | } |
| 889 | } |
| 890 | #endif |
| 891 | |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 892 | /* finished start-up - release original process */ |
| 893 | if (err_pipe[1] != -1) |
Simon Kelley | ff841eb | 2015-03-11 21:36:30 +0000 | [diff] [blame] | 894 | while (retry_send(close(err_pipe[1]))); |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 895 | |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 896 | if (daemon->port != 0) |
| 897 | check_servers(); |
| 898 | |
Simon Kelley | 7cebd20 | 2006-05-06 14:13:33 +0100 | [diff] [blame] | 899 | pid = getpid(); |
| 900 | |
Simon Kelley | 0491805 | 2015-01-26 11:23:43 +0000 | [diff] [blame] | 901 | #ifdef HAVE_INOTIFY |
Simon Kelley | 193de4a | 2014-12-10 17:32:16 +0000 | [diff] [blame] | 902 | /* Using inotify, have to select a resolv file at startup */ |
| 903 | poll_resolv(1, 0, now); |
| 904 | #endif |
| 905 | |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 906 | while (1) |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 907 | { |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 908 | int t, timeout = -1; |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 909 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 910 | poll_reset(); |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 911 | |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 912 | /* if we are out of resources, find how long we have to wait |
| 913 | for some to come free, we'll loop around then and restart |
| 914 | listening for queries */ |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 915 | if ((t = set_dns_listeners(now)) != 0) |
| 916 | timeout = t * 1000; |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 917 | |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 918 | /* Whilst polling for the dbus, or doing a tftp transfer, wake every quarter second */ |
| 919 | if (daemon->tftp_trans || |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 920 | (option_bool(OPT_DBUS) && !daemon->dbus)) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 921 | timeout = 250; |
| 922 | |
Simon Kelley | 74c95c2 | 2011-10-19 09:33:39 +0100 | [diff] [blame] | 923 | /* Wake every second whilst waiting for DAD to complete */ |
| 924 | else if (is_dad_listeners()) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 925 | timeout = 1000; |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 926 | |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 927 | #ifdef HAVE_DBUS |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 928 | set_dbus_listeners(); |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 929 | #endif |
| 930 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 931 | #ifdef HAVE_DHCP |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 932 | if (daemon->dhcp || daemon->relay4) |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 933 | { |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 934 | poll_listen(daemon->dhcpfd, POLLIN); |
Simon Kelley | 316e273 | 2010-01-22 20:16:09 +0000 | [diff] [blame] | 935 | if (daemon->pxefd != -1) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 936 | poll_listen(daemon->pxefd, POLLIN); |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 937 | } |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 938 | #endif |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 939 | |
Simon Kelley | 52b92f4 | 2012-01-22 16:05:15 +0000 | [diff] [blame] | 940 | #ifdef HAVE_DHCP6 |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 941 | if (daemon->doing_dhcp6 || daemon->relay6) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 942 | poll_listen(daemon->dhcp6fd, POLLIN); |
Simon Kelley | f6d6956 | 2015-07-08 22:38:13 +0100 | [diff] [blame] | 943 | |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 944 | if (daemon->doing_ra) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 945 | poll_listen(daemon->icmp6fd, POLLIN); |
Simon Kelley | 52b92f4 | 2012-01-22 16:05:15 +0000 | [diff] [blame] | 946 | #endif |
Simon Kelley | 0491805 | 2015-01-26 11:23:43 +0000 | [diff] [blame] | 947 | |
| 948 | #ifdef HAVE_INOTIFY |
Simon Kelley | 5f4dc5c | 2015-01-20 20:51:02 +0000 | [diff] [blame] | 949 | if (daemon->inotifyfd != -1) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 950 | poll_listen(daemon->inotifyfd, POLLIN); |
Simon Kelley | 0491805 | 2015-01-26 11:23:43 +0000 | [diff] [blame] | 951 | #endif |
| 952 | |
| 953 | #if defined(HAVE_LINUX_NETWORK) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 954 | poll_listen(daemon->netlinkfd, POLLIN); |
Simon Kelley | 1ee9be4 | 2013-12-09 16:50:19 +0000 | [diff] [blame] | 955 | #elif defined(HAVE_BSD_NETWORK) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 956 | poll_listen(daemon->routefd, POLLIN); |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 957 | #endif |
Simon Kelley | 193de4a | 2014-12-10 17:32:16 +0000 | [diff] [blame] | 958 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 959 | poll_listen(piperead, POLLIN); |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 960 | |
Simon Kelley | 33702ab | 2015-12-28 23:17:15 +0000 | [diff] [blame] | 961 | #ifdef HAVE_SCRIPT |
Simon Kelley | 53a9173 | 2016-01-06 17:59:13 +0000 | [diff] [blame] | 962 | # ifdef HAVE_DHCP |
Simon Kelley | 33702ab | 2015-12-28 23:17:15 +0000 | [diff] [blame] | 963 | while (helper_buf_empty() && do_script_run(now)); |
Simon Kelley | 53a9173 | 2016-01-06 17:59:13 +0000 | [diff] [blame] | 964 | # endif |
| 965 | |
Simon Kelley | 1e50512 | 2016-01-25 21:29:23 +0000 | [diff] [blame] | 966 | /* Refresh cache */ |
| 967 | if (option_bool(OPT_SCRIPT_ARP)) |
| 968 | find_mac(NULL, NULL, 0, now); |
Simon Kelley | 33702ab | 2015-12-28 23:17:15 +0000 | [diff] [blame] | 969 | while (helper_buf_empty() && do_arp_script_run()); |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 970 | |
Simon Kelley | a953096 | 2012-03-20 22:07:35 +0000 | [diff] [blame] | 971 | # ifdef HAVE_TFTP |
| 972 | while (helper_buf_empty() && do_tftp_script_run()); |
| 973 | # endif |
| 974 | |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 975 | if (!helper_buf_empty()) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 976 | poll_listen(daemon->helperfd, POLLOUT); |
Simon Kelley | 33702ab | 2015-12-28 23:17:15 +0000 | [diff] [blame] | 977 | #else |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 978 | /* need this for other side-effects */ |
Simon Kelley | 53a9173 | 2016-01-06 17:59:13 +0000 | [diff] [blame] | 979 | # ifdef HAVE_DHCP |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 980 | while (do_script_run(now)); |
Simon Kelley | 53a9173 | 2016-01-06 17:59:13 +0000 | [diff] [blame] | 981 | # endif |
| 982 | |
Simon Kelley | b633de9 | 2016-01-06 22:51:17 +0000 | [diff] [blame] | 983 | while (do_arp_script_run()); |
Simon Kelley | a953096 | 2012-03-20 22:07:35 +0000 | [diff] [blame] | 984 | |
| 985 | # ifdef HAVE_TFTP |
| 986 | while (do_tftp_script_run()); |
| 987 | # endif |
| 988 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 989 | #endif |
Simon Kelley | 33702ab | 2015-12-28 23:17:15 +0000 | [diff] [blame] | 990 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 991 | |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 992 | /* must do this just before select(), when we know no |
| 993 | more calls to my_syslog() can occur */ |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 994 | set_log_writer(); |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 995 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 996 | if (do_poll(timeout) < 0) |
| 997 | continue; |
| 998 | |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 999 | now = dnsmasq_time(); |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 1000 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1001 | check_log_writer(0); |
Simon Kelley | 115ac3e | 2013-05-20 11:28:32 +0100 | [diff] [blame] | 1002 | |
| 1003 | /* prime. */ |
| 1004 | enumerate_interfaces(1); |
| 1005 | |
Simon Kelley | 74c95c2 | 2011-10-19 09:33:39 +0100 | [diff] [blame] | 1006 | /* Check the interfaces to see if any have exited DAD state |
| 1007 | and if so, bind the address. */ |
| 1008 | if (is_dad_listeners()) |
| 1009 | { |
Simon Kelley | 115ac3e | 2013-05-20 11:28:32 +0100 | [diff] [blame] | 1010 | enumerate_interfaces(0); |
Simon Kelley | 74c95c2 | 2011-10-19 09:33:39 +0100 | [diff] [blame] | 1011 | /* NB, is_dad_listeners() == 1 --> we're binding interfaces */ |
| 1012 | create_bound_listeners(0); |
Simon Kelley | dc27e14 | 2013-10-16 13:09:53 +0100 | [diff] [blame] | 1013 | warn_bound_listeners(); |
Simon Kelley | 74c95c2 | 2011-10-19 09:33:39 +0100 | [diff] [blame] | 1014 | } |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 1015 | |
Simon Kelley | 1ee9be4 | 2013-12-09 16:50:19 +0000 | [diff] [blame] | 1016 | #if defined(HAVE_LINUX_NETWORK) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1017 | if (poll_check(daemon->netlinkfd, POLLIN)) |
Simon Kelley | a0358e5 | 2014-06-07 13:38:48 +0100 | [diff] [blame] | 1018 | netlink_multicast(); |
Simon Kelley | 1ee9be4 | 2013-12-09 16:50:19 +0000 | [diff] [blame] | 1019 | #elif defined(HAVE_BSD_NETWORK) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1020 | if (poll_check(daemon->routefd, POLLIN)) |
Simon Kelley | a0358e5 | 2014-06-07 13:38:48 +0100 | [diff] [blame] | 1021 | route_sock(); |
Simon Kelley | c52e189 | 2010-06-07 22:01:39 +0100 | [diff] [blame] | 1022 | #endif |
| 1023 | |
Simon Kelley | 0491805 | 2015-01-26 11:23:43 +0000 | [diff] [blame] | 1024 | #ifdef HAVE_INOTIFY |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1025 | if (daemon->inotifyfd != -1 && poll_check(daemon->inotifyfd, POLLIN) && inotify_check(now)) |
Simon Kelley | 5f4dc5c | 2015-01-20 20:51:02 +0000 | [diff] [blame] | 1026 | { |
| 1027 | if (daemon->port != 0 && !option_bool(OPT_NO_POLL)) |
| 1028 | poll_resolv(1, 1, now); |
| 1029 | } |
Simon Kelley | 193de4a | 2014-12-10 17:32:16 +0000 | [diff] [blame] | 1030 | #else |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 1031 | /* Check for changes to resolv files once per second max. */ |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1032 | /* Don't go silent for long periods if the clock goes backwards. */ |
Simon Kelley | 9009d74 | 2008-11-14 20:04:27 +0000 | [diff] [blame] | 1033 | if (daemon->last_resolv == 0 || |
| 1034 | difftime(now, daemon->last_resolv) > 1.0 || |
| 1035 | difftime(now, daemon->last_resolv) < -1.0) |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 1036 | { |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 1037 | /* poll_resolv doesn't need to reload first time through, since |
| 1038 | that's queued anyway. */ |
Simon Kelley | 33820b7 | 2004-04-03 21:10:00 +0100 | [diff] [blame] | 1039 | |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 1040 | poll_resolv(0, daemon->last_resolv != 0, now); |
| 1041 | daemon->last_resolv = now; |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 1042 | } |
Simon Kelley | 193de4a | 2014-12-10 17:32:16 +0000 | [diff] [blame] | 1043 | #endif |
| 1044 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1045 | if (poll_check(piperead, POLLIN)) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1046 | async_event(piperead, now); |
Simon Kelley | 7cebd20 | 2006-05-06 14:13:33 +0100 | [diff] [blame] | 1047 | |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1048 | #ifdef HAVE_DBUS |
| 1049 | /* if we didn't create a DBus connection, retry now. */ |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 1050 | if (option_bool(OPT_DBUS) && !daemon->dbus) |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1051 | { |
| 1052 | char *err; |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1053 | if ((err = dbus_init())) |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 1054 | my_syslog(LOG_WARNING, _("DBus error: %s"), err); |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1055 | if (daemon->dbus) |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 1056 | my_syslog(LOG_INFO, _("connected to system DBus")); |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1057 | } |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1058 | check_dbus_listeners(); |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1059 | #endif |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 1060 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1061 | check_dns_listeners(now); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1062 | |
| 1063 | #ifdef HAVE_TFTP |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1064 | check_tftp_listeners(now); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1065 | #endif |
| 1066 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1067 | #ifdef HAVE_DHCP |
Simon Kelley | ff7eea2 | 2013-09-04 18:01:38 +0100 | [diff] [blame] | 1068 | if (daemon->dhcp || daemon->relay4) |
Simon Kelley | 316e273 | 2010-01-22 20:16:09 +0000 | [diff] [blame] | 1069 | { |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1070 | if (poll_check(daemon->dhcpfd, POLLIN)) |
Simon Kelley | 316e273 | 2010-01-22 20:16:09 +0000 | [diff] [blame] | 1071 | dhcp_packet(now, 0); |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1072 | if (daemon->pxefd != -1 && poll_check(daemon->pxefd, POLLIN)) |
Simon Kelley | 316e273 | 2010-01-22 20:16:09 +0000 | [diff] [blame] | 1073 | dhcp_packet(now, 1); |
| 1074 | } |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 1075 | |
Simon Kelley | 52b92f4 | 2012-01-22 16:05:15 +0000 | [diff] [blame] | 1076 | #ifdef HAVE_DHCP6 |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1077 | if ((daemon->doing_dhcp6 || daemon->relay6) && poll_check(daemon->dhcp6fd, POLLIN)) |
Simon Kelley | 18c63ef | 2012-05-21 14:34:15 +0100 | [diff] [blame] | 1078 | dhcp6_packet(now); |
Simon Kelley | c5ad4e7 | 2012-02-24 16:06:20 +0000 | [diff] [blame] | 1079 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1080 | if (daemon->doing_ra && poll_check(daemon->icmp6fd, POLLIN)) |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 1081 | icmp6_packet(now); |
Simon Kelley | 52b92f4 | 2012-01-22 16:05:15 +0000 | [diff] [blame] | 1082 | #endif |
| 1083 | |
Simon Kelley | 1f15b81 | 2009-10-13 17:49:32 +0100 | [diff] [blame] | 1084 | # ifdef HAVE_SCRIPT |
Simon Kelley | 63ec5d1 | 2015-07-30 20:59:07 +0100 | [diff] [blame] | 1085 | if (daemon->helperfd != -1 && poll_check(daemon->helperfd, POLLOUT)) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1086 | helper_write(); |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1087 | # endif |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1088 | #endif |
| 1089 | |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 1090 | } |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 1091 | } |
| 1092 | |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1093 | static void sig_handler(int sig) |
| 1094 | { |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1095 | if (pid == 0) |
| 1096 | { |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 1097 | /* ignore anything other than TERM during startup |
| 1098 | and in helper proc. (helper ignore TERM too) */ |
Simon Kelley | 3c973ad | 2018-01-14 21:05:37 +0000 | [diff] [blame] | 1099 | if (sig == SIGTERM || sig == SIGINT) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1100 | exit(EC_MISC); |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1101 | } |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1102 | else if (pid != getpid()) |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1103 | { |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 1104 | /* alarm is used to kill TCP children after a fixed time. */ |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1105 | if (sig == SIGALRM) |
Simon Kelley | 7cebd20 | 2006-05-06 14:13:33 +0100 | [diff] [blame] | 1106 | _exit(0); |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1107 | } |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1108 | else |
| 1109 | { |
| 1110 | /* master process */ |
| 1111 | int event, errsave = errno; |
| 1112 | |
| 1113 | if (sig == SIGHUP) |
| 1114 | event = EVENT_RELOAD; |
| 1115 | else if (sig == SIGCHLD) |
| 1116 | event = EVENT_CHILD; |
| 1117 | else if (sig == SIGALRM) |
| 1118 | event = EVENT_ALARM; |
| 1119 | else if (sig == SIGTERM) |
| 1120 | event = EVENT_TERM; |
| 1121 | else if (sig == SIGUSR1) |
| 1122 | event = EVENT_DUMP; |
| 1123 | else if (sig == SIGUSR2) |
| 1124 | event = EVENT_REOPEN; |
Simon Kelley | 3c973ad | 2018-01-14 21:05:37 +0000 | [diff] [blame] | 1125 | else if (sig == SIGINT) |
| 1126 | { |
| 1127 | /* Handle SIGINT normally in debug mode, so |
| 1128 | ctrl-c continues to operate. */ |
| 1129 | if (option_bool(OPT_DEBUG)) |
| 1130 | exit(EC_MISC); |
| 1131 | else |
| 1132 | event = EVENT_TIME; |
| 1133 | } |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1134 | else |
| 1135 | return; |
| 1136 | |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1137 | send_event(pipewrite, event, 0, NULL); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1138 | errno = errsave; |
| 1139 | } |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1140 | } |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 1141 | |
Simon Kelley | 353ae4d | 2012-03-19 20:07:51 +0000 | [diff] [blame] | 1142 | /* now == 0 -> queue immediate callback */ |
| 1143 | void send_alarm(time_t event, time_t now) |
Simon Kelley | 741c295 | 2012-02-25 13:09:18 +0000 | [diff] [blame] | 1144 | { |
Simon Kelley | 884a6df | 2012-03-20 16:20:22 +0000 | [diff] [blame] | 1145 | if (now == 0 || event != 0) |
Simon Kelley | 353ae4d | 2012-03-19 20:07:51 +0000 | [diff] [blame] | 1146 | { |
Simon Kelley | 884a6df | 2012-03-20 16:20:22 +0000 | [diff] [blame] | 1147 | /* alarm(0) or alarm(-ve) doesn't do what we want.... */ |
| 1148 | if ((now == 0 || difftime(event, now) <= 0.0)) |
| 1149 | send_event(pipewrite, EVENT_ALARM, 0, NULL); |
| 1150 | else |
| 1151 | alarm((unsigned)difftime(event, now)); |
Simon Kelley | 353ae4d | 2012-03-19 20:07:51 +0000 | [diff] [blame] | 1152 | } |
Simon Kelley | 741c295 | 2012-02-25 13:09:18 +0000 | [diff] [blame] | 1153 | } |
| 1154 | |
Simon Kelley | 47a9516 | 2014-07-08 22:22:02 +0100 | [diff] [blame] | 1155 | void queue_event(int event) |
Simon Kelley | a0358e5 | 2014-06-07 13:38:48 +0100 | [diff] [blame] | 1156 | { |
Simon Kelley | 47a9516 | 2014-07-08 22:22:02 +0100 | [diff] [blame] | 1157 | send_event(pipewrite, event, 0, NULL); |
Simon Kelley | a0358e5 | 2014-06-07 13:38:48 +0100 | [diff] [blame] | 1158 | } |
| 1159 | |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1160 | void send_event(int fd, int event, int data, char *msg) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1161 | { |
| 1162 | struct event_desc ev; |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1163 | struct iovec iov[2]; |
| 1164 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1165 | ev.event = event; |
| 1166 | ev.data = data; |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1167 | ev.msg_sz = msg ? strlen(msg) : 0; |
| 1168 | |
| 1169 | iov[0].iov_base = &ev; |
| 1170 | iov[0].iov_len = sizeof(ev); |
| 1171 | iov[1].iov_base = msg; |
| 1172 | iov[1].iov_len = ev.msg_sz; |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1173 | |
| 1174 | /* error pipe, debug mode. */ |
| 1175 | if (fd == -1) |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1176 | fatal_event(&ev, msg); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1177 | else |
| 1178 | /* pipe is non-blocking and struct event_desc is smaller than |
| 1179 | PIPE_BUF, so this either fails or writes everything */ |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1180 | while (writev(fd, iov, msg ? 2 : 1) == -1 && errno == EINTR); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1181 | } |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1182 | |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1183 | /* NOTE: the memory used to return msg is leaked: use msgs in events only |
| 1184 | to describe fatal errors. */ |
| 1185 | static int read_event(int fd, struct event_desc *evp, char **msg) |
| 1186 | { |
| 1187 | char *buf; |
| 1188 | |
| 1189 | if (!read_write(fd, (unsigned char *)evp, sizeof(struct event_desc), 1)) |
| 1190 | return 0; |
| 1191 | |
| 1192 | *msg = NULL; |
| 1193 | |
| 1194 | if (evp->msg_sz != 0 && |
| 1195 | (buf = malloc(evp->msg_sz + 1)) && |
| 1196 | read_write(fd, (unsigned char *)buf, evp->msg_sz, 1)) |
| 1197 | { |
| 1198 | buf[evp->msg_sz] = 0; |
| 1199 | *msg = buf; |
| 1200 | } |
| 1201 | |
| 1202 | return 1; |
| 1203 | } |
| 1204 | |
| 1205 | static void fatal_event(struct event_desc *ev, char *msg) |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1206 | { |
| 1207 | errno = ev->data; |
| 1208 | |
| 1209 | switch (ev->event) |
| 1210 | { |
| 1211 | case EVENT_DIE: |
| 1212 | exit(0); |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1213 | |
| 1214 | case EVENT_FORK_ERR: |
| 1215 | die(_("cannot fork into background: %s"), NULL, EC_MISC); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1216 | |
| 1217 | case EVENT_PIPE_ERR: |
| 1218 | die(_("failed to create helper: %s"), NULL, EC_MISC); |
| 1219 | |
| 1220 | case EVENT_CAP_ERR: |
| 1221 | die(_("setting capabilities failed: %s"), NULL, EC_MISC); |
| 1222 | |
| 1223 | case EVENT_USER_ERR: |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1224 | die(_("failed to change user-id to %s: %s"), msg, EC_MISC); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1225 | |
| 1226 | case EVENT_GROUP_ERR: |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1227 | die(_("failed to change group-id to %s: %s"), msg, EC_MISC); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1228 | |
| 1229 | case EVENT_PIDFILE: |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1230 | die(_("failed to open pidfile %s: %s"), msg, EC_FILE); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1231 | |
| 1232 | case EVENT_LOG_ERR: |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1233 | die(_("cannot open log %s: %s"), msg, EC_FILE); |
| 1234 | |
| 1235 | case EVENT_LUA_ERR: |
| 1236 | die(_("failed to load Lua script: %s"), msg, EC_MISC); |
Simon Kelley | 8b3ae2f | 2012-06-13 13:43:49 +0100 | [diff] [blame] | 1237 | |
| 1238 | case EVENT_TFTP_ERR: |
| 1239 | die(_("TFTP directory %s inaccessible: %s"), msg, EC_FILE); |
Simon Kelley | 360f251 | 2015-03-07 18:28:06 +0000 | [diff] [blame] | 1240 | |
| 1241 | case EVENT_TIME_ERR: |
| 1242 | die(_("cannot create timestamp file %s: %s" ), msg, EC_BADCONF); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1243 | } |
| 1244 | } |
| 1245 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1246 | static void async_event(int pipe, time_t now) |
| 1247 | { |
| 1248 | pid_t p; |
| 1249 | struct event_desc ev; |
Simon Kelley | 7b1eae4 | 2014-02-20 13:43:28 +0000 | [diff] [blame] | 1250 | int i, check = 0; |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1251 | char *msg; |
| 1252 | |
| 1253 | /* NOTE: the memory used to return msg is leaked: use msgs in events only |
| 1254 | to describe fatal errors. */ |
| 1255 | |
| 1256 | if (read_event(pipe, &ev, &msg)) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1257 | switch (ev.event) |
| 1258 | { |
| 1259 | case EVENT_RELOAD: |
Simon Kelley | c8328ec | 2016-08-05 16:54:58 +0100 | [diff] [blame] | 1260 | daemon->soa_sn++; /* Bump zone serial, as it may have changed. */ |
Simon Kelley | 3c973ad | 2018-01-14 21:05:37 +0000 | [diff] [blame] | 1261 | |
Simon Kelley | e98bd52 | 2014-03-28 20:41:23 +0000 | [diff] [blame] | 1262 | /* fall through */ |
| 1263 | |
| 1264 | case EVENT_INIT: |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1265 | clear_cache_and_reload(now); |
Simon Kelley | e98bd52 | 2014-03-28 20:41:23 +0000 | [diff] [blame] | 1266 | |
Simon Kelley | 7b1eae4 | 2014-02-20 13:43:28 +0000 | [diff] [blame] | 1267 | if (daemon->port != 0) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1268 | { |
Simon Kelley | 7b1eae4 | 2014-02-20 13:43:28 +0000 | [diff] [blame] | 1269 | if (daemon->resolv_files && option_bool(OPT_NO_POLL)) |
| 1270 | { |
| 1271 | reload_servers(daemon->resolv_files->name); |
| 1272 | check = 1; |
| 1273 | } |
| 1274 | |
| 1275 | if (daemon->servers_file) |
| 1276 | { |
| 1277 | read_servers_file(); |
| 1278 | check = 1; |
| 1279 | } |
| 1280 | |
| 1281 | if (check) |
| 1282 | check_servers(); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1283 | } |
Simon Kelley | 7b1eae4 | 2014-02-20 13:43:28 +0000 | [diff] [blame] | 1284 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1285 | #ifdef HAVE_DHCP |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1286 | rerun_scripts(); |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1287 | #endif |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1288 | break; |
| 1289 | |
| 1290 | case EVENT_DUMP: |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 1291 | if (daemon->port != 0) |
| 1292 | dump_cache(now); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1293 | break; |
| 1294 | |
| 1295 | case EVENT_ALARM: |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1296 | #ifdef HAVE_DHCP |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 1297 | if (daemon->dhcp || daemon->doing_dhcp6) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1298 | { |
| 1299 | lease_prune(NULL, now); |
| 1300 | lease_update_file(now); |
| 1301 | } |
Simon Kelley | 843c96b | 2012-02-27 17:42:38 +0000 | [diff] [blame] | 1302 | #ifdef HAVE_DHCP6 |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 1303 | else if (daemon->doing_ra) |
Simon Kelley | 353ae4d | 2012-03-19 20:07:51 +0000 | [diff] [blame] | 1304 | /* Not doing DHCP, so no lease system, manage alarms for ra only */ |
| 1305 | send_alarm(periodic_ra(now), now); |
Simon Kelley | 843c96b | 2012-02-27 17:42:38 +0000 | [diff] [blame] | 1306 | #endif |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1307 | #endif |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1308 | break; |
| 1309 | |
| 1310 | case EVENT_CHILD: |
| 1311 | /* See Stevens 5.10 */ |
| 1312 | while ((p = waitpid(-1, NULL, WNOHANG)) != 0) |
| 1313 | if (p == -1) |
| 1314 | { |
| 1315 | if (errno != EINTR) |
| 1316 | break; |
| 1317 | } |
| 1318 | else |
| 1319 | for (i = 0 ; i < MAX_PROCS; i++) |
| 1320 | if (daemon->tcp_pids[i] == p) |
| 1321 | daemon->tcp_pids[i] = 0; |
| 1322 | break; |
| 1323 | |
Petr MenÅ¡Ãk | c77fb9d | 2017-04-16 20:20:08 +0100 | [diff] [blame] | 1324 | #if defined(HAVE_SCRIPT) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1325 | case EVENT_KILLED: |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1326 | my_syslog(LOG_WARNING, _("script process killed by signal %d"), ev.data); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1327 | break; |
| 1328 | |
| 1329 | case EVENT_EXITED: |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1330 | my_syslog(LOG_WARNING, _("script process exited with status %d"), ev.data); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1331 | break; |
| 1332 | |
| 1333 | case EVENT_EXEC_ERR: |
Simon Kelley | 9e03894 | 2008-05-30 20:06:34 +0100 | [diff] [blame] | 1334 | my_syslog(LOG_ERR, _("failed to execute %s: %s"), |
| 1335 | daemon->lease_change_command, strerror(ev.data)); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1336 | break; |
| 1337 | |
Petr MenÅ¡Ãk | c77fb9d | 2017-04-16 20:20:08 +0100 | [diff] [blame] | 1338 | case EVENT_SCRIPT_LOG: |
| 1339 | my_syslog(MS_SCRIPT | LOG_DEBUG, "%s", msg ? msg : ""); |
| 1340 | free(msg); |
| 1341 | msg = NULL; |
| 1342 | break; |
| 1343 | |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1344 | /* necessary for fatal errors in helper */ |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1345 | case EVENT_USER_ERR: |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1346 | case EVENT_DIE: |
Simon Kelley | c72daea | 2012-01-05 21:33:27 +0000 | [diff] [blame] | 1347 | case EVENT_LUA_ERR: |
| 1348 | fatal_event(&ev, msg); |
Simon Kelley | 9e03894 | 2008-05-30 20:06:34 +0100 | [diff] [blame] | 1349 | break; |
Petr MenÅ¡Ãk | c77fb9d | 2017-04-16 20:20:08 +0100 | [diff] [blame] | 1350 | #endif |
Simon Kelley | 9e03894 | 2008-05-30 20:06:34 +0100 | [diff] [blame] | 1351 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1352 | case EVENT_REOPEN: |
| 1353 | /* Note: this may leave TCP-handling processes with the old file still open. |
| 1354 | Since any such process will die in CHILD_LIFETIME or probably much sooner, |
| 1355 | we leave them logging to the old file. */ |
| 1356 | if (daemon->log_file != NULL) |
| 1357 | log_reopen(daemon->log_file); |
| 1358 | break; |
Simon Kelley | a0358e5 | 2014-06-07 13:38:48 +0100 | [diff] [blame] | 1359 | |
| 1360 | case EVENT_NEWADDR: |
| 1361 | newaddress(now); |
| 1362 | break; |
Simon Kelley | 47a9516 | 2014-07-08 22:22:02 +0100 | [diff] [blame] | 1363 | |
| 1364 | case EVENT_NEWROUTE: |
| 1365 | resend_query(); |
| 1366 | /* Force re-reading resolv file right now, for luck. */ |
| 1367 | poll_resolv(0, 1, now); |
| 1368 | break; |
| 1369 | |
Simon Kelley | 3c973ad | 2018-01-14 21:05:37 +0000 | [diff] [blame] | 1370 | case EVENT_TIME: |
| 1371 | #ifdef HAVE_DNSSEC |
| 1372 | if (daemon->dnssec_no_time_check && option_bool(OPT_DNSSEC_VALID) && option_bool(OPT_DNSSEC_TIME)) |
| 1373 | { |
| 1374 | my_syslog(LOG_INFO, _("now checking DNSSEC signature timestamps")); |
| 1375 | daemon->dnssec_no_time_check = 0; |
| 1376 | clear_cache_and_reload(now); |
| 1377 | } |
| 1378 | #endif |
| 1379 | break; |
| 1380 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1381 | case EVENT_TERM: |
| 1382 | /* Knock all our children on the head. */ |
| 1383 | for (i = 0; i < MAX_PROCS; i++) |
| 1384 | if (daemon->tcp_pids[i] != 0) |
| 1385 | kill(daemon->tcp_pids[i], SIGALRM); |
| 1386 | |
Simon Kelley | 53a9173 | 2016-01-06 17:59:13 +0000 | [diff] [blame] | 1387 | #if defined(HAVE_SCRIPT) && defined(HAVE_DHCP) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1388 | /* handle pending lease transitions */ |
| 1389 | if (daemon->helperfd != -1) |
| 1390 | { |
| 1391 | /* block in writes until all done */ |
| 1392 | if ((i = fcntl(daemon->helperfd, F_GETFL)) != -1) |
| 1393 | fcntl(daemon->helperfd, F_SETFL, i & ~O_NONBLOCK); |
| 1394 | do { |
| 1395 | helper_write(); |
| 1396 | } while (!helper_buf_empty() || do_script_run(now)); |
Simon Kelley | ff841eb | 2015-03-11 21:36:30 +0000 | [diff] [blame] | 1397 | while (retry_send(close(daemon->helperfd))); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1398 | } |
| 1399 | #endif |
| 1400 | |
| 1401 | if (daemon->lease_stream) |
| 1402 | fclose(daemon->lease_stream); |
Simon Kelley | 73a08a2 | 2009-02-05 20:28:08 +0000 | [diff] [blame] | 1403 | |
Kevin Darbyshire-Bryant | 34b5d19 | 2015-07-27 19:34:23 +0100 | [diff] [blame] | 1404 | #ifdef HAVE_DNSSEC |
| 1405 | /* update timestamp file on TERM if time is considered valid */ |
| 1406 | if (daemon->back_to_the_future) |
| 1407 | { |
Vladislav Grishenko | 4583dd9 | 2017-05-03 23:16:51 +0100 | [diff] [blame] | 1408 | if (utimes(daemon->timestamp_file, NULL) == -1) |
Kevin Darbyshire-Bryant | 34b5d19 | 2015-07-27 19:34:23 +0100 | [diff] [blame] | 1409 | my_syslog(LOG_ERR, _("failed to update mtime on %s: %s"), daemon->timestamp_file, strerror(errno)); |
| 1410 | } |
| 1411 | #endif |
| 1412 | |
Simon Kelley | 73a08a2 | 2009-02-05 20:28:08 +0000 | [diff] [blame] | 1413 | if (daemon->runfile) |
| 1414 | unlink(daemon->runfile); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1415 | |
| 1416 | my_syslog(LOG_INFO, _("exiting on receipt of SIGTERM")); |
| 1417 | flush_log(); |
| 1418 | exit(EC_GOOD); |
| 1419 | } |
| 1420 | } |
| 1421 | |
Simon Kelley | 47a9516 | 2014-07-08 22:22:02 +0100 | [diff] [blame] | 1422 | static void poll_resolv(int force, int do_reload, time_t now) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1423 | { |
| 1424 | struct resolvc *res, *latest; |
| 1425 | struct stat statbuf; |
| 1426 | time_t last_change = 0; |
| 1427 | /* There may be more than one possible file. |
| 1428 | Go through and find the one which changed _last_. |
| 1429 | Warn of any which can't be read. */ |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 1430 | |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 1431 | if (daemon->port == 0 || option_bool(OPT_NO_POLL)) |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 1432 | return; |
| 1433 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1434 | for (latest = NULL, res = daemon->resolv_files; res; res = res->next) |
| 1435 | if (stat(res->name, &statbuf) == -1) |
| 1436 | { |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 1437 | if (force) |
| 1438 | { |
| 1439 | res->mtime = 0; |
| 1440 | continue; |
| 1441 | } |
| 1442 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1443 | if (!res->logged) |
| 1444 | my_syslog(LOG_WARNING, _("failed to access %s: %s"), res->name, strerror(errno)); |
| 1445 | res->logged = 1; |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 1446 | |
| 1447 | if (res->mtime != 0) |
| 1448 | { |
| 1449 | /* existing file evaporated, force selection of the latest |
| 1450 | file even if its mtime hasn't changed since we last looked */ |
| 1451 | poll_resolv(1, do_reload, now); |
| 1452 | return; |
| 1453 | } |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1454 | } |
| 1455 | else |
| 1456 | { |
| 1457 | res->logged = 0; |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 1458 | if (force || (statbuf.st_mtime != res->mtime)) |
| 1459 | { |
| 1460 | res->mtime = statbuf.st_mtime; |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1461 | if (difftime(statbuf.st_mtime, last_change) > 0.0) |
| 1462 | { |
| 1463 | last_change = statbuf.st_mtime; |
| 1464 | latest = res; |
| 1465 | } |
| 1466 | } |
| 1467 | } |
| 1468 | |
| 1469 | if (latest) |
| 1470 | { |
| 1471 | static int warned = 0; |
| 1472 | if (reload_servers(latest->name)) |
| 1473 | { |
| 1474 | my_syslog(LOG_INFO, _("reading %s"), latest->name); |
| 1475 | warned = 0; |
| 1476 | check_servers(); |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 1477 | if (option_bool(OPT_RELOAD) && do_reload) |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 1478 | clear_cache_and_reload(now); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1479 | } |
| 1480 | else |
| 1481 | { |
| 1482 | latest->mtime = 0; |
| 1483 | if (!warned) |
| 1484 | { |
| 1485 | my_syslog(LOG_WARNING, _("no servers found in %s, will retry"), latest->name); |
| 1486 | warned = 1; |
| 1487 | } |
| 1488 | } |
| 1489 | } |
| 1490 | } |
| 1491 | |
| 1492 | void clear_cache_and_reload(time_t now) |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1493 | { |
Vladislav Grishenko | 408c368 | 2013-09-24 16:18:49 +0100 | [diff] [blame] | 1494 | (void)now; |
| 1495 | |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 1496 | if (daemon->port != 0) |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1497 | cache_reload(); |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 1498 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1499 | #ifdef HAVE_DHCP |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 1500 | if (daemon->dhcp || daemon->doing_dhcp6) |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1501 | { |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 1502 | if (option_bool(OPT_ETHERS)) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1503 | dhcp_read_ethers(); |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 1504 | reread_dhcp(); |
Simon Kelley | 0491805 | 2015-01-26 11:23:43 +0000 | [diff] [blame] | 1505 | #ifdef HAVE_INOTIFY |
Simon Kelley | 70d1873 | 2015-01-31 19:59:29 +0000 | [diff] [blame] | 1506 | set_dynamic_inotify(AH_DHCP_HST | AH_DHCP_OPT, 0, NULL, 0); |
Simon Kelley | 5f4dc5c | 2015-01-20 20:51:02 +0000 | [diff] [blame] | 1507 | #endif |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1508 | dhcp_update_configs(daemon->dhcp_conf); |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1509 | lease_update_from_configs(); |
| 1510 | lease_update_file(now); |
Simon Kelley | 353ae4d | 2012-03-19 20:07:51 +0000 | [diff] [blame] | 1511 | lease_update_dns(1); |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1512 | } |
Simon Kelley | 843c96b | 2012-02-27 17:42:38 +0000 | [diff] [blame] | 1513 | #ifdef HAVE_DHCP6 |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 1514 | else if (daemon->doing_ra) |
Simon Kelley | 2021c66 | 2012-05-07 16:43:21 +0100 | [diff] [blame] | 1515 | /* Not doing DHCP, so no lease system, manage |
| 1516 | alarms for ra only */ |
| 1517 | send_alarm(periodic_ra(now), now); |
Simon Kelley | 843c96b | 2012-02-27 17:42:38 +0000 | [diff] [blame] | 1518 | #endif |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1519 | #endif |
Simon Kelley | 3d8df26 | 2005-08-29 12:19:27 +0100 | [diff] [blame] | 1520 | } |
| 1521 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1522 | static int set_dns_listeners(time_t now) |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1523 | { |
| 1524 | struct serverfd *serverfdp; |
| 1525 | struct listener *listener; |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 1526 | int wait = 0, i; |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1527 | |
| 1528 | #ifdef HAVE_TFTP |
| 1529 | int tftp = 0; |
| 1530 | struct tftp_transfer *transfer; |
| 1531 | for (transfer = daemon->tftp_trans; transfer; transfer = transfer->next) |
| 1532 | { |
| 1533 | tftp++; |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1534 | poll_listen(transfer->sockfd, POLLIN); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1535 | } |
| 1536 | #endif |
| 1537 | |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 1538 | /* will we be able to get memory? */ |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 1539 | if (daemon->port != 0) |
Simon Kelley | 3a23715 | 2013-12-12 12:15:50 +0000 | [diff] [blame] | 1540 | get_new_frec(now, &wait, 0); |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 1541 | |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1542 | for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1543 | poll_listen(serverfdp->fd, POLLIN); |
Simon Kelley | f6d6956 | 2015-07-08 22:38:13 +0100 | [diff] [blame] | 1544 | |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1545 | if (daemon->port != 0 && !daemon->osport) |
| 1546 | for (i = 0; i < RANDOM_SOCKS; i++) |
| 1547 | if (daemon->randomsocks[i].refcount != 0) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1548 | poll_listen(daemon->randomsocks[i].fd, POLLIN); |
Simon Kelley | f6d6956 | 2015-07-08 22:38:13 +0100 | [diff] [blame] | 1549 | |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1550 | for (listener = daemon->listeners; listener; listener = listener->next) |
| 1551 | { |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 1552 | /* only listen for queries if we have resources */ |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 1553 | if (listener->fd != -1 && wait == 0) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1554 | poll_listen(listener->fd, POLLIN); |
Simon Kelley | f6d6956 | 2015-07-08 22:38:13 +0100 | [diff] [blame] | 1555 | |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 1556 | /* death of a child goes through the select loop, so |
| 1557 | we don't need to explicitly arrange to wake up here */ |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 1558 | if (listener->tcpfd != -1) |
| 1559 | for (i = 0; i < MAX_PROCS; i++) |
| 1560 | if (daemon->tcp_pids[i] == 0) |
| 1561 | { |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1562 | poll_listen(listener->tcpfd, POLLIN); |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 1563 | break; |
| 1564 | } |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 1565 | |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1566 | #ifdef HAVE_TFTP |
| 1567 | if (tftp <= daemon->tftp_max && listener->tftpfd != -1) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1568 | poll_listen(listener->tftpfd, POLLIN); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1569 | #endif |
| 1570 | |
| 1571 | } |
| 1572 | |
Simon Kelley | 1697269 | 2006-10-16 20:04:18 +0100 | [diff] [blame] | 1573 | return wait; |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1574 | } |
Simon Kelley | 9e4abcb | 2004-01-22 19:47:41 +0000 | [diff] [blame] | 1575 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1576 | static void check_dns_listeners(time_t now) |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1577 | { |
| 1578 | struct serverfd *serverfdp; |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1579 | struct listener *listener; |
| 1580 | int i; |
| 1581 | |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1582 | for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1583 | if (poll_check(serverfdp->fd, POLLIN)) |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1584 | reply_query(serverfdp->fd, serverfdp->source_addr.sa.sa_family, now); |
| 1585 | |
| 1586 | if (daemon->port != 0 && !daemon->osport) |
| 1587 | for (i = 0; i < RANDOM_SOCKS; i++) |
| 1588 | if (daemon->randomsocks[i].refcount != 0 && |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1589 | poll_check(daemon->randomsocks[i].fd, POLLIN)) |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1590 | reply_query(daemon->randomsocks[i].fd, daemon->randomsocks[i].family, now); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1591 | |
| 1592 | for (listener = daemon->listeners; listener; listener = listener->next) |
| 1593 | { |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1594 | if (listener->fd != -1 && poll_check(listener->fd, POLLIN)) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1595 | receive_query(listener, now); |
Simon Kelley | 1a6bca8 | 2008-07-11 11:11:42 +0100 | [diff] [blame] | 1596 | |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1597 | #ifdef HAVE_TFTP |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1598 | if (listener->tftpfd != -1 && poll_check(listener->tftpfd, POLLIN)) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1599 | tftp_request(listener, now); |
Simon Kelley | 59353a6 | 2004-11-21 19:34:28 +0000 | [diff] [blame] | 1600 | #endif |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1601 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1602 | if (listener->tcpfd != -1 && poll_check(listener->tcpfd, POLLIN)) |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1603 | { |
Simon Kelley | 22ce550 | 2013-01-22 13:53:04 +0000 | [diff] [blame] | 1604 | int confd, client_ok = 1; |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1605 | struct irec *iface = NULL; |
| 1606 | pid_t p; |
Simon Kelley | 52d4abf | 2012-03-21 21:39:48 +0000 | [diff] [blame] | 1607 | union mysockaddr tcp_addr; |
| 1608 | socklen_t tcp_len = sizeof(union mysockaddr); |
| 1609 | |
| 1610 | while ((confd = accept(listener->tcpfd, NULL, NULL)) == -1 && errno == EINTR); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1611 | |
Simon Kelley | 46b0665 | 2013-02-04 21:47:59 +0000 | [diff] [blame] | 1612 | if (confd == -1) |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1613 | continue; |
Simon Kelley | 76dd75d | 2013-05-23 10:04:25 +0100 | [diff] [blame] | 1614 | |
Simon Kelley | 46b0665 | 2013-02-04 21:47:59 +0000 | [diff] [blame] | 1615 | if (getsockname(confd, (struct sockaddr *)&tcp_addr, &tcp_len) == -1) |
| 1616 | { |
Simon Kelley | ff841eb | 2015-03-11 21:36:30 +0000 | [diff] [blame] | 1617 | while (retry_send(close(confd))); |
Simon Kelley | 46b0665 | 2013-02-04 21:47:59 +0000 | [diff] [blame] | 1618 | continue; |
| 1619 | } |
Simon Kelley | 76dd75d | 2013-05-23 10:04:25 +0100 | [diff] [blame] | 1620 | |
| 1621 | /* Make sure that the interface list is up-to-date. |
| 1622 | |
| 1623 | We do this here as we may need the results below, and |
| 1624 | the DNS code needs them for --interface-name stuff. |
Simon Kelley | 46b0665 | 2013-02-04 21:47:59 +0000 | [diff] [blame] | 1625 | |
Simon Kelley | 76dd75d | 2013-05-23 10:04:25 +0100 | [diff] [blame] | 1626 | Multiple calls to enumerate_interfaces() per select loop are |
| 1627 | inhibited, so calls to it in the child process (which doesn't select()) |
| 1628 | have no effect. This avoids two processes reading from the same |
| 1629 | netlink fd and screwing the pooch entirely. |
| 1630 | */ |
Simon Kelley | e25db1f | 2013-01-29 22:10:26 +0000 | [diff] [blame] | 1631 | |
Simon Kelley | 76dd75d | 2013-05-23 10:04:25 +0100 | [diff] [blame] | 1632 | enumerate_interfaces(0); |
| 1633 | |
| 1634 | if (option_bool(OPT_NOWILD)) |
| 1635 | iface = listener->iface; /* May be NULL */ |
| 1636 | else |
| 1637 | { |
| 1638 | int if_index; |
| 1639 | char intr_name[IF_NAMESIZE]; |
| 1640 | |
| 1641 | /* if we can find the arrival interface, check it's one that's allowed */ |
| 1642 | if ((if_index = tcp_interface(confd, tcp_addr.sa.sa_family)) != 0 && |
| 1643 | indextoname(listener->tcpfd, if_index, intr_name)) |
| 1644 | { |
| 1645 | struct all_addr addr; |
| 1646 | addr.addr.addr4 = tcp_addr.in.sin_addr; |
Simon Kelley | e25db1f | 2013-01-29 22:10:26 +0000 | [diff] [blame] | 1647 | #ifdef HAVE_IPV6 |
Simon Kelley | 76dd75d | 2013-05-23 10:04:25 +0100 | [diff] [blame] | 1648 | if (tcp_addr.sa.sa_family == AF_INET6) |
| 1649 | addr.addr.addr6 = tcp_addr.in6.sin6_addr; |
Simon Kelley | e25db1f | 2013-01-29 22:10:26 +0000 | [diff] [blame] | 1650 | #endif |
Simon Kelley | 76dd75d | 2013-05-23 10:04:25 +0100 | [diff] [blame] | 1651 | |
| 1652 | for (iface = daemon->interfaces; iface; iface = iface->next) |
| 1653 | if (iface->index == if_index) |
| 1654 | break; |
| 1655 | |
| 1656 | if (!iface && !loopback_exception(listener->tcpfd, tcp_addr.sa.sa_family, &addr, intr_name)) |
| 1657 | client_ok = 0; |
| 1658 | } |
| 1659 | |
| 1660 | if (option_bool(OPT_CLEVERBIND)) |
| 1661 | iface = listener->iface; /* May be NULL */ |
| 1662 | else |
| 1663 | { |
| 1664 | /* Check for allowed interfaces when binding the wildcard address: |
| 1665 | we do this by looking for an interface with the same address as |
| 1666 | the local address of the TCP connection, then looking to see if that's |
| 1667 | an allowed interface. As a side effect, we get the netmask of the |
| 1668 | interface too, for localisation. */ |
| 1669 | |
| 1670 | for (iface = daemon->interfaces; iface; iface = iface->next) |
| 1671 | if (sockaddr_isequal(&iface->addr, &tcp_addr)) |
| 1672 | break; |
| 1673 | |
| 1674 | if (!iface) |
| 1675 | client_ok = 0; |
| 1676 | } |
| 1677 | } |
| 1678 | |
Simon Kelley | 22ce550 | 2013-01-22 13:53:04 +0000 | [diff] [blame] | 1679 | if (!client_ok) |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1680 | { |
| 1681 | shutdown(confd, SHUT_RDWR); |
Simon Kelley | ff841eb | 2015-03-11 21:36:30 +0000 | [diff] [blame] | 1682 | while (retry_send(close(confd))); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1683 | } |
| 1684 | #ifndef NO_FORK |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 1685 | else if (!option_bool(OPT_DEBUG) && (p = fork()) != 0) |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1686 | { |
| 1687 | if (p != -1) |
| 1688 | { |
| 1689 | int i; |
| 1690 | for (i = 0; i < MAX_PROCS; i++) |
| 1691 | if (daemon->tcp_pids[i] == 0) |
| 1692 | { |
| 1693 | daemon->tcp_pids[i] = p; |
| 1694 | break; |
| 1695 | } |
| 1696 | } |
Simon Kelley | ff841eb | 2015-03-11 21:36:30 +0000 | [diff] [blame] | 1697 | while (retry_send(close(confd))); |
Simon Kelley | 25cf5e3 | 2015-01-09 15:53:03 +0000 | [diff] [blame] | 1698 | |
| 1699 | /* The child can use up to TCP_MAX_QUERIES ids, so skip that many. */ |
| 1700 | daemon->log_id += TCP_MAX_QUERIES; |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1701 | } |
| 1702 | #endif |
| 1703 | else |
| 1704 | { |
| 1705 | unsigned char *buff; |
| 1706 | struct server *s; |
| 1707 | int flags; |
Simon Kelley | 52d4abf | 2012-03-21 21:39:48 +0000 | [diff] [blame] | 1708 | struct in_addr netmask; |
Simon Kelley | 4f7b304 | 2012-11-28 21:27:02 +0000 | [diff] [blame] | 1709 | int auth_dns; |
Simon Kelley | 52d4abf | 2012-03-21 21:39:48 +0000 | [diff] [blame] | 1710 | |
| 1711 | if (iface) |
Simon Kelley | 4f7b304 | 2012-11-28 21:27:02 +0000 | [diff] [blame] | 1712 | { |
| 1713 | netmask = iface->netmask; |
| 1714 | auth_dns = iface->dns_auth; |
| 1715 | } |
Simon Kelley | 52d4abf | 2012-03-21 21:39:48 +0000 | [diff] [blame] | 1716 | else |
Simon Kelley | 4f7b304 | 2012-11-28 21:27:02 +0000 | [diff] [blame] | 1717 | { |
| 1718 | netmask.s_addr = 0; |
| 1719 | auth_dns = 0; |
| 1720 | } |
Simon Kelley | 52d4abf | 2012-03-21 21:39:48 +0000 | [diff] [blame] | 1721 | |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 1722 | #ifndef NO_FORK |
Josh Soref | 730c674 | 2017-02-06 16:14:04 +0000 | [diff] [blame] | 1723 | /* Arrange for SIGALRM after CHILD_LIFETIME seconds to |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 1724 | terminate the process. */ |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 1725 | if (!option_bool(OPT_DEBUG)) |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1726 | alarm(CHILD_LIFETIME); |
Simon Kelley | 8ef5ada | 2010-06-03 19:42:45 +0100 | [diff] [blame] | 1727 | #endif |
| 1728 | |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1729 | /* start with no upstream connections. */ |
| 1730 | for (s = daemon->servers; s; s = s->next) |
Simon Kelley | 7cebd20 | 2006-05-06 14:13:33 +0100 | [diff] [blame] | 1731 | s->tcpfd = -1; |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1732 | |
| 1733 | /* The connected socket inherits non-blocking |
| 1734 | attribute from the listening socket. |
| 1735 | Reset that here. */ |
| 1736 | if ((flags = fcntl(confd, F_GETFL, 0)) != -1) |
| 1737 | fcntl(confd, F_SETFL, flags & ~O_NONBLOCK); |
| 1738 | |
Simon Kelley | 4f7b304 | 2012-11-28 21:27:02 +0000 | [diff] [blame] | 1739 | buff = tcp_request(confd, now, &tcp_addr, netmask, auth_dns); |
Simon Kelley | 7cebd20 | 2006-05-06 14:13:33 +0100 | [diff] [blame] | 1740 | |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1741 | shutdown(confd, SHUT_RDWR); |
Simon Kelley | ff841eb | 2015-03-11 21:36:30 +0000 | [diff] [blame] | 1742 | while (retry_send(close(confd))); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1743 | |
| 1744 | if (buff) |
| 1745 | free(buff); |
| 1746 | |
| 1747 | for (s = daemon->servers; s; s = s->next) |
| 1748 | if (s->tcpfd != -1) |
| 1749 | { |
| 1750 | shutdown(s->tcpfd, SHUT_RDWR); |
Simon Kelley | ff841eb | 2015-03-11 21:36:30 +0000 | [diff] [blame] | 1751 | while (retry_send(close(s->tcpfd))); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1752 | } |
Simon Kelley | 7cebd20 | 2006-05-06 14:13:33 +0100 | [diff] [blame] | 1753 | #ifndef NO_FORK |
Simon Kelley | 28866e9 | 2011-02-14 20:19:14 +0000 | [diff] [blame] | 1754 | if (!option_bool(OPT_DEBUG)) |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1755 | { |
| 1756 | flush_log(); |
| 1757 | _exit(0); |
| 1758 | } |
Simon Kelley | 7cebd20 | 2006-05-06 14:13:33 +0100 | [diff] [blame] | 1759 | #endif |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1760 | } |
| 1761 | } |
| 1762 | } |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1763 | } |
| 1764 | |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1765 | #ifdef HAVE_DHCP |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1766 | int make_icmp_sock(void) |
| 1767 | { |
Simon Kelley | 7cebd20 | 2006-05-06 14:13:33 +0100 | [diff] [blame] | 1768 | int fd; |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1769 | int zeroopt = 0; |
| 1770 | |
| 1771 | if ((fd = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP)) != -1) |
| 1772 | { |
Simon Kelley | 7cebd20 | 2006-05-06 14:13:33 +0100 | [diff] [blame] | 1773 | if (!fix_fd(fd) || |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1774 | setsockopt(fd, SOL_SOCKET, SO_DONTROUTE, &zeroopt, sizeof(zeroopt)) == -1) |
| 1775 | { |
| 1776 | close(fd); |
| 1777 | fd = -1; |
| 1778 | } |
| 1779 | } |
| 1780 | |
| 1781 | return fd; |
| 1782 | } |
| 1783 | |
Simon Kelley | 5aabfc7 | 2007-08-29 11:24:47 +0100 | [diff] [blame] | 1784 | int icmp_ping(struct in_addr addr) |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1785 | { |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1786 | /* Try and get an ICMP echo from a machine. */ |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1787 | |
Floris Bos | 503c609 | 2017-04-09 23:07:13 +0100 | [diff] [blame] | 1788 | int fd; |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1789 | struct sockaddr_in saddr; |
| 1790 | struct { |
| 1791 | struct ip ip; |
| 1792 | struct icmp icmp; |
| 1793 | } packet; |
| 1794 | unsigned short id = rand16(); |
Floris Bos | 503c609 | 2017-04-09 23:07:13 +0100 | [diff] [blame] | 1795 | unsigned int i, j; |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1796 | int gotreply = 0; |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1797 | |
Simon Kelley | 824af85 | 2008-02-12 20:43:05 +0000 | [diff] [blame] | 1798 | #if defined(HAVE_LINUX_NETWORK) || defined (HAVE_SOLARIS_NETWORK) |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1799 | if ((fd = make_icmp_sock()) == -1) |
| 1800 | return 0; |
| 1801 | #else |
| 1802 | int opt = 2000; |
| 1803 | fd = daemon->dhcp_icmp_fd; |
| 1804 | setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt)); |
| 1805 | #endif |
| 1806 | |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1807 | saddr.sin_family = AF_INET; |
| 1808 | saddr.sin_port = 0; |
| 1809 | saddr.sin_addr = addr; |
| 1810 | #ifdef HAVE_SOCKADDR_SA_LEN |
| 1811 | saddr.sin_len = sizeof(struct sockaddr_in); |
| 1812 | #endif |
| 1813 | |
| 1814 | memset(&packet.icmp, 0, sizeof(packet.icmp)); |
| 1815 | packet.icmp.icmp_type = ICMP_ECHO; |
| 1816 | packet.icmp.icmp_id = id; |
| 1817 | for (j = 0, i = 0; i < sizeof(struct icmp) / 2; i++) |
| 1818 | j += ((u16 *)&packet.icmp)[i]; |
| 1819 | while (j>>16) |
| 1820 | j = (j & 0xffff) + (j >> 16); |
| 1821 | packet.icmp.icmp_cksum = (j == 0xffff) ? j : ~j; |
| 1822 | |
Simon Kelley | ff841eb | 2015-03-11 21:36:30 +0000 | [diff] [blame] | 1823 | while (retry_send(sendto(fd, (char *)&packet.icmp, sizeof(struct icmp), 0, |
| 1824 | (struct sockaddr *)&saddr, sizeof(saddr)))); |
Simon Kelley | fd9fa48 | 2004-10-21 20:24:00 +0100 | [diff] [blame] | 1825 | |
Floris Bos | 503c609 | 2017-04-09 23:07:13 +0100 | [diff] [blame] | 1826 | gotreply = delay_dhcp(dnsmasq_time(), PING_WAIT, fd, addr.s_addr, id); |
| 1827 | |
| 1828 | #if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK) |
| 1829 | while (retry_send(close(fd))); |
| 1830 | #else |
| 1831 | opt = 1; |
| 1832 | setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt)); |
| 1833 | #endif |
| 1834 | |
| 1835 | return gotreply; |
| 1836 | } |
| 1837 | |
| 1838 | int delay_dhcp(time_t start, int sec, int fd, uint32_t addr, unsigned short id) |
| 1839 | { |
| 1840 | /* Delay processing DHCP packets for "sec" seconds counting from "start". |
| 1841 | If "fd" is not -1 it will stop waiting if an ICMP echo reply is received |
| 1842 | from "addr" with ICMP ID "id" and return 1 */ |
| 1843 | |
| 1844 | /* Note that whilst waiting, we check for |
| 1845 | (and service) events on the DNS and TFTP sockets, (so doing that |
| 1846 | better not use any resources our caller has in use...) |
| 1847 | but we remain deaf to signals or further DHCP packets. */ |
| 1848 | |
| 1849 | /* There can be a problem using dnsmasq_time() to end the loop, since |
| 1850 | it's not monotonic, and can go backwards if the system clock is |
| 1851 | tweaked, leading to the code getting stuck in this loop and |
| 1852 | ignoring DHCP requests. To fix this, we check to see if select returned |
| 1853 | as a result of a timeout rather than a socket becoming available. We |
| 1854 | only allow this to happen as many times as it takes to get to the wait time |
| 1855 | in quarter-second chunks. This provides a fallback way to end loop. */ |
| 1856 | |
| 1857 | int rc, timeout_count; |
| 1858 | time_t now; |
| 1859 | |
| 1860 | for (now = dnsmasq_time(), timeout_count = 0; |
| 1861 | (difftime(now, start) <= (float)sec) && (timeout_count < sec * 4);) |
Simon Kelley | fd9fa48 | 2004-10-21 20:24:00 +0100 | [diff] [blame] | 1862 | { |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1863 | poll_reset(); |
Floris Bos | 503c609 | 2017-04-09 23:07:13 +0100 | [diff] [blame] | 1864 | if (fd != -1) |
| 1865 | poll_listen(fd, POLLIN); |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1866 | set_dns_listeners(now); |
| 1867 | set_log_writer(); |
Simon Kelley | c5ad4e7 | 2012-02-24 16:06:20 +0000 | [diff] [blame] | 1868 | |
| 1869 | #ifdef HAVE_DHCP6 |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 1870 | if (daemon->doing_ra) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1871 | poll_listen(daemon->icmp6fd, POLLIN); |
Simon Kelley | c5ad4e7 | 2012-02-24 16:06:20 +0000 | [diff] [blame] | 1872 | #endif |
| 1873 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1874 | rc = do_poll(250); |
Simon Kelley | 5e95a55 | 2015-07-05 22:31:30 +0100 | [diff] [blame] | 1875 | |
| 1876 | if (rc < 0) |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1877 | continue; |
Simon Kelley | 5e95a55 | 2015-07-05 22:31:30 +0100 | [diff] [blame] | 1878 | else if (rc == 0) |
| 1879 | timeout_count++; |
Simon Kelley | f2621c7 | 2007-04-29 19:47:21 +0100 | [diff] [blame] | 1880 | |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1881 | now = dnsmasq_time(); |
Floris Bos | 503c609 | 2017-04-09 23:07:13 +0100 | [diff] [blame] | 1882 | |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1883 | check_log_writer(0); |
| 1884 | check_dns_listeners(now); |
Floris Bos | 503c609 | 2017-04-09 23:07:13 +0100 | [diff] [blame] | 1885 | |
Simon Kelley | c5ad4e7 | 2012-02-24 16:06:20 +0000 | [diff] [blame] | 1886 | #ifdef HAVE_DHCP6 |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1887 | if (daemon->doing_ra && poll_check(daemon->icmp6fd, POLLIN)) |
Simon Kelley | 1f77693 | 2012-12-16 19:46:08 +0000 | [diff] [blame] | 1888 | icmp6_packet(now); |
Simon Kelley | c5ad4e7 | 2012-02-24 16:06:20 +0000 | [diff] [blame] | 1889 | #endif |
| 1890 | |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1891 | #ifdef HAVE_TFTP |
Simon Kelley | b842bc9 | 2015-07-12 21:09:11 +0100 | [diff] [blame] | 1892 | check_tftp_listeners(now); |
Simon Kelley | 832af0b | 2007-01-21 20:01:28 +0000 | [diff] [blame] | 1893 | #endif |
| 1894 | |
Floris Bos | 503c609 | 2017-04-09 23:07:13 +0100 | [diff] [blame] | 1895 | if (fd != -1) |
| 1896 | { |
| 1897 | struct { |
| 1898 | struct ip ip; |
| 1899 | struct icmp icmp; |
| 1900 | } packet; |
| 1901 | struct sockaddr_in faddr; |
| 1902 | socklen_t len = sizeof(faddr); |
| 1903 | |
| 1904 | if (poll_check(fd, POLLIN) && |
| 1905 | recvfrom(fd, &packet, sizeof(packet), 0, (struct sockaddr *)&faddr, &len) == sizeof(packet) && |
| 1906 | addr == faddr.sin_addr.s_addr && |
| 1907 | packet.icmp.icmp_type == ICMP_ECHOREPLY && |
| 1908 | packet.icmp.icmp_seq == 0 && |
| 1909 | packet.icmp.icmp_id == id) |
| 1910 | return 1; |
Simon Kelley | fd9fa48 | 2004-10-21 20:24:00 +0100 | [diff] [blame] | 1911 | } |
| 1912 | } |
Simon Kelley | 5e9e0ef | 2006-04-17 14:24:29 +0100 | [diff] [blame] | 1913 | |
Floris Bos | 503c609 | 2017-04-09 23:07:13 +0100 | [diff] [blame] | 1914 | return 0; |
Simon Kelley | 3be3454 | 2004-09-11 19:12:13 +0100 | [diff] [blame] | 1915 | } |
Simon Kelley | 7622fc0 | 2009-06-04 20:32:05 +0100 | [diff] [blame] | 1916 | #endif |
Simon Kelley | 0a85254 | 2005-03-23 20:28:59 +0000 | [diff] [blame] | 1917 | |
| 1918 | |