source: src/router/dnsmasq/src/dnsmasq.c @ 31441

Last change on this file since 31441 was 31441, checked in by brainslayer, 3 months ago

latest dnsmasq code

File size: 49.2 KB
Line 
1/* dnsmasq is Copyright (c) 2000-2016 Simon Kelley
2
3   This program is free software; you can redistribute it and/or modify
4   it under the terms of the GNU General Public License as published by
5   the Free Software Foundation; version 2 dated June, 1991, or
6   (at your option) version 3 dated 29 June, 2007.
7 
8   This program is distributed in the hope that it will be useful,
9   but WITHOUT ANY WARRANTY; without even the implied warranty of
10   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
11   GNU General Public License for more details.
12     
13   You should have received a copy of the GNU General Public License
14   along with this program.  If not, see <http://www.gnu.org/licenses/>.
15*/
16
17/* Declare static char *compiler_opts  in config.h */
18#define DNSMASQ_COMPILE_OPTS
19
20#include "dnsmasq.h"
21
22struct daemon *daemon;
23
24static volatile pid_t pid = 0;
25static volatile int pipewrite;
26
27static int set_dns_listeners(time_t now);
28static void check_dns_listeners(time_t now);
29static void sig_handler(int sig);
30static void async_event(int pipe, time_t now);
31static void fatal_event(struct event_desc *ev, char *msg);
32static int read_event(int fd, struct event_desc *evp, char **msg);
33static void poll_resolv(int force, int do_reload, time_t now);
34
35int main (int argc, char **argv)
36{
37  int bind_fallback = 0;
38  time_t now;
39  struct sigaction sigact;
40  struct iname *if_tmp;
41  int piperead, pipefd[2], err_pipe[2];
42  struct passwd *ent_pw = NULL;
43#if defined(HAVE_SCRIPT)
44  uid_t script_uid = 0;
45  gid_t script_gid = 0;
46#endif
47  struct group *gp = NULL;
48  long i, max_fd = sysconf(_SC_OPEN_MAX);
49  char *baduser = NULL;
50  int log_err;
51#if defined(HAVE_LINUX_NETWORK)
52  cap_user_header_t hdr = NULL;
53  cap_user_data_t data = NULL;
54  char *bound_device = NULL;
55  int did_bind = 0;
56#endif
57#if defined(HAVE_DHCP) || defined(HAVE_DHCP6)
58  struct dhcp_context *context;
59  struct dhcp_relay *relay;
60#endif
61#ifdef HAVE_TFTP
62  int tftp_prefix_missing = 0;
63#endif
64
65#ifdef LOCALEDIR
66  setlocale(LC_ALL, "");
67  bindtextdomain("dnsmasq", LOCALEDIR);
68  textdomain("dnsmasq");
69#endif
70
71  sigact.sa_handler = sig_handler;
72  sigact.sa_flags = 0;
73  sigemptyset(&sigact.sa_mask);
74  sigaction(SIGUSR1, &sigact, NULL);
75  sigaction(SIGUSR2, &sigact, NULL);
76  sigaction(SIGHUP, &sigact, NULL);
77  sigaction(SIGTERM, &sigact, NULL);
78  sigaction(SIGALRM, &sigact, NULL);
79  sigaction(SIGCHLD, &sigact, NULL);
80
81  /* ignore SIGPIPE */
82  sigact.sa_handler = SIG_IGN;
83  sigaction(SIGPIPE, &sigact, NULL);
84
85  umask(022); /* known umask, create leases and pid files as 0644 */
86 
87  rand_init(); /* Must precede read_opts() */
88 
89  read_opts(argc, argv, compile_opts);
90 
91  if (daemon->edns_pktsz < PACKETSZ)
92    daemon->edns_pktsz = PACKETSZ;
93
94  /* Min buffer size: we check after adding each record, so there must be
95     memory for the largest packet, and the largest record so the
96     min for DNS is PACKETSZ+MAXDNAME+RRFIXEDSZ which is < 1000.
97     This might be increased is EDNS packet size if greater than the minimum. */
98  daemon->packet_buff_sz = daemon->edns_pktsz + MAXDNAME + RRFIXEDSZ;
99  daemon->packet = safe_malloc(daemon->packet_buff_sz);
100 
101  daemon->addrbuff = safe_malloc(ADDRSTRLEN);
102  if (option_bool(OPT_EXTRALOG))
103    daemon->addrbuff2 = safe_malloc(ADDRSTRLEN);
104 
105#ifdef HAVE_DNSSEC
106  if (option_bool(OPT_DNSSEC_VALID))
107    {
108      /* Note that both /000 and '.' are allowed within labels. These get
109         represented in presentation format using NAME_ESCAPE as an escape
110         character when in DNSSEC mode.
111         In theory, if all the characters in a name were /000 or
112         '.' or NAME_ESCAPE then all would have to be escaped, so the
113         presentation format would be twice as long as the spec.
114
115         daemon->namebuff was previously allocated by the option-reading
116         code before we knew if we're in DNSSEC mode, so reallocate here. */
117      free(daemon->namebuff);
118      daemon->namebuff = safe_malloc(MAXDNAME * 2);
119      daemon->keyname = safe_malloc(MAXDNAME * 2);
120      daemon->workspacename = safe_malloc(MAXDNAME * 2);
121    }
122#endif
123
124#ifdef HAVE_DHCP
125  if (!daemon->lease_file)
126    {
127      if (daemon->dhcp || daemon->dhcp6)
128        daemon->lease_file = LEASEFILE;
129    }
130#endif
131 
132  /* Close any file descriptors we inherited apart from std{in|out|err}
133     
134     Ensure that at least stdin, stdout and stderr (fd 0, 1, 2) exist,
135     otherwise file descriptors we create can end up being 0, 1, or 2
136     and then get accidentally closed later when we make 0, 1, and 2
137     open to /dev/null. Normally we'll be started with 0, 1 and 2 open,
138     but it's not guaranteed. By opening /dev/null three times, we
139     ensure that we're not using those fds for real stuff. */
140  for (i = 0; i < max_fd; i++)
141    if (i != STDOUT_FILENO && i != STDERR_FILENO && i != STDIN_FILENO)
142      close(i);
143    else
144      open("/dev/null", O_RDWR);
145
146#ifndef HAVE_LINUX_NETWORK
147#  if !(defined(IP_RECVDSTADDR) && defined(IP_RECVIF) && defined(IP_SENDSRCADDR))
148  if (!option_bool(OPT_NOWILD))
149    {
150      bind_fallback = 1;
151      set_option_bool(OPT_NOWILD);
152    }
153#  endif
154 
155  /* -- bind-dynamic not supported on !Linux, fall back to --bind-interfaces */
156  if (option_bool(OPT_CLEVERBIND))
157    {
158      bind_fallback = 1;
159      set_option_bool(OPT_NOWILD);
160      reset_option_bool(OPT_CLEVERBIND);
161    }
162#endif
163
164#ifndef HAVE_INOTIFY
165  if (daemon->dynamic_dirs)
166    die(_("dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"), NULL, EC_BADCONF);
167#endif
168 
169  if (option_bool(OPT_DNSSEC_VALID))
170    {
171#ifdef HAVE_DNSSEC
172      struct ds_config *ds;
173
174      /* Must have at least a root trust anchor, or the DNSSEC code
175         can loop forever. */
176      for (ds = daemon->ds; ds; ds = ds->next)
177        if (ds->name[0] == 0)
178          break;
179
180      if (!ds)
181        die(_("no root trust anchor provided for DNSSEC"), NULL, EC_BADCONF);
182     
183      if (daemon->cachesize < CACHESIZ)
184        die(_("cannot reduce cache size from default when DNSSEC enabled"), NULL, EC_BADCONF);
185#else
186      die(_("DNSSEC not available: set HAVE_DNSSEC in src/config.h"), NULL, EC_BADCONF);
187#endif
188    }
189
190#ifndef HAVE_TFTP
191  if (option_bool(OPT_TFTP))
192    die(_("TFTP server not available: set HAVE_TFTP in src/config.h"), NULL, EC_BADCONF);
193#endif
194
195#ifdef HAVE_CONNTRACK
196  if (option_bool(OPT_CONNTRACK) && (daemon->query_port != 0 || daemon->osport))
197    die (_("cannot use --conntrack AND --query-port"), NULL, EC_BADCONF);
198#else
199  if (option_bool(OPT_CONNTRACK))
200    die(_("conntrack support not available: set HAVE_CONNTRACK in src/config.h"), NULL, EC_BADCONF);
201#endif
202
203#ifdef HAVE_SOLARIS_NETWORK
204  if (daemon->max_logs != 0)
205    die(_("asynchronous logging is not available under Solaris"), NULL, EC_BADCONF);
206#endif
207 
208#ifdef __ANDROID__
209  if (daemon->max_logs != 0)
210    die(_("asynchronous logging is not available under Android"), NULL, EC_BADCONF);
211#endif
212
213#ifndef HAVE_AUTH
214  if (daemon->authserver)
215    die(_("authoritative DNS not available: set HAVE_AUTH in src/config.h"), NULL, EC_BADCONF);
216#endif
217
218#ifndef HAVE_LOOP
219  if (option_bool(OPT_LOOP_DETECT))
220    die(_("loop detection not available: set HAVE_LOOP in src/config.h"), NULL, EC_BADCONF);
221#endif
222
223  if (daemon->max_port != MAX_PORT && daemon->min_port == 0)
224    daemon->min_port = 1024u;
225
226  if (daemon->max_port < daemon->min_port)
227    die(_("max_port cannot be smaller than min_port"), NULL, EC_BADCONF);
228
229  now = dnsmasq_time();
230
231  /* Create a serial at startup if not configured. */
232  if (daemon->authinterface && daemon->soa_sn == 0)
233#ifdef HAVE_BROKEN_RTC
234    die(_("zone serial must be configured in --auth-soa"), NULL, EC_BADCONF);
235#else
236  daemon->soa_sn = now;
237#endif
238 
239#ifdef HAVE_DHCP6
240  if (daemon->dhcp6)
241    {
242      daemon->doing_ra = option_bool(OPT_RA);
243     
244      for (context = daemon->dhcp6; context; context = context->next)
245        {
246          if (context->flags & CONTEXT_DHCP)
247            daemon->doing_dhcp6 = 1;
248          if (context->flags & CONTEXT_RA)
249            daemon->doing_ra = 1;
250#if !defined(HAVE_LINUX_NETWORK) && !defined(HAVE_BSD_NETWORK)
251          if (context->flags & CONTEXT_TEMPLATE)
252            die (_("dhcp-range constructor not available on this platform"), NULL, EC_BADCONF);
253#endif
254        }
255    }
256#endif
257 
258#ifdef HAVE_DHCP
259  /* Note that order matters here, we must call lease_init before
260     creating any file descriptors which shouldn't be leaked
261     to the lease-script init process. We need to call common_init
262     before lease_init to allocate buffers it uses.
263     The script subsystem relies on DHCP buffers, hence the last two
264     conditions below. */ 
265  if (daemon->dhcp || daemon->doing_dhcp6 || daemon->relay4 ||
266      daemon->relay6 || option_bool(OPT_TFTP) || option_bool(OPT_SCRIPT_ARP))
267    {
268      dhcp_common_init();
269      if (daemon->dhcp || daemon->doing_dhcp6)
270        lease_init(now);
271    }
272 
273  if (daemon->dhcp || daemon->relay4)
274    dhcp_init();
275 
276#  ifdef HAVE_DHCP6
277  if (daemon->doing_ra || daemon->doing_dhcp6 || daemon->relay6)
278    ra_init(now);
279 
280  if (daemon->doing_dhcp6 || daemon->relay6)
281    dhcp6_init();
282#  endif
283
284#endif
285
286#ifdef HAVE_IPSET
287  if (daemon->ipsets)
288    ipset_init();
289#endif
290
291#if  defined(HAVE_LINUX_NETWORK)
292  netlink_init();
293#elif defined(HAVE_BSD_NETWORK)
294  route_init();
295#endif
296
297  if (option_bool(OPT_NOWILD) && option_bool(OPT_CLEVERBIND))
298    die(_("cannot set --bind-interfaces and --bind-dynamic"), NULL, EC_BADCONF);
299 
300  if (!enumerate_interfaces(1) || !enumerate_interfaces(0))
301    die(_("failed to find list of interfaces: %s"), NULL, EC_MISC);
302 
303  if (option_bool(OPT_NOWILD) || option_bool(OPT_CLEVERBIND))
304    {
305      create_bound_listeners(1);
306     
307      if (!option_bool(OPT_CLEVERBIND))
308        for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
309          if (if_tmp->name && !if_tmp->used)
310            die(_("unknown interface %s"), if_tmp->name, EC_BADNET);
311
312#if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP)
313      /* after enumerate_interfaces()  */
314      bound_device = whichdevice();
315     
316      if (daemon->dhcp)
317        {
318          if (!daemon->relay4 && bound_device)
319            {
320              bindtodevice(bound_device, daemon->dhcpfd);
321              did_bind = 1;
322            }
323          if (daemon->enable_pxe && bound_device)
324            {
325              bindtodevice(bound_device, daemon->pxefd);
326              did_bind = 1;
327            }
328        }
329#endif
330
331#if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP6)
332      if (daemon->doing_dhcp6 && !daemon->relay6 && bound_device)
333        {
334          bindtodevice(bound_device, daemon->dhcp6fd);
335          did_bind = 1;
336        }
337#endif
338    }
339  else
340    create_wildcard_listeners();
341 
342#ifdef HAVE_DHCP6
343  /* after enumerate_interfaces() */
344  if (daemon->doing_dhcp6 || daemon->relay6 || daemon->doing_ra)
345    join_multicast(1);
346
347  /* After netlink_init() and before create_helper() */
348  lease_make_duid(now);
349#endif
350 
351  if (daemon->port != 0)
352    {
353      cache_init();
354
355#ifdef HAVE_DNSSEC
356      blockdata_init();
357#endif
358    }
359
360#ifdef HAVE_INOTIFY
361  if (daemon->port != 0 || daemon->dhcp || daemon->doing_dhcp6)
362    inotify_dnsmasq_init();
363  else
364    daemon->inotifyfd = -1;
365#endif
366       
367  if (option_bool(OPT_DBUS))
368#ifdef HAVE_DBUS
369    {
370      char *err;
371      daemon->dbus = NULL;
372      daemon->watches = NULL;
373      if ((err = dbus_init()))
374        die(_("DBus error: %s"), err, EC_MISC);
375    }
376#else
377  die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL, EC_BADCONF);
378#endif
379
380  if (daemon->port != 0)
381    pre_allocate_sfds();
382
383#if defined(HAVE_SCRIPT)
384  /* Note getpwnam returns static storage */
385  if ((daemon->dhcp || daemon->dhcp6) &&
386      daemon->scriptuser &&
387      (daemon->lease_change_command || daemon->luascript))
388    {
389      if ((ent_pw = getpwnam(daemon->scriptuser)))
390        {
391          script_uid = ent_pw->pw_uid;
392          script_gid = ent_pw->pw_gid;
393         }
394      else
395        baduser = daemon->scriptuser;
396    }
397#endif
398 
399  if (daemon->username && !(ent_pw = getpwnam(daemon->username)))
400    baduser = daemon->username;
401  else if (daemon->groupname && !(gp = getgrnam(daemon->groupname)))
402    baduser = daemon->groupname;
403
404  if (baduser)
405    die(_("unknown user or group: %s"), baduser, EC_BADCONF);
406
407  /* implement group defaults, "dip" if available, or group associated with uid */
408  if (!daemon->group_set && !gp)
409    {
410      if (!(gp = getgrnam(CHGRP)) && ent_pw)
411        gp = getgrgid(ent_pw->pw_gid);
412     
413      /* for error message */
414      if (gp)
415        daemon->groupname = gp->gr_name;
416    }
417
418#if defined(HAVE_LINUX_NETWORK)
419  /* determine capability API version here, while we can still
420     call safe_malloc */
421  if (ent_pw && ent_pw->pw_uid != 0)
422    {
423      int capsize = 1; /* for header version 1 */
424      hdr = safe_malloc(sizeof(*hdr));
425
426      /* find version supported by kernel */
427      memset(hdr, 0, sizeof(*hdr));
428      capget(hdr, NULL);
429     
430      if (hdr->version != LINUX_CAPABILITY_VERSION_1)
431        {
432          /* if unknown version, use largest supported version (3) */
433          if (hdr->version != LINUX_CAPABILITY_VERSION_2)
434            hdr->version = LINUX_CAPABILITY_VERSION_3;
435          capsize = 2;
436        }
437     
438      data = safe_malloc(sizeof(*data) * capsize);
439      memset(data, 0, sizeof(*data) * capsize);
440    }
441#endif
442
443  /* Use a pipe to carry signals and other events back to the event loop
444     in a race-free manner and another to carry errors to daemon-invoking process */
445  safe_pipe(pipefd, 1);
446 
447  piperead = pipefd[0];
448  pipewrite = pipefd[1];
449  /* prime the pipe to load stuff first time. */
450  send_event(pipewrite, EVENT_INIT, 0, NULL);
451
452  err_pipe[1] = -1;
453 
454  if (!option_bool(OPT_DEBUG))   
455    {
456      /* The following code "daemonizes" the process.
457         See Stevens section 12.4 */
458     
459      if (chdir("/") != 0)
460        die(_("cannot chdir to filesystem root: %s"), NULL, EC_MISC);
461
462#ifndef NO_FORK     
463      if (!option_bool(OPT_NO_FORK))
464        {
465          pid_t pid;
466         
467          /* pipe to carry errors back to original process.
468             When startup is complete we close this and the process terminates. */
469          safe_pipe(err_pipe, 0);
470         
471          if ((pid = fork()) == -1)
472            /* fd == -1 since we've not forked, never returns. */
473            send_event(-1, EVENT_FORK_ERR, errno, NULL);
474           
475          if (pid != 0)
476            {
477              struct event_desc ev;
478              char *msg;
479
480              /* close our copy of write-end */
481              while (retry_send(close(err_pipe[1])));
482             
483              /* check for errors after the fork */
484              if (read_event(err_pipe[0], &ev, &msg))
485                fatal_event(&ev, msg);
486             
487              _exit(EC_GOOD);
488            }
489         
490          while (retry_send(close(err_pipe[0])));
491
492          /* NO calls to die() from here on. */
493         
494          setsid();
495         
496          if ((pid = fork()) == -1)
497            send_event(err_pipe[1], EVENT_FORK_ERR, errno, NULL);
498         
499          if (pid != 0)
500            _exit(0);
501        }
502#endif
503           
504      /* write pidfile _after_ forking ! */
505      if (daemon->runfile)
506        {
507          int fd, err = 0;
508
509          sprintf(daemon->namebuff, "%d\n", (int) getpid());
510
511          /* Explanation: Some installations of dnsmasq (eg Debian/Ubuntu) locate the pid-file
512             in a directory which is writable by the non-privileged user that dnsmasq runs as. This
513             allows the daemon to delete the file as part of its shutdown. This is a security hole to the
514             extent that an attacker running as the unprivileged  user could replace the pidfile with a
515             symlink, and have the target of that symlink overwritten as root next time dnsmasq starts.
516
517             The following code first deletes any existing file, and then opens it with the O_EXCL flag,
518             ensuring that the open() fails should there be any existing file (because the unlink() failed,
519             or an attacker exploited the race between unlink() and open()). This ensures that no symlink
520             attack can succeed.
521
522             Any compromise of the non-privileged user still theoretically allows the pid-file to be
523             replaced whilst dnsmasq is running. The worst that could allow is that the usual
524             "shutdown dnsmasq" shell command could be tricked into stopping any other process.
525
526             Note that if dnsmasq is started as non-root (eg for testing) it silently ignores
527             failure to write the pid-file.
528          */
529
530          unlink(daemon->runfile);
531         
532          if ((fd = open(daemon->runfile, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH)) == -1)
533            {
534              /* only complain if started as root */
535              if (getuid() == 0)
536                err = 1;
537            }
538          else
539            {
540              if (!read_write(fd, (unsigned char *)daemon->namebuff, strlen(daemon->namebuff), 0))
541                err = 1;
542              else
543                {
544                  while (retry_send(close(fd)));
545                  if (errno != 0)
546                    err = 1;
547                }
548            }
549
550          if (err)
551            {
552              send_event(err_pipe[1], EVENT_PIDFILE, errno, daemon->runfile);
553              _exit(0);
554            }
555        }
556    }
557 
558   log_err = log_start(ent_pw, err_pipe[1]);
559
560   if (!option_bool(OPT_DEBUG))
561     {       
562       /* open  stdout etc to /dev/null */
563       int nullfd = open("/dev/null", O_RDWR);
564       if (nullfd != -1)
565         {
566           dup2(nullfd, STDOUT_FILENO);
567           dup2(nullfd, STDERR_FILENO);
568           dup2(nullfd, STDIN_FILENO);
569           close(nullfd);
570         }
571     }
572   
573   /* if we are to run scripts, we need to fork a helper before dropping root. */
574  daemon->helperfd = -1;
575#ifdef HAVE_SCRIPT
576  if ((daemon->dhcp || daemon->dhcp6 || option_bool(OPT_TFTP) || option_bool(OPT_SCRIPT_ARP)) &&
577      (daemon->lease_change_command || daemon->luascript))
578      daemon->helperfd = create_helper(pipewrite, err_pipe[1], script_uid, script_gid, max_fd);
579#endif
580
581  if (!option_bool(OPT_DEBUG) && getuid() == 0)   
582    {
583      int bad_capabilities = 0;
584      gid_t dummy;
585     
586      /* remove all supplementary groups */
587      if (gp &&
588          (setgroups(0, &dummy) == -1 ||
589           setgid(gp->gr_gid) == -1))
590        {
591          send_event(err_pipe[1], EVENT_GROUP_ERR, errno, daemon->groupname);
592          _exit(0);
593        }
594 
595      if (ent_pw && ent_pw->pw_uid != 0)
596        {     
597#if defined(HAVE_LINUX_NETWORK)   
598          /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
599             CAP_NET_RAW (for icmp) if we're doing dhcp. If we have yet to bind
600             ports because of DAD, or we're doing it dynamically,
601             we need CAP_NET_BIND_SERVICE too. */
602          if (is_dad_listeners() || option_bool(OPT_CLEVERBIND))
603            data->effective = data->permitted = data->inheritable =
604              (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) |
605              (1 << CAP_SETUID) | (1 << CAP_NET_BIND_SERVICE);
606          else
607            data->effective = data->permitted = data->inheritable =
608              (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID);
609         
610          /* Tell kernel to not clear capabilities when dropping root */
611          if (capset(hdr, data) == -1 || prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1)
612            bad_capabilities = errno;
613                         
614#elif defined(HAVE_SOLARIS_NETWORK)
615          /* http://developers.sun.com/solaris/articles/program_privileges.html */
616          priv_set_t *priv_set;
617         
618          if (!(priv_set = priv_str_to_set("basic", ",", NULL)) ||
619              priv_addset(priv_set, PRIV_NET_ICMPACCESS) == -1 ||
620              priv_addset(priv_set, PRIV_SYS_NET_CONFIG) == -1)
621            bad_capabilities = errno;
622
623          if (priv_set && bad_capabilities == 0)
624            {
625              priv_inverse(priv_set);
626         
627              if (setppriv(PRIV_OFF, PRIV_LIMIT, priv_set) == -1)
628                bad_capabilities = errno;
629            }
630
631          if (priv_set)
632            priv_freeset(priv_set);
633
634#endif   
635
636          if (bad_capabilities != 0)
637            {
638              send_event(err_pipe[1], EVENT_CAP_ERR, bad_capabilities, NULL);
639              _exit(0);
640            }
641         
642          /* finally drop root */
643          if (setuid(ent_pw->pw_uid) == -1)
644            {
645              send_event(err_pipe[1], EVENT_USER_ERR, errno, daemon->username);
646              _exit(0);
647            }     
648
649#ifdef HAVE_LINUX_NETWORK
650          if (is_dad_listeners() || option_bool(OPT_CLEVERBIND))
651           data->effective = data->permitted =
652             (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_NET_BIND_SERVICE);
653         else
654           data->effective = data->permitted =
655             (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW);
656          data->inheritable = 0;
657         
658          /* lose the setuid and setgid capabilities */
659          if (capset(hdr, data) == -1)
660            {
661              send_event(err_pipe[1], EVENT_CAP_ERR, errno, NULL);
662              _exit(0);
663            }
664#endif
665         
666        }
667    }
668 
669#ifdef HAVE_LINUX_NETWORK
670  free(hdr);
671  free(data);
672  if (option_bool(OPT_DEBUG))
673    prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
674#endif
675
676#ifdef HAVE_TFTP
677  if (option_bool(OPT_TFTP))
678    {
679      DIR *dir;
680      struct tftp_prefix *p;
681     
682      if (daemon->tftp_prefix)
683        {
684          if (!((dir = opendir(daemon->tftp_prefix))))
685            {
686              tftp_prefix_missing = 1;
687              if (!option_bool(OPT_TFTP_NO_FAIL))
688                {
689                  send_event(err_pipe[1], EVENT_TFTP_ERR, errno, daemon->tftp_prefix);
690                  _exit(0);
691                }
692            }
693          else
694            closedir(dir);
695        }
696
697      for (p = daemon->if_prefix; p; p = p->next)
698        {
699          p->missing = 0;
700          if (!((dir = opendir(p->prefix))))
701            {
702              p->missing = 1;
703              if (!option_bool(OPT_TFTP_NO_FAIL))
704                {
705                  send_event(err_pipe[1], EVENT_TFTP_ERR, errno, p->prefix);
706                  _exit(0);
707                }
708            }
709          else
710            closedir(dir);
711        }
712    }
713#endif
714
715  if (daemon->port == 0)
716    my_syslog(LOG_INFO, _("started, version %s DNS disabled"), VERSION);
717  else
718    {
719      if (daemon->cachesize != 0)
720        my_syslog(LOG_INFO, _("started, version %s cachesize %d"), VERSION, daemon->cachesize);
721      else
722        my_syslog(LOG_INFO, _("started, version %s cache disabled"), VERSION);
723
724      if (option_bool(OPT_LOCAL_SERVICE))
725        my_syslog(LOG_INFO, _("DNS service limited to local subnets"));
726    }
727 
728  my_syslog(LOG_INFO, _("compile time options: %s"), compile_opts);
729 
730#ifdef HAVE_DBUS
731  if (option_bool(OPT_DBUS))
732    {
733      if (daemon->dbus)
734        my_syslog(LOG_INFO, _("DBus support enabled: connected to system bus"));
735      else
736        my_syslog(LOG_INFO, _("DBus support enabled: bus connection pending"));
737    }
738#endif
739
740#ifdef HAVE_DNSSEC
741  if (option_bool(OPT_DNSSEC_VALID))
742    {
743      int rc;
744
745      /* Delay creating the timestamp file until here, after we've changed user, so that
746         it has the correct owner to allow updating the mtime later.
747         This means we have to report fatal errors via the pipe. */
748      if ((rc = setup_timestamp()) == -1)
749        {
750          send_event(err_pipe[1], EVENT_TIME_ERR, errno, daemon->timestamp_file);
751          _exit(0);
752        }
753     
754      my_syslog(LOG_INFO, _("DNSSEC validation enabled"));
755     
756      daemon->dnssec_no_time_check = option_bool(OPT_DNSSEC_TIME);
757      if (option_bool(OPT_DNSSEC_TIME) && !daemon->back_to_the_future)
758        my_syslog(LOG_INFO, _("DNSSEC signature timestamps not checked until first cache reload"));
759     
760      if (rc == 1)
761        my_syslog(LOG_INFO, _("DNSSEC signature timestamps not checked until system time valid"));
762    }
763#endif
764
765  if (log_err != 0)
766    my_syslog(LOG_WARNING, _("warning: failed to change owner of %s: %s"),
767              daemon->log_file, strerror(log_err));
768 
769  if (bind_fallback)
770    my_syslog(LOG_WARNING, _("setting --bind-interfaces option because of OS limitations"));
771
772  if (option_bool(OPT_NOWILD))
773    warn_bound_listeners();
774
775  warn_int_names();
776 
777  if (!option_bool(OPT_NOWILD))
778    for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
779      if (if_tmp->name && !if_tmp->used)
780        my_syslog(LOG_WARNING, _("warning: interface %s does not currently exist"), if_tmp->name);
781   
782  if (daemon->port != 0 && option_bool(OPT_NO_RESOLV))
783    {
784      if (daemon->resolv_files && !daemon->resolv_files->is_default)
785        my_syslog(LOG_WARNING, _("warning: ignoring resolv-file flag because no-resolv is set"));
786      daemon->resolv_files = NULL;
787      if (!daemon->servers)
788        my_syslog(LOG_WARNING, _("warning: no upstream servers configured"));
789    }
790
791  if (daemon->max_logs != 0)
792    my_syslog(LOG_INFO, _("asynchronous logging enabled, queue limit is %d messages"), daemon->max_logs);
793 
794
795#ifdef HAVE_DHCP
796  for (context = daemon->dhcp; context; context = context->next)
797    log_context(AF_INET, context);
798
799  for (relay = daemon->relay4; relay; relay = relay->next)
800    log_relay(AF_INET, relay);
801
802#  ifdef HAVE_DHCP6
803  for (context = daemon->dhcp6; context; context = context->next)
804    log_context(AF_INET6, context);
805
806  for (relay = daemon->relay6; relay; relay = relay->next)
807    log_relay(AF_INET6, relay);
808 
809  if (daemon->doing_dhcp6 || daemon->doing_ra)
810    dhcp_construct_contexts(now);
811 
812  if (option_bool(OPT_RA))
813    my_syslog(MS_DHCP | LOG_INFO, _("IPv6 router advertisement enabled"));
814#  endif
815
816#  ifdef HAVE_LINUX_NETWORK
817  if (did_bind)
818    my_syslog(MS_DHCP | LOG_INFO, _("DHCP, sockets bound exclusively to interface %s"), bound_device);
819#  endif
820
821  /* after dhcp_construct_contexts */
822  if (daemon->dhcp || daemon->doing_dhcp6)
823    lease_find_interfaces(now);
824#endif
825
826#ifdef HAVE_TFTP
827  if (option_bool(OPT_TFTP))
828    {
829      struct tftp_prefix *p;
830
831      my_syslog(MS_TFTP | LOG_INFO, "TFTP %s%s %s",
832                daemon->tftp_prefix ? _("root is ") : _("enabled"),
833                daemon->tftp_prefix ? daemon->tftp_prefix: "",
834                option_bool(OPT_TFTP_SECURE) ? _("secure mode") : "");
835
836      if (tftp_prefix_missing)
837        my_syslog(MS_TFTP | LOG_WARNING, _("warning: %s inaccessible"), daemon->tftp_prefix);
838
839      for (p = daemon->if_prefix; p; p = p->next)
840        if (p->missing)
841           my_syslog(MS_TFTP | LOG_WARNING, _("warning: TFTP directory %s inaccessible"), p->prefix);
842
843      /* This is a guess, it assumes that for small limits,
844         disjoint files might be served, but for large limits,
845         a single file will be sent to may clients (the file only needs
846         one fd). */
847
848      max_fd -= 30; /* use other than TFTP */
849     
850      if (max_fd < 0)
851        max_fd = 5;
852      else if (max_fd < 100)
853        max_fd = max_fd/2;
854      else
855        max_fd = max_fd - 20;
856     
857      /* if we have to use a limited range of ports,
858         that will limit the number of transfers */
859      if (daemon->start_tftp_port != 0 &&
860          daemon->end_tftp_port - daemon->start_tftp_port + 1 < max_fd)
861        max_fd = daemon->end_tftp_port - daemon->start_tftp_port + 1;
862
863      if (daemon->tftp_max > max_fd)
864        {
865          daemon->tftp_max = max_fd;
866          my_syslog(MS_TFTP | LOG_WARNING,
867                    _("restricting maximum simultaneous TFTP transfers to %d"),
868                    daemon->tftp_max);
869        }
870    }
871#endif
872
873  /* finished start-up - release original process */
874  if (err_pipe[1] != -1)
875    while (retry_send(close(err_pipe[1])));
876 
877  if (daemon->port != 0)
878    check_servers();
879 
880  pid = getpid();
881 
882#ifdef HAVE_INOTIFY
883  /* Using inotify, have to select a resolv file at startup */
884  poll_resolv(1, 0, now);
885#endif
886 
887  while (1)
888    {
889      int t, timeout = -1;
890     
891      poll_reset();
892     
893      /* if we are out of resources, find how long we have to wait
894         for some to come free, we'll loop around then and restart
895         listening for queries */
896      if ((t = set_dns_listeners(now)) != 0)
897        timeout = t * 1000;
898
899      /* Whilst polling for the dbus, or doing a tftp transfer, wake every quarter second */
900      if (daemon->tftp_trans ||
901          (option_bool(OPT_DBUS) && !daemon->dbus))
902        timeout = 250;
903
904      /* Wake every second whilst waiting for DAD to complete */
905      else if (is_dad_listeners())
906        timeout = 1000;
907
908#ifdef HAVE_DBUS
909      set_dbus_listeners();
910#endif 
911 
912#ifdef HAVE_DHCP
913      if (daemon->dhcp || daemon->relay4)
914        {
915          poll_listen(daemon->dhcpfd, POLLIN);
916          if (daemon->pxefd != -1)
917            poll_listen(daemon->pxefd, POLLIN);
918        }
919#endif
920
921#ifdef HAVE_DHCP6
922      if (daemon->doing_dhcp6 || daemon->relay6)
923        poll_listen(daemon->dhcp6fd, POLLIN);
924       
925      if (daemon->doing_ra)
926        poll_listen(daemon->icmp6fd, POLLIN);
927#endif
928   
929#ifdef HAVE_INOTIFY
930      if (daemon->inotifyfd != -1)
931        poll_listen(daemon->inotifyfd, POLLIN);
932#endif
933
934#if defined(HAVE_LINUX_NETWORK)
935      poll_listen(daemon->netlinkfd, POLLIN);
936#elif defined(HAVE_BSD_NETWORK)
937      poll_listen(daemon->routefd, POLLIN);
938#endif
939     
940      poll_listen(piperead, POLLIN);
941
942#ifdef HAVE_SCRIPT
943#    ifdef HAVE_DHCP
944      while (helper_buf_empty() && do_script_run(now));
945#    endif
946
947      /* Refresh cache */
948      if (option_bool(OPT_SCRIPT_ARP))
949        find_mac(NULL, NULL, 0, now);
950      while (helper_buf_empty() && do_arp_script_run());
951
952#    ifdef HAVE_TFTP
953      while (helper_buf_empty() && do_tftp_script_run());
954#    endif
955
956      if (!helper_buf_empty())
957        poll_listen(daemon->helperfd, POLLOUT);
958#else
959      /* need this for other side-effects */
960#    ifdef HAVE_DHCP
961      while (do_script_run(now));
962#    endif
963
964      while (do_arp_script_run());
965
966#    ifdef HAVE_TFTP
967      while (do_tftp_script_run());
968#    endif
969
970#endif
971
972   
973      /* must do this just before select(), when we know no
974         more calls to my_syslog() can occur */
975      set_log_writer();
976     
977      if (do_poll(timeout) < 0)
978        continue;
979     
980      now = dnsmasq_time();
981
982      check_log_writer(0);
983
984      /* prime. */
985      enumerate_interfaces(1);
986
987      /* Check the interfaces to see if any have exited DAD state
988         and if so, bind the address. */
989      if (is_dad_listeners())
990        {
991          enumerate_interfaces(0);
992          /* NB, is_dad_listeners() == 1 --> we're binding interfaces */
993          create_bound_listeners(0);
994          warn_bound_listeners();
995        }
996
997#if defined(HAVE_LINUX_NETWORK)
998      if (poll_check(daemon->netlinkfd, POLLIN))
999        netlink_multicast();
1000#elif defined(HAVE_BSD_NETWORK)
1001      if (poll_check(daemon->routefd, POLLIN))
1002        route_sock();
1003#endif
1004
1005#ifdef HAVE_INOTIFY
1006      if  (daemon->inotifyfd != -1 && poll_check(daemon->inotifyfd, POLLIN) && inotify_check(now))
1007        {
1008          if (daemon->port != 0 && !option_bool(OPT_NO_POLL))
1009            poll_resolv(1, 1, now);
1010        }         
1011#else
1012      /* Check for changes to resolv files once per second max. */
1013      /* Don't go silent for long periods if the clock goes backwards. */
1014      if (daemon->last_resolv == 0 ||
1015          difftime(now, daemon->last_resolv) > 1.0 ||
1016          difftime(now, daemon->last_resolv) < -1.0)
1017        {
1018          /* poll_resolv doesn't need to reload first time through, since
1019             that's queued anyway. */
1020
1021          poll_resolv(0, daemon->last_resolv != 0, now);         
1022          daemon->last_resolv = now;
1023        }
1024#endif
1025
1026      if (poll_check(piperead, POLLIN))
1027        async_event(piperead, now);
1028     
1029#ifdef HAVE_DBUS
1030      /* if we didn't create a DBus connection, retry now. */
1031     if (option_bool(OPT_DBUS) && !daemon->dbus)
1032        {
1033          char *err;
1034          if ((err = dbus_init()))
1035            my_syslog(LOG_WARNING, _("DBus error: %s"), err);
1036          if (daemon->dbus)
1037            my_syslog(LOG_INFO, _("connected to system DBus"));
1038        }
1039      check_dbus_listeners();
1040#endif
1041     
1042      check_dns_listeners(now);
1043
1044#ifdef HAVE_TFTP
1045      check_tftp_listeners(now);
1046#endif     
1047
1048#ifdef HAVE_DHCP
1049      if (daemon->dhcp || daemon->relay4)
1050        {
1051          if (poll_check(daemon->dhcpfd, POLLIN))
1052            dhcp_packet(now, 0);
1053          if (daemon->pxefd != -1 && poll_check(daemon->pxefd, POLLIN))
1054            dhcp_packet(now, 1);
1055        }
1056
1057#ifdef HAVE_DHCP6
1058      if ((daemon->doing_dhcp6 || daemon->relay6) && poll_check(daemon->dhcp6fd, POLLIN))
1059        dhcp6_packet(now);
1060
1061      if (daemon->doing_ra && poll_check(daemon->icmp6fd, POLLIN))
1062        icmp6_packet(now);
1063#endif
1064
1065#  ifdef HAVE_SCRIPT
1066      if (daemon->helperfd != -1 && poll_check(daemon->helperfd, POLLOUT))
1067        helper_write();
1068#  endif
1069#endif
1070
1071    }
1072}
1073
1074static void sig_handler(int sig)
1075{
1076  if (pid == 0)
1077    {
1078      /* ignore anything other than TERM during startup
1079         and in helper proc. (helper ignore TERM too) */
1080      if (sig == SIGTERM)
1081        exit(EC_MISC);
1082    }
1083  else if (pid != getpid())
1084    {
1085      /* alarm is used to kill TCP children after a fixed time. */
1086      if (sig == SIGALRM)
1087        _exit(0);
1088    }
1089  else
1090    {
1091      /* master process */
1092      int event, errsave = errno;
1093     
1094      if (sig == SIGHUP)
1095        event = EVENT_RELOAD;
1096      else if (sig == SIGCHLD)
1097        event = EVENT_CHILD;
1098      else if (sig == SIGALRM)
1099        event = EVENT_ALARM;
1100      else if (sig == SIGTERM)
1101        event = EVENT_TERM;
1102      else if (sig == SIGUSR1)
1103        event = EVENT_DUMP;
1104      else if (sig == SIGUSR2)
1105        event = EVENT_REOPEN;
1106      else
1107        return;
1108
1109      send_event(pipewrite, event, 0, NULL);
1110      errno = errsave;
1111    }
1112}
1113
1114/* now == 0 -> queue immediate callback */
1115void send_alarm(time_t event, time_t now)
1116{
1117  if (now == 0 || event != 0)
1118    {
1119      /* alarm(0) or alarm(-ve) doesn't do what we want.... */
1120      if ((now == 0 || difftime(event, now) <= 0.0))
1121        send_event(pipewrite, EVENT_ALARM, 0, NULL);
1122      else
1123        alarm((unsigned)difftime(event, now));
1124    }
1125}
1126
1127void queue_event(int event)
1128{
1129  send_event(pipewrite, event, 0, NULL);
1130}
1131
1132void send_event(int fd, int event, int data, char *msg)
1133{
1134  struct event_desc ev;
1135  struct iovec iov[2];
1136
1137  ev.event = event;
1138  ev.data = data;
1139  ev.msg_sz = msg ? strlen(msg) : 0;
1140 
1141  iov[0].iov_base = &ev;
1142  iov[0].iov_len = sizeof(ev);
1143  iov[1].iov_base = msg;
1144  iov[1].iov_len = ev.msg_sz;
1145 
1146  /* error pipe, debug mode. */
1147  if (fd == -1)
1148    fatal_event(&ev, msg);
1149  else
1150    /* pipe is non-blocking and struct event_desc is smaller than
1151       PIPE_BUF, so this either fails or writes everything */
1152    while (writev(fd, iov, msg ? 2 : 1) == -1 && errno == EINTR);
1153}
1154
1155/* NOTE: the memory used to return msg is leaked: use msgs in events only
1156   to describe fatal errors. */
1157static int read_event(int fd, struct event_desc *evp, char **msg)
1158{
1159  char *buf;
1160
1161  if (!read_write(fd, (unsigned char *)evp, sizeof(struct event_desc), 1))
1162    return 0;
1163 
1164  *msg = NULL;
1165 
1166  if (evp->msg_sz != 0 &&
1167      (buf = malloc(evp->msg_sz + 1)) &&
1168      read_write(fd, (unsigned char *)buf, evp->msg_sz, 1))
1169    {
1170      buf[evp->msg_sz] = 0;
1171      *msg = buf;
1172    }
1173
1174  return 1;
1175}
1176   
1177static void fatal_event(struct event_desc *ev, char *msg)
1178{
1179  errno = ev->data;
1180 
1181  switch (ev->event)
1182    {
1183    case EVENT_DIE:
1184      exit(0);
1185
1186    case EVENT_FORK_ERR:
1187      die(_("cannot fork into background: %s"), NULL, EC_MISC);
1188 
1189    case EVENT_PIPE_ERR:
1190      die(_("failed to create helper: %s"), NULL, EC_MISC);
1191 
1192    case EVENT_CAP_ERR:
1193      die(_("setting capabilities failed: %s"), NULL, EC_MISC);
1194
1195    case EVENT_USER_ERR:
1196      die(_("failed to change user-id to %s: %s"), msg, EC_MISC);
1197
1198    case EVENT_GROUP_ERR:
1199      die(_("failed to change group-id to %s: %s"), msg, EC_MISC);
1200     
1201    case EVENT_PIDFILE:
1202      die(_("failed to open pidfile %s: %s"), msg, EC_FILE);
1203
1204    case EVENT_LOG_ERR:
1205      die(_("cannot open log %s: %s"), msg, EC_FILE);
1206   
1207    case EVENT_LUA_ERR:
1208      die(_("failed to load Lua script: %s"), msg, EC_MISC);
1209
1210    case EVENT_TFTP_ERR:
1211      die(_("TFTP directory %s inaccessible: %s"), msg, EC_FILE);
1212   
1213    case EVENT_TIME_ERR:
1214      die(_("cannot create timestamp file %s: %s" ), msg, EC_BADCONF);
1215    }
1216}       
1217     
1218static void async_event(int pipe, time_t now)
1219{
1220  pid_t p;
1221  struct event_desc ev;
1222  int i, check = 0;
1223  char *msg;
1224 
1225  /* NOTE: the memory used to return msg is leaked: use msgs in events only
1226     to describe fatal errors. */
1227 
1228  if (read_event(pipe, &ev, &msg))
1229    switch (ev.event)
1230      {
1231      case EVENT_RELOAD:
1232        daemon->soa_sn++; /* Bump zone serial, as it may have changed. */
1233
1234#ifdef HAVE_DNSSEC
1235        if (daemon->dnssec_no_time_check && option_bool(OPT_DNSSEC_VALID) && option_bool(OPT_DNSSEC_TIME))
1236          {
1237            my_syslog(LOG_INFO, _("now checking DNSSEC signature timestamps"));
1238            daemon->dnssec_no_time_check = 0;
1239          }
1240#endif
1241        /* fall through */
1242       
1243      case EVENT_INIT:
1244        clear_cache_and_reload(now);
1245       
1246        if (daemon->port != 0)
1247          {
1248            if (daemon->resolv_files && option_bool(OPT_NO_POLL))
1249              {
1250                reload_servers(daemon->resolv_files->name);
1251                check = 1;
1252              }
1253
1254            if (daemon->servers_file)
1255              {
1256                read_servers_file();
1257                check = 1;
1258              }
1259
1260            if (check)
1261              check_servers();
1262          }
1263
1264#ifdef HAVE_DHCP
1265        rerun_scripts();
1266#endif
1267        break;
1268       
1269      case EVENT_DUMP:
1270        if (daemon->port != 0)
1271          dump_cache(now);
1272        break;
1273       
1274      case EVENT_ALARM:
1275#ifdef HAVE_DHCP
1276        if (daemon->dhcp || daemon->doing_dhcp6)
1277          {
1278            lease_prune(NULL, now);
1279            lease_update_file(now);
1280          }
1281#ifdef HAVE_DHCP6
1282        else if (daemon->doing_ra)
1283          /* Not doing DHCP, so no lease system, manage alarms for ra only */
1284            send_alarm(periodic_ra(now), now);
1285#endif
1286#endif
1287        break;
1288               
1289      case EVENT_CHILD:
1290        /* See Stevens 5.10 */
1291        while ((p = waitpid(-1, NULL, WNOHANG)) != 0)
1292          if (p == -1)
1293            {
1294              if (errno != EINTR)
1295                break;
1296            }     
1297          else
1298            for (i = 0 ; i < MAX_PROCS; i++)
1299              if (daemon->tcp_pids[i] == p)
1300                daemon->tcp_pids[i] = 0;
1301        break;
1302       
1303      case EVENT_KILLED:
1304        my_syslog(LOG_WARNING, _("script process killed by signal %d"), ev.data);
1305        break;
1306
1307      case EVENT_EXITED:
1308        my_syslog(LOG_WARNING, _("script process exited with status %d"), ev.data);
1309        break;
1310
1311      case EVENT_EXEC_ERR:
1312        my_syslog(LOG_ERR, _("failed to execute %s: %s"),
1313                  daemon->lease_change_command, strerror(ev.data));
1314        break;
1315
1316        /* necessary for fatal errors in helper */
1317      case EVENT_USER_ERR:
1318      case EVENT_DIE:
1319      case EVENT_LUA_ERR:
1320        fatal_event(&ev, msg);
1321        break;
1322
1323      case EVENT_REOPEN:
1324        /* Note: this may leave TCP-handling processes with the old file still open.
1325           Since any such process will die in CHILD_LIFETIME or probably much sooner,
1326           we leave them logging to the old file. */
1327        if (daemon->log_file != NULL)
1328          log_reopen(daemon->log_file);
1329        break;
1330
1331      case EVENT_NEWADDR:
1332        newaddress(now);
1333        break;
1334
1335      case EVENT_NEWROUTE:
1336        resend_query();
1337        /* Force re-reading resolv file right now, for luck. */
1338        poll_resolv(0, 1, now);
1339        break;
1340
1341      case EVENT_TERM:
1342        /* Knock all our children on the head. */
1343        for (i = 0; i < MAX_PROCS; i++)
1344          if (daemon->tcp_pids[i] != 0)
1345            kill(daemon->tcp_pids[i], SIGALRM);
1346       
1347#if defined(HAVE_SCRIPT) && defined(HAVE_DHCP)
1348        /* handle pending lease transitions */
1349        if (daemon->helperfd != -1)
1350          {
1351            /* block in writes until all done */
1352            if ((i = fcntl(daemon->helperfd, F_GETFL)) != -1)
1353              fcntl(daemon->helperfd, F_SETFL, i & ~O_NONBLOCK);
1354            do {
1355              helper_write();
1356            } while (!helper_buf_empty() || do_script_run(now));
1357            while (retry_send(close(daemon->helperfd)));
1358          }
1359#endif
1360       
1361        if (daemon->lease_stream)
1362          fclose(daemon->lease_stream);
1363
1364#ifdef HAVE_DNSSEC
1365        /* update timestamp file on TERM if time is considered valid */
1366        if (daemon->back_to_the_future)
1367          {
1368             if (utime(daemon->timestamp_file, NULL) == -1)
1369                my_syslog(LOG_ERR, _("failed to update mtime on %s: %s"), daemon->timestamp_file, strerror(errno));
1370          }
1371#endif
1372
1373        if (daemon->runfile)
1374          unlink(daemon->runfile);
1375       
1376        my_syslog(LOG_INFO, _("exiting on receipt of SIGTERM"));
1377        flush_log();
1378        exit(EC_GOOD);
1379      }
1380}
1381
1382static void poll_resolv(int force, int do_reload, time_t now)
1383{
1384  struct resolvc *res, *latest;
1385  struct stat statbuf;
1386  time_t last_change = 0;
1387  /* There may be more than one possible file.
1388     Go through and find the one which changed _last_.
1389     Warn of any which can't be read. */
1390
1391  if (daemon->port == 0 || option_bool(OPT_NO_POLL))
1392    return;
1393 
1394  for (latest = NULL, res = daemon->resolv_files; res; res = res->next)
1395    if (stat(res->name, &statbuf) == -1)
1396      {
1397        if (force)
1398          {
1399            res->mtime = 0;
1400            continue;
1401          }
1402
1403        if (!res->logged)
1404          my_syslog(LOG_WARNING, _("failed to access %s: %s"), res->name, strerror(errno));
1405        res->logged = 1;
1406       
1407        if (res->mtime != 0)
1408          {
1409            /* existing file evaporated, force selection of the latest
1410               file even if its mtime hasn't changed since we last looked */
1411            poll_resolv(1, do_reload, now);
1412            return;
1413          }
1414      }
1415    else
1416      {
1417        res->logged = 0;
1418        if (force || (statbuf.st_mtime != res->mtime))
1419          {
1420            res->mtime = statbuf.st_mtime;
1421            if (difftime(statbuf.st_mtime, last_change) > 0.0)
1422              {
1423                last_change = statbuf.st_mtime;
1424                latest = res;
1425              }
1426          }
1427      }
1428 
1429  if (latest)
1430    {
1431      static int warned = 0;
1432      if (reload_servers(latest->name))
1433        {
1434          my_syslog(LOG_INFO, _("reading %s"), latest->name);
1435          warned = 0;
1436          check_servers();
1437          if (option_bool(OPT_RELOAD) && do_reload)
1438            clear_cache_and_reload(now);
1439        }
1440      else
1441        {
1442          latest->mtime = 0;
1443          if (!warned)
1444            {
1445              my_syslog(LOG_WARNING, _("no servers found in %s, will retry"), latest->name);
1446              warned = 1;
1447            }
1448        }
1449    }
1450}       
1451
1452void clear_cache_and_reload(time_t now)
1453{
1454  (void)now;
1455
1456  if (daemon->port != 0)
1457    cache_reload();
1458 
1459#ifdef HAVE_DHCP
1460  if (daemon->dhcp || daemon->doing_dhcp6)
1461    {
1462      if (option_bool(OPT_ETHERS))
1463        dhcp_read_ethers();
1464      reread_dhcp();
1465#ifdef HAVE_INOTIFY
1466      set_dynamic_inotify(AH_DHCP_HST | AH_DHCP_OPT, 0, NULL, 0);
1467#endif
1468      dhcp_update_configs(daemon->dhcp_conf);
1469      lease_update_from_configs();
1470      lease_update_file(now);
1471      lease_update_dns(1);
1472    }
1473#ifdef HAVE_DHCP6
1474  else if (daemon->doing_ra)
1475    /* Not doing DHCP, so no lease system, manage
1476       alarms for ra only */
1477    send_alarm(periodic_ra(now), now);
1478#endif
1479#endif
1480}
1481
1482static int set_dns_listeners(time_t now)
1483{
1484  struct serverfd *serverfdp;
1485  struct listener *listener;
1486  int wait = 0, i;
1487 
1488#ifdef HAVE_TFTP
1489  int  tftp = 0;
1490  struct tftp_transfer *transfer;
1491  for (transfer = daemon->tftp_trans; transfer; transfer = transfer->next)
1492    {
1493      tftp++;
1494      poll_listen(transfer->sockfd, POLLIN);
1495    }
1496#endif
1497 
1498  /* will we be able to get memory? */
1499  if (daemon->port != 0)
1500    get_new_frec(now, &wait, 0);
1501 
1502  for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
1503    poll_listen(serverfdp->fd, POLLIN);
1504   
1505  if (daemon->port != 0 && !daemon->osport)
1506    for (i = 0; i < RANDOM_SOCKS; i++)
1507      if (daemon->randomsocks[i].refcount != 0)
1508        poll_listen(daemon->randomsocks[i].fd, POLLIN);
1509         
1510  for (listener = daemon->listeners; listener; listener = listener->next)
1511    {
1512      /* only listen for queries if we have resources */
1513      if (listener->fd != -1 && wait == 0)
1514        poll_listen(listener->fd, POLLIN);
1515       
1516      /* death of a child goes through the select loop, so
1517         we don't need to explicitly arrange to wake up here */
1518      if  (listener->tcpfd != -1)
1519        for (i = 0; i < MAX_PROCS; i++)
1520          if (daemon->tcp_pids[i] == 0)
1521            {
1522              poll_listen(listener->tcpfd, POLLIN);
1523              break;
1524            }
1525
1526#ifdef HAVE_TFTP
1527      if (tftp <= daemon->tftp_max && listener->tftpfd != -1)
1528        poll_listen(listener->tftpfd, POLLIN);
1529#endif
1530
1531    }
1532 
1533  return wait;
1534}
1535
1536static void check_dns_listeners(time_t now)
1537{
1538  struct serverfd *serverfdp;
1539  struct listener *listener;
1540  int i;
1541
1542  for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
1543    if (poll_check(serverfdp->fd, POLLIN))
1544      reply_query(serverfdp->fd, serverfdp->source_addr.sa.sa_family, now);
1545 
1546  if (daemon->port != 0 && !daemon->osport)
1547    for (i = 0; i < RANDOM_SOCKS; i++)
1548      if (daemon->randomsocks[i].refcount != 0 &&
1549          poll_check(daemon->randomsocks[i].fd, POLLIN))
1550        reply_query(daemon->randomsocks[i].fd, daemon->randomsocks[i].family, now);
1551 
1552  for (listener = daemon->listeners; listener; listener = listener->next)
1553    {
1554      if (listener->fd != -1 && poll_check(listener->fd, POLLIN))
1555        receive_query(listener, now);
1556     
1557#ifdef HAVE_TFTP     
1558      if (listener->tftpfd != -1 && poll_check(listener->tftpfd, POLLIN))
1559        tftp_request(listener, now);
1560#endif
1561
1562      if (listener->tcpfd != -1 && poll_check(listener->tcpfd, POLLIN))
1563        {
1564          int confd, client_ok = 1;
1565          struct irec *iface = NULL;
1566          pid_t p;
1567          union mysockaddr tcp_addr;
1568          socklen_t tcp_len = sizeof(union mysockaddr);
1569
1570          while ((confd = accept(listener->tcpfd, NULL, NULL)) == -1 && errno == EINTR);
1571         
1572          if (confd == -1)
1573            continue;
1574         
1575          if (getsockname(confd, (struct sockaddr *)&tcp_addr, &tcp_len) == -1)
1576            {
1577              while (retry_send(close(confd)));
1578              continue;
1579            }
1580         
1581          /* Make sure that the interface list is up-to-date.
1582             
1583             We do this here as we may need the results below, and
1584             the DNS code needs them for --interface-name stuff.
1585
1586             Multiple calls to enumerate_interfaces() per select loop are
1587             inhibited, so calls to it in the child process (which doesn't select())
1588             have no effect. This avoids two processes reading from the same
1589             netlink fd and screwing the pooch entirely.
1590          */
1591 
1592          enumerate_interfaces(0);
1593         
1594          if (option_bool(OPT_NOWILD))
1595            iface = listener->iface; /* May be NULL */
1596          else
1597            {
1598              int if_index;
1599              char intr_name[IF_NAMESIZE];
1600             
1601              /* if we can find the arrival interface, check it's one that's allowed */
1602              if ((if_index = tcp_interface(confd, tcp_addr.sa.sa_family)) != 0 &&
1603                  indextoname(listener->tcpfd, if_index, intr_name))
1604                {
1605                  struct all_addr addr;
1606                  addr.addr.addr4 = tcp_addr.in.sin_addr;
1607#ifdef HAVE_IPV6
1608                  if (tcp_addr.sa.sa_family == AF_INET6)
1609                    addr.addr.addr6 = tcp_addr.in6.sin6_addr;
1610#endif
1611                 
1612                  for (iface = daemon->interfaces; iface; iface = iface->next)
1613                    if (iface->index == if_index)
1614                      break;
1615                 
1616                  if (!iface && !loopback_exception(listener->tcpfd, tcp_addr.sa.sa_family, &addr, intr_name))
1617                    client_ok = 0;
1618                }
1619             
1620              if (option_bool(OPT_CLEVERBIND))
1621                iface = listener->iface; /* May be NULL */
1622              else
1623                {
1624                  /* Check for allowed interfaces when binding the wildcard address:
1625                     we do this by looking for an interface with the same address as
1626                     the local address of the TCP connection, then looking to see if that's
1627                     an allowed interface. As a side effect, we get the netmask of the
1628                     interface too, for localisation. */
1629                 
1630                  for (iface = daemon->interfaces; iface; iface = iface->next)
1631                    if (sockaddr_isequal(&iface->addr, &tcp_addr))
1632                      break;
1633                 
1634                  if (!iface)
1635                    client_ok = 0;
1636                }
1637            }
1638         
1639          if (!client_ok)
1640            {
1641              shutdown(confd, SHUT_RDWR);
1642              while (retry_send(close(confd)));
1643            }
1644#ifndef NO_FORK
1645          else if (!option_bool(OPT_DEBUG) && (p = fork()) != 0)
1646            {
1647              if (p != -1)
1648                {
1649                  int i;
1650                  for (i = 0; i < MAX_PROCS; i++)
1651                    if (daemon->tcp_pids[i] == 0)
1652                      {
1653                        daemon->tcp_pids[i] = p;
1654                        break;
1655                      }
1656                }
1657              while (retry_send(close(confd)));
1658
1659              /* The child can use up to TCP_MAX_QUERIES ids, so skip that many. */
1660              daemon->log_id += TCP_MAX_QUERIES;
1661            }
1662#endif
1663          else
1664            {
1665              unsigned char *buff;
1666              struct server *s;
1667              int flags;
1668              struct in_addr netmask;
1669              int auth_dns;
1670
1671              if (iface)
1672                {
1673                  netmask = iface->netmask;
1674                  auth_dns = iface->dns_auth;
1675                }
1676              else
1677                {
1678                  netmask.s_addr = 0;
1679                  auth_dns = 0;
1680                }
1681
1682#ifndef NO_FORK
1683              /* Arrange for SIGALRM after CHILD_LIFETIME seconds to
1684                 terminate the process. */
1685              if (!option_bool(OPT_DEBUG))
1686                alarm(CHILD_LIFETIME);
1687#endif
1688
1689              /* start with no upstream connections. */
1690              for (s = daemon->servers; s; s = s->next)
1691                 s->tcpfd = -1;
1692             
1693              /* The connected socket inherits non-blocking
1694                 attribute from the listening socket.
1695                 Reset that here. */
1696              if ((flags = fcntl(confd, F_GETFL, 0)) != -1)
1697                fcntl(confd, F_SETFL, flags & ~O_NONBLOCK);
1698             
1699              buff = tcp_request(confd, now, &tcp_addr, netmask, auth_dns);
1700               
1701              shutdown(confd, SHUT_RDWR);
1702              while (retry_send(close(confd)));
1703             
1704              if (buff)
1705                free(buff);
1706             
1707              for (s = daemon->servers; s; s = s->next)
1708                if (s->tcpfd != -1)
1709                  {
1710                    shutdown(s->tcpfd, SHUT_RDWR);
1711                    while (retry_send(close(s->tcpfd)));
1712                  }
1713#ifndef NO_FORK           
1714              if (!option_bool(OPT_DEBUG))
1715                {
1716                  flush_log();
1717                  _exit(0);
1718                }
1719#endif
1720            }
1721        }
1722    }
1723}
1724
1725#ifdef HAVE_DHCP
1726int make_icmp_sock(void)
1727{
1728  int fd;
1729  int zeroopt = 0;
1730
1731  if ((fd = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP)) != -1)
1732    {
1733      if (!fix_fd(fd) ||
1734          setsockopt(fd, SOL_SOCKET, SO_DONTROUTE, &zeroopt, sizeof(zeroopt)) == -1)
1735        {
1736          close(fd);
1737          fd = -1;
1738        }
1739    }
1740
1741  return fd;
1742}
1743
1744int icmp_ping(struct in_addr addr)
1745{
1746  /* Try and get an ICMP echo from a machine. */
1747
1748  /* Note that whilst in the three second wait, we check for
1749     (and service) events on the DNS and TFTP  sockets, (so doing that
1750     better not use any resources our caller has in use...)
1751     but we remain deaf to signals or further DHCP packets. */
1752
1753  /* There can be a problem using dnsmasq_time() to end the loop, since
1754     it's not monotonic, and can go backwards if the system clock is
1755     tweaked, leading to the code getting stuck in this loop and
1756     ignoring DHCP requests. To fix this, we check to see if select returned
1757     as a result of a timeout rather than a socket becoming available. We
1758     only allow this to happen as many times as it takes to get to the wait time
1759     in quarter-second chunks. This provides a fallback way to end loop. */
1760
1761  int fd, rc;
1762  struct sockaddr_in saddr;
1763  struct {
1764    struct ip ip;
1765    struct icmp icmp;
1766  } packet;
1767  unsigned short id = rand16();
1768  unsigned int i, j, timeout_count;
1769  int gotreply = 0;
1770  time_t start, now;
1771
1772#if defined(HAVE_LINUX_NETWORK) || defined (HAVE_SOLARIS_NETWORK)
1773  if ((fd = make_icmp_sock()) == -1)
1774    return 0;
1775#else
1776  int opt = 2000;
1777  fd = daemon->dhcp_icmp_fd;
1778  setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
1779#endif
1780
1781  saddr.sin_family = AF_INET;
1782  saddr.sin_port = 0;
1783  saddr.sin_addr = addr;
1784#ifdef HAVE_SOCKADDR_SA_LEN
1785  saddr.sin_len = sizeof(struct sockaddr_in);
1786#endif
1787 
1788  memset(&packet.icmp, 0, sizeof(packet.icmp));
1789  packet.icmp.icmp_type = ICMP_ECHO;
1790  packet.icmp.icmp_id = id;
1791  for (j = 0, i = 0; i < sizeof(struct icmp) / 2; i++)
1792    j += ((u16 *)&packet.icmp)[i];
1793  while (j>>16)
1794    j = (j & 0xffff) + (j >> 16); 
1795  packet.icmp.icmp_cksum = (j == 0xffff) ? j : ~j;
1796 
1797  while (retry_send(sendto(fd, (char *)&packet.icmp, sizeof(struct icmp), 0,
1798                           (struct sockaddr *)&saddr, sizeof(saddr))));
1799 
1800  for (now = start = dnsmasq_time(), timeout_count = 0;
1801       (difftime(now, start) < (float)PING_WAIT) && (timeout_count < PING_WAIT * 4);)
1802    {
1803      struct sockaddr_in faddr;
1804      socklen_t len = sizeof(faddr);
1805     
1806      poll_reset();
1807      poll_listen(fd, POLLIN);
1808      set_dns_listeners(now);
1809      set_log_writer();
1810     
1811#ifdef HAVE_DHCP6
1812      if (daemon->doing_ra)
1813        poll_listen(daemon->icmp6fd, POLLIN);
1814#endif
1815     
1816      rc = do_poll(250);
1817     
1818      if (rc < 0)
1819        continue;
1820      else if (rc == 0)
1821        timeout_count++;
1822
1823      now = dnsmasq_time();
1824
1825      check_log_writer(0);
1826      check_dns_listeners(now);
1827
1828#ifdef HAVE_DHCP6
1829      if (daemon->doing_ra && poll_check(daemon->icmp6fd, POLLIN))
1830        icmp6_packet(now);
1831#endif
1832     
1833#ifdef HAVE_TFTP
1834      check_tftp_listeners(now);
1835#endif
1836
1837      if (poll_check(fd, POLLIN) &&
1838          recvfrom(fd, &packet, sizeof(packet), 0,
1839                   (struct sockaddr *)&faddr, &len) == sizeof(packet) &&
1840          saddr.sin_addr.s_addr == faddr.sin_addr.s_addr &&
1841          packet.icmp.icmp_type == ICMP_ECHOREPLY &&
1842          packet.icmp.icmp_seq == 0 &&
1843          packet.icmp.icmp_id == id)
1844        {
1845          gotreply = 1;
1846          break;
1847        }
1848    }
1849 
1850#if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK)
1851  while (retry_send(close(fd)));
1852#else
1853  opt = 1;
1854  setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
1855#endif
1856
1857  return gotreply;
1858}
1859#endif
1860
1861 
Note: See TracBrowser for help on using the repository browser.