source: src/router/dnsmasq/src/dnsmasq.c @ 31703

Last change on this file since 31703 was 31703, checked in by brainslayer, 4 months ago

latest dnsmasq

File size: 49.2 KB
Line 
1/* dnsmasq is Copyright (c) 2000-2016 Simon Kelley
2
3   This program is free software; you can redistribute it and/or modify
4   it under the terms of the GNU General Public License as published by
5   the Free Software Foundation; version 2 dated June, 1991, or
6   (at your option) version 3 dated 29 June, 2007.
7 
8   This program is distributed in the hope that it will be useful,
9   but WITHOUT ANY WARRANTY; without even the implied warranty of
10   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
11   GNU General Public License for more details.
12     
13   You should have received a copy of the GNU General Public License
14   along with this program.  If not, see <http://www.gnu.org/licenses/>.
15*/
16
17/* Declare static char *compiler_opts  in config.h */
18#define DNSMASQ_COMPILE_OPTS
19
20#include "dnsmasq.h"
21
22struct daemon *daemon;
23
24static volatile pid_t pid = 0;
25static volatile int pipewrite;
26
27static int set_dns_listeners(time_t now);
28static void check_dns_listeners(time_t now);
29static void sig_handler(int sig);
30static void async_event(int pipe, time_t now);
31static void fatal_event(struct event_desc *ev, char *msg);
32static int read_event(int fd, struct event_desc *evp, char **msg);
33static void poll_resolv(int force, int do_reload, time_t now);
34
35int main (int argc, char **argv)
36{
37  int bind_fallback = 0;
38  time_t now;
39  struct sigaction sigact;
40  struct iname *if_tmp;
41  int piperead, pipefd[2], err_pipe[2];
42  struct passwd *ent_pw = NULL;
43#if defined(HAVE_SCRIPT)
44  uid_t script_uid = 0;
45  gid_t script_gid = 0;
46#endif
47  struct group *gp = NULL;
48  long i, max_fd = sysconf(_SC_OPEN_MAX);
49  char *baduser = NULL;
50  int log_err;
51#if defined(HAVE_LINUX_NETWORK)
52  cap_user_header_t hdr = NULL;
53  cap_user_data_t data = NULL;
54  char *bound_device = NULL;
55  int did_bind = 0;
56#endif
57#if defined(HAVE_DHCP) || defined(HAVE_DHCP6)
58  struct dhcp_context *context;
59  struct dhcp_relay *relay;
60#endif
61#ifdef HAVE_TFTP
62  int tftp_prefix_missing = 0;
63#endif
64
65#ifdef LOCALEDIR
66  setlocale(LC_ALL, "");
67  bindtextdomain("dnsmasq", LOCALEDIR);
68  textdomain("dnsmasq");
69#endif
70
71  sigact.sa_handler = sig_handler;
72  sigact.sa_flags = 0;
73  sigemptyset(&sigact.sa_mask);
74  sigaction(SIGUSR1, &sigact, NULL);
75  sigaction(SIGUSR2, &sigact, NULL);
76  sigaction(SIGHUP, &sigact, NULL);
77  sigaction(SIGTERM, &sigact, NULL);
78  sigaction(SIGALRM, &sigact, NULL);
79  sigaction(SIGCHLD, &sigact, NULL);
80
81  /* ignore SIGPIPE */
82  sigact.sa_handler = SIG_IGN;
83  sigaction(SIGPIPE, &sigact, NULL);
84
85  umask(022); /* known umask, create leases and pid files as 0644 */
86 
87  rand_init(); /* Must precede read_opts() */
88 
89  read_opts(argc, argv, compile_opts);
90 
91  if (daemon->edns_pktsz < PACKETSZ)
92    daemon->edns_pktsz = PACKETSZ;
93
94  /* Min buffer size: we check after adding each record, so there must be
95     memory for the largest packet, and the largest record so the
96     min for DNS is PACKETSZ+MAXDNAME+RRFIXEDSZ which is < 1000.
97     This might be increased is EDNS packet size if greater than the minimum. */
98  daemon->packet_buff_sz = daemon->edns_pktsz + MAXDNAME + RRFIXEDSZ;
99  daemon->packet = safe_malloc(daemon->packet_buff_sz);
100 
101  daemon->addrbuff = safe_malloc(ADDRSTRLEN);
102  if (option_bool(OPT_EXTRALOG))
103    daemon->addrbuff2 = safe_malloc(ADDRSTRLEN);
104 
105#ifdef HAVE_DNSSEC
106  if (option_bool(OPT_DNSSEC_VALID))
107    {
108      /* Note that both /000 and '.' are allowed within labels. These get
109         represented in presentation format using NAME_ESCAPE as an escape
110         character when in DNSSEC mode.
111         In theory, if all the characters in a name were /000 or
112         '.' or NAME_ESCAPE then all would have to be escaped, so the
113         presentation format would be twice as long as the spec.
114
115         daemon->namebuff was previously allocated by the option-reading
116         code before we knew if we're in DNSSEC mode, so reallocate here. */
117      free(daemon->namebuff);
118      daemon->namebuff = safe_malloc(MAXDNAME * 2);
119      daemon->keyname = safe_malloc(MAXDNAME * 2);
120      daemon->workspacename = safe_malloc(MAXDNAME * 2);
121    }
122#endif
123
124#ifdef HAVE_DHCP
125  if (!daemon->lease_file)
126    {
127      if (daemon->dhcp || daemon->dhcp6)
128        daemon->lease_file = LEASEFILE;
129    }
130#endif
131 
132  /* Close any file descriptors we inherited apart from std{in|out|err}
133     
134     Ensure that at least stdin, stdout and stderr (fd 0, 1, 2) exist,
135     otherwise file descriptors we create can end up being 0, 1, or 2
136     and then get accidentally closed later when we make 0, 1, and 2
137     open to /dev/null. Normally we'll be started with 0, 1 and 2 open,
138     but it's not guaranteed. By opening /dev/null three times, we
139     ensure that we're not using those fds for real stuff. */
140  for (i = 0; i < max_fd; i++)
141    if (i != STDOUT_FILENO && i != STDERR_FILENO && i != STDIN_FILENO)
142      close(i);
143    else
144      open("/dev/null", O_RDWR);
145
146#ifndef HAVE_LINUX_NETWORK
147#  if !(defined(IP_RECVDSTADDR) && defined(IP_RECVIF) && defined(IP_SENDSRCADDR))
148  if (!option_bool(OPT_NOWILD))
149    {
150      bind_fallback = 1;
151      set_option_bool(OPT_NOWILD);
152    }
153#  endif
154 
155  /* -- bind-dynamic not supported on !Linux, fall back to --bind-interfaces */
156  if (option_bool(OPT_CLEVERBIND))
157    {
158      bind_fallback = 1;
159      set_option_bool(OPT_NOWILD);
160      reset_option_bool(OPT_CLEVERBIND);
161    }
162#endif
163
164#ifndef HAVE_INOTIFY
165  if (daemon->dynamic_dirs)
166    die(_("dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"), NULL, EC_BADCONF);
167#endif
168 
169  if (option_bool(OPT_DNSSEC_VALID))
170    {
171#ifdef HAVE_DNSSEC
172      struct ds_config *ds;
173
174      /* Must have at least a root trust anchor, or the DNSSEC code
175         can loop forever. */
176      for (ds = daemon->ds; ds; ds = ds->next)
177        if (ds->name[0] == 0)
178          break;
179
180      if (!ds)
181        die(_("no root trust anchor provided for DNSSEC"), NULL, EC_BADCONF);
182     
183      if (daemon->cachesize < CACHESIZ)
184        die(_("cannot reduce cache size from default when DNSSEC enabled"), NULL, EC_BADCONF);
185#else
186      die(_("DNSSEC not available: set HAVE_DNSSEC in src/config.h"), NULL, EC_BADCONF);
187#endif
188    }
189
190#ifndef HAVE_TFTP
191  if (option_bool(OPT_TFTP))
192    die(_("TFTP server not available: set HAVE_TFTP in src/config.h"), NULL, EC_BADCONF);
193#endif
194
195#ifdef HAVE_CONNTRACK
196  if (option_bool(OPT_CONNTRACK) && (daemon->query_port != 0 || daemon->osport))
197    die (_("cannot use --conntrack AND --query-port"), NULL, EC_BADCONF);
198#else
199  if (option_bool(OPT_CONNTRACK))
200    die(_("conntrack support not available: set HAVE_CONNTRACK in src/config.h"), NULL, EC_BADCONF);
201#endif
202
203#ifdef HAVE_SOLARIS_NETWORK
204  if (daemon->max_logs != 0)
205    die(_("asynchronous logging is not available under Solaris"), NULL, EC_BADCONF);
206#endif
207 
208#ifdef __ANDROID__
209  if (daemon->max_logs != 0)
210    die(_("asynchronous logging is not available under Android"), NULL, EC_BADCONF);
211#endif
212
213#ifndef HAVE_AUTH
214  if (daemon->authserver)
215    die(_("authoritative DNS not available: set HAVE_AUTH in src/config.h"), NULL, EC_BADCONF);
216#endif
217
218#ifndef HAVE_LOOP
219  if (option_bool(OPT_LOOP_DETECT))
220    die(_("loop detection not available: set HAVE_LOOP in src/config.h"), NULL, EC_BADCONF);
221#endif
222
223  if (daemon->max_port != MAX_PORT && daemon->min_port == 0)
224    daemon->min_port = 1024u;
225
226  if (daemon->max_port < daemon->min_port)
227    die(_("max_port cannot be smaller than min_port"), NULL, EC_BADCONF);
228
229  now = dnsmasq_time();
230
231  /* Create a serial at startup if not configured. */
232  if (daemon->authinterface && daemon->soa_sn == 0)
233#ifdef HAVE_BROKEN_RTC
234    die(_("zone serial must be configured in --auth-soa"), NULL, EC_BADCONF);
235#else
236  daemon->soa_sn = now;
237#endif
238 
239#ifdef HAVE_DHCP6
240  if (daemon->dhcp6)
241    {
242      daemon->doing_ra = option_bool(OPT_RA);
243     
244      for (context = daemon->dhcp6; context; context = context->next)
245        {
246          if (context->flags & CONTEXT_DHCP)
247            daemon->doing_dhcp6 = 1;
248          if (context->flags & CONTEXT_RA)
249            daemon->doing_ra = 1;
250#if !defined(HAVE_LINUX_NETWORK) && !defined(HAVE_BSD_NETWORK)
251          if (context->flags & CONTEXT_TEMPLATE)
252            die (_("dhcp-range constructor not available on this platform"), NULL, EC_BADCONF);
253#endif
254        }
255    }
256#endif
257 
258#ifdef HAVE_DHCP
259  /* Note that order matters here, we must call lease_init before
260     creating any file descriptors which shouldn't be leaked
261     to the lease-script init process. We need to call common_init
262     before lease_init to allocate buffers it uses.
263     The script subsystem relies on DHCP buffers, hence the last two
264     conditions below. */ 
265  if (daemon->dhcp || daemon->doing_dhcp6 || daemon->relay4 ||
266      daemon->relay6 || option_bool(OPT_TFTP) || option_bool(OPT_SCRIPT_ARP))
267    {
268      dhcp_common_init();
269      if (daemon->dhcp || daemon->doing_dhcp6)
270        lease_init(now);
271    }
272 
273  if (daemon->dhcp || daemon->relay4)
274    dhcp_init();
275 
276#  ifdef HAVE_DHCP6
277  if (daemon->doing_ra || daemon->doing_dhcp6 || daemon->relay6)
278    ra_init(now);
279 
280  if (daemon->doing_dhcp6 || daemon->relay6)
281    dhcp6_init();
282#  endif
283
284#endif
285
286#ifdef HAVE_IPSET
287  if (daemon->ipsets)
288    ipset_init();
289#endif
290
291#if  defined(HAVE_LINUX_NETWORK)
292  netlink_init();
293#elif defined(HAVE_BSD_NETWORK)
294  route_init();
295#endif
296
297  if (option_bool(OPT_NOWILD) && option_bool(OPT_CLEVERBIND))
298    die(_("cannot set --bind-interfaces and --bind-dynamic"), NULL, EC_BADCONF);
299 
300  if (!enumerate_interfaces(1) || !enumerate_interfaces(0))
301    die(_("failed to find list of interfaces: %s"), NULL, EC_MISC);
302 
303  if (option_bool(OPT_NOWILD) || option_bool(OPT_CLEVERBIND))
304    {
305      create_bound_listeners(1);
306     
307      if (!option_bool(OPT_CLEVERBIND))
308        for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
309          if (if_tmp->name && !if_tmp->used)
310            die(_("unknown interface %s"), if_tmp->name, EC_BADNET);
311
312#if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP)
313      /* after enumerate_interfaces()  */
314      bound_device = whichdevice();
315     
316      if (daemon->dhcp)
317        {
318          if (!daemon->relay4 && bound_device)
319            {
320              bindtodevice(bound_device, daemon->dhcpfd);
321              did_bind = 1;
322            }
323          if (daemon->enable_pxe && bound_device)
324            {
325              bindtodevice(bound_device, daemon->pxefd);
326              did_bind = 1;
327            }
328        }
329#endif
330
331#if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP6)
332      if (daemon->doing_dhcp6 && !daemon->relay6 && bound_device)
333        {
334          bindtodevice(bound_device, daemon->dhcp6fd);
335          did_bind = 1;
336        }
337#endif
338    }
339  else
340    create_wildcard_listeners();
341 
342#ifdef HAVE_DHCP6
343  /* after enumerate_interfaces() */
344  if (daemon->doing_dhcp6 || daemon->relay6 || daemon->doing_ra)
345    join_multicast(1);
346
347  /* After netlink_init() and before create_helper() */
348  lease_make_duid(now);
349#endif
350 
351  if (daemon->port != 0)
352    {
353      cache_init();
354
355#ifdef HAVE_DNSSEC
356      blockdata_init();
357#endif
358    }
359
360#ifdef HAVE_INOTIFY
361  if (daemon->port != 0 || daemon->dhcp || daemon->doing_dhcp6)
362    inotify_dnsmasq_init();
363  else
364    daemon->inotifyfd = -1;
365#endif
366       
367  if (option_bool(OPT_DBUS))
368#ifdef HAVE_DBUS
369    {
370      char *err;
371      daemon->dbus = NULL;
372      daemon->watches = NULL;
373      if ((err = dbus_init()))
374        die(_("DBus error: %s"), err, EC_MISC);
375    }
376#else
377  die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL, EC_BADCONF);
378#endif
379
380  if (daemon->port != 0)
381    pre_allocate_sfds();
382
383#if defined(HAVE_SCRIPT)
384  /* Note getpwnam returns static storage */
385  if ((daemon->dhcp || daemon->dhcp6) &&
386      daemon->scriptuser &&
387      (daemon->lease_change_command || daemon->luascript))
388    {
389      if ((ent_pw = getpwnam(daemon->scriptuser)))
390        {
391          script_uid = ent_pw->pw_uid;
392          script_gid = ent_pw->pw_gid;
393         }
394      else
395        baduser = daemon->scriptuser;
396    }
397#endif
398 
399  if (daemon->username && !(ent_pw = getpwnam(daemon->username)))
400    baduser = daemon->username;
401  else if (daemon->groupname && !(gp = getgrnam(daemon->groupname)))
402    baduser = daemon->groupname;
403
404  if (baduser)
405    die(_("unknown user or group: %s"), baduser, EC_BADCONF);
406
407  /* implement group defaults, "dip" if available, or group associated with uid */
408  if (!daemon->group_set && !gp)
409    {
410      if (!(gp = getgrnam(CHGRP)) && ent_pw)
411        gp = getgrgid(ent_pw->pw_gid);
412     
413      /* for error message */
414      if (gp)
415        daemon->groupname = gp->gr_name;
416    }
417
418#if defined(HAVE_LINUX_NETWORK)
419  /* determine capability API version here, while we can still
420     call safe_malloc */
421  if (ent_pw && ent_pw->pw_uid != 0)
422    {
423      int capsize = 1; /* for header version 1 */
424      hdr = safe_malloc(sizeof(*hdr));
425
426      /* find version supported by kernel */
427      memset(hdr, 0, sizeof(*hdr));
428      capget(hdr, NULL);
429     
430      if (hdr->version != LINUX_CAPABILITY_VERSION_1)
431        {
432          /* if unknown version, use largest supported version (3) */
433          if (hdr->version != LINUX_CAPABILITY_VERSION_2)
434            hdr->version = LINUX_CAPABILITY_VERSION_3;
435          capsize = 2;
436        }
437     
438      data = safe_malloc(sizeof(*data) * capsize);
439      memset(data, 0, sizeof(*data) * capsize);
440    }
441#endif
442
443  /* Use a pipe to carry signals and other events back to the event loop
444     in a race-free manner and another to carry errors to daemon-invoking process */
445  safe_pipe(pipefd, 1);
446 
447  piperead = pipefd[0];
448  pipewrite = pipefd[1];
449  /* prime the pipe to load stuff first time. */
450  send_event(pipewrite, EVENT_INIT, 0, NULL);
451
452  err_pipe[1] = -1;
453 
454  if (!option_bool(OPT_DEBUG))   
455    {
456      /* The following code "daemonizes" the process.
457         See Stevens section 12.4 */
458     
459      if (chdir("/") != 0)
460        die(_("cannot chdir to filesystem root: %s"), NULL, EC_MISC);
461
462#ifndef NO_FORK     
463      if (!option_bool(OPT_NO_FORK))
464        {
465          pid_t pid;
466         
467          /* pipe to carry errors back to original process.
468             When startup is complete we close this and the process terminates. */
469          safe_pipe(err_pipe, 0);
470         
471          if ((pid = fork()) == -1)
472            /* fd == -1 since we've not forked, never returns. */
473            send_event(-1, EVENT_FORK_ERR, errno, NULL);
474           
475          if (pid != 0)
476            {
477              struct event_desc ev;
478              char *msg;
479
480              /* close our copy of write-end */
481              while (retry_send(close(err_pipe[1])));
482             
483              /* check for errors after the fork */
484              if (read_event(err_pipe[0], &ev, &msg))
485                fatal_event(&ev, msg);
486             
487              _exit(EC_GOOD);
488            }
489         
490          while (retry_send(close(err_pipe[0])));
491
492          /* NO calls to die() from here on. */
493         
494          setsid();
495         
496          if ((pid = fork()) == -1)
497            send_event(err_pipe[1], EVENT_FORK_ERR, errno, NULL);
498         
499          if (pid != 0)
500            _exit(0);
501        }
502#endif
503           
504      /* write pidfile _after_ forking ! */
505      if (daemon->runfile)
506        {
507          int fd, err = 0;
508
509          sprintf(daemon->namebuff, "%d\n", (int) getpid());
510
511          /* Explanation: Some installations of dnsmasq (eg Debian/Ubuntu) locate the pid-file
512             in a directory which is writable by the non-privileged user that dnsmasq runs as. This
513             allows the daemon to delete the file as part of its shutdown. This is a security hole to the
514             extent that an attacker running as the unprivileged  user could replace the pidfile with a
515             symlink, and have the target of that symlink overwritten as root next time dnsmasq starts.
516
517             The following code first deletes any existing file, and then opens it with the O_EXCL flag,
518             ensuring that the open() fails should there be any existing file (because the unlink() failed,
519             or an attacker exploited the race between unlink() and open()). This ensures that no symlink
520             attack can succeed.
521
522             Any compromise of the non-privileged user still theoretically allows the pid-file to be
523             replaced whilst dnsmasq is running. The worst that could allow is that the usual
524             "shutdown dnsmasq" shell command could be tricked into stopping any other process.
525
526             Note that if dnsmasq is started as non-root (eg for testing) it silently ignores
527             failure to write the pid-file.
528          */
529
530          unlink(daemon->runfile);
531         
532          if ((fd = open(daemon->runfile, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH)) == -1)
533            {
534              /* only complain if started as root */
535              if (getuid() == 0)
536                err = 1;
537            }
538          else
539            {
540              if (!read_write(fd, (unsigned char *)daemon->namebuff, strlen(daemon->namebuff), 0))
541                err = 1;
542              else
543                {
544                  while (retry_send(close(fd)));
545                  if (errno != 0)
546                    err = 1;
547                }
548            }
549
550          if (err)
551            {
552              send_event(err_pipe[1], EVENT_PIDFILE, errno, daemon->runfile);
553              _exit(0);
554            }
555        }
556    }
557 
558   log_err = log_start(ent_pw, err_pipe[1]);
559
560   if (!option_bool(OPT_DEBUG))
561     {       
562       /* open  stdout etc to /dev/null */
563       int nullfd = open("/dev/null", O_RDWR);
564       if (nullfd != -1)
565         {
566           dup2(nullfd, STDOUT_FILENO);
567           dup2(nullfd, STDERR_FILENO);
568           dup2(nullfd, STDIN_FILENO);
569           close(nullfd);
570         }
571     }
572   
573   /* if we are to run scripts, we need to fork a helper before dropping root. */
574  daemon->helperfd = -1;
575#ifdef HAVE_SCRIPT
576  if ((daemon->dhcp || daemon->dhcp6 || option_bool(OPT_TFTP) || option_bool(OPT_SCRIPT_ARP)) &&
577      (daemon->lease_change_command || daemon->luascript))
578      daemon->helperfd = create_helper(pipewrite, err_pipe[1], script_uid, script_gid, max_fd);
579#endif
580
581  if (!option_bool(OPT_DEBUG) && getuid() == 0)   
582    {
583      int bad_capabilities = 0;
584      gid_t dummy;
585     
586      /* remove all supplementary groups */
587      if (gp &&
588          (setgroups(0, &dummy) == -1 ||
589           setgid(gp->gr_gid) == -1))
590        {
591          send_event(err_pipe[1], EVENT_GROUP_ERR, errno, daemon->groupname);
592          _exit(0);
593        }
594 
595      if (ent_pw && ent_pw->pw_uid != 0)
596        {     
597#if defined(HAVE_LINUX_NETWORK)   
598          /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
599             CAP_NET_RAW (for icmp) if we're doing dhcp. If we have yet to bind
600             ports because of DAD, or we're doing it dynamically,
601             we need CAP_NET_BIND_SERVICE too. */
602          if (is_dad_listeners() || option_bool(OPT_CLEVERBIND))
603            data->effective = data->permitted = data->inheritable =
604              (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) |
605              (1 << CAP_SETUID) | (1 << CAP_NET_BIND_SERVICE);
606          else
607            data->effective = data->permitted = data->inheritable =
608              (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID);
609         
610          /* Tell kernel to not clear capabilities when dropping root */
611          if (capset(hdr, data) == -1 || prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1)
612            bad_capabilities = errno;
613                         
614#elif defined(HAVE_SOLARIS_NETWORK)
615          /* http://developers.sun.com/solaris/articles/program_privileges.html */
616          priv_set_t *priv_set;
617         
618          if (!(priv_set = priv_str_to_set("basic", ",", NULL)) ||
619              priv_addset(priv_set, PRIV_NET_ICMPACCESS) == -1 ||
620              priv_addset(priv_set, PRIV_SYS_NET_CONFIG) == -1)
621            bad_capabilities = errno;
622
623          if (priv_set && bad_capabilities == 0)
624            {
625              priv_inverse(priv_set);
626         
627              if (setppriv(PRIV_OFF, PRIV_LIMIT, priv_set) == -1)
628                bad_capabilities = errno;
629            }
630
631          if (priv_set)
632            priv_freeset(priv_set);
633
634#endif   
635
636          if (bad_capabilities != 0)
637            {
638              send_event(err_pipe[1], EVENT_CAP_ERR, bad_capabilities, NULL);
639              _exit(0);
640            }
641         
642          /* finally drop root */
643          if (setuid(ent_pw->pw_uid) == -1)
644            {
645              send_event(err_pipe[1], EVENT_USER_ERR, errno, daemon->username);
646              _exit(0);
647            }     
648
649#ifdef HAVE_LINUX_NETWORK
650          if (is_dad_listeners() || option_bool(OPT_CLEVERBIND))
651           data->effective = data->permitted =
652             (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_NET_BIND_SERVICE);
653         else
654           data->effective = data->permitted =
655             (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW);
656          data->inheritable = 0;
657         
658          /* lose the setuid and setgid capabilities */
659          if (capset(hdr, data) == -1)
660            {
661              send_event(err_pipe[1], EVENT_CAP_ERR, errno, NULL);
662              _exit(0);
663            }
664#endif
665         
666        }
667    }
668 
669#ifdef HAVE_LINUX_NETWORK
670  free(hdr);
671  free(data);
672  if (option_bool(OPT_DEBUG))
673    prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
674#endif
675
676#ifdef HAVE_TFTP
677  if (option_bool(OPT_TFTP))
678    {
679      DIR *dir;
680      struct tftp_prefix *p;
681     
682      if (daemon->tftp_prefix)
683        {
684          if (!((dir = opendir(daemon->tftp_prefix))))
685            {
686              tftp_prefix_missing = 1;
687              if (!option_bool(OPT_TFTP_NO_FAIL))
688                {
689                  send_event(err_pipe[1], EVENT_TFTP_ERR, errno, daemon->tftp_prefix);
690                  _exit(0);
691                }
692            }
693          else
694            closedir(dir);
695        }
696
697      for (p = daemon->if_prefix; p; p = p->next)
698        {
699          p->missing = 0;
700          if (!((dir = opendir(p->prefix))))
701            {
702              p->missing = 1;
703              if (!option_bool(OPT_TFTP_NO_FAIL))
704                {
705                  send_event(err_pipe[1], EVENT_TFTP_ERR, errno, p->prefix);
706                  _exit(0);
707                }
708            }
709          else
710            closedir(dir);
711        }
712    }
713#endif
714
715  if (daemon->port == 0)
716    my_syslog(LOG_INFO, _("started, version %s DNS disabled"), VERSION);
717  else
718    {
719      if (daemon->cachesize != 0)
720        my_syslog(LOG_INFO, _("started, version %s cachesize %d"), VERSION, daemon->cachesize);
721      else
722        my_syslog(LOG_INFO, _("started, version %s cache disabled"), VERSION);
723
724      if (option_bool(OPT_LOCAL_SERVICE))
725        my_syslog(LOG_INFO, _("DNS service limited to local subnets"));
726    }
727 
728  my_syslog(LOG_INFO, _("compile time options: %s"), compile_opts);
729 
730#ifdef HAVE_DBUS
731  if (option_bool(OPT_DBUS))
732    {
733      if (daemon->dbus)
734        my_syslog(LOG_INFO, _("DBus support enabled: connected to system bus"));
735      else
736        my_syslog(LOG_INFO, _("DBus support enabled: bus connection pending"));
737    }
738#endif
739
740#ifdef HAVE_DNSSEC
741  if (option_bool(OPT_DNSSEC_VALID))
742    {
743      int rc;
744
745      /* Delay creating the timestamp file until here, after we've changed user, so that
746         it has the correct owner to allow updating the mtime later.
747         This means we have to report fatal errors via the pipe. */
748      if ((rc = setup_timestamp()) == -1)
749        {
750          send_event(err_pipe[1], EVENT_TIME_ERR, errno, daemon->timestamp_file);
751          _exit(0);
752        }
753     
754      my_syslog(LOG_INFO, _("DNSSEC validation enabled"));
755     
756      daemon->dnssec_no_time_check = option_bool(OPT_DNSSEC_TIME);
757      if (option_bool(OPT_DNSSEC_TIME) && !daemon->back_to_the_future)
758        my_syslog(LOG_INFO, _("DNSSEC signature timestamps not checked until first cache reload"));
759     
760      if (rc == 1)
761        my_syslog(LOG_INFO, _("DNSSEC signature timestamps not checked until system time valid"));
762    }
763#endif
764
765  if (log_err != 0)
766    my_syslog(LOG_WARNING, _("warning: failed to change owner of %s: %s"),
767              daemon->log_file, strerror(log_err));
768 
769  if (bind_fallback)
770    my_syslog(LOG_WARNING, _("setting --bind-interfaces option because of OS limitations"));
771
772  if (option_bool(OPT_NOWILD))
773    warn_bound_listeners();
774  else if (!option_bool(OPT_CLEVERBIND))
775    warn_wild_labels();
776
777  warn_int_names();
778 
779  if (!option_bool(OPT_NOWILD))
780    for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
781      if (if_tmp->name && !if_tmp->used)
782        my_syslog(LOG_WARNING, _("warning: interface %s does not currently exist"), if_tmp->name);
783   
784  if (daemon->port != 0 && option_bool(OPT_NO_RESOLV))
785    {
786      if (daemon->resolv_files && !daemon->resolv_files->is_default)
787        my_syslog(LOG_WARNING, _("warning: ignoring resolv-file flag because no-resolv is set"));
788      daemon->resolv_files = NULL;
789      if (!daemon->servers)
790        my_syslog(LOG_WARNING, _("warning: no upstream servers configured"));
791    }
792
793  if (daemon->max_logs != 0)
794    my_syslog(LOG_INFO, _("asynchronous logging enabled, queue limit is %d messages"), daemon->max_logs);
795 
796
797#ifdef HAVE_DHCP
798  for (context = daemon->dhcp; context; context = context->next)
799    log_context(AF_INET, context);
800
801  for (relay = daemon->relay4; relay; relay = relay->next)
802    log_relay(AF_INET, relay);
803
804#  ifdef HAVE_DHCP6
805  for (context = daemon->dhcp6; context; context = context->next)
806    log_context(AF_INET6, context);
807
808  for (relay = daemon->relay6; relay; relay = relay->next)
809    log_relay(AF_INET6, relay);
810 
811  if (daemon->doing_dhcp6 || daemon->doing_ra)
812    dhcp_construct_contexts(now);
813 
814  if (option_bool(OPT_RA))
815    my_syslog(MS_DHCP | LOG_INFO, _("IPv6 router advertisement enabled"));
816#  endif
817
818#  ifdef HAVE_LINUX_NETWORK
819  if (did_bind)
820    my_syslog(MS_DHCP | LOG_INFO, _("DHCP, sockets bound exclusively to interface %s"), bound_device);
821#  endif
822
823  /* after dhcp_construct_contexts */
824  if (daemon->dhcp || daemon->doing_dhcp6)
825    lease_find_interfaces(now);
826#endif
827
828#ifdef HAVE_TFTP
829  if (option_bool(OPT_TFTP))
830    {
831      struct tftp_prefix *p;
832
833      my_syslog(MS_TFTP | LOG_INFO, "TFTP %s%s %s",
834                daemon->tftp_prefix ? _("root is ") : _("enabled"),
835                daemon->tftp_prefix ? daemon->tftp_prefix: "",
836                option_bool(OPT_TFTP_SECURE) ? _("secure mode") : "");
837
838      if (tftp_prefix_missing)
839        my_syslog(MS_TFTP | LOG_WARNING, _("warning: %s inaccessible"), daemon->tftp_prefix);
840
841      for (p = daemon->if_prefix; p; p = p->next)
842        if (p->missing)
843           my_syslog(MS_TFTP | LOG_WARNING, _("warning: TFTP directory %s inaccessible"), p->prefix);
844
845      /* This is a guess, it assumes that for small limits,
846         disjoint files might be served, but for large limits,
847         a single file will be sent to may clients (the file only needs
848         one fd). */
849
850      max_fd -= 30; /* use other than TFTP */
851     
852      if (max_fd < 0)
853        max_fd = 5;
854      else if (max_fd < 100)
855        max_fd = max_fd/2;
856      else
857        max_fd = max_fd - 20;
858     
859      /* if we have to use a limited range of ports,
860         that will limit the number of transfers */
861      if (daemon->start_tftp_port != 0 &&
862          daemon->end_tftp_port - daemon->start_tftp_port + 1 < max_fd)
863        max_fd = daemon->end_tftp_port - daemon->start_tftp_port + 1;
864
865      if (daemon->tftp_max > max_fd)
866        {
867          daemon->tftp_max = max_fd;
868          my_syslog(MS_TFTP | LOG_WARNING,
869                    _("restricting maximum simultaneous TFTP transfers to %d"),
870                    daemon->tftp_max);
871        }
872    }
873#endif
874
875  /* finished start-up - release original process */
876  if (err_pipe[1] != -1)
877    while (retry_send(close(err_pipe[1])));
878 
879  if (daemon->port != 0)
880    check_servers();
881 
882  pid = getpid();
883 
884#ifdef HAVE_INOTIFY
885  /* Using inotify, have to select a resolv file at startup */
886  poll_resolv(1, 0, now);
887#endif
888 
889  while (1)
890    {
891      int t, timeout = -1;
892     
893      poll_reset();
894     
895      /* if we are out of resources, find how long we have to wait
896         for some to come free, we'll loop around then and restart
897         listening for queries */
898      if ((t = set_dns_listeners(now)) != 0)
899        timeout = t * 1000;
900
901      /* Whilst polling for the dbus, or doing a tftp transfer, wake every quarter second */
902      if (daemon->tftp_trans ||
903          (option_bool(OPT_DBUS) && !daemon->dbus))
904        timeout = 250;
905
906      /* Wake every second whilst waiting for DAD to complete */
907      else if (is_dad_listeners())
908        timeout = 1000;
909
910#ifdef HAVE_DBUS
911      set_dbus_listeners();
912#endif 
913 
914#ifdef HAVE_DHCP
915      if (daemon->dhcp || daemon->relay4)
916        {
917          poll_listen(daemon->dhcpfd, POLLIN);
918          if (daemon->pxefd != -1)
919            poll_listen(daemon->pxefd, POLLIN);
920        }
921#endif
922
923#ifdef HAVE_DHCP6
924      if (daemon->doing_dhcp6 || daemon->relay6)
925        poll_listen(daemon->dhcp6fd, POLLIN);
926       
927      if (daemon->doing_ra)
928        poll_listen(daemon->icmp6fd, POLLIN);
929#endif
930   
931#ifdef HAVE_INOTIFY
932      if (daemon->inotifyfd != -1)
933        poll_listen(daemon->inotifyfd, POLLIN);
934#endif
935
936#if defined(HAVE_LINUX_NETWORK)
937      poll_listen(daemon->netlinkfd, POLLIN);
938#elif defined(HAVE_BSD_NETWORK)
939      poll_listen(daemon->routefd, POLLIN);
940#endif
941     
942      poll_listen(piperead, POLLIN);
943
944#ifdef HAVE_SCRIPT
945#    ifdef HAVE_DHCP
946      while (helper_buf_empty() && do_script_run(now));
947#    endif
948
949      /* Refresh cache */
950      if (option_bool(OPT_SCRIPT_ARP))
951        find_mac(NULL, NULL, 0, now);
952      while (helper_buf_empty() && do_arp_script_run());
953
954#    ifdef HAVE_TFTP
955      while (helper_buf_empty() && do_tftp_script_run());
956#    endif
957
958      if (!helper_buf_empty())
959        poll_listen(daemon->helperfd, POLLOUT);
960#else
961      /* need this for other side-effects */
962#    ifdef HAVE_DHCP
963      while (do_script_run(now));
964#    endif
965
966      while (do_arp_script_run());
967
968#    ifdef HAVE_TFTP
969      while (do_tftp_script_run());
970#    endif
971
972#endif
973
974   
975      /* must do this just before select(), when we know no
976         more calls to my_syslog() can occur */
977      set_log_writer();
978     
979      if (do_poll(timeout) < 0)
980        continue;
981     
982      now = dnsmasq_time();
983
984      check_log_writer(0);
985
986      /* prime. */
987      enumerate_interfaces(1);
988
989      /* Check the interfaces to see if any have exited DAD state
990         and if so, bind the address. */
991      if (is_dad_listeners())
992        {
993          enumerate_interfaces(0);
994          /* NB, is_dad_listeners() == 1 --> we're binding interfaces */
995          create_bound_listeners(0);
996          warn_bound_listeners();
997        }
998
999#if defined(HAVE_LINUX_NETWORK)
1000      if (poll_check(daemon->netlinkfd, POLLIN))
1001        netlink_multicast();
1002#elif defined(HAVE_BSD_NETWORK)
1003      if (poll_check(daemon->routefd, POLLIN))
1004        route_sock();
1005#endif
1006
1007#ifdef HAVE_INOTIFY
1008      if  (daemon->inotifyfd != -1 && poll_check(daemon->inotifyfd, POLLIN) && inotify_check(now))
1009        {
1010          if (daemon->port != 0 && !option_bool(OPT_NO_POLL))
1011            poll_resolv(1, 1, now);
1012        }         
1013#else
1014      /* Check for changes to resolv files once per second max. */
1015      /* Don't go silent for long periods if the clock goes backwards. */
1016      if (daemon->last_resolv == 0 ||
1017          difftime(now, daemon->last_resolv) > 1.0 ||
1018          difftime(now, daemon->last_resolv) < -1.0)
1019        {
1020          /* poll_resolv doesn't need to reload first time through, since
1021             that's queued anyway. */
1022
1023          poll_resolv(0, daemon->last_resolv != 0, now);         
1024          daemon->last_resolv = now;
1025        }
1026#endif
1027
1028      if (poll_check(piperead, POLLIN))
1029        async_event(piperead, now);
1030     
1031#ifdef HAVE_DBUS
1032      /* if we didn't create a DBus connection, retry now. */
1033     if (option_bool(OPT_DBUS) && !daemon->dbus)
1034        {
1035          char *err;
1036          if ((err = dbus_init()))
1037            my_syslog(LOG_WARNING, _("DBus error: %s"), err);
1038          if (daemon->dbus)
1039            my_syslog(LOG_INFO, _("connected to system DBus"));
1040        }
1041      check_dbus_listeners();
1042#endif
1043     
1044      check_dns_listeners(now);
1045
1046#ifdef HAVE_TFTP
1047      check_tftp_listeners(now);
1048#endif     
1049
1050#ifdef HAVE_DHCP
1051      if (daemon->dhcp || daemon->relay4)
1052        {
1053          if (poll_check(daemon->dhcpfd, POLLIN))
1054            dhcp_packet(now, 0);
1055          if (daemon->pxefd != -1 && poll_check(daemon->pxefd, POLLIN))
1056            dhcp_packet(now, 1);
1057        }
1058
1059#ifdef HAVE_DHCP6
1060      if ((daemon->doing_dhcp6 || daemon->relay6) && poll_check(daemon->dhcp6fd, POLLIN))
1061        dhcp6_packet(now);
1062
1063      if (daemon->doing_ra && poll_check(daemon->icmp6fd, POLLIN))
1064        icmp6_packet(now);
1065#endif
1066
1067#  ifdef HAVE_SCRIPT
1068      if (daemon->helperfd != -1 && poll_check(daemon->helperfd, POLLOUT))
1069        helper_write();
1070#  endif
1071#endif
1072
1073    }
1074}
1075
1076static void sig_handler(int sig)
1077{
1078  if (pid == 0)
1079    {
1080      /* ignore anything other than TERM during startup
1081         and in helper proc. (helper ignore TERM too) */
1082      if (sig == SIGTERM)
1083        exit(EC_MISC);
1084    }
1085  else if (pid != getpid())
1086    {
1087      /* alarm is used to kill TCP children after a fixed time. */
1088      if (sig == SIGALRM)
1089        _exit(0);
1090    }
1091  else
1092    {
1093      /* master process */
1094      int event, errsave = errno;
1095     
1096      if (sig == SIGHUP)
1097        event = EVENT_RELOAD;
1098      else if (sig == SIGCHLD)
1099        event = EVENT_CHILD;
1100      else if (sig == SIGALRM)
1101        event = EVENT_ALARM;
1102      else if (sig == SIGTERM)
1103        event = EVENT_TERM;
1104      else if (sig == SIGUSR1)
1105        event = EVENT_DUMP;
1106      else if (sig == SIGUSR2)
1107        event = EVENT_REOPEN;
1108      else
1109        return;
1110
1111      send_event(pipewrite, event, 0, NULL);
1112      errno = errsave;
1113    }
1114}
1115
1116/* now == 0 -> queue immediate callback */
1117void send_alarm(time_t event, time_t now)
1118{
1119  if (now == 0 || event != 0)
1120    {
1121      /* alarm(0) or alarm(-ve) doesn't do what we want.... */
1122      if ((now == 0 || difftime(event, now) <= 0.0))
1123        send_event(pipewrite, EVENT_ALARM, 0, NULL);
1124      else
1125        alarm((unsigned)difftime(event, now));
1126    }
1127}
1128
1129void queue_event(int event)
1130{
1131  send_event(pipewrite, event, 0, NULL);
1132}
1133
1134void send_event(int fd, int event, int data, char *msg)
1135{
1136  struct event_desc ev;
1137  struct iovec iov[2];
1138
1139  ev.event = event;
1140  ev.data = data;
1141  ev.msg_sz = msg ? strlen(msg) : 0;
1142 
1143  iov[0].iov_base = &ev;
1144  iov[0].iov_len = sizeof(ev);
1145  iov[1].iov_base = msg;
1146  iov[1].iov_len = ev.msg_sz;
1147 
1148  /* error pipe, debug mode. */
1149  if (fd == -1)
1150    fatal_event(&ev, msg);
1151  else
1152    /* pipe is non-blocking and struct event_desc is smaller than
1153       PIPE_BUF, so this either fails or writes everything */
1154    while (writev(fd, iov, msg ? 2 : 1) == -1 && errno == EINTR);
1155}
1156
1157/* NOTE: the memory used to return msg is leaked: use msgs in events only
1158   to describe fatal errors. */
1159static int read_event(int fd, struct event_desc *evp, char **msg)
1160{
1161  char *buf;
1162
1163  if (!read_write(fd, (unsigned char *)evp, sizeof(struct event_desc), 1))
1164    return 0;
1165 
1166  *msg = NULL;
1167 
1168  if (evp->msg_sz != 0 &&
1169      (buf = malloc(evp->msg_sz + 1)) &&
1170      read_write(fd, (unsigned char *)buf, evp->msg_sz, 1))
1171    {
1172      buf[evp->msg_sz] = 0;
1173      *msg = buf;
1174    }
1175
1176  return 1;
1177}
1178   
1179static void fatal_event(struct event_desc *ev, char *msg)
1180{
1181  errno = ev->data;
1182 
1183  switch (ev->event)
1184    {
1185    case EVENT_DIE:
1186      exit(0);
1187
1188    case EVENT_FORK_ERR:
1189      die(_("cannot fork into background: %s"), NULL, EC_MISC);
1190 
1191    case EVENT_PIPE_ERR:
1192      die(_("failed to create helper: %s"), NULL, EC_MISC);
1193 
1194    case EVENT_CAP_ERR:
1195      die(_("setting capabilities failed: %s"), NULL, EC_MISC);
1196
1197    case EVENT_USER_ERR:
1198      die(_("failed to change user-id to %s: %s"), msg, EC_MISC);
1199
1200    case EVENT_GROUP_ERR:
1201      die(_("failed to change group-id to %s: %s"), msg, EC_MISC);
1202     
1203    case EVENT_PIDFILE:
1204      die(_("failed to open pidfile %s: %s"), msg, EC_FILE);
1205
1206    case EVENT_LOG_ERR:
1207      die(_("cannot open log %s: %s"), msg, EC_FILE);
1208   
1209    case EVENT_LUA_ERR:
1210      die(_("failed to load Lua script: %s"), msg, EC_MISC);
1211
1212    case EVENT_TFTP_ERR:
1213      die(_("TFTP directory %s inaccessible: %s"), msg, EC_FILE);
1214   
1215    case EVENT_TIME_ERR:
1216      die(_("cannot create timestamp file %s: %s" ), msg, EC_BADCONF);
1217    }
1218}       
1219     
1220static void async_event(int pipe, time_t now)
1221{
1222  pid_t p;
1223  struct event_desc ev;
1224  int i, check = 0;
1225  char *msg;
1226 
1227  /* NOTE: the memory used to return msg is leaked: use msgs in events only
1228     to describe fatal errors. */
1229 
1230  if (read_event(pipe, &ev, &msg))
1231    switch (ev.event)
1232      {
1233      case EVENT_RELOAD:
1234        daemon->soa_sn++; /* Bump zone serial, as it may have changed. */
1235
1236#ifdef HAVE_DNSSEC
1237        if (daemon->dnssec_no_time_check && option_bool(OPT_DNSSEC_VALID) && option_bool(OPT_DNSSEC_TIME))
1238          {
1239            my_syslog(LOG_INFO, _("now checking DNSSEC signature timestamps"));
1240            daemon->dnssec_no_time_check = 0;
1241          }
1242#endif
1243        /* fall through */
1244       
1245      case EVENT_INIT:
1246        clear_cache_and_reload(now);
1247       
1248        if (daemon->port != 0)
1249          {
1250            if (daemon->resolv_files && option_bool(OPT_NO_POLL))
1251              {
1252                reload_servers(daemon->resolv_files->name);
1253                check = 1;
1254              }
1255
1256            if (daemon->servers_file)
1257              {
1258                read_servers_file();
1259                check = 1;
1260              }
1261
1262            if (check)
1263              check_servers();
1264          }
1265
1266#ifdef HAVE_DHCP
1267        rerun_scripts();
1268#endif
1269        break;
1270       
1271      case EVENT_DUMP:
1272        if (daemon->port != 0)
1273          dump_cache(now);
1274        break;
1275       
1276      case EVENT_ALARM:
1277#ifdef HAVE_DHCP
1278        if (daemon->dhcp || daemon->doing_dhcp6)
1279          {
1280            lease_prune(NULL, now);
1281            lease_update_file(now);
1282          }
1283#ifdef HAVE_DHCP6
1284        else if (daemon->doing_ra)
1285          /* Not doing DHCP, so no lease system, manage alarms for ra only */
1286            send_alarm(periodic_ra(now), now);
1287#endif
1288#endif
1289        break;
1290               
1291      case EVENT_CHILD:
1292        /* See Stevens 5.10 */
1293        while ((p = waitpid(-1, NULL, WNOHANG)) != 0)
1294          if (p == -1)
1295            {
1296              if (errno != EINTR)
1297                break;
1298            }     
1299          else
1300            for (i = 0 ; i < MAX_PROCS; i++)
1301              if (daemon->tcp_pids[i] == p)
1302                daemon->tcp_pids[i] = 0;
1303        break;
1304       
1305      case EVENT_KILLED:
1306        my_syslog(LOG_WARNING, _("script process killed by signal %d"), ev.data);
1307        break;
1308
1309      case EVENT_EXITED:
1310        my_syslog(LOG_WARNING, _("script process exited with status %d"), ev.data);
1311        break;
1312
1313      case EVENT_EXEC_ERR:
1314        my_syslog(LOG_ERR, _("failed to execute %s: %s"),
1315                  daemon->lease_change_command, strerror(ev.data));
1316        break;
1317
1318        /* necessary for fatal errors in helper */
1319      case EVENT_USER_ERR:
1320      case EVENT_DIE:
1321      case EVENT_LUA_ERR:
1322        fatal_event(&ev, msg);
1323        break;
1324
1325      case EVENT_REOPEN:
1326        /* Note: this may leave TCP-handling processes with the old file still open.
1327           Since any such process will die in CHILD_LIFETIME or probably much sooner,
1328           we leave them logging to the old file. */
1329        if (daemon->log_file != NULL)
1330          log_reopen(daemon->log_file);
1331        break;
1332
1333      case EVENT_NEWADDR:
1334        newaddress(now);
1335        break;
1336
1337      case EVENT_NEWROUTE:
1338        resend_query();
1339        /* Force re-reading resolv file right now, for luck. */
1340        poll_resolv(0, 1, now);
1341        break;
1342
1343      case EVENT_TERM:
1344        /* Knock all our children on the head. */
1345        for (i = 0; i < MAX_PROCS; i++)
1346          if (daemon->tcp_pids[i] != 0)
1347            kill(daemon->tcp_pids[i], SIGALRM);
1348       
1349#if defined(HAVE_SCRIPT) && defined(HAVE_DHCP)
1350        /* handle pending lease transitions */
1351        if (daemon->helperfd != -1)
1352          {
1353            /* block in writes until all done */
1354            if ((i = fcntl(daemon->helperfd, F_GETFL)) != -1)
1355              fcntl(daemon->helperfd, F_SETFL, i & ~O_NONBLOCK);
1356            do {
1357              helper_write();
1358            } while (!helper_buf_empty() || do_script_run(now));
1359            while (retry_send(close(daemon->helperfd)));
1360          }
1361#endif
1362       
1363        if (daemon->lease_stream)
1364          fclose(daemon->lease_stream);
1365
1366#ifdef HAVE_DNSSEC
1367        /* update timestamp file on TERM if time is considered valid */
1368        if (daemon->back_to_the_future)
1369          {
1370             if (utime(daemon->timestamp_file, NULL) == -1)
1371                my_syslog(LOG_ERR, _("failed to update mtime on %s: %s"), daemon->timestamp_file, strerror(errno));
1372          }
1373#endif
1374
1375        if (daemon->runfile)
1376          unlink(daemon->runfile);
1377       
1378        my_syslog(LOG_INFO, _("exiting on receipt of SIGTERM"));
1379        flush_log();
1380        exit(EC_GOOD);
1381      }
1382}
1383
1384static void poll_resolv(int force, int do_reload, time_t now)
1385{
1386  struct resolvc *res, *latest;
1387  struct stat statbuf;
1388  time_t last_change = 0;
1389  /* There may be more than one possible file.
1390     Go through and find the one which changed _last_.
1391     Warn of any which can't be read. */
1392
1393  if (daemon->port == 0 || option_bool(OPT_NO_POLL))
1394    return;
1395 
1396  for (latest = NULL, res = daemon->resolv_files; res; res = res->next)
1397    if (stat(res->name, &statbuf) == -1)
1398      {
1399        if (force)
1400          {
1401            res->mtime = 0;
1402            continue;
1403          }
1404
1405        if (!res->logged)
1406          my_syslog(LOG_WARNING, _("failed to access %s: %s"), res->name, strerror(errno));
1407        res->logged = 1;
1408       
1409        if (res->mtime != 0)
1410          {
1411            /* existing file evaporated, force selection of the latest
1412               file even if its mtime hasn't changed since we last looked */
1413            poll_resolv(1, do_reload, now);
1414            return;
1415          }
1416      }
1417    else
1418      {
1419        res->logged = 0;
1420        if (force || (statbuf.st_mtime != res->mtime))
1421          {
1422            res->mtime = statbuf.st_mtime;
1423            if (difftime(statbuf.st_mtime, last_change) > 0.0)
1424              {
1425                last_change = statbuf.st_mtime;
1426                latest = res;
1427              }
1428          }
1429      }
1430 
1431  if (latest)
1432    {
1433      static int warned = 0;
1434      if (reload_servers(latest->name))
1435        {
1436          my_syslog(LOG_INFO, _("reading %s"), latest->name);
1437          warned = 0;
1438          check_servers();
1439          if (option_bool(OPT_RELOAD) && do_reload)
1440            clear_cache_and_reload(now);
1441        }
1442      else
1443        {
1444          latest->mtime = 0;
1445          if (!warned)
1446            {
1447              my_syslog(LOG_WARNING, _("no servers found in %s, will retry"), latest->name);
1448              warned = 1;
1449            }
1450        }
1451    }
1452}       
1453
1454void clear_cache_and_reload(time_t now)
1455{
1456  (void)now;
1457
1458  if (daemon->port != 0)
1459    cache_reload();
1460 
1461#ifdef HAVE_DHCP
1462  if (daemon->dhcp || daemon->doing_dhcp6)
1463    {
1464      if (option_bool(OPT_ETHERS))
1465        dhcp_read_ethers();
1466      reread_dhcp();
1467#ifdef HAVE_INOTIFY
1468      set_dynamic_inotify(AH_DHCP_HST | AH_DHCP_OPT, 0, NULL, 0);
1469#endif
1470      dhcp_update_configs(daemon->dhcp_conf);
1471      lease_update_from_configs();
1472      lease_update_file(now);
1473      lease_update_dns(1);
1474    }
1475#ifdef HAVE_DHCP6
1476  else if (daemon->doing_ra)
1477    /* Not doing DHCP, so no lease system, manage
1478       alarms for ra only */
1479    send_alarm(periodic_ra(now), now);
1480#endif
1481#endif
1482}
1483
1484static int set_dns_listeners(time_t now)
1485{
1486  struct serverfd *serverfdp;
1487  struct listener *listener;
1488  int wait = 0, i;
1489 
1490#ifdef HAVE_TFTP
1491  int  tftp = 0;
1492  struct tftp_transfer *transfer;
1493  for (transfer = daemon->tftp_trans; transfer; transfer = transfer->next)
1494    {
1495      tftp++;
1496      poll_listen(transfer->sockfd, POLLIN);
1497    }
1498#endif
1499 
1500  /* will we be able to get memory? */
1501  if (daemon->port != 0)
1502    get_new_frec(now, &wait, 0);
1503 
1504  for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
1505    poll_listen(serverfdp->fd, POLLIN);
1506   
1507  if (daemon->port != 0 && !daemon->osport)
1508    for (i = 0; i < RANDOM_SOCKS; i++)
1509      if (daemon->randomsocks[i].refcount != 0)
1510        poll_listen(daemon->randomsocks[i].fd, POLLIN);
1511         
1512  for (listener = daemon->listeners; listener; listener = listener->next)
1513    {
1514      /* only listen for queries if we have resources */
1515      if (listener->fd != -1 && wait == 0)
1516        poll_listen(listener->fd, POLLIN);
1517       
1518      /* death of a child goes through the select loop, so
1519         we don't need to explicitly arrange to wake up here */
1520      if  (listener->tcpfd != -1)
1521        for (i = 0; i < MAX_PROCS; i++)
1522          if (daemon->tcp_pids[i] == 0)
1523            {
1524              poll_listen(listener->tcpfd, POLLIN);
1525              break;
1526            }
1527
1528#ifdef HAVE_TFTP
1529      if (tftp <= daemon->tftp_max && listener->tftpfd != -1)
1530        poll_listen(listener->tftpfd, POLLIN);
1531#endif
1532
1533    }
1534 
1535  return wait;
1536}
1537
1538static void check_dns_listeners(time_t now)
1539{
1540  struct serverfd *serverfdp;
1541  struct listener *listener;
1542  int i;
1543
1544  for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
1545    if (poll_check(serverfdp->fd, POLLIN))
1546      reply_query(serverfdp->fd, serverfdp->source_addr.sa.sa_family, now);
1547 
1548  if (daemon->port != 0 && !daemon->osport)
1549    for (i = 0; i < RANDOM_SOCKS; i++)
1550      if (daemon->randomsocks[i].refcount != 0 &&
1551          poll_check(daemon->randomsocks[i].fd, POLLIN))
1552        reply_query(daemon->randomsocks[i].fd, daemon->randomsocks[i].family, now);
1553 
1554  for (listener = daemon->listeners; listener; listener = listener->next)
1555    {
1556      if (listener->fd != -1 && poll_check(listener->fd, POLLIN))
1557        receive_query(listener, now);
1558     
1559#ifdef HAVE_TFTP     
1560      if (listener->tftpfd != -1 && poll_check(listener->tftpfd, POLLIN))
1561        tftp_request(listener, now);
1562#endif
1563
1564      if (listener->tcpfd != -1 && poll_check(listener->tcpfd, POLLIN))
1565        {
1566          int confd, client_ok = 1;
1567          struct irec *iface = NULL;
1568          pid_t p;
1569          union mysockaddr tcp_addr;
1570          socklen_t tcp_len = sizeof(union mysockaddr);
1571
1572          while ((confd = accept(listener->tcpfd, NULL, NULL)) == -1 && errno == EINTR);
1573         
1574          if (confd == -1)
1575            continue;
1576         
1577          if (getsockname(confd, (struct sockaddr *)&tcp_addr, &tcp_len) == -1)
1578            {
1579              while (retry_send(close(confd)));
1580              continue;
1581            }
1582         
1583          /* Make sure that the interface list is up-to-date.
1584             
1585             We do this here as we may need the results below, and
1586             the DNS code needs them for --interface-name stuff.
1587
1588             Multiple calls to enumerate_interfaces() per select loop are
1589             inhibited, so calls to it in the child process (which doesn't select())
1590             have no effect. This avoids two processes reading from the same
1591             netlink fd and screwing the pooch entirely.
1592          */
1593 
1594          enumerate_interfaces(0);
1595         
1596          if (option_bool(OPT_NOWILD))
1597            iface = listener->iface; /* May be NULL */
1598          else
1599            {
1600              int if_index;
1601              char intr_name[IF_NAMESIZE];
1602             
1603              /* if we can find the arrival interface, check it's one that's allowed */
1604              if ((if_index = tcp_interface(confd, tcp_addr.sa.sa_family)) != 0 &&
1605                  indextoname(listener->tcpfd, if_index, intr_name))
1606                {
1607                  struct all_addr addr;
1608                  addr.addr.addr4 = tcp_addr.in.sin_addr;
1609#ifdef HAVE_IPV6
1610                  if (tcp_addr.sa.sa_family == AF_INET6)
1611                    addr.addr.addr6 = tcp_addr.in6.sin6_addr;
1612#endif
1613                 
1614                  for (iface = daemon->interfaces; iface; iface = iface->next)
1615                    if (iface->index == if_index)
1616                      break;
1617                 
1618                  if (!iface && !loopback_exception(listener->tcpfd, tcp_addr.sa.sa_family, &addr, intr_name))
1619                    client_ok = 0;
1620                }
1621             
1622              if (option_bool(OPT_CLEVERBIND))
1623                iface = listener->iface; /* May be NULL */
1624              else
1625                {
1626                  /* Check for allowed interfaces when binding the wildcard address:
1627                     we do this by looking for an interface with the same address as
1628                     the local address of the TCP connection, then looking to see if that's
1629                     an allowed interface. As a side effect, we get the netmask of the
1630                     interface too, for localisation. */
1631                 
1632                  for (iface = daemon->interfaces; iface; iface = iface->next)
1633                    if (sockaddr_isequal(&iface->addr, &tcp_addr))
1634                      break;
1635                 
1636                  if (!iface)
1637                    client_ok = 0;
1638                }
1639            }
1640         
1641          if (!client_ok)
1642            {
1643              shutdown(confd, SHUT_RDWR);
1644              while (retry_send(close(confd)));
1645            }
1646#ifndef NO_FORK
1647          else if (!option_bool(OPT_DEBUG) && (p = fork()) != 0)
1648            {
1649              if (p != -1)
1650                {
1651                  int i;
1652                  for (i = 0; i < MAX_PROCS; i++)
1653                    if (daemon->tcp_pids[i] == 0)
1654                      {
1655                        daemon->tcp_pids[i] = p;
1656                        break;
1657                      }
1658                }
1659              while (retry_send(close(confd)));
1660
1661              /* The child can use up to TCP_MAX_QUERIES ids, so skip that many. */
1662              daemon->log_id += TCP_MAX_QUERIES;
1663            }
1664#endif
1665          else
1666            {
1667              unsigned char *buff;
1668              struct server *s;
1669              int flags;
1670              struct in_addr netmask;
1671              int auth_dns;
1672
1673              if (iface)
1674                {
1675                  netmask = iface->netmask;
1676                  auth_dns = iface->dns_auth;
1677                }
1678              else
1679                {
1680                  netmask.s_addr = 0;
1681                  auth_dns = 0;
1682                }
1683
1684#ifndef NO_FORK
1685              /* Arrange for SIGALRM after CHILD_LIFETIME seconds to
1686                 terminate the process. */
1687              if (!option_bool(OPT_DEBUG))
1688                alarm(CHILD_LIFETIME);
1689#endif
1690
1691              /* start with no upstream connections. */
1692              for (s = daemon->servers; s; s = s->next)
1693                 s->tcpfd = -1;
1694             
1695              /* The connected socket inherits non-blocking
1696                 attribute from the listening socket.
1697                 Reset that here. */
1698              if ((flags = fcntl(confd, F_GETFL, 0)) != -1)
1699                fcntl(confd, F_SETFL, flags & ~O_NONBLOCK);
1700             
1701              buff = tcp_request(confd, now, &tcp_addr, netmask, auth_dns);
1702               
1703              shutdown(confd, SHUT_RDWR);
1704              while (retry_send(close(confd)));
1705             
1706              if (buff)
1707                free(buff);
1708             
1709              for (s = daemon->servers; s; s = s->next)
1710                if (s->tcpfd != -1)
1711                  {
1712                    shutdown(s->tcpfd, SHUT_RDWR);
1713                    while (retry_send(close(s->tcpfd)));
1714                  }
1715#ifndef NO_FORK           
1716              if (!option_bool(OPT_DEBUG))
1717                {
1718                  flush_log();
1719                  _exit(0);
1720                }
1721#endif
1722            }
1723        }
1724    }
1725}
1726
1727#ifdef HAVE_DHCP
1728int make_icmp_sock(void)
1729{
1730  int fd;
1731  int zeroopt = 0;
1732
1733  if ((fd = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP)) != -1)
1734    {
1735      if (!fix_fd(fd) ||
1736          setsockopt(fd, SOL_SOCKET, SO_DONTROUTE, &zeroopt, sizeof(zeroopt)) == -1)
1737        {
1738          close(fd);
1739          fd = -1;
1740        }
1741    }
1742
1743  return fd;
1744}
1745
1746int icmp_ping(struct in_addr addr)
1747{
1748  /* Try and get an ICMP echo from a machine. */
1749
1750  /* Note that whilst in the three second wait, we check for
1751     (and service) events on the DNS and TFTP  sockets, (so doing that
1752     better not use any resources our caller has in use...)
1753     but we remain deaf to signals or further DHCP packets. */
1754
1755  /* There can be a problem using dnsmasq_time() to end the loop, since
1756     it's not monotonic, and can go backwards if the system clock is
1757     tweaked, leading to the code getting stuck in this loop and
1758     ignoring DHCP requests. To fix this, we check to see if select returned
1759     as a result of a timeout rather than a socket becoming available. We
1760     only allow this to happen as many times as it takes to get to the wait time
1761     in quarter-second chunks. This provides a fallback way to end loop. */
1762
1763  int fd, rc;
1764  struct sockaddr_in saddr;
1765  struct {
1766    struct ip ip;
1767    struct icmp icmp;
1768  } packet;
1769  unsigned short id = rand16();
1770  unsigned int i, j, timeout_count;
1771  int gotreply = 0;
1772  time_t start, now;
1773
1774#if defined(HAVE_LINUX_NETWORK) || defined (HAVE_SOLARIS_NETWORK)
1775  if ((fd = make_icmp_sock()) == -1)
1776    return 0;
1777#else
1778  int opt = 2000;
1779  fd = daemon->dhcp_icmp_fd;
1780  setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
1781#endif
1782
1783  saddr.sin_family = AF_INET;
1784  saddr.sin_port = 0;
1785  saddr.sin_addr = addr;
1786#ifdef HAVE_SOCKADDR_SA_LEN
1787  saddr.sin_len = sizeof(struct sockaddr_in);
1788#endif
1789 
1790  memset(&packet.icmp, 0, sizeof(packet.icmp));
1791  packet.icmp.icmp_type = ICMP_ECHO;
1792  packet.icmp.icmp_id = id;
1793  for (j = 0, i = 0; i < sizeof(struct icmp) / 2; i++)
1794    j += ((u16 *)&packet.icmp)[i];
1795  while (j>>16)
1796    j = (j & 0xffff) + (j >> 16); 
1797  packet.icmp.icmp_cksum = (j == 0xffff) ? j : ~j;
1798 
1799  while (retry_send(sendto(fd, (char *)&packet.icmp, sizeof(struct icmp), 0,
1800                           (struct sockaddr *)&saddr, sizeof(saddr))));
1801 
1802  for (now = start = dnsmasq_time(), timeout_count = 0;
1803       (difftime(now, start) < (float)PING_WAIT) && (timeout_count < PING_WAIT * 4);)
1804    {
1805      struct sockaddr_in faddr;
1806      socklen_t len = sizeof(faddr);
1807     
1808      poll_reset();
1809      poll_listen(fd, POLLIN);
1810      set_dns_listeners(now);
1811      set_log_writer();
1812     
1813#ifdef HAVE_DHCP6
1814      if (daemon->doing_ra)
1815        poll_listen(daemon->icmp6fd, POLLIN);
1816#endif
1817     
1818      rc = do_poll(250);
1819     
1820      if (rc < 0)
1821        continue;
1822      else if (rc == 0)
1823        timeout_count++;
1824
1825      now = dnsmasq_time();
1826
1827      check_log_writer(0);
1828      check_dns_listeners(now);
1829
1830#ifdef HAVE_DHCP6
1831      if (daemon->doing_ra && poll_check(daemon->icmp6fd, POLLIN))
1832        icmp6_packet(now);
1833#endif
1834     
1835#ifdef HAVE_TFTP
1836      check_tftp_listeners(now);
1837#endif
1838
1839      if (poll_check(fd, POLLIN) &&
1840          recvfrom(fd, &packet, sizeof(packet), 0,
1841                   (struct sockaddr *)&faddr, &len) == sizeof(packet) &&
1842          saddr.sin_addr.s_addr == faddr.sin_addr.s_addr &&
1843          packet.icmp.icmp_type == ICMP_ECHOREPLY &&
1844          packet.icmp.icmp_seq == 0 &&
1845          packet.icmp.icmp_id == id)
1846        {
1847          gotreply = 1;
1848          break;
1849        }
1850    }
1851 
1852#if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK)
1853  while (retry_send(close(fd)));
1854#else
1855  opt = 1;
1856  setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
1857#endif
1858
1859  return gotreply;
1860}
1861#endif
1862
1863 
Note: See TracBrowser for help on using the repository browser.