1/* 2 * ntp_io.c - input/output routines for ntpd. The socket-opening code 3 * was shamelessly stolen from ntpd. 4 */ 5 6#ifdef HAVE_CONFIG_H 7# include <config.h> 8#endif 9 10#include <os/trace.h> 11 12#include <stdio.h> 13#include <signal.h> 14#ifdef HAVE_SYS_PARAM_H 15# include <sys/param.h> 16#endif 17#ifdef HAVE_SYS_IOCTL_H 18# include <sys/ioctl.h> 19#endif 20#ifdef HAVE_SYS_SOCKIO_H /* UXPV: SIOC* #defines (Frank Vance <fvance@waii.com>) */ 21# include <sys/sockio.h> 22#endif 23#ifdef HAVE_SYS_UIO_H 24# include <sys/uio.h> 25#endif 26 27#include "ntp_machine.h" 28#include "ntpd.h" 29#include "ntp_io.h" 30#include "iosignal.h" 31#include "ntp_lists.h" 32#include "ntp_refclock.h" 33#include "ntp_stdlib.h" 34#include "ntp_request.h" 35#include "ntp.h" 36#include "ntp_unixtime.h" 37#include "ntp_assert.h" 38#include "ntpd-opts.h" 39 40/* Don't include ISC's version of IPv6 variables and structures */ 41#define ISC_IPV6_H 1 42#include <isc/mem.h> 43#include <isc/interfaceiter.h> 44#include <isc/netaddr.h> 45#include <isc/result.h> 46#include <isc/sockaddr.h> 47 48#ifdef SIM 49#include "ntpsim.h" 50#endif 51 52#ifdef HAS_ROUTING_SOCKET 53# include <net/route.h> 54# ifdef HAVE_RTNETLINK 55# include <linux/rtnetlink.h> 56# endif 57#endif 58 59 60/* 61 * setsockopt does not always have the same arg declaration 62 * across all platforms. If it's not defined we make it empty 63 */ 64 65#ifndef SETSOCKOPT_ARG_CAST 66#define SETSOCKOPT_ARG_CAST 67#endif 68 69extern int listen_to_virtual_ips; 70 71/* 72 * NIC rule entry 73 */ 74typedef struct nic_rule_tag nic_rule; 75 76struct nic_rule_tag { 77 nic_rule * next; 78 nic_rule_action action; 79 nic_rule_match match_type; 80 char * if_name; 81 isc_netaddr_t netaddr; 82 int prefixlen; 83}; 84 85/* 86 * NIC rule listhead. Entries are added at the head so that the first 87 * match in the list is the last matching rule specified. 88 */ 89nic_rule *nic_rule_list; 90 91 92#if defined(SO_TIMESTAMP) && defined(SCM_TIMESTAMP) 93#if defined(CMSG_FIRSTHDR) 94#define HAVE_TIMESTAMP 95#define USE_TIMESTAMP_CMSG 96#ifndef TIMESTAMP_CTLMSGBUF_SIZE 97#define TIMESTAMP_CTLMSGBUF_SIZE 1536 /* moderate default */ 98#endif 99#else 100/* fill in for old/other timestamp interfaces */ 101#endif 102#endif 103 104#include <net/if.h> 105#include <netinet/in_var.h> 106#include <netinet6/in6_var.h> 107 108#define IN6_AVOID_FLAGS (IN6_IFF_TEMPORARY|IN6_IFF_NOTREADY|IN6_IFF_DETACHED|IN6_IFF_DEPRECATED) 109 110#if defined(SYS_WINNT) 111#include <transmitbuff.h> 112#include <isc/win32os.h> 113/* 114 * Windows C runtime ioctl() can't deal properly with sockets, 115 * map to ioctlsocket for this source file. 116 */ 117#define ioctl(fd, opt, val) ioctlsocket((fd), (opt), (u_long *)(val)) 118#endif /* SYS_WINNT */ 119 120/* 121 * We do asynchronous input using the SIGIO facility. A number of 122 * recvbuf buffers are preallocated for input. In the signal 123 * handler we poll to see which sockets are ready and read the 124 * packets from them into the recvbuf's along with a time stamp and 125 * an indication of the source host and the interface it was received 126 * through. This allows us to get as accurate receive time stamps 127 * as possible independent of other processing going on. 128 * 129 * We watch the number of recvbufs available to the signal handler 130 * and allocate more when this number drops below the low water 131 * mark. If the signal handler should run out of buffers in the 132 * interim it will drop incoming frames, the idea being that it is 133 * better to drop a packet than to be inaccurate. 134 */ 135 136 137/* 138 * Other statistics of possible interest 139 */ 140volatile u_long packets_dropped; /* total number of packets dropped on reception */ 141volatile u_long packets_ignored; /* packets received on wild card interface */ 142volatile u_long packets_received; /* total number of packets received */ 143 u_long packets_sent; /* total number of packets sent */ 144 u_long packets_notsent; /* total number of packets which couldn't be sent */ 145 146volatile u_long handler_calls; /* number of calls to interrupt handler */ 147volatile u_long handler_pkts; /* number of pkts received by handler */ 148u_long io_timereset; /* time counters were reset */ 149 150/* 151 * Interface stuff 152 */ 153struct interface *any_interface; /* default ipv4 interface */ 154struct interface *any6_interface; /* default ipv6 interface */ 155struct interface *loopback_interface; /* loopback ipv4 interface */ 156 157isc_boolean_t broadcast_client_enabled; /* is broadcast client enabled */ 158int ninterfaces; /* Total number of interfaces */ 159 160int disable_dynamic_updates; /* scan interfaces once only */ 161 162#ifdef REFCLOCK 163/* 164 * Refclock stuff. We keep a chain of structures with data concerning 165 * the guys we are doing I/O for. 166 */ 167static struct refclockio *refio; 168#endif /* REFCLOCK */ 169 170#if defined(HAVE_IPTOS_SUPPORT) 171/* set IP_TOS to minimize packet delay */ 172# if defined(IPTOS_PREC_INTERNETCONTROL) 173 unsigned int qos = IPTOS_PREC_INTERNETCONTROL; 174# else 175 unsigned int qos = IPTOS_LOWDELAY; 176# endif 177#endif 178 179/* 180 * File descriptor masks etc. for call to select 181 * Not needed for I/O Completion Ports 182 */ 183fd_set activefds; 184int maxactivefd; 185/* 186 * bit alternating value to detect verified interfaces during an update cycle 187 */ 188static u_short sys_interphase = 0; 189 190static struct interface *new_interface (struct interface *); 191static void add_interface (struct interface *); 192static int update_interfaces(u_short, interface_receiver_t, void *); 193static void remove_interface(struct interface *); 194static struct interface *create_interface(u_short, struct interface *, int *); 195 196static int move_fd (SOCKET); 197static int is_wildcard_addr (sockaddr_u *); 198static int is_wildcard_netaddr (const isc_netaddr_t *); 199 200/* 201 * Multicast functions 202 */ 203static isc_boolean_t addr_ismulticast (sockaddr_u *); 204/* 205 * Not all platforms support multicast 206 */ 207#ifdef MCAST 208static isc_boolean_t socket_multicast_enable (struct interface *, int, sockaddr_u *); 209static isc_boolean_t socket_multicast_disable(struct interface *, sockaddr_u *); 210#endif 211 212#ifdef DEBUG 213static void interface_dump (struct interface *); 214static void sockaddr_dump (sockaddr_u *psau); 215static void print_interface (struct interface *, char *, char *); 216#define DPRINT_INTERFACE(level, args) do { if (debug >= (level)) { print_interface args; } } while (0) 217#else 218#define DPRINT_INTERFACE(level, args) do {} while (0) 219#endif 220 221typedef struct vsock vsock_t; 222enum desc_type { FD_TYPE_SOCKET, FD_TYPE_FILE }; 223 224struct vsock { 225 vsock_t * link; 226 SOCKET fd; 227 enum desc_type type; 228}; 229 230vsock_t *fd_list; 231 232#if !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) 233/* 234 * async notification processing (e. g. routing sockets) 235 */ 236/* 237 * support for receiving data on fd that is not a refclock or a socket 238 * like e. g. routing sockets 239 */ 240struct asyncio_reader { 241 struct asyncio_reader *link; /* the list this is being kept in */ 242 SOCKET fd; /* fd to be read */ 243 void *data; /* possibly local data */ 244 void (*receiver)(struct asyncio_reader *); /* input handler */ 245}; 246 247struct asyncio_reader *asyncio_reader_list; 248 249static void delete_asyncio_reader (struct asyncio_reader *); 250static struct asyncio_reader *new_asyncio_reader (void); 251static void add_asyncio_reader (struct asyncio_reader *, enum desc_type); 252static void remove_asyncio_reader (struct asyncio_reader *); 253 254#endif /* !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) */ 255 256static void init_async_notifications (void); 257 258static int create_sockets (u_short); 259static SOCKET open_socket (sockaddr_u *, int, int, struct interface *); 260static char * fdbits (int, fd_set *); 261static void set_reuseaddr (int); 262static isc_boolean_t socket_broadcast_enable (struct interface *, SOCKET, sockaddr_u *); 263static isc_boolean_t socket_broadcast_disable (struct interface *, sockaddr_u *); 264 265typedef struct remaddr remaddr_t; 266 267struct remaddr { 268 remaddr_t * link; 269 sockaddr_u addr; 270 struct interface * interface; 271}; 272 273remaddr_t * remoteaddr_list; 274 275struct interface * inter_list; 276 277static struct interface *wildipv4 = NULL; 278static struct interface *wildipv6 = NULL; 279 280static void add_fd_to_list (SOCKET, 281 enum desc_type); 282static struct interface *find_addr_in_list (sockaddr_u *); 283static struct interface *find_samenet_addr_in_list(sockaddr_u *); 284static struct interface *find_flagged_addr_in_list(sockaddr_u *, int); 285static void delete_addr_from_list (sockaddr_u *); 286static void delete_interface_from_list(struct interface *); 287static void close_and_delete_fd_from_list(SOCKET); 288static void add_addr_to_list (sockaddr_u *, 289 struct interface *); 290static void create_wildcards (u_short); 291#ifdef DEBUG 292static const char * action_text (nic_rule_action); 293#endif 294static nic_rule_action interface_action(char *, isc_netaddr_t *, 295 isc_uint32_t); 296static void convert_isc_if (isc_interface_t *, 297 struct interface *, u_short); 298static struct interface *getinterface (sockaddr_u *, int); 299static struct interface *getsamenetinterface (sockaddr_u *, int); 300static struct interface *findlocalinterface (sockaddr_u *, int, int); 301static struct interface *findlocalcastinterface (sockaddr_u *); 302 303/* 304 * Routines to read the ntp packets 305 */ 306#if !defined(HAVE_IO_COMPLETION_PORT) 307static inline int read_network_packet (SOCKET, struct interface *, l_fp); 308static inline int read_refclock_packet (SOCKET, struct refclockio *, l_fp); 309#endif 310 311 312#ifdef SYS_WINNT 313/* 314 * Windows 2000 systems incorrectly cause UDP sockets using WASRecvFrom 315 * to not work correctly, returning a WSACONNRESET error when a WSASendTo 316 * fails with an "ICMP port unreachable" response and preventing the 317 * socket from using the WSARecvFrom in subsequent operations. 318 * The function below fixes this, but requires that Windows 2000 319 * Service Pack 2 or later be installed on the system. NT 4.0 320 * systems are not affected by this and work correctly. 321 * See Microsoft Knowledge Base Article Q263823 for details of this. 322 */ 323void 324connection_reset_fix( 325 SOCKET fd, 326 sockaddr_u * addr 327 ) 328{ 329 DWORD dw; 330 BOOL bNewBehavior = FALSE; 331 DWORD status; 332 333 /* 334 * disable bad behavior using IOCTL: SIO_UDP_CONNRESET 335 * NT 4.0 has no problem 336 */ 337 if (isc_win32os_majorversion() >= 5) { 338 status = WSAIoctl(fd, SIO_UDP_CONNRESET, &bNewBehavior, 339 sizeof(bNewBehavior), NULL, 0, 340 &dw, NULL, NULL); 341 if (SOCKET_ERROR == status) 342 msyslog(LOG_ERR, 343 "connection_reset_fix() failed for address %s: %m", 344 stoa(addr)); 345 } 346} 347#endif 348 349/* 350 * on Unix systems the stdio library typically 351 * makes use of file descriptors in the lower 352 * integer range. stdio usually will make use 353 * of the file descriptors in the range of 354 * [0..FOPEN_MAX) 355 * in order to keep this range clean, for socket 356 * file descriptors we attempt to move them above 357 * FOPEN_MAX. This is not as easy as it sounds as 358 * FOPEN_MAX changes from implementation to implementation 359 * and may exceed to current file decriptor limits. 360 * We are using following strategy: 361 * - keep a current socket fd boundary initialized with 362 * max(0, min(getdtablesize() - FD_CHUNK, FOPEN_MAX)) 363 * - attempt to move the descriptor to the boundary or 364 * above. 365 * - if that fails and boundary > 0 set boundary 366 * to min(0, socket_fd_boundary - FD_CHUNK) 367 * -> retry 368 * if failure and boundary == 0 return old fd 369 * - on success close old fd return new fd 370 * 371 * effects: 372 * - fds will be moved above the socket fd boundary 373 * if at all possible. 374 * - the socket boundary will be reduced until 375 * allocation is possible or 0 is reached - at this 376 * point the algrithm will be disabled 377 */ 378static int 379move_fd( 380 SOCKET fd 381 ) 382{ 383#if !defined(SYS_WINNT) && defined(F_DUPFD) 384#ifndef FD_CHUNK 385#define FD_CHUNK 10 386#endif 387/* 388 * number of fds we would like to have for 389 * stdio FILE* available. 390 * we can pick a "low" number as our use of 391 * FILE* is limited to log files and temporarily 392 * to data and config files. Except for log files 393 * we don't keep the other FILE* open beyond the 394 * scope of the function that opened it. 395 */ 396#ifndef FD_PREFERRED_SOCKBOUNDARY 397#define FD_PREFERRED_SOCKBOUNDARY 48 398#endif 399 400#ifndef HAVE_GETDTABLESIZE 401/* 402 * if we have no idea about the max fd value set up things 403 * so we will start at FOPEN_MAX 404 */ 405#define getdtablesize() (FOPEN_MAX+FD_CHUNK) 406#endif 407 408#ifndef FOPEN_MAX 409#define FOPEN_MAX 20 /* assume that for the lack of anything better */ 410#endif 411 static SOCKET socket_boundary = -1; 412 SOCKET newfd; 413 414 NTP_REQUIRE((int)fd >= 0); 415 416 /* 417 * check whether boundary has be set up 418 * already 419 */ 420 if (socket_boundary == -1) { 421 socket_boundary = max(0, min(getdtablesize() - FD_CHUNK, 422 min(FOPEN_MAX, FD_PREFERRED_SOCKBOUNDARY))); 423#ifdef DEBUG 424 msyslog(LOG_DEBUG, 425 "ntp_io: estimated max descriptors: %d, initial socket boundary: %d", 426 getdtablesize(), socket_boundary); 427#endif 428 } 429 430 /* 431 * Leave a space for stdio to work in. potentially moving the 432 * socket_boundary lower until allocation succeeds. 433 */ 434 do { 435 if (fd >= 0 && fd < socket_boundary) { 436 /* inside reserved range: attempt to move fd */ 437 newfd = fcntl(fd, F_DUPFD, socket_boundary); 438 439 if (newfd != -1) { 440 /* success: drop the old one - return the new one */ 441 close(fd); 442 return newfd; 443 } 444 } else { 445 /* outside reserved range: no work - return the original one */ 446 return fd; 447 } 448 socket_boundary = max(0, socket_boundary - FD_CHUNK); 449#ifdef DEBUG 450 msyslog(LOG_DEBUG, 451 "ntp_io: selecting new socket boundary: %d", 452 socket_boundary); 453#endif 454 } while (socket_boundary > 0); 455#else 456 NTP_REQUIRE((int)fd >= 0); 457#endif /* !defined(SYS_WINNT) && defined(F_DUPFD) */ 458 return fd; 459} 460 461#ifdef DEBUG_TIMING 462/* 463 * collect timing information for various processing 464 * paths. currently we only pass then on to the file 465 * for later processing. this could also do histogram 466 * based analysis in other to reduce the load (and skew) 467 * dur to the file output 468 */ 469void 470collect_timing(struct recvbuf *rb, const char *tag, int count, l_fp *dts) 471{ 472 char buf[256]; 473 474 snprintf(buf, sizeof(buf), "%s %d %s %s", 475 (rb != NULL) 476 ? ((rb->dstadr != NULL) 477 ? stoa(&rb->recv_srcadr) 478 : "-REFCLOCK-") 479 : "-", 480 count, lfptoa(dts, 9), tag); 481 record_timing_stats(buf); 482} 483#endif 484 485/* 486 * About dynamic interfaces, sockets, reception and more... 487 * 488 * the code solves following tasks: 489 * 490 * - keep a current list of active interfaces in order 491 * to bind to to the interface address on NTP_PORT so that 492 * all wild and specific bindings for NTP_PORT are taken by ntpd 493 * to avoid other daemons messing with the time or sockets. 494 * - all interfaces keep a list of peers that are referencing 495 * the interface in order to quickly re-assign the peers to 496 * new interface in case an interface is deleted (=> gone from system or 497 * down) 498 * - have a preconfigured socket ready with the right local address 499 * for transmission and reception 500 * - have an address list for all destination addresses used within ntpd 501 * to find the "right" preconfigured socket. 502 * - facilitate updating the internal interface list with respect to 503 * the current kernel state 504 * 505 * special issues: 506 * 507 * - mapping of multicast addresses to the interface affected is not always 508 * one to one - especially on hosts with multiple interfaces 509 * the code here currently allocates a separate interface entry for those 510 * multicast addresses 511 * iff it is able to bind to a *new* socket with the multicast address (flags |= MCASTIF) 512 * in case of failure the multicast address is bound to an existing interface. 513 * - on some systems it is perfectly legal to assign the same address to 514 * multiple interfaces. Therefore this code does not keep a list of interfaces 515 * but a list of interfaces that represent a unique address as determined by the kernel 516 * by the procedure in findlocalinterface. Thus it is perfectly legal to see only 517 * one representative of a group of real interfaces if they share the same address. 518 * 519 * Frank Kardel 20050910 520 */ 521 522/* 523 * init_io - initialize I/O data structures and call socket creation routine 524 */ 525void 526init_io(void) 527{ 528 /* 529 * Init buffer free list and stat counters 530 */ 531 init_recvbuff(RECV_INIT); 532 533#ifdef SYS_WINNT 534 init_io_completion_port(); 535#endif /* SYS_WINNT */ 536 537#if defined(HAVE_SIGNALED_IO) 538 (void) set_signal(); 539#endif 540} 541 542 543/* 544 * io_open_sockets - call socket creation routine 545 */ 546void 547io_open_sockets(void) 548{ 549 static int already_opened; 550 551 if (already_opened || HAVE_OPT( SAVECONFIGQUIT )) 552 return; 553 554 already_opened = 1; 555 556 /* 557 * Create the sockets 558 */ 559 BLOCKIO(); 560 create_sockets(NTP_PORT); 561 UNBLOCKIO(); 562 563 init_async_notifications(); 564 565 DPRINTF(3, ("io_open_sockets: maxactivefd %d\n", maxactivefd)); 566} 567 568 569#ifdef DEBUG 570/* 571 * function to dump the contents of the interface structure 572 * for debugging use only. 573 */ 574void 575interface_dump(struct interface *itf) 576{ 577 printf("Dumping interface: %p\n", itf); 578 printf("fd = %d\n", itf->fd); 579 printf("bfd = %d\n", itf->bfd); 580 printf("sin = %s,\n", stoa(&itf->sin)); 581 sockaddr_dump(&itf->sin); 582 printf("bcast = %s,\n", stoa(&itf->bcast)); 583 sockaddr_dump(&itf->bcast); 584 printf("mask = %s,\n", stoa(&itf->mask)); 585 sockaddr_dump(&itf->mask); 586 printf("name = %s\n", itf->name); 587 printf("flags = 0x%08x\n", itf->flags); 588 printf("last_ttl = %d\n", itf->last_ttl); 589 printf("addr_refid = %08x\n", itf->addr_refid); 590 printf("num_mcast = %d\n", itf->num_mcast); 591 printf("received = %ld\n", itf->received); 592 printf("sent = %ld\n", itf->sent); 593 printf("notsent = %ld\n", itf->notsent); 594 printf("scopeid = %u\n", itf->scopeid); 595 printf("peercnt = %u\n", itf->peercnt); 596 printf("phase = %u\n", itf->phase); 597} 598 599/* 600 * sockaddr_dump - hex dump the start of a sockaddr_u 601 */ 602static void 603sockaddr_dump(sockaddr_u *psau) 604{ 605 /* Limit the size of the sockaddr_storage hex dump */ 606 const int maxsize = min(32, sizeof(psau->sas)); 607 u_char * cp; 608 int i; 609 610 cp = (u_char *)&psau->sas; 611 612 for(i = 0; i < maxsize; i++) 613 { 614 printf("%02x", *cp++); 615 if (!((i + 1) % 4)) 616 printf(" "); 617 } 618 printf("\n"); 619} 620 621/* 622 * print_interface - helper to output debug information 623 */ 624static void 625print_interface(struct interface *iface, char *pfx, char *sfx) 626{ 627 printf("%sinterface #%d: fd=%d, bfd=%d, name=%s, flags=0x%x, scope=%d, sin=%s", 628 pfx, 629 iface->ifnum, 630 iface->fd, 631 iface->bfd, 632 iface->name, 633 iface->flags, 634 iface->scopeid, 635 stoa(&iface->sin)); 636 if (AF_INET == iface->family) { 637 if (iface->flags & INT_BROADCAST) 638 printf(", bcast=%s", stoa(&iface->bcast)); 639 printf(", mask=%s", stoa(&iface->mask)); 640 } 641 printf(", %s:%s", 642 (iface->ignore_packets) 643 ? "Disabled" 644 : "Enabled", 645 sfx); 646 if (debug > 4) /* in-depth debugging only */ 647 interface_dump(iface); 648} 649#endif 650 651#if !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) 652/* 653 * create an asyncio_reader structure 654 */ 655static struct asyncio_reader * 656new_asyncio_reader(void) 657{ 658 struct asyncio_reader *reader; 659 660 reader = emalloc(sizeof(*reader)); 661 662 memset(reader, 0, sizeof(*reader)); 663 reader->fd = INVALID_SOCKET; 664 return reader; 665} 666 667/* 668 * delete a reader 669 */ 670static void 671delete_asyncio_reader( 672 struct asyncio_reader *reader 673 ) 674{ 675 free(reader); 676} 677 678/* 679 * add asynchio_reader 680 */ 681static void 682add_asyncio_reader( 683 struct asyncio_reader * reader, 684 enum desc_type type) 685{ 686 LINK_SLIST(asyncio_reader_list, reader, link); 687 add_fd_to_list(reader->fd, type); 688} 689 690/* 691 * remove asynchio_reader 692 */ 693static void 694remove_asyncio_reader( 695 struct asyncio_reader *reader 696 ) 697{ 698 struct asyncio_reader *unlinked; 699 700 UNLINK_SLIST(unlinked, asyncio_reader_list, reader, link, 701 struct asyncio_reader); 702 703 if (reader->fd != INVALID_SOCKET) 704 close_and_delete_fd_from_list(reader->fd); 705 706 reader->fd = INVALID_SOCKET; 707} 708#endif /* !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) */ 709 710/* 711 * Code to tell if we have an IP address 712 * If we have then return the sockaddr structure 713 * and set the return value 714 * see the bind9/getaddresses.c for details 715 */ 716isc_boolean_t 717is_ip_address( 718 const char * host, 719 isc_netaddr_t * addr 720 ) 721{ 722 struct in_addr in4; 723 struct in6_addr in6; 724 char tmpbuf[128]; 725 char *pch; 726 727 NTP_REQUIRE(host != NULL); 728 NTP_REQUIRE(addr != NULL); 729 730 /* 731 * Try IPv4, then IPv6. In order to handle the extended format 732 * for IPv6 scoped addresses (address%scope_ID), we'll use a local 733 * working buffer of 128 bytes. The length is an ad-hoc value, but 734 * should be enough for this purpose; the buffer can contain a string 735 * of at least 80 bytes for scope_ID in addition to any IPv6 numeric 736 * addresses (up to 46 bytes), the delimiter character and the 737 * terminating NULL character. 738 */ 739 if (inet_pton(AF_INET, host, &in4) == 1) { 740 isc_netaddr_fromin(addr, &in4); 741 return (ISC_TRUE); 742 } else if (sizeof(tmpbuf) > strlen(host)) { 743 if ('[' == host[0]) { 744 strncpy(tmpbuf, &host[1], sizeof(tmpbuf)); 745 pch = strchr(tmpbuf, ']'); 746 if (pch != NULL) 747 *pch = '\0'; 748 } else 749 strncpy(tmpbuf, host, sizeof(tmpbuf)); 750 pch = strchr(tmpbuf, '%'); 751 if (pch != NULL) 752 *pch = '\0'; 753 754 if (inet_pton(AF_INET6, tmpbuf, &in6) == 1) { 755 isc_netaddr_fromin6(addr, &in6); 756 return (ISC_TRUE); 757 } 758 } 759 /* 760 * If we got here it was not an IP address 761 */ 762 return (ISC_FALSE); 763} 764 765 766/* 767 * interface list enumerator - visitor pattern 768 */ 769void 770interface_enumerate( 771 interface_receiver_t receiver, 772 void * data 773 ) 774{ 775 interface_info_t ifi; 776 777 ifi.action = IFS_EXISTS; 778 779 for (ifi.interface = inter_list; 780 ifi.interface != NULL; 781 ifi.interface = ifi.interface->link) 782 (*receiver)(data, &ifi); 783} 784 785/* 786 * do standard initialization of interface structure 787 */ 788static void 789init_interface( 790 struct interface *iface 791 ) 792{ 793 memset(iface, 0, sizeof(*iface)); 794 iface->fd = INVALID_SOCKET; 795 iface->bfd = INVALID_SOCKET; 796 iface->phase = sys_interphase; 797} 798 799 800/* 801 * create new interface structure initialize from 802 * template structure or via standard initialization 803 * function 804 */ 805static struct interface * 806new_interface( 807 struct interface *interface 808 ) 809{ 810 static u_int sys_ifnum = 0; 811 struct interface * iface; 812 813 iface = emalloc(sizeof(*iface)); 814 815 if (NULL == interface) 816 init_interface(iface); 817 else /* use the template */ 818 memcpy(iface, interface, sizeof(*iface)); 819 820 /* count every new instance of an interface in the system */ 821 iface->ifnum = sys_ifnum++; 822 iface->starttime = current_time; 823 824 return iface; 825} 826 827 828/* 829 * return interface storage into free memory pool 830 */ 831static inline void 832delete_interface( 833 struct interface *interface 834 ) 835{ 836 free(interface); 837} 838 839 840/* 841 * link interface into list of known interfaces 842 */ 843static void 844add_interface( 845 struct interface *interface 846 ) 847{ 848 /* 849 * Calculate the address hash 850 */ 851 interface->addr_refid = addr2refid(&interface->sin); 852 853 LINK_SLIST(inter_list, interface, link); 854 ninterfaces++; 855} 856 857 858/* 859 * remove interface from known interface list and clean up 860 * associated resources 861 */ 862static void 863remove_interface( 864 struct interface *iface 865 ) 866{ 867 struct interface *unlinked; 868 sockaddr_u resmask; 869 870 UNLINK_SLIST(unlinked, inter_list, iface, link, struct 871 interface); 872 873 delete_interface_from_list(iface); 874 875 if (iface->fd != INVALID_SOCKET) { 876 msyslog(LOG_INFO, 877 "Deleting interface #%d %s, %s#%d, interface stats: received=%ld, sent=%ld, dropped=%ld, active_time=%ld secs", 878 iface->ifnum, 879 iface->name, 880 stoa(&iface->sin), 881 SRCPORT(&iface->sin), 882 iface->received, 883 iface->sent, 884 iface->notsent, 885 current_time - iface->starttime); 886 887 close_and_delete_fd_from_list(iface->fd); 888 } 889 890 if (iface->bfd != INVALID_SOCKET) { 891 msyslog(LOG_INFO, 892 "Deleting broadcast address %s#%d from interface #%d %s", 893 stoa(&iface->bcast), 894 SRCPORT(&iface->bcast), 895 iface->ifnum, 896 iface->name); 897 898 close_and_delete_fd_from_list(iface->bfd); 899 } 900 901 ninterfaces--; 902 ntp_monclearinterface(iface); 903 904 /* remove restrict interface entry */ 905 SET_HOSTMASK(&resmask, AF(&iface->sin)); 906 hack_restrict(RESTRICT_REMOVEIF, &iface->sin, &resmask, 907 RESM_NTPONLY | RESM_INTERFACE, RES_IGNORE); 908} 909 910 911static void 912list_if_listening( 913 struct interface * iface 914 ) 915{ 916 msyslog(LOG_INFO, "%s on %d %s %s UDP %d", 917 (iface->ignore_packets) 918 ? "Listen and drop" 919 : "Listen normally", 920 iface->ifnum, 921 iface->name, 922 stoa(&iface->sin), 923 SRCPORT(&iface->sin)); 924} 925 926 927static void 928create_wildcards( 929 u_short port 930 ) 931{ 932 int v4wild, v6wild; 933 sockaddr_u wildaddr; 934 isc_netaddr_t wnaddr; 935 nic_rule_action action; 936 struct interface * wildif; 937 938 /* 939 * silence "potentially uninitialized" warnings from VC9 940 * failing to follow the logic. Ideally action could remain 941 * uninitialized, and the memset be the first statement under 942 * the first if (v4wild). 943 */ 944 action = ACTION_LISTEN; 945 memset(&wildaddr, 0, sizeof(wildaddr)); 946 947 /* 948 * create pseudo-interface with wildcard IPv4 address 949 */ 950 v4wild = ipv4_works; 951 if (v4wild) { 952 /* set wildaddr to the v4 wildcard address 0.0.0.0 */ 953 AF(&wildaddr) = AF_INET; 954 SET_ADDR4(&wildaddr, INADDR_ANY); 955 SET_PORT(&wildaddr, port); 956 957 /* make an libisc-friendly copy */ 958 isc_netaddr_fromin(&wnaddr, &wildaddr.sa4.sin_addr); 959 960 /* check for interface/nic rules affecting the wildcard */ 961 action = interface_action(NULL, &wnaddr, 0); 962 v4wild = (ACTION_IGNORE != action); 963 } 964 if (v4wild) { 965 wildif = new_interface(NULL); 966 967 strncpy(wildif->name, "v4wildcard", sizeof(wildif->name)); 968 memcpy(&wildif->sin, &wildaddr, sizeof(wildif->sin)); 969 wildif->family = AF_INET; 970 AF(&wildif->mask) = AF_INET; 971 SET_ONESMASK(&wildif->mask); 972 973 wildif->flags = INT_BROADCAST | INT_UP | INT_WILDCARD; 974 wildif->ignore_packets = (ACTION_DROP == action); 975#if defined(MCAST) 976 /* 977 * enable multicast reception on the broadcast socket 978 */ 979 AF(&wildif->bcast) = AF_INET; 980 SET_ADDR4(&wildif->bcast, INADDR_ANY); 981 SET_PORT(&wildif->bcast, port); 982#endif /* MCAST */ 983 wildif->fd = open_socket(&wildif->sin, 0, 1, wildif); 984 985 if (wildif->fd != INVALID_SOCKET) { 986 wildipv4 = wildif; 987 any_interface = wildif; 988 989 add_addr_to_list(&wildif->sin, wildif); 990 add_interface(wildif); 991 list_if_listening(wildif); 992 } else { 993 msyslog(LOG_ERR, 994 "unable to bind to wildcard address %s - another process may be running - EXITING", 995 stoa(&wildif->sin)); 996 exit(1); 997 } 998 DPRINT_INTERFACE(2, (wildif, "created ", "\n")); 999 } 1000 1001#ifdef INCLUDE_IPV6_SUPPORT 1002 /* 1003 * create pseudo-interface with wildcard IPv6 address 1004 */ 1005 v6wild = ipv6_works; 1006 if (v6wild) { 1007 /* set wildaddr to the v6 wildcard address :: */ 1008 memset(&wildaddr, 0, sizeof(wildaddr)); 1009 AF(&wildaddr) = AF_INET6; 1010 SET_ADDR6N(&wildaddr, in6addr_any); 1011 SET_PORT(&wildaddr, port); 1012 SET_SCOPE(&wildaddr, 0); 1013 1014 /* make an libisc-friendly copy */ 1015 isc_netaddr_fromin(&wnaddr, &wildaddr.sa4.sin_addr); 1016 1017 /* check for interface/nic rules affecting the wildcard */ 1018 action = interface_action(NULL, &wnaddr, 0); 1019 v6wild = (ACTION_IGNORE != action); 1020 } 1021 if (v6wild) { 1022 wildif = new_interface(NULL); 1023 1024 strncpy(wildif->name, "v6wildcard", sizeof(wildif->name)); 1025 memcpy(&wildif->sin, &wildaddr, sizeof(wildif->sin)); 1026 wildif->family = AF_INET6; 1027 AF(&wildif->mask) = AF_INET6; 1028 SET_ONESMASK(&wildif->mask); 1029 1030 wildif->flags = INT_UP | INT_WILDCARD; 1031 wildif->ignore_packets = (ACTION_DROP == action); 1032 1033 wildif->fd = open_socket(&wildif->sin, 0, 1, wildif); 1034 1035 if (wildif->fd != INVALID_SOCKET) { 1036 wildipv6 = wildif; 1037 any6_interface = wildif; 1038 add_addr_to_list(&wildif->sin, wildif); 1039 add_interface(wildif); 1040 list_if_listening(wildif); 1041 } else { 1042 msyslog(LOG_ERR, 1043 "unable to bind to wildcard address %s - another process may be running - EXITING", 1044 stoa(&wildif->sin)); 1045 exit(1); 1046 } 1047 DPRINT_INTERFACE(2, (wildif, "created ", "\n")); 1048 } 1049#endif 1050} 1051 1052 1053/* 1054 * add_nic_rule() -- insert a rule entry at the head of nic_rule_list. 1055 */ 1056void 1057add_nic_rule( 1058 nic_rule_match match_type, 1059 const char * if_name, /* interface name or numeric address */ 1060 int prefixlen, 1061 nic_rule_action action 1062 ) 1063{ 1064 nic_rule * rule; 1065 isc_boolean_t is_ip; 1066 1067 rule = emalloc(sizeof(*rule)); 1068 memset(rule, 0, sizeof(*rule)); 1069 rule->match_type = match_type; 1070 rule->prefixlen = prefixlen; 1071 rule->action = action; 1072 1073 if (MATCH_IFNAME == match_type) { 1074 NTP_REQUIRE(NULL != if_name); 1075 rule->if_name = estrdup(if_name); 1076 } else if (MATCH_IFADDR == match_type) { 1077 NTP_REQUIRE(NULL != if_name); 1078 /* set rule->netaddr */ 1079 is_ip = is_ip_address(if_name, &rule->netaddr); 1080 NTP_REQUIRE(is_ip); 1081 } else 1082 NTP_REQUIRE(NULL == if_name); 1083 1084 LINK_SLIST(nic_rule_list, rule, next); 1085} 1086 1087 1088#ifdef DEBUG 1089static const char * 1090action_text( 1091 nic_rule_action action 1092 ) 1093{ 1094 const char *t; 1095 1096 switch (action) { 1097 1098 default: 1099 t = "ERROR"; /* quiet uninit warning */ 1100 DPRINTF(1, ("fatal: unknown nic_rule_action %d\n", 1101 action)); 1102 NTP_ENSURE(0); 1103 break; 1104 1105 case ACTION_LISTEN: 1106 t = "listen"; 1107 break; 1108 1109 case ACTION_IGNORE: 1110 t = "ignore"; 1111 break; 1112 1113 case ACTION_DROP: 1114 t = "drop"; 1115 break; 1116 } 1117 1118 return t; 1119} 1120#endif /* DEBUG */ 1121 1122 1123static nic_rule_action 1124interface_action( 1125 char * if_name, 1126 isc_netaddr_t * if_netaddr, 1127 isc_uint32_t if_flags 1128 ) 1129{ 1130 nic_rule *rule; 1131 int isloopback; 1132 int iswildcard; 1133 1134 DPRINTF(4, ("interface_action: interface %s ", 1135 (if_name != NULL) ? if_name : "wildcard")); 1136 1137 iswildcard = is_wildcard_netaddr(if_netaddr); 1138 1139 /* 1140 * Always listen on 127.0.0.1 - required by ntp_intres 1141 */ 1142 if (if_flags & INTERFACE_F_LOOPBACK) { 1143 isloopback = 1; 1144 if (AF_INET == if_netaddr->family) { 1145 DPRINTF(4, ("IPv4 loopback - listen\n")); 1146 return ACTION_LISTEN; 1147 } 1148 } else 1149 isloopback = 0; 1150 1151 /* 1152 * Find any matching NIC rule from --interface / -I or ntp.conf 1153 * interface/nic rules. 1154 */ 1155 for (rule = nic_rule_list; rule != NULL; rule = rule->next) { 1156 1157 switch (rule->match_type) { 1158 1159 case MATCH_ALL: 1160 /* loopback and wildcard excluded from "all" */ 1161 if (isloopback || iswildcard) 1162 break; 1163 DPRINTF(4, ("nic all %s\n", 1164 action_text(rule->action))); 1165 return rule->action; 1166 1167 case MATCH_IPV4: 1168 if (AF_INET == if_netaddr->family) { 1169 DPRINTF(4, ("nic ipv4 %s\n", 1170 action_text(rule->action))); 1171 return rule->action; 1172 } 1173 break; 1174 1175 case MATCH_IPV6: 1176 if (AF_INET6 == if_netaddr->family) { 1177 DPRINTF(4, ("nic ipv6 %s\n", 1178 action_text(rule->action))); 1179 return rule->action; 1180 } 1181 break; 1182 1183 case MATCH_WILDCARD: 1184 if (iswildcard) { 1185 DPRINTF(4, ("nic wildcard %s\n", 1186 action_text(rule->action))); 1187 return rule->action; 1188 } 1189 break; 1190 1191 case MATCH_IFADDR: 1192 if (rule->prefixlen != -1) { 1193 if (isc_netaddr_eqprefix(if_netaddr, 1194 &rule->netaddr, rule->prefixlen)) { 1195 1196 DPRINTF(4, ("subnet address match - %s\n", 1197 action_text(rule->action))); 1198 return rule->action; 1199 } 1200 } else 1201 if (isc_netaddr_equal(if_netaddr, 1202 &rule->netaddr)) { 1203 1204 DPRINTF(4, ("address match - %s\n", 1205 action_text(rule->action))); 1206 return rule->action; 1207 } 1208 break; 1209 1210 case MATCH_IFNAME: 1211 if (if_name != NULL 1212 && !strcasecmp(if_name, rule->if_name)) { 1213 1214 DPRINTF(4, ("interface name match - %s\n", 1215 action_text(rule->action))); 1216 return rule->action; 1217 } 1218 break; 1219 } 1220 } 1221 1222 /* 1223 * Unless explicitly disabled such as with "nic ignore ::1" 1224 * listen on loopback addresses. Since ntpq and ntpdc query 1225 * "localhost" by default, which typically resolves to ::1 and 1226 * 127.0.0.1, it's useful to default to listening on both. 1227 */ 1228 if (isloopback) { 1229 DPRINTF(4, ("default loopback listen\n")); 1230 return ACTION_LISTEN; 1231 } 1232 1233 /* 1234 * Treat wildcard addresses specially. If there is no explicit 1235 * "nic ... wildcard" or "nic ... 0.0.0.0" or "nic ... ::" rule 1236 * default to drop. 1237 */ 1238 if (iswildcard) { 1239 DPRINTF(4, ("default wildcard drop\n")); 1240 return ACTION_DROP; 1241 } 1242 1243 /* 1244 * Check for "virtual IP" (colon in the interface name) after 1245 * the rules so that "ntpd --interface eth0:1 -novirtualips" 1246 * does indeed listen on eth0:1's addresses. 1247 */ 1248 if (!listen_to_virtual_ips && if_name != NULL 1249 && (strchr(if_name, ':') != NULL)) { 1250 1251 DPRINTF(4, ("virtual ip - ignore\n")); 1252 return ACTION_IGNORE; 1253 } 1254 1255 /* 1256 * If there are no --interface/-I command-line options and no 1257 * interface/nic rules in ntp.conf, the default action is to 1258 * listen. In the presence of rules from either, the default 1259 * is to ignore. This implements ntpd's traditional listen- 1260 * every default with no interface listen configuration, and 1261 * ensures a single -I eth0 or "nic listen eth0" means do not 1262 * listen on any other addresses. 1263 */ 1264 if (AF_INET6 == if_netaddr->family) { 1265 struct in6_ifreq ifr6 = { 1266 .ifr_addr.sin6_len = sizeof(struct sockaddr_in6), 1267 .ifr_addr.sin6_family = AF_INET6, 1268 .ifr_addr.sin6_addr = if_netaddr->type.in6, 1269 }; 1270 struct sockaddr_in6 sa6 = ifr6.ifr_addr; 1271 1272 strlcpy(ifr6.ifr_name, if_name, sizeof(ifr6.ifr_name)); 1273 int s6 = socket(AF_INET6, SOCK_DGRAM, 0); 1274 if (s6 >= 0) { 1275 int on = 1; 1276 setsockopt(s6, SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof(on)); 1277 if (ioctl(s6, SIOCGIFAFLAG_IN6, &ifr6) == 0) { 1278 if (ifr6.ifr_ifru.ifru_flags6 & IN6_AVOID_FLAGS) { 1279 os_trace_debug("Ignoring IPv6 address because 0x%x", 1280 ifr6.ifr_ifru.ifru_flags6 & IN6_AVOID_FLAGS); 1281 goto bail; 1282 } 1283 } else { // probably a bad address 1284 int save_errno = errno; 1285 msyslog(LOG_DEBUG, "Ignoring address %s because ioctl failed errno:%d", 1286 stoa((sockaddr_u *)&sa6), save_errno); 1287 os_trace("Ignoring IPv6 address because ioctl failed errno:%d", save_errno); 1288 bail: 1289 close(s6); 1290 return ACTION_IGNORE; 1291 } 1292 close(s6); 1293 } else { 1294 os_trace("Failed to create IPv6 dgram socket errno:%d", errno); 1295 } 1296 } 1297 1298 if (NULL == nic_rule_list) { 1299 DPRINTF(4, ("default listen\n")); 1300 return ACTION_LISTEN; 1301 } 1302 1303 DPRINTF(4, ("implicit ignore\n")); 1304 return ACTION_IGNORE; 1305} 1306 1307 1308static void 1309convert_isc_if( 1310 isc_interface_t *isc_if, 1311 struct interface *itf, 1312 u_short port 1313 ) 1314{ 1315 strncpy(itf->name, isc_if->name, sizeof(itf->name)); 1316 itf->name[sizeof(itf->name) - 1] = 0; /* strncpy may not */ 1317 itf->family = (u_short)isc_if->af; 1318 AF(&itf->sin) = itf->family; 1319 AF(&itf->mask) = itf->family; 1320 AF(&itf->bcast) = itf->family; 1321 SET_PORT(&itf->sin, port); 1322 SET_PORT(&itf->mask, port); 1323 SET_PORT(&itf->bcast, port); 1324 1325 if (IS_IPV4(&itf->sin)) { 1326 NSRCADR(&itf->sin) = isc_if->address.type.in.s_addr; 1327 NSRCADR(&itf->mask) = isc_if->netmask.type.in.s_addr; 1328 1329 if (isc_if->flags & INTERFACE_F_BROADCAST) { 1330 itf->flags |= INT_BROADCAST; 1331 NSRCADR(&itf->bcast) = 1332 isc_if->broadcast.type.in.s_addr; 1333 } 1334 } 1335#ifdef INCLUDE_IPV6_SUPPORT 1336 else if (IS_IPV6(&itf->sin)) { 1337 SET_ADDR6N(&itf->sin, isc_if->address.type.in6); 1338 SET_ADDR6N(&itf->mask, isc_if->netmask.type.in6); 1339 1340 itf->scopeid = isc_netaddr_getzone(&isc_if->address); 1341 SET_SCOPE(&itf->sin, itf->scopeid); 1342 } 1343#endif /* INCLUDE_IPV6_SUPPORT */ 1344 1345 1346 /* Process the rest of the flags */ 1347 1348 itf->flags |= 1349 ((INTERFACE_F_UP & isc_if->flags) 1350 ? INT_UP : 0) 1351 | ((INTERFACE_F_LOOPBACK & isc_if->flags) 1352 ? INT_LOOPBACK : 0) 1353 | ((INTERFACE_F_POINTTOPOINT & isc_if->flags) 1354 ? INT_PPP : 0) 1355 | ((INTERFACE_F_MULTICAST & isc_if->flags) 1356 ? INT_MULTICAST : 0) 1357 ; 1358} 1359 1360 1361/* 1362 * refresh_interface 1363 * 1364 * some OSes have been observed to keep 1365 * cached routes even when more specific routes 1366 * become available. 1367 * this can be mitigated by re-binding 1368 * the socket. 1369 */ 1370static int 1371refresh_interface( 1372 struct interface * interface 1373 ) 1374{ 1375#ifdef OS_MISSES_SPECIFIC_ROUTE_UPDATES 1376 if (interface->fd != INVALID_SOCKET) { 1377 close_and_delete_fd_from_list(interface->fd); 1378 interface->fd = open_socket(&interface->sin, 1379 0, 0, interface); 1380 /* 1381 * reset TTL indication so TTL is is set again 1382 * next time around 1383 */ 1384 interface->last_ttl = 0; 1385 return (interface->fd != INVALID_SOCKET); 1386 } else 1387 return 0; /* invalid sockets are not refreshable */ 1388#else /* !OS_MISSES_SPECIFIC_ROUTE_UPDATES */ 1389 if (interface->fd != INVALID_SOCKET) { 1390 if (IS_IPV6(&interface->sin)) { /* If address is now deprecated then close fd */ 1391 struct in6_ifreq ifr6; 1392 strlcpy(ifr6.ifr_name, interface->name, sizeof(ifr6.ifr_name)); 1393 ifr6.ifr_addr = *(struct sockaddr_in6 *)&interface->sin; 1394 if (ioctl(interface->fd, SIOCGIFAFLAG_IN6, &ifr6) >= 0) { 1395 interface->flags6 = ifr6.ifr_ifru.ifru_flags6; 1396 if (interface->flags6 & IN6_AVOID_FLAGS) { 1397 close_and_delete_fd_from_list(interface->fd); 1398 interface->fd = INVALID_SOCKET; 1399 } 1400 } 1401 } 1402 } 1403 return (interface->fd != INVALID_SOCKET); 1404#endif /* !OS_MISSES_SPECIFIC_ROUTE_UPDATES */ 1405} 1406 1407/* 1408 * interface_update - externally callable update function 1409 */ 1410void 1411interface_update( 1412 interface_receiver_t receiver, 1413 void * data) 1414{ 1415 int new_interface_found; 1416 1417 if (disable_dynamic_updates) 1418 return; 1419 1420 BLOCKIO(); 1421 new_interface_found = update_interfaces(NTP_PORT, receiver, data); 1422 UNBLOCKIO(); 1423 1424 if (!new_interface_found) 1425 return; 1426 1427#ifdef DEBUG 1428 msyslog(LOG_DEBUG, "new interface(s) found: waking up resolver"); 1429#endif 1430#ifdef SYS_WINNT 1431 /* wake up the resolver thread */ 1432 if (ResolverEventHandle != NULL) 1433 SetEvent(ResolverEventHandle); 1434#else 1435 /* write any single byte to the pipe to wake up the resolver process */ 1436 write( resolver_pipe_fd[1], &new_interface_found, 1 ); 1437#endif 1438} 1439 1440 1441/* 1442 * sau_from_netaddr() - convert network address on-wire formats. 1443 * Convert from libisc's isc_netaddr_t to NTP's sockaddr_u 1444 */ 1445void 1446sau_from_netaddr( 1447 sockaddr_u *psau, 1448 const isc_netaddr_t *pna 1449 ) 1450{ 1451 memset(psau, 0, sizeof(*psau)); 1452 AF(psau) = (u_short)pna->family; 1453 switch (pna->family) { 1454 1455 case AF_INET: 1456 memcpy(&psau->sa4.sin_addr, &pna->type.in, 1457 sizeof(psau->sa4.sin_addr)); 1458 break; 1459 1460 case AF_INET6: 1461 memcpy(&psau->sa6.sin6_addr, &pna->type.in6, 1462 sizeof(psau->sa6.sin6_addr)); 1463 break; 1464 } 1465} 1466 1467 1468static int 1469is_wildcard_addr( 1470 sockaddr_u *psau 1471 ) 1472{ 1473 if (IS_IPV4(psau) && !NSRCADR(psau)) 1474 return 1; 1475 1476#ifdef INCLUDE_IPV6_SUPPORT 1477 if (IS_IPV6(psau) && S_ADDR6_EQ(psau, &in6addr_any)) 1478 return 1; 1479#endif 1480 1481 return 0; 1482} 1483 1484 1485static int 1486is_wildcard_netaddr( 1487 const isc_netaddr_t *pna 1488 ) 1489{ 1490 sockaddr_u sau; 1491 1492 sau_from_netaddr(&sau, pna); 1493 1494 return is_wildcard_addr(&sau); 1495} 1496 1497 1498#ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 1499/* 1500 * enable/disable re-use of wildcard address socket 1501 */ 1502static void 1503set_wildcard_reuse( 1504 u_short family, 1505 int on 1506 ) 1507{ 1508 struct interface *any; 1509 SOCKET fd = INVALID_SOCKET; 1510 1511 any = ANY_INTERFACE_BYFAM(family); 1512 if (any != NULL) 1513 fd = any->fd; 1514 1515 if (fd != INVALID_SOCKET) { 1516 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, 1517 (char *)&on, sizeof(on))) 1518 msyslog(LOG_ERR, 1519 "set_wildcard_reuse: setsockopt(SO_REUSEADDR, %s) failed: %m", 1520 on ? "on" : "off"); 1521 1522 DPRINTF(4, ("set SO_REUSEADDR to %s on %s\n", 1523 on ? "on" : "off", 1524 stoa(&any->sin))); 1525 } 1526} 1527#endif /* OS_NEEDS_REUSEADDR_FOR_IFADDRBIND */ 1528 1529/* 1530 * update_interface strategy 1531 * 1532 * toggle configuration phase 1533 * 1534 * Phase 1: 1535 * forall currently existing interfaces 1536 * if address is known: 1537 * drop socket - rebind again 1538 * 1539 * if address is NOT known: 1540 * attempt to create a new interface entry 1541 * 1542 * Phase 2: 1543 * forall currently known non MCAST and WILDCARD interfaces 1544 * if interface does not match configuration phase (not seen in phase 1): 1545 * remove interface from known interface list 1546 * forall peers associated with this interface 1547 * disconnect peer from this interface 1548 * 1549 * Phase 3: 1550 * attempt to re-assign interfaces to peers 1551 * 1552 */ 1553 1554static int 1555update_interfaces( 1556 u_short port, 1557 interface_receiver_t receiver, 1558 void * data 1559 ) 1560{ 1561 isc_mem_t * mctx = (void *)-1; 1562 interface_info_t ifi; 1563 isc_interfaceiter_t * iter; 1564 isc_result_t result; 1565 isc_interface_t isc_if; 1566 int new_interface_found; 1567 unsigned int family; 1568 struct interface interface; 1569 struct interface * iface; 1570 struct interface * next; 1571 1572 DPRINTF(3, ("update_interfaces(%d)\n", port)); 1573 1574 /* 1575 * phase one - scan interfaces 1576 * - create those that are not found 1577 * - update those that are found 1578 */ 1579 1580 new_interface_found = 0; 1581 iter = NULL; 1582 result = isc_interfaceiter_create(mctx, &iter); 1583 1584 if (result != ISC_R_SUCCESS) 1585 return 0; 1586 1587 /* 1588 * Toggle system interface scan phase to find untouched 1589 * interfaces to be deleted. 1590 */ 1591 sys_interphase ^= 0x1; 1592 1593 for (result = isc_interfaceiter_first(iter); 1594 ISC_R_SUCCESS == result; 1595 result = isc_interfaceiter_next(iter)) { 1596 1597 result = isc_interfaceiter_current(iter, &isc_if); 1598 1599 if (result != ISC_R_SUCCESS) 1600 break; 1601 1602 /* See if we have a valid family to use */ 1603 family = isc_if.address.family; 1604 if (AF_INET != family && AF_INET6 != family) 1605 continue; 1606 if (AF_INET == family && !ipv4_works) 1607 continue; 1608 if (AF_INET6 == family && !ipv6_works) 1609 continue; 1610 1611 /* create prototype */ 1612 init_interface(&interface); 1613 1614 convert_isc_if(&isc_if, &interface, port); 1615 1616 /* 1617 * Check if and how we are going to use the interface. 1618 */ 1619 switch (interface_action(isc_if.name, &isc_if.address, 1620 isc_if.flags)) { 1621 1622 case ACTION_IGNORE: 1623 continue; 1624 1625 case ACTION_LISTEN: 1626 interface.ignore_packets = ISC_FALSE; 1627 break; 1628 1629 case ACTION_DROP: 1630 interface.ignore_packets = ISC_TRUE; 1631 break; 1632 } 1633 1634 DPRINT_INTERFACE(4, (&interface, "examining ", "\n")); 1635 1636 /* interfaces must be UP to be usable */ 1637 if (!(interface.flags & INT_UP)) { 1638 DPRINTF(4, ("skipping interface %s (%s) - DOWN\n", 1639 interface.name, stoa(&interface.sin))); 1640 continue; 1641 } 1642 1643 /* 1644 * skip any interfaces UP and bound to a wildcard 1645 * address - some dhcp clients produce that in the 1646 * wild 1647 */ 1648 if (is_wildcard_addr(&interface.sin)) 1649 continue; 1650 1651 /* 1652 * map to local *address* in order to map all duplicate 1653 * interfaces to an interface structure with the 1654 * appropriate socket. Our name space is (ip-address), 1655 * NOT (interface name, ip-address). 1656 */ 1657 iface = getinterface(&interface.sin, INT_WILDCARD); 1658 1659 if (iface != NULL && refresh_interface(iface)) { 1660 /* 1661 * found existing and up to date interface - 1662 * mark present. 1663 */ 1664 if (iface->phase != sys_interphase) { 1665 /* 1666 * On a new round we reset the name so 1667 * the interface name shows up again if 1668 * this address is no longer shared. 1669 * The same reasoning goes for the 1670 * ignore_packets flag. 1671 */ 1672 strncpy(iface->name, interface.name, 1673 sizeof(iface->name)); 1674 iface->ignore_packets = 1675 interface.ignore_packets; 1676 } else 1677 /* name collision - rename interface */ 1678 strncpy(iface->name, "*multiple*", 1679 sizeof(iface->name)); 1680 1681 DPRINT_INTERFACE(4, (iface, "updating ", 1682 " present\n")); 1683 1684 if (iface->ignore_packets != 1685 interface.ignore_packets) { 1686 /* 1687 * We have conflicting configurations 1688 * for the interface address. This is 1689 * caused by using -I <interfacename> 1690 * for an interface that shares its 1691 * address with other interfaces. We 1692 * can not disambiguate incoming 1693 * packets delivered to this socket 1694 * without extra syscalls/features. 1695 * These are not (commonly) available. 1696 * Note this is a more unusual 1697 * configuration where several 1698 * interfaces share an address but 1699 * filtering via interface name is 1700 * attempted. We resolve the 1701 * configuration conflict by disabling 1702 * the processing of received packets. 1703 * This leads to no service on the 1704 * interface address where the conflict 1705 * occurs. 1706 */ 1707 msyslog(LOG_ERR, 1708 "WARNING: conflicting enable configuration for interfaces %s and %s for address %s - unsupported configuration - address DISABLED", 1709 interface.name, iface->name, 1710 stoa(&interface.sin)); 1711 1712 iface->ignore_packets = ISC_TRUE; 1713 } 1714 1715 iface->phase = sys_interphase; 1716 1717 ifi.action = IFS_EXISTS; 1718 ifi.interface = iface; 1719 if (receiver != NULL) 1720 (*receiver)(data, &ifi); 1721 } else { 1722 /* 1723 * This is new or refreshing failed - add to 1724 * our interface list. If refreshing failed we 1725 * will delete the interface structure in phase 1726 * 2 as the interface was not marked current. 1727 * We can bind to the address as the refresh 1728 * code already closed the offending socket 1729 */ 1730 int flags6 = 0; 1731 iface = create_interface(port, &interface, &flags6); 1732 1733 if (iface != NULL) { 1734 ifi.action = IFS_CREATED; 1735 ifi.interface = iface; 1736 if (receiver != NULL) 1737 (*receiver)(data, &ifi); 1738 1739 new_interface_found = 1; 1740 1741 DPRINT_INTERFACE(3, 1742 (iface, "updating ", 1743 " new - created\n")); 1744 } else if (0 == (flags6 & IN6_AVOID_FLAGS)) { 1745 DPRINT_INTERFACE(3, 1746 (&interface, "updating ", 1747 " new - creation FAILED")); 1748 1749 msyslog(LOG_INFO, 1750 "failed to init interface for address %s", 1751 stoa(&interface.sin)); 1752 continue; 1753 } 1754 } 1755 } 1756 1757 isc_interfaceiter_destroy(&iter); 1758 1759 /* 1760 * phase 2 - delete gone interfaces - reassigning peers to 1761 * other interfaces 1762 */ 1763 iface = inter_list; 1764 1765 while (iface != NULL) { 1766 next = iface->link; 1767 1768 if (!(iface->flags & (INT_WILDCARD | INT_MCASTIF))) { 1769 /* 1770 * if phase does not match sys_phase this 1771 * interface was not enumerated during the last 1772 * interface scan - so it is gone and will be 1773 * deleted here unless it is solely an MCAST or 1774 * WILDCARD interface. 1775 */ 1776 if (iface->phase != sys_interphase) { 1777 DPRINT_INTERFACE(3, 1778 (iface, "updating ", 1779 "GONE - deleting\n")); 1780 remove_interface(iface); 1781 1782 ifi.action = IFS_DELETED; 1783 ifi.interface = iface; 1784 if (receiver != NULL) 1785 (*receiver)(data, &ifi); 1786 1787 /* 1788 * disconnect peers from deleted 1789 * interface 1790 */ 1791 while (iface->peers != NULL) 1792 set_peerdstadr(iface->peers, NULL); 1793 1794 /* 1795 * update globals in case we lose 1796 * a loopback interface 1797 */ 1798 if (iface == loopback_interface) 1799 loopback_interface = NULL; 1800 1801 delete_interface(iface); 1802 } 1803 } 1804 iface = next; 1805 } 1806 1807 /* 1808 * phase 3 - re-configure as the world has changed if necessary 1809 */ 1810 refresh_all_peerinterfaces(); 1811 return new_interface_found; 1812} 1813 1814 1815/* 1816 * create_sockets - create a socket for each interface plus a default 1817 * socket for when we don't know where to send 1818 */ 1819static int 1820create_sockets( 1821 u_short port 1822 ) 1823{ 1824#ifndef HAVE_IO_COMPLETION_PORT 1825 /* 1826 * I/O Completion Ports don't care about the select and FD_SET 1827 */ 1828 maxactivefd = 0; 1829 FD_ZERO(&activefds); 1830#endif 1831 1832 DPRINTF(2, ("create_sockets(%d)\n", port)); 1833 1834 create_wildcards(port); 1835 1836 update_interfaces(port, NULL, NULL); 1837 1838 /* 1839 * Now that we have opened all the sockets, turn off the reuse 1840 * flag for security. 1841 */ 1842 set_reuseaddr(0); 1843 1844 DPRINTF(2, ("create_sockets: Total interfaces = %d\n", ninterfaces)); 1845 1846 return ninterfaces; 1847} 1848 1849/* 1850 * create_interface - create a new interface for a given prototype 1851 * binding the socket. 1852 */ 1853static struct interface * 1854create_interface( 1855 u_short port, 1856 struct interface * protot, 1857 int *flags6 1858 ) 1859{ 1860 sockaddr_u resmask; 1861 struct interface *iface; 1862 1863 DPRINTF(2, ("create_interface(%s#%d)\n", stoa(&protot->sin), 1864 port)); 1865 1866 /* build an interface */ 1867 iface = new_interface(protot); 1868 1869 /* 1870 * create socket 1871 */ 1872 iface->fd = open_socket(&iface->sin, 0, 0, iface); 1873 1874 if (iface->fd != INVALID_SOCKET) 1875 list_if_listening(iface); 1876 1877 if ((INT_BROADCAST & iface->flags) 1878 && iface->bfd != INVALID_SOCKET) 1879 msyslog(LOG_INFO, "Listening on broadcast address %s#%d", 1880 stoa((&iface->bcast)), port); 1881 1882 if (INVALID_SOCKET == iface->fd 1883 && INVALID_SOCKET == iface->bfd) { 1884 if ((iface->flags6 & IN6_AVOID_FLAGS) == 0) { 1885 msyslog(LOG_ERR, "unable to create socket on %s (%d) for %s#%d", 1886 iface->name, 1887 iface->ifnum, 1888 stoa((&iface->sin)), 1889 port); 1890 } else { 1891 if (flags6) { 1892 *flags6 = iface->flags6; 1893 } 1894 msyslog(LOG_DEBUG, "unable to create socket on %s (%d) for %s#%d flags6:0x%x", 1895 iface->name, 1896 iface->ifnum, 1897 stoa((&iface->sin)), 1898 port, iface->flags6); 1899 } 1900 delete_interface(iface); 1901 return NULL; 1902 } 1903 1904 /* 1905 * Blacklist our own addresses, no use talking to ourself 1906 */ 1907 SET_HOSTMASK(&resmask, AF(&iface->sin)); 1908 hack_restrict(RESTRICT_FLAGS, &iface->sin, &resmask, 1909 RESM_NTPONLY | RESM_INTERFACE, RES_IGNORE); 1910 1911 /* 1912 * set globals with the first found 1913 * loopback interface of the appropriate class 1914 */ 1915 if (NULL == loopback_interface && AF_INET == iface->family 1916 && (INT_LOOPBACK & iface->flags)) 1917 loopback_interface = iface; 1918 1919 /* 1920 * put into our interface list 1921 */ 1922 add_addr_to_list(&iface->sin, iface); 1923 add_interface(iface); 1924 1925 DPRINT_INTERFACE(2, (iface, "created ", "\n")); 1926 return iface; 1927} 1928 1929 1930#ifdef SO_EXCLUSIVEADDRUSE 1931static void 1932set_excladdruse( 1933 SOCKET fd 1934 ) 1935{ 1936 int one = 1; 1937 int failed; 1938#ifdef SYS_WINNT 1939 DWORD err; 1940#endif 1941 1942 failed = setsockopt(fd, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, 1943 (char *)&one, sizeof(one)); 1944 1945 if (!failed) 1946 return; 1947 1948#ifdef SYS_WINNT 1949 /* 1950 * Prior to Windows XP setting SO_EXCLUSIVEADDRUSE can fail with 1951 * error WSAINVAL depending on service pack level and whether 1952 * the user account is in the Administrators group. Do not 1953 * complain if it fails that way on versions prior to XP (5.1). 1954 */ 1955 err = GetLastError(); 1956 1957 if (isc_win32os_versioncheck(5, 1, 0, 0) < 0 /* < 5.1/XP */ 1958 && WSAEINVAL == err) 1959 return; 1960 1961 SetLastError(err); 1962#endif 1963 msyslog(LOG_ERR, 1964 "setsockopt(%d, SO_EXCLUSIVEADDRUSE, on): %m", 1965 (int)fd); 1966} 1967#endif /* SO_EXCLUSIVEADDRUSE */ 1968 1969 1970/* 1971 * set_reuseaddr() - set/clear REUSEADDR on all sockets 1972 * NB possible hole - should we be doing this on broadcast 1973 * fd's also? 1974 */ 1975static void 1976set_reuseaddr( 1977 int flag 1978 ) 1979{ 1980#ifndef SO_EXCLUSIVEADDRUSE 1981 struct interface *interf; 1982 1983 for (interf = inter_list; 1984 interf != NULL; 1985 interf = interf->link) { 1986 1987 if (interf->flags & INT_WILDCARD) 1988 continue; 1989 1990 /* 1991 * if interf->fd is INVALID_SOCKET, we might have a adapter 1992 * configured but not present 1993 */ 1994 DPRINTF(4, ("setting SO_REUSEADDR on %.16s@%s to %s\n", 1995 interf->name, stoa(&interf->sin), 1996 flag ? "on" : "off")); 1997 1998 if (interf->fd != INVALID_SOCKET) { 1999 if (setsockopt(interf->fd, SOL_SOCKET, 2000 SO_REUSEADDR, (char *)&flag, 2001 sizeof(flag))) { 2002 msyslog(LOG_ERR, "set_reuseaddr: setsockopt(SO_REUSEADDR, %s) failed: %m", flag ? "on" : "off"); 2003 } 2004 } 2005 } 2006#endif /* ! SO_EXCLUSIVEADDRUSE */ 2007} 2008 2009/* 2010 * This is just a wrapper around an internal function so we can 2011 * make other changes as necessary later on 2012 */ 2013void 2014enable_broadcast( 2015 struct interface * iface, 2016 sockaddr_u * baddr 2017 ) 2018{ 2019#ifdef OPEN_BCAST_SOCKET 2020 socket_broadcast_enable(iface, iface->fd, baddr); 2021#endif 2022} 2023 2024#ifdef OPEN_BCAST_SOCKET 2025/* 2026 * Enable a broadcast address to a given socket 2027 * The socket is in the inter_list all we need to do is enable 2028 * broadcasting. It is not this function's job to select the socket 2029 */ 2030static isc_boolean_t 2031socket_broadcast_enable( 2032 struct interface * iface, 2033 SOCKET fd, 2034 sockaddr_u * baddr 2035 ) 2036{ 2037#ifdef SO_BROADCAST 2038 int on = 1; 2039 2040 if (IS_IPV4(baddr)) { 2041 /* if this interface can support broadcast, set SO_BROADCAST */ 2042 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, 2043 (char *)&on, sizeof(on))) 2044 msyslog(LOG_ERR, 2045 "setsockopt(SO_BROADCAST) enable failure on address %s: %m", 2046 stoa(baddr)); 2047 else 2048 DPRINTF(2, ("Broadcast enabled on socket %d for address %s\n", 2049 fd, stoa(baddr))); 2050 } 2051 iface->flags |= INT_BCASTOPEN; 2052 broadcast_client_enabled = ISC_TRUE; 2053 return ISC_TRUE; 2054#else 2055 return ISC_FALSE; 2056#endif /* SO_BROADCAST */ 2057} 2058 2059/* 2060 * Remove a broadcast address from a given socket 2061 * The socket is in the inter_list all we need to do is disable 2062 * broadcasting. It is not this function's job to select the socket 2063 */ 2064static isc_boolean_t 2065socket_broadcast_disable( 2066 struct interface * iface, 2067 sockaddr_u * baddr 2068 ) 2069{ 2070#ifdef SO_BROADCAST 2071 int off = 0; /* This seems to be OK as an int */ 2072 2073 if (IS_IPV4(baddr) && setsockopt(iface->fd, SOL_SOCKET, 2074 SO_BROADCAST, (char *)&off, sizeof(off))) 2075 msyslog(LOG_ERR, 2076 "setsockopt(SO_BROADCAST) disable failure on address %s: %m", 2077 stoa(baddr)); 2078 2079 iface->flags &= ~INT_BCASTOPEN; 2080 broadcast_client_enabled = ISC_FALSE; 2081 return ISC_TRUE; 2082#else 2083 return ISC_FALSE; 2084#endif /* SO_BROADCAST */ 2085} 2086 2087#endif /* OPEN_BCAST_SOCKET */ 2088 2089/* 2090 * return the broadcast client flag value 2091 */ 2092isc_boolean_t 2093get_broadcastclient_flag(void) 2094{ 2095 return (broadcast_client_enabled); 2096} 2097/* 2098 * Check to see if the address is a multicast address 2099 */ 2100static isc_boolean_t 2101addr_ismulticast( 2102 sockaddr_u *maddr 2103 ) 2104{ 2105 isc_boolean_t result; 2106 2107#ifndef INCLUDE_IPV6_MULTICAST_SUPPORT 2108 /* 2109 * If we don't have IPV6 support any IPV6 addr is not multicast 2110 */ 2111 if (IS_IPV6(maddr)) 2112 result = ISC_FALSE; 2113 else 2114#endif 2115 result = IS_MCAST(maddr); 2116 2117 if (!result) 2118 DPRINTF(4, ("address %s is not multicast\n", 2119 stoa(maddr))); 2120 2121 return result; 2122} 2123 2124/* 2125 * Multicast servers need to set the appropriate Multicast interface 2126 * socket option in order for it to know which interface to use for 2127 * send the multicast packet. 2128 */ 2129void 2130enable_multicast_if( 2131 struct interface * iface, 2132 sockaddr_u * maddr 2133 ) 2134{ 2135#ifdef MCAST 2136 TYPEOF_IP_MULTICAST_LOOP off = 0; 2137 2138 NTP_REQUIRE(AF(maddr) == AF(&iface->sin)); 2139 2140 switch (AF(&iface->sin)) { 2141 2142 case AF_INET: 2143 if (setsockopt(iface->fd, IPPROTO_IP, IP_MULTICAST_IF, 2144 (void *)&NSRCADR(&iface->sin), 2145 sizeof(NSRCADR(&iface->sin)))) { 2146 2147 msyslog(LOG_ERR, 2148 "setsockopt IP_MULTICAST_IF failed: %m on socket %d, addr %s for multicast address %s", 2149 iface->fd, stoa(&iface->sin), 2150 stoa(maddr)); 2151 return; 2152 } 2153#ifdef IP_MULTICAST_LOOP 2154 /* 2155 * Don't send back to itself, but allow failure to set 2156 */ 2157 if (setsockopt(iface->fd, IPPROTO_IP, 2158 IP_MULTICAST_LOOP, 2159 SETSOCKOPT_ARG_CAST &off, 2160 sizeof(off))) { 2161 2162 msyslog(LOG_ERR, 2163 "setsockopt IP_MULTICAST_LOOP failed: %m on socket %d, addr %s for multicast address %s", 2164 iface->fd, stoa(&iface->sin), 2165 stoa(maddr)); 2166 } 2167#endif 2168 DPRINTF(4, ("Added IPv4 multicast interface on socket %d, addr %s for multicast address %s\n", 2169 iface->fd, stoa(&iface->sin), 2170 stoa(maddr))); 2171 break; 2172 2173 case AF_INET6: 2174#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2175 if (setsockopt(iface->fd, IPPROTO_IPV6, 2176 IPV6_MULTICAST_IF, 2177 (char *)&iface->scopeid, 2178 sizeof(iface->scopeid))) { 2179 2180 msyslog(LOG_ERR, 2181 "setsockopt IPV6_MULTICAST_IF failed: %m on socket %d, addr %s, scope %d for multicast address %s", 2182 iface->fd, stoa(&iface->sin), 2183 iface->scopeid, stoa(maddr)); 2184 return; 2185 } 2186#ifdef IPV6_MULTICAST_LOOP 2187 /* 2188 * Don't send back to itself, but allow failure to set 2189 */ 2190 if (setsockopt(iface->fd, IPPROTO_IPV6, 2191 IPV6_MULTICAST_LOOP, 2192 (char *) &off, sizeof(off))) { 2193 2194 msyslog(LOG_ERR, 2195 "setsockopt IP_MULTICAST_LOOP failed: %m on socket %d, addr %s for multicast address %s", 2196 iface->fd, stoa(&iface->sin), 2197 stoa(maddr)); 2198 } 2199#endif 2200 DPRINTF(4, ("Added IPv6 multicast interface on socket %d, addr %s, scope %d for multicast address %s\n", 2201 iface->fd, stoa(&iface->sin), 2202 iface->scopeid, stoa(maddr))); 2203 break; 2204#else 2205 return; 2206#endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2207 } 2208 return; 2209#endif 2210} 2211 2212/* 2213 * Add a multicast address to a given socket 2214 * The socket is in the inter_list all we need to do is enable 2215 * multicasting. It is not this function's job to select the socket 2216 */ 2217#ifdef MCAST 2218static isc_boolean_t 2219socket_multicast_enable( 2220 struct interface * iface, 2221 int lscope, 2222 sockaddr_u * maddr 2223 ) 2224{ 2225 struct ip_mreq mreq; 2226#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2227 struct ipv6_mreq mreq6; 2228#endif 2229 2230 if (find_addr_in_list(maddr) != NULL) { 2231 DPRINTF(4, ("socket_multicast_enable(%s): already enabled\n", 2232 stoa(maddr))); 2233 return ISC_TRUE; 2234 } 2235 2236 switch (AF(maddr)) { 2237 2238 case AF_INET: 2239 memset(&mreq, 0, sizeof(mreq)); 2240 mreq.imr_multiaddr = SOCK_ADDR4(maddr); 2241 mreq.imr_interface.s_addr = htonl(INADDR_ANY); 2242 if (setsockopt(iface->fd, 2243 IPPROTO_IP, 2244 IP_ADD_MEMBERSHIP, 2245 (char *)&mreq, 2246 sizeof(mreq))) { 2247 msyslog(LOG_ERR, 2248 "setsockopt IP_ADD_MEMBERSHIP failed: %m on socket %d, addr %s for %x / %x (%s)", 2249 iface->fd, stoa(&iface->sin), 2250 mreq.imr_multiaddr.s_addr, 2251 mreq.imr_interface.s_addr, 2252 stoa(maddr)); 2253 return ISC_FALSE; 2254 } 2255 DPRINTF(4, ("Added IPv4 multicast membership on socket %d, addr %s for %x / %x (%s)\n", 2256 iface->fd, stoa(&iface->sin), 2257 mreq.imr_multiaddr.s_addr, 2258 mreq.imr_interface.s_addr, stoa(maddr))); 2259 break; 2260 2261 case AF_INET6: 2262#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2263 /* 2264 * Enable reception of multicast packets. 2265 * If the address is link-local we can get the 2266 * interface index from the scope id. Don't do this 2267 * for other types of multicast addresses. For now let 2268 * the kernel figure it out. 2269 */ 2270 memset(&mreq6, 0, sizeof(mreq6)); 2271 mreq6.ipv6mr_multiaddr = SOCK_ADDR6(maddr); 2272 mreq6.ipv6mr_interface = lscope; 2273 2274 if (setsockopt(iface->fd, IPPROTO_IPV6, 2275 IPV6_JOIN_GROUP, (char *)&mreq6, 2276 sizeof(mreq6))) { 2277 msyslog(LOG_ERR, 2278 "setsockopt IPV6_JOIN_GROUP failed: %m on socket %d, addr %s for interface %d (%s)", 2279 iface->fd, stoa(&iface->sin), 2280 mreq6.ipv6mr_interface, stoa(maddr)); 2281 return ISC_FALSE; 2282 } 2283 DPRINTF(4, ("Added IPv6 multicast group on socket %d, addr %s for interface %d(%s)\n", 2284 iface->fd, stoa(&iface->sin), 2285 mreq6.ipv6mr_interface, stoa(maddr))); 2286#else 2287 return ISC_FALSE; 2288#endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2289 } 2290 iface->flags |= INT_MCASTOPEN; 2291 iface->num_mcast++; 2292 add_addr_to_list(maddr, iface); 2293 return ISC_TRUE; 2294} 2295 2296/* 2297 * Remove a multicast address from a given socket 2298 * The socket is in the inter_list all we need to do is disable 2299 * multicasting. It is not this function's job to select the socket 2300 */ 2301static isc_boolean_t 2302socket_multicast_disable( 2303 struct interface * iface, 2304 sockaddr_u * maddr 2305 ) 2306{ 2307#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2308 struct ipv6_mreq mreq6; 2309#endif 2310 struct ip_mreq mreq; 2311 2312 memset(&mreq, 0, sizeof(mreq)); 2313 2314 if (find_addr_in_list(maddr) == NULL) { 2315 DPRINTF(4, ("socket_multicast_disable(%s): not found\n", 2316 stoa(maddr))); 2317 return ISC_TRUE; 2318 } 2319 2320 switch (AF(maddr)) { 2321 2322 case AF_INET: 2323 mreq.imr_multiaddr = SOCK_ADDR4(maddr); 2324 mreq.imr_interface = SOCK_ADDR4(&iface->sin); 2325 if (setsockopt(iface->fd, IPPROTO_IP, 2326 IP_DROP_MEMBERSHIP, (char *)&mreq, 2327 sizeof(mreq))) { 2328 2329 msyslog(LOG_ERR, 2330 "setsockopt IP_DROP_MEMBERSHIP failed: %m on socket %d, addr %s for %x / %x (%s)", 2331 iface->fd, stoa(&iface->sin), 2332 SRCADR(maddr), SRCADR(&iface->sin), 2333 stoa(maddr)); 2334 return ISC_FALSE; 2335 } 2336 break; 2337 case AF_INET6: 2338#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2339 /* 2340 * Disable reception of multicast packets 2341 * If the address is link-local we can get the 2342 * interface index from the scope id. Don't do this 2343 * for other types of multicast addresses. For now let 2344 * the kernel figure it out. 2345 */ 2346 mreq6.ipv6mr_multiaddr = SOCK_ADDR6(maddr); 2347 mreq6.ipv6mr_interface = iface->scopeid; 2348 2349 if (setsockopt(iface->fd, IPPROTO_IPV6, 2350 IPV6_LEAVE_GROUP, (char *)&mreq6, 2351 sizeof(mreq6))) { 2352 2353 msyslog(LOG_ERR, 2354 "setsockopt IPV6_LEAVE_GROUP failure: %m on socket %d, addr %s for %d (%s)", 2355 iface->fd, stoa(&iface->sin), 2356 iface->scopeid, stoa(maddr)); 2357 return ISC_FALSE; 2358 } 2359 break; 2360#else 2361 return ISC_FALSE; 2362#endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2363 } 2364 2365 iface->num_mcast--; 2366 if (!iface->num_mcast) 2367 iface->flags &= ~INT_MCASTOPEN; 2368 2369 return ISC_TRUE; 2370} 2371#endif /* MCAST */ 2372 2373/* 2374 * io_setbclient - open the broadcast client sockets 2375 */ 2376void 2377io_setbclient(void) 2378{ 2379#ifdef OPEN_BCAST_SOCKET 2380 struct interface * interf; 2381 int nif; 2382 isc_boolean_t jstatus; 2383 SOCKET fd; 2384 2385 nif = 0; 2386 set_reuseaddr(1); 2387 2388 for (interf = inter_list; 2389 interf != NULL; 2390 interf = interf->link) { 2391 2392 if (interf->flags & (INT_WILDCARD | INT_LOOPBACK)) 2393 continue; 2394 2395 /* use only allowed addresses */ 2396 if (interf->ignore_packets) 2397 continue; 2398 2399 2400 /* Need a broadcast-capable interface */ 2401 if (!(interf->flags & INT_BROADCAST)) 2402 continue; 2403 2404 /* Only IPv4 addresses are valid for broadcast */ 2405 NTP_REQUIRE(IS_IPV4(&interf->sin)); 2406 2407 /* Do we already have the broadcast address open? */ 2408 if (interf->flags & INT_BCASTOPEN) { 2409 /* 2410 * account for already open interfaces to avoid 2411 * misleading warning below 2412 */ 2413 nif++; 2414 continue; 2415 } 2416 2417 /* 2418 * Try to open the broadcast address 2419 */ 2420 interf->family = AF_INET; 2421 interf->bfd = open_socket(&interf->bcast, 1, 0, interf); 2422 2423 /* 2424 * If we succeeded then we use it otherwise enable 2425 * broadcast on the interface address 2426 */ 2427 if (interf->bfd != INVALID_SOCKET) { 2428 fd = interf->bfd; 2429 jstatus = ISC_TRUE; 2430 } else { 2431 fd = interf->fd; 2432 jstatus = socket_broadcast_enable(interf, fd, 2433 &interf->sin); 2434 } 2435 2436 /* Enable Broadcast on socket */ 2437 if (jstatus) { 2438 nif++; 2439 msyslog(LOG_INFO, 2440 "io_setbclient: Opened broadcast client on interface #%d %s", 2441 interf->ifnum, interf->name); 2442 interf->addr_refid = addr2refid(&interf->sin); 2443 } 2444 } 2445 set_reuseaddr(0); 2446 if (nif > 0) 2447 DPRINTF(1, ("io_setbclient: Opened broadcast clients\n")); 2448 else if (!nif) 2449 msyslog(LOG_ERR, 2450 "Unable to listen for broadcasts, no broadcast interfaces available"); 2451#else 2452 msyslog(LOG_ERR, 2453 "io_setbclient: Broadcast Client disabled by build"); 2454#endif /* OPEN_BCAST_SOCKET */ 2455} 2456 2457/* 2458 * io_unsetbclient - close the broadcast client sockets 2459 */ 2460void 2461io_unsetbclient(void) 2462{ 2463 struct interface *interf; 2464 2465 for (interf = inter_list; 2466 NULL != interf; 2467 interf = interf->link) 2468 { 2469 if (interf->flags & INT_WILDCARD) 2470 continue; 2471 2472 if (!(interf->flags & INT_BCASTOPEN)) 2473 continue; 2474 2475 socket_broadcast_disable(interf, &interf->sin); 2476 } 2477} 2478 2479/* 2480 * io_multicast_add() - add multicast group address 2481 */ 2482void 2483io_multicast_add( 2484 sockaddr_u *addr 2485 ) 2486{ 2487#ifdef MCAST 2488 struct interface *interface; 2489#ifndef MULTICAST_NONEWSOCKET 2490 struct interface *iface; 2491#endif 2492 int lscope = 0; 2493 2494 /* 2495 * Check to see if this is a multicast address 2496 */ 2497 if (!addr_ismulticast(addr)) 2498 return; 2499 2500 /* If we already have it we can just return */ 2501 if (NULL != find_flagged_addr_in_list(addr, INT_MCASTOPEN)) { 2502 msyslog(LOG_INFO, 2503 "Duplicate request found for multicast address %s", 2504 stoa(addr)); 2505 return; 2506 } 2507 2508#ifndef MULTICAST_NONEWSOCKET 2509 interface = new_interface(NULL); 2510 2511 /* 2512 * Open a new socket for the multicast address 2513 */ 2514 interface->family = 2515 AF(&interface->sin) = 2516 AF(&interface->mask) = AF(addr); 2517 SET_PORT(&interface->sin, NTP_PORT); 2518 SET_ONESMASK(&interface->mask); 2519 2520 switch(AF(addr)) { 2521 2522 case AF_INET: 2523 NSRCADR(&interface->sin) = NSRCADR(addr); 2524 break; 2525 2526 case AF_INET6: 2527#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2528 SET_ADDR6N(&interface->sin, SOCK_ADDR6(addr)); 2529 lscope = SCOPE(addr); 2530 SET_SCOPE(&interface->sin, lscope); 2531#endif 2532 iface = findlocalcastinterface(addr); 2533 if (iface != NULL) 2534 DPRINTF(4, ("Found interface #%d %s, scope %d for address %s\n", 2535 iface->ifnum, iface->name, lscope, 2536 stoa(addr))); 2537 } 2538 2539 set_reuseaddr(1); 2540 interface->bfd = INVALID_SOCKET; 2541 interface->fd = open_socket(&interface->sin, INT_MULTICAST, 0, 2542 interface); 2543 2544 if (interface->fd != INVALID_SOCKET) { 2545 interface->bfd = INVALID_SOCKET; 2546 interface->ignore_packets = ISC_FALSE; 2547 interface->flags |= INT_MCASTIF; 2548 2549 strncpy(interface->name, "multicast", 2550 sizeof(interface->name)); 2551 DPRINT_INTERFACE(2, (interface, "multicast add ", "\n")); 2552 /* 2553 * socket_multicast_enable() will add this address to 2554 * the addresslist 2555 */ 2556 add_interface(interface); 2557 list_if_listening(interface); 2558 } else { 2559 /* bind failed, re-use wildcard interface */ 2560 delete_interface(interface); 2561 2562 if (IS_IPV4(addr)) 2563 interface = wildipv4; 2564 else if (IS_IPV6(addr)) 2565 interface = wildipv6; 2566 else 2567 interface = NULL; 2568 2569 if (interface != NULL) { 2570 /* HACK ! -- stuff in an address */ 2571 /* because we don't bind addr? DH */ 2572 interface->bcast = *addr; 2573 msyslog(LOG_ERR, 2574 "multicast address %s using wildcard interface #%d %s", 2575 stoa(addr), interface->ifnum, 2576 interface->name); 2577 } else { 2578 msyslog(LOG_ERR, 2579 "No multicast socket available to use for address %s", 2580 stoa(addr)); 2581 return; 2582 } 2583 } 2584#else 2585 /* 2586 * For the case where we can't use a separate socket 2587 */ 2588 interface = findlocalcastinterface(addr); 2589 /* 2590 * If we don't have a valid socket, just return 2591 */ 2592 if (NULL == interface) { 2593 msyslog(LOG_ERR, 2594 "Can not add multicast address %s: no multicast interface found", 2595 stoa(addr)); 2596 return; 2597 } 2598 2599#endif 2600 if (socket_multicast_enable(interface, lscope, addr)) 2601 msyslog(LOG_INFO, 2602 "Added Multicast Listener %s on interface #%d %s", 2603 stoa(addr), interface->ifnum, interface->name); 2604 else 2605 msyslog(LOG_ERR, "Failed to add Multicast Listener %s", 2606 stoa(addr)); 2607#else /* MCAST */ 2608 msyslog(LOG_ERR, 2609 "Can not add multicast address %s: no multicast support", 2610 stoa(addr)); 2611#endif /* MCAST */ 2612 return; 2613} 2614 2615 2616/* 2617 * io_multicast_del() - delete multicast group address 2618 */ 2619void 2620io_multicast_del( 2621 sockaddr_u * addr 2622 ) 2623{ 2624#ifdef MCAST 2625 struct interface *iface; 2626 2627 /* 2628 * Check to see if this is a multicast address 2629 */ 2630 if (!addr_ismulticast(addr)) { 2631 msyslog(LOG_ERR, "invalid multicast address %s", 2632 stoa(addr)); 2633 return; 2634 } 2635 2636 /* 2637 * Disable reception of multicast packets 2638 */ 2639 while ((iface = find_flagged_addr_in_list(addr, INT_MCASTOPEN)) 2640 != NULL) 2641 socket_multicast_disable(iface, addr); 2642 2643 delete_addr_from_list(addr); 2644 2645#else /* not MCAST */ 2646 msyslog(LOG_ERR, 2647 "Can not delete multicast address %s: no multicast support", 2648 stoa(addr)); 2649#endif /* not MCAST */ 2650} 2651 2652 2653/* 2654 * init_nonblocking_io() - set up descriptor to be non blocking 2655 */ 2656static void init_nonblocking_io( 2657 SOCKET fd 2658 ) 2659{ 2660 /* 2661 * set non-blocking, 2662 */ 2663 2664#ifdef USE_FIONBIO 2665 /* in vxWorks we use FIONBIO, but the others are defined for old systems, so 2666 * all hell breaks loose if we leave them defined 2667 */ 2668#undef O_NONBLOCK 2669#undef FNDELAY 2670#undef O_NDELAY 2671#endif 2672 2673#if defined(O_NONBLOCK) /* POSIX */ 2674 if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) { 2675 msyslog(LOG_ERR, 2676 "fcntl(O_NONBLOCK) fails on fd #%d: %m", fd); 2677 exit(1); 2678 } 2679#elif defined(FNDELAY) 2680 if (fcntl(fd, F_SETFL, FNDELAY) < 0) { 2681 msyslog(LOG_ERR, "fcntl(FNDELAY) fails on fd #%d: %m", 2682 fd); 2683 exit(1); 2684 } 2685#elif defined(O_NDELAY) /* generally the same as FNDELAY */ 2686 if (fcntl(fd, F_SETFL, O_NDELAY) < 0) { 2687 msyslog(LOG_ERR, "fcntl(O_NDELAY) fails on fd #%d: %m", 2688 fd); 2689 exit(1); 2690 } 2691#elif defined(FIONBIO) 2692 { 2693 int on = 1; 2694 2695 if (ioctl(fd, FIONBIO, &on) < 0) { 2696 msyslog(LOG_ERR, 2697 "ioctl(FIONBIO) fails on fd #%d: %m", 2698 fd); 2699 exit(1); 2700 } 2701 } 2702#elif defined(FIOSNBIO) 2703 if (ioctl(fd, FIOSNBIO, &on) < 0) { 2704 msyslog(LOG_ERR, 2705 "ioctl(FIOSNBIO) fails on fd #%d: %m", fd); 2706 exit(1); 2707 } 2708#else 2709# include "Bletch: Need non-blocking I/O!" 2710#endif 2711} 2712 2713/* 2714 * open_socket - open a socket, returning the file descriptor 2715 */ 2716 2717static SOCKET 2718open_socket( 2719 sockaddr_u * addr, 2720 int bcast, 2721 int turn_off_reuse, 2722 struct interface * interf 2723 ) 2724{ 2725 SOCKET fd; 2726 int errval; 2727 char scopetext[16]; 2728 /* 2729 * int is OK for REUSEADR per 2730 * http://www.kohala.com/start/mcast.api.txt 2731 */ 2732 int on = 1; 2733 int off = 0; 2734 2735 if (IS_IPV6(addr) && !ipv6_works) 2736 return INVALID_SOCKET; 2737 2738 /* create a datagram (UDP) socket */ 2739 fd = socket(AF(addr), SOCK_DGRAM, 0); 2740 if (INVALID_SOCKET == fd) { 2741#ifndef SYS_WINNT 2742 errval = errno; 2743#else 2744 errval = WSAGetLastError(); 2745#endif 2746 msyslog(LOG_ERR, 2747 "socket(AF_INET%s, SOCK_DGRAM, 0) failed on address %s: %m", 2748 IS_IPV6(addr) ? "6" : "", stoa(addr)); 2749 2750 if (errval == EPROTONOSUPPORT || 2751 errval == EAFNOSUPPORT || 2752 errval == EPFNOSUPPORT) 2753 return (INVALID_SOCKET); 2754 2755 errno = errval; 2756 msyslog(LOG_ERR, 2757 "unexpected socket() error %m code %d (not EPROTONOSUPPORT nor EAFNOSUPPORT nor EPFNOSUPPORT) - exiting", 2758 errno); 2759 exit(1); 2760 } 2761 2762#ifdef SYS_WINNT 2763 connection_reset_fix(fd, addr); 2764#endif 2765 /* 2766 * Fixup the file descriptor for some systems 2767 * See bug #530 for details of the issue. 2768 */ 2769 fd = move_fd(fd); 2770 2771 /* 2772 * set SO_REUSEADDR since we will be binding the same port 2773 * number on each interface according to turn_off_reuse. 2774 * This is undesirable on Windows versions starting with 2775 * Windows XP (numeric version 5.1). 2776 */ 2777#ifdef SYS_WINNT 2778 if (isc_win32os_versioncheck(5, 1, 0, 0) < 0) /* before 5.1 */ 2779#endif 2780 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, 2781 (char *)((turn_off_reuse) 2782 ? &off 2783 : &on), 2784 sizeof(on))) { 2785 2786 msyslog(LOG_ERR, 2787 "setsockopt SO_REUSEADDR %s fails for address %s: %m", 2788 (turn_off_reuse) 2789 ? "off" 2790 : "on", 2791 stoa(addr)); 2792 closesocket(fd); 2793 return INVALID_SOCKET; 2794 } 2795#ifdef SO_EXCLUSIVEADDRUSE 2796 /* 2797 * setting SO_EXCLUSIVEADDRUSE on the wildcard we open 2798 * first will cause more specific binds to fail. 2799 */ 2800 if (!(interf->flags & INT_WILDCARD)) 2801 set_excladdruse(fd); 2802#endif 2803 2804 /* 2805 * IPv4 specific options go here 2806 */ 2807 if (IS_IPV4(addr)) { 2808#if defined(HAVE_IPTOS_SUPPORT) 2809 if (setsockopt(fd, IPPROTO_IP, IP_TOS, (char *)&qos, 2810 sizeof(qos))) 2811 msyslog(LOG_ERR, 2812 "setsockopt IP_TOS (%02x) fails on address %s: %m", 2813 qos, stoa(addr)); 2814#endif /* HAVE_IPTOS_SUPPORT */ 2815 if (bcast) 2816 socket_broadcast_enable(interf, fd, addr); 2817 } 2818 2819 /* 2820 * IPv6 specific options go here 2821 */ 2822 if (IS_IPV6(addr)) { 2823 /* Avoid predictable bind errors */ 2824 struct in6_ifreq ifr6; 2825 strlcpy(ifr6.ifr_name, interf->name, sizeof(ifr6.ifr_name)); 2826 ifr6.ifr_addr = *(struct sockaddr_in6 *)addr; 2827 if (ioctl(fd, SIOCGIFAFLAG_IN6, &ifr6) >= 0) { 2828 interf->flags6 = ifr6.ifr_ifru.ifru_flags6; 2829 if (interf->flags6 & IN6_AVOID_FLAGS) { 2830 closesocket(fd); 2831 return INVALID_SOCKET; 2832 } 2833 } 2834#if defined(IPV6_V6ONLY) 2835 if (isc_net_probe_ipv6only() == ISC_R_SUCCESS 2836 && setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, 2837 (char*)&on, sizeof(on))) 2838 msyslog(LOG_ERR, 2839 "setsockopt IPV6_V6ONLY on fails on address %s: %m", 2840 stoa(addr)); 2841#endif /* IPV6_V6ONLY */ 2842#if defined(IPV6_BINDV6ONLY) 2843 if (setsockopt(fd, IPPROTO_IPV6, IPV6_BINDV6ONLY, 2844 (char*)&on, sizeof(on))) 2845 msyslog(LOG_ERR, 2846 "setsockopt IPV6_BINDV6ONLY on fails on address %s: %m", 2847 stoa(addr)); 2848#endif /* IPV6_BINDV6ONLY */ 2849 } 2850 2851#ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 2852 /* 2853 * some OSes don't allow binding to more specific 2854 * addresses if a wildcard address already bound 2855 * to the port and SO_REUSEADDR is not set 2856 */ 2857 if (!is_wildcard_addr(addr)) 2858 set_wildcard_reuse(AF(addr), 1); 2859#endif 2860 2861 /* 2862 * bind the local address. 2863 */ 2864 errval = bind(fd, &addr->sa, SOCKLEN(addr)); 2865 2866#ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 2867 if (!is_wildcard_addr(addr)) 2868 set_wildcard_reuse(AF(addr), 0); 2869#endif 2870 2871 if (errval < 0) { 2872 /* 2873 * Don't log this under all conditions 2874 */ 2875 if (turn_off_reuse == 0 2876#ifdef DEBUG 2877 || debug > 1 2878#endif 2879 ) { 2880 if (SCOPE(addr)) 2881 snprintf(scopetext, sizeof(scopetext), 2882 "%%%d", SCOPE(addr)); 2883 else 2884 scopetext[0] = 0; 2885 2886 msyslog(LOG_ERR, 2887 "bind(%d) AF_INET%s %s%s#%d%s flags 0x%x flags6 0x%x failed: %m", 2888 fd, IS_IPV6(addr) ? "6" : "", 2889 stoa(addr), scopetext, SRCPORT(addr), 2890 IS_MCAST(addr) ? " (multicast)" : "", 2891 interf->flags, interf->flags6); 2892 } 2893 2894 closesocket(fd); 2895 2896 return INVALID_SOCKET; 2897 } 2898 2899#ifdef HAVE_TIMESTAMP 2900 { 2901 if (setsockopt(fd, SOL_SOCKET, SO_TIMESTAMP, 2902 (char*)&on, sizeof(on))) 2903 msyslog(LOG_DEBUG, 2904 "setsockopt SO_TIMESTAMP on fails on address %s: %m", 2905 stoa(addr)); 2906 else 2907 DPRINTF(4, ("setsockopt SO_TIMESTAMP enabled on fd %d address %s\n", 2908 fd, stoa(addr))); 2909 } 2910#endif 2911 DPRINTF(4, ("bind(%d) AF_INET%s, addr %s%%%d#%d, flags 0x%x\n", 2912 fd, IS_IPV6(addr) ? "6" : "", stoa(addr), 2913 SCOPE(addr), SRCPORT(addr), interf->flags)); 2914 2915 init_nonblocking_io(fd); 2916 2917#ifdef HAVE_SIGNALED_IO 2918 init_socket_sig(fd); 2919#endif /* not HAVE_SIGNALED_IO */ 2920 2921 add_fd_to_list(fd, FD_TYPE_SOCKET); 2922 2923#if !defined(SYS_WINNT) && !defined(VMS) 2924 DPRINTF(4, ("flags for fd %d: 0x%x\n", fd, 2925 fcntl(fd, F_GETFL, 0))); 2926#endif /* SYS_WINNT || VMS */ 2927 2928#if defined (HAVE_IO_COMPLETION_PORT) 2929/* 2930 * Add the socket to the completion port 2931 */ 2932 if (io_completion_port_add_socket(fd, interf)) { 2933 msyslog(LOG_ERR, "unable to set up io completion port - EXITING"); 2934 exit(1); 2935 } 2936#endif 2937 return fd; 2938} 2939 2940/* XXX ELIMINATE sendpkt similar in ntpq.c, ntpdc.c, ntp_io.c, ntptrace.c */ 2941/* 2942 * sendpkt - send a packet to the specified destination. Maintain a 2943 * send error cache so that only the first consecutive error for a 2944 * destination is logged. 2945 */ 2946void 2947sendpkt( 2948 sockaddr_u *dest, 2949 struct interface *inter, 2950 int ttl, 2951 struct pkt *pkt, 2952 int len 2953 ) 2954{ 2955 int cc; 2956 2957 if (NULL == inter) { 2958 /* 2959 * unbound peer - drop request and wait for better 2960 * network conditions 2961 */ 2962 DPRINTF(2, ("%ssendpkt(dst=%s, ttl=%d, len=%d): no interface - IGNORED\n", 2963 (ttl > 0) ? "\tMCAST\t***** " : "", 2964 stoa(dest), ttl, len)); 2965 return; 2966 } 2967 2968 DPRINTF(2, ("%ssendpkt(%d, dst=%s, src=%s, ttl=%d, len=%d)\n", 2969 (ttl > 0) ? "\tMCAST\t***** " : "", 2970 inter->fd, stoa(dest), stoa(&inter->sin), 2971 ttl, len)); 2972 2973#ifdef MCAST 2974 /* 2975 * for the moment we use the bcast option to set multicast ttl 2976 */ 2977 if (ttl > 0 && ttl != inter->last_ttl) { 2978 /* 2979 * set the multicast ttl for outgoing packets 2980 */ 2981 int rtc; 2982 u_char cttl; 2983 u_int uttl; 2984 2985 switch (AF(&inter->sin)) { 2986 2987 case AF_INET : 2988 cttl = (u_char)ttl; 2989 rtc = setsockopt(inter->fd, IPPROTO_IP, 2990 IP_MULTICAST_TTL, 2991 (void *)&cttl, sizeof(cttl)); 2992 break; 2993 2994#ifdef INCLUDE_IPV6_SUPPORT 2995 case AF_INET6 : 2996 uttl = (u_int)ttl; 2997 rtc = setsockopt(inter->fd, IPPROTO_IPV6, 2998 IPV6_MULTICAST_HOPS, 2999 (void *)&uttl, sizeof(uttl)); 3000 break; 3001#endif /* INCLUDE_IPV6_SUPPORT */ 3002 3003 default: /* just NOP if not supported */ 3004 DPRINTF(1, ("sendpkt unknown AF %d", 3005 AF(&inter->sin))); 3006 rtc = 0; 3007 } 3008 3009 if (!rtc) 3010 inter->last_ttl = ttl; 3011 else 3012 msyslog(LOG_ERR, 3013 "setsockopt IP_MULTICAST_TTL/IPV6_MULTICAST_HOPS fails on address %s: %m", 3014 stoa(&inter->sin)); 3015 } 3016 3017#endif /* MCAST */ 3018 3019#if defined(HAVE_IO_COMPLETION_PORT) 3020 cc = io_completion_port_sendto(inter, pkt, len, dest); 3021 if (cc != ERROR_SUCCESS) { 3022#else 3023#ifdef SIM 3024 cc = simulate_server(dest, inter, pkt); 3025#else /* SIM */ 3026 cc = sendto(inter->fd, (char *)pkt, (unsigned int)len, 0, 3027 (struct sockaddr *)dest, SOCKLEN(dest)); 3028#endif /* SIM */ 3029 if (cc == -1) { 3030#endif 3031 inter->notsent++; 3032 packets_notsent++; 3033 } else { 3034 inter->sent++; 3035 packets_sent++; 3036 } 3037} 3038 3039 3040#if !defined(HAVE_IO_COMPLETION_PORT) 3041/* 3042 * fdbits - generate ascii representation of fd_set (FAU debug support) 3043 * HFDF format - highest fd first. 3044 */ 3045static char * 3046fdbits( 3047 int count, 3048 fd_set *set 3049 ) 3050{ 3051 static char buffer[256]; 3052 char * buf = buffer; 3053 3054 count = min(count, 255); 3055 3056 while (count >= 0) { 3057 *buf++ = FD_ISSET(count, set) ? '#' : '-'; 3058 count--; 3059 } 3060 *buf = '\0'; 3061 3062 return buffer; 3063} 3064 3065/* 3066 * Routine to read the refclock packets for a specific interface 3067 * Return the number of bytes read. That way we know if we should 3068 * read it again or go on to the next one if no bytes returned 3069 */ 3070static inline int 3071read_refclock_packet(SOCKET fd, struct refclockio *rp, l_fp ts) 3072{ 3073 int i; 3074 int buflen; 3075 register struct recvbuf *rb; 3076 3077 rb = get_free_recv_buffer(); 3078 3079 if (NULL == rb) { 3080 /* 3081 * No buffer space available - just drop the packet 3082 */ 3083 char buf[RX_BUFF_SIZE]; 3084 3085 buflen = read(fd, buf, sizeof buf); 3086 packets_dropped++; 3087 return (buflen); 3088 } 3089 3090 i = (rp->datalen == 0 3091 || rp->datalen > sizeof(rb->recv_space)) 3092 ? sizeof(rb->recv_space) 3093 : rp->datalen; 3094 buflen = read(fd, (char *)&rb->recv_space, (unsigned)i); 3095 3096 if (buflen < 0) { 3097 if (errno != EINTR && errno != EAGAIN) 3098 msyslog(LOG_ERR, "clock read fd %d: %m", fd); 3099 freerecvbuf(rb); 3100 return (buflen); 3101 } 3102 3103 /* 3104 * Got one. Mark how and when it got here, 3105 * put it on the full list and do bookkeeping. 3106 */ 3107 rb->recv_length = buflen; 3108 rb->recv_srcclock = rp->srcclock; 3109 rb->dstadr = 0; 3110 rb->fd = fd; 3111 rb->recv_time = ts; 3112 rb->receiver = rp->clock_recv; 3113 3114 if (rp->io_input) { 3115 /* 3116 * have direct input routine for refclocks 3117 */ 3118 if (rp->io_input(rb) == 0) { 3119 /* 3120 * data was consumed - nothing to pass up 3121 * into block input machine 3122 */ 3123 freerecvbuf(rb); 3124 return (buflen); 3125 } 3126 } 3127 3128 add_full_recv_buffer(rb); 3129 3130 rp->recvcount++; 3131 packets_received++; 3132 return (buflen); 3133} 3134 3135 3136#ifdef HAVE_TIMESTAMP 3137/* 3138 * extract timestamps from control message buffer 3139 */ 3140static l_fp 3141fetch_timestamp( 3142 struct recvbuf * rb, 3143 struct msghdr * msghdr, 3144 l_fp ts 3145 ) 3146{ 3147#ifdef USE_TIMESTAMP_CMSG 3148 struct cmsghdr *cmsghdr; 3149 3150 cmsghdr = CMSG_FIRSTHDR(msghdr); 3151 while (cmsghdr != NULL) { 3152 switch (cmsghdr->cmsg_type) 3153 { 3154 case SCM_TIMESTAMP: 3155 { 3156 struct timeval *tvp; 3157 double dtemp; 3158 l_fp nts; 3159 3160 tvp = (struct timeval *)CMSG_DATA(cmsghdr); 3161 DPRINTF(4, ("fetch_timestamp: system network time stamp: %ld.%06d\n", 3162 tvp->tv_sec, tvp->tv_usec)); 3163 nts.l_i = tvp->tv_sec + JAN_1970; 3164 dtemp = (tvp->tv_usec 3165 + (ntp_random() * 2. / FRAC)) / 1e6; 3166 nts.l_uf = (u_int32)(dtemp * FRAC); 3167#ifdef DEBUG_TIMING 3168 { 3169 l_fp dts; 3170 3171 dts = ts; 3172 L_SUB(&dts, &nts); 3173 collect_timing(rb, 3174 "input processing delay", 3175 1, &dts); 3176 DPRINTF(4, ("fetch_timestamp: timestamp delta: %s (incl. prec fuzz)\n", 3177 lfptoa(&dts, 9))); 3178 } 3179#endif 3180 ts = nts; /* network time stamp */ 3181 break; 3182 } 3183 default: 3184 DPRINTF(4, ("fetch_timestamp: skipping control message 0x%x\n", 3185 cmsghdr->cmsg_type)); 3186 } 3187 cmsghdr = CMSG_NXTHDR(msghdr, cmsghdr); 3188 } 3189#endif 3190 return ts; 3191} 3192#endif 3193 3194 3195/* 3196 * Routine to read the network NTP packets for a specific interface 3197 * Return the number of bytes read. That way we know if we should 3198 * read it again or go on to the next one if no bytes returned 3199 */ 3200static inline int 3201read_network_packet( 3202 SOCKET fd, 3203 struct interface * itf, 3204 l_fp ts 3205 ) 3206{ 3207 GETSOCKNAME_SOCKLEN_TYPE fromlen; 3208 int buflen; 3209 register struct recvbuf *rb; 3210#ifdef HAVE_TIMESTAMP 3211 struct msghdr msghdr; 3212 struct iovec iovec; 3213 char control[TIMESTAMP_CTLMSGBUF_SIZE]; 3214#endif 3215 3216 /* 3217 * Get a buffer and read the frame. If we 3218 * haven't got a buffer, or this is received 3219 * on a disallowed socket, just dump the 3220 * packet. 3221 */ 3222 3223 rb = get_free_recv_buffer(); 3224 if (NULL == rb || itf->ignore_packets) { 3225 char buf[RX_BUFF_SIZE]; 3226 sockaddr_u from; 3227 3228 if (rb != NULL) 3229 freerecvbuf(rb); 3230 3231 fromlen = sizeof(from); 3232 buflen = recvfrom(fd, buf, sizeof(buf), 0, 3233 &from.sa, &fromlen); 3234 DPRINTF(4, ("%s on (%lu) fd=%d from %s\n", 3235 (itf->ignore_packets) 3236 ? "ignore" 3237 : "drop", 3238 free_recvbuffs(), fd, stoa(&from))); 3239 if (itf->ignore_packets) 3240 packets_ignored++; 3241 else 3242 packets_dropped++; 3243 return (buflen); 3244 } 3245 3246 fromlen = sizeof(rb->recv_srcadr); 3247 3248#ifndef HAVE_TIMESTAMP 3249 rb->recv_length = recvfrom(fd, (char *)&rb->recv_space, 3250 sizeof(rb->recv_space), 0, 3251 &rb->recv_srcadr.sa, &fromlen); 3252#else 3253 iovec.iov_base = &rb->recv_space; 3254 iovec.iov_len = sizeof(rb->recv_space); 3255 msghdr.msg_name = &rb->recv_srcadr; 3256 msghdr.msg_namelen = fromlen; 3257 msghdr.msg_iov = &iovec; 3258 msghdr.msg_iovlen = 1; 3259 msghdr.msg_control = (void *)&control; 3260 msghdr.msg_controllen = sizeof(control); 3261 msghdr.msg_flags = 0; 3262 rb->recv_length = recvmsg(fd, &msghdr, 0); 3263#endif 3264 3265 buflen = rb->recv_length; 3266 3267 if (buflen == 0 || (buflen == -1 && 3268 (EWOULDBLOCK == errno 3269#ifdef EAGAIN 3270 || EAGAIN == errno 3271#endif 3272 ))) { 3273 freerecvbuf(rb); 3274 return (buflen); 3275 } else if (buflen < 0) { 3276 msyslog(LOG_ERR, "recvfrom(%s) fd=%d: %m", 3277 stoa(&rb->recv_srcadr), fd); 3278 DPRINTF(5, ("read_network_packet: fd=%d dropped (bad recvfrom)\n", 3279 fd)); 3280 freerecvbuf(rb); 3281 return (buflen); 3282 } 3283 3284 DPRINTF(3, ("read_network_packet: fd=%d length %d from %s\n", 3285 fd, buflen, stoa(&rb->recv_srcadr))); 3286 3287 /* 3288 * Got one. Mark how and when it got here, 3289 * put it on the full list and do bookkeeping. 3290 */ 3291 rb->dstadr = itf; 3292 rb->fd = fd; 3293#ifdef HAVE_TIMESTAMP 3294 /* pick up a network time stamp if possible */ 3295 ts = fetch_timestamp(rb, &msghdr, ts); 3296#endif 3297 rb->recv_time = ts; 3298 rb->receiver = receive; 3299 3300 add_full_recv_buffer(rb); 3301 3302 itf->received++; 3303 packets_received++; 3304 return (buflen); 3305} 3306 3307 3308/* 3309 * input_handler - receive packets asynchronously 3310 */ 3311void 3312input_handler( 3313 l_fp *cts 3314 ) 3315{ 3316 extern void trigger_timer(); 3317 int buflen; 3318 int n; 3319 int doing; 3320 SOCKET fd; 3321 struct timeval tvzero; 3322 l_fp ts; /* Timestamp at BOselect() gob */ 3323#ifdef DEBUG_TIMING 3324 l_fp ts_e; /* Timestamp at EOselect() gob */ 3325#endif 3326 fd_set fds; 3327 int select_count = 0; 3328 struct interface *interface; 3329#if defined(HAS_ROUTING_SOCKET) 3330 struct asyncio_reader *asyncio_reader; 3331#endif 3332 3333 handler_calls++; 3334 3335 /* 3336 * If we have something to do, freeze a timestamp. 3337 * See below for the other cases (nothing left to do or error) 3338 */ 3339 ts = *cts; 3340 3341 /* 3342 * Do a poll to see who has data 3343 */ 3344 3345 fds = activefds; 3346 tvzero.tv_sec = tvzero.tv_usec = 0; 3347 3348 n = select(maxactivefd + 1, &fds, (fd_set *)0, (fd_set *)0, 3349 &tvzero); 3350 3351 /* 3352 * If there are no packets waiting just return 3353 */ 3354 if (n < 0) { 3355 int err = errno; 3356 /* 3357 * extended FAU debugging output 3358 */ 3359 if (err != EINTR) 3360 msyslog(LOG_ERR, 3361 "select(%d, %s, 0L, 0L, &0.0) error: %m", 3362 maxactivefd + 1, 3363 fdbits(maxactivefd, &activefds)); 3364 if (err == EBADF) { 3365 int j, b; 3366 fds = activefds; 3367 for (j = 0; j <= maxactivefd; j++) 3368 if ((FD_ISSET(j, &fds) 3369 && (read(j, &b, 0) == -1))) 3370 msyslog(LOG_ERR, 3371 "Bad file descriptor %d", 3372 j); 3373 } 3374 return; 3375 } 3376 else if (n == 0) 3377 return; 3378 3379 ++handler_pkts; 3380 3381#ifdef REFCLOCK 3382 /* 3383 * Check out the reference clocks first, if any 3384 */ 3385 3386 if (refio != NULL) { 3387 register struct refclockio *rp; 3388 3389 for (rp = refio; rp != NULL; rp = rp->next) { 3390 fd = rp->fd; 3391 3392 if (FD_ISSET(fd, &fds)) 3393 do { 3394 ++select_count; 3395 buflen = read_refclock_packet( 3396 fd, rp, ts); 3397 } while (buflen > 0); 3398 } 3399 } 3400#endif /* REFCLOCK */ 3401 3402 /* 3403 * Loop through the interfaces looking for data to read. 3404 */ 3405 for (interface = inter_list; 3406 interface != NULL; 3407 interface = interface->link) { 3408 3409 for (doing = 0; (doing < 2); doing++) { 3410 if (!doing) 3411 fd = interface->fd; 3412 else { 3413 if (!(interface->flags & INT_BCASTOPEN)) 3414 break; 3415 fd = interface->bfd; 3416 } 3417 if (fd < 0) 3418 continue; 3419 if (FD_ISSET(fd, &fds)) 3420 do { 3421 ++select_count; 3422 buflen = read_network_packet( 3423 fd, interface, 3424 ts); 3425 } while (buflen > 0); 3426 /* Check more interfaces */ 3427 } 3428 } 3429 3430#ifdef HAS_ROUTING_SOCKET 3431 /* 3432 * scan list of asyncio readers - currently only used for routing sockets 3433 */ 3434 asyncio_reader = asyncio_reader_list; 3435 3436 while (asyncio_reader != NULL) { 3437 if (FD_ISSET(asyncio_reader->fd, &fds)) { 3438 ++select_count; 3439 (asyncio_reader->receiver)(asyncio_reader); 3440 } 3441 asyncio_reader = asyncio_reader->link; 3442 } 3443#endif /* HAS_ROUTING_SOCKET */ 3444 trigger_timer(); 3445 /* 3446 * Done everything from that select. 3447 */ 3448 3449 /* 3450 * If nothing to do, just return. 3451 * If an error occurred, complain and return. 3452 */ 3453 if (select_count == 0) { /* We really had nothing to do */ 3454#ifdef DEBUG 3455 if (debug) 3456 msyslog(LOG_DEBUG, "input_handler: select() returned 0"); 3457#endif 3458 return; 3459 } 3460 /* We've done our work */ 3461#ifdef DEBUG_TIMING 3462 get_systime(&ts_e); 3463 /* 3464 * (ts_e - ts) is the amount of time we spent 3465 * processing this gob of file descriptors. Log 3466 * it. 3467 */ 3468 L_SUB(&ts_e, &ts); 3469 collect_timing(NULL, "input handler", 1, &ts_e); 3470 if (debug > 3) 3471 msyslog(LOG_DEBUG, 3472 "input_handler: Processed a gob of fd's in %s msec", 3473 lfptoms(&ts_e, 6)); 3474#endif 3475 /* just bail. */ 3476 return; 3477} 3478#endif 3479 3480/* 3481 * findinterface - find local interface corresponding to address 3482 */ 3483struct interface * 3484findinterface( 3485 sockaddr_u *addr 3486 ) 3487{ 3488 struct interface *iface; 3489 3490 iface = findlocalinterface(addr, INT_WILDCARD, 0); 3491 3492 if (NULL == iface) { 3493 DPRINTF(4, ("Found no interface for address %s - returning wildcard\n", 3494 stoa(addr))); 3495 3496 iface = ANY_INTERFACE_CHOOSE(addr); 3497 } else 3498 DPRINTF(4, ("Found interface #%d %s for address %s\n", 3499 iface->ifnum, iface->name, stoa(addr))); 3500 3501 return iface; 3502} 3503 3504/* 3505 * findlocalinterface - find local interface corresponding to addr, 3506 * which does not have any of flags set. If bast is nonzero, addr is 3507 * a broadcast address. 3508 * 3509 * This code attempts to find the local sending address for an outgoing 3510 * address by connecting a new socket to destinationaddress:NTP_PORT 3511 * and reading the sockname of the resulting connect. 3512 * the complicated sequence simulates the routing table lookup 3513 * for to first hop without duplicating any of the routing logic into 3514 * ntpd. preferably we would have used an API call - but its not there - 3515 * so this is the best we can do here short of duplicating to entire routing 3516 * logic in ntpd which would be a silly and really unportable thing to do. 3517 * 3518 */ 3519static struct interface * 3520findlocalinterface( 3521 sockaddr_u * addr, 3522 int flags, 3523 int bcast 3524 ) 3525{ 3526 GETSOCKNAME_SOCKLEN_TYPE sockaddrlen; 3527 struct interface * iface; 3528 sockaddr_u saddr; 3529 SOCKET s; 3530 int rtn; 3531 int on; 3532 3533 DPRINTF(4, ("Finding interface for addr %s in list of addresses\n", 3534 stoa(addr))); 3535 3536 s = socket(AF(addr), SOCK_DGRAM, 0); 3537 if (INVALID_SOCKET == s) 3538 return NULL; 3539 3540 /* 3541 * If we are looking for broadcast interface we need to set this 3542 * socket to allow broadcast 3543 */ 3544 if (bcast) { 3545 on = 1; 3546 setsockopt(s, SOL_SOCKET, SO_BROADCAST, 3547 (char *)&on, sizeof(on)); 3548 } 3549 3550 rtn = connect(s, &addr->sa, SOCKLEN(addr)); 3551 if (SOCKET_ERROR == rtn) { 3552 closesocket(s); 3553 return NULL; 3554 } 3555 3556 sockaddrlen = sizeof(saddr); 3557 rtn = getsockname(s, &saddr.sa, &sockaddrlen); 3558 closesocket(s); 3559 3560 if (SOCKET_ERROR == rtn) 3561 return NULL; 3562 3563 DPRINTF(4, ("findlocalinterface: kernel maps %s to %s\n", 3564 stoa(addr), stoa(&saddr))); 3565 3566 iface = getinterface(&saddr, flags); 3567 3568 /* 3569 * if we didn't find an exact match on saddr check for an 3570 * interface on the same subnet as saddr. This handles the 3571 * case of the address suggested by the kernel being 3572 * excluded by the user's -I and -L options to ntpd, when 3573 * another address is enabled on the same subnet. 3574 * See http://bugs.ntp.org/1184 for more detail. 3575 */ 3576 if (NULL == iface || iface->ignore_packets) 3577 iface = getsamenetinterface(&saddr, flags); 3578 3579 /* Don't use an interface which will ignore replies */ 3580 if (iface != NULL && iface->ignore_packets) 3581 iface = NULL; 3582 3583 return iface; 3584} 3585 3586 3587/* 3588 * fetch an interface structure the matches the 3589 * address and has the given flags NOT set 3590 */ 3591static struct interface * 3592getinterface( 3593 sockaddr_u * addr, 3594 int flags 3595 ) 3596{ 3597 struct interface *iface; 3598 3599 iface = find_addr_in_list(addr); 3600 3601 if (iface != NULL && (iface->flags & flags)) 3602 iface = NULL; 3603 3604 return iface; 3605} 3606 3607 3608/* 3609 * fetch an interface structure with a local address on the same subnet 3610 * as addr which has the given flags NOT set 3611 */ 3612static struct interface * 3613getsamenetinterface( 3614 sockaddr_u * addr, 3615 int flags 3616 ) 3617{ 3618 struct interface *iface; 3619 3620 iface = find_samenet_addr_in_list(addr); 3621 3622 if (iface != NULL && (iface->flags & flags)) 3623 iface = NULL; 3624 3625 return iface; 3626} 3627 3628 3629/* 3630 * findlocalcastinterface - find local *cast interface for addr 3631 */ 3632static struct interface * 3633findlocalcastinterface( 3634 sockaddr_u * addr 3635 ) 3636{ 3637 struct interface * iface; 3638 struct interface * nif; 3639#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 3640 isc_boolean_t want_linklocal; 3641#endif 3642 3643 NTP_REQUIRE(addr_ismulticast(addr)); 3644 3645 /* 3646 * see how kernel maps the mcast address 3647 */ 3648 nif = findlocalinterface(addr, 0, 0); 3649 3650 if (nif != NULL && !nif->ignore_packets) { 3651 DPRINTF(2, ("findlocalcastinterface: kernel recommends interface #%d %s for %s\n", 3652 nif->ifnum, nif->name, stoa(addr))); 3653 return nif; 3654 } 3655 3656#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 3657 want_linklocal = (IN6_IS_ADDR_MC_LINKLOCAL(PSOCK_ADDR6(addr)) 3658 || IN6_IS_ADDR_MC_SITELOCAL(PSOCK_ADDR6(addr))); 3659#endif 3660 3661 for (iface = inter_list; 3662 iface != NULL; 3663 iface = iface->link) 3664 { 3665 /* use only allowed addresses */ 3666 if (iface->ignore_packets) 3667 continue; 3668 3669 /* Skip the loopback and wildcard addresses */ 3670 if (iface->flags & (INT_LOOPBACK | INT_WILDCARD)) 3671 continue; 3672 3673 /* Skip if different family */ 3674 if (AF(&iface->sin) != AF(addr)) 3675 continue; 3676 3677 /* Is it multicast capable? */ 3678 if (!(iface->flags & INT_MULTICAST)) 3679 continue; 3680 3681#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 3682 if (want_linklocal && IS_IPV6(&iface->sin) && 3683 IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(&iface->sin))) { 3684 nif = iface; 3685 break; 3686 } 3687 /* If we want a linklocal address, skip */ 3688 if (want_linklocal) 3689 continue; 3690#endif 3691 nif = iface; 3692 break; 3693 } /* for loop over interfaces */ 3694 3695 if (nif != NULL) 3696 DPRINTF(3, ("findlocalcastinterface: found interface #%d %s for %s\n", 3697 nif->ifnum, nif->name, stoa(addr))); 3698 else 3699 DPRINTF(3, ("findlocalcastinterface: no interface found for %s\n", 3700 stoa(addr))); 3701 return nif; 3702} 3703 3704 3705/* 3706 * findbcastinter - find broadcast interface corresponding to address 3707 */ 3708struct interface * 3709findbcastinter( 3710 sockaddr_u *addr 3711 ) 3712{ 3713#if !defined(MPE) && (defined(SIOCGIFCONF) || defined(SYS_WINNT)) 3714 struct interface *iface; 3715 3716 3717 DPRINTF(4, ("Finding broadcast/multicast interface for addr %s in list of addresses\n", 3718 stoa(addr))); 3719 3720 iface = findlocalinterface(addr, INT_LOOPBACK | INT_WILDCARD, 3721 1); 3722 if (iface != NULL) { 3723 DPRINTF(4, ("Easily found bcast-/mcast- interface index #%d %s\n", 3724 iface->ifnum, iface->name)); 3725 return iface; 3726 } 3727 3728 /* 3729 * plan B - try to find something reasonable in our lists in 3730 * case kernel lookup doesn't help 3731 */ 3732 for (iface = inter_list; 3733 iface != NULL; 3734 iface = iface->link) 3735 { 3736 if (iface->flags & INT_WILDCARD) 3737 continue; 3738 3739 /* Don't bother with ignored interfaces */ 3740 if (iface->ignore_packets) 3741 continue; 3742 3743 /* 3744 * First look if this is the correct family 3745 */ 3746 if(AF(&iface->sin) != AF(addr)) 3747 continue; 3748 3749 /* Skip the loopback addresses */ 3750 if (iface->flags & INT_LOOPBACK) 3751 continue; 3752 3753 /* 3754 * If we are looking to match a multicast address and 3755 * this interface is one... 3756 */ 3757 if (addr_ismulticast(addr) 3758 && (iface->flags & INT_MULTICAST)) { 3759#ifdef INCLUDE_IPV6_SUPPORT 3760 /* 3761 * ...it is the winner unless we're looking for 3762 * an interface to use for link-local multicast 3763 * and its address is not link-local. 3764 */ 3765 if (IS_IPV6(addr) 3766 && IN6_IS_ADDR_MC_LINKLOCAL(PSOCK_ADDR6(addr)) 3767 && !IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(&iface->sin))) 3768 continue; 3769#endif 3770 break; 3771 } 3772 3773 /* 3774 * We match only those interfaces marked as 3775 * broadcastable and either the explicit broadcast 3776 * address or the network portion of the IP address. 3777 * Sloppy. 3778 */ 3779 if (IS_IPV4(addr)) { 3780 if (SOCK_EQ(&iface->bcast, addr)) 3781 break; 3782 3783 if ((NSRCADR(&iface->sin) & NSRCADR(&iface->mask)) 3784 == (NSRCADR(addr) & NSRCADR(&iface->mask))) 3785 break; 3786 } 3787#ifdef INCLUDE_IPV6_SUPPORT 3788 else if(IS_IPV6(addr)) { 3789 if (SOCK_EQ(&iface->bcast, addr)) 3790 break; 3791 3792 if (SOCK_EQ(netof(&iface->sin), netof(addr))) 3793 break; 3794 } 3795#endif 3796 } 3797#endif /* SIOCGIFCONF */ 3798 if (NULL == iface) { 3799 DPRINTF(4, ("No bcast interface found for %s\n", 3800 stoa(addr))); 3801 iface = ANY_INTERFACE_CHOOSE(addr); 3802 } else 3803 DPRINTF(4, ("Found bcast-/mcast- interface index #%d %s\n", 3804 iface->ifnum, iface->name)); 3805 return iface; 3806} 3807 3808 3809/* 3810 * io_clr_stats - clear I/O module statistics 3811 */ 3812void 3813io_clr_stats(void) 3814{ 3815 packets_dropped = 0; 3816 packets_ignored = 0; 3817 packets_received = 0; 3818 packets_sent = 0; 3819 packets_notsent = 0; 3820 3821 handler_calls = 0; 3822 handler_pkts = 0; 3823 io_timereset = current_time; 3824} 3825 3826 3827#ifdef REFCLOCK 3828/* 3829 * io_addclock - add a reference clock to the list and arrange that we 3830 * get SIGIO interrupts from it. 3831 */ 3832int 3833io_addclock( 3834 struct refclockio *rio 3835 ) 3836{ 3837 BLOCKIO(); 3838 3839 /* 3840 * Stuff the I/O structure in the list and mark the descriptor 3841 * in use. There is a harmless (I hope) race condition here. 3842 */ 3843 rio->next = refio; 3844 3845# ifdef HAVE_SIGNALED_IO 3846 if (init_clock_sig(rio)) { 3847 UNBLOCKIO(); 3848 return 0; 3849 } 3850# elif defined(HAVE_IO_COMPLETION_PORT) 3851 if (io_completion_port_add_clock_io(rio)) { 3852 UNBLOCKIO(); 3853 return 0; 3854 } 3855# endif 3856 3857 /* 3858 * enqueue 3859 */ 3860 refio = rio; 3861 3862 /* 3863 * register fd 3864 */ 3865 add_fd_to_list(rio->fd, FD_TYPE_FILE); 3866 3867 UNBLOCKIO(); 3868 return 1; 3869} 3870 3871/* 3872 * io_closeclock - close the clock in the I/O structure given 3873 */ 3874void 3875io_closeclock( 3876 struct refclockio *rio 3877 ) 3878{ 3879 register struct refclockio *rp; 3880 3881 BLOCKIO(); 3882 3883 /* 3884 * Remove structure from the list 3885 */ 3886 if (refio == rio) 3887 refio = rio->next; 3888 else { 3889 for (rp = refio; rp != NULL; rp = rp->next) 3890 if (rp->next == rio) { 3891 rp->next = rio->next; 3892 break; 3893 } 3894 3895 if (NULL == rp) { 3896 UNBLOCKIO(); 3897 return; 3898 } 3899 } 3900 3901 /* 3902 * Close the descriptor. 3903 */ 3904 close_and_delete_fd_from_list(rio->fd); 3905 UNBLOCKIO(); 3906} 3907#endif /* REFCLOCK */ 3908 3909/* 3910 * On NT a SOCKET is an unsigned int so we cannot possibly keep it in 3911 * an array. So we use one of the ISC_LIST functions to hold the 3912 * socket value and use that when we want to enumerate it. 3913 * 3914 * This routine is called by the forked intres child process to close 3915 * all open sockets. On Windows there's no need as intres runs in 3916 * the same process as a thread. 3917 */ 3918#ifndef SYS_WINNT 3919void 3920kill_asyncio(int startfd) 3921{ 3922 BLOCKIO(); 3923 3924 /* 3925 * In the child process we do not maintain activefds and 3926 * maxactivefd. Zeroing maxactivefd disables code which 3927 * maintains it in close_and_delete_fd_from_list(). 3928 */ 3929 maxactivefd = 0; 3930 3931 while (fd_list != NULL) 3932 close_and_delete_fd_from_list(fd_list->fd); 3933 3934 UNBLOCKIO(); 3935} 3936#endif /* !SYS_WINNT */ 3937 3938/* 3939 * Add and delete functions for the list of open sockets 3940 */ 3941static void 3942add_fd_to_list( 3943 SOCKET fd, 3944 enum desc_type type 3945 ) 3946{ 3947 vsock_t *lsock = emalloc(sizeof(*lsock)); 3948 3949 lsock->fd = fd; 3950 lsock->type = type; 3951 3952 LINK_SLIST(fd_list, lsock, link); 3953 /* 3954 * I/O Completion Ports don't care about the select and FD_SET 3955 */ 3956#ifndef HAVE_IO_COMPLETION_PORT 3957 if (fd < 0 || fd >= FD_SETSIZE) { 3958 msyslog(LOG_ERR, 3959 "Too many sockets in use, FD_SETSIZE %d exceeded", 3960 FD_SETSIZE); 3961 exit(1); 3962 } 3963 /* 3964 * keep activefds in sync 3965 */ 3966 maxactivefd = max(fd, maxactivefd); 3967 3968 FD_SET(fd, &activefds); 3969#endif 3970} 3971 3972static void 3973close_and_delete_fd_from_list( 3974 SOCKET fd 3975 ) 3976{ 3977 vsock_t *lsock; 3978 3979 UNLINK_EXPR_SLIST(lsock, fd_list, fd == 3980 UNLINK_EXPR_SLIST_CURRENT()->fd, link, vsock_t); 3981 3982 if (lsock != NULL) { 3983 switch (lsock->type) { 3984 case FD_TYPE_SOCKET: 3985 closesocket(lsock->fd); 3986 break; 3987 3988 case FD_TYPE_FILE: 3989 close(lsock->fd); 3990 break; 3991 3992 default: 3993 msyslog(LOG_ERR, 3994 "internal error - illegal descriptor type %d - EXITING", 3995 (int)lsock->type); 3996 exit(1); 3997 } 3998 3999 free(lsock); 4000 /* 4001 * I/O Completion Ports don't care about select and fd_set 4002 */ 4003#ifndef HAVE_IO_COMPLETION_PORT 4004 /* 4005 * remove from activefds 4006 */ 4007 FD_CLR(fd, &activefds); 4008 4009 if (fd == maxactivefd && maxactivefd) { 4010 int i; 4011 NTP_INSIST(maxactivefd - 1 < FD_SETSIZE); 4012 for (i = maxactivefd - 1; i >= 0; i--) 4013 if (FD_ISSET(i, &activefds)) { 4014 maxactivefd = i; 4015 break; 4016 } 4017 NTP_INSIST(fd != maxactivefd); 4018 } 4019#endif 4020 } 4021} 4022 4023static void 4024add_addr_to_list( 4025 sockaddr_u *addr, 4026 struct interface *interface 4027 ) 4028{ 4029 remaddr_t *laddr; 4030 4031#ifdef DEBUG 4032 if (find_addr_in_list(addr) == NULL) { 4033#endif 4034 /* not there yet - add to list */ 4035 laddr = emalloc(sizeof(*laddr)); 4036 memcpy(&laddr->addr, addr, sizeof(laddr->addr)); 4037 laddr->interface = interface; 4038 4039 LINK_SLIST(remoteaddr_list, laddr, link); 4040 4041 DPRINTF(4, ("Added addr %s to list of addresses\n", 4042 stoa(addr))); 4043#ifdef DEBUG 4044 } else 4045 DPRINTF(4, ("WARNING: Attempt to add duplicate addr %s to address list\n", 4046 stoa(addr))); 4047#endif 4048} 4049 4050 4051static void 4052delete_addr_from_list( 4053 sockaddr_u *addr 4054 ) 4055{ 4056 remaddr_t *unlinked; 4057 4058 UNLINK_EXPR_SLIST(unlinked, remoteaddr_list, SOCK_EQ(addr, 4059 &(UNLINK_EXPR_SLIST_CURRENT()->addr)), link, remaddr_t); 4060 4061 if (unlinked != NULL) { 4062 DPRINTF(4, ("Deleted addr %s from list of addresses\n", 4063 stoa(addr))); 4064 free(unlinked); 4065 } 4066} 4067 4068 4069static void 4070delete_interface_from_list( 4071 struct interface *iface 4072 ) 4073{ 4074 remaddr_t *unlinked; 4075 4076 do { 4077 UNLINK_EXPR_SLIST(unlinked, remoteaddr_list, iface == 4078 UNLINK_EXPR_SLIST_CURRENT()->interface, link, 4079 remaddr_t); 4080 4081 if (unlinked != NULL) { 4082 DPRINTF(4, ("Deleted addr %s for interface #%d %s from list of addresses\n", 4083 stoa(&unlinked->addr), iface->ifnum, 4084 iface->name)); 4085 if (addr_ismulticast(&unlinked->addr)) 4086 /* find a new interface to use */ 4087 io_multicast_add(&unlinked->addr); 4088 free(unlinked); 4089 } 4090 } while (unlinked != NULL); 4091} 4092 4093 4094static struct interface * 4095find_addr_in_list( 4096 sockaddr_u *addr 4097 ) 4098{ 4099 remaddr_t *entry; 4100 4101 DPRINTF(4, ("Searching for addr %s in list of addresses - ", 4102 stoa(addr))); 4103 4104 for (entry = remoteaddr_list; 4105 entry != NULL; 4106 entry = entry->link) 4107 if (SOCK_EQ(&entry->addr, addr)) { 4108 DPRINTF(4, ("FOUND\n")); 4109 return entry->interface; 4110 } 4111 4112 DPRINTF(4, ("NOT FOUND\n")); 4113 return NULL; 4114} 4115 4116static inline isc_boolean_t 4117same_network_v4( 4118 struct sockaddr_in *addr1, 4119 struct sockaddr_in *mask, 4120 struct sockaddr_in *addr2 4121 ) 4122{ 4123 return (addr1->sin_addr.s_addr & mask->sin_addr.s_addr) 4124 == (addr2->sin_addr.s_addr & mask->sin_addr.s_addr); 4125} 4126 4127#ifdef INCLUDE_IPV6_SUPPORT 4128static inline isc_boolean_t 4129same_network_v6( 4130 struct sockaddr_in6 *addr1, 4131 struct sockaddr_in6 *mask, 4132 struct sockaddr_in6 *addr2 4133 ) 4134{ 4135 int i; 4136 4137 for (i = 0; 4138 i < sizeof(addr1->sin6_addr.s6_addr) / 4139 sizeof(addr1->sin6_addr.s6_addr[0]); 4140 i++) 4141 4142 if ((addr1->sin6_addr.s6_addr[i] & 4143 mask->sin6_addr.s6_addr[i]) 4144 != 4145 (addr2->sin6_addr.s6_addr[i] & 4146 mask->sin6_addr.s6_addr[i])) 4147 4148 return ISC_FALSE; 4149 4150 return ISC_TRUE; 4151} 4152#endif /* INCLUDE_IPV6_SUPPORT */ 4153 4154 4155static isc_boolean_t 4156same_network( 4157 sockaddr_u *a1, 4158 sockaddr_u *mask, 4159 sockaddr_u *a2 4160 ) 4161{ 4162 isc_boolean_t sn; 4163 4164 if (AF(a1) != AF(a2)) 4165 sn = ISC_FALSE; 4166 else if (IS_IPV4(a1)) 4167 sn = same_network_v4(&a1->sa4, &mask->sa4, &a2->sa4); 4168#ifdef INCLUDE_IPV6_SUPPORT 4169 else if (IS_IPV6(a1)) 4170 sn = same_network_v6(&a1->sa6, &mask->sa6, &a2->sa6); 4171#endif 4172 else 4173 sn = ISC_FALSE; 4174 4175 return sn; 4176} 4177 4178/* 4179 * Find an address in the list on the same network as addr which is not 4180 * addr. 4181 */ 4182static struct interface * 4183find_samenet_addr_in_list( 4184 sockaddr_u *addr 4185 ) 4186{ 4187 remaddr_t *entry; 4188 4189 DPRINTF(4, ("Searching for addr with same subnet as %s in list of addresses - ", 4190 stoa(addr))); 4191 4192 for (entry = remoteaddr_list; 4193 entry != NULL; 4194 entry = entry->link) 4195 4196 if (!SOCK_EQ(addr, &entry->addr) 4197 && same_network(&entry->addr, 4198 &entry->interface->mask, 4199 addr)) { 4200 DPRINTF(4, ("FOUND\n")); 4201 return entry->interface; 4202 } 4203 4204 DPRINTF(4, ("NOT FOUND\n")); 4205 return NULL; 4206} 4207 4208 4209/* 4210 * Find the given address with the all given flags set in the list 4211 */ 4212static struct interface * 4213find_flagged_addr_in_list( 4214 sockaddr_u * addr, 4215 int flags 4216 ) 4217{ 4218 remaddr_t *entry; 4219 4220 DPRINTF(4, ("Finding addr %s with flags %d in list: ", 4221 stoa(addr), flags)); 4222 4223 for (entry = remoteaddr_list; 4224 entry != NULL; 4225 entry = entry->link) 4226 4227 if (SOCK_EQ(&entry->addr, addr) 4228 && (entry->interface->flags & flags) == flags) { 4229 4230 DPRINTF(4, ("FOUND\n")); 4231 return entry->interface; 4232 } 4233 4234 DPRINTF(4, ("NOT FOUND\n")); 4235 return NULL; 4236} 4237 4238 4239#ifdef HAS_ROUTING_SOCKET 4240# ifndef UPDATE_GRACE 4241# define UPDATE_GRACE 2 /* wait UPDATE_GRACE seconds before scanning */ 4242# endif 4243 4244static void 4245process_routing_msgs(struct asyncio_reader *reader) 4246{ 4247 char buffer[5120]; 4248 int cnt, msg_type; 4249#ifdef HAVE_RTNETLINK 4250 struct nlmsghdr *nh; 4251#else 4252 struct rt_msghdr *rtm; 4253 char *p; 4254#endif 4255 4256 if (disable_dynamic_updates) { 4257 /* 4258 * discard ourselves if we are not needed any more 4259 * usually happens when running unprivileged 4260 */ 4261 remove_asyncio_reader(reader); 4262 delete_asyncio_reader(reader); 4263 return; 4264 } 4265 4266 cnt = read(reader->fd, buffer, sizeof(buffer)); 4267 4268 if (cnt < 0) { 4269 msyslog(LOG_ERR, 4270 "i/o error on routing socket %m - disabling"); 4271 remove_asyncio_reader(reader); 4272 delete_asyncio_reader(reader); 4273 return; 4274 } 4275 4276 /* 4277 * process routing message 4278 */ 4279#ifdef HAVE_RTNETLINK 4280 for (nh = (struct nlmsghdr *)buffer; 4281 NLMSG_OK(nh, cnt); 4282 nh = NLMSG_NEXT(nh, cnt)) { 4283 msg_type = nh->nlmsg_type; 4284#else 4285 for (p = buffer; 4286 (p + sizeof(struct rt_msghdr)) <= (buffer + cnt); 4287 p += rtm->rtm_msglen) { 4288 rtm = (struct rt_msghdr *)p; 4289 if (rtm->rtm_version != RTM_VERSION) { 4290 msyslog(LOG_ERR, 4291 "version mismatch (got %d - expected %d) on routing socket - disabling", 4292 rtm->rtm_version, RTM_VERSION); 4293 4294 remove_asyncio_reader(reader); 4295 delete_asyncio_reader(reader); 4296 return; 4297 } 4298 msg_type = rtm->rtm_type; 4299#endif 4300 switch (msg_type) { 4301#ifdef RTM_NEWADDR 4302 case RTM_NEWADDR: 4303#endif 4304#ifdef RTM_DELADDR 4305 case RTM_DELADDR: 4306#endif 4307#ifdef RTM_ADD 4308 case RTM_ADD: 4309#endif 4310#ifdef RTM_DELETE 4311 case RTM_DELETE: 4312#endif 4313#ifdef RTM_REDIRECT 4314 case RTM_REDIRECT: 4315#endif 4316#ifdef RTM_CHANGE 4317 case RTM_CHANGE: 4318#endif 4319#ifdef RTM_LOSING 4320 case RTM_LOSING: 4321#endif 4322#ifdef RTM_IFINFO 4323 case RTM_IFINFO: 4324#endif 4325#ifdef RTM_IFANNOUNCE 4326 case RTM_IFANNOUNCE: 4327#endif 4328#ifdef RTM_NEWLINK 4329 case RTM_NEWLINK: 4330#endif 4331#ifdef RTM_DELLINK 4332 case RTM_DELLINK: 4333#endif 4334#ifdef RTM_NEWROUTE 4335 case RTM_NEWROUTE: 4336#endif 4337#ifdef RTM_DELROUTE 4338 case RTM_DELROUTE: 4339#endif 4340 /* 4341 * we are keen on new and deleted addresses and 4342 * if an interface goes up and down or routing 4343 * changes 4344 */ 4345 DPRINTF(3, ("routing message op = %d: scheduling interface update\n", 4346 msg_type)); 4347 timer_interfacetimeout(current_time + UPDATE_GRACE); 4348 break; 4349#ifdef HAVE_RTNETLINK 4350 case NLMSG_DONE: 4351 /* end of multipart message */ 4352 return; 4353#endif 4354 default: 4355 /* 4356 * the rest doesn't bother us. 4357 */ 4358 DPRINTF(4, ("routing message op = %d: ignored\n", 4359 msg_type)); 4360 break; 4361 } 4362 } 4363} 4364 4365/* 4366 * set up routing notifications 4367 */ 4368static void 4369init_async_notifications() 4370{ 4371 struct asyncio_reader *reader; 4372#ifdef HAVE_RTNETLINK 4373 int fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE); 4374 struct sockaddr_nl sa; 4375#else 4376 int fd = socket(PF_ROUTE, SOCK_RAW, 0); 4377#endif 4378 if (fd < 0) { 4379 msyslog(LOG_ERR, 4380 "unable to open routing socket (%m) - using polled interface update"); 4381 return; 4382 } 4383 4384 fd = move_fd(fd); 4385#ifdef HAVE_RTNETLINK 4386 memset(&sa, 0, sizeof(sa)); 4387 sa.nl_family = PF_NETLINK; 4388 sa.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR 4389 | RTMGRP_IPV6_IFADDR | RTMGRP_IPV4_ROUTE 4390 | RTMGRP_IPV4_MROUTE | RTMGRP_IPV6_ROUTE 4391 | RTMGRP_IPV6_MROUTE; 4392 if (bind(fd, (struct sockaddr *)&sa, sizeof(sa)) < 0) { 4393 msyslog(LOG_ERR, 4394 "bind failed on routing socket (%m) - using polled interface update"); 4395 return; 4396 } 4397#endif 4398 init_nonblocking_io(fd); 4399#if defined(HAVE_SIGNALED_IO) 4400 init_socket_sig(fd); 4401#endif /* HAVE_SIGNALED_IO */ 4402 4403 reader = new_asyncio_reader(); 4404 4405 reader->fd = fd; 4406 reader->receiver = process_routing_msgs; 4407 4408 add_asyncio_reader(reader, FD_TYPE_SOCKET); 4409 msyslog(LOG_INFO, 4410 "Listening on routing socket on fd #%d for interface updates", 4411 fd); 4412} 4413#else 4414/* HAS_ROUTING_SOCKET not defined */ 4415static void 4416init_async_notifications(void) 4417{ 4418} 4419#endif 4420