1/* 2 * ntp_io.c - input/output routines for ntpd. The socket-opening code 3 * was shamelessly stolen from ntpd. 4 */ 5 6#ifdef HAVE_CONFIG_H 7# include <config.h> 8#endif 9 10#include <stdio.h> 11#include <signal.h> 12#ifdef HAVE_SYS_PARAM_H 13# include <sys/param.h> 14#endif 15#ifdef HAVE_SYS_IOCTL_H 16# include <sys/ioctl.h> 17#endif 18#ifdef HAVE_SYS_SOCKIO_H /* UXPV: SIOC* #defines (Frank Vance <fvance@waii.com>) */ 19# include <sys/sockio.h> 20#endif 21#ifdef HAVE_SYS_UIO_H 22# include <sys/uio.h> 23#endif 24 25#include "ntp_machine.h" 26#include "ntpd.h" 27#include "ntp_io.h" 28#include "iosignal.h" 29#include "ntp_lists.h" 30#include "ntp_refclock.h" 31#include "ntp_stdlib.h" 32#include "ntp_request.h" 33#include "ntp.h" 34#include "ntp_unixtime.h" 35#include "ntp_assert.h" 36#include "ntpd-opts.h" 37 38/* Don't include ISC's version of IPv6 variables and structures */ 39#define ISC_IPV6_H 1 40#include <isc/mem.h> 41#include <isc/interfaceiter.h> 42#include <isc/netaddr.h> 43#include <isc/result.h> 44#include <isc/sockaddr.h> 45 46#ifdef SIM 47#include "ntpsim.h" 48#endif 49 50#ifdef HAS_ROUTING_SOCKET 51# include <net/route.h> 52# ifdef HAVE_RTNETLINK 53# include <linux/rtnetlink.h> 54# endif 55#endif 56 57 58/* 59 * setsockopt does not always have the same arg declaration 60 * across all platforms. If it's not defined we make it empty 61 */ 62 63#ifndef SETSOCKOPT_ARG_CAST 64#define SETSOCKOPT_ARG_CAST 65#endif 66 67extern int listen_to_virtual_ips; 68 69/* 70 * NIC rule entry 71 */ 72typedef struct nic_rule_tag nic_rule; 73 74struct nic_rule_tag { 75 nic_rule * next; 76 nic_rule_action action; 77 nic_rule_match match_type; 78 char * if_name; 79 isc_netaddr_t netaddr; 80 int prefixlen; 81}; 82 83/* 84 * NIC rule listhead. Entries are added at the head so that the first 85 * match in the list is the last matching rule specified. 86 */ 87nic_rule *nic_rule_list; 88 89 90#if defined(SO_TIMESTAMP) && defined(SCM_TIMESTAMP) 91#if defined(CMSG_FIRSTHDR) 92#define HAVE_TIMESTAMP 93#define USE_TIMESTAMP_CMSG 94#ifndef TIMESTAMP_CTLMSGBUF_SIZE 95#define TIMESTAMP_CTLMSGBUF_SIZE 1536 /* moderate default */ 96#endif 97#else 98/* fill in for old/other timestamp interfaces */ 99#endif 100#endif 101 102#include <net/if.h> 103#include <netinet/in_var.h> 104#include <netinet6/in6_var.h> 105 106#define IN6_AVOID_FLAGS (IN6_IFF_TEMPORARY|IN6_IFF_NOTREADY|IN6_IFF_DETACHED|IN6_IFF_DEPRECATED) 107 108#if defined(SYS_WINNT) 109#include <transmitbuff.h> 110#include <isc/win32os.h> 111/* 112 * Windows C runtime ioctl() can't deal properly with sockets, 113 * map to ioctlsocket for this source file. 114 */ 115#define ioctl(fd, opt, val) ioctlsocket((fd), (opt), (u_long *)(val)) 116#endif /* SYS_WINNT */ 117 118/* 119 * We do asynchronous input using the SIGIO facility. A number of 120 * recvbuf buffers are preallocated for input. In the signal 121 * handler we poll to see which sockets are ready and read the 122 * packets from them into the recvbuf's along with a time stamp and 123 * an indication of the source host and the interface it was received 124 * through. This allows us to get as accurate receive time stamps 125 * as possible independent of other processing going on. 126 * 127 * We watch the number of recvbufs available to the signal handler 128 * and allocate more when this number drops below the low water 129 * mark. If the signal handler should run out of buffers in the 130 * interim it will drop incoming frames, the idea being that it is 131 * better to drop a packet than to be inaccurate. 132 */ 133 134 135/* 136 * Other statistics of possible interest 137 */ 138volatile u_long packets_dropped; /* total number of packets dropped on reception */ 139volatile u_long packets_ignored; /* packets received on wild card interface */ 140volatile u_long packets_received; /* total number of packets received */ 141 u_long packets_sent; /* total number of packets sent */ 142 u_long packets_notsent; /* total number of packets which couldn't be sent */ 143 144volatile u_long handler_calls; /* number of calls to interrupt handler */ 145volatile u_long handler_pkts; /* number of pkts received by handler */ 146u_long io_timereset; /* time counters were reset */ 147 148/* 149 * Interface stuff 150 */ 151struct interface *any_interface; /* default ipv4 interface */ 152struct interface *any6_interface; /* default ipv6 interface */ 153struct interface *loopback_interface; /* loopback ipv4 interface */ 154 155isc_boolean_t broadcast_client_enabled; /* is broadcast client enabled */ 156int ninterfaces; /* Total number of interfaces */ 157 158int disable_dynamic_updates; /* scan interfaces once only */ 159 160#ifdef REFCLOCK 161/* 162 * Refclock stuff. We keep a chain of structures with data concerning 163 * the guys we are doing I/O for. 164 */ 165static struct refclockio *refio; 166#endif /* REFCLOCK */ 167 168#if defined(HAVE_IPTOS_SUPPORT) 169/* set IP_TOS to minimize packet delay */ 170# if defined(IPTOS_PREC_INTERNETCONTROL) 171 unsigned int qos = IPTOS_PREC_INTERNETCONTROL; 172# else 173 unsigned int qos = IPTOS_LOWDELAY; 174# endif 175#endif 176 177/* 178 * File descriptor masks etc. for call to select 179 * Not needed for I/O Completion Ports 180 */ 181fd_set activefds; 182int maxactivefd; 183/* 184 * bit alternating value to detect verified interfaces during an update cycle 185 */ 186static u_short sys_interphase = 0; 187 188static struct interface *new_interface (struct interface *); 189static void add_interface (struct interface *); 190static int update_interfaces(u_short, interface_receiver_t, void *); 191static void remove_interface(struct interface *); 192static struct interface *create_interface(u_short, struct interface *, int *); 193 194static int move_fd (SOCKET); 195static int is_wildcard_addr (sockaddr_u *); 196static int is_wildcard_netaddr (const isc_netaddr_t *); 197 198/* 199 * Multicast functions 200 */ 201static isc_boolean_t addr_ismulticast (sockaddr_u *); 202/* 203 * Not all platforms support multicast 204 */ 205#ifdef MCAST 206static isc_boolean_t socket_multicast_enable (struct interface *, int, sockaddr_u *); 207static isc_boolean_t socket_multicast_disable(struct interface *, sockaddr_u *); 208#endif 209 210#ifdef DEBUG 211static void interface_dump (struct interface *); 212static void sockaddr_dump (sockaddr_u *psau); 213static void print_interface (struct interface *, char *, char *); 214#define DPRINT_INTERFACE(level, args) do { if (debug >= (level)) { print_interface args; } } while (0) 215#else 216#define DPRINT_INTERFACE(level, args) do {} while (0) 217#endif 218 219typedef struct vsock vsock_t; 220enum desc_type { FD_TYPE_SOCKET, FD_TYPE_FILE }; 221 222struct vsock { 223 vsock_t * link; 224 SOCKET fd; 225 enum desc_type type; 226}; 227 228vsock_t *fd_list; 229 230#if !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) 231/* 232 * async notification processing (e. g. routing sockets) 233 */ 234/* 235 * support for receiving data on fd that is not a refclock or a socket 236 * like e. g. routing sockets 237 */ 238struct asyncio_reader { 239 struct asyncio_reader *link; /* the list this is being kept in */ 240 SOCKET fd; /* fd to be read */ 241 void *data; /* possibly local data */ 242 void (*receiver)(struct asyncio_reader *); /* input handler */ 243}; 244 245struct asyncio_reader *asyncio_reader_list; 246 247static void delete_asyncio_reader (struct asyncio_reader *); 248static struct asyncio_reader *new_asyncio_reader (void); 249static void add_asyncio_reader (struct asyncio_reader *, enum desc_type); 250static void remove_asyncio_reader (struct asyncio_reader *); 251 252#endif /* !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) */ 253 254static void init_async_notifications (void); 255 256static int create_sockets (u_short); 257static SOCKET open_socket (sockaddr_u *, int, int, struct interface *); 258static char * fdbits (int, fd_set *); 259static void set_reuseaddr (int); 260static isc_boolean_t socket_broadcast_enable (struct interface *, SOCKET, sockaddr_u *); 261static isc_boolean_t socket_broadcast_disable (struct interface *, sockaddr_u *); 262 263typedef struct remaddr remaddr_t; 264 265struct remaddr { 266 remaddr_t * link; 267 sockaddr_u addr; 268 struct interface * interface; 269}; 270 271remaddr_t * remoteaddr_list; 272 273struct interface * inter_list; 274 275static struct interface *wildipv4 = NULL; 276static struct interface *wildipv6 = NULL; 277 278static void add_fd_to_list (SOCKET, 279 enum desc_type); 280static struct interface *find_addr_in_list (sockaddr_u *); 281static struct interface *find_samenet_addr_in_list(sockaddr_u *); 282static struct interface *find_flagged_addr_in_list(sockaddr_u *, int); 283static void delete_addr_from_list (sockaddr_u *); 284static void delete_interface_from_list(struct interface *); 285static void close_and_delete_fd_from_list(SOCKET); 286static void add_addr_to_list (sockaddr_u *, 287 struct interface *); 288static void create_wildcards (u_short); 289#ifdef DEBUG 290static const char * action_text (nic_rule_action); 291#endif 292static nic_rule_action interface_action(char *, isc_netaddr_t *, 293 isc_uint32_t); 294static void convert_isc_if (isc_interface_t *, 295 struct interface *, u_short); 296static struct interface *getinterface (sockaddr_u *, int); 297static struct interface *getsamenetinterface (sockaddr_u *, int); 298static struct interface *findlocalinterface (sockaddr_u *, int, int); 299static struct interface *findlocalcastinterface (sockaddr_u *); 300 301/* 302 * Routines to read the ntp packets 303 */ 304#if !defined(HAVE_IO_COMPLETION_PORT) 305static inline int read_network_packet (SOCKET, struct interface *, l_fp); 306static inline int read_refclock_packet (SOCKET, struct refclockio *, l_fp); 307#endif 308 309 310#ifdef SYS_WINNT 311/* 312 * Windows 2000 systems incorrectly cause UDP sockets using WASRecvFrom 313 * to not work correctly, returning a WSACONNRESET error when a WSASendTo 314 * fails with an "ICMP port unreachable" response and preventing the 315 * socket from using the WSARecvFrom in subsequent operations. 316 * The function below fixes this, but requires that Windows 2000 317 * Service Pack 2 or later be installed on the system. NT 4.0 318 * systems are not affected by this and work correctly. 319 * See Microsoft Knowledge Base Article Q263823 for details of this. 320 */ 321void 322connection_reset_fix( 323 SOCKET fd, 324 sockaddr_u * addr 325 ) 326{ 327 DWORD dw; 328 BOOL bNewBehavior = FALSE; 329 DWORD status; 330 331 /* 332 * disable bad behavior using IOCTL: SIO_UDP_CONNRESET 333 * NT 4.0 has no problem 334 */ 335 if (isc_win32os_majorversion() >= 5) { 336 status = WSAIoctl(fd, SIO_UDP_CONNRESET, &bNewBehavior, 337 sizeof(bNewBehavior), NULL, 0, 338 &dw, NULL, NULL); 339 if (SOCKET_ERROR == status) 340 msyslog(LOG_ERR, 341 "connection_reset_fix() failed for address %s: %m", 342 stoa(addr)); 343 } 344} 345#endif 346 347/* 348 * on Unix systems the stdio library typically 349 * makes use of file descriptors in the lower 350 * integer range. stdio usually will make use 351 * of the file descriptors in the range of 352 * [0..FOPEN_MAX) 353 * in order to keep this range clean, for socket 354 * file descriptors we attempt to move them above 355 * FOPEN_MAX. This is not as easy as it sounds as 356 * FOPEN_MAX changes from implementation to implementation 357 * and may exceed to current file decriptor limits. 358 * We are using following strategy: 359 * - keep a current socket fd boundary initialized with 360 * max(0, min(getdtablesize() - FD_CHUNK, FOPEN_MAX)) 361 * - attempt to move the descriptor to the boundary or 362 * above. 363 * - if that fails and boundary > 0 set boundary 364 * to min(0, socket_fd_boundary - FD_CHUNK) 365 * -> retry 366 * if failure and boundary == 0 return old fd 367 * - on success close old fd return new fd 368 * 369 * effects: 370 * - fds will be moved above the socket fd boundary 371 * if at all possible. 372 * - the socket boundary will be reduced until 373 * allocation is possible or 0 is reached - at this 374 * point the algrithm will be disabled 375 */ 376static int 377move_fd( 378 SOCKET fd 379 ) 380{ 381#if !defined(SYS_WINNT) && defined(F_DUPFD) 382#ifndef FD_CHUNK 383#define FD_CHUNK 10 384#endif 385/* 386 * number of fds we would like to have for 387 * stdio FILE* available. 388 * we can pick a "low" number as our use of 389 * FILE* is limited to log files and temporarily 390 * to data and config files. Except for log files 391 * we don't keep the other FILE* open beyond the 392 * scope of the function that opened it. 393 */ 394#ifndef FD_PREFERRED_SOCKBOUNDARY 395#define FD_PREFERRED_SOCKBOUNDARY 48 396#endif 397 398#ifndef HAVE_GETDTABLESIZE 399/* 400 * if we have no idea about the max fd value set up things 401 * so we will start at FOPEN_MAX 402 */ 403#define getdtablesize() (FOPEN_MAX+FD_CHUNK) 404#endif 405 406#ifndef FOPEN_MAX 407#define FOPEN_MAX 20 /* assume that for the lack of anything better */ 408#endif 409 static SOCKET socket_boundary = -1; 410 SOCKET newfd; 411 412 NTP_REQUIRE((int)fd >= 0); 413 414 /* 415 * check whether boundary has be set up 416 * already 417 */ 418 if (socket_boundary == -1) { 419 socket_boundary = max(0, min(getdtablesize() - FD_CHUNK, 420 min(FOPEN_MAX, FD_PREFERRED_SOCKBOUNDARY))); 421#ifdef DEBUG 422 msyslog(LOG_DEBUG, 423 "ntp_io: estimated max descriptors: %d, initial socket boundary: %d", 424 getdtablesize(), socket_boundary); 425#endif 426 } 427 428 /* 429 * Leave a space for stdio to work in. potentially moving the 430 * socket_boundary lower until allocation succeeds. 431 */ 432 do { 433 if (fd >= 0 && fd < socket_boundary) { 434 /* inside reserved range: attempt to move fd */ 435 newfd = fcntl(fd, F_DUPFD, socket_boundary); 436 437 if (newfd != -1) { 438 /* success: drop the old one - return the new one */ 439 close(fd); 440 return newfd; 441 } 442 } else { 443 /* outside reserved range: no work - return the original one */ 444 return fd; 445 } 446 socket_boundary = max(0, socket_boundary - FD_CHUNK); 447#ifdef DEBUG 448 msyslog(LOG_DEBUG, 449 "ntp_io: selecting new socket boundary: %d", 450 socket_boundary); 451#endif 452 } while (socket_boundary > 0); 453#else 454 NTP_REQUIRE((int)fd >= 0); 455#endif /* !defined(SYS_WINNT) && defined(F_DUPFD) */ 456 return fd; 457} 458 459#ifdef DEBUG_TIMING 460/* 461 * collect timing information for various processing 462 * paths. currently we only pass then on to the file 463 * for later processing. this could also do histogram 464 * based analysis in other to reduce the load (and skew) 465 * dur to the file output 466 */ 467void 468collect_timing(struct recvbuf *rb, const char *tag, int count, l_fp *dts) 469{ 470 char buf[256]; 471 472 snprintf(buf, sizeof(buf), "%s %d %s %s", 473 (rb != NULL) 474 ? ((rb->dstadr != NULL) 475 ? stoa(&rb->recv_srcadr) 476 : "-REFCLOCK-") 477 : "-", 478 count, lfptoa(dts, 9), tag); 479 record_timing_stats(buf); 480} 481#endif 482 483/* 484 * About dynamic interfaces, sockets, reception and more... 485 * 486 * the code solves following tasks: 487 * 488 * - keep a current list of active interfaces in order 489 * to bind to to the interface address on NTP_PORT so that 490 * all wild and specific bindings for NTP_PORT are taken by ntpd 491 * to avoid other daemons messing with the time or sockets. 492 * - all interfaces keep a list of peers that are referencing 493 * the interface in order to quickly re-assign the peers to 494 * new interface in case an interface is deleted (=> gone from system or 495 * down) 496 * - have a preconfigured socket ready with the right local address 497 * for transmission and reception 498 * - have an address list for all destination addresses used within ntpd 499 * to find the "right" preconfigured socket. 500 * - facilitate updating the internal interface list with respect to 501 * the current kernel state 502 * 503 * special issues: 504 * 505 * - mapping of multicast addresses to the interface affected is not always 506 * one to one - especially on hosts with multiple interfaces 507 * the code here currently allocates a separate interface entry for those 508 * multicast addresses 509 * iff it is able to bind to a *new* socket with the multicast address (flags |= MCASTIF) 510 * in case of failure the multicast address is bound to an existing interface. 511 * - on some systems it is perfectly legal to assign the same address to 512 * multiple interfaces. Therefore this code does not keep a list of interfaces 513 * but a list of interfaces that represent a unique address as determined by the kernel 514 * by the procedure in findlocalinterface. Thus it is perfectly legal to see only 515 * one representative of a group of real interfaces if they share the same address. 516 * 517 * Frank Kardel 20050910 518 */ 519 520/* 521 * init_io - initialize I/O data structures and call socket creation routine 522 */ 523void 524init_io(void) 525{ 526 /* 527 * Init buffer free list and stat counters 528 */ 529 init_recvbuff(RECV_INIT); 530 531#ifdef SYS_WINNT 532 init_io_completion_port(); 533#endif /* SYS_WINNT */ 534 535#if defined(HAVE_SIGNALED_IO) 536 (void) set_signal(); 537#endif 538} 539 540 541/* 542 * io_open_sockets - call socket creation routine 543 */ 544void 545io_open_sockets(void) 546{ 547 static int already_opened; 548 549 if (already_opened || HAVE_OPT( SAVECONFIGQUIT )) 550 return; 551 552 already_opened = 1; 553 554 /* 555 * Create the sockets 556 */ 557 BLOCKIO(); 558 create_sockets(NTP_PORT); 559 UNBLOCKIO(); 560 561 init_async_notifications(); 562 563 DPRINTF(3, ("io_open_sockets: maxactivefd %d\n", maxactivefd)); 564} 565 566 567#ifdef DEBUG 568/* 569 * function to dump the contents of the interface structure 570 * for debugging use only. 571 */ 572void 573interface_dump(struct interface *itf) 574{ 575 printf("Dumping interface: %p\n", itf); 576 printf("fd = %d\n", itf->fd); 577 printf("bfd = %d\n", itf->bfd); 578 printf("sin = %s,\n", stoa(&itf->sin)); 579 sockaddr_dump(&itf->sin); 580 printf("bcast = %s,\n", stoa(&itf->bcast)); 581 sockaddr_dump(&itf->bcast); 582 printf("mask = %s,\n", stoa(&itf->mask)); 583 sockaddr_dump(&itf->mask); 584 printf("name = %s\n", itf->name); 585 printf("flags = 0x%08x\n", itf->flags); 586 printf("last_ttl = %d\n", itf->last_ttl); 587 printf("addr_refid = %08x\n", itf->addr_refid); 588 printf("num_mcast = %d\n", itf->num_mcast); 589 printf("received = %ld\n", itf->received); 590 printf("sent = %ld\n", itf->sent); 591 printf("notsent = %ld\n", itf->notsent); 592 printf("scopeid = %u\n", itf->scopeid); 593 printf("peercnt = %u\n", itf->peercnt); 594 printf("phase = %u\n", itf->phase); 595} 596 597/* 598 * sockaddr_dump - hex dump the start of a sockaddr_u 599 */ 600static void 601sockaddr_dump(sockaddr_u *psau) 602{ 603 /* Limit the size of the sockaddr_storage hex dump */ 604 const int maxsize = min(32, sizeof(psau->sas)); 605 u_char * cp; 606 int i; 607 608 cp = (u_char *)&psau->sas; 609 610 for(i = 0; i < maxsize; i++) 611 { 612 printf("%02x", *cp++); 613 if (!((i + 1) % 4)) 614 printf(" "); 615 } 616 printf("\n"); 617} 618 619/* 620 * print_interface - helper to output debug information 621 */ 622static void 623print_interface(struct interface *iface, char *pfx, char *sfx) 624{ 625 printf("%sinterface #%d: fd=%d, bfd=%d, name=%s, flags=0x%x, scope=%d, sin=%s", 626 pfx, 627 iface->ifnum, 628 iface->fd, 629 iface->bfd, 630 iface->name, 631 iface->flags, 632 iface->scopeid, 633 stoa(&iface->sin)); 634 if (AF_INET == iface->family) { 635 if (iface->flags & INT_BROADCAST) 636 printf(", bcast=%s", stoa(&iface->bcast)); 637 printf(", mask=%s", stoa(&iface->mask)); 638 } 639 printf(", %s:%s", 640 (iface->ignore_packets) 641 ? "Disabled" 642 : "Enabled", 643 sfx); 644 if (debug > 4) /* in-depth debugging only */ 645 interface_dump(iface); 646} 647#endif 648 649#if !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) 650/* 651 * create an asyncio_reader structure 652 */ 653static struct asyncio_reader * 654new_asyncio_reader(void) 655{ 656 struct asyncio_reader *reader; 657 658 reader = emalloc(sizeof(*reader)); 659 660 memset(reader, 0, sizeof(*reader)); 661 reader->fd = INVALID_SOCKET; 662 return reader; 663} 664 665/* 666 * delete a reader 667 */ 668static void 669delete_asyncio_reader( 670 struct asyncio_reader *reader 671 ) 672{ 673 free(reader); 674} 675 676/* 677 * add asynchio_reader 678 */ 679static void 680add_asyncio_reader( 681 struct asyncio_reader * reader, 682 enum desc_type type) 683{ 684 LINK_SLIST(asyncio_reader_list, reader, link); 685 add_fd_to_list(reader->fd, type); 686} 687 688/* 689 * remove asynchio_reader 690 */ 691static void 692remove_asyncio_reader( 693 struct asyncio_reader *reader 694 ) 695{ 696 struct asyncio_reader *unlinked; 697 698 UNLINK_SLIST(unlinked, asyncio_reader_list, reader, link, 699 struct asyncio_reader); 700 701 if (reader->fd != INVALID_SOCKET) 702 close_and_delete_fd_from_list(reader->fd); 703 704 reader->fd = INVALID_SOCKET; 705} 706#endif /* !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) */ 707 708/* 709 * Code to tell if we have an IP address 710 * If we have then return the sockaddr structure 711 * and set the return value 712 * see the bind9/getaddresses.c for details 713 */ 714isc_boolean_t 715is_ip_address( 716 const char * host, 717 isc_netaddr_t * addr 718 ) 719{ 720 struct in_addr in4; 721 struct in6_addr in6; 722 char tmpbuf[128]; 723 char *pch; 724 725 NTP_REQUIRE(host != NULL); 726 NTP_REQUIRE(addr != NULL); 727 728 /* 729 * Try IPv4, then IPv6. In order to handle the extended format 730 * for IPv6 scoped addresses (address%scope_ID), we'll use a local 731 * working buffer of 128 bytes. The length is an ad-hoc value, but 732 * should be enough for this purpose; the buffer can contain a string 733 * of at least 80 bytes for scope_ID in addition to any IPv6 numeric 734 * addresses (up to 46 bytes), the delimiter character and the 735 * terminating NULL character. 736 */ 737 if (inet_pton(AF_INET, host, &in4) == 1) { 738 isc_netaddr_fromin(addr, &in4); 739 return (ISC_TRUE); 740 } else if (sizeof(tmpbuf) > strlen(host)) { 741 if ('[' == host[0]) { 742 strncpy(tmpbuf, &host[1], sizeof(tmpbuf)); 743 pch = strchr(tmpbuf, ']'); 744 if (pch != NULL) 745 *pch = '\0'; 746 } else 747 strncpy(tmpbuf, host, sizeof(tmpbuf)); 748 pch = strchr(tmpbuf, '%'); 749 if (pch != NULL) 750 *pch = '\0'; 751 752 if (inet_pton(AF_INET6, tmpbuf, &in6) == 1) { 753 isc_netaddr_fromin6(addr, &in6); 754 return (ISC_TRUE); 755 } 756 } 757 /* 758 * If we got here it was not an IP address 759 */ 760 return (ISC_FALSE); 761} 762 763 764/* 765 * interface list enumerator - visitor pattern 766 */ 767void 768interface_enumerate( 769 interface_receiver_t receiver, 770 void * data 771 ) 772{ 773 interface_info_t ifi; 774 775 ifi.action = IFS_EXISTS; 776 777 for (ifi.interface = inter_list; 778 ifi.interface != NULL; 779 ifi.interface = ifi.interface->link) 780 (*receiver)(data, &ifi); 781} 782 783/* 784 * do standard initialization of interface structure 785 */ 786static void 787init_interface( 788 struct interface *iface 789 ) 790{ 791 memset(iface, 0, sizeof(*iface)); 792 iface->fd = INVALID_SOCKET; 793 iface->bfd = INVALID_SOCKET; 794 iface->phase = sys_interphase; 795} 796 797 798/* 799 * create new interface structure initialize from 800 * template structure or via standard initialization 801 * function 802 */ 803static struct interface * 804new_interface( 805 struct interface *interface 806 ) 807{ 808 static u_int sys_ifnum = 0; 809 struct interface * iface; 810 811 iface = emalloc(sizeof(*iface)); 812 813 if (NULL == interface) 814 init_interface(iface); 815 else /* use the template */ 816 memcpy(iface, interface, sizeof(*iface)); 817 818 /* count every new instance of an interface in the system */ 819 iface->ifnum = sys_ifnum++; 820 iface->starttime = current_time; 821 822 return iface; 823} 824 825 826/* 827 * return interface storage into free memory pool 828 */ 829static inline void 830delete_interface( 831 struct interface *interface 832 ) 833{ 834 free(interface); 835} 836 837 838/* 839 * link interface into list of known interfaces 840 */ 841static void 842add_interface( 843 struct interface *interface 844 ) 845{ 846 /* 847 * Calculate the address hash 848 */ 849 interface->addr_refid = addr2refid(&interface->sin); 850 851 LINK_SLIST(inter_list, interface, link); 852 ninterfaces++; 853} 854 855 856/* 857 * remove interface from known interface list and clean up 858 * associated resources 859 */ 860static void 861remove_interface( 862 struct interface *iface 863 ) 864{ 865 struct interface *unlinked; 866 sockaddr_u resmask; 867 868 UNLINK_SLIST(unlinked, inter_list, iface, link, struct 869 interface); 870 871 delete_interface_from_list(iface); 872 873 if (iface->fd != INVALID_SOCKET) { 874 msyslog(LOG_INFO, 875 "Deleting interface #%d %s, %s#%d, interface stats: received=%ld, sent=%ld, dropped=%ld, active_time=%ld secs", 876 iface->ifnum, 877 iface->name, 878 stoa(&iface->sin), 879 SRCPORT(&iface->sin), 880 iface->received, 881 iface->sent, 882 iface->notsent, 883 current_time - iface->starttime); 884 885 close_and_delete_fd_from_list(iface->fd); 886 } 887 888 if (iface->bfd != INVALID_SOCKET) { 889 msyslog(LOG_INFO, 890 "Deleting broadcast address %s#%d from interface #%d %s", 891 stoa(&iface->bcast), 892 SRCPORT(&iface->bcast), 893 iface->ifnum, 894 iface->name); 895 896 close_and_delete_fd_from_list(iface->bfd); 897 } 898 899 ninterfaces--; 900 ntp_monclearinterface(iface); 901 902 /* remove restrict interface entry */ 903 SET_HOSTMASK(&resmask, AF(&iface->sin)); 904 hack_restrict(RESTRICT_REMOVEIF, &iface->sin, &resmask, 905 RESM_NTPONLY | RESM_INTERFACE, RES_IGNORE); 906} 907 908 909static void 910list_if_listening( 911 struct interface * iface 912 ) 913{ 914 msyslog(LOG_INFO, "%s on %d %s %s UDP %d", 915 (iface->ignore_packets) 916 ? "Listen and drop" 917 : "Listen normally", 918 iface->ifnum, 919 iface->name, 920 stoa(&iface->sin), 921 SRCPORT(&iface->sin)); 922} 923 924 925static void 926create_wildcards( 927 u_short port 928 ) 929{ 930 int v4wild, v6wild; 931 sockaddr_u wildaddr; 932 isc_netaddr_t wnaddr; 933 nic_rule_action action; 934 struct interface * wildif; 935 936 /* 937 * silence "potentially uninitialized" warnings from VC9 938 * failing to follow the logic. Ideally action could remain 939 * uninitialized, and the memset be the first statement under 940 * the first if (v4wild). 941 */ 942 action = ACTION_LISTEN; 943 memset(&wildaddr, 0, sizeof(wildaddr)); 944 945 /* 946 * create pseudo-interface with wildcard IPv4 address 947 */ 948 v4wild = ipv4_works; 949 if (v4wild) { 950 /* set wildaddr to the v4 wildcard address 0.0.0.0 */ 951 AF(&wildaddr) = AF_INET; 952 SET_ADDR4(&wildaddr, INADDR_ANY); 953 SET_PORT(&wildaddr, port); 954 955 /* make an libisc-friendly copy */ 956 isc_netaddr_fromin(&wnaddr, &wildaddr.sa4.sin_addr); 957 958 /* check for interface/nic rules affecting the wildcard */ 959 action = interface_action(NULL, &wnaddr, 0); 960 v4wild = (ACTION_IGNORE != action); 961 } 962 if (v4wild) { 963 wildif = new_interface(NULL); 964 965 strncpy(wildif->name, "v4wildcard", sizeof(wildif->name)); 966 memcpy(&wildif->sin, &wildaddr, sizeof(wildif->sin)); 967 wildif->family = AF_INET; 968 AF(&wildif->mask) = AF_INET; 969 SET_ONESMASK(&wildif->mask); 970 971 wildif->flags = INT_BROADCAST | INT_UP | INT_WILDCARD; 972 wildif->ignore_packets = (ACTION_DROP == action); 973#if defined(MCAST) 974 /* 975 * enable multicast reception on the broadcast socket 976 */ 977 AF(&wildif->bcast) = AF_INET; 978 SET_ADDR4(&wildif->bcast, INADDR_ANY); 979 SET_PORT(&wildif->bcast, port); 980#endif /* MCAST */ 981 wildif->fd = open_socket(&wildif->sin, 0, 1, wildif); 982 983 if (wildif->fd != INVALID_SOCKET) { 984 wildipv4 = wildif; 985 any_interface = wildif; 986 987 add_addr_to_list(&wildif->sin, wildif); 988 add_interface(wildif); 989 list_if_listening(wildif); 990 } else { 991 msyslog(LOG_ERR, 992 "unable to bind to wildcard address %s - another process may be running - EXITING", 993 stoa(&wildif->sin)); 994 exit(1); 995 } 996 DPRINT_INTERFACE(2, (wildif, "created ", "\n")); 997 } 998 999#ifdef INCLUDE_IPV6_SUPPORT 1000 /* 1001 * create pseudo-interface with wildcard IPv6 address 1002 */ 1003 v6wild = ipv6_works; 1004 if (v6wild) { 1005 /* set wildaddr to the v6 wildcard address :: */ 1006 memset(&wildaddr, 0, sizeof(wildaddr)); 1007 AF(&wildaddr) = AF_INET6; 1008 SET_ADDR6N(&wildaddr, in6addr_any); 1009 SET_PORT(&wildaddr, port); 1010 SET_SCOPE(&wildaddr, 0); 1011 1012 /* make an libisc-friendly copy */ 1013 isc_netaddr_fromin(&wnaddr, &wildaddr.sa4.sin_addr); 1014 1015 /* check for interface/nic rules affecting the wildcard */ 1016 action = interface_action(NULL, &wnaddr, 0); 1017 v6wild = (ACTION_IGNORE != action); 1018 } 1019 if (v6wild) { 1020 wildif = new_interface(NULL); 1021 1022 strncpy(wildif->name, "v6wildcard", sizeof(wildif->name)); 1023 memcpy(&wildif->sin, &wildaddr, sizeof(wildif->sin)); 1024 wildif->family = AF_INET6; 1025 AF(&wildif->mask) = AF_INET6; 1026 SET_ONESMASK(&wildif->mask); 1027 1028 wildif->flags = INT_UP | INT_WILDCARD; 1029 wildif->ignore_packets = (ACTION_DROP == action); 1030 1031 wildif->fd = open_socket(&wildif->sin, 0, 1, wildif); 1032 1033 if (wildif->fd != INVALID_SOCKET) { 1034 wildipv6 = wildif; 1035 any6_interface = wildif; 1036 add_addr_to_list(&wildif->sin, wildif); 1037 add_interface(wildif); 1038 list_if_listening(wildif); 1039 } else { 1040 msyslog(LOG_ERR, 1041 "unable to bind to wildcard address %s - another process may be running - EXITING", 1042 stoa(&wildif->sin)); 1043 exit(1); 1044 } 1045 DPRINT_INTERFACE(2, (wildif, "created ", "\n")); 1046 } 1047#endif 1048} 1049 1050 1051/* 1052 * add_nic_rule() -- insert a rule entry at the head of nic_rule_list. 1053 */ 1054void 1055add_nic_rule( 1056 nic_rule_match match_type, 1057 const char * if_name, /* interface name or numeric address */ 1058 int prefixlen, 1059 nic_rule_action action 1060 ) 1061{ 1062 nic_rule * rule; 1063 isc_boolean_t is_ip; 1064 1065 rule = emalloc(sizeof(*rule)); 1066 memset(rule, 0, sizeof(*rule)); 1067 rule->match_type = match_type; 1068 rule->prefixlen = prefixlen; 1069 rule->action = action; 1070 1071 if (MATCH_IFNAME == match_type) { 1072 NTP_REQUIRE(NULL != if_name); 1073 rule->if_name = estrdup(if_name); 1074 } else if (MATCH_IFADDR == match_type) { 1075 NTP_REQUIRE(NULL != if_name); 1076 /* set rule->netaddr */ 1077 is_ip = is_ip_address(if_name, &rule->netaddr); 1078 NTP_REQUIRE(is_ip); 1079 } else 1080 NTP_REQUIRE(NULL == if_name); 1081 1082 LINK_SLIST(nic_rule_list, rule, next); 1083} 1084 1085 1086#ifdef DEBUG 1087static const char * 1088action_text( 1089 nic_rule_action action 1090 ) 1091{ 1092 const char *t; 1093 1094 switch (action) { 1095 1096 default: 1097 t = "ERROR"; /* quiet uninit warning */ 1098 DPRINTF(1, ("fatal: unknown nic_rule_action %d\n", 1099 action)); 1100 NTP_ENSURE(0); 1101 break; 1102 1103 case ACTION_LISTEN: 1104 t = "listen"; 1105 break; 1106 1107 case ACTION_IGNORE: 1108 t = "ignore"; 1109 break; 1110 1111 case ACTION_DROP: 1112 t = "drop"; 1113 break; 1114 } 1115 1116 return t; 1117} 1118#endif /* DEBUG */ 1119 1120 1121static nic_rule_action 1122interface_action( 1123 char * if_name, 1124 isc_netaddr_t * if_netaddr, 1125 isc_uint32_t if_flags 1126 ) 1127{ 1128 nic_rule *rule; 1129 int isloopback; 1130 int iswildcard; 1131 1132 DPRINTF(4, ("interface_action: interface %s ", 1133 (if_name != NULL) ? if_name : "wildcard")); 1134 1135 iswildcard = is_wildcard_netaddr(if_netaddr); 1136 1137 /* 1138 * Always listen on 127.0.0.1 - required by ntp_intres 1139 */ 1140 if (if_flags & INTERFACE_F_LOOPBACK) { 1141 isloopback = 1; 1142 if (AF_INET == if_netaddr->family) { 1143 DPRINTF(4, ("IPv4 loopback - listen\n")); 1144 return ACTION_LISTEN; 1145 } 1146 } else 1147 isloopback = 0; 1148 1149 /* 1150 * Find any matching NIC rule from --interface / -I or ntp.conf 1151 * interface/nic rules. 1152 */ 1153 for (rule = nic_rule_list; rule != NULL; rule = rule->next) { 1154 1155 switch (rule->match_type) { 1156 1157 case MATCH_ALL: 1158 /* loopback and wildcard excluded from "all" */ 1159 if (isloopback || iswildcard) 1160 break; 1161 DPRINTF(4, ("nic all %s\n", 1162 action_text(rule->action))); 1163 return rule->action; 1164 1165 case MATCH_IPV4: 1166 if (AF_INET == if_netaddr->family) { 1167 DPRINTF(4, ("nic ipv4 %s\n", 1168 action_text(rule->action))); 1169 return rule->action; 1170 } 1171 break; 1172 1173 case MATCH_IPV6: 1174 if (AF_INET6 == if_netaddr->family) { 1175 DPRINTF(4, ("nic ipv6 %s\n", 1176 action_text(rule->action))); 1177 return rule->action; 1178 } 1179 break; 1180 1181 case MATCH_WILDCARD: 1182 if (iswildcard) { 1183 DPRINTF(4, ("nic wildcard %s\n", 1184 action_text(rule->action))); 1185 return rule->action; 1186 } 1187 break; 1188 1189 case MATCH_IFADDR: 1190 if (rule->prefixlen != -1) { 1191 if (isc_netaddr_eqprefix(if_netaddr, 1192 &rule->netaddr, rule->prefixlen)) { 1193 1194 DPRINTF(4, ("subnet address match - %s\n", 1195 action_text(rule->action))); 1196 return rule->action; 1197 } 1198 } else 1199 if (isc_netaddr_equal(if_netaddr, 1200 &rule->netaddr)) { 1201 1202 DPRINTF(4, ("address match - %s\n", 1203 action_text(rule->action))); 1204 return rule->action; 1205 } 1206 break; 1207 1208 case MATCH_IFNAME: 1209 if (if_name != NULL 1210 && !strcasecmp(if_name, rule->if_name)) { 1211 1212 DPRINTF(4, ("interface name match - %s\n", 1213 action_text(rule->action))); 1214 return rule->action; 1215 } 1216 break; 1217 } 1218 } 1219 1220 /* 1221 * Unless explicitly disabled such as with "nic ignore ::1" 1222 * listen on loopback addresses. Since ntpq and ntpdc query 1223 * "localhost" by default, which typically resolves to ::1 and 1224 * 127.0.0.1, it's useful to default to listening on both. 1225 */ 1226 if (isloopback) { 1227 DPRINTF(4, ("default loopback listen\n")); 1228 return ACTION_LISTEN; 1229 } 1230 1231 /* 1232 * Treat wildcard addresses specially. If there is no explicit 1233 * "nic ... wildcard" or "nic ... 0.0.0.0" or "nic ... ::" rule 1234 * default to drop. 1235 */ 1236 if (iswildcard) { 1237 DPRINTF(4, ("default wildcard drop\n")); 1238 return ACTION_DROP; 1239 } 1240 1241 /* 1242 * Check for "virtual IP" (colon in the interface name) after 1243 * the rules so that "ntpd --interface eth0:1 -novirtualips" 1244 * does indeed listen on eth0:1's addresses. 1245 */ 1246 if (!listen_to_virtual_ips && if_name != NULL 1247 && (strchr(if_name, ':') != NULL)) { 1248 1249 DPRINTF(4, ("virtual ip - ignore\n")); 1250 return ACTION_IGNORE; 1251 } 1252 1253 /* 1254 * If there are no --interface/-I command-line options and no 1255 * interface/nic rules in ntp.conf, the default action is to 1256 * listen. In the presence of rules from either, the default 1257 * is to ignore. This implements ntpd's traditional listen- 1258 * every default with no interface listen configuration, and 1259 * ensures a single -I eth0 or "nic listen eth0" means do not 1260 * listen on any other addresses. 1261 */ 1262 if (NULL == nic_rule_list) { 1263 DPRINTF(4, ("default listen\n")); 1264 return ACTION_LISTEN; 1265 } 1266 1267 DPRINTF(4, ("implicit ignore\n")); 1268 return ACTION_IGNORE; 1269} 1270 1271 1272static void 1273convert_isc_if( 1274 isc_interface_t *isc_if, 1275 struct interface *itf, 1276 u_short port 1277 ) 1278{ 1279 strncpy(itf->name, isc_if->name, sizeof(itf->name)); 1280 itf->name[sizeof(itf->name) - 1] = 0; /* strncpy may not */ 1281 itf->family = (u_short)isc_if->af; 1282 AF(&itf->sin) = itf->family; 1283 AF(&itf->mask) = itf->family; 1284 AF(&itf->bcast) = itf->family; 1285 SET_PORT(&itf->sin, port); 1286 SET_PORT(&itf->mask, port); 1287 SET_PORT(&itf->bcast, port); 1288 1289 if (IS_IPV4(&itf->sin)) { 1290 NSRCADR(&itf->sin) = isc_if->address.type.in.s_addr; 1291 NSRCADR(&itf->mask) = isc_if->netmask.type.in.s_addr; 1292 1293 if (isc_if->flags & INTERFACE_F_BROADCAST) { 1294 itf->flags |= INT_BROADCAST; 1295 NSRCADR(&itf->bcast) = 1296 isc_if->broadcast.type.in.s_addr; 1297 } 1298 } 1299#ifdef INCLUDE_IPV6_SUPPORT 1300 else if (IS_IPV6(&itf->sin)) { 1301 SET_ADDR6N(&itf->sin, isc_if->address.type.in6); 1302 SET_ADDR6N(&itf->mask, isc_if->netmask.type.in6); 1303 1304 itf->scopeid = isc_netaddr_getzone(&isc_if->address); 1305 SET_SCOPE(&itf->sin, itf->scopeid); 1306 } 1307#endif /* INCLUDE_IPV6_SUPPORT */ 1308 1309 1310 /* Process the rest of the flags */ 1311 1312 itf->flags |= 1313 ((INTERFACE_F_UP & isc_if->flags) 1314 ? INT_UP : 0) 1315 | ((INTERFACE_F_LOOPBACK & isc_if->flags) 1316 ? INT_LOOPBACK : 0) 1317 | ((INTERFACE_F_POINTTOPOINT & isc_if->flags) 1318 ? INT_PPP : 0) 1319 | ((INTERFACE_F_MULTICAST & isc_if->flags) 1320 ? INT_MULTICAST : 0) 1321 ; 1322} 1323 1324 1325/* 1326 * refresh_interface 1327 * 1328 * some OSes have been observed to keep 1329 * cached routes even when more specific routes 1330 * become available. 1331 * this can be mitigated by re-binding 1332 * the socket. 1333 */ 1334static int 1335refresh_interface( 1336 struct interface * interface 1337 ) 1338{ 1339#ifdef OS_MISSES_SPECIFIC_ROUTE_UPDATES 1340 if (interface->fd != INVALID_SOCKET) { 1341 close_and_delete_fd_from_list(interface->fd); 1342 interface->fd = open_socket(&interface->sin, 1343 0, 0, interface); 1344 /* 1345 * reset TTL indication so TTL is is set again 1346 * next time around 1347 */ 1348 interface->last_ttl = 0; 1349 return (interface->fd != INVALID_SOCKET); 1350 } else 1351 return 0; /* invalid sockets are not refreshable */ 1352#else /* !OS_MISSES_SPECIFIC_ROUTE_UPDATES */ 1353 if (interface->fd != INVALID_SOCKET) { 1354 if (IS_IPV6(&interface->sin)) { /* If address is now deprecated then close fd */ 1355 struct in6_ifreq ifr6; 1356 strlcpy(ifr6.ifr_name, interface->name, sizeof(ifr6.ifr_name)); 1357 ifr6.ifr_addr = *(struct sockaddr_in6 *)&interface->sin; 1358 if (ioctl(interface->fd, SIOCGIFAFLAG_IN6, &ifr6) >= 0) { 1359 interface->flags6 = ifr6.ifr_ifru.ifru_flags6; 1360 if (interface->flags6 & IN6_AVOID_FLAGS) { 1361 close_and_delete_fd_from_list(interface->fd); 1362 interface->fd = INVALID_SOCKET; 1363 } 1364 } 1365 } 1366 } 1367 return (interface->fd != INVALID_SOCKET); 1368#endif /* !OS_MISSES_SPECIFIC_ROUTE_UPDATES */ 1369} 1370 1371/* 1372 * interface_update - externally callable update function 1373 */ 1374void 1375interface_update( 1376 interface_receiver_t receiver, 1377 void * data) 1378{ 1379 int new_interface_found; 1380 1381 if (disable_dynamic_updates) 1382 return; 1383 1384 BLOCKIO(); 1385 new_interface_found = update_interfaces(NTP_PORT, receiver, data); 1386 UNBLOCKIO(); 1387 1388 if (!new_interface_found) 1389 return; 1390 1391#ifdef DEBUG 1392 msyslog(LOG_DEBUG, "new interface(s) found: waking up resolver"); 1393#endif 1394#ifdef SYS_WINNT 1395 /* wake up the resolver thread */ 1396 if (ResolverEventHandle != NULL) 1397 SetEvent(ResolverEventHandle); 1398#else 1399 /* write any single byte to the pipe to wake up the resolver process */ 1400 write( resolver_pipe_fd[1], &new_interface_found, 1 ); 1401#endif 1402} 1403 1404 1405/* 1406 * sau_from_netaddr() - convert network address on-wire formats. 1407 * Convert from libisc's isc_netaddr_t to NTP's sockaddr_u 1408 */ 1409void 1410sau_from_netaddr( 1411 sockaddr_u *psau, 1412 const isc_netaddr_t *pna 1413 ) 1414{ 1415 memset(psau, 0, sizeof(*psau)); 1416 AF(psau) = (u_short)pna->family; 1417 switch (pna->family) { 1418 1419 case AF_INET: 1420 memcpy(&psau->sa4.sin_addr, &pna->type.in, 1421 sizeof(psau->sa4.sin_addr)); 1422 break; 1423 1424 case AF_INET6: 1425 memcpy(&psau->sa6.sin6_addr, &pna->type.in6, 1426 sizeof(psau->sa6.sin6_addr)); 1427 break; 1428 } 1429} 1430 1431 1432static int 1433is_wildcard_addr( 1434 sockaddr_u *psau 1435 ) 1436{ 1437 if (IS_IPV4(psau) && !NSRCADR(psau)) 1438 return 1; 1439 1440#ifdef INCLUDE_IPV6_SUPPORT 1441 if (IS_IPV6(psau) && S_ADDR6_EQ(psau, &in6addr_any)) 1442 return 1; 1443#endif 1444 1445 return 0; 1446} 1447 1448 1449static int 1450is_wildcard_netaddr( 1451 const isc_netaddr_t *pna 1452 ) 1453{ 1454 sockaddr_u sau; 1455 1456 sau_from_netaddr(&sau, pna); 1457 1458 return is_wildcard_addr(&sau); 1459} 1460 1461 1462#ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 1463/* 1464 * enable/disable re-use of wildcard address socket 1465 */ 1466static void 1467set_wildcard_reuse( 1468 u_short family, 1469 int on 1470 ) 1471{ 1472 struct interface *any; 1473 SOCKET fd = INVALID_SOCKET; 1474 1475 any = ANY_INTERFACE_BYFAM(family); 1476 if (any != NULL) 1477 fd = any->fd; 1478 1479 if (fd != INVALID_SOCKET) { 1480 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, 1481 (char *)&on, sizeof(on))) 1482 msyslog(LOG_ERR, 1483 "set_wildcard_reuse: setsockopt(SO_REUSEADDR, %s) failed: %m", 1484 on ? "on" : "off"); 1485 1486 DPRINTF(4, ("set SO_REUSEADDR to %s on %s\n", 1487 on ? "on" : "off", 1488 stoa(&any->sin))); 1489 } 1490} 1491#endif /* OS_NEEDS_REUSEADDR_FOR_IFADDRBIND */ 1492 1493/* 1494 * update_interface strategy 1495 * 1496 * toggle configuration phase 1497 * 1498 * Phase 1: 1499 * forall currently existing interfaces 1500 * if address is known: 1501 * drop socket - rebind again 1502 * 1503 * if address is NOT known: 1504 * attempt to create a new interface entry 1505 * 1506 * Phase 2: 1507 * forall currently known non MCAST and WILDCARD interfaces 1508 * if interface does not match configuration phase (not seen in phase 1): 1509 * remove interface from known interface list 1510 * forall peers associated with this interface 1511 * disconnect peer from this interface 1512 * 1513 * Phase 3: 1514 * attempt to re-assign interfaces to peers 1515 * 1516 */ 1517 1518static int 1519update_interfaces( 1520 u_short port, 1521 interface_receiver_t receiver, 1522 void * data 1523 ) 1524{ 1525 isc_mem_t * mctx = (void *)-1; 1526 interface_info_t ifi; 1527 isc_interfaceiter_t * iter; 1528 isc_result_t result; 1529 isc_interface_t isc_if; 1530 int new_interface_found; 1531 unsigned int family; 1532 struct interface interface; 1533 struct interface * iface; 1534 struct interface * next; 1535 1536 DPRINTF(3, ("update_interfaces(%d)\n", port)); 1537 1538 /* 1539 * phase one - scan interfaces 1540 * - create those that are not found 1541 * - update those that are found 1542 */ 1543 1544 new_interface_found = 0; 1545 iter = NULL; 1546 result = isc_interfaceiter_create(mctx, &iter); 1547 1548 if (result != ISC_R_SUCCESS) 1549 return 0; 1550 1551 /* 1552 * Toggle system interface scan phase to find untouched 1553 * interfaces to be deleted. 1554 */ 1555 sys_interphase ^= 0x1; 1556 1557 for (result = isc_interfaceiter_first(iter); 1558 ISC_R_SUCCESS == result; 1559 result = isc_interfaceiter_next(iter)) { 1560 1561 result = isc_interfaceiter_current(iter, &isc_if); 1562 1563 if (result != ISC_R_SUCCESS) 1564 break; 1565 1566 /* See if we have a valid family to use */ 1567 family = isc_if.address.family; 1568 if (AF_INET != family && AF_INET6 != family) 1569 continue; 1570 if (AF_INET == family && !ipv4_works) 1571 continue; 1572 if (AF_INET6 == family && !ipv6_works) 1573 continue; 1574 1575 /* create prototype */ 1576 init_interface(&interface); 1577 1578 convert_isc_if(&isc_if, &interface, port); 1579 1580 /* 1581 * Check if and how we are going to use the interface. 1582 */ 1583 switch (interface_action(isc_if.name, &isc_if.address, 1584 isc_if.flags)) { 1585 1586 case ACTION_IGNORE: 1587 continue; 1588 1589 case ACTION_LISTEN: 1590 interface.ignore_packets = ISC_FALSE; 1591 break; 1592 1593 case ACTION_DROP: 1594 interface.ignore_packets = ISC_TRUE; 1595 break; 1596 } 1597 1598 DPRINT_INTERFACE(4, (&interface, "examining ", "\n")); 1599 1600 /* interfaces must be UP to be usable */ 1601 if (!(interface.flags & INT_UP)) { 1602 DPRINTF(4, ("skipping interface %s (%s) - DOWN\n", 1603 interface.name, stoa(&interface.sin))); 1604 continue; 1605 } 1606 1607 /* 1608 * skip any interfaces UP and bound to a wildcard 1609 * address - some dhcp clients produce that in the 1610 * wild 1611 */ 1612 if (is_wildcard_addr(&interface.sin)) 1613 continue; 1614 1615 /* 1616 * map to local *address* in order to map all duplicate 1617 * interfaces to an interface structure with the 1618 * appropriate socket. Our name space is (ip-address), 1619 * NOT (interface name, ip-address). 1620 */ 1621 iface = getinterface(&interface.sin, INT_WILDCARD); 1622 1623 if (iface != NULL && refresh_interface(iface)) { 1624 /* 1625 * found existing and up to date interface - 1626 * mark present. 1627 */ 1628 if (iface->phase != sys_interphase) { 1629 /* 1630 * On a new round we reset the name so 1631 * the interface name shows up again if 1632 * this address is no longer shared. 1633 * The same reasoning goes for the 1634 * ignore_packets flag. 1635 */ 1636 strncpy(iface->name, interface.name, 1637 sizeof(iface->name)); 1638 iface->ignore_packets = 1639 interface.ignore_packets; 1640 } else 1641 /* name collision - rename interface */ 1642 strncpy(iface->name, "*multiple*", 1643 sizeof(iface->name)); 1644 1645 DPRINT_INTERFACE(4, (iface, "updating ", 1646 " present\n")); 1647 1648 if (iface->ignore_packets != 1649 interface.ignore_packets) { 1650 /* 1651 * We have conflicting configurations 1652 * for the interface address. This is 1653 * caused by using -I <interfacename> 1654 * for an interface that shares its 1655 * address with other interfaces. We 1656 * can not disambiguate incoming 1657 * packets delivered to this socket 1658 * without extra syscalls/features. 1659 * These are not (commonly) available. 1660 * Note this is a more unusual 1661 * configuration where several 1662 * interfaces share an address but 1663 * filtering via interface name is 1664 * attempted. We resolve the 1665 * configuration conflict by disabling 1666 * the processing of received packets. 1667 * This leads to no service on the 1668 * interface address where the conflict 1669 * occurs. 1670 */ 1671 msyslog(LOG_ERR, 1672 "WARNING: conflicting enable configuration for interfaces %s and %s for address %s - unsupported configuration - address DISABLED", 1673 interface.name, iface->name, 1674 stoa(&interface.sin)); 1675 1676 iface->ignore_packets = ISC_TRUE; 1677 } 1678 1679 iface->phase = sys_interphase; 1680 1681 ifi.action = IFS_EXISTS; 1682 ifi.interface = iface; 1683 if (receiver != NULL) 1684 (*receiver)(data, &ifi); 1685 } else { 1686 /* 1687 * This is new or refreshing failed - add to 1688 * our interface list. If refreshing failed we 1689 * will delete the interface structure in phase 1690 * 2 as the interface was not marked current. 1691 * We can bind to the address as the refresh 1692 * code already closed the offending socket 1693 */ 1694 int flags6 = 0; 1695 iface = create_interface(port, &interface, &flags6); 1696 1697 if (iface != NULL) { 1698 ifi.action = IFS_CREATED; 1699 ifi.interface = iface; 1700 if (receiver != NULL) 1701 (*receiver)(data, &ifi); 1702 1703 new_interface_found = 1; 1704 1705 DPRINT_INTERFACE(3, 1706 (iface, "updating ", 1707 " new - created\n")); 1708 } else if (0 == (flags6 & IN6_AVOID_FLAGS)) { 1709 DPRINT_INTERFACE(3, 1710 (&interface, "updating ", 1711 " new - creation FAILED")); 1712 1713 msyslog(LOG_INFO, 1714 "failed to init interface for address %s", 1715 stoa(&interface.sin)); 1716 continue; 1717 } 1718 } 1719 } 1720 1721 isc_interfaceiter_destroy(&iter); 1722 1723 /* 1724 * phase 2 - delete gone interfaces - reassigning peers to 1725 * other interfaces 1726 */ 1727 iface = inter_list; 1728 1729 while (iface != NULL) { 1730 next = iface->link; 1731 1732 if (!(iface->flags & (INT_WILDCARD | INT_MCASTIF))) { 1733 /* 1734 * if phase does not match sys_phase this 1735 * interface was not enumerated during the last 1736 * interface scan - so it is gone and will be 1737 * deleted here unless it is solely an MCAST or 1738 * WILDCARD interface. 1739 */ 1740 if (iface->phase != sys_interphase) { 1741 DPRINT_INTERFACE(3, 1742 (iface, "updating ", 1743 "GONE - deleting\n")); 1744 remove_interface(iface); 1745 1746 ifi.action = IFS_DELETED; 1747 ifi.interface = iface; 1748 if (receiver != NULL) 1749 (*receiver)(data, &ifi); 1750 1751 /* 1752 * disconnect peers from deleted 1753 * interface 1754 */ 1755 while (iface->peers != NULL) 1756 set_peerdstadr(iface->peers, NULL); 1757 1758 /* 1759 * update globals in case we lose 1760 * a loopback interface 1761 */ 1762 if (iface == loopback_interface) 1763 loopback_interface = NULL; 1764 1765 delete_interface(iface); 1766 } 1767 } 1768 iface = next; 1769 } 1770 1771 /* 1772 * phase 3 - re-configure as the world has changed if necessary 1773 */ 1774 refresh_all_peerinterfaces(); 1775 return new_interface_found; 1776} 1777 1778 1779/* 1780 * create_sockets - create a socket for each interface plus a default 1781 * socket for when we don't know where to send 1782 */ 1783static int 1784create_sockets( 1785 u_short port 1786 ) 1787{ 1788#ifndef HAVE_IO_COMPLETION_PORT 1789 /* 1790 * I/O Completion Ports don't care about the select and FD_SET 1791 */ 1792 maxactivefd = 0; 1793 FD_ZERO(&activefds); 1794#endif 1795 1796 DPRINTF(2, ("create_sockets(%d)\n", port)); 1797 1798 create_wildcards(port); 1799 1800 update_interfaces(port, NULL, NULL); 1801 1802 /* 1803 * Now that we have opened all the sockets, turn off the reuse 1804 * flag for security. 1805 */ 1806 set_reuseaddr(0); 1807 1808 DPRINTF(2, ("create_sockets: Total interfaces = %d\n", ninterfaces)); 1809 1810 return ninterfaces; 1811} 1812 1813/* 1814 * create_interface - create a new interface for a given prototype 1815 * binding the socket. 1816 */ 1817static struct interface * 1818create_interface( 1819 u_short port, 1820 struct interface * protot, 1821 int *flags6 1822 ) 1823{ 1824 sockaddr_u resmask; 1825 struct interface *iface; 1826 1827 DPRINTF(2, ("create_interface(%s#%d)\n", stoa(&protot->sin), 1828 port)); 1829 1830 /* build an interface */ 1831 iface = new_interface(protot); 1832 1833 /* 1834 * create socket 1835 */ 1836 iface->fd = open_socket(&iface->sin, 0, 0, iface); 1837 1838 if (iface->fd != INVALID_SOCKET) 1839 list_if_listening(iface); 1840 1841 if ((INT_BROADCAST & iface->flags) 1842 && iface->bfd != INVALID_SOCKET) 1843 msyslog(LOG_INFO, "Listening on broadcast address %s#%d", 1844 stoa((&iface->bcast)), port); 1845 1846 if (INVALID_SOCKET == iface->fd 1847 && INVALID_SOCKET == iface->bfd) { 1848 if ((iface->flags6 & IN6_AVOID_FLAGS) == 0) { 1849 msyslog(LOG_ERR, "unable to create socket on %s (%d) for %s#%d", 1850 iface->name, 1851 iface->ifnum, 1852 stoa((&iface->sin)), 1853 port); 1854 } else { 1855 if (flags6) { 1856 *flags6 = iface->flags6; 1857 } 1858 msyslog(LOG_DEBUG, "unable to create socket on %s (%d) for %s#%d flags6:0x%x", 1859 iface->name, 1860 iface->ifnum, 1861 stoa((&iface->sin)), 1862 port, iface->flags6); 1863 } 1864 delete_interface(iface); 1865 return NULL; 1866 } 1867 1868 /* 1869 * Blacklist our own addresses, no use talking to ourself 1870 */ 1871 SET_HOSTMASK(&resmask, AF(&iface->sin)); 1872 hack_restrict(RESTRICT_FLAGS, &iface->sin, &resmask, 1873 RESM_NTPONLY | RESM_INTERFACE, RES_IGNORE); 1874 1875 /* 1876 * set globals with the first found 1877 * loopback interface of the appropriate class 1878 */ 1879 if (NULL == loopback_interface && AF_INET == iface->family 1880 && (INT_LOOPBACK & iface->flags)) 1881 loopback_interface = iface; 1882 1883 /* 1884 * put into our interface list 1885 */ 1886 add_addr_to_list(&iface->sin, iface); 1887 add_interface(iface); 1888 1889 DPRINT_INTERFACE(2, (iface, "created ", "\n")); 1890 return iface; 1891} 1892 1893 1894#ifdef SO_EXCLUSIVEADDRUSE 1895static void 1896set_excladdruse( 1897 SOCKET fd 1898 ) 1899{ 1900 int one = 1; 1901 int failed; 1902#ifdef SYS_WINNT 1903 DWORD err; 1904#endif 1905 1906 failed = setsockopt(fd, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, 1907 (char *)&one, sizeof(one)); 1908 1909 if (!failed) 1910 return; 1911 1912#ifdef SYS_WINNT 1913 /* 1914 * Prior to Windows XP setting SO_EXCLUSIVEADDRUSE can fail with 1915 * error WSAINVAL depending on service pack level and whether 1916 * the user account is in the Administrators group. Do not 1917 * complain if it fails that way on versions prior to XP (5.1). 1918 */ 1919 err = GetLastError(); 1920 1921 if (isc_win32os_versioncheck(5, 1, 0, 0) < 0 /* < 5.1/XP */ 1922 && WSAEINVAL == err) 1923 return; 1924 1925 SetLastError(err); 1926#endif 1927 msyslog(LOG_ERR, 1928 "setsockopt(%d, SO_EXCLUSIVEADDRUSE, on): %m", 1929 (int)fd); 1930} 1931#endif /* SO_EXCLUSIVEADDRUSE */ 1932 1933 1934/* 1935 * set_reuseaddr() - set/clear REUSEADDR on all sockets 1936 * NB possible hole - should we be doing this on broadcast 1937 * fd's also? 1938 */ 1939static void 1940set_reuseaddr( 1941 int flag 1942 ) 1943{ 1944#ifndef SO_EXCLUSIVEADDRUSE 1945 struct interface *interf; 1946 1947 for (interf = inter_list; 1948 interf != NULL; 1949 interf = interf->link) { 1950 1951 if (interf->flags & INT_WILDCARD) 1952 continue; 1953 1954 /* 1955 * if interf->fd is INVALID_SOCKET, we might have a adapter 1956 * configured but not present 1957 */ 1958 DPRINTF(4, ("setting SO_REUSEADDR on %.16s@%s to %s\n", 1959 interf->name, stoa(&interf->sin), 1960 flag ? "on" : "off")); 1961 1962 if (interf->fd != INVALID_SOCKET) { 1963 if (setsockopt(interf->fd, SOL_SOCKET, 1964 SO_REUSEADDR, (char *)&flag, 1965 sizeof(flag))) { 1966 msyslog(LOG_ERR, "set_reuseaddr: setsockopt(SO_REUSEADDR, %s) failed: %m", flag ? "on" : "off"); 1967 } 1968 } 1969 } 1970#endif /* ! SO_EXCLUSIVEADDRUSE */ 1971} 1972 1973/* 1974 * This is just a wrapper around an internal function so we can 1975 * make other changes as necessary later on 1976 */ 1977void 1978enable_broadcast( 1979 struct interface * iface, 1980 sockaddr_u * baddr 1981 ) 1982{ 1983#ifdef OPEN_BCAST_SOCKET 1984 socket_broadcast_enable(iface, iface->fd, baddr); 1985#endif 1986} 1987 1988#ifdef OPEN_BCAST_SOCKET 1989/* 1990 * Enable a broadcast address to a given socket 1991 * The socket is in the inter_list all we need to do is enable 1992 * broadcasting. It is not this function's job to select the socket 1993 */ 1994static isc_boolean_t 1995socket_broadcast_enable( 1996 struct interface * iface, 1997 SOCKET fd, 1998 sockaddr_u * baddr 1999 ) 2000{ 2001#ifdef SO_BROADCAST 2002 int on = 1; 2003 2004 if (IS_IPV4(baddr)) { 2005 /* if this interface can support broadcast, set SO_BROADCAST */ 2006 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, 2007 (char *)&on, sizeof(on))) 2008 msyslog(LOG_ERR, 2009 "setsockopt(SO_BROADCAST) enable failure on address %s: %m", 2010 stoa(baddr)); 2011 else 2012 DPRINTF(2, ("Broadcast enabled on socket %d for address %s\n", 2013 fd, stoa(baddr))); 2014 } 2015 iface->flags |= INT_BCASTOPEN; 2016 broadcast_client_enabled = ISC_TRUE; 2017 return ISC_TRUE; 2018#else 2019 return ISC_FALSE; 2020#endif /* SO_BROADCAST */ 2021} 2022 2023/* 2024 * Remove a broadcast address from a given socket 2025 * The socket is in the inter_list all we need to do is disable 2026 * broadcasting. It is not this function's job to select the socket 2027 */ 2028static isc_boolean_t 2029socket_broadcast_disable( 2030 struct interface * iface, 2031 sockaddr_u * baddr 2032 ) 2033{ 2034#ifdef SO_BROADCAST 2035 int off = 0; /* This seems to be OK as an int */ 2036 2037 if (IS_IPV4(baddr) && setsockopt(iface->fd, SOL_SOCKET, 2038 SO_BROADCAST, (char *)&off, sizeof(off))) 2039 msyslog(LOG_ERR, 2040 "setsockopt(SO_BROADCAST) disable failure on address %s: %m", 2041 stoa(baddr)); 2042 2043 iface->flags &= ~INT_BCASTOPEN; 2044 broadcast_client_enabled = ISC_FALSE; 2045 return ISC_TRUE; 2046#else 2047 return ISC_FALSE; 2048#endif /* SO_BROADCAST */ 2049} 2050 2051#endif /* OPEN_BCAST_SOCKET */ 2052 2053/* 2054 * return the broadcast client flag value 2055 */ 2056isc_boolean_t 2057get_broadcastclient_flag(void) 2058{ 2059 return (broadcast_client_enabled); 2060} 2061/* 2062 * Check to see if the address is a multicast address 2063 */ 2064static isc_boolean_t 2065addr_ismulticast( 2066 sockaddr_u *maddr 2067 ) 2068{ 2069 isc_boolean_t result; 2070 2071#ifndef INCLUDE_IPV6_MULTICAST_SUPPORT 2072 /* 2073 * If we don't have IPV6 support any IPV6 addr is not multicast 2074 */ 2075 if (IS_IPV6(maddr)) 2076 result = ISC_FALSE; 2077 else 2078#endif 2079 result = IS_MCAST(maddr); 2080 2081 if (!result) 2082 DPRINTF(4, ("address %s is not multicast\n", 2083 stoa(maddr))); 2084 2085 return result; 2086} 2087 2088/* 2089 * Multicast servers need to set the appropriate Multicast interface 2090 * socket option in order for it to know which interface to use for 2091 * send the multicast packet. 2092 */ 2093void 2094enable_multicast_if( 2095 struct interface * iface, 2096 sockaddr_u * maddr 2097 ) 2098{ 2099#ifdef MCAST 2100 TYPEOF_IP_MULTICAST_LOOP off = 0; 2101 2102 NTP_REQUIRE(AF(maddr) == AF(&iface->sin)); 2103 2104 switch (AF(&iface->sin)) { 2105 2106 case AF_INET: 2107 if (setsockopt(iface->fd, IPPROTO_IP, IP_MULTICAST_IF, 2108 (void *)&NSRCADR(&iface->sin), 2109 sizeof(NSRCADR(&iface->sin)))) { 2110 2111 msyslog(LOG_ERR, 2112 "setsockopt IP_MULTICAST_IF failed: %m on socket %d, addr %s for multicast address %s", 2113 iface->fd, stoa(&iface->sin), 2114 stoa(maddr)); 2115 return; 2116 } 2117#ifdef IP_MULTICAST_LOOP 2118 /* 2119 * Don't send back to itself, but allow failure to set 2120 */ 2121 if (setsockopt(iface->fd, IPPROTO_IP, 2122 IP_MULTICAST_LOOP, 2123 SETSOCKOPT_ARG_CAST &off, 2124 sizeof(off))) { 2125 2126 msyslog(LOG_ERR, 2127 "setsockopt IP_MULTICAST_LOOP failed: %m on socket %d, addr %s for multicast address %s", 2128 iface->fd, stoa(&iface->sin), 2129 stoa(maddr)); 2130 } 2131#endif 2132 DPRINTF(4, ("Added IPv4 multicast interface on socket %d, addr %s for multicast address %s\n", 2133 iface->fd, stoa(&iface->sin), 2134 stoa(maddr))); 2135 break; 2136 2137 case AF_INET6: 2138#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2139 if (setsockopt(iface->fd, IPPROTO_IPV6, 2140 IPV6_MULTICAST_IF, 2141 (char *)&iface->scopeid, 2142 sizeof(iface->scopeid))) { 2143 2144 msyslog(LOG_ERR, 2145 "setsockopt IPV6_MULTICAST_IF failed: %m on socket %d, addr %s, scope %d for multicast address %s", 2146 iface->fd, stoa(&iface->sin), 2147 iface->scopeid, stoa(maddr)); 2148 return; 2149 } 2150#ifdef IPV6_MULTICAST_LOOP 2151 /* 2152 * Don't send back to itself, but allow failure to set 2153 */ 2154 if (setsockopt(iface->fd, IPPROTO_IPV6, 2155 IPV6_MULTICAST_LOOP, 2156 (char *) &off, sizeof(off))) { 2157 2158 msyslog(LOG_ERR, 2159 "setsockopt IP_MULTICAST_LOOP failed: %m on socket %d, addr %s for multicast address %s", 2160 iface->fd, stoa(&iface->sin), 2161 stoa(maddr)); 2162 } 2163#endif 2164 DPRINTF(4, ("Added IPv6 multicast interface on socket %d, addr %s, scope %d for multicast address %s\n", 2165 iface->fd, stoa(&iface->sin), 2166 iface->scopeid, stoa(maddr))); 2167 break; 2168#else 2169 return; 2170#endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2171 } 2172 return; 2173#endif 2174} 2175 2176/* 2177 * Add a multicast address to a given socket 2178 * The socket is in the inter_list all we need to do is enable 2179 * multicasting. It is not this function's job to select the socket 2180 */ 2181#ifdef MCAST 2182static isc_boolean_t 2183socket_multicast_enable( 2184 struct interface * iface, 2185 int lscope, 2186 sockaddr_u * maddr 2187 ) 2188{ 2189 struct ip_mreq mreq; 2190#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2191 struct ipv6_mreq mreq6; 2192#endif 2193 2194 if (find_addr_in_list(maddr) != NULL) { 2195 DPRINTF(4, ("socket_multicast_enable(%s): already enabled\n", 2196 stoa(maddr))); 2197 return ISC_TRUE; 2198 } 2199 2200 switch (AF(maddr)) { 2201 2202 case AF_INET: 2203 memset(&mreq, 0, sizeof(mreq)); 2204 mreq.imr_multiaddr = SOCK_ADDR4(maddr); 2205 mreq.imr_interface.s_addr = htonl(INADDR_ANY); 2206 if (setsockopt(iface->fd, 2207 IPPROTO_IP, 2208 IP_ADD_MEMBERSHIP, 2209 (char *)&mreq, 2210 sizeof(mreq))) { 2211 msyslog(LOG_ERR, 2212 "setsockopt IP_ADD_MEMBERSHIP failed: %m on socket %d, addr %s for %x / %x (%s)", 2213 iface->fd, stoa(&iface->sin), 2214 mreq.imr_multiaddr.s_addr, 2215 mreq.imr_interface.s_addr, 2216 stoa(maddr)); 2217 return ISC_FALSE; 2218 } 2219 DPRINTF(4, ("Added IPv4 multicast membership on socket %d, addr %s for %x / %x (%s)\n", 2220 iface->fd, stoa(&iface->sin), 2221 mreq.imr_multiaddr.s_addr, 2222 mreq.imr_interface.s_addr, stoa(maddr))); 2223 break; 2224 2225 case AF_INET6: 2226#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2227 /* 2228 * Enable reception of multicast packets. 2229 * If the address is link-local we can get the 2230 * interface index from the scope id. Don't do this 2231 * for other types of multicast addresses. For now let 2232 * the kernel figure it out. 2233 */ 2234 memset(&mreq6, 0, sizeof(mreq6)); 2235 mreq6.ipv6mr_multiaddr = SOCK_ADDR6(maddr); 2236 mreq6.ipv6mr_interface = lscope; 2237 2238 if (setsockopt(iface->fd, IPPROTO_IPV6, 2239 IPV6_JOIN_GROUP, (char *)&mreq6, 2240 sizeof(mreq6))) { 2241 msyslog(LOG_ERR, 2242 "setsockopt IPV6_JOIN_GROUP failed: %m on socket %d, addr %s for interface %d (%s)", 2243 iface->fd, stoa(&iface->sin), 2244 mreq6.ipv6mr_interface, stoa(maddr)); 2245 return ISC_FALSE; 2246 } 2247 DPRINTF(4, ("Added IPv6 multicast group on socket %d, addr %s for interface %d(%s)\n", 2248 iface->fd, stoa(&iface->sin), 2249 mreq6.ipv6mr_interface, stoa(maddr))); 2250#else 2251 return ISC_FALSE; 2252#endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2253 } 2254 iface->flags |= INT_MCASTOPEN; 2255 iface->num_mcast++; 2256 add_addr_to_list(maddr, iface); 2257 return ISC_TRUE; 2258} 2259 2260/* 2261 * Remove a multicast address from a given socket 2262 * The socket is in the inter_list all we need to do is disable 2263 * multicasting. It is not this function's job to select the socket 2264 */ 2265static isc_boolean_t 2266socket_multicast_disable( 2267 struct interface * iface, 2268 sockaddr_u * maddr 2269 ) 2270{ 2271#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2272 struct ipv6_mreq mreq6; 2273#endif 2274 struct ip_mreq mreq; 2275 2276 memset(&mreq, 0, sizeof(mreq)); 2277 2278 if (find_addr_in_list(maddr) == NULL) { 2279 DPRINTF(4, ("socket_multicast_disable(%s): not found\n", 2280 stoa(maddr))); 2281 return ISC_TRUE; 2282 } 2283 2284 switch (AF(maddr)) { 2285 2286 case AF_INET: 2287 mreq.imr_multiaddr = SOCK_ADDR4(maddr); 2288 mreq.imr_interface = SOCK_ADDR4(&iface->sin); 2289 if (setsockopt(iface->fd, IPPROTO_IP, 2290 IP_DROP_MEMBERSHIP, (char *)&mreq, 2291 sizeof(mreq))) { 2292 2293 msyslog(LOG_ERR, 2294 "setsockopt IP_DROP_MEMBERSHIP failed: %m on socket %d, addr %s for %x / %x (%s)", 2295 iface->fd, stoa(&iface->sin), 2296 SRCADR(maddr), SRCADR(&iface->sin), 2297 stoa(maddr)); 2298 return ISC_FALSE; 2299 } 2300 break; 2301 case AF_INET6: 2302#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2303 /* 2304 * Disable reception of multicast packets 2305 * If the address is link-local we can get the 2306 * interface index from the scope id. Don't do this 2307 * for other types of multicast addresses. For now let 2308 * the kernel figure it out. 2309 */ 2310 mreq6.ipv6mr_multiaddr = SOCK_ADDR6(maddr); 2311 mreq6.ipv6mr_interface = iface->scopeid; 2312 2313 if (setsockopt(iface->fd, IPPROTO_IPV6, 2314 IPV6_LEAVE_GROUP, (char *)&mreq6, 2315 sizeof(mreq6))) { 2316 2317 msyslog(LOG_ERR, 2318 "setsockopt IPV6_LEAVE_GROUP failure: %m on socket %d, addr %s for %d (%s)", 2319 iface->fd, stoa(&iface->sin), 2320 iface->scopeid, stoa(maddr)); 2321 return ISC_FALSE; 2322 } 2323 break; 2324#else 2325 return ISC_FALSE; 2326#endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2327 } 2328 2329 iface->num_mcast--; 2330 if (!iface->num_mcast) 2331 iface->flags &= ~INT_MCASTOPEN; 2332 2333 return ISC_TRUE; 2334} 2335#endif /* MCAST */ 2336 2337/* 2338 * io_setbclient - open the broadcast client sockets 2339 */ 2340void 2341io_setbclient(void) 2342{ 2343#ifdef OPEN_BCAST_SOCKET 2344 struct interface * interf; 2345 int nif; 2346 isc_boolean_t jstatus; 2347 SOCKET fd; 2348 2349 nif = 0; 2350 set_reuseaddr(1); 2351 2352 for (interf = inter_list; 2353 interf != NULL; 2354 interf = interf->link) { 2355 2356 if (interf->flags & (INT_WILDCARD | INT_LOOPBACK)) 2357 continue; 2358 2359 /* use only allowed addresses */ 2360 if (interf->ignore_packets) 2361 continue; 2362 2363 2364 /* Need a broadcast-capable interface */ 2365 if (!(interf->flags & INT_BROADCAST)) 2366 continue; 2367 2368 /* Only IPv4 addresses are valid for broadcast */ 2369 NTP_REQUIRE(IS_IPV4(&interf->sin)); 2370 2371 /* Do we already have the broadcast address open? */ 2372 if (interf->flags & INT_BCASTOPEN) { 2373 /* 2374 * account for already open interfaces to avoid 2375 * misleading warning below 2376 */ 2377 nif++; 2378 continue; 2379 } 2380 2381 /* 2382 * Try to open the broadcast address 2383 */ 2384 interf->family = AF_INET; 2385 interf->bfd = open_socket(&interf->bcast, 1, 0, interf); 2386 2387 /* 2388 * If we succeeded then we use it otherwise enable 2389 * broadcast on the interface address 2390 */ 2391 if (interf->bfd != INVALID_SOCKET) { 2392 fd = interf->bfd; 2393 jstatus = ISC_TRUE; 2394 } else { 2395 fd = interf->fd; 2396 jstatus = socket_broadcast_enable(interf, fd, 2397 &interf->sin); 2398 } 2399 2400 /* Enable Broadcast on socket */ 2401 if (jstatus) { 2402 nif++; 2403 msyslog(LOG_INFO, 2404 "io_setbclient: Opened broadcast client on interface #%d %s", 2405 interf->ifnum, interf->name); 2406 interf->addr_refid = addr2refid(&interf->sin); 2407 } 2408 } 2409 set_reuseaddr(0); 2410 if (nif > 0) 2411 DPRINTF(1, ("io_setbclient: Opened broadcast clients\n")); 2412 else if (!nif) 2413 msyslog(LOG_ERR, 2414 "Unable to listen for broadcasts, no broadcast interfaces available"); 2415#else 2416 msyslog(LOG_ERR, 2417 "io_setbclient: Broadcast Client disabled by build"); 2418#endif /* OPEN_BCAST_SOCKET */ 2419} 2420 2421/* 2422 * io_unsetbclient - close the broadcast client sockets 2423 */ 2424void 2425io_unsetbclient(void) 2426{ 2427 struct interface *interf; 2428 2429 for (interf = inter_list; 2430 NULL != interf; 2431 interf = interf->link) 2432 { 2433 if (interf->flags & INT_WILDCARD) 2434 continue; 2435 2436 if (!(interf->flags & INT_BCASTOPEN)) 2437 continue; 2438 2439 socket_broadcast_disable(interf, &interf->sin); 2440 } 2441} 2442 2443/* 2444 * io_multicast_add() - add multicast group address 2445 */ 2446void 2447io_multicast_add( 2448 sockaddr_u *addr 2449 ) 2450{ 2451#ifdef MCAST 2452 struct interface *interface; 2453#ifndef MULTICAST_NONEWSOCKET 2454 struct interface *iface; 2455#endif 2456 int lscope = 0; 2457 2458 /* 2459 * Check to see if this is a multicast address 2460 */ 2461 if (!addr_ismulticast(addr)) 2462 return; 2463 2464 /* If we already have it we can just return */ 2465 if (NULL != find_flagged_addr_in_list(addr, INT_MCASTOPEN)) { 2466 msyslog(LOG_INFO, 2467 "Duplicate request found for multicast address %s", 2468 stoa(addr)); 2469 return; 2470 } 2471 2472#ifndef MULTICAST_NONEWSOCKET 2473 interface = new_interface(NULL); 2474 2475 /* 2476 * Open a new socket for the multicast address 2477 */ 2478 interface->family = 2479 AF(&interface->sin) = 2480 AF(&interface->mask) = AF(addr); 2481 SET_PORT(&interface->sin, NTP_PORT); 2482 SET_ONESMASK(&interface->mask); 2483 2484 switch(AF(addr)) { 2485 2486 case AF_INET: 2487 NSRCADR(&interface->sin) = NSRCADR(addr); 2488 break; 2489 2490 case AF_INET6: 2491#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2492 SET_ADDR6N(&interface->sin, SOCK_ADDR6(addr)); 2493 lscope = SCOPE(addr); 2494 SET_SCOPE(&interface->sin, lscope); 2495#endif 2496 iface = findlocalcastinterface(addr); 2497 if (iface != NULL) 2498 DPRINTF(4, ("Found interface #%d %s, scope %d for address %s\n", 2499 iface->ifnum, iface->name, lscope, 2500 stoa(addr))); 2501 } 2502 2503 set_reuseaddr(1); 2504 interface->bfd = INVALID_SOCKET; 2505 interface->fd = open_socket(&interface->sin, INT_MULTICAST, 0, 2506 interface); 2507 2508 if (interface->fd != INVALID_SOCKET) { 2509 interface->bfd = INVALID_SOCKET; 2510 interface->ignore_packets = ISC_FALSE; 2511 interface->flags |= INT_MCASTIF; 2512 2513 strncpy(interface->name, "multicast", 2514 sizeof(interface->name)); 2515 DPRINT_INTERFACE(2, (interface, "multicast add ", "\n")); 2516 /* 2517 * socket_multicast_enable() will add this address to 2518 * the addresslist 2519 */ 2520 add_interface(interface); 2521 list_if_listening(interface); 2522 } else { 2523 /* bind failed, re-use wildcard interface */ 2524 delete_interface(interface); 2525 2526 if (IS_IPV4(addr)) 2527 interface = wildipv4; 2528 else if (IS_IPV6(addr)) 2529 interface = wildipv6; 2530 else 2531 interface = NULL; 2532 2533 if (interface != NULL) { 2534 /* HACK ! -- stuff in an address */ 2535 /* because we don't bind addr? DH */ 2536 interface->bcast = *addr; 2537 msyslog(LOG_ERR, 2538 "multicast address %s using wildcard interface #%d %s", 2539 stoa(addr), interface->ifnum, 2540 interface->name); 2541 } else { 2542 msyslog(LOG_ERR, 2543 "No multicast socket available to use for address %s", 2544 stoa(addr)); 2545 return; 2546 } 2547 } 2548#else 2549 /* 2550 * For the case where we can't use a separate socket 2551 */ 2552 interface = findlocalcastinterface(addr); 2553 /* 2554 * If we don't have a valid socket, just return 2555 */ 2556 if (NULL == interface) { 2557 msyslog(LOG_ERR, 2558 "Can not add multicast address %s: no multicast interface found", 2559 stoa(addr)); 2560 return; 2561 } 2562 2563#endif 2564 if (socket_multicast_enable(interface, lscope, addr)) 2565 msyslog(LOG_INFO, 2566 "Added Multicast Listener %s on interface #%d %s", 2567 stoa(addr), interface->ifnum, interface->name); 2568 else 2569 msyslog(LOG_ERR, "Failed to add Multicast Listener %s", 2570 stoa(addr)); 2571#else /* MCAST */ 2572 msyslog(LOG_ERR, 2573 "Can not add multicast address %s: no multicast support", 2574 stoa(addr)); 2575#endif /* MCAST */ 2576 return; 2577} 2578 2579 2580/* 2581 * io_multicast_del() - delete multicast group address 2582 */ 2583void 2584io_multicast_del( 2585 sockaddr_u * addr 2586 ) 2587{ 2588#ifdef MCAST 2589 struct interface *iface; 2590 2591 /* 2592 * Check to see if this is a multicast address 2593 */ 2594 if (!addr_ismulticast(addr)) { 2595 msyslog(LOG_ERR, "invalid multicast address %s", 2596 stoa(addr)); 2597 return; 2598 } 2599 2600 /* 2601 * Disable reception of multicast packets 2602 */ 2603 while ((iface = find_flagged_addr_in_list(addr, INT_MCASTOPEN)) 2604 != NULL) 2605 socket_multicast_disable(iface, addr); 2606 2607 delete_addr_from_list(addr); 2608 2609#else /* not MCAST */ 2610 msyslog(LOG_ERR, 2611 "Can not delete multicast address %s: no multicast support", 2612 stoa(addr)); 2613#endif /* not MCAST */ 2614} 2615 2616 2617/* 2618 * init_nonblocking_io() - set up descriptor to be non blocking 2619 */ 2620static void init_nonblocking_io( 2621 SOCKET fd 2622 ) 2623{ 2624 /* 2625 * set non-blocking, 2626 */ 2627 2628#ifdef USE_FIONBIO 2629 /* in vxWorks we use FIONBIO, but the others are defined for old systems, so 2630 * all hell breaks loose if we leave them defined 2631 */ 2632#undef O_NONBLOCK 2633#undef FNDELAY 2634#undef O_NDELAY 2635#endif 2636 2637#if defined(O_NONBLOCK) /* POSIX */ 2638 if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) { 2639 msyslog(LOG_ERR, 2640 "fcntl(O_NONBLOCK) fails on fd #%d: %m", fd); 2641 exit(1); 2642 } 2643#elif defined(FNDELAY) 2644 if (fcntl(fd, F_SETFL, FNDELAY) < 0) { 2645 msyslog(LOG_ERR, "fcntl(FNDELAY) fails on fd #%d: %m", 2646 fd); 2647 exit(1); 2648 } 2649#elif defined(O_NDELAY) /* generally the same as FNDELAY */ 2650 if (fcntl(fd, F_SETFL, O_NDELAY) < 0) { 2651 msyslog(LOG_ERR, "fcntl(O_NDELAY) fails on fd #%d: %m", 2652 fd); 2653 exit(1); 2654 } 2655#elif defined(FIONBIO) 2656 { 2657 int on = 1; 2658 2659 if (ioctl(fd, FIONBIO, &on) < 0) { 2660 msyslog(LOG_ERR, 2661 "ioctl(FIONBIO) fails on fd #%d: %m", 2662 fd); 2663 exit(1); 2664 } 2665 } 2666#elif defined(FIOSNBIO) 2667 if (ioctl(fd, FIOSNBIO, &on) < 0) { 2668 msyslog(LOG_ERR, 2669 "ioctl(FIOSNBIO) fails on fd #%d: %m", fd); 2670 exit(1); 2671 } 2672#else 2673# include "Bletch: Need non-blocking I/O!" 2674#endif 2675} 2676 2677/* 2678 * open_socket - open a socket, returning the file descriptor 2679 */ 2680 2681static SOCKET 2682open_socket( 2683 sockaddr_u * addr, 2684 int bcast, 2685 int turn_off_reuse, 2686 struct interface * interf 2687 ) 2688{ 2689 SOCKET fd; 2690 int errval; 2691 char scopetext[16]; 2692 /* 2693 * int is OK for REUSEADR per 2694 * http://www.kohala.com/start/mcast.api.txt 2695 */ 2696 int on = 1; 2697 int off = 0; 2698 2699 if (IS_IPV6(addr) && !ipv6_works) 2700 return INVALID_SOCKET; 2701 2702 /* create a datagram (UDP) socket */ 2703 fd = socket(AF(addr), SOCK_DGRAM, 0); 2704 if (INVALID_SOCKET == fd) { 2705#ifndef SYS_WINNT 2706 errval = errno; 2707#else 2708 errval = WSAGetLastError(); 2709#endif 2710 msyslog(LOG_ERR, 2711 "socket(AF_INET%s, SOCK_DGRAM, 0) failed on address %s: %m", 2712 IS_IPV6(addr) ? "6" : "", stoa(addr)); 2713 2714 if (errval == EPROTONOSUPPORT || 2715 errval == EAFNOSUPPORT || 2716 errval == EPFNOSUPPORT) 2717 return (INVALID_SOCKET); 2718 2719 errno = errval; 2720 msyslog(LOG_ERR, 2721 "unexpected socket() error %m code %d (not EPROTONOSUPPORT nor EAFNOSUPPORT nor EPFNOSUPPORT) - exiting", 2722 errno); 2723 exit(1); 2724 } 2725 2726#ifdef SYS_WINNT 2727 connection_reset_fix(fd, addr); 2728#endif 2729 /* 2730 * Fixup the file descriptor for some systems 2731 * See bug #530 for details of the issue. 2732 */ 2733 fd = move_fd(fd); 2734 2735 /* 2736 * set SO_REUSEADDR since we will be binding the same port 2737 * number on each interface according to turn_off_reuse. 2738 * This is undesirable on Windows versions starting with 2739 * Windows XP (numeric version 5.1). 2740 */ 2741#ifdef SYS_WINNT 2742 if (isc_win32os_versioncheck(5, 1, 0, 0) < 0) /* before 5.1 */ 2743#endif 2744 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, 2745 (char *)((turn_off_reuse) 2746 ? &off 2747 : &on), 2748 sizeof(on))) { 2749 2750 msyslog(LOG_ERR, 2751 "setsockopt SO_REUSEADDR %s fails for address %s: %m", 2752 (turn_off_reuse) 2753 ? "off" 2754 : "on", 2755 stoa(addr)); 2756 closesocket(fd); 2757 return INVALID_SOCKET; 2758 } 2759#ifdef SO_EXCLUSIVEADDRUSE 2760 /* 2761 * setting SO_EXCLUSIVEADDRUSE on the wildcard we open 2762 * first will cause more specific binds to fail. 2763 */ 2764 if (!(interf->flags & INT_WILDCARD)) 2765 set_excladdruse(fd); 2766#endif 2767 2768 /* 2769 * IPv4 specific options go here 2770 */ 2771 if (IS_IPV4(addr)) { 2772#if defined(HAVE_IPTOS_SUPPORT) 2773 if (setsockopt(fd, IPPROTO_IP, IP_TOS, (char *)&qos, 2774 sizeof(qos))) 2775 msyslog(LOG_ERR, 2776 "setsockopt IP_TOS (%02x) fails on address %s: %m", 2777 qos, stoa(addr)); 2778#endif /* HAVE_IPTOS_SUPPORT */ 2779 if (bcast) 2780 socket_broadcast_enable(interf, fd, addr); 2781 } 2782 2783 /* 2784 * IPv6 specific options go here 2785 */ 2786 if (IS_IPV6(addr)) { 2787 /* Avoid predictable bind errors */ 2788 struct in6_ifreq ifr6; 2789 strlcpy(ifr6.ifr_name, interf->name, sizeof(ifr6.ifr_name)); 2790 ifr6.ifr_addr = *(struct sockaddr_in6 *)addr; 2791 if (ioctl(fd, SIOCGIFAFLAG_IN6, &ifr6) >= 0) { 2792 interf->flags6 = ifr6.ifr_ifru.ifru_flags6; 2793 if (interf->flags6 & IN6_AVOID_FLAGS) { 2794 closesocket(fd); 2795 return INVALID_SOCKET; 2796 } 2797 } 2798#if defined(IPV6_V6ONLY) 2799 if (isc_net_probe_ipv6only() == ISC_R_SUCCESS 2800 && setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, 2801 (char*)&on, sizeof(on))) 2802 msyslog(LOG_ERR, 2803 "setsockopt IPV6_V6ONLY on fails on address %s: %m", 2804 stoa(addr)); 2805#endif /* IPV6_V6ONLY */ 2806#if defined(IPV6_BINDV6ONLY) 2807 if (setsockopt(fd, IPPROTO_IPV6, IPV6_BINDV6ONLY, 2808 (char*)&on, sizeof(on))) 2809 msyslog(LOG_ERR, 2810 "setsockopt IPV6_BINDV6ONLY on fails on address %s: %m", 2811 stoa(addr)); 2812#endif /* IPV6_BINDV6ONLY */ 2813 } 2814 2815#ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 2816 /* 2817 * some OSes don't allow binding to more specific 2818 * addresses if a wildcard address already bound 2819 * to the port and SO_REUSEADDR is not set 2820 */ 2821 if (!is_wildcard_addr(addr)) 2822 set_wildcard_reuse(AF(addr), 1); 2823#endif 2824 2825 /* 2826 * bind the local address. 2827 */ 2828 errval = bind(fd, &addr->sa, SOCKLEN(addr)); 2829 2830#ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 2831 if (!is_wildcard_addr(addr)) 2832 set_wildcard_reuse(AF(addr), 0); 2833#endif 2834 2835 if (errval < 0) { 2836 /* 2837 * Don't log this under all conditions 2838 */ 2839 if (turn_off_reuse == 0 2840#ifdef DEBUG 2841 || debug > 1 2842#endif 2843 ) { 2844 if (SCOPE(addr)) 2845 snprintf(scopetext, sizeof(scopetext), 2846 "%%%d", SCOPE(addr)); 2847 else 2848 scopetext[0] = 0; 2849 2850 msyslog(LOG_ERR, 2851 "bind(%d) AF_INET%s %s%s#%d%s flags 0x%x flags6 0x%x failed: %m", 2852 fd, IS_IPV6(addr) ? "6" : "", 2853 stoa(addr), scopetext, SRCPORT(addr), 2854 IS_MCAST(addr) ? " (multicast)" : "", 2855 interf->flags, interf->flags6); 2856 } 2857 2858 closesocket(fd); 2859 2860 return INVALID_SOCKET; 2861 } 2862 2863#ifdef HAVE_TIMESTAMP 2864 { 2865 if (setsockopt(fd, SOL_SOCKET, SO_TIMESTAMP, 2866 (char*)&on, sizeof(on))) 2867 msyslog(LOG_DEBUG, 2868 "setsockopt SO_TIMESTAMP on fails on address %s: %m", 2869 stoa(addr)); 2870 else 2871 DPRINTF(4, ("setsockopt SO_TIMESTAMP enabled on fd %d address %s\n", 2872 fd, stoa(addr))); 2873 } 2874#endif 2875 DPRINTF(4, ("bind(%d) AF_INET%s, addr %s%%%d#%d, flags 0x%x\n", 2876 fd, IS_IPV6(addr) ? "6" : "", stoa(addr), 2877 SCOPE(addr), SRCPORT(addr), interf->flags)); 2878 2879 init_nonblocking_io(fd); 2880 2881#ifdef HAVE_SIGNALED_IO 2882 init_socket_sig(fd); 2883#endif /* not HAVE_SIGNALED_IO */ 2884 2885 add_fd_to_list(fd, FD_TYPE_SOCKET); 2886 2887#if !defined(SYS_WINNT) && !defined(VMS) 2888 DPRINTF(4, ("flags for fd %d: 0x%x\n", fd, 2889 fcntl(fd, F_GETFL, 0))); 2890#endif /* SYS_WINNT || VMS */ 2891 2892#if defined (HAVE_IO_COMPLETION_PORT) 2893/* 2894 * Add the socket to the completion port 2895 */ 2896 if (io_completion_port_add_socket(fd, interf)) { 2897 msyslog(LOG_ERR, "unable to set up io completion port - EXITING"); 2898 exit(1); 2899 } 2900#endif 2901 return fd; 2902} 2903 2904/* XXX ELIMINATE sendpkt similar in ntpq.c, ntpdc.c, ntp_io.c, ntptrace.c */ 2905/* 2906 * sendpkt - send a packet to the specified destination. Maintain a 2907 * send error cache so that only the first consecutive error for a 2908 * destination is logged. 2909 */ 2910void 2911sendpkt( 2912 sockaddr_u *dest, 2913 struct interface *inter, 2914 int ttl, 2915 struct pkt *pkt, 2916 int len 2917 ) 2918{ 2919 int cc; 2920 2921 if (NULL == inter) { 2922 /* 2923 * unbound peer - drop request and wait for better 2924 * network conditions 2925 */ 2926 DPRINTF(2, ("%ssendpkt(dst=%s, ttl=%d, len=%d): no interface - IGNORED\n", 2927 (ttl > 0) ? "\tMCAST\t***** " : "", 2928 stoa(dest), ttl, len)); 2929 return; 2930 } 2931 2932 DPRINTF(2, ("%ssendpkt(%d, dst=%s, src=%s, ttl=%d, len=%d)\n", 2933 (ttl > 0) ? "\tMCAST\t***** " : "", 2934 inter->fd, stoa(dest), stoa(&inter->sin), 2935 ttl, len)); 2936 2937#ifdef MCAST 2938 /* 2939 * for the moment we use the bcast option to set multicast ttl 2940 */ 2941 if (ttl > 0 && ttl != inter->last_ttl) { 2942 /* 2943 * set the multicast ttl for outgoing packets 2944 */ 2945 int rtc; 2946 u_char cttl; 2947 u_int uttl; 2948 2949 switch (AF(&inter->sin)) { 2950 2951 case AF_INET : 2952 cttl = (u_char)ttl; 2953 rtc = setsockopt(inter->fd, IPPROTO_IP, 2954 IP_MULTICAST_TTL, 2955 (void *)&cttl, sizeof(cttl)); 2956 break; 2957 2958#ifdef INCLUDE_IPV6_SUPPORT 2959 case AF_INET6 : 2960 uttl = (u_int)ttl; 2961 rtc = setsockopt(inter->fd, IPPROTO_IPV6, 2962 IPV6_MULTICAST_HOPS, 2963 (void *)&uttl, sizeof(uttl)); 2964 break; 2965#endif /* INCLUDE_IPV6_SUPPORT */ 2966 2967 default: /* just NOP if not supported */ 2968 DPRINTF(1, ("sendpkt unknown AF %d", 2969 AF(&inter->sin))); 2970 rtc = 0; 2971 } 2972 2973 if (!rtc) 2974 inter->last_ttl = ttl; 2975 else 2976 msyslog(LOG_ERR, 2977 "setsockopt IP_MULTICAST_TTL/IPV6_MULTICAST_HOPS fails on address %s: %m", 2978 stoa(&inter->sin)); 2979 } 2980 2981#endif /* MCAST */ 2982 2983#if defined(HAVE_IO_COMPLETION_PORT) 2984 cc = io_completion_port_sendto(inter, pkt, len, dest); 2985 if (cc != ERROR_SUCCESS) { 2986#else 2987#ifdef SIM 2988 cc = simulate_server(dest, inter, pkt); 2989#else /* SIM */ 2990 cc = sendto(inter->fd, (char *)pkt, (unsigned int)len, 0, 2991 (struct sockaddr *)dest, SOCKLEN(dest)); 2992#endif /* SIM */ 2993 if (cc == -1) { 2994#endif 2995 inter->notsent++; 2996 packets_notsent++; 2997 } else { 2998 inter->sent++; 2999 packets_sent++; 3000 } 3001} 3002 3003 3004#if !defined(HAVE_IO_COMPLETION_PORT) 3005/* 3006 * fdbits - generate ascii representation of fd_set (FAU debug support) 3007 * HFDF format - highest fd first. 3008 */ 3009static char * 3010fdbits( 3011 int count, 3012 fd_set *set 3013 ) 3014{ 3015 static char buffer[256]; 3016 char * buf = buffer; 3017 3018 count = min(count, 255); 3019 3020 while (count >= 0) { 3021 *buf++ = FD_ISSET(count, set) ? '#' : '-'; 3022 count--; 3023 } 3024 *buf = '\0'; 3025 3026 return buffer; 3027} 3028 3029/* 3030 * Routine to read the refclock packets for a specific interface 3031 * Return the number of bytes read. That way we know if we should 3032 * read it again or go on to the next one if no bytes returned 3033 */ 3034static inline int 3035read_refclock_packet(SOCKET fd, struct refclockio *rp, l_fp ts) 3036{ 3037 int i; 3038 int buflen; 3039 register struct recvbuf *rb; 3040 3041 rb = get_free_recv_buffer(); 3042 3043 if (NULL == rb) { 3044 /* 3045 * No buffer space available - just drop the packet 3046 */ 3047 char buf[RX_BUFF_SIZE]; 3048 3049 buflen = read(fd, buf, sizeof buf); 3050 packets_dropped++; 3051 return (buflen); 3052 } 3053 3054 i = (rp->datalen == 0 3055 || rp->datalen > sizeof(rb->recv_space)) 3056 ? sizeof(rb->recv_space) 3057 : rp->datalen; 3058 buflen = read(fd, (char *)&rb->recv_space, (unsigned)i); 3059 3060 if (buflen < 0) { 3061 if (errno != EINTR && errno != EAGAIN) 3062 msyslog(LOG_ERR, "clock read fd %d: %m", fd); 3063 freerecvbuf(rb); 3064 return (buflen); 3065 } 3066 3067 /* 3068 * Got one. Mark how and when it got here, 3069 * put it on the full list and do bookkeeping. 3070 */ 3071 rb->recv_length = buflen; 3072 rb->recv_srcclock = rp->srcclock; 3073 rb->dstadr = 0; 3074 rb->fd = fd; 3075 rb->recv_time = ts; 3076 rb->receiver = rp->clock_recv; 3077 3078 if (rp->io_input) { 3079 /* 3080 * have direct input routine for refclocks 3081 */ 3082 if (rp->io_input(rb) == 0) { 3083 /* 3084 * data was consumed - nothing to pass up 3085 * into block input machine 3086 */ 3087 freerecvbuf(rb); 3088 return (buflen); 3089 } 3090 } 3091 3092 add_full_recv_buffer(rb); 3093 3094 rp->recvcount++; 3095 packets_received++; 3096 return (buflen); 3097} 3098 3099 3100#ifdef HAVE_TIMESTAMP 3101/* 3102 * extract timestamps from control message buffer 3103 */ 3104static l_fp 3105fetch_timestamp( 3106 struct recvbuf * rb, 3107 struct msghdr * msghdr, 3108 l_fp ts 3109 ) 3110{ 3111#ifdef USE_TIMESTAMP_CMSG 3112 struct cmsghdr *cmsghdr; 3113 3114 cmsghdr = CMSG_FIRSTHDR(msghdr); 3115 while (cmsghdr != NULL) { 3116 switch (cmsghdr->cmsg_type) 3117 { 3118 case SCM_TIMESTAMP: 3119 { 3120 struct timeval *tvp; 3121 double dtemp; 3122 l_fp nts; 3123 3124 tvp = (struct timeval *)CMSG_DATA(cmsghdr); 3125 DPRINTF(4, ("fetch_timestamp: system network time stamp: %ld.%06ld\n", 3126 tvp->tv_sec, tvp->tv_usec)); 3127 nts.l_i = tvp->tv_sec + JAN_1970; 3128 dtemp = (tvp->tv_usec 3129 + (ntp_random() * 2. / FRAC)) / 1e6; 3130 nts.l_uf = (u_int32)(dtemp * FRAC); 3131#ifdef DEBUG_TIMING 3132 { 3133 l_fp dts; 3134 3135 dts = ts; 3136 L_SUB(&dts, &nts); 3137 collect_timing(rb, 3138 "input processing delay", 3139 1, &dts); 3140 DPRINTF(4, ("fetch_timestamp: timestamp delta: %s (incl. prec fuzz)\n", 3141 lfptoa(&dts, 9))); 3142 } 3143#endif 3144 ts = nts; /* network time stamp */ 3145 break; 3146 } 3147 default: 3148 DPRINTF(4, ("fetch_timestamp: skipping control message 0x%x\n", 3149 cmsghdr->cmsg_type)); 3150 } 3151 cmsghdr = CMSG_NXTHDR(msghdr, cmsghdr); 3152 } 3153#endif 3154 return ts; 3155} 3156#endif 3157 3158 3159/* 3160 * Routine to read the network NTP packets for a specific interface 3161 * Return the number of bytes read. That way we know if we should 3162 * read it again or go on to the next one if no bytes returned 3163 */ 3164static inline int 3165read_network_packet( 3166 SOCKET fd, 3167 struct interface * itf, 3168 l_fp ts 3169 ) 3170{ 3171 GETSOCKNAME_SOCKLEN_TYPE fromlen; 3172 int buflen; 3173 register struct recvbuf *rb; 3174#ifdef HAVE_TIMESTAMP 3175 struct msghdr msghdr; 3176 struct iovec iovec; 3177 char control[TIMESTAMP_CTLMSGBUF_SIZE]; 3178#endif 3179 3180 /* 3181 * Get a buffer and read the frame. If we 3182 * haven't got a buffer, or this is received 3183 * on a disallowed socket, just dump the 3184 * packet. 3185 */ 3186 3187 rb = get_free_recv_buffer(); 3188 if (NULL == rb || itf->ignore_packets) { 3189 char buf[RX_BUFF_SIZE]; 3190 sockaddr_u from; 3191 3192 if (rb != NULL) 3193 freerecvbuf(rb); 3194 3195 fromlen = sizeof(from); 3196 buflen = recvfrom(fd, buf, sizeof(buf), 0, 3197 &from.sa, &fromlen); 3198 DPRINTF(4, ("%s on (%lu) fd=%d from %s\n", 3199 (itf->ignore_packets) 3200 ? "ignore" 3201 : "drop", 3202 free_recvbuffs(), fd, stoa(&from))); 3203 if (itf->ignore_packets) 3204 packets_ignored++; 3205 else 3206 packets_dropped++; 3207 return (buflen); 3208 } 3209 3210 fromlen = sizeof(rb->recv_srcadr); 3211 3212#ifndef HAVE_TIMESTAMP 3213 rb->recv_length = recvfrom(fd, (char *)&rb->recv_space, 3214 sizeof(rb->recv_space), 0, 3215 &rb->recv_srcadr.sa, &fromlen); 3216#else 3217 iovec.iov_base = &rb->recv_space; 3218 iovec.iov_len = sizeof(rb->recv_space); 3219 msghdr.msg_name = &rb->recv_srcadr; 3220 msghdr.msg_namelen = fromlen; 3221 msghdr.msg_iov = &iovec; 3222 msghdr.msg_iovlen = 1; 3223 msghdr.msg_control = (void *)&control; 3224 msghdr.msg_controllen = sizeof(control); 3225 msghdr.msg_flags = 0; 3226 rb->recv_length = recvmsg(fd, &msghdr, 0); 3227#endif 3228 3229 buflen = rb->recv_length; 3230 3231 if (buflen == 0 || (buflen == -1 && 3232 (EWOULDBLOCK == errno 3233#ifdef EAGAIN 3234 || EAGAIN == errno 3235#endif 3236 ))) { 3237 freerecvbuf(rb); 3238 return (buflen); 3239 } else if (buflen < 0) { 3240 msyslog(LOG_ERR, "recvfrom(%s) fd=%d: %m", 3241 stoa(&rb->recv_srcadr), fd); 3242 DPRINTF(5, ("read_network_packet: fd=%d dropped (bad recvfrom)\n", 3243 fd)); 3244 freerecvbuf(rb); 3245 return (buflen); 3246 } 3247 3248 DPRINTF(3, ("read_network_packet: fd=%d length %d from %s\n", 3249 fd, buflen, stoa(&rb->recv_srcadr))); 3250 3251 /* 3252 * Got one. Mark how and when it got here, 3253 * put it on the full list and do bookkeeping. 3254 */ 3255 rb->dstadr = itf; 3256 rb->fd = fd; 3257#ifdef HAVE_TIMESTAMP 3258 /* pick up a network time stamp if possible */ 3259 ts = fetch_timestamp(rb, &msghdr, ts); 3260#endif 3261 rb->recv_time = ts; 3262 rb->receiver = receive; 3263 3264 add_full_recv_buffer(rb); 3265 3266 itf->received++; 3267 packets_received++; 3268 return (buflen); 3269} 3270 3271 3272/* 3273 * input_handler - receive packets asynchronously 3274 */ 3275void 3276input_handler( 3277 l_fp *cts 3278 ) 3279{ 3280 extern void trigger_timer(); 3281 int buflen; 3282 int n; 3283 int doing; 3284 SOCKET fd; 3285 struct timeval tvzero; 3286 l_fp ts; /* Timestamp at BOselect() gob */ 3287#ifdef DEBUG_TIMING 3288 l_fp ts_e; /* Timestamp at EOselect() gob */ 3289#endif 3290 fd_set fds; 3291 int select_count = 0; 3292 struct interface *interface; 3293#if defined(HAS_ROUTING_SOCKET) 3294 struct asyncio_reader *asyncio_reader; 3295#endif 3296 3297 handler_calls++; 3298 3299 /* 3300 * If we have something to do, freeze a timestamp. 3301 * See below for the other cases (nothing left to do or error) 3302 */ 3303 ts = *cts; 3304 3305 /* 3306 * Do a poll to see who has data 3307 */ 3308 3309 fds = activefds; 3310 tvzero.tv_sec = tvzero.tv_usec = 0; 3311 3312 n = select(maxactivefd + 1, &fds, (fd_set *)0, (fd_set *)0, 3313 &tvzero); 3314 3315 /* 3316 * If there are no packets waiting just return 3317 */ 3318 if (n < 0) { 3319 int err = errno; 3320 /* 3321 * extended FAU debugging output 3322 */ 3323 if (err != EINTR) 3324 msyslog(LOG_ERR, 3325 "select(%d, %s, 0L, 0L, &0.0) error: %m", 3326 maxactivefd + 1, 3327 fdbits(maxactivefd, &activefds)); 3328 if (err == EBADF) { 3329 int j, b; 3330 fds = activefds; 3331 for (j = 0; j <= maxactivefd; j++) 3332 if ((FD_ISSET(j, &fds) 3333 && (read(j, &b, 0) == -1))) 3334 msyslog(LOG_ERR, 3335 "Bad file descriptor %d", 3336 j); 3337 } 3338 return; 3339 } 3340 else if (n == 0) 3341 return; 3342 3343 ++handler_pkts; 3344 3345#ifdef REFCLOCK 3346 /* 3347 * Check out the reference clocks first, if any 3348 */ 3349 3350 if (refio != NULL) { 3351 register struct refclockio *rp; 3352 3353 for (rp = refio; rp != NULL; rp = rp->next) { 3354 fd = rp->fd; 3355 3356 if (FD_ISSET(fd, &fds)) 3357 do { 3358 ++select_count; 3359 buflen = read_refclock_packet( 3360 fd, rp, ts); 3361 } while (buflen > 0); 3362 } 3363 } 3364#endif /* REFCLOCK */ 3365 3366 /* 3367 * Loop through the interfaces looking for data to read. 3368 */ 3369 for (interface = inter_list; 3370 interface != NULL; 3371 interface = interface->link) { 3372 3373 for (doing = 0; (doing < 2); doing++) { 3374 if (!doing) 3375 fd = interface->fd; 3376 else { 3377 if (!(interface->flags & INT_BCASTOPEN)) 3378 break; 3379 fd = interface->bfd; 3380 } 3381 if (fd < 0) 3382 continue; 3383 if (FD_ISSET(fd, &fds)) 3384 do { 3385 ++select_count; 3386 buflen = read_network_packet( 3387 fd, interface, 3388 ts); 3389 } while (buflen > 0); 3390 /* Check more interfaces */ 3391 } 3392 } 3393 3394#ifdef HAS_ROUTING_SOCKET 3395 /* 3396 * scan list of asyncio readers - currently only used for routing sockets 3397 */ 3398 asyncio_reader = asyncio_reader_list; 3399 3400 while (asyncio_reader != NULL) { 3401 if (FD_ISSET(asyncio_reader->fd, &fds)) { 3402 ++select_count; 3403 (asyncio_reader->receiver)(asyncio_reader); 3404 } 3405 asyncio_reader = asyncio_reader->link; 3406 } 3407#endif /* HAS_ROUTING_SOCKET */ 3408 trigger_timer(); 3409 /* 3410 * Done everything from that select. 3411 */ 3412 3413 /* 3414 * If nothing to do, just return. 3415 * If an error occurred, complain and return. 3416 */ 3417 if (select_count == 0) { /* We really had nothing to do */ 3418#ifdef DEBUG 3419 if (debug) 3420 msyslog(LOG_DEBUG, "input_handler: select() returned 0"); 3421#endif 3422 return; 3423 } 3424 /* We've done our work */ 3425#ifdef DEBUG_TIMING 3426 get_systime(&ts_e); 3427 /* 3428 * (ts_e - ts) is the amount of time we spent 3429 * processing this gob of file descriptors. Log 3430 * it. 3431 */ 3432 L_SUB(&ts_e, &ts); 3433 collect_timing(NULL, "input handler", 1, &ts_e); 3434 if (debug > 3) 3435 msyslog(LOG_DEBUG, 3436 "input_handler: Processed a gob of fd's in %s msec", 3437 lfptoms(&ts_e, 6)); 3438#endif 3439 /* just bail. */ 3440 return; 3441} 3442#endif 3443 3444/* 3445 * findinterface - find local interface corresponding to address 3446 */ 3447struct interface * 3448findinterface( 3449 sockaddr_u *addr 3450 ) 3451{ 3452 struct interface *iface; 3453 3454 iface = findlocalinterface(addr, INT_WILDCARD, 0); 3455 3456 if (NULL == iface) { 3457 DPRINTF(4, ("Found no interface for address %s - returning wildcard\n", 3458 stoa(addr))); 3459 3460 iface = ANY_INTERFACE_CHOOSE(addr); 3461 } else 3462 DPRINTF(4, ("Found interface #%d %s for address %s\n", 3463 iface->ifnum, iface->name, stoa(addr))); 3464 3465 return iface; 3466} 3467 3468/* 3469 * findlocalinterface - find local interface corresponding to addr, 3470 * which does not have any of flags set. If bast is nonzero, addr is 3471 * a broadcast address. 3472 * 3473 * This code attempts to find the local sending address for an outgoing 3474 * address by connecting a new socket to destinationaddress:NTP_PORT 3475 * and reading the sockname of the resulting connect. 3476 * the complicated sequence simulates the routing table lookup 3477 * for to first hop without duplicating any of the routing logic into 3478 * ntpd. preferably we would have used an API call - but its not there - 3479 * so this is the best we can do here short of duplicating to entire routing 3480 * logic in ntpd which would be a silly and really unportable thing to do. 3481 * 3482 */ 3483static struct interface * 3484findlocalinterface( 3485 sockaddr_u * addr, 3486 int flags, 3487 int bcast 3488 ) 3489{ 3490 GETSOCKNAME_SOCKLEN_TYPE sockaddrlen; 3491 struct interface * iface; 3492 sockaddr_u saddr; 3493 SOCKET s; 3494 int rtn; 3495 int on; 3496 3497 DPRINTF(4, ("Finding interface for addr %s in list of addresses\n", 3498 stoa(addr))); 3499 3500 s = socket(AF(addr), SOCK_DGRAM, 0); 3501 if (INVALID_SOCKET == s) 3502 return NULL; 3503 3504 /* 3505 * If we are looking for broadcast interface we need to set this 3506 * socket to allow broadcast 3507 */ 3508 if (bcast) { 3509 on = 1; 3510 setsockopt(s, SOL_SOCKET, SO_BROADCAST, 3511 (char *)&on, sizeof(on)); 3512 } 3513 3514 rtn = connect(s, &addr->sa, SOCKLEN(addr)); 3515 if (SOCKET_ERROR == rtn) { 3516 closesocket(s); 3517 return NULL; 3518 } 3519 3520 sockaddrlen = sizeof(saddr); 3521 rtn = getsockname(s, &saddr.sa, &sockaddrlen); 3522 closesocket(s); 3523 3524 if (SOCKET_ERROR == rtn) 3525 return NULL; 3526 3527 DPRINTF(4, ("findlocalinterface: kernel maps %s to %s\n", 3528 stoa(addr), stoa(&saddr))); 3529 3530 iface = getinterface(&saddr, flags); 3531 3532 /* 3533 * if we didn't find an exact match on saddr check for an 3534 * interface on the same subnet as saddr. This handles the 3535 * case of the address suggested by the kernel being 3536 * excluded by the user's -I and -L options to ntpd, when 3537 * another address is enabled on the same subnet. 3538 * See http://bugs.ntp.org/1184 for more detail. 3539 */ 3540 if (NULL == iface || iface->ignore_packets) 3541 iface = getsamenetinterface(&saddr, flags); 3542 3543 /* Don't use an interface which will ignore replies */ 3544 if (iface != NULL && iface->ignore_packets) 3545 iface = NULL; 3546 3547 return iface; 3548} 3549 3550 3551/* 3552 * fetch an interface structure the matches the 3553 * address and has the given flags NOT set 3554 */ 3555static struct interface * 3556getinterface( 3557 sockaddr_u * addr, 3558 int flags 3559 ) 3560{ 3561 struct interface *iface; 3562 3563 iface = find_addr_in_list(addr); 3564 3565 if (iface != NULL && (iface->flags & flags)) 3566 iface = NULL; 3567 3568 return iface; 3569} 3570 3571 3572/* 3573 * fetch an interface structure with a local address on the same subnet 3574 * as addr which has the given flags NOT set 3575 */ 3576static struct interface * 3577getsamenetinterface( 3578 sockaddr_u * addr, 3579 int flags 3580 ) 3581{ 3582 struct interface *iface; 3583 3584 iface = find_samenet_addr_in_list(addr); 3585 3586 if (iface != NULL && (iface->flags & flags)) 3587 iface = NULL; 3588 3589 return iface; 3590} 3591 3592 3593/* 3594 * findlocalcastinterface - find local *cast interface for addr 3595 */ 3596static struct interface * 3597findlocalcastinterface( 3598 sockaddr_u * addr 3599 ) 3600{ 3601 struct interface * iface; 3602 struct interface * nif; 3603#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 3604 isc_boolean_t want_linklocal; 3605#endif 3606 3607 NTP_REQUIRE(addr_ismulticast(addr)); 3608 3609 /* 3610 * see how kernel maps the mcast address 3611 */ 3612 nif = findlocalinterface(addr, 0, 0); 3613 3614 if (nif != NULL && !nif->ignore_packets) { 3615 DPRINTF(2, ("findlocalcastinterface: kernel recommends interface #%d %s for %s\n", 3616 nif->ifnum, nif->name, stoa(addr))); 3617 return nif; 3618 } 3619 3620#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 3621 want_linklocal = (IN6_IS_ADDR_MC_LINKLOCAL(PSOCK_ADDR6(addr)) 3622 || IN6_IS_ADDR_MC_SITELOCAL(PSOCK_ADDR6(addr))); 3623#endif 3624 3625 for (iface = inter_list; 3626 iface != NULL; 3627 iface = iface->link) 3628 { 3629 /* use only allowed addresses */ 3630 if (iface->ignore_packets) 3631 continue; 3632 3633 /* Skip the loopback and wildcard addresses */ 3634 if (iface->flags & (INT_LOOPBACK | INT_WILDCARD)) 3635 continue; 3636 3637 /* Skip if different family */ 3638 if (AF(&iface->sin) != AF(addr)) 3639 continue; 3640 3641 /* Is it multicast capable? */ 3642 if (!(iface->flags & INT_MULTICAST)) 3643 continue; 3644 3645#ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 3646 if (want_linklocal && IS_IPV6(&iface->sin) && 3647 IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(&iface->sin))) { 3648 nif = iface; 3649 break; 3650 } 3651 /* If we want a linklocal address, skip */ 3652 if (want_linklocal) 3653 continue; 3654#endif 3655 nif = iface; 3656 break; 3657 } /* for loop over interfaces */ 3658 3659 if (nif != NULL) 3660 DPRINTF(3, ("findlocalcastinterface: found interface #%d %s for %s\n", 3661 nif->ifnum, nif->name, stoa(addr))); 3662 else 3663 DPRINTF(3, ("findlocalcastinterface: no interface found for %s\n", 3664 stoa(addr))); 3665 return nif; 3666} 3667 3668 3669/* 3670 * findbcastinter - find broadcast interface corresponding to address 3671 */ 3672struct interface * 3673findbcastinter( 3674 sockaddr_u *addr 3675 ) 3676{ 3677#if !defined(MPE) && (defined(SIOCGIFCONF) || defined(SYS_WINNT)) 3678 struct interface *iface; 3679 3680 3681 DPRINTF(4, ("Finding broadcast/multicast interface for addr %s in list of addresses\n", 3682 stoa(addr))); 3683 3684 iface = findlocalinterface(addr, INT_LOOPBACK | INT_WILDCARD, 3685 1); 3686 if (iface != NULL) { 3687 DPRINTF(4, ("Easily found bcast-/mcast- interface index #%d %s\n", 3688 iface->ifnum, iface->name)); 3689 return iface; 3690 } 3691 3692 /* 3693 * plan B - try to find something reasonable in our lists in 3694 * case kernel lookup doesn't help 3695 */ 3696 for (iface = inter_list; 3697 iface != NULL; 3698 iface = iface->link) 3699 { 3700 if (iface->flags & INT_WILDCARD) 3701 continue; 3702 3703 /* Don't bother with ignored interfaces */ 3704 if (iface->ignore_packets) 3705 continue; 3706 3707 /* 3708 * First look if this is the correct family 3709 */ 3710 if(AF(&iface->sin) != AF(addr)) 3711 continue; 3712 3713 /* Skip the loopback addresses */ 3714 if (iface->flags & INT_LOOPBACK) 3715 continue; 3716 3717 /* 3718 * If we are looking to match a multicast address and 3719 * this interface is one... 3720 */ 3721 if (addr_ismulticast(addr) 3722 && (iface->flags & INT_MULTICAST)) { 3723#ifdef INCLUDE_IPV6_SUPPORT 3724 /* 3725 * ...it is the winner unless we're looking for 3726 * an interface to use for link-local multicast 3727 * and its address is not link-local. 3728 */ 3729 if (IS_IPV6(addr) 3730 && IN6_IS_ADDR_MC_LINKLOCAL(PSOCK_ADDR6(addr)) 3731 && !IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(&iface->sin))) 3732 continue; 3733#endif 3734 break; 3735 } 3736 3737 /* 3738 * We match only those interfaces marked as 3739 * broadcastable and either the explicit broadcast 3740 * address or the network portion of the IP address. 3741 * Sloppy. 3742 */ 3743 if (IS_IPV4(addr)) { 3744 if (SOCK_EQ(&iface->bcast, addr)) 3745 break; 3746 3747 if ((NSRCADR(&iface->sin) & NSRCADR(&iface->mask)) 3748 == (NSRCADR(addr) & NSRCADR(&iface->mask))) 3749 break; 3750 } 3751#ifdef INCLUDE_IPV6_SUPPORT 3752 else if(IS_IPV6(addr)) { 3753 if (SOCK_EQ(&iface->bcast, addr)) 3754 break; 3755 3756 if (SOCK_EQ(netof(&iface->sin), netof(addr))) 3757 break; 3758 } 3759#endif 3760 } 3761#endif /* SIOCGIFCONF */ 3762 if (NULL == iface) { 3763 DPRINTF(4, ("No bcast interface found for %s\n", 3764 stoa(addr))); 3765 iface = ANY_INTERFACE_CHOOSE(addr); 3766 } else 3767 DPRINTF(4, ("Found bcast-/mcast- interface index #%d %s\n", 3768 iface->ifnum, iface->name)); 3769 return iface; 3770} 3771 3772 3773/* 3774 * io_clr_stats - clear I/O module statistics 3775 */ 3776void 3777io_clr_stats(void) 3778{ 3779 packets_dropped = 0; 3780 packets_ignored = 0; 3781 packets_received = 0; 3782 packets_sent = 0; 3783 packets_notsent = 0; 3784 3785 handler_calls = 0; 3786 handler_pkts = 0; 3787 io_timereset = current_time; 3788} 3789 3790 3791#ifdef REFCLOCK 3792/* 3793 * io_addclock - add a reference clock to the list and arrange that we 3794 * get SIGIO interrupts from it. 3795 */ 3796int 3797io_addclock( 3798 struct refclockio *rio 3799 ) 3800{ 3801 BLOCKIO(); 3802 3803 /* 3804 * Stuff the I/O structure in the list and mark the descriptor 3805 * in use. There is a harmless (I hope) race condition here. 3806 */ 3807 rio->next = refio; 3808 3809# ifdef HAVE_SIGNALED_IO 3810 if (init_clock_sig(rio)) { 3811 UNBLOCKIO(); 3812 return 0; 3813 } 3814# elif defined(HAVE_IO_COMPLETION_PORT) 3815 if (io_completion_port_add_clock_io(rio)) { 3816 UNBLOCKIO(); 3817 return 0; 3818 } 3819# endif 3820 3821 /* 3822 * enqueue 3823 */ 3824 refio = rio; 3825 3826 /* 3827 * register fd 3828 */ 3829 add_fd_to_list(rio->fd, FD_TYPE_FILE); 3830 3831 UNBLOCKIO(); 3832 return 1; 3833} 3834 3835/* 3836 * io_closeclock - close the clock in the I/O structure given 3837 */ 3838void 3839io_closeclock( 3840 struct refclockio *rio 3841 ) 3842{ 3843 register struct refclockio *rp; 3844 3845 BLOCKIO(); 3846 3847 /* 3848 * Remove structure from the list 3849 */ 3850 if (refio == rio) 3851 refio = rio->next; 3852 else { 3853 for (rp = refio; rp != NULL; rp = rp->next) 3854 if (rp->next == rio) { 3855 rp->next = rio->next; 3856 break; 3857 } 3858 3859 if (NULL == rp) { 3860 UNBLOCKIO(); 3861 return; 3862 } 3863 } 3864 3865 /* 3866 * Close the descriptor. 3867 */ 3868 close_and_delete_fd_from_list(rio->fd); 3869 UNBLOCKIO(); 3870} 3871#endif /* REFCLOCK */ 3872 3873/* 3874 * On NT a SOCKET is an unsigned int so we cannot possibly keep it in 3875 * an array. So we use one of the ISC_LIST functions to hold the 3876 * socket value and use that when we want to enumerate it. 3877 * 3878 * This routine is called by the forked intres child process to close 3879 * all open sockets. On Windows there's no need as intres runs in 3880 * the same process as a thread. 3881 */ 3882#ifndef SYS_WINNT 3883void 3884kill_asyncio(int startfd) 3885{ 3886 BLOCKIO(); 3887 3888 /* 3889 * In the child process we do not maintain activefds and 3890 * maxactivefd. Zeroing maxactivefd disables code which 3891 * maintains it in close_and_delete_fd_from_list(). 3892 */ 3893 maxactivefd = 0; 3894 3895 while (fd_list != NULL) 3896 close_and_delete_fd_from_list(fd_list->fd); 3897 3898 UNBLOCKIO(); 3899} 3900#endif /* !SYS_WINNT */ 3901 3902/* 3903 * Add and delete functions for the list of open sockets 3904 */ 3905static void 3906add_fd_to_list( 3907 SOCKET fd, 3908 enum desc_type type 3909 ) 3910{ 3911 vsock_t *lsock = emalloc(sizeof(*lsock)); 3912 3913 lsock->fd = fd; 3914 lsock->type = type; 3915 3916 LINK_SLIST(fd_list, lsock, link); 3917 /* 3918 * I/O Completion Ports don't care about the select and FD_SET 3919 */ 3920#ifndef HAVE_IO_COMPLETION_PORT 3921 if (fd < 0 || fd >= FD_SETSIZE) { 3922 msyslog(LOG_ERR, 3923 "Too many sockets in use, FD_SETSIZE %d exceeded", 3924 FD_SETSIZE); 3925 exit(1); 3926 } 3927 /* 3928 * keep activefds in sync 3929 */ 3930 maxactivefd = max(fd, maxactivefd); 3931 3932 FD_SET(fd, &activefds); 3933#endif 3934} 3935 3936static void 3937close_and_delete_fd_from_list( 3938 SOCKET fd 3939 ) 3940{ 3941 vsock_t *lsock; 3942 3943 UNLINK_EXPR_SLIST(lsock, fd_list, fd == 3944 UNLINK_EXPR_SLIST_CURRENT()->fd, link, vsock_t); 3945 3946 if (lsock != NULL) { 3947 switch (lsock->type) { 3948 case FD_TYPE_SOCKET: 3949 closesocket(lsock->fd); 3950 break; 3951 3952 case FD_TYPE_FILE: 3953 close(lsock->fd); 3954 break; 3955 3956 default: 3957 msyslog(LOG_ERR, 3958 "internal error - illegal descriptor type %d - EXITING", 3959 (int)lsock->type); 3960 exit(1); 3961 } 3962 3963 free(lsock); 3964 /* 3965 * I/O Completion Ports don't care about select and fd_set 3966 */ 3967#ifndef HAVE_IO_COMPLETION_PORT 3968 /* 3969 * remove from activefds 3970 */ 3971 FD_CLR(fd, &activefds); 3972 3973 if (fd == maxactivefd && maxactivefd) { 3974 int i; 3975 NTP_INSIST(maxactivefd - 1 < FD_SETSIZE); 3976 for (i = maxactivefd - 1; i >= 0; i--) 3977 if (FD_ISSET(i, &activefds)) { 3978 maxactivefd = i; 3979 break; 3980 } 3981 NTP_INSIST(fd != maxactivefd); 3982 } 3983#endif 3984 } 3985} 3986 3987static void 3988add_addr_to_list( 3989 sockaddr_u *addr, 3990 struct interface *interface 3991 ) 3992{ 3993 remaddr_t *laddr; 3994 3995#ifdef DEBUG 3996 if (find_addr_in_list(addr) == NULL) { 3997#endif 3998 /* not there yet - add to list */ 3999 laddr = emalloc(sizeof(*laddr)); 4000 memcpy(&laddr->addr, addr, sizeof(laddr->addr)); 4001 laddr->interface = interface; 4002 4003 LINK_SLIST(remoteaddr_list, laddr, link); 4004 4005 DPRINTF(4, ("Added addr %s to list of addresses\n", 4006 stoa(addr))); 4007#ifdef DEBUG 4008 } else 4009 DPRINTF(4, ("WARNING: Attempt to add duplicate addr %s to address list\n", 4010 stoa(addr))); 4011#endif 4012} 4013 4014 4015static void 4016delete_addr_from_list( 4017 sockaddr_u *addr 4018 ) 4019{ 4020 remaddr_t *unlinked; 4021 4022 UNLINK_EXPR_SLIST(unlinked, remoteaddr_list, SOCK_EQ(addr, 4023 &(UNLINK_EXPR_SLIST_CURRENT()->addr)), link, remaddr_t); 4024 4025 if (unlinked != NULL) { 4026 DPRINTF(4, ("Deleted addr %s from list of addresses\n", 4027 stoa(addr))); 4028 free(unlinked); 4029 } 4030} 4031 4032 4033static void 4034delete_interface_from_list( 4035 struct interface *iface 4036 ) 4037{ 4038 remaddr_t *unlinked; 4039 4040 do { 4041 UNLINK_EXPR_SLIST(unlinked, remoteaddr_list, iface == 4042 UNLINK_EXPR_SLIST_CURRENT()->interface, link, 4043 remaddr_t); 4044 4045 if (unlinked != NULL) { 4046 DPRINTF(4, ("Deleted addr %s for interface #%d %s from list of addresses\n", 4047 stoa(&unlinked->addr), iface->ifnum, 4048 iface->name)); 4049 if (addr_ismulticast(&unlinked->addr)) 4050 /* find a new interface to use */ 4051 io_multicast_add(&unlinked->addr); 4052 free(unlinked); 4053 } 4054 } while (unlinked != NULL); 4055} 4056 4057 4058static struct interface * 4059find_addr_in_list( 4060 sockaddr_u *addr 4061 ) 4062{ 4063 remaddr_t *entry; 4064 4065 DPRINTF(4, ("Searching for addr %s in list of addresses - ", 4066 stoa(addr))); 4067 4068 for (entry = remoteaddr_list; 4069 entry != NULL; 4070 entry = entry->link) 4071 if (SOCK_EQ(&entry->addr, addr)) { 4072 DPRINTF(4, ("FOUND\n")); 4073 return entry->interface; 4074 } 4075 4076 DPRINTF(4, ("NOT FOUND\n")); 4077 return NULL; 4078} 4079 4080static inline isc_boolean_t 4081same_network_v4( 4082 struct sockaddr_in *addr1, 4083 struct sockaddr_in *mask, 4084 struct sockaddr_in *addr2 4085 ) 4086{ 4087 return (addr1->sin_addr.s_addr & mask->sin_addr.s_addr) 4088 == (addr2->sin_addr.s_addr & mask->sin_addr.s_addr); 4089} 4090 4091#ifdef INCLUDE_IPV6_SUPPORT 4092static inline isc_boolean_t 4093same_network_v6( 4094 struct sockaddr_in6 *addr1, 4095 struct sockaddr_in6 *mask, 4096 struct sockaddr_in6 *addr2 4097 ) 4098{ 4099 int i; 4100 4101 for (i = 0; 4102 i < sizeof(addr1->sin6_addr.s6_addr) / 4103 sizeof(addr1->sin6_addr.s6_addr[0]); 4104 i++) 4105 4106 if ((addr1->sin6_addr.s6_addr[i] & 4107 mask->sin6_addr.s6_addr[i]) 4108 != 4109 (addr2->sin6_addr.s6_addr[i] & 4110 mask->sin6_addr.s6_addr[i])) 4111 4112 return ISC_FALSE; 4113 4114 return ISC_TRUE; 4115} 4116#endif /* INCLUDE_IPV6_SUPPORT */ 4117 4118 4119static isc_boolean_t 4120same_network( 4121 sockaddr_u *a1, 4122 sockaddr_u *mask, 4123 sockaddr_u *a2 4124 ) 4125{ 4126 isc_boolean_t sn; 4127 4128 if (AF(a1) != AF(a2)) 4129 sn = ISC_FALSE; 4130 else if (IS_IPV4(a1)) 4131 sn = same_network_v4(&a1->sa4, &mask->sa4, &a2->sa4); 4132#ifdef INCLUDE_IPV6_SUPPORT 4133 else if (IS_IPV6(a1)) 4134 sn = same_network_v6(&a1->sa6, &mask->sa6, &a2->sa6); 4135#endif 4136 else 4137 sn = ISC_FALSE; 4138 4139 return sn; 4140} 4141 4142/* 4143 * Find an address in the list on the same network as addr which is not 4144 * addr. 4145 */ 4146static struct interface * 4147find_samenet_addr_in_list( 4148 sockaddr_u *addr 4149 ) 4150{ 4151 remaddr_t *entry; 4152 4153 DPRINTF(4, ("Searching for addr with same subnet as %s in list of addresses - ", 4154 stoa(addr))); 4155 4156 for (entry = remoteaddr_list; 4157 entry != NULL; 4158 entry = entry->link) 4159 4160 if (!SOCK_EQ(addr, &entry->addr) 4161 && same_network(&entry->addr, 4162 &entry->interface->mask, 4163 addr)) { 4164 DPRINTF(4, ("FOUND\n")); 4165 return entry->interface; 4166 } 4167 4168 DPRINTF(4, ("NOT FOUND\n")); 4169 return NULL; 4170} 4171 4172 4173/* 4174 * Find the given address with the all given flags set in the list 4175 */ 4176static struct interface * 4177find_flagged_addr_in_list( 4178 sockaddr_u * addr, 4179 int flags 4180 ) 4181{ 4182 remaddr_t *entry; 4183 4184 DPRINTF(4, ("Finding addr %s with flags %d in list: ", 4185 stoa(addr), flags)); 4186 4187 for (entry = remoteaddr_list; 4188 entry != NULL; 4189 entry = entry->link) 4190 4191 if (SOCK_EQ(&entry->addr, addr) 4192 && (entry->interface->flags & flags) == flags) { 4193 4194 DPRINTF(4, ("FOUND\n")); 4195 return entry->interface; 4196 } 4197 4198 DPRINTF(4, ("NOT FOUND\n")); 4199 return NULL; 4200} 4201 4202 4203#ifdef HAS_ROUTING_SOCKET 4204# ifndef UPDATE_GRACE 4205# define UPDATE_GRACE 2 /* wait UPDATE_GRACE seconds before scanning */ 4206# endif 4207 4208static void 4209process_routing_msgs(struct asyncio_reader *reader) 4210{ 4211 char buffer[5120]; 4212 int cnt, msg_type; 4213#ifdef HAVE_RTNETLINK 4214 struct nlmsghdr *nh; 4215#else 4216 struct rt_msghdr *rtm; 4217 char *p; 4218#endif 4219 4220 if (disable_dynamic_updates) { 4221 /* 4222 * discard ourselves if we are not needed any more 4223 * usually happens when running unprivileged 4224 */ 4225 remove_asyncio_reader(reader); 4226 delete_asyncio_reader(reader); 4227 return; 4228 } 4229 4230 cnt = read(reader->fd, buffer, sizeof(buffer)); 4231 4232 if (cnt < 0) { 4233 msyslog(LOG_ERR, 4234 "i/o error on routing socket %m - disabling"); 4235 remove_asyncio_reader(reader); 4236 delete_asyncio_reader(reader); 4237 return; 4238 } 4239 4240 /* 4241 * process routing message 4242 */ 4243#ifdef HAVE_RTNETLINK 4244 for (nh = (struct nlmsghdr *)buffer; 4245 NLMSG_OK(nh, cnt); 4246 nh = NLMSG_NEXT(nh, cnt)) { 4247 msg_type = nh->nlmsg_type; 4248#else 4249 for (p = buffer; 4250 (p + sizeof(struct rt_msghdr)) <= (buffer + cnt); 4251 p += rtm->rtm_msglen) { 4252 rtm = (struct rt_msghdr *)p; 4253 if (rtm->rtm_version != RTM_VERSION) { 4254 msyslog(LOG_ERR, 4255 "version mismatch (got %d - expected %d) on routing socket - disabling", 4256 rtm->rtm_version, RTM_VERSION); 4257 4258 remove_asyncio_reader(reader); 4259 delete_asyncio_reader(reader); 4260 return; 4261 } 4262 msg_type = rtm->rtm_type; 4263#endif 4264 switch (msg_type) { 4265#ifdef RTM_NEWADDR 4266 case RTM_NEWADDR: 4267#endif 4268#ifdef RTM_DELADDR 4269 case RTM_DELADDR: 4270#endif 4271#ifdef RTM_ADD 4272 case RTM_ADD: 4273#endif 4274#ifdef RTM_DELETE 4275 case RTM_DELETE: 4276#endif 4277#ifdef RTM_REDIRECT 4278 case RTM_REDIRECT: 4279#endif 4280#ifdef RTM_CHANGE 4281 case RTM_CHANGE: 4282#endif 4283#ifdef RTM_LOSING 4284 case RTM_LOSING: 4285#endif 4286#ifdef RTM_IFINFO 4287 case RTM_IFINFO: 4288#endif 4289#ifdef RTM_IFANNOUNCE 4290 case RTM_IFANNOUNCE: 4291#endif 4292#ifdef RTM_NEWLINK 4293 case RTM_NEWLINK: 4294#endif 4295#ifdef RTM_DELLINK 4296 case RTM_DELLINK: 4297#endif 4298#ifdef RTM_NEWROUTE 4299 case RTM_NEWROUTE: 4300#endif 4301#ifdef RTM_DELROUTE 4302 case RTM_DELROUTE: 4303#endif 4304 /* 4305 * we are keen on new and deleted addresses and 4306 * if an interface goes up and down or routing 4307 * changes 4308 */ 4309 DPRINTF(3, ("routing message op = %d: scheduling interface update\n", 4310 msg_type)); 4311 timer_interfacetimeout(current_time + UPDATE_GRACE); 4312 break; 4313#ifdef HAVE_RTNETLINK 4314 case NLMSG_DONE: 4315 /* end of multipart message */ 4316 return; 4317#endif 4318 default: 4319 /* 4320 * the rest doesn't bother us. 4321 */ 4322 DPRINTF(4, ("routing message op = %d: ignored\n", 4323 msg_type)); 4324 break; 4325 } 4326 } 4327} 4328 4329/* 4330 * set up routing notifications 4331 */ 4332static void 4333init_async_notifications() 4334{ 4335 struct asyncio_reader *reader; 4336#ifdef HAVE_RTNETLINK 4337 int fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE); 4338 struct sockaddr_nl sa; 4339#else 4340 int fd = socket(PF_ROUTE, SOCK_RAW, 0); 4341#endif 4342 if (fd < 0) { 4343 msyslog(LOG_ERR, 4344 "unable to open routing socket (%m) - using polled interface update"); 4345 return; 4346 } 4347 4348 fd = move_fd(fd); 4349#ifdef HAVE_RTNETLINK 4350 memset(&sa, 0, sizeof(sa)); 4351 sa.nl_family = PF_NETLINK; 4352 sa.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR 4353 | RTMGRP_IPV6_IFADDR | RTMGRP_IPV4_ROUTE 4354 | RTMGRP_IPV4_MROUTE | RTMGRP_IPV6_ROUTE 4355 | RTMGRP_IPV6_MROUTE; 4356 if (bind(fd, (struct sockaddr *)&sa, sizeof(sa)) < 0) { 4357 msyslog(LOG_ERR, 4358 "bind failed on routing socket (%m) - using polled interface update"); 4359 return; 4360 } 4361#endif 4362 init_nonblocking_io(fd); 4363#if defined(HAVE_SIGNALED_IO) 4364 init_socket_sig(fd); 4365#endif /* HAVE_SIGNALED_IO */ 4366 4367 reader = new_asyncio_reader(); 4368 4369 reader->fd = fd; 4370 reader->receiver = process_routing_msgs; 4371 4372 add_asyncio_reader(reader, FD_TYPE_SOCKET); 4373 msyslog(LOG_INFO, 4374 "Listening on routing socket on fd #%d for interface updates", 4375 fd); 4376} 4377#else 4378/* HAS_ROUTING_SOCKET not defined */ 4379static void 4380init_async_notifications(void) 4381{ 4382} 4383#endif 4384