1 /* $NetBSD: ntp_io.c,v 1.6 2011/09/14 16:18:29 christos Exp $ */ 2 3 /* 4 * ntp_io.c - input/output routines for ntpd. The socket-opening code 5 * was shamelessly stolen from ntpd. 6 */ 7 8 #ifdef HAVE_CONFIG_H 9 # include <config.h> 10 #endif 11 12 #include <stdio.h> 13 #include <signal.h> 14 #ifdef HAVE_SYS_PARAM_H 15 # include <sys/param.h> 16 #endif 17 #ifdef HAVE_SYS_IOCTL_H 18 # include <sys/ioctl.h> 19 #endif 20 #ifdef HAVE_SYS_SOCKIO_H /* UXPV: SIOC* #defines (Frank Vance <fvance@waii.com>) */ 21 # include <sys/sockio.h> 22 #endif 23 #ifdef HAVE_SYS_UIO_H 24 # include <sys/uio.h> 25 #endif 26 27 #include "ntp_machine.h" 28 #include "ntpd.h" 29 #include "ntp_io.h" 30 #include "iosignal.h" 31 #include "ntp_lists.h" 32 #include "ntp_refclock.h" 33 #include "ntp_stdlib.h" 34 #include "ntp_request.h" 35 #include "ntp.h" 36 #include "ntp_unixtime.h" 37 #include "ntp_assert.h" 38 #include "ntpd-opts.h" 39 40 /* Don't include ISC's version of IPv6 variables and structures */ 41 #define ISC_IPV6_H 1 42 #include <isc/mem.h> 43 #include <isc/interfaceiter.h> 44 #include <isc/netaddr.h> 45 #include <isc/result.h> 46 #include <isc/sockaddr.h> 47 48 #ifdef SIM 49 #include "ntpsim.h" 50 #endif 51 52 #ifdef HAS_ROUTING_SOCKET 53 # include <net/route.h> 54 # ifdef HAVE_RTNETLINK 55 # include <linux/rtnetlink.h> 56 # endif 57 #endif 58 59 60 /* 61 * setsockopt does not always have the same arg declaration 62 * across all platforms. If it's not defined we make it empty 63 */ 64 65 #ifndef SETSOCKOPT_ARG_CAST 66 #define SETSOCKOPT_ARG_CAST 67 #endif 68 69 extern int listen_to_virtual_ips; 70 71 /* 72 * NIC rule entry 73 */ 74 typedef struct nic_rule_tag nic_rule; 75 76 struct nic_rule_tag { 77 nic_rule * next; 78 nic_rule_action action; 79 nic_rule_match match_type; 80 char * if_name; 81 isc_netaddr_t netaddr; 82 int prefixlen; 83 }; 84 85 /* 86 * NIC rule listhead. Entries are added at the head so that the first 87 * match in the list is the last matching rule specified. 88 */ 89 nic_rule *nic_rule_list; 90 91 92 #if defined(SO_TIMESTAMP) && defined(SCM_TIMESTAMP) 93 #if defined(CMSG_FIRSTHDR) 94 #define HAVE_TIMESTAMP 95 #define USE_TIMESTAMP_CMSG 96 #ifndef TIMESTAMP_CTLMSGBUF_SIZE 97 #define TIMESTAMP_CTLMSGBUF_SIZE 1536 /* moderate default */ 98 #endif 99 #else 100 /* fill in for old/other timestamp interfaces */ 101 #endif 102 #endif 103 104 #if defined(SYS_WINNT) 105 #include <transmitbuff.h> 106 #include <isc/win32os.h> 107 /* 108 * Windows C runtime ioctl() can't deal properly with sockets, 109 * map to ioctlsocket for this source file. 110 */ 111 #define ioctl(fd, opt, val) ioctlsocket((fd), (opt), (u_long *)(val)) 112 #endif /* SYS_WINNT */ 113 114 /* 115 * We do asynchronous input using the SIGIO facility. A number of 116 * recvbuf buffers are preallocated for input. In the signal 117 * handler we poll to see which sockets are ready and read the 118 * packets from them into the recvbuf's along with a time stamp and 119 * an indication of the source host and the interface it was received 120 * through. This allows us to get as accurate receive time stamps 121 * as possible independent of other processing going on. 122 * 123 * We watch the number of recvbufs available to the signal handler 124 * and allocate more when this number drops below the low water 125 * mark. If the signal handler should run out of buffers in the 126 * interim it will drop incoming frames, the idea being that it is 127 * better to drop a packet than to be inaccurate. 128 */ 129 130 131 /* 132 * Other statistics of possible interest 133 */ 134 volatile u_long packets_dropped; /* total number of packets dropped on reception */ 135 volatile u_long packets_ignored; /* packets received on wild card interface */ 136 volatile u_long packets_received; /* total number of packets received */ 137 u_long packets_sent; /* total number of packets sent */ 138 u_long packets_notsent; /* total number of packets which couldn't be sent */ 139 140 volatile u_long handler_calls; /* number of calls to interrupt handler */ 141 volatile u_long handler_pkts; /* number of pkts received by handler */ 142 u_long io_timereset; /* time counters were reset */ 143 144 /* 145 * Interface stuff 146 */ 147 struct interface *any_interface; /* default ipv4 interface */ 148 struct interface *any6_interface; /* default ipv6 interface */ 149 struct interface *loopback_interface; /* loopback ipv4 interface */ 150 151 isc_boolean_t broadcast_client_enabled; /* is broadcast client enabled */ 152 int ninterfaces; /* Total number of interfaces */ 153 154 int disable_dynamic_updates; /* scan interfaces once only */ 155 156 #ifdef REFCLOCK 157 /* 158 * Refclock stuff. We keep a chain of structures with data concerning 159 * the guys we are doing I/O for. 160 */ 161 static struct refclockio *refio; 162 #endif /* REFCLOCK */ 163 164 #if defined(HAVE_IPTOS_SUPPORT) 165 /* set IP_TOS to minimize packet delay */ 166 # if defined(IPTOS_PREC_INTERNETCONTROL) 167 unsigned int qos = IPTOS_PREC_INTERNETCONTROL; 168 # else 169 unsigned int qos = IPTOS_LOWDELAY; 170 # endif 171 #endif 172 173 /* 174 * File descriptor masks etc. for call to select 175 * Not needed for I/O Completion Ports 176 */ 177 fd_set activefds; 178 int maxactivefd; 179 /* 180 * bit alternating value to detect verified interfaces during an update cycle 181 */ 182 static u_short sys_interphase = 0; 183 184 static struct interface *new_interface (struct interface *); 185 static void add_interface (struct interface *); 186 static int update_interfaces(u_short, interface_receiver_t, void *); 187 static void remove_interface(struct interface *); 188 static struct interface *create_interface(u_short, struct interface *); 189 190 static int move_fd (SOCKET); 191 static int is_wildcard_addr (sockaddr_u *); 192 static int is_wildcard_netaddr (const isc_netaddr_t *); 193 194 /* 195 * Multicast functions 196 */ 197 static isc_boolean_t addr_ismulticast (sockaddr_u *); 198 /* 199 * Not all platforms support multicast 200 */ 201 #ifdef MCAST 202 static isc_boolean_t socket_multicast_enable (struct interface *, int, sockaddr_u *); 203 static isc_boolean_t socket_multicast_disable(struct interface *, sockaddr_u *); 204 #endif 205 206 #ifdef DEBUG 207 static void interface_dump (struct interface *); 208 static void sockaddr_dump (sockaddr_u *psau); 209 static void print_interface (struct interface *, const char *, const char *); 210 #define DPRINT_INTERFACE(level, args) do { if (debug >= (level)) { print_interface args; } } while (0) 211 #else 212 #define DPRINT_INTERFACE(level, args) do {} while (0) 213 #endif 214 215 typedef struct vsock vsock_t; 216 enum desc_type { FD_TYPE_SOCKET, FD_TYPE_FILE }; 217 218 struct vsock { 219 vsock_t * link; 220 SOCKET fd; 221 enum desc_type type; 222 }; 223 224 vsock_t *fd_list; 225 226 #if !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) 227 /* 228 * async notification processing (e. g. routing sockets) 229 */ 230 /* 231 * support for receiving data on fd that is not a refclock or a socket 232 * like e. g. routing sockets 233 */ 234 struct asyncio_reader { 235 struct asyncio_reader *link; /* the list this is being kept in */ 236 SOCKET fd; /* fd to be read */ 237 void *data; /* possibly local data */ 238 void (*receiver)(struct asyncio_reader *); /* input handler */ 239 }; 240 241 struct asyncio_reader *asyncio_reader_list; 242 243 static void delete_asyncio_reader (struct asyncio_reader *); 244 static struct asyncio_reader *new_asyncio_reader (void); 245 static void add_asyncio_reader (struct asyncio_reader *, enum desc_type); 246 static void remove_asyncio_reader (struct asyncio_reader *); 247 248 #endif /* !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) */ 249 250 static void init_async_notifications (void); 251 252 static int create_sockets (u_short); 253 static SOCKET open_socket (sockaddr_u *, int, int, struct interface *); 254 static char * fdbits (int, fd_set *); 255 static void set_reuseaddr (int); 256 static isc_boolean_t socket_broadcast_enable (struct interface *, SOCKET, sockaddr_u *); 257 static isc_boolean_t socket_broadcast_disable (struct interface *, sockaddr_u *); 258 259 typedef struct remaddr remaddr_t; 260 261 struct remaddr { 262 remaddr_t * link; 263 sockaddr_u addr; 264 struct interface * interface; 265 }; 266 267 remaddr_t * remoteaddr_list; 268 269 struct interface * inter_list; 270 271 static struct interface *wildipv4 = NULL; 272 static struct interface *wildipv6 = NULL; 273 274 static void add_fd_to_list (SOCKET, 275 enum desc_type); 276 static struct interface *find_addr_in_list (sockaddr_u *); 277 static struct interface *find_samenet_addr_in_list(sockaddr_u *); 278 static struct interface *find_flagged_addr_in_list(sockaddr_u *, int); 279 static void delete_addr_from_list (sockaddr_u *); 280 static void delete_interface_from_list(struct interface *); 281 static void close_and_delete_fd_from_list(SOCKET); 282 static void add_addr_to_list (sockaddr_u *, 283 struct interface *); 284 static void create_wildcards (u_short); 285 #ifdef DEBUG 286 static const char * action_text (nic_rule_action); 287 #endif 288 static nic_rule_action interface_action(char *, isc_netaddr_t *, 289 isc_uint32_t); 290 static void convert_isc_if (isc_interface_t *, 291 struct interface *, u_short); 292 static struct interface *getinterface (sockaddr_u *, int); 293 static struct interface *getsamenetinterface (sockaddr_u *, int); 294 static struct interface *findlocalinterface (sockaddr_u *, int, int); 295 static struct interface *findlocalcastinterface (sockaddr_u *); 296 297 /* 298 * Routines to read the ntp packets 299 */ 300 #if !defined(HAVE_IO_COMPLETION_PORT) 301 static inline int read_network_packet (SOCKET, struct interface *, l_fp); 302 static inline int read_refclock_packet (SOCKET, struct refclockio *, l_fp); 303 #endif 304 305 306 #ifdef SYS_WINNT 307 /* 308 * Windows 2000 systems incorrectly cause UDP sockets using WASRecvFrom 309 * to not work correctly, returning a WSACONNRESET error when a WSASendTo 310 * fails with an "ICMP port unreachable" response and preventing the 311 * socket from using the WSARecvFrom in subsequent operations. 312 * The function below fixes this, but requires that Windows 2000 313 * Service Pack 2 or later be installed on the system. NT 4.0 314 * systems are not affected by this and work correctly. 315 * See Microsoft Knowledge Base Article Q263823 for details of this. 316 */ 317 void 318 connection_reset_fix( 319 SOCKET fd, 320 sockaddr_u * addr 321 ) 322 { 323 DWORD dw; 324 BOOL bNewBehavior = FALSE; 325 DWORD status; 326 327 /* 328 * disable bad behavior using IOCTL: SIO_UDP_CONNRESET 329 * NT 4.0 has no problem 330 */ 331 if (isc_win32os_majorversion() >= 5) { 332 status = WSAIoctl(fd, SIO_UDP_CONNRESET, &bNewBehavior, 333 sizeof(bNewBehavior), NULL, 0, 334 &dw, NULL, NULL); 335 if (SOCKET_ERROR == status) 336 msyslog(LOG_ERR, 337 "connection_reset_fix() failed for address %s: %m", 338 stoa(addr)); 339 } 340 } 341 #endif 342 343 /* 344 * on Unix systems the stdio library typically 345 * makes use of file descriptors in the lower 346 * integer range. stdio usually will make use 347 * of the file descriptors in the range of 348 * [0..FOPEN_MAX) 349 * in order to keep this range clean, for socket 350 * file descriptors we attempt to move them above 351 * FOPEN_MAX. This is not as easy as it sounds as 352 * FOPEN_MAX changes from implementation to implementation 353 * and may exceed to current file decriptor limits. 354 * We are using following strategy: 355 * - keep a current socket fd boundary initialized with 356 * max(0, min(getdtablesize() - FD_CHUNK, FOPEN_MAX)) 357 * - attempt to move the descriptor to the boundary or 358 * above. 359 * - if that fails and boundary > 0 set boundary 360 * to min(0, socket_fd_boundary - FD_CHUNK) 361 * -> retry 362 * if failure and boundary == 0 return old fd 363 * - on success close old fd return new fd 364 * 365 * effects: 366 * - fds will be moved above the socket fd boundary 367 * if at all possible. 368 * - the socket boundary will be reduced until 369 * allocation is possible or 0 is reached - at this 370 * point the algrithm will be disabled 371 */ 372 static int 373 move_fd( 374 SOCKET fd 375 ) 376 { 377 #if !defined(SYS_WINNT) && defined(F_DUPFD) 378 #ifndef FD_CHUNK 379 #define FD_CHUNK 10 380 #endif 381 /* 382 * number of fds we would like to have for 383 * stdio FILE* available. 384 * we can pick a "low" number as our use of 385 * FILE* is limited to log files and temporarily 386 * to data and config files. Except for log files 387 * we don't keep the other FILE* open beyond the 388 * scope of the function that opened it. 389 */ 390 #ifndef FD_PREFERRED_SOCKBOUNDARY 391 #define FD_PREFERRED_SOCKBOUNDARY 48 392 #endif 393 394 #ifndef HAVE_GETDTABLESIZE 395 /* 396 * if we have no idea about the max fd value set up things 397 * so we will start at FOPEN_MAX 398 */ 399 #define getdtablesize() (FOPEN_MAX+FD_CHUNK) 400 #endif 401 402 #ifndef FOPEN_MAX 403 #define FOPEN_MAX 20 /* assume that for the lack of anything better */ 404 #endif 405 static SOCKET socket_boundary = -1; 406 SOCKET newfd; 407 408 NTP_REQUIRE((int)fd >= 0); 409 410 /* 411 * check whether boundary has be set up 412 * already 413 */ 414 if (socket_boundary == -1) { 415 socket_boundary = max(0, min(getdtablesize() - FD_CHUNK, 416 min(FOPEN_MAX, FD_PREFERRED_SOCKBOUNDARY))); 417 #ifdef DEBUG 418 msyslog(LOG_DEBUG, 419 "ntp_io: estimated max descriptors: %d, initial socket boundary: %d", 420 getdtablesize(), socket_boundary); 421 #endif 422 } 423 424 /* 425 * Leave a space for stdio to work in. potentially moving the 426 * socket_boundary lower until allocation succeeds. 427 */ 428 do { 429 if (fd >= 0 && fd < socket_boundary) { 430 /* inside reserved range: attempt to move fd */ 431 newfd = fcntl(fd, F_DUPFD, socket_boundary); 432 433 if (newfd != -1) { 434 /* success: drop the old one - return the new one */ 435 close(fd); 436 return newfd; 437 } 438 } else { 439 /* outside reserved range: no work - return the original one */ 440 return fd; 441 } 442 socket_boundary = max(0, socket_boundary - FD_CHUNK); 443 #ifdef DEBUG 444 msyslog(LOG_DEBUG, 445 "ntp_io: selecting new socket boundary: %d", 446 socket_boundary); 447 #endif 448 } while (socket_boundary > 0); 449 #else 450 NTP_REQUIRE((int)fd >= 0); 451 #endif /* !defined(SYS_WINNT) && defined(F_DUPFD) */ 452 return fd; 453 } 454 455 #ifdef DEBUG_TIMING 456 /* 457 * collect timing information for various processing 458 * paths. currently we only pass then on to the file 459 * for later processing. this could also do histogram 460 * based analysis in other to reduce the load (and skew) 461 * dur to the file output 462 */ 463 void 464 collect_timing(struct recvbuf *rb, const char *tag, int count, l_fp *dts) 465 { 466 char buf[256]; 467 468 snprintf(buf, sizeof(buf), "%s %d %s %s", 469 (rb != NULL) 470 ? ((rb->dstadr != NULL) 471 ? stoa(&rb->recv_srcadr) 472 : "-REFCLOCK-") 473 : "-", 474 count, lfptoa(dts, 9), tag); 475 record_timing_stats(buf); 476 } 477 #endif 478 479 /* 480 * About dynamic interfaces, sockets, reception and more... 481 * 482 * the code solves following tasks: 483 * 484 * - keep a current list of active interfaces in order 485 * to bind to to the interface address on NTP_PORT so that 486 * all wild and specific bindings for NTP_PORT are taken by ntpd 487 * to avoid other daemons messing with the time or sockets. 488 * - all interfaces keep a list of peers that are referencing 489 * the interface in order to quickly re-assign the peers to 490 * new interface in case an interface is deleted (=> gone from system or 491 * down) 492 * - have a preconfigured socket ready with the right local address 493 * for transmission and reception 494 * - have an address list for all destination addresses used within ntpd 495 * to find the "right" preconfigured socket. 496 * - facilitate updating the internal interface list with respect to 497 * the current kernel state 498 * 499 * special issues: 500 * 501 * - mapping of multicast addresses to the interface affected is not always 502 * one to one - especially on hosts with multiple interfaces 503 * the code here currently allocates a separate interface entry for those 504 * multicast addresses 505 * iff it is able to bind to a *new* socket with the multicast address (flags |= MCASTIF) 506 * in case of failure the multicast address is bound to an existing interface. 507 * - on some systems it is perfectly legal to assign the same address to 508 * multiple interfaces. Therefore this code does not keep a list of interfaces 509 * but a list of interfaces that represent a unique address as determined by the kernel 510 * by the procedure in findlocalinterface. Thus it is perfectly legal to see only 511 * one representative of a group of real interfaces if they share the same address. 512 * 513 * Frank Kardel 20050910 514 */ 515 516 /* 517 * init_io - initialize I/O data structures and call socket creation routine 518 */ 519 void 520 init_io(void) 521 { 522 /* 523 * Init buffer free list and stat counters 524 */ 525 init_recvbuff(RECV_INIT); 526 527 #ifdef SYS_WINNT 528 init_io_completion_port(); 529 #endif /* SYS_WINNT */ 530 531 #if defined(HAVE_SIGNALED_IO) 532 (void) set_signal(); 533 #endif 534 } 535 536 537 /* 538 * io_open_sockets - call socket creation routine 539 */ 540 void 541 io_open_sockets(void) 542 { 543 static int already_opened; 544 545 if (already_opened || HAVE_OPT( SAVECONFIGQUIT )) 546 return; 547 548 already_opened = 1; 549 550 /* 551 * Create the sockets 552 */ 553 BLOCKIO(); 554 create_sockets(NTP_PORT); 555 UNBLOCKIO(); 556 557 init_async_notifications(); 558 559 DPRINTF(3, ("io_open_sockets: maxactivefd %d\n", maxactivefd)); 560 } 561 562 563 #ifdef DEBUG 564 /* 565 * function to dump the contents of the interface structure 566 * for debugging use only. 567 */ 568 void 569 interface_dump(struct interface *itf) 570 { 571 printf("Dumping interface: %p\n", itf); 572 printf("fd = %d\n", itf->fd); 573 printf("bfd = %d\n", itf->bfd); 574 printf("sin = %s,\n", stoa(&itf->sin)); 575 sockaddr_dump(&itf->sin); 576 printf("bcast = %s,\n", stoa(&itf->bcast)); 577 sockaddr_dump(&itf->bcast); 578 printf("mask = %s,\n", stoa(&itf->mask)); 579 sockaddr_dump(&itf->mask); 580 printf("name = %s\n", itf->name); 581 printf("flags = 0x%08x\n", itf->flags); 582 printf("last_ttl = %d\n", itf->last_ttl); 583 printf("addr_refid = %08x\n", itf->addr_refid); 584 printf("num_mcast = %d\n", itf->num_mcast); 585 printf("received = %ld\n", itf->received); 586 printf("sent = %ld\n", itf->sent); 587 printf("notsent = %ld\n", itf->notsent); 588 printf("scopeid = %u\n", itf->scopeid); 589 printf("peercnt = %u\n", itf->peercnt); 590 printf("phase = %u\n", itf->phase); 591 } 592 593 /* 594 * sockaddr_dump - hex dump the start of a sockaddr_u 595 */ 596 static void 597 sockaddr_dump(sockaddr_u *psau) 598 { 599 /* Limit the size of the sockaddr_storage hex dump */ 600 const int maxsize = min(32, sizeof(psau->sas)); 601 u_char * cp; 602 int i; 603 604 cp = (u_char *)&psau->sas; 605 606 for(i = 0; i < maxsize; i++) 607 { 608 printf("%02x", *cp++); 609 if (!((i + 1) % 4)) 610 printf(" "); 611 } 612 printf("\n"); 613 } 614 615 /* 616 * print_interface - helper to output debug information 617 */ 618 static void 619 print_interface(struct interface *iface, const char *pfx, const char *sfx) 620 { 621 printf("%sinterface #%d: fd=%d, bfd=%d, name=%s, flags=0x%x, scope=%d, sin=%s", 622 pfx, 623 iface->ifnum, 624 iface->fd, 625 iface->bfd, 626 iface->name, 627 iface->flags, 628 iface->scopeid, 629 stoa(&iface->sin)); 630 if (AF_INET == iface->family) { 631 if (iface->flags & INT_BROADCAST) 632 printf(", bcast=%s", stoa(&iface->bcast)); 633 printf(", mask=%s", stoa(&iface->mask)); 634 } 635 printf(", %s:%s", 636 (iface->ignore_packets) 637 ? "Disabled" 638 : "Enabled", 639 sfx); 640 if (debug > 4) /* in-depth debugging only */ 641 interface_dump(iface); 642 } 643 #endif 644 645 #if !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) 646 /* 647 * create an asyncio_reader structure 648 */ 649 static struct asyncio_reader * 650 new_asyncio_reader(void) 651 { 652 struct asyncio_reader *reader; 653 654 reader = emalloc(sizeof(*reader)); 655 656 memset(reader, 0, sizeof(*reader)); 657 reader->fd = INVALID_SOCKET; 658 return reader; 659 } 660 661 /* 662 * delete a reader 663 */ 664 static void 665 delete_asyncio_reader( 666 struct asyncio_reader *reader 667 ) 668 { 669 free(reader); 670 } 671 672 /* 673 * add asynchio_reader 674 */ 675 static void 676 add_asyncio_reader( 677 struct asyncio_reader * reader, 678 enum desc_type type) 679 { 680 LINK_SLIST(asyncio_reader_list, reader, link); 681 add_fd_to_list(reader->fd, type); 682 } 683 684 /* 685 * remove asynchio_reader 686 */ 687 static void 688 remove_asyncio_reader( 689 struct asyncio_reader *reader 690 ) 691 { 692 struct asyncio_reader *unlinked; 693 694 UNLINK_SLIST(unlinked, asyncio_reader_list, reader, link, 695 struct asyncio_reader); 696 697 if (reader->fd != INVALID_SOCKET) 698 close_and_delete_fd_from_list(reader->fd); 699 700 reader->fd = INVALID_SOCKET; 701 } 702 #endif /* !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) */ 703 704 /* 705 * Code to tell if we have an IP address 706 * If we have then return the sockaddr structure 707 * and set the return value 708 * see the bind9/getaddresses.c for details 709 */ 710 isc_boolean_t 711 is_ip_address( 712 const char * host, 713 isc_netaddr_t * addr 714 ) 715 { 716 struct in_addr in4; 717 struct in6_addr in6; 718 char tmpbuf[128]; 719 char *pch; 720 721 NTP_REQUIRE(host != NULL); 722 NTP_REQUIRE(addr != NULL); 723 724 /* 725 * Try IPv4, then IPv6. In order to handle the extended format 726 * for IPv6 scoped addresses (address%scope_ID), we'll use a local 727 * working buffer of 128 bytes. The length is an ad-hoc value, but 728 * should be enough for this purpose; the buffer can contain a string 729 * of at least 80 bytes for scope_ID in addition to any IPv6 numeric 730 * addresses (up to 46 bytes), the delimiter character and the 731 * terminating NULL character. 732 */ 733 if (inet_pton(AF_INET, host, &in4) == 1) { 734 isc_netaddr_fromin(addr, &in4); 735 return (ISC_TRUE); 736 } else if (sizeof(tmpbuf) > strlen(host)) { 737 if ('[' == host[0]) { 738 strncpy(tmpbuf, &host[1], sizeof(tmpbuf)); 739 pch = strchr(tmpbuf, ']'); 740 if (pch != NULL) 741 *pch = '\0'; 742 } else 743 strncpy(tmpbuf, host, sizeof(tmpbuf)); 744 pch = strchr(tmpbuf, '%'); 745 if (pch != NULL) 746 *pch = '\0'; 747 748 if (inet_pton(AF_INET6, tmpbuf, &in6) == 1) { 749 isc_netaddr_fromin6(addr, &in6); 750 return (ISC_TRUE); 751 } 752 } 753 /* 754 * If we got here it was not an IP address 755 */ 756 return (ISC_FALSE); 757 } 758 759 760 /* 761 * interface list enumerator - visitor pattern 762 */ 763 void 764 interface_enumerate( 765 interface_receiver_t receiver, 766 void * data 767 ) 768 { 769 interface_info_t ifi; 770 771 ifi.action = IFS_EXISTS; 772 773 for (ifi.interface = inter_list; 774 ifi.interface != NULL; 775 ifi.interface = ifi.interface->link) 776 (*receiver)(data, &ifi); 777 } 778 779 /* 780 * do standard initialization of interface structure 781 */ 782 static void 783 init_interface( 784 struct interface *iface 785 ) 786 { 787 memset(iface, 0, sizeof(*iface)); 788 iface->fd = INVALID_SOCKET; 789 iface->bfd = INVALID_SOCKET; 790 iface->phase = sys_interphase; 791 } 792 793 794 /* 795 * create new interface structure initialize from 796 * template structure or via standard initialization 797 * function 798 */ 799 static struct interface * 800 new_interface( 801 struct interface *interface 802 ) 803 { 804 static u_int sys_ifnum = 0; 805 struct interface * iface; 806 807 iface = emalloc(sizeof(*iface)); 808 809 if (NULL == interface) 810 init_interface(iface); 811 else /* use the template */ 812 memcpy(iface, interface, sizeof(*iface)); 813 814 /* count every new instance of an interface in the system */ 815 iface->ifnum = sys_ifnum++; 816 iface->starttime = current_time; 817 818 return iface; 819 } 820 821 822 /* 823 * return interface storage into free memory pool 824 */ 825 static inline void 826 delete_interface( 827 struct interface *interface 828 ) 829 { 830 free(interface); 831 } 832 833 834 /* 835 * link interface into list of known interfaces 836 */ 837 static void 838 add_interface( 839 struct interface *interface 840 ) 841 { 842 /* 843 * Calculate the address hash 844 */ 845 interface->addr_refid = addr2refid(&interface->sin); 846 847 LINK_SLIST(inter_list, interface, link); 848 ninterfaces++; 849 } 850 851 852 /* 853 * remove interface from known interface list and clean up 854 * associated resources 855 */ 856 static void 857 remove_interface( 858 struct interface *iface 859 ) 860 { 861 struct interface *unlinked; 862 sockaddr_u resmask; 863 864 UNLINK_SLIST(unlinked, inter_list, iface, link, struct 865 interface); 866 867 delete_interface_from_list(iface); 868 869 if (iface->fd != INVALID_SOCKET) { 870 msyslog(LOG_INFO, 871 "Deleting interface #%d %s, %s#%d, interface stats: received=%ld, sent=%ld, dropped=%ld, active_time=%ld secs", 872 iface->ifnum, 873 iface->name, 874 stoa(&iface->sin), 875 SRCPORT(&iface->sin), 876 iface->received, 877 iface->sent, 878 iface->notsent, 879 current_time - iface->starttime); 880 881 close_and_delete_fd_from_list(iface->fd); 882 } 883 884 if (iface->bfd != INVALID_SOCKET) { 885 msyslog(LOG_INFO, 886 "Deleting broadcast address %s#%d from interface #%d %s", 887 stoa(&iface->bcast), 888 SRCPORT(&iface->bcast), 889 iface->ifnum, 890 iface->name); 891 892 close_and_delete_fd_from_list(iface->bfd); 893 } 894 895 ninterfaces--; 896 ntp_monclearinterface(iface); 897 898 /* remove restrict interface entry */ 899 SET_HOSTMASK(&resmask, AF(&iface->sin)); 900 hack_restrict(RESTRICT_REMOVEIF, &iface->sin, &resmask, 901 RESM_NTPONLY | RESM_INTERFACE, RES_IGNORE); 902 } 903 904 905 static void 906 list_if_listening( 907 struct interface * iface 908 ) 909 { 910 msyslog(LOG_INFO, "%s on %d %s %s UDP %d", 911 (iface->ignore_packets) 912 ? "Listen and drop" 913 : "Listen normally", 914 iface->ifnum, 915 iface->name, 916 stoa(&iface->sin), 917 SRCPORT(&iface->sin)); 918 } 919 920 921 static void 922 create_wildcards( 923 u_short port 924 ) 925 { 926 int v4wild; 927 #ifdef INCLUDE_IPV6_SUPPORT 928 int v6wild; 929 #endif 930 sockaddr_u wildaddr; 931 isc_netaddr_t wnaddr; 932 nic_rule_action action; 933 struct interface * wildif; 934 935 /* 936 * silence "potentially uninitialized" warnings from VC9 937 * failing to follow the logic. Ideally action could remain 938 * uninitialized, and the memset be the first statement under 939 * the first if (v4wild). 940 */ 941 action = ACTION_LISTEN; 942 memset(&wildaddr, 0, sizeof(wildaddr)); 943 944 /* 945 * create pseudo-interface with wildcard IPv4 address 946 */ 947 v4wild = ipv4_works; 948 if (v4wild) { 949 /* set wildaddr to the v4 wildcard address 0.0.0.0 */ 950 AF(&wildaddr) = AF_INET; 951 SET_ADDR4(&wildaddr, INADDR_ANY); 952 SET_PORT(&wildaddr, port); 953 954 /* make an libisc-friendly copy */ 955 isc_netaddr_fromin(&wnaddr, &wildaddr.sa4.sin_addr); 956 957 /* check for interface/nic rules affecting the wildcard */ 958 action = interface_action(NULL, &wnaddr, 0); 959 v4wild = (ACTION_IGNORE != action); 960 } 961 if (v4wild) { 962 wildif = new_interface(NULL); 963 964 strncpy(wildif->name, "v4wildcard", sizeof(wildif->name)); 965 memcpy(&wildif->sin, &wildaddr, sizeof(wildif->sin)); 966 wildif->family = AF_INET; 967 AF(&wildif->mask) = AF_INET; 968 SET_ONESMASK(&wildif->mask); 969 970 wildif->flags = INT_BROADCAST | INT_UP | INT_WILDCARD; 971 wildif->ignore_packets = (ACTION_DROP == action); 972 #if defined(MCAST) 973 /* 974 * enable multicast reception on the broadcast socket 975 */ 976 AF(&wildif->bcast) = AF_INET; 977 SET_ADDR4(&wildif->bcast, INADDR_ANY); 978 SET_PORT(&wildif->bcast, port); 979 #endif /* MCAST */ 980 wildif->fd = open_socket(&wildif->sin, 0, 1, wildif); 981 982 if (wildif->fd != INVALID_SOCKET) { 983 wildipv4 = wildif; 984 any_interface = wildif; 985 986 add_addr_to_list(&wildif->sin, wildif); 987 add_interface(wildif); 988 list_if_listening(wildif); 989 } else { 990 msyslog(LOG_ERR, 991 "unable to bind to wildcard address %s - another process may be running - EXITING", 992 stoa(&wildif->sin)); 993 exit(1); 994 } 995 DPRINT_INTERFACE(2, (wildif, "created ", "\n")); 996 } 997 998 #ifdef INCLUDE_IPV6_SUPPORT 999 /* 1000 * create pseudo-interface with wildcard IPv6 address 1001 */ 1002 v6wild = ipv6_works; 1003 if (v6wild) { 1004 /* set wildaddr to the v6 wildcard address :: */ 1005 memset(&wildaddr, 0, sizeof(wildaddr)); 1006 AF(&wildaddr) = AF_INET6; 1007 SET_ADDR6N(&wildaddr, in6addr_any); 1008 SET_PORT(&wildaddr, port); 1009 SET_SCOPE(&wildaddr, 0); 1010 1011 /* make an libisc-friendly copy */ 1012 isc_netaddr_fromin(&wnaddr, &wildaddr.sa4.sin_addr); 1013 1014 /* check for interface/nic rules affecting the wildcard */ 1015 action = interface_action(NULL, &wnaddr, 0); 1016 v6wild = (ACTION_IGNORE != action); 1017 } 1018 if (v6wild) { 1019 wildif = new_interface(NULL); 1020 1021 strncpy(wildif->name, "v6wildcard", sizeof(wildif->name)); 1022 memcpy(&wildif->sin, &wildaddr, sizeof(wildif->sin)); 1023 wildif->family = AF_INET6; 1024 AF(&wildif->mask) = AF_INET6; 1025 SET_ONESMASK(&wildif->mask); 1026 1027 wildif->flags = INT_UP | INT_WILDCARD; 1028 wildif->ignore_packets = (ACTION_DROP == action); 1029 1030 wildif->fd = open_socket(&wildif->sin, 0, 1, wildif); 1031 1032 if (wildif->fd != INVALID_SOCKET) { 1033 wildipv6 = wildif; 1034 any6_interface = wildif; 1035 add_addr_to_list(&wildif->sin, wildif); 1036 add_interface(wildif); 1037 list_if_listening(wildif); 1038 } else { 1039 msyslog(LOG_ERR, 1040 "unable to bind to wildcard address %s - another process may be running - EXITING", 1041 stoa(&wildif->sin)); 1042 exit(1); 1043 } 1044 DPRINT_INTERFACE(2, (wildif, "created ", "\n")); 1045 } 1046 #endif 1047 } 1048 1049 1050 /* 1051 * add_nic_rule() -- insert a rule entry at the head of nic_rule_list. 1052 */ 1053 void 1054 add_nic_rule( 1055 nic_rule_match match_type, 1056 const char * if_name, /* interface name or numeric address */ 1057 int prefixlen, 1058 nic_rule_action action 1059 ) 1060 { 1061 nic_rule * rule; 1062 isc_boolean_t is_ip; 1063 1064 rule = emalloc(sizeof(*rule)); 1065 memset(rule, 0, sizeof(*rule)); 1066 rule->match_type = match_type; 1067 rule->prefixlen = prefixlen; 1068 rule->action = action; 1069 1070 if (MATCH_IFNAME == match_type) { 1071 NTP_REQUIRE(NULL != if_name); 1072 rule->if_name = estrdup(if_name); 1073 } else if (MATCH_IFADDR == match_type) { 1074 NTP_REQUIRE(NULL != if_name); 1075 /* set rule->netaddr */ 1076 is_ip = is_ip_address(if_name, &rule->netaddr); 1077 NTP_REQUIRE(is_ip); 1078 } else 1079 NTP_REQUIRE(NULL == if_name); 1080 1081 LINK_SLIST(nic_rule_list, rule, next); 1082 } 1083 1084 1085 #ifdef DEBUG 1086 static const char * 1087 action_text( 1088 nic_rule_action action 1089 ) 1090 { 1091 const char *t; 1092 1093 switch (action) { 1094 1095 default: 1096 t = "ERROR"; /* quiet uninit warning */ 1097 DPRINTF(1, ("fatal: unknown nic_rule_action %d\n", 1098 action)); 1099 NTP_ENSURE(0); 1100 break; 1101 1102 case ACTION_LISTEN: 1103 t = "listen"; 1104 break; 1105 1106 case ACTION_IGNORE: 1107 t = "ignore"; 1108 break; 1109 1110 case ACTION_DROP: 1111 t = "drop"; 1112 break; 1113 } 1114 1115 return t; 1116 } 1117 #endif /* DEBUG */ 1118 1119 1120 static nic_rule_action 1121 interface_action( 1122 char * if_name, 1123 isc_netaddr_t * if_netaddr, 1124 isc_uint32_t if_flags 1125 ) 1126 { 1127 nic_rule *rule; 1128 int isloopback; 1129 int iswildcard; 1130 1131 DPRINTF(4, ("interface_action: interface %s ", 1132 (if_name != NULL) ? if_name : "wildcard")); 1133 1134 iswildcard = is_wildcard_netaddr(if_netaddr); 1135 1136 /* 1137 * Always listen on 127.0.0.1 - required by ntp_intres 1138 */ 1139 if (if_flags & INTERFACE_F_LOOPBACK) { 1140 isloopback = 1; 1141 if (AF_INET == if_netaddr->family) { 1142 DPRINTF(4, ("IPv4 loopback - listen\n")); 1143 return ACTION_LISTEN; 1144 } 1145 } else 1146 isloopback = 0; 1147 1148 /* 1149 * Find any matching NIC rule from --interface / -I or ntp.conf 1150 * interface/nic rules. 1151 */ 1152 for (rule = nic_rule_list; rule != NULL; rule = rule->next) { 1153 1154 switch (rule->match_type) { 1155 1156 case MATCH_ALL: 1157 /* loopback and wildcard excluded from "all" */ 1158 if (isloopback || iswildcard) 1159 break; 1160 DPRINTF(4, ("nic all %s\n", 1161 action_text(rule->action))); 1162 return rule->action; 1163 1164 case MATCH_IPV4: 1165 if (AF_INET == if_netaddr->family) { 1166 DPRINTF(4, ("nic ipv4 %s\n", 1167 action_text(rule->action))); 1168 return rule->action; 1169 } 1170 break; 1171 1172 case MATCH_IPV6: 1173 if (AF_INET6 == if_netaddr->family) { 1174 DPRINTF(4, ("nic ipv6 %s\n", 1175 action_text(rule->action))); 1176 return rule->action; 1177 } 1178 break; 1179 1180 case MATCH_WILDCARD: 1181 if (iswildcard) { 1182 DPRINTF(4, ("nic wildcard %s\n", 1183 action_text(rule->action))); 1184 return rule->action; 1185 } 1186 break; 1187 1188 case MATCH_IFADDR: 1189 if (rule->prefixlen != -1) { 1190 if (isc_netaddr_eqprefix(if_netaddr, 1191 &rule->netaddr, rule->prefixlen)) { 1192 1193 DPRINTF(4, ("subnet address match - %s\n", 1194 action_text(rule->action))); 1195 return rule->action; 1196 } 1197 } else 1198 if (isc_netaddr_equal(if_netaddr, 1199 &rule->netaddr)) { 1200 1201 DPRINTF(4, ("address match - %s\n", 1202 action_text(rule->action))); 1203 return rule->action; 1204 } 1205 break; 1206 1207 case MATCH_IFNAME: 1208 if (if_name != NULL 1209 && !strcasecmp(if_name, rule->if_name)) { 1210 1211 DPRINTF(4, ("interface name match - %s\n", 1212 action_text(rule->action))); 1213 return rule->action; 1214 } 1215 break; 1216 } 1217 } 1218 1219 /* 1220 * Unless explicitly disabled such as with "nic ignore ::1" 1221 * listen on loopback addresses. Since ntpq and ntpdc query 1222 * "localhost" by default, which typically resolves to ::1 and 1223 * 127.0.0.1, it's useful to default to listening on both. 1224 */ 1225 if (isloopback) { 1226 DPRINTF(4, ("default loopback listen\n")); 1227 return ACTION_LISTEN; 1228 } 1229 1230 /* 1231 * Treat wildcard addresses specially. If there is no explicit 1232 * "nic ... wildcard" or "nic ... 0.0.0.0" or "nic ... ::" rule 1233 * default to drop. 1234 */ 1235 if (iswildcard) { 1236 DPRINTF(4, ("default wildcard drop\n")); 1237 return ACTION_DROP; 1238 } 1239 1240 /* 1241 * Check for "virtual IP" (colon in the interface name) after 1242 * the rules so that "ntpd --interface eth0:1 -novirtualips" 1243 * does indeed listen on eth0:1's addresses. 1244 */ 1245 if (!listen_to_virtual_ips && if_name != NULL 1246 && (strchr(if_name, ':') != NULL)) { 1247 1248 DPRINTF(4, ("virtual ip - ignore\n")); 1249 return ACTION_IGNORE; 1250 } 1251 1252 /* 1253 * If there are no --interface/-I command-line options and no 1254 * interface/nic rules in ntp.conf, the default action is to 1255 * listen. In the presence of rules from either, the default 1256 * is to ignore. This implements ntpd's traditional listen- 1257 * every default with no interface listen configuration, and 1258 * ensures a single -I eth0 or "nic listen eth0" means do not 1259 * listen on any other addresses. 1260 */ 1261 if (NULL == nic_rule_list) { 1262 DPRINTF(4, ("default listen\n")); 1263 return ACTION_LISTEN; 1264 } 1265 1266 DPRINTF(4, ("implicit ignore\n")); 1267 return ACTION_IGNORE; 1268 } 1269 1270 1271 static void 1272 convert_isc_if( 1273 isc_interface_t *isc_if, 1274 struct interface *itf, 1275 u_short port 1276 ) 1277 { 1278 strncpy(itf->name, isc_if->name, sizeof(itf->name)); 1279 itf->name[sizeof(itf->name) - 1] = 0; /* strncpy may not */ 1280 itf->family = (u_short)isc_if->af; 1281 AF(&itf->sin) = itf->family; 1282 AF(&itf->mask) = itf->family; 1283 AF(&itf->bcast) = itf->family; 1284 SET_PORT(&itf->sin, port); 1285 SET_PORT(&itf->mask, port); 1286 SET_PORT(&itf->bcast, port); 1287 1288 if (IS_IPV4(&itf->sin)) { 1289 NSRCADR(&itf->sin) = isc_if->address.type.in.s_addr; 1290 NSRCADR(&itf->mask) = isc_if->netmask.type.in.s_addr; 1291 1292 if (isc_if->flags & INTERFACE_F_BROADCAST) { 1293 itf->flags |= INT_BROADCAST; 1294 NSRCADR(&itf->bcast) = 1295 isc_if->broadcast.type.in.s_addr; 1296 } 1297 } 1298 #ifdef INCLUDE_IPV6_SUPPORT 1299 else if (IS_IPV6(&itf->sin)) { 1300 SET_ADDR6N(&itf->sin, isc_if->address.type.in6); 1301 SET_ADDR6N(&itf->mask, isc_if->netmask.type.in6); 1302 1303 itf->scopeid = isc_netaddr_getzone(&isc_if->address); 1304 SET_SCOPE(&itf->sin, itf->scopeid); 1305 } 1306 #endif /* INCLUDE_IPV6_SUPPORT */ 1307 1308 1309 /* Process the rest of the flags */ 1310 1311 itf->flags |= 1312 ((INTERFACE_F_UP & isc_if->flags) 1313 ? INT_UP : 0) 1314 | ((INTERFACE_F_LOOPBACK & isc_if->flags) 1315 ? INT_LOOPBACK : 0) 1316 | ((INTERFACE_F_POINTTOPOINT & isc_if->flags) 1317 ? INT_PPP : 0) 1318 | ((INTERFACE_F_MULTICAST & isc_if->flags) 1319 ? INT_MULTICAST : 0) 1320 ; 1321 } 1322 1323 1324 /* 1325 * refresh_interface 1326 * 1327 * some OSes have been observed to keep 1328 * cached routes even when more specific routes 1329 * become available. 1330 * this can be mitigated by re-binding 1331 * the socket. 1332 */ 1333 static int 1334 refresh_interface( 1335 struct interface * interface 1336 ) 1337 { 1338 #ifdef OS_MISSES_SPECIFIC_ROUTE_UPDATES 1339 if (interface->fd != INVALID_SOCKET) { 1340 close_and_delete_fd_from_list(interface->fd); 1341 interface->fd = open_socket(&interface->sin, 1342 0, 0, interface); 1343 /* 1344 * reset TTL indication so TTL is is set again 1345 * next time around 1346 */ 1347 interface->last_ttl = 0; 1348 return (interface->fd != INVALID_SOCKET); 1349 } else 1350 return 0; /* invalid sockets are not refreshable */ 1351 #else /* !OS_MISSES_SPECIFIC_ROUTE_UPDATES */ 1352 return (interface->fd != INVALID_SOCKET); 1353 #endif /* !OS_MISSES_SPECIFIC_ROUTE_UPDATES */ 1354 } 1355 1356 /* 1357 * interface_update - externally callable update function 1358 */ 1359 void 1360 interface_update( 1361 interface_receiver_t receiver, 1362 void * data) 1363 { 1364 int new_interface_found; 1365 1366 if (disable_dynamic_updates) 1367 return; 1368 1369 BLOCKIO(); 1370 new_interface_found = update_interfaces(NTP_PORT, receiver, data); 1371 UNBLOCKIO(); 1372 1373 if (!new_interface_found) 1374 return; 1375 1376 #ifdef DEBUG 1377 msyslog(LOG_DEBUG, "new interface(s) found: waking up resolver"); 1378 #endif 1379 #ifdef SYS_WINNT 1380 /* wake up the resolver thread */ 1381 if (ResolverEventHandle != NULL) 1382 SetEvent(ResolverEventHandle); 1383 #else 1384 /* write any single byte to the pipe to wake up the resolver process */ 1385 write( resolver_pipe_fd[1], &new_interface_found, 1 ); 1386 #endif 1387 } 1388 1389 1390 /* 1391 * sau_from_netaddr() - convert network address on-wire formats. 1392 * Convert from libisc's isc_netaddr_t to NTP's sockaddr_u 1393 */ 1394 void 1395 sau_from_netaddr( 1396 sockaddr_u *psau, 1397 const isc_netaddr_t *pna 1398 ) 1399 { 1400 memset(psau, 0, sizeof(*psau)); 1401 AF(psau) = (u_short)pna->family; 1402 switch (pna->family) { 1403 1404 case AF_INET: 1405 memcpy(&psau->sa4.sin_addr, &pna->type.in, 1406 sizeof(psau->sa4.sin_addr)); 1407 break; 1408 1409 case AF_INET6: 1410 memcpy(&psau->sa6.sin6_addr, &pna->type.in6, 1411 sizeof(psau->sa6.sin6_addr)); 1412 break; 1413 } 1414 } 1415 1416 1417 static int 1418 is_wildcard_addr( 1419 sockaddr_u *psau 1420 ) 1421 { 1422 if (IS_IPV4(psau) && !NSRCADR(psau)) 1423 return 1; 1424 1425 #ifdef INCLUDE_IPV6_SUPPORT 1426 if (IS_IPV6(psau) && S_ADDR6_EQ(psau, &in6addr_any)) 1427 return 1; 1428 #endif 1429 1430 return 0; 1431 } 1432 1433 1434 static int 1435 is_wildcard_netaddr( 1436 const isc_netaddr_t *pna 1437 ) 1438 { 1439 sockaddr_u sau; 1440 1441 sau_from_netaddr(&sau, pna); 1442 1443 return is_wildcard_addr(&sau); 1444 } 1445 1446 1447 #ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 1448 /* 1449 * enable/disable re-use of wildcard address socket 1450 */ 1451 static void 1452 set_wildcard_reuse( 1453 u_short family, 1454 int on 1455 ) 1456 { 1457 struct interface *any; 1458 SOCKET fd = INVALID_SOCKET; 1459 1460 any = ANY_INTERFACE_BYFAM(family); 1461 if (any != NULL) 1462 fd = any->fd; 1463 1464 if (fd != INVALID_SOCKET) { 1465 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, 1466 (char *)&on, sizeof(on))) 1467 msyslog(LOG_ERR, 1468 "set_wildcard_reuse: setsockopt(SO_REUSEADDR, %s) failed: %m", 1469 on ? "on" : "off"); 1470 1471 DPRINTF(4, ("set SO_REUSEADDR to %s on %s\n", 1472 on ? "on" : "off", 1473 stoa(&any->sin))); 1474 } 1475 } 1476 #endif /* OS_NEEDS_REUSEADDR_FOR_IFADDRBIND */ 1477 1478 /* 1479 * update_interface strategy 1480 * 1481 * toggle configuration phase 1482 * 1483 * Phase 1: 1484 * forall currently existing interfaces 1485 * if address is known: 1486 * drop socket - rebind again 1487 * 1488 * if address is NOT known: 1489 * attempt to create a new interface entry 1490 * 1491 * Phase 2: 1492 * forall currently known non MCAST and WILDCARD interfaces 1493 * if interface does not match configuration phase (not seen in phase 1): 1494 * remove interface from known interface list 1495 * forall peers associated with this interface 1496 * disconnect peer from this interface 1497 * 1498 * Phase 3: 1499 * attempt to re-assign interfaces to peers 1500 * 1501 */ 1502 1503 static int 1504 update_interfaces( 1505 u_short port, 1506 interface_receiver_t receiver, 1507 void * data 1508 ) 1509 { 1510 isc_mem_t * mctx = (void *)-1; 1511 interface_info_t ifi; 1512 isc_interfaceiter_t * iter; 1513 isc_result_t result; 1514 isc_interface_t isc_if; 1515 int new_interface_found; 1516 unsigned int family; 1517 struct interface interface; 1518 struct interface * iface; 1519 struct interface * next; 1520 1521 DPRINTF(3, ("update_interfaces(%d)\n", port)); 1522 1523 /* 1524 * phase one - scan interfaces 1525 * - create those that are not found 1526 * - update those that are found 1527 */ 1528 1529 new_interface_found = 0; 1530 iter = NULL; 1531 result = isc_interfaceiter_create(mctx, &iter); 1532 1533 if (result != ISC_R_SUCCESS) 1534 return 0; 1535 1536 /* 1537 * Toggle system interface scan phase to find untouched 1538 * interfaces to be deleted. 1539 */ 1540 sys_interphase ^= 0x1; 1541 1542 for (result = isc_interfaceiter_first(iter); 1543 ISC_R_SUCCESS == result; 1544 result = isc_interfaceiter_next(iter)) { 1545 1546 result = isc_interfaceiter_current(iter, &isc_if); 1547 1548 if (result != ISC_R_SUCCESS) 1549 break; 1550 1551 /* See if we have a valid family to use */ 1552 family = isc_if.address.family; 1553 if (AF_INET != family && AF_INET6 != family) 1554 continue; 1555 if (AF_INET == family && !ipv4_works) 1556 continue; 1557 if (AF_INET6 == family && !ipv6_works) 1558 continue; 1559 1560 /* create prototype */ 1561 init_interface(&interface); 1562 1563 convert_isc_if(&isc_if, &interface, port); 1564 1565 /* 1566 * Check if and how we are going to use the interface. 1567 */ 1568 switch (interface_action(isc_if.name, &isc_if.address, 1569 isc_if.flags)) { 1570 1571 case ACTION_IGNORE: 1572 continue; 1573 1574 case ACTION_LISTEN: 1575 interface.ignore_packets = ISC_FALSE; 1576 break; 1577 1578 case ACTION_DROP: 1579 interface.ignore_packets = ISC_TRUE; 1580 break; 1581 } 1582 1583 DPRINT_INTERFACE(4, (&interface, "examining ", "\n")); 1584 1585 /* interfaces must be UP to be usable */ 1586 if (!(interface.flags & INT_UP)) { 1587 DPRINTF(4, ("skipping interface %s (%s) - DOWN\n", 1588 interface.name, stoa(&interface.sin))); 1589 continue; 1590 } 1591 1592 /* 1593 * skip any interfaces UP and bound to a wildcard 1594 * address - some dhcp clients produce that in the 1595 * wild 1596 */ 1597 if (is_wildcard_addr(&interface.sin)) 1598 continue; 1599 1600 /* 1601 * map to local *address* in order to map all duplicate 1602 * interfaces to an interface structure with the 1603 * appropriate socket. Our name space is (ip-address), 1604 * NOT (interface name, ip-address). 1605 */ 1606 iface = getinterface(&interface.sin, INT_WILDCARD); 1607 1608 if (iface != NULL && refresh_interface(iface)) { 1609 /* 1610 * found existing and up to date interface - 1611 * mark present. 1612 */ 1613 if (iface->phase != sys_interphase) { 1614 /* 1615 * On a new round we reset the name so 1616 * the interface name shows up again if 1617 * this address is no longer shared. 1618 * The same reasoning goes for the 1619 * ignore_packets flag. 1620 */ 1621 strncpy(iface->name, interface.name, 1622 sizeof(iface->name)); 1623 iface->ignore_packets = 1624 interface.ignore_packets; 1625 } else 1626 /* name collision - rename interface */ 1627 strncpy(iface->name, "*multiple*", 1628 sizeof(iface->name)); 1629 1630 DPRINT_INTERFACE(4, (iface, "updating ", 1631 " present\n")); 1632 1633 if (iface->ignore_packets != 1634 interface.ignore_packets) { 1635 /* 1636 * We have conflicting configurations 1637 * for the interface address. This is 1638 * caused by using -I <interfacename> 1639 * for an interface that shares its 1640 * address with other interfaces. We 1641 * can not disambiguate incoming 1642 * packets delivered to this socket 1643 * without extra syscalls/features. 1644 * These are not (commonly) available. 1645 * Note this is a more unusual 1646 * configuration where several 1647 * interfaces share an address but 1648 * filtering via interface name is 1649 * attempted. We resolve the 1650 * configuration conflict by disabling 1651 * the processing of received packets. 1652 * This leads to no service on the 1653 * interface address where the conflict 1654 * occurs. 1655 */ 1656 msyslog(LOG_ERR, 1657 "WARNING: conflicting enable configuration for interfaces %s and %s for address %s - unsupported configuration - address DISABLED", 1658 interface.name, iface->name, 1659 stoa(&interface.sin)); 1660 1661 iface->ignore_packets = ISC_TRUE; 1662 } 1663 1664 iface->phase = sys_interphase; 1665 1666 ifi.action = IFS_EXISTS; 1667 ifi.interface = iface; 1668 if (receiver != NULL) 1669 (*receiver)(data, &ifi); 1670 } else { 1671 /* 1672 * This is new or refreshing failed - add to 1673 * our interface list. If refreshing failed we 1674 * will delete the interface structure in phase 1675 * 2 as the interface was not marked current. 1676 * We can bind to the address as the refresh 1677 * code already closed the offending socket 1678 */ 1679 iface = create_interface(port, &interface); 1680 1681 if (iface != NULL) { 1682 ifi.action = IFS_CREATED; 1683 ifi.interface = iface; 1684 if (receiver != NULL) 1685 (*receiver)(data, &ifi); 1686 1687 new_interface_found = 1; 1688 1689 DPRINT_INTERFACE(3, 1690 (iface, "updating ", 1691 " new - created\n")); 1692 } else { 1693 DPRINT_INTERFACE(3, 1694 (&interface, "updating ", 1695 " new - creation FAILED")); 1696 1697 msyslog(LOG_INFO, 1698 "failed to init interface for address %s", 1699 stoa(&interface.sin)); 1700 continue; 1701 } 1702 } 1703 } 1704 1705 isc_interfaceiter_destroy(&iter); 1706 1707 /* 1708 * phase 2 - delete gone interfaces - reassigning peers to 1709 * other interfaces 1710 */ 1711 iface = inter_list; 1712 1713 while (iface != NULL) { 1714 next = iface->link; 1715 1716 if (!(iface->flags & (INT_WILDCARD | INT_MCASTIF))) { 1717 /* 1718 * if phase does not match sys_phase this 1719 * interface was not enumerated during the last 1720 * interface scan - so it is gone and will be 1721 * deleted here unless it is solely an MCAST or 1722 * WILDCARD interface. 1723 */ 1724 if (iface->phase != sys_interphase) { 1725 DPRINT_INTERFACE(3, 1726 (iface, "updating ", 1727 "GONE - deleting\n")); 1728 remove_interface(iface); 1729 1730 ifi.action = IFS_DELETED; 1731 ifi.interface = iface; 1732 if (receiver != NULL) 1733 (*receiver)(data, &ifi); 1734 1735 /* 1736 * disconnect peers from deleted 1737 * interface 1738 */ 1739 while (iface->peers != NULL) 1740 set_peerdstadr(iface->peers, NULL); 1741 1742 /* 1743 * update globals in case we lose 1744 * a loopback interface 1745 */ 1746 if (iface == loopback_interface) 1747 loopback_interface = NULL; 1748 1749 delete_interface(iface); 1750 } 1751 } 1752 iface = next; 1753 } 1754 1755 /* 1756 * phase 3 - re-configure as the world has changed if necessary 1757 */ 1758 refresh_all_peerinterfaces(); 1759 return new_interface_found; 1760 } 1761 1762 1763 /* 1764 * create_sockets - create a socket for each interface plus a default 1765 * socket for when we don't know where to send 1766 */ 1767 static int 1768 create_sockets( 1769 u_short port 1770 ) 1771 { 1772 #ifndef HAVE_IO_COMPLETION_PORT 1773 /* 1774 * I/O Completion Ports don't care about the select and FD_SET 1775 */ 1776 maxactivefd = 0; 1777 FD_ZERO(&activefds); 1778 #endif 1779 1780 DPRINTF(2, ("create_sockets(%d)\n", port)); 1781 1782 create_wildcards(port); 1783 1784 update_interfaces(port, NULL, NULL); 1785 1786 if (sys_bclient) 1787 io_setbclient(); 1788 1789 /* 1790 * Now that we have opened all the sockets, turn off the reuse 1791 * flag for security. 1792 */ 1793 set_reuseaddr(0); 1794 1795 DPRINTF(2, ("create_sockets: Total interfaces = %d\n", ninterfaces)); 1796 1797 return ninterfaces; 1798 } 1799 1800 /* 1801 * create_interface - create a new interface for a given prototype 1802 * binding the socket. 1803 */ 1804 static struct interface * 1805 create_interface( 1806 u_short port, 1807 struct interface * protot 1808 ) 1809 { 1810 sockaddr_u resmask; 1811 struct interface *iface; 1812 1813 DPRINTF(2, ("create_interface(%s#%d)\n", stoa(&protot->sin), 1814 port)); 1815 1816 /* build an interface */ 1817 iface = new_interface(protot); 1818 1819 /* 1820 * create socket 1821 */ 1822 iface->fd = open_socket(&iface->sin, 0, 0, iface); 1823 1824 if (iface->fd != INVALID_SOCKET) 1825 list_if_listening(iface); 1826 1827 if ((INT_BROADCAST & iface->flags) 1828 && iface->bfd != INVALID_SOCKET) 1829 msyslog(LOG_INFO, "Listening on broadcast address %s#%d", 1830 stoa((&iface->bcast)), port); 1831 1832 if (INVALID_SOCKET == iface->fd 1833 && INVALID_SOCKET == iface->bfd) { 1834 msyslog(LOG_ERR, "unable to create socket on %s (%d) for %s#%d", 1835 iface->name, 1836 iface->ifnum, 1837 stoa((&iface->sin)), 1838 port); 1839 delete_interface(iface); 1840 return NULL; 1841 } 1842 1843 /* 1844 * Blacklist our own addresses, no use talking to ourself 1845 */ 1846 SET_HOSTMASK(&resmask, AF(&iface->sin)); 1847 hack_restrict(RESTRICT_FLAGS, &iface->sin, &resmask, 1848 RESM_NTPONLY | RESM_INTERFACE, RES_IGNORE); 1849 1850 /* 1851 * set globals with the first found 1852 * loopback interface of the appropriate class 1853 */ 1854 if (NULL == loopback_interface && AF_INET == iface->family 1855 && (INT_LOOPBACK & iface->flags)) 1856 loopback_interface = iface; 1857 1858 /* 1859 * put into our interface list 1860 */ 1861 add_addr_to_list(&iface->sin, iface); 1862 add_interface(iface); 1863 1864 DPRINT_INTERFACE(2, (iface, "created ", "\n")); 1865 return iface; 1866 } 1867 1868 1869 #ifdef SO_EXCLUSIVEADDRUSE 1870 static void 1871 set_excladdruse( 1872 SOCKET fd 1873 ) 1874 { 1875 int one = 1; 1876 int failed; 1877 #ifdef SYS_WINNT 1878 DWORD err; 1879 #endif 1880 1881 failed = setsockopt(fd, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, 1882 (char *)&one, sizeof(one)); 1883 1884 if (!failed) 1885 return; 1886 1887 #ifdef SYS_WINNT 1888 /* 1889 * Prior to Windows XP setting SO_EXCLUSIVEADDRUSE can fail with 1890 * error WSAINVAL depending on service pack level and whether 1891 * the user account is in the Administrators group. Do not 1892 * complain if it fails that way on versions prior to XP (5.1). 1893 */ 1894 err = GetLastError(); 1895 1896 if (isc_win32os_versioncheck(5, 1, 0, 0) < 0 /* < 5.1/XP */ 1897 && WSAEINVAL == err) 1898 return; 1899 1900 SetLastError(err); 1901 #endif 1902 msyslog(LOG_ERR, 1903 "setsockopt(%d, SO_EXCLUSIVEADDRUSE, on): %m", 1904 (int)fd); 1905 } 1906 #endif /* SO_EXCLUSIVEADDRUSE */ 1907 1908 1909 /* 1910 * set_reuseaddr() - set/clear REUSEADDR on all sockets 1911 * NB possible hole - should we be doing this on broadcast 1912 * fd's also? 1913 */ 1914 static void 1915 set_reuseaddr( 1916 int flag 1917 ) 1918 { 1919 #ifndef SO_EXCLUSIVEADDRUSE 1920 struct interface *interf; 1921 1922 for (interf = inter_list; 1923 interf != NULL; 1924 interf = interf->link) { 1925 1926 if (interf->flags & INT_WILDCARD) 1927 continue; 1928 1929 /* 1930 * if interf->fd is INVALID_SOCKET, we might have a adapter 1931 * configured but not present 1932 */ 1933 DPRINTF(4, ("setting SO_REUSEADDR on %.16s@%s to %s\n", 1934 interf->name, stoa(&interf->sin), 1935 flag ? "on" : "off")); 1936 1937 if (interf->fd != INVALID_SOCKET) { 1938 if (setsockopt(interf->fd, SOL_SOCKET, 1939 SO_REUSEADDR, (char *)&flag, 1940 sizeof(flag))) { 1941 msyslog(LOG_ERR, "set_reuseaddr: setsockopt(SO_REUSEADDR, %s) failed: %m", flag ? "on" : "off"); 1942 } 1943 } 1944 } 1945 #endif /* ! SO_EXCLUSIVEADDRUSE */ 1946 } 1947 1948 /* 1949 * This is just a wrapper around an internal function so we can 1950 * make other changes as necessary later on 1951 */ 1952 void 1953 enable_broadcast( 1954 struct interface * iface, 1955 sockaddr_u * baddr 1956 ) 1957 { 1958 #ifdef OPEN_BCAST_SOCKET 1959 socket_broadcast_enable(iface, iface->fd, baddr); 1960 #endif 1961 } 1962 1963 #ifdef OPEN_BCAST_SOCKET 1964 /* 1965 * Enable a broadcast address to a given socket 1966 * The socket is in the inter_list all we need to do is enable 1967 * broadcasting. It is not this function's job to select the socket 1968 */ 1969 static isc_boolean_t 1970 socket_broadcast_enable( 1971 struct interface * iface, 1972 SOCKET fd, 1973 sockaddr_u * baddr 1974 ) 1975 { 1976 #ifdef SO_BROADCAST 1977 int on = 1; 1978 1979 if (IS_IPV4(baddr)) { 1980 /* if this interface can support broadcast, set SO_BROADCAST */ 1981 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, 1982 (char *)&on, sizeof(on))) 1983 msyslog(LOG_ERR, 1984 "setsockopt(SO_BROADCAST) enable failure on address %s: %m", 1985 stoa(baddr)); 1986 else 1987 DPRINTF(2, ("Broadcast enabled on socket %d for address %s\n", 1988 fd, stoa(baddr))); 1989 } 1990 iface->flags |= INT_BCASTOPEN; 1991 broadcast_client_enabled = ISC_TRUE; 1992 return ISC_TRUE; 1993 #else 1994 return ISC_FALSE; 1995 #endif /* SO_BROADCAST */ 1996 } 1997 1998 /* 1999 * Remove a broadcast address from a given socket 2000 * The socket is in the inter_list all we need to do is disable 2001 * broadcasting. It is not this function's job to select the socket 2002 */ 2003 static isc_boolean_t 2004 socket_broadcast_disable( 2005 struct interface * iface, 2006 sockaddr_u * baddr 2007 ) 2008 { 2009 #ifdef SO_BROADCAST 2010 int off = 0; /* This seems to be OK as an int */ 2011 2012 if (IS_IPV4(baddr) && setsockopt(iface->fd, SOL_SOCKET, 2013 SO_BROADCAST, (char *)&off, sizeof(off))) 2014 msyslog(LOG_ERR, 2015 "setsockopt(SO_BROADCAST) disable failure on address %s: %m", 2016 stoa(baddr)); 2017 2018 iface->flags &= ~INT_BCASTOPEN; 2019 broadcast_client_enabled = ISC_FALSE; 2020 return ISC_TRUE; 2021 #else 2022 return ISC_FALSE; 2023 #endif /* SO_BROADCAST */ 2024 } 2025 2026 #endif /* OPEN_BCAST_SOCKET */ 2027 2028 /* 2029 * return the broadcast client flag value 2030 */ 2031 isc_boolean_t 2032 get_broadcastclient_flag(void) 2033 { 2034 return (broadcast_client_enabled); 2035 } 2036 /* 2037 * Check to see if the address is a multicast address 2038 */ 2039 static isc_boolean_t 2040 addr_ismulticast( 2041 sockaddr_u *maddr 2042 ) 2043 { 2044 isc_boolean_t result; 2045 2046 #ifndef INCLUDE_IPV6_MULTICAST_SUPPORT 2047 /* 2048 * If we don't have IPV6 support any IPV6 addr is not multicast 2049 */ 2050 if (IS_IPV6(maddr)) 2051 result = ISC_FALSE; 2052 else 2053 #endif 2054 result = IS_MCAST(maddr); 2055 2056 if (!result) 2057 DPRINTF(4, ("address %s is not multicast\n", 2058 stoa(maddr))); 2059 2060 return result; 2061 } 2062 2063 /* 2064 * Multicast servers need to set the appropriate Multicast interface 2065 * socket option in order for it to know which interface to use for 2066 * send the multicast packet. 2067 */ 2068 void 2069 enable_multicast_if( 2070 struct interface * iface, 2071 sockaddr_u * maddr 2072 ) 2073 { 2074 #ifdef MCAST 2075 TYPEOF_IP_MULTICAST_LOOP off = 0; 2076 2077 NTP_REQUIRE(AF(maddr) == AF(&iface->sin)); 2078 2079 switch (AF(&iface->sin)) { 2080 2081 case AF_INET: 2082 if (setsockopt(iface->fd, IPPROTO_IP, IP_MULTICAST_IF, 2083 (void *)&NSRCADR(&iface->sin), 2084 sizeof(NSRCADR(&iface->sin)))) { 2085 2086 msyslog(LOG_ERR, 2087 "setsockopt IP_MULTICAST_IF failed: %m on socket %d, addr %s for multicast address %s", 2088 iface->fd, stoa(&iface->sin), 2089 stoa(maddr)); 2090 return; 2091 } 2092 #ifdef IP_MULTICAST_LOOP 2093 /* 2094 * Don't send back to itself, but allow failure to set 2095 */ 2096 if (setsockopt(iface->fd, IPPROTO_IP, 2097 IP_MULTICAST_LOOP, 2098 SETSOCKOPT_ARG_CAST &off, 2099 sizeof(off))) { 2100 2101 msyslog(LOG_ERR, 2102 "setsockopt IP_MULTICAST_LOOP failed: %m on socket %d, addr %s for multicast address %s", 2103 iface->fd, stoa(&iface->sin), 2104 stoa(maddr)); 2105 } 2106 #endif 2107 DPRINTF(4, ("Added IPv4 multicast interface on socket %d, addr %s for multicast address %s\n", 2108 iface->fd, stoa(&iface->sin), 2109 stoa(maddr))); 2110 break; 2111 2112 case AF_INET6: 2113 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2114 if (setsockopt(iface->fd, IPPROTO_IPV6, 2115 IPV6_MULTICAST_IF, 2116 (char *)&iface->scopeid, 2117 sizeof(iface->scopeid))) { 2118 2119 msyslog(LOG_ERR, 2120 "setsockopt IPV6_MULTICAST_IF failed: %m on socket %d, addr %s, scope %d for multicast address %s", 2121 iface->fd, stoa(&iface->sin), 2122 iface->scopeid, stoa(maddr)); 2123 return; 2124 } 2125 #ifdef IPV6_MULTICAST_LOOP 2126 /* 2127 * Don't send back to itself, but allow failure to set 2128 */ 2129 if (setsockopt(iface->fd, IPPROTO_IPV6, 2130 IPV6_MULTICAST_LOOP, 2131 (char *) &off, sizeof(off))) { 2132 2133 msyslog(LOG_ERR, 2134 "setsockopt IP_MULTICAST_LOOP failed: %m on socket %d, addr %s for multicast address %s", 2135 iface->fd, stoa(&iface->sin), 2136 stoa(maddr)); 2137 } 2138 #endif 2139 DPRINTF(4, ("Added IPv6 multicast interface on socket %d, addr %s, scope %d for multicast address %s\n", 2140 iface->fd, stoa(&iface->sin), 2141 iface->scopeid, stoa(maddr))); 2142 break; 2143 #else 2144 return; 2145 #endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2146 } 2147 return; 2148 #endif 2149 } 2150 2151 /* 2152 * Add a multicast address to a given socket 2153 * The socket is in the inter_list all we need to do is enable 2154 * multicasting. It is not this function's job to select the socket 2155 */ 2156 #ifdef MCAST 2157 static isc_boolean_t 2158 socket_multicast_enable( 2159 struct interface * iface, 2160 int lscope, 2161 sockaddr_u * maddr 2162 ) 2163 { 2164 struct ip_mreq mreq; 2165 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2166 struct ipv6_mreq mreq6; 2167 #endif 2168 2169 if (find_addr_in_list(maddr) != NULL) { 2170 DPRINTF(4, ("socket_multicast_enable(%s): already enabled\n", 2171 stoa(maddr))); 2172 return ISC_TRUE; 2173 } 2174 2175 switch (AF(maddr)) { 2176 2177 case AF_INET: 2178 memset(&mreq, 0, sizeof(mreq)); 2179 mreq.imr_multiaddr = SOCK_ADDR4(maddr); 2180 mreq.imr_interface.s_addr = htonl(INADDR_ANY); 2181 if (setsockopt(iface->fd, 2182 IPPROTO_IP, 2183 IP_ADD_MEMBERSHIP, 2184 (char *)&mreq, 2185 sizeof(mreq))) { 2186 msyslog(LOG_ERR, 2187 "setsockopt IP_ADD_MEMBERSHIP failed: %m on socket %d, addr %s for %x / %x (%s)", 2188 iface->fd, stoa(&iface->sin), 2189 mreq.imr_multiaddr.s_addr, 2190 mreq.imr_interface.s_addr, 2191 stoa(maddr)); 2192 return ISC_FALSE; 2193 } 2194 DPRINTF(4, ("Added IPv4 multicast membership on socket %d, addr %s for %x / %x (%s)\n", 2195 iface->fd, stoa(&iface->sin), 2196 mreq.imr_multiaddr.s_addr, 2197 mreq.imr_interface.s_addr, stoa(maddr))); 2198 break; 2199 2200 case AF_INET6: 2201 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2202 /* 2203 * Enable reception of multicast packets. 2204 * If the address is link-local we can get the 2205 * interface index from the scope id. Don't do this 2206 * for other types of multicast addresses. For now let 2207 * the kernel figure it out. 2208 */ 2209 memset(&mreq6, 0, sizeof(mreq6)); 2210 mreq6.ipv6mr_multiaddr = SOCK_ADDR6(maddr); 2211 mreq6.ipv6mr_interface = lscope; 2212 2213 if (setsockopt(iface->fd, IPPROTO_IPV6, 2214 IPV6_JOIN_GROUP, (char *)&mreq6, 2215 sizeof(mreq6))) { 2216 msyslog(LOG_ERR, 2217 "setsockopt IPV6_JOIN_GROUP failed: %m on socket %d, addr %s for interface %d (%s)", 2218 iface->fd, stoa(&iface->sin), 2219 mreq6.ipv6mr_interface, stoa(maddr)); 2220 return ISC_FALSE; 2221 } 2222 DPRINTF(4, ("Added IPv6 multicast group on socket %d, addr %s for interface %d(%s)\n", 2223 iface->fd, stoa(&iface->sin), 2224 mreq6.ipv6mr_interface, stoa(maddr))); 2225 #else 2226 return ISC_FALSE; 2227 #endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2228 } 2229 iface->flags |= INT_MCASTOPEN; 2230 iface->num_mcast++; 2231 add_addr_to_list(maddr, iface); 2232 return ISC_TRUE; 2233 } 2234 2235 /* 2236 * Remove a multicast address from a given socket 2237 * The socket is in the inter_list all we need to do is disable 2238 * multicasting. It is not this function's job to select the socket 2239 */ 2240 static isc_boolean_t 2241 socket_multicast_disable( 2242 struct interface * iface, 2243 sockaddr_u * maddr 2244 ) 2245 { 2246 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2247 struct ipv6_mreq mreq6; 2248 #endif 2249 struct ip_mreq mreq; 2250 2251 memset(&mreq, 0, sizeof(mreq)); 2252 2253 if (find_addr_in_list(maddr) == NULL) { 2254 DPRINTF(4, ("socket_multicast_disable(%s): not found\n", 2255 stoa(maddr))); 2256 return ISC_TRUE; 2257 } 2258 2259 switch (AF(maddr)) { 2260 2261 case AF_INET: 2262 mreq.imr_multiaddr = SOCK_ADDR4(maddr); 2263 mreq.imr_interface = SOCK_ADDR4(&iface->sin); 2264 if (setsockopt(iface->fd, IPPROTO_IP, 2265 IP_DROP_MEMBERSHIP, (char *)&mreq, 2266 sizeof(mreq))) { 2267 2268 msyslog(LOG_ERR, 2269 "setsockopt IP_DROP_MEMBERSHIP failed: %m on socket %d, addr %s for %x / %x (%s)", 2270 iface->fd, stoa(&iface->sin), 2271 SRCADR(maddr), SRCADR(&iface->sin), 2272 stoa(maddr)); 2273 return ISC_FALSE; 2274 } 2275 break; 2276 case AF_INET6: 2277 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2278 /* 2279 * Disable reception of multicast packets 2280 * If the address is link-local we can get the 2281 * interface index from the scope id. Don't do this 2282 * for other types of multicast addresses. For now let 2283 * the kernel figure it out. 2284 */ 2285 mreq6.ipv6mr_multiaddr = SOCK_ADDR6(maddr); 2286 mreq6.ipv6mr_interface = iface->scopeid; 2287 2288 if (setsockopt(iface->fd, IPPROTO_IPV6, 2289 IPV6_LEAVE_GROUP, (char *)&mreq6, 2290 sizeof(mreq6))) { 2291 2292 msyslog(LOG_ERR, 2293 "setsockopt IPV6_LEAVE_GROUP failure: %m on socket %d, addr %s for %d (%s)", 2294 iface->fd, stoa(&iface->sin), 2295 iface->scopeid, stoa(maddr)); 2296 return ISC_FALSE; 2297 } 2298 break; 2299 #else 2300 return ISC_FALSE; 2301 #endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2302 } 2303 2304 iface->num_mcast--; 2305 if (!iface->num_mcast) 2306 iface->flags &= ~INT_MCASTOPEN; 2307 2308 return ISC_TRUE; 2309 } 2310 #endif /* MCAST */ 2311 2312 /* 2313 * io_setbclient - open the broadcast client sockets 2314 */ 2315 void 2316 io_setbclient(void) 2317 { 2318 #ifdef OPEN_BCAST_SOCKET 2319 struct interface * interf; 2320 int nif; 2321 isc_boolean_t jstatus; 2322 SOCKET fd; 2323 2324 nif = 0; 2325 set_reuseaddr(1); 2326 2327 for (interf = inter_list; 2328 interf != NULL; 2329 interf = interf->link) { 2330 2331 if (interf->flags & (INT_WILDCARD | INT_LOOPBACK)) 2332 continue; 2333 2334 /* use only allowed addresses */ 2335 if (interf->ignore_packets) 2336 continue; 2337 2338 2339 /* Need a broadcast-capable interface */ 2340 if (!(interf->flags & INT_BROADCAST)) 2341 continue; 2342 2343 /* Only IPv4 addresses are valid for broadcast */ 2344 NTP_REQUIRE(IS_IPV4(&interf->sin)); 2345 2346 /* Do we already have the broadcast address open? */ 2347 if (interf->flags & INT_BCASTOPEN) { 2348 /* 2349 * account for already open interfaces to avoid 2350 * misleading warning below 2351 */ 2352 nif++; 2353 continue; 2354 } 2355 2356 /* 2357 * Try to open the broadcast address 2358 */ 2359 interf->family = AF_INET; 2360 interf->bfd = open_socket(&interf->bcast, 1, 0, interf); 2361 2362 /* 2363 * If we succeeded then we use it otherwise enable 2364 * broadcast on the interface address 2365 */ 2366 if (interf->bfd != INVALID_SOCKET) { 2367 fd = interf->bfd; 2368 jstatus = ISC_TRUE; 2369 } else { 2370 fd = interf->fd; 2371 jstatus = socket_broadcast_enable(interf, fd, 2372 &interf->sin); 2373 } 2374 2375 /* Enable Broadcast on socket */ 2376 if (jstatus) { 2377 nif++; 2378 msyslog(LOG_INFO, 2379 "io_setbclient: Opened broadcast client on interface #%d %s", 2380 interf->ifnum, interf->name); 2381 interf->addr_refid = addr2refid(&interf->sin); 2382 } 2383 } 2384 set_reuseaddr(0); 2385 if (nif > 0) 2386 DPRINTF(1, ("io_setbclient: Opened broadcast clients\n")); 2387 else if (!nif) 2388 msyslog(LOG_ERR, 2389 "Unable to listen for broadcasts, no broadcast interfaces available"); 2390 #else 2391 msyslog(LOG_ERR, 2392 "io_setbclient: Broadcast Client disabled by build"); 2393 #endif /* OPEN_BCAST_SOCKET */ 2394 } 2395 2396 /* 2397 * io_unsetbclient - close the broadcast client sockets 2398 */ 2399 void 2400 io_unsetbclient(void) 2401 { 2402 struct interface *interf; 2403 2404 for (interf = inter_list; 2405 NULL != interf; 2406 interf = interf->link) 2407 { 2408 if (interf->flags & INT_WILDCARD) 2409 continue; 2410 2411 if (!(interf->flags & INT_BCASTOPEN)) 2412 continue; 2413 2414 socket_broadcast_disable(interf, &interf->sin); 2415 } 2416 } 2417 2418 /* 2419 * io_multicast_add() - add multicast group address 2420 */ 2421 void 2422 io_multicast_add( 2423 sockaddr_u *addr 2424 ) 2425 { 2426 #ifdef MCAST 2427 struct interface *interface; 2428 #ifndef MULTICAST_NONEWSOCKET 2429 struct interface *iface; 2430 #endif 2431 int lscope = 0; 2432 2433 /* 2434 * Check to see if this is a multicast address 2435 */ 2436 if (!addr_ismulticast(addr)) 2437 return; 2438 2439 /* If we already have it we can just return */ 2440 if (NULL != find_flagged_addr_in_list(addr, INT_MCASTOPEN)) { 2441 msyslog(LOG_INFO, 2442 "Duplicate request found for multicast address %s", 2443 stoa(addr)); 2444 return; 2445 } 2446 2447 #ifndef MULTICAST_NONEWSOCKET 2448 interface = new_interface(NULL); 2449 2450 /* 2451 * Open a new socket for the multicast address 2452 */ 2453 interface->family = 2454 AF(&interface->sin) = 2455 AF(&interface->mask) = AF(addr); 2456 SET_PORT(&interface->sin, NTP_PORT); 2457 SET_ONESMASK(&interface->mask); 2458 2459 switch(AF(addr)) { 2460 2461 case AF_INET: 2462 NSRCADR(&interface->sin) = NSRCADR(addr); 2463 break; 2464 2465 case AF_INET6: 2466 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2467 SET_ADDR6N(&interface->sin, SOCK_ADDR6(addr)); 2468 lscope = SCOPE(addr); 2469 SET_SCOPE(&interface->sin, lscope); 2470 #endif 2471 iface = findlocalcastinterface(addr); 2472 if (iface != NULL) 2473 DPRINTF(4, ("Found interface #%d %s, scope %d for address %s\n", 2474 iface->ifnum, iface->name, lscope, 2475 stoa(addr))); 2476 } 2477 2478 set_reuseaddr(1); 2479 interface->bfd = INVALID_SOCKET; 2480 interface->fd = open_socket(&interface->sin, INT_MULTICAST, 0, 2481 interface); 2482 2483 if (interface->fd != INVALID_SOCKET) { 2484 interface->bfd = INVALID_SOCKET; 2485 interface->ignore_packets = ISC_FALSE; 2486 interface->flags |= INT_MCASTIF; 2487 2488 strncpy(interface->name, "multicast", 2489 sizeof(interface->name)); 2490 DPRINT_INTERFACE(2, (interface, "multicast add ", "\n")); 2491 /* 2492 * socket_multicast_enable() will add this address to 2493 * the addresslist 2494 */ 2495 add_interface(interface); 2496 list_if_listening(interface); 2497 } else { 2498 /* bind failed, re-use wildcard interface */ 2499 delete_interface(interface); 2500 2501 if (IS_IPV4(addr)) 2502 interface = wildipv4; 2503 else if (IS_IPV6(addr)) 2504 interface = wildipv6; 2505 else 2506 interface = NULL; 2507 2508 if (interface != NULL) { 2509 /* HACK ! -- stuff in an address */ 2510 /* because we don't bind addr? DH */ 2511 interface->bcast = *addr; 2512 msyslog(LOG_ERR, 2513 "multicast address %s using wildcard interface #%d %s", 2514 stoa(addr), interface->ifnum, 2515 interface->name); 2516 } else { 2517 msyslog(LOG_ERR, 2518 "No multicast socket available to use for address %s", 2519 stoa(addr)); 2520 return; 2521 } 2522 } 2523 #else 2524 /* 2525 * For the case where we can't use a separate socket 2526 */ 2527 interface = findlocalcastinterface(addr); 2528 /* 2529 * If we don't have a valid socket, just return 2530 */ 2531 if (NULL == interface) { 2532 msyslog(LOG_ERR, 2533 "Can not add multicast address %s: no multicast interface found", 2534 stoa(addr)); 2535 return; 2536 } 2537 2538 #endif 2539 if (socket_multicast_enable(interface, lscope, addr)) 2540 msyslog(LOG_INFO, 2541 "Added Multicast Listener %s on interface #%d %s", 2542 stoa(addr), interface->ifnum, interface->name); 2543 else 2544 msyslog(LOG_ERR, "Failed to add Multicast Listener %s", 2545 stoa(addr)); 2546 #else /* MCAST */ 2547 msyslog(LOG_ERR, 2548 "Can not add multicast address %s: no multicast support", 2549 stoa(addr)); 2550 #endif /* MCAST */ 2551 return; 2552 } 2553 2554 2555 /* 2556 * io_multicast_del() - delete multicast group address 2557 */ 2558 void 2559 io_multicast_del( 2560 sockaddr_u * addr 2561 ) 2562 { 2563 #ifdef MCAST 2564 struct interface *iface; 2565 2566 /* 2567 * Check to see if this is a multicast address 2568 */ 2569 if (!addr_ismulticast(addr)) { 2570 msyslog(LOG_ERR, "invalid multicast address %s", 2571 stoa(addr)); 2572 return; 2573 } 2574 2575 /* 2576 * Disable reception of multicast packets 2577 */ 2578 while ((iface = find_flagged_addr_in_list(addr, INT_MCASTOPEN)) 2579 != NULL) 2580 socket_multicast_disable(iface, addr); 2581 2582 delete_addr_from_list(addr); 2583 2584 #else /* not MCAST */ 2585 msyslog(LOG_ERR, 2586 "Can not delete multicast address %s: no multicast support", 2587 stoa(addr)); 2588 #endif /* not MCAST */ 2589 } 2590 2591 2592 /* 2593 * init_nonblocking_io() - set up descriptor to be non blocking 2594 */ 2595 static void init_nonblocking_io( 2596 SOCKET fd 2597 ) 2598 { 2599 /* 2600 * set non-blocking, 2601 */ 2602 2603 #ifdef USE_FIONBIO 2604 /* in vxWorks we use FIONBIO, but the others are defined for old systems, so 2605 * all hell breaks loose if we leave them defined 2606 */ 2607 #undef O_NONBLOCK 2608 #undef FNDELAY 2609 #undef O_NDELAY 2610 #endif 2611 2612 #if defined(O_NONBLOCK) /* POSIX */ 2613 if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) { 2614 msyslog(LOG_ERR, 2615 "fcntl(O_NONBLOCK) fails on fd #%d: %m", fd); 2616 exit(1); 2617 } 2618 #elif defined(FNDELAY) 2619 if (fcntl(fd, F_SETFL, FNDELAY) < 0) { 2620 msyslog(LOG_ERR, "fcntl(FNDELAY) fails on fd #%d: %m", 2621 fd); 2622 exit(1); 2623 } 2624 #elif defined(O_NDELAY) /* generally the same as FNDELAY */ 2625 if (fcntl(fd, F_SETFL, O_NDELAY) < 0) { 2626 msyslog(LOG_ERR, "fcntl(O_NDELAY) fails on fd #%d: %m", 2627 fd); 2628 exit(1); 2629 } 2630 #elif defined(FIONBIO) 2631 { 2632 int on = 1; 2633 2634 if (ioctl(fd, FIONBIO, &on) < 0) { 2635 msyslog(LOG_ERR, 2636 "ioctl(FIONBIO) fails on fd #%d: %m", 2637 fd); 2638 exit(1); 2639 } 2640 } 2641 #elif defined(FIOSNBIO) 2642 if (ioctl(fd, FIOSNBIO, &on) < 0) { 2643 msyslog(LOG_ERR, 2644 "ioctl(FIOSNBIO) fails on fd #%d: %m", fd); 2645 exit(1); 2646 } 2647 #else 2648 # include "Bletch: Need non-blocking I/O!" 2649 #endif 2650 } 2651 2652 /* 2653 * open_socket - open a socket, returning the file descriptor 2654 */ 2655 2656 static SOCKET 2657 open_socket( 2658 sockaddr_u * addr, 2659 int bcast, 2660 int turn_off_reuse, 2661 struct interface * interf 2662 ) 2663 { 2664 SOCKET fd; 2665 int errval; 2666 char scopetext[16]; 2667 /* 2668 * int is OK for REUSEADR per 2669 * http://www.kohala.com/start/mcast.api.txt 2670 */ 2671 int on = 1; 2672 int off = 0; 2673 2674 if (IS_IPV6(addr) && !ipv6_works) 2675 return INVALID_SOCKET; 2676 2677 /* create a datagram (UDP) socket */ 2678 fd = socket(AF(addr), SOCK_DGRAM, 0); 2679 if (INVALID_SOCKET == fd) { 2680 #ifndef SYS_WINNT 2681 errval = errno; 2682 #else 2683 errval = WSAGetLastError(); 2684 #endif 2685 msyslog(LOG_ERR, 2686 "socket(AF_INET%s, SOCK_DGRAM, 0) failed on address %s: %m", 2687 IS_IPV6(addr) ? "6" : "", stoa(addr)); 2688 2689 if (errval == EPROTONOSUPPORT || 2690 errval == EAFNOSUPPORT || 2691 errval == EPFNOSUPPORT) 2692 return (INVALID_SOCKET); 2693 2694 errno = errval; 2695 msyslog(LOG_ERR, 2696 "unexpected socket() error %m code %d (not EPROTONOSUPPORT nor EAFNOSUPPORT nor EPFNOSUPPORT) - exiting", 2697 errno); 2698 exit(1); 2699 } 2700 2701 #ifdef SYS_WINNT 2702 connection_reset_fix(fd, addr); 2703 #endif 2704 /* 2705 * Fixup the file descriptor for some systems 2706 * See bug #530 for details of the issue. 2707 */ 2708 fd = move_fd(fd); 2709 2710 /* 2711 * set SO_REUSEADDR since we will be binding the same port 2712 * number on each interface according to turn_off_reuse. 2713 * This is undesirable on Windows versions starting with 2714 * Windows XP (numeric version 5.1). 2715 */ 2716 #ifdef SYS_WINNT 2717 if (isc_win32os_versioncheck(5, 1, 0, 0) < 0) /* before 5.1 */ 2718 #endif 2719 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, 2720 (char *)((turn_off_reuse) 2721 ? &off 2722 : &on), 2723 sizeof(on))) { 2724 2725 msyslog(LOG_ERR, 2726 "setsockopt SO_REUSEADDR %s fails for address %s: %m", 2727 (turn_off_reuse) 2728 ? "off" 2729 : "on", 2730 stoa(addr)); 2731 closesocket(fd); 2732 return INVALID_SOCKET; 2733 } 2734 #ifdef SO_EXCLUSIVEADDRUSE 2735 /* 2736 * setting SO_EXCLUSIVEADDRUSE on the wildcard we open 2737 * first will cause more specific binds to fail. 2738 */ 2739 if (!(interf->flags & INT_WILDCARD)) 2740 set_excladdruse(fd); 2741 #endif 2742 2743 /* 2744 * IPv4 specific options go here 2745 */ 2746 if (IS_IPV4(addr)) { 2747 #if defined(HAVE_IPTOS_SUPPORT) 2748 if (setsockopt(fd, IPPROTO_IP, IP_TOS, (char *)&qos, 2749 sizeof(qos))) 2750 msyslog(LOG_ERR, 2751 "setsockopt IP_TOS (%02x) fails on address %s: %m", 2752 qos, stoa(addr)); 2753 #endif /* HAVE_IPTOS_SUPPORT */ 2754 if (bcast) 2755 socket_broadcast_enable(interf, fd, addr); 2756 } 2757 2758 /* 2759 * IPv6 specific options go here 2760 */ 2761 if (IS_IPV6(addr)) { 2762 #if defined(IPV6_V6ONLY) 2763 if (isc_net_probe_ipv6only() == ISC_R_SUCCESS 2764 && setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, 2765 (char*)&on, sizeof(on))) 2766 msyslog(LOG_ERR, 2767 "setsockopt IPV6_V6ONLY on fails on address %s: %m", 2768 stoa(addr)); 2769 #endif /* IPV6_V6ONLY */ 2770 #if defined(IPV6_BINDV6ONLY) 2771 if (setsockopt(fd, IPPROTO_IPV6, IPV6_BINDV6ONLY, 2772 (char*)&on, sizeof(on))) 2773 msyslog(LOG_ERR, 2774 "setsockopt IPV6_BINDV6ONLY on fails on address %s: %m", 2775 stoa(addr)); 2776 #endif /* IPV6_BINDV6ONLY */ 2777 } 2778 2779 #ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 2780 /* 2781 * some OSes don't allow binding to more specific 2782 * addresses if a wildcard address already bound 2783 * to the port and SO_REUSEADDR is not set 2784 */ 2785 if (!is_wildcard_addr(addr)) 2786 set_wildcard_reuse(AF(addr), 1); 2787 #endif 2788 2789 /* 2790 * bind the local address. 2791 */ 2792 errval = bind(fd, &addr->sa, SOCKLEN(addr)); 2793 2794 #ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 2795 if (!is_wildcard_addr(addr)) 2796 set_wildcard_reuse(AF(addr), 0); 2797 #endif 2798 2799 if (errval < 0) { 2800 /* 2801 * Don't log this under all conditions 2802 */ 2803 if (turn_off_reuse == 0 2804 #ifdef DEBUG 2805 || debug > 1 2806 #endif 2807 ) { 2808 if (SCOPE(addr)) 2809 snprintf(scopetext, sizeof(scopetext), 2810 "%%%d", SCOPE(addr)); 2811 else 2812 scopetext[0] = 0; 2813 2814 msyslog(LOG_ERR, 2815 "bind(%d) AF_INET%s %s%s#%d%s flags 0x%x failed: %m", 2816 fd, IS_IPV6(addr) ? "6" : "", 2817 stoa(addr), scopetext, SRCPORT(addr), 2818 IS_MCAST(addr) ? " (multicast)" : "", 2819 interf->flags); 2820 } 2821 2822 closesocket(fd); 2823 2824 return INVALID_SOCKET; 2825 } 2826 2827 #ifdef HAVE_TIMESTAMP 2828 { 2829 if (setsockopt(fd, SOL_SOCKET, SO_TIMESTAMP, 2830 (char*)&on, sizeof(on))) 2831 msyslog(LOG_DEBUG, 2832 "setsockopt SO_TIMESTAMP on fails on address %s: %m", 2833 stoa(addr)); 2834 else 2835 DPRINTF(4, ("setsockopt SO_TIMESTAMP enabled on fd %d address %s\n", 2836 fd, stoa(addr))); 2837 } 2838 #endif 2839 DPRINTF(4, ("bind(%d) AF_INET%s, addr %s%%%d#%d, flags 0x%x\n", 2840 fd, IS_IPV6(addr) ? "6" : "", stoa(addr), 2841 SCOPE(addr), SRCPORT(addr), interf->flags)); 2842 2843 init_nonblocking_io(fd); 2844 2845 #ifdef HAVE_SIGNALED_IO 2846 init_socket_sig(fd); 2847 #endif /* not HAVE_SIGNALED_IO */ 2848 2849 add_fd_to_list(fd, FD_TYPE_SOCKET); 2850 2851 #if !defined(SYS_WINNT) && !defined(VMS) 2852 DPRINTF(4, ("flags for fd %d: 0x%x\n", fd, 2853 fcntl(fd, F_GETFL, 0))); 2854 #endif /* SYS_WINNT || VMS */ 2855 2856 #if defined (HAVE_IO_COMPLETION_PORT) 2857 /* 2858 * Add the socket to the completion port 2859 */ 2860 if (io_completion_port_add_socket(fd, interf)) { 2861 msyslog(LOG_ERR, "unable to set up io completion port - EXITING"); 2862 exit(1); 2863 } 2864 #endif 2865 return fd; 2866 } 2867 2868 /* XXX ELIMINATE sendpkt similar in ntpq.c, ntpdc.c, ntp_io.c, ntptrace.c */ 2869 /* 2870 * sendpkt - send a packet to the specified destination. Maintain a 2871 * send error cache so that only the first consecutive error for a 2872 * destination is logged. 2873 */ 2874 void 2875 sendpkt( 2876 sockaddr_u *dest, 2877 struct interface *inter, 2878 int ttl, 2879 struct pkt *pkt, 2880 int len 2881 ) 2882 { 2883 int cc; 2884 2885 if (NULL == inter) { 2886 /* 2887 * unbound peer - drop request and wait for better 2888 * network conditions 2889 */ 2890 DPRINTF(2, ("%ssendpkt(dst=%s, ttl=%d, len=%d): no interface - IGNORED\n", 2891 (ttl > 0) ? "\tMCAST\t***** " : "", 2892 stoa(dest), ttl, len)); 2893 return; 2894 } 2895 2896 DPRINTF(2, ("%ssendpkt(%d, dst=%s, src=%s, ttl=%d, len=%d)\n", 2897 (ttl > 0) ? "\tMCAST\t***** " : "", 2898 inter->fd, stoa(dest), stoa(&inter->sin), 2899 ttl, len)); 2900 2901 #ifdef MCAST 2902 /* 2903 * for the moment we use the bcast option to set multicast ttl 2904 */ 2905 if (ttl > 0 && ttl != inter->last_ttl) { 2906 /* 2907 * set the multicast ttl for outgoing packets 2908 */ 2909 int rtc; 2910 u_char cttl; 2911 #ifdef INCLUDE_IPV6_SUPPORT 2912 u_int uttl; 2913 #endif 2914 2915 switch (AF(&inter->sin)) { 2916 2917 case AF_INET : 2918 cttl = (u_char)ttl; 2919 rtc = setsockopt(inter->fd, IPPROTO_IP, 2920 IP_MULTICAST_TTL, 2921 (void *)&cttl, sizeof(cttl)); 2922 break; 2923 2924 #ifdef INCLUDE_IPV6_SUPPORT 2925 case AF_INET6 : 2926 uttl = (u_int)ttl; 2927 rtc = setsockopt(inter->fd, IPPROTO_IPV6, 2928 IPV6_MULTICAST_HOPS, 2929 (void *)&uttl, sizeof(uttl)); 2930 break; 2931 #endif /* INCLUDE_IPV6_SUPPORT */ 2932 2933 default: /* just NOP if not supported */ 2934 DPRINTF(1, ("sendpkt unknown AF %d", 2935 AF(&inter->sin))); 2936 rtc = 0; 2937 } 2938 2939 if (!rtc) 2940 inter->last_ttl = ttl; 2941 else 2942 msyslog(LOG_ERR, 2943 "setsockopt IP_MULTICAST_TTL/IPV6_MULTICAST_HOPS fails on address %s: %m", 2944 stoa(&inter->sin)); 2945 } 2946 2947 #endif /* MCAST */ 2948 2949 #if defined(HAVE_IO_COMPLETION_PORT) 2950 cc = io_completion_port_sendto(inter, pkt, len, dest); 2951 if (cc != ERROR_SUCCESS) { 2952 #else 2953 #ifdef SIM 2954 cc = simulate_server(dest, inter, pkt); 2955 #else /* SIM */ 2956 cc = sendto(inter->fd, (char *)pkt, (unsigned int)len, 0, 2957 (struct sockaddr *)dest, SOCKLEN(dest)); 2958 #endif /* SIM */ 2959 if (cc == -1) { 2960 #endif 2961 inter->notsent++; 2962 packets_notsent++; 2963 } else { 2964 inter->sent++; 2965 packets_sent++; 2966 } 2967 } 2968 2969 2970 #if !defined(HAVE_IO_COMPLETION_PORT) 2971 /* 2972 * fdbits - generate ascii representation of fd_set (FAU debug support) 2973 * HFDF format - highest fd first. 2974 */ 2975 static char * 2976 fdbits( 2977 int count, 2978 fd_set *set 2979 ) 2980 { 2981 static char buffer[256]; 2982 char * buf = buffer; 2983 2984 count = min(count, 255); 2985 2986 while (count >= 0) { 2987 *buf++ = FD_ISSET(count, set) ? '#' : '-'; 2988 count--; 2989 } 2990 *buf = '\0'; 2991 2992 return buffer; 2993 } 2994 2995 /* 2996 * Routine to read the refclock packets for a specific interface 2997 * Return the number of bytes read. That way we know if we should 2998 * read it again or go on to the next one if no bytes returned 2999 */ 3000 static inline int 3001 read_refclock_packet(SOCKET fd, struct refclockio *rp, l_fp ts) 3002 { 3003 int i; 3004 int buflen; 3005 register struct recvbuf *rb; 3006 3007 rb = get_free_recv_buffer(); 3008 3009 if (NULL == rb) { 3010 /* 3011 * No buffer space available - just drop the packet 3012 */ 3013 char buf[RX_BUFF_SIZE]; 3014 3015 buflen = read(fd, buf, sizeof buf); 3016 packets_dropped++; 3017 return (buflen); 3018 } 3019 3020 i = (rp->datalen == 0 3021 || rp->datalen > (int)sizeof(rb->recv_space)) 3022 ? (int)sizeof(rb->recv_space) 3023 : rp->datalen; 3024 buflen = read(fd, (char *)&rb->recv_space, (unsigned)i); 3025 3026 if (buflen < 0) { 3027 if (errno != EINTR && errno != EAGAIN) 3028 msyslog(LOG_ERR, "clock read fd %d: %m", fd); 3029 freerecvbuf(rb); 3030 return (buflen); 3031 } 3032 3033 /* 3034 * Got one. Mark how and when it got here, 3035 * put it on the full list and do bookkeeping. 3036 */ 3037 rb->recv_length = buflen; 3038 rb->recv_srcclock = rp->srcclock; 3039 rb->dstadr = 0; 3040 rb->fd = fd; 3041 rb->recv_time = ts; 3042 rb->receiver = rp->clock_recv; 3043 3044 if (rp->io_input) { 3045 /* 3046 * have direct input routine for refclocks 3047 */ 3048 if (rp->io_input(rb) == 0) { 3049 /* 3050 * data was consumed - nothing to pass up 3051 * into block input machine 3052 */ 3053 freerecvbuf(rb); 3054 return (buflen); 3055 } 3056 } 3057 3058 add_full_recv_buffer(rb); 3059 3060 rp->recvcount++; 3061 packets_received++; 3062 return (buflen); 3063 } 3064 3065 3066 #ifdef HAVE_TIMESTAMP 3067 /* 3068 * extract timestamps from control message buffer 3069 */ 3070 static l_fp 3071 fetch_timestamp( 3072 struct recvbuf * rb, 3073 struct msghdr * msghdr, 3074 l_fp ts 3075 ) 3076 { 3077 #ifdef USE_TIMESTAMP_CMSG 3078 struct cmsghdr *cmsghdr; 3079 3080 cmsghdr = CMSG_FIRSTHDR(msghdr); 3081 while (cmsghdr != NULL) { 3082 switch (cmsghdr->cmsg_type) 3083 { 3084 case SCM_TIMESTAMP: 3085 { 3086 struct timeval *tvp; 3087 double dtemp; 3088 l_fp nts; 3089 3090 tvp = (struct timeval *)CMSG_DATA(cmsghdr); 3091 DPRINTF(4, ("fetch_timestamp: system network time stamp: %lld.%06ld\n", 3092 (long long)tvp->tv_sec, (long)tvp->tv_usec)); 3093 nts.l_i = tvp->tv_sec + JAN_1970; 3094 dtemp = (tvp->tv_usec 3095 + (ntp_random() * 2. / FRAC)) / 1e6; 3096 nts.l_uf = (u_int32)(dtemp * FRAC); 3097 #ifdef DEBUG_TIMING 3098 { 3099 l_fp dts; 3100 3101 dts = ts; 3102 L_SUB(&dts, &nts); 3103 collect_timing(rb, 3104 "input processing delay", 3105 1, &dts); 3106 DPRINTF(4, ("fetch_timestamp: timestamp delta: %s (incl. prec fuzz)\n", 3107 lfptoa(&dts, 9))); 3108 } 3109 #endif 3110 ts = nts; /* network time stamp */ 3111 break; 3112 } 3113 default: 3114 DPRINTF(4, ("fetch_timestamp: skipping control message 0x%x\n", 3115 cmsghdr->cmsg_type)); 3116 } 3117 cmsghdr = CMSG_NXTHDR(msghdr, cmsghdr); 3118 } 3119 #endif 3120 return ts; 3121 } 3122 #endif 3123 3124 3125 /* 3126 * Routine to read the network NTP packets for a specific interface 3127 * Return the number of bytes read. That way we know if we should 3128 * read it again or go on to the next one if no bytes returned 3129 */ 3130 static inline int 3131 read_network_packet( 3132 SOCKET fd, 3133 struct interface * itf, 3134 l_fp ts 3135 ) 3136 { 3137 GETSOCKNAME_SOCKLEN_TYPE fromlen; 3138 int buflen; 3139 register struct recvbuf *rb; 3140 #ifdef HAVE_TIMESTAMP 3141 struct msghdr msghdr; 3142 struct iovec iovec; 3143 char control[TIMESTAMP_CTLMSGBUF_SIZE]; 3144 #endif 3145 3146 /* 3147 * Get a buffer and read the frame. If we 3148 * haven't got a buffer, or this is received 3149 * on a disallowed socket, just dump the 3150 * packet. 3151 */ 3152 3153 rb = get_free_recv_buffer(); 3154 if (NULL == rb || itf->ignore_packets) { 3155 char buf[RX_BUFF_SIZE]; 3156 sockaddr_u from; 3157 3158 if (rb != NULL) 3159 freerecvbuf(rb); 3160 3161 fromlen = sizeof(from); 3162 buflen = recvfrom(fd, buf, sizeof(buf), 0, 3163 &from.sa, &fromlen); 3164 DPRINTF(4, ("%s on (%lu) fd=%d from %s\n", 3165 (itf->ignore_packets) 3166 ? "ignore" 3167 : "drop", 3168 free_recvbuffs(), fd, stoa(&from))); 3169 if (itf->ignore_packets) 3170 packets_ignored++; 3171 else 3172 packets_dropped++; 3173 return (buflen); 3174 } 3175 3176 fromlen = sizeof(rb->recv_srcadr); 3177 3178 #ifndef HAVE_TIMESTAMP 3179 rb->recv_length = recvfrom(fd, (char *)&rb->recv_space, 3180 sizeof(rb->recv_space), 0, 3181 &rb->recv_srcadr.sa, &fromlen); 3182 #else 3183 iovec.iov_base = &rb->recv_space; 3184 iovec.iov_len = sizeof(rb->recv_space); 3185 msghdr.msg_name = &rb->recv_srcadr; 3186 msghdr.msg_namelen = fromlen; 3187 msghdr.msg_iov = &iovec; 3188 msghdr.msg_iovlen = 1; 3189 msghdr.msg_control = (void *)&control; 3190 msghdr.msg_controllen = sizeof(control); 3191 msghdr.msg_flags = 0; 3192 rb->recv_length = recvmsg(fd, &msghdr, 0); 3193 #endif 3194 3195 buflen = rb->recv_length; 3196 3197 if (buflen == 0 || (buflen == -1 && 3198 (EWOULDBLOCK == errno 3199 #ifdef EAGAIN 3200 || EAGAIN == errno 3201 #endif 3202 ))) { 3203 freerecvbuf(rb); 3204 return (buflen); 3205 } else if (buflen < 0) { 3206 msyslog(LOG_ERR, "recvfrom(%s) fd=%d: %m", 3207 stoa(&rb->recv_srcadr), fd); 3208 DPRINTF(5, ("read_network_packet: fd=%d dropped (bad recvfrom)\n", 3209 fd)); 3210 freerecvbuf(rb); 3211 return (buflen); 3212 } 3213 3214 DPRINTF(3, ("read_network_packet: fd=%d length %d from %s\n", 3215 fd, buflen, stoa(&rb->recv_srcadr))); 3216 3217 /* 3218 * Got one. Mark how and when it got here, 3219 * put it on the full list and do bookkeeping. 3220 */ 3221 rb->dstadr = itf; 3222 rb->fd = fd; 3223 #ifdef HAVE_TIMESTAMP 3224 /* pick up a network time stamp if possible */ 3225 ts = fetch_timestamp(rb, &msghdr, ts); 3226 #endif 3227 rb->recv_time = ts; 3228 rb->receiver = receive; 3229 3230 add_full_recv_buffer(rb); 3231 3232 itf->received++; 3233 packets_received++; 3234 return (buflen); 3235 } 3236 3237 3238 /* 3239 * input_handler - receive packets asynchronously 3240 */ 3241 void 3242 input_handler( 3243 l_fp *cts 3244 ) 3245 { 3246 int buflen; 3247 int n; 3248 int doing; 3249 SOCKET fd; 3250 struct timeval tvzero; 3251 l_fp ts; /* Timestamp at BOselect() gob */ 3252 #ifdef DEBUG_TIMING 3253 l_fp ts_e; /* Timestamp at EOselect() gob */ 3254 #endif 3255 fd_set fds; 3256 int select_count = 0; 3257 struct interface *interface; 3258 #if defined(HAS_ROUTING_SOCKET) 3259 struct asyncio_reader *asyncio_reader; 3260 #endif 3261 3262 handler_calls++; 3263 3264 /* 3265 * If we have something to do, freeze a timestamp. 3266 * See below for the other cases (nothing left to do or error) 3267 */ 3268 ts = *cts; 3269 3270 /* 3271 * Do a poll to see who has data 3272 */ 3273 3274 fds = activefds; 3275 tvzero.tv_sec = tvzero.tv_usec = 0; 3276 3277 n = select(maxactivefd + 1, &fds, (fd_set *)0, (fd_set *)0, 3278 &tvzero); 3279 3280 /* 3281 * If there are no packets waiting just return 3282 */ 3283 if (n < 0) { 3284 int err = errno; 3285 /* 3286 * extended FAU debugging output 3287 */ 3288 if (err != EINTR) 3289 msyslog(LOG_ERR, 3290 "select(%d, %s, 0L, 0L, &0.0) error: %m", 3291 maxactivefd + 1, 3292 fdbits(maxactivefd, &activefds)); 3293 if (err == EBADF) { 3294 int j, b; 3295 fds = activefds; 3296 for (j = 0; j <= maxactivefd; j++) 3297 if ((FD_ISSET(j, &fds) 3298 && (read(j, &b, 0) == -1))) 3299 msyslog(LOG_ERR, 3300 "Bad file descriptor %d", 3301 j); 3302 } 3303 return; 3304 } 3305 else if (n == 0) 3306 return; 3307 3308 ++handler_pkts; 3309 3310 #ifdef REFCLOCK 3311 /* 3312 * Check out the reference clocks first, if any 3313 */ 3314 3315 if (refio != NULL) { 3316 register struct refclockio *rp; 3317 3318 for (rp = refio; rp != NULL; rp = rp->next) { 3319 fd = rp->fd; 3320 3321 if (FD_ISSET(fd, &fds)) 3322 do { 3323 ++select_count; 3324 buflen = read_refclock_packet( 3325 fd, rp, ts); 3326 } while (buflen > 0); 3327 } 3328 } 3329 #endif /* REFCLOCK */ 3330 3331 /* 3332 * Loop through the interfaces looking for data to read. 3333 */ 3334 for (interface = inter_list; 3335 interface != NULL; 3336 interface = interface->link) { 3337 3338 for (doing = 0; (doing < 2); doing++) { 3339 if (!doing) 3340 fd = interface->fd; 3341 else { 3342 if (!(interface->flags & INT_BCASTOPEN)) 3343 break; 3344 fd = interface->bfd; 3345 } 3346 if (fd < 0) 3347 continue; 3348 if (FD_ISSET(fd, &fds)) 3349 do { 3350 ++select_count; 3351 buflen = read_network_packet( 3352 fd, interface, 3353 ts); 3354 } while (buflen > 0); 3355 /* Check more interfaces */ 3356 } 3357 } 3358 3359 #ifdef HAS_ROUTING_SOCKET 3360 /* 3361 * scan list of asyncio readers - currently only used for routing sockets 3362 */ 3363 asyncio_reader = asyncio_reader_list; 3364 3365 while (asyncio_reader != NULL) { 3366 struct asyncio_reader *next = asyncio_reader->link; 3367 3368 if (FD_ISSET(asyncio_reader->fd, &fds)) { 3369 ++select_count; 3370 (asyncio_reader->receiver)(asyncio_reader); 3371 } 3372 3373 asyncio_reader = next; 3374 } 3375 #endif /* HAS_ROUTING_SOCKET */ 3376 3377 /* 3378 * Done everything from that select. 3379 */ 3380 3381 /* 3382 * If nothing to do, just return. 3383 * If an error occurred, complain and return. 3384 */ 3385 if (select_count == 0) { /* We really had nothing to do */ 3386 #ifdef DEBUG 3387 if (debug) 3388 msyslog(LOG_DEBUG, "input_handler: select() returned 0"); 3389 #endif 3390 return; 3391 } 3392 /* We've done our work */ 3393 #ifdef DEBUG_TIMING 3394 get_systime(&ts_e); 3395 /* 3396 * (ts_e - ts) is the amount of time we spent 3397 * processing this gob of file descriptors. Log 3398 * it. 3399 */ 3400 L_SUB(&ts_e, &ts); 3401 collect_timing(NULL, "input handler", 1, &ts_e); 3402 if (debug > 3) 3403 msyslog(LOG_DEBUG, 3404 "input_handler: Processed a gob of fd's in %s msec", 3405 lfptoms(&ts_e, 6)); 3406 #endif 3407 /* just bail. */ 3408 return; 3409 } 3410 #endif 3411 3412 /* 3413 * findinterface - find local interface corresponding to address 3414 */ 3415 struct interface * 3416 findinterface( 3417 sockaddr_u *addr 3418 ) 3419 { 3420 struct interface *iface; 3421 3422 iface = findlocalinterface(addr, INT_WILDCARD, 0); 3423 3424 if (NULL == iface) { 3425 DPRINTF(4, ("Found no interface for address %s - returning wildcard\n", 3426 stoa(addr))); 3427 3428 iface = ANY_INTERFACE_CHOOSE(addr); 3429 } else 3430 DPRINTF(4, ("Found interface #%d %s for address %s\n", 3431 iface->ifnum, iface->name, stoa(addr))); 3432 3433 return iface; 3434 } 3435 3436 /* 3437 * findlocalinterface - find local interface corresponding to addr, 3438 * which does not have any of flags set. If bast is nonzero, addr is 3439 * a broadcast address. 3440 * 3441 * This code attempts to find the local sending address for an outgoing 3442 * address by connecting a new socket to destinationaddress:NTP_PORT 3443 * and reading the sockname of the resulting connect. 3444 * the complicated sequence simulates the routing table lookup 3445 * for to first hop without duplicating any of the routing logic into 3446 * ntpd. preferably we would have used an API call - but its not there - 3447 * so this is the best we can do here short of duplicating to entire routing 3448 * logic in ntpd which would be a silly and really unportable thing to do. 3449 * 3450 */ 3451 static struct interface * 3452 findlocalinterface( 3453 sockaddr_u * addr, 3454 int flags, 3455 int bcast 3456 ) 3457 { 3458 GETSOCKNAME_SOCKLEN_TYPE sockaddrlen; 3459 struct interface * iface; 3460 sockaddr_u saddr; 3461 SOCKET s; 3462 int rtn; 3463 int on; 3464 3465 DPRINTF(4, ("Finding interface for addr %s in list of addresses\n", 3466 stoa(addr))); 3467 3468 s = socket(AF(addr), SOCK_DGRAM, 0); 3469 if (INVALID_SOCKET == s) 3470 return NULL; 3471 3472 /* 3473 * If we are looking for broadcast interface we need to set this 3474 * socket to allow broadcast 3475 */ 3476 if (bcast) { 3477 on = 1; 3478 setsockopt(s, SOL_SOCKET, SO_BROADCAST, 3479 (char *)&on, sizeof(on)); 3480 } 3481 3482 rtn = connect(s, &addr->sa, SOCKLEN(addr)); 3483 if (SOCKET_ERROR == rtn) { 3484 closesocket(s); 3485 return NULL; 3486 } 3487 3488 sockaddrlen = sizeof(saddr); 3489 rtn = getsockname(s, &saddr.sa, &sockaddrlen); 3490 closesocket(s); 3491 3492 if (SOCKET_ERROR == rtn) 3493 return NULL; 3494 3495 DPRINTF(4, ("findlocalinterface: kernel maps %s to %s\n", 3496 stoa(addr), stoa(&saddr))); 3497 3498 iface = getinterface(&saddr, flags); 3499 3500 /* 3501 * if we didn't find an exact match on saddr check for an 3502 * interface on the same subnet as saddr. This handles the 3503 * case of the address suggested by the kernel being 3504 * excluded by the user's -I and -L options to ntpd, when 3505 * another address is enabled on the same subnet. 3506 * See http://bugs.ntp.org/1184 for more detail. 3507 */ 3508 if (NULL == iface || iface->ignore_packets) 3509 iface = getsamenetinterface(&saddr, flags); 3510 3511 /* Don't use an interface which will ignore replies */ 3512 if (iface != NULL && iface->ignore_packets) 3513 iface = NULL; 3514 3515 return iface; 3516 } 3517 3518 3519 /* 3520 * fetch an interface structure the matches the 3521 * address and has the given flags NOT set 3522 */ 3523 static struct interface * 3524 getinterface( 3525 sockaddr_u * addr, 3526 int flags 3527 ) 3528 { 3529 struct interface *iface; 3530 3531 iface = find_addr_in_list(addr); 3532 3533 if (iface != NULL && (iface->flags & flags)) 3534 iface = NULL; 3535 3536 return iface; 3537 } 3538 3539 3540 /* 3541 * fetch an interface structure with a local address on the same subnet 3542 * as addr which has the given flags NOT set 3543 */ 3544 static struct interface * 3545 getsamenetinterface( 3546 sockaddr_u * addr, 3547 int flags 3548 ) 3549 { 3550 struct interface *iface; 3551 3552 iface = find_samenet_addr_in_list(addr); 3553 3554 if (iface != NULL && (iface->flags & flags)) 3555 iface = NULL; 3556 3557 return iface; 3558 } 3559 3560 3561 /* 3562 * findlocalcastinterface - find local *cast interface for addr 3563 */ 3564 static struct interface * 3565 findlocalcastinterface( 3566 sockaddr_u * addr 3567 ) 3568 { 3569 struct interface * iface; 3570 struct interface * nif; 3571 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 3572 isc_boolean_t want_linklocal; 3573 #endif 3574 3575 NTP_REQUIRE(addr_ismulticast(addr)); 3576 3577 /* 3578 * see how kernel maps the mcast address 3579 */ 3580 nif = findlocalinterface(addr, 0, 0); 3581 3582 if (nif != NULL && !nif->ignore_packets) { 3583 DPRINTF(2, ("findlocalcastinterface: kernel recommends interface #%d %s for %s\n", 3584 nif->ifnum, nif->name, stoa(addr))); 3585 return nif; 3586 } 3587 3588 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 3589 want_linklocal = (IN6_IS_ADDR_MC_LINKLOCAL(PSOCK_ADDR6(addr)) 3590 || IN6_IS_ADDR_MC_SITELOCAL(PSOCK_ADDR6(addr))); 3591 #endif 3592 3593 for (iface = inter_list; 3594 iface != NULL; 3595 iface = iface->link) 3596 { 3597 /* use only allowed addresses */ 3598 if (iface->ignore_packets) 3599 continue; 3600 3601 /* Skip the loopback and wildcard addresses */ 3602 if (iface->flags & (INT_LOOPBACK | INT_WILDCARD)) 3603 continue; 3604 3605 /* Skip if different family */ 3606 if (AF(&iface->sin) != AF(addr)) 3607 continue; 3608 3609 /* Is it multicast capable? */ 3610 if (!(iface->flags & INT_MULTICAST)) 3611 continue; 3612 3613 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 3614 if (want_linklocal && IS_IPV6(&iface->sin) && 3615 IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(&iface->sin))) { 3616 nif = iface; 3617 break; 3618 } 3619 /* If we want a linklocal address, skip */ 3620 if (want_linklocal) 3621 continue; 3622 #endif 3623 nif = iface; 3624 break; 3625 } /* for loop over interfaces */ 3626 3627 if (nif != NULL) 3628 DPRINTF(3, ("findlocalcastinterface: found interface #%d %s for %s\n", 3629 nif->ifnum, nif->name, stoa(addr))); 3630 else 3631 DPRINTF(3, ("findlocalcastinterface: no interface found for %s\n", 3632 stoa(addr))); 3633 return nif; 3634 } 3635 3636 3637 /* 3638 * findbcastinter - find broadcast interface corresponding to address 3639 */ 3640 struct interface * 3641 findbcastinter( 3642 sockaddr_u *addr 3643 ) 3644 { 3645 #if !defined(MPE) && (defined(SIOCGIFCONF) || defined(SYS_WINNT)) 3646 struct interface *iface; 3647 3648 3649 DPRINTF(4, ("Finding broadcast/multicast interface for addr %s in list of addresses\n", 3650 stoa(addr))); 3651 3652 iface = findlocalinterface(addr, INT_LOOPBACK | INT_WILDCARD, 3653 1); 3654 if (iface != NULL) { 3655 DPRINTF(4, ("Easily found bcast-/mcast- interface index #%d %s\n", 3656 iface->ifnum, iface->name)); 3657 return iface; 3658 } 3659 3660 /* 3661 * plan B - try to find something reasonable in our lists in 3662 * case kernel lookup doesn't help 3663 */ 3664 for (iface = inter_list; 3665 iface != NULL; 3666 iface = iface->link) 3667 { 3668 if (iface->flags & INT_WILDCARD) 3669 continue; 3670 3671 /* Don't bother with ignored interfaces */ 3672 if (iface->ignore_packets) 3673 continue; 3674 3675 /* 3676 * First look if this is the correct family 3677 */ 3678 if(AF(&iface->sin) != AF(addr)) 3679 continue; 3680 3681 /* Skip the loopback addresses */ 3682 if (iface->flags & INT_LOOPBACK) 3683 continue; 3684 3685 /* 3686 * If we are looking to match a multicast address and 3687 * this interface is one... 3688 */ 3689 if (addr_ismulticast(addr) 3690 && (iface->flags & INT_MULTICAST)) { 3691 #ifdef INCLUDE_IPV6_SUPPORT 3692 /* 3693 * ...it is the winner unless we're looking for 3694 * an interface to use for link-local multicast 3695 * and its address is not link-local. 3696 */ 3697 if (IS_IPV6(addr) 3698 && IN6_IS_ADDR_MC_LINKLOCAL(PSOCK_ADDR6(addr)) 3699 && !IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(&iface->sin))) 3700 continue; 3701 #endif 3702 break; 3703 } 3704 3705 /* 3706 * We match only those interfaces marked as 3707 * broadcastable and either the explicit broadcast 3708 * address or the network portion of the IP address. 3709 * Sloppy. 3710 */ 3711 if (IS_IPV4(addr)) { 3712 if (SOCK_EQ(&iface->bcast, addr)) 3713 break; 3714 3715 if ((NSRCADR(&iface->sin) & NSRCADR(&iface->mask)) 3716 == (NSRCADR(addr) & NSRCADR(&iface->mask))) 3717 break; 3718 } 3719 #ifdef INCLUDE_IPV6_SUPPORT 3720 else if(IS_IPV6(addr)) { 3721 if (SOCK_EQ(&iface->bcast, addr)) 3722 break; 3723 3724 if (SOCK_EQ(netof(&iface->sin), netof(addr))) 3725 break; 3726 } 3727 #endif 3728 } 3729 #endif /* SIOCGIFCONF */ 3730 if (NULL == iface) { 3731 DPRINTF(4, ("No bcast interface found for %s\n", 3732 stoa(addr))); 3733 iface = ANY_INTERFACE_CHOOSE(addr); 3734 } else 3735 DPRINTF(4, ("Found bcast-/mcast- interface index #%d %s\n", 3736 iface->ifnum, iface->name)); 3737 return iface; 3738 } 3739 3740 3741 /* 3742 * io_clr_stats - clear I/O module statistics 3743 */ 3744 void 3745 io_clr_stats(void) 3746 { 3747 packets_dropped = 0; 3748 packets_ignored = 0; 3749 packets_received = 0; 3750 packets_sent = 0; 3751 packets_notsent = 0; 3752 3753 handler_calls = 0; 3754 handler_pkts = 0; 3755 io_timereset = current_time; 3756 } 3757 3758 3759 #ifdef REFCLOCK 3760 /* 3761 * io_addclock - add a reference clock to the list and arrange that we 3762 * get SIGIO interrupts from it. 3763 */ 3764 int 3765 io_addclock( 3766 struct refclockio *rio 3767 ) 3768 { 3769 BLOCKIO(); 3770 3771 /* 3772 * Stuff the I/O structure in the list and mark the descriptor 3773 * in use. There is a harmless (I hope) race condition here. 3774 */ 3775 rio->next = refio; 3776 3777 # ifdef HAVE_SIGNALED_IO 3778 if (init_clock_sig(rio)) { 3779 UNBLOCKIO(); 3780 return 0; 3781 } 3782 # elif defined(HAVE_IO_COMPLETION_PORT) 3783 if (io_completion_port_add_clock_io(rio)) { 3784 UNBLOCKIO(); 3785 return 0; 3786 } 3787 # endif 3788 3789 /* 3790 * enqueue 3791 */ 3792 refio = rio; 3793 3794 /* 3795 * register fd 3796 */ 3797 add_fd_to_list(rio->fd, FD_TYPE_FILE); 3798 3799 UNBLOCKIO(); 3800 return 1; 3801 } 3802 3803 /* 3804 * io_closeclock - close the clock in the I/O structure given 3805 */ 3806 void 3807 io_closeclock( 3808 struct refclockio *rio 3809 ) 3810 { 3811 register struct refclockio *rp; 3812 3813 BLOCKIO(); 3814 3815 /* 3816 * Remove structure from the list 3817 */ 3818 if (refio == rio) 3819 refio = rio->next; 3820 else { 3821 for (rp = refio; rp != NULL; rp = rp->next) 3822 if (rp->next == rio) { 3823 rp->next = rio->next; 3824 break; 3825 } 3826 3827 if (NULL == rp) { 3828 UNBLOCKIO(); 3829 return; 3830 } 3831 } 3832 3833 /* 3834 * Close the descriptor. 3835 */ 3836 close_and_delete_fd_from_list(rio->fd); 3837 UNBLOCKIO(); 3838 } 3839 #endif /* REFCLOCK */ 3840 3841 /* 3842 * On NT a SOCKET is an unsigned int so we cannot possibly keep it in 3843 * an array. So we use one of the ISC_LIST functions to hold the 3844 * socket value and use that when we want to enumerate it. 3845 * 3846 * This routine is called by the forked intres child process to close 3847 * all open sockets. On Windows there's no need as intres runs in 3848 * the same process as a thread. 3849 */ 3850 #ifndef SYS_WINNT 3851 void 3852 kill_asyncio(int startfd) 3853 { 3854 BLOCKIO(); 3855 3856 /* 3857 * In the child process we do not maintain activefds and 3858 * maxactivefd. Zeroing maxactivefd disables code which 3859 * maintains it in close_and_delete_fd_from_list(). 3860 */ 3861 maxactivefd = 0; 3862 3863 while (fd_list != NULL) 3864 close_and_delete_fd_from_list(fd_list->fd); 3865 3866 UNBLOCKIO(); 3867 } 3868 #endif /* !SYS_WINNT */ 3869 3870 /* 3871 * Add and delete functions for the list of open sockets 3872 */ 3873 static void 3874 add_fd_to_list( 3875 SOCKET fd, 3876 enum desc_type type 3877 ) 3878 { 3879 vsock_t *lsock = emalloc(sizeof(*lsock)); 3880 3881 lsock->fd = fd; 3882 lsock->type = type; 3883 3884 LINK_SLIST(fd_list, lsock, link); 3885 /* 3886 * I/O Completion Ports don't care about the select and FD_SET 3887 */ 3888 #ifndef HAVE_IO_COMPLETION_PORT 3889 if (fd < 0 || fd >= FD_SETSIZE) { 3890 msyslog(LOG_ERR, 3891 "Too many sockets in use, FD_SETSIZE %d exceeded", 3892 FD_SETSIZE); 3893 exit(1); 3894 } 3895 /* 3896 * keep activefds in sync 3897 */ 3898 maxactivefd = max(fd, maxactivefd); 3899 3900 FD_SET(fd, &activefds); 3901 #endif 3902 } 3903 3904 static void 3905 close_and_delete_fd_from_list( 3906 SOCKET fd 3907 ) 3908 { 3909 vsock_t *lsock; 3910 3911 UNLINK_EXPR_SLIST(lsock, fd_list, fd == 3912 UNLINK_EXPR_SLIST_CURRENT()->fd, link, vsock_t); 3913 3914 if (lsock != NULL) { 3915 switch (lsock->type) { 3916 case FD_TYPE_SOCKET: 3917 closesocket(lsock->fd); 3918 break; 3919 3920 case FD_TYPE_FILE: 3921 close(lsock->fd); 3922 break; 3923 3924 default: 3925 msyslog(LOG_ERR, 3926 "internal error - illegal descriptor type %d - EXITING", 3927 (int)lsock->type); 3928 exit(1); 3929 } 3930 3931 free(lsock); 3932 /* 3933 * I/O Completion Ports don't care about select and fd_set 3934 */ 3935 #ifndef HAVE_IO_COMPLETION_PORT 3936 /* 3937 * remove from activefds 3938 */ 3939 FD_CLR(fd, &activefds); 3940 3941 if (fd == maxactivefd && maxactivefd) { 3942 int i; 3943 NTP_INSIST(maxactivefd - 1 < FD_SETSIZE); 3944 for (i = maxactivefd - 1; i >= 0; i--) 3945 if (FD_ISSET(i, &activefds)) { 3946 maxactivefd = i; 3947 break; 3948 } 3949 NTP_INSIST(fd != maxactivefd); 3950 } 3951 #endif 3952 } 3953 } 3954 3955 static void 3956 add_addr_to_list( 3957 sockaddr_u *addr, 3958 struct interface *interface 3959 ) 3960 { 3961 remaddr_t *laddr; 3962 3963 #ifdef DEBUG 3964 if (find_addr_in_list(addr) == NULL) { 3965 #endif 3966 /* not there yet - add to list */ 3967 laddr = emalloc(sizeof(*laddr)); 3968 memcpy(&laddr->addr, addr, sizeof(laddr->addr)); 3969 laddr->interface = interface; 3970 3971 LINK_SLIST(remoteaddr_list, laddr, link); 3972 3973 DPRINTF(4, ("Added addr %s to list of addresses\n", 3974 stoa(addr))); 3975 #ifdef DEBUG 3976 } else 3977 DPRINTF(4, ("WARNING: Attempt to add duplicate addr %s to address list\n", 3978 stoa(addr))); 3979 #endif 3980 } 3981 3982 3983 static void 3984 delete_addr_from_list( 3985 sockaddr_u *addr 3986 ) 3987 { 3988 remaddr_t *unlinked; 3989 3990 UNLINK_EXPR_SLIST(unlinked, remoteaddr_list, SOCK_EQ(addr, 3991 &(UNLINK_EXPR_SLIST_CURRENT()->addr)), link, remaddr_t); 3992 3993 if (unlinked != NULL) { 3994 DPRINTF(4, ("Deleted addr %s from list of addresses\n", 3995 stoa(addr))); 3996 free(unlinked); 3997 } 3998 } 3999 4000 4001 static void 4002 delete_interface_from_list( 4003 struct interface *iface 4004 ) 4005 { 4006 remaddr_t *unlinked; 4007 4008 do { 4009 UNLINK_EXPR_SLIST(unlinked, remoteaddr_list, iface == 4010 UNLINK_EXPR_SLIST_CURRENT()->interface, link, 4011 remaddr_t); 4012 4013 if (unlinked != NULL) { 4014 DPRINTF(4, ("Deleted addr %s for interface #%d %s from list of addresses\n", 4015 stoa(&unlinked->addr), iface->ifnum, 4016 iface->name)); 4017 if (addr_ismulticast(&unlinked->addr)) 4018 /* find a new interface to use */ 4019 io_multicast_add(&unlinked->addr); 4020 free(unlinked); 4021 } 4022 } while (unlinked != NULL); 4023 } 4024 4025 4026 static struct interface * 4027 find_addr_in_list( 4028 sockaddr_u *addr 4029 ) 4030 { 4031 remaddr_t *entry; 4032 4033 DPRINTF(4, ("Searching for addr %s in list of addresses - ", 4034 stoa(addr))); 4035 4036 for (entry = remoteaddr_list; 4037 entry != NULL; 4038 entry = entry->link) 4039 if (SOCK_EQ(&entry->addr, addr)) { 4040 DPRINTF(4, ("FOUND\n")); 4041 return entry->interface; 4042 } 4043 4044 DPRINTF(4, ("NOT FOUND\n")); 4045 return NULL; 4046 } 4047 4048 static inline isc_boolean_t 4049 same_network_v4( 4050 struct sockaddr_in *addr1, 4051 struct sockaddr_in *mask, 4052 struct sockaddr_in *addr2 4053 ) 4054 { 4055 return (addr1->sin_addr.s_addr & mask->sin_addr.s_addr) 4056 == (addr2->sin_addr.s_addr & mask->sin_addr.s_addr); 4057 } 4058 4059 #ifdef INCLUDE_IPV6_SUPPORT 4060 static inline isc_boolean_t 4061 same_network_v6( 4062 struct sockaddr_in6 *addr1, 4063 struct sockaddr_in6 *mask, 4064 struct sockaddr_in6 *addr2 4065 ) 4066 { 4067 size_t i; 4068 4069 for (i = 0; 4070 i < sizeof(addr1->sin6_addr.s6_addr) / 4071 sizeof(addr1->sin6_addr.s6_addr[0]); 4072 i++) 4073 4074 if ((addr1->sin6_addr.s6_addr[i] & 4075 mask->sin6_addr.s6_addr[i]) 4076 != 4077 (addr2->sin6_addr.s6_addr[i] & 4078 mask->sin6_addr.s6_addr[i])) 4079 4080 return ISC_FALSE; 4081 4082 return ISC_TRUE; 4083 } 4084 #endif /* INCLUDE_IPV6_SUPPORT */ 4085 4086 4087 static isc_boolean_t 4088 same_network( 4089 sockaddr_u *a1, 4090 sockaddr_u *mask, 4091 sockaddr_u *a2 4092 ) 4093 { 4094 isc_boolean_t sn; 4095 4096 if (AF(a1) != AF(a2)) 4097 sn = ISC_FALSE; 4098 else if (IS_IPV4(a1)) 4099 sn = same_network_v4(&a1->sa4, &mask->sa4, &a2->sa4); 4100 #ifdef INCLUDE_IPV6_SUPPORT 4101 else if (IS_IPV6(a1)) 4102 sn = same_network_v6(&a1->sa6, &mask->sa6, &a2->sa6); 4103 #endif 4104 else 4105 sn = ISC_FALSE; 4106 4107 return sn; 4108 } 4109 4110 /* 4111 * Find an address in the list on the same network as addr which is not 4112 * addr. 4113 */ 4114 static struct interface * 4115 find_samenet_addr_in_list( 4116 sockaddr_u *addr 4117 ) 4118 { 4119 remaddr_t *entry; 4120 4121 DPRINTF(4, ("Searching for addr with same subnet as %s in list of addresses - ", 4122 stoa(addr))); 4123 4124 for (entry = remoteaddr_list; 4125 entry != NULL; 4126 entry = entry->link) 4127 4128 if (!SOCK_EQ(addr, &entry->addr) 4129 && same_network(&entry->addr, 4130 &entry->interface->mask, 4131 addr)) { 4132 DPRINTF(4, ("FOUND\n")); 4133 return entry->interface; 4134 } 4135 4136 DPRINTF(4, ("NOT FOUND\n")); 4137 return NULL; 4138 } 4139 4140 4141 /* 4142 * Find the given address with the all given flags set in the list 4143 */ 4144 static struct interface * 4145 find_flagged_addr_in_list( 4146 sockaddr_u * addr, 4147 int flags 4148 ) 4149 { 4150 remaddr_t *entry; 4151 4152 DPRINTF(4, ("Finding addr %s with flags %d in list: ", 4153 stoa(addr), flags)); 4154 4155 for (entry = remoteaddr_list; 4156 entry != NULL; 4157 entry = entry->link) 4158 4159 if (SOCK_EQ(&entry->addr, addr) 4160 && (entry->interface->flags & flags) == flags) { 4161 4162 DPRINTF(4, ("FOUND\n")); 4163 return entry->interface; 4164 } 4165 4166 DPRINTF(4, ("NOT FOUND\n")); 4167 return NULL; 4168 } 4169 4170 4171 #ifdef HAS_ROUTING_SOCKET 4172 # ifndef UPDATE_GRACE 4173 # define UPDATE_GRACE 2 /* wait UPDATE_GRACE seconds before scanning */ 4174 # endif 4175 4176 static void 4177 process_routing_msgs(struct asyncio_reader *reader) 4178 { 4179 char buffer[5120]; 4180 int cnt, msg_type; 4181 #ifdef HAVE_RTNETLINK 4182 struct nlmsghdr *nh; 4183 #else 4184 struct rt_msghdr *rtm; 4185 char *p; 4186 #endif 4187 4188 if (disable_dynamic_updates) { 4189 /* 4190 * discard ourselves if we are not needed any more 4191 * usually happens when running unprivileged 4192 */ 4193 remove_asyncio_reader(reader); 4194 delete_asyncio_reader(reader); 4195 return; 4196 } 4197 4198 cnt = read(reader->fd, buffer, sizeof(buffer)); 4199 4200 if (cnt < 0) { 4201 msyslog(LOG_ERR, 4202 "i/o error on routing socket %m - disabling"); 4203 remove_asyncio_reader(reader); 4204 delete_asyncio_reader(reader); 4205 return; 4206 } 4207 4208 /* 4209 * process routing message 4210 */ 4211 #ifdef HAVE_RTNETLINK 4212 for (nh = (struct nlmsghdr *)buffer; 4213 NLMSG_OK(nh, cnt); 4214 nh = NLMSG_NEXT(nh, cnt)) { 4215 msg_type = nh->nlmsg_type; 4216 #else 4217 for (p = buffer; 4218 (p + sizeof(struct rt_msghdr)) <= (buffer + cnt); 4219 p += rtm->rtm_msglen) { 4220 rtm = (struct rt_msghdr *)p; 4221 if (rtm->rtm_version != RTM_VERSION) { 4222 msyslog(LOG_ERR, 4223 "version mismatch (got %d - expected %d) on routing socket - disabling", 4224 rtm->rtm_version, RTM_VERSION); 4225 4226 remove_asyncio_reader(reader); 4227 delete_asyncio_reader(reader); 4228 return; 4229 } 4230 msg_type = rtm->rtm_type; 4231 #endif 4232 switch (msg_type) { 4233 #ifdef RTM_NEWADDR 4234 case RTM_NEWADDR: 4235 #endif 4236 #ifdef RTM_DELADDR 4237 case RTM_DELADDR: 4238 #endif 4239 #ifdef RTM_ADD 4240 case RTM_ADD: 4241 #endif 4242 #ifdef RTM_DELETE 4243 case RTM_DELETE: 4244 #endif 4245 #ifdef RTM_REDIRECT 4246 case RTM_REDIRECT: 4247 #endif 4248 #ifdef RTM_CHANGE 4249 case RTM_CHANGE: 4250 #endif 4251 #ifdef RTM_LOSING 4252 case RTM_LOSING: 4253 #endif 4254 #ifdef RTM_IFINFO 4255 case RTM_IFINFO: 4256 #endif 4257 #ifdef RTM_IFANNOUNCE 4258 case RTM_IFANNOUNCE: 4259 #endif 4260 #ifdef RTM_NEWLINK 4261 case RTM_NEWLINK: 4262 #endif 4263 #ifdef RTM_DELLINK 4264 case RTM_DELLINK: 4265 #endif 4266 #ifdef RTM_NEWROUTE 4267 case RTM_NEWROUTE: 4268 #endif 4269 #ifdef RTM_DELROUTE 4270 case RTM_DELROUTE: 4271 #endif 4272 /* 4273 * we are keen on new and deleted addresses and 4274 * if an interface goes up and down or routing 4275 * changes 4276 */ 4277 DPRINTF(3, ("routing message op = %d: scheduling interface update\n", 4278 msg_type)); 4279 timer_interfacetimeout(current_time + UPDATE_GRACE); 4280 break; 4281 #ifdef HAVE_RTNETLINK 4282 case NLMSG_DONE: 4283 /* end of multipart message */ 4284 return; 4285 #endif 4286 default: 4287 /* 4288 * the rest doesn't bother us. 4289 */ 4290 DPRINTF(4, ("routing message op = %d: ignored\n", 4291 msg_type)); 4292 break; 4293 } 4294 } 4295 } 4296 4297 /* 4298 * set up routing notifications 4299 */ 4300 static void 4301 init_async_notifications() 4302 { 4303 struct asyncio_reader *reader; 4304 #ifdef HAVE_RTNETLINK 4305 int fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE); 4306 struct sockaddr_nl sa; 4307 #else 4308 int fd = socket(PF_ROUTE, SOCK_RAW, 0); 4309 #endif 4310 if (fd < 0) { 4311 msyslog(LOG_ERR, 4312 "unable to open routing socket (%m) - using polled interface update"); 4313 return; 4314 } 4315 4316 fd = move_fd(fd); 4317 #ifdef HAVE_RTNETLINK 4318 memset(&sa, 0, sizeof(sa)); 4319 sa.nl_family = PF_NETLINK; 4320 sa.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR 4321 | RTMGRP_IPV6_IFADDR | RTMGRP_IPV4_ROUTE 4322 | RTMGRP_IPV4_MROUTE | RTMGRP_IPV6_ROUTE 4323 | RTMGRP_IPV6_MROUTE; 4324 if (bind(fd, (struct sockaddr *)&sa, sizeof(sa)) < 0) { 4325 msyslog(LOG_ERR, 4326 "bind failed on routing socket (%m) - using polled interface update"); 4327 return; 4328 } 4329 #endif 4330 init_nonblocking_io(fd); 4331 #if defined(HAVE_SIGNALED_IO) 4332 init_socket_sig(fd); 4333 #endif /* HAVE_SIGNALED_IO */ 4334 4335 reader = new_asyncio_reader(); 4336 4337 reader->fd = fd; 4338 reader->receiver = process_routing_msgs; 4339 4340 add_asyncio_reader(reader, FD_TYPE_SOCKET); 4341 msyslog(LOG_INFO, 4342 "Listening on routing socket on fd #%d for interface updates", 4343 fd); 4344 } 4345 #else 4346 /* HAS_ROUTING_SOCKET not defined */ 4347 static void 4348 init_async_notifications(void) 4349 { 4350 } 4351 #endif 4352