1 /* $NetBSD: ntp_io.c,v 1.14 2014/01/26 02:21:08 mlelstv Exp $ */ 2 3 /* 4 * ntp_io.c - input/output routines for ntpd. The socket-opening code 5 * was shamelessly stolen from ntpd. 6 */ 7 8 #ifdef HAVE_CONFIG_H 9 # include <config.h> 10 #endif 11 12 #include <stdio.h> 13 #include <signal.h> 14 #ifdef HAVE_SYS_PARAM_H 15 # include <sys/param.h> 16 #endif 17 #ifdef HAVE_SYS_IOCTL_H 18 # include <sys/ioctl.h> 19 #endif 20 #ifdef HAVE_SYS_SOCKIO_H /* UXPV: SIOC* #defines (Frank Vance <fvance@waii.com>) */ 21 # include <sys/sockio.h> 22 #endif 23 #ifdef HAVE_SYS_UIO_H 24 # include <sys/uio.h> 25 #endif 26 27 #include "ntp_machine.h" 28 #include "ntpd.h" 29 #include "ntp_io.h" 30 #include "iosignal.h" 31 #include "ntp_lists.h" 32 #include "ntp_refclock.h" 33 #include "ntp_stdlib.h" 34 #include "ntp_worker.h" 35 #include "ntp_request.h" 36 #include "ntp_assert.h" 37 #include "timevalops.h" 38 #include "timespecops.h" 39 #include "ntpd-opts.h" 40 41 /* Don't include ISC's version of IPv6 variables and structures */ 42 #define ISC_IPV6_H 1 43 #include <isc/mem.h> 44 #include <isc/interfaceiter.h> 45 #include <isc/netaddr.h> 46 #include <isc/result.h> 47 #include <isc/sockaddr.h> 48 49 #ifdef SIM 50 #include "ntpsim.h" 51 #endif 52 53 #ifdef HAS_ROUTING_SOCKET 54 # include <net/route.h> 55 # ifdef HAVE_RTNETLINK 56 # include <linux/rtnetlink.h> 57 # endif 58 #endif 59 60 61 /* 62 * setsockopt does not always have the same arg declaration 63 * across all platforms. If it's not defined we make it empty 64 */ 65 66 #ifndef SETSOCKOPT_ARG_CAST 67 #define SETSOCKOPT_ARG_CAST 68 #endif 69 70 extern int listen_to_virtual_ips; 71 72 /* 73 * NIC rule entry 74 */ 75 typedef struct nic_rule_tag nic_rule; 76 77 struct nic_rule_tag { 78 nic_rule * next; 79 nic_rule_action action; 80 nic_rule_match match_type; 81 char * if_name; 82 sockaddr_u addr; 83 int prefixlen; 84 }; 85 86 /* 87 * NIC rule listhead. Entries are added at the head so that the first 88 * match in the list is the last matching rule specified. 89 */ 90 nic_rule *nic_rule_list; 91 92 93 #if defined(SO_BINTIME) && defined(SCM_BINTIME) && defined(CMSG_FIRSTHDR) 94 # define HAVE_PACKET_TIMESTAMP 95 # define HAVE_BINTIME 96 # ifdef BINTIME_CTLMSGBUF_SIZE 97 # define CMSG_BUFSIZE BINTIME_CTLMSGBUF_SIZE 98 # else 99 # define CMSG_BUFSIZE 1536 /* moderate default */ 100 # endif 101 #elif defined(SO_TIMESTAMPNS) && defined(SCM_TIMESTAMPNS) && defined(CMSG_FIRSTHDR) 102 # define HAVE_PACKET_TIMESTAMP 103 # define HAVE_TIMESTAMPNS 104 # ifdef TIMESTAMPNS_CTLMSGBUF_SIZE 105 # define CMSG_BUFSIZE TIMESTAMPNS_CTLMSGBUF_SIZE 106 # else 107 # define CMSG_BUFSIZE 1536 /* moderate default */ 108 # endif 109 #elif defined(SO_TIMESTAMP) && defined(SCM_TIMESTAMP) && defined(CMSG_FIRSTHDR) 110 # define HAVE_PACKET_TIMESTAMP 111 # define HAVE_TIMESTAMP 112 # ifdef TIMESTAMP_CTLMSGBUF_SIZE 113 # define CMSG_BUFSIZE TIMESTAMP_CTLMSGBUF_SIZE 114 # else 115 # define CMSG_BUFSIZE 1536 /* moderate default */ 116 # endif 117 #else 118 /* fill in for old/other timestamp interfaces */ 119 #endif 120 121 #if defined(SYS_WINNT) 122 #include "win32_io.h" 123 #include <isc/win32os.h> 124 #endif 125 126 /* 127 * We do asynchronous input using the SIGIO facility. A number of 128 * recvbuf buffers are preallocated for input. In the signal 129 * handler we poll to see which sockets are ready and read the 130 * packets from them into the recvbuf's along with a time stamp and 131 * an indication of the source host and the interface it was received 132 * through. This allows us to get as accurate receive time stamps 133 * as possible independent of other processing going on. 134 * 135 * We watch the number of recvbufs available to the signal handler 136 * and allocate more when this number drops below the low water 137 * mark. If the signal handler should run out of buffers in the 138 * interim it will drop incoming frames, the idea being that it is 139 * better to drop a packet than to be inaccurate. 140 */ 141 142 143 /* 144 * Other statistics of possible interest 145 */ 146 volatile u_long packets_dropped; /* total number of packets dropped on reception */ 147 volatile u_long packets_ignored; /* packets received on wild card interface */ 148 volatile u_long packets_received; /* total number of packets received */ 149 u_long packets_sent; /* total number of packets sent */ 150 u_long packets_notsent; /* total number of packets which couldn't be sent */ 151 152 volatile u_long handler_calls; /* number of calls to interrupt handler */ 153 volatile u_long handler_pkts; /* number of pkts received by handler */ 154 u_long io_timereset; /* time counters were reset */ 155 156 /* 157 * Interface stuff 158 */ 159 endpt * any_interface; /* wildcard ipv4 interface */ 160 endpt * any6_interface; /* wildcard ipv6 interface */ 161 endpt * loopback_interface; /* loopback ipv4 interface */ 162 163 isc_boolean_t broadcast_client_enabled; /* is broadcast client enabled */ 164 u_int sys_ifnum; /* next .ifnum to assign */ 165 int ninterfaces; /* Total number of interfaces */ 166 167 int disable_dynamic_updates; /* scan interfaces once only */ 168 169 #ifdef REFCLOCK 170 /* 171 * Refclock stuff. We keep a chain of structures with data concerning 172 * the guys we are doing I/O for. 173 */ 174 static struct refclockio *refio; 175 #endif /* REFCLOCK */ 176 177 /* 178 * File descriptor masks etc. for call to select 179 * Not needed for I/O Completion Ports or anything outside this file 180 */ 181 static fd_set activefds; 182 static int maxactivefd; 183 184 /* 185 * bit alternating value to detect verified interfaces during an update cycle 186 */ 187 static u_short sys_interphase = 0; 188 189 static endpt * new_interface(endpt *); 190 static void add_interface(endpt *); 191 static int update_interfaces(u_short, interface_receiver_t, 192 void *); 193 static void remove_interface(endpt *); 194 static endpt * create_interface(u_short, endpt *); 195 196 static int is_wildcard_addr (const sockaddr_u *); 197 198 /* 199 * Multicast functions 200 */ 201 static isc_boolean_t addr_ismulticast (sockaddr_u *); 202 static isc_boolean_t is_anycast (sockaddr_u *, 203 const char *); 204 205 /* 206 * Not all platforms support multicast 207 */ 208 #ifdef MCAST 209 static isc_boolean_t socket_multicast_enable (endpt *, sockaddr_u *); 210 static isc_boolean_t socket_multicast_disable(endpt *, sockaddr_u *); 211 #endif 212 213 #ifdef DEBUG 214 static void interface_dump (const endpt *); 215 static void sockaddr_dump (const sockaddr_u *); 216 static void print_interface (const endpt *, const char *, const char *); 217 #define DPRINT_INTERFACE(level, args) do { if (debug >= (level)) { print_interface args; } } while (0) 218 #else 219 #define DPRINT_INTERFACE(level, args) do {} while (0) 220 #endif 221 222 typedef struct vsock vsock_t; 223 enum desc_type { FD_TYPE_SOCKET, FD_TYPE_FILE }; 224 225 struct vsock { 226 vsock_t * link; 227 SOCKET fd; 228 enum desc_type type; 229 }; 230 231 vsock_t *fd_list; 232 233 #if !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) 234 /* 235 * async notification processing (e. g. routing sockets) 236 */ 237 /* 238 * support for receiving data on fd that is not a refclock or a socket 239 * like e. g. routing sockets 240 */ 241 struct asyncio_reader { 242 struct asyncio_reader *link; /* the list this is being kept in */ 243 SOCKET fd; /* fd to be read */ 244 void *data; /* possibly local data */ 245 void (*receiver)(struct asyncio_reader *); /* input handler */ 246 }; 247 248 struct asyncio_reader *asyncio_reader_list; 249 250 static void delete_asyncio_reader (struct asyncio_reader *); 251 static struct asyncio_reader *new_asyncio_reader (void); 252 static void add_asyncio_reader (struct asyncio_reader *, enum desc_type); 253 static void remove_asyncio_reader (struct asyncio_reader *); 254 255 #endif /* !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) */ 256 257 static void init_async_notifications (void); 258 259 static int addr_eqprefix (const sockaddr_u *, const sockaddr_u *, 260 int); 261 static int addr_samesubnet (const sockaddr_u *, const sockaddr_u *, 262 const sockaddr_u *, const sockaddr_u *); 263 static int create_sockets (u_short); 264 static SOCKET open_socket (sockaddr_u *, int, int, endpt *); 265 static char * fdbits (int, fd_set *); 266 static void set_reuseaddr (int); 267 static isc_boolean_t socket_broadcast_enable (struct interface *, SOCKET, sockaddr_u *); 268 static isc_boolean_t socket_broadcast_disable (struct interface *, sockaddr_u *); 269 270 typedef struct remaddr remaddr_t; 271 272 struct remaddr { 273 remaddr_t * link; 274 sockaddr_u addr; 275 endpt * ep; 276 }; 277 278 remaddr_t * remoteaddr_list; 279 endpt * ep_list; /* complete endpt list */ 280 endpt * mc4_list; /* IPv4 mcast-capable unicast endpts */ 281 endpt * mc6_list; /* IPv6 mcast-capable unicast endpts */ 282 283 static endpt * wildipv4; 284 static endpt * wildipv6; 285 286 #ifdef SYS_WINNT 287 int accept_wildcard_if_for_winnt; 288 #else 289 const int accept_wildcard_if_for_winnt = FALSE; 290 #endif 291 292 static void add_fd_to_list (SOCKET, enum desc_type); 293 static endpt * find_addr_in_list (sockaddr_u *); 294 static endpt * find_flagged_addr_in_list(sockaddr_u *, u_int32); 295 static void delete_addr_from_list (sockaddr_u *); 296 static void delete_interface_from_list(endpt *); 297 static void close_and_delete_fd_from_list(SOCKET); 298 static void add_addr_to_list (sockaddr_u *, endpt *); 299 static void create_wildcards (u_short); 300 static endpt * findlocalinterface (sockaddr_u *, int, int); 301 static endpt * findclosestinterface (sockaddr_u *, int); 302 #ifdef DEBUG 303 static const char * action_text (nic_rule_action); 304 #endif 305 static nic_rule_action interface_action(char *, sockaddr_u *, u_int32); 306 static void convert_isc_if (isc_interface_t *, 307 endpt *, u_short); 308 static void calc_addr_distance(sockaddr_u *, 309 const sockaddr_u *, 310 const sockaddr_u *); 311 static int cmp_addr_distance(const sockaddr_u *, 312 const sockaddr_u *); 313 314 /* 315 * Routines to read the ntp packets 316 */ 317 #if !defined(HAVE_IO_COMPLETION_PORT) 318 static inline int read_network_packet (SOCKET, struct interface *, l_fp); 319 static void ntpd_addremove_io_fd (int, int, int); 320 static input_handler_t input_handler; 321 #ifdef REFCLOCK 322 static inline int read_refclock_packet (SOCKET, struct refclockio *, l_fp); 323 #endif 324 #endif 325 326 327 328 #ifndef HAVE_IO_COMPLETION_PORT 329 void 330 maintain_activefds( 331 int fd, 332 int closing 333 ) 334 { 335 int i; 336 337 if (fd < 0 || fd >= FD_SETSIZE) { 338 msyslog(LOG_ERR, 339 "Too many sockets in use, FD_SETSIZE %d exceeded by fd %d", 340 FD_SETSIZE, fd); 341 exit(1); 342 } 343 344 if (!closing) { 345 FD_SET(fd, &activefds); 346 maxactivefd = max(fd, maxactivefd); 347 } else { 348 FD_CLR(fd, &activefds); 349 if (maxactivefd && fd == maxactivefd) { 350 for (i = maxactivefd - 1; i >= 0; i--) 351 if (FD_ISSET(i, &activefds)) { 352 maxactivefd = i; 353 break; 354 } 355 NTP_INSIST(fd != maxactivefd); 356 } 357 } 358 } 359 #endif /* !HAVE_IO_COMPLETION_PORT */ 360 361 362 #ifdef DEBUG_TIMING 363 /* 364 * collect timing information for various processing 365 * paths. currently we only pass them on to the file 366 * for later processing. this could also do histogram 367 * based analysis in other to reduce the load (and skew) 368 * dur to the file output 369 */ 370 void 371 collect_timing(struct recvbuf *rb, const char *tag, int count, l_fp *dts) 372 { 373 char buf[256]; 374 375 snprintf(buf, sizeof(buf), "%s %d %s %s", 376 (rb != NULL) 377 ? ((rb->dstadr != NULL) 378 ? stoa(&rb->recv_srcadr) 379 : "-REFCLOCK-") 380 : "-", 381 count, lfptoa(dts, 9), tag); 382 record_timing_stats(buf); 383 } 384 #endif 385 386 /* 387 * About dynamic interfaces, sockets, reception and more... 388 * 389 * the code solves following tasks: 390 * 391 * - keep a current list of active interfaces in order 392 * to bind to to the interface address on NTP_PORT so that 393 * all wild and specific bindings for NTP_PORT are taken by ntpd 394 * to avoid other daemons messing with the time or sockets. 395 * - all interfaces keep a list of peers that are referencing 396 * the interface in order to quickly re-assign the peers to 397 * new interface in case an interface is deleted (=> gone from system or 398 * down) 399 * - have a preconfigured socket ready with the right local address 400 * for transmission and reception 401 * - have an address list for all destination addresses used within ntpd 402 * to find the "right" preconfigured socket. 403 * - facilitate updating the internal interface list with respect to 404 * the current kernel state 405 * 406 * special issues: 407 * 408 * - mapping of multicast addresses to the interface affected is not always 409 * one to one - especially on hosts with multiple interfaces 410 * the code here currently allocates a separate interface entry for those 411 * multicast addresses 412 * iff it is able to bind to a *new* socket with the multicast address (flags |= MCASTIF) 413 * in case of failure the multicast address is bound to an existing interface. 414 * - on some systems it is perfectly legal to assign the same address to 415 * multiple interfaces. Therefore this code does not keep a list of interfaces 416 * but a list of interfaces that represent a unique address as determined by the kernel 417 * by the procedure in findlocalinterface. Thus it is perfectly legal to see only 418 * one representative of a group of real interfaces if they share the same address. 419 * 420 * Frank Kardel 20050910 421 */ 422 423 /* 424 * init_io - initialize I/O module. 425 */ 426 void 427 init_io(void) 428 { 429 /* Init buffer free list and stat counters */ 430 init_recvbuff(RECV_INIT); 431 /* update interface every 5 minutes as default */ 432 interface_interval = 300; 433 434 #ifdef WORK_PIPE 435 addremove_io_fd = &ntpd_addremove_io_fd; 436 #endif 437 438 #ifdef SYS_WINNT 439 init_io_completion_port(); 440 #endif 441 442 #if defined(HAVE_SIGNALED_IO) 443 (void) set_signal(input_handler); 444 #endif 445 } 446 447 448 static void 449 ntpd_addremove_io_fd( 450 int fd, 451 int is_pipe, 452 int remove_it 453 ) 454 { 455 UNUSED_ARG(is_pipe); 456 457 #ifdef HAVE_SIGNALED_IO 458 init_socket_sig(fd); 459 #endif /* not HAVE_SIGNALED_IO */ 460 461 maintain_activefds(fd, remove_it); 462 } 463 464 465 /* 466 * io_open_sockets - call socket creation routine 467 */ 468 void 469 io_open_sockets(void) 470 { 471 static int already_opened; 472 473 if (already_opened || HAVE_OPT( SAVECONFIGQUIT )) 474 return; 475 476 already_opened = 1; 477 478 /* 479 * Create the sockets 480 */ 481 BLOCKIO(); 482 create_sockets(NTP_PORT); 483 UNBLOCKIO(); 484 485 init_async_notifications(); 486 487 DPRINTF(3, ("io_open_sockets: maxactivefd %d\n", maxactivefd)); 488 } 489 490 491 #ifdef DEBUG 492 /* 493 * function to dump the contents of the interface structure 494 * for debugging use only. 495 */ 496 void 497 interface_dump(const endpt *itf) 498 { 499 printf("Dumping interface: %p\n", itf); 500 printf("fd = %d\n", itf->fd); 501 printf("bfd = %d\n", itf->bfd); 502 printf("sin = %s,\n", stoa(&itf->sin)); 503 sockaddr_dump(&itf->sin); 504 printf("bcast = %s,\n", stoa(&itf->bcast)); 505 sockaddr_dump(&itf->bcast); 506 printf("mask = %s,\n", stoa(&itf->mask)); 507 sockaddr_dump(&itf->mask); 508 printf("name = %s\n", itf->name); 509 printf("flags = 0x%08x\n", itf->flags); 510 printf("last_ttl = %d\n", itf->last_ttl); 511 printf("addr_refid = %08x\n", itf->addr_refid); 512 printf("num_mcast = %d\n", itf->num_mcast); 513 printf("received = %ld\n", itf->received); 514 printf("sent = %ld\n", itf->sent); 515 printf("notsent = %ld\n", itf->notsent); 516 printf("ifindex = %u\n", itf->ifindex); 517 printf("peercnt = %u\n", itf->peercnt); 518 printf("phase = %u\n", itf->phase); 519 } 520 521 /* 522 * sockaddr_dump - hex dump the start of a sockaddr_u 523 */ 524 static void 525 sockaddr_dump(const sockaddr_u *psau) 526 { 527 /* Limit the size of the sockaddr_in6 hex dump */ 528 const int maxsize = min(32, sizeof(psau->sa6)); 529 const u_char * cp; 530 int i; 531 532 /* XXX: Should we limit maxsize based on psau->saX.sin_family? */ 533 cp = (const void *)&psau->sa6; 534 535 for(i = 0; i < maxsize; i++) { 536 printf("%02x", *cp++); 537 if (!((i + 1) % 4)) 538 printf(" "); 539 } 540 printf("\n"); 541 } 542 543 /* 544 * print_interface - helper to output debug information 545 */ 546 static void 547 print_interface(const endpt *iface, const char *pfx, const char *sfx) 548 { 549 printf("%sinterface #%d: fd=%d, bfd=%d, name=%s, flags=0x%x, ifindex=%u, sin=%s", 550 pfx, 551 iface->ifnum, 552 iface->fd, 553 iface->bfd, 554 iface->name, 555 iface->flags, 556 iface->ifindex, 557 stoa(&iface->sin)); 558 if (AF_INET == iface->family) { 559 if (iface->flags & INT_BROADCAST) 560 printf(", bcast=%s", stoa(&iface->bcast)); 561 printf(", mask=%s", stoa(&iface->mask)); 562 } 563 printf(", %s:%s", 564 (iface->ignore_packets) 565 ? "Disabled" 566 : "Enabled", 567 sfx); 568 if (debug > 4) /* in-depth debugging only */ 569 interface_dump(iface); 570 } 571 #endif 572 573 #if !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) 574 /* 575 * create an asyncio_reader structure 576 */ 577 static struct asyncio_reader * 578 new_asyncio_reader(void) 579 { 580 struct asyncio_reader *reader; 581 582 reader = emalloc_zero(sizeof(*reader)); 583 reader->fd = INVALID_SOCKET; 584 585 return reader; 586 } 587 588 /* 589 * delete a reader 590 */ 591 static void 592 delete_asyncio_reader( 593 struct asyncio_reader *reader 594 ) 595 { 596 free(reader); 597 } 598 599 /* 600 * add asynchio_reader 601 */ 602 static void 603 add_asyncio_reader( 604 struct asyncio_reader * reader, 605 enum desc_type type) 606 { 607 LINK_SLIST(asyncio_reader_list, reader, link); 608 add_fd_to_list(reader->fd, type); 609 } 610 611 /* 612 * remove asynchio_reader 613 */ 614 static void 615 remove_asyncio_reader( 616 struct asyncio_reader *reader 617 ) 618 { 619 struct asyncio_reader *unlinked; 620 621 UNLINK_SLIST(unlinked, asyncio_reader_list, reader, link, 622 struct asyncio_reader); 623 624 if (reader->fd != INVALID_SOCKET) 625 close_and_delete_fd_from_list(reader->fd); 626 627 reader->fd = INVALID_SOCKET; 628 } 629 #endif /* !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) */ 630 631 632 /* compare two sockaddr prefixes */ 633 static int 634 addr_eqprefix( 635 const sockaddr_u * a, 636 const sockaddr_u * b, 637 int prefixlen 638 ) 639 { 640 isc_netaddr_t isc_a; 641 isc_netaddr_t isc_b; 642 isc_sockaddr_t isc_sa; 643 644 ZERO(isc_sa); 645 memcpy(&isc_sa.type, a, min(sizeof(isc_sa.type), sizeof(*a))); 646 isc_netaddr_fromsockaddr(&isc_a, &isc_sa); 647 648 ZERO(isc_sa); 649 memcpy(&isc_sa.type, b, min(sizeof(isc_sa.type), sizeof(*b))); 650 isc_netaddr_fromsockaddr(&isc_b, &isc_sa); 651 652 return (int)isc_netaddr_eqprefix(&isc_a, &isc_b, 653 (u_int)prefixlen); 654 } 655 656 657 static int 658 addr_samesubnet( 659 const sockaddr_u * a, 660 const sockaddr_u * a_mask, 661 const sockaddr_u * b, 662 const sockaddr_u * b_mask 663 ) 664 { 665 const u_int32 * pa; 666 const u_int32 * pa_limit; 667 const u_int32 * pb; 668 const u_int32 * pm; 669 size_t loops; 670 671 NTP_REQUIRE(AF(a) == AF(a_mask)); 672 NTP_REQUIRE(AF(b) == AF(b_mask)); 673 /* 674 * With address and mask families verified to match, comparing 675 * the masks also validates the address's families match. 676 */ 677 if (!SOCK_EQ(a_mask, b_mask)) 678 return FALSE; 679 680 if (IS_IPV6(a)) { 681 loops = sizeof(NSRCADR6(a)) / sizeof(*pa); 682 pa = (const void *)&NSRCADR6(a); 683 pb = (const void *)&NSRCADR6(b); 684 pm = (const void *)&NSRCADR6(a_mask); 685 } else { 686 loops = sizeof(NSRCADR(a)) / sizeof(*pa); 687 pa = (const void *)&NSRCADR(a); 688 pb = (const void *)&NSRCADR(b); 689 pm = (const void *)&NSRCADR(a_mask); 690 } 691 for (pa_limit = pa + loops; pa < pa_limit; pa++, pb++, pm++) 692 if ((*pa & *pm) != (*pb & *pm)) 693 return FALSE; 694 695 return TRUE; 696 } 697 698 699 /* 700 * Code to tell if we have an IP address 701 * If we have then return the sockaddr structure 702 * and set the return value 703 * see the bind9/getaddresses.c for details 704 */ 705 int 706 is_ip_address( 707 const char * host, 708 u_short af, 709 sockaddr_u * addr 710 ) 711 { 712 struct in_addr in4; 713 struct in6_addr in6; 714 char tmpbuf[128]; 715 char *pch; 716 717 NTP_REQUIRE(host != NULL); 718 NTP_REQUIRE(addr != NULL); 719 720 ZERO_SOCK(addr); 721 722 /* 723 * Try IPv4, then IPv6. In order to handle the extended format 724 * for IPv6 scoped addresses (address%scope_ID), we'll use a local 725 * working buffer of 128 bytes. The length is an ad-hoc value, but 726 * should be enough for this purpose; the buffer can contain a string 727 * of at least 80 bytes for scope_ID in addition to any IPv6 numeric 728 * addresses (up to 46 bytes), the delimiter character and the 729 * terminating NULL character. 730 */ 731 if (AF_UNSPEC == af || AF_INET == af) 732 if (inet_pton(AF_INET, host, &in4) == 1) { 733 AF(addr) = AF_INET; 734 SET_ADDR4N(addr, in4.s_addr); 735 736 return TRUE; 737 } 738 739 if (AF_UNSPEC == af || AF_INET6 == af) 740 if (sizeof(tmpbuf) > strlen(host)) { 741 if ('[' == host[0]) { 742 strlcpy(tmpbuf, &host[1], sizeof(tmpbuf)); 743 pch = strchr(tmpbuf, ']'); 744 if (pch != NULL) 745 *pch = '\0'; 746 } else { 747 strlcpy(tmpbuf, host, sizeof(tmpbuf)); 748 } 749 pch = strchr(tmpbuf, '%'); 750 if (pch != NULL) 751 *pch = '\0'; 752 753 if (inet_pton(AF_INET6, tmpbuf, &in6) == 1) { 754 AF(addr) = AF_INET6; 755 SET_ADDR6N(addr, in6); 756 757 return TRUE; 758 } 759 } 760 /* 761 * If we got here it was not an IP address 762 */ 763 return FALSE; 764 } 765 766 767 /* 768 * interface list enumerator - visitor pattern 769 */ 770 void 771 interface_enumerate( 772 interface_receiver_t receiver, 773 void * data 774 ) 775 { 776 interface_info_t ifi; 777 778 ifi.action = IFS_EXISTS; 779 for (ifi.ep = ep_list; ifi.ep != NULL; ifi.ep = ifi.ep->elink) 780 (*receiver)(data, &ifi); 781 } 782 783 /* 784 * do standard initialization of interface structure 785 */ 786 static void 787 init_interface( 788 endpt *ep 789 ) 790 { 791 ZERO(*ep); 792 ep->fd = INVALID_SOCKET; 793 ep->bfd = INVALID_SOCKET; 794 ep->phase = sys_interphase; 795 } 796 797 798 /* 799 * create new interface structure initialize from 800 * template structure or via standard initialization 801 * function 802 */ 803 static struct interface * 804 new_interface( 805 struct interface *interface 806 ) 807 { 808 struct interface * iface; 809 810 iface = emalloc(sizeof(*iface)); 811 812 if (NULL == interface) 813 init_interface(iface); 814 else /* use the template */ 815 memcpy(iface, interface, sizeof(*iface)); 816 817 /* count every new instance of an interface in the system */ 818 iface->ifnum = sys_ifnum++; 819 iface->starttime = current_time; 820 821 return iface; 822 } 823 824 825 /* 826 * return interface storage into free memory pool 827 */ 828 static inline void 829 delete_interface( 830 endpt *ep 831 ) 832 { 833 free(ep); 834 } 835 836 837 /* 838 * link interface into list of known interfaces 839 */ 840 static void 841 add_interface( 842 endpt * ep 843 ) 844 { 845 endpt ** pmclisthead; 846 endpt * scan; 847 endpt * scan_next; 848 endpt * unlinked; 849 sockaddr_u * addr; 850 int ep_local; 851 int scan_local; 852 int same_subnet; 853 int ep_univ_iid; /* iface ID from MAC address */ 854 int scan_univ_iid; /* see RFC 4291 */ 855 int ep_privacy; /* random local iface ID */ 856 int scan_privacy; /* see RFC 4941 */ 857 int rc; 858 859 /* Calculate the refid */ 860 ep->addr_refid = addr2refid(&ep->sin); 861 /* link at tail so ntpdc -c ifstats index increases each row */ 862 LINK_TAIL_SLIST(ep_list, ep, elink, endpt); 863 ninterfaces++; 864 #ifdef MCAST 865 /* the rest is for enabled multicast-capable addresses only */ 866 if (ep->ignore_packets || !(INT_MULTICAST & ep->flags) || 867 INT_LOOPBACK & ep->flags) 868 return; 869 # ifndef INCLUDE_IPV6_MULTICAST_SUPPORT 870 if (AF_INET6 == ep->family) 871 return; 872 # endif 873 pmclisthead = (AF_INET == ep->family) 874 ? &mc4_list 875 : &mc6_list; 876 877 if (AF_INET6 == ep->family) { 878 ep_local = 879 IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(&ep->sin)) || 880 IN6_IS_ADDR_SITELOCAL(PSOCK_ADDR6(&ep->sin)); 881 ep_univ_iid = IS_IID_UNIV(&ep->sin); 882 ep_privacy = !!(INT_PRIVACY & ep->flags); 883 } else { 884 ep_local = FALSE; 885 ep_univ_iid = FALSE; 886 ep_privacy = FALSE; 887 } 888 DPRINTF(4, ("add_interface mcast-capable %s%s%s%s\n", 889 stoa(&ep->sin), 890 (ep_local) ? " link/scope-local" : "", 891 (ep_univ_iid) ? " univ-IID" : "", 892 (ep_privacy) ? " privacy" : "")); 893 /* 894 * If we have multiple local addresses on the same network 895 * interface, and some are link- or site-local, do not multicast 896 * out from the link-/site-local addresses by default, to avoid 897 * duplicate manycastclient associations between v6 peers using 898 * link-local and global addresses. link-local can still be 899 * chosen using "nic ignore myv6globalprefix::/64". 900 * Similarly, if we have multiple global addresses from the same 901 * prefix on the same network interface, multicast from one, 902 * preferring EUI-64, then static, then least RFC 4941 privacy 903 * addresses. 904 */ 905 for (scan = *pmclisthead; scan != NULL; scan = scan_next) { 906 scan_next = scan->mclink; 907 if (ep->family != scan->family) 908 continue; 909 if (strcmp(ep->name, scan->name)) 910 continue; 911 same_subnet = addr_samesubnet(&ep->sin, &ep->mask, 912 &scan->sin, &scan->mask); 913 if (AF_INET6 == ep->family) { 914 addr = &scan->sin; 915 scan_local = 916 IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(addr)) || 917 IN6_IS_ADDR_SITELOCAL(PSOCK_ADDR6(addr)); 918 scan_univ_iid = IS_IID_UNIV(addr); 919 scan_privacy = !!(INT_PRIVACY & scan->flags); 920 } else { 921 scan_local = FALSE; 922 scan_univ_iid = FALSE; 923 scan_privacy = FALSE; 924 } 925 DPRINTF(4, ("add_interface mcast-capable scan %s%s%s%s\n", 926 stoa(&scan->sin), 927 (scan_local) ? " link/scope-local" : "", 928 (scan_univ_iid) ? " univ-IID" : "", 929 (scan_privacy) ? " privacy" : "")); 930 if ((ep_local && !scan_local) || (same_subnet && 931 ((ep_privacy && !scan_privacy) || 932 (!ep_univ_iid && scan_univ_iid)))) { 933 DPRINTF(4, ("did not add %s to %s of IPv6 multicast-capable list which already has %s\n", 934 stoa(&ep->sin), 935 (ep_local) 936 ? "tail" 937 : "head", 938 stoa(&scan->sin))); 939 return; 940 } 941 if ((scan_local && !ep_local) || (same_subnet && 942 ((scan_privacy && !ep_privacy) || 943 (!scan_univ_iid && ep_univ_iid)))) { 944 UNLINK_SLIST(unlinked, *pmclisthead, 945 scan, mclink, endpt); 946 DPRINTF(4, ("%s %s from IPv6 multicast-capable list to add %s\n", 947 (unlinked != scan) 948 ? "Failed to remove" 949 : "removed", 950 stoa(&scan->sin), stoa(&ep->sin))); 951 } 952 } 953 /* 954 * Add link/site local at the tail of the multicast- 955 * capable unicast interfaces list, so that ntpd will 956 * send from global addresses before link-/site-local 957 * ones. 958 */ 959 if (ep_local) 960 LINK_TAIL_SLIST(*pmclisthead, ep, mclink, endpt); 961 else 962 LINK_SLIST(*pmclisthead, ep, mclink); 963 DPRINTF(4, ("added %s to %s of IPv%s multicast-capable unicast local address list\n", 964 stoa(&ep->sin), 965 (ep_local) 966 ? "tail" 967 : "head", 968 (AF_INET == ep->family) 969 ? "4" 970 : "6")); 971 972 if (INVALID_SOCKET == ep->fd) 973 return; 974 975 /* 976 * select the local address from which to send to multicast. 977 */ 978 switch (AF(&ep->sin)) { 979 980 case AF_INET : 981 rc = setsockopt(ep->fd, IPPROTO_IP, 982 IP_MULTICAST_IF, 983 (void *)&NSRCADR(&ep->sin), 984 sizeof(NSRCADR(&ep->sin))); 985 if (rc) 986 msyslog(LOG_ERR, 987 "setsockopt IP_MULTICAST_IF %s fails: %m", 988 stoa(&ep->sin)); 989 break; 990 991 # ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 992 case AF_INET6 : 993 rc = setsockopt(ep->fd, IPPROTO_IPV6, 994 IPV6_MULTICAST_IF, 995 (void *)&ep->ifindex, 996 sizeof(ep->ifindex)); 997 /* do not complain if bound addr scope is ifindex */ 998 if (rc && ep->ifindex != SCOPE(&ep->sin)) 999 msyslog(LOG_ERR, 1000 "setsockopt IPV6_MULTICAST_IF %u for %s fails: %m", 1001 ep->ifindex, stoa(&ep->sin)); 1002 break; 1003 # endif 1004 } 1005 #endif /* MCAST */ 1006 } 1007 1008 1009 /* 1010 * remove interface from known interface list and clean up 1011 * associated resources 1012 */ 1013 static void 1014 remove_interface( 1015 endpt * ep 1016 ) 1017 { 1018 endpt * unlinked; 1019 endpt ** pmclisthead; 1020 sockaddr_u resmask; 1021 1022 UNLINK_SLIST(unlinked, ep_list, ep, elink, endpt); 1023 if (!ep->ignore_packets && INT_MULTICAST & ep->flags) { 1024 pmclisthead = (AF_INET == ep->family) 1025 ? &mc4_list 1026 : &mc6_list; 1027 UNLINK_SLIST(unlinked, *pmclisthead, ep, mclink, endpt); 1028 DPRINTF(4, ("%s %s IPv%s multicast-capable unicast local address list\n", 1029 stoa(&ep->sin), 1030 (unlinked != NULL) 1031 ? "removed from" 1032 : "not found on", 1033 (AF_INET == ep->family) 1034 ? "4" 1035 : "6")); 1036 } 1037 delete_interface_from_list(ep); 1038 1039 if (ep->fd != INVALID_SOCKET) { 1040 msyslog(LOG_INFO, 1041 "Deleting interface #%d %s, %s#%d, interface stats: received=%ld, sent=%ld, dropped=%ld, active_time=%ld secs", 1042 ep->ifnum, 1043 ep->name, 1044 stoa(&ep->sin), 1045 SRCPORT(&ep->sin), 1046 ep->received, 1047 ep->sent, 1048 ep->notsent, 1049 current_time - ep->starttime); 1050 close_and_delete_fd_from_list(ep->fd); 1051 ep->fd = INVALID_SOCKET; 1052 } 1053 1054 if (ep->bfd != INVALID_SOCKET) { 1055 msyslog(LOG_INFO, 1056 "stop listening for broadcasts to %s on interface #%d %s", 1057 stoa(&ep->bcast), ep->ifnum, ep->name); 1058 close_and_delete_fd_from_list(ep->bfd); 1059 ep->bfd = INVALID_SOCKET; 1060 ep->flags &= ~INT_BCASTOPEN; 1061 } 1062 1063 ninterfaces--; 1064 mon_clearinterface(ep); 1065 1066 /* remove restrict interface entry */ 1067 SET_HOSTMASK(&resmask, AF(&ep->sin)); 1068 hack_restrict(RESTRICT_REMOVEIF, &ep->sin, &resmask, 1069 RESM_NTPONLY | RESM_INTERFACE, RES_IGNORE, 0); 1070 } 1071 1072 1073 static void 1074 log_listen_address( 1075 endpt * ep 1076 ) 1077 { 1078 msyslog(LOG_INFO, "%s on %d %s %s", 1079 (ep->ignore_packets) 1080 ? "Listen and drop" 1081 : "Listen normally", 1082 ep->ifnum, 1083 ep->name, 1084 sptoa(&ep->sin)); 1085 } 1086 1087 1088 static void 1089 create_wildcards( 1090 u_short port 1091 ) 1092 { 1093 int v4wild; 1094 #ifdef INCLUDE_IPV6_SUPPORT 1095 int v6wild; 1096 #endif 1097 sockaddr_u wildaddr; 1098 nic_rule_action action; 1099 struct interface * wildif; 1100 1101 /* 1102 * silence "potentially uninitialized" warnings from VC9 1103 * failing to follow the logic. Ideally action could remain 1104 * uninitialized, and the memset be the first statement under 1105 * the first if (v4wild). 1106 */ 1107 action = ACTION_LISTEN; 1108 ZERO(wildaddr); 1109 1110 #ifdef INCLUDE_IPV6_SUPPORT 1111 /* 1112 * create pseudo-interface with wildcard IPv6 address 1113 */ 1114 v6wild = ipv6_works; 1115 if (v6wild) { 1116 /* set wildaddr to the v6 wildcard address :: */ 1117 ZERO(wildaddr); 1118 AF(&wildaddr) = AF_INET6; 1119 SET_ADDR6N(&wildaddr, in6addr_any); 1120 SET_PORT(&wildaddr, port); 1121 SET_SCOPE(&wildaddr, 0); 1122 1123 /* check for interface/nic rules affecting the wildcard */ 1124 action = interface_action(NULL, &wildaddr, 0); 1125 v6wild = (ACTION_IGNORE != action); 1126 } 1127 if (v6wild) { 1128 wildif = new_interface(NULL); 1129 1130 strlcpy(wildif->name, "v6wildcard", sizeof(wildif->name)); 1131 memcpy(&wildif->sin, &wildaddr, sizeof(wildif->sin)); 1132 wildif->family = AF_INET6; 1133 AF(&wildif->mask) = AF_INET6; 1134 SET_ONESMASK(&wildif->mask); 1135 1136 wildif->flags = INT_UP | INT_WILDCARD; 1137 wildif->ignore_packets = (ACTION_DROP == action); 1138 1139 wildif->fd = open_socket(&wildif->sin, 0, 1, wildif); 1140 1141 if (wildif->fd != INVALID_SOCKET) { 1142 wildipv6 = wildif; 1143 any6_interface = wildif; 1144 add_addr_to_list(&wildif->sin, wildif); 1145 add_interface(wildif); 1146 log_listen_address(wildif); 1147 } else { 1148 msyslog(LOG_ERR, 1149 "unable to bind to wildcard address %s - another process may be running - EXITING", 1150 stoa(&wildif->sin)); 1151 exit(1); 1152 } 1153 DPRINT_INTERFACE(2, (wildif, "created ", "\n")); 1154 } 1155 #endif 1156 1157 /* 1158 * create pseudo-interface with wildcard IPv4 address 1159 */ 1160 v4wild = ipv4_works; 1161 if (v4wild) { 1162 /* set wildaddr to the v4 wildcard address 0.0.0.0 */ 1163 AF(&wildaddr) = AF_INET; 1164 SET_ADDR4N(&wildaddr, INADDR_ANY); 1165 SET_PORT(&wildaddr, port); 1166 1167 /* check for interface/nic rules affecting the wildcard */ 1168 action = interface_action(NULL, &wildaddr, 0); 1169 v4wild = (ACTION_IGNORE != action); 1170 } 1171 if (v4wild) { 1172 wildif = new_interface(NULL); 1173 1174 strlcpy(wildif->name, "v4wildcard", sizeof(wildif->name)); 1175 memcpy(&wildif->sin, &wildaddr, sizeof(wildif->sin)); 1176 wildif->family = AF_INET; 1177 AF(&wildif->mask) = AF_INET; 1178 SET_ONESMASK(&wildif->mask); 1179 1180 wildif->flags = INT_BROADCAST | INT_UP | INT_WILDCARD; 1181 wildif->ignore_packets = (ACTION_DROP == action); 1182 #if defined(MCAST) 1183 /* 1184 * enable multicast reception on the broadcast socket 1185 */ 1186 AF(&wildif->bcast) = AF_INET; 1187 SET_ADDR4N(&wildif->bcast, INADDR_ANY); 1188 SET_PORT(&wildif->bcast, port); 1189 #endif /* MCAST */ 1190 wildif->fd = open_socket(&wildif->sin, 0, 1, wildif); 1191 1192 if (wildif->fd != INVALID_SOCKET) { 1193 wildipv4 = wildif; 1194 any_interface = wildif; 1195 1196 add_addr_to_list(&wildif->sin, wildif); 1197 add_interface(wildif); 1198 log_listen_address(wildif); 1199 } else { 1200 msyslog(LOG_ERR, 1201 "unable to bind to wildcard address %s - another process may be running - EXITING", 1202 stoa(&wildif->sin)); 1203 exit(1); 1204 } 1205 DPRINT_INTERFACE(2, (wildif, "created ", "\n")); 1206 } 1207 } 1208 1209 1210 /* 1211 * add_nic_rule() -- insert a rule entry at the head of nic_rule_list. 1212 */ 1213 void 1214 add_nic_rule( 1215 nic_rule_match match_type, 1216 const char * if_name, /* interface name or numeric address */ 1217 int prefixlen, 1218 nic_rule_action action 1219 ) 1220 { 1221 nic_rule * rule; 1222 isc_boolean_t is_ip; 1223 1224 rule = emalloc_zero(sizeof(*rule)); 1225 rule->match_type = match_type; 1226 rule->prefixlen = prefixlen; 1227 rule->action = action; 1228 1229 if (MATCH_IFNAME == match_type) { 1230 NTP_REQUIRE(NULL != if_name); 1231 rule->if_name = estrdup(if_name); 1232 } else if (MATCH_IFADDR == match_type) { 1233 NTP_REQUIRE(NULL != if_name); 1234 /* set rule->addr */ 1235 is_ip = is_ip_address(if_name, AF_UNSPEC, &rule->addr); 1236 NTP_REQUIRE(is_ip); 1237 } else 1238 NTP_REQUIRE(NULL == if_name); 1239 1240 LINK_SLIST(nic_rule_list, rule, next); 1241 } 1242 1243 1244 #ifdef DEBUG 1245 static const char * 1246 action_text( 1247 nic_rule_action action 1248 ) 1249 { 1250 const char *t; 1251 1252 switch (action) { 1253 1254 default: 1255 t = "ERROR"; /* quiet uninit warning */ 1256 DPRINTF(1, ("fatal: unknown nic_rule_action %d\n", 1257 action)); 1258 NTP_ENSURE(0); 1259 break; 1260 1261 case ACTION_LISTEN: 1262 t = "listen"; 1263 break; 1264 1265 case ACTION_IGNORE: 1266 t = "ignore"; 1267 break; 1268 1269 case ACTION_DROP: 1270 t = "drop"; 1271 break; 1272 } 1273 1274 return t; 1275 } 1276 #endif /* DEBUG */ 1277 1278 1279 static nic_rule_action 1280 interface_action( 1281 char * if_name, 1282 sockaddr_u * if_addr, 1283 u_int32 if_flags 1284 ) 1285 { 1286 nic_rule * rule; 1287 int isloopback; 1288 int iswildcard; 1289 1290 DPRINTF(4, ("interface_action: interface %s ", 1291 (if_name != NULL) ? if_name : "wildcard")); 1292 1293 iswildcard = is_wildcard_addr(if_addr); 1294 isloopback = !!(INT_LOOPBACK & if_flags); 1295 1296 /* 1297 * Find any matching NIC rule from --interface / -I or ntp.conf 1298 * interface/nic rules. 1299 */ 1300 for (rule = nic_rule_list; rule != NULL; rule = rule->next) { 1301 1302 switch (rule->match_type) { 1303 1304 case MATCH_ALL: 1305 /* loopback and wildcard excluded from "all" */ 1306 if (isloopback || iswildcard) 1307 break; 1308 DPRINTF(4, ("nic all %s\n", 1309 action_text(rule->action))); 1310 return rule->action; 1311 1312 case MATCH_IPV4: 1313 if (IS_IPV4(if_addr)) { 1314 DPRINTF(4, ("nic ipv4 %s\n", 1315 action_text(rule->action))); 1316 return rule->action; 1317 } 1318 break; 1319 1320 case MATCH_IPV6: 1321 if (IS_IPV6(if_addr)) { 1322 DPRINTF(4, ("nic ipv6 %s\n", 1323 action_text(rule->action))); 1324 return rule->action; 1325 } 1326 break; 1327 1328 case MATCH_WILDCARD: 1329 if (iswildcard) { 1330 DPRINTF(4, ("nic wildcard %s\n", 1331 action_text(rule->action))); 1332 return rule->action; 1333 } 1334 break; 1335 1336 case MATCH_IFADDR: 1337 if (rule->prefixlen != -1) { 1338 if (addr_eqprefix(if_addr, &rule->addr, 1339 rule->prefixlen)) { 1340 1341 DPRINTF(4, ("subnet address match - %s\n", 1342 action_text(rule->action))); 1343 return rule->action; 1344 } 1345 } else 1346 if (SOCK_EQ(if_addr, &rule->addr)) { 1347 1348 DPRINTF(4, ("address match - %s\n", 1349 action_text(rule->action))); 1350 return rule->action; 1351 } 1352 break; 1353 1354 case MATCH_IFNAME: 1355 if (if_name != NULL 1356 && !strcasecmp(if_name, rule->if_name)) { 1357 1358 DPRINTF(4, ("interface name match - %s\n", 1359 action_text(rule->action))); 1360 return rule->action; 1361 } 1362 break; 1363 } 1364 } 1365 1366 /* 1367 * Unless explicitly disabled such as with "nic ignore ::1" 1368 * listen on loopback addresses. Since ntpq and ntpdc query 1369 * "localhost" by default, which typically resolves to ::1 and 1370 * 127.0.0.1, it's useful to default to listening on both. 1371 */ 1372 if (isloopback) { 1373 DPRINTF(4, ("default loopback listen\n")); 1374 return ACTION_LISTEN; 1375 } 1376 1377 /* 1378 * Treat wildcard addresses specially. If there is no explicit 1379 * "nic ... wildcard" or "nic ... 0.0.0.0" or "nic ... ::" rule 1380 * default to drop. 1381 */ 1382 if (iswildcard) { 1383 DPRINTF(4, ("default wildcard drop\n")); 1384 return ACTION_DROP; 1385 } 1386 1387 /* 1388 * Check for "virtual IP" (colon in the interface name) after 1389 * the rules so that "ntpd --interface eth0:1 -novirtualips" 1390 * does indeed listen on eth0:1's addresses. 1391 */ 1392 if (!listen_to_virtual_ips && if_name != NULL 1393 && (strchr(if_name, ':') != NULL)) { 1394 1395 DPRINTF(4, ("virtual ip - ignore\n")); 1396 return ACTION_IGNORE; 1397 } 1398 1399 /* 1400 * If there are no --interface/-I command-line options and no 1401 * interface/nic rules in ntp.conf, the default action is to 1402 * listen. In the presence of rules from either, the default 1403 * is to ignore. This implements ntpd's traditional listen- 1404 * every default with no interface listen configuration, and 1405 * ensures a single -I eth0 or "nic listen eth0" means do not 1406 * listen on any other addresses. 1407 */ 1408 if (NULL == nic_rule_list) { 1409 DPRINTF(4, ("default listen\n")); 1410 return ACTION_LISTEN; 1411 } 1412 1413 DPRINTF(4, ("implicit ignore\n")); 1414 return ACTION_IGNORE; 1415 } 1416 1417 1418 static void 1419 convert_isc_if( 1420 isc_interface_t *isc_if, 1421 endpt *itf, 1422 u_short port 1423 ) 1424 { 1425 const u_char v6loop[16] = {0, 0, 0, 0, 0, 0, 0, 0, 1426 0, 0, 0, 0, 0, 0, 0, 1}; 1427 1428 strlcpy(itf->name, isc_if->name, sizeof(itf->name)); 1429 itf->ifindex = isc_if->ifindex; 1430 itf->family = (u_short)isc_if->af; 1431 AF(&itf->sin) = itf->family; 1432 AF(&itf->mask) = itf->family; 1433 AF(&itf->bcast) = itf->family; 1434 SET_PORT(&itf->sin, port); 1435 SET_PORT(&itf->mask, port); 1436 SET_PORT(&itf->bcast, port); 1437 1438 if (IS_IPV4(&itf->sin)) { 1439 NSRCADR(&itf->sin) = isc_if->address.type.in.s_addr; 1440 NSRCADR(&itf->mask) = isc_if->netmask.type.in.s_addr; 1441 1442 if (isc_if->flags & INTERFACE_F_BROADCAST) { 1443 itf->flags |= INT_BROADCAST; 1444 NSRCADR(&itf->bcast) = 1445 isc_if->broadcast.type.in.s_addr; 1446 } 1447 } 1448 #ifdef INCLUDE_IPV6_SUPPORT 1449 else if (IS_IPV6(&itf->sin)) { 1450 SET_ADDR6N(&itf->sin, isc_if->address.type.in6); 1451 SET_ADDR6N(&itf->mask, isc_if->netmask.type.in6); 1452 1453 SET_SCOPE(&itf->sin, isc_if->address.zone); 1454 } 1455 #endif /* INCLUDE_IPV6_SUPPORT */ 1456 1457 1458 /* Process the rest of the flags */ 1459 1460 itf->flags |= 1461 ((INTERFACE_F_UP & isc_if->flags) 1462 ? INT_UP : 0) 1463 | ((INTERFACE_F_LOOPBACK & isc_if->flags) 1464 ? INT_LOOPBACK : 0) 1465 | ((INTERFACE_F_POINTTOPOINT & isc_if->flags) 1466 ? INT_PPP : 0) 1467 | ((INTERFACE_F_MULTICAST & isc_if->flags) 1468 ? INT_MULTICAST : 0) 1469 | ((INTERFACE_F_PRIVACY & isc_if->flags) 1470 ? INT_PRIVACY : 0) 1471 ; 1472 1473 /* 1474 * Clear the loopback flag if the address is not localhost. 1475 * http://bugs.ntp.org/1683 1476 */ 1477 if (INT_LOOPBACK & itf->flags) { 1478 if (AF_INET == itf->family) { 1479 if (127 != (SRCADR(&itf->sin) >> 24)) 1480 itf->flags &= ~INT_LOOPBACK; 1481 } else { 1482 if (memcmp(v6loop, NSRCADR6(&itf->sin), 1483 sizeof(NSRCADR6(&itf->sin)))) 1484 itf->flags &= ~INT_LOOPBACK; 1485 } 1486 } 1487 } 1488 1489 1490 /* 1491 * refresh_interface 1492 * 1493 * some OSes have been observed to keep 1494 * cached routes even when more specific routes 1495 * become available. 1496 * this can be mitigated by re-binding 1497 * the socket. 1498 */ 1499 static int 1500 refresh_interface( 1501 struct interface * interface 1502 ) 1503 { 1504 #ifdef OS_MISSES_SPECIFIC_ROUTE_UPDATES 1505 if (interface->fd != INVALID_SOCKET) { 1506 int bcast = (interface->flags & INT_BCASTXMIT) != 0; 1507 /* as we forcibly close() the socket remove the 1508 broadcast permission indication */ 1509 if (bcast) 1510 socket_broadcast_disable(interface, &interface->sin); 1511 1512 close_and_delete_fd_from_list(interface->fd); 1513 1514 /* create new socket picking up a new first hop binding 1515 at connect() time */ 1516 interface->fd = open_socket(&interface->sin, 1517 bcast, 0, interface); 1518 /* 1519 * reset TTL indication so TTL is is set again 1520 * next time around 1521 */ 1522 interface->last_ttl = 0; 1523 return (interface->fd != INVALID_SOCKET); 1524 } else 1525 return 0; /* invalid sockets are not refreshable */ 1526 #else /* !OS_MISSES_SPECIFIC_ROUTE_UPDATES */ 1527 return (interface->fd != INVALID_SOCKET); 1528 #endif /* !OS_MISSES_SPECIFIC_ROUTE_UPDATES */ 1529 } 1530 1531 /* 1532 * interface_update - externally callable update function 1533 */ 1534 void 1535 interface_update( 1536 interface_receiver_t receiver, 1537 void * data) 1538 { 1539 int new_interface_found; 1540 1541 if (disable_dynamic_updates) 1542 return; 1543 1544 BLOCKIO(); 1545 new_interface_found = update_interfaces(NTP_PORT, receiver, data); 1546 UNBLOCKIO(); 1547 1548 if (!new_interface_found) 1549 return; 1550 1551 #ifdef DEBUG 1552 msyslog(LOG_DEBUG, "new interface(s) found: waking up resolver"); 1553 #endif 1554 interrupt_worker_sleep(); 1555 } 1556 1557 1558 /* 1559 * sau_from_netaddr() - convert network address on-wire formats. 1560 * Convert from libisc's isc_netaddr_t to NTP's sockaddr_u 1561 */ 1562 void 1563 sau_from_netaddr( 1564 sockaddr_u *psau, 1565 const isc_netaddr_t *pna 1566 ) 1567 { 1568 ZERO_SOCK(psau); 1569 AF(psau) = (u_short)pna->family; 1570 switch (pna->family) { 1571 1572 case AF_INET: 1573 memcpy(&psau->sa4.sin_addr, &pna->type.in, 1574 sizeof(psau->sa4.sin_addr)); 1575 break; 1576 1577 case AF_INET6: 1578 memcpy(&psau->sa6.sin6_addr, &pna->type.in6, 1579 sizeof(psau->sa6.sin6_addr)); 1580 break; 1581 } 1582 } 1583 1584 1585 static int 1586 is_wildcard_addr( 1587 const sockaddr_u *psau 1588 ) 1589 { 1590 if (IS_IPV4(psau) && !NSRCADR(psau)) 1591 return 1; 1592 1593 #ifdef INCLUDE_IPV6_SUPPORT 1594 if (IS_IPV6(psau) && S_ADDR6_EQ(psau, &in6addr_any)) 1595 return 1; 1596 #endif 1597 1598 return 0; 1599 } 1600 1601 1602 #ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 1603 /* 1604 * enable/disable re-use of wildcard address socket 1605 */ 1606 static void 1607 set_wildcard_reuse( 1608 u_short family, 1609 int on 1610 ) 1611 { 1612 struct interface *any; 1613 SOCKET fd = INVALID_SOCKET; 1614 1615 any = ANY_INTERFACE_BYFAM(family); 1616 if (any != NULL) 1617 fd = any->fd; 1618 1619 if (fd != INVALID_SOCKET) { 1620 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, 1621 (char *)&on, sizeof(on))) 1622 msyslog(LOG_ERR, 1623 "set_wildcard_reuse: setsockopt(SO_REUSEADDR, %s) failed: %m", 1624 on ? "on" : "off"); 1625 1626 DPRINTF(4, ("set SO_REUSEADDR to %s on %s\n", 1627 on ? "on" : "off", 1628 stoa(&any->sin))); 1629 } 1630 } 1631 #endif /* OS_NEEDS_REUSEADDR_FOR_IFADDRBIND */ 1632 1633 1634 static isc_boolean_t 1635 check_flags6( 1636 sockaddr_u *psau, 1637 const char *name, 1638 u_int32 flags6 1639 ) 1640 { 1641 #if defined(INCLUDE_IPV6_SUPPORT) && defined(SIOCGIFAFLAG_IN6) 1642 struct in6_ifreq ifr6; 1643 int fd; 1644 1645 if (psau->sa.sa_family != AF_INET6) 1646 return ISC_FALSE; 1647 if ((fd = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) 1648 return ISC_FALSE; 1649 ZERO(ifr6); 1650 memcpy(&ifr6.ifr_addr, &psau->sa6, sizeof(ifr6.ifr_addr)); 1651 strlcpy(ifr6.ifr_name, name, sizeof(ifr6.ifr_name)); 1652 if (ioctl(fd, SIOCGIFAFLAG_IN6, &ifr6) < 0) { 1653 close(fd); 1654 return ISC_FALSE; 1655 } 1656 close(fd); 1657 if ((ifr6.ifr_ifru.ifru_flags6 & flags6) != 0) 1658 return ISC_TRUE; 1659 #endif /* INCLUDE_IPV6_SUPPORT && SIOCGIFAFLAG_IN6 */ 1660 return ISC_FALSE; 1661 } 1662 1663 static isc_boolean_t 1664 is_anycast( 1665 sockaddr_u *psau, 1666 const char *name 1667 ) 1668 { 1669 #ifdef IN6_IFF_ANYCAST 1670 return check_flags6(psau, name, IN6_IFF_ANYCAST); 1671 #else 1672 return ISC_FALSE; 1673 #endif 1674 } 1675 1676 static isc_boolean_t 1677 is_valid( 1678 sockaddr_u *psau, 1679 const char *name 1680 ) 1681 { 1682 u_int32 flags6; 1683 1684 flags6 = 0; 1685 #ifdef IN6_IFF_DEPARTED 1686 flags6 |= IN6_IFF_DEPARTED; 1687 #endif 1688 #ifdef IN6_IFF_DETACHED 1689 flags6 |= IN6_IFF_DETACHED; 1690 #endif 1691 #ifdef IN6_IFF_TENTATIVE 1692 flags6 |= IN6_IFF_TENTATIVE; 1693 #endif 1694 return check_flags6(psau, name, flags6) ? ISC_FALSE : ISC_TRUE; 1695 } 1696 1697 /* 1698 * update_interface strategy 1699 * 1700 * toggle configuration phase 1701 * 1702 * Phase 1: 1703 * forall currently existing interfaces 1704 * if address is known: 1705 * drop socket - rebind again 1706 * 1707 * if address is NOT known: 1708 * attempt to create a new interface entry 1709 * 1710 * Phase 2: 1711 * forall currently known non MCAST and WILDCARD interfaces 1712 * if interface does not match configuration phase (not seen in phase 1): 1713 * remove interface from known interface list 1714 * forall peers associated with this interface 1715 * disconnect peer from this interface 1716 * 1717 * Phase 3: 1718 * attempt to re-assign interfaces to peers 1719 * 1720 */ 1721 1722 static int 1723 update_interfaces( 1724 u_short port, 1725 interface_receiver_t receiver, 1726 void * data 1727 ) 1728 { 1729 isc_mem_t * mctx = (void *)-1; 1730 interface_info_t ifi; 1731 isc_interfaceiter_t * iter; 1732 isc_result_t result; 1733 isc_interface_t isc_if; 1734 int new_interface_found; 1735 unsigned int family; 1736 endpt enumep; 1737 endpt * ep; 1738 endpt * next_ep; 1739 1740 DPRINTF(3, ("update_interfaces(%d)\n", port)); 1741 1742 /* 1743 * phase one - scan interfaces 1744 * - create those that are not found 1745 * - update those that are found 1746 */ 1747 1748 new_interface_found = FALSE; 1749 iter = NULL; 1750 result = isc_interfaceiter_create(mctx, &iter); 1751 1752 if (result != ISC_R_SUCCESS) 1753 return 0; 1754 1755 /* 1756 * Toggle system interface scan phase to find untouched 1757 * interfaces to be deleted. 1758 */ 1759 sys_interphase ^= 0x1; 1760 1761 for (result = isc_interfaceiter_first(iter); 1762 ISC_R_SUCCESS == result; 1763 result = isc_interfaceiter_next(iter)) { 1764 1765 result = isc_interfaceiter_current(iter, &isc_if); 1766 1767 if (result != ISC_R_SUCCESS) 1768 break; 1769 1770 /* See if we have a valid family to use */ 1771 family = isc_if.address.family; 1772 if (AF_INET != family && AF_INET6 != family) 1773 continue; 1774 if (AF_INET == family && !ipv4_works) 1775 continue; 1776 if (AF_INET6 == family && !ipv6_works) 1777 continue; 1778 1779 /* create prototype */ 1780 init_interface(&enumep); 1781 1782 convert_isc_if(&isc_if, &enumep, port); 1783 1784 DPRINT_INTERFACE(4, (&enumep, "examining ", "\n")); 1785 1786 /* 1787 * Check if and how we are going to use the interface. 1788 */ 1789 switch (interface_action(enumep.name, &enumep.sin, 1790 enumep.flags)) { 1791 1792 case ACTION_IGNORE: 1793 DPRINTF(4, ("ignoring interface %s (%s) - by nic rules\n", 1794 enumep.name, stoa(&enumep.sin))); 1795 continue; 1796 1797 case ACTION_LISTEN: 1798 DPRINTF(4, ("listen interface %s (%s) - by nic rules\n", 1799 enumep.name, stoa(&enumep.sin))); 1800 enumep.ignore_packets = ISC_FALSE; 1801 break; 1802 1803 case ACTION_DROP: 1804 DPRINTF(4, ("drop on interface %s (%s) - by nic rules\n", 1805 enumep.name, stoa(&enumep.sin))); 1806 enumep.ignore_packets = ISC_TRUE; 1807 break; 1808 } 1809 1810 /* interfaces must be UP to be usable */ 1811 if (!(enumep.flags & INT_UP)) { 1812 DPRINTF(4, ("skipping interface %s (%s) - DOWN\n", 1813 enumep.name, stoa(&enumep.sin))); 1814 continue; 1815 } 1816 1817 /* 1818 * skip any interfaces UP and bound to a wildcard 1819 * address - some dhcp clients produce that in the 1820 * wild 1821 */ 1822 if (is_wildcard_addr(&enumep.sin)) 1823 continue; 1824 1825 if (is_anycast(&enumep.sin, isc_if.name)) 1826 continue; 1827 1828 /* 1829 * skip any address that is an invalid state to be used 1830 */ 1831 if (!is_valid(&enumep.sin, isc_if.name)) 1832 continue; 1833 1834 /* 1835 * map to local *address* in order to map all duplicate 1836 * interfaces to an endpt structure with the appropriate 1837 * socket. Our name space is (ip-address), NOT 1838 * (interface name, ip-address). 1839 */ 1840 ep = getinterface(&enumep.sin, INT_WILDCARD); 1841 1842 if (ep != NULL && refresh_interface(ep)) { 1843 /* 1844 * found existing and up to date interface - 1845 * mark present. 1846 */ 1847 if (ep->phase != sys_interphase) { 1848 /* 1849 * On a new round we reset the name so 1850 * the interface name shows up again if 1851 * this address is no longer shared. 1852 * We reset ignore_packets from the 1853 * new prototype to respect any runtime 1854 * changes to the nic rules. 1855 */ 1856 strlcpy(ep->name, enumep.name, 1857 sizeof(ep->name)); 1858 ep->ignore_packets = 1859 enumep.ignore_packets; 1860 } else { 1861 /* name collision - rename interface */ 1862 strlcpy(ep->name, "*multiple*", 1863 sizeof(ep->name)); 1864 } 1865 1866 DPRINT_INTERFACE(4, (ep, "updating ", 1867 " present\n")); 1868 1869 if (ep->ignore_packets != 1870 enumep.ignore_packets) { 1871 /* 1872 * We have conflicting configurations 1873 * for the interface address. This is 1874 * caused by using -I <interfacename> 1875 * for an interface that shares its 1876 * address with other interfaces. We 1877 * can not disambiguate incoming 1878 * packets delivered to this socket 1879 * without extra syscalls/features. 1880 * These are not (commonly) available. 1881 * Note this is a more unusual 1882 * configuration where several 1883 * interfaces share an address but 1884 * filtering via interface name is 1885 * attempted. We resolve the 1886 * configuration conflict by disabling 1887 * the processing of received packets. 1888 * This leads to no service on the 1889 * interface address where the conflict 1890 * occurs. 1891 */ 1892 msyslog(LOG_ERR, 1893 "WARNING: conflicting enable configuration for interfaces %s and %s for address %s - unsupported configuration - address DISABLED", 1894 enumep.name, ep->name, 1895 stoa(&enumep.sin)); 1896 1897 ep->ignore_packets = ISC_TRUE; 1898 } 1899 1900 ep->phase = sys_interphase; 1901 1902 ifi.action = IFS_EXISTS; 1903 ifi.ep = ep; 1904 if (receiver != NULL) 1905 (*receiver)(data, &ifi); 1906 } else { 1907 /* 1908 * This is new or refreshing failed - add to 1909 * our interface list. If refreshing failed we 1910 * will delete the interface structure in phase 1911 * 2 as the interface was not marked current. 1912 * We can bind to the address as the refresh 1913 * code already closed the offending socket 1914 */ 1915 ep = create_interface(port, &enumep); 1916 1917 if (ep != NULL) { 1918 ifi.action = IFS_CREATED; 1919 ifi.ep = ep; 1920 if (receiver != NULL) 1921 (*receiver)(data, &ifi); 1922 1923 new_interface_found = TRUE; 1924 DPRINT_INTERFACE(3, 1925 (ep, "updating ", 1926 " new - created\n")); 1927 } else { 1928 DPRINT_INTERFACE(3, 1929 (&enumep, "updating ", 1930 " new - creation FAILED")); 1931 1932 msyslog(LOG_INFO, 1933 "failed to init interface for address %s", 1934 stoa(&enumep.sin)); 1935 continue; 1936 } 1937 } 1938 } 1939 1940 isc_interfaceiter_destroy(&iter); 1941 1942 /* 1943 * phase 2 - delete gone interfaces - reassigning peers to 1944 * other interfaces 1945 */ 1946 for (ep = ep_list; ep != NULL; ep = next_ep) { 1947 next_ep = ep->elink; 1948 1949 /* 1950 * if phase does not match sys_phase this interface was 1951 * not enumerated during the last interface scan - so it 1952 * is gone and will be deleted here unless it did not 1953 * originate from interface enumeration (INT_WILDCARD, 1954 * INT_MCASTIF). 1955 */ 1956 if (((INT_WILDCARD | INT_MCASTIF) & ep->flags) || 1957 ep->phase == sys_interphase) 1958 continue; 1959 1960 DPRINT_INTERFACE(3, (ep, "updating ", 1961 "GONE - deleting\n")); 1962 remove_interface(ep); 1963 1964 ifi.action = IFS_DELETED; 1965 ifi.ep = ep; 1966 if (receiver != NULL) 1967 (*receiver)(data, &ifi); 1968 1969 /* disconnect peers from deleted endpt. */ 1970 while (ep->peers != NULL) 1971 set_peerdstadr(ep->peers, NULL); 1972 1973 /* 1974 * update globals in case we lose 1975 * a loopback interface 1976 */ 1977 if (ep == loopback_interface) 1978 loopback_interface = NULL; 1979 1980 delete_interface(ep); 1981 } 1982 1983 /* 1984 * phase 3 - re-configure as the world has possibly changed 1985 * 1986 * never ever make this conditional again - it is needed to track 1987 * routing updates. see bug #2506 1988 */ 1989 refresh_all_peerinterfaces(); 1990 1991 if (broadcast_client_enabled) 1992 io_setbclient(); 1993 1994 if (sys_bclient) 1995 io_setbclient(); 1996 1997 return new_interface_found; 1998 } 1999 2000 2001 /* 2002 * create_sockets - create a socket for each interface plus a default 2003 * socket for when we don't know where to send 2004 */ 2005 static int 2006 create_sockets( 2007 u_short port 2008 ) 2009 { 2010 #ifndef HAVE_IO_COMPLETION_PORT 2011 /* 2012 * I/O Completion Ports don't care about the select and FD_SET 2013 */ 2014 maxactivefd = 0; 2015 FD_ZERO(&activefds); 2016 #endif 2017 2018 DPRINTF(2, ("create_sockets(%d)\n", port)); 2019 2020 create_wildcards(port); 2021 2022 update_interfaces(port, NULL, NULL); 2023 2024 /* 2025 * Now that we have opened all the sockets, turn off the reuse 2026 * flag for security. 2027 */ 2028 set_reuseaddr(0); 2029 2030 DPRINTF(2, ("create_sockets: Total interfaces = %d\n", ninterfaces)); 2031 2032 return ninterfaces; 2033 } 2034 2035 /* 2036 * create_interface - create a new interface for a given prototype 2037 * binding the socket. 2038 */ 2039 static struct interface * 2040 create_interface( 2041 u_short port, 2042 struct interface * protot 2043 ) 2044 { 2045 sockaddr_u resmask; 2046 endpt * iface; 2047 #if defined(MCAST) && defined(MULTICAST_NONEWSOCKET) 2048 remaddr_t * entry; 2049 remaddr_t * next_entry; 2050 #endif 2051 DPRINTF(2, ("create_interface(%s#%d)\n", stoa(&protot->sin), 2052 port)); 2053 2054 /* build an interface */ 2055 iface = new_interface(protot); 2056 2057 /* 2058 * create socket 2059 */ 2060 iface->fd = open_socket(&iface->sin, 0, 0, iface); 2061 2062 if (iface->fd != INVALID_SOCKET) 2063 log_listen_address(iface); 2064 2065 if ((INT_BROADCAST & iface->flags) 2066 && iface->bfd != INVALID_SOCKET) 2067 msyslog(LOG_INFO, "Listening on broadcast address %s#%d", 2068 stoa((&iface->bcast)), port); 2069 2070 if (INVALID_SOCKET == iface->fd 2071 && INVALID_SOCKET == iface->bfd) { 2072 msyslog(LOG_ERR, "unable to create socket on %s (%d) for %s#%d", 2073 iface->name, 2074 iface->ifnum, 2075 stoa((&iface->sin)), 2076 port); 2077 delete_interface(iface); 2078 return NULL; 2079 } 2080 2081 /* 2082 * Blacklist our own addresses, no use talking to ourself 2083 */ 2084 SET_HOSTMASK(&resmask, AF(&iface->sin)); 2085 hack_restrict(RESTRICT_FLAGS, &iface->sin, &resmask, 2086 RESM_NTPONLY | RESM_INTERFACE, RES_IGNORE, 0); 2087 2088 /* 2089 * set globals with the first found 2090 * loopback interface of the appropriate class 2091 */ 2092 if (NULL == loopback_interface && AF_INET == iface->family 2093 && (INT_LOOPBACK & iface->flags)) 2094 loopback_interface = iface; 2095 2096 /* 2097 * put into our interface list 2098 */ 2099 add_addr_to_list(&iface->sin, iface); 2100 add_interface(iface); 2101 2102 #if defined(MCAST) && defined(MULTICAST_NONEWSOCKET) 2103 /* 2104 * Join any previously-configured compatible multicast groups. 2105 */ 2106 if (INT_MULTICAST & iface->flags && 2107 !((INT_LOOPBACK | INT_WILDCARD) & iface->flags) && 2108 !iface->ignore_packets) { 2109 for (entry = remoteaddr_list; 2110 entry != NULL; 2111 entry = next_entry) { 2112 next_entry = entry->link; 2113 if (AF(&iface->sin) != AF(&entry->addr) || 2114 !IS_MCAST(&entry->addr)) 2115 continue; 2116 if (socket_multicast_enable(iface, 2117 &entry->addr)) 2118 msyslog(LOG_INFO, 2119 "Joined %s socket to multicast group %s", 2120 stoa(&iface->sin), 2121 stoa(&entry->addr)); 2122 else 2123 msyslog(LOG_ERR, 2124 "Failed to join %s socket to multicast group %s", 2125 stoa(&iface->sin), 2126 stoa(&entry->addr)); 2127 } 2128 } 2129 #endif /* MCAST && MCAST_NONEWSOCKET */ 2130 2131 DPRINT_INTERFACE(2, (iface, "created ", "\n")); 2132 return iface; 2133 } 2134 2135 2136 #ifdef SO_EXCLUSIVEADDRUSE 2137 static void 2138 set_excladdruse( 2139 SOCKET fd 2140 ) 2141 { 2142 int one = 1; 2143 int failed; 2144 #ifdef SYS_WINNT 2145 DWORD err; 2146 #endif 2147 2148 failed = setsockopt(fd, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, 2149 (char *)&one, sizeof(one)); 2150 2151 if (!failed) 2152 return; 2153 2154 #ifdef SYS_WINNT 2155 /* 2156 * Prior to Windows XP setting SO_EXCLUSIVEADDRUSE can fail with 2157 * error WSAINVAL depending on service pack level and whether 2158 * the user account is in the Administrators group. Do not 2159 * complain if it fails that way on versions prior to XP (5.1). 2160 */ 2161 err = GetLastError(); 2162 2163 if (isc_win32os_versioncheck(5, 1, 0, 0) < 0 /* < 5.1/XP */ 2164 && WSAEINVAL == err) 2165 return; 2166 2167 SetLastError(err); 2168 #endif 2169 msyslog(LOG_ERR, 2170 "setsockopt(%d, SO_EXCLUSIVEADDRUSE, on): %m", 2171 (int)fd); 2172 } 2173 #endif /* SO_EXCLUSIVEADDRUSE */ 2174 2175 2176 /* 2177 * set_reuseaddr() - set/clear REUSEADDR on all sockets 2178 * NB possible hole - should we be doing this on broadcast 2179 * fd's also? 2180 */ 2181 static void 2182 set_reuseaddr( 2183 int flag 2184 ) 2185 { 2186 #ifndef SO_EXCLUSIVEADDRUSE 2187 endpt *ep; 2188 2189 for (ep = ep_list; ep != NULL; ep = ep->elink) { 2190 if (ep->flags & INT_WILDCARD) 2191 continue; 2192 2193 /* 2194 * if ep->fd is INVALID_SOCKET, we might have a adapter 2195 * configured but not present 2196 */ 2197 DPRINTF(4, ("setting SO_REUSEADDR on %.16s@%s to %s\n", 2198 ep->name, stoa(&ep->sin), 2199 flag ? "on" : "off")); 2200 2201 if (ep->fd != INVALID_SOCKET) { 2202 if (setsockopt(ep->fd, SOL_SOCKET, SO_REUSEADDR, 2203 (char *)&flag, sizeof(flag))) { 2204 msyslog(LOG_ERR, "set_reuseaddr: setsockopt(%s, SO_REUSEADDR, %s) failed: %m", 2205 stoa(&ep->sin), flag ? "on" : "off"); 2206 } 2207 } 2208 } 2209 #endif /* ! SO_EXCLUSIVEADDRUSE */ 2210 } 2211 2212 /* 2213 * This is just a wrapper around an internal function so we can 2214 * make other changes as necessary later on 2215 */ 2216 void 2217 enable_broadcast( 2218 struct interface * iface, 2219 sockaddr_u * baddr 2220 ) 2221 { 2222 #ifdef OPEN_BCAST_SOCKET 2223 socket_broadcast_enable(iface, iface->fd, baddr); 2224 #endif 2225 } 2226 2227 #ifdef OPEN_BCAST_SOCKET 2228 /* 2229 * Enable a broadcast address to a given socket 2230 * The socket is in the ep_list all we need to do is enable 2231 * broadcasting. It is not this function's job to select the socket 2232 */ 2233 static isc_boolean_t 2234 socket_broadcast_enable( 2235 struct interface * iface, 2236 SOCKET fd, 2237 sockaddr_u * baddr 2238 ) 2239 { 2240 #ifdef SO_BROADCAST 2241 int on = 1; 2242 2243 if (IS_IPV4(baddr)) { 2244 /* if this interface can support broadcast, set SO_BROADCAST */ 2245 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, 2246 (char *)&on, sizeof(on))) 2247 msyslog(LOG_ERR, 2248 "setsockopt(SO_BROADCAST) enable failure on address %s: %m", 2249 stoa(baddr)); 2250 else 2251 DPRINTF(2, ("Broadcast enabled on socket %d for address %s\n", 2252 fd, stoa(baddr))); 2253 } 2254 iface->flags |= INT_BCASTXMIT; 2255 return ISC_TRUE; 2256 #else 2257 return ISC_FALSE; 2258 #endif /* SO_BROADCAST */ 2259 } 2260 2261 /* 2262 * Remove a broadcast address from a given socket 2263 * The socket is in the ep_list all we need to do is disable 2264 * broadcasting. It is not this function's job to select the socket 2265 */ 2266 static isc_boolean_t 2267 socket_broadcast_disable( 2268 struct interface * iface, 2269 sockaddr_u * baddr 2270 ) 2271 { 2272 #ifdef SO_BROADCAST 2273 int off = 0; /* This seems to be OK as an int */ 2274 2275 if (IS_IPV4(baddr) && setsockopt(iface->fd, SOL_SOCKET, 2276 SO_BROADCAST, (char *)&off, sizeof(off))) 2277 msyslog(LOG_ERR, 2278 "setsockopt(SO_BROADCAST) disable failure on address %s: %m", 2279 stoa(baddr)); 2280 2281 iface->flags &= ~INT_BCASTXMIT; 2282 return ISC_TRUE; 2283 #else 2284 return ISC_FALSE; 2285 #endif /* SO_BROADCAST */ 2286 } 2287 2288 #endif /* OPEN_BCAST_SOCKET */ 2289 2290 /* 2291 * return the broadcast client flag value 2292 */ 2293 isc_boolean_t 2294 get_broadcastclient_flag(void) 2295 { 2296 return (broadcast_client_enabled); 2297 } 2298 /* 2299 * Check to see if the address is a multicast address 2300 */ 2301 static isc_boolean_t 2302 addr_ismulticast( 2303 sockaddr_u *maddr 2304 ) 2305 { 2306 isc_boolean_t result; 2307 2308 #ifndef INCLUDE_IPV6_MULTICAST_SUPPORT 2309 /* 2310 * If we don't have IPV6 support any IPV6 addr is not multicast 2311 */ 2312 if (IS_IPV6(maddr)) 2313 result = ISC_FALSE; 2314 else 2315 #endif 2316 result = IS_MCAST(maddr); 2317 2318 if (!result) 2319 DPRINTF(4, ("address %s is not multicast\n", 2320 stoa(maddr))); 2321 2322 return result; 2323 } 2324 2325 /* 2326 * Multicast servers need to set the appropriate Multicast interface 2327 * socket option in order for it to know which interface to use for 2328 * send the multicast packet. 2329 */ 2330 void 2331 enable_multicast_if( 2332 struct interface * iface, 2333 sockaddr_u * maddr 2334 ) 2335 { 2336 #ifdef MCAST 2337 #ifdef IP_MULTICAST_LOOP 2338 TYPEOF_IP_MULTICAST_LOOP off = 0; 2339 #endif 2340 #ifdef IPV6_MULTICAST_LOOP 2341 u_int off6 = 0; 2342 #endif 2343 2344 NTP_REQUIRE(AF(maddr) == AF(&iface->sin)); 2345 2346 switch (AF(&iface->sin)) { 2347 2348 case AF_INET: 2349 #ifdef IP_MULTICAST_LOOP 2350 /* 2351 * Don't send back to itself, but allow failure to set 2352 */ 2353 if (setsockopt(iface->fd, IPPROTO_IP, 2354 IP_MULTICAST_LOOP, 2355 SETSOCKOPT_ARG_CAST &off, 2356 sizeof(off))) { 2357 2358 msyslog(LOG_ERR, 2359 "setsockopt IP_MULTICAST_LOOP failed: %m on socket %d, addr %s for multicast address %s", 2360 iface->fd, stoa(&iface->sin), 2361 stoa(maddr)); 2362 } 2363 #endif 2364 break; 2365 2366 case AF_INET6: 2367 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2368 #ifdef IPV6_MULTICAST_LOOP 2369 /* 2370 * Don't send back to itself, but allow failure to set 2371 */ 2372 if (setsockopt(iface->fd, IPPROTO_IPV6, 2373 IPV6_MULTICAST_LOOP, 2374 (char *) &off6, sizeof(off6))) { 2375 2376 msyslog(LOG_ERR, 2377 "setsockopt IPV6_MULTICAST_LOOP failed: %m on socket %d, addr %s for multicast address %s", 2378 iface->fd, stoa(&iface->sin), 2379 stoa(maddr)); 2380 } 2381 #endif 2382 break; 2383 #else 2384 return; 2385 #endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2386 } 2387 return; 2388 #endif 2389 } 2390 2391 /* 2392 * Add a multicast address to a given socket 2393 * The socket is in the ep_list all we need to do is enable 2394 * multicasting. It is not this function's job to select the socket 2395 */ 2396 #if defined(MCAST) 2397 static isc_boolean_t 2398 socket_multicast_enable( 2399 endpt * iface, 2400 sockaddr_u * maddr 2401 ) 2402 { 2403 struct ip_mreq mreq; 2404 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2405 struct ipv6_mreq mreq6; 2406 #endif 2407 switch (AF(maddr)) { 2408 2409 case AF_INET: 2410 ZERO(mreq); 2411 mreq.imr_multiaddr = SOCK_ADDR4(maddr); 2412 mreq.imr_interface.s_addr = htonl(INADDR_ANY); 2413 if (setsockopt(iface->fd, 2414 IPPROTO_IP, 2415 IP_ADD_MEMBERSHIP, 2416 (char *)&mreq, 2417 sizeof(mreq))) { 2418 msyslog(LOG_ERR, 2419 "setsockopt IP_ADD_MEMBERSHIP failed: %m on socket %d, addr %s for %x / %x (%s)", 2420 iface->fd, stoa(&iface->sin), 2421 mreq.imr_multiaddr.s_addr, 2422 mreq.imr_interface.s_addr, 2423 stoa(maddr)); 2424 return ISC_FALSE; 2425 } 2426 DPRINTF(4, ("Added IPv4 multicast membership on socket %d, addr %s for %x / %x (%s)\n", 2427 iface->fd, stoa(&iface->sin), 2428 mreq.imr_multiaddr.s_addr, 2429 mreq.imr_interface.s_addr, stoa(maddr))); 2430 break; 2431 2432 case AF_INET6: 2433 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2434 /* 2435 * Enable reception of multicast packets. 2436 * If the address is link-local we can get the 2437 * interface index from the scope id. Don't do this 2438 * for other types of multicast addresses. For now let 2439 * the kernel figure it out. 2440 */ 2441 ZERO(mreq6); 2442 mreq6.ipv6mr_multiaddr = SOCK_ADDR6(maddr); 2443 mreq6.ipv6mr_interface = iface->ifindex; 2444 2445 if (setsockopt(iface->fd, IPPROTO_IPV6, 2446 IPV6_JOIN_GROUP, (char *)&mreq6, 2447 sizeof(mreq6))) { 2448 msyslog(LOG_ERR, 2449 "setsockopt IPV6_JOIN_GROUP failed: %m on socket %d, addr %s for interface %u (%s)", 2450 iface->fd, stoa(&iface->sin), 2451 mreq6.ipv6mr_interface, stoa(maddr)); 2452 return ISC_FALSE; 2453 } 2454 DPRINTF(4, ("Added IPv6 multicast group on socket %d, addr %s for interface %u (%s)\n", 2455 iface->fd, stoa(&iface->sin), 2456 mreq6.ipv6mr_interface, stoa(maddr))); 2457 #else 2458 return ISC_FALSE; 2459 #endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2460 } 2461 iface->flags |= INT_MCASTOPEN; 2462 iface->num_mcast++; 2463 2464 return ISC_TRUE; 2465 } 2466 #endif /* MCAST */ 2467 2468 2469 /* 2470 * Remove a multicast address from a given socket 2471 * The socket is in the ep_list all we need to do is disable 2472 * multicasting. It is not this function's job to select the socket 2473 */ 2474 #ifdef MCAST 2475 static isc_boolean_t 2476 socket_multicast_disable( 2477 struct interface * iface, 2478 sockaddr_u * maddr 2479 ) 2480 { 2481 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2482 struct ipv6_mreq mreq6; 2483 #endif 2484 struct ip_mreq mreq; 2485 2486 ZERO(mreq); 2487 2488 if (find_addr_in_list(maddr) == NULL) { 2489 DPRINTF(4, ("socket_multicast_disable(%s): not found\n", 2490 stoa(maddr))); 2491 return ISC_TRUE; 2492 } 2493 2494 switch (AF(maddr)) { 2495 2496 case AF_INET: 2497 mreq.imr_multiaddr = SOCK_ADDR4(maddr); 2498 mreq.imr_interface = SOCK_ADDR4(&iface->sin); 2499 if (setsockopt(iface->fd, IPPROTO_IP, 2500 IP_DROP_MEMBERSHIP, (char *)&mreq, 2501 sizeof(mreq))) { 2502 2503 msyslog(LOG_ERR, 2504 "setsockopt IP_DROP_MEMBERSHIP failed: %m on socket %d, addr %s for %x / %x (%s)", 2505 iface->fd, stoa(&iface->sin), 2506 SRCADR(maddr), SRCADR(&iface->sin), 2507 stoa(maddr)); 2508 return ISC_FALSE; 2509 } 2510 break; 2511 case AF_INET6: 2512 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2513 /* 2514 * Disable reception of multicast packets 2515 * If the address is link-local we can get the 2516 * interface index from the scope id. Don't do this 2517 * for other types of multicast addresses. For now let 2518 * the kernel figure it out. 2519 */ 2520 mreq6.ipv6mr_multiaddr = SOCK_ADDR6(maddr); 2521 mreq6.ipv6mr_interface = iface->ifindex; 2522 2523 if (setsockopt(iface->fd, IPPROTO_IPV6, 2524 IPV6_LEAVE_GROUP, (char *)&mreq6, 2525 sizeof(mreq6))) { 2526 2527 msyslog(LOG_ERR, 2528 "setsockopt IPV6_LEAVE_GROUP failure: %m on socket %d, addr %s for %d (%s)", 2529 iface->fd, stoa(&iface->sin), 2530 iface->ifindex, stoa(maddr)); 2531 return ISC_FALSE; 2532 } 2533 break; 2534 #else 2535 return ISC_FALSE; 2536 #endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2537 } 2538 2539 iface->num_mcast--; 2540 if (!iface->num_mcast) 2541 iface->flags &= ~INT_MCASTOPEN; 2542 2543 return ISC_TRUE; 2544 } 2545 #endif /* MCAST */ 2546 2547 /* 2548 * io_setbclient - open the broadcast client sockets 2549 */ 2550 void 2551 io_setbclient(void) 2552 { 2553 #ifdef OPEN_BCAST_SOCKET 2554 struct interface * interf; 2555 int nif; 2556 2557 nif = 0; 2558 set_reuseaddr(1); 2559 2560 for (interf = ep_list; 2561 interf != NULL; 2562 interf = interf->elink) { 2563 2564 if (interf->flags & (INT_WILDCARD | INT_LOOPBACK)) 2565 continue; 2566 2567 /* use only allowed addresses */ 2568 if (interf->ignore_packets) 2569 continue; 2570 2571 /* Need a broadcast-capable interface */ 2572 if (!(interf->flags & INT_BROADCAST)) 2573 continue; 2574 2575 /* Only IPv4 addresses are valid for broadcast */ 2576 NTP_REQUIRE(IS_IPV4(&interf->sin)); 2577 2578 /* Do we already have the broadcast address open? */ 2579 if (interf->flags & INT_BCASTOPEN) { 2580 /* 2581 * account for already open interfaces to avoid 2582 * misleading warning below 2583 */ 2584 nif++; 2585 continue; 2586 } 2587 2588 /* 2589 * Try to open the broadcast address 2590 */ 2591 interf->family = AF_INET; 2592 interf->bfd = open_socket(&interf->bcast, 1, 0, interf); 2593 2594 /* 2595 * If we succeeded then we use it otherwise enable 2596 * broadcast on the interface address 2597 */ 2598 if (interf->bfd != INVALID_SOCKET) { 2599 nif++; 2600 interf->flags |= INT_BCASTOPEN; 2601 msyslog(LOG_INFO, 2602 "Listen for broadcasts to %s on interface #%d %s", 2603 stoa(&interf->bcast), interf->ifnum, interf->name); 2604 } else { 2605 /* silently ignore EADDRINUSE as we probably opened 2606 the socket already for an address in the same network */ 2607 if (errno != EADDRINUSE) 2608 msyslog(LOG_INFO, 2609 "failed to listen for broadcasts to %s on interface #%d %s", 2610 stoa(&interf->bcast), interf->ifnum, interf->name); 2611 } 2612 } 2613 set_reuseaddr(0); 2614 if (nif > 0) { 2615 broadcast_client_enabled = ISC_TRUE; 2616 DPRINTF(1, ("io_setbclient: listening to %d broadcast addresses\n", nif)); 2617 } 2618 else if (!nif) { 2619 broadcast_client_enabled = ISC_FALSE; 2620 msyslog(LOG_ERR, 2621 "Unable to listen for broadcasts, no broadcast interfaces available"); 2622 } 2623 #else 2624 msyslog(LOG_ERR, 2625 "io_setbclient: Broadcast Client disabled by build"); 2626 #endif /* OPEN_BCAST_SOCKET */ 2627 } 2628 2629 /* 2630 * io_unsetbclient - close the broadcast client sockets 2631 */ 2632 void 2633 io_unsetbclient(void) 2634 { 2635 endpt *ep; 2636 2637 for (ep = ep_list; ep != NULL; ep = ep->elink) { 2638 if (INT_WILDCARD & ep->flags) 2639 continue; 2640 if (!(INT_BCASTOPEN & ep->flags)) 2641 continue; 2642 2643 if (ep->bfd != INVALID_SOCKET) { 2644 /* destroy broadcast listening socket */ 2645 msyslog(LOG_INFO, 2646 "stop listening for broadcasts to %s on interface #%d %s", 2647 stoa(&ep->bcast), ep->ifnum, ep->name); 2648 close_and_delete_fd_from_list(ep->bfd); 2649 ep->bfd = INVALID_SOCKET; 2650 ep->flags &= ~INT_BCASTOPEN; 2651 } 2652 } 2653 broadcast_client_enabled = ISC_FALSE; 2654 } 2655 2656 /* 2657 * io_multicast_add() - add multicast group address 2658 */ 2659 void 2660 io_multicast_add( 2661 sockaddr_u *addr 2662 ) 2663 { 2664 #ifdef MCAST 2665 endpt * ep; 2666 endpt * one_ep; 2667 2668 /* 2669 * Check to see if this is a multicast address 2670 */ 2671 if (!addr_ismulticast(addr)) 2672 return; 2673 2674 /* If we already have it we can just return */ 2675 if (NULL != find_flagged_addr_in_list(addr, INT_MCASTOPEN)) { 2676 msyslog(LOG_INFO, 2677 "Duplicate request found for multicast address %s", 2678 stoa(addr)); 2679 return; 2680 } 2681 2682 #ifndef MULTICAST_NONEWSOCKET 2683 ep = new_interface(NULL); 2684 2685 /* 2686 * Open a new socket for the multicast address 2687 */ 2688 ep->sin = *addr; 2689 SET_PORT(&ep->sin, NTP_PORT); 2690 ep->family = AF(&ep->sin); 2691 AF(&ep->mask) = ep->family; 2692 SET_ONESMASK(&ep->mask); 2693 2694 set_reuseaddr(1); 2695 ep->bfd = INVALID_SOCKET; 2696 ep->fd = open_socket(&ep->sin, 0, 0, ep); 2697 if (ep->fd != INVALID_SOCKET) { 2698 ep->ignore_packets = ISC_FALSE; 2699 ep->flags |= INT_MCASTIF; 2700 2701 strlcpy(ep->name, "multicast", sizeof(ep->name)); 2702 DPRINT_INTERFACE(2, (ep, "multicast add ", "\n")); 2703 add_interface(ep); 2704 log_listen_address(ep); 2705 } else { 2706 /* bind failed, re-use wildcard interface */ 2707 delete_interface(ep); 2708 2709 if (IS_IPV4(addr)) 2710 ep = wildipv4; 2711 else if (IS_IPV6(addr)) 2712 ep = wildipv6; 2713 else 2714 ep = NULL; 2715 2716 if (ep != NULL) { 2717 /* HACK ! -- stuff in an address */ 2718 /* because we don't bind addr? DH */ 2719 ep->bcast = *addr; 2720 msyslog(LOG_ERR, 2721 "multicast address %s using wildcard interface #%d %s", 2722 stoa(addr), ep->ifnum, ep->name); 2723 } else { 2724 msyslog(LOG_ERR, 2725 "No multicast socket available to use for address %s", 2726 stoa(addr)); 2727 return; 2728 } 2729 } 2730 { /* in place of the { following for in #else clause */ 2731 one_ep = ep; 2732 #else /* MULTICAST_NONEWSOCKET follows */ 2733 /* 2734 * For the case where we can't use a separate socket (Windows) 2735 * join each applicable endpoint socket to the group address. 2736 */ 2737 if (IS_IPV4(addr)) 2738 one_ep = wildipv4; 2739 else 2740 one_ep = wildipv6; 2741 for (ep = ep_list; ep != NULL; ep = ep->elink) { 2742 if (ep->ignore_packets || AF(&ep->sin) != AF(addr) || 2743 !(INT_MULTICAST & ep->flags) || 2744 (INT_LOOPBACK | INT_WILDCARD) & ep->flags) 2745 continue; 2746 one_ep = ep; 2747 #endif /* MULTICAST_NONEWSOCKET */ 2748 if (socket_multicast_enable(ep, addr)) 2749 msyslog(LOG_INFO, 2750 "Joined %s socket to multicast group %s", 2751 stoa(&ep->sin), 2752 stoa(addr)); 2753 else 2754 msyslog(LOG_ERR, 2755 "Failed to join %s socket to multicast group %s", 2756 stoa(&ep->sin), 2757 stoa(addr)); 2758 } 2759 2760 add_addr_to_list(addr, one_ep); 2761 #else /* !MCAST follows*/ 2762 msyslog(LOG_ERR, 2763 "Can not add multicast address %s: no multicast support", 2764 stoa(addr)); 2765 #endif 2766 return; 2767 } 2768 2769 2770 /* 2771 * io_multicast_del() - delete multicast group address 2772 */ 2773 void 2774 io_multicast_del( 2775 sockaddr_u * addr 2776 ) 2777 { 2778 #ifdef MCAST 2779 endpt *iface; 2780 2781 /* 2782 * Check to see if this is a multicast address 2783 */ 2784 if (!addr_ismulticast(addr)) { 2785 msyslog(LOG_ERR, "invalid multicast address %s", 2786 stoa(addr)); 2787 return; 2788 } 2789 2790 /* 2791 * Disable reception of multicast packets 2792 */ 2793 while ((iface = find_flagged_addr_in_list(addr, INT_MCASTOPEN)) 2794 != NULL) 2795 socket_multicast_disable(iface, addr); 2796 2797 delete_addr_from_list(addr); 2798 2799 #else /* not MCAST */ 2800 msyslog(LOG_ERR, 2801 "Can not delete multicast address %s: no multicast support", 2802 stoa(addr)); 2803 #endif /* not MCAST */ 2804 } 2805 2806 2807 /* 2808 * open_socket - open a socket, returning the file descriptor 2809 */ 2810 2811 static SOCKET 2812 open_socket( 2813 sockaddr_u * addr, 2814 int bcast, 2815 int turn_off_reuse, 2816 endpt * interf 2817 ) 2818 { 2819 SOCKET fd; 2820 int errval; 2821 /* 2822 * int is OK for REUSEADR per 2823 * http://www.kohala.com/start/mcast.api.txt 2824 */ 2825 int on = 1; 2826 int off = 0; 2827 2828 #ifndef IPTOS_DSCP_EF 2829 #define IPTOS_DSCP_EF 0xb8 2830 #endif 2831 int qos = IPTOS_DSCP_EF; /* QoS RFC3246 */ 2832 2833 if (IS_IPV6(addr) && !ipv6_works) 2834 return INVALID_SOCKET; 2835 2836 /* create a datagram (UDP) socket */ 2837 fd = socket(AF(addr), SOCK_DGRAM, 0); 2838 if (INVALID_SOCKET == fd) { 2839 errval = socket_errno(); 2840 msyslog(LOG_ERR, 2841 "socket(AF_INET%s, SOCK_DGRAM, 0) failed on address %s: %m", 2842 IS_IPV6(addr) ? "6" : "", stoa(addr)); 2843 2844 if (errval == EPROTONOSUPPORT || 2845 errval == EAFNOSUPPORT || 2846 errval == EPFNOSUPPORT) 2847 return (INVALID_SOCKET); 2848 2849 errno = errval; 2850 msyslog(LOG_ERR, 2851 "unexpected socket() error %m code %d (not EPROTONOSUPPORT nor EAFNOSUPPORT nor EPFNOSUPPORT) - exiting", 2852 errno); 2853 exit(1); 2854 } 2855 2856 #ifdef SYS_WINNT 2857 connection_reset_fix(fd, addr); 2858 #endif 2859 /* 2860 * Fixup the file descriptor for some systems 2861 * See bug #530 for details of the issue. 2862 */ 2863 fd = move_fd(fd); 2864 2865 /* 2866 * set SO_REUSEADDR since we will be binding the same port 2867 * number on each interface according to turn_off_reuse. 2868 * This is undesirable on Windows versions starting with 2869 * Windows XP (numeric version 5.1). 2870 */ 2871 #ifdef SYS_WINNT 2872 if (isc_win32os_versioncheck(5, 1, 0, 0) < 0) /* before 5.1 */ 2873 #endif 2874 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, 2875 (char *)((turn_off_reuse) 2876 ? &off 2877 : &on), 2878 sizeof(on))) { 2879 2880 msyslog(LOG_ERR, 2881 "setsockopt SO_REUSEADDR %s fails for address %s: %m", 2882 (turn_off_reuse) 2883 ? "off" 2884 : "on", 2885 stoa(addr)); 2886 closesocket(fd); 2887 return INVALID_SOCKET; 2888 } 2889 #ifdef SO_EXCLUSIVEADDRUSE 2890 /* 2891 * setting SO_EXCLUSIVEADDRUSE on the wildcard we open 2892 * first will cause more specific binds to fail. 2893 */ 2894 if (!(interf->flags & INT_WILDCARD)) 2895 set_excladdruse(fd); 2896 #endif 2897 2898 /* 2899 * IPv4 specific options go here 2900 */ 2901 if (IS_IPV4(addr)) { 2902 #if defined(IPPROTO_IP) && defined(IP_TOS) 2903 if (setsockopt(fd, IPPROTO_IP, IP_TOS, (char*)&qos, 2904 sizeof(qos))) 2905 msyslog(LOG_ERR, 2906 "setsockopt IP_TOS (%02x) fails on address %s: %m", 2907 qos, stoa(addr)); 2908 #endif /* IPPROTO_IP && IP_TOS */ 2909 if (bcast) 2910 socket_broadcast_enable(interf, fd, addr); 2911 } 2912 2913 /* 2914 * IPv6 specific options go here 2915 */ 2916 if (IS_IPV6(addr)) { 2917 #if defined(IPPROTO_IPV6) && defined(IPV6_TCLASS) 2918 if (setsockopt(fd, IPPROTO_IPV6, IPV6_TCLASS, (char*)&qos, 2919 sizeof(qos))) 2920 msyslog(LOG_ERR, 2921 "setsockopt IPV6_TCLASS (%02x) fails on address %s: %m", 2922 qos, stoa(addr)); 2923 #endif /* IPPROTO_IPV6 && IPV6_TCLASS */ 2924 #ifdef IPV6_V6ONLY 2925 if (isc_net_probe_ipv6only() == ISC_R_SUCCESS 2926 && setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, 2927 (char*)&on, sizeof(on))) 2928 msyslog(LOG_ERR, 2929 "setsockopt IPV6_V6ONLY on fails on address %s: %m", 2930 stoa(addr)); 2931 #endif 2932 #ifdef IPV6_BINDV6ONLY 2933 if (setsockopt(fd, IPPROTO_IPV6, IPV6_BINDV6ONLY, 2934 (char*)&on, sizeof(on))) 2935 msyslog(LOG_ERR, 2936 "setsockopt IPV6_BINDV6ONLY on fails on address %s: %m", 2937 stoa(addr)); 2938 #endif 2939 } 2940 2941 #ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 2942 /* 2943 * some OSes don't allow binding to more specific 2944 * addresses if a wildcard address already bound 2945 * to the port and SO_REUSEADDR is not set 2946 */ 2947 if (!is_wildcard_addr(addr)) 2948 set_wildcard_reuse(AF(addr), 1); 2949 #endif 2950 2951 /* 2952 * bind the local address. 2953 */ 2954 errval = bind(fd, &addr->sa, SOCKLEN(addr)); 2955 2956 #ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 2957 if (!is_wildcard_addr(addr)) 2958 set_wildcard_reuse(AF(addr), 0); 2959 #endif 2960 2961 if (errval < 0) { 2962 /* 2963 * Don't log this under all conditions 2964 */ 2965 if (turn_off_reuse == 0 2966 #ifdef DEBUG 2967 || debug > 1 2968 #endif 2969 ) { 2970 msyslog(LOG_ERR, 2971 "bind(%d) AF_INET%s %s#%d%s flags 0x%x failed: %m", 2972 fd, IS_IPV6(addr) ? "6" : "", 2973 stoa(addr), SRCPORT(addr), 2974 IS_MCAST(addr) ? " (multicast)" : "", 2975 interf->flags); 2976 } 2977 2978 closesocket(fd); 2979 2980 return INVALID_SOCKET; 2981 } 2982 2983 #ifdef HAVE_TIMESTAMP 2984 { 2985 if (setsockopt(fd, SOL_SOCKET, SO_TIMESTAMP, 2986 (char*)&on, sizeof(on))) 2987 msyslog(LOG_DEBUG, 2988 "setsockopt SO_TIMESTAMP on fails on address %s: %m", 2989 stoa(addr)); 2990 else 2991 DPRINTF(4, ("setsockopt SO_TIMESTAMP enabled on fd %d address %s\n", 2992 fd, stoa(addr))); 2993 } 2994 #endif 2995 #ifdef HAVE_TIMESTAMPNS 2996 { 2997 if (setsockopt(fd, SOL_SOCKET, SO_TIMESTAMPNS, 2998 (char*)&on, sizeof(on))) 2999 msyslog(LOG_DEBUG, 3000 "setsockopt SO_TIMESTAMPNS on fails on address %s: %m", 3001 stoa(addr)); 3002 else 3003 DPRINTF(4, ("setsockopt SO_TIMESTAMPNS enabled on fd %d address %s\n", 3004 fd, stoa(addr))); 3005 } 3006 #endif 3007 #ifdef HAVE_BINTIME 3008 { 3009 if (setsockopt(fd, SOL_SOCKET, SO_BINTIME, 3010 (char*)&on, sizeof(on))) 3011 msyslog(LOG_DEBUG, 3012 "setsockopt SO_BINTIME on fails on address %s: %m", 3013 stoa(addr)); 3014 else 3015 DPRINTF(4, ("setsockopt SO_BINTIME enabled on fd %d address %s\n", 3016 fd, stoa(addr))); 3017 } 3018 #endif 3019 3020 DPRINTF(4, ("bind(%d) AF_INET%s, addr %s%%%d#%d, flags 0x%x\n", 3021 fd, IS_IPV6(addr) ? "6" : "", stoa(addr), 3022 SCOPE(addr), SRCPORT(addr), interf->flags)); 3023 3024 make_socket_nonblocking(fd); 3025 3026 #ifdef HAVE_SIGNALED_IO 3027 init_socket_sig(fd); 3028 #endif /* not HAVE_SIGNALED_IO */ 3029 3030 add_fd_to_list(fd, FD_TYPE_SOCKET); 3031 3032 #if !defined(SYS_WINNT) && !defined(VMS) 3033 DPRINTF(4, ("flags for fd %d: 0x%x\n", fd, 3034 fcntl(fd, F_GETFL, 0))); 3035 #endif /* SYS_WINNT || VMS */ 3036 3037 #if defined (HAVE_IO_COMPLETION_PORT) 3038 /* 3039 * Add the socket to the completion port 3040 */ 3041 if (io_completion_port_add_socket(fd, interf)) { 3042 msyslog(LOG_ERR, "unable to set up io completion port - EXITING"); 3043 exit(1); 3044 } 3045 #endif 3046 return fd; 3047 } 3048 3049 3050 #ifdef SYS_WINNT 3051 #define sendto(fd, buf, len, flags, dest, destsz) \ 3052 io_completion_port_sendto(fd, buf, len, (sockaddr_u *)(dest)) 3053 #endif 3054 3055 /* XXX ELIMINATE sendpkt similar in ntpq.c, ntpdc.c, ntp_io.c, ntptrace.c */ 3056 /* 3057 * sendpkt - send a packet to the specified destination. Maintain a 3058 * send error cache so that only the first consecutive error for a 3059 * destination is logged. 3060 */ 3061 void 3062 sendpkt( 3063 sockaddr_u * dest, 3064 struct interface * ep, 3065 int ttl, 3066 struct pkt * pkt, 3067 int len 3068 ) 3069 { 3070 endpt * src; 3071 int ismcast; 3072 int cc; 3073 int rc; 3074 u_char cttl; 3075 3076 ismcast = IS_MCAST(dest); 3077 if (!ismcast) 3078 src = ep; 3079 else 3080 src = (IS_IPV4(dest)) 3081 ? mc4_list 3082 : mc6_list; 3083 3084 if (NULL == src) { 3085 /* 3086 * unbound peer - drop request and wait for better 3087 * network conditions 3088 */ 3089 DPRINTF(2, ("%ssendpkt(dst=%s, ttl=%d, len=%d): no interface - IGNORED\n", 3090 ismcast ? "\tMCAST\t***** " : "", 3091 stoa(dest), ttl, len)); 3092 return; 3093 } 3094 3095 do { 3096 DPRINTF(2, ("%ssendpkt(%d, dst=%s, src=%s, ttl=%d, len=%d)\n", 3097 ismcast ? "\tMCAST\t***** " : "", src->fd, 3098 stoa(dest), stoa(&src->sin), ttl, len)); 3099 #ifdef MCAST 3100 /* 3101 * for the moment we use the bcast option to set multicast ttl 3102 */ 3103 if (ismcast && ttl > 0 && ttl != src->last_ttl) { 3104 /* 3105 * set the multicast ttl for outgoing packets 3106 */ 3107 switch (AF(&src->sin)) { 3108 3109 case AF_INET : 3110 cttl = (u_char)ttl; 3111 rc = setsockopt(src->fd, IPPROTO_IP, 3112 IP_MULTICAST_TTL, 3113 (void *)&cttl, 3114 sizeof(cttl)); 3115 break; 3116 3117 # ifdef INCLUDE_IPV6_SUPPORT 3118 case AF_INET6 : 3119 rc = setsockopt(src->fd, IPPROTO_IPV6, 3120 IPV6_MULTICAST_HOPS, 3121 (void *)&ttl, 3122 sizeof(ttl)); 3123 break; 3124 # endif /* INCLUDE_IPV6_SUPPORT */ 3125 3126 default: 3127 rc = 0; 3128 } 3129 3130 if (!rc) 3131 src->last_ttl = ttl; 3132 else 3133 msyslog(LOG_ERR, 3134 "setsockopt IP_MULTICAST_TTL/IPV6_MULTICAST_HOPS fails on address %s: %m", 3135 stoa(&src->sin)); 3136 } 3137 #endif /* MCAST */ 3138 3139 #ifdef SIM 3140 cc = simulate_server(dest, src, pkt); 3141 #else 3142 cc = sendto(src->fd, (char *)pkt, (u_int)len, 0, 3143 &dest->sa, SOCKLEN(dest)); 3144 #endif 3145 if (cc == -1) { 3146 src->notsent++; 3147 packets_notsent++; 3148 } else { 3149 src->sent++; 3150 packets_sent++; 3151 } 3152 if (ismcast) 3153 src = src->mclink; 3154 } while (ismcast && src != NULL); 3155 } 3156 3157 3158 #if !defined(HAVE_IO_COMPLETION_PORT) 3159 /* 3160 * fdbits - generate ascii representation of fd_set (FAU debug support) 3161 * HFDF format - highest fd first. 3162 */ 3163 static char * 3164 fdbits( 3165 int count, 3166 fd_set *set 3167 ) 3168 { 3169 static char buffer[256]; 3170 char * buf = buffer; 3171 3172 count = min(count, 255); 3173 3174 while (count >= 0) { 3175 *buf++ = FD_ISSET(count, set) ? '#' : '-'; 3176 count--; 3177 } 3178 *buf = '\0'; 3179 3180 return buffer; 3181 } 3182 3183 3184 #ifdef REFCLOCK 3185 /* 3186 * Routine to read the refclock packets for a specific interface 3187 * Return the number of bytes read. That way we know if we should 3188 * read it again or go on to the next one if no bytes returned 3189 */ 3190 static inline int 3191 read_refclock_packet( 3192 SOCKET fd, 3193 struct refclockio * rp, 3194 l_fp ts 3195 ) 3196 { 3197 int i; 3198 int buflen; 3199 int saved_errno; 3200 int consumed; 3201 struct recvbuf * rb; 3202 3203 rb = get_free_recv_buffer(); 3204 3205 if (NULL == rb) { 3206 /* 3207 * No buffer space available - just drop the packet 3208 */ 3209 char buf[RX_BUFF_SIZE]; 3210 3211 buflen = read(fd, buf, sizeof buf); 3212 packets_dropped++; 3213 return (buflen); 3214 } 3215 3216 i = (rp->datalen == 0 3217 || rp->datalen > (int)sizeof(rb->recv_space)) 3218 ? (int)sizeof(rb->recv_space) 3219 : rp->datalen; 3220 do { 3221 buflen = read(fd, (char *)&rb->recv_space, (u_int)i); 3222 } while (buflen < 0 && EINTR == errno); 3223 3224 if (buflen <= 0) { 3225 saved_errno = errno; 3226 freerecvbuf(rb); 3227 errno = saved_errno; 3228 return buflen; 3229 } 3230 3231 /* 3232 * Got one. Mark how and when it got here, 3233 * put it on the full list and do bookkeeping. 3234 */ 3235 rb->recv_length = buflen; 3236 rb->recv_peer = rp->srcclock; 3237 rb->dstadr = 0; 3238 rb->fd = fd; 3239 rb->recv_time = ts; 3240 rb->receiver = rp->clock_recv; 3241 3242 consumed = indicate_refclock_packet(rp, rb); 3243 if (!consumed) { 3244 rp->recvcount++; 3245 packets_received++; 3246 } 3247 3248 return buflen; 3249 } 3250 #endif /* REFCLOCK */ 3251 3252 3253 #ifdef HAVE_PACKET_TIMESTAMP 3254 /* 3255 * extract timestamps from control message buffer 3256 */ 3257 static l_fp 3258 fetch_timestamp( 3259 struct recvbuf * rb, 3260 struct msghdr * msghdr, 3261 l_fp ts 3262 ) 3263 { 3264 struct cmsghdr * cmsghdr; 3265 #ifdef HAVE_BINTIME 3266 struct bintime * btp; 3267 #endif 3268 #ifdef HAVE_TIMESTAMPNS 3269 struct timespec * tsp; 3270 #endif 3271 #ifdef HAVE_TIMESTAMP 3272 struct timeval * tvp; 3273 #endif 3274 unsigned long ticks; 3275 double fuzz; 3276 l_fp lfpfuzz; 3277 l_fp nts; 3278 #ifdef DEBUG_TIMING 3279 l_fp dts; 3280 #endif 3281 3282 cmsghdr = CMSG_FIRSTHDR(msghdr); 3283 while (cmsghdr != NULL) { 3284 switch (cmsghdr->cmsg_type) 3285 { 3286 #ifdef HAVE_BINTIME 3287 case SCM_BINTIME: 3288 #endif /* HAVE_BINTIME */ 3289 #ifdef HAVE_TIMESTAMPNS 3290 case SCM_TIMESTAMPNS: 3291 #endif /* HAVE_TIMESTAMPNS */ 3292 #ifdef HAVE_TIMESTAMP 3293 case SCM_TIMESTAMP: 3294 #endif /* HAVE_TIMESTAMP */ 3295 #if defined(HAVE_BINTIME) || defined (HAVE_TIMESTAMPNS) || defined(HAVE_TIMESTAMP) 3296 switch (cmsghdr->cmsg_type) 3297 { 3298 #ifdef HAVE_BINTIME 3299 case SCM_BINTIME: 3300 btp = (struct bintime *)CMSG_DATA(cmsghdr); 3301 /* 3302 * bintime documentation is at http://phk.freebsd.dk/pubs/timecounter.pdf 3303 */ 3304 nts.l_i = btp->sec + JAN_1970; 3305 nts.l_uf = (u_int32)(btp->frac >> 32); 3306 if (sys_tick > measured_tick && 3307 sys_tick > 1e-9) { 3308 ticks = (unsigned long)(nts.l_uf / (unsigned long)(sys_tick * FRAC)); 3309 nts.l_uf = (unsigned long)(ticks * (unsigned long)(sys_tick * FRAC)); 3310 } 3311 DPRINTF(4, ("fetch_timestamp: system bintime network time stamp: %ld.%09lu\n", 3312 btp->sec, (unsigned long)((nts.l_uf / FRAC) * 1e9))); 3313 break; 3314 #endif /* HAVE_BINTIME */ 3315 #ifdef HAVE_TIMESTAMPNS 3316 case SCM_TIMESTAMPNS: 3317 tsp = (struct timespec *)CMSG_DATA(cmsghdr); 3318 if (sys_tick > measured_tick && 3319 sys_tick > 1e-9) { 3320 ticks = (unsigned long)((tsp->tv_nsec * 1e-9) / 3321 sys_tick); 3322 tsp->tv_nsec = (long)(ticks * 1e9 * 3323 sys_tick); 3324 } 3325 DPRINTF(4, ("fetch_timestamp: system nsec network time stamp: %ld.%09ld\n", 3326 tsp->tv_sec, tsp->tv_nsec)); 3327 nts = tspec_stamp_to_lfp(*tsp); 3328 break; 3329 #endif /* HAVE_TIMESTAMPNS */ 3330 #ifdef HAVE_TIMESTAMP 3331 case SCM_TIMESTAMP: 3332 tvp = (struct timeval *)CMSG_DATA(cmsghdr); 3333 if (sys_tick > measured_tick && 3334 sys_tick > 1e-6) { 3335 ticks = (unsigned long)((tvp->tv_usec * 1e-6) / 3336 sys_tick); 3337 tvp->tv_usec = (long)(ticks * 1e6 * 3338 sys_tick); 3339 } 3340 DPRINTF(4, ("fetch_timestamp: system usec network time stamp: %jd.%06ld\n", 3341 (intmax_t)tvp->tv_sec, (long)tvp->tv_usec)); 3342 nts = tval_stamp_to_lfp(*tvp); 3343 break; 3344 #endif /* HAVE_TIMESTAMP */ 3345 } 3346 fuzz = ntp_random() * 2. / FRAC * sys_fuzz; 3347 DTOLFP(fuzz, &lfpfuzz); 3348 L_ADD(&nts, &lfpfuzz); 3349 #ifdef DEBUG_TIMING 3350 dts = ts; 3351 L_SUB(&dts, &nts); 3352 collect_timing(rb, "input processing delay", 1, 3353 &dts); 3354 DPRINTF(4, ("fetch_timestamp: timestamp delta: %s (incl. fuzz)\n", 3355 lfptoa(&dts, 9))); 3356 #endif /* DEBUG_TIMING */ 3357 ts = nts; /* network time stamp */ 3358 break; 3359 #endif /* HAVE_BINTIME || HAVE_TIMESTAMPNS || HAVE_TIMESTAMP */ 3360 3361 default: 3362 DPRINTF(4, ("fetch_timestamp: skipping control message 0x%x\n", 3363 cmsghdr->cmsg_type)); 3364 } 3365 cmsghdr = CMSG_NXTHDR(msghdr, cmsghdr); 3366 } 3367 return ts; 3368 } 3369 #endif /* HAVE_PACKET_TIMESTAMP */ 3370 3371 3372 /* 3373 * Routine to read the network NTP packets for a specific interface 3374 * Return the number of bytes read. That way we know if we should 3375 * read it again or go on to the next one if no bytes returned 3376 */ 3377 static inline int 3378 read_network_packet( 3379 SOCKET fd, 3380 struct interface * itf, 3381 l_fp ts 3382 ) 3383 { 3384 GETSOCKNAME_SOCKLEN_TYPE fromlen; 3385 int buflen; 3386 register struct recvbuf *rb; 3387 #ifdef HAVE_PACKET_TIMESTAMP 3388 struct msghdr msghdr; 3389 struct iovec iovec; 3390 char control[CMSG_BUFSIZE]; 3391 #endif 3392 3393 /* 3394 * Get a buffer and read the frame. If we 3395 * haven't got a buffer, or this is received 3396 * on a disallowed socket, just dump the 3397 * packet. 3398 */ 3399 3400 rb = get_free_recv_buffer(); 3401 if (NULL == rb || itf->ignore_packets) { 3402 char buf[RX_BUFF_SIZE]; 3403 sockaddr_u from; 3404 3405 if (rb != NULL) 3406 freerecvbuf(rb); 3407 3408 fromlen = sizeof(from); 3409 buflen = recvfrom(fd, buf, sizeof(buf), 0, 3410 &from.sa, &fromlen); 3411 DPRINTF(4, ("%s on (%lu) fd=%d from %s\n", 3412 (itf->ignore_packets) 3413 ? "ignore" 3414 : "drop", 3415 free_recvbuffs(), fd, stoa(&from))); 3416 if (itf->ignore_packets) 3417 packets_ignored++; 3418 else 3419 packets_dropped++; 3420 return (buflen); 3421 } 3422 3423 fromlen = sizeof(rb->recv_srcadr); 3424 3425 #ifndef HAVE_PACKET_TIMESTAMP 3426 rb->recv_length = recvfrom(fd, (char *)&rb->recv_space, 3427 sizeof(rb->recv_space), 0, 3428 &rb->recv_srcadr.sa, &fromlen); 3429 #else 3430 iovec.iov_base = &rb->recv_space; 3431 iovec.iov_len = sizeof(rb->recv_space); 3432 msghdr.msg_name = &rb->recv_srcadr; 3433 msghdr.msg_namelen = fromlen; 3434 msghdr.msg_iov = &iovec; 3435 msghdr.msg_iovlen = 1; 3436 msghdr.msg_control = (void *)&control; 3437 msghdr.msg_controllen = sizeof(control); 3438 msghdr.msg_flags = 0; 3439 rb->recv_length = recvmsg(fd, &msghdr, 0); 3440 #endif 3441 3442 buflen = rb->recv_length; 3443 3444 if (buflen == 0 || (buflen == -1 && 3445 (EWOULDBLOCK == errno 3446 #ifdef EAGAIN 3447 || EAGAIN == errno 3448 #endif 3449 ))) { 3450 freerecvbuf(rb); 3451 return (buflen); 3452 } else if (buflen < 0) { 3453 msyslog(LOG_ERR, "recvfrom(%s) fd=%d: %m", 3454 stoa(&rb->recv_srcadr), fd); 3455 DPRINTF(5, ("read_network_packet: fd=%d dropped (bad recvfrom)\n", 3456 fd)); 3457 freerecvbuf(rb); 3458 return (buflen); 3459 } 3460 3461 DPRINTF(3, ("read_network_packet: fd=%d length %d from %s\n", 3462 fd, buflen, stoa(&rb->recv_srcadr))); 3463 3464 /* 3465 * Got one. Mark how and when it got here, 3466 * put it on the full list and do bookkeeping. 3467 */ 3468 rb->dstadr = itf; 3469 rb->fd = fd; 3470 #ifdef HAVE_PACKET_TIMESTAMP 3471 /* pick up a network time stamp if possible */ 3472 ts = fetch_timestamp(rb, &msghdr, ts); 3473 #endif 3474 rb->recv_time = ts; 3475 rb->receiver = receive; 3476 3477 add_full_recv_buffer(rb); 3478 3479 itf->received++; 3480 packets_received++; 3481 return (buflen); 3482 } 3483 3484 /* 3485 * attempt to handle io (select()/signaled IO) 3486 */ 3487 void 3488 io_handler(void) 3489 { 3490 # ifndef HAVE_SIGNALED_IO 3491 fd_set rdfdes; 3492 int nfound; 3493 3494 /* 3495 * Use select() on all on all input fd's for unlimited 3496 * time. select() will terminate on SIGALARM or on the 3497 * reception of input. Using select() means we can't do 3498 * robust signal handling and we get a potential race 3499 * between checking for alarms and doing the select(). 3500 * Mostly harmless, I think. 3501 */ 3502 /* 3503 * On VMS, I suspect that select() can't be interrupted 3504 * by a "signal" either, so I take the easy way out and 3505 * have select() time out after one second. 3506 * System clock updates really aren't time-critical, 3507 * and - lacking a hardware reference clock - I have 3508 * yet to learn about anything else that is. 3509 */ 3510 rdfdes = activefds; 3511 # if !defined(VMS) && !defined(SYS_VXWORKS) 3512 nfound = select(maxactivefd + 1, &rdfdes, NULL, 3513 NULL, NULL); 3514 # else /* VMS, VxWorks */ 3515 /* make select() wake up after one second */ 3516 { 3517 struct timeval t1; 3518 3519 t1.tv_sec = 1; 3520 t1.tv_usec = 0; 3521 nfound = select(maxactivefd + 1, 3522 &rdfdes, NULL, NULL, 3523 &t1); 3524 } 3525 # endif /* VMS, VxWorks */ 3526 if (nfound > 0) { 3527 l_fp ts; 3528 3529 get_systime(&ts); 3530 3531 input_handler(&ts); 3532 } else if (nfound == -1 && errno != EINTR) { 3533 msyslog(LOG_ERR, "select() error: %m"); 3534 } 3535 # ifdef DEBUG 3536 else if (debug > 4) { 3537 msyslog(LOG_DEBUG, "select(): nfound=%d, error: %m", nfound); 3538 } else { 3539 DPRINTF(1, ("select() returned %d: %m\n", nfound)); 3540 } 3541 # endif /* DEBUG */ 3542 # else /* HAVE_SIGNALED_IO */ 3543 wait_for_signal(); 3544 # endif /* HAVE_SIGNALED_IO */ 3545 } 3546 3547 /* 3548 * input_handler - receive packets asynchronously 3549 */ 3550 static void 3551 input_handler( 3552 l_fp * cts 3553 ) 3554 { 3555 int buflen; 3556 int n; 3557 u_int idx; 3558 int doing; 3559 SOCKET fd; 3560 blocking_child *c; 3561 struct timeval tvzero; 3562 l_fp ts; /* Timestamp at BOselect() gob */ 3563 #ifdef DEBUG_TIMING 3564 l_fp ts_e; /* Timestamp at EOselect() gob */ 3565 #endif 3566 fd_set fds; 3567 size_t select_count; 3568 endpt * ep; 3569 #ifdef REFCLOCK 3570 struct refclockio *rp; 3571 int saved_errno; 3572 const char * clk; 3573 #endif 3574 #ifdef HAS_ROUTING_SOCKET 3575 struct asyncio_reader * asyncio_reader; 3576 struct asyncio_reader * next_asyncio_reader; 3577 #endif 3578 3579 handler_calls++; 3580 select_count = 0; 3581 3582 /* 3583 * If we have something to do, freeze a timestamp. 3584 * See below for the other cases (nothing left to do or error) 3585 */ 3586 ts = *cts; 3587 3588 /* 3589 * Do a poll to see who has data 3590 */ 3591 3592 fds = activefds; 3593 tvzero.tv_sec = tvzero.tv_usec = 0; 3594 3595 n = select(maxactivefd + 1, &fds, (fd_set *)0, (fd_set *)0, 3596 &tvzero); 3597 3598 /* 3599 * If there are no packets waiting just return 3600 */ 3601 if (n < 0) { 3602 int err = errno; 3603 int j, b, prior; 3604 /* 3605 * extended FAU debugging output 3606 */ 3607 if (err != EINTR) 3608 msyslog(LOG_ERR, 3609 "select(%d, %s, 0L, 0L, &0.0) error: %m", 3610 maxactivefd + 1, 3611 fdbits(maxactivefd, &activefds)); 3612 if (err != EBADF) 3613 goto ih_return; 3614 for (j = 0, prior = 0; j <= maxactivefd; j++) { 3615 if (FD_ISSET(j, &activefds)) { 3616 if (-1 != read(j, &b, 0)) { 3617 prior = j; 3618 continue; 3619 } 3620 msyslog(LOG_ERR, 3621 "Removing bad file descriptor %d from select set", 3622 j); 3623 FD_CLR(j, &activefds); 3624 if (j == maxactivefd) 3625 maxactivefd = prior; 3626 } 3627 } 3628 goto ih_return; 3629 } 3630 else if (n == 0) 3631 goto ih_return; 3632 3633 ++handler_pkts; 3634 3635 #ifdef REFCLOCK 3636 /* 3637 * Check out the reference clocks first, if any 3638 */ 3639 3640 if (refio != NULL) { 3641 for (rp = refio; rp != NULL; rp = rp->next) { 3642 fd = rp->fd; 3643 3644 if (!FD_ISSET(fd, &fds)) 3645 continue; 3646 ++select_count; 3647 buflen = read_refclock_packet(fd, rp, ts); 3648 /* 3649 * The first read must succeed after select() 3650 * indicates readability, or we've reached 3651 * a permanent EOF. http://bugs.ntp.org/1732 3652 * reported ntpd munching CPU after a USB GPS 3653 * was unplugged because select was indicating 3654 * EOF but ntpd didn't remove the descriptor 3655 * from the activefds set. 3656 */ 3657 if (buflen < 0 && EAGAIN != errno) { 3658 saved_errno = errno; 3659 clk = refnumtoa(&rp->srcclock->srcadr); 3660 errno = saved_errno; 3661 msyslog(LOG_ERR, "%s read: %m", clk); 3662 maintain_activefds(fd, TRUE); 3663 } else if (0 == buflen) { 3664 clk = refnumtoa(&rp->srcclock->srcadr); 3665 msyslog(LOG_ERR, "%s read EOF", clk); 3666 maintain_activefds(fd, TRUE); 3667 } else { 3668 /* drain any remaining refclock input */ 3669 do { 3670 buflen = read_refclock_packet(fd, rp, ts); 3671 } while (buflen > 0); 3672 } 3673 } 3674 } 3675 #endif /* REFCLOCK */ 3676 3677 /* 3678 * Loop through the interfaces looking for data to read. 3679 */ 3680 for (ep = ep_list; ep != NULL; ep = ep->elink) { 3681 for (doing = 0; doing < 2; doing++) { 3682 if (!doing) { 3683 fd = ep->fd; 3684 } else { 3685 if (!(ep->flags & INT_BCASTOPEN)) 3686 break; 3687 fd = ep->bfd; 3688 } 3689 if (fd < 0) 3690 continue; 3691 if (FD_ISSET(fd, &fds)) 3692 do { 3693 ++select_count; 3694 buflen = read_network_packet( 3695 fd, ep, ts); 3696 } while (buflen > 0); 3697 /* Check more interfaces */ 3698 } 3699 } 3700 3701 #ifdef HAS_ROUTING_SOCKET 3702 /* 3703 * scan list of asyncio readers - currently only used for routing sockets 3704 */ 3705 asyncio_reader = asyncio_reader_list; 3706 3707 while (asyncio_reader != NULL) { 3708 /* callback may unlink and free asyncio_reader */ 3709 next_asyncio_reader = asyncio_reader->link; 3710 if (FD_ISSET(asyncio_reader->fd, &fds)) { 3711 ++select_count; 3712 (*asyncio_reader->receiver)(asyncio_reader); 3713 } 3714 asyncio_reader = next_asyncio_reader; 3715 } 3716 #endif /* HAS_ROUTING_SOCKET */ 3717 3718 /* 3719 * Check for a response from a blocking child 3720 */ 3721 for (idx = 0; idx < blocking_children_alloc; idx++) { 3722 c = blocking_children[idx]; 3723 if (NULL == c || -1 == c->resp_read_pipe) 3724 continue; 3725 if (FD_ISSET(c->resp_read_pipe, &fds)) { 3726 select_count++; 3727 process_blocking_resp(c); 3728 } 3729 } 3730 3731 /* 3732 * Done everything from that select. 3733 * If nothing to do, just return. 3734 * If an error occurred, complain and return. 3735 */ 3736 if (select_count == 0) { /* We really had nothing to do */ 3737 #ifdef DEBUG 3738 if (debug) 3739 msyslog(LOG_DEBUG, "input_handler: select() returned 0"); 3740 #endif /* DEBUG */ 3741 goto ih_return; 3742 } 3743 /* We've done our work */ 3744 #ifdef DEBUG_TIMING 3745 get_systime(&ts_e); 3746 /* 3747 * (ts_e - ts) is the amount of time we spent 3748 * processing this gob of file descriptors. Log 3749 * it. 3750 */ 3751 L_SUB(&ts_e, &ts); 3752 collect_timing(NULL, "input handler", 1, &ts_e); 3753 if (debug > 3) 3754 msyslog(LOG_DEBUG, 3755 "input_handler: Processed a gob of fd's in %s msec", 3756 lfptoms(&ts_e, 6)); 3757 #endif /* DEBUG_TIMING */ 3758 /* We're done... */ 3759 ih_return: 3760 return; 3761 } 3762 #endif /* !HAVE_IO_COMPLETION_PORT */ 3763 3764 3765 /* 3766 * find an interface suitable for the src address 3767 */ 3768 endpt * 3769 select_peerinterface( 3770 struct peer * peer, 3771 sockaddr_u * srcadr, 3772 endpt * dstadr 3773 ) 3774 { 3775 endpt *ep; 3776 #ifndef SIM 3777 endpt *wild; 3778 3779 wild = ANY_INTERFACE_CHOOSE(srcadr); 3780 3781 /* 3782 * Initialize the peer structure and dance the interface jig. 3783 * Reference clocks step the loopback waltz, the others 3784 * squaredance around the interface list looking for a buddy. If 3785 * the dance peters out, there is always the wildcard interface. 3786 * This might happen in some systems and would preclude proper 3787 * operation with public key cryptography. 3788 */ 3789 if (ISREFCLOCKADR(srcadr)) { 3790 ep = loopback_interface; 3791 } else if (peer->cast_flags & 3792 (MDF_BCLNT | MDF_ACAST | MDF_MCAST | MDF_BCAST)) { 3793 ep = findbcastinter(srcadr); 3794 if (ep != NULL) 3795 DPRINTF(4, ("Found *-cast interface %s for address %s\n", 3796 stoa(&ep->sin), stoa(srcadr))); 3797 else 3798 DPRINTF(4, ("No *-cast local address found for address %s\n", 3799 stoa(srcadr))); 3800 } else { 3801 ep = dstadr; 3802 if (NULL == ep) 3803 ep = wild; 3804 } 3805 /* 3806 * If it is a multicast address, findbcastinter() may not find 3807 * it. For unicast, we get to find the interface when dstadr is 3808 * given to us as the wildcard (ANY_INTERFACE_CHOOSE). Either 3809 * way, try a little harder. 3810 */ 3811 if (wild == ep) 3812 ep = findinterface(srcadr); 3813 /* 3814 * we do not bind to the wildcard interfaces for output 3815 * as our (network) source address would be undefined and 3816 * crypto will not work without knowing the own transmit address 3817 */ 3818 if (ep != NULL && INT_WILDCARD & ep->flags) 3819 if (!accept_wildcard_if_for_winnt) 3820 ep = NULL; 3821 #else /* SIM follows */ 3822 ep = loopback_interface; 3823 #endif 3824 3825 return ep; 3826 } 3827 3828 3829 /* 3830 * findinterface - find local interface corresponding to address 3831 */ 3832 endpt * 3833 findinterface( 3834 sockaddr_u *addr 3835 ) 3836 { 3837 endpt *iface; 3838 3839 iface = findlocalinterface(addr, INT_WILDCARD, 0); 3840 3841 if (NULL == iface) { 3842 DPRINTF(4, ("Found no interface for address %s - returning wildcard\n", 3843 stoa(addr))); 3844 3845 iface = ANY_INTERFACE_CHOOSE(addr); 3846 } else 3847 DPRINTF(4, ("Found interface #%d %s for address %s\n", 3848 iface->ifnum, iface->name, stoa(addr))); 3849 3850 return iface; 3851 } 3852 3853 /* 3854 * findlocalinterface - find local interface corresponding to addr, 3855 * which does not have any of flags set. If bast is nonzero, addr is 3856 * a broadcast address. 3857 * 3858 * This code attempts to find the local sending address for an outgoing 3859 * address by connecting a new socket to destinationaddress:NTP_PORT 3860 * and reading the sockname of the resulting connect. 3861 * the complicated sequence simulates the routing table lookup 3862 * for to first hop without duplicating any of the routing logic into 3863 * ntpd. preferably we would have used an API call - but its not there - 3864 * so this is the best we can do here short of duplicating to entire routing 3865 * logic in ntpd which would be a silly and really unportable thing to do. 3866 * 3867 */ 3868 static endpt * 3869 findlocalinterface( 3870 sockaddr_u * addr, 3871 int flags, 3872 int bcast 3873 ) 3874 { 3875 GETSOCKNAME_SOCKLEN_TYPE sockaddrlen; 3876 endpt * iface; 3877 sockaddr_u saddr; 3878 SOCKET s; 3879 int rtn; 3880 int on; 3881 3882 DPRINTF(4, ("Finding interface for addr %s in list of addresses\n", 3883 stoa(addr))); 3884 3885 s = socket(AF(addr), SOCK_DGRAM, 0); 3886 if (INVALID_SOCKET == s) 3887 return NULL; 3888 3889 /* 3890 * If we are looking for broadcast interface we need to set this 3891 * socket to allow broadcast 3892 */ 3893 if (bcast) { 3894 on = 1; 3895 if (SOCKET_ERROR == setsockopt(s, SOL_SOCKET, 3896 SO_BROADCAST, 3897 (char *)&on, 3898 sizeof(on))) { 3899 closesocket(s); 3900 return NULL; 3901 } 3902 } 3903 3904 rtn = connect(s, &addr->sa, SOCKLEN(addr)); 3905 if (SOCKET_ERROR == rtn) { 3906 closesocket(s); 3907 return NULL; 3908 } 3909 3910 sockaddrlen = sizeof(saddr); 3911 rtn = getsockname(s, &saddr.sa, &sockaddrlen); 3912 closesocket(s); 3913 if (SOCKET_ERROR == rtn) 3914 return NULL; 3915 3916 DPRINTF(4, ("findlocalinterface: kernel maps %s to %s\n", 3917 stoa(addr), stoa(&saddr))); 3918 3919 iface = getinterface(&saddr, flags); 3920 3921 /* 3922 * if we didn't find an exact match on saddr, find the closest 3923 * available local address. This handles the case of the 3924 * address suggested by the kernel being excluded by nic rules 3925 * or the user's -I and -L options to ntpd. 3926 * See http://bugs.ntp.org/1184 and http://bugs.ntp.org/1683 3927 * for more background. 3928 */ 3929 if (NULL == iface || iface->ignore_packets) 3930 iface = findclosestinterface(&saddr, 3931 flags | INT_LOOPBACK); 3932 3933 /* Don't use an interface which will ignore replies */ 3934 if (iface != NULL && iface->ignore_packets) 3935 iface = NULL; 3936 3937 return iface; 3938 } 3939 3940 3941 /* 3942 * findclosestinterface 3943 * 3944 * If there are -I/--interface or -L/novirtualips command-line options, 3945 * or "nic" or "interface" rules in ntp.conf, findlocalinterface() may 3946 * find the kernel's preferred local address for a given peer address is 3947 * administratively unavailable to ntpd, and punt to this routine's more 3948 * expensive search. 3949 * 3950 * Find the numerically closest local address to the one connect() 3951 * suggested. This matches an address on the same subnet first, as 3952 * needed by Bug 1184, and provides a consistent choice if there are 3953 * multiple feasible local addresses, regardless of the order ntpd 3954 * enumerated them. 3955 */ 3956 endpt * 3957 findclosestinterface( 3958 sockaddr_u * addr, 3959 int flags 3960 ) 3961 { 3962 endpt * ep; 3963 endpt * winner; 3964 sockaddr_u addr_dist; 3965 sockaddr_u min_dist; 3966 3967 ZERO_SOCK(&min_dist); 3968 winner = NULL; 3969 3970 for (ep = ep_list; ep != NULL; ep = ep->elink) { 3971 if (ep->ignore_packets || 3972 AF(addr) != ep->family || 3973 flags & ep->flags) 3974 continue; 3975 3976 calc_addr_distance(&addr_dist, addr, &ep->sin); 3977 if (NULL == winner || 3978 -1 == cmp_addr_distance(&addr_dist, &min_dist)) { 3979 min_dist = addr_dist; 3980 winner = ep; 3981 } 3982 } 3983 if (NULL == winner) 3984 DPRINTF(4, ("findclosestinterface(%s) failed\n", 3985 stoa(addr))); 3986 else 3987 DPRINTF(4, ("findclosestinterface(%s) -> %s\n", 3988 stoa(addr), stoa(&winner->sin))); 3989 3990 return winner; 3991 } 3992 3993 3994 /* 3995 * calc_addr_distance - calculate the distance between two addresses, 3996 * the absolute value of the difference between 3997 * the addresses numerically, stored as an address. 3998 */ 3999 static void 4000 calc_addr_distance( 4001 sockaddr_u * dist, 4002 const sockaddr_u * a1, 4003 const sockaddr_u * a2 4004 ) 4005 { 4006 u_int32 a1val; 4007 u_int32 a2val; 4008 u_int32 v4dist; 4009 int found_greater; 4010 int a1_greater; 4011 int i; 4012 4013 NTP_REQUIRE(AF(a1) == AF(a2)); 4014 4015 ZERO_SOCK(dist); 4016 AF(dist) = AF(a1); 4017 4018 /* v4 can be done a bit simpler */ 4019 if (IS_IPV4(a1)) { 4020 a1val = SRCADR(a1); 4021 a2val = SRCADR(a2); 4022 v4dist = (a1val > a2val) 4023 ? a1val - a2val 4024 : a2val - a1val; 4025 SET_ADDR4(dist, v4dist); 4026 4027 return; 4028 } 4029 4030 found_greater = FALSE; 4031 a1_greater = FALSE; /* suppress pot. uninit. warning */ 4032 for (i = 0; i < (int)sizeof(NSRCADR6(a1)); i++) { 4033 if (!found_greater && 4034 NSRCADR6(a1)[i] != NSRCADR6(a2)[i]) { 4035 found_greater = TRUE; 4036 a1_greater = (NSRCADR6(a1)[i] > NSRCADR6(a2)[i]); 4037 } 4038 if (!found_greater) { 4039 NSRCADR6(dist)[i] = 0; 4040 } else { 4041 if (a1_greater) 4042 NSRCADR6(dist)[i] = NSRCADR6(a1)[i] - 4043 NSRCADR6(a2)[i]; 4044 else 4045 NSRCADR6(dist)[i] = NSRCADR6(a2)[i] - 4046 NSRCADR6(a1)[i]; 4047 } 4048 } 4049 } 4050 4051 4052 /* 4053 * cmp_addr_distance - compare two address distances, returning -1, 0, 4054 * 1 to indicate their relationship. 4055 */ 4056 static int 4057 cmp_addr_distance( 4058 const sockaddr_u * d1, 4059 const sockaddr_u * d2 4060 ) 4061 { 4062 int i; 4063 4064 NTP_REQUIRE(AF(d1) == AF(d2)); 4065 4066 if (IS_IPV4(d1)) { 4067 if (SRCADR(d1) < SRCADR(d2)) 4068 return -1; 4069 else if (SRCADR(d1) == SRCADR(d2)) 4070 return 0; 4071 else 4072 return 1; 4073 } 4074 4075 for (i = 0; i < (int)sizeof(NSRCADR6(d1)); i++) { 4076 if (NSRCADR6(d1)[i] < NSRCADR6(d2)[i]) 4077 return -1; 4078 else if (NSRCADR6(d1)[i] > NSRCADR6(d2)[i]) 4079 return 1; 4080 } 4081 4082 return 0; 4083 } 4084 4085 4086 4087 /* 4088 * fetch an interface structure the matches the 4089 * address and has the given flags NOT set 4090 */ 4091 endpt * 4092 getinterface( 4093 sockaddr_u * addr, 4094 u_int32 flags 4095 ) 4096 { 4097 endpt *iface; 4098 4099 iface = find_addr_in_list(addr); 4100 4101 if (iface != NULL && (iface->flags & flags)) 4102 iface = NULL; 4103 4104 return iface; 4105 } 4106 4107 4108 /* 4109 * findbcastinter - find broadcast interface corresponding to address 4110 */ 4111 endpt * 4112 findbcastinter( 4113 sockaddr_u *addr 4114 ) 4115 { 4116 endpt * iface; 4117 4118 iface = NULL; 4119 #if !defined(MPE) && (defined(SIOCGIFCONF) || defined(SYS_WINNT)) 4120 DPRINTF(4, ("Finding broadcast/multicast interface for addr %s in list of addresses\n", 4121 stoa(addr))); 4122 4123 iface = findlocalinterface(addr, INT_LOOPBACK | INT_WILDCARD, 4124 1); 4125 if (iface != NULL) { 4126 DPRINTF(4, ("Easily found bcast-/mcast- interface index #%d %s\n", 4127 iface->ifnum, iface->name)); 4128 return iface; 4129 } 4130 4131 /* 4132 * plan B - try to find something reasonable in our lists in 4133 * case kernel lookup doesn't help 4134 */ 4135 for (iface = ep_list; iface != NULL; iface = iface->elink) { 4136 if (iface->flags & INT_WILDCARD) 4137 continue; 4138 4139 /* Don't bother with ignored interfaces */ 4140 if (iface->ignore_packets) 4141 continue; 4142 4143 /* 4144 * First look if this is the correct family 4145 */ 4146 if(AF(&iface->sin) != AF(addr)) 4147 continue; 4148 4149 /* Skip the loopback addresses */ 4150 if (iface->flags & INT_LOOPBACK) 4151 continue; 4152 4153 /* 4154 * If we are looking to match a multicast address and 4155 * this interface is one... 4156 */ 4157 if (addr_ismulticast(addr) 4158 && (iface->flags & INT_MULTICAST)) { 4159 #ifdef INCLUDE_IPV6_SUPPORT 4160 /* 4161 * ...it is the winner unless we're looking for 4162 * an interface to use for link-local multicast 4163 * and its address is not link-local. 4164 */ 4165 if (IS_IPV6(addr) 4166 && IN6_IS_ADDR_MC_LINKLOCAL(PSOCK_ADDR6(addr)) 4167 && !IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(&iface->sin))) 4168 continue; 4169 #endif 4170 break; 4171 } 4172 4173 /* 4174 * We match only those interfaces marked as 4175 * broadcastable and either the explicit broadcast 4176 * address or the network portion of the IP address. 4177 * Sloppy. 4178 */ 4179 if (IS_IPV4(addr)) { 4180 if (SOCK_EQ(&iface->bcast, addr)) 4181 break; 4182 4183 if ((NSRCADR(&iface->sin) & NSRCADR(&iface->mask)) 4184 == (NSRCADR(addr) & NSRCADR(&iface->mask))) 4185 break; 4186 } 4187 #ifdef INCLUDE_IPV6_SUPPORT 4188 else if (IS_IPV6(addr)) { 4189 if (SOCK_EQ(&iface->bcast, addr)) 4190 break; 4191 4192 if (SOCK_EQ(netof(&iface->sin), netof(addr))) 4193 break; 4194 } 4195 #endif 4196 } 4197 #endif /* SIOCGIFCONF */ 4198 if (NULL == iface) { 4199 DPRINTF(4, ("No bcast interface found for %s\n", 4200 stoa(addr))); 4201 iface = ANY_INTERFACE_CHOOSE(addr); 4202 } else { 4203 DPRINTF(4, ("Found bcast-/mcast- interface index #%d %s\n", 4204 iface->ifnum, iface->name)); 4205 } 4206 4207 return iface; 4208 } 4209 4210 4211 /* 4212 * io_clr_stats - clear I/O module statistics 4213 */ 4214 void 4215 io_clr_stats(void) 4216 { 4217 packets_dropped = 0; 4218 packets_ignored = 0; 4219 packets_received = 0; 4220 packets_sent = 0; 4221 packets_notsent = 0; 4222 4223 handler_calls = 0; 4224 handler_pkts = 0; 4225 io_timereset = current_time; 4226 } 4227 4228 4229 #ifdef REFCLOCK 4230 /* 4231 * io_addclock - add a reference clock to the list and arrange that we 4232 * get SIGIO interrupts from it. 4233 */ 4234 int 4235 io_addclock( 4236 struct refclockio *rio 4237 ) 4238 { 4239 BLOCKIO(); 4240 4241 /* 4242 * Stuff the I/O structure in the list and mark the descriptor 4243 * in use. There is a harmless (I hope) race condition here. 4244 */ 4245 rio->active = TRUE; 4246 4247 # ifdef HAVE_SIGNALED_IO 4248 if (init_clock_sig(rio)) { 4249 UNBLOCKIO(); 4250 return 0; 4251 } 4252 # elif defined(HAVE_IO_COMPLETION_PORT) 4253 if (io_completion_port_add_clock_io(rio)) { 4254 UNBLOCKIO(); 4255 return 0; 4256 } 4257 # endif 4258 4259 /* 4260 * enqueue 4261 */ 4262 LINK_SLIST(refio, rio, next); 4263 4264 /* 4265 * register fd 4266 */ 4267 add_fd_to_list(rio->fd, FD_TYPE_FILE); 4268 4269 UNBLOCKIO(); 4270 return 1; 4271 } 4272 4273 4274 /* 4275 * io_closeclock - close the clock in the I/O structure given 4276 */ 4277 void 4278 io_closeclock( 4279 struct refclockio *rio 4280 ) 4281 { 4282 struct refclockio *unlinked; 4283 4284 BLOCKIO(); 4285 4286 /* 4287 * Remove structure from the list 4288 */ 4289 rio->active = FALSE; 4290 UNLINK_SLIST(unlinked, refio, rio, next, struct refclockio); 4291 if (NULL != unlinked) { 4292 purge_recv_buffers_for_fd(rio->fd); 4293 /* 4294 * Close the descriptor. 4295 */ 4296 close_and_delete_fd_from_list(rio->fd); 4297 } 4298 rio->fd = -1; 4299 4300 UNBLOCKIO(); 4301 } 4302 #endif /* REFCLOCK */ 4303 4304 4305 /* 4306 * On NT a SOCKET is an unsigned int so we cannot possibly keep it in 4307 * an array. So we use one of the ISC_LIST functions to hold the 4308 * socket value and use that when we want to enumerate it. 4309 * 4310 * This routine is called by the forked intres child process to close 4311 * all open sockets. On Windows there's no need as intres runs in 4312 * the same process as a thread. 4313 */ 4314 #ifndef SYS_WINNT 4315 void 4316 kill_asyncio( 4317 int startfd 4318 ) 4319 { 4320 BLOCKIO(); 4321 4322 /* 4323 * In the child process we do not maintain activefds and 4324 * maxactivefd. Zeroing maxactivefd disables code which 4325 * maintains it in close_and_delete_fd_from_list(). 4326 */ 4327 maxactivefd = 0; 4328 4329 while (fd_list != NULL) 4330 close_and_delete_fd_from_list(fd_list->fd); 4331 4332 UNBLOCKIO(); 4333 } 4334 #endif /* !SYS_WINNT */ 4335 4336 4337 /* 4338 * Add and delete functions for the list of open sockets 4339 */ 4340 static void 4341 add_fd_to_list( 4342 SOCKET fd, 4343 enum desc_type type 4344 ) 4345 { 4346 vsock_t *lsock = emalloc(sizeof(*lsock)); 4347 4348 lsock->fd = fd; 4349 lsock->type = type; 4350 4351 LINK_SLIST(fd_list, lsock, link); 4352 maintain_activefds(fd, 0); 4353 } 4354 4355 4356 static void 4357 close_and_delete_fd_from_list( 4358 SOCKET fd 4359 ) 4360 { 4361 vsock_t *lsock; 4362 4363 UNLINK_EXPR_SLIST(lsock, fd_list, fd == 4364 UNLINK_EXPR_SLIST_CURRENT()->fd, link, vsock_t); 4365 4366 if (NULL == lsock) 4367 return; 4368 4369 switch (lsock->type) { 4370 4371 case FD_TYPE_SOCKET: 4372 closesocket(lsock->fd); 4373 break; 4374 4375 case FD_TYPE_FILE: 4376 closeserial(lsock->fd); 4377 break; 4378 4379 default: 4380 msyslog(LOG_ERR, 4381 "internal error - illegal descriptor type %d - EXITING", 4382 (int)lsock->type); 4383 exit(1); 4384 } 4385 4386 free(lsock); 4387 /* 4388 * remove from activefds 4389 */ 4390 maintain_activefds(fd, 1); 4391 } 4392 4393 4394 static void 4395 add_addr_to_list( 4396 sockaddr_u * addr, 4397 endpt * ep 4398 ) 4399 { 4400 remaddr_t *laddr; 4401 4402 #ifdef DEBUG 4403 if (find_addr_in_list(addr) == NULL) { 4404 #endif 4405 /* not there yet - add to list */ 4406 laddr = emalloc(sizeof(*laddr)); 4407 laddr->addr = *addr; 4408 laddr->ep = ep; 4409 4410 LINK_SLIST(remoteaddr_list, laddr, link); 4411 4412 DPRINTF(4, ("Added addr %s to list of addresses\n", 4413 stoa(addr))); 4414 #ifdef DEBUG 4415 } else 4416 DPRINTF(4, ("WARNING: Attempt to add duplicate addr %s to address list\n", 4417 stoa(addr))); 4418 #endif 4419 } 4420 4421 4422 static void 4423 delete_addr_from_list( 4424 sockaddr_u *addr 4425 ) 4426 { 4427 remaddr_t *unlinked; 4428 4429 UNLINK_EXPR_SLIST(unlinked, remoteaddr_list, SOCK_EQ(addr, 4430 &(UNLINK_EXPR_SLIST_CURRENT()->addr)), link, remaddr_t); 4431 4432 if (unlinked != NULL) { 4433 DPRINTF(4, ("Deleted addr %s from list of addresses\n", 4434 stoa(addr))); 4435 free(unlinked); 4436 } 4437 } 4438 4439 4440 static void 4441 delete_interface_from_list( 4442 endpt *iface 4443 ) 4444 { 4445 remaddr_t *unlinked; 4446 4447 do { 4448 UNLINK_EXPR_SLIST(unlinked, remoteaddr_list, iface == 4449 UNLINK_EXPR_SLIST_CURRENT()->ep, link, 4450 remaddr_t); 4451 4452 if (unlinked != NULL) { 4453 DPRINTF(4, ("Deleted addr %s for interface #%d %s from list of addresses\n", 4454 stoa(&unlinked->addr), iface->ifnum, 4455 iface->name)); 4456 free(unlinked); 4457 } 4458 } while (unlinked != NULL); 4459 } 4460 4461 4462 static struct interface * 4463 find_addr_in_list( 4464 sockaddr_u *addr 4465 ) 4466 { 4467 remaddr_t *entry; 4468 4469 DPRINTF(4, ("Searching for addr %s in list of addresses - ", 4470 stoa(addr))); 4471 4472 for (entry = remoteaddr_list; 4473 entry != NULL; 4474 entry = entry->link) 4475 if (SOCK_EQ(&entry->addr, addr)) { 4476 DPRINTF(4, ("FOUND\n")); 4477 return entry->ep; 4478 } 4479 4480 DPRINTF(4, ("NOT FOUND\n")); 4481 return NULL; 4482 } 4483 4484 4485 /* 4486 * Find the given address with the all given flags set in the list 4487 */ 4488 static endpt * 4489 find_flagged_addr_in_list( 4490 sockaddr_u * addr, 4491 u_int32 flags 4492 ) 4493 { 4494 remaddr_t *entry; 4495 4496 DPRINTF(4, ("Finding addr %s with flags %d in list: ", 4497 stoa(addr), flags)); 4498 4499 for (entry = remoteaddr_list; 4500 entry != NULL; 4501 entry = entry->link) 4502 4503 if (SOCK_EQ(&entry->addr, addr) 4504 && (entry->ep->flags & flags) == flags) { 4505 4506 DPRINTF(4, ("FOUND\n")); 4507 return entry->ep; 4508 } 4509 4510 DPRINTF(4, ("NOT FOUND\n")); 4511 return NULL; 4512 } 4513 4514 4515 const char * 4516 localaddrtoa( 4517 endpt *la 4518 ) 4519 { 4520 return (NULL == la) 4521 ? "<null>" 4522 : stoa(&la->sin); 4523 } 4524 4525 4526 #ifdef HAS_ROUTING_SOCKET 4527 # ifndef UPDATE_GRACE 4528 # define UPDATE_GRACE 2 /* wait UPDATE_GRACE seconds before scanning */ 4529 # endif 4530 4531 static void 4532 process_routing_msgs(struct asyncio_reader *reader) 4533 { 4534 char buffer[5120]; 4535 int cnt, msg_type; 4536 #ifdef HAVE_RTNETLINK 4537 struct nlmsghdr *nh; 4538 #else 4539 struct rt_msghdr rtm; 4540 char *p; 4541 #endif 4542 4543 if (disable_dynamic_updates) { 4544 /* 4545 * discard ourselves if we are not needed any more 4546 * usually happens when running unprivileged 4547 */ 4548 remove_asyncio_reader(reader); 4549 delete_asyncio_reader(reader); 4550 return; 4551 } 4552 4553 cnt = read(reader->fd, buffer, sizeof(buffer)); 4554 4555 if (cnt < 0) { 4556 msyslog(LOG_ERR, 4557 "i/o error on routing socket %m - disabling"); 4558 remove_asyncio_reader(reader); 4559 delete_asyncio_reader(reader); 4560 return; 4561 } 4562 4563 /* 4564 * process routing message 4565 */ 4566 #ifdef HAVE_RTNETLINK 4567 for (nh = (struct nlmsghdr *)buffer; 4568 NLMSG_OK(nh, cnt); 4569 nh = NLMSG_NEXT(nh, cnt)) { 4570 msg_type = nh->nlmsg_type; 4571 #else 4572 for (p = buffer; 4573 (p + sizeof(struct rt_msghdr)) <= (buffer + cnt); 4574 p += rtm.rtm_msglen) { 4575 memcpy(&rtm, p, sizeof(rtm)); 4576 if (rtm.rtm_version != RTM_VERSION) { 4577 msyslog(LOG_ERR, 4578 "version mismatch (got %d - expected %d) on routing socket - disabling", 4579 rtm.rtm_version, RTM_VERSION); 4580 4581 remove_asyncio_reader(reader); 4582 delete_asyncio_reader(reader); 4583 return; 4584 } 4585 msg_type = rtm.rtm_type; 4586 #endif 4587 switch (msg_type) { 4588 #ifdef RTM_NEWADDR 4589 case RTM_NEWADDR: 4590 #endif 4591 #ifdef RTM_DELADDR 4592 case RTM_DELADDR: 4593 #endif 4594 #ifdef RTM_ADD 4595 case RTM_ADD: 4596 #endif 4597 #ifdef RTM_DELETE 4598 case RTM_DELETE: 4599 #endif 4600 #ifdef RTM_REDIRECT 4601 case RTM_REDIRECT: 4602 #endif 4603 #ifdef RTM_CHANGE 4604 case RTM_CHANGE: 4605 #endif 4606 #ifdef RTM_LOSING 4607 case RTM_LOSING: 4608 #endif 4609 #ifdef RTM_IFINFO 4610 case RTM_IFINFO: 4611 #endif 4612 #ifdef RTM_IFANNOUNCE 4613 case RTM_IFANNOUNCE: 4614 #endif 4615 #ifdef RTM_NEWLINK 4616 case RTM_NEWLINK: 4617 #endif 4618 #ifdef RTM_DELLINK 4619 case RTM_DELLINK: 4620 #endif 4621 #ifdef RTM_NEWROUTE 4622 case RTM_NEWROUTE: 4623 #endif 4624 #ifdef RTM_DELROUTE 4625 case RTM_DELROUTE: 4626 #endif 4627 /* 4628 * we are keen on new and deleted addresses and 4629 * if an interface goes up and down or routing 4630 * changes 4631 */ 4632 DPRINTF(3, ("routing message op = %d: scheduling interface update\n", 4633 msg_type)); 4634 timer_interfacetimeout(current_time + UPDATE_GRACE); 4635 break; 4636 #ifdef HAVE_RTNETLINK 4637 case NLMSG_DONE: 4638 /* end of multipart message */ 4639 return; 4640 #endif 4641 default: 4642 /* 4643 * the rest doesn't bother us. 4644 */ 4645 DPRINTF(4, ("routing message op = %d: ignored\n", 4646 msg_type)); 4647 break; 4648 } 4649 } 4650 } 4651 4652 /* 4653 * set up routing notifications 4654 */ 4655 static void 4656 init_async_notifications() 4657 { 4658 struct asyncio_reader *reader; 4659 #ifdef HAVE_RTNETLINK 4660 int fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE); 4661 struct sockaddr_nl sa; 4662 #else 4663 int fd = socket(PF_ROUTE, SOCK_RAW, 0); 4664 #endif 4665 if (fd < 0) { 4666 msyslog(LOG_ERR, 4667 "unable to open routing socket (%m) - using polled interface update"); 4668 return; 4669 } 4670 4671 fd = move_fd(fd); 4672 #ifdef HAVE_RTNETLINK 4673 ZERO(sa); 4674 sa.nl_family = PF_NETLINK; 4675 sa.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR 4676 | RTMGRP_IPV6_IFADDR | RTMGRP_IPV4_ROUTE 4677 | RTMGRP_IPV4_MROUTE | RTMGRP_IPV6_ROUTE 4678 | RTMGRP_IPV6_MROUTE; 4679 if (bind(fd, (struct sockaddr *)&sa, sizeof(sa)) < 0) { 4680 msyslog(LOG_ERR, 4681 "bind failed on routing socket (%m) - using polled interface update"); 4682 return; 4683 } 4684 #endif 4685 make_socket_nonblocking(fd); 4686 #if defined(HAVE_SIGNALED_IO) 4687 init_socket_sig(fd); 4688 #endif /* HAVE_SIGNALED_IO */ 4689 4690 reader = new_asyncio_reader(); 4691 4692 reader->fd = fd; 4693 reader->receiver = process_routing_msgs; 4694 4695 add_asyncio_reader(reader, FD_TYPE_SOCKET); 4696 msyslog(LOG_INFO, 4697 "Listening on routing socket on fd #%d for interface updates", 4698 fd); 4699 } 4700 #else 4701 /* HAS_ROUTING_SOCKET not defined */ 4702 static void 4703 init_async_notifications(void) 4704 { 4705 } 4706 #endif 4707 4708