1 /* $NetBSD: ntp_io.c,v 1.10 2012/08/17 22:37:26 kardel Exp $ */ 2 3 /* 4 * ntp_io.c - input/output routines for ntpd. The socket-opening code 5 * was shamelessly stolen from ntpd. 6 */ 7 8 #ifdef HAVE_CONFIG_H 9 # include <config.h> 10 #endif 11 12 #include <stdio.h> 13 #include <signal.h> 14 #ifdef HAVE_SYS_PARAM_H 15 # include <sys/param.h> 16 #endif 17 #ifdef HAVE_SYS_IOCTL_H 18 # include <sys/ioctl.h> 19 #endif 20 #ifdef HAVE_SYS_SOCKIO_H /* UXPV: SIOC* #defines (Frank Vance <fvance@waii.com>) */ 21 # include <sys/sockio.h> 22 #endif 23 #ifdef HAVE_SYS_UIO_H 24 # include <sys/uio.h> 25 #endif 26 27 #include "ntp_machine.h" 28 #include "ntpd.h" 29 #include "ntp_io.h" 30 #include "iosignal.h" 31 #include "ntp_lists.h" 32 #include "ntp_refclock.h" 33 #include "ntp_stdlib.h" 34 #include "ntp_request.h" 35 #include "ntp.h" 36 #include "ntp_unixtime.h" 37 #include "ntp_assert.h" 38 #include "ntpd-opts.h" 39 40 /* Don't include ISC's version of IPv6 variables and structures */ 41 #define ISC_IPV6_H 1 42 #include <isc/mem.h> 43 #include <isc/interfaceiter.h> 44 #include <isc/netaddr.h> 45 #include <isc/result.h> 46 #include <isc/sockaddr.h> 47 48 #ifdef SIM 49 #include "ntpsim.h" 50 #endif 51 52 #ifdef HAS_ROUTING_SOCKET 53 # include <net/route.h> 54 # ifdef HAVE_RTNETLINK 55 # include <linux/rtnetlink.h> 56 # endif 57 #endif 58 59 60 /* 61 * setsockopt does not always have the same arg declaration 62 * across all platforms. If it's not defined we make it empty 63 */ 64 65 #ifndef SETSOCKOPT_ARG_CAST 66 #define SETSOCKOPT_ARG_CAST 67 #endif 68 69 extern int listen_to_virtual_ips; 70 71 /* 72 * NIC rule entry 73 */ 74 typedef struct nic_rule_tag nic_rule; 75 76 struct nic_rule_tag { 77 nic_rule * next; 78 nic_rule_action action; 79 nic_rule_match match_type; 80 char * if_name; 81 sockaddr_u addr; 82 int prefixlen; 83 }; 84 85 /* 86 * NIC rule listhead. Entries are added at the head so that the first 87 * match in the list is the last matching rule specified. 88 */ 89 nic_rule *nic_rule_list; 90 91 92 #if defined(SO_TIMESTAMP) && defined(SCM_TIMESTAMP) 93 #if defined(CMSG_FIRSTHDR) 94 #define HAVE_TIMESTAMP 95 #define USE_TIMESTAMP_CMSG 96 #ifndef TIMESTAMP_CTLMSGBUF_SIZE 97 #define TIMESTAMP_CTLMSGBUF_SIZE 1536 /* moderate default */ 98 #endif 99 #else 100 /* fill in for old/other timestamp interfaces */ 101 #endif 102 #endif 103 104 #if defined(SYS_WINNT) 105 #include <transmitbuff.h> 106 #include <isc/win32os.h> 107 /* 108 * Windows C runtime ioctl() can't deal properly with sockets, 109 * map to ioctlsocket for this source file. 110 */ 111 #define ioctl(fd, opt, val) ioctlsocket((fd), (opt), (u_long *)(val)) 112 #endif /* SYS_WINNT */ 113 114 /* 115 * We do asynchronous input using the SIGIO facility. A number of 116 * recvbuf buffers are preallocated for input. In the signal 117 * handler we poll to see which sockets are ready and read the 118 * packets from them into the recvbuf's along with a time stamp and 119 * an indication of the source host and the interface it was received 120 * through. This allows us to get as accurate receive time stamps 121 * as possible independent of other processing going on. 122 * 123 * We watch the number of recvbufs available to the signal handler 124 * and allocate more when this number drops below the low water 125 * mark. If the signal handler should run out of buffers in the 126 * interim it will drop incoming frames, the idea being that it is 127 * better to drop a packet than to be inaccurate. 128 */ 129 130 131 /* 132 * Other statistics of possible interest 133 */ 134 volatile u_long packets_dropped; /* total number of packets dropped on reception */ 135 volatile u_long packets_ignored; /* packets received on wild card interface */ 136 volatile u_long packets_received; /* total number of packets received */ 137 u_long packets_sent; /* total number of packets sent */ 138 u_long packets_notsent; /* total number of packets which couldn't be sent */ 139 140 volatile u_long handler_calls; /* number of calls to interrupt handler */ 141 volatile u_long handler_pkts; /* number of pkts received by handler */ 142 u_long io_timereset; /* time counters were reset */ 143 144 /* 145 * Interface stuff 146 */ 147 endpt * any_interface; /* wildcard ipv4 interface */ 148 endpt * any6_interface; /* wildcard ipv6 interface */ 149 endpt * loopback_interface; /* loopback ipv4 interface */ 150 151 isc_boolean_t broadcast_client_enabled; /* is broadcast client enabled */ 152 int ninterfaces; /* Total number of interfaces */ 153 154 int disable_dynamic_updates; /* scan interfaces once only */ 155 156 #ifdef REFCLOCK 157 /* 158 * Refclock stuff. We keep a chain of structures with data concerning 159 * the guys we are doing I/O for. 160 */ 161 static struct refclockio *refio; 162 #endif /* REFCLOCK */ 163 164 #if defined(HAVE_IPTOS_SUPPORT) 165 /* set IP_TOS to minimize packet delay */ 166 # if defined(IPTOS_PREC_INTERNETCONTROL) 167 unsigned int qos = IPTOS_PREC_INTERNETCONTROL; 168 # else 169 unsigned int qos = IPTOS_LOWDELAY; 170 # endif 171 #endif 172 173 /* 174 * File descriptor masks etc. for call to select 175 * Not needed for I/O Completion Ports 176 */ 177 fd_set activefds; 178 int maxactivefd; 179 /* 180 * bit alternating value to detect verified interfaces during an update cycle 181 */ 182 static u_short sys_interphase = 0; 183 184 static endpt * new_interface(endpt *); 185 static void add_interface(endpt *); 186 static int update_interfaces(u_short, interface_receiver_t, 187 void *); 188 static void remove_interface(endpt *); 189 static endpt * create_interface(u_short, endpt *); 190 191 static int move_fd (SOCKET); 192 static int is_wildcard_addr (const sockaddr_u *); 193 194 /* 195 * Multicast functions 196 */ 197 static isc_boolean_t addr_ismulticast (sockaddr_u *); 198 static isc_boolean_t is_anycast (sockaddr_u *, 199 const char *); 200 201 /* 202 * Not all platforms support multicast 203 */ 204 #ifdef MCAST 205 static isc_boolean_t socket_multicast_enable (endpt *, sockaddr_u *); 206 static isc_boolean_t socket_multicast_disable(endpt *, sockaddr_u *); 207 #endif 208 209 #ifdef DEBUG 210 static void interface_dump (const endpt *); 211 static void sockaddr_dump (const sockaddr_u *); 212 static void print_interface (const endpt *, const char *, const char *); 213 #define DPRINT_INTERFACE(level, args) do { if (debug >= (level)) { print_interface args; } } while (0) 214 #else 215 #define DPRINT_INTERFACE(level, args) do {} while (0) 216 #endif 217 218 typedef struct vsock vsock_t; 219 enum desc_type { FD_TYPE_SOCKET, FD_TYPE_FILE }; 220 221 struct vsock { 222 vsock_t * link; 223 SOCKET fd; 224 enum desc_type type; 225 }; 226 227 vsock_t *fd_list; 228 229 #if !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) 230 /* 231 * async notification processing (e. g. routing sockets) 232 */ 233 /* 234 * support for receiving data on fd that is not a refclock or a socket 235 * like e. g. routing sockets 236 */ 237 struct asyncio_reader { 238 struct asyncio_reader *link; /* the list this is being kept in */ 239 SOCKET fd; /* fd to be read */ 240 void *data; /* possibly local data */ 241 void (*receiver)(struct asyncio_reader *); /* input handler */ 242 }; 243 244 struct asyncio_reader *asyncio_reader_list; 245 246 static void delete_asyncio_reader (struct asyncio_reader *); 247 static struct asyncio_reader *new_asyncio_reader (void); 248 static void add_asyncio_reader (struct asyncio_reader *, enum desc_type); 249 static void remove_asyncio_reader (struct asyncio_reader *); 250 251 #endif /* !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) */ 252 253 static void init_async_notifications (void); 254 255 static int addr_eqprefix (const sockaddr_u *, const sockaddr_u *, 256 int); 257 static int addr_samesubnet (const sockaddr_u *, const sockaddr_u *, 258 const sockaddr_u *, const sockaddr_u *); 259 static int create_sockets (u_short); 260 static SOCKET open_socket (sockaddr_u *, int, int, endpt *); 261 static char * fdbits (int, fd_set *); 262 static void set_reuseaddr (int); 263 static isc_boolean_t socket_broadcast_enable (struct interface *, SOCKET, sockaddr_u *); 264 static isc_boolean_t socket_broadcast_disable (struct interface *, sockaddr_u *); 265 266 typedef struct remaddr remaddr_t; 267 268 struct remaddr { 269 remaddr_t * link; 270 sockaddr_u addr; 271 endpt * ep; 272 }; 273 274 remaddr_t * remoteaddr_list; 275 endpt * ep_list; /* complete endpt list */ 276 endpt * mc4_list; /* IPv4 mcast-capable unicast endpts */ 277 endpt * mc6_list; /* IPv6 mcast-capable unicast endpts */ 278 279 static endpt * wildipv4; 280 static endpt * wildipv6; 281 282 static void add_fd_to_list (SOCKET, enum desc_type); 283 static endpt * find_addr_in_list (sockaddr_u *); 284 static endpt * find_flagged_addr_in_list(sockaddr_u *, u_int32); 285 static void delete_addr_from_list (sockaddr_u *); 286 static void delete_interface_from_list(endpt *); 287 static void close_and_delete_fd_from_list(SOCKET); 288 static void add_addr_to_list (sockaddr_u *, endpt *); 289 static void create_wildcards (u_short); 290 static endpt * getinterface (sockaddr_u *, u_int32); 291 static endpt * findlocalinterface (sockaddr_u *, int, int); 292 static endpt * findclosestinterface (sockaddr_u *, int); 293 #ifdef DEBUG 294 static const char * action_text (nic_rule_action); 295 #endif 296 static nic_rule_action interface_action(char *, sockaddr_u *, u_int32); 297 static void convert_isc_if (isc_interface_t *, 298 endpt *, u_short); 299 static void calc_addr_distance(sockaddr_u *, 300 const sockaddr_u *, 301 const sockaddr_u *); 302 static int cmp_addr_distance(const sockaddr_u *, 303 const sockaddr_u *); 304 305 /* 306 * Routines to read the ntp packets 307 */ 308 #if !defined(HAVE_IO_COMPLETION_PORT) 309 static inline int read_network_packet (SOCKET, struct interface *, l_fp); 310 static inline int read_refclock_packet (SOCKET, struct refclockio *, l_fp); 311 #endif 312 313 314 #ifdef SYS_WINNT 315 /* 316 * Windows 2000 systems incorrectly cause UDP sockets using WASRecvFrom 317 * to not work correctly, returning a WSACONNRESET error when a WSASendTo 318 * fails with an "ICMP port unreachable" response and preventing the 319 * socket from using the WSARecvFrom in subsequent operations. 320 * The function below fixes this, but requires that Windows 2000 321 * Service Pack 2 or later be installed on the system. NT 4.0 322 * systems are not affected by this and work correctly. 323 * See Microsoft Knowledge Base Article Q263823 for details of this. 324 */ 325 void 326 connection_reset_fix( 327 SOCKET fd, 328 sockaddr_u * addr 329 ) 330 { 331 DWORD dw; 332 BOOL bNewBehavior = FALSE; 333 DWORD status; 334 335 /* 336 * disable bad behavior using IOCTL: SIO_UDP_CONNRESET 337 * NT 4.0 has no problem 338 */ 339 if (isc_win32os_majorversion() >= 5) { 340 status = WSAIoctl(fd, SIO_UDP_CONNRESET, &bNewBehavior, 341 sizeof(bNewBehavior), NULL, 0, 342 &dw, NULL, NULL); 343 if (SOCKET_ERROR == status) 344 msyslog(LOG_ERR, 345 "connection_reset_fix() failed for address %s: %m", 346 stoa(addr)); 347 } 348 } 349 #endif 350 351 /* 352 * on Unix systems the stdio library typically 353 * makes use of file descriptors in the lower 354 * integer range. stdio usually will make use 355 * of the file descriptors in the range of 356 * [0..FOPEN_MAX) 357 * in order to keep this range clean, for socket 358 * file descriptors we attempt to move them above 359 * FOPEN_MAX. This is not as easy as it sounds as 360 * FOPEN_MAX changes from implementation to implementation 361 * and may exceed to current file decriptor limits. 362 * We are using following strategy: 363 * - keep a current socket fd boundary initialized with 364 * max(0, min(getdtablesize() - FD_CHUNK, FOPEN_MAX)) 365 * - attempt to move the descriptor to the boundary or 366 * above. 367 * - if that fails and boundary > 0 set boundary 368 * to min(0, socket_fd_boundary - FD_CHUNK) 369 * -> retry 370 * if failure and boundary == 0 return old fd 371 * - on success close old fd return new fd 372 * 373 * effects: 374 * - fds will be moved above the socket fd boundary 375 * if at all possible. 376 * - the socket boundary will be reduced until 377 * allocation is possible or 0 is reached - at this 378 * point the algrithm will be disabled 379 */ 380 static int 381 move_fd( 382 SOCKET fd 383 ) 384 { 385 #if !defined(SYS_WINNT) && defined(F_DUPFD) 386 #ifndef FD_CHUNK 387 #define FD_CHUNK 10 388 #endif 389 /* 390 * number of fds we would like to have for 391 * stdio FILE* available. 392 * we can pick a "low" number as our use of 393 * FILE* is limited to log files and temporarily 394 * to data and config files. Except for log files 395 * we don't keep the other FILE* open beyond the 396 * scope of the function that opened it. 397 */ 398 #ifndef FD_PREFERRED_SOCKBOUNDARY 399 #define FD_PREFERRED_SOCKBOUNDARY 48 400 #endif 401 402 #ifndef HAVE_GETDTABLESIZE 403 /* 404 * if we have no idea about the max fd value set up things 405 * so we will start at FOPEN_MAX 406 */ 407 #define getdtablesize() (FOPEN_MAX+FD_CHUNK) 408 #endif 409 410 #ifndef FOPEN_MAX 411 #define FOPEN_MAX 20 /* assume that for the lack of anything better */ 412 #endif 413 static SOCKET socket_boundary = -1; 414 SOCKET newfd; 415 416 NTP_REQUIRE((int)fd >= 0); 417 418 /* 419 * check whether boundary has be set up 420 * already 421 */ 422 if (socket_boundary == -1) { 423 socket_boundary = max(0, min(getdtablesize() - FD_CHUNK, 424 min(FOPEN_MAX, FD_PREFERRED_SOCKBOUNDARY))); 425 #ifdef DEBUG 426 msyslog(LOG_DEBUG, 427 "ntp_io: estimated max descriptors: %d, initial socket boundary: %d", 428 getdtablesize(), socket_boundary); 429 #endif 430 } 431 432 /* 433 * Leave a space for stdio to work in. potentially moving the 434 * socket_boundary lower until allocation succeeds. 435 */ 436 do { 437 if (fd >= 0 && fd < socket_boundary) { 438 /* inside reserved range: attempt to move fd */ 439 newfd = fcntl(fd, F_DUPFD, socket_boundary); 440 441 if (newfd != -1) { 442 /* success: drop the old one - return the new one */ 443 close(fd); 444 return newfd; 445 } 446 } else { 447 /* outside reserved range: no work - return the original one */ 448 return fd; 449 } 450 socket_boundary = max(0, socket_boundary - FD_CHUNK); 451 #ifdef DEBUG 452 msyslog(LOG_DEBUG, 453 "ntp_io: selecting new socket boundary: %d", 454 socket_boundary); 455 #endif 456 } while (socket_boundary > 0); 457 #else 458 NTP_REQUIRE((int)fd >= 0); 459 #endif /* !defined(SYS_WINNT) && defined(F_DUPFD) */ 460 return fd; 461 } 462 463 #ifdef DEBUG_TIMING 464 /* 465 * collect timing information for various processing 466 * paths. currently we only pass then on to the file 467 * for later processing. this could also do histogram 468 * based analysis in other to reduce the load (and skew) 469 * dur to the file output 470 */ 471 void 472 collect_timing(struct recvbuf *rb, const char *tag, int count, l_fp *dts) 473 { 474 char buf[256]; 475 476 snprintf(buf, sizeof(buf), "%s %d %s %s", 477 (rb != NULL) 478 ? ((rb->dstadr != NULL) 479 ? stoa(&rb->recv_srcadr) 480 : "-REFCLOCK-") 481 : "-", 482 count, lfptoa(dts, 9), tag); 483 record_timing_stats(buf); 484 } 485 #endif 486 487 /* 488 * About dynamic interfaces, sockets, reception and more... 489 * 490 * the code solves following tasks: 491 * 492 * - keep a current list of active interfaces in order 493 * to bind to to the interface address on NTP_PORT so that 494 * all wild and specific bindings for NTP_PORT are taken by ntpd 495 * to avoid other daemons messing with the time or sockets. 496 * - all interfaces keep a list of peers that are referencing 497 * the interface in order to quickly re-assign the peers to 498 * new interface in case an interface is deleted (=> gone from system or 499 * down) 500 * - have a preconfigured socket ready with the right local address 501 * for transmission and reception 502 * - have an address list for all destination addresses used within ntpd 503 * to find the "right" preconfigured socket. 504 * - facilitate updating the internal interface list with respect to 505 * the current kernel state 506 * 507 * special issues: 508 * 509 * - mapping of multicast addresses to the interface affected is not always 510 * one to one - especially on hosts with multiple interfaces 511 * the code here currently allocates a separate interface entry for those 512 * multicast addresses 513 * iff it is able to bind to a *new* socket with the multicast address (flags |= MCASTIF) 514 * in case of failure the multicast address is bound to an existing interface. 515 * - on some systems it is perfectly legal to assign the same address to 516 * multiple interfaces. Therefore this code does not keep a list of interfaces 517 * but a list of interfaces that represent a unique address as determined by the kernel 518 * by the procedure in findlocalinterface. Thus it is perfectly legal to see only 519 * one representative of a group of real interfaces if they share the same address. 520 * 521 * Frank Kardel 20050910 522 */ 523 524 /* 525 * init_io - initialize I/O data structures and call socket creation routine 526 */ 527 void 528 init_io(void) 529 { 530 /* 531 * Init buffer free list and stat counters 532 */ 533 init_recvbuff(RECV_INIT); 534 535 #ifdef SYS_WINNT 536 init_io_completion_port(); 537 #endif /* SYS_WINNT */ 538 539 #if defined(HAVE_SIGNALED_IO) 540 (void) set_signal(); 541 #endif 542 } 543 544 545 /* 546 * io_open_sockets - call socket creation routine 547 */ 548 void 549 io_open_sockets(void) 550 { 551 static int already_opened; 552 553 if (already_opened || HAVE_OPT( SAVECONFIGQUIT )) 554 return; 555 556 already_opened = 1; 557 558 /* 559 * Create the sockets 560 */ 561 BLOCKIO(); 562 create_sockets(NTP_PORT); 563 UNBLOCKIO(); 564 565 init_async_notifications(); 566 567 DPRINTF(3, ("io_open_sockets: maxactivefd %d\n", maxactivefd)); 568 } 569 570 571 #ifdef DEBUG 572 /* 573 * function to dump the contents of the interface structure 574 * for debugging use only. 575 */ 576 void 577 interface_dump(const endpt *itf) 578 { 579 printf("Dumping interface: %p\n", itf); 580 printf("fd = %d\n", itf->fd); 581 printf("bfd = %d\n", itf->bfd); 582 printf("sin = %s,\n", stoa(&itf->sin)); 583 sockaddr_dump(&itf->sin); 584 printf("bcast = %s,\n", stoa(&itf->bcast)); 585 sockaddr_dump(&itf->bcast); 586 printf("mask = %s,\n", stoa(&itf->mask)); 587 sockaddr_dump(&itf->mask); 588 printf("name = %s\n", itf->name); 589 printf("flags = 0x%08x\n", itf->flags); 590 printf("last_ttl = %d\n", itf->last_ttl); 591 printf("addr_refid = %08x\n", itf->addr_refid); 592 printf("num_mcast = %d\n", itf->num_mcast); 593 printf("received = %ld\n", itf->received); 594 printf("sent = %ld\n", itf->sent); 595 printf("notsent = %ld\n", itf->notsent); 596 printf("ifindex = %u\n", itf->ifindex); 597 printf("peercnt = %u\n", itf->peercnt); 598 printf("phase = %u\n", itf->phase); 599 } 600 601 /* 602 * sockaddr_dump - hex dump the start of a sockaddr_u 603 */ 604 static void 605 sockaddr_dump(const sockaddr_u *psau) 606 { 607 /* Limit the size of the sockaddr_storage hex dump */ 608 const int maxsize = min(32, sizeof(psau->sa6)); 609 const u_char * cp; 610 int i; 611 612 cp = (const void *)&psau->sa; 613 614 for(i = 0; i < maxsize; i++) { 615 printf("%02x", *cp++); 616 if (!((i + 1) % 4)) 617 printf(" "); 618 } 619 printf("\n"); 620 } 621 622 /* 623 * print_interface - helper to output debug information 624 */ 625 static void 626 print_interface(const endpt *iface, const char *pfx, const char *sfx) 627 { 628 printf("%sinterface #%d: fd=%d, bfd=%d, name=%s, flags=0x%x, ifindex=%u, sin=%s", 629 pfx, 630 iface->ifnum, 631 iface->fd, 632 iface->bfd, 633 iface->name, 634 iface->flags, 635 iface->ifindex, 636 stoa(&iface->sin)); 637 if (AF_INET == iface->family) { 638 if (iface->flags & INT_BROADCAST) 639 printf(", bcast=%s", stoa(&iface->bcast)); 640 printf(", mask=%s", stoa(&iface->mask)); 641 } 642 printf(", %s:%s", 643 (iface->ignore_packets) 644 ? "Disabled" 645 : "Enabled", 646 sfx); 647 if (debug > 4) /* in-depth debugging only */ 648 interface_dump(iface); 649 } 650 #endif 651 652 #if !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) 653 /* 654 * create an asyncio_reader structure 655 */ 656 static struct asyncio_reader * 657 new_asyncio_reader(void) 658 { 659 struct asyncio_reader *reader; 660 661 reader = emalloc(sizeof(*reader)); 662 663 memset(reader, 0, sizeof(*reader)); 664 reader->fd = INVALID_SOCKET; 665 return reader; 666 } 667 668 /* 669 * delete a reader 670 */ 671 static void 672 delete_asyncio_reader( 673 struct asyncio_reader *reader 674 ) 675 { 676 free(reader); 677 } 678 679 /* 680 * add asynchio_reader 681 */ 682 static void 683 add_asyncio_reader( 684 struct asyncio_reader * reader, 685 enum desc_type type) 686 { 687 LINK_SLIST(asyncio_reader_list, reader, link); 688 add_fd_to_list(reader->fd, type); 689 } 690 691 /* 692 * remove asynchio_reader 693 */ 694 static void 695 remove_asyncio_reader( 696 struct asyncio_reader *reader 697 ) 698 { 699 struct asyncio_reader *unlinked; 700 701 UNLINK_SLIST(unlinked, asyncio_reader_list, reader, link, 702 struct asyncio_reader); 703 704 if (reader->fd != INVALID_SOCKET) 705 close_and_delete_fd_from_list(reader->fd); 706 707 reader->fd = INVALID_SOCKET; 708 } 709 #endif /* !defined(HAVE_IO_COMPLETION_PORT) && defined(HAS_ROUTING_SOCKET) */ 710 711 712 /* compare two sockaddr prefixes */ 713 static int 714 addr_eqprefix( 715 const sockaddr_u * a, 716 const sockaddr_u * b, 717 int prefixlen 718 ) 719 { 720 isc_netaddr_t isc_a; 721 isc_netaddr_t isc_b; 722 isc_sockaddr_t isc_sa; 723 724 memset(&isc_sa, 0, sizeof(isc_sa)); 725 memcpy(&isc_sa.type.sa, &a->sa, 726 min(sizeof(isc_sa.type), sizeof(*a))); 727 isc_netaddr_fromsockaddr(&isc_a, &isc_sa); 728 729 memset(&isc_sa, 0, sizeof(isc_sa)); 730 memcpy(&isc_sa.type.sa, &b->sa, 731 min(sizeof(isc_sa.type), sizeof(*b))); 732 isc_netaddr_fromsockaddr(&isc_b, &isc_sa); 733 734 return (int)isc_netaddr_eqprefix(&isc_a, &isc_b, 735 (u_int)prefixlen); 736 } 737 738 739 static int 740 addr_samesubnet( 741 const sockaddr_u * a, 742 const sockaddr_u * a_mask, 743 const sockaddr_u * b, 744 const sockaddr_u * b_mask 745 ) 746 { 747 const u_int32 * pa; 748 const u_int32 * pa_limit; 749 const u_int32 * pb; 750 const u_int32 * pm; 751 size_t loops; 752 753 NTP_REQUIRE(AF(a) == AF(a_mask)); 754 NTP_REQUIRE(AF(b) == AF(b_mask)); 755 /* 756 * With address and mask families verified to match, comparing 757 * the masks also validates the address's families match. 758 */ 759 if (!SOCK_EQ(a_mask, b_mask)) 760 return FALSE; 761 762 if (IS_IPV6(a)) { 763 loops = sizeof(NSRCADR6(a)) / sizeof(*pa); 764 pa = (const void *)&NSRCADR6(a); 765 pb = (const void *)&NSRCADR6(b); 766 pm = (const void *)&NSRCADR6(a_mask); 767 } else { 768 loops = sizeof(NSRCADR(a)) / sizeof(*pa); 769 pa = (const void *)&NSRCADR(a); 770 pb = (const void *)&NSRCADR(b); 771 pm = (const void *)&NSRCADR(a_mask); 772 } 773 for (pa_limit = pa + loops; pa < pa_limit; pa++, pb++, pm++) 774 if ((*pa & *pm) != (*pb & *pm)) 775 return FALSE; 776 777 return TRUE; 778 } 779 780 781 /* 782 * Code to tell if we have an IP address 783 * If we have then return the sockaddr structure 784 * and set the return value 785 * see the bind9/getaddresses.c for details 786 */ 787 int 788 is_ip_address( 789 const char * host, 790 sockaddr_u * addr 791 ) 792 { 793 struct in_addr in4; 794 struct in6_addr in6; 795 char tmpbuf[128]; 796 char *pch; 797 798 NTP_REQUIRE(host != NULL); 799 NTP_REQUIRE(addr != NULL); 800 801 memset(addr, 0, sizeof(*addr)); 802 803 /* 804 * Try IPv4, then IPv6. In order to handle the extended format 805 * for IPv6 scoped addresses (address%scope_ID), we'll use a local 806 * working buffer of 128 bytes. The length is an ad-hoc value, but 807 * should be enough for this purpose; the buffer can contain a string 808 * of at least 80 bytes for scope_ID in addition to any IPv6 numeric 809 * addresses (up to 46 bytes), the delimiter character and the 810 * terminating NULL character. 811 */ 812 if (inet_pton(AF_INET, host, &in4) == 1) { 813 AF(addr) = AF_INET; 814 SET_ADDR4N(addr, in4.s_addr); 815 816 return TRUE; 817 } else if (sizeof(tmpbuf) > strlen(host)) { 818 if ('[' == host[0]) { 819 strncpy(tmpbuf, &host[1], sizeof(tmpbuf)); 820 pch = strchr(tmpbuf, ']'); 821 if (pch != NULL) 822 *pch = '\0'; 823 } else 824 strncpy(tmpbuf, host, sizeof(tmpbuf)); 825 pch = strchr(tmpbuf, '%'); 826 if (pch != NULL) 827 *pch = '\0'; 828 829 if (inet_pton(AF_INET6, tmpbuf, &in6) == 1) { 830 AF(addr) = AF_INET6; 831 SET_ADDR6N(addr, in6); 832 833 return TRUE; 834 } 835 } 836 /* 837 * If we got here it was not an IP address 838 */ 839 return FALSE; 840 } 841 842 843 /* 844 * interface list enumerator - visitor pattern 845 */ 846 void 847 interface_enumerate( 848 interface_receiver_t receiver, 849 void * data 850 ) 851 { 852 interface_info_t ifi; 853 854 ifi.action = IFS_EXISTS; 855 for (ifi.ep = ep_list; ifi.ep != NULL; ifi.ep = ifi.ep->elink) 856 (*receiver)(data, &ifi); 857 } 858 859 /* 860 * do standard initialization of interface structure 861 */ 862 static void 863 init_interface( 864 endpt *ep 865 ) 866 { 867 memset(ep, 0, sizeof(*ep)); 868 ep->fd = INVALID_SOCKET; 869 ep->bfd = INVALID_SOCKET; 870 ep->phase = sys_interphase; 871 } 872 873 874 /* 875 * create new interface structure initialize from 876 * template structure or via standard initialization 877 * function 878 */ 879 static struct interface * 880 new_interface( 881 struct interface *interface 882 ) 883 { 884 static u_int sys_ifnum = 0; 885 struct interface * iface; 886 887 iface = emalloc(sizeof(*iface)); 888 889 if (NULL == interface) 890 init_interface(iface); 891 else /* use the template */ 892 memcpy(iface, interface, sizeof(*iface)); 893 894 /* count every new instance of an interface in the system */ 895 iface->ifnum = sys_ifnum++; 896 iface->starttime = current_time; 897 898 return iface; 899 } 900 901 902 /* 903 * return interface storage into free memory pool 904 */ 905 static inline void 906 delete_interface( 907 endpt *ep 908 ) 909 { 910 free(ep); 911 } 912 913 914 /* 915 * link interface into list of known interfaces 916 */ 917 static void 918 add_interface( 919 endpt * ep 920 ) 921 { 922 endpt ** pmclisthead; 923 endpt * scan; 924 endpt * scan_next; 925 endpt * unlinked; 926 sockaddr_u * addr; 927 int ep_local; 928 int scan_local; 929 int same_subnet; 930 int ep_univ_iid; /* iface ID from MAC address */ 931 int scan_univ_iid; /* see RFC 4291 */ 932 int ep_privacy; /* random local iface ID */ 933 int scan_privacy; /* see RFC 4941 */ 934 int rc; 935 936 /* 937 * Calculate the address hash 938 */ 939 ep->addr_refid = addr2refid(&ep->sin); 940 941 LINK_SLIST(ep_list, ep, elink); 942 ninterfaces++; 943 #ifdef MCAST 944 /* the rest is for enabled multicast-capable addresses only */ 945 if (ep->ignore_packets || !(INT_MULTICAST & ep->flags) || 946 INT_LOOPBACK & ep->flags) 947 return; 948 # ifndef INCLUDE_IPV6_MULTICAST_SUPPORT 949 if (AF_INET6 == ep->family) 950 return; 951 # endif 952 pmclisthead = (AF_INET == ep->family) 953 ? &mc4_list 954 : &mc6_list; 955 956 if (AF_INET6 == ep->family) { 957 ep_local = 958 IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(&ep->sin)) || 959 IN6_IS_ADDR_SITELOCAL(PSOCK_ADDR6(&ep->sin)); 960 ep_univ_iid = IS_IID_UNIV(&ep->sin); 961 ep_privacy = !!(INT_PRIVACY & ep->flags); 962 } else { 963 ep_local = FALSE; 964 ep_univ_iid = FALSE; 965 ep_privacy = FALSE; 966 } 967 DPRINTF(4, ("add_interface mcast-capable %s%s%s%s\n", 968 stoa(&ep->sin), 969 (ep_local) ? " link/scope-local" : "", 970 (ep_univ_iid) ? " univ-IID" : "", 971 (ep_privacy) ? " privacy" : "")); 972 /* 973 * If we have multiple local addresses on the same network 974 * interface, and some are link- or site-local, do not multicast 975 * out from the link-/site-local addresses by default, to avoid 976 * duplicate manycastclient associations between v6 peers using 977 * link-local and global addresses. link-local can still be 978 * chosen using "nic ignore myv6globalprefix::/64". 979 * Similarly, if we have multiple global addresses from the same 980 * prefix on the same network interface, multicast from one, 981 * preferring EUI-64, then static, then least RFC 4941 privacy 982 * addresses. 983 */ 984 for (scan = *pmclisthead; scan != NULL; scan = scan_next) { 985 scan_next = scan->mclink; 986 if (ep->family != scan->family) 987 continue; 988 if (strcmp(ep->name, scan->name)) 989 continue; 990 same_subnet = addr_samesubnet(&ep->sin, &ep->mask, 991 &scan->sin, &scan->mask); 992 if (AF_INET6 == ep->family) { 993 addr = &scan->sin; 994 scan_local = 995 IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(addr)) || 996 IN6_IS_ADDR_SITELOCAL(PSOCK_ADDR6(addr)); 997 scan_univ_iid = IS_IID_UNIV(addr); 998 scan_privacy = !!(INT_PRIVACY & scan->flags); 999 } else { 1000 scan_local = FALSE; 1001 scan_univ_iid = FALSE; 1002 scan_privacy = FALSE; 1003 } 1004 DPRINTF(4, ("add_interface mcast-capable scan %s%s%s%s\n", 1005 stoa(&scan->sin), 1006 (scan_local) ? " link/scope-local" : "", 1007 (scan_univ_iid) ? " univ-IID" : "", 1008 (scan_privacy) ? " privacy" : "")); 1009 if ((ep_local && !scan_local) || (same_subnet && 1010 ((ep_privacy && !scan_privacy) || 1011 (!ep_univ_iid && scan_univ_iid)))) { 1012 DPRINTF(4, ("did not add %s to %s of IPv6 multicast-capable list which already has %s\n", 1013 stoa(&ep->sin), 1014 (ep_local) 1015 ? "tail" 1016 : "head", 1017 stoa(&scan->sin))); 1018 return; 1019 } 1020 if ((scan_local && !ep_local) || (same_subnet && 1021 ((scan_privacy && !ep_privacy) || 1022 (!scan_univ_iid && ep_univ_iid)))) { 1023 UNLINK_SLIST(unlinked, *pmclisthead, 1024 scan, mclink, endpt); 1025 DPRINTF(4, ("%s %s from IPv6 multicast-capable list to add %s\n", 1026 (unlinked != scan) 1027 ? "Failed to remove" 1028 : "removed", 1029 stoa(&scan->sin), stoa(&ep->sin))); 1030 } 1031 } 1032 /* 1033 * Add link/site local at the tail of the multicast- 1034 * capable unicast interfaces list, so that ntpd will 1035 * send from global addresses before link-/site-local 1036 * ones. 1037 */ 1038 if (ep_local) 1039 LINK_TAIL_SLIST(*pmclisthead, ep, mclink, endpt); 1040 else 1041 LINK_SLIST(*pmclisthead, ep, mclink); 1042 DPRINTF(4, ("added %s to %s of IPv%s multicast-capable unicast local address list\n", 1043 stoa(&ep->sin), 1044 (ep_local) 1045 ? "tail" 1046 : "head", 1047 (AF_INET == ep->family) 1048 ? "4" 1049 : "6")); 1050 1051 /* 1052 * select the local address from which to send to multicast. 1053 */ 1054 switch (AF(&ep->sin)) { 1055 case AF_INET : 1056 rc = setsockopt(ep->fd, IPPROTO_IP, 1057 IP_MULTICAST_IF, 1058 (void *)&NSRCADR(&ep->sin), 1059 sizeof(NSRCADR(&ep->sin))); 1060 if (rc) 1061 msyslog(LOG_ERR, 1062 "setsockopt IP_MULTICAST_IF %s fails: %m", 1063 stoa(&ep->sin)); 1064 break; 1065 # ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 1066 case AF_INET6 : 1067 rc = setsockopt(ep->fd, IPPROTO_IPV6, 1068 IPV6_MULTICAST_IF, 1069 (void *)&ep->ifindex, 1070 sizeof(ep->ifindex)); 1071 if (rc) 1072 msyslog(LOG_ERR, 1073 "setsockopt IPV6_MULTICAST_IF %u for %s fails: %m", 1074 ep->ifindex, stoa(&ep->sin)); 1075 break; 1076 # endif 1077 } 1078 #endif /* MCAST */ 1079 } 1080 1081 1082 /* 1083 * remove interface from known interface list and clean up 1084 * associated resources 1085 */ 1086 static void 1087 remove_interface( 1088 endpt * ep 1089 ) 1090 { 1091 endpt * unlinked; 1092 endpt ** pmclisthead; 1093 sockaddr_u resmask; 1094 1095 UNLINK_SLIST(unlinked, ep_list, ep, elink, endpt); 1096 if (!ep->ignore_packets && INT_MULTICAST & ep->flags) { 1097 pmclisthead = (AF_INET == ep->family) 1098 ? &mc4_list 1099 : &mc6_list; 1100 UNLINK_SLIST(unlinked, *pmclisthead, ep, mclink, endpt); 1101 DPRINTF(4, ("%s %s IPv%s multicast-capable unicast local address list\n", 1102 stoa(&ep->sin), 1103 (unlinked != NULL) 1104 ? "removed from" 1105 : "not found on", 1106 (AF_INET == ep->family) 1107 ? "4" 1108 : "6")); 1109 } 1110 delete_interface_from_list(ep); 1111 1112 if (ep->fd != INVALID_SOCKET) { 1113 msyslog(LOG_INFO, 1114 "Deleting interface #%d %s, %s#%d, interface stats: received=%ld, sent=%ld, dropped=%ld, active_time=%ld secs", 1115 ep->ifnum, 1116 ep->name, 1117 stoa(&ep->sin), 1118 SRCPORT(&ep->sin), 1119 ep->received, 1120 ep->sent, 1121 ep->notsent, 1122 current_time - ep->starttime); 1123 close_and_delete_fd_from_list(ep->fd); 1124 } 1125 1126 if (ep->bfd != INVALID_SOCKET) { 1127 msyslog(LOG_INFO, 1128 "Deleting broadcast address %s#%d from interface #%d %s", 1129 stoa(&ep->bcast), SRCPORT(&ep->bcast), 1130 ep->ifnum, ep->name); 1131 close_and_delete_fd_from_list(ep->bfd); 1132 } 1133 1134 ninterfaces--; 1135 ntp_monclearinterface(ep); 1136 1137 /* remove restrict interface entry */ 1138 SET_HOSTMASK(&resmask, AF(&ep->sin)); 1139 hack_restrict(RESTRICT_REMOVEIF, &ep->sin, &resmask, 1140 RESM_NTPONLY | RESM_INTERFACE, RES_IGNORE); 1141 } 1142 1143 1144 static void 1145 log_listen_address( 1146 endpt * ep 1147 ) 1148 { 1149 msyslog(LOG_INFO, "%s on %d %s %s UDP %d", 1150 (ep->ignore_packets) 1151 ? "Listen and drop" 1152 : "Listen normally", 1153 ep->ifnum, 1154 ep->name, 1155 stoa(&ep->sin), 1156 SRCPORT(&ep->sin)); 1157 } 1158 1159 1160 static void 1161 create_wildcards( 1162 u_short port 1163 ) 1164 { 1165 int v4wild; 1166 #ifdef INCLUDE_IPV6_SUPPORT 1167 int v6wild; 1168 #endif 1169 sockaddr_u wildaddr; 1170 nic_rule_action action; 1171 struct interface * wildif; 1172 1173 /* 1174 * silence "potentially uninitialized" warnings from VC9 1175 * failing to follow the logic. Ideally action could remain 1176 * uninitialized, and the memset be the first statement under 1177 * the first if (v4wild). 1178 */ 1179 action = ACTION_LISTEN; 1180 memset(&wildaddr, 0, sizeof(wildaddr)); 1181 1182 /* 1183 * create pseudo-interface with wildcard IPv4 address 1184 */ 1185 v4wild = ipv4_works; 1186 if (v4wild) { 1187 /* set wildaddr to the v4 wildcard address 0.0.0.0 */ 1188 AF(&wildaddr) = AF_INET; 1189 SET_ADDR4(&wildaddr, INADDR_ANY); 1190 SET_PORT(&wildaddr, port); 1191 1192 /* check for interface/nic rules affecting the wildcard */ 1193 action = interface_action(NULL, &wildaddr, 0); 1194 v4wild = (ACTION_IGNORE != action); 1195 } 1196 if (v4wild) { 1197 wildif = new_interface(NULL); 1198 1199 strncpy(wildif->name, "v4wildcard", sizeof(wildif->name)); 1200 memcpy(&wildif->sin, &wildaddr, sizeof(wildif->sin)); 1201 wildif->family = AF_INET; 1202 AF(&wildif->mask) = AF_INET; 1203 SET_ONESMASK(&wildif->mask); 1204 1205 wildif->flags = INT_BROADCAST | INT_UP | INT_WILDCARD; 1206 wildif->ignore_packets = (ACTION_DROP == action); 1207 #if defined(MCAST) 1208 /* 1209 * enable multicast reception on the broadcast socket 1210 */ 1211 AF(&wildif->bcast) = AF_INET; 1212 SET_ADDR4(&wildif->bcast, INADDR_ANY); 1213 SET_PORT(&wildif->bcast, port); 1214 #endif /* MCAST */ 1215 wildif->fd = open_socket(&wildif->sin, 0, 1, wildif); 1216 1217 if (wildif->fd != INVALID_SOCKET) { 1218 wildipv4 = wildif; 1219 any_interface = wildif; 1220 1221 add_addr_to_list(&wildif->sin, wildif); 1222 add_interface(wildif); 1223 log_listen_address(wildif); 1224 } else { 1225 msyslog(LOG_ERR, 1226 "unable to bind to wildcard address %s - another process may be running - EXITING", 1227 stoa(&wildif->sin)); 1228 exit(1); 1229 } 1230 DPRINT_INTERFACE(2, (wildif, "created ", "\n")); 1231 } 1232 1233 #ifdef INCLUDE_IPV6_SUPPORT 1234 /* 1235 * create pseudo-interface with wildcard IPv6 address 1236 */ 1237 v6wild = ipv6_works; 1238 if (v6wild) { 1239 /* set wildaddr to the v6 wildcard address :: */ 1240 memset(&wildaddr, 0, sizeof(wildaddr)); 1241 AF(&wildaddr) = AF_INET6; 1242 SET_ADDR6N(&wildaddr, in6addr_any); 1243 SET_PORT(&wildaddr, port); 1244 SET_SCOPE(&wildaddr, 0); 1245 1246 /* check for interface/nic rules affecting the wildcard */ 1247 action = interface_action(NULL, &wildaddr, 0); 1248 v6wild = (ACTION_IGNORE != action); 1249 } 1250 if (v6wild) { 1251 wildif = new_interface(NULL); 1252 1253 strncpy(wildif->name, "v6wildcard", sizeof(wildif->name)); 1254 memcpy(&wildif->sin, &wildaddr, sizeof(wildif->sin)); 1255 wildif->family = AF_INET6; 1256 AF(&wildif->mask) = AF_INET6; 1257 SET_ONESMASK(&wildif->mask); 1258 1259 wildif->flags = INT_UP | INT_WILDCARD; 1260 wildif->ignore_packets = (ACTION_DROP == action); 1261 1262 wildif->fd = open_socket(&wildif->sin, 0, 1, wildif); 1263 1264 if (wildif->fd != INVALID_SOCKET) { 1265 wildipv6 = wildif; 1266 any6_interface = wildif; 1267 add_addr_to_list(&wildif->sin, wildif); 1268 add_interface(wildif); 1269 log_listen_address(wildif); 1270 } else { 1271 msyslog(LOG_ERR, 1272 "unable to bind to wildcard address %s - another process may be running - EXITING", 1273 stoa(&wildif->sin)); 1274 exit(1); 1275 } 1276 DPRINT_INTERFACE(2, (wildif, "created ", "\n")); 1277 } 1278 #endif 1279 } 1280 1281 1282 /* 1283 * add_nic_rule() -- insert a rule entry at the head of nic_rule_list. 1284 */ 1285 void 1286 add_nic_rule( 1287 nic_rule_match match_type, 1288 const char * if_name, /* interface name or numeric address */ 1289 int prefixlen, 1290 nic_rule_action action 1291 ) 1292 { 1293 nic_rule * rule; 1294 isc_boolean_t is_ip; 1295 1296 rule = emalloc(sizeof(*rule)); 1297 memset(rule, 0, sizeof(*rule)); 1298 rule->match_type = match_type; 1299 rule->prefixlen = prefixlen; 1300 rule->action = action; 1301 1302 if (MATCH_IFNAME == match_type) { 1303 NTP_REQUIRE(NULL != if_name); 1304 rule->if_name = estrdup(if_name); 1305 } else if (MATCH_IFADDR == match_type) { 1306 NTP_REQUIRE(NULL != if_name); 1307 /* set rule->addr */ 1308 is_ip = is_ip_address(if_name, &rule->addr); 1309 NTP_REQUIRE(is_ip); 1310 } else 1311 NTP_REQUIRE(NULL == if_name); 1312 1313 LINK_SLIST(nic_rule_list, rule, next); 1314 } 1315 1316 1317 #ifdef DEBUG 1318 static const char * 1319 action_text( 1320 nic_rule_action action 1321 ) 1322 { 1323 const char *t; 1324 1325 switch (action) { 1326 1327 default: 1328 t = "ERROR"; /* quiet uninit warning */ 1329 DPRINTF(1, ("fatal: unknown nic_rule_action %d\n", 1330 action)); 1331 NTP_ENSURE(0); 1332 break; 1333 1334 case ACTION_LISTEN: 1335 t = "listen"; 1336 break; 1337 1338 case ACTION_IGNORE: 1339 t = "ignore"; 1340 break; 1341 1342 case ACTION_DROP: 1343 t = "drop"; 1344 break; 1345 } 1346 1347 return t; 1348 } 1349 #endif /* DEBUG */ 1350 1351 1352 static nic_rule_action 1353 interface_action( 1354 char * if_name, 1355 sockaddr_u * if_addr, 1356 u_int32 if_flags 1357 ) 1358 { 1359 nic_rule * rule; 1360 int isloopback; 1361 int iswildcard; 1362 1363 DPRINTF(4, ("interface_action: %s %s ", 1364 (if_name != NULL) 1365 ? if_name 1366 : "wildcard", 1367 stoa(if_addr))); 1368 1369 iswildcard = is_wildcard_addr(if_addr); 1370 1371 /* 1372 * Always listen on 127.0.0.1 - required by ntp_intres 1373 */ 1374 if (INT_LOOPBACK & if_flags) { 1375 isloopback = TRUE; 1376 if (IS_IPV4(if_addr)) { 1377 DPRINTF(4, ("IPv4 loopback - listen\n")); 1378 return ACTION_LISTEN; 1379 } 1380 } else { 1381 isloopback = FALSE; 1382 } 1383 1384 /* 1385 * Find any matching NIC rule from --interface / -I or ntp.conf 1386 * interface/nic rules. 1387 */ 1388 for (rule = nic_rule_list; rule != NULL; rule = rule->next) { 1389 1390 switch (rule->match_type) { 1391 1392 case MATCH_ALL: 1393 /* loopback and wildcard excluded from "all" */ 1394 if (isloopback || iswildcard) 1395 break; 1396 DPRINTF(4, ("nic all %s\n", 1397 action_text(rule->action))); 1398 return rule->action; 1399 1400 case MATCH_IPV4: 1401 if (IS_IPV4(if_addr)) { 1402 DPRINTF(4, ("nic ipv4 %s\n", 1403 action_text(rule->action))); 1404 return rule->action; 1405 } 1406 break; 1407 1408 case MATCH_IPV6: 1409 if (IS_IPV6(if_addr)) { 1410 DPRINTF(4, ("nic ipv6 %s\n", 1411 action_text(rule->action))); 1412 return rule->action; 1413 } 1414 break; 1415 1416 case MATCH_WILDCARD: 1417 if (iswildcard) { 1418 DPRINTF(4, ("nic wildcard %s\n", 1419 action_text(rule->action))); 1420 return rule->action; 1421 } 1422 break; 1423 1424 case MATCH_IFADDR: 1425 if (rule->prefixlen != -1) { 1426 if (addr_eqprefix(if_addr, &rule->addr, 1427 rule->prefixlen)) { 1428 1429 DPRINTF(4, ("subnet address match - %s\n", 1430 action_text(rule->action))); 1431 return rule->action; 1432 } 1433 } else 1434 if (SOCK_EQ(if_addr, &rule->addr)) { 1435 1436 DPRINTF(4, ("address match - %s\n", 1437 action_text(rule->action))); 1438 return rule->action; 1439 } 1440 break; 1441 1442 case MATCH_IFNAME: 1443 if (if_name != NULL 1444 && !strcasecmp(if_name, rule->if_name)) { 1445 1446 DPRINTF(4, ("interface name match - %s\n", 1447 action_text(rule->action))); 1448 return rule->action; 1449 } 1450 break; 1451 } 1452 } 1453 1454 /* 1455 * Unless explicitly disabled such as with "nic ignore ::1" 1456 * listen on loopback addresses. Since ntpq and ntpdc query 1457 * "localhost" by default, which typically resolves to ::1 and 1458 * 127.0.0.1, it's useful to default to listening on both. 1459 */ 1460 if (isloopback) { 1461 DPRINTF(4, ("default loopback listen\n")); 1462 return ACTION_LISTEN; 1463 } 1464 1465 /* 1466 * Treat wildcard addresses specially. If there is no explicit 1467 * "nic ... wildcard" or "nic ... 0.0.0.0" or "nic ... ::" rule 1468 * default to drop. 1469 */ 1470 if (iswildcard) { 1471 DPRINTF(4, ("default wildcard drop\n")); 1472 return ACTION_DROP; 1473 } 1474 1475 /* 1476 * Check for "virtual IP" (colon in the interface name) after 1477 * the rules so that "ntpd --interface eth0:1 -novirtualips" 1478 * does indeed listen on eth0:1's addresses. 1479 */ 1480 if (!listen_to_virtual_ips && if_name != NULL 1481 && (strchr(if_name, ':') != NULL)) { 1482 1483 DPRINTF(4, ("virtual ip - ignore\n")); 1484 return ACTION_IGNORE; 1485 } 1486 1487 /* 1488 * If there are no --interface/-I command-line options and no 1489 * interface/nic rules in ntp.conf, the default action is to 1490 * listen. In the presence of rules from either, the default 1491 * is to ignore. This implements ntpd's traditional listen- 1492 * every default with no interface listen configuration, and 1493 * ensures a single -I eth0 or "nic listen eth0" means do not 1494 * listen on any other addresses. 1495 */ 1496 if (NULL == nic_rule_list) { 1497 DPRINTF(4, ("default listen\n")); 1498 return ACTION_LISTEN; 1499 } 1500 1501 DPRINTF(4, ("implicit ignore\n")); 1502 return ACTION_IGNORE; 1503 } 1504 1505 1506 static void 1507 convert_isc_if( 1508 isc_interface_t *isc_if, 1509 endpt *itf, 1510 u_short port 1511 ) 1512 { 1513 const u_char v6loop[16] = {0, 0, 0, 0, 0, 0, 0, 0, 1514 0, 0, 0, 0, 0, 0, 0, 1}; 1515 1516 strncpy(itf->name, isc_if->name, sizeof(itf->name)); 1517 itf->name[sizeof(itf->name) - 1] = 0; /* strncpy may not */ 1518 itf->ifindex = isc_if->ifindex; 1519 itf->family = (u_short)isc_if->af; 1520 AF(&itf->sin) = itf->family; 1521 AF(&itf->mask) = itf->family; 1522 AF(&itf->bcast) = itf->family; 1523 SET_PORT(&itf->sin, port); 1524 SET_PORT(&itf->mask, port); 1525 SET_PORT(&itf->bcast, port); 1526 1527 if (IS_IPV4(&itf->sin)) { 1528 NSRCADR(&itf->sin) = isc_if->address.type.in.s_addr; 1529 NSRCADR(&itf->mask) = isc_if->netmask.type.in.s_addr; 1530 1531 if (isc_if->flags & INTERFACE_F_BROADCAST) { 1532 itf->flags |= INT_BROADCAST; 1533 NSRCADR(&itf->bcast) = 1534 isc_if->broadcast.type.in.s_addr; 1535 } 1536 } 1537 #ifdef INCLUDE_IPV6_SUPPORT 1538 else if (IS_IPV6(&itf->sin)) { 1539 SET_ADDR6N(&itf->sin, isc_if->address.type.in6); 1540 SET_ADDR6N(&itf->mask, isc_if->netmask.type.in6); 1541 1542 SET_SCOPE(&itf->sin, isc_if->address.zone); 1543 } 1544 #endif /* INCLUDE_IPV6_SUPPORT */ 1545 1546 1547 /* Process the rest of the flags */ 1548 1549 itf->flags |= 1550 ((INTERFACE_F_UP & isc_if->flags) 1551 ? INT_UP : 0) 1552 | ((INTERFACE_F_LOOPBACK & isc_if->flags) 1553 ? INT_LOOPBACK : 0) 1554 | ((INTERFACE_F_POINTTOPOINT & isc_if->flags) 1555 ? INT_PPP : 0) 1556 | ((INTERFACE_F_MULTICAST & isc_if->flags) 1557 ? INT_MULTICAST : 0) 1558 | ((INTERFACE_F_PRIVACY & isc_if->flags) 1559 ? INT_PRIVACY : 0) 1560 ; 1561 1562 /* 1563 * Clear the loopback flag if the address is not localhost. 1564 * http://bugs.ntp.org/1683 1565 */ 1566 if (INT_LOOPBACK & itf->flags) { 1567 if (AF_INET == itf->family) { 1568 if (127 != (SRCADR(&itf->sin) >> 24)) 1569 itf->flags &= ~INT_LOOPBACK; 1570 } else { 1571 if (memcmp(v6loop, NSRCADR6(&itf->sin), 1572 sizeof(NSRCADR6(&itf->sin)))) 1573 itf->flags &= ~INT_LOOPBACK; 1574 } 1575 } 1576 } 1577 1578 1579 /* 1580 * refresh_interface 1581 * 1582 * some OSes have been observed to keep 1583 * cached routes even when more specific routes 1584 * become available. 1585 * this can be mitigated by re-binding 1586 * the socket. 1587 */ 1588 static int 1589 refresh_interface( 1590 struct interface * interface 1591 ) 1592 { 1593 #ifdef OS_MISSES_SPECIFIC_ROUTE_UPDATES 1594 if (interface->fd != INVALID_SOCKET) { 1595 int bcast = (interface->flags & INT_BCASTOPEN) != 0; 1596 close_and_delete_fd_from_list(interface->fd); 1597 interface->flags &= ~INT_BCASTOPEN; 1598 interface->fd = open_socket(&interface->sin, 1599 bcast, 0, interface); 1600 /* 1601 * reset TTL indication so TTL is is set again 1602 * next time around 1603 */ 1604 interface->last_ttl = 0; 1605 return (interface->fd != INVALID_SOCKET); 1606 } else 1607 return 0; /* invalid sockets are not refreshable */ 1608 #else /* !OS_MISSES_SPECIFIC_ROUTE_UPDATES */ 1609 return (interface->fd != INVALID_SOCKET); 1610 #endif /* !OS_MISSES_SPECIFIC_ROUTE_UPDATES */ 1611 } 1612 1613 /* 1614 * interface_update - externally callable update function 1615 */ 1616 void 1617 interface_update( 1618 interface_receiver_t receiver, 1619 void * data) 1620 { 1621 int new_interface_found; 1622 1623 if (disable_dynamic_updates) 1624 return; 1625 1626 BLOCKIO(); 1627 new_interface_found = update_interfaces(NTP_PORT, receiver, data); 1628 UNBLOCKIO(); 1629 1630 if (!new_interface_found) 1631 return; 1632 1633 #ifdef DEBUG 1634 msyslog(LOG_DEBUG, "new interface(s) found: waking up resolver"); 1635 #endif 1636 #ifdef SYS_WINNT 1637 /* wake up the resolver thread */ 1638 if (ResolverEventHandle != NULL) 1639 SetEvent(ResolverEventHandle); 1640 #else 1641 /* write any single byte to the pipe to wake up the resolver process */ 1642 write( resolver_pipe_fd[1], &new_interface_found, 1 ); 1643 #endif 1644 } 1645 1646 1647 /* 1648 * sau_from_netaddr() - convert network address on-wire formats. 1649 * Convert from libisc's isc_netaddr_t to NTP's sockaddr_u 1650 */ 1651 void 1652 sau_from_netaddr( 1653 sockaddr_u *psau, 1654 const isc_netaddr_t *pna 1655 ) 1656 { 1657 memset(psau, 0, sizeof(*psau)); 1658 AF(psau) = (u_short)pna->family; 1659 switch (pna->family) { 1660 1661 case AF_INET: 1662 memcpy(&psau->sa4.sin_addr, &pna->type.in, 1663 sizeof(psau->sa4.sin_addr)); 1664 break; 1665 1666 case AF_INET6: 1667 memcpy(&psau->sa6.sin6_addr, &pna->type.in6, 1668 sizeof(psau->sa6.sin6_addr)); 1669 break; 1670 } 1671 } 1672 1673 1674 static int 1675 is_wildcard_addr( 1676 const sockaddr_u *psau 1677 ) 1678 { 1679 if (IS_IPV4(psau) && !NSRCADR(psau)) 1680 return 1; 1681 1682 #ifdef INCLUDE_IPV6_SUPPORT 1683 if (IS_IPV6(psau) && S_ADDR6_EQ(psau, &in6addr_any)) 1684 return 1; 1685 #endif 1686 1687 return 0; 1688 } 1689 1690 1691 #ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 1692 /* 1693 * enable/disable re-use of wildcard address socket 1694 */ 1695 static void 1696 set_wildcard_reuse( 1697 u_short family, 1698 int on 1699 ) 1700 { 1701 struct interface *any; 1702 SOCKET fd = INVALID_SOCKET; 1703 1704 any = ANY_INTERFACE_BYFAM(family); 1705 if (any != NULL) 1706 fd = any->fd; 1707 1708 if (fd != INVALID_SOCKET) { 1709 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, 1710 (char *)&on, sizeof(on))) 1711 msyslog(LOG_ERR, 1712 "set_wildcard_reuse: setsockopt(SO_REUSEADDR, %s) failed: %m", 1713 on ? "on" : "off"); 1714 1715 DPRINTF(4, ("set SO_REUSEADDR to %s on %s\n", 1716 on ? "on" : "off", 1717 stoa(&any->sin))); 1718 } 1719 } 1720 #endif /* OS_NEEDS_REUSEADDR_FOR_IFADDRBIND */ 1721 1722 1723 static isc_boolean_t 1724 is_anycast( 1725 sockaddr_u *psau, 1726 const char *name 1727 ) 1728 { 1729 #if defined(INCLUDE_IPV6_SUPPORT) && defined(SIOCGIFAFLAG_IN6) && \ 1730 defined(IN6_IFF_ANYCAST) 1731 struct in6_ifreq ifr6; 1732 int fd; 1733 u_int32 flags6; 1734 1735 if (psau->sa.sa_family != AF_INET6) 1736 return ISC_FALSE; 1737 if ((fd = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) 1738 return ISC_FALSE; 1739 memset(&ifr6, 0, sizeof(ifr6)); 1740 memcpy(&ifr6.ifr_addr, &psau->sa6, sizeof(ifr6.ifr_addr)); 1741 strncpy(ifr6.ifr_name, name, sizeof(ifr6.ifr_name)); 1742 if (ioctl(fd, SIOCGIFAFLAG_IN6, &ifr6) < 0) { 1743 close(fd); 1744 return ISC_FALSE; 1745 } 1746 close(fd); 1747 flags6 = ifr6.ifr_ifru.ifru_flags6; 1748 if ((flags6 & IN6_IFF_ANYCAST) != 0) 1749 return ISC_TRUE; 1750 #endif /* INCLUDE_IPV6_SUPPORT && SIOCGIFAFLAG_IN6 && IN6_IFF_ANYCAST */ 1751 return ISC_FALSE; 1752 } 1753 1754 1755 /* 1756 * update_interface strategy 1757 * 1758 * toggle configuration phase 1759 * 1760 * Phase 1: 1761 * forall currently existing interfaces 1762 * if address is known: 1763 * drop socket - rebind again 1764 * 1765 * if address is NOT known: 1766 * attempt to create a new interface entry 1767 * 1768 * Phase 2: 1769 * forall currently known non MCAST and WILDCARD interfaces 1770 * if interface does not match configuration phase (not seen in phase 1): 1771 * remove interface from known interface list 1772 * forall peers associated with this interface 1773 * disconnect peer from this interface 1774 * 1775 * Phase 3: 1776 * attempt to re-assign interfaces to peers 1777 * 1778 */ 1779 1780 static int 1781 update_interfaces( 1782 u_short port, 1783 interface_receiver_t receiver, 1784 void * data 1785 ) 1786 { 1787 isc_mem_t * mctx = (void *)-1; 1788 interface_info_t ifi; 1789 isc_interfaceiter_t * iter; 1790 isc_result_t result; 1791 isc_interface_t isc_if; 1792 int new_interface_found; 1793 int refresh_peers; 1794 unsigned int family; 1795 endpt enumep; 1796 endpt * ep; 1797 endpt * next_ep; 1798 1799 DPRINTF(3, ("update_interfaces(%d)\n", port)); 1800 1801 /* 1802 * phase one - scan interfaces 1803 * - create those that are not found 1804 * - update those that are found 1805 */ 1806 1807 new_interface_found = FALSE; 1808 refresh_peers = FALSE; 1809 iter = NULL; 1810 result = isc_interfaceiter_create(mctx, &iter); 1811 1812 if (result != ISC_R_SUCCESS) 1813 return 0; 1814 1815 /* 1816 * Toggle system interface scan phase to find untouched 1817 * interfaces to be deleted. 1818 */ 1819 sys_interphase ^= 0x1; 1820 1821 for (result = isc_interfaceiter_first(iter); 1822 ISC_R_SUCCESS == result; 1823 result = isc_interfaceiter_next(iter)) { 1824 1825 result = isc_interfaceiter_current(iter, &isc_if); 1826 1827 if (result != ISC_R_SUCCESS) 1828 break; 1829 1830 /* See if we have a valid family to use */ 1831 family = isc_if.address.family; 1832 if (AF_INET != family && AF_INET6 != family) 1833 continue; 1834 if (AF_INET == family && !ipv4_works) 1835 continue; 1836 if (AF_INET6 == family && !ipv6_works) 1837 continue; 1838 1839 /* create prototype */ 1840 init_interface(&enumep); 1841 1842 convert_isc_if(&isc_if, &enumep, port); 1843 1844 /* 1845 * Check if and how we are going to use the interface. 1846 */ 1847 switch (interface_action(enumep.name, &enumep.sin, 1848 enumep.flags)) { 1849 1850 case ACTION_IGNORE: 1851 continue; 1852 1853 case ACTION_LISTEN: 1854 enumep.ignore_packets = ISC_FALSE; 1855 break; 1856 1857 case ACTION_DROP: 1858 enumep.ignore_packets = ISC_TRUE; 1859 break; 1860 } 1861 1862 DPRINT_INTERFACE(4, (&enumep, "examining ", "\n")); 1863 1864 /* interfaces must be UP to be usable */ 1865 if (!(enumep.flags & INT_UP)) { 1866 DPRINTF(4, ("skipping interface %s (%s) - DOWN\n", 1867 enumep.name, stoa(&enumep.sin))); 1868 continue; 1869 } 1870 1871 /* 1872 * skip any interfaces UP and bound to a wildcard 1873 * address - some dhcp clients produce that in the 1874 * wild 1875 */ 1876 if (is_wildcard_addr(&enumep.sin)) 1877 continue; 1878 1879 if (is_anycast(&enumep.sin, isc_if.name)) 1880 continue; 1881 1882 /* 1883 * map to local *address* in order to map all duplicate 1884 * interfaces to an endpt structure with the appropriate 1885 * socket. Our name space is (ip-address), NOT 1886 * (interface name, ip-address). 1887 */ 1888 ep = getinterface(&enumep.sin, INT_WILDCARD); 1889 1890 if (ep != NULL && refresh_interface(ep)) { 1891 /* 1892 * found existing and up to date interface - 1893 * mark present. 1894 */ 1895 if (ep->phase != sys_interphase) { 1896 /* 1897 * On a new round we reset the name so 1898 * the interface name shows up again if 1899 * this address is no longer shared. 1900 * We reset ignore_packets from the 1901 * new prototype to respect any runtime 1902 * changes to the nic rules. 1903 */ 1904 strncpy(ep->name, enumep.name, 1905 sizeof(ep->name)); 1906 if (ep->ignore_packets != 1907 enumep.ignore_packets) { 1908 ep->ignore_packets = 1909 enumep.ignore_packets; 1910 refresh_peers = TRUE; 1911 DPRINTF(4, ("refreshing peers due to %s ignore_packets change to %d\n", 1912 stoa(&ep->sin), 1913 ep->ignore_packets)); 1914 } 1915 } else { 1916 /* name collision - rename interface */ 1917 strncpy(ep->name, "*multiple*", 1918 sizeof(ep->name)); 1919 } 1920 1921 DPRINT_INTERFACE(4, (ep, "updating ", 1922 " present\n")); 1923 1924 if (ep->ignore_packets != 1925 enumep.ignore_packets) { 1926 /* 1927 * We have conflicting configurations 1928 * for the interface address. This is 1929 * caused by using -I <interfacename> 1930 * for an interface that shares its 1931 * address with other interfaces. We 1932 * can not disambiguate incoming 1933 * packets delivered to this socket 1934 * without extra syscalls/features. 1935 * These are not (commonly) available. 1936 * Note this is a more unusual 1937 * configuration where several 1938 * interfaces share an address but 1939 * filtering via interface name is 1940 * attempted. We resolve the 1941 * configuration conflict by disabling 1942 * the processing of received packets. 1943 * This leads to no service on the 1944 * interface address where the conflict 1945 * occurs. 1946 */ 1947 msyslog(LOG_ERR, 1948 "WARNING: conflicting enable configuration for interfaces %s and %s for address %s - unsupported configuration - address DISABLED", 1949 enumep.name, ep->name, 1950 stoa(&enumep.sin)); 1951 1952 ep->ignore_packets = ISC_TRUE; 1953 } 1954 1955 ep->phase = sys_interphase; 1956 1957 ifi.action = IFS_EXISTS; 1958 ifi.ep = ep; 1959 if (receiver != NULL) 1960 (*receiver)(data, &ifi); 1961 } else { 1962 /* 1963 * This is new or refreshing failed - add to 1964 * our interface list. If refreshing failed we 1965 * will delete the interface structure in phase 1966 * 2 as the interface was not marked current. 1967 * We can bind to the address as the refresh 1968 * code already closed the offending socket 1969 */ 1970 ep = create_interface(port, &enumep); 1971 1972 if (ep != NULL) { 1973 ifi.action = IFS_CREATED; 1974 ifi.ep = ep; 1975 if (receiver != NULL) 1976 (*receiver)(data, &ifi); 1977 1978 new_interface_found = TRUE; 1979 refresh_peers = TRUE; 1980 DPRINTF(4, ("refreshing peers due to new addr %s\n", 1981 stoa(&ep->sin))); 1982 DPRINT_INTERFACE(3, 1983 (ep, "updating ", 1984 " new - created\n")); 1985 } else { 1986 DPRINT_INTERFACE(3, 1987 (&enumep, "updating ", 1988 " new - creation FAILED")); 1989 1990 msyslog(LOG_INFO, 1991 "failed to init interface for address %s", 1992 stoa(&enumep.sin)); 1993 continue; 1994 } 1995 } 1996 } 1997 1998 isc_interfaceiter_destroy(&iter); 1999 2000 /* 2001 * phase 2 - delete gone interfaces - reassigning peers to 2002 * other interfaces 2003 */ 2004 for (ep = ep_list; ep != NULL; ep = next_ep) { 2005 next_ep = ep->elink; 2006 2007 /* 2008 * if phase does not match sys_phase this interface was 2009 * not enumerated during the last interface scan - so it 2010 * is gone and will be deleted here unless it did not 2011 * originate from interface enumeration (INT_WILDCARD, 2012 * INT_MCASTIF). 2013 */ 2014 if (((INT_WILDCARD | INT_MCASTIF) & ep->flags) || 2015 ep->phase == sys_interphase) 2016 continue; 2017 2018 DPRINT_INTERFACE(3, (ep, "updating ", 2019 "GONE - deleting\n")); 2020 remove_interface(ep); 2021 refresh_peers = TRUE; 2022 DPRINTF(4, ("refreshing peers due to deleted addr %s", 2023 stoa(&ep->sin))); 2024 2025 ifi.action = IFS_DELETED; 2026 ifi.ep = ep; 2027 if (receiver != NULL) 2028 (*receiver)(data, &ifi); 2029 2030 /* disconnect peers from deleted endpt. */ 2031 while (ep->peers != NULL) 2032 set_peerdstadr(ep->peers, NULL); 2033 2034 /* 2035 * update globals in case we lose 2036 * a loopback interface 2037 */ 2038 if (ep == loopback_interface) 2039 loopback_interface = NULL; 2040 2041 delete_interface(ep); 2042 } 2043 2044 /* 2045 * phase 3 - re-configure as the world has changed if necessary 2046 */ 2047 if (refresh_peers) { 2048 refresh_all_peerinterfaces(); 2049 msyslog(LOG_INFO, "peers refreshed"); 2050 } 2051 2052 if (sys_bclient) 2053 io_setbclient(); 2054 2055 return new_interface_found; 2056 } 2057 2058 2059 /* 2060 * create_sockets - create a socket for each interface plus a default 2061 * socket for when we don't know where to send 2062 */ 2063 static int 2064 create_sockets( 2065 u_short port 2066 ) 2067 { 2068 #ifndef HAVE_IO_COMPLETION_PORT 2069 /* 2070 * I/O Completion Ports don't care about the select and FD_SET 2071 */ 2072 maxactivefd = 0; 2073 FD_ZERO(&activefds); 2074 #endif 2075 2076 DPRINTF(2, ("create_sockets(%d)\n", port)); 2077 2078 create_wildcards(port); 2079 2080 update_interfaces(port, NULL, NULL); 2081 2082 /* 2083 * Now that we have opened all the sockets, turn off the reuse 2084 * flag for security. 2085 */ 2086 set_reuseaddr(0); 2087 2088 DPRINTF(2, ("create_sockets: Total interfaces = %d\n", ninterfaces)); 2089 2090 return ninterfaces; 2091 } 2092 2093 /* 2094 * create_interface - create a new interface for a given prototype 2095 * binding the socket. 2096 */ 2097 static struct interface * 2098 create_interface( 2099 u_short port, 2100 struct interface * protot 2101 ) 2102 { 2103 sockaddr_u resmask; 2104 endpt * iface; 2105 #if defined(MCAST) && defined(MULTICAST_NONEWSOCKET) 2106 remaddr_t * entry; 2107 remaddr_t * next_entry; 2108 #endif 2109 DPRINTF(2, ("create_interface(%s#%d)\n", stoa(&protot->sin), 2110 port)); 2111 2112 /* build an interface */ 2113 iface = new_interface(protot); 2114 2115 /* 2116 * create socket 2117 */ 2118 iface->fd = open_socket(&iface->sin, 0, 0, iface); 2119 2120 if (iface->fd != INVALID_SOCKET) 2121 log_listen_address(iface); 2122 2123 if ((INT_BROADCAST & iface->flags) 2124 && iface->bfd != INVALID_SOCKET) 2125 msyslog(LOG_INFO, "Listening on broadcast address %s#%d", 2126 stoa((&iface->bcast)), port); 2127 2128 if (INVALID_SOCKET == iface->fd 2129 && INVALID_SOCKET == iface->bfd) { 2130 msyslog(LOG_ERR, "unable to create socket on %s (%d) for %s#%d", 2131 iface->name, 2132 iface->ifnum, 2133 stoa((&iface->sin)), 2134 port); 2135 delete_interface(iface); 2136 return NULL; 2137 } 2138 2139 /* 2140 * Blacklist our own addresses, no use talking to ourself 2141 */ 2142 SET_HOSTMASK(&resmask, AF(&iface->sin)); 2143 hack_restrict(RESTRICT_FLAGS, &iface->sin, &resmask, 2144 RESM_NTPONLY | RESM_INTERFACE, RES_IGNORE); 2145 2146 /* 2147 * set globals with the first found 2148 * loopback interface of the appropriate class 2149 */ 2150 if (NULL == loopback_interface && AF_INET == iface->family 2151 && (INT_LOOPBACK & iface->flags)) 2152 loopback_interface = iface; 2153 2154 /* 2155 * put into our interface list 2156 */ 2157 add_addr_to_list(&iface->sin, iface); 2158 add_interface(iface); 2159 2160 #if defined(MCAST) && defined(MULTICAST_NONEWSOCKET) 2161 /* 2162 * Join any previously-configured compatible multicast groups. 2163 */ 2164 if (INT_MULTICAST & iface->flags && 2165 !((INT_LOOPBACK | INT_WILDCARD) & iface->flags) && 2166 !iface->ignore_packets) { 2167 for (entry = remoteaddr_list; 2168 entry != NULL; 2169 entry = next_entry) { 2170 next_entry = entry->link; 2171 if (AF(&iface->sin) != AF(&entry->addr) || 2172 !IS_MCAST(&entry->addr)) 2173 continue; 2174 if (socket_multicast_enable(iface, 2175 &entry->addr)) 2176 msyslog(LOG_INFO, 2177 "Joined %s socket to multicast group %s", 2178 stoa(&iface->sin), 2179 stoa(&entry->addr)); 2180 else 2181 msyslog(LOG_ERR, 2182 "Failed to join %s socket to multicast group %s", 2183 stoa(&iface->sin), 2184 stoa(&entry->addr)); 2185 } 2186 } 2187 #endif /* MCAST && MCAST_NONEWSOCKET */ 2188 2189 DPRINT_INTERFACE(2, (iface, "created ", "\n")); 2190 return iface; 2191 } 2192 2193 2194 #ifdef SO_EXCLUSIVEADDRUSE 2195 static void 2196 set_excladdruse( 2197 SOCKET fd 2198 ) 2199 { 2200 int one = 1; 2201 int failed; 2202 #ifdef SYS_WINNT 2203 DWORD err; 2204 #endif 2205 2206 failed = setsockopt(fd, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, 2207 (char *)&one, sizeof(one)); 2208 2209 if (!failed) 2210 return; 2211 2212 #ifdef SYS_WINNT 2213 /* 2214 * Prior to Windows XP setting SO_EXCLUSIVEADDRUSE can fail with 2215 * error WSAINVAL depending on service pack level and whether 2216 * the user account is in the Administrators group. Do not 2217 * complain if it fails that way on versions prior to XP (5.1). 2218 */ 2219 err = GetLastError(); 2220 2221 if (isc_win32os_versioncheck(5, 1, 0, 0) < 0 /* < 5.1/XP */ 2222 && WSAEINVAL == err) 2223 return; 2224 2225 SetLastError(err); 2226 #endif 2227 msyslog(LOG_ERR, 2228 "setsockopt(%d, SO_EXCLUSIVEADDRUSE, on): %m", 2229 (int)fd); 2230 } 2231 #endif /* SO_EXCLUSIVEADDRUSE */ 2232 2233 2234 /* 2235 * set_reuseaddr() - set/clear REUSEADDR on all sockets 2236 * NB possible hole - should we be doing this on broadcast 2237 * fd's also? 2238 */ 2239 static void 2240 set_reuseaddr( 2241 int flag 2242 ) 2243 { 2244 #ifndef SO_EXCLUSIVEADDRUSE 2245 endpt *ep; 2246 2247 for (ep = ep_list; ep != NULL; ep = ep->elink) { 2248 if (ep->flags & INT_WILDCARD) 2249 continue; 2250 2251 /* 2252 * if ep->fd is INVALID_SOCKET, we might have a adapter 2253 * configured but not present 2254 */ 2255 DPRINTF(4, ("setting SO_REUSEADDR on %.16s@%s to %s\n", 2256 ep->name, stoa(&ep->sin), 2257 flag ? "on" : "off")); 2258 2259 if (ep->fd != INVALID_SOCKET) { 2260 if (setsockopt(ep->fd, SOL_SOCKET, SO_REUSEADDR, 2261 (char *)&flag, sizeof(flag))) { 2262 msyslog(LOG_ERR, "set_reuseaddr: setsockopt(%s, SO_REUSEADDR, %s) failed: %m", 2263 stoa(&ep->sin), flag ? "on" : "off"); 2264 } 2265 } 2266 } 2267 #endif /* ! SO_EXCLUSIVEADDRUSE */ 2268 } 2269 2270 /* 2271 * This is just a wrapper around an internal function so we can 2272 * make other changes as necessary later on 2273 */ 2274 void 2275 enable_broadcast( 2276 struct interface * iface, 2277 sockaddr_u * baddr 2278 ) 2279 { 2280 #ifdef OPEN_BCAST_SOCKET 2281 socket_broadcast_enable(iface, iface->fd, baddr); 2282 #endif 2283 } 2284 2285 #ifdef OPEN_BCAST_SOCKET 2286 /* 2287 * Enable a broadcast address to a given socket 2288 * The socket is in the inter_list all we need to do is enable 2289 * broadcasting. It is not this function's job to select the socket 2290 */ 2291 static isc_boolean_t 2292 socket_broadcast_enable( 2293 struct interface * iface, 2294 SOCKET fd, 2295 sockaddr_u * baddr 2296 ) 2297 { 2298 #ifdef SO_BROADCAST 2299 int on = 1; 2300 2301 if (IS_IPV4(baddr)) { 2302 /* if this interface can support broadcast, set SO_BROADCAST */ 2303 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, 2304 (char *)&on, sizeof(on))) 2305 msyslog(LOG_ERR, 2306 "setsockopt(SO_BROADCAST) enable failure on address %s: %m", 2307 stoa(baddr)); 2308 else 2309 DPRINTF(2, ("Broadcast enabled on socket %d for address %s\n", 2310 fd, stoa(baddr))); 2311 } 2312 iface->flags |= INT_BCASTOPEN; 2313 broadcast_client_enabled = ISC_TRUE; 2314 return ISC_TRUE; 2315 #else 2316 return ISC_FALSE; 2317 #endif /* SO_BROADCAST */ 2318 } 2319 2320 /* 2321 * Remove a broadcast address from a given socket 2322 * The socket is in the inter_list all we need to do is disable 2323 * broadcasting. It is not this function's job to select the socket 2324 */ 2325 static isc_boolean_t 2326 socket_broadcast_disable( 2327 struct interface * iface, 2328 sockaddr_u * baddr 2329 ) 2330 { 2331 #ifdef SO_BROADCAST 2332 int off = 0; /* This seems to be OK as an int */ 2333 2334 if (IS_IPV4(baddr) && setsockopt(iface->fd, SOL_SOCKET, 2335 SO_BROADCAST, (char *)&off, sizeof(off))) 2336 msyslog(LOG_ERR, 2337 "setsockopt(SO_BROADCAST) disable failure on address %s: %m", 2338 stoa(baddr)); 2339 2340 iface->flags &= ~INT_BCASTOPEN; 2341 broadcast_client_enabled = ISC_FALSE; 2342 return ISC_TRUE; 2343 #else 2344 return ISC_FALSE; 2345 #endif /* SO_BROADCAST */ 2346 } 2347 2348 #endif /* OPEN_BCAST_SOCKET */ 2349 2350 /* 2351 * return the broadcast client flag value 2352 */ 2353 isc_boolean_t 2354 get_broadcastclient_flag(void) 2355 { 2356 return (broadcast_client_enabled); 2357 } 2358 /* 2359 * Check to see if the address is a multicast address 2360 */ 2361 static isc_boolean_t 2362 addr_ismulticast( 2363 sockaddr_u *maddr 2364 ) 2365 { 2366 isc_boolean_t result; 2367 2368 #ifndef INCLUDE_IPV6_MULTICAST_SUPPORT 2369 /* 2370 * If we don't have IPV6 support any IPV6 addr is not multicast 2371 */ 2372 if (IS_IPV6(maddr)) 2373 result = ISC_FALSE; 2374 else 2375 #endif 2376 result = IS_MCAST(maddr); 2377 2378 if (!result) 2379 DPRINTF(4, ("address %s is not multicast\n", 2380 stoa(maddr))); 2381 2382 return result; 2383 } 2384 2385 /* 2386 * Multicast servers need to set the appropriate Multicast interface 2387 * socket option in order for it to know which interface to use for 2388 * send the multicast packet. 2389 */ 2390 void 2391 enable_multicast_if( 2392 struct interface * iface, 2393 sockaddr_u * maddr 2394 ) 2395 { 2396 #ifdef MCAST 2397 TYPEOF_IP_MULTICAST_LOOP off = 0; 2398 2399 NTP_REQUIRE(AF(maddr) == AF(&iface->sin)); 2400 2401 switch (AF(&iface->sin)) { 2402 2403 case AF_INET: 2404 #ifdef IP_MULTICAST_LOOP 2405 /* 2406 * Don't send back to itself, but allow failure to set 2407 */ 2408 if (setsockopt(iface->fd, IPPROTO_IP, 2409 IP_MULTICAST_LOOP, 2410 SETSOCKOPT_ARG_CAST &off, 2411 sizeof(off))) { 2412 2413 msyslog(LOG_ERR, 2414 "setsockopt IP_MULTICAST_LOOP failed: %m on socket %d, addr %s for multicast address %s", 2415 iface->fd, stoa(&iface->sin), 2416 stoa(maddr)); 2417 } 2418 #endif 2419 break; 2420 2421 case AF_INET6: 2422 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2423 #ifdef IPV6_MULTICAST_LOOP 2424 /* 2425 * Don't send back to itself, but allow failure to set 2426 */ 2427 if (setsockopt(iface->fd, IPPROTO_IPV6, 2428 IPV6_MULTICAST_LOOP, 2429 (char *) &off, sizeof(off))) { 2430 2431 msyslog(LOG_ERR, 2432 "setsockopt IP_MULTICAST_LOOP failed: %m on socket %d, addr %s for multicast address %s", 2433 iface->fd, stoa(&iface->sin), 2434 stoa(maddr)); 2435 } 2436 #endif 2437 break; 2438 #else 2439 return; 2440 #endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2441 } 2442 return; 2443 #endif 2444 } 2445 2446 /* 2447 * Add a multicast address to a given socket 2448 * The socket is in the inter_list all we need to do is enable 2449 * multicasting. It is not this function's job to select the socket 2450 */ 2451 #if defined(MCAST) 2452 static isc_boolean_t 2453 socket_multicast_enable( 2454 endpt * iface, 2455 sockaddr_u * maddr 2456 ) 2457 { 2458 struct ip_mreq mreq; 2459 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2460 struct ipv6_mreq mreq6; 2461 #endif 2462 switch (AF(maddr)) { 2463 2464 case AF_INET: 2465 memset(&mreq, 0, sizeof(mreq)); 2466 mreq.imr_multiaddr = SOCK_ADDR4(maddr); 2467 mreq.imr_interface.s_addr = htonl(INADDR_ANY); 2468 if (setsockopt(iface->fd, 2469 IPPROTO_IP, 2470 IP_ADD_MEMBERSHIP, 2471 (char *)&mreq, 2472 sizeof(mreq))) { 2473 msyslog(LOG_ERR, 2474 "setsockopt IP_ADD_MEMBERSHIP failed: %m on socket %d, addr %s for %x / %x (%s)", 2475 iface->fd, stoa(&iface->sin), 2476 mreq.imr_multiaddr.s_addr, 2477 mreq.imr_interface.s_addr, 2478 stoa(maddr)); 2479 return ISC_FALSE; 2480 } 2481 DPRINTF(4, ("Added IPv4 multicast membership on socket %d, addr %s for %x / %x (%s)\n", 2482 iface->fd, stoa(&iface->sin), 2483 mreq.imr_multiaddr.s_addr, 2484 mreq.imr_interface.s_addr, stoa(maddr))); 2485 break; 2486 2487 case AF_INET6: 2488 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2489 /* 2490 * Enable reception of multicast packets. 2491 * If the address is link-local we can get the 2492 * interface index from the scope id. Don't do this 2493 * for other types of multicast addresses. For now let 2494 * the kernel figure it out. 2495 */ 2496 memset(&mreq6, 0, sizeof(mreq6)); 2497 mreq6.ipv6mr_multiaddr = SOCK_ADDR6(maddr); 2498 mreq6.ipv6mr_interface = iface->ifindex; 2499 2500 if (setsockopt(iface->fd, IPPROTO_IPV6, 2501 IPV6_JOIN_GROUP, (char *)&mreq6, 2502 sizeof(mreq6))) { 2503 msyslog(LOG_ERR, 2504 "setsockopt IPV6_JOIN_GROUP failed: %m on socket %d, addr %s for interface %u (%s)", 2505 iface->fd, stoa(&iface->sin), 2506 mreq6.ipv6mr_interface, stoa(maddr)); 2507 return ISC_FALSE; 2508 } 2509 DPRINTF(4, ("Added IPv6 multicast group on socket %d, addr %s for interface %u (%s)\n", 2510 iface->fd, stoa(&iface->sin), 2511 mreq6.ipv6mr_interface, stoa(maddr))); 2512 #else 2513 return ISC_FALSE; 2514 #endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2515 } 2516 iface->flags |= INT_MCASTOPEN; 2517 iface->num_mcast++; 2518 2519 return ISC_TRUE; 2520 } 2521 #endif /* MCAST */ 2522 2523 2524 /* 2525 * Remove a multicast address from a given socket 2526 * The socket is in the inter_list all we need to do is disable 2527 * multicasting. It is not this function's job to select the socket 2528 */ 2529 #ifdef MCAST 2530 static isc_boolean_t 2531 socket_multicast_disable( 2532 struct interface * iface, 2533 sockaddr_u * maddr 2534 ) 2535 { 2536 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2537 struct ipv6_mreq mreq6; 2538 #endif 2539 struct ip_mreq mreq; 2540 2541 memset(&mreq, 0, sizeof(mreq)); 2542 2543 if (find_addr_in_list(maddr) == NULL) { 2544 DPRINTF(4, ("socket_multicast_disable(%s): not found\n", 2545 stoa(maddr))); 2546 return ISC_TRUE; 2547 } 2548 2549 switch (AF(maddr)) { 2550 2551 case AF_INET: 2552 mreq.imr_multiaddr = SOCK_ADDR4(maddr); 2553 mreq.imr_interface = SOCK_ADDR4(&iface->sin); 2554 if (setsockopt(iface->fd, IPPROTO_IP, 2555 IP_DROP_MEMBERSHIP, (char *)&mreq, 2556 sizeof(mreq))) { 2557 2558 msyslog(LOG_ERR, 2559 "setsockopt IP_DROP_MEMBERSHIP failed: %m on socket %d, addr %s for %x / %x (%s)", 2560 iface->fd, stoa(&iface->sin), 2561 SRCADR(maddr), SRCADR(&iface->sin), 2562 stoa(maddr)); 2563 return ISC_FALSE; 2564 } 2565 break; 2566 case AF_INET6: 2567 #ifdef INCLUDE_IPV6_MULTICAST_SUPPORT 2568 /* 2569 * Disable reception of multicast packets 2570 * If the address is link-local we can get the 2571 * interface index from the scope id. Don't do this 2572 * for other types of multicast addresses. For now let 2573 * the kernel figure it out. 2574 */ 2575 mreq6.ipv6mr_multiaddr = SOCK_ADDR6(maddr); 2576 mreq6.ipv6mr_interface = iface->ifindex; 2577 2578 if (setsockopt(iface->fd, IPPROTO_IPV6, 2579 IPV6_LEAVE_GROUP, (char *)&mreq6, 2580 sizeof(mreq6))) { 2581 2582 msyslog(LOG_ERR, 2583 "setsockopt IPV6_LEAVE_GROUP failure: %m on socket %d, addr %s for %d (%s)", 2584 iface->fd, stoa(&iface->sin), 2585 iface->ifindex, stoa(maddr)); 2586 return ISC_FALSE; 2587 } 2588 break; 2589 #else 2590 return ISC_FALSE; 2591 #endif /* INCLUDE_IPV6_MULTICAST_SUPPORT */ 2592 } 2593 2594 iface->num_mcast--; 2595 if (!iface->num_mcast) 2596 iface->flags &= ~INT_MCASTOPEN; 2597 2598 return ISC_TRUE; 2599 } 2600 #endif /* MCAST */ 2601 2602 /* 2603 * io_setbclient - open the broadcast client sockets 2604 */ 2605 void 2606 io_setbclient(void) 2607 { 2608 #ifdef OPEN_BCAST_SOCKET 2609 struct interface * interf; 2610 int nif; 2611 isc_boolean_t jstatus; 2612 SOCKET fd; 2613 2614 nif = 0; 2615 set_reuseaddr(1); 2616 2617 for (interf = ep_list; 2618 interf != NULL; 2619 interf = interf->elink) { 2620 2621 if (interf->flags & (INT_WILDCARD | INT_LOOPBACK)) 2622 continue; 2623 2624 /* use only allowed addresses */ 2625 if (interf->ignore_packets) 2626 continue; 2627 2628 2629 /* Need a broadcast-capable interface */ 2630 if (!(interf->flags & INT_BROADCAST)) 2631 continue; 2632 2633 /* Only IPv4 addresses are valid for broadcast */ 2634 NTP_REQUIRE(IS_IPV4(&interf->sin)); 2635 2636 /* Do we already have the broadcast address open? */ 2637 if (interf->flags & INT_BCASTOPEN) { 2638 /* 2639 * account for already open interfaces to avoid 2640 * misleading warning below 2641 */ 2642 nif++; 2643 continue; 2644 } 2645 2646 /* 2647 * Try to open the broadcast address 2648 */ 2649 interf->family = AF_INET; 2650 interf->bfd = open_socket(&interf->bcast, 1, 0, interf); 2651 2652 /* 2653 * If we succeeded then we use it otherwise enable 2654 * broadcast on the interface address 2655 */ 2656 if (interf->bfd != INVALID_SOCKET) { 2657 fd = interf->bfd; 2658 jstatus = ISC_TRUE; 2659 } else { 2660 fd = interf->fd; 2661 jstatus = socket_broadcast_enable(interf, fd, 2662 &interf->sin); 2663 } 2664 2665 /* Enable Broadcast on socket */ 2666 if (jstatus) { 2667 nif++; 2668 msyslog(LOG_INFO, 2669 "io_setbclient: Opened broadcast client on interface #%d %s", 2670 interf->ifnum, interf->name); 2671 interf->addr_refid = addr2refid(&interf->sin); 2672 } 2673 } 2674 set_reuseaddr(0); 2675 if (nif > 0) 2676 DPRINTF(1, ("io_setbclient: Opened broadcast clients\n")); 2677 else if (!nif) 2678 msyslog(LOG_ERR, 2679 "Unable to listen for broadcasts, no broadcast interfaces available"); 2680 #else 2681 msyslog(LOG_ERR, 2682 "io_setbclient: Broadcast Client disabled by build"); 2683 #endif /* OPEN_BCAST_SOCKET */ 2684 } 2685 2686 /* 2687 * io_unsetbclient - close the broadcast client sockets 2688 */ 2689 void 2690 io_unsetbclient(void) 2691 { 2692 endpt *ep; 2693 2694 for (ep = ep_list; ep != NULL; ep = ep->elink) { 2695 if (INT_WILDCARD & ep->flags) 2696 continue; 2697 if (!(INT_BCASTOPEN & ep->flags)) 2698 continue; 2699 socket_broadcast_disable(ep, &ep->sin); 2700 } 2701 } 2702 2703 /* 2704 * io_multicast_add() - add multicast group address 2705 */ 2706 void 2707 io_multicast_add( 2708 sockaddr_u *addr 2709 ) 2710 { 2711 #ifdef MCAST 2712 endpt * ep; 2713 endpt * one_ep; 2714 2715 /* 2716 * Check to see if this is a multicast address 2717 */ 2718 if (!addr_ismulticast(addr)) 2719 return; 2720 2721 /* If we already have it we can just return */ 2722 if (NULL != find_flagged_addr_in_list(addr, INT_MCASTOPEN)) { 2723 msyslog(LOG_INFO, 2724 "Duplicate request found for multicast address %s", 2725 stoa(addr)); 2726 return; 2727 } 2728 2729 #ifndef MULTICAST_NONEWSOCKET 2730 ep = new_interface(NULL); 2731 2732 /* 2733 * Open a new socket for the multicast address 2734 */ 2735 ep->sin = *addr; 2736 SET_PORT(&ep->sin, NTP_PORT); 2737 ep->family = AF(&ep->sin); 2738 AF(&ep->mask) = ep->family; 2739 SET_ONESMASK(&ep->mask); 2740 2741 set_reuseaddr(1); 2742 ep->bfd = INVALID_SOCKET; 2743 ep->fd = open_socket(&ep->sin, 0, 0, ep); 2744 if (ep->fd != INVALID_SOCKET) { 2745 ep->ignore_packets = ISC_FALSE; 2746 ep->flags |= INT_MCASTIF; 2747 2748 strncpy(ep->name, "multicast", sizeof(ep->name)); 2749 DPRINT_INTERFACE(2, (ep, "multicast add ", "\n")); 2750 add_interface(ep); 2751 log_listen_address(ep); 2752 } else { 2753 /* bind failed, re-use wildcard interface */ 2754 delete_interface(ep); 2755 2756 if (IS_IPV4(addr)) 2757 ep = wildipv4; 2758 else if (IS_IPV6(addr)) 2759 ep = wildipv6; 2760 else 2761 ep = NULL; 2762 2763 if (ep != NULL) { 2764 /* HACK ! -- stuff in an address */ 2765 /* because we don't bind addr? DH */ 2766 ep->bcast = *addr; 2767 msyslog(LOG_ERR, 2768 "multicast address %s using wildcard interface #%d %s", 2769 stoa(addr), ep->ifnum, ep->name); 2770 } else { 2771 msyslog(LOG_ERR, 2772 "No multicast socket available to use for address %s", 2773 stoa(addr)); 2774 return; 2775 } 2776 } 2777 { /* in place of the { following for in #else clause */ 2778 one_ep = ep; 2779 #else /* MULTICAST_NONEWSOCKET follows */ 2780 /* 2781 * For the case where we can't use a separate socket (Windows) 2782 * join each applicable endpoint socket to the group address. 2783 */ 2784 if (IS_IPV4(addr)) 2785 one_ep = wildipv4; 2786 else 2787 one_ep = wildipv6; 2788 for (ep = ep_list; ep != NULL; ep = ep->elink) { 2789 if (ep->ignore_packets || AF(&ep->sin) != AF(addr) || 2790 !(INT_MULTICAST & ep->flags) || 2791 (INT_LOOPBACK | INT_WILDCARD) & ep->flags) 2792 continue; 2793 one_ep = ep; 2794 #endif /* MULTICAST_NONEWSOCKET */ 2795 if (socket_multicast_enable(ep, addr)) 2796 msyslog(LOG_INFO, 2797 "Joined %s socket to multicast group %s", 2798 stoa(&ep->sin), 2799 stoa(addr)); 2800 else 2801 msyslog(LOG_ERR, 2802 "Failed to join %s socket to multicast group %s", 2803 stoa(&ep->sin), 2804 stoa(addr)); 2805 } 2806 2807 add_addr_to_list(addr, one_ep); 2808 #else /* !MCAST follows*/ 2809 msyslog(LOG_ERR, 2810 "Can not add multicast address %s: no multicast support", 2811 stoa(addr)); 2812 #endif 2813 return; 2814 } 2815 2816 2817 /* 2818 * io_multicast_del() - delete multicast group address 2819 */ 2820 void 2821 io_multicast_del( 2822 sockaddr_u * addr 2823 ) 2824 { 2825 #ifdef MCAST 2826 endpt *iface; 2827 2828 /* 2829 * Check to see if this is a multicast address 2830 */ 2831 if (!addr_ismulticast(addr)) { 2832 msyslog(LOG_ERR, "invalid multicast address %s", 2833 stoa(addr)); 2834 return; 2835 } 2836 2837 /* 2838 * Disable reception of multicast packets 2839 */ 2840 while ((iface = find_flagged_addr_in_list(addr, INT_MCASTOPEN)) 2841 != NULL) 2842 socket_multicast_disable(iface, addr); 2843 2844 delete_addr_from_list(addr); 2845 2846 #else /* not MCAST */ 2847 msyslog(LOG_ERR, 2848 "Can not delete multicast address %s: no multicast support", 2849 stoa(addr)); 2850 #endif /* not MCAST */ 2851 } 2852 2853 2854 /* 2855 * init_nonblocking_io() - set up descriptor to be non blocking 2856 */ 2857 static void init_nonblocking_io( 2858 SOCKET fd 2859 ) 2860 { 2861 /* 2862 * set non-blocking, 2863 */ 2864 2865 #ifdef USE_FIONBIO 2866 /* in vxWorks we use FIONBIO, but the others are defined for old systems, so 2867 * all hell breaks loose if we leave them defined 2868 */ 2869 #undef O_NONBLOCK 2870 #undef FNDELAY 2871 #undef O_NDELAY 2872 #endif 2873 2874 #if defined(O_NONBLOCK) /* POSIX */ 2875 if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) { 2876 msyslog(LOG_ERR, 2877 "fcntl(O_NONBLOCK) fails on fd #%d: %m", fd); 2878 exit(1); 2879 } 2880 #elif defined(FNDELAY) 2881 if (fcntl(fd, F_SETFL, FNDELAY) < 0) { 2882 msyslog(LOG_ERR, "fcntl(FNDELAY) fails on fd #%d: %m", 2883 fd); 2884 exit(1); 2885 } 2886 #elif defined(O_NDELAY) /* generally the same as FNDELAY */ 2887 if (fcntl(fd, F_SETFL, O_NDELAY) < 0) { 2888 msyslog(LOG_ERR, "fcntl(O_NDELAY) fails on fd #%d: %m", 2889 fd); 2890 exit(1); 2891 } 2892 #elif defined(FIONBIO) 2893 { 2894 int on = 1; 2895 2896 if (ioctl(fd, FIONBIO, &on) < 0) { 2897 msyslog(LOG_ERR, 2898 "ioctl(FIONBIO) fails on fd #%d: %m", 2899 fd); 2900 exit(1); 2901 } 2902 } 2903 #elif defined(FIOSNBIO) 2904 if (ioctl(fd, FIOSNBIO, &on) < 0) { 2905 msyslog(LOG_ERR, 2906 "ioctl(FIOSNBIO) fails on fd #%d: %m", fd); 2907 exit(1); 2908 } 2909 #else 2910 # include "Bletch: Need non-blocking I/O!" 2911 #endif 2912 } 2913 2914 /* 2915 * open_socket - open a socket, returning the file descriptor 2916 */ 2917 2918 static SOCKET 2919 open_socket( 2920 sockaddr_u * addr, 2921 int bcast, 2922 int turn_off_reuse, 2923 endpt * interf 2924 ) 2925 { 2926 SOCKET fd; 2927 int errval; 2928 char scopetext[16]; 2929 /* 2930 * int is OK for REUSEADR per 2931 * http://www.kohala.com/start/mcast.api.txt 2932 */ 2933 int on = 1; 2934 int off = 0; 2935 2936 if (IS_IPV6(addr) && !ipv6_works) 2937 return INVALID_SOCKET; 2938 2939 /* create a datagram (UDP) socket */ 2940 fd = socket(AF(addr), SOCK_DGRAM, 0); 2941 if (INVALID_SOCKET == fd) { 2942 errval = socket_errno(); 2943 msyslog(LOG_ERR, 2944 "socket(AF_INET%s, SOCK_DGRAM, 0) failed on address %s: %m", 2945 IS_IPV6(addr) ? "6" : "", stoa(addr)); 2946 2947 if (errval == EPROTONOSUPPORT || 2948 errval == EAFNOSUPPORT || 2949 errval == EPFNOSUPPORT) 2950 return (INVALID_SOCKET); 2951 2952 errno = errval; 2953 msyslog(LOG_ERR, 2954 "unexpected socket() error %m code %d (not EPROTONOSUPPORT nor EAFNOSUPPORT nor EPFNOSUPPORT) - exiting", 2955 errno); 2956 exit(1); 2957 } 2958 2959 #ifdef SYS_WINNT 2960 connection_reset_fix(fd, addr); 2961 #endif 2962 /* 2963 * Fixup the file descriptor for some systems 2964 * See bug #530 for details of the issue. 2965 */ 2966 fd = move_fd(fd); 2967 2968 /* 2969 * set SO_REUSEADDR since we will be binding the same port 2970 * number on each interface according to turn_off_reuse. 2971 * This is undesirable on Windows versions starting with 2972 * Windows XP (numeric version 5.1). 2973 */ 2974 #ifdef SYS_WINNT 2975 if (isc_win32os_versioncheck(5, 1, 0, 0) < 0) /* before 5.1 */ 2976 #endif 2977 if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, 2978 (char *)((turn_off_reuse) 2979 ? &off 2980 : &on), 2981 sizeof(on))) { 2982 2983 msyslog(LOG_ERR, 2984 "setsockopt SO_REUSEADDR %s fails for address %s: %m", 2985 (turn_off_reuse) 2986 ? "off" 2987 : "on", 2988 stoa(addr)); 2989 closesocket(fd); 2990 return INVALID_SOCKET; 2991 } 2992 #ifdef SO_EXCLUSIVEADDRUSE 2993 /* 2994 * setting SO_EXCLUSIVEADDRUSE on the wildcard we open 2995 * first will cause more specific binds to fail. 2996 */ 2997 if (!(interf->flags & INT_WILDCARD)) 2998 set_excladdruse(fd); 2999 #endif 3000 3001 /* 3002 * IPv4 specific options go here 3003 */ 3004 if (IS_IPV4(addr)) { 3005 #if defined(HAVE_IPTOS_SUPPORT) 3006 if (setsockopt(fd, IPPROTO_IP, IP_TOS, (char *)&qos, 3007 sizeof(qos))) 3008 msyslog(LOG_ERR, 3009 "setsockopt IP_TOS (%02x) fails on address %s: %m", 3010 qos, stoa(addr)); 3011 #endif /* HAVE_IPTOS_SUPPORT */ 3012 if (bcast) 3013 socket_broadcast_enable(interf, fd, addr); 3014 } 3015 3016 /* 3017 * IPv6 specific options go here 3018 */ 3019 if (IS_IPV6(addr)) { 3020 #ifdef IPV6_V6ONLY 3021 if (isc_net_probe_ipv6only() == ISC_R_SUCCESS 3022 && setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, 3023 (char*)&on, sizeof(on))) 3024 msyslog(LOG_ERR, 3025 "setsockopt IPV6_V6ONLY on fails on address %s: %m", 3026 stoa(addr)); 3027 #endif 3028 #ifdef IPV6_BINDV6ONLY 3029 if (setsockopt(fd, IPPROTO_IPV6, IPV6_BINDV6ONLY, 3030 (char*)&on, sizeof(on))) 3031 msyslog(LOG_ERR, 3032 "setsockopt IPV6_BINDV6ONLY on fails on address %s: %m", 3033 stoa(addr)); 3034 #endif 3035 } 3036 3037 #ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 3038 /* 3039 * some OSes don't allow binding to more specific 3040 * addresses if a wildcard address already bound 3041 * to the port and SO_REUSEADDR is not set 3042 */ 3043 if (!is_wildcard_addr(addr)) 3044 set_wildcard_reuse(AF(addr), 1); 3045 #endif 3046 3047 /* 3048 * bind the local address. 3049 */ 3050 errval = bind(fd, &addr->sa, SOCKLEN(addr)); 3051 3052 #ifdef OS_NEEDS_REUSEADDR_FOR_IFADDRBIND 3053 if (!is_wildcard_addr(addr)) 3054 set_wildcard_reuse(AF(addr), 0); 3055 #endif 3056 3057 if (errval < 0) { 3058 /* 3059 * Don't log this under all conditions 3060 */ 3061 if (turn_off_reuse == 0 3062 #ifdef DEBUG 3063 || debug > 1 3064 #endif 3065 ) { 3066 if (SCOPE(addr)) 3067 snprintf(scopetext, sizeof(scopetext), 3068 "%%%d", SCOPE(addr)); 3069 else 3070 scopetext[0] = 0; 3071 3072 msyslog(LOG_ERR, 3073 "bind(%d) AF_INET%s %s%s#%d%s flags 0x%x failed: %m", 3074 fd, IS_IPV6(addr) ? "6" : "", 3075 stoa(addr), scopetext, SRCPORT(addr), 3076 IS_MCAST(addr) ? " (multicast)" : "", 3077 interf->flags); 3078 } 3079 3080 closesocket(fd); 3081 3082 return INVALID_SOCKET; 3083 } 3084 3085 #ifdef HAVE_TIMESTAMP 3086 { 3087 if (setsockopt(fd, SOL_SOCKET, SO_TIMESTAMP, 3088 (char*)&on, sizeof(on))) 3089 msyslog(LOG_DEBUG, 3090 "setsockopt SO_TIMESTAMP on fails on address %s: %m", 3091 stoa(addr)); 3092 else 3093 DPRINTF(4, ("setsockopt SO_TIMESTAMP enabled on fd %d address %s\n", 3094 fd, stoa(addr))); 3095 } 3096 #endif 3097 DPRINTF(4, ("bind(%d) AF_INET%s, addr %s%%%d#%d, flags 0x%x\n", 3098 fd, IS_IPV6(addr) ? "6" : "", stoa(addr), 3099 SCOPE(addr), SRCPORT(addr), interf->flags)); 3100 3101 init_nonblocking_io(fd); 3102 3103 #ifdef HAVE_SIGNALED_IO 3104 init_socket_sig(fd); 3105 #endif /* not HAVE_SIGNALED_IO */ 3106 3107 add_fd_to_list(fd, FD_TYPE_SOCKET); 3108 3109 #if !defined(SYS_WINNT) && !defined(VMS) 3110 DPRINTF(4, ("flags for fd %d: 0x%x\n", fd, 3111 fcntl(fd, F_GETFL, 0))); 3112 #endif /* SYS_WINNT || VMS */ 3113 3114 #if defined (HAVE_IO_COMPLETION_PORT) 3115 /* 3116 * Add the socket to the completion port 3117 */ 3118 if (io_completion_port_add_socket(fd, interf)) { 3119 msyslog(LOG_ERR, "unable to set up io completion port - EXITING"); 3120 exit(1); 3121 } 3122 #endif 3123 return fd; 3124 } 3125 3126 3127 #ifdef SYS_WINNT 3128 #define sendto(fd, buf, len, flags, dest, destsz) \ 3129 io_completion_port_sendto(fd, buf, len, (sockaddr_u *)(dest)) 3130 #endif 3131 3132 /* XXX ELIMINATE sendpkt similar in ntpq.c, ntpdc.c, ntp_io.c, ntptrace.c */ 3133 /* 3134 * sendpkt - send a packet to the specified destination. Maintain a 3135 * send error cache so that only the first consecutive error for a 3136 * destination is logged. 3137 */ 3138 void 3139 sendpkt( 3140 sockaddr_u * dest, 3141 struct interface * ep, 3142 int ttl, 3143 struct pkt * pkt, 3144 int len 3145 ) 3146 { 3147 endpt * src; 3148 int ismcast; 3149 int cc; 3150 int rc; 3151 u_char cttl; 3152 3153 ismcast = IS_MCAST(dest); 3154 if (!ismcast) 3155 src = ep; 3156 else 3157 src = (IS_IPV4(dest)) 3158 ? mc4_list 3159 : mc6_list; 3160 3161 if (NULL == src) { 3162 /* 3163 * unbound peer - drop request and wait for better 3164 * network conditions 3165 */ 3166 DPRINTF(2, ("%ssendpkt(dst=%s, ttl=%d, len=%d): no interface - IGNORED\n", 3167 ismcast ? "\tMCAST\t***** " : "", 3168 stoa(dest), ttl, len)); 3169 return; 3170 } 3171 3172 do { 3173 DPRINTF(2, ("%ssendpkt(%d, dst=%s, src=%s, ttl=%d, len=%d)\n", 3174 ismcast ? "\tMCAST\t***** " : "", src->fd, 3175 stoa(dest), stoa(&src->sin), ttl, len)); 3176 #ifdef MCAST 3177 /* 3178 * for the moment we use the bcast option to set multicast ttl 3179 */ 3180 if (ismcast && ttl > 0 && ttl != src->last_ttl) { 3181 /* 3182 * set the multicast ttl for outgoing packets 3183 */ 3184 switch (AF(&src->sin)) { 3185 3186 case AF_INET : 3187 cttl = (u_char)ttl; 3188 rc = setsockopt(src->fd, IPPROTO_IP, 3189 IP_MULTICAST_TTL, 3190 (void *)&cttl, 3191 sizeof(cttl)); 3192 break; 3193 3194 # ifdef INCLUDE_IPV6_SUPPORT 3195 case AF_INET6 : 3196 rc = setsockopt(src->fd, IPPROTO_IPV6, 3197 IPV6_MULTICAST_HOPS, 3198 (void *)&ttl, 3199 sizeof(ttl)); 3200 break; 3201 # endif /* INCLUDE_IPV6_SUPPORT */ 3202 3203 default: 3204 rc = 0; 3205 } 3206 3207 if (!rc) 3208 src->last_ttl = ttl; 3209 else 3210 msyslog(LOG_ERR, 3211 "setsockopt IP_MULTICAST_TTL/IPV6_MULTICAST_HOPS fails on address %s: %m", 3212 stoa(&src->sin)); 3213 } 3214 #endif /* MCAST */ 3215 3216 #ifdef SIM 3217 cc = simulate_server(dest, src, pkt); 3218 #else 3219 cc = sendto(src->fd, (char *)pkt, (u_int)len, 0, 3220 &dest->sa, SOCKLEN(dest)); 3221 #endif 3222 if (cc == -1) { 3223 src->notsent++; 3224 packets_notsent++; 3225 } else { 3226 src->sent++; 3227 packets_sent++; 3228 } 3229 if (ismcast) 3230 src = src->mclink; 3231 } while (ismcast && src != NULL); 3232 } 3233 3234 3235 #if !defined(HAVE_IO_COMPLETION_PORT) 3236 /* 3237 * fdbits - generate ascii representation of fd_set (FAU debug support) 3238 * HFDF format - highest fd first. 3239 */ 3240 static char * 3241 fdbits( 3242 int count, 3243 fd_set *set 3244 ) 3245 { 3246 static char buffer[256]; 3247 char * buf = buffer; 3248 3249 count = min(count, 255); 3250 3251 while (count >= 0) { 3252 *buf++ = FD_ISSET(count, set) ? '#' : '-'; 3253 count--; 3254 } 3255 *buf = '\0'; 3256 3257 return buffer; 3258 } 3259 3260 /* 3261 * Routine to read the refclock packets for a specific interface 3262 * Return the number of bytes read. That way we know if we should 3263 * read it again or go on to the next one if no bytes returned 3264 */ 3265 static inline int 3266 read_refclock_packet(SOCKET fd, struct refclockio *rp, l_fp ts) 3267 { 3268 int i; 3269 int buflen; 3270 register struct recvbuf *rb; 3271 3272 rb = get_free_recv_buffer(); 3273 3274 if (NULL == rb) { 3275 /* 3276 * No buffer space available - just drop the packet 3277 */ 3278 char buf[RX_BUFF_SIZE]; 3279 3280 buflen = read(fd, buf, sizeof buf); 3281 packets_dropped++; 3282 return (buflen); 3283 } 3284 3285 i = (rp->datalen == 0 3286 || rp->datalen > (int)sizeof(rb->recv_space)) 3287 ? (int)sizeof(rb->recv_space) 3288 : rp->datalen; 3289 buflen = read(fd, (char *)&rb->recv_space, (unsigned)i); 3290 3291 if (buflen < 0) { 3292 if (errno != EINTR && errno != EAGAIN) 3293 msyslog(LOG_ERR, "clock read fd %d: %m", fd); 3294 freerecvbuf(rb); 3295 return (buflen); 3296 } 3297 3298 /* 3299 * Got one. Mark how and when it got here, 3300 * put it on the full list and do bookkeeping. 3301 */ 3302 rb->recv_length = buflen; 3303 rb->recv_srcclock = rp->srcclock; 3304 rb->dstadr = 0; 3305 rb->fd = fd; 3306 rb->recv_time = ts; 3307 rb->receiver = rp->clock_recv; 3308 3309 if (rp->io_input) { 3310 /* 3311 * have direct input routine for refclocks 3312 */ 3313 if (rp->io_input(rb) == 0) { 3314 /* 3315 * data was consumed - nothing to pass up 3316 * into block input machine 3317 */ 3318 freerecvbuf(rb); 3319 return (buflen); 3320 } 3321 } 3322 3323 add_full_recv_buffer(rb); 3324 3325 rp->recvcount++; 3326 packets_received++; 3327 return (buflen); 3328 } 3329 3330 3331 #ifdef HAVE_TIMESTAMP 3332 /* 3333 * extract timestamps from control message buffer 3334 */ 3335 static l_fp 3336 fetch_timestamp( 3337 struct recvbuf * rb, 3338 struct msghdr * msghdr, 3339 l_fp ts 3340 ) 3341 { 3342 #ifdef USE_TIMESTAMP_CMSG 3343 struct cmsghdr *cmsghdr; 3344 3345 cmsghdr = CMSG_FIRSTHDR(msghdr); 3346 while (cmsghdr != NULL) { 3347 switch (cmsghdr->cmsg_type) 3348 { 3349 case SCM_TIMESTAMP: 3350 { 3351 struct timeval *tvp; 3352 double dtemp; 3353 l_fp nts; 3354 3355 tvp = (struct timeval *)CMSG_DATA(cmsghdr); 3356 DPRINTF(4, ("fetch_timestamp: system network time stamp: %lld.%06ld\n", 3357 (long long)tvp->tv_sec, (long)tvp->tv_usec)); 3358 nts.l_i = tvp->tv_sec + JAN_1970; 3359 dtemp = (tvp->tv_usec 3360 + (ntp_random() * 2. / FRAC)) / 1e6; 3361 nts.l_uf = (u_int32)(dtemp * FRAC); 3362 #ifdef DEBUG_TIMING 3363 { 3364 l_fp dts; 3365 3366 dts = ts; 3367 L_SUB(&dts, &nts); 3368 collect_timing(rb, 3369 "input processing delay", 3370 1, &dts); 3371 DPRINTF(4, ("fetch_timestamp: timestamp delta: %s (incl. prec fuzz)\n", 3372 lfptoa(&dts, 9))); 3373 } 3374 #endif 3375 ts = nts; /* network time stamp */ 3376 break; 3377 } 3378 default: 3379 DPRINTF(4, ("fetch_timestamp: skipping control message 0x%x\n", 3380 cmsghdr->cmsg_type)); 3381 } 3382 cmsghdr = CMSG_NXTHDR(msghdr, cmsghdr); 3383 } 3384 #endif 3385 return ts; 3386 } 3387 #endif 3388 3389 3390 /* 3391 * Routine to read the network NTP packets for a specific interface 3392 * Return the number of bytes read. That way we know if we should 3393 * read it again or go on to the next one if no bytes returned 3394 */ 3395 static inline int 3396 read_network_packet( 3397 SOCKET fd, 3398 struct interface * itf, 3399 l_fp ts 3400 ) 3401 { 3402 GETSOCKNAME_SOCKLEN_TYPE fromlen; 3403 int buflen; 3404 register struct recvbuf *rb; 3405 #ifdef HAVE_TIMESTAMP 3406 struct msghdr msghdr; 3407 struct iovec iovec; 3408 char control[TIMESTAMP_CTLMSGBUF_SIZE]; 3409 #endif 3410 3411 /* 3412 * Get a buffer and read the frame. If we 3413 * haven't got a buffer, or this is received 3414 * on a disallowed socket, just dump the 3415 * packet. 3416 */ 3417 3418 rb = get_free_recv_buffer(); 3419 if (NULL == rb || itf->ignore_packets) { 3420 char buf[RX_BUFF_SIZE]; 3421 sockaddr_u from; 3422 3423 if (rb != NULL) 3424 freerecvbuf(rb); 3425 3426 fromlen = sizeof(from); 3427 buflen = recvfrom(fd, buf, sizeof(buf), 0, 3428 &from.sa, &fromlen); 3429 DPRINTF(4, ("%s on (%lu) fd=%d from %s\n", 3430 (itf->ignore_packets) 3431 ? "ignore" 3432 : "drop", 3433 free_recvbuffs(), fd, stoa(&from))); 3434 if (itf->ignore_packets) 3435 packets_ignored++; 3436 else 3437 packets_dropped++; 3438 return (buflen); 3439 } 3440 3441 fromlen = sizeof(rb->recv_srcadr); 3442 3443 #ifndef HAVE_TIMESTAMP 3444 rb->recv_length = recvfrom(fd, (char *)&rb->recv_space, 3445 sizeof(rb->recv_space), 0, 3446 &rb->recv_srcadr.sa, &fromlen); 3447 #else 3448 iovec.iov_base = &rb->recv_space; 3449 iovec.iov_len = sizeof(rb->recv_space); 3450 msghdr.msg_name = &rb->recv_srcadr; 3451 msghdr.msg_namelen = fromlen; 3452 msghdr.msg_iov = &iovec; 3453 msghdr.msg_iovlen = 1; 3454 msghdr.msg_control = (void *)&control; 3455 msghdr.msg_controllen = sizeof(control); 3456 msghdr.msg_flags = 0; 3457 rb->recv_length = recvmsg(fd, &msghdr, 0); 3458 #endif 3459 3460 buflen = rb->recv_length; 3461 3462 if (buflen == 0 || (buflen == -1 && 3463 (EWOULDBLOCK == errno 3464 #ifdef EAGAIN 3465 || EAGAIN == errno 3466 #endif 3467 ))) { 3468 freerecvbuf(rb); 3469 return (buflen); 3470 } else if (buflen < 0) { 3471 msyslog(LOG_ERR, "recvfrom(%s) fd=%d: %m", 3472 stoa(&rb->recv_srcadr), fd); 3473 DPRINTF(5, ("read_network_packet: fd=%d dropped (bad recvfrom)\n", 3474 fd)); 3475 freerecvbuf(rb); 3476 return (buflen); 3477 } 3478 3479 DPRINTF(3, ("read_network_packet: fd=%d length %d from %s\n", 3480 fd, buflen, stoa(&rb->recv_srcadr))); 3481 3482 /* 3483 * Got one. Mark how and when it got here, 3484 * put it on the full list and do bookkeeping. 3485 */ 3486 rb->dstadr = itf; 3487 rb->fd = fd; 3488 #ifdef HAVE_TIMESTAMP 3489 /* pick up a network time stamp if possible */ 3490 ts = fetch_timestamp(rb, &msghdr, ts); 3491 #endif 3492 rb->recv_time = ts; 3493 rb->receiver = receive; 3494 3495 add_full_recv_buffer(rb); 3496 3497 itf->received++; 3498 packets_received++; 3499 return (buflen); 3500 } 3501 3502 3503 /* 3504 * input_handler - receive packets asynchronously 3505 */ 3506 void 3507 input_handler( 3508 l_fp *cts 3509 ) 3510 { 3511 int buflen; 3512 int n; 3513 int doing; 3514 SOCKET fd; 3515 struct timeval tvzero; 3516 l_fp ts; /* Timestamp at BOselect() gob */ 3517 #ifdef DEBUG_TIMING 3518 l_fp ts_e; /* Timestamp at EOselect() gob */ 3519 #endif 3520 fd_set fds; 3521 int select_count = 0; 3522 endpt *ep; 3523 #if defined(HAS_ROUTING_SOCKET) 3524 struct asyncio_reader *asyncio_reader; 3525 #endif 3526 3527 handler_calls++; 3528 3529 /* 3530 * If we have something to do, freeze a timestamp. 3531 * See below for the other cases (nothing left to do or error) 3532 */ 3533 ts = *cts; 3534 3535 /* 3536 * Do a poll to see who has data 3537 */ 3538 3539 fds = activefds; 3540 tvzero.tv_sec = tvzero.tv_usec = 0; 3541 3542 n = select(maxactivefd + 1, &fds, (fd_set *)0, (fd_set *)0, 3543 &tvzero); 3544 3545 /* 3546 * If there are no packets waiting just return 3547 */ 3548 if (n < 0) { 3549 int err = errno; 3550 /* 3551 * extended FAU debugging output 3552 */ 3553 if (err != EINTR) 3554 msyslog(LOG_ERR, 3555 "select(%d, %s, 0L, 0L, &0.0) error: %m", 3556 maxactivefd + 1, 3557 fdbits(maxactivefd, &activefds)); 3558 if (err == EBADF) { 3559 int j, b; 3560 fds = activefds; 3561 for (j = 0; j <= maxactivefd; j++) 3562 if ((FD_ISSET(j, &fds) 3563 && (read(j, &b, 0) == -1))) 3564 msyslog(LOG_ERR, 3565 "Bad file descriptor %d", 3566 j); 3567 } 3568 return; 3569 } 3570 else if (n == 0) 3571 return; 3572 3573 ++handler_pkts; 3574 3575 #ifdef REFCLOCK 3576 /* 3577 * Check out the reference clocks first, if any 3578 */ 3579 3580 if (refio != NULL) { 3581 register struct refclockio *rp; 3582 3583 for (rp = refio; rp != NULL; rp = rp->next) { 3584 fd = rp->fd; 3585 3586 if (FD_ISSET(fd, &fds)) 3587 do { 3588 ++select_count; 3589 buflen = read_refclock_packet( 3590 fd, rp, ts); 3591 } while (buflen > 0); 3592 } 3593 } 3594 #endif /* REFCLOCK */ 3595 3596 /* 3597 * Loop through the interfaces looking for data to read. 3598 */ 3599 for (ep = ep_list; ep != NULL; ep = ep->elink) { 3600 for (doing = 0; doing < 2; doing++) { 3601 if (!doing) { 3602 fd = ep->fd; 3603 } else { 3604 if (!(ep->flags & INT_BCASTOPEN)) 3605 break; 3606 fd = ep->bfd; 3607 } 3608 if (fd < 0) 3609 continue; 3610 if (FD_ISSET(fd, &fds)) 3611 do { 3612 ++select_count; 3613 buflen = read_network_packet( 3614 fd, ep, ts); 3615 } while (buflen > 0); 3616 /* Check more interfaces */ 3617 } 3618 } 3619 3620 #ifdef HAS_ROUTING_SOCKET 3621 /* 3622 * scan list of asyncio readers - currently only used for routing sockets 3623 */ 3624 asyncio_reader = asyncio_reader_list; 3625 3626 while (asyncio_reader != NULL) { 3627 struct asyncio_reader *next = asyncio_reader->link; 3628 3629 if (FD_ISSET(asyncio_reader->fd, &fds)) { 3630 ++select_count; 3631 (asyncio_reader->receiver)(asyncio_reader); 3632 } 3633 3634 asyncio_reader = next; 3635 } 3636 #endif /* HAS_ROUTING_SOCKET */ 3637 3638 /* 3639 * Done everything from that select. 3640 */ 3641 3642 /* 3643 * If nothing to do, just return. 3644 * If an error occurred, complain and return. 3645 */ 3646 if (select_count == 0) { /* We really had nothing to do */ 3647 #ifdef DEBUG 3648 if (debug) 3649 msyslog(LOG_DEBUG, "input_handler: select() returned 0"); 3650 #endif 3651 return; 3652 } 3653 /* We've done our work */ 3654 #ifdef DEBUG_TIMING 3655 get_systime(&ts_e); 3656 /* 3657 * (ts_e - ts) is the amount of time we spent 3658 * processing this gob of file descriptors. Log 3659 * it. 3660 */ 3661 L_SUB(&ts_e, &ts); 3662 collect_timing(NULL, "input handler", 1, &ts_e); 3663 if (debug > 3) 3664 msyslog(LOG_DEBUG, 3665 "input_handler: Processed a gob of fd's in %s msec", 3666 lfptoms(&ts_e, 6)); 3667 #endif 3668 /* just bail. */ 3669 return; 3670 } 3671 #endif 3672 3673 /* 3674 * findinterface - find local interface corresponding to address 3675 */ 3676 endpt * 3677 findinterface( 3678 sockaddr_u *addr 3679 ) 3680 { 3681 endpt *iface; 3682 3683 iface = findlocalinterface(addr, INT_WILDCARD, 0); 3684 3685 if (NULL == iface) { 3686 DPRINTF(4, ("Found no interface for address %s - returning wildcard\n", 3687 stoa(addr))); 3688 3689 iface = ANY_INTERFACE_CHOOSE(addr); 3690 } else 3691 DPRINTF(4, ("Found interface #%d %s for address %s\n", 3692 iface->ifnum, iface->name, stoa(addr))); 3693 3694 return iface; 3695 } 3696 3697 /* 3698 * findlocalinterface - find local interface corresponding to addr, 3699 * which does not have any of flags set. If bast is nonzero, addr is 3700 * a broadcast address. 3701 * 3702 * This code attempts to find the local sending address for an outgoing 3703 * address by connecting a new socket to destinationaddress:NTP_PORT 3704 * and reading the sockname of the resulting connect. 3705 * the complicated sequence simulates the routing table lookup 3706 * for to first hop without duplicating any of the routing logic into 3707 * ntpd. preferably we would have used an API call - but its not there - 3708 * so this is the best we can do here short of duplicating to entire routing 3709 * logic in ntpd which would be a silly and really unportable thing to do. 3710 * 3711 */ 3712 static endpt * 3713 findlocalinterface( 3714 sockaddr_u * addr, 3715 int flags, 3716 int bcast 3717 ) 3718 { 3719 GETSOCKNAME_SOCKLEN_TYPE sockaddrlen; 3720 endpt * iface; 3721 sockaddr_u saddr; 3722 SOCKET s; 3723 int rtn; 3724 int on; 3725 3726 DPRINTF(4, ("Finding interface for addr %s in list of addresses\n", 3727 stoa(addr))); 3728 3729 s = socket(AF(addr), SOCK_DGRAM, 0); 3730 if (INVALID_SOCKET == s) 3731 return NULL; 3732 3733 /* 3734 * If we are looking for broadcast interface we need to set this 3735 * socket to allow broadcast 3736 */ 3737 if (bcast) { 3738 on = 1; 3739 setsockopt(s, SOL_SOCKET, SO_BROADCAST, 3740 (char *)&on, sizeof(on)); 3741 } 3742 3743 rtn = connect(s, &addr->sa, SOCKLEN(addr)); 3744 if (SOCKET_ERROR == rtn) { 3745 closesocket(s); 3746 return NULL; 3747 } 3748 3749 sockaddrlen = sizeof(saddr); 3750 rtn = getsockname(s, &saddr.sa, &sockaddrlen); 3751 closesocket(s); 3752 if (SOCKET_ERROR == rtn) 3753 return NULL; 3754 3755 DPRINTF(4, ("findlocalinterface: kernel maps %s to %s\n", 3756 stoa(addr), stoa(&saddr))); 3757 3758 iface = getinterface(&saddr, flags); 3759 3760 /* 3761 * if we didn't find an exact match on saddr, find the closest 3762 * available local address. This handles the case of the 3763 * address suggested by the kernel being excluded by nic rules 3764 * or the user's -I and -L options to ntpd. 3765 * See http://bugs.ntp.org/1184 and http://bugs.ntp.org/1683 3766 * for more background. 3767 */ 3768 if (NULL == iface || iface->ignore_packets) 3769 iface = findclosestinterface(&saddr, 3770 flags | INT_LOOPBACK); 3771 3772 /* Don't use an interface which will ignore replies */ 3773 if (iface != NULL && iface->ignore_packets) 3774 iface = NULL; 3775 3776 return iface; 3777 } 3778 3779 3780 /* 3781 * findclosestinterface 3782 * 3783 * If there are -I/--interface or -L/novirtualips command-line options, 3784 * or "nic" or "interface" rules in ntp.conf, findlocalinterface() may 3785 * find the kernel's preferred local address for a given peer address is 3786 * administratively unavailable to ntpd, and punt to this routine's more 3787 * expensive search. 3788 * 3789 * Find the numerically closest local address to the one connect() 3790 * suggested. This matches an address on the same subnet first, as 3791 * needed by Bug 1184, and provides a consistent choice if there are 3792 * multiple feasible local addresses, regardless of the order ntpd 3793 * enumerated them. 3794 */ 3795 static endpt * 3796 findclosestinterface( 3797 sockaddr_u * addr, 3798 int flags 3799 ) 3800 { 3801 endpt * ep; 3802 endpt * winner; 3803 sockaddr_u addr_dist; 3804 sockaddr_u min_dist; 3805 3806 3807 winner = NULL; 3808 min_dist = *addr; 3809 3810 for (ep = ep_list; ep != NULL; ep = ep->elink) { 3811 if (ep->ignore_packets || 3812 AF(addr) != ep->family || 3813 flags & ep->flags) 3814 continue; 3815 3816 calc_addr_distance(&addr_dist, addr, &ep->sin); 3817 if (NULL == winner || 3818 -1 == cmp_addr_distance(&addr_dist, &min_dist)) { 3819 min_dist = addr_dist; 3820 winner = ep; 3821 } 3822 } 3823 if (NULL == winner) 3824 DPRINTF(4, ("findclosestinterface(%s) failed\n", 3825 stoa(addr))); 3826 else 3827 DPRINTF(4, ("findclosestinterface(%s) -> %s\n", 3828 stoa(addr), stoa(&winner->sin))); 3829 3830 return winner; 3831 } 3832 3833 3834 /* 3835 * calc_addr_distance - calculate the distance between two addresses, 3836 * the absolute value of the difference between 3837 * the addresses numerically, stored as an address. 3838 */ 3839 static void 3840 calc_addr_distance( 3841 sockaddr_u * dist, 3842 const sockaddr_u * a1, 3843 const sockaddr_u * a2 3844 ) 3845 { 3846 u_int32 a1val; 3847 u_int32 a2val; 3848 u_int32 v4dist; 3849 int found_greater; 3850 int a1_greater; 3851 int i; 3852 3853 NTP_REQUIRE(AF(a1) == AF(a2)); 3854 3855 memset(dist, 0, sizeof(*dist)); 3856 AF(dist) = AF(a1); 3857 3858 /* v4 can be done a bit simpler */ 3859 if (IS_IPV4(a1)) { 3860 a1val = SRCADR(a1); 3861 a2val = SRCADR(a2); 3862 v4dist = (a1val > a2val) 3863 ? a1val - a2val 3864 : a2val - a1val; 3865 SET_ADDR4(dist, v4dist); 3866 3867 return; 3868 } 3869 3870 found_greater = FALSE; 3871 a1_greater = FALSE; /* suppress pot. uninit. warning */ 3872 for (i = 0; i < (int)sizeof(NSRCADR6(a1)); i++) { 3873 if (!found_greater && 3874 NSRCADR6(a1)[i] != NSRCADR6(a2)[i]) { 3875 found_greater = TRUE; 3876 a1_greater = (NSRCADR6(a1)[i] > NSRCADR6(a2)[i]); 3877 } 3878 if (!found_greater) { 3879 NSRCADR6(dist)[i] = 0; 3880 } else { 3881 if (a1_greater) 3882 NSRCADR6(dist)[i] = NSRCADR6(a1)[i] - 3883 NSRCADR6(a2)[i]; 3884 else 3885 NSRCADR6(dist)[i] = NSRCADR6(a2)[i] - 3886 NSRCADR6(a1)[i]; 3887 } 3888 } 3889 } 3890 3891 3892 /* 3893 * cmp_addr_distance - compare two address distances, returning -1, 0, 3894 * 1 to indicate their relationship. 3895 */ 3896 static int 3897 cmp_addr_distance( 3898 const sockaddr_u * d1, 3899 const sockaddr_u * d2 3900 ) 3901 { 3902 int i; 3903 3904 NTP_REQUIRE(AF(d1) == AF(d2)); 3905 3906 if (IS_IPV4(d1)) { 3907 if (SRCADR(d1) < SRCADR(d2)) 3908 return -1; 3909 else if (SRCADR(d1) == SRCADR(d2)) 3910 return 0; 3911 else 3912 return 1; 3913 } 3914 3915 for (i = 0; i < (int)sizeof(NSRCADR6(d1)); i++) { 3916 if (NSRCADR6(d1)[i] < NSRCADR6(d2)[i]) 3917 return -1; 3918 else if (NSRCADR6(d1)[i] > NSRCADR6(d2)[i]) 3919 return 1; 3920 } 3921 3922 return 0; 3923 } 3924 3925 3926 3927 /* 3928 * fetch an interface structure the matches the 3929 * address and has the given flags NOT set 3930 */ 3931 static endpt * 3932 getinterface( 3933 sockaddr_u * addr, 3934 u_int32 flags 3935 ) 3936 { 3937 endpt *iface; 3938 3939 iface = find_addr_in_list(addr); 3940 3941 if (iface != NULL && (iface->flags & flags)) 3942 iface = NULL; 3943 3944 return iface; 3945 } 3946 3947 3948 /* 3949 * findbcastinter - find broadcast interface corresponding to address 3950 */ 3951 endpt * 3952 findbcastinter( 3953 sockaddr_u *addr 3954 ) 3955 { 3956 #if !defined(MPE) && (defined(SIOCGIFCONF) || defined(SYS_WINNT)) 3957 struct interface *iface; 3958 3959 3960 DPRINTF(4, ("Finding broadcast/multicast interface for addr %s in list of addresses\n", 3961 stoa(addr))); 3962 3963 iface = findlocalinterface(addr, INT_LOOPBACK | INT_WILDCARD, 3964 1); 3965 if (iface != NULL) { 3966 DPRINTF(4, ("Easily found bcast-/mcast- interface index #%d %s\n", 3967 iface->ifnum, iface->name)); 3968 return iface; 3969 } 3970 3971 /* 3972 * plan B - try to find something reasonable in our lists in 3973 * case kernel lookup doesn't help 3974 */ 3975 for (iface = ep_list; iface != NULL; iface = iface->elink) { 3976 if (iface->flags & INT_WILDCARD) 3977 continue; 3978 3979 /* Don't bother with ignored interfaces */ 3980 if (iface->ignore_packets) 3981 continue; 3982 3983 /* 3984 * First look if this is the correct family 3985 */ 3986 if(AF(&iface->sin) != AF(addr)) 3987 continue; 3988 3989 /* Skip the loopback addresses */ 3990 if (iface->flags & INT_LOOPBACK) 3991 continue; 3992 3993 /* 3994 * If we are looking to match a multicast address and 3995 * this interface is one... 3996 */ 3997 if (addr_ismulticast(addr) 3998 && (iface->flags & INT_MULTICAST)) { 3999 #ifdef INCLUDE_IPV6_SUPPORT 4000 /* 4001 * ...it is the winner unless we're looking for 4002 * an interface to use for link-local multicast 4003 * and its address is not link-local. 4004 */ 4005 if (IS_IPV6(addr) 4006 && IN6_IS_ADDR_MC_LINKLOCAL(PSOCK_ADDR6(addr)) 4007 && !IN6_IS_ADDR_LINKLOCAL(PSOCK_ADDR6(&iface->sin))) 4008 continue; 4009 #endif 4010 break; 4011 } 4012 4013 /* 4014 * We match only those interfaces marked as 4015 * broadcastable and either the explicit broadcast 4016 * address or the network portion of the IP address. 4017 * Sloppy. 4018 */ 4019 if (IS_IPV4(addr)) { 4020 if (SOCK_EQ(&iface->bcast, addr)) 4021 break; 4022 4023 if ((NSRCADR(&iface->sin) & NSRCADR(&iface->mask)) 4024 == (NSRCADR(addr) & NSRCADR(&iface->mask))) 4025 break; 4026 } 4027 #ifdef INCLUDE_IPV6_SUPPORT 4028 else if (IS_IPV6(addr)) { 4029 if (SOCK_EQ(&iface->bcast, addr)) 4030 break; 4031 4032 if (SOCK_EQ(netof(&iface->sin), netof(addr))) 4033 break; 4034 } 4035 #endif 4036 } 4037 #endif /* SIOCGIFCONF */ 4038 if (NULL == iface) { 4039 DPRINTF(4, ("No bcast interface found for %s\n", 4040 stoa(addr))); 4041 iface = ANY_INTERFACE_CHOOSE(addr); 4042 } else 4043 DPRINTF(4, ("Found bcast-/mcast- interface index #%d %s\n", 4044 iface->ifnum, iface->name)); 4045 return iface; 4046 } 4047 4048 4049 /* 4050 * io_clr_stats - clear I/O module statistics 4051 */ 4052 void 4053 io_clr_stats(void) 4054 { 4055 packets_dropped = 0; 4056 packets_ignored = 0; 4057 packets_received = 0; 4058 packets_sent = 0; 4059 packets_notsent = 0; 4060 4061 handler_calls = 0; 4062 handler_pkts = 0; 4063 io_timereset = current_time; 4064 } 4065 4066 4067 #ifdef REFCLOCK 4068 /* 4069 * io_addclock - add a reference clock to the list and arrange that we 4070 * get SIGIO interrupts from it. 4071 */ 4072 int 4073 io_addclock( 4074 struct refclockio *rio 4075 ) 4076 { 4077 BLOCKIO(); 4078 4079 /* 4080 * Stuff the I/O structure in the list and mark the descriptor 4081 * in use. There is a harmless (I hope) race condition here. 4082 */ 4083 rio->next = refio; 4084 4085 # ifdef HAVE_SIGNALED_IO 4086 if (init_clock_sig(rio)) { 4087 UNBLOCKIO(); 4088 return 0; 4089 } 4090 # elif defined(HAVE_IO_COMPLETION_PORT) 4091 if (io_completion_port_add_clock_io(rio)) { 4092 UNBLOCKIO(); 4093 return 0; 4094 } 4095 # endif 4096 4097 /* 4098 * enqueue 4099 */ 4100 refio = rio; 4101 4102 /* 4103 * register fd 4104 */ 4105 add_fd_to_list(rio->fd, FD_TYPE_FILE); 4106 4107 UNBLOCKIO(); 4108 return 1; 4109 } 4110 4111 /* 4112 * io_closeclock - close the clock in the I/O structure given 4113 */ 4114 void 4115 io_closeclock( 4116 struct refclockio *rio 4117 ) 4118 { 4119 register struct refclockio *rp; 4120 4121 BLOCKIO(); 4122 4123 /* 4124 * Remove structure from the list 4125 */ 4126 if (refio == rio) 4127 refio = rio->next; 4128 else { 4129 for (rp = refio; rp != NULL; rp = rp->next) 4130 if (rp->next == rio) { 4131 rp->next = rio->next; 4132 break; 4133 } 4134 4135 if (NULL == rp) { 4136 UNBLOCKIO(); 4137 return; 4138 } 4139 } 4140 4141 /* 4142 * Close the descriptor. 4143 */ 4144 close_and_delete_fd_from_list(rio->fd); 4145 UNBLOCKIO(); 4146 } 4147 #endif /* REFCLOCK */ 4148 4149 /* 4150 * On NT a SOCKET is an unsigned int so we cannot possibly keep it in 4151 * an array. So we use one of the ISC_LIST functions to hold the 4152 * socket value and use that when we want to enumerate it. 4153 * 4154 * This routine is called by the forked intres child process to close 4155 * all open sockets. On Windows there's no need as intres runs in 4156 * the same process as a thread. 4157 */ 4158 #ifndef SYS_WINNT 4159 void 4160 kill_asyncio(int startfd) 4161 { 4162 BLOCKIO(); 4163 4164 /* 4165 * In the child process we do not maintain activefds and 4166 * maxactivefd. Zeroing maxactivefd disables code which 4167 * maintains it in close_and_delete_fd_from_list(). 4168 */ 4169 maxactivefd = 0; 4170 4171 while (fd_list != NULL) 4172 close_and_delete_fd_from_list(fd_list->fd); 4173 4174 UNBLOCKIO(); 4175 } 4176 #endif /* !SYS_WINNT */ 4177 4178 /* 4179 * Add and delete functions for the list of open sockets 4180 */ 4181 static void 4182 add_fd_to_list( 4183 SOCKET fd, 4184 enum desc_type type 4185 ) 4186 { 4187 vsock_t *lsock = emalloc(sizeof(*lsock)); 4188 4189 lsock->fd = fd; 4190 lsock->type = type; 4191 4192 LINK_SLIST(fd_list, lsock, link); 4193 /* 4194 * I/O Completion Ports don't care about the select and FD_SET 4195 */ 4196 #ifndef HAVE_IO_COMPLETION_PORT 4197 if (fd < 0 || fd >= FD_SETSIZE) { 4198 msyslog(LOG_ERR, 4199 "Too many sockets in use, FD_SETSIZE %d exceeded", 4200 FD_SETSIZE); 4201 exit(1); 4202 } 4203 /* 4204 * keep activefds in sync 4205 */ 4206 maxactivefd = max(fd, maxactivefd); 4207 4208 FD_SET(fd, &activefds); 4209 #endif 4210 } 4211 4212 static void 4213 close_and_delete_fd_from_list( 4214 SOCKET fd 4215 ) 4216 { 4217 vsock_t *lsock; 4218 4219 UNLINK_EXPR_SLIST(lsock, fd_list, fd == 4220 UNLINK_EXPR_SLIST_CURRENT()->fd, link, vsock_t); 4221 4222 if (lsock != NULL) { 4223 switch (lsock->type) { 4224 case FD_TYPE_SOCKET: 4225 closesocket(lsock->fd); 4226 break; 4227 4228 case FD_TYPE_FILE: 4229 close(lsock->fd); 4230 break; 4231 4232 default: 4233 msyslog(LOG_ERR, 4234 "internal error - illegal descriptor type %d - EXITING", 4235 (int)lsock->type); 4236 exit(1); 4237 } 4238 4239 free(lsock); 4240 /* 4241 * I/O Completion Ports don't care about select and fd_set 4242 */ 4243 #ifndef HAVE_IO_COMPLETION_PORT 4244 /* 4245 * remove from activefds 4246 */ 4247 FD_CLR(fd, &activefds); 4248 4249 if (fd == maxactivefd && maxactivefd) { 4250 int i; 4251 NTP_INSIST(maxactivefd - 1 < FD_SETSIZE); 4252 for (i = maxactivefd - 1; i >= 0; i--) 4253 if (FD_ISSET(i, &activefds)) { 4254 maxactivefd = i; 4255 break; 4256 } 4257 NTP_INSIST(fd != maxactivefd); 4258 } 4259 #endif 4260 } 4261 } 4262 4263 static void 4264 add_addr_to_list( 4265 sockaddr_u * addr, 4266 endpt * ep 4267 ) 4268 { 4269 remaddr_t *laddr; 4270 4271 #ifdef DEBUG 4272 if (find_addr_in_list(addr) == NULL) { 4273 #endif 4274 /* not there yet - add to list */ 4275 laddr = emalloc(sizeof(*laddr)); 4276 laddr->addr = *addr; 4277 laddr->ep = ep; 4278 4279 LINK_SLIST(remoteaddr_list, laddr, link); 4280 4281 DPRINTF(4, ("Added addr %s to list of addresses\n", 4282 stoa(addr))); 4283 #ifdef DEBUG 4284 } else 4285 DPRINTF(4, ("WARNING: Attempt to add duplicate addr %s to address list\n", 4286 stoa(addr))); 4287 #endif 4288 } 4289 4290 4291 static void 4292 delete_addr_from_list( 4293 sockaddr_u *addr 4294 ) 4295 { 4296 remaddr_t *unlinked; 4297 4298 UNLINK_EXPR_SLIST(unlinked, remoteaddr_list, SOCK_EQ(addr, 4299 &(UNLINK_EXPR_SLIST_CURRENT()->addr)), link, remaddr_t); 4300 4301 if (unlinked != NULL) { 4302 DPRINTF(4, ("Deleted addr %s from list of addresses\n", 4303 stoa(addr))); 4304 free(unlinked); 4305 } 4306 } 4307 4308 4309 static void 4310 delete_interface_from_list( 4311 endpt *iface 4312 ) 4313 { 4314 remaddr_t *unlinked; 4315 4316 do { 4317 UNLINK_EXPR_SLIST(unlinked, remoteaddr_list, iface == 4318 UNLINK_EXPR_SLIST_CURRENT()->ep, link, 4319 remaddr_t); 4320 4321 if (unlinked != NULL) { 4322 DPRINTF(4, ("Deleted addr %s for interface #%d %s from list of addresses\n", 4323 stoa(&unlinked->addr), iface->ifnum, 4324 iface->name)); 4325 free(unlinked); 4326 } 4327 } while (unlinked != NULL); 4328 } 4329 4330 4331 static struct interface * 4332 find_addr_in_list( 4333 sockaddr_u *addr 4334 ) 4335 { 4336 remaddr_t *entry; 4337 4338 DPRINTF(4, ("Searching for addr %s in list of addresses - ", 4339 stoa(addr))); 4340 4341 for (entry = remoteaddr_list; 4342 entry != NULL; 4343 entry = entry->link) 4344 if (SOCK_EQ(&entry->addr, addr)) { 4345 DPRINTF(4, ("FOUND\n")); 4346 return entry->ep; 4347 } 4348 4349 DPRINTF(4, ("NOT FOUND\n")); 4350 return NULL; 4351 } 4352 4353 4354 /* 4355 * Find the given address with the all given flags set in the list 4356 */ 4357 static endpt * 4358 find_flagged_addr_in_list( 4359 sockaddr_u * addr, 4360 u_int32 flags 4361 ) 4362 { 4363 remaddr_t *entry; 4364 4365 DPRINTF(4, ("Finding addr %s with flags %d in list: ", 4366 stoa(addr), flags)); 4367 4368 for (entry = remoteaddr_list; 4369 entry != NULL; 4370 entry = entry->link) 4371 4372 if (SOCK_EQ(&entry->addr, addr) 4373 && (entry->ep->flags & flags) == flags) { 4374 4375 DPRINTF(4, ("FOUND\n")); 4376 return entry->ep; 4377 } 4378 4379 DPRINTF(4, ("NOT FOUND\n")); 4380 return NULL; 4381 } 4382 4383 4384 const char * 4385 localaddrtoa( 4386 endpt *la 4387 ) 4388 { 4389 return (NULL == la) 4390 ? "<null>" 4391 : stoa(&la->sin); 4392 } 4393 4394 4395 #ifdef HAS_ROUTING_SOCKET 4396 # ifndef UPDATE_GRACE 4397 # define UPDATE_GRACE 2 /* wait UPDATE_GRACE seconds before scanning */ 4398 # endif 4399 4400 static void 4401 process_routing_msgs(struct asyncio_reader *reader) 4402 { 4403 char buffer[5120]; 4404 int cnt, msg_type; 4405 #ifdef HAVE_RTNETLINK 4406 struct nlmsghdr *nh; 4407 #else 4408 struct rt_msghdr *rtm; 4409 char *p; 4410 #endif 4411 4412 if (disable_dynamic_updates) { 4413 /* 4414 * discard ourselves if we are not needed any more 4415 * usually happens when running unprivileged 4416 */ 4417 remove_asyncio_reader(reader); 4418 delete_asyncio_reader(reader); 4419 return; 4420 } 4421 4422 cnt = read(reader->fd, buffer, sizeof(buffer)); 4423 4424 if (cnt < 0) { 4425 msyslog(LOG_ERR, 4426 "i/o error on routing socket %m - disabling"); 4427 remove_asyncio_reader(reader); 4428 delete_asyncio_reader(reader); 4429 return; 4430 } 4431 4432 /* 4433 * process routing message 4434 */ 4435 #ifdef HAVE_RTNETLINK 4436 for (nh = (struct nlmsghdr *)buffer; 4437 NLMSG_OK(nh, cnt); 4438 nh = NLMSG_NEXT(nh, cnt)) { 4439 msg_type = nh->nlmsg_type; 4440 #else 4441 for (p = buffer; 4442 (p + sizeof(struct rt_msghdr)) <= (buffer + cnt); 4443 p += rtm->rtm_msglen) { 4444 rtm = (struct rt_msghdr *)p; 4445 if (rtm->rtm_version != RTM_VERSION) { 4446 msyslog(LOG_ERR, 4447 "version mismatch (got %d - expected %d) on routing socket - disabling", 4448 rtm->rtm_version, RTM_VERSION); 4449 4450 remove_asyncio_reader(reader); 4451 delete_asyncio_reader(reader); 4452 return; 4453 } 4454 msg_type = rtm->rtm_type; 4455 #endif 4456 switch (msg_type) { 4457 #ifdef RTM_NEWADDR 4458 case RTM_NEWADDR: 4459 #endif 4460 #ifdef RTM_DELADDR 4461 case RTM_DELADDR: 4462 #endif 4463 #ifdef RTM_ADD 4464 case RTM_ADD: 4465 #endif 4466 #ifdef RTM_DELETE 4467 case RTM_DELETE: 4468 #endif 4469 #ifdef RTM_REDIRECT 4470 case RTM_REDIRECT: 4471 #endif 4472 #ifdef RTM_CHANGE 4473 case RTM_CHANGE: 4474 #endif 4475 #ifdef RTM_LOSING 4476 case RTM_LOSING: 4477 #endif 4478 #ifdef RTM_IFINFO 4479 case RTM_IFINFO: 4480 #endif 4481 #ifdef RTM_IFANNOUNCE 4482 case RTM_IFANNOUNCE: 4483 #endif 4484 #ifdef RTM_NEWLINK 4485 case RTM_NEWLINK: 4486 #endif 4487 #ifdef RTM_DELLINK 4488 case RTM_DELLINK: 4489 #endif 4490 #ifdef RTM_NEWROUTE 4491 case RTM_NEWROUTE: 4492 #endif 4493 #ifdef RTM_DELROUTE 4494 case RTM_DELROUTE: 4495 #endif 4496 /* 4497 * we are keen on new and deleted addresses and 4498 * if an interface goes up and down or routing 4499 * changes 4500 */ 4501 DPRINTF(3, ("routing message op = %d: scheduling interface update\n", 4502 msg_type)); 4503 timer_interfacetimeout(current_time + UPDATE_GRACE); 4504 break; 4505 #ifdef HAVE_RTNETLINK 4506 case NLMSG_DONE: 4507 /* end of multipart message */ 4508 return; 4509 #endif 4510 default: 4511 /* 4512 * the rest doesn't bother us. 4513 */ 4514 DPRINTF(4, ("routing message op = %d: ignored\n", 4515 msg_type)); 4516 break; 4517 } 4518 } 4519 } 4520 4521 /* 4522 * set up routing notifications 4523 */ 4524 static void 4525 init_async_notifications() 4526 { 4527 struct asyncio_reader *reader; 4528 #ifdef HAVE_RTNETLINK 4529 int fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE); 4530 struct sockaddr_nl sa; 4531 #else 4532 int fd = socket(PF_ROUTE, SOCK_RAW, 0); 4533 #endif 4534 if (fd < 0) { 4535 msyslog(LOG_ERR, 4536 "unable to open routing socket (%m) - using polled interface update"); 4537 return; 4538 } 4539 4540 fd = move_fd(fd); 4541 #ifdef HAVE_RTNETLINK 4542 memset(&sa, 0, sizeof(sa)); 4543 sa.nl_family = PF_NETLINK; 4544 sa.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR 4545 | RTMGRP_IPV6_IFADDR | RTMGRP_IPV4_ROUTE 4546 | RTMGRP_IPV4_MROUTE | RTMGRP_IPV6_ROUTE 4547 | RTMGRP_IPV6_MROUTE; 4548 if (bind(fd, (struct sockaddr *)&sa, sizeof(sa)) < 0) { 4549 msyslog(LOG_ERR, 4550 "bind failed on routing socket (%m) - using polled interface update"); 4551 return; 4552 } 4553 #endif 4554 init_nonblocking_io(fd); 4555 #if defined(HAVE_SIGNALED_IO) 4556 init_socket_sig(fd); 4557 #endif /* HAVE_SIGNALED_IO */ 4558 4559 reader = new_asyncio_reader(); 4560 4561 reader->fd = fd; 4562 reader->receiver = process_routing_msgs; 4563 4564 add_asyncio_reader(reader, FD_TYPE_SOCKET); 4565 msyslog(LOG_INFO, 4566 "Listening on routing socket on fd #%d for interface updates", 4567 fd); 4568 } 4569 #else 4570 /* HAS_ROUTING_SOCKET not defined */ 4571 static void 4572 init_async_notifications(void) 4573 { 4574 } 4575 #endif 4576