int dns_transaction_go(DnsTransaction *t) {
bool had_stream;
usec_t ts;
int r;
assert(t);
had_stream = !!t->stream;
dns_transaction_stop(t);
log_debug("Excercising transaction on scope %s on %s/%s",
dns_protocol_to_string(t->scope->protocol),
t->scope->link ? t->scope->link->name : "*",
t->scope->family == AF_UNSPEC ? "*" : af_to_name(t->scope->family));
if (t->n_attempts >= TRANSACTION_ATTEMPTS_MAX(t->scope->protocol)) {
dns_transaction_complete(t, DNS_TRANSACTION_ATTEMPTS_MAX_REACHED);
return 0;
}
if (t->scope->protocol == DNS_PROTOCOL_LLMNR && had_stream) {
/* If we already tried via a stream, then we don't
* retry on LLMNR. See RFC 4795, Section 2.7. */
dns_transaction_complete(t, DNS_TRANSACTION_ATTEMPTS_MAX_REACHED);
return 0;
}
assert_se(sd_event_now(t->scope->manager->event, clock_boottime_or_monotonic(), &ts) >= 0);
t->n_attempts++;
t->start_usec = ts;
t->received = dns_packet_unref(t->received);
t->cached = dns_answer_unref(t->cached);
t->cached_rcode = 0;
/* Check the cache, but only if this transaction is not used
* for probing or verifying a zone item. */
if (set_isempty(t->zone_items)) {
/* Before trying the cache, let's make sure we figured out a
* server to use. Should this cause a change of server this
* might flush the cache. */
dns_scope_get_dns_server(t->scope);
/* Let's then prune all outdated entries */
dns_cache_prune(&t->scope->cache);
r = dns_cache_lookup(&t->scope->cache, t->key, &t->cached_rcode, &t->cached);
if (r < 0)
return r;
if (r > 0) {
if (t->cached_rcode == DNS_RCODE_SUCCESS)
dns_transaction_complete(t, DNS_TRANSACTION_SUCCESS);
else
dns_transaction_complete(t, DNS_TRANSACTION_FAILURE);
return 0;
}
}
if (t->scope->protocol == DNS_PROTOCOL_LLMNR && !t->initial_jitter) {
usec_t jitter;
/* RFC 4795 Section 2.7 suggests all queries should be
* delayed by a random time from 0 to JITTER_INTERVAL. */
t->initial_jitter = true;
random_bytes(&jitter, sizeof(jitter));
jitter %= LLMNR_JITTER_INTERVAL_USEC;
r = sd_event_add_time(
t->scope->manager->event,
&t->timeout_event_source,
clock_boottime_or_monotonic(),
ts + jitter,
LLMNR_JITTER_INTERVAL_USEC,
on_transaction_timeout, t);
if (r < 0)
return r;
t->n_attempts = 0;
t->state = DNS_TRANSACTION_PENDING;
log_debug("Delaying LLMNR transaction for " USEC_FMT "us.", jitter);
return 0;
}
/* Otherwise, we need to ask the network */
r = dns_transaction_make_packet(t);
if (r == -EDOM) {
/* Not the right request to make on this network?
* (i.e. an A request made on IPv6 or an AAAA request
* made on IPv4, on LLMNR or mDNS.) */
dns_transaction_complete(t, DNS_TRANSACTION_NO_SERVERS);
return 0;
}
if (r < 0)
return r;
if (t->scope->protocol == DNS_PROTOCOL_LLMNR &&
(dns_name_endswith(DNS_RESOURCE_KEY_NAME(t->key), "in-addr.arpa") > 0 ||
dns_name_endswith(DNS_RESOURCE_KEY_NAME(t->key), "ip6.arpa") > 0)) {
/* RFC 4795, Section 2.4. says reverse lookups shall
* always be made via TCP on LLMNR */
r = dns_transaction_open_tcp(t);
} else {
/* Try via UDP, and if that fails due to large size try via TCP */
r = dns_transaction_emit(t);
if (r == -EMSGSIZE)
r = dns_transaction_open_tcp(t);
}
if (r == -ESRCH) {
/* No servers to send this to? */
dns_transaction_complete(t, DNS_TRANSACTION_NO_SERVERS);
return 0;
} else if (r < 0) {
if (t->scope->protocol != DNS_PROTOCOL_DNS) {
dns_transaction_complete(t, DNS_TRANSACTION_RESOURCES);
return 0;
}
/* Couldn't send? Try immediately again, with a new server */
dns_transaction_next_dns_server(t);
return dns_transaction_go(t);
}
r = sd_event_add_time(
t->scope->manager->event,
&t->timeout_event_source,
clock_boottime_or_monotonic(),
ts + transaction_get_resend_timeout(t), 0,
on_transaction_timeout, t);
if (r < 0)
return r;
t->state = DNS_TRANSACTION_PENDING;
return 1;
}
static void bus_method_resolve_hostname_complete(DnsQuery *q) {
_cleanup_(dns_resource_record_unrefp) DnsResourceRecord *cname = NULL, *canonical = NULL;
_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
_cleanup_(dns_answer_unrefp) DnsAnswer *answer = NULL;
unsigned added = 0, i;
int r;
assert(q);
if (q->state != DNS_TRANSACTION_SUCCESS) {
r = reply_query_state(q);
goto finish;
}
r = sd_bus_message_new_method_return(q->request, &reply);
if (r < 0)
goto finish;
r = sd_bus_message_append(reply, "i", q->answer_ifindex);
if (r < 0)
goto finish;
r = sd_bus_message_open_container(reply, 'a', "(iay)");
if (r < 0)
goto finish;
if (q->answer) {
answer = dns_answer_ref(q->answer);
for (i = 0; i < answer->n_rrs; i++) {
r = dns_question_matches_rr(q->question, answer->rrs[i]);
if (r < 0)
goto finish;
if (r == 0) {
/* Hmm, if this is not an address record,
maybe it's a cname? If so, remember this */
r = dns_question_matches_cname(q->question, answer->rrs[i]);
if (r < 0)
goto finish;
if (r > 0)
cname = dns_resource_record_ref(answer->rrs[i]);
continue;
}
r = append_address(reply, answer->rrs[i]);
if (r < 0)
goto finish;
if (!canonical)
canonical = dns_resource_record_ref(answer->rrs[i]);
added ++;
}
}
if (added <= 0) {
if (!cname) {
r = sd_bus_reply_method_errorf(q->request, BUS_ERROR_NO_SUCH_RR, "'%s' does not have any RR of requested type", q->request_hostname);
goto finish;
}
/* This has a cname? Then update the query with the
* new cname. */
r = dns_query_cname_redirect(q, cname->cname.name);
if (r < 0) {
if (r == -ELOOP)
r = sd_bus_reply_method_errorf(q->request, BUS_ERROR_CNAME_LOOP, "CNAME loop on '%s'", q->request_hostname);
else
r = sd_bus_reply_method_errno(q->request, -r, NULL);
goto finish;
}
/* Before we restart the query, let's see if any of
* the RRs we already got already answers our query */
for (i = 0; i < answer->n_rrs; i++) {
r = dns_question_matches_rr(q->question, answer->rrs[i]);
if (r < 0)
goto finish;
if (r == 0)
continue;
r = append_address(reply, answer->rrs[i]);
if (r < 0)
goto finish;
if (!canonical)
canonical = dns_resource_record_ref(answer->rrs[i]);
added++;
}
/* If we didn't find anything, then let's restart the
* query, this time with the cname */
if (added <= 0) {
r = dns_query_go(q);
if (r == -ESRCH) {
r = sd_bus_reply_method_errorf(q->request, BUS_ERROR_NO_NAME_SERVERS, "No appropriate name servers or networks for name found");
goto finish;
}
if (r < 0) {
r = sd_bus_reply_method_errno(q->request, -r, NULL);
goto finish;
}
return;
}
}
r = sd_bus_message_close_container(reply);
if (r < 0)
goto finish;
/* Return the precise spelling and uppercasing reported by the server */
assert(canonical);
r = sd_bus_message_append(reply, "st", DNS_RESOURCE_KEY_NAME(canonical->key), SD_RESOLVED_FLAGS_MAKE(q->answer_protocol, q->answer_family));
if (r < 0)
goto finish;
r = sd_bus_send(q->manager->bus, reply, NULL);
finish:
if (r < 0) {
log_error_errno(r, "Failed to send hostname reply: %m");
sd_bus_reply_method_errno(q->request, -r, NULL);
}
dns_query_free(q);
}
static int dns_transaction_open_tcp(DnsTransaction *t) {
DnsServer *server = NULL;
_cleanup_close_ int fd = -1;
int r;
assert(t);
if (t->stream)
return 0;
switch (t->scope->protocol) {
case DNS_PROTOCOL_DNS:
fd = dns_scope_tcp_socket(t->scope, AF_UNSPEC, NULL, 53, &server);
break;
case DNS_PROTOCOL_LLMNR:
/* When we already received a reply to this (but it was truncated), send to its sender address */
if (t->received)
fd = dns_scope_tcp_socket(t->scope, t->received->family, &t->received->sender, t->received->sender_port, NULL);
else {
union in_addr_union address;
int family = AF_UNSPEC;
/* Otherwise, try to talk to the owner of a
* the IP address, in case this is a reverse
* PTR lookup */
r = dns_name_address(DNS_RESOURCE_KEY_NAME(t->key), &family, &address);
if (r < 0)
return r;
if (r == 0)
return -EINVAL;
if (family != t->scope->family)
return -ESRCH;
fd = dns_scope_tcp_socket(t->scope, family, &address, LLMNR_PORT, NULL);
}
break;
default:
return -EAFNOSUPPORT;
}
if (fd < 0)
return fd;
r = dns_stream_new(t->scope->manager, &t->stream, t->scope->protocol, fd);
if (r < 0)
return r;
fd = -1;
r = dns_stream_write_packet(t->stream, t->sent);
if (r < 0) {
t->stream = dns_stream_free(t->stream);
return r;
}
dns_server_unref(t->server);
t->server = dns_server_ref(server);
t->received = dns_packet_unref(t->received);
t->stream->complete = on_stream_complete;
t->stream->transaction = t;
/* The interface index is difficult to determine if we are
* connecting to the local host, hence fill this in right away
* instead of determining it from the socket */
if (t->scope->link)
t->stream->ifindex = t->scope->link->ifindex;
return 0;
}
