1 /* -*- Mode: C; tab-width: 4 -*-
3 * Copyright (c) 2002-2013 Apple Computer, Inc. All rights reserved.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 // ***************************************************************************
20 // Supporting routines to run mDNS on a CFRunLoop platform
21 // ***************************************************************************
23 // For debugging, set LIST_ALL_INTERFACES to 1 to display all found interfaces,
24 // including ones that mDNSResponder chooses not to use.
25 #define LIST_ALL_INTERFACES 0
27 #include "mDNSEmbeddedAPI.h" // Defines the interface provided to the client layer above
28 #include "DNSCommon.h"
30 #include "mDNSMacOSX.h" // Defines the specific types needed to run mDNS on this platform
31 #include "dns_sd.h" // For mDNSInterface_LocalOnly etc.
32 #include "PlatformCommon.h"
33 #include "uds_daemon.h"
34 #include "CryptoSupport.h"
37 #include <stdarg.h> // For va_list support
38 #include <stdlib.h> // For arc4random
40 #include <net/if_types.h> // For IFT_ETHER
41 #include <net/if_dl.h>
42 #include <net/bpf.h> // For BIOCSETIF etc.
44 #include <sys/param.h>
45 #include <sys/socket.h>
46 #include <sys/sysctl.h>
47 #include <sys/event.h>
49 #include <sys/ioctl.h>
50 #include <time.h> // platform support for UTC time
51 #include <arpa/inet.h> // for inet_aton
53 #include <netdb.h> // for getaddrinfo
54 #include <sys/sockio.h> // for SIOCGIFEFLAGS
56 #include <netinet/in.h> // For IP_RECVTTL
58 #define IP_RECVTTL 24 // bool; receive reception TTL w/dgram
61 #include <netinet/in_systm.h> // For n_long, required by <netinet/ip.h> below
62 #include <netinet/ip.h> // For IPTOS_LOWDELAY etc.
63 #include <netinet6/in6_var.h> // For IN6_IFF_NOTREADY etc.
64 #include <netinet6/nd6.h> // For ND6_INFINITE_LIFETIME etc.
66 #include <netinet/tcp.h>
68 #include <DebugServices.h>
73 #include <IOKit/IOKitLib.h>
74 #include <IOKit/IOMessage.h>
76 #include <IOKit/ps/IOPowerSources.h>
77 #include <IOKit/ps/IOPowerSourcesPrivate.h>
78 #include <IOKit/ps/IOPSKeys.h>
80 #include <mach/mach_error.h>
81 #include <mach/mach_port.h>
82 #include <mach/mach_time.h>
84 #include "P2PPacketFilter.h"
87 #include <SystemConfiguration/SCPrivate.h>
89 // Include definition of opaque_presence_indication for KEV_DL_NODE_PRESENCE handling logic.
90 #include <Kernel/IOKit/apple80211/apple80211_var.h>
92 #if APPLE_OSX_mDNSResponder
93 #include <DeviceToDeviceManager/DeviceToDeviceManager.h>
96 D2DStatus
D2DInitialize(CFRunLoopRef runLoop
, D2DServiceCallback serviceCallback
, void* userData
) __attribute__((weak_import
));
97 D2DStatus
D2DRetain(D2DServiceInstance instanceHandle
, D2DTransportType transportType
) __attribute__((weak_import
));
98 D2DStatus
D2DStopAdvertisingPairOnTransport(const Byte
*key
, const size_t keySize
, const Byte
*value
, const size_t valueSize
, D2DTransportType transport
) __attribute__((weak_import
));
99 D2DStatus
D2DRelease(D2DServiceInstance instanceHandle
, D2DTransportType transportType
) __attribute__((weak_import
));
100 D2DStatus
D2DStartAdvertisingPairOnTransport(const Byte
*key
, const size_t keySize
, const Byte
*value
, const size_t valueSize
, D2DTransportType transport
) __attribute__((weak_import
));
101 D2DStatus
D2DStartBrowsingForKeyOnTransport(const Byte
*key
, const size_t keySize
, D2DTransportType transport
) __attribute__((weak_import
));
102 D2DStatus
D2DStopBrowsingForKeyOnTransport(const Byte
*key
, const size_t keySize
, D2DTransportType transport
) __attribute__((weak_import
));
103 void D2DStartResolvingPairOnTransport(const Byte
*key
, const size_t keySize
, const Byte
*value
, const size_t valueSize
, D2DTransportType transport
) __attribute__((weak_import
));
104 void D2DStopResolvingPairOnTransport(const Byte
*key
, const size_t keySize
, const Byte
*value
, const size_t valueSize
, D2DTransportType transport
) __attribute__((weak_import
));
105 D2DStatus
D2DTerminate() __attribute__((weak_import
));
112 #endif // APPLE_OSX_mDNSResponder
114 #if APPLE_OSX_mDNSResponder && !TARGET_OS_EMBEDDED
115 #include <IOKit/platform/IOPlatformSupportPrivate.h>
116 #endif // APPLE_OSX_mDNSResponder && !TARGET_OS_EMBEDDED
119 #define kInterfaceSpecificOption "interface="
121 #define mDNS_IOREG_KEY "mDNS_KEY"
122 #define mDNS_IOREG_VALUE "2009-07-30"
123 #define mDNS_IOREG_KA_KEY "mDNS_Keepalive"
124 #define mDNS_USER_CLIENT_CREATE_TYPE 'mDNS'
126 // cache the InterfaceID of the AWDL interface
127 static mDNSInterfaceID AWDLInterfaceID
;
129 // ***************************************************************************
132 #if COMPILER_LIKES_PRAGMA_MARK
133 #pragma mark - Globals
136 // By default we don't offer sleep proxy service
137 // If OfferSleepProxyService is set non-zero (typically via command-line switch),
138 // then we'll offer sleep proxy service on desktop Macs that are set to never sleep.
139 // We currently do not offer sleep proxy service on laptops, or on machines that are set to go to sleep.
140 mDNSexport
int OfferSleepProxyService
= 0;
141 mDNSexport
int DisableSleepProxyClient
= 0;
142 mDNSexport
int UseInternalSleepProxy
= 1; // Set to non-zero to use internal (in-NIC) Sleep Proxy
144 mDNSexport
int OSXVers
, iOSVers
;
145 mDNSexport
int KQueueFD
;
147 #ifndef NO_SECURITYFRAMEWORK
148 static CFArrayRef ServerCerts
;
149 OSStatus
SSLSetAllowAnonymousCiphers(SSLContextRef context
, Boolean enable
);
150 #endif /* NO_SECURITYFRAMEWORK */
152 static CFStringRef NetworkChangedKey_IPv4
;
153 static CFStringRef NetworkChangedKey_IPv6
;
154 static CFStringRef NetworkChangedKey_Hostnames
;
155 static CFStringRef NetworkChangedKey_Computername
;
156 static CFStringRef NetworkChangedKey_DNS
;
157 static CFStringRef NetworkChangedKey_StateInterfacePrefix
;
158 static CFStringRef NetworkChangedKey_DynamicDNS
= CFSTR("Setup:/Network/DynamicDNS");
159 static CFStringRef NetworkChangedKey_BackToMyMac
= CFSTR("Setup:/Network/BackToMyMac");
160 static CFStringRef NetworkChangedKey_BTMMConnectivity
= CFSTR("State:/Network/Connectivity");
161 static CFStringRef NetworkChangedKey_PowerSettings
= CFSTR("State:/IOKit/PowerManagement/CurrentSettings");
163 static char HINFO_HWstring_buffer
[32];
164 static char *HINFO_HWstring
= "Device";
165 static int HINFO_HWstring_prefixlen
= 6;
167 mDNSexport
int WatchDogReportingThreshold
= 250;
169 dispatch_queue_t SSLqueue
;
171 //To prevent blocking the main queue, all writes to DynamicStore happen on the DynamicStoreQueue
172 static dispatch_queue_t DynamicStoreQueue
;
174 #if TARGET_OS_EMBEDDED
175 #define kmDNSResponderManagedPrefsID CFSTR("/Library/Managed Preferences/mobile/com.apple.mDNSResponder.plist")
178 #if APPLE_OSX_mDNSResponder
179 static mDNSu8 SPMetricPortability
= 99;
180 static mDNSu8 SPMetricMarginalPower
= 99;
181 static mDNSu8 SPMetricTotalPower
= 99;
182 static mDNSu8 SPMetricFeatures
= 1; /* The current version supports TCP Keep Alive Feature */
183 mDNSexport domainname ActiveDirectoryPrimaryDomain
;
184 mDNSexport
int ActiveDirectoryPrimaryDomainLabelCount
;
185 mDNSexport mDNSAddr ActiveDirectoryPrimaryDomainServer
;
186 #endif // APPLE_OSX_mDNSResponder
188 // Don't send triggers too often. We arbitrarily limit it to three minutes.
189 #define DNS_TRIGGER_INTERVAL (180 * mDNSPlatformOneSecond)
191 // Used by AutoTunnel
192 const char btmmprefix
[] = "btmmdns:";
193 const char dnsprefix
[] = "dns:";
195 // String Array used to write list of private domains to Dynamic Store
196 static CFArrayRef privateDnsArray
= NULL
;
198 // ***************************************************************************
199 #if COMPILER_LIKES_PRAGMA_MARK
201 #pragma mark - D2D Support
206 mDNSexport
void D2D_start_advertising_interface(NetworkInterfaceInfo
*interface
)
208 // AWDL wants the address and reverse address PTR record communicated
209 // via the D2D interface layer.
210 if (interface
->InterfaceID
== AWDLInterfaceID
)
212 // only log if we have a valid record to start advertising
213 if (interface
->RR_A
.resrec
.RecordType
|| interface
->RR_PTR
.resrec
.RecordType
)
214 LogInfo("D2D_start_advertising_interface: %s", interface
->ifname
);
216 if (interface
->RR_A
.resrec
.RecordType
)
217 external_start_advertising_service(&interface
->RR_A
.resrec
, NULL
);
218 if (interface
->RR_PTR
.resrec
.RecordType
)
219 external_start_advertising_service(&interface
->RR_PTR
.resrec
, NULL
);
223 mDNSexport
void D2D_stop_advertising_interface(NetworkInterfaceInfo
*interface
)
225 if (interface
->InterfaceID
== AWDLInterfaceID
)
227 // only log if we have a valid record to stop advertising
228 if (interface
->RR_A
.resrec
.RecordType
|| interface
->RR_PTR
.resrec
.RecordType
)
229 LogInfo("D2D_stop_advertising_interface: %s", interface
->ifname
);
231 if (interface
->RR_A
.resrec
.RecordType
)
232 external_stop_advertising_service(&interface
->RR_A
.resrec
, NULL
);
233 if (interface
->RR_PTR
.resrec
.RecordType
)
234 external_stop_advertising_service(&interface
->RR_PTR
.resrec
, NULL
);
238 // Name compression items for fake packet version number 1
239 static const mDNSu8 compression_packet_v1
= 0x01;
241 static DNSMessage compression_base_msg
= { { {{0}}, {{0}}, 2, 0, 0, 0 }, "\x04_tcp\x05local\x00\x00\x0C\x00\x01\x04_udp\xC0\x11\x00\x0C\x00\x01" };
242 static mDNSu8
*const compression_limit
= (mDNSu8
*) &compression_base_msg
+ sizeof(DNSMessage
);
243 static mDNSu8
*const compression_lhs
= (mDNSu8
*const) compression_base_msg
.data
+ 27;
245 mDNSlocal
void FreeD2DARElemCallback(mDNS
*const m
, AuthRecord
*const rr
, mStatus result
);
246 mDNSlocal
void PrintHex(mDNSu8
*data
, mDNSu16 len
);
248 typedef struct D2DRecordListElem
250 struct D2DRecordListElem
*next
;
251 D2DServiceInstance instanceHandle
;
252 D2DTransportType transportType
;
253 AuthRecord ar
; // must be last in the structure to accomodate extra space
254 // allocated for large records.
257 static D2DRecordListElem
*D2DRecords
= NULL
; // List of records returned with D2DServiceFound events
259 typedef struct D2DBrowseListElem
261 struct D2DBrowseListElem
*next
;
264 unsigned int refCount
;
267 D2DBrowseListElem
* D2DBrowseList
= NULL
;
269 mDNSlocal mDNSu8
*putVal16(mDNSu8
*ptr
, mDNSu16 val
)
271 ptr
[0] = (mDNSu8
)((val
>> 8 ) & 0xFF);
272 ptr
[1] = (mDNSu8
)((val
) & 0xFF);
273 return ptr
+ sizeof(mDNSu16
);
276 mDNSlocal mDNSu8
*putVal32(mDNSu8
*ptr
, mDNSu32 val
)
278 ptr
[0] = (mDNSu8
)((val
>> 24) & 0xFF);
279 ptr
[1] = (mDNSu8
)((val
>> 16) & 0xFF);
280 ptr
[2] = (mDNSu8
)((val
>> 8) & 0xFF);
281 ptr
[3] = (mDNSu8
)((val
) & 0xFF);
282 return ptr
+ sizeof(mDNSu32
);
285 mDNSlocal
void DomainnameToLower(const domainname
* const in
, domainname
* const out
)
287 const mDNSu8
* const start
= (const mDNSu8
* const)in
;
288 mDNSu8
*ptr
= (mDNSu8
*)start
;
292 out
->c
[ptr
-start
] = *ptr
;
294 for (; c
; c
--,ptr
++) out
->c
[ptr
-start
] = mDNSIsUpperCase(*ptr
) ? (*ptr
- 'A' + 'a') : *ptr
;
296 out
->c
[ptr
-start
] = *ptr
;
299 mDNSlocal mStatus
DNSNameCompressionParseBytes(mDNS
*const m
, const mDNSu8
*const lhs
, const mDNSu16 lhs_len
, const mDNSu8
*const rhs
, const mDNSu16 rhs_len
, AuthRecord
*rr
)
301 if (mDNS_LoggingEnabled
)
303 LogInfo("%s", __func__
);
304 LogInfo(" Static Bytes: (%d bytes)", compression_lhs
- (mDNSu8
*)&compression_base_msg
);
305 PrintHex((mDNSu8
*)&compression_base_msg
, compression_lhs
- (mDNSu8
*)&compression_base_msg
);
308 mDNSu8
*ptr
= compression_lhs
; // pointer to the end of our fake packet
310 // Check to make sure we're not going to go past the end of the DNSMessage data
311 // 7 = 2 for CLASS (-1 for our version) + 4 for TTL + 2 for RDLENGTH
312 if (ptr
+ lhs_len
- 7 + rhs_len
>= compression_limit
) return mStatus_NoMemoryErr
;
314 // Copy the LHS onto our fake wire packet
315 mDNSPlatformMemCopy(ptr
, lhs
, lhs_len
);
318 // Check the 'fake packet' version number, to ensure that we know how to decompress this data
319 if (*ptr
!= compression_packet_v1
) return mStatus_Incompatible
;
321 // two bytes of CLASS
322 ptr
= putVal16(ptr
, kDNSClass_IN
| kDNSClass_UniqueRRSet
);
325 ptr
= putVal32(ptr
, 120);
327 // Copy the RHS length into the RDLENGTH of our fake wire packet
328 ptr
= putVal16(ptr
, rhs_len
);
330 // Copy the RHS onto our fake wire packet
331 mDNSPlatformMemCopy(ptr
, rhs
, rhs_len
);
334 if (mDNS_LoggingEnabled
)
336 LogInfo(" Our Bytes (%d bytes): ", ptr
- compression_lhs
);
337 PrintHex(compression_lhs
, ptr
- compression_lhs
);
340 ptr
= (mDNSu8
*) GetLargeResourceRecord(m
, &compression_base_msg
, compression_lhs
, ptr
, mDNSInterface_Any
, kDNSRecordTypePacketAns
, &m
->rec
);
341 if (!ptr
|| m
->rec
.r
.resrec
.RecordType
== kDNSRecordTypePacketNegative
)
342 { LogMsg("DNSNameCompressionParseBytes: failed to get large RR"); m
->rec
.r
.resrec
.RecordType
= 0; return mStatus_UnknownErr
; }
343 else LogInfo("DNSNameCompressionParseBytes: got rr: %s", CRDisplayString(m
, &m
->rec
.r
));
345 mDNS_SetupResourceRecord(rr
, mDNSNULL
, mDNSInterface_P2P
, m
->rec
.r
.resrec
.rrtype
, 7200, kDNSRecordTypeShared
, AuthRecordP2P
, FreeD2DARElemCallback
, NULL
);
346 AssignDomainName(&rr
->namestorage
, &m
->rec
.namestorage
);
347 rr
->resrec
.rdlength
= m
->rec
.r
.resrec
.rdlength
;
348 rr
->resrec
.rdata
->MaxRDLength
= m
->rec
.r
.resrec
.rdlength
;
349 mDNSPlatformMemCopy(rr
->resrec
.rdata
->u
.data
, m
->rec
.r
.resrec
.rdata
->u
.data
, m
->rec
.r
.resrec
.rdlength
);
350 rr
->resrec
.namehash
= DomainNameHashValue(rr
->resrec
.name
);
351 SetNewRData(&rr
->resrec
, mDNSNULL
, 0); // Sets rr->rdatahash for us
353 m
->rec
.r
.resrec
.RecordType
= 0; // Mark m->rec as no longer in use
355 return mStatus_NoError
;
358 mDNSlocal mDNSu8
* DNSNameCompressionBuildLHS(const domainname
* typeDomain
, DNS_TypeValues qtype
)
360 mDNSu8
*ptr
= putDomainNameAsLabels(&compression_base_msg
, compression_lhs
, compression_limit
, typeDomain
);
361 if (!ptr
) return ptr
;
362 *ptr
= (qtype
>> 8) & 0xff;
366 *ptr
= compression_packet_v1
;
370 mDNSlocal mDNSu8
* DNSNameCompressionBuildRHS(mDNSu8
*start
, const ResourceRecord
*const resourceRecord
)
372 return putRData(&compression_base_msg
, start
, compression_limit
, resourceRecord
);
375 #define PRINT_DEBUG_BYTES_LIMIT 64 // set limit on number of record bytes printed for debugging
377 mDNSlocal
void PrintHex(mDNSu8
*data
, mDNSu16 len
)
380 char buffer
[49] = {0};
381 char *bufend
= buffer
+ sizeof(buffer
);
383 if (len
> PRINT_DEBUG_BYTES_LIMIT
)
385 LogInfo(" (limiting debug output to %d bytes)", PRINT_DEBUG_BYTES_LIMIT
);
386 len
= PRINT_DEBUG_BYTES_LIMIT
;
393 for(; data
< end
&& ptr
< bufend
-1; ptr
+=3,data
++)
394 mDNS_snprintf(ptr
, bufend
- ptr
, "%02X ", *data
);
395 LogInfo(" %s", buffer
);
399 mDNSlocal
void PrintHelper(const char *const tag
, mDNSu8
*lhs
, mDNSu16 lhs_len
, mDNSu8
*rhs
, mDNSu16 rhs_len
)
401 if (!mDNS_LoggingEnabled
) return;
404 LogInfo(" LHS: (%d bytes)", lhs_len
);
405 PrintHex(lhs
, lhs_len
);
409 LogInfo(" RHS: (%d bytes)", rhs_len
);
410 PrintHex(rhs
, rhs_len
);
413 mDNSlocal
void FreeD2DARElemCallback(mDNS
*const m
, AuthRecord
*const rr
, mStatus result
)
416 if (result
== mStatus_MemFree
)
418 D2DRecordListElem
**ptr
= &D2DRecords
;
419 D2DRecordListElem
*tmp
;
420 while (*ptr
&& &(*ptr
)->ar
!= rr
) ptr
= &(*ptr
)->next
;
421 if (!*ptr
) { LogMsg("FreeD2DARElemCallback: Could not find in D2DRecords: %s", ARDisplayString(m
, rr
)); return; }
422 LogInfo("FreeD2DARElemCallback: Found in D2DRecords: %s", ARDisplayString(m
, rr
));
425 // Just because we stoppped browsing, doesn't mean we should tear down the PAN connection.
426 mDNSPlatformMemFree(tmp
);
430 mDNSexport
void external_connection_release(const domainname
*instance
)
433 D2DRecordListElem
*ptr
= D2DRecords
;
435 for ( ; ptr
; ptr
= ptr
->next
)
437 if ((ptr
->ar
.resrec
.rrtype
== kDNSServiceType_PTR
) &&
438 SameDomainName(&ptr
->ar
.rdatastorage
.u
.name
, instance
))
440 LogInfo("external_connection_release: Calling D2DRelease(instanceHandle = %p, transportType = %d",
441 ptr
->instanceHandle
, ptr
->transportType
);
442 if (D2DRelease
) D2DRelease(ptr
->instanceHandle
, ptr
->transportType
);
447 mDNSlocal
void xD2DClearCache(const domainname
*regType
, DNS_TypeValues qtype
)
449 D2DRecordListElem
*ptr
= D2DRecords
;
450 for ( ; ptr
; ptr
= ptr
->next
)
452 if ((ptr
->ar
.resrec
.rrtype
== qtype
) && SameDomainName(&ptr
->ar
.namestorage
, regType
))
454 mDNS_Deregister(&mDNSStorage
, &ptr
->ar
);
455 LogInfo("xD2DClearCache: Clearing cache record and deregistering %s", ARDisplayString(&mDNSStorage
, &ptr
->ar
));
460 mDNSlocal D2DBrowseListElem
** D2DFindInBrowseList(const domainname
*const name
, mDNSu16 type
)
462 D2DBrowseListElem
**ptr
= &D2DBrowseList
;
464 for ( ; *ptr
; ptr
= &(*ptr
)->next
)
465 if ((*ptr
)->type
== type
&& SameDomainName(&(*ptr
)->name
, name
))
471 mDNSlocal
unsigned int D2DBrowseListRefCount(const domainname
*const name
, mDNSu16 type
)
473 D2DBrowseListElem
**ptr
= D2DFindInBrowseList(name
, type
);
474 return *ptr
? (*ptr
)->refCount
: 0;
477 mDNSlocal
void D2DBrowseListRetain(const domainname
*const name
, mDNSu16 type
)
479 D2DBrowseListElem
**ptr
= D2DFindInBrowseList(name
, type
);
483 *ptr
= mDNSPlatformMemAllocate(sizeof(**ptr
));
484 mDNSPlatformMemZero(*ptr
, sizeof(**ptr
));
486 AssignDomainName(&(*ptr
)->name
, name
);
488 (*ptr
)->refCount
+= 1;
490 LogInfo("D2DBrowseListRetain: %##s %s refcount now %u", (*ptr
)->name
.c
, DNSTypeName((*ptr
)->type
), (*ptr
)->refCount
);
493 mDNSlocal
void D2DBrowseListRelease(const domainname
*const name
, mDNSu16 type
)
495 D2DBrowseListElem
**ptr
= D2DFindInBrowseList(name
, type
);
497 if (!*ptr
) { LogMsg("D2DBrowseListRelease: Didn't find %##s %s in list", name
->c
, DNSTypeName(type
)); return; }
499 (*ptr
)->refCount
-= 1;
501 LogInfo("D2DBrowseListRelease: %##s %s refcount now %u", (*ptr
)->name
.c
, DNSTypeName((*ptr
)->type
), (*ptr
)->refCount
);
503 if (!(*ptr
)->refCount
)
505 D2DBrowseListElem
*tmp
= *ptr
;
507 mDNSPlatformMemFree(tmp
);
511 mDNSlocal mStatus
xD2DParse(mDNS
*const m
, const mDNSu8
* const lhs
, const mDNSu16 lhs_len
, const mDNSu8
* const rhs
, const mDNSu16 rhs_len
, AuthRecord
*rr
)
513 if (*(lhs
+ (lhs_len
- 1)) == compression_packet_v1
)
514 return DNSNameCompressionParseBytes(m
, lhs
, lhs_len
, rhs
, rhs_len
, rr
);
516 return mStatus_Incompatible
;
519 mDNSlocal
void xD2DAddToCache(mDNS
*const m
, D2DStatus result
, D2DServiceInstance instanceHandle
, D2DTransportType transportType
, const Byte
*key
, size_t keySize
, const Byte
*value
, size_t valueSize
)
521 if (result
== kD2DSuccess
)
523 if ( key
== NULL
|| value
== NULL
|| keySize
== 0 || valueSize
== 0) { LogMsg("xD2DAddToCache: NULL Byte * passed in or length == 0"); return; }
526 D2DRecordListElem
*ptr
= mDNSPlatformMemAllocate(sizeof(D2DRecordListElem
) + (valueSize
< sizeof(RData
) ? 0 : valueSize
- sizeof(RData
)));
528 if (ptr
== NULL
) { LogMsg("xD2DAddToCache: memory allocation failure"); return; }
530 err
= xD2DParse(m
, (const mDNSu8
* const)key
, (const mDNSu16
)keySize
, (const mDNSu8
* const)value
, (const mDNSu16
)valueSize
, &ptr
->ar
);
533 LogMsg("xD2DAddToCache: xD2DParse returned error: %d", err
);
534 PrintHelper(__func__
, (mDNSu8
*)key
, (mDNSu16
)keySize
, (mDNSu8
*)value
, (mDNSu16
)valueSize
);
535 mDNSPlatformMemFree(ptr
);
538 err
= mDNS_Register(m
, &ptr
->ar
);
541 LogMsg("xD2DAddToCache: mDNS_Register returned error %d for %s", err
, ARDisplayString(m
, &ptr
->ar
));
542 mDNSPlatformMemFree(ptr
);
546 LogInfo("xD2DAddToCache: mDNS_Register succeeded for %s", ARDisplayString(m
, &ptr
->ar
));
547 ptr
->instanceHandle
= instanceHandle
;
548 ptr
->transportType
= transportType
;
549 ptr
->next
= D2DRecords
;
553 LogMsg("xD2DAddToCache: Unexpected result %d", result
);
556 mDNSlocal D2DRecordListElem
* xD2DFindInList(mDNS
*const m
, const Byte
*const key
, const size_t keySize
, const Byte
*const value
, const size_t valueSize
)
558 D2DRecordListElem
*ptr
= D2DRecords
;
559 D2DRecordListElem
*arptr
;
561 if ( key
== NULL
|| value
== NULL
|| keySize
== 0 || valueSize
== 0) { LogMsg("xD2DFindInList: NULL Byte * passed in or length == 0"); return NULL
; }
563 arptr
= mDNSPlatformMemAllocate(sizeof(D2DRecordListElem
) + (valueSize
< sizeof(RData
) ? 0 : valueSize
- sizeof(RData
)));
564 if (arptr
== NULL
) { LogMsg("xD2DFindInList: memory allocation failure"); return NULL
; }
566 if (xD2DParse(m
, (const mDNSu8
*const)key
, (const mDNSu16
)keySize
, (const mDNSu8
*const)value
, (const mDNSu16
)valueSize
, &arptr
->ar
) != mStatus_NoError
)
568 LogMsg("xD2DFindInList: xD2DParse failed for key: %p (%u) value: %p (%u)", key
, keySize
, value
, valueSize
);
569 mDNSPlatformMemFree(arptr
);
575 if (IdenticalResourceRecord(&arptr
->ar
.resrec
, &ptr
->ar
.resrec
)) break;
579 if (!ptr
) LogMsg("xD2DFindInList: Could not find in D2DRecords: %s", ARDisplayString(m
, &arptr
->ar
));
580 mDNSPlatformMemFree(arptr
);
584 mDNSlocal
void xD2DRemoveFromCache(mDNS
*const m
, D2DStatus result
, D2DServiceInstance instanceHandle
, D2DTransportType transportType
, const Byte
*key
, size_t keySize
, const Byte
*value
, size_t valueSize
)
586 (void)transportType
; // We don't care about this, yet.
587 (void)instanceHandle
; // We don't care about this, yet.
589 if (result
== kD2DSuccess
)
591 D2DRecordListElem
*ptr
= xD2DFindInList(m
, key
, keySize
, value
, valueSize
);
594 LogInfo("xD2DRemoveFromCache: Remove from cache: %s", ARDisplayString(m
, &ptr
->ar
));
595 mDNS_Deregister(m
, &ptr
->ar
);
599 LogMsg("xD2DRemoveFromCache: Unexpected result %d", result
);
602 mDNSlocal
void xD2DServiceResolved(mDNS
*const m
, D2DStatus result
, D2DServiceInstance instanceHandle
, D2DTransportType transportType
, const Byte
*key
, size_t keySize
, const Byte
*value
, size_t valueSize
)
610 if (result
== kD2DSuccess
)
612 LogInfo("xD2DServiceResolved: Starting up PAN connection for %p", instanceHandle
);
613 if (D2DRetain
) D2DRetain(instanceHandle
, transportType
);
615 else LogMsg("xD2DServiceResolved: Unexpected result %d", result
);
618 mDNSlocal
void xD2DRetainHappened(mDNS
*const m
, D2DStatus result
, D2DServiceInstance instanceHandle
, D2DTransportType transportType
, const Byte
*key
, size_t keySize
, const Byte
*value
, size_t valueSize
)
621 (void)instanceHandle
;
628 if (result
== kD2DSuccess
) LogInfo("xD2DRetainHappened: Opening up PAN connection for %p", instanceHandle
);
629 else LogMsg("xD2DRetainHappened: Unexpected result %d", result
);
632 mDNSlocal
void xD2DReleaseHappened(mDNS
*const m
, D2DStatus result
, D2DServiceInstance instanceHandle
, D2DTransportType transportType
, const Byte
*key
, size_t keySize
, const Byte
*value
, size_t valueSize
)
635 (void)instanceHandle
;
642 if (result
== kD2DSuccess
) LogInfo("xD2DReleaseHappened: Closing PAN connection for %p", instanceHandle
);
643 else LogMsg("xD2DReleaseHappened: Unexpected result %d", result
);
646 mDNSlocal
void xD2DServiceCallback(D2DServiceEvent event
, D2DStatus result
, D2DServiceInstance instanceHandle
, D2DTransportType transportType
, const Byte
*key
, size_t keySize
, const Byte
*value
, size_t valueSize
, void *userData
)
648 mDNS
*m
= (mDNS
*) userData
;
649 const char *eventString
= "unknown";
653 if (keySize
> 0xFFFF) LogMsg("xD2DServiceCallback: keySize too large: %u", keySize
);
654 if (valueSize
> 0xFFFF) LogMsg("xD2DServiceCallback: valueSize too large: %u", valueSize
);
658 case D2DServiceFound
:
659 eventString
= "D2DServiceFound";
662 eventString
= "D2DServiceLost";
664 case D2DServiceResolved
:
665 eventString
= "D2DServiceResolved";
667 case D2DServiceRetained
:
668 eventString
= "D2DServiceRetained";
670 case D2DServiceReleased
:
671 eventString
= "D2DServiceReleased";
677 LogInfo("xD2DServiceCallback: event=%s result=%d instanceHandle=%p transportType=%d LHS=%p (%u) RHS=%p (%u) userData=%p", eventString
, result
, instanceHandle
, transportType
, key
, keySize
, value
, valueSize
, userData
);
678 PrintHelper(__func__
, (mDNSu8
*)key
, (mDNSu16
)keySize
, (mDNSu8
*)value
, (mDNSu16
)valueSize
);
682 case D2DServiceFound
:
683 xD2DAddToCache(m
, result
, instanceHandle
, transportType
, key
, keySize
, value
, valueSize
);
686 xD2DRemoveFromCache(m
, result
, instanceHandle
, transportType
, key
, keySize
, value
, valueSize
);
688 case D2DServiceResolved
:
689 xD2DServiceResolved(m
, result
, instanceHandle
, transportType
, key
, keySize
, value
, valueSize
);
691 case D2DServiceRetained
:
692 xD2DRetainHappened(m
, result
, instanceHandle
, transportType
, key
, keySize
, value
, valueSize
);
694 case D2DServiceReleased
:
695 xD2DReleaseHappened(m
, result
, instanceHandle
, transportType
, key
, keySize
, value
, valueSize
);
701 // Need to tickle the main kqueue loop to potentially handle records we removed or added.
702 KQueueUnlock(m
, "xD2DServiceCallback");
705 // Map interface index and flags to a specific D2D transport type or D2DTransportMax if all plugins
707 // When D2DTransportMax is returned, if a specific transport should not be called, *excludedTransportType
708 // will be set to the excluded transport value, otherwise, it will be set to D2DTransportMax.
709 // If the return value is not D2DTransportMax, excludedTransportType is undefined.
711 mDNSlocal D2DTransportType
xD2DInterfaceToTransportType(mDNSInterfaceID InterfaceID
, DNSServiceFlags flags
, D2DTransportType
* excludedTransportType
)
713 NetworkInterfaceInfoOSX
*info
;
715 // Default exludes the D2DAWDLTransport when D2DTransportMax is returned.
716 *excludedTransportType
= D2DAWDLTransport
;
718 // Call all D2D plugins when both kDNSServiceFlagsIncludeP2P and kDNSServiceFlagsIncludeAWDL are set.
719 if ((flags
& kDNSServiceFlagsIncludeP2P
) && (flags
& kDNSServiceFlagsIncludeAWDL
))
721 LogInfo("xD2DInterfaceToTransportType: returning D2DTransportMax (including AWDL) since both kDNSServiceFlagsIncludeP2P and kDNSServiceFlagsIncludeAWDL are set");
722 *excludedTransportType
= D2DTransportMax
;
723 return D2DTransportMax
;
725 // Call all D2D plugins (exlcluding AWDL) when only kDNSServiceFlagsIncludeP2P is set.
726 else if (flags
& kDNSServiceFlagsIncludeP2P
)
728 LogInfo("xD2DInterfaceToTransportType: returning D2DTransportMax (excluding AWDL) since only kDNSServiceFlagsIncludeP2P is set");
729 return D2DTransportMax
;
731 // Call AWDL D2D plugin when only kDNSServiceFlagsIncludeAWDL is set.
732 else if (flags
& kDNSServiceFlagsIncludeAWDL
)
734 LogInfo("xD2DInterfaceToTransportType: returning D2DAWDLTransport since only kDNSServiceFlagsIncludeAWDL is set");
735 return D2DAWDLTransport
;
738 if (InterfaceID
== mDNSInterface_P2P
)
740 LogInfo("xD2DInterfaceToTransportType: returning D2DTransportMax (excluding AWDL) for interface index mDNSInterface_P2P");
741 return D2DTransportMax
;
744 // Compare to cached AWDL interface ID.
745 if (AWDLInterfaceID
&& (InterfaceID
== AWDLInterfaceID
))
747 LogInfo("xD2DInterfaceToTransportType: returning D2DAWDLTransport for interface index %d", InterfaceID
);
748 return D2DAWDLTransport
;
751 info
= IfindexToInterfaceInfoOSX(&mDNSStorage
, InterfaceID
);
754 LogInfo("xD2DInterfaceToTransportType: Invalid interface index %d", InterfaceID
);
755 return D2DTransportMax
;
758 // Recognize AirDrop specific p2p* interface based on interface name.
759 if (strncmp(info
->ifinfo
.ifname
, "p2p", 3) == 0)
761 LogInfo("xD2DInterfaceToTransportType: returning D2DWifiPeerToPeerTransport for interface index %d", InterfaceID
);
762 return D2DWifiPeerToPeerTransport
;
765 // Currently there is no way to identify Bluetooth interface by name,
766 // since they use "en*" based name strings.
768 LogInfo("xD2DInterfaceToTransportType: returning default D2DTransportMax for interface index %d", InterfaceID
);
769 return D2DTransportMax
;
772 mDNSexport
void external_start_browsing_for_service(mDNSInterfaceID InterfaceID
, const domainname
*const typeDomain
, DNS_TypeValues qtype
, DNSServiceFlags flags
)
776 if (qtype
== kDNSServiceType_A
|| qtype
== kDNSServiceType_AAAA
)
778 LogInfo("external_start_browsing_for_service: ignoring address record");
782 DomainnameToLower(typeDomain
, &lower
);
784 if (!D2DBrowseListRefCount(&lower
, qtype
))
786 D2DTransportType transportType
, excludedTransport
;
788 LogInfo("external_start_browsing_for_service: Starting browse for: %##s %s", lower
.c
, DNSTypeName(qtype
));
789 mDNSu8
*end
= DNSNameCompressionBuildLHS(&lower
, qtype
);
790 PrintHelper(__func__
, compression_lhs
, end
- compression_lhs
, mDNSNULL
, 0);
792 transportType
= xD2DInterfaceToTransportType(InterfaceID
, flags
, & excludedTransport
);
793 if (transportType
== D2DTransportMax
)
796 for (i
= 0; i
< D2DTransportMax
; i
++)
798 if (i
== excludedTransport
) continue;
799 if (D2DStartBrowsingForKeyOnTransport
) D2DStartBrowsingForKeyOnTransport(compression_lhs
, end
- compression_lhs
, i
);
804 if (D2DStartBrowsingForKeyOnTransport
) D2DStartBrowsingForKeyOnTransport(compression_lhs
, end
- compression_lhs
, transportType
);
807 D2DBrowseListRetain(&lower
, qtype
);
810 mDNSexport
void external_stop_browsing_for_service(mDNSInterfaceID InterfaceID
, const domainname
*const typeDomain
, DNS_TypeValues qtype
, DNSServiceFlags flags
)
814 if (qtype
== kDNSServiceType_A
|| qtype
== kDNSServiceType_AAAA
)
816 LogInfo("external_stop_browsing_for_service: ignoring address record");
820 DomainnameToLower(typeDomain
, &lower
);
822 D2DBrowseListRelease(&lower
, qtype
);
823 if (!D2DBrowseListRefCount(&lower
, qtype
))
825 D2DTransportType transportType
, excludedTransport
;
827 LogInfo("external_stop_browsing_for_service: Stopping browse for: %##s %s", lower
.c
, DNSTypeName(qtype
));
828 mDNSu8
*end
= DNSNameCompressionBuildLHS(&lower
, qtype
);
829 PrintHelper(__func__
, compression_lhs
, end
- compression_lhs
, mDNSNULL
, 0);
831 transportType
= xD2DInterfaceToTransportType(InterfaceID
, flags
, & excludedTransport
);
832 if (transportType
== D2DTransportMax
)
835 for (i
= 0; i
< D2DTransportMax
; i
++)
837 if (i
== excludedTransport
) continue;
838 if (D2DStopBrowsingForKeyOnTransport
) D2DStopBrowsingForKeyOnTransport(compression_lhs
, end
- compression_lhs
, i
);
843 if (D2DStopBrowsingForKeyOnTransport
) D2DStopBrowsingForKeyOnTransport(compression_lhs
, end
- compression_lhs
, transportType
);
846 // The D2D driver may not generate the D2DServiceLost event for this key after
847 // the D2DStopBrowsingForKey*() call above. So, we flush the key from the D2D
849 xD2DClearCache(&lower
, qtype
);
853 mDNSexport
void external_start_advertising_service(const ResourceRecord
*const resourceRecord
, DNSServiceFlags flags
)
858 D2DTransportType transportType
, excludedTransport
;
859 DomainnameToLower(resourceRecord
->name
, &lower
);
861 LogInfo("external_start_advertising_service: %s", RRDisplayString(&mDNSStorage
, resourceRecord
));
862 // For SRV records, update packet filter if p2p interface already exists, otherwise,
863 // if will be updated when we get the KEV_DL_IF_ATTACHED event for the interface.
864 if (resourceRecord
->rrtype
== kDNSType_SRV
)
865 mDNSUpdatePacketFilter(NULL
);
867 rhs
= DNSNameCompressionBuildLHS(&lower
, resourceRecord
->rrtype
);
868 end
= DNSNameCompressionBuildRHS(rhs
, resourceRecord
);
869 PrintHelper(__func__
, compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
);
871 transportType
= xD2DInterfaceToTransportType(resourceRecord
->InterfaceID
, flags
, & excludedTransport
);
872 if (transportType
== D2DTransportMax
)
875 for (i
= 0; i
< D2DTransportMax
; i
++)
877 if (i
== excludedTransport
) continue;
878 if (D2DStartAdvertisingPairOnTransport
) D2DStartAdvertisingPairOnTransport(compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
, i
);
883 if (D2DStartAdvertisingPairOnTransport
) D2DStartAdvertisingPairOnTransport(compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
, transportType
);
887 mDNSexport
void external_stop_advertising_service(const ResourceRecord
*const resourceRecord
, DNSServiceFlags flags
)
892 D2DTransportType transportType
, excludedTransport
;
893 DomainnameToLower(resourceRecord
->name
, &lower
);
895 LogInfo("external_stop_advertising_service: %s", RRDisplayString(&mDNSStorage
, resourceRecord
));
897 // For SRV records, update packet filter to to remove this port from list
898 if (resourceRecord
->rrtype
== kDNSType_SRV
)
899 mDNSUpdatePacketFilter(resourceRecord
);
901 rhs
= DNSNameCompressionBuildLHS(&lower
, resourceRecord
->rrtype
);
902 end
= DNSNameCompressionBuildRHS(rhs
, resourceRecord
);
903 PrintHelper(__func__
, compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
);
905 transportType
= xD2DInterfaceToTransportType(resourceRecord
->InterfaceID
, flags
, & excludedTransport
);
906 if (transportType
== D2DTransportMax
)
909 for (i
= 0; i
< D2DTransportMax
; i
++)
911 if (i
== excludedTransport
) continue;
912 if (D2DStopAdvertisingPairOnTransport
) D2DStopAdvertisingPairOnTransport(compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
, i
);
917 if (D2DStopAdvertisingPairOnTransport
) D2DStopAdvertisingPairOnTransport(compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
, transportType
);
921 mDNSexport
void external_start_resolving_service(mDNSInterfaceID InterfaceID
, const domainname
*const fqdn
, DNSServiceFlags flags
)
926 mDNSBool AWDL_used
= false; // whether AWDL was used for this resolve
927 D2DTransportType transportType
, excludedTransport
;
928 DomainnameToLower(SkipLeadingLabels(fqdn
, 1), &lower
);
930 LogInfo("external_start_resolving_service: %##s", fqdn
->c
);
931 rhs
= DNSNameCompressionBuildLHS(&lower
, kDNSType_PTR
);
932 end
= putDomainNameAsLabels(&compression_base_msg
, rhs
, compression_limit
, fqdn
);
933 PrintHelper(__func__
, compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
);
935 transportType
= xD2DInterfaceToTransportType(InterfaceID
, flags
, & excludedTransport
);
936 if (transportType
== D2DTransportMax
)
938 // Resolving over all the transports, except for excludedTransport if set.
940 for (i
= 0; i
< D2DTransportMax
; i
++)
942 if (i
== excludedTransport
) continue;
943 if (D2DStartResolvingPairOnTransport
) D2DStartResolvingPairOnTransport(compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
, i
);
945 if (i
== D2DAWDLTransport
)
951 // Resolving over one specific transport.
952 if (D2DStartResolvingPairOnTransport
) D2DStartResolvingPairOnTransport(compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
, transportType
);
954 if (transportType
== D2DAWDLTransport
)
958 // AWDL wants the SRV and TXT record queries communicated over the D2D interface.
959 // We only want these records going to AWDL, so use AWDLInterfaceID as the
960 // interface and don't set any other flags.
961 if (AWDL_used
&& AWDLInterfaceID
)
963 LogInfo("external_start_resolving_service: browse for TXT and SRV over AWDL");
964 external_start_browsing_for_service(AWDLInterfaceID
, fqdn
, kDNSType_TXT
, NULL
);
965 external_start_browsing_for_service(AWDLInterfaceID
, fqdn
, kDNSType_SRV
, NULL
);
969 mDNSexport
void external_stop_resolving_service(mDNSInterfaceID InterfaceID
, const domainname
*const fqdn
, DNSServiceFlags flags
)
974 mDNSBool AWDL_used
= false; // whether AWDL was used for this resolve
975 D2DTransportType transportType
, excludedTransport
;
976 DomainnameToLower(SkipLeadingLabels(fqdn
, 1), &lower
);
978 LogInfo("external_stop_resolving_service: %##s", fqdn
->c
);
979 rhs
= DNSNameCompressionBuildLHS(&lower
, kDNSType_PTR
);
980 end
= putDomainNameAsLabels(&compression_base_msg
, rhs
, compression_limit
, fqdn
);
981 PrintHelper(__func__
, compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
);
983 transportType
= xD2DInterfaceToTransportType(InterfaceID
, flags
, & excludedTransport
);
984 if (transportType
== D2DTransportMax
)
987 for (i
= 0; i
< D2DTransportMax
; i
++)
989 if (i
== excludedTransport
) continue;
990 if (D2DStopResolvingPairOnTransport
) D2DStopResolvingPairOnTransport(compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
, i
);
992 if (i
== D2DAWDLTransport
)
998 if (D2DStopResolvingPairOnTransport
) D2DStopResolvingPairOnTransport(compression_lhs
, rhs
- compression_lhs
, rhs
, end
- rhs
, transportType
);
1000 if (transportType
== D2DAWDLTransport
)
1004 // AWDL wants the SRV and TXT record queries communicated over the D2D interface.
1005 // We only want these records going to AWDL, so use AWDLInterfaceID as the
1006 // interface and don't set any other flags.
1007 if (AWDL_used
&& AWDLInterfaceID
)
1009 LogInfo("external_stop_resolving_service: stop browse for TXT and SRV on AWDL");
1010 external_stop_browsing_for_service(AWDLInterfaceID
, fqdn
, kDNSType_TXT
, NULL
);
1011 external_stop_browsing_for_service(AWDLInterfaceID
, fqdn
, kDNSType_SRV
, NULL
);
1015 #elif APPLE_OSX_mDNSResponder
1017 mDNSexport
void external_start_browsing_for_service(mDNS
*const m
, const domainname
*const type
, DNS_TypeValues qtype
, DNSServiceFlags flags
) { (void)m
; (void)type
; (void)qtype
; (void)flags
;}
1018 mDNSexport
void external_stop_browsing_for_service(mDNS
*const m
, const domainname
*const type
, DNS_TypeValues qtype
, DNSServiceFlags flags
) { (void)m
; (void)type
; (void)qtype
; (void)flags
;}
1019 mDNSexport
void external_start_advertising_service(const ResourceRecord
*const resourceRecord
, DNSServiceFlags flags
) { (void)resourceRecord
; (void)flags
;}
1020 mDNSexport
void external_stop_advertising_service(const ResourceRecord
*const resourceRecord
, DNSServiceFlags flags
) { (void)resourceRecord
; (void)flags
;}
1021 mDNSexport
void external_start_resolving_service(const domainname
*const fqdn
, DNSServiceFlags flags
) { (void)fqdn
; (void)flags
;}
1022 mDNSexport
void external_stop_resolving_service(const domainname
*const fqdn
, DNSServiceFlags flags
) { (void)fqdn
; (void)flags
;}
1026 // ***************************************************************************
1029 #if COMPILER_LIKES_PRAGMA_MARK
1031 #pragma mark - Utility Functions
1034 // We only attempt to send and receive multicast packets on interfaces that are
1035 // (a) flagged as multicast-capable
1036 // (b) *not* flagged as point-to-point (e.g. modem)
1037 // Typically point-to-point interfaces are modems (including mobile-phone pseudo-modems), and we don't want
1038 // to run up the user's bill sending multicast traffic over a link where there's only a single device at the
1039 // other end, and that device (e.g. a modem bank) is probably not answering Multicast DNS queries anyway.
1040 #define MulticastInterface(i) (((i)->ifa_flags & IFF_MULTICAST) && !((i)->ifa_flags & IFF_POINTOPOINT))
1042 mDNSexport
void NotifyOfElusiveBug(const char *title
, const char *msg
) // Both strings are UTF-8 text
1044 static int notifyCount
= 0;
1045 if (notifyCount
) return;
1047 // If we display our alert early in the boot process, then it vanishes once the desktop appears.
1048 // To avoid this, we don't try to display alerts in the first three minutes after boot.
1049 if ((mDNSu32
)(mDNSPlatformRawTime()) < (mDNSu32
)(mDNSPlatformOneSecond
* 180)) return;
1051 // Unless ForceAlerts is defined, we only show these bug report alerts on machines that have a 17.x.x.x address
1054 // Determine if we're at Apple (17.*.*.*)
1055 NetworkInterfaceInfoOSX
*i
;
1056 for (i
= mDNSStorage
.p
->InterfaceList
; i
; i
= i
->next
)
1057 if (i
->ifinfo
.ip
.type
== mDNSAddrType_IPv4
&& i
->ifinfo
.ip
.ip
.v4
.b
[0] == 17)
1059 if (!i
) return; // If not at Apple, don't show the alert
1063 LogMsg("%s", title
);
1065 // Display a notification to the user
1068 #ifndef NO_CFUSERNOTIFICATION
1069 mDNSNotify(title
, msg
);
1070 #endif /* NO_CFUSERNOTIFICATION */
1073 // Returns true if it is an AppleTV based hardware running iOS, false otherwise
1074 mDNSlocal mDNSBool
IsAppleTV(void)
1076 #if TARGET_OS_EMBEDDED
1077 static mDNSBool sInitialized
= mDNSfalse
;
1078 static mDNSBool sIsAppleTV
= mDNSfalse
;
1079 CFStringRef deviceClass
= NULL
;
1083 deviceClass
= (CFStringRef
) MGCopyAnswer(kMGQDeviceClass
, NULL
);
1086 if(CFEqual(deviceClass
, kMGDeviceClassAppleTV
))
1087 sIsAppleTV
= mDNStrue
;
1088 CFRelease(deviceClass
);
1090 sInitialized
= mDNStrue
;
1095 #endif // TARGET_OS_EMBEDDED
1098 mDNSlocal
struct ifaddrs
*myGetIfAddrs(int refresh
)
1100 static struct ifaddrs
*ifa
= NULL
;
1113 mDNSlocal
void DynamicStoreWrite(int key
, const char* subkey
, uintptr_t value
, signed long valueCnt
)
1115 CFStringRef sckey
= NULL
;
1116 Boolean release_sckey
= FALSE
;
1117 CFDataRef bytes
= NULL
;
1118 CFPropertyListRef plist
= NULL
;
1119 SCDynamicStoreRef store
= NULL
;
1121 switch ((enum mDNSDynamicStoreSetConfigKey
)key
)
1123 case kmDNSMulticastConfig
:
1124 sckey
= CFSTR("State:/Network/" kDNSServiceCompMulticastDNS
);
1126 case kmDNSDynamicConfig
:
1127 sckey
= CFSTR("State:/Network/DynamicDNS");
1129 case kmDNSPrivateConfig
:
1130 sckey
= CFSTR("State:/Network/" kDNSServiceCompPrivateDNS
);
1132 case kmDNSBackToMyMacConfig
:
1133 sckey
= CFSTR("State:/Network/BackToMyMac");
1135 case kmDNSSleepProxyServersState
:
1137 CFMutableStringRef tmp
= CFStringCreateMutable(kCFAllocatorDefault
, 0);
1138 CFStringAppend(tmp
, CFSTR("State:/Network/Interface/"));
1139 CFStringAppendCString(tmp
, subkey
, kCFStringEncodingUTF8
);
1140 CFStringAppend(tmp
, CFSTR("/SleepProxyServers"));
1141 sckey
= CFStringCreateCopy(kCFAllocatorDefault
, tmp
);
1142 release_sckey
= TRUE
;
1146 case kmDNSDebugState
:
1147 sckey
= CFSTR("State:/Network/mDNSResponder/DebugState");
1150 LogMsg("unrecognized key %d", key
);
1153 if (NULL
== (bytes
= CFDataCreateWithBytesNoCopy(NULL
, (void *)value
,
1154 valueCnt
, kCFAllocatorNull
)))
1156 LogMsg("CFDataCreateWithBytesNoCopy of value failed");
1159 if (NULL
== (plist
= CFPropertyListCreateFromXMLData(NULL
, bytes
,
1160 kCFPropertyListImmutable
, NULL
)))
1162 LogMsg("CFPropertyListCreateFromXMLData of bytes failed");
1167 if (NULL
== (store
= SCDynamicStoreCreate(NULL
,
1168 CFSTR(kmDNSResponderServName
), NULL
, NULL
)))
1170 LogMsg("SCDynamicStoreCreate failed: %s", SCErrorString(SCError()));
1173 SCDynamicStoreSetValue(store
, sckey
, plist
);
1182 if (release_sckey
&& sckey
)
1186 mDNSexport
void mDNSDynamicStoreSetConfig(int key
, const char *subkey
, CFPropertyListRef value
)
1188 CFPropertyListRef valueCopy
;
1189 char *subkeyCopy
= NULL
;
1193 // We need to copy the key and value before we dispatch off the block below as the
1194 // caller will free the memory once we return from this function.
1195 valueCopy
= CFPropertyListCreateDeepCopy(NULL
, value
, kCFPropertyListImmutable
);
1198 LogMsg("mDNSDynamicStoreSetConfig: ERROR valueCopy NULL");
1203 int len
= strlen(subkey
);
1204 subkeyCopy
= mDNSPlatformMemAllocate(len
+ 1);
1207 LogMsg("mDNSDynamicStoreSetConfig: ERROR subkeyCopy NULL");
1210 mDNSPlatformMemCopy(subkeyCopy
, subkey
, len
);
1211 subkeyCopy
[len
] = 0;
1214 dispatch_async(DynamicStoreQueue
, ^{
1215 CFWriteStreamRef stream
= NULL
;
1216 CFDataRef bytes
= NULL
;
1220 if (NULL
== (stream
= CFWriteStreamCreateWithAllocatedBuffers(NULL
, NULL
)))
1222 LogMsg("mDNSDynamicStoreSetConfig : CFWriteStreamCreateWithAllocatedBuffers failed (Object creation failed)");
1225 CFWriteStreamOpen(stream
);
1226 ret
= CFPropertyListWriteToStream(valueCopy
, stream
, kCFPropertyListBinaryFormat_v1_0
, &error
);
1229 LogMsg("mDNSDynamicStoreSetConfig : CFPropertyListWriteToStream failed (Could not write property list to stream)");
1232 if (NULL
== (bytes
= CFWriteStreamCopyProperty(stream
, kCFStreamPropertyDataWritten
)))
1234 LogMsg("mDNSDynamicStoreSetConfig : CFWriteStreamCopyProperty failed (Object creation failed) ");
1237 CFWriteStreamClose(stream
);
1240 LogInfo("mDNSDynamicStoreSetConfig: key %d subkey %s", key
, subkeyCopy
);
1241 DynamicStoreWrite(key
, subkeyCopy
? subkeyCopy
: "", (uintptr_t)CFDataGetBytePtr(bytes
), CFDataGetLength(bytes
));
1244 CFRelease(valueCopy
);
1247 CFWriteStreamClose(stream
);
1253 mDNSPlatformMemFree(subkeyCopy
);
1257 // To match *either* a v4 or v6 instance of this interface name, pass AF_UNSPEC for type
1258 mDNSlocal NetworkInterfaceInfoOSX
*SearchForInterfaceByName(mDNS
*const m
, const char *ifname
, int type
)
1260 NetworkInterfaceInfoOSX
*i
;
1261 for (i
= m
->p
->InterfaceList
; i
; i
= i
->next
)
1262 if (i
->Exists
&& !strcmp(i
->ifinfo
.ifname
, ifname
) &&
1263 ((type
== AF_UNSPEC
) ||
1264 (type
== AF_INET
&& i
->ifinfo
.ip
.type
== mDNSAddrType_IPv4
) ||
1265 (type
== AF_INET6
&& i
->ifinfo
.ip
.type
== mDNSAddrType_IPv6
))) return(i
);
1269 #if TARGET_OS_EMBEDDED
1270 mDNSlocal SCPreferencesRef
mDNSManagedPrefsGet(void)
1272 SCPreferencesRef smDNSManagedPrefs
= NULL
;
1273 smDNSManagedPrefs
= SCPreferencesCreate(kCFAllocatorDefault
, CFSTR("mDNSManagedPrefs"), kmDNSResponderManagedPrefsID
);
1275 return (smDNSManagedPrefs
);
1278 mDNSlocal mDNSBool
GetmDNSManagedPrefKeyVal(SCPreferencesRef prefs
, CFStringRef key
)
1280 mDNSBool val
= mDNSfalse
;
1281 CFBooleanRef val_cf
= NULL
;
1285 val_cf
= SCPreferencesGetValue(prefs
, key
);
1286 if (isA_CFBoolean(val_cf
) != NULL
)
1287 val
= CFBooleanGetValue(val_cf
); //When mDNSResponder-Debug-profile is Installed
1289 val
= mDNSfalse
; //When mDNSResponder-Debug-profile is Uninstalled
1293 LogMsg("GetmDNSManagedPrefKeyVal: mDNSManagedPrefs are NULL!");
1301 mDNSexport mDNSBool
GetmDNSManagedPref(CFStringRef key
)
1303 SCPreferencesRef managed
= NULL
;
1306 managed
= mDNSManagedPrefsGet();
1307 ret_value
= GetmDNSManagedPrefKeyVal(managed
, key
);
1313 #endif //TARGET_OS_EMBEDDED
1315 mDNSlocal
int myIfIndexToName(u_short ifindex
, char *name
)
1317 struct ifaddrs
*ifa
;
1318 for (ifa
= myGetIfAddrs(0); ifa
; ifa
= ifa
->ifa_next
)
1319 if (ifa
->ifa_addr
->sa_family
== AF_LINK
)
1320 if (((struct sockaddr_dl
*)ifa
->ifa_addr
)->sdl_index
== ifindex
)
1321 { strlcpy(name
, ifa
->ifa_name
, IF_NAMESIZE
); return 0; }
1325 mDNSexport NetworkInterfaceInfoOSX
*IfindexToInterfaceInfoOSX(const mDNS
*const m
, mDNSInterfaceID ifindex
)
1327 mDNSu32 scope_id
= (mDNSu32
)(uintptr_t)ifindex
;
1328 NetworkInterfaceInfoOSX
*i
;
1330 // Don't get tricked by inactive interfaces
1331 for (i
= m
->p
->InterfaceList
; i
; i
= i
->next
)
1332 if (i
->Registered
&& i
->scope_id
== scope_id
) return(i
);
1337 mDNSexport mDNSInterfaceID
mDNSPlatformInterfaceIDfromInterfaceIndex(mDNS
*const m
, mDNSu32 ifindex
)
1339 if (ifindex
== kDNSServiceInterfaceIndexLocalOnly
) return(mDNSInterface_LocalOnly
);
1340 if (ifindex
== kDNSServiceInterfaceIndexP2P
) return(mDNSInterface_P2P
);
1341 if (ifindex
== kDNSServiceInterfaceIndexAny
) return(mDNSNULL
);
1343 NetworkInterfaceInfoOSX
* ifi
= IfindexToInterfaceInfoOSX(m
, (mDNSInterfaceID
)(uintptr_t)ifindex
);
1346 // Not found. Make sure our interface list is up to date, then try again.
1347 LogInfo("mDNSPlatformInterfaceIDfromInterfaceIndex: InterfaceID for interface index %d not found; Updating interface list", ifindex
);
1348 mDNSMacOSXNetworkChanged(m
);
1349 ifi
= IfindexToInterfaceInfoOSX(m
, (mDNSInterfaceID
)(uintptr_t)ifindex
);
1352 if (!ifi
) return(mDNSNULL
);
1354 return(ifi
->ifinfo
.InterfaceID
);
1358 mDNSexport mDNSu32
mDNSPlatformInterfaceIndexfromInterfaceID(mDNS
*const m
, mDNSInterfaceID id
, mDNSBool suppressNetworkChange
)
1360 NetworkInterfaceInfoOSX
*i
;
1361 if (id
== mDNSInterface_LocalOnly
) return(kDNSServiceInterfaceIndexLocalOnly
);
1362 if (id
== mDNSInterface_P2P
) return(kDNSServiceInterfaceIndexP2P
);
1363 if (id
== mDNSInterface_Any
) return(0);
1365 mDNSu32 scope_id
= (mDNSu32
)(uintptr_t)id
;
1367 // Don't use i->Registered here, because we DO want to find inactive interfaces, which have no Registered set
1368 for (i
= m
->p
->InterfaceList
; i
; i
= i
->next
)
1369 if (i
->scope_id
== scope_id
) return(i
->scope_id
);
1371 // If we are supposed to suppress network change, return "id" back
1372 if (suppressNetworkChange
) return scope_id
;
1374 // Not found. Make sure our interface list is up to date, then try again.
1375 LogInfo("Interface index for InterfaceID %p not found; Updating interface list", id
);
1376 mDNSMacOSXNetworkChanged(m
);
1377 for (i
= m
->p
->InterfaceList
; i
; i
= i
->next
)
1378 if (i
->scope_id
== scope_id
) return(i
->scope_id
);
1383 #if APPLE_OSX_mDNSResponder
1384 mDNSexport
void mDNSASLLog(uuid_t
*uuid
, const char *subdomain
, const char *result
, const char *signature
, const char *fmt
, ...)
1387 return; // No ASL on iOS
1389 static char buffer
[512];
1390 aslmsg asl_msg
= asl_new(ASL_TYPE_MSG
);
1392 if (!asl_msg
) { LogMsg("mDNSASLLog: asl_new failed"); return; }
1396 uuid_unparse(*uuid
, uuidStr
);
1397 asl_set (asl_msg
, "com.apple.message.uuid", uuidStr
);
1400 static char domainBase
[] = "com.apple.mDNSResponder.%s";
1401 mDNS_snprintf (buffer
, sizeof(buffer
), domainBase
, subdomain
);
1402 asl_set (asl_msg
, "com.apple.message.domain", buffer
);
1404 if (result
) asl_set(asl_msg
, "com.apple.message.result", result
);
1405 if (signature
) asl_set(asl_msg
, "com.apple.message.signature", signature
);
1409 mDNS_vsnprintf(buffer
, sizeof(buffer
), fmt
, ptr
);
1412 int old_filter
= asl_set_filter(NULL
,ASL_FILTER_MASK_UPTO(ASL_LEVEL_DEBUG
));
1413 asl_log(NULL
, asl_msg
, ASL_LEVEL_DEBUG
, "%s", buffer
);
1414 asl_set_filter(NULL
, old_filter
);
1419 mDNSlocal
void mDNSLogDNSSECStatistics(mDNS
*const m
)
1423 aslmsg aslmsg
= asl_new(ASL_TYPE_MSG
);
1425 // If we failed to allocate an aslmsg structure, keep accumulating
1426 // the statistics and try again at the next log interval.
1429 LogMsg("mDNSLogDNSSECStatistics: asl_new() failed!");
1433 asl_set(aslmsg
,"com.apple.message.domain", "com.apple.mDNSResponder.DNSSECstatistics");
1435 if (m
->rrcache_totalused_unicast
)
1437 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", (mDNSu32
) ((unsigned long)(m
->DNSSECStats
.TotalMemUsed
* 100))/m
->rrcache_totalused_unicast
);
1441 LogMsg("mDNSLogDNSSECStatistics: unicast is zero");
1444 asl_set(aslmsg
,"com.apple.message.MemUsage", buffer
);
1446 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.Latency0
);
1447 asl_set(aslmsg
,"com.apple.message.Latency0", buffer
);
1448 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.Latency10
);
1449 asl_set(aslmsg
,"com.apple.message.Latency10", buffer
);
1450 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.Latency20
);
1451 asl_set(aslmsg
,"com.apple.message.Latency20", buffer
);
1452 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.Latency50
);
1453 asl_set(aslmsg
,"com.apple.message.Latency50", buffer
);
1454 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.Latency100
);
1455 asl_set(aslmsg
,"com.apple.message.Latency100", buffer
);
1457 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.ExtraPackets0
);
1458 asl_set(aslmsg
,"com.apple.message.ExtraPackets0", buffer
);
1459 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.ExtraPackets3
);
1460 asl_set(aslmsg
,"com.apple.message.ExtraPackets3", buffer
);
1461 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.ExtraPackets7
);
1462 asl_set(aslmsg
,"com.apple.message.ExtraPackets7", buffer
);
1463 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.ExtraPackets10
);
1464 asl_set(aslmsg
,"com.apple.message.ExtraPackets10", buffer
);
1466 // Ignore IndeterminateStatus as we don't log them
1467 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.SecureStatus
);
1468 asl_set(aslmsg
,"com.apple.message.SecureStatus", buffer
);
1469 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.InsecureStatus
);
1470 asl_set(aslmsg
,"com.apple.message.InsecureStatus", buffer
);
1471 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.BogusStatus
);
1472 asl_set(aslmsg
,"com.apple.message.BogusStatus", buffer
);
1473 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.NoResponseStatus
);
1474 asl_set(aslmsg
,"com.apple.message.NoResponseStatus", buffer
);
1476 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.NumProbesSent
);
1477 asl_set(aslmsg
,"com.apple.message.NumProbesSent", buffer
);
1478 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.MsgSize0
);
1479 asl_set(aslmsg
,"com.apple.message.MsgSize0", buffer
);
1480 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.MsgSize1
);
1481 asl_set(aslmsg
,"com.apple.message.MsgSize1", buffer
);
1482 mDNS_snprintf(buffer
, sizeof(buffer
), "%u", m
->DNSSECStats
.MsgSize2
);
1483 asl_set(aslmsg
,"com.apple.message.MsgSize2", buffer
);
1485 asl_log(NULL
, aslmsg
, ASL_LEVEL_NOTICE
, "");
1489 // Calculate packets per hour given total packet count and interval in seconds.
1490 // Cast one term of multiplication to (long) to use 64-bit arithmetic
1491 // and avoid a potential 32-bit overflow prior to the division.
1492 #define ONE_HOUR 3600
1493 #define PACKET_RATE(PACKETS, INTERVAL) (int)(((long) (PACKETS) * ONE_HOUR)/(INTERVAL))
1495 // Put packet rate data in discrete buckets.
1496 mDNSlocal
int mDNSBucketData(int inputData
, int interval
)
1500 LogMsg("mDNSBucketData: interval is zero!");
1504 int ratePerHour
= PACKET_RATE(inputData
, interval
);
1507 if (ratePerHour
== 0)
1509 else if (ratePerHour
<= 10)
1511 else if (ratePerHour
<= 100)
1513 else if (ratePerHour
<= 1000)
1515 else if (ratePerHour
<= 5000)
1517 else if (ratePerHour
<= 10000)
1519 else if (ratePerHour
<= 50000)
1521 else if (ratePerHour
<= 100000)
1523 else if (ratePerHour
<= 250000)
1525 else if (ratePerHour
<= 500000)
1533 mDNSlocal
void mDNSLogBonjourStatistics(mDNS
*const m
)
1535 static mDNSs32 last_PktNum
, last_MPktNum
;
1536 static mDNSs32 last_UnicastPacketsSent
, last_MulticastPacketsSent
;
1537 static mDNSs32 last_RemoteSubnet
;
1541 mDNSs32 inMulticast
= m
->MPktNum
- last_MPktNum
;
1542 mDNSs32 inUnicast
= m
->PktNum
- last_PktNum
- inMulticast
;
1543 mDNSs32 outUnicast
= m
->UnicastPacketsSent
- last_UnicastPacketsSent
;
1544 mDNSs32 outMulticast
= m
->MulticastPacketsSent
- last_MulticastPacketsSent
;
1545 mDNSs32 remoteSubnet
= m
->RemoteSubnet
- last_RemoteSubnet
;
1548 // save starting values for new interval
1549 last_PktNum
= m
->PktNum
;
1550 last_MPktNum
= m
->MPktNum
;
1551 last_UnicastPacketsSent
= m
->UnicastPacketsSent
;
1552 last_MulticastPacketsSent
= m
->MulticastPacketsSent
;
1553 last_RemoteSubnet
= m
->RemoteSubnet
;
1555 // Need a non-zero active time interval.
1556 if (!m
->ActiveStatTime
)
1559 // Round interval time to nearest hour boundary. Less then 30 minutes rounds to zero.
1560 interval
= (m
->ActiveStatTime
+ ONE_HOUR
/2)/ONE_HOUR
;
1562 // Use a minimum of 30 minutes of awake time to calculate average packet rates.
1563 // The rounded awake interval should not be greater than the rounded reporting
1565 if ((interval
== 0) || (interval
> (kDefaultNextStatsticsLogTime
+ ONE_HOUR
/2)/ONE_HOUR
))
1568 aslmsg aslmsg
= asl_new(ASL_TYPE_MSG
);
1572 LogMsg("mDNSLogBonjourStatistics: asl_new() failed!");
1575 // log in MessageTracer format
1576 asl_set(aslmsg
,"com.apple.message.domain", "com.apple.mDNSResponder.statistics");
1578 snprintf(buffer
, sizeof(buffer
), "%d", interval
);
1579 asl_set(aslmsg
,"com.apple.message.interval", buffer
);
1581 // log the packet rates as packets per hour
1582 snprintf(buffer
, sizeof(buffer
), "%d",
1583 mDNSBucketData(inUnicast
, m
->ActiveStatTime
));
1584 asl_set(aslmsg
,"com.apple.message.UnicastIn", buffer
);
1586 snprintf(buffer
, sizeof(buffer
), "%d",
1587 mDNSBucketData(inMulticast
, m
->ActiveStatTime
));
1588 asl_set(aslmsg
,"com.apple.message.MulticastIn", buffer
);
1590 snprintf(buffer
, sizeof(buffer
), "%d",
1591 mDNSBucketData(outUnicast
, m
->ActiveStatTime
));
1592 asl_set(aslmsg
,"com.apple.message.UnicastOut", buffer
);
1594 snprintf(buffer
, sizeof(buffer
), "%d",
1595 mDNSBucketData(outMulticast
, m
->ActiveStatTime
));
1596 asl_set(aslmsg
,"com.apple.message.MulticastOut", buffer
);
1598 snprintf(buffer
, sizeof(buffer
), "%d",
1599 mDNSBucketData(remoteSubnet
, m
->ActiveStatTime
));
1600 asl_set(aslmsg
,"com.apple.message.RemoteSubnet", buffer
);
1602 asl_log(NULL
, aslmsg
, ASL_LEVEL_NOTICE
, "");
1607 // Log multicast and unicast traffic statistics to MessageTracer on OSX
1608 mDNSexport
void mDNSLogStatistics(mDNS
*const m
)
1610 // MessageTracer only available on OSX
1614 mDNSs32 currentUTC
= mDNSPlatformUTC();
1616 // log runtime statistics
1617 if ((currentUTC
- m
->NextStatLogTime
) >= 0)
1619 m
->NextStatLogTime
= currentUTC
+ kDefaultNextStatsticsLogTime
;
1620 // If StatStartTime is zero, it hasn't been reinitialized yet
1621 // in the wakeup code path.
1622 if (m
->StatStartTime
)
1624 m
->ActiveStatTime
+= currentUTC
- m
->StatStartTime
;
1627 // Only log statistics if we have recorded some active time during
1628 // this statistics interval.
1629 if (m
->ActiveStatTime
)
1631 mDNSLogBonjourStatistics(m
);
1632 mDNSLogDNSSECStatistics(m
);
1635 // Start a new statistics gathering interval.
1636 m
->StatStartTime
= currentUTC
;
1637 m
->ActiveStatTime
= 0;
1641 #endif // APPLE_OSX_mDNSResponder
1643 #if COMPILER_LIKES_PRAGMA_MARK
1645 #pragma mark - UDP & TCP send & receive
1648 mDNSlocal mDNSBool
AddrRequiresPPPConnection(const struct sockaddr
*addr
)
1650 mDNSBool result
= mDNSfalse
;
1651 SCNetworkConnectionFlags flags
;
1652 CFDataRef remote_addr
;
1653 CFMutableDictionaryRef options
;
1654 SCNetworkReachabilityRef ReachRef
= NULL
;
1656 options
= CFDictionaryCreateMutable(NULL
, 0, &kCFTypeDictionaryKeyCallBacks
, &kCFTypeDictionaryValueCallBacks
);
1657 remote_addr
= CFDataCreate(NULL
, (const UInt8
*)addr
, addr
->sa_len
);
1658 CFDictionarySetValue(options
, kSCNetworkReachabilityOptionRemoteAddress
, remote_addr
);
1659 CFDictionarySetValue(options
, kSCNetworkReachabilityOptionServerBypass
, kCFBooleanTrue
);
1660 ReachRef
= SCNetworkReachabilityCreateWithOptions(kCFAllocatorDefault
, options
);
1662 CFRelease(remote_addr
);
1666 LogMsg("ERROR: RequiresConnection - SCNetworkReachabilityCreateWithOptions");
1669 if (!SCNetworkReachabilityGetFlags(ReachRef
, &flags
))
1671 LogMsg("ERROR: AddrRequiresPPPConnection - SCNetworkReachabilityGetFlags");
1674 result
= flags
& kSCNetworkFlagsConnectionRequired
;
1678 CFRelease(ReachRef
);
1682 // Set traffic class for socket
1683 mDNSlocal
void setTrafficClass(int socketfd
, mDNSBool useBackgroundTrafficClass
)
1687 if (useBackgroundTrafficClass
)
1688 traffic_class
= SO_TC_BK_SYS
;
1690 traffic_class
= SO_TC_CTL
;
1692 (void) setsockopt(socketfd
, SOL_SOCKET
, SO_TRAFFIC_CLASS
, (void *)&traffic_class
, sizeof(traffic_class
));
1695 mDNSexport
void mDNSPlatformSetDelegatePID(UDPSocket
*src
, const mDNSAddr
*dst
, DNSQuestion
*q
)
1701 if (dst
->type
== mDNSAddrType_IPv4
)
1712 if (setsockopt(s
, SOL_SOCKET
, SO_DELEGATED
, &q
->pid
, sizeof(q
->pid
)) == -1)
1714 LogInfo("mDNSPlatformSetDelegatePID: Delegate PID failed %s for PID %d", strerror(errno
), q
->pid
);
1719 if (setsockopt(s
, SOL_SOCKET
, SO_DELEGATED_UUID
, &q
->uuid
, sizeof(q
->uuid
)) == -1)
1721 LogInfo("mDNSPlatformSetDelegatePID: Delegate UUID failed %s", strerror(errno
));
1727 // Note: If InterfaceID is NULL, it means, "send this packet through our anonymous unicast socket"
1728 // Note: If InterfaceID is non-NULL it means, "send this packet through our port 5353 socket on the specified interface"
1729 // OR send via our primary v4 unicast socket
1730 // UPDATE: The UDPSocket *src parameter now allows the caller to specify the source socket
1731 mDNSexport mStatus
mDNSPlatformSendUDP(const mDNS
*const m
, const void *const msg
, const mDNSu8
*const end
,
1732 mDNSInterfaceID InterfaceID
, UDPSocket
*src
, const mDNSAddr
*dst
,
1733 mDNSIPPort dstPort
, mDNSBool useBackgroundTrafficClass
)
1735 NetworkInterfaceInfoOSX
*info
= mDNSNULL
;
1736 struct sockaddr_storage to
;
1738 mStatus result
= mStatus_NoError
;
1742 info
= IfindexToInterfaceInfoOSX(m
, InterfaceID
);
1745 // We may not have registered interfaces with the "core" as we may not have
1746 // seen any interface notifications yet. This typically happens during wakeup
1747 // where we might try to send DNS requests (non-SuppressUnusable questions internal
1748 // to mDNSResponder) before we receive network notifications.
1749 LogInfo("mDNSPlatformSendUDP: Invalid interface index %p", InterfaceID
);
1750 return mStatus_BadParamErr
;
1754 char *ifa_name
= InterfaceID
? info
->ifinfo
.ifname
: "unicast";
1756 if (dst
->type
== mDNSAddrType_IPv4
)
1758 struct sockaddr_in
*sin_to
= (struct sockaddr_in
*)&to
;
1759 sin_to
->sin_len
= sizeof(*sin_to
);
1760 sin_to
->sin_family
= AF_INET
;
1761 sin_to
->sin_port
= dstPort
.NotAnInteger
;
1762 sin_to
->sin_addr
.s_addr
= dst
->ip
.v4
.NotAnInteger
;
1763 s
= (src
? src
->ss
: m
->p
->permanentsockets
).sktv4
;
1765 if (info
) // Specify outgoing interface
1767 if (!mDNSAddrIsDNSMulticast(dst
))
1770 if (info
->scope_id
== 0)
1771 LogInfo("IP_BOUND_IF socket option not set -- info %p (%s) scope_id is zero", info
, ifa_name
);
1773 setsockopt(s
, IPPROTO_IP
, IP_BOUND_IF
, &info
->scope_id
, sizeof(info
->scope_id
));
1776 static int displayed
= 0;
1777 if (displayed
< 1000)
1780 LogInfo("IP_BOUND_IF socket option not defined -- cannot specify interface for unicast packets");
1786 #ifdef IP_MULTICAST_IFINDEX
1788 err
= setsockopt(s
, IPPROTO_IP
, IP_MULTICAST_IFINDEX
, &info
->scope_id
, sizeof(info
->scope_id
));
1789 // We get an error when we compile on a machine that supports this option and run the binary on
1790 // a different machine that does not support it
1793 if (errno
!= ENOPROTOOPT
) LogInfo("mDNSPlatformSendUDP: setsockopt: IP_MUTLTICAST_IFINDEX returned %d", errno
);
1794 err
= setsockopt(s
, IPPROTO_IP
, IP_MULTICAST_IF
, &info
->ifa_v4addr
, sizeof(info
->ifa_v4addr
));
1795 if (err
< 0 && !m
->p
->NetworkChanged
)
1796 LogMsg("setsockopt - IP_MULTICAST_IF error %.4a %d errno %d (%s)", &info
->ifa_v4addr
, err
, errno
, strerror(errno
));
1801 err
= setsockopt(s
, IPPROTO_IP
, IP_MULTICAST_IF
, &info
->ifa_v4addr
, sizeof(info
->ifa_v4addr
));
1802 if (err
< 0 && !m
->p
->NetworkChanged
)
1803 LogMsg("setsockopt - IP_MULTICAST_IF error %.4a %d errno %d (%s)", &info
->ifa_v4addr
, err
, errno
, strerror(errno
));
1810 else if (dst
->type
== mDNSAddrType_IPv6
)
1812 struct sockaddr_in6
*sin6_to
= (struct sockaddr_in6
*)&to
;
1813 sin6_to
->sin6_len
= sizeof(*sin6_to
);
1814 sin6_to
->sin6_family
= AF_INET6
;
1815 sin6_to
->sin6_port
= dstPort
.NotAnInteger
;
1816 sin6_to
->sin6_flowinfo
= 0;
1817 sin6_to
->sin6_addr
= *(struct in6_addr
*)&dst
->ip
.v6
;
1818 sin6_to
->sin6_scope_id
= info
? info
->scope_id
: 0;
1819 s
= (src
? src
->ss
: m
->p
->permanentsockets
).sktv6
;
1820 if (info
&& mDNSAddrIsDNSMulticast(dst
)) // Specify outgoing interface
1822 err
= setsockopt(s
, IPPROTO_IPV6
, IPV6_MULTICAST_IF
, &info
->scope_id
, sizeof(info
->scope_id
));
1825 char name
[IFNAMSIZ
];
1826 if (if_indextoname(info
->scope_id
, name
) != NULL
)
1827 LogMsg("setsockopt - IPV6_MULTICAST_IF error %d errno %d (%s)", err
, errno
, strerror(errno
));
1829 LogInfo("setsockopt - IPV6_MUTLICAST_IF scopeid %d, not a valid interface", info
->scope_id
);
1836 LogMsg("mDNSPlatformSendUDP: dst is not an IPv4 or IPv6 address!");
1840 return mStatus_BadParamErr
;
1844 verbosedebugf("mDNSPlatformSendUDP: sending on InterfaceID %p %5s/%ld to %#a:%d skt %d",
1845 InterfaceID
, ifa_name
, dst
->type
, dst
, mDNSVal16(dstPort
), s
);
1847 verbosedebugf("mDNSPlatformSendUDP: NOT sending on InterfaceID %p %5s/%ld (socket of this type not available)",
1848 InterfaceID
, ifa_name
, dst
->type
, dst
, mDNSVal16(dstPort
));
1850 // Note: When sending, mDNSCore may often ask us to send both a v4 multicast packet and then a v6 multicast packet
1851 // If we don't have the corresponding type of socket available, then return mStatus_Invalid
1852 if (s
< 0) return(mStatus_Invalid
);
1854 // switch to background traffic class for this message if requested
1855 if (useBackgroundTrafficClass
)
1856 setTrafficClass(s
, useBackgroundTrafficClass
);
1858 err
= sendto(s
, msg
, (UInt8
*)end
- (UInt8
*)msg
, 0, (struct sockaddr
*)&to
, to
.ss_len
);
1860 // set traffic class back to default value
1861 if (useBackgroundTrafficClass
)
1862 setTrafficClass(s
, mDNSfalse
);
1866 static int MessageCount
= 0;
1867 LogInfo("mDNSPlatformSendUDP -> sendto(%d) failed to send packet on InterfaceID %p %5s/%d to %#a:%d skt %d error %d errno %d (%s) %lu",
1868 s
, InterfaceID
, ifa_name
, dst
->type
, dst
, mDNSVal16(dstPort
), s
, err
, errno
, strerror(errno
), (mDNSu32
)(m
->timenow
));
1869 if (!mDNSAddressIsAllDNSLinkGroup(dst
))
1870 if (errno
== EHOSTDOWN
|| errno
== ENETDOWN
|| errno
== EHOSTUNREACH
|| errno
== ENETUNREACH
) return(mStatus_TransientErr
);
1871 // Don't report EHOSTUNREACH in the first three minutes after boot
1872 // This is because mDNSResponder intentionally starts up early in the boot process (See <rdar://problem/3409090>)
1873 // but this means that sometimes it starts before configd has finished setting up the multicast routing entries.
1874 if (errno
== EHOSTUNREACH
&& (mDNSu32
)(mDNSPlatformRawTime()) < (mDNSu32
)(mDNSPlatformOneSecond
* 180)) return(mStatus_TransientErr
);
1875 // Don't report EADDRNOTAVAIL ("Can't assign requested address") if we're in the middle of a network configuration change
1876 if (errno
== EADDRNOTAVAIL
&& m
->p
->NetworkChanged
) return(mStatus_TransientErr
);
1877 if (errno
== EHOSTUNREACH
|| errno
== EADDRNOTAVAIL
|| errno
== ENETDOWN
)
1878 LogInfo("mDNSPlatformSendUDP sendto(%d) failed to send packet on InterfaceID %p %5s/%d to %#a:%d skt %d error %d errno %d (%s) %lu",
1879 s
, InterfaceID
, ifa_name
, dst
->type
, dst
, mDNSVal16(dstPort
), s
, err
, errno
, strerror(errno
), (mDNSu32
)(m
->timenow
));
1883 if (MessageCount
< 50) // Cap and ensure NO spamming of LogMsgs
1884 LogMsg("mDNSPlatformSendUDP: sendto(%d) failed to send packet on InterfaceID %p %5s/%d to %#a:%d skt %d error %d errno %d (%s) %lu MessageCount is %d",
1885 s
, InterfaceID
, ifa_name
, dst
->type
, dst
, mDNSVal16(dstPort
), s
, err
, errno
, strerror(errno
), (mDNSu32
)(m
->timenow
), MessageCount
);
1886 else // If logging is enabled, remove the cap and log aggressively
1887 LogInfo("mDNSPlatformSendUDP: sendto(%d) failed to send packet on InterfaceID %p %5s/%d to %#a:%d skt %d error %d errno %d (%s) %lu MessageCount is %d",
1888 s
, InterfaceID
, ifa_name
, dst
->type
, dst
, mDNSVal16(dstPort
), s
, err
, errno
, strerror(errno
), (mDNSu32
)(m
->timenow
), MessageCount
);
1891 result
= mStatus_UnknownErr
;
1895 if (dst
->type
== mDNSAddrType_IPv4
&& info
&& !mDNSAddrIsDNSMulticast(dst
))
1897 static const mDNSu32 ifindex
= 0;
1898 setsockopt(s
, IPPROTO_IP
, IP_BOUND_IF
, &ifindex
, sizeof(ifindex
));
1905 mDNSexport ssize_t
myrecvfrom(const int s
, void *const buffer
, const size_t max
,
1906 struct sockaddr
*const from
, size_t *const fromlen
, mDNSAddr
*dstaddr
, char ifname
[IF_NAMESIZE
], mDNSu8
*ttl
)
1908 static unsigned int numLogMessages
= 0;
1909 struct iovec databuffers
= { (char *)buffer
, max
};
1912 struct cmsghdr
*cmPtr
;
1913 char ancillary
[1024];
1915 *ttl
= 255; // If kernel fails to provide TTL data (e.g. Jaguar doesn't) then assume the TTL was 255 as it should be
1917 // Set up the message
1918 msg
.msg_name
= (caddr_t
)from
;
1919 msg
.msg_namelen
= *fromlen
;
1920 msg
.msg_iov
= &databuffers
;
1922 msg
.msg_control
= (caddr_t
)&ancillary
;
1923 msg
.msg_controllen
= sizeof(ancillary
);
1927 n
= recvmsg(s
, &msg
, 0);
1930 if (errno
!= EWOULDBLOCK
&& numLogMessages
++ < 100) LogMsg("mDNSMacOSX.c: recvmsg(%d) returned error %d errno %d", s
, n
, errno
);
1933 if (msg
.msg_controllen
< (int)sizeof(struct cmsghdr
))
1935 if (numLogMessages
++ < 100) LogMsg("mDNSMacOSX.c: recvmsg(%d) returned %d msg.msg_controllen %d < sizeof(struct cmsghdr) %lu, errno %d",
1936 s
, n
, msg
.msg_controllen
, sizeof(struct cmsghdr
), errno
);
1939 if (msg
.msg_flags
& MSG_CTRUNC
)
1941 if (numLogMessages
++ < 100) LogMsg("mDNSMacOSX.c: recvmsg(%d) msg.msg_flags & MSG_CTRUNC", s
);
1945 *fromlen
= msg
.msg_namelen
;
1947 // Parse each option out of the ancillary data.
1948 for (cmPtr
= CMSG_FIRSTHDR(&msg
); cmPtr
; cmPtr
= CMSG_NXTHDR(&msg
, cmPtr
))
1950 // debugf("myrecvfrom cmsg_level %d cmsg_type %d", cmPtr->cmsg_level, cmPtr->cmsg_type);
1951 if (cmPtr
->cmsg_level
== IPPROTO_IP
&& cmPtr
->cmsg_type
== IP_RECVDSTADDR
)
1953 dstaddr
->type
= mDNSAddrType_IPv4
;
1954 dstaddr
->ip
.v4
= *(mDNSv4Addr
*)CMSG_DATA(cmPtr
);
1955 //LogMsg("mDNSMacOSX.c: recvmsg IP_RECVDSTADDR %.4a", &dstaddr->ip.v4);
1957 if (cmPtr
->cmsg_level
== IPPROTO_IP
&& cmPtr
->cmsg_type
== IP_RECVIF
)
1959 struct sockaddr_dl
*sdl
= (struct sockaddr_dl
*)CMSG_DATA(cmPtr
);
1960 if (sdl
->sdl_nlen
< IF_NAMESIZE
)
1962 mDNSPlatformMemCopy(ifname
, sdl
->sdl_data
, sdl
->sdl_nlen
);
1963 ifname
[sdl
->sdl_nlen
] = 0;
1964 // debugf("IP_RECVIF sdl_index %d, sdl_data %s len %d", sdl->sdl_index, ifname, sdl->sdl_nlen);
1967 if (cmPtr
->cmsg_level
== IPPROTO_IP
&& cmPtr
->cmsg_type
== IP_RECVTTL
)
1968 *ttl
= *(u_char
*)CMSG_DATA(cmPtr
);
1969 if (cmPtr
->cmsg_level
== IPPROTO_IPV6
&& cmPtr
->cmsg_type
== IPV6_PKTINFO
)
1971 struct in6_pktinfo
*ip6_info
= (struct in6_pktinfo
*)CMSG_DATA(cmPtr
);
1972 dstaddr
->type
= mDNSAddrType_IPv6
;
1973 dstaddr
->ip
.v6
= *(mDNSv6Addr
*)&ip6_info
->ipi6_addr
;
1974 myIfIndexToName(ip6_info
->ipi6_ifindex
, ifname
);
1976 if (cmPtr
->cmsg_level
== IPPROTO_IPV6
&& cmPtr
->cmsg_type
== IPV6_HOPLIMIT
)
1977 *ttl
= *(int*)CMSG_DATA(cmPtr
);
1983 mDNSlocal mDNSInterfaceID
FindMyInterface(mDNS
*const m
, const mDNSAddr
*addr
)
1985 NetworkInterfaceInfo
*intf
;
1987 if (addr
->type
== mDNSAddrType_IPv4
)
1989 for (intf
= m
->HostInterfaces
; intf
; intf
= intf
->next
)
1991 if (intf
->ip
.type
== addr
->type
&& intf
->McastTxRx
)
1993 if ((intf
->ip
.ip
.v4
.NotAnInteger
^ addr
->ip
.v4
.NotAnInteger
) == 0)
1995 return(intf
->InterfaceID
);
2001 if (addr
->type
== mDNSAddrType_IPv6
)
2003 for (intf
= m
->HostInterfaces
; intf
; intf
= intf
->next
)
2005 if (intf
->ip
.type
== addr
->type
&& intf
->McastTxRx
)
2007 if (((intf
->ip
.ip
.v6
.l
[0] ^ addr
->ip
.v6
.l
[0]) == 0) &&
2008 ((intf
->ip
.ip
.v6
.l
[1] ^ addr
->ip
.v6
.l
[1]) == 0) &&
2009 ((intf
->ip
.ip
.v6
.l
[2] ^ addr
->ip
.v6
.l
[2]) == 0) &&
2010 (((intf
->ip
.ip
.v6
.l
[3] ^ addr
->ip
.v6
.l
[3]) == 0)))
2012 return(intf
->InterfaceID
);
2017 return(mDNSInterface_Any
);
2020 mDNSexport mDNSBool
mDNSPlatformPeekUDP(mDNS
*const m
, UDPSocket
*src
)
2022 // We should have a DNSMessage header followed by the question and an answer
2023 // which also includes a CNAME (that's when this function is called). To keep it
2024 // simple, we expect at least the size of DNSMessage header(12) and size of "A"
2025 // record (14 bytes).
2034 ret
= recv(src
->ss
.sktv4
, buffer
, sizeof(buffer
), MSG_PEEK
);
2041 mDNSexport
void myKQSocketCallBack(int s1
, short filter
, void *context
)
2043 KQSocketSet
*const ss
= (KQSocketSet
*)context
;
2044 mDNS
*const m
= ss
->m
;
2045 int err
= 0, count
= 0, closed
= 0;
2047 if (filter
!= EVFILT_READ
)
2048 LogMsg("myKQSocketCallBack: Why is filter %d not EVFILT_READ (%d)?", filter
, EVFILT_READ
);
2050 if (s1
!= ss
->sktv4
&& s1
!= ss
->sktv6
)
2052 LogMsg("myKQSocketCallBack: native socket %d", s1
);
2053 LogMsg("myKQSocketCallBack: sktv4 %d sktv6 %d", ss
->sktv4
, ss
->sktv6
);
2058 mDNSAddr senderAddr
, destAddr
;
2059 mDNSIPPort senderPort
;
2060 struct sockaddr_storage from
;
2061 size_t fromlen
= sizeof(from
);
2062 char packetifname
[IF_NAMESIZE
] = "";
2064 err
= myrecvfrom(s1
, &m
->imsg
, sizeof(m
->imsg
), (struct sockaddr
*)&from
, &fromlen
, &destAddr
, packetifname
, &ttl
);
2067 if ((destAddr
.type
== mDNSAddrType_IPv4
&& (destAddr
.ip
.v4
.b
[0] & 0xF0) == 0xE0) ||
2068 (destAddr
.type
== mDNSAddrType_IPv6
&& (destAddr
.ip
.v6
.b
[0] == 0xFF))) m
->p
->num_mcasts
++;
2071 if (from
.ss_family
== AF_INET
)
2073 struct sockaddr_in
*s
= (struct sockaddr_in
*)&from
;
2074 senderAddr
.type
= mDNSAddrType_IPv4
;
2075 senderAddr
.ip
.v4
.NotAnInteger
= s
->sin_addr
.s_addr
;
2076 senderPort
.NotAnInteger
= s
->sin_port
;
2077 //LogInfo("myKQSocketCallBack received IPv4 packet from %#-15a to %#-15a on skt %d %s", &senderAddr, &destAddr, s1, packetifname);
2079 else if (from
.ss_family
== AF_INET6
)
2081 struct sockaddr_in6
*sin6
= (struct sockaddr_in6
*)&from
;
2082 senderAddr
.type
= mDNSAddrType_IPv6
;
2083 senderAddr
.ip
.v6
= *(mDNSv6Addr
*)&sin6
->sin6_addr
;
2084 senderPort
.NotAnInteger
= sin6
->sin6_port
;
2085 //LogInfo("myKQSocketCallBack received IPv6 packet from %#-15a to %#-15a on skt %d %s", &senderAddr, &destAddr, s1, packetifname);
2089 LogMsg("myKQSocketCallBack from is unknown address family %d", from
.ss_family
);
2093 // Note: When handling multiple packets in a batch, MUST reset InterfaceID before handling each packet
2094 mDNSInterfaceID InterfaceID
= mDNSNULL
;
2095 NetworkInterfaceInfoOSX
*intf
= m
->p
->InterfaceList
;
2098 if (intf
->Exists
&& !strcmp(intf
->ifinfo
.ifname
, packetifname
))
2103 // When going to sleep we deregister all our interfaces, but if the machine
2104 // takes a few seconds to sleep we may continue to receive multicasts
2105 // during that time, which would confuse mDNSCoreReceive, because as far
2106 // as it's concerned, we should have no active interfaces any more.
2107 // Hence we ignore multicasts for which we can find no matching InterfaceID.
2109 InterfaceID
= intf
->ifinfo
.InterfaceID
;
2110 else if (mDNSAddrIsDNSMulticast(&destAddr
))
2115 InterfaceID
= FindMyInterface(m
, &destAddr
);
2118 // LogMsg("myKQSocketCallBack got packet from %#a to %#a on interface %#a/%s",
2119 // &senderAddr, &destAddr, &ss->info->ifinfo.ip, ss->info->ifinfo.ifname);
2121 // mDNSCoreReceive may close the socket we're reading from. We must break out of our
2122 // loop when that happens, or we may try to read from an invalid FD. We do this by
2123 // setting the closeFlag pointer in the socketset, so CloseSocketSet can inform us
2124 // if it closes the socketset.
2125 ss
->closeFlag
= &closed
;
2129 m
->p
->UDPProxyCallback(m
, &m
->p
->UDPProxy
, (unsigned char *)&m
->imsg
, (unsigned char*)&m
->imsg
+ err
, &senderAddr
,
2130 senderPort
, &destAddr
, ss
->port
, InterfaceID
, NULL
);
2134 mDNSCoreReceive(m
, &m
->imsg
, (unsigned char*)&m
->imsg
+ err
, &senderAddr
, senderPort
, &destAddr
, ss
->port
, InterfaceID
);
2137 // if we didn't close, we can safely dereference the socketset, and should to
2138 // reset the closeFlag, since it points to something on the stack
2139 if (!closed
) ss
->closeFlag
= mDNSNULL
;
2142 if (err
< 0 && (errno
!= EWOULDBLOCK
|| count
== 0))
2144 // Something is busted here.
2145 // kqueue says there is a packet, but myrecvfrom says there is not.
2146 // Try calling select() to get another opinion.
2147 // Find out about other socket parameter that can help understand why select() says the socket is ready for read
2148 // All of this is racy, as data may have arrived after the call to select()
2149 static unsigned int numLogMessages
= 0;
2150 int save_errno
= errno
;
2154 socklen_t solen
= sizeof(int);
2156 struct timeval timeout
;
2159 FD_SET(s1
, &readfds
);
2161 timeout
.tv_usec
= 0;
2162 selectresult
= select(s1
+1, &readfds
, NULL
, NULL
, &timeout
);
2163 if (getsockopt(s1
, SOL_SOCKET
, SO_ERROR
, &so_error
, &solen
) == -1)
2164 LogMsg("myKQSocketCallBack getsockopt(SO_ERROR) error %d", errno
);
2165 if (getsockopt(s1
, SOL_SOCKET
, SO_NREAD
, &so_nread
, &solen
) == -1)
2166 LogMsg("myKQSocketCallBack getsockopt(SO_NREAD) error %d", errno
);
2167 if (ioctl(s1
, FIONREAD
, &fionread
) == -1)
2168 LogMsg("myKQSocketCallBack ioctl(FIONREAD) error %d", errno
);
2169 if (numLogMessages
++ < 100)
2170 LogMsg("myKQSocketCallBack recvfrom skt %d error %d errno %d (%s) select %d (%spackets waiting) so_error %d so_nread %d fionread %d count %d",
2171 s1
, err
, save_errno
, strerror(save_errno
), selectresult
, FD_ISSET(s1
, &readfds
) ? "" : "*NO* ", so_error
, so_nread
, fionread
, count
);
2172 if (numLogMessages
> 5)
2173 NotifyOfElusiveBug("Flaw in Kernel (select/recvfrom mismatch)",
2174 "Congratulations, you've reproduced an elusive bug.\r"
2175 "Please contact the current assignee of <rdar://problem/3375328>.\r"
2176 "Alternatively, you can send email to radar-3387020@group.apple.com. (Note number is different.)\r"
2177 "If possible, please leave your machine undisturbed so that someone can come to investigate the problem.");
2179 sleep(1); // After logging this error, rate limit so we don't flood syslog
2183 mDNSlocal
void doTcpSocketCallback(TCPSocket
*sock
)
2185 mDNSBool c
= !sock
->connected
;
2186 sock
->connected
= mDNStrue
;
2187 sock
->callback(sock
, sock
->context
, c
, sock
->err
);
2188 // Note: the callback may call CloseConnection here, which frees the context structure!
2191 #ifndef NO_SECURITYFRAMEWORK
2193 mDNSlocal OSStatus
tlsWriteSock(SSLConnectionRef connection
, const void *data
, size_t *dataLength
)
2195 int ret
= send(((TCPSocket
*)connection
)->fd
, data
, *dataLength
, 0);
2196 if (ret
>= 0 && (size_t)ret
< *dataLength
) { *dataLength
= ret
; return(errSSLWouldBlock
); }
2197 if (ret
>= 0) { *dataLength
= ret
; return(noErr
); }
2199 if (errno
== EAGAIN
) return(errSSLWouldBlock
);
2200 if (errno
== ENOENT
) return(errSSLClosedGraceful
);
2201 if (errno
== EPIPE
|| errno
== ECONNRESET
) return(errSSLClosedAbort
);
2202 LogMsg("ERROR: tlsWriteSock: %d error %d (%s)\n", ((TCPSocket
*)connection
)->fd
, errno
, strerror(errno
));
2203 return(errSSLClosedAbort
);
2206 mDNSlocal OSStatus
tlsReadSock(SSLConnectionRef connection
, void *data
, size_t *dataLength
)
2208 int ret
= recv(((TCPSocket
*)connection
)->fd
, data
, *dataLength
, 0);
2209 if (ret
> 0 && (size_t)ret
< *dataLength
) { *dataLength
= ret
; return(errSSLWouldBlock
); }
2210 if (ret
> 0) { *dataLength
= ret
; return(noErr
); }
2212 if (ret
== 0 || errno
== ENOENT
) return(errSSLClosedGraceful
);
2213 if ( errno
== EAGAIN
) return(errSSLWouldBlock
);
2214 if ( errno
== ECONNRESET
) return(errSSLClosedAbort
);
2215 LogMsg("ERROR: tlsSockRead: error %d (%s)\n", errno
, strerror(errno
));
2216 return(errSSLClosedAbort
);
2219 mDNSlocal OSStatus
tlsSetupSock(TCPSocket
*sock
, SSLProtocolSide pside
, SSLConnectionType ctype
)
2221 char domname_cstr
[MAX_ESCAPED_DOMAIN_NAME
];
2223 sock
->tlsContext
= SSLCreateContext(kCFAllocatorDefault
, pside
, ctype
);
2224 if (!sock
->tlsContext
)
2226 LogMsg("ERROR: tlsSetupSock: SSLCreateContext failed");
2227 return(mStatus_UnknownErr
);
2230 mStatus err
= SSLSetIOFuncs(sock
->tlsContext
, tlsReadSock
, tlsWriteSock
);
2233 LogMsg("ERROR: tlsSetupSock: SSLSetIOFuncs failed with error code: %d", err
);
2237 err
= SSLSetConnection(sock
->tlsContext
, (SSLConnectionRef
) sock
);
2240 LogMsg("ERROR: tlsSetupSock: SSLSetConnection failed with error code: %d", err
);
2244 // Instead of listing all the acceptable ciphers, we just disable the bad ciphers. It does not disable
2245 // all the bad ciphers like RC4_MD5, but it assumes that the servers don't offer them.
2246 err
= SSLSetAllowAnonymousCiphers(sock
->tlsContext
, 0);
2249 LogMsg("ERROR: tlsSetupSock: SSLSetAllowAnonymousCiphers failed with error code: %d", err
);
2253 // We already checked for NULL in hostname and this should never happen. Hence, returning -1
2254 // (error not in OSStatus space) is okay.
2255 if (!sock
->hostname
.c
[0])
2257 LogMsg("ERROR: tlsSetupSock: hostname NULL");
2262 ConvertDomainNameToCString(&sock
->hostname
, domname_cstr
);
2263 err
= SSLSetPeerDomainName(sock
->tlsContext
, domname_cstr
, strlen(domname_cstr
));
2266 LogMsg("ERROR: tlsSetupSock: SSLSetPeerDomainname: %s failed with error code: %d", domname_cstr
, err
);
2273 if (sock
->tlsContext
)
2274 CFRelease(sock
->tlsContext
);
2278 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
2279 mDNSlocal
void doSSLHandshake(TCPSocket
*sock
)
2281 mStatus err
= SSLHandshake(sock
->tlsContext
);
2283 //Can't have multiple threads in mDNS core. When MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM is
2284 //defined, KQueueLock is a noop. Hence we need to serialize here
2286 //NOTE: We just can't serialize doTcpSocketCallback alone on the main queue.
2287 //We need the rest of the logic also. Otherwise, we can enable the READ
2288 //events below, dispatch a doTcpSocketCallback on the main queue. Assume it is
2289 //ConnFailed which means we are going to free the tcpInfo. While it
2290 //is waiting to be dispatched, another read event can come into tcpKQSocketCallback
2291 //and potentially call doTCPCallback with error which can close the fd and free the
2292 //tcpInfo. Later when the thread gets dispatched it will crash because the tcpInfo
2295 dispatch_async(dispatch_get_main_queue(), ^{
2297 LogInfo("doSSLHandshake %p: got lock", sock
); // Log *after* we get the lock
2299 if (sock
->handshake
== handshake_to_be_closed
)
2301 LogInfo("SSLHandshake completed after close");
2302 mDNSPlatformTCPCloseConnection(sock
);
2306 if (sock
->fd
!= -1) KQueueSet(sock
->fd
, EV_ADD
, EVFILT_READ
, sock
->kqEntry
);
2307 else LogMsg("doSSLHandshake: sock->fd is -1");
2309 if (err
== errSSLWouldBlock
)
2310 sock
->handshake
= handshake_required
;
2315 LogMsg("SSLHandshake failed: %d%s", err
, err
== errSSLPeerInternalError
? " (server busy)" : "");
2316 CFRelease(sock
->tlsContext
);
2317 sock
->tlsContext
= NULL
;
2320 sock
->err
= err
? mStatus_ConnFailed
: 0;
2321 sock
->handshake
= handshake_completed
;
2323 LogInfo("doSSLHandshake: %p calling doTcpSocketCallback fd %d", sock
, sock
->fd
);
2324 doTcpSocketCallback(sock
);
2328 LogInfo("SSLHandshake %p: dropping lock for fd %d", sock
, sock
->fd
);
2332 #else // MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
2333 mDNSlocal
void *doSSLHandshake(TCPSocket
*sock
)
2335 // Warning: Touching sock without the kqueue lock!
2336 // We're protected because sock->handshake == handshake_in_progress
2337 mDNS
* const m
= sock
->m
; // Get m now, as we may free sock if marked to be closed while we're waiting on SSLHandshake
2338 mStatus err
= SSLHandshake(sock
->tlsContext
);
2341 debugf("doSSLHandshake %p: got lock", sock
); // Log *after* we get the lock
2343 if (sock
->handshake
== handshake_to_be_closed
)
2345 LogInfo("SSLHandshake completed after close");
2346 mDNSPlatformTCPCloseConnection(sock
);
2350 if (sock
->fd
!= -1) KQueueSet(sock
->fd
, EV_ADD
, EVFILT_READ
, sock
->kqEntry
);
2351 else LogMsg("doSSLHandshake: sock->fd is -1");
2353 if (err
== errSSLWouldBlock
)
2354 sock
->handshake
= handshake_required
;
2359 LogMsg("SSLHandshake failed: %d%s", err
, err
== errSSLPeerInternalError
? " (server busy)" : "");
2360 CFRelease(sock
->tlsContext
);
2361 sock
->tlsContext
= NULL
;
2364 sock
->err
= err
? mStatus_ConnFailed
: 0;
2365 sock
->handshake
= handshake_completed
;
2367 debugf("doSSLHandshake: %p calling doTcpSocketCallback fd %d", sock
, sock
->fd
);
2368 doTcpSocketCallback(sock
);
2372 debugf("SSLHandshake %p: dropping lock for fd %d", sock
, sock
->fd
);
2373 KQueueUnlock(m
, "doSSLHandshake");
2376 #endif // MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
2378 mDNSlocal
void spawnSSLHandshake(TCPSocket
* sock
)
2380 debugf("spawnSSLHandshake %p: entry", sock
);
2382 if (sock
->handshake
!= handshake_required
) LogMsg("spawnSSLHandshake: handshake status not required: %d", sock
->handshake
);
2383 sock
->handshake
= handshake_in_progress
;
2384 KQueueSet(sock
->fd
, EV_DELETE
, EVFILT_READ
, sock
->kqEntry
);
2386 // Dispatch it on a separate queue to help avoid blocking other threads/queues, and
2387 // to limit the number of threads used for SSLHandshake
2388 dispatch_async(SSLqueue
, ^{doSSLHandshake(sock
);});
2390 debugf("spawnSSLHandshake %p: done for %d", sock
, sock
->fd
);
2393 #endif /* NO_SECURITYFRAMEWORK */
2395 mDNSlocal
void tcpKQSocketCallback(__unused
int fd
, short filter
, void *context
)
2397 TCPSocket
*sock
= context
;
2398 sock
->err
= mStatus_NoError
;
2400 //if (filter == EVFILT_READ ) LogMsg("myKQSocketCallBack: tcpKQSocketCallback %d is EVFILT_READ", filter);
2401 //if (filter == EVFILT_WRITE) LogMsg("myKQSocketCallBack: tcpKQSocketCallback %d is EVFILT_WRITE", filter);
2402 // EV_ONESHOT doesn't seem to work, so we add the filter with EV_ADD, and explicitly delete it here with EV_DELETE
2403 if (filter
== EVFILT_WRITE
)
2404 KQueueSet(sock
->fd
, EV_DELETE
, EVFILT_WRITE
, sock
->kqEntry
);
2406 if (sock
->flags
& kTCPSocketFlags_UseTLS
)
2408 #ifndef NO_SECURITYFRAMEWORK
2411 sock
->setup
= mDNStrue
;
2412 sock
->err
= tlsSetupSock(sock
, kSSLClientSide
, kSSLStreamType
);
2415 LogMsg("ERROR: tcpKQSocketCallback: tlsSetupSock failed with error code: %d", sock
->err
);
2419 if (sock
->handshake
== handshake_required
)
2421 spawnSSLHandshake(sock
);
2424 else if (sock
->handshake
== handshake_in_progress
|| sock
->handshake
== handshake_to_be_closed
)
2428 else if (sock
->handshake
!= handshake_completed
)
2431 sock
->err
= mStatus_UnknownErr
;
2432 LogMsg("tcpKQSocketCallback called with unexpected SSLHandshake status: %d", sock
->handshake
);
2434 #else /* NO_SECURITYFRAMEWORK */
2435 sock
->err
= mStatus_UnsupportedErr
;
2436 #endif /* NO_SECURITYFRAMEWORK */
2439 doTcpSocketCallback(sock
);
2442 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
2443 mDNSexport
int KQueueSet(int fd
, u_short flags
, short filter
, KQueueEntry
*const entryRef
)
2445 dispatch_queue_t queue
= dispatch_get_main_queue();
2446 dispatch_source_t source
;
2447 if (flags
== EV_DELETE
)
2449 if (filter
== EVFILT_READ
)
2451 dispatch_source_cancel(entryRef
->readSource
);
2452 dispatch_release(entryRef
->readSource
);
2453 entryRef
->readSource
= mDNSNULL
;
2454 debugf("KQueueSet: source cancel for read %p, %p", entryRef
->readSource
, entryRef
->writeSource
);
2456 else if (filter
== EVFILT_WRITE
)
2458 dispatch_source_cancel(entryRef
->writeSource
);
2459 dispatch_release(entryRef
->writeSource
);
2460 entryRef
->writeSource
= mDNSNULL
;
2461 debugf("KQueueSet: source cancel for write %p, %p", entryRef
->readSource
, entryRef
->writeSource
);
2464 LogMsg("KQueueSet: ERROR: Wrong filter value %d for EV_DELETE", filter
);
2467 if (flags
!= EV_ADD
) LogMsg("KQueueSet: Invalid flags %d", flags
);
2469 if (filter
== EVFILT_READ
)
2471 source
= dispatch_source_create(DISPATCH_SOURCE_TYPE_READ
, fd
, 0, queue
);
2473 else if (filter
== EVFILT_WRITE
)
2475 source
= dispatch_source_create(DISPATCH_SOURCE_TYPE_WRITE
, fd
, 0, queue
);
2479 LogMsg("KQueueSet: ERROR: Wrong filter value %d for EV_ADD", filter
);
2482 if (!source
) return -1;
2483 dispatch_source_set_event_handler(source
, ^{
2485 mDNSs32 stime
= mDNSPlatformRawTime();
2486 entryRef
->KQcallback(fd
, filter
, entryRef
->KQcontext
);
2487 mDNSs32 etime
= mDNSPlatformRawTime();
2488 if (etime
- stime
>= WatchDogReportingThreshold
)
2489 LogInfo("KQEntryCallback Block: WARNING: took %dms to complete", etime
- stime
);
2491 // Trigger the event delivery to the application. Even though we trigger the
2492 // event completion after handling every event source, these all will hopefully
2494 TriggerEventCompletion();
2497 dispatch_source_set_cancel_handler(source
, ^{
2498 if (entryRef
->fdClosed
)
2500 //LogMsg("CancelHandler: closing fd %d", fd);
2504 dispatch_resume(source
);
2505 if (filter
== EVFILT_READ
)
2506 entryRef
->readSource
= source
;
2508 entryRef
->writeSource
= source
;
2513 mDNSexport
void KQueueLock(mDNS
*const m
)
2517 mDNSexport
void KQueueUnlock(mDNS
*const m
, const char const *task
)
2520 (void)task
; //unused
2523 mDNSexport
int KQueueSet(int fd
, u_short flags
, short filter
, const KQueueEntry
*const entryRef
)
2525 struct kevent new_event
;
2526 EV_SET(&new_event
, fd
, filter
, flags
, 0, 0, (void*)entryRef
);
2527 return (kevent(KQueueFD
, &new_event
, 1, NULL
, 0, NULL
) < 0) ? errno
: 0;
2530 mDNSexport
void KQueueLock(mDNS
*const m
)
2532 pthread_mutex_lock(&m
->p
->BigMutex
);
2533 m
->p
->BigMutexStartTime
= mDNSPlatformRawTime();
2536 mDNSexport
void KQueueUnlock(mDNS
*const m
, const char* task
)
2538 mDNSs32 end
= mDNSPlatformRawTime();
2540 if (end
- m
->p
->BigMutexStartTime
>= WatchDogReportingThreshold
)
2541 LogInfo("WARNING: %s took %dms to complete", task
, end
- m
->p
->BigMutexStartTime
);
2543 pthread_mutex_unlock(&m
->p
->BigMutex
);
2546 if (send(m
->p
->WakeKQueueLoopFD
, &wake
, sizeof(wake
), 0) == -1)
2547 LogMsg("ERROR: KQueueWake: send failed with error code: %d (%s)", errno
, strerror(errno
));
2551 mDNSexport
void mDNSPlatformCloseFD(KQueueEntry
*kq
, int fd
)
2553 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
2557 dispatch_source_cancel(kq
->readSource
);
2558 kq
->readSource
= mDNSNULL
;
2560 if (kq
->writeSource
)
2562 dispatch_source_cancel(kq
->writeSource
);
2563 kq
->writeSource
= mDNSNULL
;
2565 // Close happens in the cancellation handler
2566 debugf("mDNSPlatformCloseFD: resetting sources for %d", fd
);
2567 kq
->fdClosed
= mDNStrue
;
2574 mDNSlocal mStatus
SetupTCPSocket(TCPSocket
*sock
, u_short sa_family
, mDNSIPPort
*port
, mDNSBool useBackgroundTrafficClass
)
2576 KQSocketSet
*cp
= &sock
->ss
;
2577 int *s
= (sa_family
== AF_INET
) ? &cp
->sktv4
: &cp
->sktv6
;
2578 KQueueEntry
*k
= (sa_family
== AF_INET
) ? &cp
->kqsv4
: &cp
->kqsv6
;
2579 const int on
= 1; // "on" for setsockopt
2582 int skt
= socket(sa_family
, SOCK_STREAM
, IPPROTO_TCP
);
2583 if (skt
< 3) { if (errno
!= EAFNOSUPPORT
) LogMsg("SetupTCPSocket: socket error %d errno %d (%s)", skt
, errno
, strerror(errno
));return(skt
); }
2585 // for TCP sockets, the traffic class is set once and not changed
2586 setTrafficClass(skt
, useBackgroundTrafficClass
);
2588 if (sa_family
== AF_INET
)
2591 struct sockaddr_in addr
;
2592 mDNSPlatformMemZero(&addr
, sizeof(addr
));
2593 addr
.sin_family
= AF_INET
;
2594 addr
.sin_port
= port
->NotAnInteger
;
2595 err
= bind(skt
, (struct sockaddr
*) &addr
, sizeof(addr
));
2596 if (err
< 0) { LogMsg("ERROR: bind %s", strerror(errno
)); return err
; }
2598 // Receive interface identifiers
2599 err
= setsockopt(skt
, IPPROTO_IP
, IP_RECVIF
, &on
, sizeof(on
));
2600 if (err
< 0) { LogMsg("setsockopt IP_RECVIF - %s", strerror(errno
)); return err
; }
2602 mDNSPlatformMemZero(&addr
, sizeof(addr
));
2603 socklen_t len
= sizeof(addr
);
2604 err
= getsockname(skt
, (struct sockaddr
*) &addr
, &len
);
2605 if (err
< 0) { LogMsg("getsockname - %s", strerror(errno
)); return err
; }
2607 port
->NotAnInteger
= addr
.sin_port
;
2612 struct sockaddr_in6 addr6
;
2613 mDNSPlatformMemZero(&addr6
, sizeof(addr6
));
2614 addr6
.sin6_family
= AF_INET6
;
2615 addr6
.sin6_port
= port
->NotAnInteger
;
2616 err
= bind(skt
, (struct sockaddr
*) &addr6
, sizeof(addr6
));
2617 if (err
< 0) { LogMsg("ERROR: bind6 %s", strerror(errno
)); return err
; }
2619 // We want to receive destination addresses and receive interface identifiers
2620 err
= setsockopt(skt
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &on
, sizeof(on
));
2621 if (err
< 0) { LogMsg("ERROR: setsockopt IPV6_RECVPKTINFO %s", strerror(errno
)); return err
; }
2623 mDNSPlatformMemZero(&addr6
, sizeof(addr6
));
2624 socklen_t len
= sizeof(addr6
);
2625 err
= getsockname(skt
, (struct sockaddr
*) &addr6
, &len
);
2626 if (err
< 0) { LogMsg("getsockname6 - %s", strerror(errno
)); return err
; }
2628 port
->NotAnInteger
= addr6
.sin6_port
;
2632 k
->KQcallback
= tcpKQSocketCallback
;
2633 k
->KQcontext
= sock
;
2634 k
->KQtask
= "mDNSPlatformTCPSocket";
2635 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
2636 k
->readSource
= mDNSNULL
;
2637 k
->writeSource
= mDNSNULL
;
2638 k
->fdClosed
= mDNSfalse
;
2640 return mStatus_NoError
;
2643 mDNSexport TCPSocket
*mDNSPlatformTCPSocket(mDNS
*const m
, TCPSocketFlags flags
, mDNSIPPort
*port
, mDNSBool useBackgroundTrafficClass
)
2648 TCPSocket
*sock
= mallocL("TCPSocket/mDNSPlatformTCPSocket", sizeof(TCPSocket
));
2649 if (!sock
) { LogMsg("mDNSPlatformTCPSocket: memory allocation failure"); return(mDNSNULL
); }
2651 mDNSPlatformMemZero(sock
, sizeof(TCPSocket
));
2654 sock
->ss
.sktv4
= -1;
2655 sock
->ss
.sktv6
= -1;
2656 err
= SetupTCPSocket(sock
, AF_INET
, port
, useBackgroundTrafficClass
);
2660 err
= SetupTCPSocket(sock
, AF_INET6
, port
, useBackgroundTrafficClass
);
2661 if (err
) { mDNSPlatformCloseFD(&sock
->ss
.kqsv4
, sock
->ss
.sktv4
); sock
->ss
.sktv4
= -1; }
2665 LogMsg("mDNSPlatformTCPSocket: socket error %d errno %d (%s)", sock
->fd
, errno
, strerror(errno
));
2666 freeL("TCPSocket/mDNSPlatformTCPSocket", sock
);
2669 // sock->fd is used as the default fd if the caller does not call mDNSPlatformTCPConnect
2670 sock
->fd
= sock
->ss
.sktv4
;
2671 sock
->callback
= mDNSNULL
;
2672 sock
->flags
= flags
;
2673 sock
->context
= mDNSNULL
;
2674 sock
->setup
= mDNSfalse
;
2675 sock
->connected
= mDNSfalse
;
2676 sock
->handshake
= handshake_required
;
2678 sock
->err
= mStatus_NoError
;
2683 mDNSexport mStatus
mDNSPlatformTCPConnect(TCPSocket
*sock
, const mDNSAddr
*dst
, mDNSOpaque16 dstport
, domainname
*hostname
, mDNSInterfaceID InterfaceID
, TCPConnectionCallback callback
, void *context
)
2685 KQSocketSet
*cp
= &sock
->ss
;
2686 int *s
= (dst
->type
== mDNSAddrType_IPv4
) ? &cp
->sktv4
: &cp
->sktv6
;
2687 KQueueEntry
*k
= (dst
->type
== mDNSAddrType_IPv4
) ? &cp
->kqsv4
: &cp
->kqsv6
;
2688 mStatus err
= mStatus_NoError
;
2689 struct sockaddr_storage ss
;
2691 sock
->callback
= callback
;
2692 sock
->context
= context
;
2693 sock
->setup
= mDNSfalse
;
2694 sock
->connected
= mDNSfalse
;
2695 sock
->handshake
= handshake_required
;
2696 sock
->err
= mStatus_NoError
;
2698 if (hostname
) { debugf("mDNSPlatformTCPConnect: hostname %##s", hostname
->c
); AssignDomainName(&sock
->hostname
, hostname
); }
2700 if (dst
->type
== mDNSAddrType_IPv4
)
2702 struct sockaddr_in
*saddr
= (struct sockaddr_in
*)&ss
;
2703 mDNSPlatformMemZero(saddr
, sizeof(*saddr
));
2704 saddr
->sin_family
= AF_INET
;
2705 saddr
->sin_port
= dstport
.NotAnInteger
;
2706 saddr
->sin_len
= sizeof(*saddr
);
2707 saddr
->sin_addr
.s_addr
= dst
->ip
.v4
.NotAnInteger
;
2711 struct sockaddr_in6
*saddr6
= (struct sockaddr_in6
*)&ss
;
2712 mDNSPlatformMemZero(saddr6
, sizeof(*saddr6
));
2713 saddr6
->sin6_family
= AF_INET6
;
2714 saddr6
->sin6_port
= dstport
.NotAnInteger
;
2715 saddr6
->sin6_len
= sizeof(*saddr6
);
2716 saddr6
->sin6_addr
= *(struct in6_addr
*)&dst
->ip
.v6
;
2719 // Watch for connect complete (write is ready)
2720 // EV_ONESHOT doesn't seem to work, so we add the filter with EV_ADD, and explicitly delete it in tcpKQSocketCallback using EV_DELETE
2721 if (KQueueSet(*s
, EV_ADD
/* | EV_ONESHOT */, EVFILT_WRITE
, k
))
2723 LogMsg("ERROR: mDNSPlatformTCPConnect - KQueueSet failed");
2727 // Watch for incoming data
2728 if (KQueueSet(*s
, EV_ADD
, EVFILT_READ
, k
))
2730 LogMsg("ERROR: mDNSPlatformTCPConnect - KQueueSet failed");
2734 if (fcntl(*s
, F_SETFL
, fcntl(*s
, F_GETFL
, 0) | O_NONBLOCK
) < 0) // set non-blocking
2736 LogMsg("ERROR: setsockopt O_NONBLOCK - %s", strerror(errno
));
2737 return mStatus_UnknownErr
;
2740 // We bind to the interface and all subsequent packets including the SYN will be sent out
2741 // on this interface
2743 // Note: If we are in Active Directory domain, we may try TCP (if the response can't fit in
2744 // UDP). mDNSInterface_Unicast indicates this case and not a valid interface.
2745 if (InterfaceID
&& InterfaceID
!= mDNSInterface_Unicast
)
2747 NetworkInterfaceInfoOSX
*info
= IfindexToInterfaceInfoOSX(&mDNSStorage
, InterfaceID
);
2748 if (dst
->type
== mDNSAddrType_IPv4
)
2751 if (info
) setsockopt(*s
, IPPROTO_IP
, IP_BOUND_IF
, &info
->scope_id
, sizeof(info
->scope_id
));
2752 else { LogMsg("mDNSPlatformTCPConnect: Invalid interface index %p", InterfaceID
); return mStatus_BadParamErr
; }
2754 (void)InterfaceID
; // Unused
2755 (void)info
; // Unused
2760 #ifdef IPV6_BOUND_IF
2761 if (info
) setsockopt(*s
, IPPROTO_IPV6
, IPV6_BOUND_IF
, &info
->scope_id
, sizeof(info
->scope_id
));
2762 else { LogMsg("mDNSPlatformTCPConnect: Invalid interface index %p", InterfaceID
); return mStatus_BadParamErr
; }
2764 (void)InterfaceID
; // Unused
2765 (void)info
; // Unused
2770 // mDNSPlatformReadTCP/WriteTCP (unlike the UDP counterpart) does not provide the destination address
2771 // from which we can infer the destination address family. Hence we need to remember that here.
2772 // Instead of remembering the address family, we remember the right fd.
2775 // initiate connection wth peer
2776 if (connect(*s
, (struct sockaddr
*)&ss
, ss
.ss_len
) < 0)
2778 if (errno
== EINPROGRESS
) return mStatus_ConnPending
;
2779 if (errno
== EHOSTUNREACH
|| errno
== EADDRNOTAVAIL
|| errno
== ENETDOWN
)
2780 LogInfo("ERROR: mDNSPlatformTCPConnect - connect failed: socket %d: Error %d (%s)", sock
->fd
, errno
, strerror(errno
));
2782 LogMsg("ERROR: mDNSPlatformTCPConnect - connect failed: socket %d: Error %d (%s) length %d", sock
->fd
, errno
, strerror(errno
), ss
.ss_len
);
2783 return mStatus_ConnFailed
;
2786 LogMsg("NOTE: mDNSPlatformTCPConnect completed synchronously");
2787 // kQueue should notify us, but this LogMsg is to help track down if it doesn't
2791 // Why doesn't mDNSPlatformTCPAccept actually call accept() ?
2792 mDNSexport TCPSocket
*mDNSPlatformTCPAccept(TCPSocketFlags flags
, int fd
)
2794 mStatus err
= mStatus_NoError
;
2796 TCPSocket
*sock
= mallocL("TCPSocket/mDNSPlatformTCPAccept", sizeof(TCPSocket
));
2797 if (!sock
) return(mDNSNULL
);
2799 mDNSPlatformMemZero(sock
, sizeof(*sock
));
2801 sock
->flags
= flags
;
2803 if (flags
& kTCPSocketFlags_UseTLS
)
2805 #ifndef NO_SECURITYFRAMEWORK
2806 if (!ServerCerts
) { LogMsg("ERROR: mDNSPlatformTCPAccept: unable to find TLS certificates"); err
= mStatus_UnknownErr
; goto exit
; }
2808 err
= tlsSetupSock(sock
, kSSLServerSide
, kSSLStreamType
);
2809 if (err
) { LogMsg("ERROR: mDNSPlatformTCPAccept: tlsSetupSock failed with error code: %d", err
); goto exit
; }
2811 err
= SSLSetCertificate(sock
->tlsContext
, ServerCerts
);
2812 if (err
) { LogMsg("ERROR: mDNSPlatformTCPAccept: SSLSetCertificate failed with error code: %d", err
); goto exit
; }
2814 err
= mStatus_UnsupportedErr
;
2815 #endif /* NO_SECURITYFRAMEWORK */
2817 #ifndef NO_SECURITYFRAMEWORK
2821 if (err
) { freeL("TCPSocket/mDNSPlatformTCPAccept", sock
); return(mDNSNULL
); }
2825 mDNSexport mDNSu16
mDNSPlatformGetUDPPort(UDPSocket
*sock
)
2832 port
= sock
->ss
.port
.NotAnInteger
;
2837 mDNSlocal
void CloseSocketSet(KQSocketSet
*ss
)
2839 if (ss
->sktv4
!= -1)
2841 mDNSPlatformCloseFD(&ss
->kqsv4
, ss
->sktv4
);
2844 if (ss
->sktv6
!= -1)
2846 mDNSPlatformCloseFD(&ss
->kqsv6
, ss
->sktv6
);
2849 if (ss
->closeFlag
) *ss
->closeFlag
= 1;
2852 mDNSexport
void mDNSPlatformTCPCloseConnection(TCPSocket
*sock
)
2856 #ifndef NO_SECURITYFRAMEWORK
2857 if (sock
->tlsContext
)
2859 if (sock
->handshake
== handshake_in_progress
) // SSLHandshake thread using this sock (esp. tlsContext)
2861 LogInfo("mDNSPlatformTCPCloseConnection: called while handshake in progress");
2862 // When we come back from SSLHandshake, we will notice that a close was here and
2863 // call this function again which will do the cleanup then.
2864 sock
->handshake
= handshake_to_be_closed
;
2868 SSLClose(sock
->tlsContext
);
2869 CFRelease(sock
->tlsContext
);
2870 sock
->tlsContext
= NULL
;
2872 #endif /* NO_SECURITYFRAMEWORK */
2873 if (sock
->ss
.sktv4
!= -1)
2874 shutdown(sock
->ss
.sktv4
, 2);
2875 if (sock
->ss
.sktv6
!= -1)
2876 shutdown(sock
->ss
.sktv6
, 2);
2877 CloseSocketSet(&sock
->ss
);
2880 freeL("TCPSocket/mDNSPlatformTCPCloseConnection", sock
);
2884 mDNSexport
long mDNSPlatformReadTCP(TCPSocket
*sock
, void *buf
, unsigned long buflen
, mDNSBool
*closed
)
2887 *closed
= mDNSfalse
;
2889 if (sock
->flags
& kTCPSocketFlags_UseTLS
)
2891 #ifndef NO_SECURITYFRAMEWORK
2892 if (sock
->handshake
== handshake_required
) { LogMsg("mDNSPlatformReadTCP called while handshake required"); return 0; }
2893 else if (sock
->handshake
== handshake_in_progress
) return 0;
2894 else if (sock
->handshake
!= handshake_completed
) LogMsg("mDNSPlatformReadTCP called with unexpected SSLHandshake status: %d", sock
->handshake
);
2896 //LogMsg("Starting SSLRead %d %X", sock->fd, fcntl(sock->fd, F_GETFL, 0));
2897 mStatus err
= SSLRead(sock
->tlsContext
, buf
, buflen
, (size_t *)&nread
);
2898 //LogMsg("SSLRead returned %d (%d) nread %d buflen %d", err, errSSLWouldBlock, nread, buflen);
2899 if (err
== errSSLClosedGraceful
) { nread
= 0; *closed
= mDNStrue
; }
2900 else if (err
&& err
!= errSSLWouldBlock
)
2901 { LogMsg("ERROR: mDNSPlatformReadTCP - SSLRead: %d", err
); nread
= -1; *closed
= mDNStrue
; }
2905 #endif /* NO_SECURITYFRAMEWORK */
2909 static int CLOSEDcount
= 0;
2910 static int EAGAINcount
= 0;
2911 nread
= recv(sock
->fd
, buf
, buflen
, 0);
2917 } // On success, clear our error counters
2918 else if (nread
== 0)
2921 if ((++CLOSEDcount
% 1000) == 0)
2923 LogMsg("ERROR: mDNSPlatformReadTCP - recv %d got CLOSED %d times", sock
->fd
, CLOSEDcount
);
2924 assert(CLOSEDcount
< 1000);
2925 // Recovery Mechanism to bail mDNSResponder out of trouble: Instead of logging the same error msg multiple times,
2926 // crash mDNSResponder using assert() and restart fresh. See advantages below:
2927 // 1.Better User Experience
2928 // 2.CrashLogs frequency can be monitored
2929 // 3.StackTrace can be used for more info
2932 // else nread is negative -- see what kind of error we got
2933 else if (errno
== ECONNRESET
) { nread
= 0; *closed
= mDNStrue
; }
2934 else if (errno
!= EAGAIN
) { LogMsg("ERROR: mDNSPlatformReadTCP - recv: %d (%s)", errno
, strerror(errno
)); nread
= -1; }
2935 else // errno is EAGAIN (EWOULDBLOCK) -- no data available
2938 if ((++EAGAINcount
% 1000) == 0) { LogMsg("ERROR: mDNSPlatformReadTCP - recv %d got EAGAIN %d times", sock
->fd
, EAGAINcount
); sleep(1); }
2945 mDNSexport
long mDNSPlatformWriteTCP(TCPSocket
*sock
, const char *msg
, unsigned long len
)
2949 if (sock
->flags
& kTCPSocketFlags_UseTLS
)
2951 #ifndef NO_SECURITYFRAMEWORK
2953 if (sock
->handshake
== handshake_required
) { LogMsg("mDNSPlatformWriteTCP called while handshake required"); return 0; }
2954 if (sock
->handshake
== handshake_in_progress
) return 0;
2955 else if (sock
->handshake
!= handshake_completed
) LogMsg("mDNSPlatformWriteTCP called with unexpected SSLHandshake status: %d", sock
->handshake
);
2957 mStatus err
= SSLWrite(sock
->tlsContext
, msg
, len
, &processed
);
2959 if (!err
) nsent
= (int) processed
;
2960 else if (err
== errSSLWouldBlock
) nsent
= 0;
2961 else { LogMsg("ERROR: mDNSPlatformWriteTCP - SSLWrite returned %d", err
); nsent
= -1; }
2964 #endif /* NO_SECURITYFRAMEWORK */
2968 nsent
= send(sock
->fd
, msg
, len
, 0);
2971 if (errno
== EAGAIN
) nsent
= 0;
2972 else { LogMsg("ERROR: mDNSPlatformWriteTCP - send %s", strerror(errno
)); nsent
= -1; }
2979 mDNSexport
int mDNSPlatformTCPGetFD(TCPSocket
*sock
)
2984 // If mDNSIPPort port is non-zero, then it's a multicast socket on the specified interface
2985 // If mDNSIPPort port is zero, then it's a randomly assigned port number, used for sending unicast queries
2986 mDNSlocal mStatus
SetupSocket(KQSocketSet
*cp
, const mDNSIPPort port
, u_short sa_family
, mDNSIPPort
*const outport
)
2988 int *s
= (sa_family
== AF_INET
) ? &cp
->sktv4
: &cp
->sktv6
;
2989 KQueueEntry
*k
= (sa_family
== AF_INET
) ? &cp
->kqsv4
: &cp
->kqsv6
;
2991 const int twofivefive
= 255;
2992 mStatus err
= mStatus_NoError
;
2993 char *errstr
= mDNSNULL
;
2996 cp
->closeFlag
= mDNSNULL
;
2998 int skt
= socket(sa_family
, SOCK_DGRAM
, IPPROTO_UDP
);
2999 if (skt
< 3) { if (errno
!= EAFNOSUPPORT
) LogMsg("SetupSocket: socket error %d errno %d (%s)", skt
, errno
, strerror(errno
));return(skt
); }
3001 // set default traffic class
3002 setTrafficClass(skt
, mDNSfalse
);
3004 #ifdef SO_RECV_ANYIF
3005 // Enable inbound packets on IFEF_AWDL interface.
3006 // Only done for multicast sockets, since we don't expect unicast socket operations
3007 // on the IFEF_AWDL interface. Operation is a no-op for other interface types.
3008 if (mDNSSameIPPort(port
, MulticastDNSPort
))
3010 err
= setsockopt(skt
, SOL_SOCKET
, SO_RECV_ANYIF
, &on
, sizeof(on
));
3011 if (err
< 0) { errstr
= "setsockopt - SO_RECV_ANYIF"; goto fail
; }
3013 #endif // SO_RECV_ANYIF
3015 // ... with a shared UDP port, if it's for multicast receiving
3016 if (mDNSSameIPPort(port
, MulticastDNSPort
) || mDNSSameIPPort(port
, NATPMPAnnouncementPort
))
3018 err
= setsockopt(skt
, SOL_SOCKET
, SO_REUSEPORT
, &on
, sizeof(on
));
3019 if (err
< 0) { errstr
= "setsockopt - SO_REUSEPORT"; goto fail
; }
3022 if (sa_family
== AF_INET
)
3024 // We want to receive destination addresses
3025 err
= setsockopt(skt
, IPPROTO_IP
, IP_RECVDSTADDR
, &on
, sizeof(on
));
3026 if (err
< 0) { errstr
= "setsockopt - IP_RECVDSTADDR"; goto fail
; }
3028 // We want to receive interface identifiers
3029 err
= setsockopt(skt
, IPPROTO_IP
, IP_RECVIF
, &on
, sizeof(on
));
3030 if (err
< 0) { errstr
= "setsockopt - IP_RECVIF"; goto fail
; }
3032 // We want to receive packet TTL value so we can check it
3033 err
= setsockopt(skt
, IPPROTO_IP
, IP_RECVTTL
, &on
, sizeof(on
));
3034 // We ignore errors here -- we already know Jaguar doesn't support this, but we can get by without it
3036 // Send unicast packets with TTL 255
3037 err
= setsockopt(skt
, IPPROTO_IP
, IP_TTL
, &twofivefive
, sizeof(twofivefive
));
3038 if (err
< 0) { errstr
= "setsockopt - IP_TTL"; goto fail
; }
3040 // And multicast packets with TTL 255 too
3041 err
= setsockopt(skt
, IPPROTO_IP
, IP_MULTICAST_TTL
, &twofivefive
, sizeof(twofivefive
));
3042 if (err
< 0) { errstr
= "setsockopt - IP_MULTICAST_TTL"; goto fail
; }
3044 // And start listening for packets
3045 struct sockaddr_in listening_sockaddr
;
3046 listening_sockaddr
.sin_family
= AF_INET
;
3047 listening_sockaddr
.sin_port
= port
.NotAnInteger
; // Pass in opaque ID without any byte swapping
3048 listening_sockaddr
.sin_addr
.s_addr
= mDNSSameIPPort(port
, NATPMPAnnouncementPort
) ? AllHosts_v4
.NotAnInteger
: 0;
3049 err
= bind(skt
, (struct sockaddr
*) &listening_sockaddr
, sizeof(listening_sockaddr
));
3050 if (err
) { errstr
= "bind"; goto fail
; }
3051 if (outport
) outport
->NotAnInteger
= listening_sockaddr
.sin_port
;
3053 else if (sa_family
== AF_INET6
)
3055 // NAT-PMP Announcements make no sense on IPv6, and we don't support IPv6 for PCP, so bail early w/o error
3056 if (mDNSSameIPPort(port
, NATPMPAnnouncementPort
)) { if (outport
) *outport
= zeroIPPort
;return mStatus_NoError
; }
3058 // We want to receive destination addresses and receive interface identifiers
3059 err
= setsockopt(skt
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &on
, sizeof(on
));
3060 if (err
< 0) { errstr
= "setsockopt - IPV6_RECVPKTINFO"; goto fail
; }
3062 // We want to receive packet hop count value so we can check it
3063 err
= setsockopt(skt
, IPPROTO_IPV6
, IPV6_RECVHOPLIMIT
, &on
, sizeof(on
));
3064 if (err
< 0) { errstr
= "setsockopt - IPV6_RECVHOPLIMIT"; goto fail
; }
3066 // We want to receive only IPv6 packets. Without this option we get IPv4 packets too,
3067 // with mapped addresses of the form 0:0:0:0:0:FFFF:xxxx:xxxx, where xxxx:xxxx is the IPv4 address
3068 err
= setsockopt(skt
, IPPROTO_IPV6
, IPV6_V6ONLY
, &on
, sizeof(on
));
3069 if (err
< 0) { errstr
= "setsockopt - IPV6_V6ONLY"; goto fail
; }
3071 // Send unicast packets with TTL 255
3072 err
= setsockopt(skt
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &twofivefive
, sizeof(twofivefive
));
3073 if (err
< 0) { errstr
= "setsockopt - IPV6_UNICAST_HOPS"; goto fail
; }
3075 // And multicast packets with TTL 255 too
3076 err
= setsockopt(skt
, IPPROTO_IPV6
, IPV6_MULTICAST_HOPS
, &twofivefive
, sizeof(twofivefive
));
3077 if (err
< 0) { errstr
= "setsockopt - IPV6_MULTICAST_HOPS"; goto fail
; }
3079 // Want to receive our own packets
3080 err
= setsockopt(skt
, IPPROTO_IPV6
, IPV6_MULTICAST_LOOP
, &on
, sizeof(on
));
3081 if (err
< 0) { errstr
= "setsockopt - IPV6_MULTICAST_LOOP"; goto fail
; }
3083 // Disable default option to send mDNSv6 packets at min IPv6 MTU: RFC 3542, Sec 11
3084 err
= setsockopt(skt
, IPPROTO_IPV6
, IPV6_USE_MIN_MTU
, &mtu
, sizeof(mtu
));
3085 if (err
< 0) // Since it is an optimization if we fail just log the err, no need to close the skt
3086 LogMsg("SetupSocket: setsockopt - IPV6_USE_MIN_MTU: IP6PO_MINMTU_DISABLE socket %d err %d errno %d (%s)",
3087 skt
, err
, errno
, strerror(errno
));
3089 // And start listening for packets
3090 struct sockaddr_in6 listening_sockaddr6
;
3091 mDNSPlatformMemZero(&listening_sockaddr6
, sizeof(listening_sockaddr6
));
3092 listening_sockaddr6
.sin6_len
= sizeof(listening_sockaddr6
);
3093 listening_sockaddr6
.sin6_family
= AF_INET6
;
3094 listening_sockaddr6
.sin6_port
= port
.NotAnInteger
; // Pass in opaque ID without any byte swapping
3095 listening_sockaddr6
.sin6_flowinfo
= 0;
3096 listening_sockaddr6
.sin6_addr
= in6addr_any
; // Want to receive multicasts AND unicasts on this socket
3097 listening_sockaddr6
.sin6_scope_id
= 0;
3098 err
= bind(skt
, (struct sockaddr
*) &listening_sockaddr6
, sizeof(listening_sockaddr6
));
3099 if (err
) { errstr
= "bind"; goto fail
; }
3100 if (outport
) outport
->NotAnInteger
= listening_sockaddr6
.sin6_port
;
3103 fcntl(skt
, F_SETFL
, fcntl(skt
, F_GETFL
, 0) | O_NONBLOCK
); // set non-blocking
3104 fcntl(skt
, F_SETFD
, 1); // set close-on-exec
3106 k
->KQcallback
= myKQSocketCallBack
;
3108 k
->KQtask
= "UDP packet reception";
3109 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
3110 k
->readSource
= mDNSNULL
;
3111 k
->writeSource
= mDNSNULL
;
3112 k
->fdClosed
= mDNSfalse
;
3114 KQueueSet(*s
, EV_ADD
, EVFILT_READ
, k
);
3119 // For "bind" failures, only write log messages for our shared mDNS port, or for binding to zero
3120 if (strcmp(errstr
, "bind") || mDNSSameIPPort(port
, MulticastDNSPort
) || mDNSIPPortIsZero(port
))
3121 LogMsg("%s skt %d port %d error %d errno %d (%s)", errstr
, skt
, mDNSVal16(port
), err
, errno
, strerror(errno
));
3123 // If we got a "bind" failure of EADDRINUSE, inform the caller as it might need to try another random port
3124 if (!strcmp(errstr
, "bind") && errno
== EADDRINUSE
)
3127 if (mDNSSameIPPort(port
, MulticastDNSPort
))
3128 NotifyOfElusiveBug("Setsockopt SO_REUSEPORT failed",
3129 "Congratulations, you've reproduced an elusive bug.\r"
3130 "Please contact the current assignee of <rdar://problem/3814904>.\r"
3131 "Alternatively, you can send email to radar-3387020@group.apple.com. (Note number is different.)\r"
3132 "If possible, please leave your machine undisturbed so that someone can come to investigate the problem.");
3135 mDNSPlatformCloseFD(k
, skt
);
3139 mDNSexport UDPSocket
*mDNSPlatformUDPSocket(mDNS
*const m
, const mDNSIPPort requestedport
)
3142 mDNSIPPort port
= requestedport
;
3143 mDNSBool randomizePort
= mDNSIPPortIsZero(requestedport
);
3144 int i
= 10000; // Try at most 10000 times to get a unique random port
3145 UDPSocket
*p
= mallocL("UDPSocket", sizeof(UDPSocket
));
3146 if (!p
) { LogMsg("mDNSPlatformUDPSocket: memory exhausted"); return(mDNSNULL
); }
3147 mDNSPlatformMemZero(p
, sizeof(UDPSocket
));
3148 p
->ss
.port
= zeroIPPort
;
3152 p
->ss
.proxy
= mDNSfalse
;
3156 // The kernel doesn't do cryptographically strong random port allocation, so we do it ourselves here
3157 if (randomizePort
) port
= mDNSOpaque16fromIntVal(0xC000 + mDNSRandom(0x3FFF));
3158 err
= SetupSocket(&p
->ss
, port
, AF_INET
, &p
->ss
.port
);
3161 err
= SetupSocket(&p
->ss
, port
, AF_INET6
, &p
->ss
.port
);
3162 if (err
) { mDNSPlatformCloseFD(&p
->ss
.kqsv4
, p
->ss
.sktv4
); p
->ss
.sktv4
= -1; }
3165 } while (err
== EADDRINUSE
&& randomizePort
&& i
);
3169 // In customer builds we don't want to log failures with port 5351, because this is a known issue
3170 // of failing to bind to this port when Internet Sharing has already bound to it
3171 // We also don't want to log about port 5350, due to a known bug when some other
3172 // process is bound to it.
3173 if (mDNSSameIPPort(requestedport
, NATPMPPort
) || mDNSSameIPPort(requestedport
, NATPMPAnnouncementPort
))
3174 LogInfo("mDNSPlatformUDPSocket: SetupSocket %d failed error %d errno %d (%s)", mDNSVal16(requestedport
), err
, errno
, strerror(errno
));
3175 else LogMsg("mDNSPlatformUDPSocket: SetupSocket %d failed error %d errno %d (%s)", mDNSVal16(requestedport
), err
, errno
, strerror(errno
));
3176 freeL("UDPSocket", p
);
3182 mDNSexport
void mDNSPlatformUDPClose(UDPSocket
*sock
)
3184 CloseSocketSet(&sock
->ss
);
3185 freeL("UDPSocket", sock
);
3188 #if COMPILER_LIKES_PRAGMA_MARK
3190 #pragma mark - BPF Raw packet sending/receiving
3193 #if APPLE_OSX_mDNSResponder
3195 mDNSexport
void mDNSPlatformSendRawPacket(const void *const msg
, const mDNSu8
*const end
, mDNSInterfaceID InterfaceID
)
3197 if (!InterfaceID
) { LogMsg("mDNSPlatformSendRawPacket: No InterfaceID specified"); return; }
3198 NetworkInterfaceInfoOSX
*info
;
3200 info
= IfindexToInterfaceInfoOSX(&mDNSStorage
, InterfaceID
);
3203 LogMsg("mDNSPlatformSendUDP: Invalid interface index %p", InterfaceID
);
3206 if (info
->BPF_fd
< 0)
3207 LogMsg("mDNSPlatformSendRawPacket: %s BPF_fd %d not ready", info
->ifinfo
.ifname
, info
->BPF_fd
);
3210 //LogMsg("mDNSPlatformSendRawPacket %d bytes on %s", end - (mDNSu8 *)msg, info->ifinfo.ifname);
3211 if (write(info
->BPF_fd
, msg
, end
- (mDNSu8
*)msg
) < 0)
3212 LogMsg("mDNSPlatformSendRawPacket: BPF write(%d) failed %d (%s)", info
->BPF_fd
, errno
, strerror(errno
));
3216 mDNSexport
void mDNSPlatformSetLocalAddressCacheEntry(mDNS
*const m
, const mDNSAddr
*const tpa
, const mDNSEthAddr
*const tha
, mDNSInterfaceID InterfaceID
)
3218 if (!InterfaceID
) { LogMsg("mDNSPlatformSetLocalAddressCacheEntry: No InterfaceID specified"); return; }
3219 NetworkInterfaceInfoOSX
*info
;
3220 info
= IfindexToInterfaceInfoOSX(m
, InterfaceID
);
3221 if (info
== NULL
) { LogMsg("mDNSPlatformSetLocalAddressCacheEntry: Invalid interface index %p", InterfaceID
); return; }
3222 // Manually inject an entry into our local ARP cache.
3223 // (We can't do this by sending an ARP broadcast, because the kernel only pays attention to incoming ARP packets, not outgoing.)
3224 if (!mDNS_AddressIsLocalSubnet(m
, InterfaceID
, tpa
, mDNSNULL
))
3225 LogSPS("Don't need address cache entry for %s %#a %.6a", info
->ifinfo
.ifname
, tpa
, tha
);
3228 int result
= mDNSSetLocalAddressCacheEntry(info
->scope_id
, tpa
->type
, tpa
->ip
.v6
.b
, tha
->b
);
3229 if (result
) LogMsg("Set local address cache entry for %s %#a %.6a failed: %d", info
->ifinfo
.ifname
, tpa
, tha
, result
);
3230 else LogSPS("Set local address cache entry for %s %#a %.6a", info
->ifinfo
.ifname
, tpa
, tha
);
3234 mDNSlocal
void CloseBPF(NetworkInterfaceInfoOSX
*const i
)
3236 LogSPS("%s closing BPF fd %d", i
->ifinfo
.ifname
, i
->BPF_fd
);
3237 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
3238 // close will happen in the cancel handler
3239 dispatch_source_cancel(i
->BPF_source
);
3242 // Note: MUST NOT close() the underlying native BSD sockets.
3243 // CFSocketInvalidate() will do that for us, in its own good time, which may not necessarily be immediately, because
3244 // it first has to unhook the sockets from its select() call on its other thread, before it can safely close them.
3245 CFRunLoopRemoveSource(i
->m
->p
->CFRunLoop
, i
->BPF_rls
, kCFRunLoopDefaultMode
);
3246 CFRelease(i
->BPF_rls
);
3247 CFSocketInvalidate(i
->BPF_cfs
);
3248 CFRelease(i
->BPF_cfs
);
3251 if (i
->BPF_mcfd
>= 0) { close(i
->BPF_mcfd
); i
->BPF_mcfd
= -1; }
3254 mDNSlocal
void bpf_callback_common(NetworkInterfaceInfoOSX
*info
)
3256 KQueueLock(info
->m
);
3258 // Now we've got the lock, make sure the kqueue thread didn't close the fd out from under us (will not be a problem once the OS X
3259 // kernel has a mechanism for dispatching all events to a single thread, but for now we have to guard against this race condition).
3260 if (info
->BPF_fd
< 0) goto exit
;
3262 ssize_t n
= read(info
->BPF_fd
, &info
->m
->imsg
, info
->BPF_len
);
3263 const mDNSu8
*ptr
= (const mDNSu8
*)&info
->m
->imsg
;
3264 const mDNSu8
*end
= (const mDNSu8
*)&info
->m
->imsg
+ n
;
3265 debugf("%3d: bpf_callback got %d bytes on %s", info
->BPF_fd
, n
, info
->ifinfo
.ifname
);
3269 /* <rdar://problem/10287386>
3270 * sometimes there can be a race condition btw when the bpf socket
3271 * gets data and the callback get scheduled and when we call BIOCSETF (which
3272 * clears the socket). this can cause the read to hang for a really long time
3273 * and effectively prevent us from responding to requests for long periods of time.
3274 * to prevent this make the socket non blocking and just bail if we dont get anything
3276 if (errno
== EAGAIN
)
3278 LogMsg("bpf_callback got EAGAIN bailing");
3281 LogMsg("Closing %s BPF fd %d due to error %d (%s)", info
->ifinfo
.ifname
, info
->BPF_fd
, errno
, strerror(errno
));
3288 const struct bpf_hdr
*const bh
= (const struct bpf_hdr
*)ptr
;
3289 debugf("%3d: bpf_callback ptr %p bh_hdrlen %d data %p bh_caplen %4d bh_datalen %4d next %p remaining %4d",
3290 info
->BPF_fd
, ptr
, bh
->bh_hdrlen
, ptr
+ bh
->bh_hdrlen
, bh
->bh_caplen
, bh
->bh_datalen
,
3291 ptr
+ BPF_WORDALIGN(bh
->bh_hdrlen
+ bh
->bh_caplen
), end
- (ptr
+ BPF_WORDALIGN(bh
->bh_hdrlen
+ bh
->bh_caplen
)));
3292 // Note that BPF guarantees that the NETWORK LAYER header will be word aligned, not the link-layer header.
3293 // Given that An Ethernet header is 14 bytes, this means that if the network layer header (e.g. IP header,
3294 // ARP message, etc.) is 4-byte aligned, then necessarily the Ethernet header will be NOT be 4-byte aligned.
3295 mDNSCoreReceiveRawPacket(info
->m
, ptr
+ bh
->bh_hdrlen
, ptr
+ bh
->bh_hdrlen
+ bh
->bh_caplen
, info
->ifinfo
.InterfaceID
);
3296 ptr
+= BPF_WORDALIGN(bh
->bh_hdrlen
+ bh
->bh_caplen
);
3299 KQueueUnlock(info
->m
, "bpf_callback");
3301 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
3302 mDNSlocal
void bpf_callback_dispatch(NetworkInterfaceInfoOSX
*const info
)
3304 bpf_callback_common(info
);
3307 mDNSlocal
void bpf_callback(const CFSocketRef cfs
, const CFSocketCallBackType CallBackType
, const CFDataRef address
, const void *const data
, void *const context
)
3313 bpf_callback_common((NetworkInterfaceInfoOSX
*)context
);
3317 mDNSexport
void mDNSPlatformSendKeepalive(mDNSAddr
*sadd
, mDNSAddr
*dadd
, mDNSIPPort
*lport
, mDNSIPPort
*rport
, mDNSu32 seq
, mDNSu32 ack
, mDNSu16 win
)
3319 LogMsg("mDNSPlatformSendKeepalive called\n");
3320 mDNSSendKeepalive(sadd
->ip
.v6
.b
, dadd
->ip
.v6
.b
, lport
->NotAnInteger
, rport
->NotAnInteger
, seq
, ack
, win
);
3323 mDNSexport mStatus
mDNSPlatformClearSPSMACAddr(void)
3325 SCDynamicStoreRef store
= NULL
;
3326 CFStringRef entityname
= NULL
;
3328 if ((store
= SCDynamicStoreCreate(NULL
, CFSTR("mDNSResponder:ClearSPSMACAddress"), NULL
, NULL
)))
3330 if ((entityname
= CFStringCreateWithFormat(kCFAllocatorDefault
, NULL
, CFSTR("%s%s%s"), "State:/Network/Interface/", "[^/]", "/BonjourSleepProxyAddress")))
3332 if (SCDynamicStoreRemoveValue(store
, entityname
) == false)
3333 LogMsg("mDNSPlatformClearSPSMACAddr: Unable to remove key");
3337 if (entityname
) CFRelease(entityname
);
3338 if (store
) CFRelease(store
);
3339 return KERN_SUCCESS
;
3342 mDNSexport mStatus
mDNSPlatformStoreSPSMACAddr(mDNSAddr
*spsaddr
, char *ifname
)
3344 int family
= (spsaddr
->type
== mDNSAddrType_IPv4
) ? AF_INET
: AF_INET6
;
3345 LogSPS("mDNSPlatformStoreSPSMACAddr : Storing %#a on interface %s", spsaddr
, ifname
);
3346 mDNSStoreSPSMACAddress(family
, spsaddr
->ip
.v6
.b
, ifname
);
3347 return KERN_SUCCESS
;
3350 mDNSexport mStatus
mDNSPlatformGetRemoteMacAddr(mDNS
*const m
, mDNSAddr
*raddr
)
3352 int family
= (raddr
->type
== mDNSAddrType_IPv4
) ? AF_INET
: AF_INET6
;
3354 mDNSGetRemoteMAC(m
, family
, raddr
->ip
.v6
.b
);
3355 return KERN_SUCCESS
;
3358 mDNSexport mStatus
mDNSPlatformRetrieveTCPInfo(mDNS
*const m
, mDNSAddr
*laddr
, mDNSIPPort
*lport
, mDNSAddr
*raddr
, mDNSIPPort
*rport
, mDNSTCPInfo
*mti
)
3362 int family
= (laddr
->type
== mDNSAddrType_IPv4
) ? AF_INET
: AF_INET6
;
3364 error
= mDNSRetrieveTCPInfo(family
, laddr
->ip
.v6
.b
, lport
->NotAnInteger
, raddr
->ip
.v6
.b
, rport
->NotAnInteger
, (uint32_t *)&(mti
->seq
), (uint32_t *)&(mti
->ack
), (uint16_t *)&(mti
->window
), (int32_t*)&intfid
);
3365 if (error
!= KERN_SUCCESS
)
3367 LogMsg("%s: mDNSRetrieveTCPInfo returned : %d", __func__
, error
);
3370 mti
->IntfId
= mDNSPlatformInterfaceIDfromInterfaceIndex(m
, intfid
);
3374 #define BPF_SetOffset(from, cond, to) (from)->cond = (to) - 1 - (from)
3376 mDNSlocal
int CountProxyTargets(mDNS
*const m
, NetworkInterfaceInfoOSX
*x
, int *p4
, int *p6
)
3378 int numv4
= 0, numv6
= 0;
3381 for (rr
= m
->ResourceRecords
; rr
; rr
=rr
->next
)
3382 if (rr
->resrec
.InterfaceID
== x
->ifinfo
.InterfaceID
&& rr
->AddressProxy
.type
== mDNSAddrType_IPv4
)
3384 if (p4
) LogSPS("CountProxyTargets: fd %d %-7s IP%2d %.4a", x
->BPF_fd
, x
->ifinfo
.ifname
, numv4
, &rr
->AddressProxy
.ip
.v4
);
3388 for (rr
= m
->ResourceRecords
; rr
; rr
=rr
->next
)
3389 if (rr
->resrec
.InterfaceID
== x
->ifinfo
.InterfaceID
&& rr
->AddressProxy
.type
== mDNSAddrType_IPv6
)
3391 if (p6
) LogSPS("CountProxyTargets: fd %d %-7s IP%2d %.16a", x
->BPF_fd
, x
->ifinfo
.ifname
, numv6
, &rr
->AddressProxy
.ip
.v6
);
3395 if (p4
) *p4
= numv4
;
3396 if (p6
) *p6
= numv6
;
3397 return(numv4
+ numv6
);
3400 mDNSexport
void mDNSPlatformUpdateProxyList(mDNS
*const m
, const mDNSInterfaceID InterfaceID
)
3402 NetworkInterfaceInfoOSX
*x
;
3404 // Note: We can't use IfIndexToInterfaceInfoOSX because that looks for Registered also.
3405 for (x
= m
->p
->InterfaceList
; x
; x
= x
->next
) if (x
->ifinfo
.InterfaceID
== InterfaceID
) break;
3407 if (!x
) { LogMsg("mDNSPlatformUpdateProxyList: ERROR InterfaceID %p not found", InterfaceID
); return; }
3409 #define MAX_BPF_ADDRS 250
3410 int numv4
= 0, numv6
= 0;
3412 if (CountProxyTargets(m
, x
, &numv4
, &numv6
) > MAX_BPF_ADDRS
)
3414 LogMsg("mDNSPlatformUpdateProxyList: ERROR Too many address proxy records v4 %d v6 %d", numv4
, numv6
);
3415 if (numv4
> MAX_BPF_ADDRS
) numv4
= MAX_BPF_ADDRS
;
3416 numv6
= MAX_BPF_ADDRS
- numv4
;
3419 LogSPS("mDNSPlatformUpdateProxyList: fd %d %-7s MAC %.6a %d v4 %d v6", x
->BPF_fd
, x
->ifinfo
.ifname
, &x
->ifinfo
.MAC
, numv4
, numv6
);
3421 // Caution: This is a static structure, so we need to be careful that any modifications we make to it
3422 // are done in such a way that they work correctly when mDNSPlatformUpdateProxyList is called multiple times
3423 static struct bpf_insn filter
[17 + MAX_BPF_ADDRS
] =
3425 BPF_STMT(BPF_LD
+ BPF_H
+ BPF_ABS
, 12), // 0 Read Ethertype (bytes 12,13)
3427 BPF_JUMP(BPF_JMP
+ BPF_JEQ
+ BPF_K
, 0x0806, 0, 1), // 1 If Ethertype == ARP goto next, else 3
3428 BPF_STMT(BPF_RET
+ BPF_K
, 42), // 2 Return 42-byte ARP
3430 BPF_JUMP(BPF_JMP
+ BPF_JEQ
+ BPF_K
, 0x0800, 4, 0), // 3 If Ethertype == IPv4 goto 8 (IPv4 address list check) else next
3432 BPF_JUMP(BPF_JMP
+ BPF_JEQ
+ BPF_K
, 0x86DD, 0, 9), // 4 If Ethertype == IPv6 goto next, else exit
3433 BPF_STMT(BPF_LD
+ BPF_H
+ BPF_ABS
, 20), // 5 Read Protocol and Hop Limit (bytes 20,21)
3434 BPF_JUMP(BPF_JMP
+ BPF_JEQ
+ BPF_K
, 0x3AFF, 0, 9), // 6 If (Prot,TTL) == (3A,FF) goto next, else IPv6 address list check
3435 BPF_STMT(BPF_RET
+ BPF_K
, 86), // 7 Return 86-byte ND
3437 // Is IPv4 packet; check if it's addressed to any IPv4 address we're proxying for
3438 BPF_STMT(BPF_LD
+ BPF_W
+ BPF_ABS
, 30), // 8 Read IPv4 Dst (bytes 30,31,32,33)
3441 struct bpf_insn
*pc
= &filter
[9];
3442 struct bpf_insn
*chk6
= pc
+ numv4
+ 1; // numv4 address checks, plus a "return 0"
3443 struct bpf_insn
*fail
= chk6
+ 1 + numv6
; // Get v6 Dst LSW, plus numv6 address checks
3444 struct bpf_insn
*ret4
= fail
+ 1;
3445 struct bpf_insn
*ret6
= ret4
+ 4;
3447 static const struct bpf_insn rf
= BPF_STMT(BPF_RET
+ BPF_K
, 0); // No match: Return nothing
3449 static const struct bpf_insn g6
= BPF_STMT(BPF_LD
+ BPF_W
+ BPF_ABS
, 50); // Read IPv6 Dst LSW (bytes 50,51,52,53)
3451 static const struct bpf_insn r4a
= BPF_STMT(BPF_LDX
+ BPF_B
+ BPF_MSH
, 14); // Get IP Header length (normally 20)
3452 static const struct bpf_insn r4b
= BPF_STMT(BPF_LD
+ BPF_IMM
, 54); // A = 54 (14-byte Ethernet plus 20-byte TCP + 20 bytes spare)
3453 static const struct bpf_insn r4c
= BPF_STMT(BPF_ALU
+ BPF_ADD
+ BPF_X
, 0); // A += IP Header length
3454 static const struct bpf_insn r4d
= BPF_STMT(BPF_RET
+ BPF_A
, 0); // Success: Return Ethernet + IP + TCP + 20 bytes spare (normally 74)
3456 static const struct bpf_insn r6a
= BPF_STMT(BPF_RET
+ BPF_K
, 94); // Success: Return Eth + IPv6 + TCP + 20 bytes spare
3458 BPF_SetOffset(&filter
[4], jf
, fail
); // If Ethertype not ARP, IPv4, or IPv6, fail
3459 BPF_SetOffset(&filter
[6], jf
, chk6
); // If IPv6 but not ICMPv6, go to IPv6 address list check
3461 // BPF Byte-Order Note
3462 // The BPF API designers apparently thought that programmers would not be smart enough to use htons
3463 // and htonl correctly to convert numeric values to network byte order on little-endian machines,
3464 // so instead they chose to make the API implicitly byte-swap *ALL* values, even literal byte strings
3465 // that shouldn't be byte-swapped, like ASCII text, Ethernet addresses, IP addresses, etc.
3466 // As a result, if we put Ethernet addresses and IP addresses in the right byte order, the BPF API
3467 // will byte-swap and make them backwards, and then our filter won't work. So, we have to arrange
3468 // that on little-endian machines we deliberately put addresses in memory with the bytes backwards,
3469 // so that when the BPF API goes through and swaps them all, they end up back as they should be.
3470 // In summary, if we byte-swap all the non-numeric fields that shouldn't be swapped, and we *don't*
3471 // swap any of the numeric values that *should* be byte-swapped, then the filter will work correctly.
3473 // IPSEC capture size notes:
3474 // 8 bytes UDP header
3475 // 4 bytes Non-ESP Marker
3476 // 28 bytes IKE Header
3478 // 40 Total. Capturing TCP Header + 20 gets us enough bytes to receive the IKE Header in a UDP-encapsulated IKE packet.
3481 for (rr
= m
->ResourceRecords
; rr
; rr
=rr
->next
)
3482 if (rr
->resrec
.InterfaceID
== InterfaceID
&& rr
->AddressProxy
.type
== mDNSAddrType_IPv4
)
3484 mDNSv4Addr a
= rr
->AddressProxy
.ip
.v4
;
3485 pc
->code
= BPF_JMP
+ BPF_JEQ
+ BPF_K
;
3486 BPF_SetOffset(pc
, jt
, ret4
);
3488 pc
->k
= (bpf_u_int32
)a
.b
[0] << 24 | (bpf_u_int32
)a
.b
[1] << 16 | (bpf_u_int32
)a
.b
[2] << 8 | (bpf_u_int32
)a
.b
[3];
3493 if (pc
!= chk6
) LogMsg("mDNSPlatformUpdateProxyList: pc %p != chk6 %p", pc
, chk6
);
3494 *pc
++ = g6
; // chk6 points here
3496 // First cancel any previous ND group memberships we had, then create a fresh socket
3497 if (x
->BPF_mcfd
>= 0) close(x
->BPF_mcfd
);
3498 x
->BPF_mcfd
= socket(AF_INET6
, SOCK_DGRAM
, 0);
3500 for (rr
= m
->ResourceRecords
; rr
; rr
=rr
->next
)
3501 if (rr
->resrec
.InterfaceID
== InterfaceID
&& rr
->AddressProxy
.type
== mDNSAddrType_IPv6
)
3503 const mDNSv6Addr
*const a
= &rr
->AddressProxy
.ip
.v6
;
3504 pc
->code
= BPF_JMP
+ BPF_JEQ
+ BPF_K
;
3505 BPF_SetOffset(pc
, jt
, ret6
);
3507 pc
->k
= (bpf_u_int32
)a
->b
[0x0C] << 24 | (bpf_u_int32
)a
->b
[0x0D] << 16 | (bpf_u_int32
)a
->b
[0x0E] << 8 | (bpf_u_int32
)a
->b
[0x0F];
3510 struct ipv6_mreq i6mr
;
3511 i6mr
.ipv6mr_interface
= x
->scope_id
;
3512 i6mr
.ipv6mr_multiaddr
= *(const struct in6_addr
*)&NDP_prefix
;
3513 i6mr
.ipv6mr_multiaddr
.s6_addr
[0xD] = a
->b
[0xD];
3514 i6mr
.ipv6mr_multiaddr
.s6_addr
[0xE] = a
->b
[0xE];
3515 i6mr
.ipv6mr_multiaddr
.s6_addr
[0xF] = a
->b
[0xF];
3517 // Do precautionary IPV6_LEAVE_GROUP first, necessary to clear stale kernel state
3518 mStatus err
= setsockopt(x
->BPF_mcfd
, IPPROTO_IPV6
, IPV6_LEAVE_GROUP
, &i6mr
, sizeof(i6mr
));
3519 if (err
< 0 && (errno
!= EADDRNOTAVAIL
))
3520 LogMsg("mDNSPlatformUpdateProxyList: IPV6_LEAVE_GROUP error %d errno %d (%s) group %.16a on %u", err
, errno
, strerror(errno
), &i6mr
.ipv6mr_multiaddr
, i6mr
.ipv6mr_interface
);
3522 err
= setsockopt(x
->BPF_mcfd
, IPPROTO_IPV6
, IPV6_JOIN_GROUP
, &i6mr
, sizeof(i6mr
));
3523 if (err
< 0 && (errno
!= EADDRINUSE
)) // Joining same group twice can give "Address already in use" error -- no need to report that
3524 LogMsg("mDNSPlatformUpdateProxyList: IPV6_JOIN_GROUP error %d errno %d (%s) group %.16a on %u", err
, errno
, strerror(errno
), &i6mr
.ipv6mr_multiaddr
, i6mr
.ipv6mr_interface
);
3526 LogSPS("Joined IPv6 ND multicast group %.16a for %.16a", &i6mr
.ipv6mr_multiaddr
, a
);
3529 if (pc
!= fail
) LogMsg("mDNSPlatformUpdateProxyList: pc %p != fail %p", pc
, fail
);
3530 *pc
++ = rf
; // fail points here
3532 if (pc
!= ret4
) LogMsg("mDNSPlatformUpdateProxyList: pc %p != ret4 %p", pc
, ret4
);
3533 *pc
++ = r4a
; // ret4 points here
3538 if (pc
!= ret6
) LogMsg("mDNSPlatformUpdateProxyList: pc %p != ret6 %p", pc
, ret6
);
3539 *pc
++ = r6a
; // ret6 points here
3541 struct bpf_program prog
= { pc
- filter
, filter
};
3544 // For debugging BPF filter program
3546 for (q
=0; q
<prog
.bf_len
; q
++)
3547 LogSPS("mDNSPlatformUpdateProxyList: %2d { 0x%02x, %d, %d, 0x%08x },", q
, prog
.bf_insns
[q
].code
, prog
.bf_insns
[q
].jt
, prog
.bf_insns
[q
].jf
, prog
.bf_insns
[q
].k
);
3550 if (!numv4
&& !numv6
)
3552 LogSPS("mDNSPlatformUpdateProxyList: No need for filter");
3553 if (m
->timenow
== 0) LogMsg("mDNSPlatformUpdateProxyList: m->timenow == 0");
3554 // Schedule check to see if we can close this BPF_fd now
3555 if (!m
->p
->NetworkChanged
) m
->p
->NetworkChanged
= NonZeroTime(m
->timenow
+ mDNSPlatformOneSecond
* 2);
3556 // prog.bf_len = 0; This seems to panic the kernel
3557 if (x
->BPF_fd
< 0) return; // If we've already closed our BPF_fd, no need to generate an error message below
3560 if (ioctl(x
->BPF_fd
, BIOCSETFNR
, &prog
) < 0) LogMsg("mDNSPlatformUpdateProxyList: BIOCSETFNR(%d) failed %d (%s)", prog
.bf_len
, errno
, strerror(errno
));
3561 else LogSPS("mDNSPlatformUpdateProxyList: BIOCSETFNR(%d) successful", prog
.bf_len
);
3564 mDNSexport
void mDNSPlatformReceiveBPF_fd(mDNS
*const m
, int fd
)
3568 NetworkInterfaceInfoOSX
*i
;
3569 for (i
= m
->p
->InterfaceList
; i
; i
= i
->next
) if (i
->BPF_fd
== -2) break;
3570 if (!i
) { LogSPS("mDNSPlatformReceiveBPF_fd: No Interfaces awaiting BPF fd %d; closing", fd
); close(fd
); }
3573 LogSPS("%s using BPF fd %d", i
->ifinfo
.ifname
, fd
);
3575 struct bpf_version v
;
3576 if (ioctl(fd
, BIOCVERSION
, &v
) < 0)
3577 LogMsg("mDNSPlatformReceiveBPF_fd: %d %s BIOCVERSION failed %d (%s)", fd
, i
->ifinfo
.ifname
, errno
, strerror(errno
));
3578 else if (BPF_MAJOR_VERSION
!= v
.bv_major
|| BPF_MINOR_VERSION
!= v
.bv_minor
)
3579 LogMsg("mDNSPlatformReceiveBPF_fd: %d %s BIOCVERSION header %d.%d kernel %d.%d",
3580 fd
, i
->ifinfo
.ifname
, BPF_MAJOR_VERSION
, BPF_MINOR_VERSION
, v
.bv_major
, v
.bv_minor
);
3582 if (ioctl(fd
, BIOCGBLEN
, &i
->BPF_len
) < 0)
3583 LogMsg("mDNSPlatformReceiveBPF_fd: %d %s BIOCGBLEN failed %d (%s)", fd
, i
->ifinfo
.ifname
, errno
, strerror(errno
));
3585 if (i
->BPF_len
> sizeof(m
->imsg
))
3587 i
->BPF_len
= sizeof(m
->imsg
);
3588 if (ioctl(fd
, BIOCSBLEN
, &i
->BPF_len
) < 0)
3589 LogMsg("mDNSPlatformReceiveBPF_fd: %d %s BIOCSBLEN failed %d (%s)", fd
, i
->ifinfo
.ifname
, errno
, strerror(errno
));
3591 LogSPS("mDNSPlatformReceiveBPF_fd: %d %s BIOCSBLEN %d", fd
, i
->ifinfo
.ifname
, i
->BPF_len
);
3594 static const u_int opt_one
= 1;
3595 if (ioctl(fd
, BIOCIMMEDIATE
, &opt_one
) < 0)
3596 LogMsg("mDNSPlatformReceiveBPF_fd: %d %s BIOCIMMEDIATE failed %d (%s)", fd
, i
->ifinfo
.ifname
, errno
, strerror(errno
));
3598 //if (ioctl(fd, BIOCPROMISC, &opt_one) < 0)
3599 // LogMsg("mDNSPlatformReceiveBPF_fd: %d %s BIOCPROMISC failed %d (%s)", fd, i->ifinfo.ifname, errno, strerror(errno));
3601 //if (ioctl(fd, BIOCSHDRCMPLT, &opt_one) < 0)
3602 // LogMsg("mDNSPlatformReceiveBPF_fd: %d %s BIOCSHDRCMPLT failed %d (%s)", fd, i->ifinfo.ifname, errno, strerror(errno));
3604 /* <rdar://problem/10287386>
3605 * make socket non blocking see comments in bpf_callback_common for more info
3607 if (fcntl(fd
, F_SETFL
, fcntl(fd
, F_GETFL
, 0) | O_NONBLOCK
) < 0) // set non-blocking
3609 LogMsg("mDNSPlatformReceiveBPF_fd: %d %s O_NONBLOCK failed %d (%s)", fd
, i
->ifinfo
.ifname
, errno
, strerror(errno
));
3613 mDNSPlatformMemZero(&ifr
, sizeof(ifr
));
3614 strlcpy(ifr
.ifr_name
, i
->ifinfo
.ifname
, sizeof(ifr
.ifr_name
));
3615 if (ioctl(fd
, BIOCSETIF
, &ifr
) < 0)
3616 { LogMsg("mDNSPlatformReceiveBPF_fd: %d %s BIOCSETIF failed %d (%s)", fd
, i
->ifinfo
.ifname
, errno
, strerror(errno
)); i
->BPF_fd
= -3; }
3619 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
3621 i
->BPF_source
= dispatch_source_create(DISPATCH_SOURCE_TYPE_READ
, fd
, 0, dispatch_get_main_queue());
3622 if (!i
->BPF_source
) {LogMsg("mDNSPlatformReceiveBPF_fd: dispatch source create failed"); return;}
3623 dispatch_source_set_event_handler(i
->BPF_source
, ^{bpf_callback_dispatch(i
);});
3624 dispatch_source_set_cancel_handler(i
->BPF_source
, ^{close(fd
);});
3625 dispatch_resume(i
->BPF_source
);
3627 CFSocketContext myCFSocketContext
= { 0, i
, NULL
, NULL
, NULL
};
3629 i
->BPF_cfs
= CFSocketCreateWithNative(kCFAllocatorDefault
, fd
, kCFSocketReadCallBack
, bpf_callback
, &myCFSocketContext
);
3630 i
->BPF_rls
= CFSocketCreateRunLoopSource(kCFAllocatorDefault
, i
->BPF_cfs
, 0);
3631 CFRunLoopAddSource(i
->m
->p
->CFRunLoop
, i
->BPF_rls
, kCFRunLoopDefaultMode
);
3633 mDNSPlatformUpdateProxyList(m
, i
->ifinfo
.InterfaceID
);
3640 #endif // APPLE_OSX_mDNSResponder
3642 #if COMPILER_LIKES_PRAGMA_MARK
3644 #pragma mark - Key Management
3647 #ifndef NO_SECURITYFRAMEWORK
3648 mDNSlocal CFArrayRef
GetCertChain(SecIdentityRef identity
)
3650 CFMutableArrayRef certChain
= NULL
;
3651 if (!identity
) { LogMsg("getCertChain: identity is NULL"); return(NULL
); }
3652 SecCertificateRef cert
;
3653 OSStatus err
= SecIdentityCopyCertificate(identity
, &cert
);
3654 if (err
|| !cert
) LogMsg("getCertChain: SecIdentityCopyCertificate() returned %d", (int) err
);
3657 SecPolicySearchRef searchRef
;
3658 err
= SecPolicySearchCreate(CSSM_CERT_X_509v3
, &CSSMOID_APPLE_X509_BASIC
, NULL
, &searchRef
);
3659 if (err
|| !searchRef
) LogMsg("getCertChain: SecPolicySearchCreate() returned %d", (int) err
);
3662 SecPolicyRef policy
;
3663 err
= SecPolicySearchCopyNext(searchRef
, &policy
);
3664 if (err
|| !policy
) LogMsg("getCertChain: SecPolicySearchCopyNext() returned %d", (int) err
);
3667 CFArrayRef wrappedCert
= CFArrayCreate(NULL
, (const void**) &cert
, 1, &kCFTypeArrayCallBacks
);
3668 if (!wrappedCert
) LogMsg("getCertChain: wrappedCert is NULL");
3672 err
= SecTrustCreateWithCertificates(wrappedCert
, policy
, &trust
);
3673 if (err
|| !trust
) LogMsg("getCertChain: SecTrustCreateWithCertificates() returned %d", (int) err
);
3676 err
= SecTrustEvaluate(trust
, NULL
);
3677 if (err
) LogMsg("getCertChain: SecTrustEvaluate() returned %d", (int) err
);
3680 CFArrayRef rawCertChain
;
3681 CSSM_TP_APPLE_EVIDENCE_INFO
*statusChain
= NULL
;
3682 err
= SecTrustGetResult(trust
, NULL
, &rawCertChain
, &statusChain
);
3683 if (err
|| !rawCertChain
|| !statusChain
) LogMsg("getCertChain: SecTrustGetResult() returned %d", (int) err
);
3686 certChain
= CFArrayCreateMutableCopy(NULL
, 0, rawCertChain
);
3687 if (!certChain
) LogMsg("getCertChain: certChain is NULL");
3690 // Replace the SecCertificateRef at certChain[0] with a SecIdentityRef per documentation for SSLSetCertificate:
3691 // <http://devworld.apple.com/documentation/Security/Reference/secureTransportRef/index.html>
3692 CFArraySetValueAtIndex(certChain
, 0, identity
);
3693 // Remove root from cert chain, but keep any and all intermediate certificates that have been signed by the root certificate
3694 if (CFArrayGetCount(certChain
) > 1) CFArrayRemoveValueAtIndex(certChain
, CFArrayGetCount(certChain
) - 1);
3696 CFRelease(rawCertChain
);
3697 // Do not free statusChain:
3698 // <http://developer.apple.com/documentation/Security/Reference/certifkeytrustservices/Reference/reference.html> says:
3699 // certChain: Call the CFRelease function to release this object when you are finished with it.
3700 // statusChain: Do not attempt to free this pointer; it remains valid until the trust management object is released...
3705 CFRelease(wrappedCert
);
3709 CFRelease(searchRef
);
3715 #endif /* NO_SECURITYFRAMEWORK */
3717 mDNSexport mStatus
mDNSPlatformTLSSetupCerts(void)
3719 #ifdef NO_SECURITYFRAMEWORK
3720 return mStatus_UnsupportedErr
;
3722 SecIdentityRef identity
= nil
;
3723 SecIdentitySearchRef srchRef
= nil
;
3726 // search for "any" identity matching specified key use
3727 // In this app, we expect there to be exactly one
3728 err
= SecIdentitySearchCreate(NULL
, CSSM_KEYUSE_DECRYPT
, &srchRef
);
3729 if (err
) { LogMsg("ERROR: mDNSPlatformTLSSetupCerts: SecIdentitySearchCreate returned %d", (int) err
); return err
; }
3731 err
= SecIdentitySearchCopyNext(srchRef
, &identity
);
3732 if (err
) { LogMsg("ERROR: mDNSPlatformTLSSetupCerts: SecIdentitySearchCopyNext returned %d", (int) err
); return err
; }
3734 if (CFGetTypeID(identity
) != SecIdentityGetTypeID())
3735 { LogMsg("ERROR: mDNSPlatformTLSSetupCerts: SecIdentitySearchCopyNext CFTypeID failure"); return mStatus_UnknownErr
; }
3737 // Found one. Call getCertChain to create the correct certificate chain.
3738 ServerCerts
= GetCertChain(identity
);
3739 if (ServerCerts
== nil
) { LogMsg("ERROR: mDNSPlatformTLSSetupCerts: getCertChain error"); return mStatus_UnknownErr
; }
3741 return mStatus_NoError
;
3742 #endif /* NO_SECURITYFRAMEWORK */
3745 mDNSexport
void mDNSPlatformTLSTearDownCerts(void)
3747 #ifndef NO_SECURITYFRAMEWORK
3748 if (ServerCerts
) { CFRelease(ServerCerts
); ServerCerts
= NULL
; }
3749 #endif /* NO_SECURITYFRAMEWORK */
3752 // This gets the text of the field currently labelled "Computer Name" in the Sharing Prefs Control Panel
3753 mDNSlocal
void GetUserSpecifiedFriendlyComputerName(domainlabel
*const namelabel
)
3755 CFStringEncoding encoding
= kCFStringEncodingUTF8
;
3756 CFStringRef cfs
= SCDynamicStoreCopyComputerName(NULL
, &encoding
);
3759 CFStringGetPascalString(cfs
, namelabel
->c
, sizeof(*namelabel
), kCFStringEncodingUTF8
);
3764 // This gets the text of the field currently labelled "Local Hostname" in the Sharing Prefs Control Panel
3765 mDNSlocal
void GetUserSpecifiedLocalHostName(domainlabel
*const namelabel
)
3767 CFStringRef cfs
= SCDynamicStoreCopyLocalHostName(NULL
);
3770 CFStringGetPascalString(cfs
, namelabel
->c
, sizeof(*namelabel
), kCFStringEncodingUTF8
);
3775 mDNSexport mDNSBool
DictionaryIsEnabled(CFDictionaryRef dict
)
3778 CFNumberRef state
= (CFNumberRef
)CFDictionaryGetValue(dict
, CFSTR("Enabled"));
3779 if (!state
) return mDNSfalse
;
3780 if (!CFNumberGetValue(state
, kCFNumberSInt32Type
, &val
))
3781 { LogMsg("ERROR: DictionaryIsEnabled - CFNumberGetValue"); return mDNSfalse
; }
3782 return val
? mDNStrue
: mDNSfalse
;
3785 mDNSlocal mStatus
SetupAddr(mDNSAddr
*ip
, const struct sockaddr
*const sa
)
3787 if (!sa
) { LogMsg("SetupAddr ERROR: NULL sockaddr"); return(mStatus_Invalid
); }
3789 if (sa
->sa_family
== AF_INET
)
3791 struct sockaddr_in
*ifa_addr
= (struct sockaddr_in
*)sa
;
3792 ip
->type
= mDNSAddrType_IPv4
;
3793 ip
->ip
.v4
.NotAnInteger
= ifa_addr
->sin_addr
.s_addr
;
3794 return(mStatus_NoError
);
3797 if (sa
->sa_family
== AF_INET6
)
3799 struct sockaddr_in6
*ifa_addr
= (struct sockaddr_in6
*)sa
;
3800 // Inside the BSD kernel they use a hack where they stuff the sin6->sin6_scope_id
3801 // value into the second word of the IPv6 link-local address, so they can just
3802 // pass around IPv6 address structures instead of full sockaddr_in6 structures.
3803 // Those hacked IPv6 addresses aren't supposed to escape the kernel in that form, but they do.
3804 // To work around this we always whack the second word of any IPv6 link-local address back to zero.
3805 if (IN6_IS_ADDR_LINKLOCAL(&ifa_addr
->sin6_addr
)) ifa_addr
->sin6_addr
.__u6_addr
.__u6_addr16
[1] = 0;
3806 ip
->type
= mDNSAddrType_IPv6
;
3807 ip
->ip
.v6
= *(mDNSv6Addr
*)&ifa_addr
->sin6_addr
;
3808 return(mStatus_NoError
);
3811 LogMsg("SetupAddr invalid sa_family %d", sa
->sa_family
);
3812 return(mStatus_Invalid
);
3815 mDNSlocal mDNSEthAddr
GetBSSID(char *ifa_name
)
3817 mDNSEthAddr eth
= zeroEthAddr
;
3818 SCDynamicStoreRef store
= SCDynamicStoreCreate(NULL
, CFSTR("mDNSResponder:GetBSSID"), NULL
, NULL
);
3820 LogMsg("GetBSSID: SCDynamicStoreCreate failed: %s", SCErrorString(SCError()));
3823 CFStringRef entityname
= CFStringCreateWithFormat(NULL
, NULL
, CFSTR("State:/Network/Interface/%s/AirPort"), ifa_name
);
3826 CFDictionaryRef dict
= SCDynamicStoreCopyValue(store
, entityname
);
3829 CFRange range
= { 0, 6 }; // Offset, length
3830 CFDataRef data
= CFDictionaryGetValue(dict
, CFSTR("BSSID"));
3831 if (data
&& CFDataGetLength(data
) == 6) CFDataGetBytes(data
, range
, eth
.b
);
3834 CFRelease(entityname
);
3841 mDNSlocal
int GetMAC(mDNSEthAddr
*eth
, u_short ifindex
)
3843 struct ifaddrs
*ifa
;
3844 for (ifa
= myGetIfAddrs(0); ifa
; ifa
= ifa
->ifa_next
)
3845 if (ifa
->ifa_addr
->sa_family
== AF_LINK
)
3847 const struct sockaddr_dl
*const sdl
= (const struct sockaddr_dl
*)ifa
->ifa_addr
;
3848 if (sdl
->sdl_index
== ifindex
)
3849 { mDNSPlatformMemCopy(eth
->b
, sdl
->sdl_data
+ sdl
->sdl_nlen
, 6); return 0; }
3855 #ifndef SIOCGIFWAKEFLAGS
3856 #define SIOCGIFWAKEFLAGS _IOWR('i', 136, struct ifreq) /* get interface wake property flags */
3859 #ifndef IF_WAKE_ON_MAGIC_PACKET
3860 #define IF_WAKE_ON_MAGIC_PACKET 0x01
3863 #ifndef ifr_wake_flags
3864 #define ifr_wake_flags ifr_ifru.ifru_intval
3867 mDNSlocal mDNSBool
CheckInterfaceSupport(NetworkInterfaceInfo
*const intf
, const char *key
)
3869 io_service_t service
= IOServiceGetMatchingService(kIOMasterPortDefault
, IOBSDNameMatching(kIOMasterPortDefault
, 0, intf
->ifname
));
3872 LogSPS("CheckInterfaceSupport: No service for interface %s", intf
->ifname
);
3877 IOObjectGetClass(service
, n1
);
3879 mDNSBool ret
= mDNSfalse
;
3880 kern_return_t kr
= IORegistryEntryGetParentEntry(service
, kIOServicePlane
, &parent
);
3881 if (kr
== KERN_SUCCESS
)
3883 CFStringRef keystr
= CFStringCreateWithCString(NULL
, key
, kCFStringEncodingUTF8
);
3884 IOObjectGetClass(parent
, n2
);
3885 LogSPS("CheckInterfaceSupport: Interface %s service %s parent %s", intf
->ifname
, n1
, n2
);
3886 const CFTypeRef ref
= IORegistryEntryCreateCFProperty(parent
, keystr
, kCFAllocatorDefault
, mDNSNULL
);
3889 LogSPS("CheckInterfaceSupport: No mDNS_IOREG_KEY for interface %s/%s/%s", intf
->ifname
, n1
, n2
);
3897 IOObjectRelease(parent
);
3902 LogSPS("CheckInterfaceSupport: IORegistryEntryGetParentEntry for %s/%s failed %d", intf
->ifname
, n1
, kr
);
3905 IOObjectRelease(service
);
3910 mDNSlocal mDNSBool
InterfaceSupportsKeepAlive(NetworkInterfaceInfo
*const intf
)
3912 return CheckInterfaceSupport(intf
, mDNS_IOREG_KA_KEY
);
3915 mDNSlocal mDNSBool
NetWakeInterface(NetworkInterfaceInfoOSX
*i
)
3917 if (!MulticastInterface(i
) ) return(mDNSfalse
); // We only use Sleep Proxy Service on multicast-capable interfaces
3918 if (i
->ifa_flags
& IFF_LOOPBACK
) return(mDNSfalse
); // except loopback
3920 // If the interface supports TCPKeepalive, it is capable of waking up for a magic packet
3921 // This check is needed since the SIOCGIFWAKEFLAGS ioctl returns wrong values for WOMP capability
3922 // when the power source is not AC Power.
3923 if (InterfaceSupportsKeepAlive(&i
->ifinfo
))
3925 LogSPS("NetWakeInterface: %s supports TCP Keepalive returning true", i
->ifinfo
.ifname
);
3929 int s
= socket(AF_INET
, SOCK_DGRAM
, 0);
3930 if (s
< 0) { LogMsg("NetWakeInterface socket failed %s error %d errno %d (%s)", i
->ifinfo
.ifname
, s
, errno
, strerror(errno
)); return(mDNSfalse
); }
3933 strlcpy(ifr
.ifr_name
, i
->ifinfo
.ifname
, sizeof(ifr
.ifr_name
));
3934 if (ioctl(s
, SIOCGIFWAKEFLAGS
, &ifr
) < 0)
3936 // For some strange reason, in /usr/include/sys/errno.h, EOPNOTSUPP is defined to be
3937 // 102 when compiling kernel code, and 45 when compiling user-level code. Since this
3938 // error code is being returned from the kernel, we need to use the kernel version.
3939 #define KERNEL_EOPNOTSUPP 102
3940 if (errno
!= KERNEL_EOPNOTSUPP
) // "Operation not supported on socket", the expected result on Leopard and earlier
3941 LogMsg("NetWakeInterface SIOCGIFWAKEFLAGS %s errno %d (%s)", i
->ifinfo
.ifname
, errno
, strerror(errno
));
3942 // If on Leopard or earlier, we get EOPNOTSUPP, so in that case
3943 // we enable WOL if this interface is not AirPort and "Wake for Network access" is turned on.
3944 ifr
.ifr_wake_flags
= (errno
== KERNEL_EOPNOTSUPP
&& !(i
)->BSSID
.l
[0] && i
->m
->SystemWakeOnLANEnabled
) ? IF_WAKE_ON_MAGIC_PACKET
: 0;
3949 // ifr.ifr_wake_flags = IF_WAKE_ON_MAGIC_PACKET; // For testing with MacBook Air, using a USB dongle that doesn't actually support Wake-On-LAN
3951 LogSPS("%-6s %#-14a %s WOMP", i
->ifinfo
.ifname
, &i
->ifinfo
.ip
, (ifr
.ifr_wake_flags
& IF_WAKE_ON_MAGIC_PACKET
) ? "supports" : "no");
3953 return((ifr
.ifr_wake_flags
& IF_WAKE_ON_MAGIC_PACKET
) != 0);
3956 mDNSlocal u_int64_t
getExtendedFlags(char * ifa_name
)
3961 sockFD
= socket(AF_INET
, SOCK_DGRAM
, 0);
3964 LogMsg("getExtendedFlags: socket() call failed, errno = %d (%s)", errno
, strerror(errno
));
3968 ifr
.ifr_addr
.sa_family
= AF_INET
;
3969 strlcpy(ifr
.ifr_name
, ifa_name
, sizeof(ifr
.ifr_name
));
3971 if (ioctl(sockFD
, SIOCGIFEFLAGS
, (caddr_t
)&ifr
) == -1)
3973 LogMsg("getExtendedFlags: SIOCGIFEFLAGS failed, errno = %d (%s)", errno
, strerror(errno
));
3976 LogInfo("getExtendedFlags: %s ifr_eflags = 0x%x", ifa_name
, ifr
.ifr_eflags
);
3979 return ifr
.ifr_eflags
;
3982 // Returns pointer to newly created NetworkInterfaceInfoOSX object, or
3983 // pointer to already-existing NetworkInterfaceInfoOSX object found in list, or
3984 // may return NULL if out of memory (unlikely) or parameters are invalid for some reason
3985 // (e.g. sa_family not AF_INET or AF_INET6)
3986 mDNSlocal NetworkInterfaceInfoOSX
*AddInterfaceToList(mDNS
*const m
, struct ifaddrs
*ifa
, mDNSs32 utc
)
3988 mDNSu32 scope_id
= if_nametoindex(ifa
->ifa_name
);
3989 mDNSEthAddr bssid
= GetBSSID(ifa
->ifa_name
);
3990 u_int64_t eflags
= getExtendedFlags(ifa
->ifa_name
);
3993 if (SetupAddr(&ip
, ifa
->ifa_addr
) != mStatus_NoError
) return(NULL
);
3994 if (SetupAddr(&mask
, ifa
->ifa_netmask
) != mStatus_NoError
) return(NULL
);
3996 NetworkInterfaceInfoOSX
**p
;
3997 for (p
= &m
->p
->InterfaceList
; *p
; p
= &(*p
)->next
)
3998 if (scope_id
== (*p
)->scope_id
&&
3999 mDNSSameAddress(&ip
, &(*p
)->ifinfo
.ip
) &&
4000 mDNSSameEthAddress(&bssid
, &(*p
)->BSSID
))
4002 debugf("AddInterfaceToList: Found existing interface %lu %.6a with address %#a at %p, ifname before %s, after %s", scope_id
, &bssid
, &ip
, *p
, (*p
)->ifinfo
.ifname
, ifa
->ifa_name
);
4003 // The name should be updated to the new name so that we don't report a wrong name in our SIGINFO output.
4004 // When interfaces are created with same MAC address, kernel resurrects the old interface.
4005 // Even though the interface index is the same (which should be sufficient), when we receive a UDP packet
4006 // we get the corresponding name for the interface index on which the packet was received and check against
4007 // the InterfaceList for a matching name. So, keep the name in sync
4008 strlcpy((*p
)->ifinfo
.ifname
, ifa
->ifa_name
, sizeof((*p
)->ifinfo
.ifname
));
4009 (*p
)->Exists
= mDNStrue
;
4010 // If interface was not in getifaddrs list last time we looked, but it is now, update 'AppearanceTime' for this record
4011 if ((*p
)->LastSeen
!= utc
) (*p
)->AppearanceTime
= utc
;
4013 // If Wake-on-LAN capability of this interface has changed (e.g. because power cable on laptop has been disconnected)
4014 // we may need to start or stop or sleep proxy browse operation
4015 const mDNSBool NetWake
= NetWakeInterface(*p
);
4016 if ((*p
)->ifinfo
.NetWake
!= NetWake
)
4018 (*p
)->ifinfo
.NetWake
= NetWake
;
4019 // If this interface is already registered with mDNSCore, then we need to start or stop its NetWake browse on-the-fly.
4020 // If this interface is not already registered (i.e. it's a dormant interface we had in our list
4021 // from when we previously saw it) then we mustn't do that, because mDNSCore doesn't know about it yet.
4022 // In this case, the mDNS_RegisterInterface() call will take care of starting the NetWake browse if necessary.
4023 if ((*p
)->Registered
)
4026 if (NetWake
) mDNS_ActivateNetWake_internal (m
, &(*p
)->ifinfo
);
4027 else mDNS_DeactivateNetWake_internal(m
, &(*p
)->ifinfo
);
4031 // Reset the flag if it has changed this time.
4032 (*p
)->ifinfo
.IgnoreIPv4LL
= ((eflags
& IFEF_ARPLL
) != 0) ? mDNSfalse
: mDNStrue
;
4037 NetworkInterfaceInfoOSX
*i
= (NetworkInterfaceInfoOSX
*)mallocL("NetworkInterfaceInfoOSX", sizeof(*i
));
4038 debugf("AddInterfaceToList: Making new interface %lu %.6a with address %#a at %p", scope_id
, &bssid
, &ip
, i
);
4039 if (!i
) return(mDNSNULL
);
4040 mDNSPlatformMemZero(i
, sizeof(NetworkInterfaceInfoOSX
));
4041 i
->ifinfo
.InterfaceID
= (mDNSInterfaceID
)(uintptr_t)scope_id
;
4043 i
->ifinfo
.mask
= mask
;
4044 strlcpy(i
->ifinfo
.ifname
, ifa
->ifa_name
, sizeof(i
->ifinfo
.ifname
));
4045 i
->ifinfo
.ifname
[sizeof(i
->ifinfo
.ifname
)-1] = 0;
4046 // We can be configured to disable multicast advertisement, but we want to to support
4047 // local-only services, which need a loopback address record.
4048 i
->ifinfo
.Advertise
= m
->DivertMulticastAdvertisements
? ((ifa
->ifa_flags
& IFF_LOOPBACK
) ? mDNStrue
: mDNSfalse
) : m
->AdvertiseLocalAddresses
;
4049 i
->ifinfo
.McastTxRx
= mDNSfalse
; // For now; will be set up later at the end of UpdateInterfaceList
4050 i
->ifinfo
.Loopback
= ((ifa
->ifa_flags
& IFF_LOOPBACK
) != 0) ? mDNStrue
: mDNSfalse
;
4051 i
->ifinfo
.IgnoreIPv4LL
= ((eflags
& IFEF_ARPLL
) != 0) ? mDNSfalse
: mDNStrue
;
4052 i
->ifinfo
.DirectLink
= (eflags
& IFEF_DIRECTLINK
) ? mDNStrue
: mDNSfalse
;
4056 i
->Exists
= mDNStrue
;
4057 i
->Flashing
= mDNSfalse
;
4058 i
->Occulting
= mDNSfalse
;
4059 i
->D2DInterface
= (eflags
& IFEF_LOCALNET_PRIVATE
) ? mDNStrue
: mDNSfalse
;
4060 if (eflags
& IFEF_AWDL
)
4062 AWDLInterfaceID
= i
->ifinfo
.InterfaceID
;
4063 LogInfo("AddInterfaceToList: AWDLInterfaceID = %d", (int) AWDLInterfaceID
);
4065 i
->AppearanceTime
= utc
; // Brand new interface; AppearanceTime is now
4067 i
->ifa_flags
= ifa
->ifa_flags
;
4068 i
->scope_id
= scope_id
;
4070 i
->sa_family
= ifa
->ifa_addr
->sa_family
;
4074 i
->Registered
= mDNSNULL
;
4076 // Do this AFTER i->BSSID has been set up
4077 i
->ifinfo
.NetWake
= NetWakeInterface(i
);
4078 GetMAC(&i
->ifinfo
.MAC
, scope_id
);
4079 if (i
->ifinfo
.NetWake
&& !i
->ifinfo
.MAC
.l
[0])
4080 LogMsg("AddInterfaceToList: Bad MAC address %.6a for %d %s %#a", &i
->ifinfo
.MAC
, scope_id
, i
->ifinfo
.ifname
, &ip
);
4086 #if APPLE_OSX_mDNSResponder
4088 #if COMPILER_LIKES_PRAGMA_MARK
4090 #pragma mark - AutoTunnel
4093 #define kRacoonPort 4500
4095 static DomainAuthInfo
* AnonymousRacoonConfig
= mDNSNULL
;
4097 #ifndef NO_SECURITYFRAMEWORK
4099 static CFMutableDictionaryRef domainStatusDict
= NULL
;
4101 mDNSlocal mStatus
CheckQuestionForStatus(const DNSQuestion
*const q
)
4105 if (q
->servAddr
.type
== mDNSAddrType_IPv4
&& mDNSIPv4AddressIsOnes(q
->servAddr
.ip
.v4
))
4106 return mStatus_NoSuchRecord
;
4107 else if (q
->state
== LLQ_Poll
)
4108 return mStatus_PollingMode
;
4109 else if (q
->state
!= LLQ_Established
&& !q
->DuplicateOf
)
4110 return mStatus_TransientErr
;
4113 return mStatus_NoError
;
4116 mDNSlocal mStatus
UpdateLLQStatus(const mDNS
*const m
, char *buffer
, int bufsz
, const DomainAuthInfo
*const info
)
4118 mStatus status
= mStatus_NoError
;
4119 DNSQuestion
* q
, *worst_q
= mDNSNULL
;
4120 for (q
= m
->Questions
; q
; q
=q
->next
)
4121 if (q
->AuthInfo
== info
)
4123 mStatus newStatus
= CheckQuestionForStatus(q
);
4124 if (newStatus
== mStatus_NoSuchRecord
) { status
= newStatus
; worst_q
= q
; break; }
4125 else if (newStatus
== mStatus_PollingMode
) { status
= newStatus
; worst_q
= q
; }
4126 else if (newStatus
== mStatus_TransientErr
&& status
== mStatus_NoError
) { status
= newStatus
; worst_q
= q
; }
4129 if (status
== mStatus_NoError
) mDNS_snprintf(buffer
, bufsz
, "Success");
4130 else if (status
== mStatus_NoSuchRecord
) mDNS_snprintf(buffer
, bufsz
, "GetZoneData %s: %##s", worst_q
->nta
? "not yet complete" : "failed", worst_q
->qname
.c
);
4131 else if (status
== mStatus_PollingMode
) mDNS_snprintf(buffer
, bufsz
, "Query polling %##s", worst_q
->qname
.c
);
4132 else if (status
== mStatus_TransientErr
) mDNS_snprintf(buffer
, bufsz
, "Query not yet established %##s", worst_q
->qname
.c
);
4136 mDNSlocal mStatus
UpdateRRStatus(const mDNS
*const m
, char *buffer
, int bufsz
, const DomainAuthInfo
*const info
)
4140 if (info
->deltime
) return mStatus_NoError
;
4141 for (r
= m
->ResourceRecords
; r
; r
= r
->next
)
4143 // This function is called from UpdateAutoTunnelDomainStatus which in turn may be called from
4144 // a callback e.g., CheckNATMappings. GetAuthInfoFor_internal does not like that (reentrancy being 1),
4145 // hence we inline the code here. We just need the lock to walk the list of AuthInfos which the caller
4146 // has already checked
4147 const domainname
*n
= r
->resrec
.name
;
4150 DomainAuthInfo
*ptr
;
4151 for (ptr
= m
->AuthInfoList
; ptr
; ptr
= ptr
->next
)
4152 if (SameDomainName(&ptr
->domain
, n
))
4154 if (ptr
== info
&& (r
->updateError
== mStatus_BadSig
|| r
->updateError
== mStatus_BadKey
|| r
->updateError
== mStatus_BadTime
))
4156 mDNS_snprintf(buffer
, bufsz
, "Resource record update failed for %##s", r
->resrec
.name
);
4157 return r
->updateError
;
4160 n
= (const domainname
*)(n
->c
+ 1 + n
->c
[0]);
4163 return mStatus_NoError
;
4166 #endif // ndef NO_SECURITYFRAMEWORK
4168 // MUST be called with lock held
4169 mDNSlocal
void UpdateAutoTunnelDomainStatus(const mDNS
*const m
, const DomainAuthInfo
*const info
)
4171 #ifdef NO_SECURITYFRAMEWORK
4175 // Note that in the LLQNAT, the clientCallback being non-zero means it's in use,
4176 // whereas in the AutoTunnelNAT, the clientContext being non-zero means it's in use
4177 const NATTraversalInfo
*const llq
= m
->LLQNAT
.clientCallback
? &m
->LLQNAT
: mDNSNULL
;
4178 const NATTraversalInfo
*const tun
= m
->AutoTunnelNAT
.clientContext
? &m
->AutoTunnelNAT
: mDNSNULL
;
4181 CFMutableDictionaryRef dict
= CFDictionaryCreateMutable(NULL
, 0, &kCFTypeDictionaryKeyCallBacks
, &kCFTypeDictionaryValueCallBacks
);
4182 CFStringRef domain
= NULL
;
4183 CFStringRef tmp
= NULL
;
4184 CFNumberRef num
= NULL
;
4185 mStatus status
= mStatus_NoError
;
4186 mStatus llqStatus
= mStatus_NoError
;
4187 char llqBuffer
[1024];
4191 if (!domainStatusDict
)
4193 domainStatusDict
= CFDictionaryCreateMutable(NULL
, 0, &kCFTypeDictionaryKeyCallBacks
, &kCFTypeDictionaryValueCallBacks
);
4194 if (!domainStatusDict
) { LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFDictionary domainStatusDict"); return; }
4197 if (!dict
) { LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFDictionary dict"); return; }
4199 buflen
= mDNS_snprintf(buffer
, sizeof(buffer
), "%##s", info
->domain
.c
);
4200 domain
= CFStringCreateWithCString(NULL
, buffer
, kCFStringEncodingUTF8
);
4201 if (!domain
) { LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFString domain"); return; }
4205 if (CFDictionaryContainsKey(domainStatusDict
, domain
))
4207 CFDictionaryRemoveValue(domainStatusDict
, domain
);
4208 if (!m
->ShutdownTime
) mDNSDynamicStoreSetConfig(kmDNSBackToMyMacConfig
, mDNSNULL
, domainStatusDict
);
4216 mDNS_snprintf(buffer
, sizeof(buffer
), "%#a", &m
->Router
);
4217 tmp
= CFStringCreateWithCString(NULL
, buffer
, kCFStringEncodingUTF8
);
4219 LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFString RouterAddress");
4222 CFDictionarySetValue(dict
, CFSTR("RouterAddress"), tmp
);
4228 mDNSu32 port
= mDNSVal16(llq
->ExternalPort
);
4230 num
= CFNumberCreate(NULL
, kCFNumberSInt32Type
, &port
);
4232 LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFNumber LLQExternalPort");
4235 CFDictionarySetValue(dict
, CFSTR("LLQExternalPort"), num
);
4241 num
= CFNumberCreate(NULL
, kCFNumberSInt32Type
, &llq
->Result
);
4243 LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFNumber LLQNPMStatus");
4246 CFDictionarySetValue(dict
, CFSTR("LLQNPMStatus"), num
);
4254 mDNSu32 port
= mDNSVal16(tun
->ExternalPort
);
4256 num
= CFNumberCreate(NULL
, kCFNumberSInt32Type
, &port
);
4258 LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFNumber AutoTunnelExternalPort");
4261 CFDictionarySetValue(dict
, CFSTR("AutoTunnelExternalPort"), num
);
4265 mDNS_snprintf(buffer
, sizeof(buffer
), "%.4a", &tun
->ExternalAddress
);
4266 tmp
= CFStringCreateWithCString(NULL
, buffer
, kCFStringEncodingUTF8
);
4268 LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFString ExternalAddress");
4271 CFDictionarySetValue(dict
, CFSTR("ExternalAddress"), tmp
);
4277 num
= CFNumberCreate(NULL
, kCFNumberSInt32Type
, &tun
->Result
);
4279 LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFNumber AutoTunnelNPMStatus");
4282 CFDictionarySetValue(dict
, CFSTR("AutoTunnelNPMStatus"), num
);
4289 mDNSu32 code
= m
->LastNATMapResultCode
;
4291 num
= CFNumberCreate(NULL
, kCFNumberSInt32Type
, &code
);
4293 LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFNumber LastNATMapResultCode");
4296 CFDictionarySetValue(dict
, CFSTR("LastNATMapResultCode"), num
);
4301 mDNS_snprintf(buffer
, sizeof(buffer
), "Success");
4302 llqStatus
= UpdateLLQStatus(m
, llqBuffer
, sizeof(llqBuffer
), info
);
4303 status
= UpdateRRStatus(m
, buffer
, sizeof(buffer
), info
);
4305 // If we have a bad signature error updating a RR, it overrides any error as it needs to be
4306 // reported so that it can be fixed automatically (or the user needs to be notified)
4307 if (status
!= mStatus_NoError
)
4309 LogInfo("UpdateAutoTunnelDomainStatus: RR Status %d, %s", status
, buffer
);
4311 else if (m
->Router
.type
== mDNSAddrType_None
)
4313 status
= mStatus_NoRouter
;
4314 mDNS_snprintf(buffer
, sizeof(buffer
), "No network connection - none");
4316 else if (m
->Router
.type
== mDNSAddrType_IPv4
&& mDNSIPv4AddressIsZero(m
->Router
.ip
.v4
))
4318 status
= mStatus_NoRouter
;
4319 mDNS_snprintf(buffer
, sizeof(buffer
), "No network connection - v4 zero");
4321 else if (mDNSIPv6AddressIsZero(info
->AutoTunnelInnerAddress
))
4323 status
= mStatus_ServiceNotRunning
;
4324 mDNS_snprintf(buffer
, sizeof(buffer
), "No inner address");
4326 else if (!llq
&& !tun
)
4328 status
= mStatus_NotInitializedErr
;
4329 mDNS_snprintf(buffer
, sizeof(buffer
), "Neither LLQ nor AutoTunnel NAT port mapping is currently active");
4331 else if (llqStatus
== mStatus_NoSuchRecord
)
4334 mDNS_snprintf(buffer
, sizeof(buffer
), llqBuffer
);
4336 else if ((llq
&& llq
->Result
== mStatus_DoubleNAT
) || (tun
&& tun
->Result
== mStatus_DoubleNAT
))
4338 status
= mStatus_DoubleNAT
;
4339 mDNS_snprintf(buffer
, sizeof(buffer
), "Double NAT: Router is reporting a private address");
4341 else if ((llq
&& llq
->Result
== mStatus_NATPortMappingDisabled
) ||
4342 (tun
&& tun
->Result
== mStatus_NATPortMappingDisabled
) ||
4343 (m
->LastNATMapResultCode
== NATErr_Refused
&& ((llq
&& !llq
->Result
&& mDNSIPPortIsZero(llq
->ExternalPort
)) || (tun
&& !tun
->Result
&& mDNSIPPortIsZero(tun
->ExternalPort
)))))
4345 status
= mStatus_NATPortMappingDisabled
;
4346 mDNS_snprintf(buffer
, sizeof(buffer
), "PCP/NAT-PMP is disabled on the router");
4348 else if ((llq
&& llq
->Result
) || (tun
&& tun
->Result
))
4350 status
= mStatus_NATTraversal
;
4351 mDNS_snprintf(buffer
, sizeof(buffer
), "Error obtaining NAT port mapping from router");
4353 else if ((llq
&& mDNSIPPortIsZero(llq
->ExternalPort
)) || (tun
&& mDNSIPPortIsZero(tun
->ExternalPort
)))
4355 status
= mStatus_NATTraversal
;
4356 mDNS_snprintf(buffer
, sizeof(buffer
), "Unable to obtain NAT port mapping from router");
4361 mDNS_snprintf(buffer
, sizeof(buffer
), llqBuffer
);
4362 LogInfo("UpdateAutoTunnelDomainStatus: LLQ Status %d, %s", status
, buffer
);
4365 num
= CFNumberCreate(NULL
, kCFNumberSInt32Type
, &status
);
4367 LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFNumber StatusCode");
4370 CFDictionarySetValue(dict
, CFSTR("StatusCode"), num
);
4374 tmp
= CFStringCreateWithCString(NULL
, buffer
, kCFStringEncodingUTF8
);
4376 LogMsg("UpdateAutoTunnelDomainStatus: Could not create CFString StatusMessage");
4379 CFDictionarySetValue(dict
, CFSTR("StatusMessage"), tmp
);
4383 if (!CFDictionaryContainsKey(domainStatusDict
, domain
) ||
4384 !CFEqual(dict
, (CFMutableDictionaryRef
)CFDictionaryGetValue(domainStatusDict
, domain
)))
4386 CFDictionarySetValue(domainStatusDict
, domain
, dict
);
4387 if (!m
->ShutdownTime
)
4389 static char statusBuf
[16];
4390 mDNS_snprintf(statusBuf
, sizeof(statusBuf
), "%d", (int)status
);
4391 mDNSASLLog((uuid_t
*)&m
->asl_uuid
, "autotunnel.domainstatus", status
? "failure" : "success", statusBuf
, "");
4392 mDNSDynamicStoreSetConfig(kmDNSBackToMyMacConfig
, mDNSNULL
, domainStatusDict
);
4399 debugf("UpdateAutoTunnelDomainStatus: %s", buffer
);
4400 #endif // def NO_SECURITYFRAMEWORK
4403 // MUST be called with lock held
4404 mDNSexport
void UpdateAutoTunnelDomainStatuses(const mDNS
*const m
)
4406 #ifdef NO_SECURITYFRAMEWORK
4410 DomainAuthInfo
* info
;
4411 for (info
= m
->AuthInfoList
; info
; info
= info
->next
)
4412 if (info
->AutoTunnel
&& !info
->deltime
)
4413 UpdateAutoTunnelDomainStatus(m
, info
);
4414 #endif // def NO_SECURITYFRAMEWORK
4417 mDNSlocal
void UpdateAnonymousRacoonConfig(mDNS
*m
) // Determine whether we need racoon to accept incoming connections
4419 DomainAuthInfo
*info
;
4421 for (info
= m
->AuthInfoList
; info
; info
= info
->next
)
4422 if (info
->AutoTunnel
&& !info
->deltime
&& (!mDNSIPPortIsZero(m
->AutoTunnelNAT
.ExternalPort
) || !mDNSIPv6AddressIsZero(m
->AutoTunnelRelayAddr
)))
4425 if (info
!= AnonymousRacoonConfig
)
4427 AnonymousRacoonConfig
= info
;
4428 // Create or revert configuration file, and start (or SIGHUP) Racoon
4429 (void)mDNSConfigureServer(AnonymousRacoonConfig
? kmDNSUp
: kmDNSDown
, AnonymousRacoonConfig
? btmmprefix
: mDNSNULL
, AnonymousRacoonConfig
? &AnonymousRacoonConfig
->domain
: mDNSNULL
);
4433 mDNSlocal
void AutoTunnelRecordCallback(mDNS
*const m
, AuthRecord
*const rr
, mStatus result
);
4435 // Caller must hold the lock
4436 mDNSlocal mDNSBool
DeregisterAutoTunnelRecord(mDNS
*m
, DomainAuthInfo
*info
, AuthRecord
* record
)
4440 LogInfo("DeregisterAutoTunnelRecord %##s %##s", &info
->domain
.c
, record
->namestorage
.c
);
4442 if (record
->resrec
.RecordType
> kDNSRecordTypeDeregistering
)
4444 mStatus err
= mDNS_Deregister_internal(m
, record
, mDNS_Dereg_normal
);
4447 record
->resrec
.RecordType
= kDNSRecordTypeUnregistered
;
4448 LogMsg("DeregisterAutoTunnelRecord error %d deregistering %##s %##s", err
, info
->domain
.c
, record
->namestorage
.c
);
4451 else LogInfo("DeregisterAutoTunnelRecord: Deregistered");
4453 else LogInfo("DeregisterAutoTunnelRecord: Not deregistering, state:%d", record
->resrec
.RecordType
);
4458 // Caller must hold the lock
4459 mDNSlocal
void DeregisterAutoTunnelHostRecord(mDNS
*m
, DomainAuthInfo
*info
)
4461 if (!DeregisterAutoTunnelRecord(m
, info
, &info
->AutoTunnelHostRecord
))
4463 info
->AutoTunnelHostRecord
.namestorage
.c
[0] = 0;
4464 m
->NextSRVUpdate
= NonZeroTime(m
->timenow
);
4468 // Caller must hold the lock
4469 mDNSlocal
void UpdateAutoTunnelHostRecord(mDNS
*m
, DomainAuthInfo
*info
)
4472 mDNSBool NATProblem
= mDNSIPPortIsZero(m
->AutoTunnelNAT
.ExternalPort
) || m
->AutoTunnelNAT
.Result
;
4476 if (!info
->AutoTunnelServiceStarted
|| info
->deltime
|| m
->ShutdownTime
|| mDNSIPv6AddressIsZero(info
->AutoTunnelInnerAddress
) || (m
->SleepState
!= SleepState_Awake
&& NATProblem
))
4478 LogInfo("UpdateAutoTunnelHostRecord: Dereg %##s : AutoTunnelServiceStarted(%d) deltime(%d) address(%.16a) sleepstate(%d)",
4479 info
->domain
.c
, info
->AutoTunnelServiceStarted
, info
->deltime
, &info
->AutoTunnelInnerAddress
, m
->SleepState
);
4480 DeregisterAutoTunnelHostRecord(m
, info
);
4482 else if (info
->AutoTunnelHostRecord
.resrec
.RecordType
== kDNSRecordTypeUnregistered
)
4484 mDNS_SetupResourceRecord(&info
->AutoTunnelHostRecord
, mDNSNULL
, mDNSInterface_Any
, kDNSType_AAAA
, kHostNameTTL
,
4485 kDNSRecordTypeUnregistered
, AuthRecordAny
, AutoTunnelRecordCallback
, info
);
4486 info
->AutoTunnelHostRecord
.namestorage
.c
[0] = 0;
4487 AppendDomainLabel(&info
->AutoTunnelHostRecord
.namestorage
, &m
->hostlabel
);
4488 AppendDomainName (&info
->AutoTunnelHostRecord
.namestorage
, &info
->domain
);
4489 info
->AutoTunnelHostRecord
.resrec
.rdata
->u
.ipv6
= info
->AutoTunnelInnerAddress
;
4490 info
->AutoTunnelHostRecord
.resrec
.RecordType
= kDNSRecordTypeKnownUnique
;
4492 err
= mDNS_Register_internal(m
, &info
->AutoTunnelHostRecord
);
4493 if (err
) LogMsg("UpdateAutoTunnelHostRecord error %d registering %##s", err
, info
->AutoTunnelHostRecord
.namestorage
.c
);
4496 // Make sure we trigger the registration of all SRV records in regState_NoTarget again
4497 m
->NextSRVUpdate
= NonZeroTime(m
->timenow
);
4498 LogInfo("UpdateAutoTunnelHostRecord registering %##s", info
->AutoTunnelHostRecord
.namestorage
.c
);
4501 else LogInfo("UpdateAutoTunnelHostRecord: Type %d", info
->AutoTunnelHostRecord
.resrec
.RecordType
);
4504 // Caller must hold the lock
4505 mDNSlocal
void DeregisterAutoTunnelServiceRecords(mDNS
*m
, DomainAuthInfo
*info
)
4507 LogInfo("DeregisterAutoTunnelServiceRecords %##s", info
->domain
.c
);
4509 DeregisterAutoTunnelRecord(m
, info
, &info
->AutoTunnelTarget
);
4510 DeregisterAutoTunnelRecord(m
, info
, &info
->AutoTunnelService
);
4511 UpdateAutoTunnelHostRecord(m
, info
);
4514 // Caller must hold the lock
4515 mDNSlocal
void UpdateAutoTunnelServiceRecords(mDNS
*m
, DomainAuthInfo
*info
)
4519 if (!info
->AutoTunnelServiceStarted
|| info
->deltime
|| m
->ShutdownTime
|| mDNSIPPortIsZero(m
->AutoTunnelNAT
.ExternalPort
) || m
->AutoTunnelNAT
.Result
)
4521 LogInfo("UpdateAutoTunnelServiceRecords: Dereg %##s : AutoTunnelServiceStarted(%d) deltime(%d) ExtPort(%d) NATResult(%d)", info
->domain
.c
, info
->AutoTunnelServiceStarted
, info
->deltime
, mDNSVal16(m
->AutoTunnelNAT
.ExternalPort
), m
->AutoTunnelNAT
.Result
);
4522 DeregisterAutoTunnelServiceRecords(m
, info
);
4526 if (info
->AutoTunnelTarget
.resrec
.RecordType
== kDNSRecordTypeUnregistered
)
4528 // 1. Set up our address record for the external tunnel address
4529 // (Constructed name, not generally user-visible, used as target in IKE tunnel's SRV record)
4530 mDNS_SetupResourceRecord(&info
->AutoTunnelTarget
, mDNSNULL
, mDNSInterface_Any
, kDNSType_A
, kHostNameTTL
,
4531 kDNSRecordTypeUnregistered
, AuthRecordAny
, AutoTunnelRecordCallback
, info
);
4532 AssignDomainName (&info
->AutoTunnelTarget
.namestorage
, (const domainname
*) "\x0B" "_autotunnel");
4533 AppendDomainLabel(&info
->AutoTunnelTarget
.namestorage
, &m
->hostlabel
);
4534 AppendDomainName (&info
->AutoTunnelTarget
.namestorage
, &info
->domain
);
4535 info
->AutoTunnelTarget
.resrec
.rdata
->u
.ipv4
= m
->AutoTunnelNAT
.ExternalAddress
;
4536 info
->AutoTunnelTarget
.resrec
.RecordType
= kDNSRecordTypeKnownUnique
;
4538 mStatus err
= mDNS_Register_internal(m
, &info
->AutoTunnelTarget
);
4539 if (err
) LogMsg("UpdateAutoTunnelServiceRecords error %d registering %##s", err
, info
->AutoTunnelTarget
.namestorage
.c
);
4540 else LogInfo("UpdateAutoTunnelServiceRecords registering %##s", info
->AutoTunnelTarget
.namestorage
.c
);
4542 else LogInfo("UpdateAutoTunnelServiceRecords: NOOP Target state(%d)", info
->AutoTunnelTarget
.resrec
.RecordType
);
4544 if (info
->AutoTunnelService
.resrec
.RecordType
== kDNSRecordTypeUnregistered
)
4546 // 2. Set up IKE tunnel's SRV record: _autotunnel._udp.AutoTunnelHost SRV 0 0 port AutoTunnelTarget
4547 mDNS_SetupResourceRecord(&info
->AutoTunnelService
, mDNSNULL
, mDNSInterface_Any
, kDNSType_SRV
, kHostNameTTL
,
4548 kDNSRecordTypeUnregistered
, AuthRecordAny
, AutoTunnelRecordCallback
, info
);
4549 AssignDomainName (&info
->AutoTunnelService
.namestorage
, (const domainname
*) "\x0B" "_autotunnel" "\x04" "_udp");
4550 AppendDomainLabel(&info
->AutoTunnelService
.namestorage
, &m
->hostlabel
);
4551 AppendDomainName (&info
->AutoTunnelService
.namestorage
, &info
->domain
);
4552 info
->AutoTunnelService
.resrec
.rdata
->u
.srv
.priority
= 0;
4553 info
->AutoTunnelService
.resrec
.rdata
->u
.srv
.weight
= 0;
4554 info
->AutoTunnelService
.resrec
.rdata
->u
.srv
.port
= m
->AutoTunnelNAT
.ExternalPort
;
4555 AssignDomainName(&info
->AutoTunnelService
.resrec
.rdata
->u
.srv
.target
, &info
->AutoTunnelTarget
.namestorage
);
4556 info
->AutoTunnelService
.resrec
.RecordType
= kDNSRecordTypeKnownUnique
;
4558 mStatus err
= mDNS_Register_internal(m
, &info
->AutoTunnelService
);
4559 if (err
) LogMsg("UpdateAutoTunnelServiceRecords error %d registering %##s", err
, info
->AutoTunnelService
.namestorage
.c
);
4560 else LogInfo("UpdateAutoTunnelServiceRecords registering %##s", info
->AutoTunnelService
.namestorage
.c
);
4562 else LogInfo("UpdateAutoTunnelServiceRecords: NOOP Service state(%d)", info
->AutoTunnelService
.resrec
.RecordType
);
4564 UpdateAutoTunnelHostRecord(m
, info
);
4566 LogInfo("AutoTunnel server listening for connections on %##s[%.4a]:%d:%##s[%.16a]",
4567 info
->AutoTunnelTarget
.namestorage
.c
, &m
->AdvertisedV4
.ip
.v4
, mDNSVal16(m
->AutoTunnelNAT
.IntPort
),
4568 info
->AutoTunnelHostRecord
.namestorage
.c
, &info
->AutoTunnelInnerAddress
);
4573 // Caller must hold the lock
4574 mDNSlocal
void DeregisterAutoTunnelDeviceInfoRecord(mDNS
*m
, DomainAuthInfo
*info
)
4576 DeregisterAutoTunnelRecord(m
, info
, &info
->AutoTunnelDeviceInfo
);
4579 // Caller must hold the lock
4580 mDNSlocal
void UpdateAutoTunnelDeviceInfoRecord(mDNS
*m
, DomainAuthInfo
*info
)
4584 if (!info
->AutoTunnelServiceStarted
|| info
->deltime
|| m
->ShutdownTime
)
4585 DeregisterAutoTunnelDeviceInfoRecord(m
, info
);
4586 else if (info
->AutoTunnelDeviceInfo
.resrec
.RecordType
== kDNSRecordTypeUnregistered
)
4588 mDNS_SetupResourceRecord(&info
->AutoTunnelDeviceInfo
, mDNSNULL
, mDNSInterface_Any
, kDNSType_TXT
, kStandardTTL
, kDNSRecordTypeUnregistered
, AuthRecordAny
, AutoTunnelRecordCallback
, info
);
4589 ConstructServiceName(&info
->AutoTunnelDeviceInfo
.namestorage
, &m
->nicelabel
, &DeviceInfoName
, &info
->domain
);
4591 info
->AutoTunnelDeviceInfo
.resrec
.rdlength
= initializeDeviceInfoTXT(m
, info
->AutoTunnelDeviceInfo
.resrec
.rdata
->u
.data
);
4592 info
->AutoTunnelDeviceInfo
.resrec
.RecordType
= kDNSRecordTypeKnownUnique
;
4594 mStatus err
= mDNS_Register_internal(m
, &info
->AutoTunnelDeviceInfo
);
4595 if (err
) LogMsg("UpdateAutoTunnelDeviceInfoRecord error %d registering %##s", err
, info
->AutoTunnelDeviceInfo
.namestorage
.c
);
4596 else LogInfo("UpdateAutoTunnelDeviceInfoRecord registering %##s", info
->AutoTunnelDeviceInfo
.namestorage
.c
);
4599 LogInfo("UpdateAutoTunnelDeviceInfoRecord: not in Unregistered state: %d",info
->AutoTunnelDeviceInfo
.resrec
.RecordType
);
4602 // Caller must hold the lock
4603 mDNSlocal
void DeregisterAutoTunnel6Record(mDNS
*m
, DomainAuthInfo
*info
)
4605 LogInfo("DeregisterAutoTunnel6Record %##s", info
->domain
.c
);
4607 DeregisterAutoTunnelRecord(m
, info
, &info
->AutoTunnel6Record
);
4608 UpdateAutoTunnelHostRecord(m
, info
);
4609 UpdateAutoTunnelDomainStatus(m
, info
);
4612 // Caller must hold the lock
4613 mDNSlocal
void UpdateAutoTunnel6Record(mDNS
*m
, DomainAuthInfo
*info
)
4617 if (!info
->AutoTunnelServiceStarted
|| info
->deltime
|| m
->ShutdownTime
|| mDNSIPv6AddressIsZero(m
->AutoTunnelRelayAddr
) || m
->SleepState
!= SleepState_Awake
)
4618 DeregisterAutoTunnel6Record(m
, info
);
4619 else if (info
->AutoTunnel6Record
.resrec
.RecordType
== kDNSRecordTypeUnregistered
)
4621 mDNS_SetupResourceRecord(&info
->AutoTunnel6Record
, mDNSNULL
, mDNSInterface_Any
, kDNSType_AAAA
, kHostNameTTL
,
4622 kDNSRecordTypeUnregistered
, AuthRecordAny
, AutoTunnelRecordCallback
, info
);
4623 AssignDomainName (&info
->AutoTunnel6Record
.namestorage
, (const domainname
*) "\x0C" "_autotunnel6");
4624 AppendDomainLabel(&info
->AutoTunnel6Record
.namestorage
, &m
->hostlabel
);
4625 AppendDomainName (&info
->AutoTunnel6Record
.namestorage
, &info
->domain
);
4626 info
->AutoTunnel6Record
.resrec
.rdata
->u
.ipv6
= m
->AutoTunnelRelayAddr
;
4627 info
->AutoTunnel6Record
.resrec
.RecordType
= kDNSRecordTypeKnownUnique
;
4629 mStatus err
= mDNS_Register_internal(m
, &info
->AutoTunnel6Record
);
4630 if (err
) LogMsg("UpdateAutoTunnel6Record error %d registering %##s", err
, info
->AutoTunnel6Record
.namestorage
.c
);
4631 else LogInfo("UpdateAutoTunnel6Record registering %##s", info
->AutoTunnel6Record
.namestorage
.c
);
4633 UpdateAutoTunnelHostRecord(m
, info
);
4635 LogInfo("AutoTunnel6 server listening for connections on %##s[%.16a] :%##s[%.16a]",
4636 info
->AutoTunnel6Record
.namestorage
.c
, &m
->AutoTunnelRelayAddr
,
4637 info
->AutoTunnelHostRecord
.namestorage
.c
, &info
->AutoTunnelInnerAddress
);
4640 else LogInfo("UpdateAutoTunnel6Record NOOP state(%d)",info
->AutoTunnel6Record
.resrec
.RecordType
);
4643 mDNSlocal
void AutoTunnelRecordCallback(mDNS
*const m
, AuthRecord
*const rr
, mStatus result
)
4645 DomainAuthInfo
*info
= (DomainAuthInfo
*)rr
->RecordContext
;
4646 if (result
== mStatus_MemFree
)
4648 LogInfo("AutoTunnelRecordCallback MemFree %s", ARDisplayString(m
, rr
));
4652 // Reset the host record namestorage to force high-level PTR/SRV/TXT to deregister
4653 if (rr
== &info
->AutoTunnelHostRecord
)
4655 rr
->namestorage
.c
[0] = 0;
4656 m
->NextSRVUpdate
= NonZeroTime(m
->timenow
);
4657 LogInfo("AutoTunnelRecordCallback: NextSRVUpdate in %d %d", m
->NextSRVUpdate
- m
->timenow
, m
->timenow
);
4659 if (m
->ShutdownTime
)
4661 LogInfo("AutoTunnelRecordCallback: Shutdown, returning");
4665 if (rr
== &info
->AutoTunnelHostRecord
)
4667 LogInfo("AutoTunnelRecordCallback: calling UpdateAutoTunnelHostRecord");
4668 UpdateAutoTunnelHostRecord(m
,info
);
4670 else if (rr
== &info
->AutoTunnelDeviceInfo
)
4672 LogInfo("AutoTunnelRecordCallback: Calling UpdateAutoTunnelDeviceInfoRecord");
4673 UpdateAutoTunnelDeviceInfoRecord(m
,info
);
4675 else if (rr
== &info
->AutoTunnelService
|| rr
== &info
->AutoTunnelTarget
)
4677 LogInfo("AutoTunnelRecordCallback: Calling UpdateAutoTunnelServiceRecords");
4678 UpdateAutoTunnelServiceRecords(m
,info
);
4680 else if (rr
== &info
->AutoTunnel6Record
)
4682 LogInfo("AutoTunnelRecordCallback: Calling UpdateAutoTunnel6Record");
4683 UpdateAutoTunnel6Record(m
,info
);
4690 mDNSlocal
void AutoTunnelNATCallback(mDNS
*m
, NATTraversalInfo
*n
)
4692 DomainAuthInfo
*info
;
4694 LogInfo("AutoTunnelNATCallback Result %d %.4a Internal %d External %d",
4695 n
->Result
, &n
->ExternalAddress
, mDNSVal16(n
->IntPort
), mDNSVal16(n
->ExternalPort
));
4699 m
->NextSRVUpdate
= NonZeroTime(m
->timenow
);
4700 LogInfo("AutoTunnelNATCallback: NextSRVUpdate in %d %d", m
->NextSRVUpdate
- m
->timenow
, m
->timenow
);
4702 for (info
= m
->AuthInfoList
; info
; info
= info
->next
)
4703 if (info
->AutoTunnel
)
4704 UpdateAutoTunnelServiceRecords(m
, info
);
4706 UpdateAnonymousRacoonConfig(m
); // Determine whether we need racoon to accept incoming connections
4708 UpdateAutoTunnelDomainStatuses(m
);
4713 mDNSlocal
void AutoTunnelHostNameChanged(mDNS
*m
, DomainAuthInfo
*info
)
4715 LogInfo("AutoTunnelHostNameChanged %#s.%##s", m
->hostlabel
.c
, info
->domain
.c
);
4718 // We forcibly deregister the records that are based on the hostname.
4719 // When deregistration of each completes, the MemFree callback will make the
4720 // appropriate Update* call to use the new name to reregister.
4721 DeregisterAutoTunnelHostRecord(m
, info
);
4722 DeregisterAutoTunnelDeviceInfoRecord(m
, info
);
4723 DeregisterAutoTunnelServiceRecords(m
, info
);
4724 DeregisterAutoTunnel6Record(m
, info
);
4725 m
->NextSRVUpdate
= NonZeroTime(m
->timenow
);
4729 // Must be called with the lock held
4730 mDNSexport
void StartServerTunnel(mDNS
*const m
, DomainAuthInfo
*const info
)
4732 if (info
->deltime
) return;
4734 if (info
->AutoTunnelServiceStarted
)
4736 // On wake from sleep, this function will be called when determining SRV targets,
4737 // and needs to re-register the host record for the target to be set correctly
4738 UpdateAutoTunnelHostRecord(m
, info
);
4742 info
->AutoTunnelServiceStarted
= mDNStrue
;
4744 // Now that we have a service in this domain, we need to try to register the
4745 // AutoTunnel records, because the relay connection & NAT-T may have already been
4746 // started for another domain. If the relay connection is not up or the NAT-T has not
4747 // yet succeeded, the Update* functions are smart enough to not register the records.
4748 // Note: This should be done after we set AutoTunnelServiceStarted, as that variable is used to
4749 // decide whether to register the AutoTunnel records in the calls below.
4750 UpdateAutoTunnelServiceRecords(m
, info
);
4751 UpdateAutoTunnel6Record(m
, info
);
4752 UpdateAutoTunnelDeviceInfoRecord(m
, info
);
4753 UpdateAutoTunnelHostRecord(m
, info
);
4755 // If the global AutoTunnel NAT-T is not yet started, start it.
4756 if (!m
->AutoTunnelNAT
.clientContext
)
4758 m
->AutoTunnelNAT
.clientCallback
= AutoTunnelNATCallback
;
4759 m
->AutoTunnelNAT
.clientContext
= (void*)1; // Means AutoTunnelNAT Traversal is active;
4760 m
->AutoTunnelNAT
.Protocol
= NATOp_MapUDP
;
4761 m
->AutoTunnelNAT
.IntPort
= IPSECPort
;
4762 m
->AutoTunnelNAT
.RequestedPort
= IPSECPort
;
4763 m
->AutoTunnelNAT
.NATLease
= 0;
4764 mStatus err
= mDNS_StartNATOperation_internal(m
, &m
->AutoTunnelNAT
);
4765 if (err
) LogMsg("StartServerTunnel: error %d starting NAT mapping", err
);
4769 mDNSlocal mStatus
AutoTunnelSetKeys(ClientTunnel
*tun
, mDNSBool AddNew
)
4771 mDNSv6Addr loc_outer6
;
4772 mDNSv6Addr rmt_outer6
;
4774 // When we are tunneling over IPv6 Relay address, the port number is zero
4775 if (mDNSIPPortIsZero(tun
->rmt_outer_port
))
4777 loc_outer6
= tun
->loc_outer6
;
4778 rmt_outer6
= tun
->rmt_outer6
;
4782 loc_outer6
= zerov6Addr
;
4783 loc_outer6
.b
[0] = tun
->loc_outer
.b
[0];
4784 loc_outer6
.b
[1] = tun
->loc_outer
.b
[1];
4785 loc_outer6
.b
[2] = tun
->loc_outer
.b
[2];
4786 loc_outer6
.b
[3] = tun
->loc_outer
.b
[3];
4788 rmt_outer6
= zerov6Addr
;
4789 rmt_outer6
.b
[0] = tun
->rmt_outer
.b
[0];
4790 rmt_outer6
.b
[1] = tun
->rmt_outer
.b
[1];
4791 rmt_outer6
.b
[2] = tun
->rmt_outer
.b
[2];
4792 rmt_outer6
.b
[3] = tun
->rmt_outer
.b
[3];
4795 return(mDNSAutoTunnelSetKeys(AddNew
? kmDNSAutoTunnelSetKeysReplace
: kmDNSAutoTunnelSetKeysDelete
, tun
->loc_inner
.b
, loc_outer6
.b
, kRacoonPort
, tun
->rmt_inner
.b
, rmt_outer6
.b
, mDNSVal16(tun
->rmt_outer_port
), btmmprefix
, SkipLeadingLabels(&tun
->dstname
, 1)));
4798 // If the EUI-64 part of the IPv6 ULA matches, then that means the two addresses point to the same machine
4799 #define mDNSSameClientTunnel(A,B) ((A)->l[2] == (B)->l[2] && (A)->l[3] == (B)->l[3])
4801 mDNSlocal
void ReissueBlockedQuestionWithType(mDNS
*const m
, domainname
*d
, mDNSBool success
, mDNSu16 qtype
)
4803 DNSQuestion
*q
= m
->Questions
;
4806 if (q
->NoAnswer
== NoAnswer_Suspended
&& q
->qtype
== qtype
&& q
->AuthInfo
&& q
->AuthInfo
->AutoTunnel
&& SameDomainName(&q
->qname
, d
))
4808 LogInfo("Restart %##s (%s)", q
->qname
.c
, DNSTypeName(q
->qtype
));
4809 mDNSQuestionCallback
*tmp
= q
->QuestionCallback
;
4810 q
->QuestionCallback
= AutoTunnelCallback
; // Set QuestionCallback to suppress another call back to AddNewClientTunnel
4811 mDNS_StopQuery(m
, q
);
4812 mDNS_StartQuery(m
, q
);
4813 q
->QuestionCallback
= tmp
; // Restore QuestionCallback back to the real value
4814 if (!success
) q
->NoAnswer
= NoAnswer_Fail
;
4815 // When we call mDNS_StopQuery, it's possible for other subordinate questions like the GetZoneData query to be cancelled too.
4816 // In general we have to assume that the question list might have changed in arbitrary ways.
4817 // This code is itself called from a question callback, so the m->CurrentQuestion mechanism is
4818 // already in use. The safest solution is just to go back to the start of the list and start again.
4819 // In principle this sounds like an n^2 algorithm, but in practice we almost always activate
4820 // just one suspended question, so it's really a 2n algorithm.
4828 mDNSlocal
void ReissueBlockedQuestions(mDNS
*const m
, domainname
*d
, mDNSBool success
)
4830 // 1. We deliberately restart AAAA queries before A queries, because in the common case where a BTTM host has
4831 // a v6 address but no v4 address, we prefer the caller to get the positive AAAA response before the A NXDOMAIN.
4832 // 2. In the case of AAAA queries, if our tunnel setup failed, then we return a deliberate failure indication to the caller --
4833 // even if the name does have a valid AAAA record, we don't want clients trying to connect to it without a properly encrypted tunnel.
4834 // 3. For A queries we never fabricate failures -- if a BTTM service is really using raw IPv4, then it doesn't need the IPv6 tunnel.
4835 ReissueBlockedQuestionWithType(m
, d
, success
, kDNSType_AAAA
);
4836 ReissueBlockedQuestionWithType(m
, d
, mDNStrue
, kDNSType_A
);
4839 mDNSlocal
void UnlinkAndReissueBlockedQuestions(mDNS
*const m
, ClientTunnel
*tun
, mDNSBool success
)
4841 ClientTunnel
**p
= &m
->TunnelClients
;
4842 while (*p
!= tun
&& *p
) p
= &(*p
)->next
;
4843 if (*p
) *p
= tun
->next
;
4844 ReissueBlockedQuestions(m
, &tun
->dstname
, success
);
4845 LogInfo("UnlinkAndReissueBlockedQuestions: Disposing ClientTunnel %p", tun
);
4846 freeL("ClientTunnel", tun
);
4849 mDNSlocal mDNSBool
TunnelClientDeleteMatching(mDNS
*const m
, ClientTunnel
*tun
, mDNSBool v6Tunnel
)
4852 mDNSBool needSetKeys
= mDNStrue
;
4857 // Is this a tunnel to the same host that we are trying to setup now?
4858 if (!mDNSSameClientTunnel(&(*p
)->rmt_inner
, &tun
->rmt_inner
)) p
= &(*p
)->next
;
4861 ClientTunnel
*old
= *p
;
4864 if (!mDNSIPPortIsZero(old
->rmt_outer_port
)) { p
= &old
->next
; continue; }
4865 LogInfo("TunnelClientDeleteMatching: Found existing IPv6 AutoTunnel for %##s %.16a", old
->dstname
.c
, &old
->rmt_inner
);
4866 if (old
->q
.ThisQInterval
>= 0)
4868 LogInfo("TunnelClientDeleteMatching: Stopping query on IPv6 AutoTunnel for %##s %.16a", old
->dstname
.c
, &old
->rmt_inner
);
4869 mDNS_StopQuery(m
, &old
->q
);
4871 else if (!mDNSSameIPv6Address((*p
)->rmt_inner
, tun
->rmt_inner
) ||
4872 !mDNSSameIPv6Address(old
->loc_inner
, tun
->loc_inner
) ||
4873 !mDNSSameIPv6Address(old
->loc_outer6
, tun
->loc_outer6
) ||
4874 !mDNSSameIPv6Address(old
->rmt_outer6
, tun
->rmt_outer6
))
4876 // Delete the old tunnel if the current tunnel to the same host does not have the same ULA or
4877 // the other parameters of the tunnel are different
4878 LogInfo("TunnelClientDeleteMatching: Deleting existing IPv6 AutoTunnel for %##s %.16a", old
->dstname
.c
, &old
->rmt_inner
);
4879 AutoTunnelSetKeys(old
, mDNSfalse
);
4883 // Reusing the existing tunnel means that we reuse the IPsec SAs and the policies. We delete the old
4884 // as "tun" and "old" are identical
4885 LogInfo("TunnelClientDeleteMatching: Reusing the existing IPv6 AutoTunnel for %##s %.16a", old
->dstname
.c
,
4887 needSetKeys
= mDNSfalse
;
4892 if (mDNSIPPortIsZero(old
->rmt_outer_port
)) { p
= &old
->next
; continue; }
4893 LogInfo("TunnelClientDeleteMatching: Found existing IPv4 AutoTunnel for %##s %.16a", old
->dstname
.c
, &old
->rmt_inner
);
4894 if (old
->q
.ThisQInterval
>= 0)
4896 LogInfo("TunnelClientDeleteMatching: Stopping query on IPv4 AutoTunnel for %##s %.16a", old
->dstname
.c
, &old
->rmt_inner
);
4897 mDNS_StopQuery(m
, &old
->q
);
4899 else if (!mDNSSameIPv6Address((*p
)->rmt_inner
, tun
->rmt_inner
) ||
4900 !mDNSSameIPv6Address(old
->loc_inner
, tun
->loc_inner
) ||
4901 !mDNSSameIPv4Address(old
->loc_outer
, tun
->loc_outer
) ||
4902 !mDNSSameIPv4Address(old
->rmt_outer
, tun
->rmt_outer
) ||
4903 !mDNSSameIPPort(old
->rmt_outer_port
, tun
->rmt_outer_port
))
4905 // Delete the old tunnel if the current tunnel to the same host does not have the same ULA or
4906 // the other parameters of the tunnel are different
4907 LogInfo("TunnelClientDeleteMatching: Deleting existing IPv4 AutoTunnel for %##s %.16a", old
->dstname
.c
, &old
->rmt_inner
);
4908 AutoTunnelSetKeys(old
, mDNSfalse
);
4912 // Reusing the existing tunnel means that we reuse the IPsec SAs and the policies. We delete the old
4913 // as "tun" and "old" are identical
4914 LogInfo("TunnelClientDeleteMatching: Reusing the existing IPv4 AutoTunnel for %##s %.16a", old
->dstname
.c
,
4916 needSetKeys
= mDNSfalse
;
4921 LogInfo("TunnelClientDeleteMatching: Disposing ClientTunnel %p", old
);
4922 freeL("ClientTunnel", old
);
4928 // v6Tunnel indicates whether to delete a tunnel whose outer header is IPv6. If false, outer IPv4
4929 // tunnel will be deleted
4930 mDNSlocal
void TunnelClientDeleteAny(mDNS
*const m
, ClientTunnel
*tun
, mDNSBool v6Tunnel
)
4937 // If there is more than one client tunnel to the same host, delete all of them.
4938 // We do this by just checking against the EUI64 rather than the full address
4939 if (!mDNSSameClientTunnel(&(*p
)->rmt_inner
, &tun
->rmt_inner
)) p
= &(*p
)->next
;
4942 ClientTunnel
*old
= *p
;
4945 if (!mDNSIPPortIsZero(old
->rmt_outer_port
)) { p
= &old
->next
; continue;}
4946 LogInfo("TunnelClientDeleteAny: Found existing IPv6 AutoTunnel for %##s %.16a", old
->dstname
.c
, &old
->rmt_inner
);
4950 if (mDNSIPPortIsZero(old
->rmt_outer_port
)) { p
= &old
->next
; continue;}
4951 LogInfo("TunnelClientDeleteAny: Found existing IPv4 AutoTunnel for %##s %.16a", old
->dstname
.c
, &old
->rmt_inner
);
4953 if (old
->q
.ThisQInterval
>= 0)
4955 LogInfo("TunnelClientDeleteAny: Stopping query on AutoTunnel for %##s %.16a", old
->dstname
.c
, &old
->rmt_inner
);
4956 mDNS_StopQuery(m
, &old
->q
);
4960 LogInfo("TunnelClientDeleteAny: Deleting existing AutoTunnel for %##s %.16a", old
->dstname
.c
, &old
->rmt_inner
);
4961 AutoTunnelSetKeys(old
, mDNSfalse
);
4964 LogInfo("TunnelClientDeleteAny: Disposing ClientTunnel %p", old
);
4965 freeL("ClientTunnel", old
);
4970 mDNSlocal
void TunnelClientFinish(mDNS
*const m
, DNSQuestion
*question
, const ResourceRecord
*const answer
)
4972 mDNSBool needSetKeys
= mDNStrue
;
4973 ClientTunnel
*tun
= (ClientTunnel
*)question
->QuestionContext
;
4974 mDNSBool v6Tunnel
= mDNSfalse
;
4975 DomainAuthInfo
*info
;
4977 // If the port is zero, then we have a relay address of the peer
4978 if (mDNSIPPortIsZero(tun
->rmt_outer_port
))
4979 v6Tunnel
= mDNStrue
;
4983 LogInfo("TunnelClientFinish: Relay address %.16a", &answer
->rdata
->u
.ipv6
);
4984 tun
->rmt_outer6
= answer
->rdata
->u
.ipv6
;
4985 tun
->loc_outer6
= m
->AutoTunnelRelayAddr
;
4989 LogInfo("TunnelClientFinish: SRV target address %.4a", &answer
->rdata
->u
.ipv4
);
4990 tun
->rmt_outer
= answer
->rdata
->u
.ipv4
;
4991 mDNSAddr tmpDst
= { mDNSAddrType_IPv4
, {{{0}}} };
4992 tmpDst
.ip
.v4
= tun
->rmt_outer
;
4993 mDNSAddr tmpSrc
= zeroAddr
;
4994 mDNSPlatformSourceAddrForDest(&tmpSrc
, &tmpDst
);
4995 if (tmpSrc
.type
== mDNSAddrType_IPv4
) tun
->loc_outer
= tmpSrc
.ip
.v4
;
4996 else tun
->loc_outer
= m
->AdvertisedV4
.ip
.v4
;
4999 question
->ThisQInterval
= -1; // So we know this tunnel setup has completed
5001 info
= GetAuthInfoForName(m
, &tun
->dstname
);
5004 LogMsg("TunnelClientFinish: Could not get AuthInfo for %##s", tun
->dstname
.c
);
5005 ReissueBlockedQuestions(m
, &tun
->dstname
, mDNSfalse
);
5009 tun
->loc_inner
= info
->AutoTunnelInnerAddress
;
5011 // If we found a v6Relay address for our peer, delete all the v4Tunnels for our peer and
5012 // look for existing tunnels to see whether they have the same information for our peer.
5013 // If not, delete them and need to create a new tunnel. If they are same, just use the
5014 // same tunnel. Do the similar thing if we found a v4Tunnel end point for our peer.
5015 TunnelClientDeleteAny(m
, tun
, !v6Tunnel
);
5016 needSetKeys
= TunnelClientDeleteMatching(m
, tun
, v6Tunnel
);
5018 if (needSetKeys
) LogInfo("TunnelClientFinish: New %s AutoTunnel for %##s %.16a", (v6Tunnel
? "IPv6" : "IPv4"), tun
->dstname
.c
, &tun
->rmt_inner
);
5019 else LogInfo("TunnelClientFinish: Reusing exiting %s AutoTunnel for %##s %.16a", (v6Tunnel
? "IPv6" : "IPv4"), tun
->dstname
.c
, &tun
->rmt_inner
);
5021 mStatus result
= needSetKeys
? AutoTunnelSetKeys(tun
, mDNStrue
) : mStatus_NoError
;
5022 static char msgbuf
[32];
5023 mDNS_snprintf(msgbuf
, sizeof(msgbuf
), "Tunnel setup - %d", result
);
5024 mDNSASLLog((uuid_t
*)&m
->asl_uuid
, "autotunnel.config", result
? "failure" : "success", msgbuf
, "");
5025 // Kick off any questions that were held pending this tunnel setup
5026 ReissueBlockedQuestions(m
, &tun
->dstname
, (result
== mStatus_NoError
) ? mDNStrue
: mDNSfalse
);
5029 mDNSexport
void AutoTunnelCallback(mDNS
*const m
, DNSQuestion
*question
, const ResourceRecord
*const answer
, QC_result AddRecord
)
5031 ClientTunnel
*tun
= (ClientTunnel
*)question
->QuestionContext
;
5032 DomainAuthInfo
*info
;
5034 LogInfo("AutoTunnelCallback tun %p AddRecord %d rdlength %d qtype %d", tun
, AddRecord
, answer
->rdlength
, question
->qtype
);
5036 if (!AddRecord
) return;
5037 mDNS_StopQuery(m
, question
);
5039 // If we are looking up the AAAA record for _autotunnel6, don't consider it as failure.
5040 // The code below will look for _autotunnel._udp SRV record followed by A record
5041 if (tun
->tc_state
!= TC_STATE_AAAA_PEER_RELAY
&& !answer
->rdlength
)
5043 LogInfo("AutoTunnelCallback NXDOMAIN %##s (%s)", question
->qname
.c
, DNSTypeName(question
->qtype
));
5044 static char msgbuf
[16];
5045 mDNS_snprintf(msgbuf
, sizeof(msgbuf
), "%s lookup", DNSTypeName(question
->qtype
));
5046 mDNSASLLog((uuid_t
*)&m
->asl_uuid
, "autotunnel.config", "failure", msgbuf
, "");
5047 UnlinkAndReissueBlockedQuestions(m
, tun
, mDNSfalse
);
5051 switch (tun
->tc_state
)
5053 case TC_STATE_AAAA_PEER
:
5054 if (question
->qtype
!= kDNSType_AAAA
)
5056 LogMsg("AutoTunnelCallback: Bad question type %d in TC_STATE_AAAA_PEER", question
->qtype
);
5058 info
= GetAuthInfoForName(m
, &tun
->dstname
);
5061 LogMsg("AutoTunnelCallback: Could not get AuthInfo for %##s", tun
->dstname
.c
);
5062 UnlinkAndReissueBlockedQuestions(m
, tun
, mDNStrue
);
5065 if (mDNSSameIPv6Address(answer
->rdata
->u
.ipv6
, info
->AutoTunnelInnerAddress
))
5067 LogInfo("AutoTunnelCallback: suppressing tunnel to self %.16a", &answer
->rdata
->u
.ipv6
);
5068 UnlinkAndReissueBlockedQuestions(m
, tun
, mDNStrue
);
5071 if (info
&& mDNSSameIPv6NetworkPart(answer
->rdata
->u
.ipv6
, info
->AutoTunnelInnerAddress
))
5073 LogInfo("AutoTunnelCallback: suppressing tunnel to peer %.16a", &answer
->rdata
->u
.ipv6
);
5074 UnlinkAndReissueBlockedQuestions(m
, tun
, mDNStrue
);
5077 tun
->rmt_inner
= answer
->rdata
->u
.ipv6
;
5078 LogInfo("AutoTunnelCallback:TC_STATE_AAAA_PEER: dst host %.16a", &tun
->rmt_inner
);
5079 if (!mDNSIPv6AddressIsZero(m
->AutoTunnelRelayAddr
))
5081 LogInfo("AutoTunnelCallback: Looking up _autotunnel6 AAAA");
5082 tun
->tc_state
= TC_STATE_AAAA_PEER_RELAY
;
5083 question
->qtype
= kDNSType_AAAA
;
5084 AssignDomainName(&question
->qname
, (const domainname
*) "\x0C" "_autotunnel6");
5088 LogInfo("AutoTunnelCallback: Looking up _autotunnel._udp SRV");
5089 tun
->tc_state
= TC_STATE_SRV_PEER
;
5090 question
->qtype
= kDNSType_SRV
;
5091 AssignDomainName(&question
->qname
, (const domainname
*) "\x0B" "_autotunnel" "\x04" "_udp");
5093 AppendDomainName(&question
->qname
, &tun
->dstname
);
5094 mDNS_StartQuery(m
, &tun
->q
);
5096 case TC_STATE_AAAA_PEER_RELAY
:
5097 if (question
->qtype
!= kDNSType_AAAA
)
5099 LogMsg("AutoTunnelCallback: Bad question type %d in TC_STATE_AAAA_PEER_RELAY", question
->qtype
);
5101 // If it failed, look for the SRV record.
5102 if (!answer
->rdlength
)
5104 LogInfo("AutoTunnelCallback: Looking up _autotunnel6 AAAA failed, trying SRV");
5105 tun
->tc_state
= TC_STATE_SRV_PEER
;
5106 AssignDomainName(&question
->qname
, (const domainname
*) "\x0B" "_autotunnel" "\x04" "_udp");
5107 AppendDomainName(&question
->qname
, &tun
->dstname
);
5108 question
->qtype
= kDNSType_SRV
;
5109 mDNS_StartQuery(m
, &tun
->q
);
5112 TunnelClientFinish(m
, question
, answer
);
5114 case TC_STATE_SRV_PEER
:
5115 if (question
->qtype
!= kDNSType_SRV
)
5117 LogMsg("AutoTunnelCallback: Bad question type %d in TC_STATE_SRV_PEER", question
->qtype
);
5119 LogInfo("AutoTunnelCallback: SRV target name %##s", answer
->rdata
->u
.srv
.target
.c
);
5120 tun
->tc_state
= TC_STATE_ADDR_PEER
;
5121 AssignDomainName(&tun
->q
.qname
, &answer
->rdata
->u
.srv
.target
);
5122 tun
->rmt_outer_port
= answer
->rdata
->u
.srv
.port
;
5123 question
->qtype
= kDNSType_A
;
5124 mDNS_StartQuery(m
, &tun
->q
);
5126 case TC_STATE_ADDR_PEER
:
5127 if (question
->qtype
!= kDNSType_A
)
5129 LogMsg("AutoTunnelCallback: Bad question type %d in TC_STATE_ADDR_PEER", question
->qtype
);
5131 TunnelClientFinish(m
, question
, answer
);
5134 LogMsg("AutoTunnelCallback: Unknown question %p", question
);
5138 // Must be called with the lock held
5139 mDNSexport
void AddNewClientTunnel(mDNS
*const m
, DNSQuestion
*const q
)
5141 ClientTunnel
*p
= mallocL("ClientTunnel", sizeof(ClientTunnel
));
5143 AssignDomainName(&p
->dstname
, &q
->qname
);
5144 p
->MarkedForDeletion
= mDNSfalse
;
5145 p
->loc_inner
= zerov6Addr
;
5146 p
->loc_outer
= zerov4Addr
;
5147 p
->loc_outer6
= zerov6Addr
;
5148 p
->rmt_inner
= zerov6Addr
;
5149 p
->rmt_outer
= zerov4Addr
;
5150 p
->rmt_outer6
= zerov6Addr
;
5151 p
->rmt_outer_port
= zeroIPPort
;
5152 p
->tc_state
= TC_STATE_AAAA_PEER
;
5153 p
->next
= m
->TunnelClients
;
5154 m
->TunnelClients
= p
; // We intentionally build list in reverse order
5156 p
->q
.InterfaceID
= mDNSInterface_Any
;
5158 p
->q
.Target
= zeroAddr
;
5159 AssignDomainName(&p
->q
.qname
, &q
->qname
);
5160 p
->q
.qtype
= kDNSType_AAAA
;
5161 p
->q
.qclass
= kDNSClass_IN
;
5162 p
->q
.LongLived
= mDNSfalse
;
5163 p
->q
.ExpectUnique
= mDNStrue
;
5164 p
->q
.ForceMCast
= mDNSfalse
;
5165 p
->q
.ReturnIntermed
= mDNStrue
;
5166 p
->q
.SuppressUnusable
= mDNSfalse
;
5167 p
->q
.SearchListIndex
= 0;
5168 p
->q
.AppendSearchDomains
= 0;
5169 p
->q
.RetryWithSearchDomains
= mDNSfalse
;
5170 p
->q
.TimeoutQuestion
= 0;
5171 p
->q
.WakeOnResolve
= 0;
5172 p
->q
.UseBackgroundTrafficClass
= mDNSfalse
;
5173 p
->q
.ValidationRequired
= 0;
5174 p
->q
.ValidatingResponse
= 0;
5175 p
->q
.ProxyQuestion
= 0;
5176 p
->q
.qnameOrig
= mDNSNULL
;
5177 p
->q
.AnonInfo
= mDNSNULL
;
5178 p
->q
.pid
= mDNSPlatformGetPID();
5179 p
->q
.QuestionCallback
= AutoTunnelCallback
;
5180 p
->q
.QuestionContext
= p
;
5182 LogInfo("AddNewClientTunnel start tun %p %##s (%s)%s", p
, &q
->qname
.c
, DNSTypeName(q
->qtype
), q
->LongLived
? " LongLived" : "");
5183 mDNS_StartQuery_internal(m
, &p
->q
);
5186 #endif // APPLE_OSX_mDNSResponder
5188 #if COMPILER_LIKES_PRAGMA_MARK
5190 #pragma mark - Power State & Configuration Change Management
5193 mDNSlocal mStatus
UpdateInterfaceList(mDNS
*const m
, mDNSs32 utc
)
5195 mDNSBool foundav4
= mDNSfalse
;
5196 mDNSBool foundav6
= mDNSfalse
;
5197 struct ifaddrs
*ifa
= myGetIfAddrs(1);
5198 struct ifaddrs
*v4Loopback
= NULL
;
5199 struct ifaddrs
*v6Loopback
= NULL
;
5200 char defaultname
[64];
5201 int InfoSocket
= socket(AF_INET6
, SOCK_DGRAM
, 0);
5202 if (InfoSocket
< 3 && errno
!= EAFNOSUPPORT
)
5203 LogMsg("UpdateInterfaceList: InfoSocket error %d errno %d (%s)", InfoSocket
, errno
, strerror(errno
));
5207 #if LIST_ALL_INTERFACES
5208 if (ifa
->ifa_addr
->sa_family
== AF_APPLETALK
)
5209 LogMsg("UpdateInterfaceList: %5s(%d) Flags %04X Family %2d is AF_APPLETALK",
5210 ifa
->ifa_name
, if_nametoindex(ifa
->ifa_name
), ifa
->ifa_flags
, ifa
->ifa_addr
->sa_family
);
5211 else if (ifa
->ifa_addr
->sa_family
== AF_LINK
)
5212 LogMsg("UpdateInterfaceList: %5s(%d) Flags %04X Family %2d is AF_LINK",
5213 ifa
->ifa_name
, if_nametoindex(ifa
->ifa_name
), ifa
->ifa_flags
, ifa
->ifa_addr
->sa_family
);
5214 else if (ifa
->ifa_addr
->sa_family
!= AF_INET
&& ifa
->ifa_addr
->sa_family
!= AF_INET6
)
5215 LogMsg("UpdateInterfaceList: %5s(%d) Flags %04X Family %2d not AF_INET (2) or AF_INET6 (30)",
5216 ifa
->ifa_name
, if_nametoindex(ifa
->ifa_name
), ifa
->ifa_flags
, ifa
->ifa_addr
->sa_family
);
5217 if (!(ifa
->ifa_flags
& IFF_UP
))
5218 LogMsg("UpdateInterfaceList: %5s(%d) Flags %04X Family %2d Interface not IFF_UP",
5219 ifa
->ifa_name
, if_nametoindex(ifa
->ifa_name
), ifa
->ifa_flags
, ifa
->ifa_addr
->sa_family
);
5220 if (!(ifa
->ifa_flags
& IFF_MULTICAST
))
5221 LogMsg("UpdateInterfaceList: %5s(%d) Flags %04X Family %2d Interface not IFF_MULTICAST",
5222 ifa
->ifa_name
, if_nametoindex(ifa
->ifa_name
), ifa
->ifa_flags
, ifa
->ifa_addr
->sa_family
);
5223 if (ifa
->ifa_flags
& IFF_POINTOPOINT
)
5224 LogMsg("UpdateInterfaceList: %5s(%d) Flags %04X Family %2d Interface IFF_POINTOPOINT",
5225 ifa
->ifa_name
, if_nametoindex(ifa
->ifa_name
), ifa
->ifa_flags
, ifa
->ifa_addr
->sa_family
);
5226 if (ifa
->ifa_flags
& IFF_LOOPBACK
)
5227 LogMsg("UpdateInterfaceList: %5s(%d) Flags %04X Family %2d Interface IFF_LOOPBACK",
5228 ifa
->ifa_name
, if_nametoindex(ifa
->ifa_name
), ifa
->ifa_flags
, ifa
->ifa_addr
->sa_family
);
5231 if (ifa
->ifa_addr
->sa_family
== AF_LINK
)
5233 struct sockaddr_dl
*sdl
= (struct sockaddr_dl
*)ifa
->ifa_addr
;
5234 if (sdl
->sdl_type
== IFT_ETHER
&& sdl
->sdl_alen
== sizeof(m
->PrimaryMAC
) && mDNSSameEthAddress(&m
->PrimaryMAC
, &zeroEthAddr
))
5235 mDNSPlatformMemCopy(m
->PrimaryMAC
.b
, sdl
->sdl_data
+ sdl
->sdl_nlen
, 6);
5238 if (ifa
->ifa_flags
& IFF_UP
&& ifa
->ifa_addr
)
5239 if (ifa
->ifa_addr
->sa_family
== AF_INET
|| ifa
->ifa_addr
->sa_family
== AF_INET6
)
5241 if (!ifa
->ifa_netmask
)
5244 SetupAddr(&ip
, ifa
->ifa_addr
);
5245 LogMsg("getifaddrs: ifa_netmask is NULL for %5s(%d) Flags %04X Family %2d %#a",
5246 ifa
->ifa_name
, if_nametoindex(ifa
->ifa_name
), ifa
->ifa_flags
, ifa
->ifa_addr
->sa_family
, &ip
);
5248 // Apparently it's normal for the sa_family of an ifa_netmask to sometimes be zero, so we don't complain about that
5249 // <rdar://problem/5492035> getifaddrs is returning invalid netmask family for fw0 and vmnet
5250 else if (ifa
->ifa_netmask
->sa_family
!= ifa
->ifa_addr
->sa_family
&& ifa
->ifa_netmask
->sa_family
!= 0)
5253 SetupAddr(&ip
, ifa
->ifa_addr
);
5254 LogMsg("getifaddrs ifa_netmask for %5s(%d) Flags %04X Family %2d %#a has different family: %d",
5255 ifa
->ifa_name
, if_nametoindex(ifa
->ifa_name
), ifa
->ifa_flags
, ifa
->ifa_addr
->sa_family
, &ip
, ifa
->ifa_netmask
->sa_family
);
5257 // Currently we use a few internal ones like mDNSInterfaceID_LocalOnly etc. that are negative values (0, -1, -2).
5258 else if ((int)if_nametoindex(ifa
->ifa_name
) <= 0)
5260 LogMsg("UpdateInterfaceList: if_nametoindex returned zero/negative value for %5s(%d)", ifa
->ifa_name
, if_nametoindex(ifa
->ifa_name
));
5264 // Make sure ifa_netmask->sa_family is set correctly
5265 // <rdar://problem/5492035> getifaddrs is returning invalid netmask family for fw0 and vmnet
5266 ifa
->ifa_netmask
->sa_family
= ifa
->ifa_addr
->sa_family
;
5267 int ifru_flags6
= 0;
5269 struct sockaddr_in6
*sin6
= (struct sockaddr_in6
*)ifa
->ifa_addr
;
5270 if (ifa
->ifa_addr
->sa_family
== AF_INET6
&& InfoSocket
>= 0)
5272 struct in6_ifreq ifr6
;
5273 mDNSPlatformMemZero((char *)&ifr6
, sizeof(ifr6
));
5274 strlcpy(ifr6
.ifr_name
, ifa
->ifa_name
, sizeof(ifr6
.ifr_name
));
5275 ifr6
.ifr_addr
= *sin6
;
5276 if (ioctl(InfoSocket
, SIOCGIFAFLAG_IN6
, &ifr6
) != -1)
5277 ifru_flags6
= ifr6
.ifr_ifru
.ifru_flags6
;
5278 verbosedebugf("%s %.16a %04X %04X", ifa
->ifa_name
, &sin6
->sin6_addr
, ifa
->ifa_flags
, ifru_flags6
);
5281 if (!(ifru_flags6
& (IN6_IFF_NOTREADY
| IN6_IFF_DETACHED
| IN6_IFF_DEPRECATED
| IN6_IFF_TEMPORARY
)))
5283 if (ifa
->ifa_flags
& IFF_LOOPBACK
)
5285 if (ifa
->ifa_addr
->sa_family
== AF_INET
)
5287 else if (sin6
->sin6_addr
.s6_addr
[0] != 0xFD)
5292 NetworkInterfaceInfoOSX
*i
= AddInterfaceToList(m
, ifa
, utc
);
5293 if (i
&& MulticastInterface(i
) && i
->ifinfo
.Advertise
)
5295 if (ifa
->ifa_addr
->sa_family
== AF_INET
)
5296 foundav4
= mDNStrue
;
5298 foundav6
= mDNStrue
;
5304 ifa
= ifa
->ifa_next
;
5307 // For efficiency, we don't register a loopback interface when other interfaces of that family are available and advertising
5308 if (!foundav4
&& v4Loopback
) AddInterfaceToList(m
, v4Loopback
, utc
);
5309 if (!foundav6
&& v6Loopback
) AddInterfaceToList(m
, v6Loopback
, utc
);
5311 // Now the list is complete, set the McastTxRx setting for each interface.
5312 NetworkInterfaceInfoOSX
*i
;
5313 for (i
= m
->p
->InterfaceList
; i
; i
= i
->next
)
5316 mDNSBool txrx
= MulticastInterface(i
);
5317 if (i
->ifinfo
.McastTxRx
!= txrx
)
5319 i
->ifinfo
.McastTxRx
= txrx
;
5320 i
->Exists
= 2; // State change; need to deregister and reregister this interface
5324 if (InfoSocket
>= 0)
5327 mDNS_snprintf(defaultname
, sizeof(defaultname
), "%.*s-%02X%02X%02X%02X%02X%02X", HINFO_HWstring_prefixlen
, HINFO_HWstring
,
5328 m
->PrimaryMAC
.b
[0], m
->PrimaryMAC
.b
[1], m
->PrimaryMAC
.b
[2], m
->PrimaryMAC
.b
[3], m
->PrimaryMAC
.b
[4], m
->PrimaryMAC
.b
[5]);
5330 // Set up the nice label
5331 domainlabel nicelabel
;
5333 GetUserSpecifiedFriendlyComputerName(&nicelabel
);
5334 if (nicelabel
.c
[0] == 0)
5336 debugf("Couldn’t read user-specified Computer Name; using default “%s” instead", defaultname
);
5337 MakeDomainLabelFromLiteralString(&nicelabel
, defaultname
);
5340 // Set up the RFC 1034-compliant label
5341 domainlabel hostlabel
;
5343 GetUserSpecifiedLocalHostName(&hostlabel
);
5344 if (hostlabel
.c
[0] == 0)
5346 debugf("Couldn’t read user-specified Local Hostname; using default “%s.local” instead", defaultname
);
5347 MakeDomainLabelFromLiteralString(&hostlabel
, defaultname
);
5350 mDNSBool namechange
= mDNSfalse
;
5352 // We use a case-sensitive comparison here because even though changing the capitalization
5353 // of the name alone is not significant to DNS, it's still a change from the user's point of view
5354 if (SameDomainLabelCS(m
->p
->usernicelabel
.c
, nicelabel
.c
))
5355 debugf("Usernicelabel (%#s) unchanged since last time; not changing m->nicelabel (%#s)", m
->p
->usernicelabel
.c
, m
->nicelabel
.c
);
5358 if (m
->p
->usernicelabel
.c
[0]) // Don't show message first time through, when we first read name from prefs on boot
5359 LogMsg("User updated Computer Name from “%#s” to “%#s”", m
->p
->usernicelabel
.c
, nicelabel
.c
);
5360 m
->p
->usernicelabel
= m
->nicelabel
= nicelabel
;
5361 namechange
= mDNStrue
;
5364 if (SameDomainLabelCS(m
->p
->userhostlabel
.c
, hostlabel
.c
))
5365 debugf("Userhostlabel (%#s) unchanged since last time; not changing m->hostlabel (%#s)", m
->p
->userhostlabel
.c
, m
->hostlabel
.c
);
5368 if (m
->p
->userhostlabel
.c
[0]) // Don't show message first time through, when we first read name from prefs on boot
5369 LogMsg("User updated Local Hostname from “%#s” to “%#s”", m
->p
->userhostlabel
.c
, hostlabel
.c
);
5370 m
->p
->userhostlabel
= m
->hostlabel
= hostlabel
;
5372 namechange
= mDNStrue
;
5375 #if APPLE_OSX_mDNSResponder
5376 if (namechange
) // If either name has changed, we need to tickle our AutoTunnel state machine to update its registered records
5378 DomainAuthInfo
*info
;
5379 for (info
= m
->AuthInfoList
; info
; info
= info
->next
)
5380 if (info
->AutoTunnel
) AutoTunnelHostNameChanged(m
, info
);
5382 #endif // APPLE_OSX_mDNSResponder
5384 return(mStatus_NoError
);
5387 // Returns number of leading one-bits in mask: 0-32 for IPv4, 0-128 for IPv6
5388 // Returns -1 if all the one-bits are not contiguous
5389 mDNSlocal
int CountMaskBits(mDNSAddr
*mask
)
5391 int i
= 0, bits
= 0;
5392 int bytes
= mask
->type
== mDNSAddrType_IPv4
? 4 : mask
->type
== mDNSAddrType_IPv6
? 16 : 0;
5395 mDNSu8 b
= mask
->ip
.v6
.b
[i
++];
5396 while (b
& 0x80) { bits
++; b
<<= 1; }
5399 while (i
< bytes
) if (mask
->ip
.v6
.b
[i
++]) return(-1);
5403 // returns count of non-link local V4 addresses registered
5404 mDNSlocal
int SetupActiveInterfaces(mDNS
*const m
, mDNSs32 utc
)
5406 NetworkInterfaceInfoOSX
*i
;
5408 for (i
= m
->p
->InterfaceList
; i
; i
= i
->next
)
5411 NetworkInterfaceInfo
*const n
= &i
->ifinfo
;
5412 NetworkInterfaceInfoOSX
*primary
= SearchForInterfaceByName(m
, i
->ifinfo
.ifname
, AF_UNSPEC
);
5413 if (!primary
) LogMsg("SetupActiveInterfaces ERROR! SearchForInterfaceByName didn't find %s", i
->ifinfo
.ifname
);
5415 if (i
->Registered
&& i
->Registered
!= primary
) // Sanity check
5417 LogMsg("SetupActiveInterfaces ERROR! n->Registered %p != primary %p", i
->Registered
, primary
);
5418 i
->Registered
= mDNSNULL
;
5423 // Note: If i->Registered is set, that means we've called mDNS_RegisterInterface() for this interface,
5424 // so we need to make sure we call mDNS_DeregisterInterface() before disposing it.
5425 // If i->Registered is NOT set, then we haven't registered it and we should not try to deregister it
5428 i
->Registered
= primary
;
5430 // If i->LastSeen == utc, then this is a brand-new interface, just created, or an interface that never went away.
5431 // If i->LastSeen != utc, then this is an old interface, previously seen, that went away for (utc - i->LastSeen) seconds.
5432 // If the interface is an old one that went away and came back in less than a minute, then we're in a flapping scenario.
5433 i
->Occulting
= !(i
->ifa_flags
& IFF_LOOPBACK
) && (utc
- i
->LastSeen
> 0 && utc
- i
->LastSeen
< 60);
5435 // Temporary fix to handle P2P flapping. P2P reuses the scope-id, mac address and the IP address
5436 // everytime it creates a new interface. We think it is a duplicate and hence consider it
5437 // as flashing and occulting, that is, flapping. If an interface is marked as flapping,
5438 // mDNS_RegisterInterface() changes the probe delay from 1/2 second to 5 seconds and
5439 // logs a warning message to system.log noting frequent interface transitions.
5440 // Same logic applies when IFEF_DIRECTLINK flag is set on the interface.
5441 if ((strncmp(i
->ifinfo
.ifname
, "p2p", 3) == 0) || i
->ifinfo
.DirectLink
)
5443 LogInfo("SetupActiveInterfaces: %s interface registering %s %s", i
->ifinfo
.ifname
,
5444 i
->Flashing
? " (Flashing)" : "",
5445 i
->Occulting
? " (Occulting)" : "");
5446 mDNS_RegisterInterface(m
, n
, 0);
5450 mDNS_RegisterInterface(m
, n
, i
->Flashing
&& i
->Occulting
);
5453 if (!mDNSAddressIsLinkLocal(&n
->ip
)) count
++;
5454 LogInfo("SetupActiveInterfaces: Registered %5s(%lu) %.6a InterfaceID %p(%p), primary %p, %#a/%d%s%s%s",
5455 i
->ifinfo
.ifname
, i
->scope_id
, &i
->BSSID
, i
->ifinfo
.InterfaceID
, i
, primary
, &n
->ip
, CountMaskBits(&n
->mask
),
5456 i
->Flashing
? " (Flashing)" : "",
5457 i
->Occulting
? " (Occulting)" : "",
5458 n
->InterfaceActive
? " (Primary)" : "");
5461 debugf("SetupActiveInterfaces: No Tx/Rx on %5s(%lu) %.6a InterfaceID %p %#a", i
->ifinfo
.ifname
, i
->scope_id
, &i
->BSSID
, i
->ifinfo
.InterfaceID
, &n
->ip
);
5464 if (i
->sa_family
== AF_INET
)
5467 primary
->ifa_v4addr
.s_addr
= n
->ip
.ip
.v4
.NotAnInteger
;
5468 imr
.imr_multiaddr
.s_addr
= AllDNSLinkGroup_v4
.ip
.v4
.NotAnInteger
;
5469 imr
.imr_interface
= primary
->ifa_v4addr
;
5471 // If this is our *first* IPv4 instance for this interface name, we need to do a IP_DROP_MEMBERSHIP first,
5472 // before trying to join the group, to clear out stale kernel state which may be lingering.
5473 // In particular, this happens with removable network interfaces like USB Ethernet adapters -- the kernel has stale state
5474 // from the last time the USB Ethernet adapter was connected, and part of the kernel thinks we've already joined the group
5475 // on that interface (so we get EADDRINUSE when we try to join again) but a different part of the kernel thinks we haven't
5476 // joined the group (so we receive no multicasts). Doing an IP_DROP_MEMBERSHIP before joining seems to flush the stale state.
5477 // Also, trying to make the code leave the group when the adapter is removed doesn't work either,
5478 // because by the time we get the configuration change notification, the interface is already gone,
5479 // so attempts to unsubscribe fail with EADDRNOTAVAIL (errno 49 "Can't assign requested address").
5480 // <rdar://problem/5585972> IP_ADD_MEMBERSHIP fails for previously-connected removable interfaces
5481 if (SearchForInterfaceByName(m
, i
->ifinfo
.ifname
, AF_INET
) == i
)
5483 LogInfo("SetupActiveInterfaces: %5s(%lu) Doing precautionary IP_DROP_MEMBERSHIP for %.4a on %.4a", i
->ifinfo
.ifname
, i
->scope_id
, &imr
.imr_multiaddr
, &imr
.imr_interface
);
5484 mStatus err
= setsockopt(m
->p
->permanentsockets
.sktv4
, IPPROTO_IP
, IP_DROP_MEMBERSHIP
, &imr
, sizeof(imr
));
5485 if (err
< 0 && (errno
!= EADDRNOTAVAIL
))
5486 LogMsg("setsockopt - IP_DROP_MEMBERSHIP error %d errno %d (%s)", err
, errno
, strerror(errno
));
5489 LogInfo("SetupActiveInterfaces: %5s(%lu) joining IPv4 mcast group %.4a on %.4a", i
->ifinfo
.ifname
, i
->scope_id
, &imr
.imr_multiaddr
, &imr
.imr_interface
);
5490 mStatus err
= setsockopt(m
->p
->permanentsockets
.sktv4
, IPPROTO_IP
, IP_ADD_MEMBERSHIP
, &imr
, sizeof(imr
));
5491 // Joining same group twice can give "Address already in use" error -- no need to report that
5492 if (err
< 0 && (errno
!= EADDRINUSE
))
5493 LogMsg("setsockopt - IP_ADD_MEMBERSHIP error %d errno %d (%s) group %.4a on %.4a", err
, errno
, strerror(errno
), &imr
.imr_multiaddr
, &imr
.imr_interface
);
5495 if (i
->sa_family
== AF_INET6
)
5497 struct ipv6_mreq i6mr
;
5498 i6mr
.ipv6mr_interface
= primary
->scope_id
;
5499 i6mr
.ipv6mr_multiaddr
= *(struct in6_addr
*)&AllDNSLinkGroup_v6
.ip
.v6
;
5501 if (SearchForInterfaceByName(m
, i
->ifinfo
.ifname
, AF_INET6
) == i
)
5503 LogInfo("SetupActiveInterfaces: %5s(%lu) Doing precautionary IPV6_LEAVE_GROUP for %.16a on %u", i
->ifinfo
.ifname
, i
->scope_id
, &i6mr
.ipv6mr_multiaddr
, i6mr
.ipv6mr_interface
);
5504 mStatus err
= setsockopt(m
->p
->permanentsockets
.sktv6
, IPPROTO_IPV6
, IPV6_LEAVE_GROUP
, &i6mr
, sizeof(i6mr
));
5505 if (err
< 0 && (errno
!= EADDRNOTAVAIL
))
5506 LogMsg("setsockopt - IPV6_LEAVE_GROUP error %d errno %d (%s) group %.16a on %u", err
, errno
, strerror(errno
), &i6mr
.ipv6mr_multiaddr
, i6mr
.ipv6mr_interface
);
5509 LogInfo("SetupActiveInterfaces: %5s(%lu) joining IPv6 mcast group %.16a on %u", i
->ifinfo
.ifname
, i
->scope_id
, &i6mr
.ipv6mr_multiaddr
, i6mr
.ipv6mr_interface
);
5510 mStatus err
= setsockopt(m
->p
->permanentsockets
.sktv6
, IPPROTO_IPV6
, IPV6_JOIN_GROUP
, &i6mr
, sizeof(i6mr
));
5511 // Joining same group twice can give "Address already in use" error -- no need to report that
5512 if (err
< 0 && (errno
!= EADDRINUSE
))
5513 LogMsg("setsockopt - IPV6_JOIN_GROUP error %d errno %d (%s) group %.16a on %u", err
, errno
, strerror(errno
), &i6mr
.ipv6mr_multiaddr
, i6mr
.ipv6mr_interface
);
5522 mDNSlocal
void MarkAllInterfacesInactive(mDNS
*const m
, mDNSs32 utc
)
5524 NetworkInterfaceInfoOSX
*i
;
5525 for (i
= m
->p
->InterfaceList
; i
; i
= i
->next
)
5527 if (i
->Exists
) i
->LastSeen
= utc
;
5528 i
->Exists
= mDNSfalse
;
5532 // returns count of non-link local V4 addresses deregistered
5533 mDNSlocal
int ClearInactiveInterfaces(mDNS
*const m
, mDNSs32 utc
)
5536 // If an interface is going away, then deregister this from the mDNSCore.
5537 // We also have to deregister it if the primary interface that it's using for its InterfaceID is going away.
5538 // We have to do this because mDNSCore will use that InterfaceID when sending packets, and if the memory
5539 // it refers to has gone away we'll crash.
5540 NetworkInterfaceInfoOSX
*i
;
5542 for (i
= m
->p
->InterfaceList
; i
; i
= i
->next
)
5544 // If this interface is no longer active, or its InterfaceID is changing, deregister it
5545 NetworkInterfaceInfoOSX
*primary
= SearchForInterfaceByName(m
, i
->ifinfo
.ifname
, AF_UNSPEC
);
5547 if (i
->Exists
== 0 || i
->Exists
== 2 || i
->Registered
!= primary
)
5549 i
->Flashing
= !(i
->ifa_flags
& IFF_LOOPBACK
) && (utc
- i
->AppearanceTime
< 60);
5550 LogInfo("ClearInactiveInterfaces: Deregistering %5s(%lu) %.6a InterfaceID %p(%p), primary %p, %#a/%d%s%s%s",
5551 i
->ifinfo
.ifname
, i
->scope_id
, &i
->BSSID
, i
->ifinfo
.InterfaceID
, i
, primary
,
5552 &i
->ifinfo
.ip
, CountMaskBits(&i
->ifinfo
.mask
),
5553 i
->Flashing
? " (Flashing)" : "",
5554 i
->Occulting
? " (Occulting)" : "",
5555 i
->ifinfo
.InterfaceActive
? " (Primary)" : "");
5557 // Temporary fix to handle P2P flapping. P2P reuses the scope-id, mac address and the IP address
5558 // everytime it creates a new interface. We think it is a duplicate and hence consider it
5559 // as flashing and occulting. The "core" does not flush the cache for this case. This leads to
5560 // stale data returned to the application even after the interface is removed. The application
5561 // then starts to send data but the new interface is not yet created.
5562 // Same logic applies when IFEF_DIRECTLINK flag is set on the interface.
5563 if ((strncmp(i
->ifinfo
.ifname
, "p2p", 3) == 0) || i
->ifinfo
.DirectLink
)
5565 LogInfo("ClearInactiveInterfaces: %s interface deregistering %s %s", i
->ifinfo
.ifname
,
5566 i
->Flashing
? " (Flashing)" : "",
5567 i
->Occulting
? " (Occulting)" : "");
5568 mDNS_DeregisterInterface(m
, &i
->ifinfo
, 0);
5572 mDNS_DeregisterInterface(m
, &i
->ifinfo
, i
->Flashing
&& i
->Occulting
);
5574 if (!mDNSAddressIsLinkLocal(&i
->ifinfo
.ip
)) count
++;
5575 i
->Registered
= mDNSNULL
;
5576 // Note: If i->Registered is set, that means we've called mDNS_RegisterInterface() for this interface,
5577 // so we need to make sure we call mDNS_DeregisterInterface() before disposing it.
5578 // If i->Registered is NOT set, then it's not registered and we should not call mDNS_DeregisterInterface() on it.
5580 // Caution: If we ever decide to add code here to leave the multicast group, we need to make sure that this
5581 // is the LAST representative of this physical interface, or we'll unsubscribe from the group prematurely.
5586 // Now that everything that's going to deregister has done so, we can clean up and free the memory
5587 NetworkInterfaceInfoOSX
**p
= &m
->p
->InterfaceList
;
5591 // If no longer active, delete interface from list and free memory
5594 if (i
->LastSeen
== utc
) i
->LastSeen
= utc
- 1;
5595 mDNSBool
delete = (NumCacheRecordsForInterfaceID(m
, i
->ifinfo
.InterfaceID
) == 0) && (utc
- i
->LastSeen
>= 60);
5596 LogInfo("ClearInactiveInterfaces: %-13s %5s(%lu) %.6a InterfaceID %p(%p) %#a/%d Age %d%s", delete ? "Deleting" : "Holding",
5597 i
->ifinfo
.ifname
, i
->scope_id
, &i
->BSSID
, i
->ifinfo
.InterfaceID
, i
,
5598 &i
->ifinfo
.ip
, CountMaskBits(&i
->ifinfo
.mask
), utc
- i
->LastSeen
,
5599 i
->ifinfo
.InterfaceActive
? " (Primary)" : "");
5600 #if APPLE_OSX_mDNSResponder
5601 if (i
->BPF_fd
>= 0) CloseBPF(i
);
5602 #endif // APPLE_OSX_mDNSResponder
5606 freeL("NetworkInterfaceInfoOSX", i
);
5607 continue; // After deleting this object, don't want to do the "p = &i->next;" thing at the end of the loop
5615 mDNSlocal
void AppendDNameListElem(DNameListElem
***List
, mDNSu32 uid
, domainname
*name
)
5617 DNameListElem
*dnle
= (DNameListElem
*) mallocL("DNameListElem/AppendDNameListElem", sizeof(DNameListElem
));
5618 if (!dnle
) LogMsg("ERROR: AppendDNameListElem: memory exhausted");
5621 dnle
->next
= mDNSNULL
;
5623 AssignDomainName(&dnle
->name
, name
);
5625 *List
= &dnle
->next
;
5629 mDNSlocal
int compare_dns_configs(const void *aa
, const void *bb
)
5631 dns_resolver_t
*a
= *(dns_resolver_t
**)aa
;
5632 dns_resolver_t
*b
= *(dns_resolver_t
**)bb
;
5634 return (a
->search_order
< b
->search_order
) ? -1 : (a
->search_order
== b
->search_order
) ? 0 : 1;
5637 mDNSlocal
void UpdateSearchDomainHash(mDNS
*const m
, MD5_CTX
*sdc
, char *domain
, mDNSInterfaceID InterfaceID
)
5640 mDNSu32 scopeid
= 0;
5646 // Hash the search domain name followed by the InterfaceID.
5647 // As we have scoped search domains, we also included InterfaceID. If either of them change,
5648 // we will detect it. Even if the order of them change, we will detect it.
5650 // Note: We have to handle a few of these tricky cases.
5652 // 1) Current: com, apple.com Changing to: comapple.com
5653 // 2) Current: a.com,b.com Changing to a.comb.com
5654 // 3) Current: a.com,b.com (ifid 8), Changing to a.com8b.com (ifid 8)
5655 // 4) Current: a.com (ifid 12), Changing to a.com1 (ifid: 2)
5657 // There are more variants of the above. The key thing is if we include the null in each case
5658 // at the end of name and the InterfaceID, it will prevent a new name (which can't include
5659 // NULL as part of the name) to be mistakenly thought of as a old name.
5661 scopeid
= mDNSPlatformInterfaceIndexfromInterfaceID(m
, InterfaceID
, mDNStrue
);
5662 // mDNS_snprintf always null terminates
5663 if (mDNS_snprintf(ifid_buf
, sizeof(ifid_buf
), "%u", scopeid
) >= sizeof(ifid_buf
))
5664 LogMsg("UpdateSearchDomainHash: mDNS_snprintf failed for scopeid %u", scopeid
);
5666 LogInfo("UpdateSearchDomainHash: buf %s, ifid_buf %s", buf
, ifid_buf
);
5667 MD5_Update(sdc
, buf
, strlen(buf
) + 1);
5668 MD5_Update(sdc
, ifid_buf
, strlen(ifid_buf
) + 1);
5671 mDNSlocal
void FinalizeSearchDomainHash(mDNS
*const m
, MD5_CTX
*sdc
)
5673 mDNSu8 md5_hash
[MD5_LEN
];
5675 MD5_Final(md5_hash
, sdc
);
5677 if (memcmp(md5_hash
, m
->SearchDomainsHash
, MD5_LEN
))
5679 // If the hash is different, either the search domains have changed or
5680 // the ordering between them has changed. Restart the questions that
5681 // would be affected by this.
5682 LogInfo("FinalizeSearchDomains: The hash is different");
5683 memcpy(m
->SearchDomainsHash
, md5_hash
, MD5_LEN
);
5684 RetrySearchDomainQuestions(m
);
5686 else { LogInfo("FinalizeSearchDomains: The hash is same"); }
5689 mDNSexport
const char *DNSScopeToString(mDNSu32 scope
)
5695 case kScopeInterfaceID
:
5696 return "InterfaceScoped";
5697 case kScopeServiceID
:
5698 return "ServiceScoped";
5704 mDNSlocal
void ConfigSearchDomains(mDNS
*const m
, dns_resolver_t
*resolver
, mDNSInterfaceID interface
, mDNSu32 scope
, MD5_CTX
*sdc
)
5706 const char *scopeString
= DNSScopeToString(scope
);
5709 if (scope
!= kScopeNone
)
5711 LogInfo("ConfigSearchDomains: (%s) Ignoring search domain for Interface %p", scopeString
, interface
);
5714 for (j
= 0; j
< resolver
->n_search
; j
++)
5716 LogInfo("ConfigSearchDomains: (%s) configuring search list %s", scopeString
, resolver
->search
[j
]);
5717 UpdateSearchDomainHash(m
, sdc
, resolver
->search
[j
], NULL
);
5718 mDNS_AddSearchDomain_CString(resolver
->search
[j
], NULL
);
5722 mDNSlocal mDNSInterfaceID
ConfigParseInterfaceID(mDNS
*const m
, mDNSu32 ifindex
)
5724 NetworkInterfaceInfoOSX
*ni
;
5725 mDNSInterfaceID interface
;
5727 for (ni
= m
->p
->InterfaceList
; ni
; ni
= ni
->next
)
5729 if (ni
->ifinfo
.InterfaceID
&& ni
->scope_id
== ifindex
)
5734 interface
= ni
->ifinfo
.InterfaceID
;
5738 // In rare circumstances, we could potentially hit this case where we cannot parse the InterfaceID
5739 // (see <rdar://problem/13214785>). At this point, we still accept the DNS Config from configd
5740 // Note: We currently ack the whole dns configuration and not individual resolvers or DNS servers.
5741 // As the caller is going to ack the configuration always, we have to add all the DNS servers
5742 // in the configuration. Otherwise, we won't have any DNS servers up until the network change.
5744 LogMsg("ConfigParseInterfaceID: interface specific index %d not found (interface may not be UP)",ifindex
);
5746 // Set the correct interface from configd before passing this to mDNS_AddDNSServer() below
5747 interface
= (mDNSInterfaceID
)(unsigned long)ifindex
;
5752 mDNSlocal
void ConfigNonUnicastResolver(mDNS
*const m
, dns_resolver_t
*r
)
5754 char *opt
= r
->options
;
5757 if (opt
&& !strncmp(opt
, "mdns", strlen(opt
)))
5759 if (!MakeDomainNameFromDNSNameString(&d
, r
->domain
))
5761 LogMsg("ConfigNonUnicastResolver: config->resolver bad domain %s", r
->domain
);
5764 mDNS_AddMcastResolver(m
, &d
, mDNSInterface_Any
, r
->timeout
);
5768 mDNSlocal
void ConfigDNSServers(mDNS
*const m
, dns_resolver_t
*r
, mDNSInterfaceID interface
, mDNSu32 scope
, mDNSu16 resGroupID
)
5773 mDNSBool cellIntf
= mDNSfalse
;
5774 mDNSBool scopedDNS
= mDNSfalse
;
5775 mDNSBool reqA
, reqAAAA
;
5777 if (!r
->domain
|| !*r
->domain
)
5781 else if (!MakeDomainNameFromDNSNameString(&d
, r
->domain
))
5783 LogMsg("ConfigDNSServers: bad domain %s", r
->domain
);
5786 // Parse the resolver specific attributes that affects all the DNS servers.
5787 if (scope
== kScopeInterfaceID
)
5789 scopedDNS
= mDNStrue
;
5791 else if (scope
== kScopeServiceID
)
5793 serviceID
= r
->service_identifier
;
5796 #if TARGET_OS_IPHONE
5797 cellIntf
= (r
->reach_flags
& kSCNetworkReachabilityFlagsIsWWAN
) ? mDNStrue
: mDNSfalse
;
5799 reqA
= (r
->flags
& DNS_RESOLVER_FLAGS_REQUEST_A_RECORDS
? mDNStrue
: mDNSfalse
);
5800 reqAAAA
= (r
->flags
& DNS_RESOLVER_FLAGS_REQUEST_AAAA_RECORDS
? mDNStrue
: mDNSfalse
);
5802 for (n
= 0; n
< r
->n_nameserver
; n
++)
5807 if (r
->nameserver
[n
]->sa_family
!= AF_INET
&& r
->nameserver
[n
]->sa_family
!= AF_INET6
)
5810 if (SetupAddr(&saddr
, r
->nameserver
[n
]))
5812 LogMsg("ConfigDNSServers: Bad address");
5816 // The timeout value is for all the DNS servers in a given resolver, hence we pass
5817 // the timeout value only for the first DNSServer. If we don't have a value in the
5818 // resolver, then use the core's default value
5820 // Note: this assumes that when the core picks a list of DNSServers for a question,
5821 // it takes the sum of all the timeout values for all DNS servers. By doing this, it
5822 // tries all the DNS servers in a specified timeout
5823 s
= mDNS_AddDNSServer(m
, &d
, interface
, serviceID
, &saddr
, r
->port
? mDNSOpaque16fromIntVal(r
->port
) : UnicastDNSPort
, scope
,
5824 (n
== 0 ? (r
->timeout
? r
->timeout
: DEFAULT_UDNS_TIMEOUT
) : 0), cellIntf
, resGroupID
, reqA
, reqAAAA
, mDNStrue
);
5827 LogInfo("ConfigDNSServers(%s): DNS server %#a:%d for domain %##s", DNSScopeToString(scope
), &s
->addr
, mDNSVal16(s
->port
), d
.c
);
5832 // ConfigResolvers is called for different types of resolvers: Unscoped resolver, Interface scope resolver and
5833 // Service scope resolvers. This is indicated by the scope argument.
5835 // "resolver" has entries that should only be used for unscoped questions.
5837 // "scoped_resolver" has entries that should only be used for Interface scoped question i.e., questions that specify an
5838 // interface index (q->InterfaceID)
5840 // "service_specific_resolver" has entries that should be used for Service scoped question i.e., questions that specify
5841 // a service identifier (q->ServiceID)
5843 mDNSlocal
void ConfigResolvers(mDNS
*const m
, dns_config_t
*config
, mDNSu32 scope
, mDNSBool setsearch
, mDNSBool setservers
, MD5_CTX
*sdc
, mDNSu16 resGroupID
)
5846 dns_resolver_t
**resolver
;
5848 const char *scopeString
= DNSScopeToString(scope
);
5849 mDNSInterfaceID interface
;
5854 resolver
= config
->resolver
;
5855 nresolvers
= config
->n_resolver
;
5857 case kScopeInterfaceID
:
5858 resolver
= config
->scoped_resolver
;
5859 nresolvers
= config
->n_scoped_resolver
;
5861 case kScopeServiceID
:
5862 resolver
= config
->service_specific_resolver
;
5863 nresolvers
= config
->n_service_specific_resolver
;
5868 qsort(resolver
, nresolvers
, sizeof(dns_resolver_t
*), compare_dns_configs
);
5870 for (i
= 0; i
< nresolvers
; i
++)
5872 dns_resolver_t
*r
= resolver
[i
];
5874 LogInfo("ConfigResolvers: %s resolver[%d] domain %s n_nameserver %d", scopeString
, i
, r
->domain
, r
->n_nameserver
);
5876 interface
= mDNSInterface_Any
;
5878 // Parse the interface index
5879 if (r
->if_index
!= 0)
5881 interface
= ConfigParseInterfaceID(m
, r
->if_index
);
5886 ConfigSearchDomains(m
, resolver
[i
], interface
, scope
, sdc
);
5887 // Parse other scoped resolvers for search lists
5892 if (r
->port
== 5353 || r
->n_nameserver
== 0)
5894 ConfigNonUnicastResolver(m
, r
);
5898 // Each scoped resolver gets its own ID (i.e., they are in their own group) so that responses from the
5899 // scoped resolver are not used by other non-scoped or scoped resolvers.
5900 if (scope
!= kScopeNone
)
5903 ConfigDNSServers(m
, r
, interface
, scope
, resGroupID
);
5908 #if APPLE_OSX_mDNSResponder
5909 mDNSlocal mDNSBool
QuestionValidForDNSTrigger(DNSQuestion
*q
)
5911 if (QuerySuppressed(q
))
5913 debugf("QuestionValidForDNSTrigger: Suppressed: %##s (%s)", q
->qname
.c
, DNSTypeName(q
->qtype
));
5916 if (mDNSOpaque16IsZero(q
->TargetQID
))
5918 debugf("QuestionValidForDNSTrigger: Multicast: %##s (%s)", q
->qname
.c
, DNSTypeName(q
->qtype
));
5921 // If we answered using LocalOnly records e.g., /etc/hosts, don't consider that a valid response
5923 if (q
->LOAddressAnswers
)
5925 debugf("QuestionValidForDNSTrigger: LocalOnly answers: %##s (%s)", q
->qname
.c
, DNSTypeName(q
->qtype
));
5932 // This function is called if we are not delivering unicast answers to "A" or "AAAA" questions.
5933 // We set our state appropriately so that if we start receiving answers, trigger the
5934 // upper layer to retry DNS questions.
5935 #if APPLE_OSX_mDNSResponder
5936 mDNSexport
void mDNSPlatformUpdateDNSStatus(mDNS
*const m
, DNSQuestion
*q
)
5938 if (!QuestionValidForDNSTrigger(q
))
5941 // Ignore applications that start and stop queries for no reason before we ever talk
5942 // to any DNS server.
5943 if (!q
->triedAllServersOnce
)
5945 LogInfo("QuestionValidForDNSTrigger: question %##s (%s) stopped too soon", q
->qname
.c
, DNSTypeName(q
->qtype
));
5948 if (q
->qtype
== kDNSType_A
)
5949 m
->p
->v4answers
= 0;
5950 if (q
->qtype
== kDNSType_AAAA
)
5951 m
->p
->v6answers
= 0;
5952 if (!m
->p
->v4answers
|| !m
->p
->v6answers
)
5954 LogInfo("mDNSPlatformUpdateDNSStatus: Trigger needed v4 %d, v6 %d, quesiton %##s (%s)", m
->p
->v4answers
, m
->p
->v6answers
, q
->qname
.c
,
5955 DNSTypeName(q
->qtype
));
5960 mDNSlocal
void AckConfigd(mDNS
*const m
, dns_config_t
*config
)
5964 // Acking the configuration triggers configd to reissue the reachability queries
5965 m
->p
->DNSTrigger
= NonZeroTime(m
->timenow
);
5966 _dns_configuration_ack(config
, "com.apple.mDNSResponder");
5969 // If v4q is non-NULL, it means we have received some answers for "A" type questions
5970 // If v6q is non-NULL, it means we have received some answers for "AAAA" type questions
5971 #if APPLE_OSX_mDNSResponder
5972 mDNSexport
void mDNSPlatformTriggerDNSRetry(mDNS
*const m
, DNSQuestion
*v4q
, DNSQuestion
*v6q
)
5974 mDNSBool trigger
= mDNSfalse
;
5977 // Don't send triggers too often.
5978 // If we have started delivering answers to questions, we should send a trigger
5979 // if the time permits. If we are delivering answers, we should set the state
5980 // of v4answers/v6answers to 1 and avoid sending a trigger. But, we don't know
5981 // whether the answers that are being delivered currently is for configd or some
5982 // other application. If we set the v4answers/v6answers to 1 and not deliver a trigger,
5983 // then we won't deliver the trigger later when it is okay to send one as the
5984 // "answers" are already set to 1. Hence, don't affect the state of v4answers and
5985 // v6answers if we are not delivering triggers.
5987 timenow
= m
->timenow
;
5988 if (m
->p
->DNSTrigger
&& (timenow
- m
->p
->DNSTrigger
) < DNS_TRIGGER_INTERVAL
)
5990 if (!m
->p
->v4answers
|| !m
->p
->v6answers
)
5992 debugf("mDNSPlatformTriggerDNSRetry: not triggering, time since last trigger %d ms, v4ans %d, v6ans %d",
5993 (timenow
- m
->p
->DNSTrigger
), m
->p
->v4answers
, m
->p
->v6answers
);
5999 if (v4q
!= NULL
&& QuestionValidForDNSTrigger(v4q
))
6001 int old
= m
->p
->v4answers
;
6003 m
->p
->v4answers
= 1;
6005 // If there are IPv4 answers now and previously we did not have
6006 // any answers, trigger a DNS change so that reachability
6007 // can retry the queries again.
6010 LogInfo("mDNSPlatformTriggerDNSRetry: Triggering because of IPv4, last trigger %d ms, %##s (%s)", (timenow
- m
->p
->DNSTrigger
),
6011 v4q
->qname
.c
, DNSTypeName(v4q
->qtype
));
6015 if (v6q
!= NULL
&& QuestionValidForDNSTrigger(v6q
))
6017 int old
= m
->p
->v6answers
;
6019 m
->p
->v6answers
= 1;
6020 // If there are IPv6 answers now and previously we did not have
6021 // any answers, trigger a DNS change so that reachability
6022 // can retry the queries again.
6025 LogInfo("mDNSPlatformTriggerDNSRetry: Triggering because of IPv6, last trigger %d ms, %##s (%s)", (timenow
- m
->p
->DNSTrigger
),
6026 v6q
->qname
.c
, DNSTypeName(v6q
->qtype
));
6032 dns_config_t
*config
= dns_configuration_copy();
6036 AckConfigd(m
, config
);
6038 dns_configuration_free(config
);
6042 LogMsg("mDNSPlatformTriggerDNSRetry: ERROR!! configd did not return config");
6047 mDNSlocal
void SetupActiveDirectoryDomain(dns_config_t
*config
)
6049 // Record the so-called "primary" domain, which we use as a hint to tell if the user is on a network set up
6050 // by someone using Microsoft Active Directory using "local" as a private internal top-level domain
6051 if (config
->n_resolver
&& config
->resolver
[0]->domain
&& config
->resolver
[0]->n_nameserver
&&
6052 config
->resolver
[0]->nameserver
[0])
6054 MakeDomainNameFromDNSNameString(&ActiveDirectoryPrimaryDomain
, config
->resolver
[0]->domain
);
6058 ActiveDirectoryPrimaryDomain
.c
[0] = 0;
6061 //MakeDomainNameFromDNSNameString(&ActiveDirectoryPrimaryDomain, "test.local");
6062 ActiveDirectoryPrimaryDomainLabelCount
= CountLabels(&ActiveDirectoryPrimaryDomain
);
6063 if (config
->n_resolver
&& config
->resolver
[0]->n_nameserver
&&
6064 SameDomainName(SkipLeadingLabels(&ActiveDirectoryPrimaryDomain
, ActiveDirectoryPrimaryDomainLabelCount
- 1), &localdomain
))
6066 SetupAddr(&ActiveDirectoryPrimaryDomainServer
, config
->resolver
[0]->nameserver
[0]);
6070 AssignDomainName(&ActiveDirectoryPrimaryDomain
, (const domainname
*)"");
6071 ActiveDirectoryPrimaryDomainLabelCount
= 0;
6072 ActiveDirectoryPrimaryDomainServer
= zeroAddr
;
6077 mDNSlocal
void SetupDDNSDomains(domainname
*const fqdn
, DNameListElem
**RegDomains
, DNameListElem
**BrowseDomains
)
6080 char buf
[MAX_ESCAPED_DOMAIN_NAME
]; // Max legal C-string name, including terminating NUL
6083 SCDynamicStoreRef store
= SCDynamicStoreCreate(NULL
, CFSTR("mDNSResponder:SetupDDNSDomains"), NULL
, NULL
);
6086 LogMsg("SetupDDNSDomains: SCDynamicStoreCreate failed: %s", SCErrorString(SCError()));
6090 CFDictionaryRef ddnsdict
= SCDynamicStoreCopyValue(store
, NetworkChangedKey_DynamicDNS
);
6095 CFArrayRef fqdnArray
= CFDictionaryGetValue(ddnsdict
, CFSTR("HostNames"));
6096 if (fqdnArray
&& CFArrayGetCount(fqdnArray
) > 0)
6098 // for now, we only look at the first array element. if we ever support multiple configurations, we will walk the list
6099 CFDictionaryRef fqdnDict
= CFArrayGetValueAtIndex(fqdnArray
, 0);
6100 if (fqdnDict
&& DictionaryIsEnabled(fqdnDict
))
6102 CFStringRef name
= CFDictionaryGetValue(fqdnDict
, CFSTR("Domain"));
6105 if (!CFStringGetCString(name
, buf
, sizeof(buf
), kCFStringEncodingUTF8
) ||
6106 !MakeDomainNameFromDNSNameString(fqdn
, buf
) || !fqdn
->c
[0])
6107 LogMsg("GetUserSpecifiedDDNSConfig SCDynamicStore bad DDNS host name: %s", buf
[0] ? buf
: "(unknown)");
6108 else debugf("GetUserSpecifiedDDNSConfig SCDynamicStore DDNS host name: %s", buf
);
6116 CFArrayRef regArray
= CFDictionaryGetValue(ddnsdict
, CFSTR("RegistrationDomains"));
6117 if (regArray
&& CFArrayGetCount(regArray
) > 0)
6119 CFDictionaryRef regDict
= CFArrayGetValueAtIndex(regArray
, 0);
6120 if (regDict
&& DictionaryIsEnabled(regDict
))
6122 CFStringRef name
= CFDictionaryGetValue(regDict
, CFSTR("Domain"));
6125 if (!CFStringGetCString(name
, buf
, sizeof(buf
), kCFStringEncodingUTF8
) ||
6126 !MakeDomainNameFromDNSNameString(&d
, buf
) || !d
.c
[0])
6127 LogMsg("GetUserSpecifiedDDNSConfig SCDynamicStore bad DDNS registration domain: %s", buf
[0] ? buf
: "(unknown)");
6130 debugf("GetUserSpecifiedDDNSConfig SCDynamicStore DDNS registration domain: %s", buf
);
6131 AppendDNameListElem(&RegDomains
, 0, &d
);
6140 CFArrayRef browseArray
= CFDictionaryGetValue(ddnsdict
, CFSTR("BrowseDomains"));
6143 for (i
= 0; i
< CFArrayGetCount(browseArray
); i
++)
6145 CFDictionaryRef browseDict
= CFArrayGetValueAtIndex(browseArray
, i
);
6146 if (browseDict
&& DictionaryIsEnabled(browseDict
))
6148 CFStringRef name
= CFDictionaryGetValue(browseDict
, CFSTR("Domain"));
6151 if (!CFStringGetCString(name
, buf
, sizeof(buf
), kCFStringEncodingUTF8
) ||
6152 !MakeDomainNameFromDNSNameString(&d
, buf
) || !d
.c
[0])
6153 LogMsg("GetUserSpecifiedDDNSConfig SCDynamicStore bad DDNS browsing domain: %s", buf
[0] ? buf
: "(unknown)");
6156 debugf("GetUserSpecifiedDDNSConfig SCDynamicStore DDNS browsing domain: %s", buf
);
6157 AppendDNameListElem(&BrowseDomains
, 0, &d
);
6164 CFRelease(ddnsdict
);
6169 CFDictionaryRef btmm
= SCDynamicStoreCopyValue(store
, NetworkChangedKey_BackToMyMac
);
6172 CFIndex size
= CFDictionaryGetCount(btmm
);
6173 const void *key
[size
];
6174 const void *val
[size
];
6175 CFDictionaryGetKeysAndValues(btmm
, key
, val
);
6176 for (i
= 0; i
< size
; i
++)
6178 LogInfo("BackToMyMac %d", i
);
6179 if (!CFStringGetCString(key
[i
], buf
, sizeof(buf
), kCFStringEncodingUTF8
))
6180 LogMsg("Can't read BackToMyMac %d key %s", i
, buf
);
6183 mDNSu32 uid
= atoi(buf
);
6184 if (!CFStringGetCString(val
[i
], buf
, sizeof(buf
), kCFStringEncodingUTF8
))
6185 LogMsg("Can't read BackToMyMac %d val %s", i
, buf
);
6186 else if (MakeDomainNameFromDNSNameString(&d
, buf
) && d
.c
[0])
6188 LogInfo("BackToMyMac %d %d %##s", i
, uid
, d
.c
);
6189 AppendDNameListElem(&RegDomains
, uid
, &d
);
6200 // Returns mDNSfalse, if it does not set the configuration i.e., if the DNS configuration did not change
6201 mDNSexport mDNSBool
mDNSPlatformSetDNSConfig(mDNS
*const m
, mDNSBool setservers
, mDNSBool setsearch
, domainname
*const fqdn
,
6202 DNameListElem
**RegDomains
, DNameListElem
**BrowseDomains
, mDNSBool ackConfig
)
6204 MD5_CTX sdc
; // search domain context
6205 static mDNSu16 resolverGroupID
= 0;
6207 // Need to set these here because we need to do this even if SCDynamicStoreCreate() or SCDynamicStoreCopyValue() below don't succeed
6208 if (fqdn
) fqdn
->c
[0] = 0;
6209 if (RegDomains
) *RegDomains
= NULL
;
6210 if (BrowseDomains
) *BrowseDomains
= NULL
;
6212 LogInfo("mDNSPlatformSetDNSConfig:%s%s%s%s%s",
6213 setservers
? " setservers" : "",
6214 setsearch
? " setsearch" : "",
6215 fqdn
? " fqdn" : "",
6216 RegDomains
? " RegDomains" : "",
6217 BrowseDomains
? " BrowseDomains" : "");
6219 if (setsearch
) MD5_Init(&sdc
);
6221 // Add the inferred address-based configuration discovery domains
6222 // (should really be in core code I think, not platform-specific)
6225 struct ifaddrs
*ifa
= mDNSNULL
;
6226 struct sockaddr_in saddr
;
6227 mDNSPlatformMemZero(&saddr
, sizeof(saddr
));
6228 saddr
.sin_len
= sizeof(saddr
);
6229 saddr
.sin_family
= AF_INET
;
6231 saddr
.sin_addr
.s_addr
= *(in_addr_t
*)&m
->Router
.ip
.v4
;
6233 // Don't add any reverse-IP search domains if doing the WAB bootstrap queries would cause dial-on-demand connection initiation
6234 if (!AddrRequiresPPPConnection((struct sockaddr
*)&saddr
)) ifa
= myGetIfAddrs(1);
6241 if (ifa
->ifa_addr
->sa_family
== AF_INET
&&
6243 !(ifa
->ifa_flags
& IFF_LOOPBACK
) &&
6244 !SetupAddr(&a
, ifa
->ifa_addr
) &&
6245 !mDNSv4AddressIsLinkLocal(&a
.ip
.v4
) )
6247 // Apparently it's normal for the sa_family of an ifa_netmask to sometimes be incorrect, so we explicitly fix it here before calling SetupAddr
6248 // <rdar://problem/5492035> getifaddrs is returning invalid netmask family for fw0 and vmnet
6249 ifa
->ifa_netmask
->sa_family
= ifa
->ifa_addr
->sa_family
; // Make sure ifa_netmask->sa_family is set correctly
6250 SetupAddr(&n
, ifa
->ifa_netmask
);
6251 // Note: This is reverse order compared to a normal dotted-decimal IP address, so we can't use our customary "%.4a" format code
6252 mDNS_snprintf(buf
, sizeof(buf
), "%d.%d.%d.%d.in-addr.arpa.", a
.ip
.v4
.b
[3] & n
.ip
.v4
.b
[3],
6253 a
.ip
.v4
.b
[2] & n
.ip
.v4
.b
[2],
6254 a
.ip
.v4
.b
[1] & n
.ip
.v4
.b
[1],
6255 a
.ip
.v4
.b
[0] & n
.ip
.v4
.b
[0]);
6256 UpdateSearchDomainHash(m
, &sdc
, buf
, NULL
);
6257 mDNS_AddSearchDomain_CString(buf
, mDNSNULL
);
6259 ifa
= ifa
->ifa_next
;
6263 #ifndef MDNS_NO_DNSINFO
6264 if (setservers
|| setsearch
)
6266 dns_config_t
*config
= dns_configuration_copy();
6269 // When running on 10.3 (build 7xxx) and earlier, we don't expect dns_configuration_copy() to succeed
6270 // On 10.4, calls to dns_configuration_copy() early in the boot process often fail.
6271 // Apparently this is expected behaviour -- "not a bug".
6272 // Accordingly, we suppress syslog messages for the first three minutes after boot.
6273 // If we are still getting failures after three minutes, then we log them.
6274 if ((mDNSu32
)mDNSPlatformRawTime() > (mDNSu32
)(mDNSPlatformOneSecond
* 180))
6275 LogMsg("mDNSPlatformSetDNSConfig: Error: dns_configuration_copy returned NULL");
6279 LogInfo("mDNSPlatformSetDNSConfig: config->n_resolver = %d, generation %llu", config
->n_resolver
, config
->generation
);
6280 // SameDomainName check below is to fix <rdar://problem/18059009> Dynamic DNS hostname changes not noticed
6281 if (m
->p
->LastConfigGeneration
== config
->generation
&& (!fqdn
|| (SameDomainName(fqdn
, &m
->FQDN
))))
6283 LogInfo("mDNSPlatformSetDNSConfig: generation number %llu same, not processing", config
->generation
);
6284 dns_configuration_free(config
);
6285 SetupDDNSDomains(fqdn
, RegDomains
, BrowseDomains
);
6288 #if APPLE_OSX_mDNSResponder
6289 SetupActiveDirectoryDomain(config
);
6292 // With scoped DNS, we don't want to answer a non-scoped question using a scoped cache entry
6293 // and vice-versa. As we compare resolverGroupID for matching cache entry with question, we need
6294 // to make sure that they don't match. We ensure this by always bumping up resolverGroupID between
6295 // the two calls to ConfigResolvers DNSServers for scoped and non-scoped can never have the
6296 // same resolverGroupID.
6298 // All non-scoped resolvers use the same resolverGroupID i.e, we treat them all equally.
6299 ConfigResolvers(m
, config
, kScopeNone
, setsearch
, setservers
, &sdc
, ++resolverGroupID
);
6300 resolverGroupID
+= config
->n_resolver
;
6302 ConfigResolvers(m
, config
, kScopeInterfaceID
, setsearch
, setservers
, &sdc
, resolverGroupID
);
6303 resolverGroupID
+= config
->n_scoped_resolver
;
6305 ConfigResolvers(m
, config
, kScopeServiceID
, setsearch
, setservers
, &sdc
, resolverGroupID
);
6307 // Acking provides a hint that we processed this current configuration and
6308 // we will use that from now on, assuming we don't get another one immediately
6309 // after we return from here.
6312 // Note: We have to set the generation number here when we are acking.
6313 // For every DNS configuration change, we do the following:
6315 // 1) Copy dns configuration, handle search domains change
6316 // 2) Copy dns configuration, handle dns server change
6318 // If we update the generation number at step (1), we won't process the
6319 // DNS servers the second time because generation number would be the same.
6320 // As we ack only when we process dns servers, we set the generation number
6322 m
->p
->LastConfigGeneration
= config
->generation
;
6323 LogInfo("mDNSPlatformSetDNSConfig: Acking configuration setservers %d, setsearch %d", setservers
, setsearch
);
6324 AckConfigd(m
, config
);
6326 dns_configuration_free(config
);
6327 if (setsearch
) FinalizeSearchDomainHash(m
, &sdc
);
6328 setservers
= mDNSfalse
; // Done these now -- no need to fetch the same data from SCDynamicStore
6329 setsearch
= mDNSfalse
;
6332 #endif // MDNS_NO_DNSINFO
6333 SetupDDNSDomains(fqdn
, RegDomains
, BrowseDomains
);
6338 mDNSexport mStatus
mDNSPlatformGetPrimaryInterface(mDNS
*const m
, mDNSAddr
*v4
, mDNSAddr
*v6
, mDNSAddr
*r
)
6343 SCDynamicStoreRef store
= SCDynamicStoreCreate(NULL
, CFSTR("mDNSResponder:mDNSPlatformGetPrimaryInterface"), NULL
, NULL
);
6345 LogMsg("mDNSPlatformGetPrimaryInterface: SCDynamicStoreCreate failed: %s", SCErrorString(SCError()));
6348 CFDictionaryRef dict
= SCDynamicStoreCopyValue(store
, NetworkChangedKey_IPv4
);
6351 r
->type
= mDNSAddrType_IPv4
;
6352 r
->ip
.v4
= zerov4Addr
;
6353 CFStringRef string
= CFDictionaryGetValue(dict
, kSCPropNetIPv4Router
);
6356 if (!CFStringGetCString(string
, buf
, 256, kCFStringEncodingUTF8
))
6357 LogMsg("Could not convert router to CString");
6360 struct sockaddr_in saddr
;
6361 saddr
.sin_len
= sizeof(saddr
);
6362 saddr
.sin_family
= AF_INET
;
6364 inet_aton(buf
, &saddr
.sin_addr
);
6366 *(in_addr_t
*)&r
->ip
.v4
= saddr
.sin_addr
.s_addr
;
6370 string
= CFDictionaryGetValue(dict
, kSCDynamicStorePropNetPrimaryInterface
);
6373 mDNSBool HavePrimaryGlobalv6
= mDNSfalse
; // does the primary interface have a global v6 address?
6374 struct ifaddrs
*ifa
= myGetIfAddrs(1);
6376 *v4
= *v6
= zeroAddr
;
6378 if (!CFStringGetCString(string
, buf
, 256, kCFStringEncodingUTF8
)) { LogMsg("Could not convert router to CString"); goto exit
; }
6380 // find primary interface in list
6381 while (ifa
&& (mDNSIPv4AddressIsZero(v4
->ip
.v4
) || mDNSv4AddressIsLinkLocal(&v4
->ip
.v4
) || !HavePrimaryGlobalv6
))
6383 mDNSAddr tmp6
= zeroAddr
;
6384 if (!strcmp(buf
, ifa
->ifa_name
))
6386 if (ifa
->ifa_addr
->sa_family
== AF_INET
)
6388 if (mDNSIPv4AddressIsZero(v4
->ip
.v4
) || mDNSv4AddressIsLinkLocal(&v4
->ip
.v4
)) SetupAddr(v4
, ifa
->ifa_addr
);
6390 else if (ifa
->ifa_addr
->sa_family
== AF_INET6
)
6392 SetupAddr(&tmp6
, ifa
->ifa_addr
);
6393 if (tmp6
.ip
.v6
.b
[0] >> 5 == 1) // global prefix: 001
6394 { HavePrimaryGlobalv6
= mDNStrue
; *v6
= tmp6
; }
6399 // We'll take a V6 address from the non-primary interface if the primary interface doesn't have a global V6 address
6400 if (!HavePrimaryGlobalv6
&& ifa
->ifa_addr
->sa_family
== AF_INET6
&& !v6
->ip
.v6
.b
[0])
6402 SetupAddr(&tmp6
, ifa
->ifa_addr
);
6403 if (tmp6
.ip
.v6
.b
[0] >> 5 == 1) *v6
= tmp6
;
6406 ifa
= ifa
->ifa_next
;
6409 // Note that while we advertise v6, we still require v4 (possibly NAT'd, but not link-local) because we must use
6410 // V4 to communicate w/ our DNS server
6418 return mStatus_NoError
;
6421 mDNSexport
void mDNSPlatformDynDNSHostNameStatusChanged(const domainname
*const dname
, const mStatus status
)
6423 LogInfo("mDNSPlatformDynDNSHostNameStatusChanged %d %##s", status
, dname
->c
);
6424 char uname
[MAX_ESCAPED_DOMAIN_NAME
]; // Max legal C-string name, including terminating NUL
6425 ConvertDomainNameToCString(dname
, uname
);
6431 if (!(*(p
+1)) && *p
== '.') *p
= 0; // if last character, strip trailing dot
6435 // We need to make a CFDictionary called "State:/Network/DynamicDNS" containing (at present) a single entity.
6436 // That single entity is a CFDictionary with name "HostNames".
6437 // The "HostNames" CFDictionary contains a set of name/value pairs, where the each name is the FQDN
6438 // in question, and the corresponding value is a CFDictionary giving the state for that FQDN.
6439 // (At present we only support a single FQDN, so this dictionary holds just a single name/value pair.)
6440 // The CFDictionary for each FQDN holds (at present) a single name/value pair,
6441 // where the name is "Status" and the value is a CFNumber giving an errror code (with zero meaning success).
6443 const CFStringRef StateKeys
[1] = { CFSTR("HostNames") };
6444 const CFStringRef HostKeys
[1] = { CFStringCreateWithCString(NULL
, uname
, kCFStringEncodingUTF8
) };
6445 const CFStringRef StatusKeys
[1] = { CFSTR("Status") };
6446 if (!HostKeys
[0]) LogMsg("SetDDNSNameStatus: CFStringCreateWithCString(%s) failed", uname
);
6449 const CFNumberRef StatusVals
[1] = { CFNumberCreate(NULL
, kCFNumberSInt32Type
, &status
) };
6450 if (!StatusVals
[0]) LogMsg("SetDDNSNameStatus: CFNumberCreate(%d) failed", status
);
6453 const CFDictionaryRef HostVals
[1] = { CFDictionaryCreate(NULL
, (void*)StatusKeys
, (void*)StatusVals
, 1, &kCFTypeDictionaryKeyCallBacks
, &kCFTypeDictionaryValueCallBacks
) };
6456 const CFDictionaryRef StateVals
[1] = { CFDictionaryCreate(NULL
, (void*)HostKeys
, (void*)HostVals
, 1, &kCFTypeDictionaryKeyCallBacks
, &kCFTypeDictionaryValueCallBacks
) };
6459 CFDictionaryRef StateDict
= CFDictionaryCreate(NULL
, (void*)StateKeys
, (void*)StateVals
, 1, &kCFTypeDictionaryKeyCallBacks
, &kCFTypeDictionaryValueCallBacks
);
6462 mDNSDynamicStoreSetConfig(kmDNSDynamicConfig
, mDNSNULL
, StateDict
);
6463 CFRelease(StateDict
);
6465 CFRelease(StateVals
[0]);
6467 CFRelease(HostVals
[0]);
6469 CFRelease(StatusVals
[0]);
6471 CFRelease(HostKeys
[0]);
6475 #if APPLE_OSX_mDNSResponder
6478 // checks whether a domain is present in Setup:/Network/BackToMyMac. Just because there is a key in the
6479 // keychain for a domain, it does not become a valid BTMM domain. If things get inconsistent, this will
6481 mDNSlocal mDNSBool
IsBTMMDomain(domainname
*d
)
6483 SCDynamicStoreRef store
= SCDynamicStoreCreate(NULL
, CFSTR("mDNSResponder:IsBTMMDomain"), NULL
, NULL
);
6486 LogMsg("IsBTMMDomain: SCDynamicStoreCreate failed: %s", SCErrorString(SCError()));
6489 CFDictionaryRef btmm
= SCDynamicStoreCopyValue(store
, NetworkChangedKey_BackToMyMac
);
6492 CFIndex size
= CFDictionaryGetCount(btmm
);
6493 char buf
[MAX_ESCAPED_DOMAIN_NAME
]; // Max legal C-string name, including terminating NUL
6494 const void *key
[size
];
6495 const void *val
[size
];
6498 CFDictionaryGetKeysAndValues(btmm
, key
, val
);
6499 for (i
= 0; i
< size
; i
++)
6501 LogInfo("BackToMyMac %d", i
);
6502 if (!CFStringGetCString(key
[i
], buf
, sizeof(buf
), kCFStringEncodingUTF8
))
6503 LogMsg("IsBTMMDomain: ERROR!! Can't read BackToMyMac %d key %s", i
, buf
);
6506 mDNSu32 uid
= atoi(buf
);
6507 if (!CFStringGetCString(val
[i
], buf
, sizeof(buf
), kCFStringEncodingUTF8
))
6508 LogMsg("IsBTMMDomain: Can't read BackToMyMac %d val %s", i
, buf
);
6509 else if (MakeDomainNameFromDNSNameString(&dom
, buf
) && dom
.c
[0])
6511 if (SameDomainName(&dom
, d
))
6513 LogInfo("IsBTMMDomain: Domain %##s is a btmm domain, uid %u", d
->c
, uid
);
6524 LogInfo("IsBTMMDomain: Domain %##s not a btmm domain", d
->c
);
6528 // Appends data to the buffer
6529 mDNSlocal
int AddOneItem(char *buf
, int bufsz
, char *data
, int *currlen
)
6533 len
= strlcpy(buf
+ *currlen
, data
, bufsz
- *currlen
);
6534 if (len
>= (bufsz
- *currlen
))
6536 // if we have exceeded the space in buf, it has already been NULL terminated
6537 // and we have nothing more to do. Set currlen to the last byte so that the caller
6538 // knows to do the right thing
6539 LogMsg("AddOneItem: Exceeded the max buffer size currlen %d, len %d", *currlen
, len
);
6540 *currlen
= bufsz
- 1;
6543 else { (*currlen
) += len
; }
6545 buf
[*currlen
] = ',';
6546 if (*currlen
>= bufsz
)
6548 LogMsg("AddOneItem: ERROR!! How can currlen be %d", *currlen
);
6549 *currlen
= bufsz
- 1;
6553 // if we have filled up the buffer exactly, then there is no more work to do
6554 if (*currlen
== bufsz
- 1) { buf
[*currlen
] = 0; return -1; }
6559 // If we have at least one BTMM domain, then trigger the connection to the relay. If we have no
6560 // BTMM domains, then bring down the connection to the relay.
6561 mDNSlocal
void UpdateBTMMRelayConnection(mDNS
*const m
)
6563 DomainAuthInfo
*BTMMDomain
= mDNSNULL
;
6564 DomainAuthInfo
*FoundInList
;
6565 static mDNSBool AWACSDConnected
= mDNSfalse
;
6566 char AllUsers
[1024]; // maximum size of mach message
6567 char AllPass
[1024]; // maximum size of mach message
6568 char username
[MAX_DOMAIN_LABEL
+ 1];
6572 // if a domain is being deleted, we want to send a disconnect. If we send a disconnect now,
6573 // we may not be able to send the dns queries over the relay connection which may be needed
6574 // for sending the deregistrations. Hence, we need to delay sending the disconnect. But we
6575 // need to make sure that we send the disconnect before attempting the next connect as the
6576 // awacs connections are redirected based on usernames.
6578 // For now we send a disconnect immediately. When we start sending dns queries over the relay
6579 // connection, we will need to fix this.
6581 for (FoundInList
= m
->AuthInfoList
; FoundInList
; FoundInList
= FoundInList
->next
)
6582 if (!FoundInList
->deltime
&& FoundInList
->AutoTunnel
&& IsBTMMDomain(&FoundInList
->domain
))
6584 // We need the passwd from the first domain.
6585 BTMMDomain
= FoundInList
;
6586 ConvertDomainLabelToCString_unescaped((domainlabel
*)BTMMDomain
->domain
.c
, username
);
6587 LogInfo("UpdateBTMMRelayConnection: user %s for domain %##s", username
, BTMMDomain
->domain
.c
);
6588 if (AddOneItem(AllUsers
, sizeof(AllUsers
), username
, &currulen
) == -1) break;
6589 if (AddOneItem(AllPass
, sizeof(AllPass
), BTMMDomain
->b64keydata
, &currplen
) == -1) break;
6594 // In the normal case (where we neither exceed the buffer size nor write bytes that
6595 // fit exactly into the buffer), currulen/currplen should be a different size than
6596 // (AllUsers - 1) / (AllPass - 1). In that case, we need to override the "," with a NULL byte.
6598 if (currulen
!= (int)(sizeof(AllUsers
) - 1)) AllUsers
[currulen
- 1] = 0;
6599 if (currplen
!= (int)(sizeof(AllPass
) - 1)) AllPass
[currplen
- 1] = 0;
6601 LogInfo("UpdateBTMMRelayConnection: AWS_Connect for user %s", AllUsers
);
6602 AWACS_Connect(AllUsers
, AllPass
, "hello.connectivity.me.com");
6603 AWACSDConnected
= mDNStrue
;
6607 // Disconnect only if we connected previously
6608 if (AWACSDConnected
)
6610 LogInfo("UpdateBTMMRelayConnection: AWS_Disconnect");
6612 AWACSDConnected
= mDNSfalse
;
6614 else LogInfo("UpdateBTMMRelayConnection: Not calling AWS_Disconnect");
6618 mDNSlocal
void UpdateBTMMRelayConnection(mDNS
*const m
)
6621 LogInfo("UpdateBTMMRelayConnection: AWACS connection not started, no AWACS library");
6623 #endif // ! NO_AWACS
6625 mDNSlocal
void ProcessConndConfigChanges(mDNS
*const m
);
6627 #endif // APPLE_OSX_mDNSResponder
6629 // MUST be called holding the lock
6630 mDNSexport
void SetDomainSecrets(mDNS
*m
)
6632 #ifdef NO_SECURITYFRAMEWORK
6634 LogMsg("Note: SetDomainSecrets: no keychain support");
6636 mDNSBool haveAutoTunnels
= mDNSfalse
;
6638 LogInfo("SetDomainSecrets");
6640 // Rather than immediately deleting all keys now, we mark them for deletion in ten seconds.
6641 // In the case where the user simultaneously removes their DDNS host name and the key
6642 // for it, this gives mDNSResponder ten seconds to gracefully delete the name from the
6643 // server before it loses access to the necessary key. Otherwise, we'd leave orphaned
6644 // address records behind that we no longer have permission to delete.
6645 DomainAuthInfo
*ptr
;
6646 for (ptr
= m
->AuthInfoList
; ptr
; ptr
= ptr
->next
)
6647 ptr
->deltime
= NonZeroTime(m
->timenow
+ mDNSPlatformOneSecond
*10);
6649 #if APPLE_OSX_mDNSResponder
6651 // Mark all TunnelClients for deletion
6652 ClientTunnel
*client
;
6653 for (client
= m
->TunnelClients
; client
; client
= client
->next
)
6655 LogInfo("SetDomainSecrets: tunnel to %##s marked for deletion", client
->dstname
.c
);
6656 client
->MarkedForDeletion
= mDNStrue
;
6659 #endif // APPLE_OSX_mDNSResponder
6661 // String Array used to write list of private domains to Dynamic Store
6662 CFMutableArrayRef sa
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
6663 if (!sa
) { LogMsg("SetDomainSecrets: CFArrayCreateMutable failed"); return; }
6665 CFDataRef data
= NULL
;
6666 const int itemsPerEntry
= 4; // domain name, key name, key value, Name value
6667 CFArrayRef secrets
= NULL
;
6668 int err
= mDNSKeychainGetSecrets(&secrets
);
6669 if (err
|| !secrets
)
6670 LogMsg("SetDomainSecrets: mDNSKeychainGetSecrets failed error %d CFArrayRef %p", err
, secrets
);
6673 CFIndex ArrayCount
= CFArrayGetCount(secrets
);
6674 // Iterate through the secrets
6675 for (i
= 0; i
< ArrayCount
; ++i
)
6677 mDNSBool AutoTunnel
;
6679 CFArrayRef entry
= CFArrayGetValueAtIndex(secrets
, i
);
6680 if (CFArrayGetTypeID() != CFGetTypeID(entry
) || itemsPerEntry
!= CFArrayGetCount(entry
))
6681 { LogMsg("SetDomainSecrets: malformed entry %d, itemsPerEntry %d", i
, itemsPerEntry
); continue; }
6682 for (j
= 0; j
< CFArrayGetCount(entry
); ++j
)
6683 if (CFDataGetTypeID() != CFGetTypeID(CFArrayGetValueAtIndex(entry
, j
)))
6684 { LogMsg("SetDomainSecrets: malformed entry item %d", j
); continue; }
6686 // The names have already been vetted by the helper, but checking them again here helps humans and automated tools verify correctness
6688 // Max legal domainname as C-string, including space for btmmprefix and terminating NUL
6689 // Get DNS domain this key is for (kmDNSKcWhere)
6690 char stringbuf
[MAX_ESCAPED_DOMAIN_NAME
+ sizeof(btmmprefix
)];
6691 data
= CFArrayGetValueAtIndex(entry
, kmDNSKcWhere
);
6692 if (CFDataGetLength(data
) >= (int)sizeof(stringbuf
))
6693 { LogMsg("SetDomainSecrets: Bad kSecServiceItemAttr length %d", CFDataGetLength(data
)); continue; }
6694 CFDataGetBytes(data
, CFRangeMake(0, CFDataGetLength(data
)), (UInt8
*)stringbuf
);
6695 stringbuf
[CFDataGetLength(data
)] = '\0';
6697 AutoTunnel
= mDNSfalse
;
6699 if (!strncmp(stringbuf
, dnsprefix
, strlen(dnsprefix
)))
6700 offset
= strlen(dnsprefix
);
6701 else if (!strncmp(stringbuf
, btmmprefix
, strlen(btmmprefix
)))
6703 AutoTunnel
= mDNStrue
;
6704 offset
= strlen(btmmprefix
);
6707 if (!MakeDomainNameFromDNSNameString(&domain
, stringbuf
+ offset
)) { LogMsg("SetDomainSecrets: bad key domain %s", stringbuf
); continue; }
6709 // Get key name (kmDNSKcAccount)
6710 data
= CFArrayGetValueAtIndex(entry
, kmDNSKcAccount
);
6711 if (CFDataGetLength(data
) >= (int)sizeof(stringbuf
))
6712 { LogMsg("SetDomainSecrets: Bad kSecAccountItemAttr length %d", CFDataGetLength(data
)); continue; }
6713 CFDataGetBytes(data
, CFRangeMake(0,CFDataGetLength(data
)), (UInt8
*)stringbuf
);
6714 stringbuf
[CFDataGetLength(data
)] = '\0';
6717 if (!MakeDomainNameFromDNSNameString(&keyname
, stringbuf
)) { LogMsg("SetDomainSecrets: bad key name %s", stringbuf
); continue; }
6719 // Get key data (kmDNSKcKey)
6720 data
= CFArrayGetValueAtIndex(entry
, kmDNSKcKey
);
6721 if (CFDataGetLength(data
) >= (int)sizeof(stringbuf
))
6723 LogMsg("SetDomainSecrets: Shared secret too long: %d", CFDataGetLength(data
));
6726 CFDataGetBytes(data
, CFRangeMake(0, CFDataGetLength(data
)), (UInt8
*)stringbuf
);
6727 stringbuf
[CFDataGetLength(data
)] = '\0'; // mDNS_SetSecretForDomain requires NULL-terminated C string for key
6729 // Get the Name of the keychain entry (kmDNSKcName) host or host:port
6730 // The hostname also has the port number and ":". It should take a maximum of 6 bytes.
6731 char hostbuf
[MAX_ESCAPED_DOMAIN_NAME
+ 6]; // Max legal domainname as C-string, including terminating NUL
6732 data
= CFArrayGetValueAtIndex(entry
, kmDNSKcName
);
6733 if (CFDataGetLength(data
) >= (int)sizeof(hostbuf
))
6735 LogMsg("SetDomainSecrets: host:port data too long: %d", CFDataGetLength(data
));
6738 CFDataGetBytes(data
, CFRangeMake(0,CFDataGetLength(data
)), (UInt8
*)hostbuf
);
6739 hostbuf
[CFDataGetLength(data
)] = '\0';
6741 domainname hostname
;
6744 hptr
= strchr(hostbuf
, ':');
6746 port
.NotAnInteger
= 0;
6753 while(hptr
&& *hptr
!= 0)
6755 if (*hptr
< '0' || *hptr
> '9')
6756 { LogMsg("SetDomainSecrets: Malformed Port number %d, val %d", *hptr
, val
); val
= 0; break;}
6757 val
= val
* 10 + *hptr
- '0';
6762 port
.NotAnInteger
= p
[0] << 8 | p
[1];
6764 // The hostbuf is of the format dsid@hostname:port. We don't care about the dsid.
6765 hptr
= strchr(hostbuf
, '@');
6770 if (!MakeDomainNameFromDNSNameString(&hostname
, hptr
)) { LogMsg("SetDomainSecrets: bad host name %s", hptr
); continue; }
6772 DomainAuthInfo
*FoundInList
;
6773 for (FoundInList
= m
->AuthInfoList
; FoundInList
; FoundInList
= FoundInList
->next
)
6774 if (SameDomainName(&FoundInList
->domain
, &domain
)) break;
6776 #if APPLE_OSX_mDNSResponder
6779 // If any client tunnel destination is in this domain, set deletion flag to false
6780 ClientTunnel
*client
;
6781 for (client
= m
->TunnelClients
; client
; client
= client
->next
)
6782 if (FoundInList
== GetAuthInfoForName_internal(m
, &client
->dstname
))
6784 LogInfo("SetDomainSecrets: tunnel to %##s no longer marked for deletion", client
->dstname
.c
);
6785 client
->MarkedForDeletion
= mDNSfalse
;
6789 #endif // APPLE_OSX_mDNSResponder
6791 // Uncomment the line below to view the keys as they're read out of the system keychain
6792 // DO NOT SHIP CODE THIS WAY OR YOU'LL LEAK SECRET DATA INTO A PUBLICLY READABLE FILE!
6793 //LogInfo("SetDomainSecrets: domain %##s keyname %##s key %s hostname %##s port %d", &domain.c, &keyname.c, stringbuf, hostname.c, (port.b[0] << 8 | port.b[1]));
6794 LogInfo("SetDomainSecrets: domain %##s keyname %##s hostname %##s port %d", &domain
.c
, &keyname
.c
, hostname
.c
, (port
.b
[0] << 8 | port
.b
[1]));
6796 // If didn't find desired domain in the list, make a new entry
6798 if (FoundInList
&& FoundInList
->AutoTunnel
&& haveAutoTunnels
== mDNSfalse
) haveAutoTunnels
= mDNStrue
;
6801 ptr
= (DomainAuthInfo
*)mallocL("DomainAuthInfo", sizeof(*ptr
));
6802 if (!ptr
) { LogMsg("SetDomainSecrets: No memory"); continue; }
6805 //LogInfo("SetDomainSecrets: %d of %d %##s", i, ArrayCount, &domain);
6807 // It is an AutoTunnel if the keychains tells us so (with btmm prefix) or if it is a TunnelModeDomain
6808 if (mDNS_SetSecretForDomain(m
, ptr
, &domain
, &keyname
, stringbuf
, &hostname
, &port
, AutoTunnel
) == mStatus_BadParamErr
)
6810 if (!FoundInList
) mDNSPlatformMemFree(ptr
); // If we made a new DomainAuthInfo here, and it turned out bad, dispose it immediately
6814 ConvertDomainNameToCString(&domain
, stringbuf
);
6815 CFStringRef cfs
= CFStringCreateWithCString(NULL
, stringbuf
, kCFStringEncodingUTF8
);
6816 if (cfs
) { CFArrayAppendValue(sa
, cfs
); CFRelease(cfs
); }
6821 if (!privateDnsArray
|| !CFEqual(privateDnsArray
, sa
))
6823 if (privateDnsArray
)
6824 CFRelease(privateDnsArray
);
6826 privateDnsArray
= sa
;
6827 CFRetain(privateDnsArray
);
6828 mDNSDynamicStoreSetConfig(kmDNSPrivateConfig
, mDNSNULL
, privateDnsArray
);
6832 #if APPLE_OSX_mDNSResponder
6834 // clean up ClientTunnels
6835 ClientTunnel
**pp
= &m
->TunnelClients
;
6838 if ((*pp
)->MarkedForDeletion
)
6840 ClientTunnel
*cur
= *pp
;
6841 LogInfo("SetDomainSecrets: removing client %p %##s from list", cur
, cur
->dstname
.c
);
6842 if (cur
->q
.ThisQInterval
>= 0) mDNS_StopQuery(m
, &cur
->q
);
6843 AutoTunnelSetKeys(cur
, mDNSfalse
);
6845 freeL("ClientTunnel", cur
);
6851 mDNSBool needAutoTunnelNAT
= mDNSfalse
;
6852 DomainAuthInfo
*info
;
6853 for (info
= m
->AuthInfoList
; info
; info
= info
->next
)
6855 if (info
->AutoTunnel
)
6857 UpdateAutoTunnelDeviceInfoRecord(m
, info
);
6858 UpdateAutoTunnelHostRecord(m
, info
);
6859 UpdateAutoTunnelServiceRecords(m
, info
);
6860 UpdateAutoTunnel6Record(m
, info
);
6863 if (info
->AutoTunnelServiceStarted
) info
->AutoTunnelServiceStarted
= mDNSfalse
;
6865 else if (info
->AutoTunnelServiceStarted
)
6866 needAutoTunnelNAT
= true;
6868 UpdateAutoTunnelDomainStatus(m
, info
);
6872 // If the AutoTunnel NAT-T is no longer needed (& is currently running), stop it
6873 if (!needAutoTunnelNAT
&& m
->AutoTunnelNAT
.clientContext
)
6875 // stop the NAT operation, reset port, cleanup state
6876 mDNS_StopNATOperation_internal(m
, &m
->AutoTunnelNAT
);
6877 m
->AutoTunnelNAT
.ExternalAddress
= zerov4Addr
;
6878 m
->AutoTunnelNAT
.NewAddress
= zerov4Addr
;
6879 m
->AutoTunnelNAT
.ExternalPort
= zeroIPPort
;
6880 m
->AutoTunnelNAT
.RequestedPort
= zeroIPPort
;
6881 m
->AutoTunnelNAT
.Lifetime
= 0;
6882 m
->AutoTunnelNAT
.Result
= mStatus_NoError
;
6883 m
->AutoTunnelNAT
.clientContext
= mDNSNULL
;
6886 UpdateAnonymousRacoonConfig(m
); // Determine whether we need racoon to accept incoming connections
6887 ProcessConndConfigChanges(m
); // Update AutoTunnelInnerAddress values and default ipsec policies as necessary
6889 #endif // APPLE_OSX_mDNSResponder
6891 CheckSuppressUnusableQuestions(m
);
6893 #endif /* NO_SECURITYFRAMEWORK */
6896 mDNSlocal
void SetLocalDomains(void)
6898 CFMutableArrayRef sa
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
6899 if (!sa
) { LogMsg("SetLocalDomains: CFArrayCreateMutable failed"); return; }
6901 CFArrayAppendValue(sa
, CFSTR("local"));
6902 CFArrayAppendValue(sa
, CFSTR("254.169.in-addr.arpa"));
6903 CFArrayAppendValue(sa
, CFSTR("8.e.f.ip6.arpa"));
6904 CFArrayAppendValue(sa
, CFSTR("9.e.f.ip6.arpa"));
6905 CFArrayAppendValue(sa
, CFSTR("a.e.f.ip6.arpa"));
6906 CFArrayAppendValue(sa
, CFSTR("b.e.f.ip6.arpa"));
6908 mDNSDynamicStoreSetConfig(kmDNSMulticastConfig
, mDNSNULL
, sa
);
6912 mDNSlocal
void GetCurrentPMSetting(const CFStringRef name
, mDNSs32
*val
)
6914 #if USE_IOPMCOPYACTIVEPMPREFERENCES
6915 CFTypeRef blob
= NULL
;
6916 CFStringRef str
= NULL
;
6917 CFDictionaryRef odict
= NULL
;
6918 CFDictionaryRef idict
= NULL
;
6919 CFNumberRef number
= NULL
;
6921 blob
= IOPSCopyPowerSourcesInfo();
6922 if (!blob
) { LogMsg("GetCurrentPMSetting: IOPSCopyPowerSourcesInfo failed!"); goto end
; }
6924 odict
= IOPMCopyActivePMPreferences();
6925 if (!odict
) { LogMsg("GetCurrentPMSetting: IOPMCopyActivePMPreferences failed!"); goto end
; }
6927 str
= IOPSGetProvidingPowerSourceType(blob
);
6928 if (!str
) { LogMsg("GetCurrentPMSetting: IOPSGetProvidingPowerSourceType failed!"); goto end
; }
6930 idict
= CFDictionaryGetValue(odict
, str
);
6934 if (!CFStringGetCString(str
, buf
, sizeof(buf
), kCFStringEncodingUTF8
)) buf
[0] = 0;
6935 LogMsg("GetCurrentPMSetting: CFDictionaryGetValue (%s) failed!", buf
);
6939 number
= CFDictionaryGetValue(idict
, name
);
6940 if (!number
|| CFGetTypeID(number
) != CFNumberGetTypeID() || !CFNumberGetValue(number
, kCFNumberSInt32Type
, val
))
6943 if (blob
) CFRelease(blob
);
6944 if (odict
) CFRelease(odict
);
6948 SCDynamicStoreRef store
= SCDynamicStoreCreate(NULL
, CFSTR("mDNSResponder:GetCurrentPMSetting"), NULL
, NULL
);
6949 if (!store
) LogMsg("GetCurrentPMSetting: SCDynamicStoreCreate failed: %s", SCErrorString(SCError()));
6952 CFDictionaryRef dict
= SCDynamicStoreCopyValue(store
, NetworkChangedKey_PowerSettings
);
6953 if (!dict
) LogSPS("GetCurrentPMSetting: Could not get IOPM CurrentSettings dict");
6956 CFNumberRef number
= CFDictionaryGetValue(dict
, name
);
6957 if (!number
|| CFGetTypeID(number
) != CFNumberGetTypeID() || !CFNumberGetValue(number
, kCFNumberSInt32Type
, val
))
6967 #if APPLE_OSX_mDNSResponder
6969 static CFMutableDictionaryRef spsStatusDict
= NULL
;
6970 static const CFStringRef kMetricRef
= CFSTR("Metric");
6972 mDNSlocal
void SPSStatusPutNumber(CFMutableDictionaryRef dict
, const mDNSu8
* const ptr
, CFStringRef key
)
6974 mDNSu8 tmp
= (ptr
[0] - '0') * 10 + ptr
[1] - '0';
6975 CFNumberRef num
= CFNumberCreate(NULL
, kCFNumberSInt8Type
, &tmp
);
6977 LogMsg("SPSStatusPutNumber: Could not create CFNumber");
6980 CFDictionarySetValue(dict
, key
, num
);
6985 mDNSlocal CFMutableDictionaryRef
SPSCreateDict(const mDNSu8
* const ptr
)
6987 CFMutableDictionaryRef dict
= CFDictionaryCreateMutable(NULL
, 0, &kCFTypeDictionaryKeyCallBacks
, &kCFTypeDictionaryValueCallBacks
);
6988 if (!dict
) { LogMsg("SPSCreateDict: Could not create CFDictionary dict"); return dict
; }
6991 buffer
[mDNS_snprintf(buffer
, sizeof(buffer
), "%##s", ptr
) - 1] = 0;
6992 CFStringRef spsname
= CFStringCreateWithCString(NULL
, buffer
, kCFStringEncodingUTF8
);
6993 if (!spsname
) { LogMsg("SPSCreateDict: Could not create CFString spsname full"); CFRelease(dict
); return NULL
; }
6994 CFDictionarySetValue(dict
, CFSTR("FullName"), spsname
);
6997 if (ptr
[0] >= 2) SPSStatusPutNumber(dict
, ptr
+ 1, CFSTR("Type"));
6998 if (ptr
[0] >= 5) SPSStatusPutNumber(dict
, ptr
+ 4, CFSTR("Portability"));
6999 if (ptr
[0] >= 8) SPSStatusPutNumber(dict
, ptr
+ 7, CFSTR("MarginalPower"));
7000 if (ptr
[0] >= 11) SPSStatusPutNumber(dict
, ptr
+10, CFSTR("TotalPower"));
7002 mDNSu32 tmp
= SPSMetric(ptr
);
7003 CFNumberRef num
= CFNumberCreate(NULL
, kCFNumberSInt32Type
, &tmp
);
7005 LogMsg("SPSCreateDict: Could not create CFNumber");
7008 CFDictionarySetValue(dict
, kMetricRef
, num
);
7014 memcpy(buffer
, ptr
+ 13, ptr
[0] - 12);
7015 buffer
[ptr
[0] - 12] = 0;
7016 spsname
= CFStringCreateWithCString(NULL
, buffer
, kCFStringEncodingUTF8
);
7017 if (!spsname
) { LogMsg("SPSCreateDict: Could not create CFString spsname"); CFRelease(dict
); return NULL
; }
7020 CFDictionarySetValue(dict
, CFSTR("PrettyName"), spsname
);
7028 mDNSlocal CFComparisonResult
CompareSPSEntries(const void *val1
, const void *val2
, void *context
)
7031 return CFNumberCompare((CFNumberRef
)CFDictionaryGetValue((CFDictionaryRef
)val1
, kMetricRef
),
7032 (CFNumberRef
)CFDictionaryGetValue((CFDictionaryRef
)val2
, kMetricRef
),
7036 mDNSlocal
void UpdateSPSStatus(mDNS
*const m
, DNSQuestion
*question
, const ResourceRecord
*const answer
, QC_result AddRecord
)
7038 NetworkInterfaceInfo
* info
= (NetworkInterfaceInfo
*)question
->QuestionContext
;
7039 debugf("UpdateSPSStatus: %s %##s %s %s", info
->ifname
, question
->qname
.c
, AddRecord
? "Add" : "Rmv", answer
? RRDisplayString(m
, answer
) : "<null>");
7042 mDNS_UpdateAllowSleep(m
);
7045 if (answer
&& SPSMetric(answer
->rdata
->u
.name
.c
) > 999999) return; // Ignore instances with invalid names
7049 spsStatusDict
= CFDictionaryCreateMutable(NULL
, 0, &kCFTypeDictionaryKeyCallBacks
, &kCFTypeDictionaryValueCallBacks
);
7050 if (!spsStatusDict
) { LogMsg("UpdateSPSStatus: Could not create CFDictionary spsStatusDict"); return; }
7053 CFStringRef ifname
= CFStringCreateWithCString(NULL
, info
->ifname
, kCFStringEncodingUTF8
);
7054 if (!ifname
) { LogMsg("UpdateSPSStatus: Could not create CFString ifname"); return; }
7056 CFMutableArrayRef array
= NULL
;
7058 if (!CFDictionaryGetValueIfPresent(spsStatusDict
, ifname
, (const void**) &array
))
7060 array
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
7061 if (!array
) { LogMsg("UpdateSPSStatus: Could not create CFMutableArray"); CFRelease(ifname
); return; }
7062 CFDictionarySetValue(spsStatusDict
, ifname
, array
);
7063 CFRelease(array
); // let go of our reference, now that the dict has one
7066 if (!array
) { LogMsg("UpdateSPSStatus: Could not get CFMutableArray for %s", info
->ifname
); CFRelease(ifname
); return; }
7068 if (!answer
) // special call that means the question has been stopped (because the interface is going away)
7069 CFArrayRemoveAllValues(array
);
7072 CFMutableDictionaryRef dict
= SPSCreateDict(answer
->rdata
->u
.name
.c
);
7073 if (!dict
) { CFRelease(ifname
); return; }
7077 if (!CFArrayContainsValue(array
, CFRangeMake(0, CFArrayGetCount(array
)), dict
))
7080 for (i
=0; i
<CFArrayGetCount(array
); i
++)
7081 if (CompareSPSEntries(CFArrayGetValueAtIndex(array
, i
), dict
, NULL
) != kCFCompareLessThan
)
7083 CFArrayInsertValueAtIndex(array
, i
, dict
);
7085 else LogMsg("UpdateSPSStatus: %s array already contains %##s", info
->ifname
, answer
->rdata
->u
.name
.c
);
7089 CFIndex i
= CFArrayGetFirstIndexOfValue(array
, CFRangeMake(0, CFArrayGetCount(array
)), dict
);
7090 if (i
!= -1) CFArrayRemoveValueAtIndex(array
, i
);
7091 else LogMsg("UpdateSPSStatus: %s array does not contain %##s", info
->ifname
, answer
->rdata
->u
.name
.c
);
7097 if (!m
->ShutdownTime
) mDNSDynamicStoreSetConfig(kmDNSSleepProxyServersState
, info
->ifname
, array
);
7102 mDNSlocal mDNSs32
GetSystemSleepTimerSetting(void)
7105 SCDynamicStoreRef store
= SCDynamicStoreCreate(NULL
, CFSTR("mDNSResponder:GetSystemSleepTimerSetting"), NULL
, NULL
);
7107 LogMsg("GetSystemSleepTimerSetting: SCDynamicStoreCreate failed: %s", SCErrorString(SCError()));
7110 CFDictionaryRef dict
= SCDynamicStoreCopyValue(store
, NetworkChangedKey_PowerSettings
);
7113 CFNumberRef number
= CFDictionaryGetValue(dict
, CFSTR("System Sleep Timer"));
7114 if (number
) CFNumberGetValue(number
, kCFNumberSInt32Type
, &val
);
7122 mDNSlocal
void SetSPS(mDNS
*const m
)
7125 // If we ever want to know InternetSharing status in the future, use DNSXEnableProxy()
7126 mDNSu8 sps
= (OfferSleepProxyService
&& GetSystemSleepTimerSetting() == 0) ? mDNSSleepProxyMetric_IncidentalSoftware
: 0;
7128 // For devices that are not running NAT, but are set to never sleep, we may choose to act
7129 // as a Sleep Proxy, but only for non-portable Macs (Portability > 35 means nominal weight < 3kg)
7130 //if (sps > mDNSSleepProxyMetric_PrimarySoftware && SPMetricPortability > 35) sps = 0;
7132 // If we decide to let laptops act as Sleep Proxy, we should do it only when running on AC power, not on battery
7134 // For devices that are unable to sleep at all to save power, or save 1W or less by sleeping,
7135 // it makes sense for them to offer low-priority Sleep Proxy service on the network.
7136 // We rate such a device as metric 70 ("Incidentally Available Hardware")
7137 if (SPMetricMarginalPower
<= 60 && !sps
) sps
= mDNSSleepProxyMetric_IncidentalHardware
;
7139 // If the launchd plist specifies an explicit value for the Intent Metric, then use that instead of the
7140 // computed value (currently 40 "Primary Network Infrastructure Software" or 80 "Incidentally Available Software")
7141 if (sps
&& OfferSleepProxyService
&& OfferSleepProxyService
< 100) sps
= OfferSleepProxyService
;
7143 #ifdef NO_APPLETV_SLEEP_PROXY_ON_WIFI
7144 // AppleTVs are not reliable sleep proxy servers on WiFi. Do not offer to be a BSP if the WiFi interface is active.
7147 NetworkInterfaceInfo
*intf
= mDNSNULL
;
7148 mDNSEthAddr bssid
= zeroEthAddr
;
7149 for (intf
= GetFirstActiveInterface(m
->HostInterfaces
); intf
; intf
= GetFirstActiveInterface(intf
->next
))
7151 bssid
= GetBSSID(intf
->ifname
);
7152 if (!mDNSSameEthAddress(&bssid
, &zeroEthAddr
))
7154 LogMsg("SetSPS: AppleTV on WiFi - not advertising BSP services");
7160 #endif // NO_APPLETV_SLEEP_PROXY_ON_WIFI
7162 mDNSCoreBeSleepProxyServer(m
, sps
, SPMetricPortability
, SPMetricMarginalPower
, SPMetricTotalPower
, SPMetricFeatures
);
7165 // The definitions below should eventually come from some externally-supplied header file.
7166 // However, since these definitions can't really be changed without breaking binary compatibility,
7167 // they should never change, so in practice it should not be a big problem to have them defined here.
7170 { // commands from the daemon to the driver
7171 cmd_mDNSOffloadRR
= 21, // give the mdns update buffer to the driver
7174 typedef union { void *ptr
; mDNSOpaque64 sixtyfourbits
; } FatPtr
;
7177 { // cmd_mDNSOffloadRR structure
7178 uint32_t command
; // set to OffloadRR
7179 uint32_t rrBufferSize
; // number of bytes of RR records
7180 uint32_t numUDPPorts
; // number of SRV UDP ports
7181 uint32_t numTCPPorts
; // number of SRV TCP ports
7182 uint32_t numRRRecords
; // number of RR records
7183 uint32_t compression
; // rrRecords - compression is base for compressed strings
7184 FatPtr rrRecords
; // address of array of pointers to the rr records
7185 FatPtr udpPorts
; // address of udp port list (SRV)
7186 FatPtr tcpPorts
; // address of tcp port list (SRV)
7189 #include <IOKit/IOKitLib.h>
7190 #include <dns_util.h>
7192 mDNSlocal mDNSu16
GetPortArray(mDNS
*const m
, int trans
, mDNSIPPort
*portarray
)
7194 const domainlabel
*const tp
= (trans
== mDNSTransport_UDP
) ? (const domainlabel
*)"\x4_udp" : (const domainlabel
*)"\x4_tcp";
7197 for (rr
= m
->ResourceRecords
; rr
; rr
=rr
->next
)
7198 if (rr
->resrec
.rrtype
== kDNSType_SRV
&& SameDomainLabel(ThirdLabel(rr
->resrec
.name
)->c
, tp
->c
))
7200 if (portarray
) portarray
[count
] = rr
->resrec
.rdata
->u
.srv
.port
;
7204 // If Back to My Mac is on, also wake for packets to the IPSEC UDP port (4500)
7205 if (trans
== mDNSTransport_UDP
&& m
->AutoTunnelNAT
.clientContext
)
7207 LogSPS("GetPortArray Back to My Mac at %d", count
);
7208 if (portarray
) portarray
[count
] = IPSECPort
;
7214 #if APPLE_OSX_mDNSResponder && !TARGET_OS_EMBEDDED
7215 mDNSlocal mDNSBool
SupportsTCPKeepAlive()
7217 IOReturn ret
= kIOReturnSuccess
;
7218 CFTypeRef obj
= NULL
;
7219 mDNSBool supports
= mDNSfalse
;
7221 ret
= IOPlatformCopyFeatureActive(CFSTR("TCPKeepAliveDuringSleep"), &obj
);
7222 if ((kIOReturnSuccess
== ret
) && (obj
!= NULL
))
7224 supports
= (obj
== kCFBooleanTrue
)? mDNStrue
: mDNSfalse
;
7227 LogSPS("%s: The hardware %s TCP Keep Alive", __func__
, (supports
? "supports" : "does not support"));
7231 mDNSlocal mDNSBool
OnBattery(void)
7233 CFTypeRef powerInfo
= IOPSCopyPowerSourcesInfo();
7234 CFTypeRef powerSrc
= IOPSGetProvidingPowerSourceType(powerInfo
);
7235 mDNSBool result
= mDNSfalse
;
7237 if (powerInfo
!= NULL
)
7239 result
= CFEqual(CFSTR(kIOPSBatteryPowerValue
), powerSrc
);
7240 CFRelease(powerInfo
);
7242 LogSPS("%s: The system is on %s", __func__
, (result
)? "Battery" : "AC Power");
7246 #endif // !TARGET_OS_EMBEDDED
7248 #define TfrRecordToNIC(RR) \
7249 ((!(RR)->resrec.InterfaceID && ((RR)->ForceMCast || IsLocalDomain((RR)->resrec.name))))
7251 mDNSlocal mDNSu32
CountProxyRecords(mDNS
*const m
, uint32_t *const numbytes
, NetworkInterfaceInfo
*const intf
, mDNSBool TCPKAOnly
, mDNSBool supportsTCPKA
)
7258 for (rr
= m
->ResourceRecords
; rr
; rr
=rr
->next
)
7260 if (!(rr
->AuthFlags
& AuthFlagsWakeOnly
) && rr
->resrec
.RecordType
> kDNSRecordTypeDeregistering
)
7262 #if APPLE_OSX_mDNSResponder && !TARGET_OS_EMBEDDED
7263 mDNSBool isKeepAliveRecord
= mDNS_KeepaliveRecord(&rr
->resrec
);
7264 // Skip over all other records if we are registering TCP KeepAlive records only
7265 // Skip over TCP KeepAlive records if the policy prohibits it or if the interface does not support TCP Keepalive.
7266 if ((TCPKAOnly
&& !isKeepAliveRecord
) || (isKeepAliveRecord
&& !supportsTCPKA
))
7269 // Update the record before calculating the number of bytes required
7270 // We offload the TCP Keepalive record even if the update fails. When the driver gets the record, it will
7271 // attempt to update the record again.
7272 if (isKeepAliveRecord
&& (UpdateKeepaliveRData(m
, rr
, intf
, mDNSfalse
, mDNSNULL
) != mStatus_NoError
))
7273 LogSPS("CountProxyRecords: Failed to update keepalive record - %s", ARDisplayString(m
, rr
));
7275 (void) TCPKAOnly
; // unused
7276 (void) supportsTCPKA
; // unused
7277 (void) intf
; // unused
7278 #endif // APPLE_OSX_mDNSResponder
7279 if (TfrRecordToNIC(rr
))
7281 *numbytes
+= DomainNameLength(rr
->resrec
.name
) + 10 + rr
->resrec
.rdestimate
;
7282 LogSPS("CountProxyRecords: %3d size %5d total %5d %s",
7283 count
, DomainNameLength(rr
->resrec
.name
) + 10 + rr
->resrec
.rdestimate
, *numbytes
, ARDisplayString(m
,rr
));
7291 mDNSlocal
void GetProxyRecords(mDNS
*const m
, DNSMessage
*const msg
, uint32_t *const numbytes
, FatPtr
*const records
, mDNSBool TCPKAOnly
, mDNSBool supportsTCPKA
)
7293 mDNSu8
*p
= msg
->data
;
7294 const mDNSu8
*const limit
= p
+ *numbytes
;
7295 InitializeDNSMessage(&msg
->h
, zeroID
, zeroID
);
7300 for (rr
= m
->ResourceRecords
; rr
; rr
=rr
->next
)
7302 if (!(rr
->AuthFlags
& AuthFlagsWakeOnly
) && rr
->resrec
.RecordType
> kDNSRecordTypeDeregistering
)
7304 #if APPLE_OSX_mDNSResponder && !TARGET_OS_EMBEDDED
7305 mDNSBool isKeepAliveRecord
= mDNS_KeepaliveRecord(&rr
->resrec
);
7307 // Skip over all other records if we are registering TCP KeepAlive records only
7308 // Skip over TCP KeepAlive records if the policy prohibits it or if the interface does not support TCP Keepalive
7309 if ((TCPKAOnly
&& !isKeepAliveRecord
) || (isKeepAliveRecord
&& !supportsTCPKA
))
7312 (void) TCPKAOnly
; // unused
7313 (void) supportsTCPKA
; // unused
7314 #endif // APPLE_OSX_mDNSResponder
7316 if (TfrRecordToNIC(rr
))
7318 records
[count
].sixtyfourbits
= zeroOpaque64
;
7319 records
[count
].ptr
= p
;
7320 if (rr
->resrec
.RecordType
& kDNSRecordTypeUniqueMask
)
7321 rr
->resrec
.rrclass
|= kDNSClass_UniqueRRSet
; // Temporarily set the 'unique' bit so PutResourceRecord will set it
7322 p
= PutResourceRecordTTLWithLimit(msg
, p
, &msg
->h
.mDNS_numUpdates
, &rr
->resrec
, rr
->resrec
.rroriginalttl
, limit
);
7323 rr
->resrec
.rrclass
&= ~kDNSClass_UniqueRRSet
; // Make sure to clear 'unique' bit back to normal state
7324 LogSPS("GetProxyRecords: %3d start %p end %p size %5d total %5d %s",
7325 count
, records
[count
].ptr
, p
, p
- (mDNSu8
*)records
[count
].ptr
, p
- msg
->data
, ARDisplayString(m
,rr
));
7330 *numbytes
= p
- msg
->data
;
7333 // If compiling with old headers and libraries (pre 10.5) that don't include IOConnectCallStructMethod
7334 // then we declare a dummy version here so that the code at least compiles
7335 #ifndef AVAILABLE_MAC_OS_X_VERSION_10_5_AND_LATER
7336 static kern_return_t
7337 IOConnectCallStructMethod(
7338 mach_port_t connection
, // In
7339 uint32_t selector
, // In
7340 const void *inputStruct
, // In
7341 size_t inputStructCnt
, // In
7342 void *outputStruct
, // Out
7343 size_t *outputStructCnt
) // In/Out
7348 (void)inputStructCnt
;
7350 (void)outputStructCnt
;
7351 LogMsg("Compiled without IOConnectCallStructMethod");
7352 return(KERN_FAILURE
);
7356 mDNSexport mDNSBool
SupportsInNICProxy(NetworkInterfaceInfo
*const intf
)
7358 if(!UseInternalSleepProxy
)
7360 LogSPS("SupportsInNICProxy: Internal Sleep Proxy is disabled");
7363 return CheckInterfaceSupport(intf
, mDNS_IOREG_KEY
);
7366 mDNSexport mStatus
ActivateLocalProxy(mDNS
*const m
, NetworkInterfaceInfo
*const intf
) // Called with the lock held
7368 mStatus result
= mStatus_UnknownErr
;
7369 mDNSBool TCPKAOnly
= mDNSfalse
;
7370 mDNSBool supportsTCPKA
= mDNSfalse
;
7371 mDNSBool onbattery
= mDNSfalse
;
7372 io_service_t service
= IOServiceGetMatchingService(kIOMasterPortDefault
, IOBSDNameMatching(kIOMasterPortDefault
, 0, intf
->ifname
));
7374 #if APPLE_OSX_mDNSResponder && !TARGET_OS_EMBEDDED
7375 onbattery
= OnBattery();
7376 // Check if the interface supports TCP Keepalives and the system policy says it is ok to offload TCP Keepalive records
7377 supportsTCPKA
= (InterfaceSupportsKeepAlive(intf
) && SupportsTCPKeepAlive());
7379 // Only TCP Keepalive records are to be offloaded if
7380 // - The system is on battery
7381 // - OR wake for network access is not set but powernap is enabled
7382 TCPKAOnly
= supportsTCPKA
&& ((m
->SystemWakeOnLANEnabled
== mDNS_WakeOnBattery
) || onbattery
);
7384 (void) onbattery
; // unused;
7386 if (!service
) { LogMsg("ActivateLocalProxy: No service for interface %s", intf
->ifname
); return(mStatus_UnknownErr
); }
7389 IOObjectGetClass(service
, n1
);
7391 kern_return_t kr
= IORegistryEntryGetParentEntry(service
, kIOServicePlane
, &parent
);
7392 if (kr
!= KERN_SUCCESS
) LogMsg("ActivateLocalProxy: IORegistryEntryGetParentEntry for %s/%s failed %d", intf
->ifname
, n1
, kr
);
7395 IOObjectGetClass(parent
, n2
);
7396 LogSPS("ActivateLocalProxy: Interface %s service %s parent %s", intf
->ifname
, n1
, n2
);
7397 const CFTypeRef ref
= IORegistryEntryCreateCFProperty(parent
, CFSTR(mDNS_IOREG_KEY
), kCFAllocatorDefault
, mDNSNULL
);
7398 if (!ref
) LogSPS("ActivateLocalProxy: No mDNS_IOREG_KEY for interface %s/%s/%s", intf
->ifname
, n1
, n2
);
7401 if (CFGetTypeID(ref
) != CFStringGetTypeID() || !CFEqual(ref
, CFSTR(mDNS_IOREG_VALUE
)))
7402 LogMsg("ActivateLocalProxy: mDNS_IOREG_KEY for interface %s/%s/%s value %s != %s",
7403 intf
->ifname
, n1
, n2
, CFStringGetCStringPtr(ref
, mDNSNULL
), mDNS_IOREG_VALUE
);
7404 else if (!UseInternalSleepProxy
)
7405 LogSPS("ActivateLocalProxy: Not using internal (NIC) sleep proxy for interface %s", intf
->ifname
);
7408 io_connect_t conObj
;
7409 kr
= IOServiceOpen(parent
, mach_task_self(), mDNS_USER_CLIENT_CREATE_TYPE
, &conObj
);
7410 if (kr
!= KERN_SUCCESS
) LogMsg("ActivateLocalProxy: IOServiceOpen for %s/%s/%s failed %d", intf
->ifname
, n1
, n2
, kr
);
7414 mDNSPlatformMemZero(&cmd
, sizeof(cmd
)); // When compiling 32-bit, make sure top 32 bits of 64-bit pointers get initialized to zero
7415 cmd
.command
= cmd_mDNSOffloadRR
;
7416 cmd
.numUDPPorts
= GetPortArray(m
, mDNSTransport_UDP
, mDNSNULL
);
7417 cmd
.numTCPPorts
= GetPortArray(m
, mDNSTransport_TCP
, mDNSNULL
);
7418 cmd
.numRRRecords
= CountProxyRecords(m
, &cmd
.rrBufferSize
, intf
, TCPKAOnly
, supportsTCPKA
);
7419 cmd
.compression
= sizeof(DNSMessageHeader
);
7421 DNSMessage
*msg
= (DNSMessage
*)mallocL("mDNSOffloadCmd msg", sizeof(DNSMessageHeader
) + cmd
.rrBufferSize
);
7422 cmd
.rrRecords
.ptr
= mallocL("mDNSOffloadCmd rrRecords", cmd
.numRRRecords
* sizeof(FatPtr
));
7423 cmd
.udpPorts
.ptr
= mallocL("mDNSOffloadCmd udpPorts", cmd
.numUDPPorts
* sizeof(mDNSIPPort
));
7424 cmd
.tcpPorts
.ptr
= mallocL("mDNSOffloadCmd tcpPorts", cmd
.numTCPPorts
* sizeof(mDNSIPPort
));
7426 LogSPS("ActivateLocalProxy: msg %p %d RR %p %d, UDP %p %d, TCP %p %d",
7427 msg
, cmd
.rrBufferSize
,
7428 cmd
.rrRecords
.ptr
, cmd
.numRRRecords
,
7429 cmd
.udpPorts
.ptr
, cmd
.numUDPPorts
,
7430 cmd
.tcpPorts
.ptr
, cmd
.numTCPPorts
);
7432 if (!msg
|| !cmd
.rrRecords
.ptr
|| !cmd
.udpPorts
.ptr
|| !cmd
.tcpPorts
.ptr
)
7433 LogMsg("ActivateLocalProxy: Failed to allocate memory: msg %p %d RR %p %d, UDP %p %d, TCP %p %d",
7434 msg
, cmd
.rrBufferSize
,
7435 cmd
.rrRecords
.ptr
, cmd
.numRRRecords
,
7436 cmd
.udpPorts
.ptr
, cmd
.numUDPPorts
,
7437 cmd
.tcpPorts
.ptr
, cmd
.numTCPPorts
);
7440 GetProxyRecords(m
, msg
, &cmd
.rrBufferSize
, cmd
.rrRecords
.ptr
, TCPKAOnly
, supportsTCPKA
);
7441 GetPortArray(m
, mDNSTransport_UDP
, cmd
.udpPorts
.ptr
);
7442 GetPortArray(m
, mDNSTransport_TCP
, cmd
.tcpPorts
.ptr
);
7444 size_t outputDataSize
= sizeof(outputData
);
7445 kr
= IOConnectCallStructMethod(conObj
, 0, &cmd
, sizeof(cmd
), outputData
, &outputDataSize
);
7446 LogSPS("ActivateLocalProxy: IOConnectCallStructMethod for %s/%s/%s %d", intf
->ifname
, n1
, n2
, kr
);
7447 if (kr
== KERN_SUCCESS
) result
= mStatus_NoError
;
7450 if (cmd
.tcpPorts
.ptr
) freeL("mDNSOffloadCmd udpPorts", cmd
.tcpPorts
.ptr
);
7451 if (cmd
.udpPorts
.ptr
) freeL("mDNSOffloadCmd tcpPorts", cmd
.udpPorts
.ptr
);
7452 if (cmd
.rrRecords
.ptr
) freeL("mDNSOffloadCmd rrRecords", cmd
.rrRecords
.ptr
);
7453 if (msg
) freeL("mDNSOffloadCmd msg", msg
);
7454 IOServiceClose(conObj
);
7459 IOObjectRelease(parent
);
7461 IOObjectRelease(service
);
7465 #endif // APPLE_OSX_mDNSResponder
7467 mDNSlocal mDNSu8
SystemWakeForNetworkAccess(void)
7470 mDNSu8 ret
= (mDNSu8
)mDNS_NoWake
;
7472 if (DisableSleepProxyClient
)
7474 LogSPS("SystemWakeForNetworkAccess: Sleep Proxy Client disabled by command-line option");
7478 GetCurrentPMSetting(CFSTR("Wake On LAN"), &val
);
7480 ret
= (mDNSu8
)(val
!= 0) ? mDNS_WakeOnAC
: mDNS_NoWake
;
7482 #if APPLE_OSX_mDNSResponder && !TARGET_OS_EMBEDDED
7483 // If we have TCP Keepalive support, system is capable of registering for TCP Keepalives.
7484 // Further policy decisions on whether to offload the records is handled during sleep processing.
7485 if ((ret
== mDNS_NoWake
) && SupportsTCPKeepAlive())
7486 ret
= (mDNSu8
)mDNS_WakeOnBattery
;
7487 #endif // APPLE_OSX_mDNSResponder
7489 LogSPS("SystemWakeForNetworkAccess: Wake On LAN: %d", ret
);
7493 mDNSlocal mDNSBool
SystemSleepOnlyIfWakeOnLAN(void)
7496 GetCurrentPMSetting(CFSTR("PrioritizeNetworkReachabilityOverSleep"), &val
);
7497 return val
!= 0 ? mDNStrue
: mDNSfalse
;
7500 #if APPLE_OSX_mDNSResponder
7501 // When sleeping, we always ensure that the _autotunnel6 record (if connected to RR relay)
7502 // gets deregistered, so that older peers are forced to connect over direct UDP instead of
7505 // When sleeping w/o a successful AutoTunnel NAT Mapping, we ensure that all our BTMM
7506 // service records are deregistered, so they do not appear in peers' Finder sidebars.
7507 // We do this by checking for the (non-autotunnel) SRV records, as the PTR and TXT records
7508 // depend on their associated SRV record and therefore will be deregistered together in a
7509 // single update with the SRV record.
7511 // Also, the per-zone _kerberos TXT record is always there, including while sleeping, so
7512 // its presence shouldn't delay sleep.
7514 // Note that the order of record deregistration is: first _autotunnel6 (if connected to RR
7515 // relay) and host records get deregistered, then SRV (UpdateAllSrvRecords), PTR and TXT.
7517 // Also note that returning false here will not delay sleep past the maximum of 10 seconds.
7518 mDNSexport mDNSBool
RecordReadyForSleep(mDNS
*const m
, AuthRecord
*rr
)
7520 if (!AuthRecord_uDNS(rr
)) return mDNStrue
;
7522 if ((rr
->resrec
.rrtype
== kDNSType_AAAA
) && SameDomainLabel(rr
->namestorage
.c
, (const mDNSu8
*)"\x0c_autotunnel6"))
7524 LogInfo("RecordReadyForSleep: %s not ready for sleep", ARDisplayString(m
, rr
));
7528 if ((mDNSIPPortIsZero(m
->AutoTunnelNAT
.ExternalPort
) || m
->AutoTunnelNAT
.Result
))
7530 if (rr
->resrec
.rrtype
== kDNSType_SRV
&& rr
->state
!= regState_NoTarget
&& rr
->zone
7531 && !SameDomainLabel(rr
->namestorage
.c
, (const mDNSu8
*)"\x0b_autotunnel"))
7533 DomainAuthInfo
*info
= GetAuthInfoForName_internal(m
, rr
->zone
);
7534 if (info
&& info
->AutoTunnel
)
7536 LogInfo("RecordReadyForSleep: %s not ready for sleep", ARDisplayString(m
, rr
));
7545 // Caller must hold the lock
7546 mDNSexport
void RemoveAutoTunnel6Record(mDNS
*const m
)
7548 DomainAuthInfo
*info
;
7549 // Set the address to zero before calling UpdateAutoTunnel6Record, so that it will
7550 // deregister the record, and the MemFree callback won't re-register.
7551 m
->AutoTunnelRelayAddr
= zerov6Addr
;
7552 for (info
= m
->AuthInfoList
; info
; info
= info
->next
)
7553 if (info
->AutoTunnel
)
7554 UpdateAutoTunnel6Record(m
, info
);
7557 mDNSlocal mDNSBool
IPv6AddressIsOnInterface(mDNSv6Addr ipv6Addr
, char *ifname
)
7559 struct ifaddrs
*ifa
;
7560 struct ifaddrs
*ifaddrs
;
7563 if (if_nametoindex(ifname
) == 0) {LogInfo("IPv6AddressIsOnInterface: Invalid name %s", ifname
); return mDNSfalse
;}
7565 if (getifaddrs(&ifaddrs
) < 0) {LogInfo("IPv6AddressIsOnInterface: getifaddrs failed"); return mDNSfalse
;}
7567 for (ifa
= ifaddrs
; ifa
!= NULL
; ifa
= ifa
->ifa_next
)
7569 if (strncmp(ifa
->ifa_name
, ifname
, IFNAMSIZ
) != 0)
7571 if ((ifa
->ifa_flags
& IFF_UP
) == 0 || !ifa
->ifa_addr
|| ifa
->ifa_addr
->sa_family
!= AF_INET6
)
7573 if (SetupAddr(&addr
, ifa
->ifa_addr
) != mStatus_NoError
)
7575 LogInfo("IPv6AddressIsOnInterface: SetupAddr error, continuing to the next address");
7578 if (mDNSSameIPv6Address(ipv6Addr
, *(mDNSv6Addr
*)&addr
.ip
.v6
))
7580 LogInfo("IPv6AddressIsOnInterface: found %.16a", &ipv6Addr
);
7584 freeifaddrs(ifaddrs
);
7588 mDNSlocal mDNSv6Addr
IPv6AddressFromString(char* buf
)
7591 struct addrinfo hints
;
7592 struct addrinfo
*res0
;
7594 memset(&hints
, 0, sizeof(hints
));
7595 hints
.ai_family
= AF_INET6
;
7596 hints
.ai_flags
= AI_NUMERICHOST
;
7598 int err
= getaddrinfo(buf
, NULL
, &hints
, &res0
);
7602 retVal
= *(mDNSv6Addr
*)&((struct sockaddr_in6
*)res0
->ai_addr
)->sin6_addr
;
7609 mDNSlocal CFDictionaryRef
CopyConnectivityBackToMyMacDict()
7611 SCDynamicStoreRef store
= NULL
;
7612 CFDictionaryRef connd
= NULL
;
7613 CFDictionaryRef BTMMDict
= NULL
;
7615 store
= SCDynamicStoreCreate(NULL
, CFSTR("mDNSResponder:CopyConnectivityBackToMyMacDict"), NULL
, NULL
);
7618 LogMsg("CopyConnectivityBackToMyMacDict: SCDynamicStoreCreate failed: %s", SCErrorString(SCError()));
7622 connd
= SCDynamicStoreCopyValue(store
, NetworkChangedKey_BTMMConnectivity
);
7625 LogInfo("CopyConnectivityBackToMyMacDict: SCDynamicStoreCopyValue failed: %s", SCErrorString(SCError()));
7629 BTMMDict
= CFDictionaryGetValue(connd
, CFSTR("BackToMyMac"));
7632 LogInfo("CopyConnectivityBackToMyMacDict: CFDictionaryGetValue: No value for BackToMyMac");
7636 // Non-dictionary is treated as non-existent dictionary
7637 if (CFGetTypeID(BTMMDict
) != CFDictionaryGetTypeID())
7640 LogMsg("CopyConnectivityBackToMyMacDict: BackToMyMac not a dictionary");
7647 if (connd
) CFRelease(connd
);
7648 if (store
) CFRelease(store
);
7653 #define MAX_IPV6_TEXTUAL 40
7655 mDNSlocal mDNSv6Addr
ParseBackToMyMacAddr(CFDictionaryRef BTMMDict
, CFStringRef ifKey
, CFStringRef addrKey
)
7657 mDNSv6Addr retVal
= zerov6Addr
;
7658 CFTypeRef string
= NULL
;
7659 char ifname
[IFNAMSIZ
];
7660 char address
[MAX_IPV6_TEXTUAL
];
7665 if (!CFDictionaryGetValueIfPresent(BTMMDict
, ifKey
, &string
))
7667 LogInfo("ParseBackToMyMacAddr: interface key does not exist");
7671 if (!CFStringGetCString(string
, ifname
, IFNAMSIZ
, kCFStringEncodingUTF8
))
7673 LogMsg("ParseBackToMyMacAddr: Could not convert interface to CString");
7677 if (!CFDictionaryGetValueIfPresent(BTMMDict
, addrKey
, &string
))
7679 LogMsg("ParseBackToMyMacAddr: address key does not exist, but interface key does");
7683 if (!CFStringGetCString(string
, address
, sizeof(address
), kCFStringEncodingUTF8
))
7685 LogMsg("ParseBackToMyMacAddr: Could not convert address to CString");
7689 retVal
= IPv6AddressFromString(address
);
7690 LogInfo("ParseBackToMyMacAddr: %s (%s) %.16a", ifname
, address
, &retVal
);
7692 if (mDNSIPv6AddressIsZero(retVal
))
7695 if (!IPv6AddressIsOnInterface(retVal
, ifname
))
7697 LogMsg("ParseBackToMyMacAddr: %.16a is not on %s", &retVal
, ifname
);
7704 mDNSlocal CFDictionaryRef
GetBackToMyMacZones(CFDictionaryRef BTMMDict
)
7706 CFTypeRef zones
= NULL
;
7711 if (!CFDictionaryGetValueIfPresent(BTMMDict
, CFSTR("Zones"), &zones
))
7713 LogInfo("CopyBTMMZones: Zones key does not exist");
7720 mDNSlocal mDNSv6Addr
ParseBackToMyMacZone(CFDictionaryRef zones
, DomainAuthInfo
* info
)
7722 mDNSv6Addr addr
= zerov6Addr
;
7723 char buffer
[MAX_ESCAPED_DOMAIN_NAME
];
7724 CFStringRef domain
= NULL
;
7725 CFTypeRef theZone
= NULL
;
7730 ConvertDomainNameToCString(&info
->domain
, buffer
);
7731 domain
= CFStringCreateWithCString(NULL
, buffer
, kCFStringEncodingUTF8
);
7735 if (CFDictionaryGetValueIfPresent(zones
, domain
, &theZone
))
7736 addr
= ParseBackToMyMacAddr(theZone
, CFSTR("Interface"), CFSTR("Address"));
7743 mDNSlocal
void SetupBackToMyMacInnerAddresses(mDNS
*const m
, CFDictionaryRef BTMMDict
)
7745 DomainAuthInfo
* info
;
7746 CFDictionaryRef zones
= GetBackToMyMacZones(BTMMDict
);
7749 for (info
= m
->AuthInfoList
; info
; info
= info
->next
)
7751 if (!info
->AutoTunnel
)
7754 newAddr
= ParseBackToMyMacZone(zones
, info
);
7756 if (mDNSSameIPv6Address(newAddr
, info
->AutoTunnelInnerAddress
))
7759 info
->AutoTunnelInnerAddress
= newAddr
;
7760 DeregisterAutoTunnelHostRecord(m
, info
);
7761 UpdateAutoTunnelHostRecord(m
, info
);
7762 UpdateAutoTunnelDomainStatus(m
, info
);
7766 // MUST be called holding the lock
7767 mDNSlocal
void ProcessConndConfigChanges(mDNS
*const m
)
7769 CFDictionaryRef dict
= CopyConnectivityBackToMyMacDict();
7771 LogInfo("ProcessConndConfigChanges: No BTMM dictionary");
7772 mDNSv6Addr relayAddr
= ParseBackToMyMacAddr(dict
, CFSTR("RelayInterface"), CFSTR("RelayAddress"));
7774 LogInfo("ProcessConndConfigChanges: relay %.16a", &relayAddr
);
7776 SetupBackToMyMacInnerAddresses(m
, dict
);
7778 if (dict
) CFRelease(dict
);
7780 if (!mDNSSameIPv6Address(relayAddr
, m
->AutoTunnelRelayAddr
))
7782 m
->AutoTunnelRelayAddr
= relayAddr
;
7784 DomainAuthInfo
* info
;
7785 for (info
= m
->AuthInfoList
; info
; info
= info
->next
)
7786 if (info
->AutoTunnel
)
7788 DeregisterAutoTunnel6Record(m
, info
);
7789 UpdateAutoTunnel6Record(m
, info
);
7790 UpdateAutoTunnelDomainStatus(m
, info
);
7793 // Determine whether we need racoon to accept incoming connections
7794 UpdateAnonymousRacoonConfig(m
);
7797 // If awacsd crashes or exits for some reason, restart it
7798 UpdateBTMMRelayConnection(m
);
7800 #endif /* APPLE_OSX_mDNSResponder */
7802 mDNSlocal mDNSBool
IsAppleNetwork(mDNS
*const m
)
7805 // Determine if we're on AppleNW based on DNSServer having 17.x.y.z IPv4 addr
7806 for (s
= m
->DNSServers
; s
; s
= s
->next
)
7808 if (s
->addr
.ip
.v4
.b
[0] == 17)
7810 LogInfo("IsAppleNetwork: Found 17.x.y.z DNSServer concluding that we are on AppleNW: %##s %#a", s
->domain
.c
, &s
->addr
);
7817 mDNSexport
void mDNSMacOSXNetworkChanged(mDNS
*const m
)
7819 LogInfo("*** Network Configuration Change *** (%d)%s",
7820 m
->p
->NetworkChanged
? mDNS_TimeNow(m
) - m
->p
->NetworkChanged
: 0,
7821 m
->p
->NetworkChanged
? "" : " (no scheduled configuration change)");
7822 m
->p
->NetworkChanged
= 0; // If we received a network change event and deferred processing, we're now dealing with it
7823 mDNSs32 utc
= mDNSPlatformUTC();
7824 m
->SystemWakeOnLANEnabled
= SystemWakeForNetworkAccess();
7825 m
->SystemSleepOnlyIfWakeOnLAN
= SystemSleepOnlyIfWakeOnLAN();
7826 MarkAllInterfacesInactive(m
, utc
);
7827 UpdateInterfaceList(m
, utc
);
7828 ClearInactiveInterfaces(m
, utc
);
7829 SetupActiveInterfaces(m
, utc
);
7831 #if APPLE_OSX_mDNSResponder
7834 ProcessConndConfigChanges(m
);
7837 // Scan to find client tunnels whose questions have completed,
7838 // but whose local inner/outer addresses have changed since the tunnel was set up
7840 for (p
= m
->TunnelClients
; p
; p
= p
->next
)
7841 if (p
->q
.ThisQInterval
< 0)
7843 DomainAuthInfo
* info
= GetAuthInfoForName(m
, &p
->dstname
);
7846 LogMsg("mDNSMacOSXNetworkChanged: Could not get AuthInfo for %##s, removing tunnel keys", p
->dstname
.c
);
7847 AutoTunnelSetKeys(p
, mDNSfalse
);
7851 mDNSv6Addr inner
= info
->AutoTunnelInnerAddress
;
7853 if (!mDNSIPPortIsZero(p
->rmt_outer_port
))
7855 mDNSAddr tmpSrc
= zeroAddr
;
7856 mDNSAddr tmpDst
= { mDNSAddrType_IPv4
, {{{0}}} };
7857 tmpDst
.ip
.v4
= p
->rmt_outer
;
7858 mDNSPlatformSourceAddrForDest(&tmpSrc
, &tmpDst
);
7859 if (!mDNSSameIPv6Address(p
->loc_inner
, inner
) ||
7860 !mDNSSameIPv4Address(p
->loc_outer
, tmpSrc
.ip
.v4
))
7862 AutoTunnelSetKeys(p
, mDNSfalse
);
7863 p
->loc_inner
= inner
;
7864 p
->loc_outer
= tmpSrc
.ip
.v4
;
7865 AutoTunnelSetKeys(p
, mDNStrue
);
7870 if (!mDNSSameIPv6Address(p
->loc_inner
, inner
) ||
7871 !mDNSSameIPv6Address(p
->loc_outer6
, m
->AutoTunnelRelayAddr
))
7873 AutoTunnelSetKeys(p
, mDNSfalse
);
7874 p
->loc_inner
= inner
;
7875 p
->loc_outer6
= m
->AutoTunnelRelayAddr
;
7876 AutoTunnelSetKeys(p
, mDNStrue
);
7884 NetworkInterfaceInfoOSX
*i
;
7885 for (i
= m
->p
->InterfaceList
; i
; i
= i
->next
)
7887 if (!m
->SPSSocket
) // Not being Sleep Proxy Server; close any open BPF fds
7889 if (i
->BPF_fd
>= 0 && CountProxyTargets(m
, i
, mDNSNULL
, mDNSNULL
) == 0) CloseBPF(i
);
7891 else // else, we're Sleep Proxy Server; open BPF fds
7893 if (i
->Exists
&& i
->Registered
== i
&& i
->ifinfo
.McastTxRx
&& !(i
->ifa_flags
& IFF_LOOPBACK
) && i
->BPF_fd
== -1)
7894 { LogSPS("%s requesting BPF", i
->ifinfo
.ifname
); i
->BPF_fd
= -2; mDNSRequestBPF(); }
7898 #endif // APPLE_OSX_mDNSResponder
7900 uDNS_SetupDNSConfig(m
);
7901 mDNS_ConfigChanged(m
);
7903 if (IsAppleNetwork(m
) != mDNS_McastTracingEnabled
)
7905 mDNS_McastTracingEnabled
= mDNS_McastTracingEnabled
? mDNSfalse
: mDNStrue
;
7906 LogMsg("mDNSMacOSXNetworkChanged: Multicast Tracing %s", mDNS_McastTracingEnabled
? "Enabled" : "Disabled");
7912 // Called with KQueueLock & mDNS lock
7913 mDNSlocal
void SetNetworkChanged(mDNS
*const m
, mDNSs32 delay
)
7915 if (!m
->p
->NetworkChanged
|| m
->p
->NetworkChanged
- NonZeroTime(m
->timenow
+ delay
) < 0)
7917 m
->p
->NetworkChanged
= NonZeroTime(m
->timenow
+ delay
);
7918 LogInfo("SetNetworkChanged: scheduling in %d msec", delay
);
7922 // Called with KQueueLock & mDNS lock
7923 mDNSlocal
void SetKeyChainTimer(mDNS
*const m
, mDNSs32 delay
)
7925 // If it's not set or it needs to happen sooner than when it's currently set
7926 if (!m
->p
->KeyChainTimer
|| m
->p
->KeyChainTimer
- NonZeroTime(m
->timenow
+ delay
) > 0)
7928 m
->p
->KeyChainTimer
= NonZeroTime(m
->timenow
+ delay
);
7929 LogInfo("SetKeyChainTimer: %d", delay
);
7933 // Copy the fourth slash-delimited element from either:
7934 // State:/Network/Interface/<bsdname>/IPv4
7936 // Setup:/Network/Service/<servicename>/Interface
7937 mDNSlocal CFStringRef
CopyNameFromKey(CFStringRef key
)
7940 CFStringRef name
= NULL
;
7942 a
= CFStringCreateArrayBySeparatingStrings(NULL
, key
, CFSTR("/"));
7943 if (a
&& CFArrayGetCount(a
) == 5) name
= CFRetain(CFArrayGetValueAtIndex(a
, 3));
7944 if (a
!= NULL
) CFRelease(a
);
7949 // Whether a key from a network change notification corresponds to
7950 // an IP service that is explicitly configured for IPv4 Link Local
7951 mDNSlocal mDNSBool
ChangedKeysHaveIPv4LL(CFArrayRef inkeys
)
7953 SCDynamicStoreRef store
= NULL
;
7954 CFDictionaryRef dict
= NULL
;
7955 CFMutableArrayRef a
;
7956 const void **keys
= NULL
, **vals
= NULL
;
7957 CFStringRef pattern
= NULL
;
7959 mDNSBool found
= mDNSfalse
;
7961 jc
= CFArrayGetCount(inkeys
);
7964 store
= SCDynamicStoreCreate(NULL
, CFSTR("mDNSResponder:ChangedKeysHaveIPv4LL"), NULL
, NULL
);
7965 if (store
== NULL
) goto done
;
7967 a
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
7968 if (a
== NULL
) goto done
;
7970 // Setup:/Network/Service/[^/]+/Interface
7971 pattern
= SCDynamicStoreKeyCreateNetworkServiceEntity(NULL
, kSCDynamicStoreDomainSetup
, kSCCompAnyRegex
, kSCEntNetInterface
);
7972 if (pattern
== NULL
) goto done
;
7973 CFArrayAppendValue(a
, pattern
);
7976 // Setup:/Network/Service/[^/]+/IPv4
7977 pattern
= SCDynamicStoreKeyCreateNetworkServiceEntity(NULL
, kSCDynamicStoreDomainSetup
, kSCCompAnyRegex
, kSCEntNetIPv4
);
7978 if (pattern
== NULL
) goto done
;
7979 CFArrayAppendValue(a
, pattern
);
7982 dict
= SCDynamicStoreCopyMultiple(store
, NULL
, a
);
7987 LogMsg("ChangedKeysHaveIPv4LL: Empty dictionary");
7991 ic
= CFDictionaryGetCount(dict
);
7992 vals
= mDNSPlatformMemAllocate(sizeof (void *) * ic
);
7993 keys
= mDNSPlatformMemAllocate(sizeof (void *) * ic
);
7994 CFDictionaryGetKeysAndValues(dict
, keys
, vals
);
7996 for (j
= 0; j
< jc
&& !found
; j
++)
7998 CFStringRef key
= CFArrayGetValueAtIndex(inkeys
, j
);
7999 CFStringRef ifname
= NULL
;
8003 // It would be nice to use a regex here
8004 if (!CFStringHasPrefix(key
, CFSTR("State:/Network/Interface/")) || !CFStringHasSuffix(key
, kSCEntNetIPv4
)) continue;
8006 if ((ifname
= CopyNameFromKey(key
)) == NULL
) continue;
8007 if (mDNS_LoggingEnabled
)
8009 if (!CFStringGetCString(ifname
, buf
, sizeof(buf
), kCFStringEncodingUTF8
)) buf
[0] = 0;
8010 LogInfo("ChangedKeysHaveIPv4LL: potential ifname %s", buf
);
8013 for (i
= 0; i
< ic
; i
++)
8015 CFDictionaryRef ipv4dict
;
8017 CFStringRef serviceid
;
8018 CFStringRef configmethod
;
8020 if (!CFStringHasSuffix(keys
[i
], kSCEntNetInterface
)) continue;
8022 if (CFDictionaryGetTypeID() != CFGetTypeID(vals
[i
])) continue;
8024 if ((name
= CFDictionaryGetValue(vals
[i
], kSCPropNetInterfaceDeviceName
)) == NULL
) continue;
8026 if (!CFEqual(ifname
, name
)) continue;
8028 if ((serviceid
= CopyNameFromKey(keys
[i
])) == NULL
) continue;
8029 if (mDNS_LoggingEnabled
)
8031 if (!CFStringGetCString(serviceid
, buf
, sizeof(buf
), kCFStringEncodingUTF8
)) buf
[0] = 0;
8032 LogInfo("ChangedKeysHaveIPv4LL: found serviceid %s", buf
);
8035 pattern
= SCDynamicStoreKeyCreateNetworkServiceEntity(NULL
, kSCDynamicStoreDomainSetup
, serviceid
, kSCEntNetIPv4
);
8036 CFRelease(serviceid
);
8037 if (pattern
== NULL
) continue;
8039 ipv4dict
= CFDictionaryGetValue(dict
, pattern
);
8041 if (!ipv4dict
|| CFDictionaryGetTypeID() != CFGetTypeID(ipv4dict
)) continue;
8043 configmethod
= CFDictionaryGetValue(ipv4dict
, kSCPropNetIPv4ConfigMethod
);
8044 if (!configmethod
) continue;
8046 if (mDNS_LoggingEnabled
)
8048 if (!CFStringGetCString(configmethod
, buf
, sizeof(buf
), kCFStringEncodingUTF8
)) buf
[0] = 0;
8049 LogInfo("ChangedKeysHaveIPv4LL: configmethod %s", buf
);
8052 if (CFEqual(configmethod
, kSCValNetIPv4ConfigMethodLinkLocal
)) { found
= mDNStrue
; break; }
8059 if (vals
!= NULL
) mDNSPlatformMemFree(vals
);
8060 if (keys
!= NULL
) mDNSPlatformMemFree(keys
);
8061 if (dict
!= NULL
) CFRelease(dict
);
8062 if (store
!= NULL
) CFRelease(store
);
8067 mDNSlocal
void NetworkChanged(SCDynamicStoreRef store
, CFArrayRef changedKeys
, void *context
)
8069 (void)store
; // Parameter not used
8070 mDNSBool changeNow
= mDNSfalse
;
8071 mDNS
*const m
= (mDNS
*const)context
;
8075 mDNSs32 delay
= mDNSPlatformOneSecond
* 2; // Start off assuming a two-second delay
8077 int c
= CFArrayGetCount(changedKeys
); // Count changes
8078 CFRange range
= { 0, c
};
8079 int c1
= (CFArrayContainsValue(changedKeys
, range
, NetworkChangedKey_Hostnames
) != 0);
8080 int c2
= (CFArrayContainsValue(changedKeys
, range
, NetworkChangedKey_Computername
) != 0);
8081 int c3
= (CFArrayContainsValue(changedKeys
, range
, NetworkChangedKey_DynamicDNS
) != 0);
8082 int c4
= (CFArrayContainsValue(changedKeys
, range
, NetworkChangedKey_DNS
) != 0);
8083 if (c
&& c
- c1
- c2
- c3
- c4
== 0)
8084 delay
= mDNSPlatformOneSecond
/10; // If these were the only changes, shorten delay
8086 // Do immediate network changed processing for "p2p*" interfaces and
8087 // for interfaces with the IFEF_DIRECTLINK flag set.
8091 for (int i
= 0; i
< c
; i
++)
8093 CFStringRef key
= CFArrayGetValueAtIndex(changedKeys
, i
);
8095 // Only look at keys with prefix "State:/Network/Interface/"
8096 if (!CFStringHasPrefix(key
, NetworkChangedKey_StateInterfacePrefix
))
8099 // And suffix "IPv6" or "IPv4".
8100 if (!CFStringHasSuffix(key
, kSCEntNetIPv6
) && !CFStringHasSuffix(key
, kSCEntNetIPv4
))
8103 labels
= CFStringCreateArrayBySeparatingStrings(NULL
, key
, CFSTR("/"));
8106 n
= CFArrayGetCount(labels
);
8108 // Interface changes will have keys of the form:
8109 // State:/Network/Interface/<interfaceName>/IPv6
8110 // Thus five '/' seperated fields, the 4th one being the <interfaceName> string.
8115 // The 4th label (index = 3) should be the interface name.
8116 if (CFStringGetCString(CFArrayGetValueAtIndex(labels
, 3), buf
, sizeof(buf
), kCFStringEncodingUTF8
)
8117 && (strstr(buf
, "p2p") || (getExtendedFlags(buf
) & IFEF_DIRECTLINK
)))
8119 LogInfo("NetworkChanged: interface %s, not delaying network change", buf
);
8120 changeNow
= mDNStrue
;
8129 mDNSBool btmmChanged
= CFArrayContainsValue(changedKeys
, range
, NetworkChangedKey_BackToMyMac
);
8130 if (btmmChanged
) delay
= 0;
8132 if (mDNS_LoggingEnabled
)
8138 if (!CFStringGetCString(CFArrayGetValueAtIndex(changedKeys
, i
), buf
, sizeof(buf
), kCFStringEncodingUTF8
)) buf
[0] = 0;
8139 LogInfo("*** NetworkChanged SC key: %s", buf
);
8141 LogInfo("*** NetworkChanged *** %d change%s %s%s%s%sdelay %d",
8143 c1
? "(Local Hostname) " : "",
8144 c2
? "(Computer Name) " : "",
8145 c3
? "(DynamicDNS) " : "",
8147 changeNow
? 0 : delay
);
8151 SetNetworkChanged(m
, delay
);
8153 // Other software might pick up these changes to register or browse in WAB or BTMM domains,
8154 // so in order for secure updates to be made to the server, make sure to read the keychain and
8155 // setup the DomainAuthInfo before handing the network change.
8156 // If we don't, then we will first try to register services in the clear, then later setup the
8157 // DomainAuthInfo, which is incorrect.
8158 if (c3
|| btmmChanged
)
8159 SetKeyChainTimer(m
, delay
);
8163 // If DNS settings changed, immediately force a reconfig (esp. cache flush)
8164 // Similarly, if an interface changed that is explicitly IPv4 link local, immediately force a reconfig
8165 if (c4
|| ChangedKeysHaveIPv4LL(changedKeys
) || changeNow
) mDNSMacOSXNetworkChanged(m
);
8167 KQueueUnlock(m
, "NetworkChanged");
8170 #if APPLE_OSX_mDNSResponder
8171 mDNSlocal
void RefreshSPSStatus(const void *key
, const void *value
, void *context
)
8176 CFStringRef ifnameStr
= (CFStringRef
)key
;
8177 CFArrayRef array
= (CFArrayRef
)value
;
8178 if (!CFStringGetCString(ifnameStr
, buf
, sizeof(buf
), kCFStringEncodingUTF8
))
8181 LogInfo("RefreshSPSStatus: Updating SPS state for key %s, array count %d", buf
, CFArrayGetCount(array
));
8182 mDNSDynamicStoreSetConfig(kmDNSSleepProxyServersState
, buf
, value
);
8186 mDNSlocal
void DynamicStoreReconnected(SCDynamicStoreRef store
, void *info
)
8188 mDNS
*const m
= (mDNS
*const)info
;
8191 LogInfo("DynamicStoreReconnected: Reconnected");
8193 // State:/Network/MulticastDNS
8196 // State:/Network/DynamicDNS
8198 mDNSPlatformDynDNSHostNameStatusChanged(&m
->FQDN
, 1);
8200 // Note: PrivateDNS and BackToMyMac are automatically populated when configd is restarted
8201 // as we receive network change notifications and thus not necessary. But we leave it here
8202 // so that if things are done differently in the future, this code still works.
8204 // State:/Network/PrivateDNS
8205 if (privateDnsArray
)
8206 mDNSDynamicStoreSetConfig(kmDNSPrivateConfig
, mDNSNULL
, privateDnsArray
);
8208 #if APPLE_OSX_mDNSResponder
8210 // State:/Network/BackToMyMac
8211 UpdateAutoTunnelDomainStatuses(m
);
8214 // State:/Network/Interface/en0/SleepProxyServers
8216 CFDictionaryApplyFunction(spsStatusDict
, RefreshSPSStatus
, NULL
);
8220 mDNSlocal mStatus
WatchForNetworkChanges(mDNS
*const m
)
8223 SCDynamicStoreContext context
= { 0, m
, NULL
, NULL
, NULL
};
8224 SCDynamicStoreRef store
= SCDynamicStoreCreate(NULL
, CFSTR("mDNSResponder:WatchForNetworkChanges"), NetworkChanged
, &context
);
8225 CFMutableArrayRef keys
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
8226 CFStringRef pattern1
= SCDynamicStoreKeyCreateNetworkInterfaceEntity(NULL
, kSCDynamicStoreDomainState
, kSCCompAnyRegex
, kSCEntNetIPv4
);
8227 CFStringRef pattern2
= SCDynamicStoreKeyCreateNetworkInterfaceEntity(NULL
, kSCDynamicStoreDomainState
, kSCCompAnyRegex
, kSCEntNetIPv6
);
8228 CFMutableArrayRef patterns
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
8230 if (!store
) { LogMsg("SCDynamicStoreCreate failed: %s", SCErrorString(SCError())); goto error
; }
8231 if (!keys
|| !pattern1
|| !pattern2
|| !patterns
) goto error
;
8233 CFArrayAppendValue(keys
, NetworkChangedKey_IPv4
);
8234 CFArrayAppendValue(keys
, NetworkChangedKey_IPv6
);
8235 CFArrayAppendValue(keys
, NetworkChangedKey_Hostnames
);
8236 CFArrayAppendValue(keys
, NetworkChangedKey_Computername
);
8237 CFArrayAppendValue(keys
, NetworkChangedKey_DNS
);
8238 CFArrayAppendValue(keys
, NetworkChangedKey_DynamicDNS
);
8239 CFArrayAppendValue(keys
, NetworkChangedKey_BackToMyMac
);
8240 CFArrayAppendValue(keys
, NetworkChangedKey_PowerSettings
); // should remove as part of <rdar://problem/6751656>
8241 CFArrayAppendValue(keys
, NetworkChangedKey_BTMMConnectivity
);
8242 CFArrayAppendValue(patterns
, pattern1
);
8243 CFArrayAppendValue(patterns
, pattern2
);
8244 CFArrayAppendValue(patterns
, CFSTR("State:/Network/Interface/[^/]+/AirPort"));
8245 if (!SCDynamicStoreSetNotificationKeys(store
, keys
, patterns
))
8246 { LogMsg("SCDynamicStoreSetNotificationKeys failed: %s", SCErrorString(SCError())); goto error
; }
8248 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
8249 if (!SCDynamicStoreSetDispatchQueue(store
, dispatch_get_main_queue()))
8250 { LogMsg("SCDynamicStoreCreateRunLoopSource failed: %s", SCErrorString(SCError())); goto error
; }
8252 m
->p
->StoreRLS
= SCDynamicStoreCreateRunLoopSource(NULL
, store
, 0);
8253 if (!m
->p
->StoreRLS
) { LogMsg("SCDynamicStoreCreateRunLoopSource failed: %s", SCErrorString(SCError())); goto error
; }
8254 CFRunLoopAddSource(CFRunLoopGetCurrent(), m
->p
->StoreRLS
, kCFRunLoopDefaultMode
);
8256 SCDynamicStoreSetDisconnectCallBack(store
, DynamicStoreReconnected
);
8257 m
->p
->Store
= store
;
8262 if (store
) CFRelease(store
);
8265 if (patterns
) CFRelease(patterns
);
8266 if (pattern2
) CFRelease(pattern2
);
8267 if (pattern1
) CFRelease(pattern1
);
8268 if (keys
) CFRelease(keys
);
8273 #if 0 // <rdar://problem/6751656>
8274 mDNSlocal
void PMChanged(void *context
)
8276 mDNS
*const m
= (mDNS
*const)context
;
8281 LogSPS("PMChanged");
8283 SetNetworkChanged(m
, mDNSPlatformOneSecond
* 2);
8286 KQueueUnlock(m
, "PMChanged");
8289 mDNSlocal mStatus
WatchForPMChanges(mDNS
*const m
)
8291 m
->p
->PMRLS
= IOPMPrefsNotificationCreateRunLoopSource(PMChanged
, m
);
8292 if (!m
->p
->PMRLS
) { LogMsg("IOPMPrefsNotificationCreateRunLoopSource failed!"); return mStatus_UnknownErr
; }
8294 CFRunLoopAddSource(CFRunLoopGetCurrent(), m
->p
->PMRLS
, kCFRunLoopDefaultMode
);
8296 return mStatus_NoError
;
8300 #if !TARGET_OS_EMBEDDED // don't setup packet filter rules on embedded
8302 mDNSlocal
void mDNSSetPacketFilterRules(mDNS
*const m
, char * ifname
, const ResourceRecord
*const excludeRecord
)
8305 pfArray_t portArray
;
8306 pfArray_t protocolArray
;
8309 for (rr
= m
->ResourceRecords
; rr
; rr
=rr
->next
)
8311 if ((rr
->resrec
.rrtype
== kDNSServiceType_SRV
)
8312 && ((rr
->ARType
== AuthRecordAnyIncludeP2P
) || (rr
->ARType
== AuthRecordAnyIncludeAWDLandP2P
)))
8316 if (count
>= PFPortArraySize
)
8318 LogMsg("mDNSSetPacketFilterRules: %d service limit, skipping %s", PFPortArraySize
, ARDisplayString(m
, rr
));
8322 if (excludeRecord
&& IdenticalResourceRecord(&rr
->resrec
, excludeRecord
))
8324 LogInfo("mDNSSetPacketFilterRules: record being removed, skipping %s", ARDisplayString(m
, rr
));
8328 LogInfo("mDNSSetPacketFilterRules: found %s", ARDisplayString(m
, rr
));
8330 portArray
[count
] = rr
->resrec
.rdata
->u
.srv
.port
.NotAnInteger
;
8332 // Assume <Service Instance>.<App Protocol>.<Transport Protocol>.<Name>
8333 p
= rr
->resrec
.name
->c
;
8335 // Skip to App Protocol
8336 if (p
[0]) p
+= 1 + p
[0];
8338 // Skip to Transport Protocol
8339 if (p
[0]) p
+= 1 + p
[0];
8341 if (SameDomainLabel(p
, (mDNSu8
*)"\x4" "_tcp")) protocolArray
[count
] = IPPROTO_TCP
;
8342 else if (SameDomainLabel(p
, (mDNSu8
*)"\x4" "_udp")) protocolArray
[count
] = IPPROTO_UDP
;
8345 LogMsg("mDNSSetPacketFilterRules: could not determine transport protocol of service");
8346 LogMsg("mDNSSetPacketFilterRules: %s", ARDisplayString(m
, rr
));
8352 mDNSPacketFilterControl(PF_SET_RULES
, ifname
, count
, portArray
, protocolArray
);
8355 // If the p2p interface already exists, update the Bonjour packet filter rules for it.
8356 mDNSexport
void mDNSUpdatePacketFilter(const ResourceRecord
*const excludeRecord
)
8358 mDNS
*const m
= &mDNSStorage
;
8360 NetworkInterfaceInfo
*intf
= GetFirstActiveInterface(m
->HostInterfaces
);
8363 if (strncmp(intf
->ifname
, "p2p", 3) == 0)
8365 LogInfo("mDNSInitPacketFilter: Setting rules for ifname %s", intf
->ifname
);
8366 mDNSSetPacketFilterRules(m
, intf
->ifname
, excludeRecord
);
8369 intf
= GetFirstActiveInterface(intf
->next
);
8373 #else // !TARGET_OS_EMBEDDED
8375 // Currently no packet filter setup required on embedded platforms.
8376 mDNSexport
void mDNSUpdatePacketFilter(const ResourceRecord
*const excludeRecord
)
8378 (void) excludeRecord
; // unused
8381 #endif // !TARGET_OS_EMBEDDED
8383 // Handle AWDL KEV_DL_MASTER_ELECTED event by restarting queries and advertisements
8384 // marked to include the AWDL interface.
8385 mDNSlocal
void newMasterElected(mDNS
*const m
, struct net_event_data
* ptr
)
8387 char ifname
[IFNAMSIZ
];
8388 mDNSu32 interfaceIndex
;
8391 NetworkInterfaceInfoOSX
*infoOSX
;
8392 mDNSInterfaceID InterfaceID
;
8394 snprintf(ifname
, IFNAMSIZ
, "%s%d", ptr
->if_name
, ptr
->if_unit
);
8395 interfaceIndex
= if_nametoindex(ifname
);
8397 if (!interfaceIndex
)
8399 LogMsg("newMasterElected: if_nametoindex(%s) failed", ifname
);
8403 LogInfo("newMasterElected: ifname = %s, interfaceIndex = %d", ifname
, interfaceIndex
);
8404 infoOSX
= IfindexToInterfaceInfoOSX(m
, (mDNSInterfaceID
)(uintptr_t)interfaceIndex
);
8406 // Can get an KEV_DL_MASTER_ELECTED event prior to the interface existing
8407 // when it is first brought up.
8410 LogInfo("newMasterElected: interface not yet active");
8413 InterfaceID
= infoOSX
->ifinfo
.InterfaceID
;
8415 for (q
= m
->Questions
; q
; q
=q
->next
)
8417 if ((!q
->InterfaceID
&& (q
->flags
& kDNSServiceFlagsIncludeAWDL
))
8418 || q
->InterfaceID
== InterfaceID
)
8420 LogInfo("newMasterElected: restarting %s query for %##s", DNSTypeName(q
->qtype
), q
->qname
.c
);
8421 mDNSCoreRestartQuestion(m
, q
);
8425 for (rr
= m
->ResourceRecords
; rr
; rr
=rr
->next
)
8427 if ((!rr
->resrec
.InterfaceID
8428 && ((rr
->ARType
== AuthRecordAnyIncludeAWDL
) || ((rr
->ARType
== AuthRecordAnyIncludeAWDLandP2P
))))
8429 || rr
->resrec
.InterfaceID
== InterfaceID
)
8431 LogInfo("newMasterElected: restarting %s announcements for %##s", DNSTypeName(rr
->resrec
.rrtype
), rr
->namestorage
.c
);
8432 mDNSCoreRestartRegistration(m
, rr
, -1);
8437 // An ssth array of all zeroes indicates the peer has no services registered.
8438 mDNSlocal mDNSBool
allZeroSSTH(struct opaque_presence_indication
*op
)
8441 int *intp
= (int *) op
->ssth
;
8443 // MAX_SSTH_SIZE should always be a multiple of sizeof(int), if
8444 // it's not, print an error message and return false so that
8445 // corresponding peer records are not flushed when KEV_DL_NODE_PRESENCE event
8447 if (MAX_SSTH_SIZE
% sizeof(int))
8449 LogInfo("allZeroSSTH: MAX_SSTH_SIZE = %d not a multiple of sizeof(int)", MAX_SSTH_SIZE
);
8453 for (i
= 0; i
< (int)(MAX_SSTH_SIZE
/ sizeof(int)); i
++, intp
++)
8461 // mDNS_Reconfirm_internal() adds 33% to this interval, so the records should
8462 // be removed in 4 seconds.
8463 #define kAWDLReconfirmTime ((mDNSu32)mDNSPlatformOneSecond * 3)
8465 // Mark records from this peer for deletion from the cache.
8466 mDNSlocal
void removeCachedPeerRecords(mDNS
*const m
, mDNSu32 ifindex
, mDNSAddr
*ap
)
8471 mDNSInterfaceID InterfaceID
= mDNSPlatformInterfaceIDfromInterfaceIndex(m
, ifindex
);
8475 LogInfo("removeCachedPeerRecords: Invalid ifindex: %d", ifindex
);
8479 FORALL_CACHERECORDS(slot
, cg
, cr
)
8481 if ((InterfaceID
== cr
->resrec
.InterfaceID
) && mDNSSameAddress(ap
, & cr
->sourceAddress
))
8483 LogInfo("removeCachedPeerRecords: %s %##s marking for deletion",
8484 DNSTypeName(cr
->resrec
.rrtype
), cr
->resrec
.name
->c
);
8485 mDNS_Reconfirm_internal(m
, cr
, kAWDLReconfirmTime
);
8490 // Handle KEV_DL_NODE_PRESENCE event.
8491 mDNSlocal
void nodePresence(mDNS
*const m
, struct kev_dl_node_presence
* p
)
8493 char buf
[INET6_ADDRSTRLEN
];
8494 struct opaque_presence_indication
*op
= (struct opaque_presence_indication
*) p
->node_service_info
;
8496 if (inet_ntop(AF_INET6
, & p
->sin6_node_address
.sin6_addr
, buf
, sizeof(buf
)))
8497 LogInfo("nodePresence: IPv6 address: %s, SUI %d", buf
, op
->SUI
);
8499 LogInfo("nodePresence: inet_ntop() error");
8501 // AWDL will generate a KEV_DL_NODE_PRESENCE event with SSTH field of
8502 // all zeroes when a node is present and has no services registered.
8503 if (allZeroSSTH(op
))
8507 peerAddr
.type
= mDNSAddrType_IPv6
;
8508 peerAddr
.ip
.v6
= *(mDNSv6Addr
*)&p
->sin6_node_address
.sin6_addr
;
8510 LogInfo("nodePresence: ssth is all zeroes, delete cached records from this peer");
8511 removeCachedPeerRecords(m
, p
->sdl_node_address
.sdl_index
, & peerAddr
);
8515 // Handle KEV_DL_NODE_ABSENCE event.
8516 mDNSlocal
void nodeAbsence(mDNS
*const m
, struct kev_dl_node_absence
* p
)
8519 char buf
[INET6_ADDRSTRLEN
];
8521 if (inet_ntop(AF_INET6
, & p
->sin6_node_address
.sin6_addr
, buf
, sizeof(buf
)))
8522 LogInfo("nodeAbsence: IPv6 address: %s", buf
);
8524 LogInfo("nodeAbsence: inet_ntop() error");
8526 peerAddr
.type
= mDNSAddrType_IPv6
;
8527 peerAddr
.ip
.v6
= *(mDNSv6Addr
*)&p
->sin6_node_address
.sin6_addr
;
8529 LogInfo("nodeAbsence: delete cached records from this peer");
8530 removeCachedPeerRecords(m
, p
->sdl_node_address
.sdl_index
, & peerAddr
);
8533 mDNSlocal
void SysEventCallBack(int s1
, short __unused filter
, void *context
)
8535 mDNS
*const m
= (mDNS
*const)context
;
8539 struct { struct kern_event_msg k
; char extra
[256]; } msg
;
8540 int bytes
= recv(s1
, &msg
, sizeof(msg
), 0);
8542 LogMsg("SysEventCallBack: recv error %d errno %d (%s)", bytes
, errno
, strerror(errno
));
8545 LogInfo("SysEventCallBack got %d bytes size %d %X %s %X %s %X %s id %d code %d %s",
8546 bytes
, msg
.k
.total_size
,
8547 msg
.k
.vendor_code
, msg
.k
.vendor_code
== KEV_VENDOR_APPLE
? "KEV_VENDOR_APPLE" : "?",
8548 msg
.k
.kev_class
, msg
.k
.kev_class
== KEV_NETWORK_CLASS
? "KEV_NETWORK_CLASS" : "?",
8549 msg
.k
.kev_subclass
, msg
.k
.kev_subclass
== KEV_DL_SUBCLASS
? "KEV_DL_SUBCLASS" : "?",
8550 msg
.k
.id
, msg
.k
.event_code
,
8551 msg
.k
.event_code
== KEV_DL_SIFFLAGS
? "KEV_DL_SIFFLAGS" :
8552 msg
.k
.event_code
== KEV_DL_SIFMETRICS
? "KEV_DL_SIFMETRICS" :
8553 msg
.k
.event_code
== KEV_DL_SIFMTU
? "KEV_DL_SIFMTU" :
8554 msg
.k
.event_code
== KEV_DL_SIFPHYS
? "KEV_DL_SIFPHYS" :
8555 msg
.k
.event_code
== KEV_DL_SIFMEDIA
? "KEV_DL_SIFMEDIA" :
8556 msg
.k
.event_code
== KEV_DL_SIFGENERIC
? "KEV_DL_SIFGENERIC" :
8557 msg
.k
.event_code
== KEV_DL_ADDMULTI
? "KEV_DL_ADDMULTI" :
8558 msg
.k
.event_code
== KEV_DL_DELMULTI
? "KEV_DL_DELMULTI" :
8559 msg
.k
.event_code
== KEV_DL_IF_ATTACHED
? "KEV_DL_IF_ATTACHED" :
8560 msg
.k
.event_code
== KEV_DL_IF_DETACHING
? "KEV_DL_IF_DETACHING" :
8561 msg
.k
.event_code
== KEV_DL_IF_DETACHED
? "KEV_DL_IF_DETACHED" :
8562 msg
.k
.event_code
== KEV_DL_LINK_OFF
? "KEV_DL_LINK_OFF" :
8563 msg
.k
.event_code
== KEV_DL_LINK_ON
? "KEV_DL_LINK_ON" :
8564 msg
.k
.event_code
== KEV_DL_PROTO_ATTACHED
? "KEV_DL_PROTO_ATTACHED" :
8565 msg
.k
.event_code
== KEV_DL_PROTO_DETACHED
? "KEV_DL_PROTO_DETACHED" :
8566 msg
.k
.event_code
== KEV_DL_LINK_ADDRESS_CHANGED
? "KEV_DL_LINK_ADDRESS_CHANGED" :
8567 msg
.k
.event_code
== KEV_DL_WAKEFLAGS_CHANGED
? "KEV_DL_WAKEFLAGS_CHANGED" :
8568 msg
.k
.event_code
== KEV_DL_IF_IDLE_ROUTE_REFCNT
? "KEV_DL_IF_IDLE_ROUTE_REFCNT" :
8569 msg
.k
.event_code
== KEV_DL_IFCAP_CHANGED
? "KEV_DL_IFCAP_CHANGED" :
8570 msg
.k
.event_code
== KEV_DL_LINK_QUALITY_METRIC_CHANGED
? "KEV_DL_LINK_QUALITY_METRIC_CHANGED" :
8571 msg
.k
.event_code
== KEV_DL_NODE_PRESENCE
? "KEV_DL_NODE_PRESENCE" :
8572 msg
.k
.event_code
== KEV_DL_NODE_ABSENCE
? "KEV_DL_NODE_ABSENCE" :
8573 msg
.k
.event_code
== KEV_DL_MASTER_ELECTED
? "KEV_DL_MASTER_ELECTED" :
8576 if (msg
.k
.event_code
== KEV_DL_NODE_PRESENCE
)
8577 nodePresence(m
, (struct kev_dl_node_presence
*) &msg
.k
.event_data
);
8579 if (msg
.k
.event_code
== KEV_DL_NODE_ABSENCE
)
8580 nodeAbsence(m
, (struct kev_dl_node_absence
*) &msg
.k
.event_data
);
8582 if (msg
.k
.event_code
== KEV_DL_MASTER_ELECTED
)
8583 newMasterElected(m
, (struct net_event_data
*) &msg
.k
.event_data
);
8585 // We receive network change notifications both through configd and through SYSPROTO_EVENT socket.
8586 // Configd may not generate network change events for manually configured interfaces (i.e., non-DHCP)
8587 // always during sleep/wakeup due to some race conditions (See radar:8666757). At the same time, if
8588 // "Wake on Network Access" is not turned on, the notification will not have KEV_DL_WAKEFLAGS_CHANGED.
8589 // Hence, during wake up, if we see a KEV_DL_LINK_ON (i.e., link is UP), we trigger a network change.
8591 if (msg
.k
.event_code
== KEV_DL_WAKEFLAGS_CHANGED
|| msg
.k
.event_code
== KEV_DL_LINK_ON
)
8592 SetNetworkChanged(m
, mDNSPlatformOneSecond
* 2);
8594 #if !TARGET_OS_EMBEDDED // don't setup packet filter rules on embedded
8596 // For p2p interfaces, need to open the advertised service port in the firewall.
8597 if (msg
.k
.event_code
== KEV_DL_IF_ATTACHED
)
8599 struct net_event_data
* p
;
8600 p
= (struct net_event_data
*) &msg
.k
.event_data
;
8602 if (strncmp(p
->if_name
, "p2p", 3) == 0)
8604 char ifname
[IFNAMSIZ
];
8605 snprintf(ifname
, IFNAMSIZ
, "%s%d", p
->if_name
, p
->if_unit
);
8607 LogInfo("SysEventCallBack: KEV_DL_IF_ATTACHED if_family = %d, if_unit = %d, if_name = %s", p
->if_family
, p
->if_unit
, p
->if_name
);
8609 mDNSSetPacketFilterRules(m
, ifname
, NULL
);
8613 // For p2p interfaces, need to clear the firewall rules on interface detach
8614 if (msg
.k
.event_code
== KEV_DL_IF_DETACHED
)
8616 struct net_event_data
* p
;
8617 p
= (struct net_event_data
*) &msg
.k
.event_data
;
8619 if (strncmp(p
->if_name
, "p2p", 3) == 0)
8621 pfArray_t portArray
, protocolArray
; // not initialized since count is 0 for PF_CLEAR_RULES
8622 char ifname
[IFNAMSIZ
];
8623 snprintf(ifname
, IFNAMSIZ
, "%s%d", p
->if_name
, p
->if_unit
);
8625 LogInfo("SysEventCallBack: KEV_DL_IF_DETACHED if_family = %d, if_unit = %d, if_name = %s", p
->if_family
, p
->if_unit
, p
->if_name
);
8627 mDNSPacketFilterControl(PF_CLEAR_RULES
, ifname
, 0, portArray
, protocolArray
);
8630 #endif // !TARGET_OS_EMBEDDED
8637 mDNSlocal mStatus
WatchForSysEvents(mDNS
*const m
)
8639 m
->p
->SysEventNotifier
= socket(PF_SYSTEM
, SOCK_RAW
, SYSPROTO_EVENT
);
8640 if (m
->p
->SysEventNotifier
< 0)
8641 { LogMsg("WatchForSysEvents: socket failed error %d errno %d (%s)", m
->p
->SysEventNotifier
, errno
, strerror(errno
)); return(mStatus_NoMemoryErr
); }
8643 struct kev_request kev_req
= { KEV_VENDOR_APPLE
, KEV_NETWORK_CLASS
, KEV_DL_SUBCLASS
};
8644 int err
= ioctl(m
->p
->SysEventNotifier
, SIOCSKEVFILT
, &kev_req
);
8647 LogMsg("WatchForSysEvents: SIOCSKEVFILT failed error %d errno %d (%s)", err
, errno
, strerror(errno
));
8648 close(m
->p
->SysEventNotifier
);
8649 m
->p
->SysEventNotifier
= -1;
8650 return(mStatus_UnknownErr
);
8653 m
->p
->SysEventKQueue
.KQcallback
= SysEventCallBack
;
8654 m
->p
->SysEventKQueue
.KQcontext
= m
;
8655 m
->p
->SysEventKQueue
.KQtask
= "System Event Notifier";
8656 KQueueSet(m
->p
->SysEventNotifier
, EV_ADD
, EVFILT_READ
, &m
->p
->SysEventKQueue
);
8658 return(mStatus_NoError
);
8661 #ifndef NO_SECURITYFRAMEWORK
8662 mDNSlocal OSStatus
KeychainChanged(SecKeychainEvent keychainEvent
, SecKeychainCallbackInfo
*info
, void *context
)
8664 LogInfo("*** Keychain Changed ***");
8665 mDNS
*const m
= (mDNS
*const)context
;
8667 OSStatus err
= SecKeychainCopyDefault(&skc
);
8670 if (info
->keychain
== skc
)
8672 // For delete events, attempt to verify what item was deleted fail because the item is already gone, so we just assume they may be relevant
8673 mDNSBool relevant
= (keychainEvent
== kSecDeleteEvent
);
8676 UInt32 tags
[3] = { kSecTypeItemAttr
, kSecServiceItemAttr
, kSecAccountItemAttr
};
8677 SecKeychainAttributeInfo attrInfo
= { 3, tags
, NULL
}; // Count, array of tags, array of formats
8678 SecKeychainAttributeList
*a
= NULL
;
8679 err
= SecKeychainItemCopyAttributesAndData(info
->item
, &attrInfo
, NULL
, &a
, NULL
, NULL
);
8682 relevant
= ((a
->attr
[0].length
== 4 && (!strncasecmp(a
->attr
[0].data
, "ddns", 4) || !strncasecmp(a
->attr
[0].data
, "sndd", 4))) ||
8683 (a
->attr
[1].length
>= mDNSPlatformStrLen(dnsprefix
) && (!strncasecmp(a
->attr
[1].data
, dnsprefix
, mDNSPlatformStrLen(dnsprefix
)))) ||
8684 (a
->attr
[1].length
>= mDNSPlatformStrLen(btmmprefix
) && (!strncasecmp(a
->attr
[1].data
, btmmprefix
, mDNSPlatformStrLen(btmmprefix
)))));
8685 SecKeychainItemFreeAttributesAndData(a
, NULL
);
8690 LogInfo("*** Keychain Changed *** KeychainEvent=%d %s",
8692 keychainEvent
== kSecAddEvent
? "kSecAddEvent" :
8693 keychainEvent
== kSecDeleteEvent
? "kSecDeleteEvent" :
8694 keychainEvent
== kSecUpdateEvent
? "kSecUpdateEvent" : "<Unknown>");
8695 // We're running on the CFRunLoop (Mach port) thread, not the kqueue thread, so we need to grab the KQueueLock before proceeding
8699 // To not read the keychain twice: when BTMM is enabled, changes happen to the keychain
8700 // then the BTMM DynStore dictionary, so delay reading the keychain for a second.
8701 // NetworkChanged() will reset the keychain timer to fire immediately when the DynStore changes.
8703 // In the "fixup" case where the BTMM DNS servers aren't accepting the key mDNSResponder has,
8704 // the DynStore dictionary won't change (because the BTMM zone won't change). In that case,
8705 // a one second delay is ok, as we'll still converge to correctness, and there's no race
8706 // condition between the RegistrationDomain and the DomainAuthInfo.
8708 // Lastly, non-BTMM WAB cases can use the keychain but not the DynStore, so we need to set
8709 // the timer here, as it will not get set by NetworkChanged().
8710 SetKeyChainTimer(m
, mDNSPlatformOneSecond
);
8713 KQueueUnlock(m
, "KeychainChanged");
8723 mDNSlocal
void PowerOn(mDNS
*const m
)
8725 mDNSCoreMachineSleep(m
, false); // Will set m->SleepState = SleepState_Awake;
8726 if (m
->p
->WakeAtUTC
)
8728 long utc
= mDNSPlatformUTC();
8729 mDNSPowerRequest(-1,-1); // Need to explicitly clear any previous power requests -- they're not cleared automatically on wake
8730 if (m
->p
->WakeAtUTC
- utc
> 30)
8732 LogSPS("PowerChanged PowerOn %d seconds early, assuming not maintenance wake", m
->p
->WakeAtUTC
- utc
);
8734 else if (utc
- m
->p
->WakeAtUTC
> 30)
8736 LogSPS("PowerChanged PowerOn %d seconds late, assuming not maintenance wake", utc
- m
->p
->WakeAtUTC
);
8738 else if (IsAppleTV())
8740 LogSPS("PowerChanged PowerOn %d seconds late, device is an AppleTV running iOS so not re-sleeping", utc
- m
->p
->WakeAtUTC
);
8744 LogSPS("PowerChanged: Waking for network maintenance operations %d seconds early; re-sleeping in 20 seconds", m
->p
->WakeAtUTC
- utc
);
8745 m
->p
->RequestReSleep
= mDNS_TimeNow(m
) + 20 * mDNSPlatformOneSecond
;
8750 mDNSlocal
void PowerChanged(void *refcon
, io_service_t service
, natural_t messageType
, void *messageArgument
)
8752 mDNS
*const m
= (mDNS
*const)refcon
;
8754 (void)service
; // Parameter not used
8755 debugf("PowerChanged %X %lX", messageType
, messageArgument
);
8757 // Make sure our m->SystemWakeOnLANEnabled value correctly reflects the current system setting
8758 m
->SystemWakeOnLANEnabled
= SystemWakeForNetworkAccess();
8762 case kIOMessageCanSystemPowerOff
: LogSPS("PowerChanged kIOMessageCanSystemPowerOff (no action)"); break; // E0000240
8763 case kIOMessageSystemWillPowerOff
: LogSPS("PowerChanged kIOMessageSystemWillPowerOff"); // E0000250
8764 mDNSCoreMachineSleep(m
, true);
8765 if (m
->SleepState
== SleepState_Sleeping
) mDNSMacOSXNetworkChanged(m
);
8767 case kIOMessageSystemWillNotPowerOff
: LogSPS("PowerChanged kIOMessageSystemWillNotPowerOff (no action)"); break; // E0000260
8768 case kIOMessageCanSystemSleep
: LogSPS("PowerChanged kIOMessageCanSystemSleep (no action)"); break; // E0000270
8769 case kIOMessageSystemWillSleep
: LogSPS("PowerChanged kIOMessageSystemWillSleep"); // E0000280
8770 mDNSCoreMachineSleep(m
, true);
8772 case kIOMessageSystemWillNotSleep
: LogSPS("PowerChanged kIOMessageSystemWillNotSleep (no action)"); break; // E0000290
8773 case kIOMessageSystemHasPoweredOn
: LogSPS("PowerChanged kIOMessageSystemHasPoweredOn"); // E0000300
8774 // If still sleeping (didn't get 'WillPowerOn' message for some reason?) wake now
8777 LogMsg("PowerChanged kIOMessageSystemHasPoweredOn: ERROR m->SleepState %d", m
->SleepState
);
8780 // Just to be safe, schedule a mDNSMacOSXNetworkChanged(), in case we never received
8781 // the System Configuration Framework "network changed" event that we expect
8782 // to receive some time shortly after the kIOMessageSystemWillPowerOn message
8784 if (!m
->p
->NetworkChanged
||
8785 m
->p
->NetworkChanged
- NonZeroTime(m
->timenow
+ mDNSPlatformOneSecond
* 2) < 0)
8786 m
->p
->NetworkChanged
= NonZeroTime(m
->timenow
+ mDNSPlatformOneSecond
* 2);
8790 case kIOMessageSystemWillRestart
: LogSPS("PowerChanged kIOMessageSystemWillRestart (no action)"); break; // E0000310
8791 case kIOMessageSystemWillPowerOn
: LogSPS("PowerChanged kIOMessageSystemWillPowerOn"); // E0000320
8793 // Make sure our interface list is cleared to the empty state, then tell mDNSCore to wake
8794 if (m
->SleepState
!= SleepState_Sleeping
)
8796 LogMsg("kIOMessageSystemWillPowerOn: ERROR m->SleepState %d", m
->SleepState
);
8797 m
->SleepState
= SleepState_Sleeping
;
8798 mDNSMacOSXNetworkChanged(m
);
8802 default: LogSPS("PowerChanged unknown message %X", messageType
); break;
8805 if (messageType
== kIOMessageSystemWillSleep
) m
->p
->SleepCookie
= (long)messageArgument
;
8806 else IOAllowPowerChange(m
->p
->PowerConnection
, (long)messageArgument
);
8808 KQueueUnlock(m
, "PowerChanged Sleep/Wake");
8811 // iPhone OS doesn't currently have SnowLeopard's IO Power Management
8812 // but it does define kIOPMAcknowledgmentOptionSystemCapabilityRequirements
8813 #if defined(kIOPMAcknowledgmentOptionSystemCapabilityRequirements) && !TARGET_OS_EMBEDDED
8814 mDNSlocal
void SnowLeopardPowerChanged(void *refcon
, IOPMConnection connection
, IOPMConnectionMessageToken token
, IOPMSystemPowerStateCapabilities eventDescriptor
)
8816 mDNS
*const m
= (mDNS
*const)refcon
;
8818 LogSPS("SnowLeopardPowerChanged %X %X %X%s%s%s%s%s",
8819 connection
, token
, eventDescriptor
,
8820 eventDescriptor
& kIOPMSystemPowerStateCapabilityCPU
? " CPU" : "",
8821 eventDescriptor
& kIOPMSystemPowerStateCapabilityVideo
? " Video" : "",
8822 eventDescriptor
& kIOPMSystemPowerStateCapabilityAudio
? " Audio" : "",
8823 eventDescriptor
& kIOPMSystemPowerStateCapabilityNetwork
? " Network" : "",
8824 eventDescriptor
& kIOPMSystemPowerStateCapabilityDisk
? " Disk" : "");
8826 // Make sure our m->SystemWakeOnLANEnabled value correctly reflects the current system setting
8827 m
->SystemWakeOnLANEnabled
= SystemWakeForNetworkAccess();
8829 if (eventDescriptor
& kIOPMSystemPowerStateCapabilityCPU
)
8831 // We might be in Sleeping or Transferring state. When we go from "wakeup" to "sleep" state, we don't
8832 // go directly to sleep state, but transfer in to the sleep state during which SleepState is set to
8833 // SleepState_Transferring. During that time, we might get another wakeup before we transition to Sleeping
8834 // state. In that case, we need to acknowledge the previous "sleep" before we acknowledge the wakeup.
8837 LogSPS("SnowLeopardPowerChanged: Waking up, Acking old Sleep, SleepLimit %d SleepState %d", m
->SleepLimit
, m
->SleepState
);
8838 IOPMConnectionAcknowledgeEvent(connection
, m
->p
->SleepCookie
);
8841 LogSPS("SnowLeopardPowerChanged: Waking up, Acking Wakeup, SleepLimit %d SleepState %d", m
->SleepLimit
, m
->SleepState
);
8842 // If the network notifications have already come before we got the wakeup, we ignored them and
8843 // in case we get no more, we need to trigger one.
8845 SetNetworkChanged(m
, 2 * mDNSPlatformOneSecond
);
8847 // CPU Waking. Note: Can get this message repeatedly, as other subsystems power up or down.
8848 if (m
->SleepState
!= SleepState_Awake
) PowerOn(m
);
8849 IOPMConnectionAcknowledgeEvent(connection
, token
);
8853 // CPU sleeping. Should not get this repeatedly -- once we're told that the CPU is halting
8854 // we should hear nothing more until we're told that the CPU has started executing again.
8855 if (m
->SleepState
) LogMsg("SnowLeopardPowerChanged: Sleep Error %X m->SleepState %d", eventDescriptor
, m
->SleepState
);
8857 //mDNSMacOSXNetworkChanged(m);
8858 mDNSCoreMachineSleep(m
, true);
8859 //if (m->SleepState == SleepState_Sleeping) mDNSMacOSXNetworkChanged(m);
8860 m
->p
->SleepCookie
= token
;
8863 KQueueUnlock(m
, "SnowLeopardPowerChanged Sleep/Wake");
8867 #if COMPILER_LIKES_PRAGMA_MARK
8869 #pragma mark - /etc/hosts support
8872 // Implementation Notes
8874 // As /etc/hosts file can be huge (1000s of entries - when this comment was written, the test file had about
8875 // 23000 entries with about 4000 duplicates), we can't use a linked list to store these entries. So, we parse
8876 // them into a hash table. The implementation need to be able to do the following things efficiently
8878 // 1. Detect duplicates e.g., two entries with "1.2.3.4 foo"
8879 // 2. Detect whether /etc/hosts has changed and what has changed since the last read from the disk
8880 // 3. Ability to support multiple addresses per name e.g., "1.2.3.4 foo, 2.3.4.5 foo". To support this, we
8881 // need to be able set the RRSet of a resource record to the first one in the list and also update when
8882 // one of them go away. This is needed so that the core thinks that they are all part of the same RRSet and
8884 // 4. Don't maintain any local state about any records registered with the core to detect changes to /etc/hosts
8886 // CFDictionary is not a suitable candidate because it does not support duplicates and even if we use a custom
8887 // "hash" function to solve this, the others are hard to solve. Hence, we share the hash (AuthHash) implementation
8888 // of the core layer which does all of the above very efficiently
8890 #define ETCHOSTS_BUFSIZE 1024 // Buffer size to parse a single line in /etc/hosts
8892 mDNSexport
void FreeEtcHosts(mDNS
*const m
, AuthRecord
*const rr
, mStatus result
)
8897 if (result
== mStatus_MemFree
)
8899 LogInfo("FreeEtcHosts: %s", ARDisplayString(m
, rr
));
8900 freeL("etchosts", rr
);
8904 // Returns true on success and false on failure
8905 mDNSlocal mDNSBool
mDNSMacOSXCreateEtcHostsEntry(mDNS
*const m
, const domainname
*domain
, const struct sockaddr
*sa
, const domainname
*cname
, char *ifname
, AuthHash
*auth
)
8911 mDNSInterfaceID InterfaceID
= mDNSInterface_LocalOnly
;
8916 LogMsg("mDNSMacOSXCreateEtcHostsEntry: ERROR!! name NULL");
8921 LogMsg("mDNSMacOSXCreateEtcHostsEntry: ERROR!! sa and cname both NULL");
8925 if (sa
&& sa
->sa_family
!= AF_INET
&& sa
->sa_family
!= AF_INET6
)
8927 LogMsg("mDNSMacOSXCreateEtcHostsEntry: ERROR!! sa with bad family %d", sa
->sa_family
);
8934 mDNSu32 ifindex
= if_nametoindex(ifname
);
8937 LogMsg("mDNSMacOSXCreateEtcHostsEntry: hosts entry %##s with invalid ifname %s", domain
->c
, ifname
);
8940 InterfaceID
= (mDNSInterfaceID
)(uintptr_t)ifindex
;
8944 rrtype
= (sa
->sa_family
== AF_INET
? kDNSType_A
: kDNSType_AAAA
);
8946 rrtype
= kDNSType_CNAME
;
8948 // Check for duplicates. See whether we parsed an entry before like this ?
8949 slot
= AuthHashSlot(domain
);
8950 namehash
= DomainNameHashValue(domain
);
8951 ag
= AuthGroupForName(auth
, slot
, namehash
, domain
);
8957 if (rr
->resrec
.rrtype
== rrtype
)
8959 if (rrtype
== kDNSType_A
)
8962 ip
.NotAnInteger
= ((struct sockaddr_in
*)sa
)->sin_addr
.s_addr
;
8963 if (mDNSSameIPv4Address(rr
->resrec
.rdata
->u
.ipv4
, ip
))
8965 LogInfo("mDNSMacOSXCreateEtcHostsEntry: Same IPv4 address for name %##s", domain
->c
);
8969 else if (rrtype
== kDNSType_AAAA
)
8972 ip6
.l
[0] = ((struct sockaddr_in6
*)sa
)->sin6_addr
.__u6_addr
.__u6_addr32
[0];
8973 ip6
.l
[1] = ((struct sockaddr_in6
*)sa
)->sin6_addr
.__u6_addr
.__u6_addr32
[1];
8974 ip6
.l
[2] = ((struct sockaddr_in6
*)sa
)->sin6_addr
.__u6_addr
.__u6_addr32
[2];
8975 ip6
.l
[3] = ((struct sockaddr_in6
*)sa
)->sin6_addr
.__u6_addr
.__u6_addr32
[3];
8976 if (mDNSSameIPv6Address(rr
->resrec
.rdata
->u
.ipv6
, ip6
))
8978 LogInfo("mDNSMacOSXCreateEtcHostsEntry: Same IPv6 address for name %##s", domain
->c
);
8982 else if (rrtype
== kDNSType_CNAME
)
8984 if (SameDomainName(&rr
->resrec
.rdata
->u
.name
, cname
))
8986 LogInfo("mDNSMacOSXCreateEtcHostsEntry: Same cname %##s for name %##s", cname
->c
, domain
->c
);
8994 rr
= mallocL("etchosts", sizeof(*rr
));
8995 if (rr
== NULL
) return mDNSfalse
;
8996 mDNSPlatformMemZero(rr
, sizeof(*rr
));
8997 mDNS_SetupResourceRecord(rr
, NULL
, InterfaceID
, rrtype
, 1, kDNSRecordTypeKnownUnique
, AuthRecordLocalOnly
, FreeEtcHosts
, NULL
);
8998 AssignDomainName(&rr
->namestorage
, domain
);
9002 rr
->resrec
.rdlength
= sa
->sa_family
== AF_INET
? sizeof(mDNSv4Addr
) : sizeof(mDNSv6Addr
);
9003 if (sa
->sa_family
== AF_INET
)
9004 rr
->resrec
.rdata
->u
.ipv4
.NotAnInteger
= ((struct sockaddr_in
*)sa
)->sin_addr
.s_addr
;
9007 rr
->resrec
.rdata
->u
.ipv6
.l
[0] = ((struct sockaddr_in6
*)sa
)->sin6_addr
.__u6_addr
.__u6_addr32
[0];
9008 rr
->resrec
.rdata
->u
.ipv6
.l
[1] = ((struct sockaddr_in6
*)sa
)->sin6_addr
.__u6_addr
.__u6_addr32
[1];
9009 rr
->resrec
.rdata
->u
.ipv6
.l
[2] = ((struct sockaddr_in6
*)sa
)->sin6_addr
.__u6_addr
.__u6_addr32
[2];
9010 rr
->resrec
.rdata
->u
.ipv6
.l
[3] = ((struct sockaddr_in6
*)sa
)->sin6_addr
.__u6_addr
.__u6_addr32
[3];
9015 rr
->resrec
.rdlength
= DomainNameLength(cname
);
9016 rr
->resrec
.rdata
->u
.name
.c
[0] = 0;
9017 AssignDomainName(&rr
->resrec
.rdata
->u
.name
, cname
);
9019 rr
->resrec
.namehash
= DomainNameHashValue(rr
->resrec
.name
);
9020 SetNewRData(&rr
->resrec
, mDNSNULL
, 0); // Sets rr->rdatahash for us
9021 LogInfo("mDNSMacOSXCreateEtcHostsEntry: Adding resource record %s", ARDisplayString(m
, rr
));
9022 InsertAuthRecord(m
, auth
, rr
);
9026 mDNSlocal
int EtcHostsParseOneName(int start
, int length
, char *buffer
, char **name
)
9031 for (i
= start
; i
< length
; i
++)
9033 if (buffer
[i
] == '#')
9035 if (buffer
[i
] != ' ' && buffer
[i
] != ',' && buffer
[i
] != '\t')
9039 // Found the start of a name, find the end and null terminate
9040 for (i
++; i
< length
; i
++)
9042 if (buffer
[i
] == ' ' || buffer
[i
] == ',' || buffer
[i
] == '\t')
9054 mDNSlocal
void mDNSMacOSXParseEtcHostsLine(mDNS
*const m
, char *buffer
, ssize_t length
, AuthHash
*auth
)
9058 char *ifname
= NULL
;
9065 //Ignore leading whitespaces and tabs
9066 while (*buffer
== ' ' || *buffer
== '\t')
9072 // Find the end of the address string
9073 for (i
= 0; i
< length
; i
++)
9075 if (buffer
[i
] == ' ' || buffer
[i
] == ',' || buffer
[i
] == '\t' || buffer
[i
] == '%')
9077 if (buffer
[i
] == '%')
9084 // Convert the address string to an address
9085 struct addrinfo hints
;
9086 bzero(&hints
, sizeof(hints
));
9087 hints
.ai_flags
= AI_NUMERICHOST
;
9088 struct addrinfo
*gairesults
= NULL
;
9089 if (getaddrinfo(buffer
, NULL
, &hints
, &gairesults
) != 0)
9091 LogInfo("mDNSMacOSXParseEtcHostsLine: getaddrinfo returning null");
9097 // Parse the interface
9098 ifname
= &buffer
[ifStart
];
9099 for (i
= ifStart
+ 1; i
< length
; i
++)
9101 if (buffer
[i
] == ' ' || buffer
[i
] == ',' || buffer
[i
] == '\t')
9109 i
= EtcHostsParseOneName(i
+ 1, length
, buffer
, &name1
);
9112 // Common case (no aliases) : The entry is of the form "1.2.3.4 somehost" with no trailing white spaces/tabs etc.
9113 if (!MakeDomainNameFromDNSNameString(&name1d
, name1
))
9115 LogMsg("mDNSMacOSXParseEtcHostsLine: ERROR!! cannot convert to domain name %s", name1
);
9116 freeaddrinfo(gairesults
);
9119 mDNSMacOSXCreateEtcHostsEntry(m
, &name1d
, gairesults
->ai_addr
, mDNSNULL
, ifname
, auth
);
9124 // We might have some extra white spaces at the end for the common case of "1.2.3.4 somehost".
9125 // When we parse again below, EtchHostsParseOneName would return -1 and we will end up
9126 // doing the right thing.
9127 if (!MakeDomainNameFromDNSNameString(&first
, name1
))
9129 LogMsg("mDNSMacOSXParseEtcHostsLine: ERROR!! cannot convert to domain name %s", name1
);
9130 freeaddrinfo(gairesults
);
9133 // If the /etc/hosts has an entry like this
9135 // 1.2.3.4 sun star bright
9137 // star and bright are aliases (gethostbyname h_alias should point to these) and sun is the canonical
9138 // name (getaddrinfo ai_cannonname and gethostbyname h_name points to "sun")
9140 // To achieve this, we need to add the entry like this:
9142 // star CNAME bright
9146 // We store the first name we parsed in "first". Then we parse additional names adding CNAME records
9147 // till we reach the end. When we reach the end, we wrap around and add one final CNAME with the last
9148 // entry and the first entry. Finally, we add the Address (A/AAAA) record.
9152 // Parse a name. If there are no names, we need to know whether we
9153 // parsed CNAMEs before or not. If we parsed CNAMEs before, then we
9154 // add a CNAME with the last name and the first name. Otherwise, this
9155 // is same as the common case above where the line has just one name
9156 // but with trailing white spaces.
9157 i
= EtcHostsParseOneName(i
+ 1, length
, buffer
, &name2
);
9160 if (!MakeDomainNameFromDNSNameString(&name2d
, name2
))
9162 LogMsg("mDNSMacOSXParseEtcHostsLine: ERROR!! cannot convert to domain name %s", name2
);
9163 freeaddrinfo(gairesults
);
9168 else if (!aliasIndex
)
9170 // We have never parsed any aliases. This case happens if there
9171 // is just one name and some extra white spaces at the end.
9172 LogInfo("mDNSMacOSXParseEtcHostsLine: White space at the end of %##s", first
.c
);
9177 // We have parsed at least one alias before and we reached the end of the line.
9178 // Setup a CNAME for the last name with "first" name as its RDATA
9180 AssignDomainName(&name2d
, &first
);
9183 // Don't add a CNAME for the first alias we parse (see the example above).
9184 // As we parse more, we might discover that there are no more aliases, in
9185 // which case we would have set "name2d" to "first" above. We need to add
9186 // the CNAME in that case.
9188 if (aliasIndex
> 1 || SameDomainName(&name2d
, &first
))
9190 // Ignore if it points to itself
9191 if (!SameDomainName(&name1d
, &name2d
))
9193 if (!mDNSMacOSXCreateEtcHostsEntry(m
, &name1d
, mDNSNULL
, &name2d
, ifname
, auth
))
9195 freeaddrinfo(gairesults
);
9200 LogMsg("mDNSMacOSXParseEtcHostsLine: Ignoring entry with same names name1 %##s, name2 %##s", name1d
.c
, name2d
.c
);
9203 // If we have already wrapped around, we just need to add the A/AAAA record alone
9204 // which is done below
9205 if (SameDomainName(&name2d
, &first
)) break;
9207 // Remember the current name so that we can set the CNAME record if we parse one
9210 AssignDomainName(&name1d
, &name2d
);
9212 // Added all the CNAMEs if any, add the "A/AAAA" record
9213 mDNSMacOSXCreateEtcHostsEntry(m
, &first
, gairesults
->ai_addr
, mDNSNULL
, ifname
, auth
);
9215 freeaddrinfo(gairesults
);
9218 mDNSlocal
void mDNSMacOSXParseEtcHosts(mDNS
*const m
, int fd
, AuthHash
*auth
)
9221 char buf
[ETCHOSTS_BUFSIZE
];
9225 if (fd
== -1) { LogInfo("mDNSMacOSXParseEtcHosts: fd is -1"); return; }
9227 fp
= fopen("/etc/hosts", "r");
9228 if (!fp
) { LogInfo("mDNSMacOSXParseEtcHosts: fp is NULL"); return; }
9232 good
= (fgets(buf
, ETCHOSTS_BUFSIZE
, fp
) != NULL
);
9235 // skip comment and empty lines
9236 if (buf
[0] == '#' || buf
[0] == '\r' || buf
[0] == '\n')
9240 if (!len
) break; // sanity check
9241 //Check for end of line code(mostly only \n but pre-OS X Macs could have only \r)
9242 if (buf
[len
- 1] == '\r' || buf
[len
- 1] == '\n')
9244 buf
[len
- 1] = '\0';
9247 // fgets always null terminates and hence even if we have no
9248 // newline at the end, it is null terminated. The callee
9249 // (mDNSMacOSXParseEtcHostsLine) expects the length to be such that
9250 // buf[length] is zero and hence we decrement len to reflect that.
9253 //Additional check when end of line code is 2 chars ie\r\n(DOS, other old OSes)
9254 //here we need to check for just \r but taking extra caution.
9255 if (buf
[len
- 1] == '\r' || buf
[len
- 1] == '\n')
9257 buf
[len
- 1] = '\0';
9261 if (!len
) //Sanity Check: len should never be zero
9263 LogMsg("mDNSMacOSXParseEtcHosts: Length is zero!");
9266 mDNSMacOSXParseEtcHostsLine(m
, buf
, len
, auth
);
9271 mDNSlocal
void mDNSMacOSXUpdateEtcHosts(mDNS
*const m
);
9273 mDNSlocal
int mDNSMacOSXGetEtcHostsFD(mDNS
*const m
)
9275 #ifdef __DISPATCH_GROUP__
9276 // Can't do this stuff to be notified of changes in /etc/hosts if we don't have libdispatch
9277 static dispatch_queue_t etcq
= 0;
9278 static dispatch_source_t etcsrc
= 0;
9279 static dispatch_source_t hostssrc
= 0;
9281 // First time through? just schedule ourselves on the main queue and we'll do the work later
9284 etcq
= dispatch_get_main_queue();
9287 // Do this work on the queue, not here - solves potential synchronization issues
9288 dispatch_async(etcq
, ^{mDNSMacOSXUpdateEtcHosts(m
);});
9293 if (hostssrc
) return dispatch_source_get_handle(hostssrc
);
9296 int fd
= open("/etc/hosts", O_RDONLY
);
9298 #ifdef __DISPATCH_GROUP__
9299 // Can't do this stuff to be notified of changes in /etc/hosts if we don't have libdispatch
9302 // If the open failed and we're already watching /etc, we're done
9303 if (etcsrc
) { LogInfo("mDNSMacOSXGetEtcHostsFD: Returning etcfd because no etchosts"); return fd
; }
9305 // we aren't watching /etc, we should be
9306 fd
= open("/etc", O_RDONLY
);
9307 if (fd
== -1) { LogInfo("mDNSMacOSXGetEtcHostsFD: etc does not exist"); return -1; }
9308 etcsrc
= dispatch_source_create(DISPATCH_SOURCE_TYPE_VNODE
, fd
, DISPATCH_VNODE_DELETE
| DISPATCH_VNODE_WRITE
| DISPATCH_VNODE_RENAME
, etcq
);
9314 dispatch_source_set_event_handler(etcsrc
,
9316 u_int32_t flags
= dispatch_source_get_data(etcsrc
);
9317 LogMsg("mDNSMacOSXGetEtcHostsFD: /etc changed 0x%x", flags
);
9318 if ((flags
& (DISPATCH_VNODE_DELETE
| DISPATCH_VNODE_RENAME
)) != 0)
9320 dispatch_source_cancel(etcsrc
);
9321 dispatch_release(etcsrc
);
9323 dispatch_async(etcq
, ^{mDNSMacOSXUpdateEtcHosts(m
);});
9326 if ((flags
& DISPATCH_VNODE_WRITE
) != 0 && hostssrc
== NULL
)
9328 mDNSMacOSXUpdateEtcHosts(m
);
9331 dispatch_source_set_cancel_handler(etcsrc
, ^{close(fd
);});
9332 dispatch_resume(etcsrc
);
9334 // Try and open /etc/hosts once more now that we're watching /etc, in case we missed the creation
9335 fd
= open("/etc/hosts", O_RDONLY
| O_EVTONLY
);
9336 if (fd
== -1) { LogMsg("mDNSMacOSXGetEtcHostsFD etc hosts does not exist, watching etc"); return -1; }
9339 // create a dispatch source to watch for changes to hosts file
9340 hostssrc
= dispatch_source_create(DISPATCH_SOURCE_TYPE_VNODE
, fd
,
9341 (DISPATCH_VNODE_DELETE
| DISPATCH_VNODE_WRITE
| DISPATCH_VNODE_RENAME
|
9342 DISPATCH_VNODE_ATTRIB
| DISPATCH_VNODE_EXTEND
| DISPATCH_VNODE_LINK
| DISPATCH_VNODE_REVOKE
), etcq
);
9343 if (hostssrc
== NULL
)
9348 dispatch_source_set_event_handler(hostssrc
,
9350 u_int32_t flags
= dispatch_source_get_data(hostssrc
);
9351 LogInfo("mDNSMacOSXGetEtcHostsFD: /etc/hosts changed 0x%x", flags
);
9352 if ((flags
& (DISPATCH_VNODE_DELETE
| DISPATCH_VNODE_RENAME
)) != 0)
9354 dispatch_source_cancel(hostssrc
);
9355 dispatch_release(hostssrc
);
9357 // Bug in LibDispatch: wait a second before scheduling the block. If we schedule
9358 // the block immediately, we try to open the file and the file may not exist and may
9359 // fail to get a notification in the future. When the file does not exist and
9360 // we start to monitor the directory, on "dispatch_resume" of that source, there
9361 // is no guarantee that the file creation will be notified always because when
9362 // the dispatch_resume returns, the kevent manager may not have registered the
9363 // kevent yet but the file may have been created
9365 dispatch_async(etcq
, ^{mDNSMacOSXUpdateEtcHosts(m
);});
9368 if ((flags
& DISPATCH_VNODE_WRITE
) != 0)
9370 mDNSMacOSXUpdateEtcHosts(m
);
9373 dispatch_source_set_cancel_handler(hostssrc
, ^{LogInfo("mDNSMacOSXGetEtcHostsFD: Closing etchosts fd %d", fd
); close(fd
);});
9374 dispatch_resume(hostssrc
);
9376 // Cleanup /etc source, no need to watch it if we already have /etc/hosts
9379 dispatch_source_cancel(etcsrc
);
9380 dispatch_release(etcsrc
);
9384 LogInfo("mDNSMacOSXGetEtcHostsFD: /etc/hosts being monitored, and not etc");
9385 return hostssrc
? (int)dispatch_source_get_handle(hostssrc
) : -1;
9392 // When /etc/hosts is modified, flush all the cache records as there may be local
9393 // authoritative answers now
9394 mDNSlocal
void FlushAllCacheRecords(mDNS
*const m
)
9400 FORALL_CACHERECORDS(slot
, cg
, cr
)
9403 if (cr
->resrec
.InterfaceID
) continue;
9405 // If a resource record can answer A or AAAA, they need to be flushed so that we will
9406 // never used to deliver an ADD or RMV
9407 if (RRTypeAnswersQuestionType(&cr
->resrec
, kDNSType_A
) ||
9408 RRTypeAnswersQuestionType(&cr
->resrec
, kDNSType_AAAA
))
9410 LogInfo("FlushAllCacheRecords: Purging Resourcerecord %s", CRDisplayString(m
, cr
));
9411 mDNS_PurgeCacheResourceRecord(m
, cr
);
9416 // Add new entries to the core. If justCheck is set, this function does not add, just returns true
9417 mDNSlocal mDNSBool
EtcHostsAddNewEntries(mDNS
*const m
, AuthHash
*newhosts
, mDNSBool justCheck
)
9421 AuthRecord
*rr
, *primary
, *rrnext
;
9422 for (slot
= 0; slot
< AUTH_HASH_SLOTS
; slot
++)
9423 for (ag
= newhosts
->rrauth_hash
[slot
]; ag
; ag
= ag
->next
)
9426 for (rr
= ag
->members
; rr
; rr
= rrnext
)
9431 mDNSBool found
= mDNSfalse
;
9432 ag1
= AuthGroupForRecord(&m
->rrauth
, slot
, &rr
->resrec
);
9433 if (ag1
&& ag1
->members
)
9435 if (!primary
) primary
= ag1
->members
;
9439 // We are not using InterfaceID in checking for duplicates. This means,
9440 // if there are two addresses for a given name e.g., fe80::1%en0 and
9441 // fe80::1%en1, we only add the first one. It is not clear whether
9442 // this is a common case. To fix this, we also need to modify
9443 // mDNS_Register_internal in how it handles duplicates. If it becomes a
9444 // common case, we will fix it then.
9445 if (IdenticalResourceRecord(&rr1
->resrec
, &rr
->resrec
))
9447 LogInfo("EtcHostsAddNewEntries: Skipping, not adding %s", ARDisplayString(m
, rr1
));
9458 LogInfo("EtcHostsAddNewEntries: Entry %s not registered with core yet", ARDisplayString(m
, rr
));
9461 RemoveAuthRecord(m
, newhosts
, rr
);
9462 // if there is no primary, point to self
9463 rr
->RRSet
= (primary
? primary
: rr
);
9465 LogInfo("EtcHostsAddNewEntries: Adding %s", ARDisplayString(m
, rr
));
9466 if (mDNS_Register_internal(m
, rr
) != mStatus_NoError
)
9467 LogMsg("EtcHostsAddNewEntries: mDNS_Register failed for %s", ARDisplayString(m
, rr
));
9474 // Delete entries from the core that are no longer needed. If justCheck is set, this function
9475 // does not delete, just returns true
9476 mDNSlocal mDNSBool
EtcHostsDeleteOldEntries(mDNS
*const m
, AuthHash
*newhosts
, mDNSBool justCheck
)
9480 AuthRecord
*rr
, *primary
, *rrnext
;
9481 for (slot
= 0; slot
< AUTH_HASH_SLOTS
; slot
++)
9482 for (ag
= m
->rrauth
.rrauth_hash
[slot
]; ag
; ag
= ag
->next
)
9483 for (rr
= ag
->members
; rr
; rr
= rrnext
)
9485 mDNSBool found
= mDNSfalse
;
9489 if (rr
->RecordCallback
!= FreeEtcHosts
) continue;
9490 ag1
= AuthGroupForRecord(newhosts
, slot
, &rr
->resrec
);
9493 primary
= rr1
= ag1
->members
;
9496 if (IdenticalResourceRecord(&rr1
->resrec
, &rr
->resrec
))
9498 LogInfo("EtcHostsDeleteOldEntries: Old record %s found in new, skipping", ARDisplayString(m
, rr
));
9505 // there is no corresponding record in newhosts for the same name. This means
9506 // we should delete this from the core.
9511 LogInfo("EtcHostsDeleteOldEntries: Record %s not found in new, deleting", ARDisplayString(m
, rr
));
9514 // if primary is going away, make sure that the rest of the records
9515 // point to the new primary
9516 if (rr
== ag
->members
)
9518 AuthRecord
*new_primary
= rr
->next
;
9519 AuthRecord
*r
= new_primary
;
9524 LogInfo("EtcHostsDeleteOldEntries: Updating Resource Record %s to primary", ARDisplayString(m
, r
));
9525 r
->RRSet
= new_primary
;
9527 else LogMsg("EtcHostsDeleteOldEntries: ERROR!! Resource Record %s not pointing to primary %##s", ARDisplayString(m
, r
), r
->resrec
.name
);
9531 LogInfo("EtcHostsDeleteOldEntries: Deleting %s", ARDisplayString(m
, rr
));
9532 mDNS_Deregister_internal(m
, rr
, mDNS_Dereg_normal
);
9538 mDNSlocal
void UpdateEtcHosts(mDNS
*const m
, void *context
)
9540 AuthHash
*newhosts
= (AuthHash
*)context
;
9544 //Delete old entries from the core if they are not present in the newhosts
9545 EtcHostsDeleteOldEntries(m
, newhosts
, mDNSfalse
);
9546 // Add the new entries to the core if not already present in the core
9547 EtcHostsAddNewEntries(m
, newhosts
, mDNSfalse
);
9550 mDNSlocal
void FreeNewHosts(AuthHash
*newhosts
)
9553 AuthGroup
*ag
, *agnext
;
9554 AuthRecord
*rr
, *rrnext
;
9556 for (slot
= 0; slot
< AUTH_HASH_SLOTS
; slot
++)
9557 for (ag
= newhosts
->rrauth_hash
[slot
]; ag
; ag
= agnext
)
9560 for (rr
= ag
->members
; rr
; rr
= rrnext
)
9563 freeL("etchosts", rr
);
9565 freeL("AuthGroups", ag
);
9569 mDNSlocal
void mDNSMacOSXUpdateEtcHosts(mDNS
*const m
)
9573 // As we will be modifying the core, we can only have one thread running at
9574 // any point in time.
9577 mDNSPlatformMemZero(&newhosts
, sizeof(AuthHash
));
9579 // Get the file desecriptor (will trigger us to start watching for changes)
9580 int fd
= mDNSMacOSXGetEtcHostsFD(m
);
9583 LogInfo("mDNSMacOSXUpdateEtcHosts: Parsing /etc/hosts fd %d", fd
);
9584 mDNSMacOSXParseEtcHosts(m
, fd
, &newhosts
);
9586 else LogInfo("mDNSMacOSXUpdateEtcHosts: /etc/hosts is not present");
9588 // Optimization: Detect whether /etc/hosts changed or not.
9590 // 1. Check to see if there are any new entries. We do this by seeing whether any entries in
9591 // newhosts is already registered with core. If we find at least one entry that is not
9592 // registered with core, then it means we have work to do.
9594 // 2. Next, we check to see if any of the entries that are registered with core is not present
9595 // in newhosts. If we find at least one entry that is not present, it means we have work to
9598 // Note: We may not have to hold the lock right here as KQueueLock is held which prevents any
9599 // other thread from running. But mDNS_Lock is needed here as we will be traversing the core
9600 // data structure in EtcHostsDeleteOldEntries/NewEntries which might expect the lock to be held
9601 // in the future and this code does not have to change.
9603 // Add the new entries to the core if not already present in the core
9604 if (!EtcHostsAddNewEntries(m
, &newhosts
, mDNStrue
))
9606 // No new entries to add, check to see if we need to delete any old entries from the
9607 // core if they are not present in the newhosts
9608 if (!EtcHostsDeleteOldEntries(m
, &newhosts
, mDNStrue
))
9610 LogInfo("mDNSMacOSXUpdateEtcHosts: No work");
9612 KQueueUnlock(m
, "/etc/hosts changed");
9613 FreeNewHosts(&newhosts
);
9618 // This will flush the cache, stop and start the query so that the queries
9619 // can look at the /etc/hosts again
9623 // We can't delete and free the records here. We wait for the mDNSCoreRestartAddressQueries to
9624 // deliver RMV events. It has to be done in a deferred way because we can't deliver RMV
9625 // events for local records *before* the RMV events for cache records. mDNSCoreRestartAddressQueries
9626 // delivers these events in the right order and then calls us back to delete them.
9628 // Similarly, we do a deferred Registration of the record because mDNSCoreRestartAddressQueries
9629 // is a common function that looks at all local auth records and delivers a RMV including
9630 // the records that we might add here. If we deliver a ADD here, it will get a RMV and then when
9631 // the query is restarted, it will get another ADD. To avoid this (ADD-RMV-ADD), we defer registering
9632 // the record until the RMVs are delivered in mDNSCoreRestartAddressQueries after which UpdateEtcHosts
9633 // is called back where we do the Registration of the record. This results in RMV followed by ADD which
9635 mDNSCoreRestartAddressQueries(m
, mDNSfalse
, FlushAllCacheRecords
, UpdateEtcHosts
, &newhosts
);
9638 KQueueUnlock(m
, "/etc/hosts changed");
9639 FreeNewHosts(&newhosts
);
9642 #if COMPILER_LIKES_PRAGMA_MARK
9644 #pragma mark - Initialization & Teardown
9647 CF_EXPORT CFDictionaryRef
_CFCopySystemVersionDictionary(void);
9648 CF_EXPORT
const CFStringRef _kCFSystemVersionProductNameKey
;
9649 CF_EXPORT
const CFStringRef _kCFSystemVersionProductVersionKey
;
9650 CF_EXPORT
const CFStringRef _kCFSystemVersionBuildVersionKey
;
9652 // Major version 13 is 10.9.x
9653 mDNSexport
void mDNSMacOSXSystemBuildNumber(char *HINFO_SWstring
)
9655 int major
= 0, minor
= 0;
9656 char letter
= 0, prodname
[256]="<Unknown>", prodvers
[256]="<Unknown>", buildver
[256]="<Unknown>";
9657 CFDictionaryRef vers
= _CFCopySystemVersionDictionary();
9660 CFStringRef cfprodname
= CFDictionaryGetValue(vers
, _kCFSystemVersionProductNameKey
);
9661 CFStringRef cfprodvers
= CFDictionaryGetValue(vers
, _kCFSystemVersionProductVersionKey
);
9662 CFStringRef cfbuildver
= CFDictionaryGetValue(vers
, _kCFSystemVersionBuildVersionKey
);
9664 CFStringGetCString(cfprodname
, prodname
, sizeof(prodname
), kCFStringEncodingUTF8
);
9666 CFStringGetCString(cfprodvers
, prodvers
, sizeof(prodvers
), kCFStringEncodingUTF8
);
9667 if (cfbuildver
&& CFStringGetCString(cfbuildver
, buildver
, sizeof(buildver
), kCFStringEncodingUTF8
))
9668 sscanf(buildver
, "%d%c%d", &major
, &letter
, &minor
);
9674 LogMsg("Note: No Major Build Version number found; assuming 13");
9677 mDNS_snprintf(HINFO_SWstring
, 256, "%s %s (%s), %s", prodname
, prodvers
, buildver
, STRINGIFY(mDNSResponderVersion
));
9678 //LogMsg("%s %s (%s), %d %c %d", prodname, prodvers, buildver, major, letter, minor);
9680 // If product name is "Mac OS X" (or similar) we set OSXVers, else we set iOSVers;
9681 if ((prodname
[0] & 0xDF) == 'M')
9687 // Test to see if we're the first client running on UDP port 5353, by trying to bind to 5353 without using SO_REUSEPORT.
9688 // If we fail, someone else got here first. That's not a big problem; we can share the port for multicast responses --
9689 // we just need to be aware that we shouldn't expect to successfully receive unicast UDP responses.
9690 mDNSlocal mDNSBool
mDNSPlatformInit_CanReceiveUnicast(void)
9693 int s
= socket(AF_INET
, SOCK_DGRAM
, IPPROTO_UDP
);
9695 LogMsg("mDNSPlatformInit_CanReceiveUnicast: socket error %d errno %d (%s)", s
, errno
, strerror(errno
));
9698 struct sockaddr_in s5353
;
9699 s5353
.sin_family
= AF_INET
;
9700 s5353
.sin_port
= MulticastDNSPort
.NotAnInteger
;
9701 s5353
.sin_addr
.s_addr
= 0;
9702 err
= bind(s
, (struct sockaddr
*)&s5353
, sizeof(s5353
));
9706 if (err
) LogMsg("No unicast UDP responses");
9707 else debugf("Unicast UDP responses okay");
9711 mDNSlocal
void CreatePTRRecord(mDNS
*const m
, const domainname
*domain
)
9714 const domainname
*pname
= (domainname
*)"\x9" "localhost";
9716 rr
= mallocL("localhosts", sizeof(*rr
));
9717 if (rr
== NULL
) return;
9718 mDNSPlatformMemZero(rr
, sizeof(*rr
));
9720 mDNS_SetupResourceRecord(rr
, mDNSNULL
, mDNSInterface_LocalOnly
, kDNSType_PTR
, kHostNameTTL
, kDNSRecordTypeKnownUnique
, AuthRecordLocalOnly
, mDNSNULL
, mDNSNULL
);
9721 AssignDomainName(&rr
->namestorage
, domain
);
9723 rr
->resrec
.rdlength
= DomainNameLength(pname
);
9724 rr
->resrec
.rdata
->u
.name
.c
[0] = 0;
9725 AssignDomainName(&rr
->resrec
.rdata
->u
.name
, pname
);
9727 rr
->resrec
.namehash
= DomainNameHashValue(rr
->resrec
.name
);
9728 SetNewRData(&rr
->resrec
, mDNSNULL
, 0); // Sets rr->rdatahash for us
9729 mDNS_Register(m
, rr
);
9732 // Setup PTR records for 127.0.0.1 and ::1. This helps answering them locally rather than relying
9733 // on the external DNS server to answer this. Sometimes, the DNS servers don't respond in a timely
9734 // fashion and applications depending on this e.g., telnetd, times out after 30 seconds creating
9735 // a bad user experience. For now, we specifically create only localhosts to handle radar://9354225
9737 // Note: We could have set this up while parsing the entries in /etc/hosts. But this is kept separate
9738 // intentionally to avoid adding to the complexity of code handling /etc/hosts.
9739 mDNSlocal
void SetupLocalHostRecords(mDNS
*const m
)
9741 char buffer
[MAX_REVERSE_MAPPING_NAME
];
9744 struct in6_addr addr
;
9745 mDNSu8
*ptr
= addr
.__u6_addr
.__u6_addr8
;
9747 if (inet_pton(AF_INET
, "127.0.0.1", &addr
) == 1)
9749 mDNS_snprintf(buffer
, sizeof(buffer
), "%d.%d.%d.%d.in-addr.arpa.",
9750 ptr
[3], ptr
[2], ptr
[1], ptr
[0]);
9751 MakeDomainNameFromDNSNameString(&name
, buffer
);
9752 CreatePTRRecord(m
, &name
);
9754 else LogMsg("SetupLocalHostRecords: ERROR!! inet_pton AF_INET failed");
9756 if (inet_pton(AF_INET6
, "::1", &addr
) == 1)
9758 for (i
= 0; i
< 16; i
++)
9760 static const char hexValues
[] = "0123456789ABCDEF";
9761 buffer
[i
* 4 ] = hexValues
[ptr
[15 - i
] & 0x0F];
9762 buffer
[i
* 4 + 1] = '.';
9763 buffer
[i
* 4 + 2] = hexValues
[ptr
[15 - i
] >> 4];
9764 buffer
[i
* 4 + 3] = '.';
9766 mDNS_snprintf(&buffer
[64], sizeof(buffer
)-64, "ip6.arpa.");
9767 MakeDomainNameFromDNSNameString(&name
, buffer
);
9768 CreatePTRRecord(m
, &name
);
9770 else LogMsg("SetupLocalHostRecords: ERROR!! inet_pton AF_INET6 failed");
9773 // Construction of Default Browse domain list (i.e. when clients pass NULL) is as follows:
9774 // 1) query for b._dns-sd._udp.local on LocalOnly interface
9775 // (.local manually generated via explicit callback)
9776 // 2) for each search domain (from prefs pane), query for b._dns-sd._udp.<searchdomain>.
9777 // 3) for each result from (2), register LocalOnly PTR record b._dns-sd._udp.local. -> <result>
9778 // 4) result above should generate a callback from question in (1). result added to global list
9779 // 5) global list delivered to client via GetSearchDomainList()
9780 // 6) client calls to enumerate domains now go over LocalOnly interface
9781 // (!!!KRS may add outgoing interface in addition)
9783 mDNSlocal mStatus
mDNSPlatformInit_setup(mDNS
*const m
)
9786 m
->p
->CFRunLoop
= CFRunLoopGetCurrent();
9788 char HINFO_SWstring
[256] = "";
9789 mDNSMacOSXSystemBuildNumber(HINFO_SWstring
);
9791 err
= mDNSHelperInit();
9795 DynamicStoreQueue
= dispatch_queue_create("com.apple.mDNSResponder.DynamicStoreQueue", NULL
);
9796 if (DynamicStoreQueue
== NULL
)
9798 LogMsg("dispatch_queue_create: DynamicStoreQueue NULL!");
9799 return mStatus_NoMemoryErr
;
9802 // Store mDNSResponder Platform
9805 m
->mDNS_plat
= platform_OSX
;
9810 m
->mDNS_plat
= platform_Atv
;
9812 m
->mDNS_plat
= platform_iOS
;
9816 m
->mDNS_plat
= platform_NonApple
;
9819 // In 10.4, mDNSResponder is launched very early in the boot process, while other subsystems are still in the process of starting up.
9820 // If we can't read the user's preferences, then we sleep a bit and try again, for up to five seconds before we give up.
9822 for (i
=0; i
<100; i
++)
9824 domainlabel testlabel
;
9826 GetUserSpecifiedLocalHostName(&testlabel
);
9827 if (testlabel
.c
[0]) break;
9831 m
->hostlabel
.c
[0] = 0;
9833 int get_model
[2] = { CTL_HW
, HW_MODEL
};
9834 size_t len_model
= sizeof(HINFO_HWstring_buffer
);
9836 // Normal Apple model names are of the form "iPhone2,1", and
9837 // internal code names are strings containing no commas, e.g. "N88AP".
9838 // We used to ignore internal code names, but Apple now uses these internal code names
9839 // even in released shipping products, so we no longer ignore strings containing no commas.
9840 // if (sysctl(get_model, 2, HINFO_HWstring_buffer, &len_model, NULL, 0) == 0 && strchr(HINFO_HWstring_buffer, ','))
9841 if (sysctl(get_model
, 2, HINFO_HWstring_buffer
, &len_model
, NULL
, 0) == 0)
9842 HINFO_HWstring
= HINFO_HWstring_buffer
;
9844 // For names of the form "iPhone2,1" we use "iPhone" as the prefix for automatic name generation.
9845 // For names of the form "N88AP" containg no comma, we use the entire string.
9846 HINFO_HWstring_prefixlen
= strchr(HINFO_HWstring_buffer
, ',') ? strcspn(HINFO_HWstring
, "0123456789") : strlen(HINFO_HWstring
);
9848 if (mDNSPlatformInit_CanReceiveUnicast())
9849 m
->CanReceiveUnicastOn5353
= mDNStrue
;
9851 mDNSu32 hlen
= mDNSPlatformStrLen(HINFO_HWstring
);
9852 mDNSu32 slen
= mDNSPlatformStrLen(HINFO_SWstring
);
9853 if (hlen
+ slen
< 254)
9855 m
->HIHardware
.c
[0] = hlen
;
9856 m
->HISoftware
.c
[0] = slen
;
9857 mDNSPlatformMemCopy(&m
->HIHardware
.c
[1], HINFO_HWstring
, hlen
);
9858 mDNSPlatformMemCopy(&m
->HISoftware
.c
[1], HINFO_SWstring
, slen
);
9861 m
->p
->permanentsockets
.port
= MulticastDNSPort
;
9862 m
->p
->permanentsockets
.m
= m
;
9863 m
->p
->permanentsockets
.sktv4
= -1;
9864 m
->p
->permanentsockets
.kqsv4
.KQcallback
= myKQSocketCallBack
;
9865 m
->p
->permanentsockets
.kqsv4
.KQcontext
= &m
->p
->permanentsockets
;
9866 m
->p
->permanentsockets
.kqsv4
.KQtask
= "UDP packet reception";
9867 m
->p
->permanentsockets
.sktv6
= -1;
9868 m
->p
->permanentsockets
.kqsv6
.KQcallback
= myKQSocketCallBack
;
9869 m
->p
->permanentsockets
.kqsv6
.KQcontext
= &m
->p
->permanentsockets
;
9870 m
->p
->permanentsockets
.kqsv6
.KQtask
= "UDP packet reception";
9872 err
= SetupSocket(&m
->p
->permanentsockets
, MulticastDNSPort
, AF_INET
, mDNSNULL
);
9873 err
= SetupSocket(&m
->p
->permanentsockets
, MulticastDNSPort
, AF_INET6
, mDNSNULL
);
9875 struct sockaddr_in s4
;
9876 socklen_t n4
= sizeof(s4
);
9877 if (getsockname(m
->p
->permanentsockets
.sktv4
, (struct sockaddr
*)&s4
, &n4
) < 0)
9878 LogMsg("getsockname v4 error %d (%s)", errno
, strerror(errno
));
9880 m
->UnicastPort4
.NotAnInteger
= s4
.sin_port
;
9882 if (m
->p
->permanentsockets
.sktv6
>= 0)
9884 struct sockaddr_in6 s6
;
9885 socklen_t n6
= sizeof(s6
);
9886 if (getsockname(m
->p
->permanentsockets
.sktv6
, (struct sockaddr
*)&s6
, &n6
) < 0) LogMsg("getsockname v6 error %d (%s)", errno
, strerror(errno
));
9887 else m
->UnicastPort6
.NotAnInteger
= s6
.sin6_port
;
9890 m
->p
->InterfaceList
= mDNSNULL
;
9891 m
->p
->userhostlabel
.c
[0] = 0;
9892 m
->p
->usernicelabel
.c
[0] = 0;
9893 m
->p
->prevoldnicelabel
.c
[0] = 0;
9894 m
->p
->prevnewnicelabel
.c
[0] = 0;
9895 m
->p
->prevoldhostlabel
.c
[0] = 0;
9896 m
->p
->prevnewhostlabel
.c
[0] = 0;
9897 m
->p
->NotifyUser
= 0;
9898 m
->p
->KeyChainTimer
= 0;
9899 m
->p
->WakeAtUTC
= 0;
9900 m
->p
->RequestReSleep
= 0;
9901 // Assume that everything is good to begin with. If something is not working,
9902 // we will detect that when we start sending questions.
9903 m
->p
->v4answers
= 1;
9904 m
->p
->v6answers
= 1;
9905 m
->p
->DNSTrigger
= 0;
9906 m
->p
->LastConfigGeneration
= 0;
9908 #if APPLE_OSX_mDNSResponder
9909 uuid_generate(m
->asl_uuid
);
9912 m
->AutoTunnelRelayAddr
= zerov6Addr
;
9914 NetworkChangedKey_IPv4
= SCDynamicStoreKeyCreateNetworkGlobalEntity(NULL
, kSCDynamicStoreDomainState
, kSCEntNetIPv4
);
9915 NetworkChangedKey_IPv6
= SCDynamicStoreKeyCreateNetworkGlobalEntity(NULL
, kSCDynamicStoreDomainState
, kSCEntNetIPv6
);
9916 NetworkChangedKey_Hostnames
= SCDynamicStoreKeyCreateHostNames(NULL
);
9917 NetworkChangedKey_Computername
= SCDynamicStoreKeyCreateComputerName(NULL
);
9918 NetworkChangedKey_DNS
= SCDynamicStoreKeyCreateNetworkGlobalEntity(NULL
, kSCDynamicStoreDomainState
, kSCEntNetDNS
);
9919 NetworkChangedKey_StateInterfacePrefix
= SCDynamicStoreKeyCreateNetworkInterfaceEntity(NULL
, kSCDynamicStoreDomainState
, CFSTR(""), NULL
);
9920 if (!NetworkChangedKey_IPv4
|| !NetworkChangedKey_IPv6
|| !NetworkChangedKey_Hostnames
|| !NetworkChangedKey_Computername
|| !NetworkChangedKey_DNS
|| !NetworkChangedKey_StateInterfacePrefix
)
9921 { LogMsg("SCDynamicStore string setup failed"); return(mStatus_NoMemoryErr
); }
9923 err
= WatchForNetworkChanges(m
);
9924 if (err
) { LogMsg("mDNSPlatformInit_setup: WatchForNetworkChanges failed %d", err
); return(err
); }
9926 #if 0 // <rdar://problem/6751656>
9927 err
= WatchForPMChanges(m
);
9928 if (err
) { LogMsg("mDNSPlatformInit_setup: WatchForPMChanges failed %d", err
); return(err
); }
9931 err
= WatchForSysEvents(m
);
9932 if (err
) { LogMsg("mDNSPlatformInit_setup: WatchForSysEvents failed %d", err
); return(err
); }
9934 mDNSs32 utc
= mDNSPlatformUTC();
9935 m
->SystemWakeOnLANEnabled
= SystemWakeForNetworkAccess();
9936 UpdateInterfaceList(m
, utc
);
9937 SetupActiveInterfaces(m
, utc
);
9939 // Explicitly ensure that our Keychain operations utilize the system domain.
9940 #ifndef NO_SECURITYFRAMEWORK
9941 SecKeychainSetPreferenceDomain(kSecPreferencesDomainSystem
);
9945 SetDomainSecrets(m
);
9949 #ifndef NO_SECURITYFRAMEWORK
9950 err
= SecKeychainAddCallback(KeychainChanged
, kSecAddEventMask
|kSecDeleteEventMask
|kSecUpdateEventMask
, m
);
9951 if (err
) { LogMsg("mDNSPlatformInit_setup: SecKeychainAddCallback failed %d", err
); return(err
); }
9954 #if !defined(kIOPMAcknowledgmentOptionSystemCapabilityRequirements) || TARGET_OS_EMBEDDED
9955 LogMsg("Note: Compiled without SnowLeopard Fine-Grained Power Management support");
9958 IOReturn iopmerr
= IOPMConnectionCreate(CFSTR("mDNSResponder"), kIOPMSystemPowerStateCapabilityCPU
, &c
);
9959 if (iopmerr
) LogMsg("IOPMConnectionCreate failed %d", iopmerr
);
9962 iopmerr
= IOPMConnectionSetNotification(c
, m
, SnowLeopardPowerChanged
);
9963 if (iopmerr
) LogMsg("IOPMConnectionSetNotification failed %d", iopmerr
);
9966 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
9967 IOPMConnectionSetDispatchQueue(c
, dispatch_get_main_queue());
9968 LogInfo("IOPMConnectionSetDispatchQueue is now running");
9970 iopmerr
= IOPMConnectionScheduleWithRunLoop(c
, CFRunLoopGetCurrent(), kCFRunLoopDefaultMode
);
9971 if (iopmerr
) LogMsg("IOPMConnectionScheduleWithRunLoop failed %d", iopmerr
);
9972 LogInfo("IOPMConnectionScheduleWithRunLoop is now running");
9973 #endif /* MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM */
9976 m
->p
->IOPMConnection
= iopmerr
? mDNSNULL
: c
;
9977 if (iopmerr
) // If IOPMConnectionCreate unavailable or failed, proceed with old-style power notification code below
9978 #endif // kIOPMAcknowledgmentOptionSystemCapabilityRequirements
9980 m
->p
->PowerConnection
= IORegisterForSystemPower(m
, &m
->p
->PowerPortRef
, PowerChanged
, &m
->p
->PowerNotifier
);
9981 if (!m
->p
->PowerConnection
) { LogMsg("mDNSPlatformInit_setup: IORegisterForSystemPower failed"); return(-1); }
9984 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
9985 IONotificationPortSetDispatchQueue(m
->p
->PowerPortRef
, dispatch_get_main_queue());
9987 CFRunLoopAddSource(CFRunLoopGetCurrent(), IONotificationPortGetRunLoopSource(m
->p
->PowerPortRef
), kCFRunLoopDefaultMode
);
9988 #endif /* MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM */
9992 #if APPLE_OSX_mDNSResponder
9993 // Note: We use SPMetricPortability > 35 to indicate a laptop of some kind
9994 // SPMetricPortability <= 35 means nominally a non-portable machine (i.e. Mac mini or better)
9995 // Apple TVs, AirPort base stations, and Time Capsules do not actually weigh 3kg, but we assign them
9996 // higher 'nominal' masses to indicate they should be treated as being relatively less portable than a laptop
9997 if (!strncasecmp(HINFO_HWstring
, "Xserve", 6)) { SPMetricPortability
= 25 /* 30kg */; SPMetricMarginalPower
= 84 /* 250W */; SPMetricTotalPower
= 85 /* 300W */; }
9998 else if (!strncasecmp(HINFO_HWstring
, "RackMac", 7)) { SPMetricPortability
= 25 /* 30kg */; SPMetricMarginalPower
= 84 /* 250W */; SPMetricTotalPower
= 85 /* 300W */; }
9999 else if (!strncasecmp(HINFO_HWstring
, "MacPro", 6)) { SPMetricPortability
= 27 /* 20kg */; SPMetricMarginalPower
= 84 /* 250W */; SPMetricTotalPower
= 85 /* 300W */; }
10000 else if (!strncasecmp(HINFO_HWstring
, "PowerMac", 8)) { SPMetricPortability
= 27 /* 20kg */; SPMetricMarginalPower
= 82 /* 160W */; SPMetricTotalPower
= 83 /* 200W */; }
10001 else if (!strncasecmp(HINFO_HWstring
, "iMac", 4)) { SPMetricPortability
= 30 /* 10kg */; SPMetricMarginalPower
= 77 /* 50W */; SPMetricTotalPower
= 78 /* 60W */; }
10002 else if (!strncasecmp(HINFO_HWstring
, "Macmini", 7)) { SPMetricPortability
= 33 /* 5kg */; SPMetricMarginalPower
= 73 /* 20W */; SPMetricTotalPower
= 74 /* 25W */; }
10003 else if (!strncasecmp(HINFO_HWstring
, "TimeCapsule", 11)) { SPMetricPortability
= 34 /* 4kg */; SPMetricMarginalPower
= 10 /* ~0W */; SPMetricTotalPower
= 70 /* 13W */; }
10004 else if (!strncasecmp(HINFO_HWstring
, "AirPort", 7)) { SPMetricPortability
= 35 /* 3kg */; SPMetricMarginalPower
= 10 /* ~0W */; SPMetricTotalPower
= 70 /* 12W */; }
10005 else if ( IsAppleTV() ) { SPMetricPortability
= 35 /* 3kg */; SPMetricMarginalPower
= 60 /* 1W */; SPMetricTotalPower
= 63 /* 2W */; }
10006 else if (!strncasecmp(HINFO_HWstring
, "MacBook", 7)) { SPMetricPortability
= 37 /* 2kg */; SPMetricMarginalPower
= 71 /* 13W */; SPMetricTotalPower
= 72 /* 15W */; }
10007 else if (!strncasecmp(HINFO_HWstring
, "PowerBook", 9)) { SPMetricPortability
= 37 /* 2kg */; SPMetricMarginalPower
= 71 /* 13W */; SPMetricTotalPower
= 72 /* 15W */; }
10008 LogSPS("HW_MODEL: %.*s (%s) Portability %d Marginal Power %d Total Power %d Features %d",
10009 HINFO_HWstring_prefixlen
, HINFO_HWstring
, HINFO_HWstring
, SPMetricPortability
, SPMetricMarginalPower
, SPMetricTotalPower
, SPMetricFeatures
);
10010 #endif // APPLE_OSX_mDNSResponder
10012 // Currently this is not defined. SSL code will eventually fix this. If it becomes
10013 // critical, we will define this to workaround the bug in SSL.
10014 #ifdef __SSL_NEEDS_SERIALIZATION__
10015 SSLqueue
= dispatch_queue_create("com.apple.mDNSResponder.SSLQueue", NULL
);
10017 SSLqueue
= dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT
, 0);
10019 if (SSLqueue
== mDNSNULL
) LogMsg("dispatch_queue_create: SSL queue NULL");
10021 mDNSMacOSXUpdateEtcHosts(m
);
10022 SetupLocalHostRecords(m
);
10025 return(mStatus_NoError
);
10028 mDNSexport mStatus
mDNSPlatformInit(mDNS
*const m
)
10030 #if MDNS_NO_DNSINFO
10031 LogMsg("Note: Compiled without Apple-specific Split-DNS support");
10034 // Adding interfaces will use this flag, so set it now.
10035 m
->DivertMulticastAdvertisements
= !m
->AdvertiseLocalAddresses
;
10037 #if APPLE_OSX_mDNSResponder
10038 m
->SPSBrowseCallback
= UpdateSPSStatus
;
10039 #endif // APPLE_OSX_mDNSResponder
10041 mStatus result
= mDNSPlatformInit_setup(m
);
10043 // We don't do asynchronous initialization on OS X, so by the time we get here the setup will already
10044 // have succeeded or failed -- so if it succeeded, we should just call mDNSCoreInitComplete() immediately
10045 if (result
== mStatus_NoError
)
10047 mDNSCoreInitComplete(m
, mStatus_NoError
);
10050 // We only initialize if mDNSCore successfully initialized.
10053 D2DStatus ds
= D2DInitialize(m
->p
->CFRunLoop
, xD2DServiceCallback
, m
) ;
10054 if (ds
!= kD2DSuccess
)
10055 LogMsg("D2DInitialiize failed: %d", ds
);
10057 LogMsg("D2DInitialize succeeded");
10062 result
= DNSSECCryptoInit(m
);
10066 mDNSexport
void mDNSPlatformClose(mDNS
*const m
)
10068 if (m
->p
->PowerConnection
)
10070 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
10071 IONotificationPortSetDispatchQueue(m
->p
->PowerPortRef
, NULL
);
10073 CFRunLoopRemoveSource(CFRunLoopGetCurrent(), IONotificationPortGetRunLoopSource(m
->p
->PowerPortRef
), kCFRunLoopDefaultMode
);
10075 // According to <http://developer.apple.com/qa/qa2004/qa1340.html>, a single call
10076 // to IORegisterForSystemPower creates *three* objects that need to be disposed individually:
10077 IODeregisterForSystemPower(&m
->p
->PowerNotifier
);
10078 IOServiceClose ( m
->p
->PowerConnection
);
10079 IONotificationPortDestroy ( m
->p
->PowerPortRef
);
10080 m
->p
->PowerConnection
= 0;
10085 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
10086 if (!SCDynamicStoreSetDispatchQueue(m
->p
->Store
, NULL
))
10087 LogMsg("mDNSPlatformClose: SCDynamicStoreSetDispatchQueue failed");
10089 CFRunLoopRemoveSource(CFRunLoopGetCurrent(), m
->p
->StoreRLS
, kCFRunLoopDefaultMode
);
10090 CFRunLoopSourceInvalidate(m
->p
->StoreRLS
);
10091 CFRelease(m
->p
->StoreRLS
);
10092 m
->p
->StoreRLS
= NULL
;
10094 CFRelease(m
->p
->Store
);
10095 m
->p
->Store
= NULL
;
10100 CFRunLoopRemoveSource(CFRunLoopGetCurrent(), m
->p
->PMRLS
, kCFRunLoopDefaultMode
);
10101 CFRunLoopSourceInvalidate(m
->p
->PMRLS
);
10102 CFRelease(m
->p
->PMRLS
);
10103 m
->p
->PMRLS
= NULL
;
10106 if (m
->p
->SysEventNotifier
>= 0) { close(m
->p
->SysEventNotifier
); m
->p
->SysEventNotifier
= -1; }
10111 D2DStatus ds
= D2DTerminate();
10112 if (ds
!= kD2DSuccess
)
10113 LogMsg("D2DTerminate failed: %d", ds
);
10115 LogMsg("D2DTerminate succeeded");
10119 mDNSs32 utc
= mDNSPlatformUTC();
10120 MarkAllInterfacesInactive(m
, utc
);
10121 ClearInactiveInterfaces(m
, utc
);
10122 CloseSocketSet(&m
->p
->permanentsockets
);
10124 #if APPLE_OSX_mDNSResponder
10125 // clean up tunnels
10126 while (m
->TunnelClients
)
10128 ClientTunnel
*cur
= m
->TunnelClients
;
10129 LogInfo("mDNSPlatformClose: removing client tunnel %p %##s from list", cur
, cur
->dstname
.c
);
10130 if (cur
->q
.ThisQInterval
>= 0) mDNS_StopQuery(m
, &cur
->q
);
10131 AutoTunnelSetKeys(cur
, mDNSfalse
);
10132 m
->TunnelClients
= cur
->next
;
10133 freeL("ClientTunnel", cur
);
10136 if (AnonymousRacoonConfig
)
10138 AnonymousRacoonConfig
= mDNSNULL
;
10139 LogInfo("mDNSPlatformClose: Deconfiguring autotunnel");
10140 (void)mDNSConfigureServer(kmDNSDown
, mDNSNULL
, mDNSNULL
);
10142 #endif // APPLE_OSX_mDNSResponder
10145 #if COMPILER_LIKES_PRAGMA_MARK
10147 #pragma mark - General Platform Support Layer functions
10150 mDNSexport mDNSu32
mDNSPlatformRandomNumber(void)
10152 return(arc4random());
10155 mDNSexport mDNSs32 mDNSPlatformOneSecond
= 1000;
10156 mDNSexport mDNSu32 mDNSPlatformClockDivisor
= 0;
10158 mDNSexport mStatus
mDNSPlatformTimeInit(void)
10160 // Notes: Typical values for mach_timebase_info:
10161 // tbi.numer = 1000 million
10162 // tbi.denom = 33 million
10163 // These are set such that (mach_absolute_time() * numer/denom) gives us nanoseconds;
10164 // numer / denom = nanoseconds per hardware clock tick (e.g. 30);
10165 // denom / numer = hardware clock ticks per nanosecond (e.g. 0.033)
10166 // (denom*1000000) / numer = hardware clock ticks per millisecond (e.g. 33333)
10167 // So: mach_absolute_time() / ((denom*1000000)/numer) = milliseconds
10169 // Arithmetic notes:
10170 // tbi.denom is at least 1, and not more than 2^32-1.
10171 // Therefore (tbi.denom * 1000000) is at least one million, but cannot overflow a uint64_t.
10172 // tbi.denom is at least 1, and not more than 2^32-1.
10173 // Therefore clockdivisor should end up being a number roughly in the range 10^3 - 10^9.
10174 // If clockdivisor is less than 10^3 then that means that the native clock frequency is less than 1MHz,
10175 // which is unlikely on any current or future Macintosh.
10176 // If clockdivisor is greater than 10^9 then that means the native clock frequency is greater than 1000GHz.
10177 // When we ship Macs with clock frequencies above 1000GHz, we may have to update this code.
10178 struct mach_timebase_info tbi
;
10179 kern_return_t result
= mach_timebase_info(&tbi
);
10180 if (result
== KERN_SUCCESS
) mDNSPlatformClockDivisor
= ((uint64_t)tbi
.denom
* 1000000) / tbi
.numer
;
10184 mDNSexport mDNSs32
mDNSPlatformRawTime(void)
10186 if (mDNSPlatformClockDivisor
== 0) { LogMsg("mDNSPlatformRawTime called before mDNSPlatformTimeInit"); return(0); }
10188 static uint64_t last_mach_absolute_time
= 0;
10189 //static uint64_t last_mach_absolute_time = 0x8000000000000000LL; // Use this value for testing the alert display
10190 uint64_t this_mach_absolute_time
= mach_absolute_time();
10191 if ((int64_t)this_mach_absolute_time
- (int64_t)last_mach_absolute_time
< 0)
10193 LogMsg("mDNSPlatformRawTime: last_mach_absolute_time %08X%08X", last_mach_absolute_time
);
10194 LogMsg("mDNSPlatformRawTime: this_mach_absolute_time %08X%08X", this_mach_absolute_time
);
10195 // Update last_mach_absolute_time *before* calling NotifyOfElusiveBug()
10196 last_mach_absolute_time
= this_mach_absolute_time
;
10197 // Note: This bug happens all the time on 10.3
10198 NotifyOfElusiveBug("mach_absolute_time went backwards!",
10199 "This error occurs from time to time, often on newly released hardware, "
10200 "and usually the exact cause is different in each instance.\r\r"
10201 "Please file a new Radar bug report with the title “mach_absolute_time went backwards” "
10202 "and assign it to Radar Component “Kernel” Version “X”.");
10204 last_mach_absolute_time
= this_mach_absolute_time
;
10206 return((mDNSs32
)(this_mach_absolute_time
/ mDNSPlatformClockDivisor
));
10209 mDNSexport mDNSs32
mDNSPlatformUTC(void)
10214 // Locking is a no-op here, because we're single-threaded with a CFRunLoop, so we can never interrupt ourselves
10215 mDNSexport
void mDNSPlatformLock (const mDNS
*const m
) { (void)m
; }
10216 mDNSexport
void mDNSPlatformUnlock (const mDNS
*const m
) { (void)m
; }
10217 mDNSexport
void mDNSPlatformStrCopy( void *dst
, const void *src
) { strcpy((char *)dst
, (char *)src
); }
10218 mDNSexport mDNSu32
mDNSPlatformStrLen ( const void *src
) { return(strlen((char*)src
)); }
10219 mDNSexport
void mDNSPlatformMemCopy( void *dst
, const void *src
, mDNSu32 len
) { memcpy(dst
, src
, len
); }
10220 mDNSexport mDNSBool
mDNSPlatformMemSame(const void *dst
, const void *src
, mDNSu32 len
) { return(memcmp(dst
, src
, len
) == 0); }
10221 mDNSexport
int mDNSPlatformMemCmp(const void *dst
, const void *src
, mDNSu32 len
) { return(memcmp(dst
, src
, len
)); }
10222 mDNSexport
void mDNSPlatformMemZero( void *dst
, mDNSu32 len
) { memset(dst
, 0, len
); }
10223 mDNSexport
void mDNSPlatformQsort ( void *base
, int nel
, int width
, int (*compar
)(const void *, const void *))
10225 return (qsort(base
, nel
, width
, compar
));
10227 #if !(APPLE_OSX_mDNSResponder && MACOSX_MDNS_MALLOC_DEBUGGING)
10228 mDNSexport
void * mDNSPlatformMemAllocate(mDNSu32 len
) { return(mallocL("mDNSPlatformMemAllocate", len
)); }
10230 mDNSexport
void mDNSPlatformMemFree (void *mem
) { freeL("mDNSPlatformMemFree", mem
); }
10232 mDNSexport
void mDNSPlatformSetAllowSleep(mDNS
*const m
, mDNSBool allowSleep
, const char *reason
)
10234 if (allowSleep
&& m
->p
->IOPMAssertion
)
10236 LogInfo("%s Destroying NoIdleSleep power assertion", __FUNCTION__
);
10237 IOPMAssertionRelease(m
->p
->IOPMAssertion
);
10238 m
->p
->IOPMAssertion
= 0;
10240 else if (!allowSleep
)
10242 #ifdef kIOPMAssertionTypeNoIdleSleep
10243 if (m
->p
->IOPMAssertion
)
10245 IOPMAssertionRelease(m
->p
->IOPMAssertion
);
10246 m
->p
->IOPMAssertion
= 0;
10249 CFStringRef assertionName
= CFStringCreateWithFormat(kCFAllocatorDefault
, NULL
, CFSTR("%s.%d %s"), getprogname(), getpid(), reason
? reason
: "");
10250 IOPMAssertionCreateWithName(kIOPMAssertionTypeNoIdleSleep
, kIOPMAssertionLevelOn
, assertionName
? assertionName
: CFSTR("mDNSResponder"), &m
->p
->IOPMAssertion
);
10251 if (assertionName
) CFRelease(assertionName
);
10252 LogInfo("%s Creating NoIdleSleep power assertion", __FUNCTION__
);
10257 mDNSexport
void mDNSPlatformSendWakeupPacket(mDNS
*const m
, mDNSInterfaceID InterfaceID
, char *EthAddr
, char *IPAddr
, int iteration
)
10262 ifindex
= mDNSPlatformInterfaceIndexfromInterfaceID(m
, InterfaceID
, mDNStrue
);
10265 LogMsg("mDNSPlatformSendWakeupPacket: ERROR!! Invalid InterfaceID %u", ifindex
);
10268 mDNSSendWakeupPacket(ifindex
, EthAddr
, IPAddr
, iteration
);
10271 mDNSexport mDNSBool
mDNSPlatformInterfaceIsD2D(mDNSInterfaceID InterfaceID
)
10273 NetworkInterfaceInfoOSX
*info
;
10275 if (InterfaceID
== mDNSInterface_P2P
)
10278 if ( (InterfaceID
== mDNSInterface_Any
)
10279 || (InterfaceID
== mDNSInterfaceMark
)
10280 || (InterfaceID
== mDNSInterface_LocalOnly
)
10281 || (InterfaceID
== mDNSInterface_Unicast
))
10284 info
= IfindexToInterfaceInfoOSX(&mDNSStorage
, InterfaceID
);
10287 // this log message can print when operations are stopped on an interface that has gone away
10288 LogInfo("mDNSPlatformInterfaceIsD2D: Invalid interface index %d", InterfaceID
);
10292 return (mDNSBool
) info
->D2DInterface
;
10295 // Filter records send over P2P (D2D) type interfaces
10296 // Note that the terms P2P and D2D are used synonymously in the current code and comments.
10297 mDNSexport mDNSBool
mDNSPlatformValidRecordForInterface(AuthRecord
*rr
, const NetworkInterfaceInfo
*intf
)
10299 // For an explicit match to a valid interface ID, return true.
10300 if (rr
->resrec
.InterfaceID
== intf
->InterfaceID
)
10303 // Only filtering records for D2D type interfaces, return true for all other interface types.
10304 if (!mDNSPlatformInterfaceIsD2D(intf
->InterfaceID
))
10307 // If it's an AWDL interface the record must be explicitly marked to include AWDL.
10308 if (intf
->InterfaceID
== AWDLInterfaceID
)
10310 if (rr
->ARType
== AuthRecordAnyIncludeAWDL
|| rr
->ARType
== AuthRecordAnyIncludeAWDLandP2P
)
10316 // Send record if it is explicitly marked to include all other P2P type interfaces.
10317 if (rr
->ARType
== AuthRecordAnyIncludeP2P
|| rr
->ARType
== AuthRecordAnyIncludeAWDLandP2P
)
10320 // Don't send the record over this interface.
10324 // Filter questions send over P2P (D2D) type interfaces.
10325 mDNSexport mDNSBool
mDNSPlatformValidQuestionForInterface(DNSQuestion
*q
, const NetworkInterfaceInfo
*intf
)
10327 // For an explicit match to a valid interface ID, return true.
10328 if (q
->InterfaceID
== intf
->InterfaceID
)
10331 // Only filtering questions for D2D type interfaces
10332 if (!mDNSPlatformInterfaceIsD2D(intf
->InterfaceID
))
10335 // If it's an AWDL interface the question must be explicitly marked to include AWDL.
10336 if (intf
->InterfaceID
== AWDLInterfaceID
)
10338 if (q
->flags
& kDNSServiceFlagsIncludeAWDL
)
10344 // Sent question if it is explicitly marked to include all other P2P type interfaces.
10345 if (q
->flags
& kDNSServiceFlagsIncludeP2P
)
10348 // Don't send the question over this interface.
10352 // Returns true unless record was received over the AWDL interface and
10353 // the question was not specific to the AWDL interface or did not specify kDNSServiceInterfaceIndexAny
10354 // with the kDNSServiceFlagsIncludeAWDL flag set.
10355 mDNSexport mDNSBool
mDNSPlatformValidRecordForQuestion(const ResourceRecord
*const rr
, const DNSQuestion
*const q
)
10357 if (!rr
->InterfaceID
|| (rr
->InterfaceID
== q
->InterfaceID
))
10360 if ((rr
->InterfaceID
== AWDLInterfaceID
) && !(q
->flags
& kDNSServiceFlagsIncludeAWDL
))
10362 LogInfo("mDNSPlatformValidRecordForQuestion: Record recieved over AWDL not returned for %s %##s query",
10363 DNSTypeName(q
->qtype
), q
->qname
.c
);
10370 // formating time to RFC 4034 format
10371 mDNSexport
void mDNSPlatformFormatTime(unsigned long te
, mDNSu8
*buf
, int bufsize
)
10374 time_t t
= (time_t)te
;
10375 // Time since epoch : strftime takes "tm". Convert seconds to "tm" using
10376 // gmtime_r first and then use strftime
10377 gmtime_r(&t
, &tmTime
);
10378 strftime((char *)buf
, bufsize
, "%Y%m%d%H%M%S", &tmTime
);
10381 mDNSexport mDNSs32
mDNSPlatformGetPID()
10386 // Schedule a function asynchronously on the main queue
10387 mDNSexport
void mDNSPlatformDispatchAsync(mDNS
*const m
, void *context
, AsyncDispatchFunc func
)
10389 // KQueueLock/Unlock is used for two purposes
10391 // 1. We can't be running along with the KQueue thread and hence acquiring the lock
10392 // serializes the access to the "core"
10394 // 2. KQueueUnlock also sends a message wake up the KQueue thread which in turn wakes
10395 // up and calls udsserver_idle which schedules the messages across the uds socket.
10396 // If "func" delivers something to the uds socket from the dispatch thread, it will
10397 // not be delivered immediately if not for the Unlock.
10398 dispatch_async(dispatch_get_main_queue(), ^{
10401 KQueueUnlock(m
, "mDNSPlatformDispatchAsync");
10402 #ifdef MDNSRESPONDER_USES_LIB_DISPATCH_AS_PRIMARY_EVENT_LOOP_MECHANISM
10403 // KQueueUnlock is a noop. Hence, we need to run kick off the idle loop
10404 // to handle any message that "func" might deliver.
10405 TriggerEventCompletion();
10410 // definitions for device-info record construction
10411 #define DEVINFO_MODEL "model="
10412 #define DEVINFO_MODEL_LEN strlen(DEVINFO_MODEL)
10414 #define OSX_VER "osxvers="
10415 #define OSX_VER_LEN strlen(OSX_VER)
10416 #define VER_NUM_LEN 2 // 2 digits of version number added to base string
10418 // Bytes available in TXT record for model name after subtracting space for other
10419 // fixed size strings and their length bytes.
10420 #define MAX_MODEL_NAME_LEN (256 - (DEVINFO_MODEL_LEN + 1) - (OSX_VER_LEN + VER_NUM_LEN + 1))
10422 // Initialize device-info TXT record contents and return total length of record data.
10423 mDNSexport mDNSu32
initializeDeviceInfoTXT(mDNS
*m
, mDNSu8
*ptr
)
10425 mDNSu8
*bufferStart
= ptr
;
10426 mDNSu8 len
= m
->HIHardware
.c
[0] < MAX_MODEL_NAME_LEN
? m
->HIHardware
.c
[0] : MAX_MODEL_NAME_LEN
;
10428 *ptr
= DEVINFO_MODEL_LEN
+ len
; // total length of DEVINFO_MODEL string plus the hardware name string
10430 mDNSPlatformMemCopy(ptr
, DEVINFO_MODEL
, DEVINFO_MODEL_LEN
);
10431 ptr
+= DEVINFO_MODEL_LEN
;
10432 mDNSPlatformMemCopy(ptr
, m
->HIHardware
.c
+ 1, len
);
10435 // only include this string for OSX
10438 char ver_num
[VER_NUM_LEN
+ 1]; // version digits + null written by snprintf
10439 *ptr
= OSX_VER_LEN
+ VER_NUM_LEN
; // length byte
10441 mDNSPlatformMemCopy(ptr
, OSX_VER
, OSX_VER_LEN
);
10442 ptr
+= OSX_VER_LEN
;
10443 // convert version number to ASCII, add 1 for terminating null byte written by snprintf()
10444 snprintf(ver_num
, VER_NUM_LEN
+ 1, "%d", OSXVers
);
10445 mDNSPlatformMemCopy(ptr
, ver_num
, VER_NUM_LEN
);
10446 ptr
+= VER_NUM_LEN
;
10449 return (ptr
- bufferStart
);