"Fossies" - the Fresh Open Source Software Archive

Member "dnsmasq-2.85/src/dnsmasq.c" (7 Apr 2021, 58913 Bytes) of package /linux/misc/dns/dnsmasq-2.85.tar.xz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "dnsmasq.c" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 2.84_vs_2.85.

    1 /* dnsmasq is Copyright (c) 2000-2021 Simon Kelley
    2 
    3    This program is free software; you can redistribute it and/or modify
    4    it under the terms of the GNU General Public License as published by
    5    the Free Software Foundation; version 2 dated June, 1991, or
    6    (at your option) version 3 dated 29 June, 2007.
    7  
    8    This program is distributed in the hope that it will be useful,
    9    but WITHOUT ANY WARRANTY; without even the implied warranty of
   10    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   11    GNU General Public License for more details.
   12      
   13    You should have received a copy of the GNU General Public License
   14    along with this program.  If not, see <http://www.gnu.org/licenses/>.
   15 */
   16 
   17 /* Declare static char *compiler_opts  in config.h */
   18 #define DNSMASQ_COMPILE_OPTS
   19 
   20 #include "dnsmasq.h"
   21 
   22 struct daemon *daemon;
   23 
   24 static volatile pid_t pid = 0;
   25 static volatile int pipewrite;
   26 
   27 static int set_dns_listeners(time_t now);
   28 static void check_dns_listeners(time_t now);
   29 static void sig_handler(int sig);
   30 static void async_event(int pipe, time_t now);
   31 static void fatal_event(struct event_desc *ev, char *msg);
   32 static int read_event(int fd, struct event_desc *evp, char **msg);
   33 static void poll_resolv(int force, int do_reload, time_t now);
   34 
   35 int main (int argc, char **argv)
   36 {
   37   int bind_fallback = 0;
   38   time_t now;
   39   struct sigaction sigact;
   40   struct iname *if_tmp;
   41   int piperead, pipefd[2], err_pipe[2];
   42   struct passwd *ent_pw = NULL;
   43 #if defined(HAVE_SCRIPT)
   44   uid_t script_uid = 0;
   45   gid_t script_gid = 0;
   46 #endif
   47   struct group *gp = NULL;
   48   long i, max_fd = sysconf(_SC_OPEN_MAX);
   49   char *baduser = NULL;
   50   int log_err;
   51   int chown_warn = 0;
   52 #if defined(HAVE_LINUX_NETWORK)
   53   cap_user_header_t hdr = NULL;
   54   cap_user_data_t data = NULL;
   55   int need_cap_net_admin = 0;
   56   int need_cap_net_raw = 0;
   57   int need_cap_net_bind_service = 0;
   58   char *bound_device = NULL;
   59   int did_bind = 0;
   60   struct server *serv;
   61   char *netlink_warn;
   62 #endif 
   63 #if defined(HAVE_DHCP) || defined(HAVE_DHCP6)
   64   struct dhcp_context *context;
   65   struct dhcp_relay *relay;
   66 #endif
   67 #ifdef HAVE_TFTP
   68   int tftp_prefix_missing = 0;
   69 #endif
   70 
   71 #ifdef LOCALEDIR
   72   setlocale(LC_ALL, "");
   73   bindtextdomain("dnsmasq", LOCALEDIR); 
   74   textdomain("dnsmasq");
   75 #endif
   76 
   77   sigact.sa_handler = sig_handler;
   78   sigact.sa_flags = 0;
   79   sigemptyset(&sigact.sa_mask);
   80   sigaction(SIGUSR1, &sigact, NULL);
   81   sigaction(SIGUSR2, &sigact, NULL);
   82   sigaction(SIGHUP, &sigact, NULL);
   83   sigaction(SIGTERM, &sigact, NULL);
   84   sigaction(SIGALRM, &sigact, NULL);
   85   sigaction(SIGCHLD, &sigact, NULL);
   86   sigaction(SIGINT, &sigact, NULL);
   87   
   88   /* ignore SIGPIPE */
   89   sigact.sa_handler = SIG_IGN;
   90   sigaction(SIGPIPE, &sigact, NULL);
   91 
   92   umask(022); /* known umask, create leases and pid files as 0644 */
   93 
   94   rand_init(); /* Must precede read_opts() */
   95   
   96   read_opts(argc, argv, compile_opts);
   97  
   98 #ifdef HAVE_LINUX_NETWORK
   99   daemon->kernel_version = kernel_version();
  100 #endif
  101 
  102   if (daemon->edns_pktsz < PACKETSZ)
  103     daemon->edns_pktsz = PACKETSZ;
  104 
  105   /* Min buffer size: we check after adding each record, so there must be 
  106      memory for the largest packet, and the largest record so the
  107      min for DNS is PACKETSZ+MAXDNAME+RRFIXEDSZ which is < 1000.
  108      This might be increased is EDNS packet size if greater than the minimum. */ 
  109   daemon->packet_buff_sz = daemon->edns_pktsz + MAXDNAME + RRFIXEDSZ;
  110   daemon->packet = safe_malloc(daemon->packet_buff_sz);
  111   
  112   daemon->addrbuff = safe_malloc(ADDRSTRLEN);
  113   if (option_bool(OPT_EXTRALOG))
  114     daemon->addrbuff2 = safe_malloc(ADDRSTRLEN);
  115   
  116 #ifdef HAVE_DNSSEC
  117   if (option_bool(OPT_DNSSEC_VALID))
  118     {
  119       /* Note that both /000 and '.' are allowed within labels. These get
  120      represented in presentation format using NAME_ESCAPE as an escape
  121      character when in DNSSEC mode. 
  122      In theory, if all the characters in a name were /000 or
  123      '.' or NAME_ESCAPE then all would have to be escaped, so the 
  124      presentation format would be twice as long as the spec.
  125 
  126      daemon->namebuff was previously allocated by the option-reading
  127      code before we knew if we're in DNSSEC mode, so reallocate here. */
  128       free(daemon->namebuff);
  129       daemon->namebuff = safe_malloc(MAXDNAME * 2);
  130       daemon->keyname = safe_malloc(MAXDNAME * 2);
  131       daemon->workspacename = safe_malloc(MAXDNAME * 2);
  132       /* one char flag per possible RR in answer section (may get extended). */
  133       daemon->rr_status_sz = 64;
  134       daemon->rr_status = safe_malloc(sizeof(*daemon->rr_status) * daemon->rr_status_sz);
  135     }
  136 #endif
  137 
  138 #ifdef HAVE_DHCP
  139   if (!daemon->lease_file)
  140     {
  141       if (daemon->dhcp || daemon->dhcp6)
  142     daemon->lease_file = LEASEFILE;
  143     }
  144 #endif
  145   
  146   /* Ensure that at least stdin, stdout and stderr (fd 0, 1, 2) exist,
  147      otherwise file descriptors we create can end up being 0, 1, or 2 
  148      and then get accidentally closed later when we make 0, 1, and 2 
  149      open to /dev/null. Normally we'll be started with 0, 1 and 2 open, 
  150      but it's not guaranteed. By opening /dev/null three times, we 
  151      ensure that we're not using those fds for real stuff. */
  152   for (i = 0; i < 3; i++)
  153     open("/dev/null", O_RDWR); 
  154   
  155   /* Close any file descriptors we inherited apart from std{in|out|err} */
  156   close_fds(max_fd, -1, -1, -1);
  157   
  158 #ifndef HAVE_LINUX_NETWORK
  159 #  if !(defined(IP_RECVDSTADDR) && defined(IP_RECVIF) && defined(IP_SENDSRCADDR))
  160   if (!option_bool(OPT_NOWILD))
  161     {
  162       bind_fallback = 1;
  163       set_option_bool(OPT_NOWILD);
  164     }
  165 #  endif
  166   
  167   /* -- bind-dynamic not supported on !Linux, fall back to --bind-interfaces */
  168   if (option_bool(OPT_CLEVERBIND))
  169     {
  170       bind_fallback = 1;
  171       set_option_bool(OPT_NOWILD);
  172       reset_option_bool(OPT_CLEVERBIND);
  173     }
  174 #endif
  175 
  176 #ifndef HAVE_INOTIFY
  177   if (daemon->dynamic_dirs)
  178     die(_("dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"), NULL, EC_BADCONF);
  179 #endif
  180   
  181   if (option_bool(OPT_DNSSEC_VALID))
  182     {
  183 #ifdef HAVE_DNSSEC
  184       struct ds_config *ds;
  185 
  186       /* Must have at least a root trust anchor, or the DNSSEC code
  187      can loop forever. */
  188       for (ds = daemon->ds; ds; ds = ds->next)
  189     if (ds->name[0] == 0)
  190       break;
  191 
  192       if (!ds)
  193     die(_("no root trust anchor provided for DNSSEC"), NULL, EC_BADCONF);
  194       
  195       if (daemon->cachesize < CACHESIZ)
  196     die(_("cannot reduce cache size from default when DNSSEC enabled"), NULL, EC_BADCONF);
  197 #else 
  198       die(_("DNSSEC not available: set HAVE_DNSSEC in src/config.h"), NULL, EC_BADCONF);
  199 #endif
  200     }
  201 
  202 #ifndef HAVE_TFTP
  203   if (option_bool(OPT_TFTP))
  204     die(_("TFTP server not available: set HAVE_TFTP in src/config.h"), NULL, EC_BADCONF);
  205 #endif
  206 
  207 #ifdef HAVE_CONNTRACK
  208   if (option_bool(OPT_CONNTRACK) && (daemon->query_port != 0 || daemon->osport))
  209     die (_("cannot use --conntrack AND --query-port"), NULL, EC_BADCONF); 
  210 #else
  211   if (option_bool(OPT_CONNTRACK))
  212     die(_("conntrack support not available: set HAVE_CONNTRACK in src/config.h"), NULL, EC_BADCONF);
  213 #endif
  214 
  215 #ifdef HAVE_SOLARIS_NETWORK
  216   if (daemon->max_logs != 0)
  217     die(_("asynchronous logging is not available under Solaris"), NULL, EC_BADCONF);
  218 #endif
  219   
  220 #ifdef __ANDROID__
  221   if (daemon->max_logs != 0)
  222     die(_("asynchronous logging is not available under Android"), NULL, EC_BADCONF);
  223 #endif
  224 
  225 #ifndef HAVE_AUTH
  226   if (daemon->auth_zones)
  227     die(_("authoritative DNS not available: set HAVE_AUTH in src/config.h"), NULL, EC_BADCONF);
  228 #endif
  229 
  230 #ifndef HAVE_LOOP
  231   if (option_bool(OPT_LOOP_DETECT))
  232     die(_("loop detection not available: set HAVE_LOOP in src/config.h"), NULL, EC_BADCONF);
  233 #endif
  234 
  235 #ifndef HAVE_UBUS
  236   if (option_bool(OPT_UBUS))
  237     die(_("Ubus not available: set HAVE_UBUS in src/config.h"), NULL, EC_BADCONF);
  238 #endif
  239   
  240   /* Handle only one of min_port/max_port being set. */
  241   if (daemon->min_port != 0 && daemon->max_port == 0)
  242     daemon->max_port = MAX_PORT;
  243   
  244   if (daemon->max_port != 0 && daemon->min_port == 0)
  245     daemon->min_port = MIN_PORT;
  246    
  247   if (daemon->max_port < daemon->min_port)
  248     die(_("max_port cannot be smaller than min_port"), NULL, EC_BADCONF);
  249   
  250   now = dnsmasq_time();
  251 
  252   if (daemon->auth_zones)
  253     {
  254       if (!daemon->authserver)
  255     die(_("--auth-server required when an auth zone is defined."), NULL, EC_BADCONF);
  256 
  257       /* Create a serial at startup if not configured. */
  258 #ifdef HAVE_BROKEN_RTC
  259       if (daemon->soa_sn == 0)
  260     die(_("zone serial must be configured in --auth-soa"), NULL, EC_BADCONF);
  261 #else
  262       if (daemon->soa_sn == 0)
  263     daemon->soa_sn = now;
  264 #endif
  265     }
  266   
  267 #ifdef HAVE_DHCP6
  268   if (daemon->dhcp6)
  269     {
  270       daemon->doing_ra = option_bool(OPT_RA);
  271       
  272       for (context = daemon->dhcp6; context; context = context->next)
  273     {
  274       if (context->flags & CONTEXT_DHCP)
  275         daemon->doing_dhcp6 = 1;
  276       if (context->flags & CONTEXT_RA)
  277         daemon->doing_ra = 1;
  278 #if !defined(HAVE_LINUX_NETWORK) && !defined(HAVE_BSD_NETWORK)
  279       if (context->flags & CONTEXT_TEMPLATE)
  280         die (_("dhcp-range constructor not available on this platform"), NULL, EC_BADCONF);
  281 #endif 
  282     }
  283     }
  284 #endif
  285   
  286 #ifdef HAVE_DHCP
  287   /* Note that order matters here, we must call lease_init before
  288      creating any file descriptors which shouldn't be leaked
  289      to the lease-script init process. We need to call common_init
  290      before lease_init to allocate buffers it uses.
  291      The script subsystem relies on DHCP buffers, hence the last two
  292      conditions below. */  
  293   if (daemon->dhcp || daemon->doing_dhcp6 || daemon->relay4 || 
  294       daemon->relay6 || option_bool(OPT_TFTP) || option_bool(OPT_SCRIPT_ARP))
  295     {
  296       dhcp_common_init();
  297       if (daemon->dhcp || daemon->doing_dhcp6)
  298     lease_init(now);
  299     }
  300   
  301   if (daemon->dhcp || daemon->relay4)
  302     {
  303       dhcp_init();
  304 #   ifdef HAVE_LINUX_NETWORK
  305       if (!option_bool(OPT_NO_PING))
  306     need_cap_net_raw = 1;
  307       need_cap_net_admin = 1;
  308 #   endif
  309     }
  310   
  311 #  ifdef HAVE_DHCP6
  312   if (daemon->doing_ra || daemon->doing_dhcp6 || daemon->relay6)
  313     {
  314       ra_init(now);
  315 #   ifdef HAVE_LINUX_NETWORK
  316       need_cap_net_raw = 1;
  317       need_cap_net_admin = 1;
  318 #   endif
  319     }
  320   
  321   if (daemon->doing_dhcp6 || daemon->relay6)
  322     dhcp6_init();
  323 #  endif
  324 
  325 #endif
  326 
  327 #ifdef HAVE_IPSET
  328   if (daemon->ipsets)
  329     {
  330       ipset_init();
  331 #  ifdef HAVE_LINUX_NETWORK
  332       need_cap_net_admin = 1;
  333 #  endif
  334     }
  335 #endif
  336 
  337 #if  defined(HAVE_LINUX_NETWORK)
  338   netlink_warn = netlink_init();
  339 #elif defined(HAVE_BSD_NETWORK)
  340   route_init();
  341 #endif
  342 
  343   if (option_bool(OPT_NOWILD) && option_bool(OPT_CLEVERBIND))
  344     die(_("cannot set --bind-interfaces and --bind-dynamic"), NULL, EC_BADCONF);
  345   
  346   if (!enumerate_interfaces(1) || !enumerate_interfaces(0))
  347     die(_("failed to find list of interfaces: %s"), NULL, EC_MISC);
  348   
  349   if (option_bool(OPT_NOWILD) || option_bool(OPT_CLEVERBIND)) 
  350     {
  351       create_bound_listeners(1);
  352       
  353       if (!option_bool(OPT_CLEVERBIND))
  354     for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
  355       if (if_tmp->name && !if_tmp->used)
  356         die(_("unknown interface %s"), if_tmp->name, EC_BADNET);
  357 
  358 #if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP)
  359       /* after enumerate_interfaces()  */
  360       bound_device = whichdevice();
  361       
  362       if (daemon->dhcp)
  363     {
  364       if (!daemon->relay4 && bound_device)
  365         {
  366           bindtodevice(bound_device, daemon->dhcpfd);
  367           did_bind = 1;
  368         }
  369       if (daemon->enable_pxe && bound_device)
  370         {
  371           bindtodevice(bound_device, daemon->pxefd);
  372           did_bind = 1;
  373         }
  374     }
  375 #endif
  376 
  377 #if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP6)
  378       if (daemon->doing_dhcp6 && !daemon->relay6 && bound_device)
  379     {
  380       bindtodevice(bound_device, daemon->dhcp6fd);
  381       did_bind = 1;
  382     }
  383 #endif
  384     }
  385   else 
  386     create_wildcard_listeners();
  387  
  388 #ifdef HAVE_DHCP6
  389   /* after enumerate_interfaces() */
  390   if (daemon->doing_dhcp6 || daemon->relay6 || daemon->doing_ra)
  391     join_multicast(1);
  392 
  393   /* After netlink_init() and before create_helper() */
  394   lease_make_duid(now);
  395 #endif
  396   
  397   if (daemon->port != 0)
  398     {
  399       cache_init();
  400       blockdata_init();
  401       hash_questions_init();
  402 
  403       /* Scale random socket pool by ftabsize, but
  404      limit it based on available fds. */
  405       daemon->numrrand = daemon->ftabsize/2;
  406       if (daemon->numrrand > max_fd/3)
  407     daemon->numrrand = max_fd/3;
  408       /* safe_malloc returns zero'd memory */
  409       daemon->randomsocks = safe_malloc(daemon->numrrand * sizeof(struct randfd));
  410     }
  411 
  412 #ifdef HAVE_INOTIFY
  413   if ((daemon->port != 0 || daemon->dhcp || daemon->doing_dhcp6)
  414       && (!option_bool(OPT_NO_RESOLV) || daemon->dynamic_dirs))
  415     inotify_dnsmasq_init();
  416   else
  417     daemon->inotifyfd = -1;
  418 #endif
  419 
  420   if (daemon->dump_file)
  421 #ifdef HAVE_DUMPFILE
  422     dump_init();
  423   else 
  424     daemon->dumpfd = -1;
  425 #else
  426   die(_("Packet dumps not available: set HAVE_DUMP in src/config.h"), NULL, EC_BADCONF);
  427 #endif
  428   
  429   if (option_bool(OPT_DBUS))
  430 #ifdef HAVE_DBUS
  431     {
  432       char *err;
  433       daemon->dbus = NULL;
  434       daemon->watches = NULL;
  435       if ((err = dbus_init()))
  436     die(_("DBus error: %s"), err, EC_MISC);
  437     }
  438 #else
  439   die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL, EC_BADCONF);
  440 #endif
  441 
  442   if (option_bool(OPT_UBUS))
  443 #ifdef HAVE_UBUS
  444     {
  445       daemon->ubus = NULL;
  446       ubus_init();
  447     }
  448 #else
  449   die(_("UBus not available: set HAVE_UBUS in src/config.h"), NULL, EC_BADCONF);
  450 #endif
  451 
  452   if (daemon->port != 0)
  453     pre_allocate_sfds();
  454 
  455 #if defined(HAVE_SCRIPT)
  456   /* Note getpwnam returns static storage */
  457   if ((daemon->dhcp || daemon->dhcp6) && 
  458       daemon->scriptuser && 
  459       (daemon->lease_change_command || daemon->luascript))
  460     {
  461       struct passwd *scr_pw;
  462       
  463       if ((scr_pw = getpwnam(daemon->scriptuser)))
  464     {
  465       script_uid = scr_pw->pw_uid;
  466       script_gid = scr_pw->pw_gid;
  467      }
  468       else
  469     baduser = daemon->scriptuser;
  470     }
  471 #endif
  472   
  473   if (daemon->username && !(ent_pw = getpwnam(daemon->username)))
  474     baduser = daemon->username;
  475   else if (daemon->groupname && !(gp = getgrnam(daemon->groupname)))
  476     baduser = daemon->groupname;
  477 
  478   if (baduser)
  479     die(_("unknown user or group: %s"), baduser, EC_BADCONF);
  480 
  481   /* implement group defaults, "dip" if available, or group associated with uid */
  482   if (!daemon->group_set && !gp)
  483     {
  484       if (!(gp = getgrnam(CHGRP)) && ent_pw)
  485     gp = getgrgid(ent_pw->pw_gid);
  486       
  487       /* for error message */
  488       if (gp)
  489     daemon->groupname = gp->gr_name; 
  490     }
  491 
  492 #if defined(HAVE_LINUX_NETWORK)
  493   /* We keep CAP_NETADMIN (for ARP-injection) and
  494      CAP_NET_RAW (for icmp) if we're doing dhcp,
  495      if we have yet to bind ports because of DAD, 
  496      or we're doing it dynamically, we need CAP_NET_BIND_SERVICE. */
  497   if ((is_dad_listeners() || option_bool(OPT_CLEVERBIND)) &&
  498       (option_bool(OPT_TFTP) || (daemon->port != 0 && daemon->port <= 1024)))
  499     need_cap_net_bind_service = 1;
  500 
  501   /* usptream servers which bind to an interface call SO_BINDTODEVICE
  502      for each TCP connection, so need CAP_NET_RAW */
  503   for (serv = daemon->servers; serv; serv = serv->next)
  504     if (serv->interface[0] != 0)
  505       need_cap_net_raw = 1;
  506 
  507   /* If we're doing Dbus or UBus, the above can be set dynamically,
  508      (as can ports) so always (potentially) needed. */
  509 #ifdef HAVE_DBUS
  510   if (option_bool(OPT_DBUS))
  511     {
  512       need_cap_net_bind_service = 1;
  513       need_cap_net_raw = 1;
  514     }
  515 #endif
  516 
  517 #ifdef HAVE_UBUS
  518   if (option_bool(OPT_UBUS))
  519     {
  520       need_cap_net_bind_service = 1;
  521       need_cap_net_raw = 1;
  522     }
  523 #endif
  524   
  525   /* determine capability API version here, while we can still
  526      call safe_malloc */
  527   int capsize = 1; /* for header version 1 */
  528   char *fail = NULL;
  529   
  530   hdr = safe_malloc(sizeof(*hdr));
  531   
  532   /* find version supported by kernel */
  533   memset(hdr, 0, sizeof(*hdr));
  534   capget(hdr, NULL);
  535   
  536   if (hdr->version != LINUX_CAPABILITY_VERSION_1)
  537     {
  538       /* if unknown version, use largest supported version (3) */
  539       if (hdr->version != LINUX_CAPABILITY_VERSION_2)
  540     hdr->version = LINUX_CAPABILITY_VERSION_3;
  541       capsize = 2;
  542     }
  543   
  544   data = safe_malloc(sizeof(*data) * capsize);
  545   capget(hdr, data); /* Get current values, for verification */
  546 
  547   if (need_cap_net_admin && !(data->permitted & (1 << CAP_NET_ADMIN)))
  548     fail = "NET_ADMIN";
  549   else if (need_cap_net_raw && !(data->permitted & (1 << CAP_NET_RAW)))
  550     fail = "NET_RAW";
  551   else if (need_cap_net_bind_service && !(data->permitted & (1 << CAP_NET_BIND_SERVICE)))
  552     fail = "NET_BIND_SERVICE";
  553   
  554   if (fail)
  555     die(_("process is missing required capability %s"), fail, EC_MISC);
  556 
  557   /* Now set bitmaps to set caps after daemonising */
  558   memset(data, 0, sizeof(*data) * capsize);
  559   
  560   if (need_cap_net_admin)
  561     data->effective |= (1 << CAP_NET_ADMIN);
  562   if (need_cap_net_raw)
  563     data->effective |= (1 << CAP_NET_RAW);
  564   if (need_cap_net_bind_service)
  565     data->effective |= (1 << CAP_NET_BIND_SERVICE);
  566   
  567   data->permitted = data->effective;  
  568 #endif
  569 
  570   /* Use a pipe to carry signals and other events back to the event loop 
  571      in a race-free manner and another to carry errors to daemon-invoking process */
  572   safe_pipe(pipefd, 1);
  573   
  574   piperead = pipefd[0];
  575   pipewrite = pipefd[1];
  576   /* prime the pipe to load stuff first time. */
  577   send_event(pipewrite, EVENT_INIT, 0, NULL); 
  578 
  579   err_pipe[1] = -1;
  580   
  581   if (!option_bool(OPT_DEBUG))   
  582     {
  583       /* The following code "daemonizes" the process. 
  584      See Stevens section 12.4 */
  585       
  586       if (chdir("/") != 0)
  587     die(_("cannot chdir to filesystem root: %s"), NULL, EC_MISC); 
  588 
  589       if (!option_bool(OPT_NO_FORK))
  590     {
  591       pid_t pid;
  592       
  593       /* pipe to carry errors back to original process.
  594          When startup is complete we close this and the process terminates. */
  595       safe_pipe(err_pipe, 0);
  596       
  597       if ((pid = fork()) == -1)
  598         /* fd == -1 since we've not forked, never returns. */
  599         send_event(-1, EVENT_FORK_ERR, errno, NULL);
  600        
  601       if (pid != 0)
  602         {
  603           struct event_desc ev;
  604           char *msg;
  605 
  606           /* close our copy of write-end */
  607           close(err_pipe[1]);
  608           
  609           /* check for errors after the fork */
  610           if (read_event(err_pipe[0], &ev, &msg))
  611         fatal_event(&ev, msg);
  612           
  613           _exit(EC_GOOD);
  614         } 
  615       
  616       close(err_pipe[0]);
  617 
  618       /* NO calls to die() from here on. */
  619       
  620       setsid();
  621      
  622       if ((pid = fork()) == -1)
  623         send_event(err_pipe[1], EVENT_FORK_ERR, errno, NULL);
  624      
  625       if (pid != 0)
  626         _exit(0);
  627     }
  628             
  629       /* write pidfile _after_ forking ! */
  630       if (daemon->runfile)
  631     {
  632       int fd, err = 0;
  633 
  634       sprintf(daemon->namebuff, "%d\n", (int) getpid());
  635 
  636       /* Explanation: Some installations of dnsmasq (eg Debian/Ubuntu) locate the pid-file
  637          in a directory which is writable by the non-privileged user that dnsmasq runs as. This
  638          allows the daemon to delete the file as part of its shutdown. This is a security hole to the 
  639          extent that an attacker running as the unprivileged  user could replace the pidfile with a 
  640          symlink, and have the target of that symlink overwritten as root next time dnsmasq starts. 
  641 
  642          The following code first deletes any existing file, and then opens it with the O_EXCL flag,
  643          ensuring that the open() fails should there be any existing file (because the unlink() failed, 
  644          or an attacker exploited the race between unlink() and open()). This ensures that no symlink
  645          attack can succeed. 
  646 
  647          Any compromise of the non-privileged user still theoretically allows the pid-file to be
  648          replaced whilst dnsmasq is running. The worst that could allow is that the usual 
  649          "shutdown dnsmasq" shell command could be tricked into stopping any other process.
  650 
  651          Note that if dnsmasq is started as non-root (eg for testing) it silently ignores 
  652          failure to write the pid-file.
  653       */
  654 
  655       unlink(daemon->runfile); 
  656       
  657       if ((fd = open(daemon->runfile, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH)) == -1)
  658         {
  659           /* only complain if started as root */
  660           if (getuid() == 0)
  661         err = 1;
  662         }
  663       else
  664         {
  665           /* We're still running as root here. Change the ownership of the PID file
  666          to the user we will be running as. Note that this is not to allow
  667          us to delete the file, since that depends on the permissions 
  668          of the directory containing the file. That directory will
  669          need to by owned by the dnsmasq user, and the ownership of the
  670          file has to match, to keep systemd >273 happy. */
  671           if (getuid() == 0 && ent_pw && ent_pw->pw_uid != 0 && fchown(fd, ent_pw->pw_uid, ent_pw->pw_gid) == -1)
  672         chown_warn = errno;
  673 
  674           if (!read_write(fd, (unsigned char *)daemon->namebuff, strlen(daemon->namebuff), 0))
  675         err = 1;
  676           else
  677         {
  678           if (close(fd) == -1)
  679             err = 1;
  680         }
  681         }
  682 
  683       if (err)
  684         {
  685           send_event(err_pipe[1], EVENT_PIDFILE, errno, daemon->runfile);
  686           _exit(0);
  687         }
  688     }
  689     }
  690   
  691    log_err = log_start(ent_pw, err_pipe[1]);
  692 
  693    if (!option_bool(OPT_DEBUG)) 
  694      {       
  695        /* open  stdout etc to /dev/null */
  696        int nullfd = open("/dev/null", O_RDWR);
  697        if (nullfd != -1)
  698      {
  699        dup2(nullfd, STDOUT_FILENO);
  700        dup2(nullfd, STDERR_FILENO);
  701        dup2(nullfd, STDIN_FILENO);
  702        close(nullfd);
  703      }
  704      }
  705    
  706    /* if we are to run scripts, we need to fork a helper before dropping root. */
  707   daemon->helperfd = -1;
  708 #ifdef HAVE_SCRIPT 
  709   if ((daemon->dhcp || daemon->dhcp6 || option_bool(OPT_TFTP) || option_bool(OPT_SCRIPT_ARP)) && 
  710       (daemon->lease_change_command || daemon->luascript))
  711       daemon->helperfd = create_helper(pipewrite, err_pipe[1], script_uid, script_gid, max_fd);
  712 #endif
  713 
  714   if (!option_bool(OPT_DEBUG) && getuid() == 0)   
  715     {
  716       int bad_capabilities = 0;
  717       gid_t dummy;
  718       
  719       /* remove all supplementary groups */
  720       if (gp && 
  721       (setgroups(0, &dummy) == -1 ||
  722        setgid(gp->gr_gid) == -1))
  723     {
  724       send_event(err_pipe[1], EVENT_GROUP_ERR, errno, daemon->groupname);
  725       _exit(0);
  726     }
  727   
  728       if (ent_pw && ent_pw->pw_uid != 0)
  729     {     
  730 #if defined(HAVE_LINUX_NETWORK)   
  731       /* Need to be able to drop root. */
  732       data->effective |= (1 << CAP_SETUID);
  733       data->permitted |= (1 << CAP_SETUID);
  734       /* Tell kernel to not clear capabilities when dropping root */
  735       if (capset(hdr, data) == -1 || prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1)
  736         bad_capabilities = errno;
  737               
  738 #elif defined(HAVE_SOLARIS_NETWORK)
  739       /* http://developers.sun.com/solaris/articles/program_privileges.html */
  740       priv_set_t *priv_set;
  741       
  742       if (!(priv_set = priv_str_to_set("basic", ",", NULL)) ||
  743           priv_addset(priv_set, PRIV_NET_ICMPACCESS) == -1 ||
  744           priv_addset(priv_set, PRIV_SYS_NET_CONFIG) == -1)
  745         bad_capabilities = errno;
  746 
  747       if (priv_set && bad_capabilities == 0)
  748         {
  749           priv_inverse(priv_set);
  750       
  751           if (setppriv(PRIV_OFF, PRIV_LIMIT, priv_set) == -1)
  752         bad_capabilities = errno;
  753         }
  754 
  755       if (priv_set)
  756         priv_freeset(priv_set);
  757 
  758 #endif    
  759 
  760       if (bad_capabilities != 0)
  761         {
  762           send_event(err_pipe[1], EVENT_CAP_ERR, bad_capabilities, NULL);
  763           _exit(0);
  764         }
  765       
  766       /* finally drop root */
  767       if (setuid(ent_pw->pw_uid) == -1)
  768         {
  769           send_event(err_pipe[1], EVENT_USER_ERR, errno, daemon->username);
  770           _exit(0);
  771         }     
  772 
  773 #ifdef HAVE_LINUX_NETWORK
  774       data->effective &= ~(1 << CAP_SETUID);
  775       data->permitted &= ~(1 << CAP_SETUID);
  776       
  777       /* lose the setuid capability */
  778       if (capset(hdr, data) == -1)
  779         {
  780           send_event(err_pipe[1], EVENT_CAP_ERR, errno, NULL);
  781           _exit(0);
  782         }
  783 #endif
  784       
  785     }
  786     }
  787   
  788 #ifdef HAVE_LINUX_NETWORK
  789   free(hdr);
  790   free(data);
  791   if (option_bool(OPT_DEBUG)) 
  792     prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
  793 #endif
  794 
  795 #ifdef HAVE_TFTP
  796   if (option_bool(OPT_TFTP))
  797     {
  798       DIR *dir;
  799       struct tftp_prefix *p;
  800       
  801       if (daemon->tftp_prefix)
  802     {
  803       if (!((dir = opendir(daemon->tftp_prefix))))
  804         {
  805           tftp_prefix_missing = 1;
  806           if (!option_bool(OPT_TFTP_NO_FAIL))
  807             {
  808               send_event(err_pipe[1], EVENT_TFTP_ERR, errno, daemon->tftp_prefix);
  809               _exit(0);
  810             }
  811         }
  812       else
  813         closedir(dir);
  814     }
  815 
  816       for (p = daemon->if_prefix; p; p = p->next)
  817     {
  818       p->missing = 0;
  819       if (!((dir = opendir(p->prefix))))
  820         {
  821           p->missing = 1;
  822           if (!option_bool(OPT_TFTP_NO_FAIL))
  823         {
  824           send_event(err_pipe[1], EVENT_TFTP_ERR, errno, p->prefix);
  825           _exit(0);
  826         }
  827         }
  828       else
  829         closedir(dir);
  830     }
  831     }
  832 #endif
  833 
  834   if (daemon->port == 0)
  835     my_syslog(LOG_INFO, _("started, version %s DNS disabled"), VERSION);
  836   else 
  837     {
  838       if (daemon->cachesize != 0)
  839     {
  840       my_syslog(LOG_INFO, _("started, version %s cachesize %d"), VERSION, daemon->cachesize);
  841       if (daemon->cachesize > 10000)
  842         my_syslog(LOG_WARNING, _("cache size greater than 10000 may cause performance issues, and is unlikely to be useful."));
  843     }
  844       else
  845     my_syslog(LOG_INFO, _("started, version %s cache disabled"), VERSION);
  846 
  847       if (option_bool(OPT_LOCAL_SERVICE))
  848     my_syslog(LOG_INFO, _("DNS service limited to local subnets"));
  849     }
  850   
  851   my_syslog(LOG_INFO, _("compile time options: %s"), compile_opts);
  852 
  853   if (chown_warn != 0)
  854     my_syslog(LOG_WARNING, "chown of PID file %s failed: %s", daemon->runfile, strerror(chown_warn));
  855   
  856 #ifdef HAVE_DBUS
  857   if (option_bool(OPT_DBUS))
  858     {
  859       if (daemon->dbus)
  860     my_syslog(LOG_INFO, _("DBus support enabled: connected to system bus"));
  861       else
  862     my_syslog(LOG_INFO, _("DBus support enabled: bus connection pending"));
  863     }
  864 #endif
  865 
  866 #ifdef HAVE_UBUS
  867   if (option_bool(OPT_UBUS))
  868     {
  869       if (daemon->ubus)
  870         my_syslog(LOG_INFO, _("UBus support enabled: connected to system bus"));
  871       else
  872         my_syslog(LOG_INFO, _("UBus support enabled: bus connection pending"));
  873     }
  874 #endif
  875 
  876 #ifdef HAVE_DNSSEC
  877   if (option_bool(OPT_DNSSEC_VALID))
  878     {
  879       int rc;
  880       struct ds_config *ds;
  881       
  882       /* Delay creating the timestamp file until here, after we've changed user, so that
  883      it has the correct owner to allow updating the mtime later. 
  884      This means we have to report fatal errors via the pipe. */
  885       if ((rc = setup_timestamp()) == -1)
  886     {
  887       send_event(err_pipe[1], EVENT_TIME_ERR, errno, daemon->timestamp_file);
  888       _exit(0);
  889     }
  890       
  891       if (option_bool(OPT_DNSSEC_IGN_NS))
  892     my_syslog(LOG_INFO, _("DNSSEC validation enabled but all unsigned answers are trusted"));
  893       else
  894     my_syslog(LOG_INFO, _("DNSSEC validation enabled"));
  895       
  896       daemon->dnssec_no_time_check = option_bool(OPT_DNSSEC_TIME);
  897       if (option_bool(OPT_DNSSEC_TIME) && !daemon->back_to_the_future)
  898     my_syslog(LOG_INFO, _("DNSSEC signature timestamps not checked until receipt of SIGINT"));
  899       
  900       if (rc == 1)
  901     my_syslog(LOG_INFO, _("DNSSEC signature timestamps not checked until system time valid"));
  902 
  903       for (ds = daemon->ds; ds; ds = ds->next)
  904     my_syslog(LOG_INFO, _("configured with trust anchor for %s keytag %u"),
  905           ds->name[0] == 0 ? "<root>" : ds->name, ds->keytag);
  906     }
  907 #endif
  908 
  909   if (log_err != 0)
  910     my_syslog(LOG_WARNING, _("warning: failed to change owner of %s: %s"), 
  911           daemon->log_file, strerror(log_err));
  912   
  913   if (bind_fallback)
  914     my_syslog(LOG_WARNING, _("setting --bind-interfaces option because of OS limitations"));
  915 
  916   if (option_bool(OPT_NOWILD))
  917     warn_bound_listeners();
  918   else if (!option_bool(OPT_CLEVERBIND))
  919     warn_wild_labels();
  920 
  921   warn_int_names();
  922   
  923   if (!option_bool(OPT_NOWILD)) 
  924     for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
  925       if (if_tmp->name && !if_tmp->used)
  926     my_syslog(LOG_WARNING, _("warning: interface %s does not currently exist"), if_tmp->name);
  927    
  928   if (daemon->port != 0 && option_bool(OPT_NO_RESOLV))
  929     {
  930       if (daemon->resolv_files && !daemon->resolv_files->is_default)
  931     my_syslog(LOG_WARNING, _("warning: ignoring resolv-file flag because no-resolv is set"));
  932       daemon->resolv_files = NULL;
  933       if (!daemon->servers)
  934     my_syslog(LOG_WARNING, _("warning: no upstream servers configured"));
  935     } 
  936 
  937   if (daemon->max_logs != 0)
  938     my_syslog(LOG_INFO, _("asynchronous logging enabled, queue limit is %d messages"), daemon->max_logs);
  939   
  940 
  941 #ifdef HAVE_DHCP
  942   for (context = daemon->dhcp; context; context = context->next)
  943     log_context(AF_INET, context);
  944 
  945   for (relay = daemon->relay4; relay; relay = relay->next)
  946     log_relay(AF_INET, relay);
  947 
  948 #  ifdef HAVE_DHCP6
  949   for (context = daemon->dhcp6; context; context = context->next)
  950     log_context(AF_INET6, context);
  951 
  952   for (relay = daemon->relay6; relay; relay = relay->next)
  953     log_relay(AF_INET6, relay);
  954   
  955   if (daemon->doing_dhcp6 || daemon->doing_ra)
  956     dhcp_construct_contexts(now);
  957   
  958   if (option_bool(OPT_RA))
  959     my_syslog(MS_DHCP | LOG_INFO, _("IPv6 router advertisement enabled"));
  960 #  endif
  961 
  962 #  ifdef HAVE_LINUX_NETWORK
  963   if (did_bind)
  964     my_syslog(MS_DHCP | LOG_INFO, _("DHCP, sockets bound exclusively to interface %s"), bound_device);
  965 
  966   if (netlink_warn)
  967     my_syslog(LOG_WARNING, netlink_warn);
  968 #  endif
  969 
  970   /* after dhcp_construct_contexts */
  971   if (daemon->dhcp || daemon->doing_dhcp6)
  972     lease_find_interfaces(now);
  973 #endif
  974 
  975 #ifdef HAVE_TFTP
  976   if (option_bool(OPT_TFTP))
  977     {
  978       struct tftp_prefix *p;
  979 
  980       my_syslog(MS_TFTP | LOG_INFO, "TFTP %s%s %s %s", 
  981         daemon->tftp_prefix ? _("root is ") : _("enabled"),
  982         daemon->tftp_prefix ? daemon->tftp_prefix : "",
  983         option_bool(OPT_TFTP_SECURE) ? _("secure mode") : "",
  984         option_bool(OPT_SINGLE_PORT) ? _("single port mode") : "");
  985 
  986       if (tftp_prefix_missing)
  987     my_syslog(MS_TFTP | LOG_WARNING, _("warning: %s inaccessible"), daemon->tftp_prefix);
  988 
  989       for (p = daemon->if_prefix; p; p = p->next)
  990     if (p->missing)
  991        my_syslog(MS_TFTP | LOG_WARNING, _("warning: TFTP directory %s inaccessible"), p->prefix);
  992 
  993       /* This is a guess, it assumes that for small limits, 
  994      disjoint files might be served, but for large limits, 
  995      a single file will be sent to may clients (the file only needs
  996      one fd). */
  997 
  998       max_fd -= 30 + daemon->numrrand; /* use other than TFTP */
  999       
 1000       if (max_fd < 0)
 1001     max_fd = 5;
 1002       else if (max_fd < 100 && !option_bool(OPT_SINGLE_PORT))
 1003     max_fd = max_fd/2;
 1004       else
 1005     max_fd = max_fd - 20;
 1006       
 1007       /* if we have to use a limited range of ports, 
 1008      that will limit the number of transfers */
 1009       if (daemon->start_tftp_port != 0 &&
 1010       daemon->end_tftp_port - daemon->start_tftp_port + 1 < max_fd)
 1011     max_fd = daemon->end_tftp_port - daemon->start_tftp_port + 1;
 1012 
 1013       if (daemon->tftp_max > max_fd)
 1014     {
 1015       daemon->tftp_max = max_fd;
 1016       my_syslog(MS_TFTP | LOG_WARNING, 
 1017             _("restricting maximum simultaneous TFTP transfers to %d"), 
 1018             daemon->tftp_max);
 1019     }
 1020     }
 1021 #endif
 1022 
 1023   /* finished start-up - release original process */
 1024   if (err_pipe[1] != -1)
 1025     close(err_pipe[1]);
 1026   
 1027   if (daemon->port != 0)
 1028     check_servers();
 1029   
 1030   pid = getpid();
 1031 
 1032   daemon->pipe_to_parent = -1;
 1033   for (i = 0; i < MAX_PROCS; i++)
 1034     daemon->tcp_pipes[i] = -1;
 1035   
 1036 #ifdef HAVE_INOTIFY
 1037   /* Using inotify, have to select a resolv file at startup */
 1038   poll_resolv(1, 0, now);
 1039 #endif
 1040   
 1041   while (1)
 1042     {
 1043       int t, timeout = -1;
 1044       
 1045       poll_reset();
 1046       
 1047       /* if we are out of resources, find how long we have to wait
 1048      for some to come free, we'll loop around then and restart
 1049      listening for queries */
 1050       if ((t = set_dns_listeners(now)) != 0)
 1051     timeout = t * 1000;
 1052 
 1053       /* Whilst polling for the dbus, or doing a tftp transfer, wake every quarter second */
 1054       if (daemon->tftp_trans ||
 1055       (option_bool(OPT_DBUS) && !daemon->dbus))
 1056     timeout = 250;
 1057 
 1058       /* Wake every second whilst waiting for DAD to complete */
 1059       else if (is_dad_listeners())
 1060     timeout = 1000;
 1061 
 1062 #ifdef HAVE_DBUS
 1063       set_dbus_listeners();
 1064 #endif
 1065 
 1066 #ifdef HAVE_UBUS
 1067       if (option_bool(OPT_UBUS))
 1068         set_ubus_listeners();
 1069 #endif
 1070       
 1071 #ifdef HAVE_DHCP
 1072       if (daemon->dhcp || daemon->relay4)
 1073     {
 1074       poll_listen(daemon->dhcpfd, POLLIN);
 1075       if (daemon->pxefd != -1)
 1076         poll_listen(daemon->pxefd, POLLIN);
 1077     }
 1078 #endif
 1079 
 1080 #ifdef HAVE_DHCP6
 1081       if (daemon->doing_dhcp6 || daemon->relay6)
 1082     poll_listen(daemon->dhcp6fd, POLLIN);
 1083     
 1084       if (daemon->doing_ra)
 1085     poll_listen(daemon->icmp6fd, POLLIN); 
 1086 #endif
 1087     
 1088 #ifdef HAVE_INOTIFY
 1089       if (daemon->inotifyfd != -1)
 1090     poll_listen(daemon->inotifyfd, POLLIN);
 1091 #endif
 1092 
 1093 #if defined(HAVE_LINUX_NETWORK)
 1094       poll_listen(daemon->netlinkfd, POLLIN);
 1095 #elif defined(HAVE_BSD_NETWORK)
 1096       poll_listen(daemon->routefd, POLLIN);
 1097 #endif
 1098       
 1099       poll_listen(piperead, POLLIN);
 1100 
 1101 #ifdef HAVE_SCRIPT
 1102 #    ifdef HAVE_DHCP
 1103       while (helper_buf_empty() && do_script_run(now)); 
 1104 #    endif
 1105 
 1106       /* Refresh cache */
 1107       if (option_bool(OPT_SCRIPT_ARP))
 1108     find_mac(NULL, NULL, 0, now);
 1109       while (helper_buf_empty() && do_arp_script_run());
 1110 
 1111 #    ifdef HAVE_TFTP
 1112       while (helper_buf_empty() && do_tftp_script_run());
 1113 #    endif
 1114 
 1115       if (!helper_buf_empty())
 1116     poll_listen(daemon->helperfd, POLLOUT);
 1117 #else
 1118       /* need this for other side-effects */
 1119 #    ifdef HAVE_DHCP
 1120       while (do_script_run(now));
 1121 #    endif
 1122 
 1123       while (do_arp_script_run());
 1124 
 1125 #    ifdef HAVE_TFTP 
 1126       while (do_tftp_script_run());
 1127 #    endif
 1128 
 1129 #endif
 1130 
 1131    
 1132       /* must do this just before do_poll(), when we know no
 1133      more calls to my_syslog() can occur */
 1134       set_log_writer();
 1135       
 1136       if (do_poll(timeout) < 0)
 1137     continue;
 1138       
 1139       now = dnsmasq_time();
 1140 
 1141       check_log_writer(0);
 1142 
 1143       /* prime. */
 1144       enumerate_interfaces(1);
 1145 
 1146       /* Check the interfaces to see if any have exited DAD state
 1147      and if so, bind the address. */
 1148       if (is_dad_listeners())
 1149     {
 1150       enumerate_interfaces(0);
 1151       /* NB, is_dad_listeners() == 1 --> we're binding interfaces */
 1152       create_bound_listeners(0);
 1153       warn_bound_listeners();
 1154     }
 1155 
 1156 #if defined(HAVE_LINUX_NETWORK)
 1157       if (poll_check(daemon->netlinkfd, POLLIN))
 1158     netlink_multicast();
 1159 #elif defined(HAVE_BSD_NETWORK)
 1160       if (poll_check(daemon->routefd, POLLIN))
 1161     route_sock();
 1162 #endif
 1163 
 1164 #ifdef HAVE_INOTIFY
 1165       if  (daemon->inotifyfd != -1 && poll_check(daemon->inotifyfd, POLLIN) && inotify_check(now))
 1166     {
 1167       if (daemon->port != 0 && !option_bool(OPT_NO_POLL))
 1168         poll_resolv(1, 1, now);
 1169     }     
 1170 #else
 1171       /* Check for changes to resolv files once per second max. */
 1172       /* Don't go silent for long periods if the clock goes backwards. */
 1173       if (daemon->last_resolv == 0 || 
 1174       difftime(now, daemon->last_resolv) > 1.0 || 
 1175       difftime(now, daemon->last_resolv) < -1.0)
 1176     {
 1177       /* poll_resolv doesn't need to reload first time through, since 
 1178          that's queued anyway. */
 1179 
 1180       poll_resolv(0, daemon->last_resolv != 0, now);      
 1181       daemon->last_resolv = now;
 1182     }
 1183 #endif
 1184 
 1185       if (poll_check(piperead, POLLIN))
 1186     async_event(piperead, now);
 1187       
 1188 #ifdef HAVE_DBUS
 1189       /* if we didn't create a DBus connection, retry now. */ 
 1190      if (option_bool(OPT_DBUS) && !daemon->dbus)
 1191     {
 1192       char *err;
 1193       if ((err = dbus_init()))
 1194         my_syslog(LOG_WARNING, _("DBus error: %s"), err);
 1195       if (daemon->dbus)
 1196         my_syslog(LOG_INFO, _("connected to system DBus"));
 1197     }
 1198       check_dbus_listeners();
 1199 #endif
 1200 
 1201 #ifdef HAVE_UBUS
 1202       if (option_bool(OPT_UBUS))
 1203         {
 1204           /* if we didn't create a UBus connection, retry now. */
 1205           if (!daemon->ubus)
 1206             {
 1207               ubus_init();
 1208             }
 1209 
 1210           check_ubus_listeners();
 1211         }
 1212 #endif
 1213 
 1214       check_dns_listeners(now);
 1215 
 1216 #ifdef HAVE_TFTP
 1217       check_tftp_listeners(now);
 1218 #endif      
 1219 
 1220 #ifdef HAVE_DHCP
 1221       if (daemon->dhcp || daemon->relay4)
 1222     {
 1223       if (poll_check(daemon->dhcpfd, POLLIN))
 1224         dhcp_packet(now, 0);
 1225       if (daemon->pxefd != -1 && poll_check(daemon->pxefd, POLLIN))
 1226         dhcp_packet(now, 1);
 1227     }
 1228 
 1229 #ifdef HAVE_DHCP6
 1230       if ((daemon->doing_dhcp6 || daemon->relay6) && poll_check(daemon->dhcp6fd, POLLIN))
 1231     dhcp6_packet(now);
 1232 
 1233       if (daemon->doing_ra && poll_check(daemon->icmp6fd, POLLIN))
 1234     icmp6_packet(now);
 1235 #endif
 1236 
 1237 #  ifdef HAVE_SCRIPT
 1238       if (daemon->helperfd != -1 && poll_check(daemon->helperfd, POLLOUT))
 1239     helper_write();
 1240 #  endif
 1241 #endif
 1242 
 1243     }
 1244 }
 1245 
 1246 static void sig_handler(int sig)
 1247 {
 1248   if (pid == 0)
 1249     {
 1250       /* ignore anything other than TERM during startup
 1251      and in helper proc. (helper ignore TERM too) */
 1252       if (sig == SIGTERM || sig == SIGINT)
 1253     exit(EC_MISC);
 1254     }
 1255   else if (pid != getpid())
 1256     {
 1257       /* alarm is used to kill TCP children after a fixed time. */
 1258       if (sig == SIGALRM)
 1259     _exit(0);
 1260     }
 1261   else
 1262     {
 1263       /* master process */
 1264       int event, errsave = errno;
 1265       
 1266       if (sig == SIGHUP)
 1267     event = EVENT_RELOAD;
 1268       else if (sig == SIGCHLD)
 1269     event = EVENT_CHILD;
 1270       else if (sig == SIGALRM)
 1271     event = EVENT_ALARM;
 1272       else if (sig == SIGTERM)
 1273     event = EVENT_TERM;
 1274       else if (sig == SIGUSR1)
 1275     event = EVENT_DUMP;
 1276       else if (sig == SIGUSR2)
 1277     event = EVENT_REOPEN;
 1278       else if (sig == SIGINT)
 1279     {
 1280       /* Handle SIGINT normally in debug mode, so
 1281          ctrl-c continues to operate. */
 1282       if (option_bool(OPT_DEBUG))
 1283         exit(EC_MISC);
 1284       else
 1285         event = EVENT_TIME;
 1286     }
 1287       else
 1288     return;
 1289 
 1290       send_event(pipewrite, event, 0, NULL); 
 1291       errno = errsave;
 1292     }
 1293 }
 1294 
 1295 /* now == 0 -> queue immediate callback */
 1296 void send_alarm(time_t event, time_t now)
 1297 {
 1298   if (now == 0 || event != 0)
 1299     {
 1300       /* alarm(0) or alarm(-ve) doesn't do what we want.... */
 1301       if ((now == 0 || difftime(event, now) <= 0.0))
 1302     send_event(pipewrite, EVENT_ALARM, 0, NULL);
 1303       else 
 1304     alarm((unsigned)difftime(event, now)); 
 1305     }
 1306 }
 1307 
 1308 void queue_event(int event)
 1309 {
 1310   send_event(pipewrite, event, 0, NULL);
 1311 }
 1312 
 1313 void send_event(int fd, int event, int data, char *msg)
 1314 {
 1315   struct event_desc ev;
 1316   struct iovec iov[2];
 1317 
 1318   ev.event = event;
 1319   ev.data = data;
 1320   ev.msg_sz = msg ? strlen(msg) : 0;
 1321   
 1322   iov[0].iov_base = &ev;
 1323   iov[0].iov_len = sizeof(ev);
 1324   iov[1].iov_base = msg;
 1325   iov[1].iov_len = ev.msg_sz;
 1326   
 1327   /* error pipe, debug mode. */
 1328   if (fd == -1)
 1329     fatal_event(&ev, msg);
 1330   else
 1331     /* pipe is non-blocking and struct event_desc is smaller than
 1332        PIPE_BUF, so this either fails or writes everything */
 1333     while (writev(fd, iov, msg ? 2 : 1) == -1 && errno == EINTR);
 1334 }
 1335 
 1336 /* NOTE: the memory used to return msg is leaked: use msgs in events only
 1337    to describe fatal errors. */
 1338 static int read_event(int fd, struct event_desc *evp, char **msg)
 1339 {
 1340   char *buf;
 1341 
 1342   if (!read_write(fd, (unsigned char *)evp, sizeof(struct event_desc), 1))
 1343     return 0;
 1344   
 1345   *msg = NULL;
 1346   
 1347   if (evp->msg_sz != 0 && 
 1348       (buf = malloc(evp->msg_sz + 1)) &&
 1349       read_write(fd, (unsigned char *)buf, evp->msg_sz, 1))
 1350     {
 1351       buf[evp->msg_sz] = 0;
 1352       *msg = buf;
 1353     }
 1354 
 1355   return 1;
 1356 }
 1357     
 1358 static void fatal_event(struct event_desc *ev, char *msg)
 1359 {
 1360   errno = ev->data;
 1361   
 1362   switch (ev->event)
 1363     {
 1364     case EVENT_DIE:
 1365       exit(0);
 1366 
 1367     case EVENT_FORK_ERR:
 1368       die(_("cannot fork into background: %s"), NULL, EC_MISC);
 1369 
 1370       /* fall through */
 1371     case EVENT_PIPE_ERR:
 1372       die(_("failed to create helper: %s"), NULL, EC_MISC);
 1373 
 1374       /* fall through */
 1375     case EVENT_CAP_ERR:
 1376       die(_("setting capabilities failed: %s"), NULL, EC_MISC);
 1377 
 1378       /* fall through */
 1379     case EVENT_USER_ERR:
 1380       die(_("failed to change user-id to %s: %s"), msg, EC_MISC);
 1381 
 1382       /* fall through */
 1383     case EVENT_GROUP_ERR:
 1384       die(_("failed to change group-id to %s: %s"), msg, EC_MISC);
 1385 
 1386       /* fall through */
 1387     case EVENT_PIDFILE:
 1388       die(_("failed to open pidfile %s: %s"), msg, EC_FILE);
 1389 
 1390       /* fall through */
 1391     case EVENT_LOG_ERR:
 1392       die(_("cannot open log %s: %s"), msg, EC_FILE);
 1393 
 1394       /* fall through */
 1395     case EVENT_LUA_ERR:
 1396       die(_("failed to load Lua script: %s"), msg, EC_MISC);
 1397 
 1398       /* fall through */
 1399     case EVENT_TFTP_ERR:
 1400       die(_("TFTP directory %s inaccessible: %s"), msg, EC_FILE);
 1401 
 1402       /* fall through */
 1403     case EVENT_TIME_ERR:
 1404       die(_("cannot create timestamp file %s: %s" ), msg, EC_BADCONF);
 1405     }
 1406 }   
 1407       
 1408 static void async_event(int pipe, time_t now)
 1409 {
 1410   pid_t p;
 1411   struct event_desc ev;
 1412   int i, check = 0;
 1413   char *msg;
 1414   
 1415   /* NOTE: the memory used to return msg is leaked: use msgs in events only
 1416      to describe fatal errors. */
 1417   
 1418   if (read_event(pipe, &ev, &msg))
 1419     switch (ev.event)
 1420       {
 1421       case EVENT_RELOAD:
 1422     daemon->soa_sn++; /* Bump zone serial, as it may have changed. */
 1423     
 1424     /* fall through */
 1425     
 1426       case EVENT_INIT:
 1427     clear_cache_and_reload(now);
 1428     
 1429     if (daemon->port != 0)
 1430       {
 1431         if (daemon->resolv_files && option_bool(OPT_NO_POLL))
 1432           {
 1433         reload_servers(daemon->resolv_files->name);
 1434         check = 1;
 1435           }
 1436 
 1437         if (daemon->servers_file)
 1438           {
 1439         read_servers_file();
 1440         check = 1;
 1441           }
 1442 
 1443         if (check)
 1444           check_servers();
 1445       }
 1446 
 1447 #ifdef HAVE_DHCP
 1448     rerun_scripts();
 1449 #endif
 1450     break;
 1451     
 1452       case EVENT_DUMP:
 1453     if (daemon->port != 0)
 1454       dump_cache(now);
 1455     break;
 1456     
 1457       case EVENT_ALARM:
 1458 #ifdef HAVE_DHCP
 1459     if (daemon->dhcp || daemon->doing_dhcp6)
 1460       {
 1461         lease_prune(NULL, now);
 1462         lease_update_file(now);
 1463       }
 1464 #ifdef HAVE_DHCP6
 1465     else if (daemon->doing_ra)
 1466       /* Not doing DHCP, so no lease system, manage alarms for ra only */
 1467         send_alarm(periodic_ra(now), now);
 1468 #endif
 1469 #endif
 1470     break;
 1471         
 1472       case EVENT_CHILD:
 1473     /* See Stevens 5.10 */
 1474     while ((p = waitpid(-1, NULL, WNOHANG)) != 0)
 1475       if (p == -1)
 1476         {
 1477           if (errno != EINTR)
 1478         break;
 1479         }      
 1480       else 
 1481         for (i = 0 ; i < MAX_PROCS; i++)
 1482           if (daemon->tcp_pids[i] == p)
 1483         daemon->tcp_pids[i] = 0;
 1484     break;
 1485     
 1486 #if defined(HAVE_SCRIPT)    
 1487       case EVENT_KILLED:
 1488     my_syslog(LOG_WARNING, _("script process killed by signal %d"), ev.data);
 1489     break;
 1490 
 1491       case EVENT_EXITED:
 1492     my_syslog(LOG_WARNING, _("script process exited with status %d"), ev.data);
 1493     break;
 1494 
 1495       case EVENT_EXEC_ERR:
 1496     my_syslog(LOG_ERR, _("failed to execute %s: %s"), 
 1497           daemon->lease_change_command, strerror(ev.data));
 1498     break;
 1499 
 1500       case EVENT_SCRIPT_LOG:
 1501     my_syslog(MS_SCRIPT | LOG_DEBUG, "%s", msg ? msg : "");
 1502         free(msg);
 1503     msg = NULL;
 1504     break;
 1505 
 1506     /* necessary for fatal errors in helper */
 1507       case EVENT_USER_ERR:
 1508       case EVENT_DIE:
 1509       case EVENT_LUA_ERR:
 1510     fatal_event(&ev, msg);
 1511     break;
 1512 #endif
 1513 
 1514       case EVENT_REOPEN:
 1515     /* Note: this may leave TCP-handling processes with the old file still open.
 1516        Since any such process will die in CHILD_LIFETIME or probably much sooner,
 1517        we leave them logging to the old file. */
 1518     if (daemon->log_file != NULL)
 1519       log_reopen(daemon->log_file);
 1520     break;
 1521 
 1522       case EVENT_NEWADDR:
 1523     newaddress(now);
 1524     break;
 1525 
 1526       case EVENT_NEWROUTE:
 1527     resend_query();
 1528     /* Force re-reading resolv file right now, for luck. */
 1529     poll_resolv(0, 1, now);
 1530     break;
 1531 
 1532       case EVENT_TIME:
 1533 #ifdef HAVE_DNSSEC
 1534     if (daemon->dnssec_no_time_check && option_bool(OPT_DNSSEC_VALID) && option_bool(OPT_DNSSEC_TIME))
 1535       {
 1536         my_syslog(LOG_INFO, _("now checking DNSSEC signature timestamps"));
 1537         daemon->dnssec_no_time_check = 0;
 1538         clear_cache_and_reload(now);
 1539       }
 1540 #endif
 1541     break;
 1542     
 1543       case EVENT_TERM:
 1544     /* Knock all our children on the head. */
 1545     for (i = 0; i < MAX_PROCS; i++)
 1546       if (daemon->tcp_pids[i] != 0)
 1547         kill(daemon->tcp_pids[i], SIGALRM);
 1548     
 1549 #if defined(HAVE_SCRIPT) && defined(HAVE_DHCP)
 1550     /* handle pending lease transitions */
 1551     if (daemon->helperfd != -1)
 1552       {
 1553         /* block in writes until all done */
 1554         if ((i = fcntl(daemon->helperfd, F_GETFL)) != -1)
 1555           fcntl(daemon->helperfd, F_SETFL, i & ~O_NONBLOCK); 
 1556         do {
 1557           helper_write();
 1558         } while (!helper_buf_empty() || do_script_run(now));
 1559         close(daemon->helperfd);
 1560       }
 1561 #endif
 1562     
 1563     if (daemon->lease_stream)
 1564       fclose(daemon->lease_stream);
 1565 
 1566 #ifdef HAVE_DNSSEC
 1567     /* update timestamp file on TERM if time is considered valid */
 1568     if (daemon->back_to_the_future)
 1569       {
 1570          if (utimes(daemon->timestamp_file, NULL) == -1)
 1571         my_syslog(LOG_ERR, _("failed to update mtime on %s: %s"), daemon->timestamp_file, strerror(errno));
 1572       }
 1573 #endif
 1574 
 1575     if (daemon->runfile)
 1576       unlink(daemon->runfile);
 1577 
 1578 #ifdef HAVE_DUMPFILE
 1579     if (daemon->dumpfd != -1)
 1580       close(daemon->dumpfd);
 1581 #endif
 1582     
 1583     my_syslog(LOG_INFO, _("exiting on receipt of SIGTERM"));
 1584     flush_log();
 1585     exit(EC_GOOD);
 1586       }
 1587 }
 1588 
 1589 static void poll_resolv(int force, int do_reload, time_t now)
 1590 {
 1591   struct resolvc *res, *latest;
 1592   struct stat statbuf;
 1593   time_t last_change = 0;
 1594   /* There may be more than one possible file. 
 1595      Go through and find the one which changed _last_.
 1596      Warn of any which can't be read. */
 1597 
 1598   if (daemon->port == 0 || option_bool(OPT_NO_POLL))
 1599     return;
 1600   
 1601   for (latest = NULL, res = daemon->resolv_files; res; res = res->next)
 1602     if (stat(res->name, &statbuf) == -1)
 1603       {
 1604     if (force)
 1605       {
 1606         res->mtime = 0; 
 1607         continue;
 1608       }
 1609 
 1610     if (!res->logged)
 1611       my_syslog(LOG_WARNING, _("failed to access %s: %s"), res->name, strerror(errno));
 1612     res->logged = 1;
 1613     
 1614     if (res->mtime != 0)
 1615       { 
 1616         /* existing file evaporated, force selection of the latest
 1617            file even if its mtime hasn't changed since we last looked */
 1618         poll_resolv(1, do_reload, now);
 1619         return;
 1620       }
 1621       }
 1622     else
 1623       {
 1624     res->logged = 0;
 1625     if (force || (statbuf.st_mtime != res->mtime))
 1626           {
 1627             res->mtime = statbuf.st_mtime;
 1628         if (difftime(statbuf.st_mtime, last_change) > 0.0)
 1629           {
 1630         last_change = statbuf.st_mtime;
 1631         latest = res;
 1632           }
 1633       }
 1634       }
 1635   
 1636   if (latest)
 1637     {
 1638       static int warned = 0;
 1639       if (reload_servers(latest->name))
 1640     {
 1641       my_syslog(LOG_INFO, _("reading %s"), latest->name);
 1642       warned = 0;
 1643       check_servers();
 1644       if (option_bool(OPT_RELOAD) && do_reload)
 1645         clear_cache_and_reload(now);
 1646     }
 1647       else 
 1648     {
 1649       latest->mtime = 0;
 1650       if (!warned)
 1651         {
 1652           my_syslog(LOG_WARNING, _("no servers found in %s, will retry"), latest->name);
 1653           warned = 1;
 1654         }
 1655     }
 1656     }
 1657 }       
 1658 
 1659 void clear_cache_and_reload(time_t now)
 1660 {
 1661   (void)now;
 1662 
 1663   if (daemon->port != 0)
 1664     cache_reload();
 1665   
 1666 #ifdef HAVE_DHCP
 1667   if (daemon->dhcp || daemon->doing_dhcp6)
 1668     {
 1669       if (option_bool(OPT_ETHERS))
 1670     dhcp_read_ethers();
 1671       reread_dhcp();
 1672       dhcp_update_configs(daemon->dhcp_conf);
 1673       lease_update_from_configs(); 
 1674       lease_update_file(now); 
 1675       lease_update_dns(1);
 1676     }
 1677 #ifdef HAVE_DHCP6
 1678   else if (daemon->doing_ra)
 1679     /* Not doing DHCP, so no lease system, manage 
 1680        alarms for ra only */
 1681     send_alarm(periodic_ra(now), now);
 1682 #endif
 1683 #endif
 1684 }
 1685 
 1686 static int set_dns_listeners(time_t now)
 1687 {
 1688   struct serverfd *serverfdp;
 1689   struct listener *listener;
 1690   struct randfd_list *rfl;
 1691   int wait = 0, i;
 1692   
 1693 #ifdef HAVE_TFTP
 1694   int  tftp = 0;
 1695   struct tftp_transfer *transfer;
 1696   if (!option_bool(OPT_SINGLE_PORT))
 1697     for (transfer = daemon->tftp_trans; transfer; transfer = transfer->next)
 1698       {
 1699     tftp++;
 1700     poll_listen(transfer->sockfd, POLLIN);
 1701       }
 1702 #endif
 1703   
 1704   /* will we be able to get memory? */
 1705   if (daemon->port != 0)
 1706     get_new_frec(now, &wait, NULL);
 1707   
 1708   for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
 1709     poll_listen(serverfdp->fd, POLLIN);
 1710     
 1711   for (i = 0; i < daemon->numrrand; i++)
 1712     if (daemon->randomsocks[i].refcount != 0)
 1713       poll_listen(daemon->randomsocks[i].fd, POLLIN);
 1714 
 1715   /* Check overflow random sockets too. */
 1716   for (rfl = daemon->rfl_poll; rfl; rfl = rfl->next)
 1717     poll_listen(rfl->rfd->fd, POLLIN);
 1718   
 1719   for (listener = daemon->listeners; listener; listener = listener->next)
 1720     {
 1721       /* only listen for queries if we have resources */
 1722       if (listener->fd != -1 && wait == 0)
 1723     poll_listen(listener->fd, POLLIN);
 1724     
 1725       /* death of a child goes through the select loop, so
 1726      we don't need to explicitly arrange to wake up here */
 1727       if  (listener->tcpfd != -1)
 1728     for (i = 0; i < MAX_PROCS; i++)
 1729       if (daemon->tcp_pids[i] == 0 && daemon->tcp_pipes[i] == -1)
 1730         {
 1731           poll_listen(listener->tcpfd, POLLIN);
 1732           break;
 1733         }
 1734 
 1735 #ifdef HAVE_TFTP
 1736       /* tftp == 0 in single-port mode. */
 1737       if (tftp <= daemon->tftp_max && listener->tftpfd != -1)
 1738     poll_listen(listener->tftpfd, POLLIN);
 1739 #endif
 1740 
 1741     }
 1742   
 1743   if (!option_bool(OPT_DEBUG))
 1744     for (i = 0; i < MAX_PROCS; i++)
 1745       if (daemon->tcp_pipes[i] != -1)
 1746     poll_listen(daemon->tcp_pipes[i], POLLIN);
 1747   
 1748   return wait;
 1749 }
 1750 
 1751 static void check_dns_listeners(time_t now)
 1752 {
 1753   struct serverfd *serverfdp;
 1754   struct listener *listener;
 1755   struct randfd_list *rfl;
 1756   int i;
 1757   int pipefd[2];
 1758   
 1759   for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
 1760     if (poll_check(serverfdp->fd, POLLIN))
 1761       reply_query(serverfdp->fd, now);
 1762   
 1763   for (i = 0; i < daemon->numrrand; i++)
 1764     if (daemon->randomsocks[i].refcount != 0 && 
 1765     poll_check(daemon->randomsocks[i].fd, POLLIN))
 1766       reply_query(daemon->randomsocks[i].fd, now);
 1767 
 1768   /* Check overflow random sockets too. */
 1769   for (rfl = daemon->rfl_poll; rfl; rfl = rfl->next)
 1770     if (poll_check(rfl->rfd->fd, POLLIN))
 1771       reply_query(rfl->rfd->fd, now);
 1772 
 1773   /* Races. The child process can die before we read all of the data from the
 1774      pipe, or vice versa. Therefore send tcp_pids to zero when we wait() the 
 1775      process, and tcp_pipes to -1 and close the FD when we read the last
 1776      of the data - indicated by cache_recv_insert returning zero.
 1777      The order of these events is indeterminate, and both are needed
 1778      to free the process slot. Once the child process has gone, poll()
 1779      returns POLLHUP, not POLLIN, so have to check for both here. */
 1780   if (!option_bool(OPT_DEBUG))
 1781     for (i = 0; i < MAX_PROCS; i++)
 1782       if (daemon->tcp_pipes[i] != -1 &&
 1783       poll_check(daemon->tcp_pipes[i], POLLIN | POLLHUP) &&
 1784       !cache_recv_insert(now, daemon->tcp_pipes[i]))
 1785     {
 1786       close(daemon->tcp_pipes[i]);
 1787       daemon->tcp_pipes[i] = -1;    
 1788     }
 1789     
 1790   for (listener = daemon->listeners; listener; listener = listener->next)
 1791     {
 1792       if (listener->fd != -1 && poll_check(listener->fd, POLLIN))
 1793     receive_query(listener, now); 
 1794       
 1795 #ifdef HAVE_TFTP     
 1796       if (listener->tftpfd != -1 && poll_check(listener->tftpfd, POLLIN))
 1797     tftp_request(listener, now);
 1798 #endif
 1799 
 1800       if (listener->tcpfd != -1 && poll_check(listener->tcpfd, POLLIN))
 1801     {
 1802       int confd, client_ok = 1;
 1803       struct irec *iface = NULL;
 1804       pid_t p;
 1805       union mysockaddr tcp_addr;
 1806       socklen_t tcp_len = sizeof(union mysockaddr);
 1807 
 1808       while ((confd = accept(listener->tcpfd, NULL, NULL)) == -1 && errno == EINTR);
 1809       
 1810       if (confd == -1)
 1811         continue;
 1812       
 1813       if (getsockname(confd, (struct sockaddr *)&tcp_addr, &tcp_len) == -1)
 1814         {
 1815           close(confd);
 1816           continue;
 1817         }
 1818       
 1819       /* Make sure that the interface list is up-to-date.
 1820          
 1821          We do this here as we may need the results below, and
 1822          the DNS code needs them for --interface-name stuff.
 1823 
 1824          Multiple calls to enumerate_interfaces() per select loop are
 1825          inhibited, so calls to it in the child process (which doesn't select())
 1826          have no effect. This avoids two processes reading from the same
 1827          netlink fd and screwing the pooch entirely.
 1828       */
 1829  
 1830       enumerate_interfaces(0);
 1831       
 1832       if (option_bool(OPT_NOWILD))
 1833         iface = listener->iface; /* May be NULL */
 1834       else 
 1835         {
 1836           int if_index;
 1837           char intr_name[IF_NAMESIZE];
 1838           
 1839           /* if we can find the arrival interface, check it's one that's allowed */
 1840           if ((if_index = tcp_interface(confd, tcp_addr.sa.sa_family)) != 0 &&
 1841           indextoname(listener->tcpfd, if_index, intr_name))
 1842         {
 1843           union all_addr addr;
 1844           
 1845           if (tcp_addr.sa.sa_family == AF_INET6)
 1846             addr.addr6 = tcp_addr.in6.sin6_addr;
 1847           else
 1848             addr.addr4 = tcp_addr.in.sin_addr;
 1849           
 1850           for (iface = daemon->interfaces; iface; iface = iface->next)
 1851             if (iface->index == if_index &&
 1852                 iface->addr.sa.sa_family == tcp_addr.sa.sa_family)
 1853               break;
 1854           
 1855           if (!iface && !loopback_exception(listener->tcpfd, tcp_addr.sa.sa_family, &addr, intr_name))
 1856             client_ok = 0;
 1857         }
 1858           
 1859           if (option_bool(OPT_CLEVERBIND))
 1860         iface = listener->iface; /* May be NULL */
 1861           else
 1862         {
 1863           /* Check for allowed interfaces when binding the wildcard address:
 1864              we do this by looking for an interface with the same address as 
 1865              the local address of the TCP connection, then looking to see if that's
 1866              an allowed interface. As a side effect, we get the netmask of the
 1867              interface too, for localisation. */
 1868           
 1869           for (iface = daemon->interfaces; iface; iface = iface->next)
 1870             if (sockaddr_isequal(&iface->addr, &tcp_addr))
 1871               break;
 1872           
 1873           if (!iface)
 1874             client_ok = 0;
 1875         }
 1876         }
 1877       
 1878       if (!client_ok)
 1879         {
 1880           shutdown(confd, SHUT_RDWR);
 1881           close(confd);
 1882         }
 1883       else if (!option_bool(OPT_DEBUG) && pipe(pipefd) == 0 && (p = fork()) != 0)
 1884         {
 1885           close(pipefd[1]); /* parent needs read pipe end. */
 1886           if (p == -1)
 1887         close(pipefd[0]);
 1888           else
 1889         {
 1890           int i;
 1891 #ifdef HAVE_LINUX_NETWORK
 1892           /* The child process inherits the netlink socket, 
 1893              which it never uses, but when the parent (us) 
 1894              uses it in the future, the answer may go to the 
 1895              child, resulting in the parent blocking
 1896              forever awaiting the result. To avoid this
 1897              the child closes the netlink socket, but there's
 1898              a nasty race, since the parent may use netlink
 1899              before the child has done the close.
 1900              
 1901              To avoid this, the parent blocks here until a 
 1902              single byte comes back up the pipe, which
 1903              is sent by the child after it has closed the
 1904              netlink socket. */
 1905           
 1906           unsigned char a;
 1907           read_write(pipefd[0], &a, 1, 1);
 1908 #endif
 1909 
 1910           for (i = 0; i < MAX_PROCS; i++)
 1911             if (daemon->tcp_pids[i] == 0 && daemon->tcp_pipes[i] == -1)
 1912               {
 1913             daemon->tcp_pids[i] = p;
 1914             daemon->tcp_pipes[i] = pipefd[0];
 1915             break;
 1916               }
 1917         }
 1918           close(confd);
 1919 
 1920           /* The child can use up to TCP_MAX_QUERIES ids, so skip that many. */
 1921           daemon->log_id += TCP_MAX_QUERIES;
 1922         }
 1923       else
 1924         {
 1925           unsigned char *buff;
 1926           struct server *s; 
 1927           int flags;
 1928           struct in_addr netmask;
 1929           int auth_dns;
 1930        
 1931           if (iface)
 1932         {
 1933           netmask = iface->netmask;
 1934           auth_dns = iface->dns_auth;
 1935         }
 1936           else
 1937         {
 1938           netmask.s_addr = 0;
 1939           auth_dns = 0;
 1940         }
 1941 
 1942           /* Arrange for SIGALRM after CHILD_LIFETIME seconds to
 1943          terminate the process. */
 1944           if (!option_bool(OPT_DEBUG))
 1945         {
 1946 #ifdef HAVE_LINUX_NETWORK
 1947           /* See comment above re: netlink socket. */
 1948           unsigned char a = 0;
 1949 
 1950           close(daemon->netlinkfd);
 1951           read_write(pipefd[1], &a, 1, 0);
 1952 #endif        
 1953           alarm(CHILD_LIFETIME);
 1954           close(pipefd[0]); /* close read end in child. */
 1955           daemon->pipe_to_parent = pipefd[1];
 1956         }
 1957 
 1958           /* start with no upstream connections. */
 1959           for (s = daemon->servers; s; s = s->next)
 1960          s->tcpfd = -1; 
 1961           
 1962           /* The connected socket inherits non-blocking
 1963          attribute from the listening socket. 
 1964          Reset that here. */
 1965           if ((flags = fcntl(confd, F_GETFL, 0)) != -1)
 1966         fcntl(confd, F_SETFL, flags & ~O_NONBLOCK);
 1967           
 1968           buff = tcp_request(confd, now, &tcp_addr, netmask, auth_dns);
 1969            
 1970           shutdown(confd, SHUT_RDWR);
 1971           close(confd);
 1972           
 1973           if (buff)
 1974         free(buff);
 1975           
 1976           for (s = daemon->servers; s; s = s->next)
 1977         if (s->tcpfd != -1)
 1978           {
 1979             shutdown(s->tcpfd, SHUT_RDWR);
 1980             close(s->tcpfd);
 1981           }
 1982           
 1983           if (!option_bool(OPT_DEBUG))
 1984         {
 1985           close(daemon->pipe_to_parent);
 1986           flush_log();
 1987           _exit(0);
 1988         }
 1989         }
 1990     }
 1991     }
 1992 }
 1993 
 1994 #ifdef HAVE_DHCP
 1995 int make_icmp_sock(void)
 1996 {
 1997   int fd;
 1998   int zeroopt = 0;
 1999 
 2000   if ((fd = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP)) != -1)
 2001     {
 2002       if (!fix_fd(fd) ||
 2003       setsockopt(fd, SOL_SOCKET, SO_DONTROUTE, &zeroopt, sizeof(zeroopt)) == -1)
 2004     {
 2005       close(fd);
 2006       fd = -1;
 2007     }
 2008     }
 2009 
 2010   return fd;
 2011 }
 2012 
 2013 int icmp_ping(struct in_addr addr)
 2014 {
 2015   /* Try and get an ICMP echo from a machine. */
 2016 
 2017   int fd;
 2018   struct sockaddr_in saddr;
 2019   struct { 
 2020     struct ip ip;
 2021     struct icmp icmp;
 2022   } packet;
 2023   unsigned short id = rand16();
 2024   unsigned int i, j;
 2025   int gotreply = 0;
 2026 
 2027 #if defined(HAVE_LINUX_NETWORK) || defined (HAVE_SOLARIS_NETWORK)
 2028   if ((fd = make_icmp_sock()) == -1)
 2029     return 0;
 2030 #else
 2031   int opt = 2000;
 2032   fd = daemon->dhcp_icmp_fd;
 2033   setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
 2034 #endif
 2035 
 2036   saddr.sin_family = AF_INET;
 2037   saddr.sin_port = 0;
 2038   saddr.sin_addr = addr;
 2039 #ifdef HAVE_SOCKADDR_SA_LEN
 2040   saddr.sin_len = sizeof(struct sockaddr_in);
 2041 #endif
 2042   
 2043   memset(&packet.icmp, 0, sizeof(packet.icmp));
 2044   packet.icmp.icmp_type = ICMP_ECHO;
 2045   packet.icmp.icmp_id = id;
 2046   for (j = 0, i = 0; i < sizeof(struct icmp) / 2; i++)
 2047     j += ((u16 *)&packet.icmp)[i];
 2048   while (j>>16)
 2049     j = (j & 0xffff) + (j >> 16);  
 2050   packet.icmp.icmp_cksum = (j == 0xffff) ? j : ~j;
 2051   
 2052   while (retry_send(sendto(fd, (char *)&packet.icmp, sizeof(struct icmp), 0, 
 2053                (struct sockaddr *)&saddr, sizeof(saddr))));
 2054   
 2055   gotreply = delay_dhcp(dnsmasq_time(), PING_WAIT, fd, addr.s_addr, id);
 2056 
 2057 #if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK)
 2058   close(fd);
 2059 #else
 2060   opt = 1;
 2061   setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
 2062 #endif
 2063 
 2064   return gotreply;
 2065 }
 2066 
 2067 int delay_dhcp(time_t start, int sec, int fd, uint32_t addr, unsigned short id)
 2068 {
 2069   /* Delay processing DHCP packets for "sec" seconds counting from "start".
 2070      If "fd" is not -1 it will stop waiting if an ICMP echo reply is received
 2071      from "addr" with ICMP ID "id" and return 1 */
 2072 
 2073   /* Note that whilst waiting, we check for
 2074      (and service) events on the DNS and TFTP  sockets, (so doing that
 2075      better not use any resources our caller has in use...)
 2076      but we remain deaf to signals or further DHCP packets. */
 2077 
 2078   /* There can be a problem using dnsmasq_time() to end the loop, since
 2079      it's not monotonic, and can go backwards if the system clock is
 2080      tweaked, leading to the code getting stuck in this loop and
 2081      ignoring DHCP requests. To fix this, we check to see if select returned
 2082      as a result of a timeout rather than a socket becoming available. We
 2083      only allow this to happen as many times as it takes to get to the wait time
 2084      in quarter-second chunks. This provides a fallback way to end loop. */
 2085 
 2086   int rc, timeout_count;
 2087   time_t now;
 2088 
 2089   for (now = dnsmasq_time(), timeout_count = 0;
 2090        (difftime(now, start) <= (float)sec) && (timeout_count < sec * 4);)
 2091     {
 2092       poll_reset();
 2093       if (fd != -1)
 2094         poll_listen(fd, POLLIN);
 2095       set_dns_listeners(now);
 2096       set_log_writer();
 2097       
 2098 #ifdef HAVE_DHCP6
 2099       if (daemon->doing_ra)
 2100     poll_listen(daemon->icmp6fd, POLLIN); 
 2101 #endif
 2102       
 2103       rc = do_poll(250);
 2104       
 2105       if (rc < 0)
 2106     continue;
 2107       else if (rc == 0)
 2108     timeout_count++;
 2109 
 2110       now = dnsmasq_time();
 2111       
 2112       check_log_writer(0);
 2113       check_dns_listeners(now);
 2114       
 2115 #ifdef HAVE_DHCP6
 2116       if (daemon->doing_ra && poll_check(daemon->icmp6fd, POLLIN))
 2117     icmp6_packet(now);
 2118 #endif
 2119       
 2120 #ifdef HAVE_TFTP
 2121       check_tftp_listeners(now);
 2122 #endif
 2123 
 2124       if (fd != -1)
 2125         {
 2126           struct {
 2127             struct ip ip;
 2128             struct icmp icmp;
 2129           } packet;
 2130           struct sockaddr_in faddr;
 2131           socklen_t len = sizeof(faddr);
 2132       
 2133           if (poll_check(fd, POLLIN) &&
 2134           recvfrom(fd, &packet, sizeof(packet), 0, (struct sockaddr *)&faddr, &len) == sizeof(packet) &&
 2135           addr == faddr.sin_addr.s_addr &&
 2136           packet.icmp.icmp_type == ICMP_ECHOREPLY &&
 2137           packet.icmp.icmp_seq == 0 &&
 2138           packet.icmp.icmp_id == id)
 2139         return 1;
 2140     }
 2141     }
 2142 
 2143   return 0;
 2144 }
 2145 #endif /* HAVE_DHCP */