-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathneat_resolver.c
1176 lines (961 loc) · 38.4 KB
/
neat_resolver.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <assert.h>
#include <arpa/inet.h>
#include <string.h>
#include <uv.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <unistd.h>
#include <ldns/ldns.h>
#ifdef __linux__
#include <net/if.h>
#endif
// todo - dotted decimals, localhost, /etc/hosts may not work here..
#include "neat.h"
#include "neat_internal.h"
#include "neat_core.h"
#include "neat_addr.h"
#include "neat_resolver.h"
#include "neat_resolver_conf.h"
#include "neat_resolver_helpers.h"
static uint8_t nt_resolver_create_pairs(struct neat_addr *src_addr,
struct neat_resolver_request *request);
static void nt_resolver_delete_pairs(struct neat_resolver_request *request,
struct neat_addr *addr_to_delete);
static void nt_resolver_mark_pair_del(struct neat_resolver *resolver,
struct neat_resolver_src_dst_addr *pair);
static void nt_resolver_literal_timeout_cb(uv_timer_t *handle);
//NEAT internal callbacks, not very interesting
static int
neat_resolver_handle_newaddr(struct neat_ctx *nc, void *p_ptr, void *data)
{
struct neat_resolver *resolver = p_ptr;
struct neat_resolver_request *request_itr;
struct neat_addr *src_addr = data;
int pairs = 0;
//Ignore addresses that are deprecated
if (src_addr->family == AF_INET6 && !src_addr->u.v6.ifa_pref)
return RETVAL_FAILURE;
request_itr = resolver->request_queue.tqh_first;
while (request_itr != NULL) {
if ((request_itr->family && request_itr->family != src_addr->family) ||
request_itr->is_literal) {
request_itr = request_itr->next_req.tqe_next;
continue;
}
if(nt_resolver_create_pairs(src_addr, request_itr) == RETVAL_SUCCESS)
pairs++;
request_itr = request_itr->next_req.tqe_next;
}
return pairs ? RETVAL_SUCCESS : RETVAL_FAILURE;
}
static int
neat_resolver_handle_deladdr(struct neat_ctx *nic, void *p_ptr, void *data)
{
struct neat_resolver *resolver = p_ptr;
struct neat_resolver_request *request_itr;
struct neat_addr *src_addr = data;
struct sockaddr_in *src_addr4;
struct sockaddr_in6 *src_addr6;
char addr_str[INET6_ADDRSTRLEN];
if (src_addr->family == AF_INET) {
src_addr4 = &(src_addr->u.v4.addr4);
inet_ntop(AF_INET, &(src_addr4->sin_addr), addr_str, INET_ADDRSTRLEN);
} else {
src_addr6 = &(src_addr->u.v6.addr6);
inet_ntop(AF_INET6, &(src_addr6->sin6_addr), addr_str, INET6_ADDRSTRLEN);
}
nt_log(nic, NEAT_LOG_INFO, "%s: Deleted %s", __func__, addr_str);
request_itr = resolver->request_queue.tqh_first;
while (request_itr != NULL) {
nt_resolver_delete_pairs(request_itr, src_addr);
request_itr = request_itr->next_req.tqe_next;
}
return RETVAL_SUCCESS;
}
//libuv-specific callbacks
static void
nt_resolver_cleanup_pair(struct neat_resolver_src_dst_addr *pair)
{
if (pair->dns_snd_buf)
ldns_buffer_free(pair->dns_snd_buf);
pair->closed = 1;
}
//This callback is called when we close a UDP socket (handle) and allows us to
//free any allocated resource. In our case, this is only the dns_snd_buf
static void
neat_resolver_close_cb(uv_handle_t *handle)
{
struct neat_resolver_src_dst_addr *resolver_pair = handle->data;
nt_resolver_cleanup_pair(resolver_pair);
}
static void
neat_resolver_close_timer(uv_handle_t *handle)
{
struct neat_resolver_request *request = handle->data;
TAILQ_REMOVE(&(request->resolver->dead_request_queue), request, next_dead_req);
free(request);
}
static void
nt_resolver_flush_pairs_del(struct neat_resolver *resolver)
{
struct neat_resolver_src_dst_addr *resolver_pair, *resolver_itr;
resolver_itr = resolver->resolver_pairs_del.lh_first;
while (resolver_itr != NULL) {
resolver_pair = resolver_itr;
resolver_itr = resolver_itr->next_pair.le_next;
if (!resolver_pair->closed)
continue;
LIST_REMOVE(resolver_pair, next_pair);
//TODO: Instead of free, consider making a resolve_pair cache
free(resolver_pair);
}
}
static void
neat_resolver_idle_close_cb(uv_handle_t *handle)
{
struct neat_resolver *resolver = handle->data;
free(resolver);
}
//This callback is called before libuv polls for I/O and is by default run on
//every iteration. We use it to free memory used by the resolver, and it is only
//active when this is relevant. I.e., we only start the idle handle when
//resolver_pairs_del is not empty
static void
neat_resolver_idle_cb(uv_idle_t *handle)
{
struct neat_resolver *resolver = handle->data;
struct neat_resolver_request *request_itr, *request_tmp;
nt_resolver_flush_pairs_del(resolver);
//We cant stop idle until all pairs marked for deletion have been removed
if (resolver->resolver_pairs_del.lh_first)
return;
//idle is also both when we clean up one request and when we clean up the
//whole resolver, we need to guard against this
if (!resolver->free_resolver) {
uv_idle_stop(&(resolver->idle_handle));
return;
}
// Free all dead requests
for (request_itr = resolver->dead_request_queue.tqh_first;
request_itr != NULL;) {
request_tmp = request_itr;
request_itr = request_itr->next_req.tqe_next;
//No need to remove from list. resolver can't be used after this
//function is called
free(request_tmp);
}
if (!resolver->fs_event_closed)
return;
uv_idle_stop(&(resolver->idle_handle));
uv_close((uv_handle_t*) handle, neat_resolver_idle_close_cb);
}
static void
nt_resolver_request_cleanup(struct neat_resolver_request *request)
{
struct neat_resolver_src_dst_addr *resolver_pair, *resolver_itr;
resolver_itr = request->resolver_pairs.lh_first;
while (resolver_itr != NULL) {
resolver_pair = resolver_itr;
resolver_itr = resolver_itr->next_pair.le_next;
nt_resolver_mark_pair_del(request->resolver, resolver_pair);
//If loop is stopped, we need to clean up (i.e., free dns buffer)
//manually since close_cb will never be called
if (uv_backend_fd(request->resolver->nc->loop) == -1)
nt_resolver_cleanup_pair(resolver_pair);
}
if (uv_is_active((const uv_handle_t*) &(request->timeout_handle)))
uv_timer_stop(&(request->timeout_handle));
//Move to dead requests list
TAILQ_REMOVE(&(request->resolver->request_queue), request, next_req);
request->next_req.tqe_next = NULL;
request->next_req.tqe_prev = NULL;
TAILQ_INSERT_HEAD(&(request->resolver->dead_request_queue), request,
next_dead_req);
//Timers need to, like file descriptors, be closed async. Thus, freeing the
//request must be deferred until timer has been closed. No need to use idle
//etc. here. The callback will always be run.
uv_close((uv_handle_t*) &(request->timeout_handle), neat_resolver_close_timer);
}
static uint32_t
nt_resolver_localhost_populate_results(struct neat_resolver_request *request,
struct neat_resolver_results *result_list)
{
uint32_t num_resolved_addrs = 0;
char *tmp_literal;
struct neat_addr *nsrc_addr = NULL;
struct sockaddr_storage dst_addr;
union {
struct sockaddr_in *dst_addr4;
struct sockaddr_in6 *dst_addr6;
} u;
void *dst_addr_pton = NULL;
for (nsrc_addr = request->resolver->nc->src_addrs.lh_first;
nsrc_addr != NULL; nsrc_addr = nsrc_addr->next_addr.le_next) {
//Do not use deprecated addresses
if (nsrc_addr->family == AF_INET6 && !nsrc_addr->u.v6.ifa_pref) {
continue;
}
if (nsrc_addr->family == AF_INET) {
tmp_literal = "127.0.0.1";
} else {
tmp_literal = "::1";
}
if (nsrc_addr->family == AF_INET) {
u.dst_addr4 = (struct sockaddr_in*) &dst_addr;
memset(u.dst_addr4, 0, sizeof(struct sockaddr_in));
u.dst_addr4->sin_family = AF_INET;
#ifdef HAVE_SIN_LEN
u.dst_addr4->sin_len = sizeof(struct sockaddr_in);
#endif
dst_addr_pton = &(u.dst_addr4->sin_addr);
} else {
u.dst_addr6 = (struct sockaddr_in6*) &dst_addr;
memset(u.dst_addr6, 0, sizeof(struct sockaddr_in6));
u.dst_addr6->sin6_family = AF_INET6;
#ifdef HAVE_SIN6_LEN
u.dst_addr6->sin6_len = sizeof(struct sockaddr_in6);
#endif
dst_addr_pton = &(u.dst_addr6->sin6_addr);
}
if(!inet_pton(nsrc_addr->family, tmp_literal, dst_addr_pton)) {
continue;
}
num_resolved_addrs += nt_resolver_helpers_fill_results(request,
result_list,
nsrc_addr,
dst_addr);
}
return num_resolved_addrs;
}
static uint32_t
nt_resolver_literal_populate_results(struct neat_resolver_request *request,
struct neat_resolver_results *result_list)
{
uint32_t num_resolved_addrs = 0;
struct neat_addr *nsrc_addr = NULL;
void *dst_addr_pton = NULL;
struct sockaddr_storage dst_addr;
union {
struct sockaddr_in *dst_addr4;
struct sockaddr_in6 *dst_addr6;
} u;
//nt_log(NEAT_LOG_DEBUG, "%s", __func__);
char *tmp = strdup(request->domain_name);
if (!tmp) {
return 0;
}
char *ptr = NULL;
char *address_name = strtok_r((char *)tmp, ",", &ptr);
while (address_name != NULL) {
if (request->family == AF_INET) {
u.dst_addr4 = (struct sockaddr_in*) &dst_addr;
memset(u.dst_addr4, 0, sizeof(struct sockaddr_in));
u.dst_addr4->sin_family = AF_INET;
#ifdef HAVE_SIN_LEN
u.dst_addr4->sin_len = sizeof(struct sockaddr_in);
#endif
dst_addr_pton = &(u.dst_addr4->sin_addr);
} else {
u.dst_addr6 = (struct sockaddr_in6*) &dst_addr;
memset(u.dst_addr6, 0, sizeof(struct sockaddr_in6));
u.dst_addr6->sin6_family = AF_INET6;
#ifdef HAVE_SIN6_LEN
u.dst_addr6->sin6_len = sizeof(struct sockaddr_in6);
#endif
dst_addr_pton = &(u.dst_addr6->sin6_addr);
}
//We already know that this will be successful, it was checked in the
//literal-check performed earlier
if (inet_pton(request->family, address_name, dst_addr_pton) != 1) {
// inet_pton failed - skip address
address_name = strtok_r(NULL, ",", &ptr);
continue;
}
for (nsrc_addr = request->resolver->nc->src_addrs.lh_first;
nsrc_addr != NULL; nsrc_addr = nsrc_addr->next_addr.le_next) {
//Family is always set for literals
if (nsrc_addr->family != request->family)
continue;
//Do not use deprecated addresses
if (nsrc_addr->family == AF_INET6 && !nsrc_addr->u.v6.ifa_pref)
continue;
num_resolved_addrs += nt_resolver_helpers_fill_results(request, result_list, nsrc_addr, dst_addr);
}
address_name = strtok_r(NULL, ",", &ptr);
}
free(tmp);
return num_resolved_addrs;
}
static uint32_t
nt_resolver_populate_results(struct neat_resolver_request *request,
struct neat_resolver_results *result_list)
{
struct neat_resolver_src_dst_addr *pair_itr = NULL;
uint32_t num_resolved_addrs = 0;
uint8_t i;
pair_itr = request->resolver_pairs.lh_first;
//Iterate through all receiver pairs and create neat_resolver_res
while (pair_itr != NULL) {
//Resolve has not been completed
if (!pair_itr->resolved_addr[0].ss_family) {
pair_itr = pair_itr->next_pair.le_next;
continue;
}
for (i = 0; i < MAX_NUM_RESOLVED; i++) {
//Resolved addresses are added linearly, so if this is empty then
//that is the end of result list
if (!pair_itr->resolved_addr[i].ss_family)
break;
if (pair_itr->src_addr->family == AF_INET6 &&
!pair_itr->src_addr->u.v6.ifa_pref)
break;
//TODO: Consider connecting pairs to request instead of resolver
num_resolved_addrs += nt_resolver_helpers_fill_results(request,
result_list,
pair_itr->src_addr,
pair_itr->resolved_addr[i]);
}
pair_itr = pair_itr->next_pair.le_next;
}
return num_resolved_addrs;
}
static void
nt_resolver_timeout_shared(uv_timer_t *handle)
{
struct neat_resolver_request *request = handle->data;
struct neat_ctx *ctx = request->resolver->nc;
struct neat_resolver_results *result_list;
uint32_t num_resolved_addrs = 0;
//If resolver is marked for deletion, then ignore any new replies
if (request->resolver->free_resolver)
return;
//DNS timeout, call DNS callback with timeout error code
if (!request->is_literal && !request->is_localhost && !request->name_resolved_timeout) {
request->resolve_cb(NULL, NEAT_RESOLVER_TIMEOUT, request->user_data);
nt_resolver_request_cleanup(request);
return;
}
//There were no addresses available, so return error
if ((request->is_literal || request->is_localhost) && !ctx->src_addr_cnt) {
if (ctx->src_addr_dump_done) {
request->resolve_cb(NULL, NEAT_RESOLVER_ERROR, request->user_data);
nt_resolver_request_cleanup(request);
} else {
uv_timer_start(&(request->timeout_handle),
nt_resolver_literal_timeout_cb, DNS_ADDRESS_TIMEOUT, 0);
}
return;
}
//Signal internal error
if ((result_list =
calloc(sizeof(struct neat_resolver_results), 1)) == NULL) {
request->resolve_cb(NULL, NEAT_RESOLVER_ERROR, request->user_data);
nt_resolver_request_cleanup(request);
return;
}
LIST_INIT(result_list);
if (request->is_literal) {
num_resolved_addrs = nt_resolver_literal_populate_results(request,
result_list);
} else if (request->is_localhost) {
num_resolved_addrs = nt_resolver_localhost_populate_results(request,
result_list);
} else {
num_resolved_addrs = nt_resolver_populate_results(request,
result_list);
}
if (!num_resolved_addrs) {
request->resolve_cb(NULL, NEAT_RESOLVER_ERROR, request->user_data);
free(result_list);
} else {
request->resolve_cb(result_list, NEAT_RESOLVER_OK, request->user_data);
}
//This guard is good enough for now. The only case where a request can be
//freed (or marked for free) when we get here, is if resolver has been
//released
if (!request->resolver->free_resolver) {
nt_resolver_request_cleanup(request);
}
}
//This timeout is used when we "resolve" a literal. It works slightly different
//than the normal resolver timeout function. We just iterate through source
//addresses can create a result structure for those that match
static void
nt_resolver_literal_timeout_cb(uv_timer_t *handle)
{
nt_resolver_timeout_shared(handle);
}
//Called when timeout expires. This function will pass the results of the DNS
//query to the application using NEAT
static void
neat_resolver_timeout_cb(uv_timer_t *handle)
{
nt_resolver_timeout_shared(handle);
}
//Called when a DNS request has been (i.e., passed to socket). We will send the
//second query (used for checking poisoning) here. If that is needed
static void
neat_resolver_dns_sent_cb(uv_udp_send_t *req, int status)
{
//Callback will be used to send the follow-up request to check for errors
}
//libuv gives the user control of how memory is allocated. This callback is
//called when a UDP packet is ready to received, and we have to fill out the
//provided buf with the storage location (and available size)
static void
neat_resolver_dns_alloc_cb(uv_handle_t *handle,
size_t suggested_size, uv_buf_t *buf)
{
struct neat_resolver_src_dst_addr *pair = handle->data;
buf->base = pair->dns_rcv_buf;
buf->len = sizeof(pair->dns_rcv_buf);
}
//Internal NEAT resolver functions
//Deletes have to happen async so that libuv can do internal clean-up. I.e., we
//can't just free memory and that is that. This function marks a resolver pair
//as ready for deletion
static void
nt_resolver_mark_pair_del(struct neat_resolver *resolver,
struct neat_resolver_src_dst_addr *pair)
{
if (uv_is_active((uv_handle_t*) &(pair->resolve_handle))) {
uv_udp_recv_stop(&(pair->resolve_handle));
uv_close((uv_handle_t*) &(pair->resolve_handle), neat_resolver_close_cb);
}
if (pair->next_pair.le_next != NULL || pair->next_pair.le_prev != NULL) {
LIST_REMOVE(pair, next_pair);
pair->next_pair.le_next = NULL;
pair->next_pair.le_prev = NULL;
}
LIST_INSERT_HEAD(&(resolver->resolver_pairs_del), pair,
next_pair);
//We can't free memory right away, libuv has to be allowed to
//perform internal clean-up first. This is done after loop is done
//(uv__run_closing_handles), so we use idle (which is called in the
//next iteration and before polling)
if (uv_backend_fd(resolver->nc->loop) != -1 &&
!uv_is_active((uv_handle_t*) &(resolver->idle_handle)))
uv_idle_start(&(resolver->idle_handle), neat_resolver_idle_cb);
}
static void
nt_resolver_start_timeout(struct neat_resolver_src_dst_addr *pair)
{
uv_timer_stop(&(pair->request->timeout_handle));
uv_timer_start(&(pair->request->timeout_handle), neat_resolver_timeout_cb,
pair->request->resolver->dns_t2, 0);
pair->request->name_resolved_timeout = 1;
}
//Receive and parse a DNS reply
//TODO: Refactor and make large parts helper function?
static void
neat_resolver_dns_recv_cb(uv_udp_t* handle, ssize_t nread,
const uv_buf_t* buf,
const struct sockaddr* addr,
unsigned flags)
{
struct neat_resolver_src_dst_addr *pair = handle->data;
ldns_pkt *dns_reply;
//Used to store the results of the DNS query
ldns_rr_list *rr_list = NULL;
ldns_rr *rr_record = NULL;
ldns_buffer *host_addr = NULL;
ldns_rdf *rdf_result = NULL;
ldns_rr_type rr_type;
ldns_pkt_rcode rcode;
size_t retval, rr_count, i;
uint8_t num_resolved = 0, pton_failed = 0;
struct sockaddr_in *addr4;
struct sockaddr_in6 *addr6;
if (nread == 0 && addr == NULL)
return;
retval = ldns_wire2pkt(&dns_reply, (const uint8_t*) buf->base, nread);
if (retval != LDNS_STATUS_OK)
return;
rcode = ldns_pkt_get_rcode(dns_reply);
if (rcode != LDNS_RCODE_NOERROR) {
nt_log(pair->request->resolver->nc, NEAT_LOG_DEBUG, "DNS error code %u",
rcode);
nt_resolver_start_timeout(pair);
ldns_pkt_free(dns_reply);
return;
}
if (pair->src_addr->family == AF_INET)
rr_type = LDNS_RR_TYPE_A;
else
rr_type = LDNS_RR_TYPE_AAAA;
//Parse result
rr_list = ldns_pkt_rr_list_by_type(dns_reply, rr_type, LDNS_SECTION_ANSWER);
if (rr_list == NULL) {
ldns_pkt_free(dns_reply);
return;
}
rr_count = ldns_rr_list_rr_count(rr_list);
if (!rr_count) {
ldns_rr_list_deep_free(rr_list);
ldns_pkt_free(dns_reply);
return;
}
for (i=0; i<rr_count; i++) {
rr_record = ldns_rr_list_rr(rr_list, i);
rdf_result = ldns_rr_rdf(rr_record, 0);
host_addr = ldns_buffer_new(ldns_rdf_size(rdf_result));
if (!host_addr)
continue;
if (pair->src_addr->family == AF_INET) {
ldns_rdf2buffer_str_a(host_addr, rdf_result);
if (neat_resolver_helpers_check_duplicate(pair,
(const char *) ldns_buffer_begin(host_addr))) {
ldns_buffer_free(host_addr);
continue;
}
addr4 = (struct sockaddr_in*) &(pair->resolved_addr[num_resolved]);
if (!inet_pton(AF_INET, (const char*) ldns_buffer_begin(host_addr),
&(addr4->sin_addr))) {
pton_failed = 1;
} else {
addr4->sin_family = AF_INET;
#ifdef HAVE_SIN_LEN
addr4->sin_len = sizeof(struct sockaddr_in);
#endif
}
} else {
ldns_rdf2buffer_str_aaaa(host_addr, rdf_result);
if (neat_resolver_helpers_check_duplicate(pair,
(const char *) ldns_buffer_begin(host_addr))) {
ldns_buffer_free(host_addr);
continue;
}
addr6 = (struct sockaddr_in6*) &(pair->resolved_addr[num_resolved]);
if (!inet_pton(AF_INET6, (const char*) ldns_buffer_begin(host_addr),
&(addr6->sin6_addr))) {
pton_failed = 1;
} else {
addr6->sin6_family = AF_INET6;
#ifdef HAVE_SIN6_LEN
addr6->sin6_len = sizeof(struct sockaddr_in6);
#endif
}
}
if (!pton_failed)
num_resolved++;
else
pton_failed = 0;
ldns_buffer_free(host_addr);
if (num_resolved >= MAX_NUM_RESOLVED)
break;
}
ldns_rr_list_deep_free(rr_list);
ldns_pkt_free(dns_reply);
if (num_resolved && !pair->request->name_resolved_timeout){
nt_resolver_start_timeout(pair);
}
}
//Prepare and send (or, start sending) a DNS query for the given service
static uint8_t
neat_resolver_send_query(struct neat_resolver_src_dst_addr *pair,
struct neat_resolver_request *request)
{
ldns_pkt *pkt;
ldns_rr_type rr_type;
if (pair->src_addr->family == AF_INET)
rr_type = LDNS_RR_TYPE_A;
else
rr_type = LDNS_RR_TYPE_AAAA;
//Create a DNS query for aUrl
if (ldns_pkt_query_new_frm_str(&pkt, request->domain_name, rr_type,
LDNS_RR_CLASS_IN, 0) != LDNS_STATUS_OK) {
// nt_log(NEAT_LOG_ERROR, "%s - Could not create DNS packet", __func__);
return RETVAL_FAILURE;
}
ldns_pkt_set_random_id(pkt);
//We are a naive stub-resolver, so we need the server we query to do most of
//the work for us
ldns_pkt_set_rd(pkt, 1);
ldns_pkt_set_ad(pkt, 1);
//Convert internal LDNS structure to query buffer
pair->dns_snd_buf = ldns_buffer_new(LDNS_MIN_BUFLEN);
if (ldns_pkt2buffer_wire(pair->dns_snd_buf, pkt) != LDNS_STATUS_OK) {
//nt_log(NEAT_LOG_ERROR, "%s - Could not convert pkt to buf", __func__);
ldns_pkt_free(pkt);
return RETVAL_FAILURE;
}
ldns_pkt_free(pkt);
pair->dns_uv_snd_buf.base = (char*) ldns_buffer_begin(pair->dns_snd_buf);
pair->dns_uv_snd_buf.len = ldns_buffer_position(pair->dns_snd_buf);
if (uv_udp_send(&(pair->dns_snd_handle), &(pair->resolve_handle),
&(pair->dns_uv_snd_buf), 1,
(const struct sockaddr*) &(pair->dst_addr.u.generic.addr),
neat_resolver_dns_sent_cb)) {
//nt_log(NEAT_LOG_ERROR, "%s - Failed to start DNS send", __func__);
return RETVAL_FAILURE;
}
//nt_log(NEAT_LOG_DEBUG, "%s - Request for %s sent", __func__,
// request->domain_name);
return RETVAL_SUCCESS;
}
//Create one SRC/DST DNS resolver pair. Pair has already been allocated
static uint8_t
neat_resolver_create_pair(struct neat_ctx *ctx,
struct neat_resolver_src_dst_addr *pair,
const struct sockaddr_storage *server_addr)
{
struct sockaddr_in *dst_addr4, *server_addr4;
struct sockaddr_in6 *dst_addr6, *server_addr6;
uint8_t family = pair->src_addr->family;
#ifdef __linux__
uv_os_fd_t socket_fd = -1;
char if_name[IF_NAMESIZE];
#endif
int rc;
if (family == AF_INET) {
server_addr4 = (struct sockaddr_in*) server_addr;
dst_addr4 = &(pair->dst_addr.u.v4.addr4);
dst_addr4->sin_family = AF_INET;
dst_addr4->sin_port = htons(LDNS_PORT);
dst_addr4->sin_addr = server_addr4->sin_addr;
#ifdef HAVE_SIN_LEN
dst_addr4->sin_len = sizeof(struct sockaddr_in);
#endif
} else {
server_addr6 = (struct sockaddr_in6*) server_addr;
dst_addr6 = &(pair->dst_addr.u.v6.addr6);
dst_addr6->sin6_family = AF_INET6;
dst_addr6->sin6_port = htons(LDNS_PORT);
dst_addr6->sin6_addr = server_addr6->sin6_addr;
#ifdef HAVE_SIN6_LEN
dst_addr6->sin6_len = sizeof(struct sockaddr_in6);
#endif
}
//Configure uv_udp_handle
if (uv_udp_init(ctx->loop, &(pair->resolve_handle))) {
//Closed is normally set in close_cb, but since we will never get that
//far, set it here instead
//pair->closed = 1;
nt_log(ctx, NEAT_LOG_ERROR, "%s - Failure to initialize UDP handle", __func__);
return RETVAL_FAILURE;
}
pair->resolve_handle.data = pair;
rc = uv_udp_bind(&(pair->resolve_handle),
(struct sockaddr*) &(pair->src_addr->u.generic.addr),
0);
if (rc) {
nt_log(ctx, NEAT_LOG_ERROR, "%s - Failed to bind UDP socket: %s",
__func__, uv_strerror(rc));
return RETVAL_FAILURE;
}
if (uv_udp_recv_start(&(pair->resolve_handle), neat_resolver_dns_alloc_cb,
neat_resolver_dns_recv_cb)) {
nt_log(ctx, NEAT_LOG_ERROR, "%s - Failed to start receiving UDP", __func__);
return RETVAL_FAILURE;
}
//TODO: Binding to interface name requires sudo, not sure if that is acceptable.
//Ignore any error here for now
#ifdef __linux__
uv_fileno((uv_handle_t*) &(pair->resolve_handle), &socket_fd);
if (!if_indextoname(pair->src_addr->if_idx, if_name)) {
/*nt_log(ctx, NEAT_LOG_ERROR, "%s - Could not get interface name for index %u",
__func__, pair->src_addr->if_idx);*/
return RETVAL_IGNORE;
}
if (setsockopt(socket_fd, SOL_SOCKET, SO_BINDTODEVICE, if_name,
strlen(if_name)) < 0) {
/*nt_log(ctx, NEAT_LOG_ERROR, "%s - Could not bind socket to interface %s\n",
__func__, if_name); */
return RETVAL_IGNORE;
}
#endif
return RETVAL_SUCCESS;
}
//Called when we get a NEAT_NEWADDR message. Go through all matching DNS
//servers, try to create src/dst pair and send query
static uint8_t
nt_resolver_create_pairs(struct neat_addr *src_addr,
struct neat_resolver_request *request)
{
struct neat_resolver_src_dst_addr *resolver_pair;
struct neat_resolver_server *server_itr;
int successes = 0;
//After adding support for restart, we can end up here without a domain
//name. There is not point continuing if we have no domain name to resolve
if (!request->domain_name[0])
return RETVAL_SUCCESS;
for (server_itr = request->resolver->server_list.lh_first;
server_itr != NULL; server_itr = server_itr->next_server.le_next) {
if (src_addr->family != server_itr->server_addr.ss_family)
continue;
resolver_pair = (struct neat_resolver_src_dst_addr*)
calloc(sizeof(struct neat_resolver_src_dst_addr), 1);
if (!resolver_pair) {
return RETVAL_FAILURE;
}
resolver_pair->request = request;
resolver_pair->src_addr = src_addr;
if (neat_resolver_create_pair(request->resolver->nc, resolver_pair,
&(server_itr->server_addr)) == RETVAL_FAILURE) {
//nt_log(NEAT_LOG_ERROR, "%s - Failed to create resolver pair", __func__);
nt_resolver_mark_pair_del(request->resolver, resolver_pair);
continue;
}
if (neat_resolver_send_query(resolver_pair, request)) {
//nt_log(NEAT_LOG_ERROR, "%s - Failed to start lookup", __func__);
nt_resolver_mark_pair_del(request->resolver, resolver_pair);
} else {
//printf("Will lookup %s\n", resolver->domain_name);
LIST_INSERT_HEAD(&(request->resolver_pairs), resolver_pair,
next_pair);
successes++;
}
}
return successes ? RETVAL_SUCCESS : RETVAL_FAILURE;
}
//Called when we get a NEAT_DELADDR message. Go though all resolve pairs and
//remove those where src. address match the deleted address
static void
nt_resolver_delete_pairs(struct neat_resolver_request *request,
struct neat_addr *addr_to_delete)
{
struct sockaddr_in *addr4 = NULL, *addr4_cmp;
struct sockaddr_in6 *addr6 = NULL, *addr6_cmp;
struct neat_resolver_src_dst_addr *resolver_pair, *resolver_itr;
if (addr_to_delete->family == AF_INET)
addr4 = &(addr_to_delete->u.v4.addr4);
else
addr6 = &(addr_to_delete->u.v6.addr6);
resolver_itr = request->resolver_pairs.lh_first;
while (resolver_itr != NULL) {
resolver_pair = resolver_itr;
resolver_itr = resolver_itr->next_pair.le_next;
if (resolver_pair->src_addr->family != addr_to_delete->family)
continue;
if (addr_to_delete->family == AF_INET && addr4 != NULL) {
addr4_cmp = &(resolver_pair->src_addr->u.v4.addr4);
if (addr4_cmp->sin_addr.s_addr == addr4->sin_addr.s_addr)
nt_resolver_mark_pair_del(request->resolver, resolver_pair);
} else {
addr6_cmp = &(resolver_pair->src_addr->u.v6.addr6);
if (neat_addr_cmp_ip6_addr(&(addr6_cmp->sin6_addr),
&(addr6->sin6_addr))) {
nt_resolver_mark_pair_del(request->resolver, resolver_pair);
}
}
}
}
//This one will (at least for now) be used to start the first quest. Lets see
//how much we can recycle when we start processing queue
static int
nt_start_request(struct neat_resolver *resolver,
struct neat_resolver_request *request)
{
struct neat_addr *nsrc_addr = NULL;
int successes = 0;
//node is a literal, so we will just wait a short while for address list to
//be populated
if (request->is_literal || request->is_localhost) {
if(uv_timer_start(&(request->timeout_handle),
nt_resolver_literal_timeout_cb,
DNS_LITERAL_TIMEOUT, 0))
return RETVAL_FAILURE;
return RETVAL_SUCCESS;
}
//Start the resolver timeout, this includes fetching addresses
if(uv_timer_start(&(request->timeout_handle), neat_resolver_timeout_cb,
resolver->dns_t1, 0))
return RETVAL_FAILURE;
//No point starting to query if we don't have any source addresses
if (!resolver->nc->src_addr_cnt) {
//nt_log(NEAT_LOG_ERROR, "%s - No available src addresses", __func__);
return RETVAL_FAILURE;
}
//Iterate through src addresses, create udp sockets and start requesting
for (nsrc_addr = resolver->nc->src_addrs.lh_first; nsrc_addr != NULL;
nsrc_addr = nsrc_addr->next_addr.le_next) {
if (request->family && nsrc_addr->family != request->family)
continue;
//Do not use deprecated addresses
if (nsrc_addr->family == AF_INET6 && !nsrc_addr->u.v6.ifa_pref)
continue;
//TODO: Potential place to filter based on policy
if(nt_resolver_create_pairs(nsrc_addr, request) == RETVAL_SUCCESS)
successes++;
}
return successes ? RETVAL_SUCCESS : RETVAL_FAILURE;
}
//Public NEAT resolver functions
//getaddrinfo starts a query for the provided service
uint8_t
nt_resolve(struct neat_resolver *resolver,
uint8_t family,
const char *node,
uint16_t port,
neat_resolver_handle_t handle_resolve,
void *user_data)
{
struct neat_resolver_request *request;
int8_t is_literal = 0, is_localhost = 0;
//nt_log(NEAT_LOG_DEBUG, "%s", __func__);
if (port == 0) {
//nt_log(NEAT_LOG_ERROR, "%s - Invalid port specified", __func__);
return RETVAL_FAILURE;
}
if (family && family != AF_INET && family != AF_INET6 && family != AF_UNSPEC) {
//nt_log(NEAT_LOG_ERROR, "%s - Invalid family specified", __func__);
return RETVAL_FAILURE;
}
if ((strlen(node) + 1) > MAX_DOMAIN_LENGTH) {
//nt_log(NEAT_LOG_ERROR, "%s - Domain name too long", __func__);
return RETVAL_FAILURE;
}
request = calloc(sizeof(struct neat_resolver_request), 1);
if (!request)
return RETVAL_FAILURE;
request->family = family;
request->dst_port = htons(port);
request->resolver = resolver;
request->user_data = user_data;
uv_timer_init(resolver->nc->loop, &(request->timeout_handle));
request->timeout_handle.data = request;
if (!strcmp("localhost", node)) {
is_localhost = 1;
} else {
is_literal = nt_resolver_helpers_check_for_literal(&(request->family), node);
if (is_literal < 0) {
free(request);
return RETVAL_FAILURE;
}
}