File: | src/sbin/unwind/resolver.c |
Warning: | line 1600, column 18 The left operand of '==' is a garbage value |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: resolver.c,v 1.154 2021/12/18 10:34:19 florian Exp $ */ | |||
2 | ||||
3 | ||||
4 | /* | |||
5 | * Copyright (c) 2018 Florian Obser <florian@openbsd.org> | |||
6 | * Copyright (c) 2004, 2005 Claudio Jeker <claudio@openbsd.org> | |||
7 | * Copyright (c) 2004 Esben Norby <norby@openbsd.org> | |||
8 | * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> | |||
9 | * | |||
10 | * Permission to use, copy, modify, and distribute this software for any | |||
11 | * purpose with or without fee is hereby granted, provided that the above | |||
12 | * copyright notice and this permission notice appear in all copies. | |||
13 | * | |||
14 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | |||
15 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |||
16 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | |||
17 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |||
18 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |||
19 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |||
20 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |||
21 | */ | |||
22 | ||||
23 | #include <sys/types.h> | |||
24 | #include <sys/queue.h> | |||
25 | #include <sys/socket.h> | |||
26 | #include <sys/syslog.h> | |||
27 | #include <sys/time.h> | |||
28 | ||||
29 | #include <net/route.h> | |||
30 | ||||
31 | #include <errno(*__errno()).h> | |||
32 | #include <event.h> | |||
33 | #include <imsg.h> | |||
34 | #include <limits.h> | |||
35 | #include <netdb.h> | |||
36 | #include <asr.h> | |||
37 | #include <pwd.h> | |||
38 | #include <signal.h> | |||
39 | #include <stdio.h> | |||
40 | #include <stdlib.h> | |||
41 | #include <string.h> | |||
42 | #include <time.h> | |||
43 | #include <tls.h> | |||
44 | #include <unistd.h> | |||
45 | ||||
46 | #include "libunbound/config.h" | |||
47 | #include "libunbound/libunbound/context.h" | |||
48 | #include "libunbound/libunbound/libworker.h" | |||
49 | #include "libunbound/libunbound/unbound.h" | |||
50 | #include "libunbound/libunbound/unbound-event.h" | |||
51 | #include "libunbound/services/cache/rrset.h" | |||
52 | #include "libunbound/sldns/sbuffer.h" | |||
53 | #include "libunbound/sldns/rrdef.h" | |||
54 | #include "libunbound/sldns/pkthdr.h" | |||
55 | #include "libunbound/sldns/wire2str.h" | |||
56 | #include "libunbound/util/config_file.h" | |||
57 | #include "libunbound/util/module.h" | |||
58 | #include "libunbound/util/regional.h" | |||
59 | #include "libunbound/util/storage/slabhash.h" | |||
60 | #include "libunbound/validator/validator.h" | |||
61 | #include "libunbound/validator/val_kcache.h" | |||
62 | #include "libunbound/validator/val_neg.h" | |||
63 | ||||
64 | #include <openssl/crypto.h> | |||
65 | ||||
66 | #include "log.h" | |||
67 | #include "frontend.h" | |||
68 | #include "unwind.h" | |||
69 | #include "resolver.h" | |||
70 | ||||
71 | #define TLS_DEFAULT_CA_CERT_FILE"/etc/ssl/cert.pem" "/etc/ssl/cert.pem" | |||
72 | #define UB_LOG_VERBOSE4 4 | |||
73 | #define UB_LOG_BRIEF0 0 | |||
74 | ||||
75 | /* maximum size of a libunbound forwarder definition: IP@PORT#AUTHNAME */ | |||
76 | #define FWD_MAX(46 + 256 + 2 + 5) (INET6_ADDRSTRLEN46 + NI_MAXHOST256 + 2 + 5) | |||
77 | ||||
78 | /* | |||
79 | * The prefered resolver type can be this many ms slower than the next | |||
80 | * best and still be picked | |||
81 | */ | |||
82 | #define PREF_RESOLVER_MEDIAN_SKEW200 200 /* 200 ms */ | |||
83 | #define NEXT_RES_MAX2000 2000 /* 2000 ms */ | |||
84 | ||||
85 | #define DOUBT_NXDOMAIN_SEC(5 * 60) (5 * 60) /* 5 minutes */ | |||
86 | ||||
87 | #define RESOLVER_CHECK_SEC1 1 | |||
88 | #define RESOLVER_CHECK_MAXSEC1024 1024 /* ~17 minutes */ | |||
89 | #define DECAY_PERIOD60 60 | |||
90 | #define DECAY_NOMINATOR9 9 | |||
91 | #define DECAY_DENOMINATOR10 10 | |||
92 | ||||
93 | #define TRUST_ANCHOR_RETRY_INTERVAL8640 8640 | |||
94 | #define TRUST_ANCHOR_QUERY_INTERVAL43200 43200 | |||
95 | ||||
96 | /* in libworker_event_done_cb() enum sec_status gets mapped to 0, 1 and 2 */ | |||
97 | #define INSECURE0 0 | |||
98 | #define BOGUS1 1 | |||
99 | #define SECURE2 2 | |||
100 | ||||
101 | #define WKA1_FOUND1 1 | |||
102 | #define WKA2_FOUND2 2 | |||
103 | ||||
104 | struct uw_resolver { | |||
105 | struct event check_ev; | |||
106 | struct event free_ev; | |||
107 | struct ub_ctx *ctx; | |||
108 | void *asr_ctx; | |||
109 | struct timeval check_tv; | |||
110 | int ref_cnt; | |||
111 | int stop; | |||
112 | enum uw_resolver_state state; | |||
113 | enum uw_resolver_type type; | |||
114 | int check_running; | |||
115 | int64_t median; | |||
116 | int64_t histogram[nitems(histogram_limits)(sizeof((histogram_limits)) / sizeof((histogram_limits)[0]))]; | |||
117 | int64_t latest_histogram[nitems(histogram_limits)(sizeof((histogram_limits)) / sizeof((histogram_limits)[0]))]; | |||
118 | }; | |||
119 | ||||
120 | struct running_query { | |||
121 | TAILQ_ENTRY(running_query)struct { struct running_query *tqe_next; struct running_query **tqe_prev; } entry; | |||
122 | struct query_imsg *query_imsg; | |||
123 | struct event timer_ev; | |||
124 | struct timespec tp; | |||
125 | struct resolver_preference res_pref; | |||
126 | int next_resolver; | |||
127 | int running; | |||
128 | }; | |||
129 | ||||
130 | TAILQ_HEAD(, running_query)struct { struct running_query *tqh_first; struct running_query **tqh_last; } running_queries; | |||
131 | ||||
132 | typedef void (*resolve_cb_t)(struct uw_resolver *, void *, int, void *, int, | |||
133 | int, char *); | |||
134 | ||||
135 | struct resolver_cb_data { | |||
136 | resolve_cb_t cb; | |||
137 | void *data; | |||
138 | struct uw_resolver *res; | |||
139 | }; | |||
140 | ||||
141 | __dead__attribute__((__noreturn__)) void resolver_shutdown(void); | |||
142 | void resolver_sig_handler(int sig, short, void *); | |||
143 | void resolver_dispatch_frontend(int, short, void *); | |||
144 | void resolver_dispatch_main(int, short, void *); | |||
145 | int sort_resolver_types(struct resolver_preference *); | |||
146 | void setup_query(struct query_imsg *); | |||
147 | struct running_query *find_running_query(uint64_t); | |||
148 | void try_resolver_timo(int, short, void *); | |||
149 | int try_next_resolver(struct running_query *); | |||
150 | ||||
151 | int resolve(struct uw_resolver *, const char*, int, int, | |||
152 | void*, resolve_cb_t); | |||
153 | void resolve_done(struct uw_resolver *, void *, int, void *, | |||
154 | int, int, char *); | |||
155 | void ub_resolve_done(void *, int, void *, int, int, char *, | |||
156 | int); | |||
157 | void asr_resolve_done(struct asr_result *, void *); | |||
158 | void new_resolver(enum uw_resolver_type, | |||
159 | enum uw_resolver_state); | |||
160 | struct uw_resolver *create_resolver(enum uw_resolver_type); | |||
161 | void setup_unified_caches(void); | |||
162 | void set_unified_cache(struct uw_resolver *); | |||
163 | void free_resolver(struct uw_resolver *); | |||
164 | void set_forwarders(struct uw_resolver *, | |||
165 | struct uw_forwarder_head *, int); | |||
166 | void resolver_check_timo(int, short, void *); | |||
167 | void resolver_free_timo(int, short, void *); | |||
168 | void check_resolver(struct uw_resolver *); | |||
169 | void check_resolver_done(struct uw_resolver *, void *, int, | |||
170 | void *, int, int, char *); | |||
171 | void schedule_recheck_all_resolvers(void); | |||
172 | int check_forwarders_changed(struct uw_forwarder_head *, | |||
173 | struct uw_forwarder_head *); | |||
174 | void replace_forwarders(struct uw_forwarder_head *, | |||
175 | struct uw_forwarder_head *); | |||
176 | void resolver_ref(struct uw_resolver *); | |||
177 | void resolver_unref(struct uw_resolver *); | |||
178 | int resolver_cmp(const void *, const void *); | |||
179 | void restart_ub_resolvers(int); | |||
180 | void show_status(pid_t); | |||
181 | void show_autoconf(pid_t); | |||
182 | void show_mem(pid_t); | |||
183 | void send_resolver_info(struct uw_resolver *, pid_t); | |||
184 | void send_detailed_resolver_info(struct uw_resolver *, | |||
185 | pid_t); | |||
186 | void trust_anchor_resolve(void); | |||
187 | void trust_anchor_timo(int, short, void *); | |||
188 | void trust_anchor_resolve_done(struct uw_resolver *, void *, | |||
189 | int, void *, int, int, char *); | |||
190 | void replace_autoconf_forwarders(struct | |||
191 | imsg_rdns_proposal *); | |||
192 | int force_tree_cmp(struct force_tree_entry *, | |||
193 | struct force_tree_entry *); | |||
194 | int find_force(struct force_tree *, char *, | |||
195 | struct uw_resolver **); | |||
196 | int64_t histogram_median(int64_t *); | |||
197 | void decay_latest_histograms(int, short, void *); | |||
198 | int running_query_cnt(void); | |||
199 | int *resolvers_to_restart(struct uw_conf *, | |||
200 | struct uw_conf *); | |||
201 | const char *query_imsg2str(struct query_imsg *); | |||
202 | char *gen_resolv_conf(void); | |||
203 | void check_dns64(void); | |||
204 | void check_dns64_done(struct asr_result *, void *); | |||
205 | int dns64_prefixlen(const struct in6_addr *, | |||
206 | const uint8_t *); | |||
207 | void add_dns64_prefix(const struct in6_addr *, int, | |||
208 | struct dns64_prefix *, int, int); | |||
209 | ||||
210 | struct uw_conf *resolver_conf; | |||
211 | static struct imsgev *iev_frontend; | |||
212 | static struct imsgev *iev_main; | |||
213 | struct uw_forwarder_head autoconf_forwarder_list; | |||
214 | struct uw_resolver *resolvers[UW_RES_NONE]; | |||
215 | struct timespec last_network_change; | |||
216 | ||||
217 | struct event trust_anchor_timer; | |||
218 | struct event decay_timer; | |||
219 | ||||
220 | static struct trust_anchor_head trust_anchors, new_trust_anchors; | |||
221 | ||||
222 | struct event_base *ev_base; | |||
223 | ||||
224 | RB_GENERATE(force_tree, force_tree_entry, entry, force_tree_cmp)void force_tree_RB_INSERT_COLOR(struct force_tree *head, struct force_tree_entry *elm) { struct force_tree_entry *parent, *gparent , *tmp; while ((parent = (elm)->entry.rbe_parent) && (parent)->entry.rbe_color == 1) { gparent = (parent)-> entry.rbe_parent; if (parent == (gparent)->entry.rbe_left) { tmp = (gparent)->entry.rbe_right; if (tmp && (tmp )->entry.rbe_color == 1) { (tmp)->entry.rbe_color = 0; do { (parent)->entry.rbe_color = 0; (gparent)->entry.rbe_color = 1; } while (0); elm = gparent; continue; } if ((parent)-> entry.rbe_right == elm) { do { (tmp) = (parent)->entry.rbe_right ; if (((parent)->entry.rbe_right = (tmp)->entry.rbe_left )) { ((tmp)->entry.rbe_left)->entry.rbe_parent = (parent ); } do {} while (0); if (((tmp)->entry.rbe_parent = (parent )->entry.rbe_parent)) { if ((parent) == ((parent)->entry .rbe_parent)->entry.rbe_left) ((parent)->entry.rbe_parent )->entry.rbe_left = (tmp); else ((parent)->entry.rbe_parent )->entry.rbe_right = (tmp); } else (head)->rbh_root = ( tmp); (tmp)->entry.rbe_left = (parent); (parent)->entry .rbe_parent = (tmp); do {} while (0); if (((tmp)->entry.rbe_parent )) do {} while (0); } while (0); tmp = parent; parent = elm; elm = tmp; } do { (parent)->entry.rbe_color = 0; (gparent)-> entry.rbe_color = 1; } while (0); do { (tmp) = (gparent)-> entry.rbe_left; if (((gparent)->entry.rbe_left = (tmp)-> entry.rbe_right)) { ((tmp)->entry.rbe_right)->entry.rbe_parent = (gparent); } do {} while (0); if (((tmp)->entry.rbe_parent = (gparent)->entry.rbe_parent)) { if ((gparent) == ((gparent )->entry.rbe_parent)->entry.rbe_left) ((gparent)->entry .rbe_parent)->entry.rbe_left = (tmp); else ((gparent)-> entry.rbe_parent)->entry.rbe_right = (tmp); } else (head)-> rbh_root = (tmp); (tmp)->entry.rbe_right = (gparent); (gparent )->entry.rbe_parent = (tmp); do {} while (0); if (((tmp)-> entry.rbe_parent)) do {} while (0); } while (0); } else { tmp = (gparent)->entry.rbe_left; if (tmp && (tmp)-> entry.rbe_color == 1) { (tmp)->entry.rbe_color = 0; do { ( parent)->entry.rbe_color = 0; (gparent)->entry.rbe_color = 1; } while (0); elm = gparent; continue; } if ((parent)-> entry.rbe_left == elm) { do { (tmp) = (parent)->entry.rbe_left ; if (((parent)->entry.rbe_left = (tmp)->entry.rbe_right )) { ((tmp)->entry.rbe_right)->entry.rbe_parent = (parent ); } do {} while (0); if (((tmp)->entry.rbe_parent = (parent )->entry.rbe_parent)) { if ((parent) == ((parent)->entry .rbe_parent)->entry.rbe_left) ((parent)->entry.rbe_parent )->entry.rbe_left = (tmp); else ((parent)->entry.rbe_parent )->entry.rbe_right = (tmp); } else (head)->rbh_root = ( tmp); (tmp)->entry.rbe_right = (parent); (parent)->entry .rbe_parent = (tmp); do {} while (0); if (((tmp)->entry.rbe_parent )) do {} while (0); } while (0); tmp = parent; parent = elm; elm = tmp; } do { (parent)->entry.rbe_color = 0; (gparent)-> entry.rbe_color = 1; } while (0); do { (tmp) = (gparent)-> entry.rbe_right; if (((gparent)->entry.rbe_right = (tmp)-> entry.rbe_left)) { ((tmp)->entry.rbe_left)->entry.rbe_parent = (gparent); } do {} while (0); if (((tmp)->entry.rbe_parent = (gparent)->entry.rbe_parent)) { if ((gparent) == ((gparent )->entry.rbe_parent)->entry.rbe_left) ((gparent)->entry .rbe_parent)->entry.rbe_left = (tmp); else ((gparent)-> entry.rbe_parent)->entry.rbe_right = (tmp); } else (head)-> rbh_root = (tmp); (tmp)->entry.rbe_left = (gparent); (gparent )->entry.rbe_parent = (tmp); do {} while (0); if (((tmp)-> entry.rbe_parent)) do {} while (0); } while (0); } } (head-> rbh_root)->entry.rbe_color = 0; } void force_tree_RB_REMOVE_COLOR (struct force_tree *head, struct force_tree_entry *parent, struct force_tree_entry *elm) { struct force_tree_entry *tmp; while ((elm == ((void*)0) || (elm)->entry.rbe_color == 0) && elm != (head)->rbh_root) { if ((parent)->entry.rbe_left == elm) { tmp = (parent)->entry.rbe_right; if ((tmp)-> entry.rbe_color == 1) { do { (tmp)->entry.rbe_color = 0; ( parent)->entry.rbe_color = 1; } while (0); do { (tmp) = (parent )->entry.rbe_right; if (((parent)->entry.rbe_right = (tmp )->entry.rbe_left)) { ((tmp)->entry.rbe_left)->entry .rbe_parent = (parent); } do {} while (0); if (((tmp)->entry .rbe_parent = (parent)->entry.rbe_parent)) { if ((parent) == ((parent)->entry.rbe_parent)->entry.rbe_left) ((parent )->entry.rbe_parent)->entry.rbe_left = (tmp); else ((parent )->entry.rbe_parent)->entry.rbe_right = (tmp); } else ( head)->rbh_root = (tmp); (tmp)->entry.rbe_left = (parent ); (parent)->entry.rbe_parent = (tmp); do {} while (0); if (((tmp)->entry.rbe_parent)) do {} while (0); } while (0); tmp = (parent)->entry.rbe_right; } if (((tmp)->entry.rbe_left == ((void*)0) || ((tmp)->entry.rbe_left)->entry.rbe_color == 0) && ((tmp)->entry.rbe_right == ((void*)0) || ((tmp)->entry.rbe_right)->entry.rbe_color == 0)) { (tmp )->entry.rbe_color = 1; elm = parent; parent = (elm)->entry .rbe_parent; } else { if ((tmp)->entry.rbe_right == ((void *)0) || ((tmp)->entry.rbe_right)->entry.rbe_color == 0) { struct force_tree_entry *oleft; if ((oleft = (tmp)->entry .rbe_left)) (oleft)->entry.rbe_color = 0; (tmp)->entry. rbe_color = 1; do { (oleft) = (tmp)->entry.rbe_left; if (( (tmp)->entry.rbe_left = (oleft)->entry.rbe_right)) { (( oleft)->entry.rbe_right)->entry.rbe_parent = (tmp); } do {} while (0); if (((oleft)->entry.rbe_parent = (tmp)-> entry.rbe_parent)) { if ((tmp) == ((tmp)->entry.rbe_parent )->entry.rbe_left) ((tmp)->entry.rbe_parent)->entry. rbe_left = (oleft); else ((tmp)->entry.rbe_parent)->entry .rbe_right = (oleft); } else (head)->rbh_root = (oleft); ( oleft)->entry.rbe_right = (tmp); (tmp)->entry.rbe_parent = (oleft); do {} while (0); if (((oleft)->entry.rbe_parent )) do {} while (0); } while (0); tmp = (parent)->entry.rbe_right ; } (tmp)->entry.rbe_color = (parent)->entry.rbe_color; (parent)->entry.rbe_color = 0; if ((tmp)->entry.rbe_right ) ((tmp)->entry.rbe_right)->entry.rbe_color = 0; do { ( tmp) = (parent)->entry.rbe_right; if (((parent)->entry. rbe_right = (tmp)->entry.rbe_left)) { ((tmp)->entry.rbe_left )->entry.rbe_parent = (parent); } do {} while (0); if (((tmp )->entry.rbe_parent = (parent)->entry.rbe_parent)) { if ((parent) == ((parent)->entry.rbe_parent)->entry.rbe_left ) ((parent)->entry.rbe_parent)->entry.rbe_left = (tmp); else ((parent)->entry.rbe_parent)->entry.rbe_right = ( tmp); } else (head)->rbh_root = (tmp); (tmp)->entry.rbe_left = (parent); (parent)->entry.rbe_parent = (tmp); do {} while (0); if (((tmp)->entry.rbe_parent)) do {} while (0); } while (0); elm = (head)->rbh_root; break; } } else { tmp = (parent )->entry.rbe_left; if ((tmp)->entry.rbe_color == 1) { do { (tmp)->entry.rbe_color = 0; (parent)->entry.rbe_color = 1; } while (0); do { (tmp) = (parent)->entry.rbe_left; if (((parent)->entry.rbe_left = (tmp)->entry.rbe_right)) { ((tmp)->entry.rbe_right)->entry.rbe_parent = (parent); } do {} while (0); if (((tmp)->entry.rbe_parent = (parent )->entry.rbe_parent)) { if ((parent) == ((parent)->entry .rbe_parent)->entry.rbe_left) ((parent)->entry.rbe_parent )->entry.rbe_left = (tmp); else ((parent)->entry.rbe_parent )->entry.rbe_right = (tmp); } else (head)->rbh_root = ( tmp); (tmp)->entry.rbe_right = (parent); (parent)->entry .rbe_parent = (tmp); do {} while (0); if (((tmp)->entry.rbe_parent )) do {} while (0); } while (0); tmp = (parent)->entry.rbe_left ; } if (((tmp)->entry.rbe_left == ((void*)0) || ((tmp)-> entry.rbe_left)->entry.rbe_color == 0) && ((tmp)-> entry.rbe_right == ((void*)0) || ((tmp)->entry.rbe_right)-> entry.rbe_color == 0)) { (tmp)->entry.rbe_color = 1; elm = parent; parent = (elm)->entry.rbe_parent; } else { if ((tmp )->entry.rbe_left == ((void*)0) || ((tmp)->entry.rbe_left )->entry.rbe_color == 0) { struct force_tree_entry *oright ; if ((oright = (tmp)->entry.rbe_right)) (oright)->entry .rbe_color = 0; (tmp)->entry.rbe_color = 1; do { (oright) = (tmp)->entry.rbe_right; if (((tmp)->entry.rbe_right = ( oright)->entry.rbe_left)) { ((oright)->entry.rbe_left)-> entry.rbe_parent = (tmp); } do {} while (0); if (((oright)-> entry.rbe_parent = (tmp)->entry.rbe_parent)) { if ((tmp) == ((tmp)->entry.rbe_parent)->entry.rbe_left) ((tmp)-> entry.rbe_parent)->entry.rbe_left = (oright); else ((tmp)-> entry.rbe_parent)->entry.rbe_right = (oright); } else (head )->rbh_root = (oright); (oright)->entry.rbe_left = (tmp ); (tmp)->entry.rbe_parent = (oright); do {} while (0); if (((oright)->entry.rbe_parent)) do {} while (0); } while ( 0); tmp = (parent)->entry.rbe_left; } (tmp)->entry.rbe_color = (parent)->entry.rbe_color; (parent)->entry.rbe_color = 0; if ((tmp)->entry.rbe_left) ((tmp)->entry.rbe_left )->entry.rbe_color = 0; do { (tmp) = (parent)->entry.rbe_left ; if (((parent)->entry.rbe_left = (tmp)->entry.rbe_right )) { ((tmp)->entry.rbe_right)->entry.rbe_parent = (parent ); } do {} while (0); if (((tmp)->entry.rbe_parent = (parent )->entry.rbe_parent)) { if ((parent) == ((parent)->entry .rbe_parent)->entry.rbe_left) ((parent)->entry.rbe_parent )->entry.rbe_left = (tmp); else ((parent)->entry.rbe_parent )->entry.rbe_right = (tmp); } else (head)->rbh_root = ( tmp); (tmp)->entry.rbe_right = (parent); (parent)->entry .rbe_parent = (tmp); do {} while (0); if (((tmp)->entry.rbe_parent )) do {} while (0); } while (0); elm = (head)->rbh_root; break ; } } } if (elm) (elm)->entry.rbe_color = 0; } struct force_tree_entry * force_tree_RB_REMOVE(struct force_tree *head, struct force_tree_entry *elm) { struct force_tree_entry *child, *parent, *old = elm; int color; if ((elm)->entry.rbe_left == ((void*)0)) child = (elm)->entry.rbe_right; else if ((elm)->entry.rbe_right == ((void*)0)) child = (elm)->entry.rbe_left; else { struct force_tree_entry *left; elm = (elm)->entry.rbe_right; while ((left = (elm)->entry.rbe_left)) elm = left; child = (elm )->entry.rbe_right; parent = (elm)->entry.rbe_parent; color = (elm)->entry.rbe_color; if (child) (child)->entry.rbe_parent = parent; if (parent) { if ((parent)->entry.rbe_left == elm ) (parent)->entry.rbe_left = child; else (parent)->entry .rbe_right = child; do {} while (0); } else (head)->rbh_root = child; if ((elm)->entry.rbe_parent == old) parent = elm ; (elm)->entry = (old)->entry; if ((old)->entry.rbe_parent ) { if (((old)->entry.rbe_parent)->entry.rbe_left == old ) ((old)->entry.rbe_parent)->entry.rbe_left = elm; else ((old)->entry.rbe_parent)->entry.rbe_right = elm; do { } while (0); } else (head)->rbh_root = elm; ((old)->entry .rbe_left)->entry.rbe_parent = elm; if ((old)->entry.rbe_right ) ((old)->entry.rbe_right)->entry.rbe_parent = elm; if ( parent) { left = parent; do { do {} while (0); } while ((left = (left)->entry.rbe_parent)); } goto color; } parent = (elm )->entry.rbe_parent; color = (elm)->entry.rbe_color; if (child) (child)->entry.rbe_parent = parent; if (parent) { if ((parent)->entry.rbe_left == elm) (parent)->entry.rbe_left = child; else (parent)->entry.rbe_right = child; do {} while (0); } else (head)->rbh_root = child; color: if (color == 0) force_tree_RB_REMOVE_COLOR(head, parent, child); return ( old); } struct force_tree_entry * force_tree_RB_INSERT(struct force_tree *head, struct force_tree_entry *elm) { struct force_tree_entry *tmp; struct force_tree_entry *parent = ((void*)0); int comp = 0; tmp = (head)->rbh_root; while (tmp) { parent = tmp; comp = (force_tree_cmp)(elm, parent); if (comp < 0) tmp = (tmp )->entry.rbe_left; else if (comp > 0) tmp = (tmp)->entry .rbe_right; else return (tmp); } do { (elm)->entry.rbe_parent = parent; (elm)->entry.rbe_left = (elm)->entry.rbe_right = ((void*)0); (elm)->entry.rbe_color = 1; } while (0); if (parent != ((void*)0)) { if (comp < 0) (parent)->entry .rbe_left = elm; else (parent)->entry.rbe_right = elm; do { } while (0); } else (head)->rbh_root = elm; force_tree_RB_INSERT_COLOR (head, elm); return (((void*)0)); } struct force_tree_entry * force_tree_RB_FIND(struct force_tree *head, struct force_tree_entry *elm) { struct force_tree_entry *tmp = (head)->rbh_root; int comp; while (tmp) { comp = force_tree_cmp(elm, tmp); if (comp < 0) tmp = (tmp)->entry.rbe_left; else if (comp > 0 ) tmp = (tmp)->entry.rbe_right; else return (tmp); } return (((void*)0)); } struct force_tree_entry * force_tree_RB_NFIND (struct force_tree *head, struct force_tree_entry *elm) { struct force_tree_entry *tmp = (head)->rbh_root; struct force_tree_entry *res = ((void*)0); int comp; while (tmp) { comp = force_tree_cmp (elm, tmp); if (comp < 0) { res = tmp; tmp = (tmp)->entry .rbe_left; } else if (comp > 0) tmp = (tmp)->entry.rbe_right ; else return (tmp); } return (res); } struct force_tree_entry * force_tree_RB_NEXT(struct force_tree_entry *elm) { if ((elm )->entry.rbe_right) { elm = (elm)->entry.rbe_right; while ((elm)->entry.rbe_left) elm = (elm)->entry.rbe_left; } else { if ((elm)->entry.rbe_parent && (elm == ((elm )->entry.rbe_parent)->entry.rbe_left)) elm = (elm)-> entry.rbe_parent; else { while ((elm)->entry.rbe_parent && (elm == ((elm)->entry.rbe_parent)->entry.rbe_right)) elm = (elm)->entry.rbe_parent; elm = (elm)->entry.rbe_parent ; } } return (elm); } struct force_tree_entry * force_tree_RB_PREV (struct force_tree_entry *elm) { if ((elm)->entry.rbe_left ) { elm = (elm)->entry.rbe_left; while ((elm)->entry.rbe_right ) elm = (elm)->entry.rbe_right; } else { if ((elm)->entry .rbe_parent && (elm == ((elm)->entry.rbe_parent)-> entry.rbe_right)) elm = (elm)->entry.rbe_parent; else { while ((elm)->entry.rbe_parent && (elm == ((elm)->entry .rbe_parent)->entry.rbe_left)) elm = (elm)->entry.rbe_parent ; elm = (elm)->entry.rbe_parent; } } return (elm); } struct force_tree_entry * force_tree_RB_MINMAX(struct force_tree *head , int val) { struct force_tree_entry *tmp = (head)->rbh_root ; struct force_tree_entry *parent = ((void*)0); while (tmp) { parent = tmp; if (val < 0) tmp = (tmp)->entry.rbe_left ; else tmp = (tmp)->entry.rbe_right; } return (parent); } | |||
225 | ||||
226 | int val_id = -1; | |||
227 | struct slabhash *unified_msg_cache; | |||
228 | struct rrset_cache *unified_rrset_cache; | |||
229 | struct key_cache *unified_key_cache; | |||
230 | struct val_neg_cache *unified_neg_cache; | |||
231 | ||||
232 | int dns64_present; | |||
233 | int available_afs = HAVE_IPV41 | HAVE_IPV62; | |||
234 | ||||
235 | static const char * const as112_zones[] = { | |||
236 | /* RFC1918 */ | |||
237 | "10.in-addr.arpa. transparent", | |||
238 | "16.172.in-addr.arpa. transparent", | |||
239 | "31.172.in-addr.arpa. transparent", | |||
240 | "168.192.in-addr.arpa. transparent", | |||
241 | ||||
242 | /* RFC3330 */ | |||
243 | "0.in-addr.arpa. transparent", | |||
244 | "254.169.in-addr.arpa. transparent", | |||
245 | "2.0.192.in-addr.arpa. transparent", | |||
246 | "100.51.198.in-addr.arpa. transparent", | |||
247 | "113.0.203.in-addr.arpa. transparent", | |||
248 | "255.255.255.255.in-addr.arpa. transparent", | |||
249 | ||||
250 | /* RFC6598 */ | |||
251 | "64.100.in-addr.arpa. transparent", | |||
252 | "65.100.in-addr.arpa. transparent", | |||
253 | "66.100.in-addr.arpa. transparent", | |||
254 | "67.100.in-addr.arpa. transparent", | |||
255 | "68.100.in-addr.arpa. transparent", | |||
256 | "69.100.in-addr.arpa. transparent", | |||
257 | "70.100.in-addr.arpa. transparent", | |||
258 | "71.100.in-addr.arpa. transparent", | |||
259 | "72.100.in-addr.arpa. transparent", | |||
260 | "73.100.in-addr.arpa. transparent", | |||
261 | "74.100.in-addr.arpa. transparent", | |||
262 | "75.100.in-addr.arpa. transparent", | |||
263 | "76.100.in-addr.arpa. transparent", | |||
264 | "77.100.in-addr.arpa. transparent", | |||
265 | "78.100.in-addr.arpa. transparent", | |||
266 | "79.100.in-addr.arpa. transparent", | |||
267 | "80.100.in-addr.arpa. transparent", | |||
268 | "81.100.in-addr.arpa. transparent", | |||
269 | "82.100.in-addr.arpa. transparent", | |||
270 | "83.100.in-addr.arpa. transparent", | |||
271 | "84.100.in-addr.arpa. transparent", | |||
272 | "85.100.in-addr.arpa. transparent", | |||
273 | "86.100.in-addr.arpa. transparent", | |||
274 | "87.100.in-addr.arpa. transparent", | |||
275 | "88.100.in-addr.arpa. transparent", | |||
276 | "89.100.in-addr.arpa. transparent", | |||
277 | "90.100.in-addr.arpa. transparent", | |||
278 | "91.100.in-addr.arpa. transparent", | |||
279 | "92.100.in-addr.arpa. transparent", | |||
280 | "93.100.in-addr.arpa. transparent", | |||
281 | "94.100.in-addr.arpa. transparent", | |||
282 | "95.100.in-addr.arpa. transparent", | |||
283 | "96.100.in-addr.arpa. transparent", | |||
284 | "97.100.in-addr.arpa. transparent", | |||
285 | "98.100.in-addr.arpa. transparent", | |||
286 | "99.100.in-addr.arpa. transparent", | |||
287 | "100.100.in-addr.arpa. transparent", | |||
288 | "101.100.in-addr.arpa. transparent", | |||
289 | "102.100.in-addr.arpa. transparent", | |||
290 | "103.100.in-addr.arpa. transparent", | |||
291 | "104.100.in-addr.arpa. transparent", | |||
292 | "105.100.in-addr.arpa. transparent", | |||
293 | "106.100.in-addr.arpa. transparent", | |||
294 | "107.100.in-addr.arpa. transparent", | |||
295 | "108.100.in-addr.arpa. transparent", | |||
296 | "109.100.in-addr.arpa. transparent", | |||
297 | "110.100.in-addr.arpa. transparent", | |||
298 | "111.100.in-addr.arpa. transparent", | |||
299 | "112.100.in-addr.arpa. transparent", | |||
300 | "113.100.in-addr.arpa. transparent", | |||
301 | "114.100.in-addr.arpa. transparent", | |||
302 | "115.100.in-addr.arpa. transparent", | |||
303 | "116.100.in-addr.arpa. transparent", | |||
304 | "117.100.in-addr.arpa. transparent", | |||
305 | "118.100.in-addr.arpa. transparent", | |||
306 | "119.100.in-addr.arpa. transparent", | |||
307 | "120.100.in-addr.arpa. transparent", | |||
308 | "121.100.in-addr.arpa. transparent", | |||
309 | "122.100.in-addr.arpa. transparent", | |||
310 | "123.100.in-addr.arpa. transparent", | |||
311 | "124.100.in-addr.arpa. transparent", | |||
312 | "125.100.in-addr.arpa. transparent", | |||
313 | "126.100.in-addr.arpa. transparent", | |||
314 | "127.100.in-addr.arpa. transparent", | |||
315 | ||||
316 | /* RFC4291 */ | |||
317 | "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0." | |||
318 | "ip6.arpa. transparent", | |||
319 | ||||
320 | /* RFC4193 */ | |||
321 | "D.F.ip6.arpa. transparent", | |||
322 | ||||
323 | /* RFC4291 */ | |||
324 | "8.E.F.ip6.arpa. transparent", | |||
325 | "9.E.F.ip6.arpa. transparent", | |||
326 | "A.E.F.ip6.arpa. transparent", | |||
327 | "B.E.F.ip6.arpa. transparent", | |||
328 | ||||
329 | /* RFC3849 */ | |||
330 | "8.B.D.0.1.0.0.2.ip6.arpa. transparent" | |||
331 | }; | |||
332 | ||||
333 | const char bogus_past[] = "validation failure <. NS IN>: signature " | |||
334 | "expired"; | |||
335 | const char bogus_future[] = "validation failure <. NS IN>: signature " | |||
336 | "before inception date"; | |||
337 | ||||
338 | void | |||
339 | resolver_sig_handler(int sig, short event, void *arg) | |||
340 | { | |||
341 | /* | |||
342 | * Normal signal handler rules don't apply because libevent | |||
343 | * decouples for us. | |||
344 | */ | |||
345 | ||||
346 | switch (sig) { | |||
347 | case SIGINT2: | |||
348 | case SIGTERM15: | |||
349 | resolver_shutdown(); | |||
350 | default: | |||
351 | fatalx("unexpected signal"); | |||
352 | } | |||
353 | } | |||
354 | ||||
355 | void | |||
356 | resolver(int debug, int verbose) | |||
357 | { | |||
358 | struct event ev_sigint, ev_sigterm; | |||
359 | struct passwd *pw; | |||
360 | struct timeval tv = {DECAY_PERIOD60, 0}; | |||
361 | struct alloc_cache cache_alloc_test; | |||
362 | ||||
363 | resolver_conf = config_new_empty(); | |||
364 | ||||
365 | log_init(debug, LOG_DAEMON)uw_log_init(debug, (3<<3)); | |||
366 | log_setverbose(verbose); | |||
367 | ||||
368 | if ((pw = getpwnam(UNWIND_USER"_unwind")) == NULL((void*)0)) | |||
369 | fatal("getpwnam"); | |||
370 | ||||
371 | setproctitle("%s", "resolver"); | |||
372 | log_procinit("resolver"); | |||
373 | ||||
374 | if (setgroups(1, &pw->pw_gid) || | |||
375 | setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || | |||
376 | setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) | |||
377 | fatal("can't drop privileges"); | |||
378 | ||||
379 | if (unveil(TLS_DEFAULT_CA_CERT_FILE"/etc/ssl/cert.pem", "r") == -1) | |||
380 | fatal("unveil %s", TLS_DEFAULT_CA_CERT_FILE"/etc/ssl/cert.pem"); | |||
381 | ||||
382 | if (pledge("stdio inet dns rpath recvfd", NULL((void*)0)) == -1) | |||
383 | fatal("pledge"); | |||
384 | ||||
385 | ev_base = event_init(); | |||
386 | ||||
387 | /* Setup signal handler(s). */ | |||
388 | signal_set(&ev_sigint, SIGINT, resolver_sig_handler, NULL)event_set(&ev_sigint, 2, 0x08|0x10, resolver_sig_handler, ((void*)0)); | |||
389 | signal_set(&ev_sigterm, SIGTERM, resolver_sig_handler, NULL)event_set(&ev_sigterm, 15, 0x08|0x10, resolver_sig_handler , ((void*)0)); | |||
390 | signal_add(&ev_sigint, NULL)event_add(&ev_sigint, ((void*)0)); | |||
391 | signal_add(&ev_sigterm, NULL)event_add(&ev_sigterm, ((void*)0)); | |||
392 | signal(SIGPIPE13, SIG_IGN(void (*)(int))1); | |||
393 | signal(SIGHUP1, SIG_IGN(void (*)(int))1); | |||
394 | ||||
395 | /* Setup pipe and event handler to the main process. */ | |||
396 | if ((iev_main = malloc(sizeof(struct imsgev))) == NULL((void*)0)) | |||
397 | fatal(NULL((void*)0)); | |||
398 | ||||
399 | imsg_init(&iev_main->ibuf, 3); | |||
400 | iev_main->handler = resolver_dispatch_main; | |||
401 | ||||
402 | /* Setup event handlers. */ | |||
403 | iev_main->events = EV_READ0x02; | |||
404 | event_set(&iev_main->ev, iev_main->ibuf.fd, iev_main->events, | |||
405 | iev_main->handler, iev_main); | |||
406 | event_add(&iev_main->ev, NULL((void*)0)); | |||
407 | ||||
408 | evtimer_set(&trust_anchor_timer, trust_anchor_timo, NULL)event_set(&trust_anchor_timer, -1, 0, trust_anchor_timo, ( (void*)0)); | |||
409 | evtimer_set(&decay_timer, decay_latest_histograms, NULL)event_set(&decay_timer, -1, 0, decay_latest_histograms, ( (void*)0)); | |||
410 | evtimer_add(&decay_timer, &tv)event_add(&decay_timer, &tv); | |||
411 | ||||
412 | clock_gettime(CLOCK_MONOTONIC3, &last_network_change); | |||
413 | ||||
414 | alloc_init(&cache_alloc_test, NULL((void*)0), 0); | |||
415 | if (cache_alloc_test.max_reg_blocks != 10) | |||
416 | fatalx("local libunbound/util/alloc.c diff lost"); | |||
417 | alloc_clear(&cache_alloc_test); | |||
418 | ||||
419 | setup_unified_caches(); | |||
420 | ||||
421 | TAILQ_INIT(&autoconf_forwarder_list)do { (&autoconf_forwarder_list)->tqh_first = ((void*)0 ); (&autoconf_forwarder_list)->tqh_last = &(&autoconf_forwarder_list )->tqh_first; } while (0); | |||
422 | TAILQ_INIT(&trust_anchors)do { (&trust_anchors)->tqh_first = ((void*)0); (&trust_anchors )->tqh_last = &(&trust_anchors)->tqh_first; } while (0); | |||
423 | TAILQ_INIT(&new_trust_anchors)do { (&new_trust_anchors)->tqh_first = ((void*)0); (& new_trust_anchors)->tqh_last = &(&new_trust_anchors )->tqh_first; } while (0); | |||
424 | TAILQ_INIT(&running_queries)do { (&running_queries)->tqh_first = ((void*)0); (& running_queries)->tqh_last = &(&running_queries)-> tqh_first; } while (0); | |||
425 | ||||
426 | event_dispatch(); | |||
427 | ||||
428 | resolver_shutdown(); | |||
429 | } | |||
430 | ||||
431 | __dead__attribute__((__noreturn__)) void | |||
432 | resolver_shutdown(void) | |||
433 | { | |||
434 | /* Close pipes. */ | |||
435 | msgbuf_clear(&iev_frontend->ibuf.w); | |||
436 | close(iev_frontend->ibuf.fd); | |||
437 | msgbuf_clear(&iev_main->ibuf.w); | |||
438 | close(iev_main->ibuf.fd); | |||
439 | ||||
440 | config_clear(resolver_conf); | |||
441 | ||||
442 | free(iev_frontend); | |||
443 | free(iev_main); | |||
444 | ||||
445 | log_info("resolver exiting")uw_log_info("resolver exiting"); | |||
446 | exit(0); | |||
447 | } | |||
448 | ||||
449 | int | |||
450 | resolver_imsg_compose_main(int type, pid_t pid, void *data, uint16_t datalen) | |||
451 | { | |||
452 | return (imsg_compose_event(iev_main, type, 0, pid, -1, data, datalen)); | |||
453 | } | |||
454 | ||||
455 | int | |||
456 | resolver_imsg_compose_frontend(int type, pid_t pid, void *data, | |||
457 | uint16_t datalen) | |||
458 | { | |||
459 | return (imsg_compose_event(iev_frontend, type, 0, pid, -1, | |||
460 | data, datalen)); | |||
461 | } | |||
462 | ||||
463 | void | |||
464 | resolver_dispatch_frontend(int fd, short event, void *bula) | |||
465 | { | |||
466 | struct imsgev *iev = bula; | |||
467 | struct imsgbuf *ibuf; | |||
468 | struct imsg imsg; | |||
469 | struct query_imsg *query_imsg; | |||
470 | ssize_t n; | |||
471 | int shut = 0, verbose, i, new_available_afs; | |||
472 | char *ta; | |||
473 | ||||
474 | ibuf = &iev->ibuf; | |||
475 | ||||
476 | if (event & EV_READ0x02) { | |||
477 | if ((n = imsg_read(ibuf)) == -1 && errno(*__errno()) != EAGAIN35) | |||
478 | fatal("imsg_read error"); | |||
479 | if (n == 0) /* Connection closed. */ | |||
480 | shut = 1; | |||
481 | } | |||
482 | if (event & EV_WRITE0x04) { | |||
483 | if ((n = msgbuf_write(&ibuf->w)) == -1 && errno(*__errno()) != EAGAIN35) | |||
484 | fatal("msgbuf_write"); | |||
485 | if (n == 0) /* Connection closed. */ | |||
486 | shut = 1; | |||
487 | } | |||
488 | ||||
489 | for (;;) { | |||
490 | if ((n = imsg_get(ibuf, &imsg)) == -1) | |||
491 | fatal("%s: imsg_get error", __func__); | |||
492 | if (n == 0) /* No more messages. */ | |||
493 | break; | |||
494 | ||||
495 | switch (imsg.hdr.type) { | |||
496 | case IMSG_CTL_LOG_VERBOSE: | |||
497 | if (IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr)) != sizeof(verbose)) | |||
498 | fatalx("%s: IMSG_CTL_LOG_VERBOSE wrong length: " | |||
499 | "%lu", __func__, | |||
500 | IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr))); | |||
501 | memcpy(&verbose, imsg.data, sizeof(verbose)); | |||
502 | if (log_getdebug() && (log_getverbose() & OPT_VERBOSE30x00000004) | |||
503 | != (verbose & OPT_VERBOSE30x00000004)) | |||
504 | restart_ub_resolvers(0); | |||
505 | log_setverbose(verbose); | |||
506 | break; | |||
507 | case IMSG_QUERY: | |||
508 | if (IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr)) != sizeof(*query_imsg)) | |||
509 | fatalx("%s: IMSG_QUERY wrong length: %lu", | |||
510 | __func__, IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr))); | |||
511 | if ((query_imsg = malloc(sizeof(*query_imsg))) == | |||
512 | NULL((void*)0)) { | |||
513 | log_warn("cannot allocate query")uw_log_warn("cannot allocate query"); | |||
514 | break; | |||
515 | } | |||
516 | memcpy(query_imsg, imsg.data, sizeof(*query_imsg)); | |||
517 | setup_query(query_imsg); | |||
518 | break; | |||
519 | case IMSG_CTL_STATUS: | |||
520 | if (IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr)) != 0) | |||
521 | fatalx("%s: IMSG_CTL_STATUS wrong length: %lu", | |||
522 | __func__, IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr))); | |||
523 | show_status(imsg.hdr.pid); | |||
524 | break; | |||
525 | case IMSG_CTL_AUTOCONF: | |||
526 | if (IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr)) != 0) | |||
527 | fatalx("%s: IMSG_CTL_AUTOCONF wrong length: " | |||
528 | "%lu", __func__, IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr))); | |||
529 | show_autoconf(imsg.hdr.pid); | |||
530 | break; | |||
531 | case IMSG_CTL_MEM: | |||
532 | if (IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr)) != 0) | |||
533 | fatalx("%s: IMSG_CTL_AUTOCONF wrong length: " | |||
534 | "%lu", __func__, IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr))); | |||
535 | show_mem(imsg.hdr.pid); | |||
536 | break; | |||
537 | case IMSG_NEW_TA: | |||
538 | if (((char *)imsg.data)[IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr)) - 1] != | |||
539 | '\0') | |||
540 | fatalx("Invalid trust anchor"); | |||
541 | ta = imsg.data; | |||
542 | add_new_ta(&new_trust_anchors, ta); | |||
543 | break; | |||
544 | case IMSG_NEW_TAS_ABORT: | |||
545 | free_tas(&new_trust_anchors); | |||
546 | break; | |||
547 | case IMSG_NEW_TAS_DONE: | |||
548 | if (merge_tas(&new_trust_anchors, &trust_anchors)) | |||
549 | restart_ub_resolvers(1); | |||
550 | break; | |||
551 | case IMSG_NETWORK_CHANGED: | |||
552 | clock_gettime(CLOCK_MONOTONIC3, &last_network_change); | |||
553 | schedule_recheck_all_resolvers(); | |||
554 | for (i = 0; i < UW_RES_NONE; i++) { | |||
555 | if (resolvers[i] == NULL((void*)0)) | |||
556 | continue; | |||
557 | memset(resolvers[i]->latest_histogram, 0, | |||
558 | sizeof(resolvers[i]->latest_histogram)); | |||
559 | resolvers[i]->median = histogram_median( | |||
560 | resolvers[i]->latest_histogram); | |||
561 | } | |||
562 | ||||
563 | break; | |||
564 | case IMSG_REPLACE_DNS: | |||
565 | if (IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr)) != | |||
566 | sizeof(struct imsg_rdns_proposal)) | |||
567 | fatalx("%s: IMSG_ADD_DNS wrong length: %lu", | |||
568 | __func__, IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr))); | |||
569 | replace_autoconf_forwarders((struct | |||
570 | imsg_rdns_proposal *)imsg.data); | |||
571 | break; | |||
572 | case IMSG_CHANGE_AFS: | |||
573 | if (IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr)) != | |||
574 | sizeof(new_available_afs)) | |||
575 | fatalx("%s: IMSG_CHANGE_AFS wrong length: %lu", | |||
576 | __func__, IMSG_DATA_SIZE(imsg)((imsg).hdr.len - sizeof(struct imsg_hdr))); | |||
577 | memcpy(&new_available_afs, imsg.data, | |||
578 | sizeof(new_available_afs)); | |||
579 | if (new_available_afs != available_afs) { | |||
580 | available_afs = new_available_afs; | |||
581 | restart_ub_resolvers(1); | |||
582 | } | |||
583 | break; | |||
584 | default: | |||
585 | log_debug("%s: unexpected imsg %d", __func__, | |||
586 | imsg.hdr.type); | |||
587 | break; | |||
588 | } | |||
589 | imsg_free(&imsg); | |||
590 | } | |||
591 | if (!shut) | |||
592 | imsg_event_add(iev); | |||
593 | else { | |||
594 | /* This pipe is dead. Remove its event handler. */ | |||
595 | event_del(&iev->ev); | |||
596 | event_loopexit(NULL((void*)0)); | |||
597 | } | |||
598 | } | |||
599 | ||||
600 | void | |||
601 | resolver_dispatch_main(int fd, short event, void *bula) | |||
602 | { | |||
603 | static struct uw_conf *nconf; | |||
604 | struct imsg imsg; | |||
605 | struct imsgev *iev = bula; | |||
606 | struct imsgbuf *ibuf; | |||
607 | ssize_t n; | |||
608 | int shut = 0, i, *restart; | |||
609 | ||||
610 | ibuf = &iev->ibuf; | |||
611 | ||||
612 | if (event & EV_READ0x02) { | |||
613 | if ((n = imsg_read(ibuf)) == -1 && errno(*__errno()) != EAGAIN35) | |||
614 | fatal("imsg_read error"); | |||
615 | if (n == 0) /* Connection closed. */ | |||
616 | shut = 1; | |||
617 | } | |||
618 | if (event & EV_WRITE0x04) { | |||
619 | if ((n = msgbuf_write(&ibuf->w)) == -1 && errno(*__errno()) != EAGAIN35) | |||
620 | fatal("msgbuf_write"); | |||
621 | if (n == 0) /* Connection closed. */ | |||
622 | shut = 1; | |||
623 | } | |||
624 | ||||
625 | for (;;) { | |||
626 | if ((n = imsg_get(ibuf, &imsg)) == -1) | |||
627 | fatal("%s: imsg_get error", __func__); | |||
628 | if (n == 0) /* No more messages. */ | |||
629 | break; | |||
630 | ||||
631 | switch (imsg.hdr.type) { | |||
632 | case IMSG_SOCKET_IPC_FRONTEND: | |||
633 | /* | |||
634 | * Setup pipe and event handler to the frontend | |||
635 | * process. | |||
636 | */ | |||
637 | if (iev_frontend) | |||
638 | fatalx("%s: received unexpected imsg fd " | |||
639 | "to resolver", __func__); | |||
640 | ||||
641 | if ((fd = imsg.fd) == -1) | |||
642 | fatalx("%s: expected to receive imsg fd to " | |||
643 | "resolver but didn't receive any", __func__); | |||
644 | ||||
645 | iev_frontend = malloc(sizeof(struct imsgev)); | |||
646 | if (iev_frontend == NULL((void*)0)) | |||
647 | fatal(NULL((void*)0)); | |||
648 | ||||
649 | imsg_init(&iev_frontend->ibuf, fd); | |||
650 | iev_frontend->handler = resolver_dispatch_frontend; | |||
651 | iev_frontend->events = EV_READ0x02; | |||
652 | ||||
653 | event_set(&iev_frontend->ev, iev_frontend->ibuf.fd, | |||
654 | iev_frontend->events, iev_frontend->handler, | |||
655 | iev_frontend); | |||
656 | event_add(&iev_frontend->ev, NULL((void*)0)); | |||
657 | break; | |||
658 | ||||
659 | case IMSG_STARTUP: | |||
660 | if (pledge("stdio inet dns rpath", NULL((void*)0)) == -1) | |||
661 | fatal("pledge"); | |||
662 | break; | |||
663 | case IMSG_RECONF_CONF: | |||
664 | case IMSG_RECONF_BLOCKLIST_FILE: | |||
665 | case IMSG_RECONF_FORWARDER: | |||
666 | case IMSG_RECONF_DOT_FORWARDER: | |||
667 | case IMSG_RECONF_FORCE: | |||
668 | imsg_receive_config(&imsg, &nconf); | |||
669 | break; | |||
670 | case IMSG_RECONF_END: | |||
671 | if (nconf == NULL((void*)0)) | |||
672 | fatalx("%s: IMSG_RECONF_END without " | |||
673 | "IMSG_RECONF_CONF", __func__); | |||
674 | restart = resolvers_to_restart(resolver_conf, nconf); | |||
675 | merge_config(resolver_conf, nconf); | |||
676 | nconf = NULL((void*)0); | |||
677 | for (i = 0; i < UW_RES_NONE; i++) | |||
678 | if (restart[i]) | |||
679 | new_resolver(i, UNKNOWN); | |||
680 | break; | |||
681 | default: | |||
682 | log_debug("%s: unexpected imsg %d", __func__, | |||
683 | imsg.hdr.type); | |||
684 | break; | |||
685 | } | |||
686 | imsg_free(&imsg); | |||
687 | } | |||
688 | if (!shut) | |||
689 | imsg_event_add(iev); | |||
690 | else { | |||
691 | /* This pipe is dead. Remove its event handler. */ | |||
692 | event_del(&iev->ev); | |||
693 | event_loopexit(NULL((void*)0)); | |||
694 | } | |||
695 | } | |||
696 | ||||
697 | int | |||
698 | sort_resolver_types(struct resolver_preference *dst) | |||
699 | { | |||
700 | memcpy(dst, &resolver_conf->res_pref, sizeof(*dst)); | |||
701 | ||||
702 | /* | |||
703 | * Sort by resolver quality, validating > resolving etc. | |||
704 | * mergesort is stable and keeps the configured preference order | |||
705 | */ | |||
706 | return mergesort(dst->types, dst->len, sizeof(dst->types[0]), | |||
707 | resolver_cmp); | |||
708 | } | |||
709 | ||||
710 | void | |||
711 | setup_query(struct query_imsg *query_imsg) | |||
712 | { | |||
713 | struct running_query *rq; | |||
714 | struct uw_resolver *res; | |||
715 | ||||
716 | if (find_running_query(query_imsg->id) != NULL((void*)0)) { | |||
717 | free(query_imsg); | |||
718 | return; | |||
719 | } | |||
720 | ||||
721 | if ((rq = calloc(1, sizeof(*rq))) == NULL((void*)0)) { | |||
722 | log_warnx(NULL((void*)0)); | |||
723 | free(query_imsg); | |||
724 | return; | |||
725 | } | |||
726 | ||||
727 | clock_gettime(CLOCK_MONOTONIC3, &rq->tp); | |||
728 | rq->query_imsg = query_imsg; | |||
729 | rq->next_resolver = 0; | |||
730 | ||||
731 | find_force(&resolver_conf->force, query_imsg->qname, &res); | |||
732 | ||||
733 | if (res != NULL((void*)0) && res->state != DEAD && res->state != UNKNOWN) { | |||
734 | rq->res_pref.len = 1; | |||
735 | rq->res_pref.types[0] = res->type; | |||
736 | } else if (sort_resolver_types(&rq->res_pref) == -1) { | |||
737 | log_warn("mergesort")uw_log_warn("mergesort"); | |||
738 | free(rq->query_imsg); | |||
739 | free(rq); | |||
740 | return; | |||
741 | } | |||
742 | ||||
743 | evtimer_set(&rq->timer_ev, try_resolver_timo, rq)event_set(&rq->timer_ev, -1, 0, try_resolver_timo, rq); | |||
744 | ||||
745 | TAILQ_INSERT_TAIL(&running_queries, rq, entry)do { (rq)->entry.tqe_next = ((void*)0); (rq)->entry.tqe_prev = (&running_queries)->tqh_last; *(&running_queries )->tqh_last = (rq); (&running_queries)->tqh_last = & (rq)->entry.tqe_next; } while (0); | |||
746 | try_next_resolver(rq); | |||
747 | } | |||
748 | ||||
749 | struct running_query * | |||
750 | find_running_query(uint64_t id) | |||
751 | { | |||
752 | struct running_query *rq; | |||
753 | ||||
754 | TAILQ_FOREACH(rq, &running_queries, entry)for((rq) = ((&running_queries)->tqh_first); (rq) != (( void*)0); (rq) = ((rq)->entry.tqe_next)) { | |||
755 | if (rq->query_imsg->id == id) | |||
756 | return rq; | |||
757 | } | |||
758 | return NULL((void*)0); | |||
759 | } | |||
760 | ||||
761 | void | |||
762 | try_resolver_timo(int fd, short events, void *arg) | |||
763 | { | |||
764 | struct running_query *rq = arg; | |||
765 | ||||
766 | try_next_resolver(rq); | |||
767 | } | |||
768 | ||||
769 | int | |||
770 | try_next_resolver(struct running_query *rq) | |||
771 | { | |||
772 | struct uw_resolver *res = NULL((void*)0); | |||
773 | struct query_imsg *query_imsg = NULL((void*)0); | |||
774 | struct timespec tp, elapsed; | |||
775 | struct timeval tv = {0, 0}; | |||
776 | int64_t ms; | |||
777 | int i; | |||
778 | ||||
779 | while(rq->next_resolver < rq->res_pref.len && | |||
780 | ((res = resolvers[rq->res_pref.types[rq->next_resolver]]) == NULL((void*)0) || | |||
781 | res->state == DEAD || res->state == UNKNOWN)) | |||
782 | rq->next_resolver++; | |||
783 | ||||
784 | if (res == NULL((void*)0)) { | |||
785 | evtimer_del(&rq->timer_ev)event_del(&rq->timer_ev); /* we are not going to find one */ | |||
786 | log_debug("%s: could not find (any more) working resolvers", | |||
787 | __func__); | |||
788 | goto err; | |||
789 | } | |||
790 | ||||
791 | rq->next_resolver++; | |||
792 | clock_gettime(CLOCK_MONOTONIC3, &tp); | |||
793 | timespecsub(&tp, &rq->tp, &elapsed)do { (&elapsed)->tv_sec = (&tp)->tv_sec - (& rq->tp)->tv_sec; (&elapsed)->tv_nsec = (&tp) ->tv_nsec - (&rq->tp)->tv_nsec; if ((&elapsed )->tv_nsec < 0) { (&elapsed)->tv_sec--; (&elapsed )->tv_nsec += 1000000000L; } } while (0); | |||
794 | ms = elapsed.tv_sec * 1000 + elapsed.tv_nsec / 1000000; | |||
795 | ||||
796 | log_debug("%s[+%lldms]: %s[%s] %s", __func__, ms, | |||
797 | uw_resolver_type_str[res->type], uw_resolver_state_str[res->state], | |||
798 | query_imsg2str(rq->query_imsg)); | |||
799 | ||||
800 | if ((query_imsg = malloc(sizeof(*query_imsg))) == NULL((void*)0)) { | |||
801 | log_warnx("%s", __func__); | |||
802 | goto err; | |||
803 | } | |||
804 | memcpy(query_imsg, rq->query_imsg, sizeof(*query_imsg)); | |||
805 | clock_gettime(CLOCK_MONOTONIC3, &query_imsg->tp); | |||
806 | ||||
807 | ms = res->median; | |||
808 | if (ms > NEXT_RES_MAX2000) | |||
809 | ms = NEXT_RES_MAX2000; | |||
810 | ||||
811 | /* skip over unavailable resolvers in preferences */ | |||
812 | for (i = 0; i < resolver_conf->res_pref.len && | |||
813 | resolvers[resolver_conf->res_pref.types[i]] == NULL((void*)0); i++) | |||
814 | ; | |||
815 | if (res->type == resolver_conf->res_pref.types[i]) | |||
816 | tv.tv_usec = 1000 * (PREF_RESOLVER_MEDIAN_SKEW200 + ms); | |||
817 | else | |||
818 | tv.tv_usec = 1000 * ms; | |||
819 | ||||
820 | while (tv.tv_usec >= 1000000) { | |||
821 | tv.tv_sec++; | |||
822 | tv.tv_usec -= 1000000; | |||
823 | } | |||
824 | evtimer_add(&rq->timer_ev, &tv)event_add(&rq->timer_ev, &tv); | |||
825 | ||||
826 | rq->running++; | |||
827 | if (resolve(res, query_imsg->qname, query_imsg->t, | |||
828 | query_imsg->c, query_imsg, resolve_done) != 0) { | |||
829 | rq->running--; | |||
830 | goto err; | |||
831 | } | |||
832 | ||||
833 | return 0; | |||
834 | ||||
835 | err: | |||
836 | free(query_imsg); | |||
837 | if (rq->running == 0) { | |||
838 | TAILQ_REMOVE(&running_queries, rq, entry)do { if (((rq)->entry.tqe_next) != ((void*)0)) (rq)->entry .tqe_next->entry.tqe_prev = (rq)->entry.tqe_prev; else ( &running_queries)->tqh_last = (rq)->entry.tqe_prev; *(rq)->entry.tqe_prev = (rq)->entry.tqe_next; ; ; } while (0); | |||
839 | evtimer_del(&rq->timer_ev)event_del(&rq->timer_ev); | |||
840 | free(rq->query_imsg); | |||
841 | free(rq); | |||
842 | } | |||
843 | return 1; | |||
844 | } | |||
845 | ||||
846 | int | |||
847 | resolve(struct uw_resolver *res, const char* name, int rrtype, int rrclass, | |||
848 | void *mydata, resolve_cb_t cb) | |||
849 | { | |||
850 | struct resolver_cb_data *cb_data = NULL((void*)0); | |||
851 | struct asr_query *aq = NULL((void*)0); | |||
852 | int err; | |||
853 | ||||
854 | resolver_ref(res); | |||
855 | ||||
856 | if ((cb_data = malloc(sizeof(*cb_data))) == NULL((void*)0)) | |||
857 | goto err; | |||
858 | cb_data->cb = cb; | |||
859 | cb_data->data = mydata; | |||
860 | cb_data->res = res; | |||
861 | ||||
862 | switch(res->type) { | |||
863 | case UW_RES_ASR: | |||
864 | if ((aq = res_query_async(name, rrclass, rrtype, res->asr_ctx)) | |||
865 | == NULL((void*)0)) { | |||
866 | log_warn("%s: res_query_async", __func__)uw_log_warn("%s: res_query_async", __func__); | |||
867 | goto err; | |||
868 | } | |||
869 | if (event_asr_run(aq, asr_resolve_done, cb_data) == NULL((void*)0)) { | |||
870 | log_warn("%s: res_query_async", __func__)uw_log_warn("%s: res_query_async", __func__); | |||
871 | goto err; | |||
872 | } | |||
873 | break; | |||
874 | case UW_RES_RECURSOR: | |||
875 | case UW_RES_AUTOCONF: | |||
876 | case UW_RES_ODOT_AUTOCONF: | |||
877 | case UW_RES_FORWARDER: | |||
878 | case UW_RES_ODOT_FORWARDER: | |||
879 | case UW_RES_DOT: | |||
880 | if ((err = ub_resolve_event(res->ctx, name, rrtype, rrclass, | |||
881 | cb_data, ub_resolve_done, NULL((void*)0))) != 0) { | |||
882 | log_warn("%s: ub_resolve_event: err: %d, %s", __func__,uw_log_warn("%s: ub_resolve_event: err: %d, %s", __func__, err , ub_strerror(err)) | |||
883 | err, ub_strerror(err))uw_log_warn("%s: ub_resolve_event: err: %d, %s", __func__, err , ub_strerror(err)); | |||
884 | goto err; | |||
885 | } | |||
886 | break; | |||
887 | default: | |||
888 | fatalx("unknown resolver type %d", res->type); | |||
889 | break; | |||
890 | } | |||
891 | ||||
892 | return 0; | |||
893 | err: | |||
894 | free(cb_data); | |||
895 | free(aq); | |||
896 | resolver_unref(res); | |||
897 | return 1; | |||
898 | } | |||
899 | ||||
900 | void | |||
901 | resolve_done(struct uw_resolver *res, void *arg, int rcode, | |||
902 | void *answer_packet, int answer_len, int sec, char *why_bogus) | |||
903 | { | |||
904 | struct uw_resolver *tmp_res; | |||
905 | struct ub_result *result = NULL((void*)0); | |||
906 | sldns_buffer *buf = NULL((void*)0); | |||
907 | struct regional *region = NULL((void*)0); | |||
908 | struct query_imsg *query_imsg; | |||
909 | struct answer_header *answer_header; | |||
910 | struct running_query *rq; | |||
911 | struct timespec tp, elapsed; | |||
912 | int64_t ms; | |||
913 | size_t i; | |||
914 | int running_res, asr_pref_pos, force_acceptbogus; | |||
915 | char *str; | |||
916 | char rcode_buf[16]; | |||
917 | uint8_t *p, *data; | |||
918 | uint8_t answer_imsg[MAX_IMSGSIZE16384 - IMSG_HEADER_SIZEsizeof(struct imsg_hdr)]; | |||
919 | ||||
920 | clock_gettime(CLOCK_MONOTONIC3, &tp); | |||
921 | ||||
922 | query_imsg = (struct query_imsg *)arg; | |||
923 | ||||
924 | answer_header = (struct answer_header *)answer_imsg; | |||
925 | data = answer_imsg + sizeof(*answer_header); | |||
926 | answer_header->id = query_imsg->id; | |||
927 | answer_header->srvfail = 0; | |||
928 | answer_header->answer_len = 0; | |||
929 | ||||
930 | timespecsub(&tp, &query_imsg->tp, &elapsed)do { (&elapsed)->tv_sec = (&tp)->tv_sec - (& query_imsg->tp)->tv_sec; (&elapsed)->tv_nsec = ( &tp)->tv_nsec - (&query_imsg->tp)->tv_nsec; if ((&elapsed)->tv_nsec < 0) { (&elapsed)->tv_sec --; (&elapsed)->tv_nsec += 1000000000L; } } while (0); | |||
931 | ||||
932 | ms = elapsed.tv_sec * 1000 + elapsed.tv_nsec / 1000000; | |||
933 | ||||
934 | for (i = 0; i < nitems(histogram_limits)(sizeof((histogram_limits)) / sizeof((histogram_limits)[0])); i++) { | |||
935 | if (ms < histogram_limits[i]) | |||
936 | break; | |||
937 | } | |||
938 | if (i == nitems(histogram_limits)(sizeof((histogram_limits)) / sizeof((histogram_limits)[0]))) | |||
939 | log_debug("histogram bucket error"); | |||
940 | else { | |||
941 | res->histogram[i]++; | |||
942 | /* latest_histogram is in units of 1000 to avoid rounding | |||
943 | down when decaying */ | |||
944 | res->latest_histogram[i] += 1000; | |||
945 | res->median = histogram_median(res->latest_histogram); | |||
946 | } | |||
947 | ||||
948 | if ((rq = find_running_query(query_imsg->id)) == NULL((void*)0)) | |||
949 | goto out; | |||
950 | ||||
951 | running_res = --rq->running; | |||
952 | ||||
953 | if (answer_len < LDNS_HEADER_SIZE12) { | |||
954 | log_warnx("bad packet: too short"); | |||
955 | goto servfail; | |||
956 | } | |||
957 | ||||
958 | if (answer_len > UINT16_MAX0xffff) { | |||
959 | log_warnx("bad packet: too large: %d - %s", answer_len, | |||
960 | query_imsg2str(query_imsg)); | |||
961 | goto servfail; | |||
962 | } | |||
963 | answer_header->answer_len = answer_len; | |||
964 | ||||
965 | if (rcode == LDNS_RCODE_SERVFAIL) { | |||
966 | if (res->stop != 1) | |||
967 | check_resolver(res); | |||
968 | goto servfail; | |||
969 | } | |||
970 | ||||
971 | if ((result = calloc(1, sizeof(*result))) == NULL((void*)0)) | |||
972 | goto servfail; | |||
973 | if ((buf = sldns_buffer_new(answer_len)) == NULL((void*)0)) | |||
974 | goto servfail; | |||
975 | if ((region = regional_create()) == NULL((void*)0)) | |||
976 | goto servfail; | |||
977 | ||||
978 | result->rcode = LDNS_RCODE_SERVFAIL; | |||
979 | ||||
980 | sldns_buffer_clear(buf); | |||
981 | sldns_buffer_write(buf, answer_packet, answer_len); | |||
982 | sldns_buffer_flip(buf); | |||
983 | libworker_enter_result(result, buf, region, sec); | |||
984 | result->answer_packet = NULL((void*)0); | |||
985 | result->answer_len = 0; | |||
986 | ||||
987 | sldns_wire2str_rcode_buf(result->rcode, rcode_buf, sizeof(rcode_buf)); | |||
988 | log_debug("%s[%s]: %s rcode: %s[%d], elapsed: %lldms, running: %d", | |||
989 | __func__, uw_resolver_type_str[res->type], | |||
990 | query_imsg2str(query_imsg), rcode_buf, result->rcode, ms, | |||
991 | running_query_cnt()); | |||
992 | ||||
993 | force_acceptbogus = find_force(&resolver_conf->force, query_imsg->qname, | |||
994 | &tmp_res); | |||
995 | if (tmp_res != NULL((void*)0) && tmp_res->type != res->type) | |||
996 | force_acceptbogus = 0; | |||
997 | ||||
998 | timespecsub(&tp, &last_network_change, &elapsed)do { (&elapsed)->tv_sec = (&tp)->tv_sec - (& last_network_change)->tv_sec; (&elapsed)->tv_nsec = (&tp)->tv_nsec - (&last_network_change)->tv_nsec ; if ((&elapsed)->tv_nsec < 0) { (&elapsed)-> tv_sec--; (&elapsed)->tv_nsec += 1000000000L; } } while (0); | |||
999 | if (sec != SECURE2 && elapsed.tv_sec < DOUBT_NXDOMAIN_SEC(5 * 60) && | |||
1000 | !force_acceptbogus && res->type != UW_RES_ASR && | |||
1001 | (result->rcode == LDNS_RCODE_NXDOMAIN || sec == BOGUS1)) { | |||
1002 | /* | |||
1003 | * Doubt NXDOMAIN or BOGUS if we just switched networks, we | |||
1004 | * might be behind a captive portal. | |||
1005 | */ | |||
1006 | log_debug("%s: doubt NXDOMAIN or BOGUS from %s, network change" | |||
1007 | " %llds ago", __func__, uw_resolver_type_str[res->type], | |||
1008 | elapsed.tv_sec); | |||
1009 | ||||
1010 | /* search for ASR */ | |||
1011 | asr_pref_pos = -1; | |||
1012 | for (i = 0; i < (size_t)rq->res_pref.len; i++) | |||
1013 | if (rq->res_pref.types[i] == UW_RES_ASR) { | |||
1014 | asr_pref_pos = i; | |||
1015 | break; | |||
1016 | } | |||
1017 | ||||
1018 | if (asr_pref_pos != -1 && resolvers[UW_RES_ASR] != NULL((void*)0)) { | |||
1019 | /* go to ASR if not yet scheduled */ | |||
1020 | if (asr_pref_pos >= rq->next_resolver) { | |||
1021 | rq->next_resolver = asr_pref_pos; | |||
1022 | try_next_resolver(rq); | |||
1023 | } | |||
1024 | goto out; | |||
1025 | } | |||
1026 | log_debug("%s: using NXDOMAIN or BOGUS, couldn't find working " | |||
1027 | "ASR", __func__); | |||
1028 | } | |||
1029 | ||||
1030 | if (log_getverbose() & OPT_VERBOSE20x00000002 && (str = | |||
1031 | sldns_wire2str_pkt(answer_packet, answer_len)) != NULL((void*)0)) { | |||
1032 | log_debug("%s", str); | |||
1033 | free(str); | |||
1034 | } | |||
1035 | ||||
1036 | if (result->rcode == LDNS_RCODE_SERVFAIL) | |||
1037 | goto servfail; | |||
1038 | ||||
1039 | if (sec == SECURE2 && res->state != VALIDATING && res->stop != -1) | |||
1040 | check_resolver(res); | |||
1041 | ||||
1042 | if (res->state == VALIDATING && sec == BOGUS1) { | |||
1043 | answer_header->bogus = !force_acceptbogus; | |||
1044 | if (answer_header->bogus && why_bogus != NULL((void*)0)) | |||
1045 | log_warnx("%s", why_bogus); | |||
1046 | } else | |||
1047 | answer_header->bogus = 0; | |||
1048 | ||||
1049 | p = answer_packet; | |||
1050 | do { | |||
1051 | int len; | |||
1052 | ||||
1053 | if ((size_t)answer_len > sizeof(answer_imsg) - | |||
1054 | sizeof(*answer_header)) | |||
1055 | len = sizeof(answer_imsg) - sizeof(*answer_header); | |||
1056 | else | |||
1057 | len = answer_len; | |||
1058 | memcpy(data, p, len); | |||
1059 | if (resolver_imsg_compose_frontend(IMSG_ANSWER, 0, | |||
1060 | &answer_imsg, sizeof(*answer_header) + len) == -1) | |||
1061 | fatalx("IMSG_ANSWER failed for \"%s\"", | |||
1062 | query_imsg2str(query_imsg)); | |||
1063 | answer_len -= len; | |||
1064 | p += len; | |||
1065 | } while (answer_len > 0); | |||
1066 | ||||
1067 | TAILQ_REMOVE(&running_queries, rq, entry)do { if (((rq)->entry.tqe_next) != ((void*)0)) (rq)->entry .tqe_next->entry.tqe_prev = (rq)->entry.tqe_prev; else ( &running_queries)->tqh_last = (rq)->entry.tqe_prev; *(rq)->entry.tqe_prev = (rq)->entry.tqe_next; ; ; } while (0); | |||
1068 | evtimer_del(&rq->timer_ev)event_del(&rq->timer_ev); | |||
1069 | free(rq->query_imsg); | |||
1070 | free(rq); | |||
1071 | goto out; | |||
1072 | ||||
1073 | servfail: | |||
1074 | /* try_next_resolver() might free rq */ | |||
1075 | if (try_next_resolver(rq) != 0 && running_res == 0) { | |||
1076 | /* we are the last one, send SERVFAIL */ | |||
1077 | answer_header->srvfail = 1; | |||
1078 | resolver_imsg_compose_frontend(IMSG_ANSWER, 0, | |||
1079 | answer_imsg, sizeof(*answer_header)); | |||
1080 | } | |||
1081 | out: | |||
1082 | free(query_imsg); | |||
1083 | sldns_buffer_free(buf); | |||
1084 | regional_destroy(region); | |||
1085 | ub_resolve_free(result); | |||
1086 | } | |||
1087 | ||||
1088 | void | |||
1089 | new_resolver(enum uw_resolver_type type, enum uw_resolver_state state) | |||
1090 | { | |||
1091 | free_resolver(resolvers[type]); | |||
1092 | resolvers[type] = NULL((void*)0); | |||
1093 | ||||
1094 | if (!resolver_conf->enabled_resolvers[type]) | |||
1095 | return; | |||
1096 | ||||
1097 | switch (type) { | |||
1098 | case UW_RES_ASR: | |||
1099 | case UW_RES_AUTOCONF: | |||
1100 | case UW_RES_ODOT_AUTOCONF: | |||
1101 | if (TAILQ_EMPTY(&autoconf_forwarder_list)(((&autoconf_forwarder_list)->tqh_first) == ((void*)0) )) | |||
1102 | return; | |||
1103 | break; | |||
1104 | case UW_RES_RECURSOR: | |||
1105 | break; | |||
1106 | case UW_RES_FORWARDER: | |||
1107 | case UW_RES_ODOT_FORWARDER: | |||
1108 | if (TAILQ_EMPTY(&resolver_conf->uw_forwarder_list)(((&resolver_conf->uw_forwarder_list)->tqh_first) == ((void*)0))) | |||
1109 | return; | |||
1110 | break; | |||
1111 | case UW_RES_DOT: | |||
1112 | if (TAILQ_EMPTY(&resolver_conf->uw_dot_forwarder_list)(((&resolver_conf->uw_dot_forwarder_list)->tqh_first ) == ((void*)0))) | |||
1113 | return; | |||
1114 | break; | |||
1115 | case UW_RES_NONE: | |||
1116 | fatalx("cannot create UW_RES_NONE resolver"); | |||
1117 | } | |||
1118 | ||||
1119 | switch (type) { | |||
1120 | case UW_RES_RECURSOR: | |||
1121 | case UW_RES_AUTOCONF: | |||
1122 | case UW_RES_ODOT_AUTOCONF: | |||
1123 | case UW_RES_FORWARDER: | |||
1124 | case UW_RES_ODOT_FORWARDER: | |||
1125 | case UW_RES_DOT: | |||
1126 | if (TAILQ_EMPTY(&trust_anchors)(((&trust_anchors)->tqh_first) == ((void*)0))) | |||
1127 | return; | |||
1128 | break; | |||
1129 | case UW_RES_ASR: | |||
1130 | break; | |||
1131 | case UW_RES_NONE: | |||
1132 | fatalx("cannot create UW_RES_NONE resolver"); | |||
1133 | } | |||
1134 | ||||
1135 | if ((resolvers[type] = create_resolver(type)) == NULL((void*)0)) | |||
1136 | return; | |||
1137 | ||||
1138 | switch (state) { | |||
1139 | case DEAD: | |||
1140 | case UNKNOWN: | |||
1141 | check_resolver(resolvers[type]); | |||
1142 | break; | |||
1143 | case VALIDATING: | |||
1144 | set_unified_cache(resolvers[type]); | |||
1145 | /* FALLTHROUGH */ | |||
1146 | case RESOLVING: | |||
1147 | resolvers[type]->state = state; | |||
1148 | if (type == UW_RES_ASR) | |||
1149 | check_dns64(); | |||
1150 | break; | |||
1151 | } | |||
1152 | } | |||
1153 | ||||
1154 | void | |||
1155 | set_unified_cache(struct uw_resolver *res) | |||
1156 | { | |||
1157 | if (res == NULL((void*)0) || res->ctx == NULL((void*)0)) | |||
1158 | return; | |||
1159 | ||||
1160 | if (res->ctx->env->msg_cache != NULL((void*)0)) { | |||
1161 | /* XXX we are currently not using this */ | |||
1162 | if (res->ctx->env->msg_cache != unified_msg_cache || | |||
1163 | res->ctx->env->rrset_cache != unified_rrset_cache || | |||
1164 | res->ctx->env->key_cache != unified_key_cache || | |||
1165 | res->ctx->env->neg_cache != unified_neg_cache) | |||
1166 | fatalx("wrong unified cache set on resolver"); | |||
1167 | else | |||
1168 | /* we are upgrading from UNKNOWN back to VALIDATING */ | |||
1169 | return; | |||
1170 | } | |||
1171 | ||||
1172 | res->ctx->env->msg_cache = unified_msg_cache; | |||
1173 | res->ctx->env->rrset_cache = unified_rrset_cache; | |||
1174 | res->ctx->env->key_cache = unified_key_cache; | |||
1175 | res->ctx->env->neg_cache = unified_neg_cache; | |||
1176 | ||||
1177 | context_finalize(res->ctx); | |||
1178 | ||||
1179 | if (res->ctx->env->msg_cache != unified_msg_cache || | |||
1180 | res->ctx->env->rrset_cache != unified_rrset_cache || | |||
1181 | res->ctx->env->key_cache != unified_key_cache || | |||
1182 | res->ctx->env->neg_cache != unified_neg_cache) | |||
1183 | fatalx("failed to set unified caches, libunbound/validator/" | |||
1184 | "validator.c diff lost"); | |||
1185 | } | |||
1186 | ||||
1187 | static const struct { | |||
1188 | const char *name; | |||
1189 | const char *value; | |||
1190 | } options[] = { | |||
1191 | { "aggressive-nsec:", "yes" }, | |||
1192 | { "fast-server-permil:", "950" }, | |||
1193 | { "edns-buffer-size:", "1232" }, | |||
1194 | { "target-fetch-policy:", "0 0 0 0 0" }, | |||
1195 | { "outgoing-range:", "64" }, | |||
1196 | { "val-max-restart:", "0" }, | |||
1197 | }; | |||
1198 | ||||
1199 | struct uw_resolver * | |||
1200 | create_resolver(enum uw_resolver_type type) | |||
1201 | { | |||
1202 | struct uw_resolver *res; | |||
1203 | struct trust_anchor *ta; | |||
1204 | size_t i; | |||
1205 | int err; | |||
1206 | char *resolv_conf; | |||
1207 | ||||
1208 | if ((res = calloc(1, sizeof(*res))) == NULL((void*)0)) { | |||
1209 | log_warn("%s", __func__)uw_log_warn("%s", __func__); | |||
1210 | return (NULL((void*)0)); | |||
1211 | } | |||
1212 | ||||
1213 | res->type = type; | |||
1214 | res->state = UNKNOWN; | |||
1215 | res->check_tv.tv_sec = RESOLVER_CHECK_SEC1; | |||
1216 | res->check_tv.tv_usec = arc4random() % 1000000; /* modulo bias is ok */ | |||
1217 | ||||
1218 | switch (type) { | |||
1219 | case UW_RES_ASR: | |||
1220 | if (TAILQ_EMPTY(&autoconf_forwarder_list)(((&autoconf_forwarder_list)->tqh_first) == ((void*)0) )) { | |||
1221 | free(res); | |||
1222 | return (NULL((void*)0)); | |||
1223 | } | |||
1224 | if ((resolv_conf = gen_resolv_conf()) == NULL((void*)0)) { | |||
1225 | free(res); | |||
1226 | log_warnx("could not create asr context"); | |||
1227 | return (NULL((void*)0)); | |||
1228 | } | |||
1229 | if ((res->asr_ctx = asr_resolver_from_string(resolv_conf)) == | |||
1230 | NULL((void*)0)) { | |||
1231 | free(res); | |||
1232 | free(resolv_conf); | |||
1233 | log_warnx("could not create asr context"); | |||
1234 | return (NULL((void*)0)); | |||
1235 | } | |||
1236 | free(resolv_conf); | |||
1237 | break; | |||
1238 | case UW_RES_RECURSOR: | |||
1239 | case UW_RES_AUTOCONF: | |||
1240 | case UW_RES_ODOT_AUTOCONF: | |||
1241 | case UW_RES_FORWARDER: | |||
1242 | case UW_RES_ODOT_FORWARDER: | |||
1243 | case UW_RES_DOT: | |||
1244 | if ((res->ctx = ub_ctx_create_event(ev_base)) == NULL((void*)0)) { | |||
1245 | free(res); | |||
1246 | log_warnx("could not create unbound context"); | |||
1247 | return (NULL((void*)0)); | |||
1248 | } | |||
1249 | ||||
1250 | ub_ctx_debuglevel(res->ctx, log_getverbose() & OPT_VERBOSE30x00000004 ? | |||
1251 | UB_LOG_VERBOSE4 : UB_LOG_BRIEF0); | |||
1252 | ||||
1253 | TAILQ_FOREACH(ta, &trust_anchors, entry)for((ta) = ((&trust_anchors)->tqh_first); (ta) != ((void *)0); (ta) = ((ta)->entry.tqe_next)) { | |||
1254 | if ((err = ub_ctx_add_ta(res->ctx, ta->ta)) != 0) { | |||
1255 | ub_ctx_delete(res->ctx); | |||
1256 | free(res); | |||
1257 | log_warnx("error adding trust anchor: %s", | |||
1258 | ub_strerror(err)); | |||
1259 | return (NULL((void*)0)); | |||
1260 | } | |||
1261 | } | |||
1262 | ||||
1263 | for (i = 0; i < nitems(options)(sizeof((options)) / sizeof((options)[0])); i++) { | |||
1264 | if ((err = ub_ctx_set_option(res->ctx, options[i].name, | |||
1265 | options[i].value)) != 0) { | |||
1266 | ub_ctx_delete(res->ctx); | |||
1267 | free(res); | |||
1268 | log_warnx("error setting %s: %s: %s", | |||
1269 | options[i].name, options[i].value, | |||
1270 | ub_strerror(err)); | |||
1271 | return (NULL((void*)0)); | |||
1272 | } | |||
1273 | } | |||
1274 | ||||
1275 | if (!(available_afs & HAVE_IPV41)) { | |||
1276 | if((err = ub_ctx_set_option(res->ctx, "do-ip4:", | |||
1277 | "no")) != 0) { | |||
1278 | ub_ctx_delete(res->ctx); | |||
1279 | free(res); | |||
1280 | log_warnx("error setting do-ip4: no: %s", | |||
1281 | ub_strerror(err)); | |||
1282 | return (NULL((void*)0)); | |||
1283 | } | |||
1284 | } | |||
1285 | ||||
1286 | if (!(available_afs & HAVE_IPV62)) { | |||
1287 | if((err = ub_ctx_set_option(res->ctx, "do-ip6:", | |||
1288 | "no")) != 0) { | |||
1289 | ub_ctx_delete(res->ctx); | |||
1290 | free(res); | |||
1291 | log_warnx("error setting do-ip6: no: %s", | |||
1292 | ub_strerror(err)); | |||
1293 | return (NULL((void*)0)); | |||
1294 | } | |||
1295 | } | |||
1296 | ||||
1297 | if (!log_getdebug()) { | |||
1298 | if((err = ub_ctx_set_option(res->ctx, "use-syslog:", | |||
1299 | "no")) != 0) { | |||
1300 | ub_ctx_delete(res->ctx); | |||
1301 | free(res); | |||
1302 | log_warnx("error setting use-syslog: no: %s", | |||
1303 | ub_strerror(err)); | |||
1304 | return (NULL((void*)0)); | |||
1305 | } | |||
1306 | ub_ctx_debugout(res->ctx, NULL((void*)0)); | |||
1307 | } | |||
1308 | ||||
1309 | break; | |||
1310 | default: | |||
1311 | fatalx("unknown resolver type %d", type); | |||
1312 | break; | |||
1313 | } | |||
1314 | ||||
1315 | evtimer_set(&res->check_ev, resolver_check_timo, res)event_set(&res->check_ev, -1, 0, resolver_check_timo, res ); | |||
1316 | ||||
1317 | switch(res->type) { | |||
1318 | case UW_RES_ASR: | |||
1319 | break; | |||
1320 | case UW_RES_RECURSOR: | |||
1321 | break; | |||
1322 | case UW_RES_AUTOCONF: | |||
1323 | set_forwarders(res, &autoconf_forwarder_list, 0); | |||
1324 | break; | |||
1325 | case UW_RES_ODOT_AUTOCONF: | |||
1326 | set_forwarders(res, &autoconf_forwarder_list, 853); | |||
1327 | ub_ctx_set_option(res->ctx, "tls-cert-bundle:", | |||
1328 | TLS_DEFAULT_CA_CERT_FILE"/etc/ssl/cert.pem"); | |||
1329 | ub_ctx_set_tls(res->ctx, 1); | |||
1330 | break; | |||
1331 | case UW_RES_FORWARDER: | |||
1332 | set_forwarders(res, &resolver_conf->uw_forwarder_list, 0); | |||
1333 | break; | |||
1334 | case UW_RES_ODOT_FORWARDER: | |||
1335 | set_forwarders(res, &resolver_conf->uw_forwarder_list, 853); | |||
1336 | ub_ctx_set_option(res->ctx, "tls-cert-bundle:", | |||
1337 | TLS_DEFAULT_CA_CERT_FILE"/etc/ssl/cert.pem"); | |||
1338 | ub_ctx_set_tls(res->ctx, 1); | |||
1339 | break; | |||
1340 | case UW_RES_DOT: | |||
1341 | set_forwarders(res, &resolver_conf->uw_dot_forwarder_list, 0); | |||
1342 | ub_ctx_set_option(res->ctx, "tls-cert-bundle:", | |||
1343 | TLS_DEFAULT_CA_CERT_FILE"/etc/ssl/cert.pem"); | |||
1344 | ub_ctx_set_tls(res->ctx, 1); | |||
1345 | break; | |||
1346 | default: | |||
1347 | fatalx("unknown resolver type %d", type); | |||
1348 | break; | |||
1349 | } | |||
1350 | ||||
1351 | /* for the forwarder cases allow AS112 zones */ | |||
1352 | switch(res->type) { | |||
1353 | case UW_RES_AUTOCONF: | |||
1354 | case UW_RES_ODOT_AUTOCONF: | |||
1355 | case UW_RES_FORWARDER: | |||
1356 | case UW_RES_ODOT_FORWARDER: | |||
1357 | case UW_RES_DOT: | |||
1358 | for (i = 0; i < nitems(as112_zones)(sizeof((as112_zones)) / sizeof((as112_zones)[0])); i++) { | |||
1359 | if((err = ub_ctx_set_option(res->ctx, "local-zone:", | |||
1360 | as112_zones[i])) != 0) { | |||
1361 | ub_ctx_delete(res->ctx); | |||
1362 | free(res); | |||
1363 | log_warnx("error setting local-zone: %s: %s", | |||
1364 | as112_zones[i], ub_strerror(err)); | |||
1365 | return (NULL((void*)0)); | |||
1366 | } | |||
1367 | } | |||
1368 | break; | |||
1369 | default: | |||
1370 | break; | |||
1371 | } | |||
1372 | ||||
1373 | return (res); | |||
1374 | } | |||
1375 | ||||
1376 | void | |||
1377 | free_resolver(struct uw_resolver *res) | |||
1378 | { | |||
1379 | struct val_env *val_env; | |||
1380 | ||||
1381 | if (res == NULL((void*)0)) | |||
1382 | return; | |||
1383 | ||||
1384 | if (res->ref_cnt > 0) | |||
1385 | res->stop = 1; | |||
1386 | else { | |||
1387 | evtimer_del(&res->check_ev)event_del(&res->check_ev); | |||
1388 | if (res->ctx != NULL((void*)0)) { | |||
1389 | if (res->ctx->env->msg_cache == unified_msg_cache) { | |||
1390 | val_env = (struct val_env*) | |||
1391 | res->ctx->env->modinfo[val_id]; | |||
1392 | res->ctx->env->msg_cache = NULL((void*)0); | |||
1393 | res->ctx->env->rrset_cache = NULL((void*)0); | |||
1394 | val_env->kcache = NULL((void*)0); | |||
1395 | res->ctx->env->key_cache = NULL((void*)0); | |||
1396 | val_env->neg_cache = NULL((void*)0); | |||
1397 | res->ctx->env->neg_cache = NULL((void*)0); | |||
1398 | } | |||
1399 | } | |||
1400 | ub_ctx_delete(res->ctx); | |||
1401 | asr_resolver_free(res->asr_ctx); | |||
1402 | free(res); | |||
1403 | } | |||
1404 | } | |||
1405 | ||||
1406 | void | |||
1407 | setup_unified_caches(void) | |||
1408 | { | |||
1409 | struct ub_ctx *ctx; | |||
1410 | struct val_env *val_env; | |||
1411 | size_t i; | |||
1412 | int err, j; | |||
1413 | ||||
1414 | if ((ctx = ub_ctx_create_event(ev_base)) == NULL((void*)0)) | |||
1415 | fatalx("could not create unbound context"); | |||
1416 | ||||
1417 | for (i = 0; i < nitems(options)(sizeof((options)) / sizeof((options)[0])); i++) { | |||
1418 | if ((err = ub_ctx_set_option(ctx, options[i].name, | |||
1419 | options[i].value)) != 0) { | |||
1420 | fatalx("error setting %s: %s: %s", options[i].name, | |||
1421 | options[i].value, ub_strerror(err)); | |||
1422 | } | |||
1423 | } | |||
1424 | ||||
1425 | context_finalize(ctx); | |||
1426 | ||||
1427 | if (ctx->env->msg_cache == NULL((void*)0) || ctx->env->rrset_cache == NULL((void*)0) || | |||
1428 | ctx->env->key_cache == NULL((void*)0) || ctx->env->neg_cache == NULL((void*)0)) | |||
1429 | fatalx("could not setup unified caches"); | |||
1430 | ||||
1431 | unified_msg_cache = ctx->env->msg_cache; | |||
1432 | unified_rrset_cache = ctx->env->rrset_cache; | |||
1433 | unified_key_cache = ctx->env->key_cache; | |||
1434 | unified_neg_cache = ctx->env->neg_cache; | |||
1435 | ||||
1436 | if (val_id == -1) { | |||
1437 | for (j = 0; j < ctx->mods.num; j++) { | |||
1438 | if (strcmp(ctx->mods.mod[j]->name, "validator") == 0) { | |||
1439 | val_id = j; | |||
1440 | break; | |||
1441 | } | |||
1442 | } | |||
1443 | if (val_id == -1) | |||
1444 | fatalx("cannot find validator module"); | |||
1445 | } | |||
1446 | ||||
1447 | val_env = (struct val_env*)ctx->env->modinfo[val_id]; | |||
1448 | ctx->env->msg_cache = NULL((void*)0); | |||
1449 | ctx->env->rrset_cache = NULL((void*)0); | |||
1450 | ctx->env->key_cache = NULL((void*)0); | |||
1451 | val_env->kcache = NULL((void*)0); | |||
1452 | ctx->env->neg_cache = NULL((void*)0); | |||
1453 | val_env->neg_cache = NULL((void*)0); | |||
1454 | ub_ctx_delete(ctx); | |||
1455 | } | |||
1456 | ||||
1457 | void | |||
1458 | set_forwarders(struct uw_resolver *res, struct uw_forwarder_head | |||
1459 | *uw_forwarder_list, int port_override) | |||
1460 | { | |||
1461 | struct uw_forwarder *uw_forwarder; | |||
1462 | int ret; | |||
1463 | char fwd[FWD_MAX(46 + 256 + 2 + 5)]; | |||
1464 | ||||
1465 | TAILQ_FOREACH(uw_forwarder, uw_forwarder_list, entry)for((uw_forwarder) = ((uw_forwarder_list)->tqh_first); (uw_forwarder ) != ((void*)0); (uw_forwarder) = ((uw_forwarder)->entry.tqe_next )) { | |||
1466 | if (uw_forwarder->auth_name[0] != '\0') | |||
1467 | ret = snprintf(fwd, sizeof(fwd), "%s@%d#%s", | |||
1468 | uw_forwarder->ip, port_override ? port_override : | |||
1469 | uw_forwarder->port, uw_forwarder->auth_name); | |||
1470 | else | |||
1471 | ret = snprintf(fwd, sizeof(fwd), "%s@%d", | |||
1472 | uw_forwarder->ip, port_override ? port_override : | |||
1473 | uw_forwarder->port); | |||
1474 | ||||
1475 | if (ret < 0 || (size_t)ret >= sizeof(fwd)) { | |||
1476 | log_warnx("forwarder too long"); | |||
1477 | continue; | |||
1478 | } | |||
1479 | ||||
1480 | ub_ctx_set_fwd(res->ctx, fwd); | |||
1481 | } | |||
1482 | } | |||
1483 | ||||
1484 | void | |||
1485 | resolver_check_timo(int fd, short events, void *arg) | |||
1486 | { | |||
1487 | check_resolver((struct uw_resolver *)arg); | |||
1488 | } | |||
1489 | ||||
1490 | void | |||
1491 | resolver_free_timo(int fd, short events, void *arg) | |||
1492 | { | |||
1493 | free_resolver((struct uw_resolver *)arg); | |||
1494 | } | |||
1495 | ||||
1496 | void | |||
1497 | check_resolver(struct uw_resolver *resolver_to_check) | |||
1498 | { | |||
1499 | struct uw_resolver *res; | |||
1500 | ||||
1501 | if (resolver_to_check == NULL((void*)0)) | |||
1502 | return; | |||
1503 | ||||
1504 | if (resolver_to_check->check_running) | |||
1505 | return; | |||
1506 | ||||
1507 | if ((res = create_resolver(resolver_to_check->type)) == NULL((void*)0)) | |||
1508 | return; | |||
1509 | ||||
1510 | resolver_ref(resolver_to_check); | |||
1511 | ||||
1512 | resolver_to_check->check_running++; | |||
1513 | if (resolve(res, ".", LDNS_RR_TYPE_NS, LDNS_RR_CLASS_IN, | |||
1514 | resolver_to_check, check_resolver_done) != 0) { | |||
1515 | resolver_to_check->check_running--; | |||
1516 | resolver_to_check->state = UNKNOWN; | |||
1517 | resolver_unref(resolver_to_check); | |||
1518 | resolver_to_check->check_tv.tv_sec = RESOLVER_CHECK_SEC1; | |||
1519 | evtimer_add(&resolver_to_check->check_ev,event_add(&resolver_to_check->check_ev, &resolver_to_check ->check_tv) | |||
1520 | &resolver_to_check->check_tv)event_add(&resolver_to_check->check_ev, &resolver_to_check ->check_tv); | |||
1521 | } | |||
1522 | } | |||
1523 | ||||
1524 | void | |||
1525 | check_resolver_done(struct uw_resolver *res, void *arg, int rcode, | |||
1526 | void *answer_packet, int answer_len, int sec, char *why_bogus) | |||
1527 | { | |||
1528 | struct uw_resolver *checked_resolver = arg; | |||
1529 | struct timeval tv = {0, 1}; | |||
1530 | enum uw_resolver_state prev_state; | |||
| ||||
1531 | int bogus_time = 0; | |||
1532 | char *str; | |||
1533 | ||||
1534 | checked_resolver->check_running--; | |||
1535 | ||||
1536 | if (checked_resolver != resolvers[checked_resolver->type]) { | |||
1537 | log_debug("%s: %s: ignoring late check result", __func__, | |||
1538 | uw_resolver_type_str[checked_resolver->type]); | |||
1539 | goto out; | |||
1540 | } | |||
1541 | ||||
1542 | prev_state = checked_resolver->state; | |||
1543 | ||||
1544 | if (answer_len < LDNS_HEADER_SIZE12) { | |||
1545 | checked_resolver->state = DEAD; | |||
1546 | log_warnx("%s: bad packet: too short", __func__); | |||
1547 | goto out; | |||
1548 | } | |||
1549 | ||||
1550 | if (rcode == LDNS_RCODE_SERVFAIL) { | |||
1551 | log_debug("%s: %s rcode: SERVFAIL", __func__, | |||
1552 | uw_resolver_type_str[checked_resolver->type]); | |||
1553 | ||||
1554 | checked_resolver->state = DEAD; | |||
1555 | goto out; | |||
1556 | } | |||
1557 | ||||
1558 | if (sec == SECURE2) { | |||
1559 | if (dns64_present && (res->type == UW_RES_AUTOCONF || | |||
1560 | res->type == UW_RES_ODOT_AUTOCONF)) { | |||
1561 | /* do not upgrade to validating, DNS64 breaks DNSSEC */ | |||
1562 | if (prev_state != RESOLVING) | |||
1563 | new_resolver(checked_resolver->type, | |||
1564 | RESOLVING); | |||
1565 | } else { | |||
1566 | if (prev_state != VALIDATING) | |||
1567 | new_resolver(checked_resolver->type, | |||
1568 | VALIDATING); | |||
1569 | if (!(evtimer_pending(&trust_anchor_timer, NULL)event_pending(&trust_anchor_timer, 0x01, ((void*)0)))) | |||
1570 | evtimer_add(&trust_anchor_timer, &tv)event_add(&trust_anchor_timer, &tv); | |||
1571 | } | |||
1572 | } else if (rcode == LDNS_RCODE_NOERROR && | |||
1573 | LDNS_RCODE_WIRE((uint8_t*)answer_packet)(*((uint8_t*)answer_packet+3) & 0x0fU) == LDNS_RCODE_NOERROR) { | |||
1574 | if (why_bogus) { | |||
1575 | bogus_time = strncmp(why_bogus, bogus_past, | |||
1576 | sizeof(bogus_past) - 1) == 0 || strncmp(why_bogus, | |||
1577 | bogus_future, sizeof(bogus_future) - 1) == 0; | |||
1578 | ||||
1579 | log_warnx("%s: %s", uw_resolver_type_str[ | |||
1580 | checked_resolver->type], why_bogus); | |||
1581 | } | |||
1582 | if (prev_state != RESOLVING) | |||
1583 | new_resolver(checked_resolver->type, RESOLVING); | |||
1584 | } else | |||
1585 | checked_resolver->state = DEAD; /* we know the root exists */ | |||
1586 | ||||
1587 | log_debug("%s: %s: %s", __func__, | |||
1588 | uw_resolver_type_str[checked_resolver->type], | |||
1589 | uw_resolver_state_str[checked_resolver->state]); | |||
1590 | ||||
1591 | if (log_getverbose() & OPT_VERBOSE20x00000002 && (str = | |||
1592 | sldns_wire2str_pkt(answer_packet, answer_len)) != NULL((void*)0)) { | |||
1593 | log_debug("%s", str); | |||
1594 | free(str); | |||
1595 | } | |||
1596 | ||||
1597 | out: | |||
1598 | if (!checked_resolver->stop && (checked_resolver->state == DEAD || | |||
1599 | bogus_time)) { | |||
1600 | if (prev_state == DEAD || bogus_time) | |||
| ||||
1601 | checked_resolver->check_tv.tv_sec *= 2; | |||
1602 | else | |||
1603 | checked_resolver->check_tv.tv_sec = RESOLVER_CHECK_SEC1; | |||
1604 | ||||
1605 | if (checked_resolver->check_tv.tv_sec > RESOLVER_CHECK_MAXSEC1024) | |||
1606 | checked_resolver->check_tv.tv_sec = | |||
1607 | RESOLVER_CHECK_MAXSEC1024; | |||
1608 | ||||
1609 | evtimer_add(&checked_resolver->check_ev,event_add(&checked_resolver->check_ev, &checked_resolver ->check_tv) | |||
1610 | &checked_resolver->check_tv)event_add(&checked_resolver->check_ev, &checked_resolver ->check_tv); | |||
1611 | } | |||
1612 | ||||
1613 | resolver_unref(checked_resolver); | |||
1614 | res->stop = 1; /* do not free in callback */ | |||
1615 | } | |||
1616 | ||||
1617 | void | |||
1618 | asr_resolve_done(struct asr_result *ar, void *arg) | |||
1619 | { | |||
1620 | struct resolver_cb_data *cb_data = arg; | |||
1621 | cb_data->cb(cb_data->res, cb_data->data, ar->ar_rcode, ar->ar_data, | |||
1622 | ar->ar_datalen, 0, NULL((void*)0)); | |||
1623 | free(ar->ar_data); | |||
1624 | resolver_unref(cb_data->res); | |||
1625 | free(cb_data); | |||
1626 | } | |||
1627 | ||||
1628 | void | |||
1629 | ub_resolve_done(void *arg, int rcode, void *answer_packet, int answer_len, | |||
1630 | int sec, char *why_bogus, int was_ratelimited) | |||
1631 | { | |||
1632 | struct resolver_cb_data *cb_data = arg; | |||
1633 | cb_data->cb(cb_data->res, cb_data->data, rcode, answer_packet, | |||
1634 | answer_len, sec, why_bogus); | |||
1635 | resolver_unref(cb_data->res); | |||
1636 | free(cb_data); | |||
1637 | } | |||
1638 | ||||
1639 | void | |||
1640 | schedule_recheck_all_resolvers(void) | |||
1641 | { | |||
1642 | struct timeval tv; | |||
1643 | int i; | |||
1644 | ||||
1645 | tv.tv_sec = 0; | |||
1646 | ||||
1647 | for (i = 0; i < UW_RES_NONE; i++) { | |||
1648 | if (resolvers[i] == NULL((void*)0)) | |||
1649 | continue; | |||
1650 | tv.tv_usec = arc4random() % 1000000; /* modulo bias is ok */ | |||
1651 | resolvers[i]->state = UNKNOWN; | |||
1652 | evtimer_add(&resolvers[i]->check_ev, &tv)event_add(&resolvers[i]->check_ev, &tv); | |||
1653 | } | |||
1654 | } | |||
1655 | ||||
1656 | int | |||
1657 | check_forwarders_changed(struct uw_forwarder_head *list_a, | |||
1658 | struct uw_forwarder_head *list_b) | |||
1659 | { | |||
1660 | struct uw_forwarder *a, *b; | |||
1661 | ||||
1662 | a = TAILQ_FIRST(list_a)((list_a)->tqh_first); | |||
1663 | b = TAILQ_FIRST(list_b)((list_b)->tqh_first); | |||
1664 | ||||
1665 | while(a != NULL((void*)0) && b != NULL((void*)0)) { | |||
1666 | if (strcmp(a->ip, b->ip) != 0) | |||
1667 | return 1; | |||
1668 | if (a->port != b->port) | |||
1669 | return 1; | |||
1670 | if (strcmp(a->auth_name, b->auth_name) != 0) | |||
1671 | return 1; | |||
1672 | a = TAILQ_NEXT(a, entry)((a)->entry.tqe_next); | |||
1673 | b = TAILQ_NEXT(b, entry)((b)->entry.tqe_next); | |||
1674 | } | |||
1675 | ||||
1676 | if (a != NULL((void*)0) || b != NULL((void*)0)) | |||
1677 | return 1; | |||
1678 | return 0; | |||
1679 | } | |||
1680 | ||||
1681 | void | |||
1682 | resolver_ref(struct uw_resolver *res) | |||
1683 | { | |||
1684 | if (res->ref_cnt == INT_MAX2147483647) | |||
1685 | fatalx("%s: INT_MAX references", __func__); | |||
1686 | res->ref_cnt++; | |||
1687 | } | |||
1688 | ||||
1689 | void | |||
1690 | resolver_unref(struct uw_resolver *res) | |||
1691 | { | |||
1692 | struct timeval tv = { 0, 1}; | |||
1693 | ||||
1694 | if (res->ref_cnt == 0) | |||
1695 | fatalx("%s: unreferenced resolver", __func__); | |||
1696 | ||||
1697 | res->ref_cnt--; | |||
1698 | ||||
1699 | /* | |||
1700 | * Decouple from libunbound event callback. | |||
1701 | * If we free the ctx inside of resolve_done or check_resovler_done | |||
1702 | * we are cutting of the branch we are sitting on and hit a | |||
1703 | * user-after-free | |||
1704 | */ | |||
1705 | if (res->stop && res->ref_cnt == 0) { | |||
1706 | evtimer_set(&res->free_ev, resolver_free_timo, res)event_set(&res->free_ev, -1, 0, resolver_free_timo, res ); | |||
1707 | evtimer_add(&res->free_ev, &tv)event_add(&res->free_ev, &tv); | |||
1708 | } | |||
1709 | } | |||
1710 | ||||
1711 | void | |||
1712 | replace_forwarders(struct uw_forwarder_head *new_list, struct | |||
1713 | uw_forwarder_head *old_list) | |||
1714 | { | |||
1715 | struct uw_forwarder *uw_forwarder; | |||
1716 | ||||
1717 | while ((uw_forwarder = | |||
1718 | TAILQ_FIRST(old_list)((old_list)->tqh_first)) != NULL((void*)0)) { | |||
1719 | TAILQ_REMOVE(old_list, uw_forwarder, entry)do { if (((uw_forwarder)->entry.tqe_next) != ((void*)0)) ( uw_forwarder)->entry.tqe_next->entry.tqe_prev = (uw_forwarder )->entry.tqe_prev; else (old_list)->tqh_last = (uw_forwarder )->entry.tqe_prev; *(uw_forwarder)->entry.tqe_prev = (uw_forwarder )->entry.tqe_next; ; ; } while (0); | |||
1720 | free(uw_forwarder); | |||
1721 | } | |||
1722 | ||||
1723 | TAILQ_CONCAT(old_list, new_list, entry)do { if (!(((new_list)->tqh_first) == ((void*)0))) { *(old_list )->tqh_last = (new_list)->tqh_first; (new_list)->tqh_first ->entry.tqe_prev = (old_list)->tqh_last; (old_list)-> tqh_last = (new_list)->tqh_last; do { ((new_list))->tqh_first = ((void*)0); ((new_list))->tqh_last = &((new_list))-> tqh_first; } while (0); } } while (0); | |||
1724 | } | |||
1725 | ||||
1726 | int | |||
1727 | resolver_cmp(const void *_a, const void *_b) | |||
1728 | { | |||
1729 | const enum uw_resolver_type a = *(const enum uw_resolver_type *)_a; | |||
1730 | const enum uw_resolver_type b = *(const enum uw_resolver_type *)_b; | |||
1731 | int64_t a_median, b_median; | |||
1732 | ||||
1733 | if (resolvers[a] == NULL((void*)0) && resolvers[b] == NULL((void*)0)) | |||
1734 | return 0; | |||
1735 | ||||
1736 | if (resolvers[b] == NULL((void*)0)) | |||
1737 | return -1; | |||
1738 | ||||
1739 | if (resolvers[a] == NULL((void*)0)) | |||
1740 | return 1; | |||
1741 | ||||
1742 | if (resolvers[a]->state < resolvers[b]->state) | |||
1743 | return 1; | |||
1744 | else if (resolvers[a]->state > resolvers[b]->state) | |||
1745 | return -1; | |||
1746 | else { | |||
1747 | a_median = resolvers[a]->median; | |||
1748 | b_median = resolvers[b]->median; | |||
1749 | if (resolvers[a]->type == resolver_conf->res_pref.types[0]) | |||
1750 | a_median -= PREF_RESOLVER_MEDIAN_SKEW200; | |||
1751 | else if (resolvers[b]->type == resolver_conf->res_pref.types[0]) | |||
1752 | b_median -= PREF_RESOLVER_MEDIAN_SKEW200; | |||
1753 | if (a_median < b_median) | |||
1754 | return -1; | |||
1755 | else if (a_median > b_median) | |||
1756 | return 1; | |||
1757 | else | |||
1758 | return 0; | |||
1759 | } | |||
1760 | } | |||
1761 | ||||
1762 | void | |||
1763 | restart_ub_resolvers(int recheck) | |||
1764 | { | |||
1765 | int i; | |||
1766 | enum uw_resolver_state state; | |||
1767 | ||||
1768 | for (i = 0; i < UW_RES_NONE; i++) { | |||
1769 | if (i == UW_RES_ASR) | |||
1770 | continue; | |||
1771 | if (recheck || resolvers[i] == NULL((void*)0)) | |||
1772 | state = UNKNOWN; | |||
1773 | else | |||
1774 | state = resolvers[i]->state; | |||
1775 | new_resolver(i, state); | |||
1776 | } | |||
1777 | } | |||
1778 | ||||
1779 | void | |||
1780 | show_status(pid_t pid) | |||
1781 | { | |||
1782 | struct resolver_preference res_pref; | |||
1783 | int i; | |||
1784 | ||||
1785 | if (sort_resolver_types(&res_pref) == -1) | |||
1786 | log_warn("mergesort")uw_log_warn("mergesort"); | |||
1787 | ||||
1788 | for (i = 0; i < resolver_conf->res_pref.len; i++) | |||
1789 | send_resolver_info(resolvers[res_pref.types[i]], pid); | |||
1790 | ||||
1791 | resolver_imsg_compose_frontend(IMSG_CTL_END, pid, NULL((void*)0), 0); | |||
1792 | } | |||
1793 | ||||
1794 | void | |||
1795 | show_autoconf(pid_t pid) | |||
1796 | { | |||
1797 | struct uw_forwarder *uw_forwarder; | |||
1798 | struct ctl_forwarder_info cfi; | |||
1799 | ||||
1800 | TAILQ_FOREACH(uw_forwarder, &autoconf_forwarder_list, entry)for((uw_forwarder) = ((&autoconf_forwarder_list)->tqh_first ); (uw_forwarder) != ((void*)0); (uw_forwarder) = ((uw_forwarder )->entry.tqe_next)) { | |||
1801 | memset(&cfi, 0, sizeof(cfi)); | |||
1802 | cfi.if_index = uw_forwarder->if_index; | |||
1803 | cfi.src = uw_forwarder->src; | |||
1804 | /* no truncation, structs are in sync */ | |||
1805 | memcpy(cfi.ip, uw_forwarder->ip, sizeof(cfi.ip)); | |||
1806 | resolver_imsg_compose_frontend( | |||
1807 | IMSG_CTL_AUTOCONF_RESOLVER_INFO, | |||
1808 | pid, &cfi, sizeof(cfi)); | |||
1809 | } | |||
1810 | ||||
1811 | resolver_imsg_compose_frontend(IMSG_CTL_END, pid, NULL((void*)0), 0); | |||
1812 | } | |||
1813 | ||||
1814 | void | |||
1815 | show_mem(pid_t pid) | |||
1816 | { | |||
1817 | struct ctl_mem_info cmi; | |||
1818 | ||||
1819 | memset(&cmi, 0, sizeof(cmi)); | |||
1820 | cmi.msg_cache_used = slabhash_get_mem(unified_msg_cache); | |||
1821 | cmi.msg_cache_max = slabhash_get_size(unified_msg_cache); | |||
1822 | cmi.rrset_cache_used = slabhash_get_mem(&unified_rrset_cache->table); | |||
1823 | cmi.rrset_cache_max = slabhash_get_size(&unified_rrset_cache->table); | |||
1824 | cmi.key_cache_used = slabhash_get_mem(unified_key_cache->slab); | |||
1825 | cmi.key_cache_max = slabhash_get_size(unified_key_cache->slab); | |||
1826 | cmi.neg_cache_used = unified_neg_cache->use; | |||
1827 | cmi.neg_cache_max = unified_neg_cache->max; | |||
1828 | resolver_imsg_compose_frontend(IMSG_CTL_MEM_INFO, pid, &cmi, | |||
1829 | sizeof(cmi)); | |||
1830 | ||||
1831 | } | |||
1832 | ||||
1833 | void | |||
1834 | send_resolver_info(struct uw_resolver *res, pid_t pid) | |||
1835 | { | |||
1836 | struct ctl_resolver_info cri; | |||
1837 | size_t i; | |||
1838 | ||||
1839 | if (res == NULL((void*)0)) | |||
1840 | return; | |||
1841 | ||||
1842 | cri.state = res->state; | |||
1843 | cri.type = res->type; | |||
1844 | cri.median = res->median; | |||
1845 | ||||
1846 | memcpy(cri.histogram, res->histogram, sizeof(cri.histogram)); | |||
1847 | memcpy(cri.latest_histogram, res->latest_histogram, | |||
1848 | sizeof(cri.latest_histogram)); | |||
1849 | for (i = 0; i < nitems(histogram_limits)(sizeof((histogram_limits)) / sizeof((histogram_limits)[0])); i++) | |||
1850 | cri.latest_histogram[i] = | |||
1851 | (cri.latest_histogram[i] + 500) / 1000; | |||
1852 | ||||
1853 | resolver_imsg_compose_frontend(IMSG_CTL_RESOLVER_INFO, pid, &cri, | |||
1854 | sizeof(cri)); | |||
1855 | } | |||
1856 | ||||
1857 | void | |||
1858 | trust_anchor_resolve(void) | |||
1859 | { | |||
1860 | struct resolver_preference res_pref; | |||
1861 | struct uw_resolver *res; | |||
1862 | struct timeval tv = {TRUST_ANCHOR_RETRY_INTERVAL8640, 0}; | |||
1863 | ||||
1864 | if (sort_resolver_types(&res_pref) == -1) | |||
1865 | log_warn("mergesort")uw_log_warn("mergesort"); | |||
1866 | ||||
1867 | res = resolvers[res_pref.types[0]]; | |||
1868 | ||||
1869 | if (res == NULL((void*)0) || res->state < VALIDATING) | |||
1870 | goto err; | |||
1871 | ||||
1872 | if (resolve(res, ".", LDNS_RR_TYPE_DNSKEY, LDNS_RR_CLASS_IN, NULL((void*)0), | |||
1873 | trust_anchor_resolve_done) != 0) | |||
1874 | goto err; | |||
1875 | ||||
1876 | return; | |||
1877 | err: | |||
1878 | evtimer_add(&trust_anchor_timer, &tv)event_add(&trust_anchor_timer, &tv); | |||
1879 | } | |||
1880 | ||||
1881 | void | |||
1882 | trust_anchor_timo(int fd, short events, void *arg) | |||
1883 | { | |||
1884 | trust_anchor_resolve(); | |||
1885 | } | |||
1886 | ||||
1887 | void | |||
1888 | trust_anchor_resolve_done(struct uw_resolver *res, void *arg, int rcode, | |||
1889 | void *answer_packet, int answer_len, int sec, char *why_bogus) | |||
1890 | { | |||
1891 | struct ub_result *result = NULL((void*)0); | |||
1892 | sldns_buffer *buf = NULL((void*)0); | |||
1893 | struct regional *region = NULL((void*)0); | |||
1894 | struct timeval tv = {TRUST_ANCHOR_RETRY_INTERVAL8640, 0}; | |||
1895 | int i, tas, n; | |||
1896 | uint16_t dnskey_flags; | |||
1897 | char rdata_buf[1024], *ta; | |||
1898 | ||||
1899 | if (answer_len < LDNS_HEADER_SIZE12) { | |||
1900 | log_warnx("bad packet: too short"); | |||
1901 | goto out; | |||
1902 | } | |||
1903 | ||||
1904 | if ((result = calloc(1, sizeof(*result))) == NULL((void*)0)) | |||
1905 | goto out; | |||
1906 | ||||
1907 | if (sec != SECURE2) | |||
1908 | goto out; | |||
1909 | ||||
1910 | if ((buf = sldns_buffer_new(answer_len)) == NULL((void*)0)) | |||
1911 | goto out; | |||
1912 | if ((region = regional_create()) == NULL((void*)0)) | |||
1913 | goto out; | |||
1914 | result->rcode = LDNS_RCODE_SERVFAIL; | |||
1915 | ||||
1916 | sldns_buffer_clear(buf); | |||
1917 | sldns_buffer_write(buf, answer_packet, answer_len); | |||
1918 | sldns_buffer_flip(buf); | |||
1919 | libworker_enter_result(result, buf, region, sec); | |||
1920 | result->answer_packet = NULL((void*)0); | |||
1921 | result->answer_len = 0; | |||
1922 | ||||
1923 | if (result->rcode != LDNS_RCODE_NOERROR) | |||
1924 | goto out; | |||
1925 | ||||
1926 | i = 0; | |||
1927 | tas = 0; | |||
1928 | while(result->data[i] != NULL((void*)0)) { | |||
1929 | if (result->len[i] < 2) { | |||
1930 | if (tas > 0) | |||
1931 | resolver_imsg_compose_frontend( | |||
1932 | IMSG_NEW_TAS_ABORT, 0, NULL((void*)0), 0); | |||
1933 | goto out; | |||
1934 | } | |||
1935 | n = sldns_wire2str_rdata_buf(result->data[i], result->len[i], | |||
1936 | rdata_buf, sizeof(rdata_buf), LDNS_RR_TYPE_DNSKEY); | |||
1937 | ||||
1938 | if (n < 0 || (size_t)n >= sizeof(rdata_buf)) { | |||
1939 | log_warnx("trust anchor buffer to small"); | |||
1940 | resolver_imsg_compose_frontend(IMSG_NEW_TAS_ABORT, 0, | |||
1941 | NULL((void*)0), 0); | |||
1942 | goto out; | |||
1943 | } | |||
1944 | ||||
1945 | memcpy(&dnskey_flags, result->data[i], 2); | |||
1946 | dnskey_flags = ntohs(dnskey_flags)(__uint16_t)(__builtin_constant_p(dnskey_flags) ? (__uint16_t )(((__uint16_t)(dnskey_flags) & 0xffU) << 8 | ((__uint16_t )(dnskey_flags) & 0xff00U) >> 8) : __swap16md(dnskey_flags )); | |||
1947 | if ((dnskey_flags & LDNS_KEY_SEP_KEY0x0001) && !(dnskey_flags & | |||
1948 | LDNS_KEY_REVOKE_KEY0x0080)) { | |||
1949 | asprintf(&ta, ".\t%d\tIN\tDNSKEY\t%s", ROOT_DNSKEY_TTL172800, | |||
1950 | rdata_buf); | |||
1951 | resolver_imsg_compose_frontend(IMSG_NEW_TA, 0, ta, | |||
1952 | strlen(ta) + 1); | |||
1953 | tas++; | |||
1954 | free(ta); | |||
1955 | } | |||
1956 | i++; | |||
1957 | } | |||
1958 | if (tas > 0) { | |||
1959 | resolver_imsg_compose_frontend(IMSG_NEW_TAS_DONE, 0, NULL((void*)0), 0); | |||
1960 | tv.tv_sec = TRUST_ANCHOR_QUERY_INTERVAL43200; | |||
1961 | } | |||
1962 | out: | |||
1963 | sldns_buffer_free(buf); | |||
1964 | regional_destroy(region); | |||
1965 | ub_resolve_free(result); | |||
1966 | evtimer_add(&trust_anchor_timer, &tv)event_add(&trust_anchor_timer, &tv); | |||
1967 | } | |||
1968 | ||||
1969 | void | |||
1970 | replace_autoconf_forwarders(struct imsg_rdns_proposal *rdns_proposal) | |||
1971 | { | |||
1972 | struct uw_forwarder_head new_forwarder_list; | |||
1973 | struct uw_forwarder *uw_forwarder, *tmp; | |||
1974 | size_t addrsz; | |||
1975 | int i, rdns_count, af, changed = 0; | |||
1976 | char hostbuf[INET6_ADDRSTRLEN46], *src; | |||
1977 | ||||
1978 | TAILQ_INIT(&new_forwarder_list)do { (&new_forwarder_list)->tqh_first = ((void*)0); (& new_forwarder_list)->tqh_last = &(&new_forwarder_list )->tqh_first; } while (0); | |||
1979 | af = rdns_proposal->rtdns.sr_family; | |||
1980 | src = rdns_proposal->rtdns.sr_dns; | |||
1981 | ||||
1982 | switch (af) { | |||
1983 | case AF_INET2: | |||
1984 | addrsz = sizeof(struct in_addr); | |||
1985 | break; | |||
1986 | case AF_INET624: | |||
1987 | addrsz = sizeof(struct in6_addr); | |||
1988 | break; | |||
1989 | default: | |||
1990 | log_warnx("%s: unsupported address family: %d", __func__, af); | |||
1991 | return; | |||
1992 | } | |||
1993 | ||||
1994 | if ((rdns_proposal->rtdns.sr_len - 2) % addrsz != 0) { | |||
1995 | log_warnx("ignoring invalid RTM_PROPOSAL"); | |||
1996 | return; | |||
1997 | } | |||
1998 | rdns_count = (rdns_proposal->rtdns.sr_len - | |||
1999 | offsetof(struct sockaddr_rtdns, sr_dns)__builtin_offsetof(struct sockaddr_rtdns, sr_dns)) / addrsz; | |||
2000 | ||||
2001 | for (i = 0; i < rdns_count; i++) { | |||
2002 | struct sockaddr_storage ss; | |||
2003 | struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&ss; | |||
2004 | struct sockaddr_in *sin = (struct sockaddr_in *)&ss; | |||
2005 | int err; | |||
2006 | ||||
2007 | memset(&ss, 0, sizeof(ss)); | |||
2008 | ss.ss_family = af; | |||
2009 | switch (af) { | |||
2010 | case AF_INET2: | |||
2011 | memcpy(&sin->sin_addr, src, addrsz); | |||
2012 | if (sin->sin_addr.s_addr == htonl(INADDR_LOOPBACK)(__uint32_t)(__builtin_constant_p(((u_int32_t)(0x7f000001))) ? (__uint32_t)(((__uint32_t)(((u_int32_t)(0x7f000001))) & 0xff ) << 24 | ((__uint32_t)(((u_int32_t)(0x7f000001))) & 0xff00) << 8 | ((__uint32_t)(((u_int32_t)(0x7f000001)) ) & 0xff0000) >> 8 | ((__uint32_t)(((u_int32_t)(0x7f000001 ))) & 0xff000000) >> 24) : __swap32md(((u_int32_t)( 0x7f000001))))) | |||
2013 | goto skip; | |||
2014 | ss.ss_len = sizeof(*sin); | |||
2015 | break; | |||
2016 | case AF_INET624: | |||
2017 | memcpy(&sin6->sin6_addr, src, addrsz); | |||
2018 | if (IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr)((*(const u_int32_t *)(const void *)(&(&sin6->sin6_addr )->__u6_addr.__u6_addr8[0]) == 0) && (*(const u_int32_t *)(const void *)(&(&sin6->sin6_addr)->__u6_addr .__u6_addr8[4]) == 0) && (*(const u_int32_t *)(const void *)(&(&sin6->sin6_addr)->__u6_addr.__u6_addr8[8 ]) == 0) && (*(const u_int32_t *)(const void *)(& (&sin6->sin6_addr)->__u6_addr.__u6_addr8[12]) == (__uint32_t )(__builtin_constant_p(1) ? (__uint32_t)(((__uint32_t)(1) & 0xff) << 24 | ((__uint32_t)(1) & 0xff00) << 8 | ((__uint32_t)(1) & 0xff0000) >> 8 | ((__uint32_t )(1) & 0xff000000) >> 24) : __swap32md(1))))) | |||
2019 | goto skip; | |||
2020 | if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)(((&sin6->sin6_addr)->__u6_addr.__u6_addr8[0] == 0xfe ) && (((&sin6->sin6_addr)->__u6_addr.__u6_addr8 [1] & 0xc0) == 0x80))) | |||
2021 | sin6->sin6_scope_id = rdns_proposal->if_index; | |||
2022 | ss.ss_len = sizeof(*sin6); | |||
2023 | break; | |||
2024 | } | |||
2025 | if ((err = getnameinfo((struct sockaddr *)&ss, ss.ss_len, | |||
2026 | hostbuf, sizeof(hostbuf), NULL((void*)0), 0, NI_NUMERICHOST1)) != 0) { | |||
2027 | log_warnx("getnameinfo: %s", gai_strerror(err)); | |||
2028 | goto skip; | |||
2029 | } | |||
2030 | ||||
2031 | if ((uw_forwarder = calloc(1, sizeof(struct uw_forwarder))) == | |||
2032 | NULL((void*)0)) | |||
2033 | fatal(NULL((void*)0)); | |||
2034 | if (strlcpy(uw_forwarder->ip, hostbuf, sizeof(uw_forwarder->ip)) | |||
2035 | >= sizeof(uw_forwarder->ip)) | |||
2036 | fatalx("strlcpy"); | |||
2037 | uw_forwarder->port = 53; | |||
2038 | uw_forwarder->if_index = rdns_proposal->if_index; | |||
2039 | uw_forwarder->src = rdns_proposal->src; | |||
2040 | TAILQ_INSERT_TAIL(&new_forwarder_list, uw_forwarder, entry)do { (uw_forwarder)->entry.tqe_next = ((void*)0); (uw_forwarder )->entry.tqe_prev = (&new_forwarder_list)->tqh_last ; *(&new_forwarder_list)->tqh_last = (uw_forwarder); ( &new_forwarder_list)->tqh_last = &(uw_forwarder)-> entry.tqe_next; } while (0); | |||
2041 | ||||
2042 | skip: | |||
2043 | src += addrsz; | |||
2044 | } | |||
2045 | ||||
2046 | TAILQ_FOREACH(tmp, &autoconf_forwarder_list, entry)for((tmp) = ((&autoconf_forwarder_list)->tqh_first); ( tmp) != ((void*)0); (tmp) = ((tmp)->entry.tqe_next)) { | |||
2047 | /* | |||
2048 | * if_index of zero signals to clear all proposals | |||
2049 | * src of zero signals interface gone | |||
2050 | */ | |||
2051 | if ((rdns_proposal->src == 0 || rdns_proposal->src == | |||
2052 | tmp->src) && (rdns_proposal->if_index == 0 || | |||
2053 | rdns_proposal->if_index == tmp->if_index)) | |||
2054 | continue; | |||
2055 | if ((uw_forwarder = calloc(1, sizeof(struct uw_forwarder))) == | |||
2056 | NULL((void*)0)) | |||
2057 | fatal(NULL((void*)0)); | |||
2058 | if (strlcpy(uw_forwarder->ip, tmp->ip, | |||
2059 | sizeof(uw_forwarder->ip)) >= sizeof(uw_forwarder->ip)) | |||
2060 | fatalx("strlcpy"); | |||
2061 | uw_forwarder->port = tmp->port; | |||
2062 | uw_forwarder->src = tmp->src; | |||
2063 | uw_forwarder->if_index = tmp->if_index; | |||
2064 | TAILQ_INSERT_TAIL(&new_forwarder_list, uw_forwarder, entry)do { (uw_forwarder)->entry.tqe_next = ((void*)0); (uw_forwarder )->entry.tqe_prev = (&new_forwarder_list)->tqh_last ; *(&new_forwarder_list)->tqh_last = (uw_forwarder); ( &new_forwarder_list)->tqh_last = &(uw_forwarder)-> entry.tqe_next; } while (0); | |||
2065 | } | |||
2066 | ||||
2067 | changed = check_forwarders_changed(&new_forwarder_list, | |||
2068 | &autoconf_forwarder_list); | |||
2069 | ||||
2070 | if (changed) { | |||
2071 | replace_forwarders(&new_forwarder_list, | |||
2072 | &autoconf_forwarder_list); | |||
2073 | new_resolver(UW_RES_ASR, UNKNOWN); | |||
2074 | new_resolver(UW_RES_AUTOCONF, UNKNOWN); | |||
2075 | new_resolver(UW_RES_ODOT_AUTOCONF, UNKNOWN); | |||
2076 | } else { | |||
2077 | while ((tmp = TAILQ_FIRST(&new_forwarder_list)((&new_forwarder_list)->tqh_first)) != NULL((void*)0)) { | |||
2078 | TAILQ_REMOVE(&new_forwarder_list, tmp, entry)do { if (((tmp)->entry.tqe_next) != ((void*)0)) (tmp)-> entry.tqe_next->entry.tqe_prev = (tmp)->entry.tqe_prev; else (&new_forwarder_list)->tqh_last = (tmp)->entry .tqe_prev; *(tmp)->entry.tqe_prev = (tmp)->entry.tqe_next ; ; ; } while (0); | |||
2079 | free(tmp); | |||
2080 | } | |||
2081 | } | |||
2082 | } | |||
2083 | ||||
2084 | int | |||
2085 | force_tree_cmp(struct force_tree_entry *a, struct force_tree_entry *b) | |||
2086 | { | |||
2087 | return strcasecmp(a->domain, b->domain); | |||
2088 | } | |||
2089 | ||||
2090 | int | |||
2091 | find_force(struct force_tree *tree, char *qname, struct uw_resolver **res) | |||
2092 | { | |||
2093 | struct force_tree_entry *n, e; | |||
2094 | char *p; | |||
2095 | ||||
2096 | if (res) | |||
2097 | *res = NULL((void*)0); | |||
2098 | if (RB_EMPTY(tree)((tree)->rbh_root == ((void*)0))) | |||
2099 | return 0; | |||
2100 | ||||
2101 | p = qname; | |||
2102 | do { | |||
2103 | if (strlcpy(e.domain, p, sizeof(e.domain)) >= sizeof(e.domain)) | |||
2104 | fatal("qname too large"); | |||
2105 | n = RB_FIND(force_tree, tree, &e)force_tree_RB_FIND(tree, &e); | |||
2106 | if (n != NULL((void*)0)) { | |||
2107 | log_debug("%s: %s -> %s[%s]", __func__, qname, p, | |||
2108 | uw_resolver_type_str[n->type]); | |||
2109 | if (res) | |||
2110 | *res = resolvers[n->type]; | |||
2111 | return n->acceptbogus; | |||
2112 | } | |||
2113 | if (*p == '.') | |||
2114 | p++; | |||
2115 | p = strchr(p, '.'); | |||
2116 | if (p != NULL((void*)0) && p[1] != '\0') | |||
2117 | p++; | |||
2118 | } while (p != NULL((void*)0)); | |||
2119 | return 0; | |||
2120 | ||||
2121 | } | |||
2122 | ||||
2123 | int64_t | |||
2124 | histogram_median(int64_t *histogram) | |||
2125 | { | |||
2126 | size_t i; | |||
2127 | int64_t sample_count = 0, running_count = 0; | |||
2128 | ||||
2129 | /* skip first bucket, it contains cache hits */ | |||
2130 | for (i = 1; i < nitems(histogram_limits)(sizeof((histogram_limits)) / sizeof((histogram_limits)[0])); i++) | |||
2131 | sample_count += histogram[i]; | |||
2132 | ||||
2133 | if (sample_count == 0) | |||
2134 | return 0; | |||
2135 | ||||
2136 | for (i = 1; i < nitems(histogram_limits)(sizeof((histogram_limits)) / sizeof((histogram_limits)[0])); i++) { | |||
2137 | running_count += histogram[i]; | |||
2138 | if (running_count >= sample_count / 2) | |||
2139 | break; | |||
2140 | } | |||
2141 | ||||
2142 | if (i >= nitems(histogram_limits)(sizeof((histogram_limits)) / sizeof((histogram_limits)[0])) - 1) | |||
2143 | return INT64_MAX0x7fffffffffffffffLL; | |||
2144 | return (histogram_limits[i - 1] + histogram_limits[i]) / 2; | |||
2145 | } | |||
2146 | ||||
2147 | void | |||
2148 | decay_latest_histograms(int fd, short events, void *arg) | |||
2149 | { | |||
2150 | enum uw_resolver_type i; | |||
2151 | size_t j; | |||
2152 | struct uw_resolver *res; | |||
2153 | struct timeval tv = {DECAY_PERIOD60, 0}; | |||
2154 | ||||
2155 | for (i = 0; i < UW_RES_NONE; i++) { | |||
2156 | res = resolvers[i]; | |||
2157 | if (res == NULL((void*)0)) | |||
2158 | continue; | |||
2159 | for (j = 0; j < nitems(res->latest_histogram)(sizeof((res->latest_histogram)) / sizeof((res->latest_histogram )[0])); j++) | |||
2160 | /* multiply then divide, avoiding truncating to 0 */ | |||
2161 | res->latest_histogram[j] = res->latest_histogram[j] * | |||
2162 | DECAY_NOMINATOR9 / DECAY_DENOMINATOR10; | |||
2163 | res->median = histogram_median(res->latest_histogram); | |||
2164 | } | |||
2165 | evtimer_add(&decay_timer, &tv)event_add(&decay_timer, &tv); | |||
2166 | } | |||
2167 | ||||
2168 | int | |||
2169 | running_query_cnt(void) | |||
2170 | { | |||
2171 | struct running_query *e; | |||
2172 | int cnt = 0; | |||
2173 | ||||
2174 | TAILQ_FOREACH(e, &running_queries, entry)for((e) = ((&running_queries)->tqh_first); (e) != ((void *)0); (e) = ((e)->entry.tqe_next)) | |||
2175 | cnt++; | |||
2176 | return cnt; | |||
2177 | } | |||
2178 | ||||
2179 | int * | |||
2180 | resolvers_to_restart(struct uw_conf *oconf, struct uw_conf *nconf) | |||
2181 | { | |||
2182 | static int restart[UW_RES_NONE]; | |||
2183 | int i; | |||
2184 | ||||
2185 | memset(&restart, 0, sizeof(restart)); | |||
2186 | if (check_forwarders_changed(&oconf->uw_forwarder_list, | |||
2187 | &nconf->uw_forwarder_list)) { | |||
2188 | restart[UW_RES_FORWARDER] = 1; | |||
2189 | restart[UW_RES_ODOT_FORWARDER] = 1; | |||
2190 | } | |||
2191 | if (check_forwarders_changed(&oconf->uw_dot_forwarder_list, | |||
2192 | &nconf->uw_dot_forwarder_list)) { | |||
2193 | restart[UW_RES_DOT] = 1; | |||
2194 | } | |||
2195 | ||||
2196 | for (i = 0; i < UW_RES_NONE; i++) { | |||
2197 | if (oconf->enabled_resolvers[i] != nconf->enabled_resolvers[i]) | |||
2198 | restart[i] = 1; | |||
2199 | } | |||
2200 | return restart; | |||
2201 | } | |||
2202 | ||||
2203 | const char * | |||
2204 | query_imsg2str(struct query_imsg *query_imsg) | |||
2205 | { | |||
2206 | static char buf[sizeof(query_imsg->qname) + 1 + 16 + 1 + 16]; | |||
2207 | char qclass_buf[16]; | |||
2208 | char qtype_buf[16]; | |||
2209 | ||||
2210 | sldns_wire2str_class_buf(query_imsg->c, qclass_buf, sizeof(qclass_buf)); | |||
2211 | sldns_wire2str_type_buf(query_imsg->t, qtype_buf, sizeof(qtype_buf)); | |||
2212 | ||||
2213 | snprintf(buf, sizeof(buf), "%s %s %s", query_imsg->qname, qclass_buf, | |||
2214 | qtype_buf); | |||
2215 | return buf; | |||
2216 | } | |||
2217 | ||||
2218 | char * | |||
2219 | gen_resolv_conf() | |||
2220 | { | |||
2221 | struct uw_forwarder *uw_forwarder; | |||
2222 | char *resolv_conf = NULL((void*)0), *tmp = NULL((void*)0); | |||
2223 | ||||
2224 | TAILQ_FOREACH(uw_forwarder, &autoconf_forwarder_list, entry)for((uw_forwarder) = ((&autoconf_forwarder_list)->tqh_first ); (uw_forwarder) != ((void*)0); (uw_forwarder) = ((uw_forwarder )->entry.tqe_next)) { | |||
2225 | tmp = resolv_conf; | |||
2226 | if (asprintf(&resolv_conf, "%snameserver %s\n", tmp == | |||
2227 | NULL((void*)0) ? "" : tmp, uw_forwarder->ip) == -1) { | |||
2228 | free(tmp); | |||
2229 | return (NULL((void*)0)); | |||
2230 | } | |||
2231 | free(tmp); | |||
2232 | } | |||
2233 | return resolv_conf; | |||
2234 | } | |||
2235 | ||||
2236 | void | |||
2237 | check_dns64(void) | |||
2238 | { | |||
2239 | struct asr_query *aq = NULL((void*)0); | |||
2240 | char *resolv_conf; | |||
2241 | void *asr_ctx; | |||
2242 | ||||
2243 | if (TAILQ_EMPTY(&autoconf_forwarder_list)(((&autoconf_forwarder_list)->tqh_first) == ((void*)0) )) | |||
2244 | return; | |||
2245 | ||||
2246 | if ((resolv_conf = gen_resolv_conf()) == NULL((void*)0)) { | |||
2247 | log_warnx("could not create asr context"); | |||
2248 | return; | |||
2249 | } | |||
2250 | ||||
2251 | if ((asr_ctx = asr_resolver_from_string(resolv_conf)) != NULL((void*)0)) { | |||
2252 | if ((aq = res_query_async("ipv4only.arpa", LDNS_RR_CLASS_IN, | |||
2253 | LDNS_RR_TYPE_AAAA, asr_ctx)) == NULL((void*)0)) { | |||
2254 | log_warn("%s: res_query_async", __func__)uw_log_warn("%s: res_query_async", __func__); | |||
2255 | asr_resolver_free(asr_ctx); | |||
2256 | } | |||
2257 | if (event_asr_run(aq, check_dns64_done, asr_ctx) == NULL((void*)0)) { | |||
2258 | log_warn("%s: event_asr_run", __func__)uw_log_warn("%s: event_asr_run", __func__); | |||
2259 | free(aq); | |||
2260 | asr_resolver_free(asr_ctx); | |||
2261 | } | |||
2262 | } else | |||
2263 | log_warnx("%s: could not create asr context", __func__); | |||
2264 | ||||
2265 | free(resolv_conf); | |||
2266 | } | |||
2267 | ||||
2268 | void | |||
2269 | check_dns64_done(struct asr_result *ar, void *arg) | |||
2270 | { | |||
2271 | /* RFC 7050: ipv4only.arpa resolves to 192.0.0.170 and 192.9.0.171 */ | |||
2272 | const uint8_t wka1[] = {192, 0, 0, 170}; | |||
2273 | const uint8_t wka2[] = {192, 0, 0, 171}; | |||
2274 | struct query_info skip, qinfo; | |||
2275 | struct reply_info *rinfo = NULL((void*)0); | |||
2276 | struct regional *region = NULL((void*)0); | |||
2277 | struct sldns_buffer *buf = NULL((void*)0); | |||
2278 | struct ub_packed_rrset_key *an_rrset = NULL((void*)0); | |||
2279 | struct packed_rrset_data *an_rrset_data; | |||
2280 | struct alloc_cache alloc; | |||
2281 | struct edns_data edns; | |||
2282 | struct dns64_prefix *prefixes = NULL((void*)0); | |||
2283 | size_t i; | |||
2284 | int preflen, count = 0; | |||
2285 | void *asr_ctx = arg; | |||
2286 | ||||
2287 | memset(&qinfo, 0, sizeof(qinfo)); | |||
2288 | alloc_init(&alloc, NULL((void*)0), 0); | |||
2289 | ||||
2290 | if (ar->ar_datalen < LDNS_HEADER_SIZE12) { | |||
2291 | log_warnx("%s: bad packet: too short: %d", __func__, | |||
2292 | ar->ar_datalen); | |||
2293 | goto out; | |||
2294 | } | |||
2295 | ||||
2296 | if (ar->ar_datalen > UINT16_MAX0xffff) { | |||
2297 | log_warnx("%s: bad packet: too large: %d", __func__, | |||
2298 | ar->ar_datalen); | |||
2299 | goto out; | |||
2300 | } | |||
2301 | ||||
2302 | if (ar->ar_rcode == LDNS_RCODE_NXDOMAIN) { | |||
2303 | /* XXX this means that the autoconf resolver is broken */ | |||
2304 | log_debug("%s: NXDOMAIN", __func__); | |||
2305 | goto out; | |||
2306 | } | |||
2307 | ||||
2308 | if ((buf = sldns_buffer_new(ar->ar_datalen)) == NULL((void*)0)) | |||
2309 | goto out; | |||
2310 | ||||
2311 | if ((region = regional_create()) == NULL((void*)0)) | |||
2312 | goto out; | |||
2313 | ||||
2314 | sldns_buffer_write(buf, ar->ar_data, ar->ar_datalen); | |||
2315 | sldns_buffer_flip(buf); | |||
2316 | ||||
2317 | /* read past query section, no memory is allocated */ | |||
2318 | if (!query_info_parse(&skip, buf)) | |||
2319 | goto out; | |||
2320 | ||||
2321 | if (reply_info_parse(buf, &alloc, &qinfo, &rinfo, region, &edns) != 0) | |||
2322 | goto out; | |||
2323 | ||||
2324 | if ((an_rrset = reply_find_answer_rrset(&qinfo, rinfo)) == NULL((void*)0)) | |||
2325 | goto out; | |||
2326 | ||||
2327 | an_rrset_data = (struct packed_rrset_data*)an_rrset->entry.data; | |||
2328 | ||||
2329 | prefixes = calloc(an_rrset_data->count, sizeof(struct dns64_prefix)); | |||
2330 | if (prefixes == NULL((void*)0)) | |||
2331 | goto out; | |||
2332 | ||||
2333 | for (i = 0; i < an_rrset_data->count; i++) { | |||
2334 | struct in6_addr in6; | |||
2335 | ||||
2336 | /* check for AAAA record */ | |||
2337 | if (an_rrset_data->rr_len[i] != 18) /* 2 + 128/8 */ | |||
2338 | continue; | |||
2339 | if (an_rrset_data->rr_data[i][0] != 0 && | |||
2340 | an_rrset_data->rr_data[i][1] != 16) | |||
2341 | continue; | |||
2342 | ||||
2343 | memcpy(&in6, &an_rrset_data->rr_data[i][2], | |||
2344 | sizeof(in6)); | |||
2345 | if ((preflen = dns64_prefixlen(&in6, wka1)) != -1) | |||
2346 | add_dns64_prefix(&in6, preflen, prefixes, | |||
2347 | an_rrset_data->count, WKA1_FOUND1); | |||
2348 | if ((preflen = dns64_prefixlen(&in6, wka2)) != -1) | |||
2349 | add_dns64_prefix(&in6, preflen, prefixes, | |||
2350 | an_rrset_data->count, WKA2_FOUND2); | |||
2351 | } | |||
2352 | ||||
2353 | for (i = 0; i < an_rrset_data->count && prefixes[i].flags != 0; i++) | |||
2354 | if ((prefixes[i].flags & (WKA1_FOUND1 | WKA2_FOUND2)) == | |||
2355 | (WKA1_FOUND1 | WKA2_FOUND2)) | |||
2356 | count++; | |||
2357 | ||||
2358 | dns64_present = count > 0; | |||
2359 | ||||
2360 | if (dns64_present) { | |||
2361 | /* downgrade SLAAC resolvers, DNS64 breaks DNSSEC */ | |||
2362 | if (resolvers[UW_RES_AUTOCONF] != NULL((void*)0) && | |||
2363 | resolvers[UW_RES_AUTOCONF]->state == VALIDATING) | |||
2364 | new_resolver(UW_RES_AUTOCONF, RESOLVING); | |||
2365 | if (resolvers[UW_RES_ODOT_AUTOCONF] != NULL((void*)0) && | |||
2366 | resolvers[UW_RES_ODOT_AUTOCONF]->state == VALIDATING) | |||
2367 | new_resolver(UW_RES_ODOT_AUTOCONF, RESOLVING); | |||
2368 | } | |||
2369 | ||||
2370 | resolver_imsg_compose_frontend(IMSG_NEW_DNS64_PREFIXES_START, 0, | |||
2371 | &count, sizeof(count)); | |||
2372 | for (i = 0; i < an_rrset_data->count && prefixes[i].flags != 0; i++) { | |||
2373 | if ((prefixes[i].flags & (WKA1_FOUND1 | WKA2_FOUND2)) == | |||
2374 | (WKA1_FOUND1 | WKA2_FOUND2)) { | |||
2375 | resolver_imsg_compose_frontend(IMSG_NEW_DNS64_PREFIX, | |||
2376 | 0, &prefixes[i], sizeof(struct dns64_prefix)); | |||
2377 | } | |||
2378 | } | |||
2379 | resolver_imsg_compose_frontend(IMSG_NEW_DNS64_PREFIXES_DONE, 0, NULL((void*)0), | |||
2380 | 0); | |||
2381 | out: | |||
2382 | free(prefixes); | |||
2383 | query_info_clear(&qinfo); | |||
2384 | reply_info_parsedelete(rinfo, &alloc); | |||
2385 | alloc_clear(&alloc); | |||
2386 | regional_destroy(region); | |||
2387 | sldns_buffer_free(buf); | |||
2388 | free(ar->ar_data); | |||
2389 | asr_resolver_free(asr_ctx); | |||
2390 | } | |||
2391 | ||||
2392 | int | |||
2393 | dns64_prefixlen(const struct in6_addr *in6, const uint8_t *wka) | |||
2394 | { | |||
2395 | /* RFC 6052, 2.2 */ | |||
2396 | static const int possible_prefixes[] = {32, 40, 48, 56, 64, 96}; | |||
2397 | size_t i, j; | |||
2398 | int found, pos; | |||
2399 | ||||
2400 | for (i = 0; i < nitems(possible_prefixes)(sizeof((possible_prefixes)) / sizeof((possible_prefixes)[0]) ); i++) { | |||
2401 | pos = possible_prefixes[i] / 8; | |||
2402 | found = 1; | |||
2403 | for (j = 0; j < 4 && found; j++, pos++) { | |||
2404 | if (pos == 8) { | |||
2405 | if (in6->s6_addr__u6_addr.__u6_addr8[pos] != 0) | |||
2406 | found = 0; | |||
2407 | pos++; | |||
2408 | } | |||
2409 | if (in6->s6_addr__u6_addr.__u6_addr8[pos] != wka[j]) | |||
2410 | found = 0; | |||
2411 | } | |||
2412 | if (found) | |||
2413 | return possible_prefixes[i]; | |||
2414 | } | |||
2415 | return -1; | |||
2416 | } | |||
2417 | ||||
2418 | void | |||
2419 | add_dns64_prefix(const struct in6_addr *in6, int prefixlen, | |||
2420 | struct dns64_prefix *prefixes, int prefixes_size, int flag) | |||
2421 | { | |||
2422 | struct in6_addr tmp; | |||
2423 | int i; | |||
2424 | ||||
2425 | tmp = *in6; | |||
2426 | ||||
2427 | for(i = prefixlen / 8; i < 16; i++) | |||
2428 | tmp.s6_addr__u6_addr.__u6_addr8[i] = 0; | |||
2429 | ||||
2430 | for (i = 0; i < prefixes_size; i++) { | |||
2431 | if (prefixes[i].flags == 0) { | |||
2432 | prefixes[i].in6 = tmp; | |||
2433 | prefixes[i].prefixlen = prefixlen; | |||
2434 | prefixes[i].flags |= flag; | |||
2435 | break; | |||
2436 | } else if (prefixes[i].prefixlen == prefixlen && | |||
2437 | memcmp(&prefixes[i].in6, &tmp, sizeof(tmp)) == 0) { | |||
2438 | prefixes[i].flags |= flag; | |||
2439 | break; | |||
2440 | } | |||
2441 | } | |||
2442 | } |