Blame
Date:
Mon Jan 11 09:00:47 2021 UTC
Message:
a usleep makes it unnecessary slow, I guess it forces a context switch...
0001
2016-07-06
pjp
/*
0002
2021-01-04
pjp
* Copyright (c) 2002-2021 Peter J. Philipp
0003
2016-07-06
pjp
* All rights reserved.
0004
2016-07-06
pjp
*
0005
2016-07-06
pjp
* Redistribution and use in source and binary forms, with or without
0006
2016-07-06
pjp
* modification, are permitted provided that the following conditions
0007
2016-07-06
pjp
* are met:
0008
2016-07-06
pjp
* 1. Redistributions of source code must retain the above copyright
0009
2016-07-06
pjp
* notice, this list of conditions and the following disclaimer.
0010
2016-07-06
pjp
* 2. Redistributions in binary form must reproduce the above copyright
0011
2016-07-06
pjp
* notice, this list of conditions and the following disclaimer in the
0012
2016-07-06
pjp
* documentation and/or other materials provided with the distribution.
0013
2016-07-06
pjp
* 3. The name of the author may not be used to endorse or promote products
0014
2016-07-06
pjp
* derived from this software without specific prior written permission
0015
2016-07-06
pjp
*
0016
2016-07-06
pjp
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
0017
2016-07-06
pjp
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
0018
2016-07-06
pjp
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
0019
2016-07-06
pjp
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
0020
2016-07-06
pjp
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
0021
2016-07-06
pjp
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
0022
2016-07-06
pjp
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
0023
2016-07-06
pjp
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
0024
2016-07-06
pjp
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
0025
2016-07-06
pjp
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
0026
2016-07-06
pjp
*
0027
2016-07-06
pjp
*/
0028
2017-10-26
pjp
0029
2019-06-06
pjp
#include <sys/types.h>
0030
2019-06-06
pjp
#include <sys/socket.h>
0031
2019-06-06
pjp
#include <sys/time.h>
0032
2019-06-06
pjp
#include <sys/stat.h>
0033
2019-06-06
pjp
#include <sys/uio.h>
0034
2019-06-06
pjp
#include <sys/mman.h>
0035
2019-06-06
pjp
#include <sys/wait.h>
0036
2019-06-06
pjp
#include <sys/un.h>
0037
2017-10-26
pjp
0038
2019-06-06
pjp
#include <net/if.h>
0039
2019-06-06
pjp
0040
2019-06-06
pjp
#include <netinet/in.h>
0041
2019-06-06
pjp
#include <arpa/inet.h>
0042
2019-06-06
pjp
#include <netdb.h>
0043
2019-06-06
pjp
0044
2019-06-06
pjp
#include <stdio.h>
0045
2019-06-06
pjp
#include <stdlib.h>
0046
2019-06-06
pjp
#include <stdint.h>
0047
2019-06-06
pjp
#include <stdarg.h>
0048
2019-06-06
pjp
#include <string.h>
0049
2019-06-06
pjp
#include <unistd.h>
0050
2019-06-06
pjp
#include <fcntl.h>
0051
2019-06-06
pjp
#include <errno.h>
0052
2019-06-06
pjp
#include <syslog.h>
0053
2019-06-06
pjp
#include <ctype.h>
0054
2019-06-06
pjp
#include <pwd.h>
0055
2019-06-06
pjp
#include <ifaddrs.h>
0056
2019-06-06
pjp
#include <dirent.h>
0057
2019-06-06
pjp
#include <signal.h>
0058
2019-06-06
pjp
#include <time.h>
0059
2019-06-06
pjp
0060
2019-06-06
pjp
#ifdef __linux__
0061
2020-07-13
pjp
#include <linux/bpf.h>
0062
2020-07-13
pjp
#include <linux/filter.h>
0063
2019-06-06
pjp
#include <grp.h>
0064
2019-06-06
pjp
#define __USE_BSD 1
0065
2019-06-06
pjp
#include <endian.h>
0066
2019-06-06
pjp
#include <bsd/stdlib.h>
0067
2019-06-06
pjp
#include <bsd/string.h>
0068
2019-06-06
pjp
#include <bsd/unistd.h>
0069
2019-06-06
pjp
#include <bsd/sys/queue.h>
0070
2019-06-06
pjp
#define __unused
0071
2019-06-06
pjp
#include <bsd/sys/tree.h>
0072
2019-06-06
pjp
#include <bsd/sys/endian.h>
0073
2019-06-06
pjp
#include "imsg.h"
0074
2019-06-06
pjp
#else /* not linux */
0075
2019-06-06
pjp
#include <sys/queue.h>
0076
2019-06-06
pjp
#include <sys/tree.h>
0077
2019-06-06
pjp
#ifdef __FreeBSD__
0078
2019-06-06
pjp
#include "imsg.h"
0079
2019-06-06
pjp
#else
0080
2019-06-06
pjp
#include <imsg.h>
0081
2019-06-06
pjp
#endif /* __FreeBSD__ */
0082
2019-06-06
pjp
#endif /* __linux__ */
0083
2019-06-06
pjp
0084
2019-06-06
pjp
#ifndef NTOHS
0085
2019-06-06
pjp
#include "endian.h"
0086
2019-06-06
pjp
#endif
0087
2019-06-06
pjp
0088
2016-07-06
pjp
#include "ddd-dns.h"
0089
2016-07-06
pjp
#include "ddd-db.h"
0090
2016-07-06
pjp
#include "ddd-config.h"
0091
2016-07-06
pjp
0092
2016-07-06
pjp
/* prototypes */
0093
2016-07-06
pjp
0094
2020-07-08
pjp
extern char *convert_name(char *, int);
0095
2019-12-03
pjp
extern void pack(char *, char *, int);
0096
2019-12-03
pjp
extern void pack32(char *, u_int32_t);
0097
2019-12-03
pjp
extern void pack16(char *, u_int16_t);
0098
2019-12-03
pjp
extern void pack8(char *, u_int8_t);
0099
2019-12-03
pjp
extern uint32_t unpack32(char *);
0100
2019-12-03
pjp
extern uint16_t unpack16(char *);
0101
2019-12-03
pjp
extern void unpack(char *, char *, int);
0102
2019-12-03
pjp
0103
2016-07-06
pjp
extern void add_rrlimit(int, u_int16_t *, int, char *);
0104
2017-08-09
pjp
extern void axfrloop(int *, int, char **, ddDB *, struct imsgbuf *);
0105
2020-07-03
pjp
extern void forwardloop(ddDB *, struct cfg *, struct imsgbuf *, struct imsgbuf *);
0106
2020-06-25
pjp
extern void replicantloop(ddDB *, struct imsgbuf *);
0107
2019-02-26
pjp
extern struct question *build_fake_question(char *, int, u_int16_t, char *, int);
0108
2017-01-09
pjp
extern int check_ent(char *, int);
0109
2016-07-06
pjp
extern int check_rrlimit(int, u_int16_t *, int, char *);
0110
2016-07-06
pjp
extern void collects_init(void);
0111
2016-07-06
pjp
extern void dolog(int, char *, ...);
0112
2017-08-09
pjp
extern int find_axfr(struct sockaddr_storage *, int);
0113
2016-07-06
pjp
extern int find_filter(struct sockaddr_storage *, int);
0114
2016-07-06
pjp
extern u_int8_t find_region(struct sockaddr_storage *, int);
0115
2020-07-16
pjp
extern int find_passlist(struct sockaddr_storage *, int);
0116
2019-02-24
pjp
extern int find_tsig(struct sockaddr_storage *, int);
0117
2016-08-30
pjp
extern char * get_dns_type(int, int);
0118
2016-07-06
pjp
extern void init_dnssec(void);
0119
2016-07-06
pjp
extern void init_region(void);
0120
2017-06-26
pjp
extern int init_entlist(ddDB *);
0121
2016-07-06
pjp
extern void init_filter(void);
0122
2020-07-16
pjp
extern void init_passlist(void);
0123
2019-02-24
pjp
extern void init_tsig(void);
0124
2020-06-25
pjp
extern void init_notifyddd(void);
0125
2020-01-16
pjp
extern struct rbtree * lookup_zone(ddDB *, struct question *, int *, int *, char *, int);
0126
2019-10-31
pjp
extern struct rbtree * Lookup_zone(ddDB *, char *, u_int16_t, u_int16_t, int);
0127
2017-01-11
pjp
extern int memcasecmp(u_char *, u_char *, int);
0128
2020-07-21
pjp
extern int reply_a(struct sreply *, int *, ddDB *);
0129
2020-07-21
pjp
extern int reply_aaaa(struct sreply *, int *, ddDB *);
0130
2020-07-21
pjp
extern int reply_any(struct sreply *, int *, ddDB *);
0131
2020-07-21
pjp
extern int reply_badvers(struct sreply *, int *, ddDB *);
0132
2020-07-21
pjp
extern int reply_nodata(struct sreply *, int *, ddDB *);
0133
2020-07-21
pjp
extern int reply_cname(struct sreply *, int *, ddDB *);
0134
2020-07-21
pjp
extern int reply_fmterror(struct sreply *, int *, ddDB *);
0135
2020-07-21
pjp
extern int reply_notauth(struct sreply *, int *, ddDB *);
0136
2020-07-21
pjp
extern int reply_notimpl(struct sreply *, int *, ddDB *);
0137
2020-07-21
pjp
extern int reply_nxdomain(struct sreply *, int *, ddDB *);
0138
2020-07-21
pjp
extern int reply_noerror(struct sreply *, int *, ddDB *);
0139
2020-07-21
pjp
extern int reply_notify(struct sreply *, int *, ddDB *);
0140
2020-07-21
pjp
extern int reply_soa(struct sreply *, int *, ddDB *);
0141
2020-07-21
pjp
extern int reply_mx(struct sreply *, int *, ddDB *);
0142
2020-07-21
pjp
extern int reply_naptr(struct sreply *, int *, ddDB *);
0143
2020-07-21
pjp
extern int reply_ns(struct sreply *, int *, ddDB *);
0144
2020-07-21
pjp
extern int reply_ptr(struct sreply *, int *, ddDB *);
0145
2020-07-21
pjp
extern int reply_refused(struct sreply *, int *, ddDB *);
0146
2020-07-21
pjp
extern int reply_srv(struct sreply *, int *, ddDB *);
0147
2020-07-21
pjp
extern int reply_sshfp(struct sreply *, int *, ddDB *);
0148
2020-07-21
pjp
extern int reply_tlsa(struct sreply *, int *, ddDB *);
0149
2020-07-21
pjp
extern int reply_txt(struct sreply *, int *, ddDB *);
0150
2020-07-21
pjp
extern int reply_version(struct sreply *, int *, ddDB *);
0151
2020-07-21
pjp
extern int reply_rrsig(struct sreply *, int *, ddDB *);
0152
2020-07-21
pjp
extern int reply_dnskey(struct sreply *, int *, ddDB *);
0153
2020-07-23
pjp
extern int reply_caa(struct sreply *, int *, ddDB *);
0154
2020-07-23
pjp
extern int reply_rp(struct sreply *, int *, ddDB *);
0155
2020-07-23
pjp
extern int reply_hinfo(struct sreply *, int *, ddDB *);
0156
2020-07-21
pjp
extern int reply_ds(struct sreply *, int *, ddDB *);
0157
2020-07-21
pjp
extern int reply_nsec(struct sreply *, int *, ddDB *);
0158
2020-07-21
pjp
extern int reply_nsec3(struct sreply *, int *, ddDB *);
0159
2020-07-21
pjp
extern int reply_nsec3param(struct sreply *, int *, ddDB *);
0160
2016-07-06
pjp
extern char *rrlimit_setup(int);
0161
2016-07-06
pjp
extern char *dns_label(char *, int *);
0162
2020-06-25
pjp
extern void ddd_shutdown(void);
0163
2017-06-26
pjp
extern int get_record_size(ddDB *, char *, int);
0164
2019-02-26
pjp
extern struct question *build_question(char *, int, int, char *);
0165
2019-02-07
pjp
extern int free_question(struct question *);
0166
2019-02-15
pjp
extern struct rbtree * find_rrset(ddDB *db, char *name, int len);
0167
2019-02-15
pjp
extern struct rrset * find_rr(struct rbtree *rbt, u_int16_t rrtype);
0168
2019-10-25
pjp
extern int add_rr(struct rbtree *, char *, int, u_int16_t, void *);
0169
2019-10-25
pjp
extern int display_rr(struct rrset *rrset);
0170
2019-10-25
pjp
extern int notifysource(struct question *, struct sockaddr_storage *);
0171
2019-11-06
pjp
extern int drop_privs(char *, struct passwd *);
0172
2019-11-11
pjp
extern struct rbtree * get_soa(ddDB *, struct question *);
0173
2019-11-11
pjp
extern struct rbtree * get_ns(ddDB *, struct rbtree *, int *);
0174
2020-08-26
pjp
extern void populate_zone(ddDB *db);
0175
2021-01-07
pjp
extern int tsigpassname_contains(char *, int, int *);
0176
2016-07-06
pjp
0177
2019-02-15
pjp
0178
2020-07-06
pjp
struct question *convert_question(struct parsequestion *, int);
0179
2020-06-29
pjp
void build_reply(struct sreply *, int, char *, int, struct question *, struct sockaddr *, socklen_t, struct rbtree *, struct rbtree *, u_int8_t, int, int, char *);
0180
2019-11-11
pjp
int determine_glue(ddDB *db);
0181
2020-06-25
pjp
void mainloop(struct cfg *, struct imsgbuf *);
0182
2016-07-06
pjp
void master_reload(int);
0183
2016-07-06
pjp
void master_shutdown(int);
0184
2020-06-25
pjp
void setup_master(ddDB *, char **, char *, struct imsgbuf *);
0185
2020-06-25
pjp
void setup_cortex(struct imsgbuf *);
0186
2019-01-29
pjp
void setup_unixsocket(char *, struct imsgbuf *);
0187
2020-06-25
pjp
void ddd_signal(int);
0188
2020-07-03
pjp
void tcploop(struct cfg *, struct imsgbuf *, struct imsgbuf *);
0189
2020-06-25
pjp
void parseloop(struct cfg *, struct imsgbuf *);
0190
2020-06-25
pjp
struct imsgbuf * register_cortex(struct imsgbuf *, int);
0191
2020-06-25
pjp
void nomore_neurons(struct imsgbuf *);
0192
2020-07-13
pjp
int bind_this_res(struct addrinfo *, int);
0193
2020-07-13
pjp
int bind_this_pifap(struct ifaddrs *, int, int);
0194
2021-01-11
pjp
char * sm_init(size_t, size_t);
0195
2021-01-11
pjp
size_t sm_size(size_t, size_t);
0196
2021-01-11
pjp
void sm_lock(char *, size_t);
0197
2021-01-11
pjp
void sm_unlock(char *, size_t);
0198
2016-07-06
pjp
0199
2016-07-06
pjp
/* aliases */
0200
2016-07-06
pjp
0201
2016-07-06
pjp
0202
2016-07-06
pjp
#define MYDB_PATH "/var/db/delphinusdns"
0203
2016-07-06
pjp
0204
2019-01-25
pjp
/* structs */
0205
2019-01-25
pjp
0206
2020-07-06
pjp
/* reply_logic is mirrored with forward.c */
0207
2020-07-06
pjp
static struct reply_logic rlogic[] = {
0208
2019-01-25
pjp
{ DNS_TYPE_A, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0209
2019-01-25
pjp
{ DNS_TYPE_A, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0210
2019-01-25
pjp
{ DNS_TYPE_A, DNS_TYPE_A, BUILD_OTHER, reply_a },
0211
2019-01-25
pjp
{ DNS_TYPE_AAAA, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0212
2019-01-25
pjp
{ DNS_TYPE_AAAA, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0213
2019-01-25
pjp
{ DNS_TYPE_AAAA, DNS_TYPE_AAAA, BUILD_OTHER, reply_aaaa },
0214
2019-01-25
pjp
{ DNS_TYPE_DNSKEY, DNS_TYPE_DNSKEY, BUILD_OTHER, reply_dnskey },
0215
2019-01-25
pjp
{ DNS_TYPE_SOA, DNS_TYPE_SOA, BUILD_OTHER, reply_soa },
0216
2019-01-25
pjp
{ DNS_TYPE_SOA, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0217
2019-01-25
pjp
{ DNS_TYPE_MX, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0218
2019-01-25
pjp
{ DNS_TYPE_MX, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0219
2019-01-25
pjp
{ DNS_TYPE_MX, DNS_TYPE_MX, BUILD_OTHER, reply_mx },
0220
2019-01-25
pjp
{ DNS_TYPE_TXT, DNS_TYPE_TXT, BUILD_OTHER, reply_txt },
0221
2019-01-25
pjp
{ DNS_TYPE_NS, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0222
2019-01-25
pjp
{ DNS_TYPE_ANY, DNS_TYPE_ANY, BUILD_OTHER, reply_any },
0223
2019-01-25
pjp
{ DNS_TYPE_DS, DNS_TYPE_DS, BUILD_OTHER, reply_ds },
0224
2019-01-25
pjp
{ DNS_TYPE_SSHFP, DNS_TYPE_SSHFP, BUILD_OTHER, reply_sshfp },
0225
2019-01-25
pjp
{ DNS_TYPE_TLSA, DNS_TYPE_TLSA, BUILD_OTHER, reply_tlsa },
0226
2019-01-25
pjp
{ DNS_TYPE_SRV, DNS_TYPE_SRV, BUILD_OTHER, reply_srv },
0227
2019-01-25
pjp
{ DNS_TYPE_CNAME, DNS_TYPE_CNAME, BUILD_OTHER, reply_cname },
0228
2019-01-25
pjp
{ DNS_TYPE_CNAME, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0229
2019-01-25
pjp
{ DNS_TYPE_NSEC3PARAM, DNS_TYPE_NSEC3PARAM, BUILD_OTHER, reply_nsec3param },
0230
2019-01-25
pjp
{ DNS_TYPE_PTR, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0231
2019-01-25
pjp
{ DNS_TYPE_PTR, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0232
2019-01-25
pjp
{ DNS_TYPE_PTR, DNS_TYPE_PTR, BUILD_OTHER, reply_ptr },
0233
2019-01-25
pjp
{ DNS_TYPE_NAPTR, DNS_TYPE_NAPTR, BUILD_OTHER, reply_naptr },
0234
2019-01-25
pjp
{ DNS_TYPE_NSEC3, DNS_TYPE_NSEC3, BUILD_OTHER, reply_nsec3 },
0235
2019-01-25
pjp
{ DNS_TYPE_NSEC, DNS_TYPE_NSEC, BUILD_OTHER, reply_nsec },
0236
2019-01-25
pjp
{ DNS_TYPE_RRSIG, DNS_TYPE_RRSIG, BUILD_OTHER, reply_rrsig },
0237
2020-07-23
pjp
{ DNS_TYPE_CAA, DNS_TYPE_CAA, BUILD_OTHER, reply_caa },
0238
2020-07-23
pjp
{ DNS_TYPE_RP, DNS_TYPE_RP, BUILD_OTHER, reply_rp },
0239
2020-07-23
pjp
{ DNS_TYPE_HINFO, DNS_TYPE_HINFO, BUILD_OTHER, reply_hinfo },
0240
2019-01-25
pjp
{ 0, 0, 0, NULL }
0241
2019-01-25
pjp
};
0242
2020-07-06
pjp
0243
2019-01-25
pjp
0244
2020-07-06
pjp
0245
2019-06-07
pjp
TAILQ_HEAD(, tcpentry) tcphead;
0246
2019-06-07
pjp
0247
2019-06-07
pjp
struct tcpentry {
0248
2019-06-07
pjp
int intidx;
0249
2019-12-26
pjp
uint bytes_read;
0250
2019-06-07
pjp
int bytes_expected;
0251
2019-12-26
pjp
uint bytes_limit;
0252
2019-12-26
pjp
int seen; /* seen heading bytes */
0253
2019-06-07
pjp
int so;
0254
2019-06-07
pjp
time_t last_used;
0255
2020-01-14
pjp
char buf[0xffff + 3];
0256
2019-06-07
pjp
char *address;
0257
2019-06-07
pjp
TAILQ_ENTRY(tcpentry) tcpentries;
0258
2019-06-07
pjp
} *tcpn1, *tcpn2, *tcpnp;
0259
2019-06-07
pjp
0260
2016-07-06
pjp
/* global variables */
0261
2016-07-06
pjp
0262
2016-07-06
pjp
extern char *__progname;
0263
2016-07-06
pjp
extern int axfrport;
0264
2016-07-06
pjp
extern int ratelimit;
0265
2016-07-06
pjp
extern int ratelimit_packets_per_second;
0266
2020-07-16
pjp
extern int passlist;
0267
2019-02-24
pjp
extern int tsig;
0268
2017-01-09
pjp
extern int dnssec;
0269
2019-11-01
pjp
extern int raxfrflag;
0270
2020-09-30
pjp
extern u_int max_udp_payload;
0271
2021-01-08
pjp
extern uint8_t rdomain;
0272
2021-01-08
pjp
extern uint8_t forward_rdomain;
0273
2016-07-06
pjp
0274
2016-07-06
pjp
static int reload = 0;
0275
2016-07-06
pjp
static int mshutdown = 0;
0276
2016-07-06
pjp
static int msig;
0277
2016-07-06
pjp
static char *rptr;
0278
2016-07-06
pjp
static int ratelimit_backlog;
0279
2016-07-06
pjp
0280
2016-07-06
pjp
int debug = 0;
0281
2016-07-06
pjp
int verbose = 0;
0282
2016-07-06
pjp
int bflag = 0;
0283
2016-07-06
pjp
int iflag = 0;
0284
2016-07-06
pjp
int lflag = 0;
0285
2016-07-06
pjp
int nflag = 0;
0286
2016-07-06
pjp
int bcount = 0;
0287
2016-07-06
pjp
int icount = 0;
0288
2020-06-30
pjp
int forward = 0;
0289
2020-07-01
pjp
int forwardtsig = 0;
0290
2020-07-17
pjp
int strictx20i = 1;
0291
2020-07-03
pjp
int zonecount = 0;
0292
2021-01-07
pjp
int tsigpassname = 0;
0293
2020-07-06
pjp
int cache = 0;
0294
2016-07-06
pjp
u_int16_t port = 53;
0295
2016-07-06
pjp
u_int32_t cachesize = 0;
0296
2016-07-06
pjp
char *bind_list[255];
0297
2016-07-06
pjp
char *interface_list[255];
0298
2021-01-06
pjp
char *identstring = NULL;
0299
2017-01-03
pjp
#ifndef DD_VERSION
0300
2020-11-23
pjp
char *versionstring = "delphinusdnsd-1.5";
0301
2017-12-27
pjp
uint8_t vslen = 17;
0302
2017-01-03
pjp
#else
0303
2017-01-03
pjp
char *versionstring = DD_VERSION;
0304
2017-01-03
pjp
uint8_t vslen = DD_VERSION_LEN;
0305
2017-01-03
pjp
#endif
0306
2020-06-25
pjp
pid_t *ptr = 0;
0307
2020-03-10
pjp
long glob_time_offset = 0;
0308
2016-07-06
pjp
0309
2016-07-06
pjp
/*
0310
2016-07-06
pjp
* MAIN - set up arguments, set up database, set up sockets, call mainloop
0311
2016-07-06
pjp
*
0312
2016-07-06
pjp
*/
0313
2016-07-06
pjp
0314
2016-07-06
pjp
int
0315
2017-10-04
pjp
main(int argc, char *argv[], char *environ[])
0316
2016-07-06
pjp
{
0317
2016-07-06
pjp
static int udp[DEFAULT_SOCKET];
0318
2016-07-06
pjp
static int tcp[DEFAULT_SOCKET];
0319
2016-07-06
pjp
static int afd[DEFAULT_SOCKET];
0320
2016-07-06
pjp
static int uafd[DEFAULT_SOCKET];
0321
2017-06-26
pjp
int n;
0322
2016-07-06
pjp
0323
2016-07-06
pjp
int ch, i, j;
0324
2016-07-06
pjp
int gai_error;
0325
2017-06-26
pjp
int salen;
0326
2016-07-06
pjp
int found = 0;
0327
2016-07-06
pjp
int on = 1;
0328
2021-01-06
pjp
int usesp = 0;
0329
2016-07-06
pjp
0330
2016-07-06
pjp
pid_t pid;
0331
2016-07-06
pjp
0332
2016-07-06
pjp
static char *ident[DEFAULT_SOCKET];
0333
2016-07-06
pjp
char *conffile = CONFFILE;
0334
2021-01-06
pjp
char buf[PATH_MAX];
0335
2016-07-06
pjp
char **av = NULL;
0336
2019-01-29
pjp
char *socketpath = SOCKPATH;
0337
2016-07-06
pjp
0338
2016-07-06
pjp
struct passwd *pw;
0339
2016-07-06
pjp
struct addrinfo hints, *res0, *res;
0340
2016-07-06
pjp
struct ifaddrs *ifap, *pifap;
0341
2016-07-06
pjp
struct sockaddr_in *sin;
0342
2016-07-06
pjp
struct sockaddr_in6 *sin6;
0343
2016-07-06
pjp
struct cfg *cfg;
0344
2020-06-25
pjp
struct imsgbuf cortex_ibuf;
0345
2020-06-25
pjp
struct imsgbuf *ibuf;
0346
2016-07-06
pjp
0347
2017-06-26
pjp
static ddDB *db;
0348
2020-03-10
pjp
0349
2020-03-10
pjp
time_t now;
0350
2020-03-10
pjp
struct tm *ltm;
0351
2017-06-27
pjp
0352
2020-07-10
pjp
char *shptr;
0353
2017-06-27
pjp
0354
2016-07-06
pjp
if (geteuid() != 0) {
0355
2019-09-12
pjp
fprintf(stderr, "must be started as root\n");
0356
2016-07-06
pjp
exit(1);
0357
2016-07-06
pjp
}
0358
2016-07-06
pjp
0359
2020-03-10
pjp
now = time(NULL);
0360
2020-03-10
pjp
ltm = localtime(&now);
0361
2020-03-10
pjp
glob_time_offset = ltm->tm_gmtoff;
0362
2020-03-10
pjp
0363
2016-07-06
pjp
av = argv;
0364
2019-12-19
pjp
0365
2017-10-04
pjp
#if __linux__
0366
2017-10-04
pjp
setproctitle_init(argc, av, environ);
0367
2017-10-04
pjp
#endif
0368
2017-10-04
pjp
0369
2017-10-04
pjp
0370
2021-01-06
pjp
while ((ch = getopt(argc, argv, "b:df:I:i:ln:p:s:v")) != -1) {
0371
2016-07-06
pjp
switch (ch) {
0372
2016-07-06
pjp
case 'b':
0373
2016-07-06
pjp
bflag = 1;
0374
2016-07-06
pjp
if (bcount > 253) {
0375
2016-07-06
pjp
fprintf(stderr, "too many -b flags\n");
0376
2016-07-06
pjp
exit(1);
0377
2016-07-06
pjp
}
0378
2016-07-06
pjp
bind_list[bcount++] = optarg;
0379
2016-07-06
pjp
break;
0380
2016-07-06
pjp
case 'd':
0381
2016-07-06
pjp
debug = 1;
0382
2016-07-06
pjp
break;
0383
2016-07-06
pjp
case 'f':
0384
2016-07-06
pjp
conffile = optarg;
0385
2016-07-06
pjp
break;
0386
2021-01-06
pjp
case 'I':
0387
2021-01-06
pjp
identstring = optarg;
0388
2021-01-06
pjp
break;
0389
2016-07-06
pjp
case 'i':
0390
2016-07-06
pjp
iflag = 1;
0391
2016-07-06
pjp
if (icount > 254) {
0392
2016-07-06
pjp
fprintf(stderr, "too many -i flags\n");
0393
2016-07-06
pjp
exit(1);
0394
2016-07-06
pjp
}
0395
2016-07-06
pjp
interface_list[icount++] = optarg;
0396
2016-07-06
pjp
break;
0397
2016-07-06
pjp
case 'l':
0398
2016-07-06
pjp
lflag = 1;
0399
2016-07-06
pjp
break;
0400
2016-07-06
pjp
case 'n':
0401
2016-07-06
pjp
nflag = atoi(optarg);
0402
2016-07-06
pjp
break;
0403
2016-07-06
pjp
case 'p':
0404
2016-07-06
pjp
port = atoi(optarg) & 0xffff;
0405
2016-07-06
pjp
break;
0406
2019-01-29
pjp
case 's':
0407
2019-01-29
pjp
socketpath = optarg;
0408
2021-01-06
pjp
usesp = 1;
0409
2019-01-29
pjp
break;
0410
2016-07-06
pjp
case 'v':
0411
2016-07-06
pjp
verbose++;
0412
2016-07-06
pjp
break;
0413
2016-07-06
pjp
default:
0414
2016-07-06
pjp
fprintf(stderr, "usage: delphinusdnsd [-i interface] [-b bindaddress] [-f configfile] [-p portnumber] [-drv]\n");
0415
2016-07-06
pjp
exit (1);
0416
2016-07-06
pjp
}
0417
2016-07-06
pjp
}
0418
2016-07-06
pjp
0419
2016-07-06
pjp
if (bflag && iflag) {
0420
2016-07-06
pjp
fprintf(stderr, "you may specify -i or -b but not both\n");
0421
2016-07-06
pjp
exit(1);
0422
2016-07-06
pjp
}
0423
2016-07-06
pjp
0424
2021-01-06
pjp
if (identstring != NULL && usesp) {
0425
2021-01-06
pjp
fprintf(stderr, "cannot specify -I and -s together\n");
0426
2021-01-06
pjp
exit(1);
0427
2021-01-06
pjp
}
0428
2021-01-06
pjp
0429
2021-01-06
pjp
if (identstring) {
0430
2021-01-06
pjp
snprintf(buf, sizeof(buf), "/var/run/delphinusdnsd-%s.sock",
0431
2021-01-06
pjp
identstring);
0432
2021-01-06
pjp
0433
2021-01-06
pjp
if ((socketpath = strdup(buf)) == NULL) {
0434
2021-01-06
pjp
perror("strdup");
0435
2021-01-06
pjp
exit(1);
0436
2021-01-06
pjp
}
0437
2021-01-06
pjp
}
0438
2021-01-06
pjp
0439
2016-07-06
pjp
/*
0440
2016-07-06
pjp
* calling daemon before a sleuth of configurations ala rwhod.c
0441
2016-07-06
pjp
*/
0442
2016-07-06
pjp
0443
2016-07-06
pjp
if (! debug)
0444
2016-07-06
pjp
daemon(0,0);
0445
2018-07-11
pjp
else {
0446
2019-11-02
pjp
int status;
0447
2018-07-11
pjp
/*
0448
2019-11-02
pjp
* clean up any zombies left behind, this is only in debug mode
0449
2019-11-02
pjp
*/
0450
2019-11-02
pjp
0451
2019-11-02
pjp
while (waitpid(-1, &status, WNOHANG) > 0);
0452
2019-11-02
pjp
0453
2019-11-02
pjp
/*
0454
2018-07-11
pjp
* even if in debug mode we want to have our own parent group
0455
2018-07-11
pjp
* for reasons in that regress needs it when killing debug
0456
2018-07-11
pjp
* mode delphinusdnsd
0457
2018-07-11
pjp
*/
0458
2016-07-06
pjp
0459
2018-07-12
pjp
#if __linux__
0460
2018-07-12
pjp
if (setpgrp() < 0) {
0461
2018-07-12
pjp
#else
0462
2018-07-11
pjp
if (setpgrp(0, 0) < 0) {
0463
2018-07-12
pjp
#endif
0464
2018-07-11
pjp
perror("setpgrp");
0465
2018-07-11
pjp
exit(1);
0466
2018-07-11
pjp
}
0467
2018-07-11
pjp
}
0468
2018-07-11
pjp
0469
2018-07-11
pjp
0470
2016-07-06
pjp
openlog(__progname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
0471
2016-07-06
pjp
dolog(LOG_INFO, "starting up\n");
0472
2016-07-06
pjp
0473
2016-07-06
pjp
/* cfg struct */
0474
2016-07-06
pjp
cfg = calloc(1, sizeof(struct cfg));
0475
2016-07-06
pjp
if (cfg == NULL) {
0476
2016-07-06
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
0477
2016-07-06
pjp
exit(1);
0478
2016-07-06
pjp
}
0479
2017-08-09
pjp
0480
2016-07-06
pjp
/*
0481
2016-07-06
pjp
* make a shared memory segment for signaling kills between
0482
2016-07-06
pjp
* processes...
0483
2016-07-06
pjp
*/
0484
2016-07-06
pjp
0485
2016-07-06
pjp
0486
2020-06-25
pjp
ptr = mmap(NULL, sizeof(pid_t), PROT_READ | PROT_WRITE, MAP_SHARED |\
0487
2016-07-06
pjp
MAP_ANON, -1, 0);
0488
2016-07-06
pjp
0489
2016-07-06
pjp
if (ptr == MAP_FAILED) {
0490
2016-07-06
pjp
dolog(LOG_ERR, "failed to setup mmap segment, exit\n");
0491
2016-07-06
pjp
exit(1);
0492
2016-07-06
pjp
}
0493
2016-07-06
pjp
0494
2016-07-06
pjp
*ptr = 0;
0495
2016-07-06
pjp
0496
2017-06-26
pjp
/* open internal database */
0497
2016-07-06
pjp
0498
2017-06-26
pjp
db = dddbopen();
0499
2017-06-26
pjp
if (db == NULL) {
0500
2017-06-26
pjp
dolog(LOG_INFO, "dddbopen() failed\n");
0501
2020-06-25
pjp
ddd_shutdown();
0502
2016-07-06
pjp
exit(1);
0503
2016-07-06
pjp
}
0504
2016-07-06
pjp
0505
2020-06-25
pjp
0506
2020-06-25
pjp
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, &cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[0]) < 0) {
0507
2017-08-09
pjp
dolog(LOG_INFO, "socketpair() failed\n");
0508
2020-06-25
pjp
ddd_shutdown();
0509
2017-08-09
pjp
exit(1);
0510
2017-08-09
pjp
}
0511
2017-08-09
pjp
0512
2017-06-26
pjp
pid = fork();
0513
2017-06-26
pjp
switch (pid) {
0514
2017-06-26
pjp
case -1:
0515
2017-06-26
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
0516
2016-07-06
pjp
exit(1);
0517
2017-06-26
pjp
case 0:
0518
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[0]);
0519
2020-06-25
pjp
imsg_init(&cortex_ibuf, cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[1]);
0520
2020-06-25
pjp
setup_cortex(&cortex_ibuf);
0521
2020-06-25
pjp
/* NOTREACHED */
0522
2020-06-25
pjp
exit(1);
0523
2020-06-25
pjp
0524
2019-11-03
pjp
break;
0525
2019-11-03
pjp
default:
0526
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[1]);
0527
2020-06-25
pjp
imsg_init(&cortex_ibuf, cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[0]);
0528
2020-06-25
pjp
}
0529
2019-01-29
pjp
0530
2020-06-25
pjp
pid = fork();
0531
2020-06-25
pjp
switch (pid) {
0532
2020-06-25
pjp
case -1:
0533
2020-06-25
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
0534
2020-06-25
pjp
exit(1);
0535
2020-06-25
pjp
case 0:
0536
2020-06-25
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_MASTER);
0537
2020-06-25
pjp
if (ibuf != NULL) {
0538
2020-06-25
pjp
setup_master(db, av, socketpath, ibuf);
0539
2020-06-25
pjp
}
0540
2019-11-03
pjp
/* NOTREACHED */
0541
2020-06-25
pjp
ddd_shutdown();
0542
2016-07-06
pjp
exit(1);
0543
2020-06-25
pjp
break;
0544
2020-06-25
pjp
default:
0545
2020-06-25
pjp
break;
0546
2019-11-03
pjp
}
0547
2019-11-03
pjp
0548
2019-11-03
pjp
if (! debug) {
0549
2019-11-03
pjp
switch (pid = fork()) {
0550
2019-11-03
pjp
case -1:
0551
2019-11-03
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
0552
2019-11-03
pjp
exit(1);
0553
2019-11-03
pjp
case 0:
0554
2019-11-09
pjp
/*
0555
2019-11-09
pjp
* add signals here too
0556
2019-11-09
pjp
*/
0557
2019-11-09
pjp
0558
2019-11-09
pjp
signal(SIGPIPE, SIG_IGN);
0559
2019-11-09
pjp
0560
2020-06-25
pjp
signal(SIGTERM, ddd_signal);
0561
2020-06-25
pjp
signal(SIGINT, ddd_signal);
0562
2020-06-25
pjp
signal(SIGQUIT, ddd_signal);
0563
2019-11-09
pjp
0564
2020-06-25
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_UNIXCONTROL);
0565
2020-06-25
pjp
if (ibuf != NULL) {
0566
2020-06-25
pjp
setup_unixsocket(socketpath, ibuf);
0567
2020-06-25
pjp
}
0568
2020-06-25
pjp
ddd_shutdown();
0569
2019-11-03
pjp
exit(1);
0570
2019-11-03
pjp
default:
0571
2019-11-03
pjp
break;
0572
2019-11-03
pjp
}
0573
2019-01-29
pjp
}
0574
2019-01-29
pjp
0575
2019-01-29
pjp
0576
2016-07-06
pjp
/* end of setup_master code */
0577
2016-07-06
pjp
0578
2016-07-06
pjp
init_region();
0579
2016-07-06
pjp
init_filter();
0580
2020-07-16
pjp
init_passlist();
0581
2016-07-06
pjp
init_dnssec();
0582
2019-02-24
pjp
init_tsig();
0583
2019-06-07
pjp
TAILQ_INIT(&tcphead);
0584
2016-07-06
pjp
0585
2019-11-14
pjp
if (parse_file(db, conffile, 0) < 0) {
0586
2016-07-06
pjp
dolog(LOG_INFO, "parsing config file failed\n");
0587
2020-06-25
pjp
ddd_shutdown();
0588
2016-07-06
pjp
exit(1);
0589
2016-07-06
pjp
}
0590
2016-07-06
pjp
0591
2020-07-03
pjp
if (zonecount && determine_glue(db) < 0) {
0592
2019-11-11
pjp
dolog(LOG_INFO, "determine_glue() failed\n");
0593
2020-06-25
pjp
ddd_shutdown();
0594
2019-11-11
pjp
exit(1);
0595
2019-11-11
pjp
}
0596
2019-11-11
pjp
0597
2020-07-03
pjp
if (zonecount && init_entlist(db) < 0) {
0598
2017-01-09
pjp
dolog(LOG_INFO, "creating entlist failed\n");
0599
2020-06-25
pjp
ddd_shutdown();
0600
2017-01-09
pjp
exit(1);
0601
2017-01-09
pjp
}
0602
2017-01-09
pjp
0603
2021-01-08
pjp
#ifdef __OpenBSD__
0604
2021-01-08
pjp
if (setrtable(rdomain) < 0) {
0605
2021-01-08
pjp
dolog(LOG_INFO, "setrtable: %s\n", strerror(errno));
0606
2021-01-08
pjp
ddd_shutdown();
0607
2021-01-08
pjp
exit(1);
0608
2021-01-08
pjp
}
0609
2021-01-08
pjp
#endif
0610
2021-01-08
pjp
0611
2016-07-06
pjp
/* ratelimiting setup */
0612
2016-07-06
pjp
if (ratelimit) {
0613
2016-07-06
pjp
ratelimit_backlog = ratelimit_packets_per_second * 2;
0614
2016-07-06
pjp
rptr = rrlimit_setup(ratelimit_backlog);
0615
2016-07-06
pjp
if (rptr == NULL) {
0616
2016-07-06
pjp
dolog(LOG_INFO, "ratelimiting error\n");
0617
2020-06-25
pjp
ddd_shutdown();
0618
2016-07-06
pjp
exit(1);
0619
2016-07-06
pjp
}
0620
2016-07-06
pjp
}
0621
2016-07-06
pjp
0622
2016-07-06
pjp
pw = getpwnam(DEFAULT_PRIVILEGE);
0623
2016-07-06
pjp
if (pw == NULL) {
0624
2016-07-06
pjp
dolog(LOG_INFO, "getpwnam: %s\n", strerror(errno));
0625
2020-06-25
pjp
ddd_shutdown();
0626
2016-07-06
pjp
exit(1);
0627
2016-07-06
pjp
}
0628
2016-07-06
pjp
0629
2016-07-06
pjp
if (bcount > DEFAULT_SOCKET) {
0630
2016-07-06
pjp
dolog(LOG_INFO, "not enough sockets available\n");
0631
2020-06-25
pjp
ddd_shutdown();
0632
2016-07-06
pjp
exit(1);
0633
2016-07-06
pjp
}
0634
2016-07-06
pjp
0635
2016-07-06
pjp
if (bflag) {
0636
2016-07-06
pjp
for (i = 0; i < bcount; i++) {
0637
2016-07-06
pjp
memset(&hints, 0, sizeof(hints));
0638
2016-07-06
pjp
0639
2016-07-06
pjp
if (strchr(bind_list[i], ':') != NULL) {
0640
2016-07-06
pjp
hints.ai_family = AF_INET6;
0641
2016-07-06
pjp
} else {
0642
2016-07-06
pjp
hints.ai_family = AF_INET;
0643
2016-07-06
pjp
}
0644
2016-07-06
pjp
0645
2016-07-06
pjp
hints.ai_socktype = SOCK_DGRAM;
0646
2016-07-06
pjp
hints.ai_protocol = IPPROTO_UDP;
0647
2016-07-06
pjp
hints.ai_flags = AI_NUMERICHOST;
0648
2016-07-06
pjp
0649
2016-07-06
pjp
snprintf(buf, sizeof(buf) - 1, "%u", port);
0650
2016-07-06
pjp
0651
2016-07-06
pjp
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0652
2016-07-06
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0653
2020-06-25
pjp
ddd_shutdown();
0654
2016-07-06
pjp
exit (1);
0655
2016-07-06
pjp
}
0656
2016-07-06
pjp
0657
2016-07-06
pjp
res = res0;
0658
2016-07-06
pjp
0659
2020-07-13
pjp
udp[i] = bind_this_res(res, 0);
0660
2020-07-21
pjp
memcpy((void *)&cfg->ss[i], (void *)res->ai_addr, res->ai_addrlen);
0661
2016-07-06
pjp
0662
2016-07-06
pjp
if (res->ai_family == AF_INET) {
0663
2020-06-30
pjp
on = 1;
0664
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IP, IP_RECVTTL,
0665
2016-07-06
pjp
&on, sizeof(on)) < 0) {
0666
2020-06-30
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0667
2016-07-06
pjp
}
0668
2016-07-06
pjp
} else if (res->ai_family == AF_INET6) {
0669
2016-07-06
pjp
/* RFC 3542 page 30 */
0670
2016-07-06
pjp
on = 1;
0671
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IPV6,
0672
2016-07-06
pjp
IPV6_RECVHOPLIMIT, &on, sizeof(on)) < 0) {
0673
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0674
2016-07-06
pjp
}
0675
2016-07-06
pjp
}
0676
2016-07-06
pjp
0677
2016-07-06
pjp
ident[i] = bind_list[i];
0678
2016-07-06
pjp
0679
2016-07-06
pjp
/* tcp below */
0680
2016-07-06
pjp
hints.ai_socktype = SOCK_STREAM;
0681
2016-07-06
pjp
hints.ai_protocol = IPPROTO_TCP;
0682
2016-07-06
pjp
hints.ai_flags = AI_NUMERICHOST;
0683
2016-07-06
pjp
0684
2016-07-06
pjp
snprintf(buf, sizeof(buf) - 1, "%u", port);
0685
2016-07-06
pjp
0686
2016-07-06
pjp
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0687
2016-07-06
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0688
2020-06-25
pjp
ddd_shutdown();
0689
2016-07-06
pjp
exit (1);
0690
2016-07-06
pjp
}
0691
2016-07-06
pjp
0692
2016-07-06
pjp
res = res0;
0693
2016-07-06
pjp
0694
2016-07-06
pjp
if ((tcp[i] = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) {
0695
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0696
2020-06-25
pjp
ddd_shutdown();
0697
2016-07-06
pjp
exit(1);
0698
2016-07-06
pjp
}
0699
2016-07-06
pjp
if (setsockopt(tcp[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0700
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0701
2020-06-25
pjp
ddd_shutdown();
0702
2016-07-06
pjp
exit(1);
0703
2016-07-06
pjp
}
0704
2016-07-06
pjp
if (bind(tcp[i], res->ai_addr, res->ai_addrlen) < 0) {
0705
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0706
2020-06-25
pjp
ddd_shutdown();
0707
2016-07-06
pjp
exit(1);
0708
2016-07-06
pjp
}
0709
2016-07-06
pjp
0710
2017-08-10
pjp
if (axfrport && axfrport != port) {
0711
2020-08-26
pjp
populate_zone(db);
0712
2016-07-06
pjp
/* axfr port below */
0713
2016-07-06
pjp
hints.ai_socktype = SOCK_STREAM;
0714
2016-07-06
pjp
hints.ai_protocol = IPPROTO_TCP;
0715
2016-07-06
pjp
hints.ai_flags = AI_NUMERICHOST;
0716
2016-07-06
pjp
0717
2016-07-06
pjp
snprintf(buf, sizeof(buf) - 1, "%u", axfrport);
0718
2016-07-06
pjp
0719
2016-07-06
pjp
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0720
2016-07-06
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0721
2020-06-25
pjp
ddd_shutdown();
0722
2016-07-06
pjp
exit (1);
0723
2016-07-06
pjp
}
0724
2016-07-06
pjp
0725
2016-07-06
pjp
res = res0;
0726
2016-07-06
pjp
0727
2016-07-06
pjp
if ((afd[i] = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) {
0728
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0729
2020-06-25
pjp
ddd_shutdown();
0730
2016-07-06
pjp
exit(1);
0731
2016-07-06
pjp
}
0732
2016-07-06
pjp
if (setsockopt(afd[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0733
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0734
2020-06-25
pjp
ddd_shutdown();
0735
2016-07-06
pjp
exit(1);
0736
2016-07-06
pjp
}
0737
2016-07-06
pjp
if (bind(afd[i], res->ai_addr, res->ai_addrlen) < 0) {
0738
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0739
2020-06-25
pjp
ddd_shutdown();
0740
2016-07-06
pjp
exit(1);
0741
2016-07-06
pjp
}
0742
2016-07-06
pjp
0743
2016-07-06
pjp
if ((uafd[i] = socket(res->ai_family, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
0744
2016-07-06
pjp
dolog(LOG_INFO, "axfr udp socket: %s\n", strerror(errno));
0745
2020-06-25
pjp
ddd_shutdown();
0746
2016-07-06
pjp
exit(1);
0747
2016-07-06
pjp
}
0748
2016-07-06
pjp
if (bind(uafd[i], res->ai_addr, res->ai_addrlen) < 0) {
0749
2016-07-06
pjp
dolog(LOG_INFO, "axfr udp socket bind: %s\n", strerror(errno));
0750
2020-06-25
pjp
ddd_shutdown();
0751
2016-07-06
pjp
exit(1);
0752
2016-07-06
pjp
}
0753
2017-12-14
pjp
} else if (axfrport && axfrport == port) {
0754
2020-08-26
pjp
populate_zone(db);
0755
2017-12-14
pjp
afd[i] = -1;
0756
2017-12-14
pjp
}
0757
2016-07-06
pjp
0758
2016-07-06
pjp
} /* for .. bcount */
0759
2016-07-06
pjp
0760
2016-07-06
pjp
} else {
0761
2016-07-06
pjp
if (getifaddrs(&ifap) < 0) {
0762
2016-07-06
pjp
dolog(LOG_INFO, "getifaddrs\n");
0763
2020-06-25
pjp
ddd_shutdown();
0764
2016-07-06
pjp
exit(1);
0765
2016-07-06
pjp
}
0766
2016-07-06
pjp
0767
2016-07-06
pjp
for (pifap = ifap, i = 0; i < DEFAULT_SOCKET && pifap; pifap = pifap->ifa_next, i++) {
0768
2016-07-06
pjp
0769
2016-07-06
pjp
found = 0;
0770
2016-07-06
pjp
0771
2016-07-06
pjp
/* we want only one interface not the rest */
0772
2016-07-06
pjp
if (icount > 0) {
0773
2016-07-06
pjp
for (j = 0; j < icount; j++) {
0774
2016-07-06
pjp
if (strcmp(pifap->ifa_name, interface_list[j]) == 0) {
0775
2016-07-06
pjp
found = 1;
0776
2016-07-06
pjp
}
0777
2016-07-06
pjp
}
0778
2016-07-06
pjp
0779
2016-07-06
pjp
if (! found) {
0780
2016-07-06
pjp
i--;
0781
2016-07-06
pjp
continue;
0782
2016-07-06
pjp
}
0783
2016-07-06
pjp
0784
2016-07-06
pjp
}
0785
2016-07-06
pjp
if ((pifap->ifa_flags & IFF_UP) != IFF_UP) {
0786
2016-07-06
pjp
dolog(LOG_INFO, "skipping interface %s\n", pifap->ifa_name);
0787
2016-07-06
pjp
i--;
0788
2016-07-06
pjp
continue;
0789
2016-07-06
pjp
}
0790
2016-07-06
pjp
0791
2020-12-30
pjp
/* ifa_addrs can be NULL */
0792
2020-12-30
pjp
if (pifap->ifa_addr == NULL) {
0793
2020-12-30
pjp
i--;
0794
2020-12-30
pjp
continue;
0795
2020-12-30
pjp
}
0796
2020-12-30
pjp
0797
2016-07-06
pjp
if (pifap->ifa_addr->sa_family == AF_INET) {
0798
2016-07-06
pjp
sin = (struct sockaddr_in *)pifap->ifa_addr;
0799
2016-07-06
pjp
sin->sin_port = htons(port);
0800
2016-07-06
pjp
salen = sizeof(struct sockaddr_in);
0801
2016-07-06
pjp
/* no address bound to this interface */
0802
2016-07-06
pjp
if (sin->sin_addr.s_addr == INADDR_ANY) {
0803
2016-07-06
pjp
i--;
0804
2016-07-06
pjp
continue;
0805
2016-07-06
pjp
}
0806
2016-07-06
pjp
} else if (pifap->ifa_addr->sa_family == AF_INET6) {
0807
2016-07-06
pjp
sin6 = (struct sockaddr_in6 *)pifap->ifa_addr;
0808
2016-07-06
pjp
sin6->sin6_port = htons(port);
0809
2016-07-06
pjp
/* no address bound to this interface */
0810
2016-07-06
pjp
salen = sizeof(struct sockaddr_in6);
0811
2016-07-06
pjp
0812
2016-07-06
pjp
} else {
0813
2016-07-06
pjp
dolog(LOG_DEBUG, "unknown address family %d\n", pifap->ifa_addr->sa_family);
0814
2016-07-06
pjp
i--;
0815
2016-07-06
pjp
continue;
0816
2016-07-06
pjp
}
0817
2016-07-06
pjp
0818
2020-07-13
pjp
udp[i] = bind_this_pifap(pifap, 0, salen);
0819
2020-07-21
pjp
memcpy((void *)&cfg->ss[i], (void *)pifap->ifa_addr, salen);
0820
2016-07-06
pjp
0821
2016-07-06
pjp
if (pifap->ifa_addr->sa_family == AF_INET) {
0822
2020-06-30
pjp
on = 1;
0823
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IP, IP_RECVTTL,
0824
2016-07-06
pjp
&on, sizeof(on)) < 0) {
0825
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0826
2016-07-06
pjp
}
0827
2016-07-06
pjp
} else if (pifap->ifa_addr->sa_family == AF_INET6) {
0828
2016-07-06
pjp
/* RFC 3542 page 30 */
0829
2016-07-06
pjp
on = 1;
0830
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IPV6,
0831
2016-07-06
pjp
IPV6_RECVHOPLIMIT, &on, sizeof(on)) < 0) {
0832
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0833
2016-07-06
pjp
}
0834
2016-07-06
pjp
}
0835
2016-07-06
pjp
0836
2016-07-06
pjp
0837
2016-07-06
pjp
ident[i] = pifap->ifa_name;
0838
2016-07-06
pjp
0839
2016-07-06
pjp
if ((tcp[i] = socket(pifap->ifa_addr->sa_family, SOCK_STREAM, IPPROTO_TCP)) < 0) {
0840
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0841
2020-06-25
pjp
ddd_shutdown();
0842
2016-07-06
pjp
exit(1);
0843
2016-07-06
pjp
}
0844
2016-07-06
pjp
if (setsockopt(tcp[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0845
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0846
2020-06-25
pjp
ddd_shutdown();
0847
2016-07-06
pjp
exit(1);
0848
2016-07-06
pjp
}
0849
2016-07-06
pjp
0850
2016-07-06
pjp
if (bind(tcp[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0851
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0852
2020-06-25
pjp
ddd_shutdown();
0853
2016-07-06
pjp
exit(1);
0854
2016-07-06
pjp
}
0855
2016-07-06
pjp
0856
2016-07-06
pjp
0857
2016-07-06
pjp
/* axfr socket */
0858
2017-08-10
pjp
if (axfrport && axfrport != port) {
0859
2020-08-26
pjp
populate_zone(db);
0860
2016-07-06
pjp
if ((afd[i] = socket(pifap->ifa_addr->sa_family, SOCK_STREAM, IPPROTO_TCP)) < 0) {
0861
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0862
2020-06-25
pjp
ddd_shutdown();
0863
2016-07-06
pjp
exit(1);
0864
2016-07-06
pjp
}
0865
2016-07-06
pjp
if (setsockopt(afd[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0866
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0867
2020-06-25
pjp
ddd_shutdown();
0868
2016-07-06
pjp
exit(1);
0869
2016-07-06
pjp
}
0870
2016-07-06
pjp
0871
2016-07-06
pjp
((struct sockaddr_in *)pifap->ifa_addr)->sin_port = htons(axfrport);
0872
2016-07-06
pjp
0873
2016-07-06
pjp
if (bind(afd[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0874
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0875
2020-06-25
pjp
ddd_shutdown();
0876
2016-07-06
pjp
exit(1);
0877
2016-07-06
pjp
}
0878
2016-07-06
pjp
if ((uafd[i] = socket(pifap->ifa_addr->sa_family, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
0879
2016-07-06
pjp
dolog(LOG_INFO, "axfr udp socket: %s\n", strerror(errno));
0880
2020-06-25
pjp
ddd_shutdown();
0881
2016-07-06
pjp
exit(1);
0882
2016-07-06
pjp
}
0883
2016-07-06
pjp
if (bind(uafd[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0884
2016-07-06
pjp
dolog(LOG_INFO, "udp axfr bind: %s\n", strerror(errno));
0885
2020-06-25
pjp
ddd_shutdown();
0886
2016-07-06
pjp
exit(1);
0887
2016-07-06
pjp
}
0888
2017-12-14
pjp
} else if (axfrport && axfrport == port) {
0889
2020-08-26
pjp
populate_zone(db);
0890
2017-12-14
pjp
afd[i] = -1;
0891
2017-12-14
pjp
}
0892
2016-07-06
pjp
0893
2016-07-06
pjp
} /* AF_INET */
0894
2016-07-06
pjp
0895
2016-07-06
pjp
if (i >= DEFAULT_SOCKET) {
0896
2016-07-06
pjp
dolog(LOG_INFO, "not enough sockets available\n");
0897
2020-06-25
pjp
ddd_shutdown();
0898
2016-07-06
pjp
exit(1);
0899
2016-07-06
pjp
}
0900
2016-07-06
pjp
} /* if bflag? */
0901
2016-07-06
pjp
0902
2020-07-21
pjp
if ((cfg->raw[0] = socket(AF_INET, SOCK_RAW, IPPROTO_UDP)) < 0) {
0903
2020-07-21
pjp
dolog(LOG_INFO, "raw0 socket: %s\n", strerror(errno));
0904
2020-07-21
pjp
ddd_shutdown();
0905
2020-07-21
pjp
exit(1);
0906
2020-07-21
pjp
}
0907
2020-07-21
pjp
shutdown(cfg->raw[0], SHUT_RD);
0908
2020-07-21
pjp
if ((cfg->raw[1] = socket(AF_INET6, SOCK_RAW, IPPROTO_UDP)) < 0) {
0909
2020-07-21
pjp
dolog(LOG_INFO, "raw1 socket: %s\n", strerror(errno));
0910
2020-07-21
pjp
ddd_shutdown();
0911
2020-07-21
pjp
exit(1);
0912
2020-07-21
pjp
}
0913
2020-07-21
pjp
shutdown(cfg->raw[1], SHUT_RD);
0914
2020-07-21
pjp
cfg->port = port;
0915
2020-07-13
pjp
0916
2017-08-09
pjp
#if __OpenBSD__
0917
2019-11-01
pjp
if (unveil(DELPHINUS_RZONE_PATH, "rwc") < 0) {
0918
2019-11-01
pjp
perror("unveil");
0919
2020-06-25
pjp
ddd_shutdown();
0920
2017-08-09
pjp
exit(1);
0921
2017-08-09
pjp
}
0922
2019-11-01
pjp
if (unveil(pw->pw_dir, "wc") < 0) {
0923
2019-11-01
pjp
perror("unveil");
0924
2020-06-25
pjp
ddd_shutdown();
0925
2019-11-01
pjp
exit(1);
0926
2019-11-01
pjp
}
0927
2019-11-01
pjp
0928
2017-08-09
pjp
#endif
0929
2017-08-09
pjp
0930
2017-08-09
pjp
/*
0931
2017-08-09
pjp
* add signals
0932
2017-08-09
pjp
*/
0933
2017-08-09
pjp
0934
2017-08-09
pjp
signal(SIGPIPE, SIG_IGN);
0935
2017-08-09
pjp
0936
2020-06-25
pjp
signal(SIGTERM, ddd_signal);
0937
2020-06-25
pjp
signal(SIGINT, ddd_signal);
0938
2020-06-25
pjp
signal(SIGQUIT, ddd_signal);
0939
2017-08-09
pjp
0940
2020-07-10
pjp
/*
0941
2020-07-10
pjp
* start our axfr process
0942
2020-07-10
pjp
*/
0943
2020-07-10
pjp
0944
2020-07-10
pjp
if (axfrport) {
0945
2019-11-01
pjp
switch (pid = fork()) {
0946
2019-11-01
pjp
case -1:
0947
2019-11-01
pjp
dolog(LOG_ERR, "fork() failed: %s\n", strerror(errno));
0948
2020-06-25
pjp
ddd_shutdown();
0949
2019-11-01
pjp
exit(1);
0950
2019-11-01
pjp
case 0:
0951
2020-07-10
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_AXFR);
0952
2020-06-25
pjp
if (ibuf == NULL) {
0953
2020-06-25
pjp
ddd_shutdown();
0954
2020-06-25
pjp
exit(1);
0955
2020-06-25
pjp
}
0956
2020-06-25
pjp
0957
2019-11-01
pjp
/* chroot to the drop priv user home directory */
0958
2019-12-11
pjp
#ifdef DEFAULT_LOCATION
0959
2019-12-11
pjp
if (drop_privs(DEFAULT_LOCATION, pw) < 0) {
0960
2019-12-11
pjp
#else
0961
2019-11-01
pjp
if (drop_privs(pw->pw_dir, pw) < 0) {
0962
2019-12-11
pjp
#endif
0963
2020-07-10
pjp
dolog(LOG_INFO, "axfr dropping privileges\n", strerror(errno));
0964
2020-06-25
pjp
ddd_shutdown();
0965
2019-11-01
pjp
exit(1);
0966
2019-11-01
pjp
}
0967
2019-11-01
pjp
#if __OpenBSD__
0968
2020-07-10
pjp
if (pledge("stdio inet proc id sendfd recvfd unveil", NULL) < 0) {
0969
2019-11-01
pjp
perror("pledge");
0970
2019-11-01
pjp
exit(1);
0971
2019-11-01
pjp
}
0972
2019-11-01
pjp
#endif
0973
2017-08-09
pjp
0974
2019-11-01
pjp
/* close descriptors that we don't need */
0975
2019-11-01
pjp
for (j = 0; j < i; j++) {
0976
2019-11-01
pjp
close(tcp[j]);
0977
2019-11-01
pjp
close(udp[j]);
0978
2020-07-10
pjp
if (axfrport && axfrport != port)
0979
2020-06-30
pjp
close(uafd[j]);
0980
2020-07-10
pjp
0981
2019-11-01
pjp
}
0982
2020-07-21
pjp
close(cfg->raw[0]);
0983
2020-07-21
pjp
close(cfg->raw[1]);
0984
2017-07-11
pjp
0985
2021-01-06
pjp
setproctitle("AXFR engine on port %d [%s]", axfrport, (identstring != NULL ? identstring : ""));
0986
2020-07-10
pjp
axfrloop(afd, (axfrport == port) ? 0 : i, ident, db, ibuf);
0987
2019-11-01
pjp
/* NOTREACHED */
0988
2019-11-01
pjp
exit(1);
0989
2019-11-01
pjp
default:
0990
2020-07-10
pjp
/* close afd descriptors, they aren't needed here */
0991
2020-07-10
pjp
for (j = 0; j < i; j++) {
0992
2020-07-10
pjp
if (axfrport && axfrport != port)
0993
2020-07-10
pjp
close(afd[j]);
0994
2020-07-10
pjp
}
0995
2019-11-01
pjp
break;
0996
2019-11-01
pjp
}
0997
2019-11-01
pjp
0998
2020-07-10
pjp
} /* axfrport */
0999
2020-07-10
pjp
1000
2020-07-10
pjp
/* raxfr */
1001
2020-07-10
pjp
if (raxfrflag) {
1002
2019-11-01
pjp
switch (pid = fork()) {
1003
2019-11-01
pjp
case -1:
1004
2019-11-01
pjp
dolog(LOG_ERR, "fork() failed: %s\n", strerror(errno));
1005
2020-06-25
pjp
ddd_shutdown();
1006
2019-11-01
pjp
exit(1);
1007
2019-11-01
pjp
case 0:
1008
2020-07-10
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_RAXFR);
1009
2020-06-25
pjp
if (ibuf == NULL) {
1010
2020-06-25
pjp
ddd_shutdown();
1011
2020-06-25
pjp
exit(1);
1012
2020-06-25
pjp
}
1013
2020-06-25
pjp
1014
2019-11-01
pjp
/* chroot to the drop priv user home directory */
1015
2020-07-10
pjp
if (drop_privs(DELPHINUS_RZONE_PATH, pw) < 0) {
1016
2020-07-10
pjp
dolog(LOG_INFO, "raxfr dropping privileges failed", strerror(errno));
1017
2020-06-25
pjp
ddd_shutdown();
1018
2019-11-01
pjp
exit(1);
1019
2019-11-01
pjp
}
1020
2020-07-10
pjp
1021
2019-11-01
pjp
#if __OpenBSD__
1022
2020-07-10
pjp
if (unveil("/replicant", "rwc") < 0) {
1023
2020-07-10
pjp
perror("unveil");
1024
2020-07-10
pjp
ddd_shutdown();
1025
2020-07-10
pjp
exit(1);
1026
2020-07-10
pjp
}
1027
2020-07-10
pjp
1028
2020-07-10
pjp
if (pledge("stdio inet proc id sendfd recvfd unveil cpath wpath rpath", NULL) < 0) {
1029
2019-11-01
pjp
perror("pledge");
1030
2020-07-10
pjp
ddd_shutdown();
1031
2019-11-01
pjp
exit(1);
1032
2019-11-01
pjp
}
1033
2017-07-11
pjp
#endif
1034
2016-07-06
pjp
1035
2019-11-01
pjp
/* close descriptors that we don't need */
1036
2019-11-01
pjp
for (j = 0; j < i; j++) {
1037
2019-11-01
pjp
close(tcp[j]);
1038
2019-11-01
pjp
close(udp[j]);
1039
2019-11-01
pjp
}
1040
2020-07-21
pjp
close(cfg->raw[0]);
1041
2020-07-21
pjp
close(cfg->raw[1]);
1042
2016-07-06
pjp
1043
2021-01-06
pjp
setproctitle("Replicant engine [%s]", (identstring != NULL ? identstring : ""));
1044
2020-07-10
pjp
1045
2020-07-10
pjp
replicantloop(db, ibuf);
1046
2020-07-10
pjp
1047
2019-11-01
pjp
/* NOTREACHED */
1048
2017-08-09
pjp
exit(1);
1049
2020-07-10
pjp
1050
2019-11-01
pjp
default:
1051
2019-11-01
pjp
break;
1052
2017-08-09
pjp
}
1053
2020-07-10
pjp
1054
2020-07-10
pjp
} /* raxfrflag */
1055
2020-07-10
pjp
/* start our forwarding process */
1056
2020-06-30
pjp
1057
2020-07-10
pjp
if (forward) {
1058
2020-07-14
pjp
/* initialize the only global shared memory segment */
1059
2021-01-11
pjp
shptr = sm_init(SHAREDMEMSIZE, sizeof(struct sf_imsg));
1060
2020-07-10
pjp
cfg->shptr = shptr;
1061
2021-01-11
pjp
cfg->shptrsize = sm_size(SHAREDMEMSIZE, sizeof(struct sf_imsg));
1062
2019-11-01
pjp
1063
2020-06-30
pjp
switch (pid = fork()) {
1064
2020-06-30
pjp
case -1:
1065
2020-06-30
pjp
dolog(LOG_ERR, "fork() failed: %s\n", strerror(errno));
1066
2020-06-30
pjp
ddd_shutdown();
1067
2020-06-30
pjp
exit(1);
1068
2020-06-30
pjp
case 0:
1069
2020-07-10
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_FORWARD);
1070
2020-06-30
pjp
if (ibuf == NULL) {
1071
2020-06-30
pjp
ddd_shutdown();
1072
2020-06-30
pjp
exit(1);
1073
2020-06-30
pjp
}
1074
2020-06-30
pjp
1075
2020-07-14
pjp
/* initialize shared memory for forward here */
1076
2021-01-11
pjp
shptr = sm_init(SHAREDMEMSIZE, sizeof(struct rr_imsg));
1077
2020-07-14
pjp
cfg->shptr2 = shptr;
1078
2021-01-11
pjp
cfg->shptr2size = sm_size(SHAREDMEMSIZE, sizeof(struct rr_imsg));
1079
2020-07-14
pjp
1080
2021-01-11
pjp
shptr = sm_init(SHAREDMEMSIZE3, sizeof(struct pkt_imsg));
1081
2021-01-08
pjp
cfg->shptr3 = shptr;
1082
2021-01-11
pjp
cfg->shptr3size = sm_size(SHAREDMEMSIZE3, sizeof(struct pkt_imsg));
1083
2020-07-14
pjp
1084
2021-01-08
pjp
#ifdef __OpenBSD__
1085
2021-01-08
pjp
/* set up rdomain if specified as a forwarding option */
1086
2021-01-08
pjp
if (setrtable(forward_rdomain) < 0) {
1087
2021-01-08
pjp
dolog(LOG_INFO, "forward setrtable: %s\n", strerror(errno));
1088
2021-01-08
pjp
ddd_shutdown();
1089
2020-07-14
pjp
exit(1);
1090
2020-07-14
pjp
}
1091
2021-01-08
pjp
#endif
1092
2020-07-14
pjp
1093
2020-07-10
pjp
/* chroot to the drop priv user home directory */
1094
2020-07-10
pjp
#ifdef DEFAULT_LOCATION
1095
2020-07-10
pjp
if (drop_privs(DEFAULT_LOCATION, pw) < 0) {
1096
2020-07-10
pjp
#else
1097
2020-07-10
pjp
if (drop_privs(pw->pw_dir, pw) < 0) {
1098
2020-07-10
pjp
#endif
1099
2020-07-10
pjp
dolog(LOG_INFO, "forward dropping privileges\n", strerror(errno));
1100
2020-07-10
pjp
ddd_shutdown();
1101
2020-07-10
pjp
exit(1);
1102
2020-07-10
pjp
}
1103
2020-06-30
pjp
#if __OpenBSD__
1104
2020-07-10
pjp
if (unveil("/", "") < 0) {
1105
2020-07-10
pjp
dolog(LOG_INFO, "unveil locking failed: %s\n", strerror(errno));
1106
2020-06-30
pjp
ddd_shutdown();
1107
2020-06-30
pjp
exit(1);
1108
2020-06-30
pjp
}
1109
2020-06-30
pjp
1110
2020-07-10
pjp
if (unveil(NULL, NULL) < 0) {
1111
2020-07-10
pjp
dolog(LOG_INFO, "unveil locking failed: %s\n", strerror(errno));
1112
2020-06-30
pjp
ddd_shutdown();
1113
2020-06-30
pjp
exit(1);
1114
2020-06-30
pjp
}
1115
2020-07-10
pjp
if (pledge("stdio inet proc id sendfd recvfd", NULL) < 0) {
1116
2020-07-10
pjp
perror("pledge");
1117
2020-07-10
pjp
exit(1);
1118
2020-07-10
pjp
}
1119
2020-06-30
pjp
#endif
1120
2020-06-30
pjp
1121
2020-06-30
pjp
/* close descriptors that we don't need */
1122
2020-06-30
pjp
for (j = 0; j < i; j++) {
1123
2020-06-30
pjp
close(tcp[j]);
1124
2020-06-30
pjp
close(udp[j]);
1125
2020-07-21
pjp
if (axfrport && axfrport != port)
1126
2020-07-21
pjp
close(uafd[j]);
1127
2020-07-10
pjp
1128
2020-06-30
pjp
}
1129
2020-06-30
pjp
1130
2020-07-10
pjp
cfg->sockcount = i;
1131
2020-07-10
pjp
cfg->db = db;
1132
2020-06-30
pjp
1133
2020-07-11
pjp
/* shptr has no business in parse process */
1134
2020-07-13
pjp
#if __OpenBSD__
1135
2020-07-11
pjp
minherit(cfg->shptr, cfg->shptrsize,
1136
2020-07-11
pjp
MAP_INHERIT_NONE);
1137
2020-07-13
pjp
#endif
1138
2020-07-11
pjp
1139
2021-01-06
pjp
setproctitle("FORWARD engine [%s]", (identstring != NULL ? identstring : ""));
1140
2020-07-10
pjp
forwardloop(db, cfg, ibuf, &cortex_ibuf);
1141
2020-06-30
pjp
/* NOTREACHED */
1142
2020-06-30
pjp
exit(1);
1143
2020-06-30
pjp
default:
1144
2020-06-30
pjp
break;
1145
2020-06-30
pjp
}
1146
2020-07-10
pjp
1147
2020-07-10
pjp
} /* forward */
1148
2020-06-30
pjp
1149
2020-07-21
pjp
close(cfg->raw[0]);
1150
2020-07-21
pjp
close(cfg->raw[1]);
1151
2020-06-30
pjp
1152
2019-11-01
pjp
/* the rest of the daemon goes on in TCP and UDP loops */
1153
2021-01-11
pjp
1154
2021-01-11
pjp
shptr = sm_init(SHAREDMEMSIZE, sizeof(struct pq_imsg));
1155
2021-01-11
pjp
cfg->shptr_pq = shptr;
1156
2021-01-11
pjp
cfg->shptr_pqsize = sm_size(SHAREDMEMSIZE, sizeof(struct pq_imsg));
1157
2021-01-11
pjp
1158
2019-12-11
pjp
#ifdef DEFAULT_LOCATION
1159
2019-12-11
pjp
if (drop_privs(DEFAULT_LOCATION, pw) < 0) {
1160
2019-12-11
pjp
#else
1161
2019-11-01
pjp
if (drop_privs(pw->pw_dir, pw) < 0) {
1162
2019-12-11
pjp
#endif
1163
2019-11-01
pjp
dolog(LOG_INFO, "dropping privileges failed\n");
1164
2020-06-25
pjp
ddd_shutdown();
1165
2019-11-01
pjp
exit(1);
1166
2019-11-01
pjp
}
1167
2019-11-01
pjp
#if __OpenBSD__
1168
2019-11-01
pjp
if (unveil(NULL, NULL) < 0) {
1169
2019-11-01
pjp
dolog(LOG_INFO, "unveil locking failed: %s\n", strerror(errno));
1170
2020-06-25
pjp
ddd_shutdown();
1171
2019-11-01
pjp
exit(1);
1172
2019-11-01
pjp
}
1173
2019-11-01
pjp
if (pledge("stdio inet proc id sendfd recvfd", NULL) < 0) {
1174
2019-11-01
pjp
perror("pledge");
1175
2019-11-01
pjp
exit(1);
1176
2019-11-01
pjp
}
1177
2019-11-01
pjp
#endif
1178
2019-11-01
pjp
1179
2016-07-06
pjp
/* what follows is a bit mangled code, we set up nflag + 1 amount of
1180
2016-07-06
pjp
* server instances (1 per cpu?) and if we're recursive we also set up
1181
2016-07-06
pjp
* the same amount of recursive instances all connected through a
1182
2016-07-06
pjp
* socketpair() so that it looks somewhat like this (with 4 instances):
1183
2016-07-06
pjp
*
1184
2016-07-06
pjp
* replies <--- [] ---- [] recursive end
1185
2016-07-06
pjp
* |
1186
2016-07-06
pjp
* replies <--- [] ---- []
1187
2016-07-06
pjp
* request * ---> |
1188
2016-07-06
pjp
* replies <--- [] ---- []
1189
2016-07-06
pjp
* |
1190
2016-07-06
pjp
* replies <--- [] ---- []
1191
2016-07-06
pjp
*
1192
2016-07-06
pjp
*/
1193
2016-07-06
pjp
1194
2017-12-26
pjp
cfg->pid = 0;
1195
2017-12-26
pjp
cfg->nth = 0;
1196
2017-12-26
pjp
1197
2016-07-06
pjp
for (n = 0; n < nflag; n++) {
1198
2016-07-06
pjp
switch (pid = fork()) {
1199
2016-07-06
pjp
case 0:
1200
2017-12-26
pjp
cfg->pid = getpid();
1201
2017-12-26
pjp
cfg->nth = n;
1202
2016-07-06
pjp
cfg->sockcount = i;
1203
2016-07-06
pjp
cfg->db = db;
1204
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
1205
2016-07-06
pjp
cfg->udp[i] = udp[i];
1206
2016-07-06
pjp
cfg->tcp[i] = tcp[i];
1207
2016-07-06
pjp
1208
2017-08-10
pjp
if (axfrport && axfrport != port)
1209
2016-07-06
pjp
cfg->axfr[i] = uafd[i];
1210
2016-07-06
pjp
1211
2016-07-06
pjp
cfg->ident[i] = strdup(ident[i]);
1212
2020-07-03
pjp
1213
2016-07-06
pjp
}
1214
2016-07-06
pjp
1215
2021-01-06
pjp
setproctitle("child %d pid %d [%s]", n, cfg->pid,
1216
2021-01-06
pjp
(identstring != NULL ? identstring : ""));
1217
2021-01-11
pjp
1218
2020-06-25
pjp
(void)mainloop(cfg, &cortex_ibuf);
1219
2020-06-25
pjp
1220
2016-07-06
pjp
/* NOTREACHED */
1221
2016-07-06
pjp
default:
1222
2016-07-06
pjp
break;
1223
2016-07-06
pjp
} /* switch pid= fork */
1224
2016-07-06
pjp
} /* for (.. nflag */
1225
2016-07-06
pjp
1226
2016-07-06
pjp
cfg->sockcount = i;
1227
2016-07-06
pjp
cfg->db = db;
1228
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
1229
2016-07-06
pjp
cfg->udp[i] = udp[i];
1230
2016-07-06
pjp
cfg->tcp[i] = tcp[i];
1231
2016-07-06
pjp
1232
2017-08-10
pjp
if (axfrport && axfrport != port)
1233
2016-07-06
pjp
cfg->axfr[i] = uafd[i];
1234
2016-07-06
pjp
1235
2016-07-06
pjp
cfg->ident[i] = strdup(ident[i]);
1236
2016-07-06
pjp
}
1237
2016-07-06
pjp
1238
2020-06-25
pjp
(void)mainloop(cfg, &cortex_ibuf);
1239
2016-07-06
pjp
1240
2016-07-06
pjp
/* NOTREACHED */
1241
2016-07-06
pjp
return (0);
1242
2016-07-06
pjp
}
1243
2016-07-06
pjp
1244
2016-07-06
pjp
/*
1245
2017-08-09
pjp
* MAINLOOP - does the polling of tcp & udp descriptors and if ready receives the
1246
2017-08-09
pjp
* requests, builds the question and calls for replies, loops
1247
2017-08-09
pjp
*
1248
2016-07-06
pjp
*/
1249
2017-08-09
pjp
1250
2017-08-09
pjp
void
1251
2020-06-25
pjp
mainloop(struct cfg *cfg, struct imsgbuf *ibuf)
1252
2016-07-06
pjp
{
1253
2017-08-09
pjp
fd_set rset;
1254
2017-08-09
pjp
pid_t pid;
1255
2016-07-06
pjp
1256
2020-07-03
pjp
int sel, oldsel;
1257
2019-10-25
pjp
int len, slen = 0;
1258
2020-06-25
pjp
int i, nomore = 0;
1259
2017-08-09
pjp
int istcp = 1;
1260
2017-08-09
pjp
int maxso;
1261
2017-08-09
pjp
int so;
1262
2017-08-09
pjp
int type0, type1;
1263
2017-08-09
pjp
int lzerrno;
1264
2017-08-09
pjp
int filter = 0;
1265
2017-08-09
pjp
int rcheck = 0;
1266
2020-07-16
pjp
int blocklist = 1;
1267
2019-02-24
pjp
int require_tsig = 0;
1268
2020-06-25
pjp
pid_t idata;
1269
2016-07-06
pjp
1270
2018-07-13
pjp
u_int32_t received_ttl;
1271
2019-02-24
pjp
u_int32_t imsg_type;
1272
2017-08-09
pjp
u_char *ttlptr;
1273
2016-07-06
pjp
1274
2017-08-09
pjp
u_int8_t aregion; /* region where the address comes from */
1275
2016-07-06
pjp
1276
2017-08-09
pjp
char buf[4096];
1277
2017-08-09
pjp
char *replybuf = NULL;
1278
2017-08-09
pjp
char address[INET6_ADDRSTRLEN];
1279
2017-08-09
pjp
char replystring[DNS_MAXNAME + 1];
1280
2017-08-09
pjp
char fakereplystring[DNS_MAXNAME + 1];
1281
2017-08-09
pjp
char controlbuf[64];
1282
2016-07-06
pjp
1283
2017-08-09
pjp
union {
1284
2017-08-09
pjp
struct sockaddr sa;
1285
2017-08-09
pjp
struct sockaddr_in sin;
1286
2017-08-09
pjp
struct sockaddr_in6 sin6;
1287
2017-08-09
pjp
} sockaddr_large;
1288
2016-07-06
pjp
1289
2017-08-09
pjp
socklen_t fromlen = sizeof(sockaddr_large);
1290
2016-07-06
pjp
1291
2017-08-09
pjp
struct sockaddr *from = (void *)&sockaddr_large;
1292
2017-08-09
pjp
struct sockaddr_in *sin;
1293
2017-08-09
pjp
struct sockaddr_in6 *sin6;
1294
2016-07-06
pjp
1295
2017-08-09
pjp
struct question *question = NULL, *fakequestion = NULL;
1296
2017-11-28
pjp
struct parsequestion pq;
1297
2019-02-15
pjp
struct rbtree *rbt0 = NULL, *rbt1 = NULL;
1298
2019-02-15
pjp
struct rrset *csd;
1299
2019-02-15
pjp
struct rr *rr_csd;
1300
2020-07-10
pjp
struct sf_imsg sf, *sfi = NULL;
1301
2017-08-09
pjp
1302
2017-08-09
pjp
struct sreply sreply;
1303
2019-01-25
pjp
struct reply_logic *rl = NULL;
1304
2017-08-09
pjp
struct timeval tv = { 10, 0};
1305
2020-07-25
pjp
struct timeval rectv0, rectv1, *prectv;
1306
2017-08-09
pjp
1307
2017-08-09
pjp
struct msghdr msgh;
1308
2017-11-27
pjp
struct cmsghdr *cmsg = NULL;
1309
2017-08-09
pjp
struct iovec iov;
1310
2020-06-25
pjp
struct imsgbuf *tcp_ibuf, *udp_ibuf, parse_ibuf;
1311
2017-11-28
pjp
struct imsgbuf *pibuf;
1312
2017-11-28
pjp
struct imsg imsg;
1313
2021-01-11
pjp
struct pq_imsg *pq0;
1314
2017-11-28
pjp
1315
2020-07-03
pjp
struct sforward *sforward;
1316
2020-06-30
pjp
1317
2017-11-28
pjp
ssize_t n, datalen;
1318
2020-07-10
pjp
int ix;
1319
2020-07-21
pjp
int sretlen;
1320
2021-01-07
pjp
int passnamewc;
1321
2021-01-11
pjp
int pq_offset;
1322
2020-07-25
pjp
1323
2020-07-25
pjp
memset(&rectv0, 0, sizeof(struct timeval));
1324
2020-07-25
pjp
memset(&rectv1, 0, sizeof(struct timeval));
1325
2020-06-25
pjp
1326
2020-07-11
pjp
pid = fork();
1327
2020-07-11
pjp
switch (pid) {
1328
2020-07-11
pjp
case -1:
1329
2020-07-11
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
1330
2020-07-11
pjp
exit(1);
1331
2020-07-11
pjp
case 0:
1332
2020-07-11
pjp
for (i = 0; i < cfg->sockcount; i++) {
1333
2020-07-11
pjp
close(cfg->udp[i]);
1334
2020-07-11
pjp
if (axfrport && axfrport != port)
1335
2020-07-11
pjp
close(cfg->axfr[i]);
1336
2020-07-11
pjp
}
1337
2020-07-11
pjp
tcp_ibuf = register_cortex(ibuf, MY_IMSG_TCP);
1338
2020-07-11
pjp
if (tcp_ibuf == NULL) {
1339
2020-07-11
pjp
ddd_shutdown();
1340
2020-07-11
pjp
exit(1);
1341
2020-07-11
pjp
}
1342
2020-07-11
pjp
/* shptr has no business in a tcp parse process */
1343
2020-07-11
pjp
if (forward) {
1344
2020-07-13
pjp
#if __OpenBSD__
1345
2020-07-11
pjp
minherit(cfg->shptr, cfg->shptrsize,
1346
2020-07-11
pjp
MAP_INHERIT_NONE);
1347
2020-07-13
pjp
#endif
1348
2020-07-11
pjp
}
1349
2020-06-25
pjp
1350
2021-01-06
pjp
setproctitle("TCP engine %d [%s]", cfg->pid,
1351
2021-01-06
pjp
(identstring != NULL ? identstring : ""));
1352
2020-07-11
pjp
tcploop(cfg, tcp_ibuf, ibuf);
1353
2020-07-11
pjp
/* NOTREACHED */
1354
2020-07-11
pjp
exit(1);
1355
2020-07-11
pjp
default:
1356
2020-07-11
pjp
for (i = 0; i < cfg->sockcount; i++) {
1357
2020-07-11
pjp
close(cfg->tcp[i]);
1358
2020-07-11
pjp
}
1359
2020-07-11
pjp
break;
1360
2020-07-11
pjp
}
1361
2020-07-11
pjp
1362
2020-07-11
pjp
/* shptr has no business in a udp parse process */
1363
2020-07-11
pjp
if (forward) {
1364
2020-07-13
pjp
#if __OpenBSD__
1365
2020-07-11
pjp
minherit(cfg->shptr, cfg->shptrsize,
1366
2020-07-11
pjp
MAP_INHERIT_NONE);
1367
2020-07-13
pjp
#endif
1368
2020-07-11
pjp
}
1369
2020-07-11
pjp
1370
2020-07-03
pjp
sforward = (struct sforward *)calloc(1, sizeof(struct sforward));
1371
2020-07-03
pjp
if (sforward == NULL) {
1372
2020-06-30
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
1373
2020-06-30
pjp
ddd_shutdown();
1374
2020-06-30
pjp
exit(1);
1375
2020-06-30
pjp
}
1376
2020-06-30
pjp
1377
2020-06-25
pjp
replybuf = calloc(1, 65536);
1378
2020-06-25
pjp
if (replybuf == NULL) {
1379
2020-06-25
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
1380
2020-06-25
pjp
ddd_shutdown();
1381
2020-06-25
pjp
exit(1);
1382
2020-06-30
pjp
}
1383
2020-06-25
pjp
1384
2020-07-03
pjp
udp_ibuf = register_cortex(ibuf, MY_IMSG_UDP);
1385
2020-07-03
pjp
if (udp_ibuf == NULL) {
1386
2020-07-03
pjp
ddd_shutdown();
1387
2020-07-03
pjp
exit(1);
1388
2020-07-03
pjp
}
1389
2020-07-03
pjp
1390
2020-06-25
pjp
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, &cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]) < 0) {
1391
2017-08-09
pjp
dolog(LOG_INFO, "socketpair() failed\n");
1392
2020-06-25
pjp
ddd_shutdown();
1393
2017-08-09
pjp
exit(1);
1394
2016-07-06
pjp
}
1395
2017-08-09
pjp
1396
2017-08-09
pjp
pid = fork();
1397
2017-08-09
pjp
switch (pid) {
1398
2017-08-09
pjp
case -1:
1399
2017-08-09
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
1400
2017-08-09
pjp
exit(1);
1401
2017-08-09
pjp
case 0:
1402
2020-07-14
pjp
#ifndef __OpenBSD__
1403
2020-07-14
pjp
/* OpenBSD has minherit() */
1404
2020-07-14
pjp
if (munmap(cfg->shptr, cfg->shptrsize) == -1) {
1405
2020-07-14
pjp
dolog(LOG_INFO, "unmapping shptr failed: %s\n", \
1406
2020-07-14
pjp
strerror(errno));
1407
2020-07-14
pjp
}
1408
2020-07-14
pjp
#endif
1409
2020-07-14
pjp
cfg->shptrsize = 0;
1410
2020-07-11
pjp
/* close udp decriptors */
1411
2017-08-09
pjp
for (i = 0; i < cfg->sockcount; i++) {
1412
2017-08-09
pjp
close(cfg->udp[i]);
1413
2017-08-09
pjp
}
1414
2020-06-25
pjp
close(ibuf->fd);
1415
2020-07-03
pjp
close(udp_ibuf->fd);
1416
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
1417
2020-06-25
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
1418
2021-01-06
pjp
setproctitle("udp parse engine %d [%s]", cfg->pid,
1419
2021-01-06
pjp
(identstring != NULL ? identstring : ""));
1420
2020-06-25
pjp
parseloop(cfg, &parse_ibuf);
1421
2017-08-09
pjp
/* NOTREACHED */
1422
2017-08-09
pjp
exit(1);
1423
2017-08-09
pjp
default:
1424
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
1425
2020-06-25
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
1426
2020-06-25
pjp
pibuf = &parse_ibuf;
1427
2017-08-09
pjp
break;
1428
2016-07-06
pjp
}
1429
2017-08-09
pjp
1430
2020-06-25
pjp
1431
2020-06-25
pjp
1432
2017-11-27
pjp
#if __OpenBSD__
1433
2017-11-27
pjp
if (pledge("stdio inet sendfd recvfd", NULL) < 0) {
1434
2017-11-27
pjp
perror("pledge");
1435
2017-11-27
pjp
exit(1);
1436
2017-11-27
pjp
}
1437
2017-11-27
pjp
#endif
1438
2017-11-27
pjp
1439
2017-08-09
pjp
for (;;) {
1440
2017-08-09
pjp
maxso = 0;
1441
2016-07-06
pjp
1442
2017-08-09
pjp
FD_ZERO(&rset);
1443
2017-08-09
pjp
for (i = 0; i < cfg->sockcount; i++) {
1444
2017-08-09
pjp
if (maxso < cfg->udp[i])
1445
2017-08-09
pjp
maxso = cfg->udp[i];
1446
2016-07-06
pjp
1447
2017-08-10
pjp
if (axfrport && axfrport != port && maxso < cfg->axfr[i])
1448
2017-08-09
pjp
maxso = cfg->axfr[i];
1449
2016-07-06
pjp
1450
2017-08-09
pjp
FD_SET(cfg->udp[i], &rset);
1451
2017-08-09
pjp
1452
2017-08-10
pjp
if (axfrport && axfrport != port)
1453
2017-08-09
pjp
FD_SET(cfg->axfr[i], &rset);
1454
2016-07-06
pjp
}
1455
2017-08-09
pjp
1456
2017-08-09
pjp
tv.tv_sec = 10;
1457
2017-08-09
pjp
tv.tv_usec = 0;
1458
2016-07-06
pjp
1459
2017-08-09
pjp
sel = select(maxso + 1, &rset, NULL, NULL, &tv);
1460
2016-07-06
pjp
1461
2017-08-09
pjp
if (sel < 0) {
1462
2017-08-09
pjp
dolog(LOG_INFO, "select: %s\n", strerror(errno));
1463
2017-08-09
pjp
continue;
1464
2017-08-09
pjp
}
1465
2016-07-06
pjp
1466
2017-08-09
pjp
if (sel == 0) {
1467
2020-06-25
pjp
if (nomore)
1468
2020-06-25
pjp
continue;
1469
2016-07-06
pjp
1470
2017-08-09
pjp
idata = 42;
1471
2020-06-25
pjp
imsg_compose(ibuf, IMSG_CRIPPLE_NEURON,
1472
2017-08-09
pjp
0, 0, -1, &idata, sizeof(idata));
1473
2020-06-25
pjp
msgbuf_write(&ibuf->w);
1474
2017-08-09
pjp
1475
2020-06-25
pjp
nomore = 1;
1476
2020-06-25
pjp
1477
2017-08-09
pjp
continue;
1478
2016-07-06
pjp
}
1479
2017-08-09
pjp
1480
2017-08-09
pjp
for (i = 0; i < cfg->sockcount; i++) {
1481
2017-08-10
pjp
if (axfrport && axfrport != port && FD_ISSET(cfg->axfr[i], &rset)) {
1482
2017-08-09
pjp
istcp = 0;
1483
2017-08-09
pjp
so = cfg->axfr[i];
1484
2016-07-06
pjp
1485
2017-08-09
pjp
goto axfrentry;
1486
2017-08-09
pjp
}
1487
2016-07-06
pjp
1488
2017-08-09
pjp
if (FD_ISSET(cfg->udp[i], &rset)) {
1489
2017-08-09
pjp
istcp = 0;
1490
2017-08-09
pjp
so = cfg->udp[i];
1491
2020-07-03
pjp
oldsel = i;
1492
2017-08-09
pjp
axfrentry:
1493
2017-08-09
pjp
fromlen = sizeof(sockaddr_large);
1494
2016-07-06
pjp
1495
2017-08-09
pjp
memset(&msgh, 0, sizeof(msgh));
1496
2017-08-09
pjp
iov.iov_base = buf;
1497
2017-08-09
pjp
iov.iov_len = sizeof(buf);
1498
2017-08-09
pjp
msgh.msg_name = from;
1499
2017-08-09
pjp
msgh.msg_namelen = fromlen;
1500
2017-08-09
pjp
msgh.msg_iov = &iov;
1501
2017-08-09
pjp
msgh.msg_iovlen = 1;
1502
2017-08-09
pjp
msgh.msg_control = (struct cmsghdr*)&controlbuf;
1503
2017-08-09
pjp
msgh.msg_controllen = sizeof(controlbuf);
1504
2017-08-09
pjp
1505
2017-08-09
pjp
len = recvmsg(so, &msgh, 0);
1506
2017-08-09
pjp
if (len < 0) {
1507
2017-08-09
pjp
dolog(LOG_INFO, "recvmsg: on descriptor %u interface \"%s\" %s\n", so, cfg->ident[i], strerror(errno));
1508
2017-08-09
pjp
continue;
1509
2017-08-09
pjp
}
1510
2016-07-06
pjp
1511
2017-08-09
pjp
received_ttl = 0;
1512
2016-07-06
pjp
1513
2017-08-09
pjp
for (cmsg = CMSG_FIRSTHDR(&msgh);
1514
2017-08-09
pjp
cmsg != NULL;
1515
2017-08-09
pjp
cmsg = CMSG_NXTHDR(&msgh,cmsg)) {
1516
2017-08-09
pjp
if (cmsg->cmsg_level == IPPROTO_IP
1517
2017-08-09
pjp
#ifdef __linux__
1518
2017-08-09
pjp
&& cmsg->cmsg_type == IP_TTL) {
1519
2017-08-09
pjp
#else
1520
2016-07-06
pjp
1521
2017-08-09
pjp
&& cmsg->cmsg_type == IP_RECVTTL) {
1522
2017-08-09
pjp
#endif
1523
2017-08-09
pjp
1524
2017-08-09
pjp
ttlptr = (u_char *) CMSG_DATA(cmsg);
1525
2017-08-09
pjp
received_ttl = (u_int)*ttlptr;
1526
2017-08-09
pjp
}
1527
2016-07-06
pjp
1528
2017-08-09
pjp
if (cmsg->cmsg_level == IPPROTO_IPV6 &&
1529
2017-08-09
pjp
cmsg->cmsg_type == IPV6_HOPLIMIT) {
1530
2016-07-06
pjp
1531
2017-08-09
pjp
if (cmsg->cmsg_len !=
1532
2017-08-09
pjp
CMSG_LEN(sizeof(int))) {
1533
2020-07-25
pjp
dolog(LOG_INFO, "IPV6_HOPLIMIT cmsg->cmsg_len == %d\n", cmsg->cmsg_len);
1534
2017-08-09
pjp
continue;
1535
2017-08-09
pjp
}
1536
2016-07-06
pjp
1537
2017-08-09
pjp
ttlptr = (u_char *) CMSG_DATA(cmsg);
1538
2017-08-09
pjp
received_ttl = (u_int)*ttlptr;
1539
2017-08-09
pjp
}
1540
2020-07-25
pjp
1541
2020-07-25
pjp
if (cmsg->cmsg_level == SOL_SOCKET &&
1542
2020-07-25
pjp
cmsg->cmsg_type == SCM_TIMESTAMP) {
1543
2020-07-25
pjp
1544
2020-07-25
pjp
if (cmsg->cmsg_len !=
1545
2020-07-25
pjp
CMSG_LEN(sizeof(struct timeval))) {
1546
2020-07-25
pjp
dolog(LOG_INFO, "SCM_TIMESTAMP cmsg->cmsg_len == %d\n", cmsg->cmsg_len);
1547
2020-07-25
pjp
continue;
1548
2020-07-25
pjp
}
1549
2020-07-25
pjp
1550
2020-07-25
pjp
prectv = (struct timeval *) CMSG_DATA(cmsg);
1551
2020-07-25
pjp
memcpy((char *)&rectv0, (char *)prectv, sizeof(struct timeval));
1552
2020-07-25
pjp
}
1553
2017-08-09
pjp
}
1554
2016-07-06
pjp
1555
2017-08-09
pjp
if (from->sa_family == AF_INET6) {
1556
2016-07-06
pjp
1557
2017-08-09
pjp
fromlen = sizeof(struct sockaddr_in6);
1558
2017-08-09
pjp
sin6 = (struct sockaddr_in6 *)from;
1559
2017-08-09
pjp
inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, (char *)&address, sizeof(address));
1560
2017-08-09
pjp
if (ratelimit) {
1561
2017-08-09
pjp
add_rrlimit(ratelimit_backlog, (u_int16_t *)&sin6->sin6_addr, sizeof(sin6->sin6_addr), rptr);
1562
2016-07-06
pjp
1563
2017-08-09
pjp
rcheck = check_rrlimit(ratelimit_backlog, (u_int16_t *)&sin6->sin6_addr, sizeof(sin6->sin6_addr), rptr);
1564
2017-08-09
pjp
}
1565
2016-07-06
pjp
1566
2017-08-09
pjp
aregion = find_region((struct sockaddr_storage *)sin6, AF_INET6);
1567
2019-02-24
pjp
filter = 0;
1568
2017-08-09
pjp
filter = find_filter((struct sockaddr_storage *)sin6, AF_INET6);
1569
2020-07-16
pjp
if (passlist) {
1570
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin6, AF_INET6);
1571
2017-08-09
pjp
}
1572
2019-02-24
pjp
1573
2019-02-24
pjp
require_tsig = 0;
1574
2019-02-24
pjp
if (tsig) {
1575
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin6, AF_INET6);
1576
2019-02-24
pjp
}
1577
2019-02-24
pjp
1578
2017-08-09
pjp
} else if (from->sa_family == AF_INET) {
1579
2017-08-09
pjp
1580
2017-08-09
pjp
fromlen = sizeof(struct sockaddr_in);
1581
2017-08-09
pjp
sin = (struct sockaddr_in *)from;
1582
2017-08-09
pjp
inet_ntop(AF_INET, (void *)&sin->sin_addr, (char *)&address, sizeof(address));
1583
2017-08-09
pjp
if (ratelimit) {
1584
2017-08-09
pjp
add_rrlimit(ratelimit_backlog, (u_int16_t *)&sin->sin_addr.s_addr, sizeof(sin->sin_addr.s_addr), rptr);
1585
2016-07-06
pjp
1586
2017-08-09
pjp
rcheck = check_rrlimit(ratelimit_backlog, (u_int16_t *)&sin->sin_addr.s_addr, sizeof(sin->sin_addr.s_addr), rptr);
1587
2017-08-09
pjp
}
1588
2016-07-06
pjp
1589
2017-08-09
pjp
aregion = find_region((struct sockaddr_storage *)sin, AF_INET);
1590
2019-02-24
pjp
filter = 0;
1591
2017-08-09
pjp
filter = find_filter((struct sockaddr_storage *)sin, AF_INET);
1592
2020-07-16
pjp
if (passlist) {
1593
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin, AF_INET);
1594
2017-08-09
pjp
}
1595
2016-07-06
pjp
1596
2019-02-24
pjp
require_tsig = 0;
1597
2019-02-24
pjp
if (tsig) {
1598
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin, AF_INET);
1599
2019-02-24
pjp
}
1600
2019-02-24
pjp
1601
2017-08-09
pjp
} else {
1602
2017-08-09
pjp
dolog(LOG_INFO, "packet received on descriptor %u interface \"%s\" had weird address family (%u), drop\n", so, cfg->ident[i], from->sa_family);
1603
2017-08-09
pjp
goto drop;
1604
2017-08-09
pjp
}
1605
2016-07-06
pjp
1606
2017-08-09
pjp
/* if UDP packet check length for minimum / maximum */
1607
2017-08-09
pjp
if (len > DNS_MAXUDP || len < sizeof(struct dns_header)){
1608
2017-08-09
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[i], address);
1609
2017-08-09
pjp
goto drop;
1610
2017-08-09
pjp
}
1611
2017-08-09
pjp
1612
2019-02-24
pjp
if (filter && require_tsig == 0) {
1613
2017-08-09
pjp
1614
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1615
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
1616
2017-11-27
pjp
1617
2017-11-28
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) replying REFUSED, filter policy\n", so, cfg->ident[i], address, received_ttl, aregion);
1618
2017-08-09
pjp
goto drop;
1619
2017-08-09
pjp
}
1620
2017-08-09
pjp
1621
2020-07-16
pjp
if (passlist && blocklist == 0) {
1622
2017-08-09
pjp
1623
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1624
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
1625
2017-08-09
pjp
1626
2020-07-16
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) replying REFUSED, passlist policy\n", so, cfg->ident[i], address, received_ttl, aregion);
1627
2017-08-09
pjp
goto drop;
1628
2017-08-09
pjp
}
1629
2017-08-09
pjp
1630
2017-11-28
pjp
if (ratelimit && rcheck) {
1631
2017-11-28
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) ratelimit policy dropping packet\n", so, cfg->ident[i], address, received_ttl, aregion);
1632
2017-08-09
pjp
goto drop;
1633
2017-08-09
pjp
}
1634
2017-11-28
pjp
1635
2017-11-28
pjp
/* pjp - branch to pledge parser here */
1636
2019-02-24
pjp
imsg_type = IMSG_PARSE_MESSAGE;
1637
2019-02-24
pjp
1638
2019-02-24
pjp
if (imsg_compose(pibuf, imsg_type,
1639
2017-11-28
pjp
0, 0, -1, buf, len) < 0) {
1640
2017-11-28
pjp
dolog(LOG_INFO, "imsg_compose %s\n", strerror(errno));
1641
2017-11-28
pjp
}
1642
2017-11-28
pjp
msgbuf_write(&pibuf->w);
1643
2017-08-09
pjp
1644
2017-11-28
pjp
FD_ZERO(&rset);
1645
2017-11-28
pjp
FD_SET(pibuf->fd, &rset);
1646
2017-08-09
pjp
1647
2017-11-28
pjp
tv.tv_sec = 10;
1648
2017-11-28
pjp
tv.tv_usec = 0;
1649
2017-08-09
pjp
1650
2017-11-28
pjp
sel = select(pibuf->fd + 1, &rset, NULL, NULL, &tv);
1651
2017-11-28
pjp
1652
2017-11-28
pjp
if (sel < 0) {
1653
2017-11-28
pjp
dolog(LOG_ERR, "internal error around select, dropping packet\n");
1654
2017-08-09
pjp
goto drop;
1655
2017-08-09
pjp
}
1656
2017-08-09
pjp
1657
2017-11-28
pjp
if (sel == 0) {
1658
2017-11-28
pjp
dolog(LOG_ERR, "internal error, timeout on parse imsg, drop\n");
1659
2017-08-09
pjp
goto drop;
1660
2017-08-09
pjp
}
1661
2017-12-14
pjp
1662
2017-12-14
pjp
if (FD_ISSET(pibuf->fd, &rset)) {
1663
2017-11-28
pjp
1664
2017-12-14
pjp
if (((n = imsg_read(pibuf)) == -1 && errno != EAGAIN) || n == 0) {
1665
2017-12-14
pjp
dolog(LOG_ERR, "internal error, timeout on parse imsg, drop\n");
1666
2017-12-14
pjp
goto drop;
1667
2017-12-14
pjp
}
1668
2017-11-28
pjp
1669
2017-12-14
pjp
for (;;) {
1670
2017-12-14
pjp
1671
2017-12-14
pjp
if ((n = imsg_get(pibuf, &imsg)) == -1) {
1672
2017-12-14
pjp
break;
1673
2017-12-14
pjp
}
1674
2017-11-28
pjp
1675
2017-12-14
pjp
if (n == 0) {
1676
2017-12-14
pjp
break;
1677
2017-12-14
pjp
}
1678
2017-11-28
pjp
1679
2017-12-14
pjp
datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
1680
2017-11-28
pjp
1681
2017-12-14
pjp
switch (imsg.hdr.type) {
1682
2017-12-14
pjp
case IMSG_PARSEREPLY_MESSAGE:
1683
2021-01-11
pjp
if (datalen != sizeof(int)) {
1684
2021-01-11
pjp
dolog(LOG_ERR, "datalen != sizeof(int), can't work with this, drop\n");
1685
2017-12-14
pjp
goto drop;
1686
2017-12-14
pjp
}
1687
2017-12-14
pjp
1688
2021-01-11
pjp
memcpy((char *)&pq_offset, imsg.data, datalen);
1689
2021-01-11
pjp
pq0 = (struct pq_imsg *)&cfg->shptr_pq[0];
1690
2021-01-11
pjp
pq0 += pq_offset;
1691
2021-01-11
pjp
memcpy((char *)&pq, (char *)&pq0->pqi_pq, sizeof(struct parsequestion));
1692
2017-11-28
pjp
1693
2021-01-11
pjp
sm_lock(cfg->shptr_pq, cfg->shptr_pqsize);
1694
2021-01-11
pjp
pack32((char *)&pq0->u.s.read, 1);
1695
2021-01-11
pjp
sm_unlock(cfg->shptr_pq, cfg->shptr_pqsize);
1696
2021-01-11
pjp
1697
2017-12-14
pjp
if (pq.rc != PARSE_RETURN_ACK) {
1698
2017-12-14
pjp
switch (pq.rc) {
1699
2017-12-14
pjp
case PARSE_RETURN_MALFORMED:
1700
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" malformed question from %s, drop\n", so, cfg->ident[i], address);
1701
2017-12-14
pjp
imsg_free(&imsg);
1702
2017-12-14
pjp
goto drop;
1703
2017-12-14
pjp
case PARSE_RETURN_NOQUESTION:
1704
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" header from %s has no question, drop\n", so, cfg->ident[i], address);
1705
2017-12-14
pjp
/* format error */
1706
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1707
2020-07-21
pjp
slen = reply_fmterror(&sreply, &sretlen, NULL);
1708
2017-12-14
pjp
dolog(LOG_INFO, "question on descriptor %d interface \"%s\" from %s, did not have question of 1 replying format error\n", so, cfg->ident[i], address);
1709
2017-12-14
pjp
imsg_free(&imsg);
1710
2017-12-14
pjp
goto drop;
1711
2017-12-14
pjp
case PARSE_RETURN_NOTAQUESTION:
1712
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" dns header from %s is not a question, drop\n", so, cfg->ident[i], address);
1713
2017-12-14
pjp
imsg_free(&imsg);
1714
2017-12-14
pjp
goto drop;
1715
2017-12-14
pjp
case PARSE_RETURN_NAK:
1716
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[i], address);
1717
2017-12-14
pjp
imsg_free(&imsg);
1718
2017-12-14
pjp
goto drop;
1719
2019-02-24
pjp
case PARSE_RETURN_NOTAUTH:
1720
2019-02-24
pjp
if (filter && pq.tsig.have_tsig == 0) {
1721
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1722
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
1723
2019-02-24
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) replying REFUSED, not a tsig\n", so, cfg->ident[i], address, received_ttl, aregion);
1724
2019-02-24
pjp
imsg_free(&imsg);
1725
2019-02-24
pjp
goto drop;
1726
2019-02-24
pjp
}
1727
2017-12-14
pjp
}
1728
2019-02-24
pjp
}
1729
2017-12-14
pjp
1730
2020-07-06
pjp
question = convert_question(&pq, 1);
1731
2017-12-14
pjp
if (question == NULL) {
1732
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" internal error from %s, drop\n", so, cfg->ident[i], address);
1733
2017-12-14
pjp
imsg_free(&imsg);
1734
2017-12-14
pjp
goto drop;
1735
2017-12-14
pjp
}
1736
2019-02-24
pjp
1737
2017-12-14
pjp
1738
2017-12-14
pjp
1739
2017-12-14
pjp
break;
1740
2017-12-14
pjp
} /* switch */
1741
2017-12-14
pjp
1742
2017-11-28
pjp
imsg_free(&imsg);
1743
2017-12-14
pjp
} /* for (;;) */
1744
2017-12-14
pjp
} else { /* FD_ISSET */
1745
2017-12-14
pjp
goto drop;
1746
2017-12-14
pjp
}
1747
2017-12-14
pjp
1748
2017-12-14
pjp
/* goto drop beyond this point should goto out instead */
1749
2019-10-25
pjp
/* handle notifications */
1750
2019-10-25
pjp
if (question->notify) {
1751
2019-10-25
pjp
if (question->tsig.have_tsig && notifysource(question, (struct sockaddr_storage *)from) &&
1752
2019-10-25
pjp
question->tsig.tsigverified == 1) {
1753
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" authenticated dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[i], address);
1754
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
1755
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1756
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
1757
2019-11-04
pjp
1758
2019-11-04
pjp
/* send notify to replicant process */
1759
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
1760
2020-06-25
pjp
imsg_compose(udp_ibuf, IMSG_NOTIFY_MESSAGE,
1761
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
1762
2020-06-25
pjp
msgbuf_write(&udp_ibuf->w);
1763
2019-10-25
pjp
goto udpout;
1764
2019-10-25
pjp
1765
2019-10-25
pjp
} else if (question->tsig.have_tsig && question->tsig.tsigerrorcode != 0) {
1766
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" not authenticated dns NOTIFY packet (code = %d) from %s, replying notauth\n", so, cfg->ident[i], question->tsig.tsigerrorcode, address);
1767
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTAUTH");
1768
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1769
2020-07-21
pjp
slen = reply_notauth(&sreply, &sretlen, NULL);
1770
2019-10-25
pjp
goto udpout;
1771
2019-10-25
pjp
}
1772
2019-10-25
pjp
1773
2019-10-25
pjp
if (notifysource(question, (struct sockaddr_storage *)from)) {
1774
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[i], address);
1775
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
1776
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1777
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
1778
2019-11-04
pjp
/* send notify to replicant process */
1779
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
1780
2020-06-25
pjp
imsg_compose(udp_ibuf, IMSG_NOTIFY_MESSAGE,
1781
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
1782
2020-06-25
pjp
msgbuf_write(&udp_ibuf->w);
1783
2019-10-25
pjp
goto udpout;
1784
2019-10-25
pjp
} else {
1785
2019-10-25
pjp
/* RFC 1996 - 3.10 is probably broken reply REFUSED */
1786
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" dns NOTIFY packet from %s, NOT in our list of MASTER servers replying REFUSED\n", so, cfg->ident[i], address);
1787
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
1788
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1789
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
1790
2019-10-25
pjp
1791
2019-10-25
pjp
goto udpout;
1792
2019-10-25
pjp
}
1793
2019-10-25
pjp
} /* if question->notify */
1794
2019-10-25
pjp
1795
2019-02-24
pjp
if (question->tsig.have_tsig && question->tsig.tsigerrorcode != 0) {
1796
2021-01-07
pjp
/* if the name on the passlist is not present */
1797
2021-01-07
pjp
if (question->tsig.have_tsig &&
1798
2021-01-07
pjp
question->tsig.tsigerrorcode == DNS_BADTIME &&
1799
2021-01-07
pjp
tsigpassname &&
1800
2021-01-07
pjp
tsigpassname_contains(question->hdr->name, question->hdr->namelen, &passnamewc)) {
1801
2021-01-07
pjp
dolog(LOG_INFO, "passing %s despite being a TSIG unauthenticated query\n", question->converted_name);
1802
2021-01-07
pjp
} else {
1803
2021-01-07
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" not authenticated dns packet (code = %d) from %s, replying notauth\n", so, cfg->ident[i], question->tsig.tsigerrorcode, address);
1804
2021-01-07
pjp
snprintf(replystring, DNS_MAXNAME, "NOTAUTH");
1805
2021-01-07
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1806
2021-01-07
pjp
slen = reply_notauth(&sreply, &sretlen, NULL);
1807
2021-01-07
pjp
goto udpout;
1808
2021-01-07
pjp
}
1809
2019-02-24
pjp
}
1810
2017-08-09
pjp
/* hack around whether we're edns version 0 */
1811
2017-08-09
pjp
if (question->ednsversion != 0) {
1812
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1813
2020-07-21
pjp
slen = reply_badvers(&sreply, &sretlen, NULL);
1814
2017-08-09
pjp
1815
2019-02-24
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" edns version is %u from %s, replying badvers\n", so, cfg->ident[i], question->ednsversion, address);
1816
2017-08-09
pjp
1817
2017-08-09
pjp
snprintf(replystring, DNS_MAXNAME, "BADVERS");
1818
2017-08-09
pjp
goto udpout;
1819
2017-08-09
pjp
}
1820
2017-08-09
pjp
1821
2019-02-18
pjp
if (ntohs(question->hdr->qclass) == DNS_CLASS_CH &&
1822
2019-02-18
pjp
ntohs(question->hdr->qtype) == DNS_TYPE_TXT &&
1823
2019-02-18
pjp
strcasecmp(question->converted_name, "version.bind.") == 0) {
1824
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "VERSION");
1825
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1826
2020-07-21
pjp
slen = reply_version(&sreply, &sretlen, NULL);
1827
2019-02-18
pjp
goto udpout;
1828
2019-02-18
pjp
}
1829
2019-02-18
pjp
1830
2017-08-09
pjp
fakequestion = NULL;
1831
2017-08-09
pjp
1832
2020-01-16
pjp
rbt0 = lookup_zone(cfg->db, question, &type0, &lzerrno, (char *)&replystring, sizeof(replystring));
1833
2017-08-09
pjp
if (type0 < 0) {
1834
2017-08-09
pjp
switch (lzerrno) {
1835
2017-08-09
pjp
default:
1836
2017-08-09
pjp
dolog(LOG_INFO, "invalid lzerrno! dropping\n");
1837
2017-08-09
pjp
/* FALLTHROUGH */
1838
2017-08-09
pjp
case ERR_DROP:
1839
2017-08-09
pjp
snprintf(replystring, DNS_MAXNAME, "DROP");
1840
2019-10-25
pjp
slen = 0;
1841
2017-08-09
pjp
goto udpout;
1842
2017-08-09
pjp
case ERR_REFUSED:
1843
2017-08-09
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
1844
2017-08-09
pjp
1845
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt0, NULL, aregion, istcp, 0, replybuf);
1846
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
1847
2017-08-09
pjp
goto udpout;
1848
2017-08-09
pjp
break;
1849
2017-08-09
pjp
case ERR_NXDOMAIN:
1850
2019-02-18
pjp
/*
1851
2019-02-18
pjp
* lookup_zone could not find an RR for the
1852
2019-02-18
pjp
* question at all -> nxdomain
1853
2019-02-18
pjp
*/
1854
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "NXDOMAIN");
1855
2019-02-18
pjp
1856
2019-02-18
pjp
/*
1857
2019-02-18
pjp
* lookup an authoritative soa
1858
2019-02-18
pjp
*/
1859
2019-02-18
pjp
1860
2019-02-18
pjp
if (rbt0 != NULL) {
1861
2019-02-18
pjp
build_reply(&sreply, so, buf, len, question, from, \
1862
2019-02-18
pjp
fromlen, rbt0, NULL, aregion, istcp, \
1863
2020-06-29
pjp
0, replybuf);
1864
2019-02-18
pjp
1865
2020-07-21
pjp
slen = reply_nxdomain(&sreply, &sretlen, cfg->db);
1866
2019-02-18
pjp
}
1867
2019-02-18
pjp
goto udpout;
1868
2019-02-18
pjp
break;
1869
2019-02-18
pjp
1870
2019-02-18
pjp
case ERR_NODATA:
1871
2019-02-18
pjp
if (rbt1) {
1872
2019-02-18
pjp
rbt1 = NULL;
1873
2019-02-18
pjp
}
1874
2019-02-18
pjp
1875
2019-02-18
pjp
rbt1 = get_soa(cfg->db, question);
1876
2019-02-18
pjp
if (rbt1 != NULL) {
1877
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "NODATA");
1878
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
1879
2020-07-21
pjp
slen = reply_nodata(&sreply, &sretlen, cfg->db);
1880
2017-08-09
pjp
} else {
1881
2020-07-03
pjp
if (forward)
1882
2020-07-03
pjp
goto forwardudp;
1883
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
1884
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, cfg->db);
1885
2019-02-24
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
1886
2017-08-09
pjp
}
1887
2019-02-18
pjp
goto udpout;
1888
2019-02-18
pjp
break;
1889
2020-06-30
pjp
1890
2020-06-30
pjp
case ERR_FORWARD:
1891
2020-07-03
pjp
forwardudp:
1892
2020-07-01
pjp
if (forwardtsig) {
1893
2020-07-01
pjp
if (question->tsig.have_tsig &&
1894
2020-07-01
pjp
question->tsig.tsigverified) {
1895
2020-07-01
pjp
snprintf(replystring, DNS_MAXNAME, "FORWARD");
1896
2020-07-01
pjp
} else {
1897
2021-01-07
pjp
if (question->tsig.have_tsig &&
1898
2021-01-07
pjp
question->tsig.tsigerrorcode == DNS_BADTIME &&
1899
2021-01-07
pjp
tsigpassname &&
1900
2021-01-07
pjp
tsigpassname_contains(question->hdr->name, question->hdr->namelen, &passnamewc)) {
1901
2021-01-07
pjp
snprintf(replystring, DNS_MAXNAME,
1902
2021-01-07
pjp
"FORWARD");
1903
2021-01-07
pjp
1904
2021-01-07
pjp
dolog(LOG_INFO, "passing %s despite being a TSIG unauthenticated query\n", question->converted_name);
1905
2021-01-07
pjp
} else {
1906
2021-01-07
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
1907
2021-01-07
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
1908
2021-01-07
pjp
slen = reply_refused(&sreply, &sretlen, cfg->db);
1909
2021-01-07
pjp
goto udpout;
1910
2021-01-07
pjp
}
1911
2020-07-01
pjp
}
1912
2020-07-01
pjp
} else
1913
2020-07-01
pjp
snprintf(replystring, DNS_MAXNAME, "FORWARD");
1914
2020-07-01
pjp
1915
2020-06-30
pjp
/* send query to forward process/cortex */
1916
2020-06-30
pjp
1917
2020-06-30
pjp
if (len > 4000) {
1918
2020-06-30
pjp
dolog(LOG_INFO, "question is larger than 4000 bytes, not forwarding\n");
1919
2020-06-30
pjp
goto udpout;
1920
2020-06-30
pjp
}
1921
2020-06-30
pjp
1922
2020-07-03
pjp
memset(sforward, 0, sizeof(struct sforward));
1923
2020-07-03
pjp
sforward->oldsel = oldsel;
1924
2020-07-03
pjp
1925
2020-07-01
pjp
switch (from->sa_family) {
1926
2020-07-01
pjp
case AF_INET:
1927
2020-07-03
pjp
sforward->rport = sin->sin_port;
1928
2020-07-03
pjp
memcpy((char *)&sforward->from4, sin, fromlen);
1929
2020-07-03
pjp
sforward->family = AF_INET;
1930
2020-07-03
pjp
1931
2020-07-01
pjp
break;
1932
2020-07-01
pjp
case AF_INET6:
1933
2020-07-03
pjp
sforward->rport = sin6->sin6_port;
1934
2020-07-03
pjp
memcpy((char *)&sforward->from6, sin6, fromlen);
1935
2020-07-03
pjp
sforward->family = AF_INET6;
1936
2020-07-03
pjp
1937
2020-07-01
pjp
break;
1938
2020-07-01
pjp
}
1939
2020-07-01
pjp
1940
2020-07-16
pjp
memcpy(&sforward->buf, question->hdr->original_name, question->hdr->namelen);
1941
2020-07-03
pjp
sforward->buflen = question->hdr->namelen;
1942
2020-07-03
pjp
1943
2020-07-03
pjp
memcpy((char *)&sforward->header, buf, sizeof(struct dns_header));
1944
2020-07-03
pjp
sforward->type = question->hdr->qtype;
1945
2020-07-03
pjp
sforward->class = question->hdr->qclass;
1946
2020-09-30
pjp
sforward->edns0len = MIN(question->edns0len, max_udp_payload);
1947
2020-07-04
pjp
sforward->dnssecok = question->dnssecok;
1948
2020-06-30
pjp
1949
2020-07-03
pjp
if (question->tsig.have_tsig && question->tsig.tsigverified) {
1950
2020-07-03
pjp
sforward->havemac = 1;
1951
2020-07-03
pjp
memcpy((char *)&sforward->tsigname, question->tsig.tsigkey, question->tsig.tsigkeylen);
1952
2020-07-03
pjp
sforward->tsignamelen = question->tsig.tsigkeylen;
1953
2020-07-03
pjp
memcpy(&sforward->mac, question->tsig.tsigmac, sizeof(sforward->mac));
1954
2020-07-03
pjp
sforward->tsigtimefudge = question->tsig.tsig_timefudge;
1955
2020-07-03
pjp
} else
1956
2020-07-03
pjp
sforward->havemac = 0;
1957
2020-07-01
pjp
1958
2020-07-10
pjp
sforward->gotit = time(NULL);
1959
2020-07-12
pjp
memcpy(&sf.sfi_sf, sforward, sizeof(struct sforward));
1960
2020-07-10
pjp
1961
2020-07-10
pjp
/* wait for lock */
1962
2021-01-11
pjp
sm_lock(cfg->shptr, cfg->shptrsize);
1963
2020-07-10
pjp
1964
2020-07-12
pjp
for (sfi = (struct sf_imsg *)&cfg->shptr[0], ix = 0;
1965
2020-07-10
pjp
ix < SHAREDMEMSIZE; ix++, sfi++) {
1966
2020-07-12
pjp
if (unpack32((char *)&sfi->u.s.read) == 1) {
1967
2020-07-10
pjp
memcpy(sfi, &sf, sizeof(struct sf_imsg));
1968
2020-07-12
pjp
pack32((char *)&sfi->u.s.read, 0);
1969
2020-07-10
pjp
break;
1970
2020-07-10
pjp
}
1971
2020-07-10
pjp
}
1972
2020-07-10
pjp
1973
2020-07-10
pjp
if (ix == SHAREDMEMSIZE) {
1974
2020-07-10
pjp
dolog(LOG_INFO, "delphinusdnsd udp: can't find an open slot in sharedmemsize\n");
1975
2020-07-10
pjp
goto udpout;
1976
2020-07-10
pjp
}
1977
2020-07-10
pjp
1978
2021-01-11
pjp
sm_unlock(cfg->shptr, cfg->shptrsize);
1979
2020-07-10
pjp
1980
2020-07-03
pjp
imsg_compose(udp_ibuf, IMSG_FORWARD_UDP,
1981
2020-07-10
pjp
0, 0, -1, &ix, sizeof(int));
1982
2020-07-03
pjp
1983
2020-07-03
pjp
msgbuf_write(&udp_ibuf->w);
1984
2020-06-30
pjp
goto udpout;
1985
2020-06-30
pjp
break;
1986
2020-06-30
pjp
1987
2019-02-18
pjp
case ERR_NOERROR:
1988
2017-08-09
pjp
/*
1989
2019-02-18
pjp
* this is hackish not sure if this should be here
1990
2017-08-09
pjp
*/
1991
2017-01-11
pjp
1992
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "NOERROR");
1993
2019-02-18
pjp
1994
2019-02-18
pjp
/*
1995
2019-02-18
pjp
* lookup an authoritative soa
1996
2017-08-09
pjp
*/
1997
2019-02-18
pjp
1998
2019-02-18
pjp
if (rbt0) {
1999
2019-02-18
pjp
rbt0 = NULL;
2000
2019-02-18
pjp
}
2001
2019-02-18
pjp
2002
2019-02-18
pjp
rbt0 = get_soa(cfg->db, question);
2003
2019-02-15
pjp
if (rbt0 != NULL) {
2004
2019-02-18
pjp
build_reply(&sreply, so, buf, len, question, from, \
2005
2019-02-18
pjp
fromlen, rbt0, NULL, aregion, istcp, 0,
2006
2020-06-29
pjp
replybuf);
2007
2019-02-15
pjp
2008
2020-07-21
pjp
slen = reply_noerror(&sreply, &sretlen, cfg->db);
2009
2019-02-24
pjp
2010
2019-02-24
pjp
goto udpout;
2011
2019-02-18
pjp
}
2012
2019-02-18
pjp
2013
2019-02-24
pjp
snprintf(replystring, DNS_MAXNAME, "DROP");
2014
2019-10-25
pjp
slen = 0;
2015
2019-10-25
pjp
goto udpout;
2016
2019-10-30
pjp
2017
2019-10-30
pjp
case ERR_DELEGATE:
2018
2019-10-30
pjp
if (rbt0 != NULL) {
2019
2019-10-30
pjp
build_reply(&sreply, so, buf, len, question, from, \
2020
2019-10-30
pjp
fromlen, rbt0, NULL, aregion, istcp, \
2021
2020-06-29
pjp
0, replybuf);
2022
2019-10-30
pjp
2023
2020-07-21
pjp
slen = reply_ns(&sreply, &sretlen, cfg->db);
2024
2019-10-30
pjp
} else {
2025
2019-10-30
pjp
slen = 0;
2026
2019-10-30
pjp
snprintf(replystring, DNS_MAXNAME, "DROP");
2027
2019-10-30
pjp
}
2028
2019-10-30
pjp
2029
2019-10-30
pjp
goto udpout;
2030
2019-10-30
pjp
break;
2031
2019-10-30
pjp
2032
2019-02-18
pjp
}
2033
2019-02-18
pjp
}
2034
2019-02-18
pjp
2035
2019-02-18
pjp
switch (type0) {
2036
2017-08-09
pjp
case DNS_TYPE_CNAME:
2037
2019-02-15
pjp
csd = find_rr(rbt0, DNS_TYPE_SOA);
2038
2019-02-15
pjp
if (csd == NULL)
2039
2019-02-15
pjp
break;
2040
2019-02-15
pjp
2041
2019-02-15
pjp
rr_csd = TAILQ_FIRST(&csd->rr_head);
2042
2019-02-15
pjp
if (rr_csd == NULL)
2043
2019-02-15
pjp
break;
2044
2019-02-15
pjp
2045
2019-02-26
pjp
fakequestion = build_fake_question(((struct cname *)rr_csd)->cname, ((struct cname *)rr_csd)->cnamelen, question->hdr->qtype, NULL, 0);
2046
2017-08-09
pjp
if (fakequestion == NULL) {
2047
2017-08-09
pjp
dolog(LOG_INFO, "fakequestion failed\n");
2048
2017-08-09
pjp
break;
2049
2017-08-09
pjp
}
2050
2016-07-06
pjp
2051
2020-01-16
pjp
rbt1 = lookup_zone(cfg->db, fakequestion, &type1, &lzerrno, (char *)&fakereplystring, sizeof(fakereplystring));
2052
2017-08-09
pjp
/* break CNAMES pointing to CNAMES */
2053
2017-08-09
pjp
if (type1 == DNS_TYPE_CNAME)
2054
2017-08-09
pjp
type1 = 0;
2055
2017-08-09
pjp
2056
2017-08-09
pjp
break;
2057
2017-08-09
pjp
default:
2058
2017-08-09
pjp
2059
2017-01-11
pjp
break;
2060
2017-01-11
pjp
}
2061
2016-07-06
pjp
2062
2017-08-09
pjp
/*
2063
2017-08-09
pjp
* Allow CLASS IN, CHAOS and others are
2064
2017-08-09
pjp
* not implemented and so we build a reply for
2065
2017-08-09
pjp
* that and go out.
2066
2017-08-09
pjp
*/
2067
2016-07-06
pjp
2068
2017-08-09
pjp
switch (ntohs(question->hdr->qclass)) {
2069
2017-08-09
pjp
case DNS_CLASS_IN:
2070
2017-08-09
pjp
break;
2071
2017-08-09
pjp
default:
2072
2017-08-09
pjp
build_reply(&sreply, so, buf, len, question, from, \
2073
2017-08-09
pjp
fromlen, NULL, NULL, aregion, istcp, 0, \
2074
2020-06-29
pjp
replybuf);
2075
2016-07-06
pjp
2076
2020-07-21
pjp
slen = reply_notimpl(&sreply, &sretlen, NULL);
2077
2017-08-09
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIMPL");
2078
2017-08-09
pjp
goto udpout;
2079
2017-08-09
pjp
}
2080
2016-07-06
pjp
2081
2019-01-25
pjp
for (rl = &rlogic[0]; rl->rrtype != 0; rl++) {
2082
2019-01-25
pjp
if (rl->rrtype == ntohs(question->hdr->qtype)) {
2083
2019-01-25
pjp
if (rl->type0 == type0) {
2084
2019-01-25
pjp
switch (rl->buildtype) {
2085
2019-01-25
pjp
case BUILD_CNAME:
2086
2019-01-25
pjp
build_reply(&sreply, so, buf, len, question,
2087
2019-02-15
pjp
from, fromlen, rbt0, ((type1 > 0) ? rbt1 :
2088
2020-06-29
pjp
NULL), aregion, istcp, 0, replybuf);
2089
2019-01-25
pjp
break;
2090
2019-01-25
pjp
case BUILD_OTHER:
2091
2019-01-25
pjp
build_reply(&sreply, so, buf, len, question,
2092
2019-02-15
pjp
from, fromlen, rbt0, NULL, aregion, istcp,
2093
2020-06-29
pjp
0, replybuf);
2094
2019-01-25
pjp
break;
2095
2019-01-25
pjp
}
2096
2019-01-25
pjp
} else {
2097
2019-01-25
pjp
continue;
2098
2019-01-25
pjp
}
2099
2019-01-25
pjp
2100
2020-07-21
pjp
slen = (*rl->reply)(&sreply, &sretlen, cfg->db);
2101
2017-08-09
pjp
break;
2102
2019-01-25
pjp
} /* if rl->rrtype == */
2103
2019-01-25
pjp
}
2104
2016-07-06
pjp
2105
2019-01-25
pjp
if (rl->rrtype == 0) {
2106
2017-08-09
pjp
/*
2107
2017-08-09
pjp
* ANY unkown RR TYPE gets a NOTIMPL
2108
2017-08-09
pjp
*/
2109
2017-08-09
pjp
/*
2110
2017-08-09
pjp
* except for delegations
2111
2017-08-09
pjp
*/
2112
2017-08-09
pjp
2113
2017-08-09
pjp
if (type0 == DNS_TYPE_NS) {
2114
2016-07-06
pjp
2115
2017-08-09
pjp
build_reply(&sreply, so, buf, len, question, from, \
2116
2019-02-15
pjp
fromlen, rbt0, NULL, aregion, istcp, 0, \
2117
2020-06-29
pjp
replybuf);
2118
2016-07-21
pjp
2119
2020-07-21
pjp
slen = reply_ns(&sreply, &sretlen, cfg->db);
2120
2017-08-09
pjp
} else {
2121
2016-07-21
pjp
2122
2016-07-21
pjp
2123
2017-08-09
pjp
build_reply(&sreply, so, buf, len, question, from, \
2124
2017-08-09
pjp
fromlen, NULL, NULL, aregion, istcp, 0, \
2125
2020-06-29
pjp
replybuf);
2126
2016-07-21
pjp
2127
2020-07-21
pjp
slen = reply_notimpl(&sreply, &sretlen, NULL);
2128
2017-08-09
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIMPL");
2129
2017-08-09
pjp
}
2130
2017-08-09
pjp
}
2131
2017-08-09
pjp
2132
2017-08-09
pjp
udpout:
2133
2017-08-09
pjp
if (lflag) {
2134
2020-07-25
pjp
double diffms;
2135
2016-07-21
pjp
2136
2020-07-25
pjp
gettimeofday(&rectv1, NULL);
2137
2020-07-25
pjp
if (rectv1.tv_sec - rectv0.tv_sec > 0) {
2138
2020-07-25
pjp
rectv1.tv_usec += 1000000;
2139
2020-07-25
pjp
rectv1.tv_sec--;
2140
2020-07-25
pjp
}
2141
2020-07-25
pjp
diffms = (((double)rectv1.tv_sec - (double)rectv0.tv_sec) \
2142
2020-07-25
pjp
* 1000) + \
2143
2020-07-25
pjp
(double)(rectv1.tv_usec - rectv0.tv_usec) / 1000;
2144
2020-07-25
pjp
2145
2020-07-25
pjp
dolog(LOG_INFO, "request on descriptor %u interface \"%s\" from %s (ttl=%u, region=%d, tta=%2.3fms) for \"%s\" type=%s class=%u, %s%s%sanswering \"%s\" (%d/%d)\n", so, cfg->ident[i], address, received_ttl, aregion, diffms, question->converted_name, get_dns_type(ntohs(question->hdr->qtype), 1), ntohs(question->hdr->qclass), (question->edns0len ? "edns0, " : ""), (question->dnssecok ? "dnssecok, " : ""), (question->tsig.tsigverified ? "tsig, " : "") , replystring, len, slen);
2146
2020-07-25
pjp
2147
2017-08-09
pjp
}
2148
2016-07-21
pjp
2149
2017-08-09
pjp
if (fakequestion != NULL) {
2150
2017-08-09
pjp
free_question(fakequestion);
2151
2017-08-09
pjp
}
2152
2017-08-09
pjp
2153
2017-08-09
pjp
free_question(question);
2154
2016-07-06
pjp
2155
2019-02-15
pjp
if (rbt0) {
2156
2019-02-15
pjp
rbt0 = NULL;
2157
2017-08-09
pjp
}
2158
2019-02-15
pjp
if (rbt1) {
2159
2019-02-15
pjp
rbt1 = NULL;
2160
2017-08-09
pjp
}
2161
2017-01-11
pjp
2162
2017-08-09
pjp
} /* END ISSET */
2163
2017-01-11
pjp
2164
2017-08-09
pjp
} /* for */
2165
2017-01-11
pjp
2166
2017-08-09
pjp
drop:
2167
2017-08-09
pjp
2168
2019-02-15
pjp
if (rbt0) {
2169
2019-02-15
pjp
rbt0 = NULL;
2170
2017-08-09
pjp
}
2171
2016-07-06
pjp
2172
2019-02-15
pjp
if (rbt1) {
2173
2019-02-15
pjp
rbt1 = NULL;
2174
2017-08-09
pjp
}
2175
2017-08-09
pjp
2176
2017-08-09
pjp
continue;
2177
2017-08-09
pjp
} /* for (;;) */
2178
2017-08-09
pjp
2179
2017-08-09
pjp
/* NOTREACHED */
2180
2016-07-06
pjp
}
2181
2016-07-06
pjp
2182
2017-08-09
pjp
/*
2183
2017-08-09
pjp
* BUILD_REPLY - a function that populates struct reply from arguments, doesn't
2184
2017-08-09
pjp
* return anything. This replaces the alias BUILD_REPLY.
2185
2017-08-09
pjp
*
2186
2017-08-09
pjp
*/
2187
2016-07-06
pjp
2188
2017-08-09
pjp
void
2189
2020-06-29
pjp
build_reply(struct sreply *reply, int so, char *buf, int len, struct question *q, struct sockaddr *sa, socklen_t slen, struct rbtree *rbt1, struct rbtree *rbt2, u_int8_t region, int istcp, int deprecated0, char *replybuf)
2190
2017-08-09
pjp
{
2191
2017-08-09
pjp
reply->so = so;
2192
2017-08-09
pjp
reply->buf = buf;
2193
2017-08-09
pjp
reply->len = len;
2194
2017-08-09
pjp
reply->q = q;
2195
2017-08-09
pjp
reply->sa = sa;
2196
2017-08-09
pjp
reply->salen = slen;
2197
2019-02-15
pjp
reply->rbt1 = rbt1;
2198
2019-02-15
pjp
reply->rbt2 = rbt2;
2199
2017-08-09
pjp
reply->region = region;
2200
2017-08-09
pjp
reply->istcp = istcp;
2201
2017-08-09
pjp
reply->wildcard = 0;
2202
2017-08-09
pjp
reply->replybuf = replybuf;
2203
2017-01-11
pjp
2204
2017-08-09
pjp
return;
2205
2017-08-09
pjp
}
2206
2017-08-09
pjp
2207
2017-08-09
pjp
2208
2016-07-06
pjp
/*
2209
2017-08-09
pjp
* The master process, waits to be killed, if any other processes are killed
2210
2017-08-09
pjp
* and they indicate shutdown through the shared memory segment it will kill
2211
2017-08-09
pjp
* the rest of processes in the parent group.
2212
2016-07-06
pjp
*/
2213
2016-07-06
pjp
2214
2017-08-09
pjp
void
2215
2019-01-29
pjp
setup_master(ddDB *db, char **av, char *socketpath, struct imsgbuf *ibuf)
2216
2016-07-06
pjp
{
2217
2017-08-09
pjp
pid_t pid;
2218
2017-08-09
pjp
int sel, max = 0;
2219
2016-07-06
pjp
2220
2017-08-09
pjp
ssize_t n;
2221
2017-08-09
pjp
fd_set rset;
2222
2017-08-09
pjp
2223
2017-08-09
pjp
struct timeval tv;
2224
2017-08-09
pjp
struct imsg imsg;
2225
2017-08-09
pjp
2226
2017-08-09
pjp
#if __OpenBSD__
2227
2019-01-29
pjp
if (unveil(socketpath, "rwc") < 0) {
2228
2018-10-19
pjp
perror("unveil");
2229
2017-08-09
pjp
exit(1);
2230
2017-08-09
pjp
}
2231
2018-10-19
pjp
if (unveil("/usr/local/sbin/delphinusdnsd", "rx") < 0) {
2232
2018-10-19
pjp
perror("unveil");
2233
2017-08-09
pjp
exit(1);
2234
2017-08-09
pjp
}
2235
2018-10-19
pjp
if (pledge("stdio wpath cpath exec proc", NULL) < 0) {
2236
2018-10-19
pjp
perror("pledge");
2237
2017-08-09
pjp
exit(1);
2238
2017-08-09
pjp
}
2239
2018-10-19
pjp
#endif
2240
2016-07-06
pjp
2241
2019-12-19
pjp
#ifndef NO_SETPROCTITLE
2242
2021-01-06
pjp
setproctitle("master [%s]", (identstring != NULL ? identstring : ""));
2243
2019-12-19
pjp
#endif
2244
2018-10-19
pjp
2245
2017-08-09
pjp
pid = getpid();
2246
2016-07-06
pjp
2247
2017-08-09
pjp
signal(SIGTERM, master_shutdown);
2248
2017-08-09
pjp
signal(SIGINT, master_shutdown);
2249
2017-08-09
pjp
signal(SIGQUIT, master_shutdown);
2250
2017-08-09
pjp
signal(SIGHUP, master_reload);
2251
2016-07-06
pjp
2252
2017-08-09
pjp
FD_ZERO(&rset);
2253
2017-08-09
pjp
for (;;) {
2254
2019-01-29
pjp
tv.tv_sec = 1;
2255
2017-08-09
pjp
tv.tv_usec = 0;
2256
2016-07-06
pjp
2257
2017-08-09
pjp
FD_SET(ibuf->fd, &rset);
2258
2017-08-09
pjp
if (ibuf->fd > max)
2259
2017-08-09
pjp
max = ibuf->fd;
2260
2017-08-09
pjp
2261
2017-08-09
pjp
sel = select(max + 1, &rset, NULL, NULL, &tv);
2262
2017-08-09
pjp
/* on signal or timeout check...*/
2263
2017-08-09
pjp
if (sel < 1) {
2264
2017-08-09
pjp
if (*ptr) {
2265
2017-08-09
pjp
dolog(LOG_INFO, "pid %u died, killing delphinusdnsd\n", *ptr);
2266
2017-08-09
pjp
master_shutdown(SIGTERM);
2267
2017-08-09
pjp
}
2268
2016-07-06
pjp
2269
2017-08-09
pjp
if (mshutdown) {
2270
2017-08-09
pjp
dolog(LOG_INFO, "shutting down on signal %d\n", msig);
2271
2019-11-04
pjp
if (! debug)
2272
2019-11-04
pjp
unlink(socketpath);
2273
2016-07-06
pjp
2274
2017-08-09
pjp
pid = getpgrp();
2275
2017-08-09
pjp
killpg(pid, msig);
2276
2016-07-06
pjp
2277
2017-08-09
pjp
exit(0);
2278
2017-08-09
pjp
}
2279
2016-07-06
pjp
2280
2017-08-09
pjp
if (reload) {
2281
2017-08-09
pjp
signal(SIGTERM, SIG_IGN);
2282
2016-07-06
pjp
2283
2017-08-09
pjp
pid = getpgrp();
2284
2017-08-09
pjp
killpg(pid, SIGTERM);
2285
2020-06-25
pjp
if (munmap(ptr, sizeof(pid_t)) < 0) {
2286
2017-08-09
pjp
dolog(LOG_ERR, "munmap: %s\n", strerror(errno));
2287
2017-08-09
pjp
}
2288
2017-08-09
pjp
2289
2019-11-04
pjp
if (! debug)
2290
2019-11-04
pjp
unlink(socketpath);
2291
2017-08-09
pjp
2292
2019-01-29
pjp
dolog(LOG_INFO, "restarting on SIGHUP or command\n");
2293
2017-08-09
pjp
2294
2017-08-09
pjp
closelog();
2295
2019-12-19
pjp
#ifndef NO_SETPROCTITLE
2296
2019-12-07
pjp
#if __linux__
2297
2019-12-07
pjp
setproctitle(NULL);
2298
2019-12-07
pjp
#endif
2299
2019-12-19
pjp
#endif
2300
2017-08-09
pjp
if (execvp("/usr/local/sbin/delphinusdnsd", av) < 0) {
2301
2017-08-09
pjp
dolog(LOG_ERR, "execvp: %s\n", strerror(errno));
2302
2017-08-09
pjp
}
2303
2017-08-09
pjp
/* NOTREACHED */
2304
2017-08-09
pjp
exit(1);
2305
2017-08-09
pjp
}
2306
2016-07-06
pjp
continue;
2307
2016-07-06
pjp
}
2308
2017-08-09
pjp
2309
2017-08-09
pjp
if (FD_ISSET(ibuf->fd, &rset)) {
2310
2016-07-06
pjp
2311
2017-08-09
pjp
if ((n = imsg_read(ibuf)) < 0 && errno != EAGAIN) {
2312
2017-08-09
pjp
dolog(LOG_ERR, "imsg read failure %s\n", strerror(errno));
2313
2017-08-09
pjp
continue;
2314
2017-08-09
pjp
}
2315
2017-08-09
pjp
if (n == 0) {
2316
2017-08-09
pjp
/* child died? */
2317
2020-07-08
pjp
dolog(LOG_INFO, "sigpipe on child? delphinusdnsd master process exiting.\n");
2318
2017-08-09
pjp
exit(1);
2319
2017-08-09
pjp
}
2320
2016-07-06
pjp
2321
2017-08-09
pjp
for (;;) {
2322
2017-08-09
pjp
if ((n = imsg_get(ibuf, &imsg)) < 0) {
2323
2017-08-09
pjp
dolog(LOG_ERR, "imsg read error: %s\n", strerror(errno));
2324
2017-08-09
pjp
break;
2325
2017-08-09
pjp
} else {
2326
2017-08-09
pjp
if (n == 0)
2327
2017-08-09
pjp
break;
2328
2016-07-06
pjp
2329
2017-08-09
pjp
switch(imsg.hdr.type) {
2330
2017-08-09
pjp
case IMSG_HELLO_MESSAGE:
2331
2017-08-09
pjp
/* dolog(LOG_DEBUG, "received hello from child\n"); */
2332
2017-08-09
pjp
break;
2333
2019-01-29
pjp
case IMSG_RELOAD_MESSAGE:
2334
2019-01-29
pjp
reload = 1;
2335
2019-01-29
pjp
break;
2336
2019-01-29
pjp
case IMSG_SHUTDOWN_MESSAGE:
2337
2020-06-25
pjp
#if DEBUG
2338
2020-06-25
pjp
dolog(LOG_INFO, "received shutdown from cortex\n");
2339
2020-06-25
pjp
#endif
2340
2019-01-29
pjp
mshutdown = 1;
2341
2019-01-29
pjp
msig = SIGTERM;
2342
2019-01-29
pjp
break;
2343
2017-08-09
pjp
}
2344
2016-07-06
pjp
2345
2017-08-09
pjp
imsg_free(&imsg);
2346
2017-08-09
pjp
}
2347
2017-08-09
pjp
} /* for (;;) */
2348
2017-08-09
pjp
} /* FD_ISSET... */
2349
2017-08-09
pjp
} /* for (;;) */
2350
2017-08-09
pjp
2351
2017-08-09
pjp
/* NOTREACHED */
2352
2016-07-06
pjp
}
2353
2016-07-06
pjp
2354
2017-08-09
pjp
/*
2355
2017-08-09
pjp
* master_shutdown - unlink pid file and kill parent group
2356
2017-08-09
pjp
*/
2357
2017-08-09
pjp
2358
2017-08-09
pjp
void
2359
2017-08-09
pjp
master_shutdown(int sig)
2360
2017-08-09
pjp
{
2361
2017-08-09
pjp
msig = sig;
2362
2017-08-09
pjp
mshutdown = 1;
2363
2017-08-09
pjp
}
2364
2017-08-09
pjp
2365
2017-08-09
pjp
/*
2366
2020-06-25
pjp
* ddd_signal - delphinusdnsd got a signal, call ddd_shutdown and exit..
2367
2017-08-09
pjp
*/
2368
2017-08-09
pjp
2369
2017-08-09
pjp
void
2370
2020-06-25
pjp
ddd_signal(int sig)
2371
2017-08-09
pjp
{
2372
2020-06-25
pjp
ddd_shutdown();
2373
2017-08-09
pjp
dolog(LOG_INFO, "shutting down on signal\n");
2374
2017-08-09
pjp
exit(1);
2375
2017-08-09
pjp
}
2376
2017-08-09
pjp
2377
2016-08-30
pjp
/*
2378
2017-08-09
pjp
* master_reload - reload the delphinusdnsd system
2379
2017-08-09
pjp
*/
2380
2017-08-09
pjp
2381
2017-08-09
pjp
void
2382
2017-08-09
pjp
master_reload(int sig)
2383
2017-08-09
pjp
{
2384
2017-08-09
pjp
reload = 1;
2385
2017-08-09
pjp
}
2386
2017-08-09
pjp
2387
2017-08-09
pjp
2388
2017-08-09
pjp
/*
2389
2017-08-09
pjp
* TCPLOOP - does the polling of tcp descriptors and if ready receives the
2390
2016-07-06
pjp
* requests, builds the question and calls for replies, loops
2391
2016-07-06
pjp
*
2392
2016-07-06
pjp
*/
2393
2016-07-06
pjp
2394
2016-07-06
pjp
void
2395
2020-07-03
pjp
tcploop(struct cfg *cfg, struct imsgbuf *ibuf, struct imsgbuf *cortex)
2396
2016-07-06
pjp
{
2397
2016-07-06
pjp
fd_set rset;
2398
2016-07-06
pjp
int sel;
2399
2020-01-14
pjp
int len, slen = 0;
2400
2016-07-06
pjp
int i;
2401
2016-07-06
pjp
int istcp = 1;
2402
2016-07-06
pjp
int maxso;
2403
2016-07-06
pjp
int so;
2404
2016-07-06
pjp
int type0, type1;
2405
2016-07-06
pjp
int lzerrno;
2406
2016-07-06
pjp
int filter = 0;
2407
2020-07-16
pjp
int blocklist = 1;
2408
2019-02-24
pjp
int require_tsig = 0;
2409
2017-08-09
pjp
int axfr_acl = 0;
2410
2021-01-07
pjp
int passnamewc;
2411
2020-06-25
pjp
pid_t idata;
2412
2019-06-17
pjp
uint conncnt = 0;
2413
2019-06-07
pjp
int tcpflags;
2414
2017-11-28
pjp
pid_t pid;
2415
2016-07-06
pjp
2416
2016-07-06
pjp
u_int8_t aregion; /* region where the address comes from */
2417
2016-07-06
pjp
2418
2016-07-06
pjp
char *pbuf;
2419
2016-07-06
pjp
char *replybuf = NULL;
2420
2016-07-06
pjp
char address[INET6_ADDRSTRLEN];
2421
2016-07-06
pjp
char replystring[DNS_MAXNAME + 1];
2422
2016-07-06
pjp
char fakereplystring[DNS_MAXNAME + 1];
2423
2016-07-06
pjp
2424
2016-07-06
pjp
union {
2425
2016-07-06
pjp
struct sockaddr sa;
2426
2016-07-06
pjp
struct sockaddr_in sin;
2427
2016-07-06
pjp
struct sockaddr_in6 sin6;
2428
2016-07-06
pjp
} sockaddr_large;
2429
2016-07-06
pjp
2430
2016-07-06
pjp
socklen_t fromlen = sizeof(sockaddr_large);
2431
2016-07-06
pjp
2432
2016-07-06
pjp
struct sockaddr *from = (void *)&sockaddr_large;
2433
2016-07-06
pjp
struct sockaddr_in *sin;
2434
2016-07-06
pjp
struct sockaddr_in6 *sin6;
2435
2016-07-06
pjp
2436
2016-07-06
pjp
struct question *question = NULL, *fakequestion = NULL;
2437
2019-02-15
pjp
struct rbtree *rbt0 = NULL, *rbt1 = NULL;
2438
2019-02-15
pjp
struct rrset *csd;
2439
2019-02-15
pjp
struct rr *rr_csd;
2440
2020-07-10
pjp
struct sf_imsg sf, *sfi = NULL;
2441
2016-07-06
pjp
2442
2016-07-06
pjp
struct sreply sreply;
2443
2019-01-25
pjp
struct reply_logic *rl = NULL;
2444
2016-07-06
pjp
struct timeval tv = { 10, 0};
2445
2017-11-28
pjp
struct imsgbuf parse_ibuf;
2446
2017-11-28
pjp
struct imsgbuf *pibuf;
2447
2017-11-28
pjp
struct imsg imsg;
2448
2017-11-28
pjp
struct parsequestion pq;
2449
2021-01-11
pjp
struct pq_imsg *pq0;
2450
2016-07-06
pjp
2451
2017-11-28
pjp
ssize_t n, datalen;
2452
2019-02-24
pjp
u_int32_t imsg_type;
2453
2017-11-28
pjp
2454
2020-07-03
pjp
struct sforward *sforward;
2455
2020-07-10
pjp
int ix;
2456
2020-07-21
pjp
int sretlen;
2457
2021-01-11
pjp
int pq_offset;
2458
2020-07-03
pjp
2459
2020-07-03
pjp
2460
2020-07-03
pjp
sforward = (struct sforward *)calloc(1, sizeof(struct sforward));
2461
2020-07-03
pjp
if (sforward == NULL) {
2462
2020-07-03
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
2463
2020-07-03
pjp
ddd_shutdown();
2464
2020-07-03
pjp
exit(1);
2465
2020-07-03
pjp
}
2466
2020-07-03
pjp
2467
2020-06-25
pjp
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, &cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]) < 0) {
2468
2017-11-28
pjp
dolog(LOG_INFO, "socketpair() failed\n");
2469
2020-06-25
pjp
ddd_shutdown();
2470
2017-11-28
pjp
exit(1);
2471
2017-11-28
pjp
}
2472
2017-11-28
pjp
2473
2017-11-28
pjp
pid = fork();
2474
2017-11-28
pjp
switch (pid) {
2475
2017-11-28
pjp
case -1:
2476
2017-11-28
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
2477
2017-11-28
pjp
exit(1);
2478
2017-11-28
pjp
case 0:
2479
2020-07-14
pjp
#ifndef __OpenBSD__
2480
2020-07-14
pjp
/* OpenBSD has minherit() */
2481
2020-07-14
pjp
if (munmap(cfg->shptr, cfg->shptrsize) == -1) {
2482
2020-07-14
pjp
dolog(LOG_INFO, "unmapping shptr failed: %s\n", \
2483
2020-07-14
pjp
strerror(errno));
2484
2020-07-14
pjp
}
2485
2020-07-14
pjp
#endif
2486
2020-07-14
pjp
cfg->shptrsize = 0;
2487
2017-11-28
pjp
for (i = 0; i < cfg->sockcount; i++) {
2488
2017-11-28
pjp
close(cfg->tcp[i]);
2489
2017-11-28
pjp
}
2490
2020-06-25
pjp
close(ibuf->fd);
2491
2020-07-03
pjp
close(cortex->fd);
2492
2017-11-28
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
2493
2020-06-25
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
2494
2021-01-06
pjp
setproctitle("tcp parse engine %d [%s]", cfg->pid,
2495
2021-01-06
pjp
(identstring != NULL ? identstring : ""));
2496
2020-06-25
pjp
parseloop(cfg, &parse_ibuf);
2497
2017-11-28
pjp
/* NOTREACHED */
2498
2017-11-28
pjp
exit(1);
2499
2017-11-28
pjp
default:
2500
2017-11-28
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
2501
2017-11-28
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
2502
2017-11-28
pjp
pibuf = &parse_ibuf;
2503
2017-11-28
pjp
break;
2504
2017-11-28
pjp
}
2505
2017-11-28
pjp
2506
2017-11-27
pjp
#if __OpenBSD__
2507
2017-11-27
pjp
if (pledge("stdio inet sendfd recvfd", NULL) < 0) {
2508
2017-11-27
pjp
perror("pledge");
2509
2017-11-27
pjp
exit(1);
2510
2017-11-27
pjp
}
2511
2017-11-27
pjp
#endif
2512
2017-11-27
pjp
2513
2017-11-28
pjp
2514
2016-07-06
pjp
replybuf = calloc(1, 65536);
2515
2016-07-06
pjp
if (replybuf == NULL) {
2516
2016-07-06
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
2517
2020-06-25
pjp
ddd_shutdown();
2518
2016-07-06
pjp
exit(1);
2519
2017-08-09
pjp
}
2520
2016-07-06
pjp
2521
2016-07-06
pjp
2522
2016-07-06
pjp
/*
2523
2017-08-10
pjp
* listen on descriptors
2524
2016-07-06
pjp
*/
2525
2016-07-06
pjp
2526
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
2527
2016-07-06
pjp
listen(cfg->tcp[i], 5);
2528
2016-07-06
pjp
}
2529
2017-08-10
pjp
2530
2016-07-06
pjp
for (;;) {
2531
2016-07-06
pjp
maxso = 0;
2532
2016-07-06
pjp
2533
2016-07-06
pjp
FD_ZERO(&rset);
2534
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
2535
2016-07-06
pjp
if (maxso < cfg->tcp[i])
2536
2016-07-06
pjp
maxso = cfg->tcp[i];
2537
2016-07-06
pjp
2538
2016-07-06
pjp
FD_SET(cfg->tcp[i], &rset);
2539
2016-07-06
pjp
}
2540
2019-06-07
pjp
2541
2019-06-07
pjp
TAILQ_FOREACH(tcpnp, &tcphead, tcpentries) {
2542
2019-06-07
pjp
if (maxso < tcpnp->so)
2543
2019-06-07
pjp
maxso = tcpnp->so;
2544
2019-06-07
pjp
2545
2019-06-07
pjp
FD_SET(tcpnp->so, &rset);
2546
2019-06-07
pjp
}
2547
2017-08-09
pjp
2548
2019-06-07
pjp
tv.tv_sec = 3;
2549
2016-07-06
pjp
tv.tv_usec = 0;
2550
2016-07-06
pjp
2551
2016-07-06
pjp
sel = select(maxso + 1, &rset, NULL, NULL, &tv);
2552
2016-07-06
pjp
2553
2016-07-06
pjp
if (sel < 0) {
2554
2016-07-06
pjp
dolog(LOG_INFO, "select: %s\n", strerror(errno));
2555
2016-07-06
pjp
continue;
2556
2016-07-06
pjp
}
2557
2016-07-06
pjp
2558
2016-07-06
pjp
if (sel == 0) {
2559
2019-06-07
pjp
TAILQ_FOREACH_SAFE(tcpnp, &tcphead, tcpentries, tcpn1) {
2560
2019-06-07
pjp
if ((tcpnp->last_used + 3) < time(NULL)) {
2561
2019-06-07
pjp
dolog(LOG_INFO, "tcp timeout on interface \"%s\" for address %s\n", cfg->ident[tcpnp->intidx], tcpnp->address);
2562
2019-06-07
pjp
TAILQ_REMOVE(&tcphead, tcpnp, tcpentries);
2563
2019-06-07
pjp
close(tcpnp->so);
2564
2019-06-07
pjp
free(tcpnp->address);
2565
2019-06-07
pjp
free(tcpnp);
2566
2019-06-17
pjp
if (conncnt > 0)
2567
2019-06-07
pjp
conncnt--;
2568
2019-06-07
pjp
}
2569
2019-06-07
pjp
}
2570
2016-07-06
pjp
continue;
2571
2016-07-06
pjp
}
2572
2016-07-06
pjp
2573
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
2574
2016-07-06
pjp
if (FD_ISSET(cfg->tcp[i], &rset)) {
2575
2016-07-06
pjp
fromlen = sizeof(sockaddr_large);
2576
2016-07-06
pjp
2577
2016-07-06
pjp
so = accept(cfg->tcp[i], (struct sockaddr*)from, &fromlen);
2578
2016-07-06
pjp
2579
2016-07-06
pjp
if (so < 0) {
2580
2016-07-06
pjp
dolog(LOG_INFO, "tcp accept: %s\n", strerror(errno));
2581
2016-07-06
pjp
continue;
2582
2016-07-06
pjp
}
2583
2016-07-06
pjp
2584
2016-07-06
pjp
if (from->sa_family == AF_INET6) {
2585
2016-07-06
pjp
2586
2016-07-06
pjp
fromlen = sizeof(struct sockaddr_in6);
2587
2016-07-06
pjp
sin6 = (struct sockaddr_in6 *)from;
2588
2016-07-06
pjp
inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, (char *)&address, sizeof(address));
2589
2016-07-06
pjp
aregion = find_region((struct sockaddr_storage *)sin6, AF_INET6);
2590
2016-07-06
pjp
filter = find_filter((struct sockaddr_storage *)sin6, AF_INET6);
2591
2020-07-16
pjp
if (passlist) {
2592
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin6, AF_INET6);
2593
2016-07-06
pjp
}
2594
2017-08-09
pjp
axfr_acl = find_axfr((struct sockaddr_storage *)sin6, AF_INET6);
2595
2019-02-24
pjp
2596
2019-02-24
pjp
require_tsig = 0;
2597
2019-02-24
pjp
if (tsig) {
2598
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin6, AF_INET6);
2599
2019-02-24
pjp
}
2600
2016-07-06
pjp
} else if (from->sa_family == AF_INET) {
2601
2016-07-06
pjp
2602
2016-07-06
pjp
fromlen = sizeof(struct sockaddr_in);
2603
2016-07-06
pjp
sin = (struct sockaddr_in *)from;
2604
2016-07-06
pjp
inet_ntop(AF_INET, (void *)&sin->sin_addr, (char *)&address, sizeof(address));
2605
2016-07-06
pjp
aregion = find_region((struct sockaddr_storage *)sin, AF_INET);
2606
2016-07-06
pjp
filter = find_filter((struct sockaddr_storage *)sin, AF_INET);
2607
2020-07-16
pjp
if (passlist) {
2608
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin, AF_INET);
2609
2016-07-06
pjp
}
2610
2017-08-09
pjp
axfr_acl = find_axfr((struct sockaddr_storage *)sin, AF_INET);
2611
2019-02-24
pjp
2612
2019-02-24
pjp
require_tsig = 0;
2613
2019-02-24
pjp
if (tsig) {
2614
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin, AF_INET);
2615
2019-02-24
pjp
}
2616
2016-07-06
pjp
} else {
2617
2016-07-06
pjp
dolog(LOG_INFO, "TCP packet received on descriptor %u interface \"%s\" had weird address family (%u), drop\n", so, cfg->ident[i], from->sa_family);
2618
2016-07-06
pjp
close(so);
2619
2016-07-06
pjp
continue;
2620
2016-07-06
pjp
}
2621
2016-07-06
pjp
2622
2016-07-06
pjp
2623
2019-02-24
pjp
if (filter && require_tsig == 0) {
2624
2020-01-01
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s, filter policy, drop\n", so, cfg->ident[i], address);
2625
2020-01-01
pjp
#if 0
2626
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2627
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
2628
2020-01-01
pjp
#endif
2629
2016-07-06
pjp
close(so);
2630
2016-07-06
pjp
continue;
2631
2016-07-06
pjp
}
2632
2016-07-06
pjp
2633
2020-07-16
pjp
if (passlist && blocklist == 0) {
2634
2020-07-16
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s, passlist policy\n", so, cfg->ident[i], address);
2635
2016-07-06
pjp
close(so);
2636
2016-07-06
pjp
continue;
2637
2016-07-06
pjp
}
2638
2016-07-06
pjp
2639
2019-06-07
pjp
if (conncnt >= 64) {
2640
2019-06-07
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s, too many TCP connections", so
2641
2019-06-07
pjp
, cfg->ident[i], address);
2642
2017-08-09
pjp
close(so);
2643
2017-08-09
pjp
continue;
2644
2017-08-10
pjp
}
2645
2016-07-06
pjp
2646
2019-06-07
pjp
if ((tcpflags = fcntl(so, F_GETFL, 0)) < 0) {
2647
2019-06-07
pjp
dolog(LOG_INFO, "tcp fcntl can't query fcntl flags\n");
2648
2017-09-05
pjp
close(so);
2649
2017-09-05
pjp
continue;
2650
2019-06-07
pjp
}
2651
2019-06-07
pjp
2652
2019-06-07
pjp
tcpflags |= O_NONBLOCK;
2653
2019-12-06
pjp
if (fcntl(so, F_SETFL, tcpflags) < 0) {
2654
2019-06-07
pjp
dolog(LOG_INFO, "tcp fcntl can't set nonblocking\n");
2655
2017-09-05
pjp
close(so);
2656
2017-09-05
pjp
continue;
2657
2017-09-05
pjp
}
2658
2019-06-07
pjp
2659
2019-06-07
pjp
tcpn1 = malloc(sizeof(struct tcpentry));
2660
2019-06-07
pjp
if (tcpn1 == NULL) {
2661
2019-06-07
pjp
dolog(LOG_INFO, "malloc: %s\n", strerror(errno));
2662
2017-09-05
pjp
close(so);
2663
2017-09-05
pjp
continue;
2664
2017-09-05
pjp
}
2665
2019-06-07
pjp
tcpn1->bytes_read = 0;
2666
2019-06-07
pjp
tcpn1->bytes_expected = 0;
2667
2019-12-26
pjp
tcpn1->bytes_limit = 0;
2668
2019-12-26
pjp
tcpn1->seen = 0;
2669
2019-06-07
pjp
tcpn1->so = so;
2670
2019-06-07
pjp
tcpn1->last_used = time(NULL);
2671
2019-06-07
pjp
tcpn1->intidx = i;
2672
2019-06-07
pjp
tcpn1->address = strdup(address);
2673
2019-06-07
pjp
2674
2019-06-07
pjp
TAILQ_INSERT_TAIL(&tcphead, tcpn1, tcpentries);
2675
2019-06-07
pjp
conncnt++;
2676
2017-09-05
pjp
2677
2019-06-07
pjp
} /* FD_ISSET */
2678
2019-06-07
pjp
}
2679
2019-06-07
pjp
2680
2019-06-07
pjp
TAILQ_FOREACH_SAFE(tcpnp, &tcphead, tcpentries, tcpn1) {
2681
2019-06-07
pjp
if (FD_ISSET(tcpnp->so, &rset)) {
2682
2019-06-07
pjp
2683
2019-06-07
pjp
if (tcpnp->bytes_read < 2)
2684
2019-06-07
pjp
len = recv(tcpnp->so, &tcpnp->buf[tcpnp->bytes_read], 2, 0);
2685
2019-06-07
pjp
else
2686
2019-06-07
pjp
len = recv(tcpnp->so, &tcpnp->buf[tcpnp->bytes_read], tcpnp->bytes_expected, 0);
2687
2019-06-07
pjp
2688
2019-06-07
pjp
if (len <= 0) {
2689
2017-08-10
pjp
if (errno == EWOULDBLOCK) {
2690
2019-06-07
pjp
continue;
2691
2017-08-10
pjp
}
2692
2019-06-07
pjp
TAILQ_REMOVE(&tcphead, tcpnp, tcpentries);
2693
2019-06-07
pjp
close(tcpnp->so);
2694
2019-06-07
pjp
free(tcpnp->address);
2695
2019-06-07
pjp
free(tcpnp);
2696
2019-06-17
pjp
if (conncnt > 0)
2697
2019-06-17
pjp
conncnt--;
2698
2017-08-10
pjp
continue;
2699
2017-08-10
pjp
} /* if len */
2700
2019-06-07
pjp
2701
2019-06-07
pjp
tcpnp->bytes_read += len;
2702
2019-12-26
pjp
tcpnp->bytes_expected -= len;
2703
2019-12-26
pjp
2704
2019-12-26
pjp
if (tcpnp->bytes_expected < 0)
2705
2019-12-26
pjp
tcpnp->bytes_expected = 0;
2706
2019-12-26
pjp
2707
2019-12-26
pjp
if (tcpnp->seen == 0 && tcpnp->bytes_read >= 2) {
2708
2020-01-14
pjp
uint16_t u16tmp;
2709
2020-01-14
pjp
2710
2020-01-14
pjp
u16tmp = unpack16(&tcpnp->buf[0]);
2711
2020-01-14
pjp
tcpnp->bytes_expected = ntohs(u16tmp);
2712
2019-12-26
pjp
tcpnp->bytes_limit = tcpnp->bytes_expected;
2713
2019-12-26
pjp
tcpnp->seen = 1;
2714
2020-01-01
pjp
}
2715
2019-12-26
pjp
2716
2020-01-01
pjp
/*
2717
2020-01-01
pjp
* disallow continuing if we only have the
2718
2020-01-01
pjp
* length and nothing else
2719
2020-01-01
pjp
*/
2720
2020-01-01
pjp
2721
2020-01-01
pjp
if (tcpnp->bytes_read <= 2)
2722
2020-01-01
pjp
continue;
2723
2020-01-01
pjp
2724
2019-12-26
pjp
if ((tcpnp->bytes_read - 2) != tcpnp->bytes_limit)
2725
2019-06-07
pjp
continue;
2726
2017-08-10
pjp
2727
2019-06-07
pjp
len = tcpnp->bytes_read - 2;
2728
2019-06-07
pjp
pbuf = &tcpnp->buf[2];
2729
2019-06-07
pjp
so = tcpnp->so;
2730
2017-08-10
pjp
2731
2016-07-06
pjp
if (len > DNS_MAXUDP || len < sizeof(struct dns_header)){
2732
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2733
2019-06-07
pjp
2734
2016-07-06
pjp
goto drop;
2735
2016-07-06
pjp
}
2736
2016-07-06
pjp
2737
2019-06-07
pjp
imsg_type = IMSG_PARSE_MESSAGE;
2738
2019-02-24
pjp
if (imsg_compose(pibuf, imsg_type,
2739
2017-11-28
pjp
0, 0, -1, pbuf, len) < 0) {
2740
2017-11-28
pjp
dolog(LOG_INFO, "imsg_compose %s\n", strerror(errno));
2741
2016-07-06
pjp
}
2742
2017-11-28
pjp
msgbuf_write(&pibuf->w);
2743
2016-07-06
pjp
2744
2017-11-28
pjp
FD_ZERO(&rset);
2745
2017-11-28
pjp
FD_SET(pibuf->fd, &rset);
2746
2016-07-06
pjp
2747
2017-11-28
pjp
tv.tv_sec = 10;
2748
2017-11-28
pjp
tv.tv_usec = 0;
2749
2016-07-06
pjp
2750
2017-11-28
pjp
sel = select(pibuf->fd + 1, &rset, NULL, NULL, &tv);
2751
2016-07-06
pjp
2752
2017-11-28
pjp
if (sel < 0) {
2753
2017-11-28
pjp
dolog(LOG_ERR, "tcploop internal error around select, dropping packet\n");
2754
2016-07-06
pjp
goto drop;
2755
2016-07-06
pjp
}
2756
2017-11-28
pjp
2757
2017-11-28
pjp
if (sel == 0) {
2758
2017-11-28
pjp
dolog(LOG_ERR, "tcploop internal error, timeout on parse imsg, drop\n");
2759
2016-07-06
pjp
goto drop;
2760
2016-07-06
pjp
}
2761
2017-11-28
pjp
2762
2017-11-28
pjp
if (((n = imsg_read(pibuf)) == -1 && errno != EAGAIN) || n == 0) {
2763
2017-11-28
pjp
dolog(LOG_ERR, "tcploop internal error, timeout on parse imsg, drop\n");
2764
2017-11-28
pjp
goto drop;
2765
2017-11-28
pjp
}
2766
2017-11-28
pjp
2767
2017-11-28
pjp
for (;;) {
2768
2017-11-28
pjp
2769
2017-11-28
pjp
if ((n = imsg_get(pibuf, &imsg)) == -1) {
2770
2017-11-28
pjp
break;
2771
2017-11-28
pjp
}
2772
2017-11-28
pjp
2773
2017-11-28
pjp
if (n == 0) {
2774
2017-11-28
pjp
break;
2775
2017-11-28
pjp
}
2776
2017-11-28
pjp
2777
2017-11-28
pjp
datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
2778
2017-11-28
pjp
2779
2017-11-28
pjp
switch (imsg.hdr.type) {
2780
2017-11-28
pjp
case IMSG_PARSEREPLY_MESSAGE:
2781
2021-01-11
pjp
if (datalen != sizeof(int)) {
2782
2021-01-11
pjp
dolog(LOG_ERR, "tcploop datalen != sizeof(int), can't work with this, drop\n");
2783
2017-11-28
pjp
imsg_free(&imsg);
2784
2017-11-28
pjp
goto drop;
2785
2017-11-28
pjp
}
2786
2017-11-28
pjp
2787
2021-01-11
pjp
memcpy((char *)&pq_offset, imsg.data, datalen);
2788
2021-01-11
pjp
pq0 = (struct pq_imsg *)&cfg->shptr_pq[0];
2789
2021-01-11
pjp
pq0 += pq_offset;
2790
2021-01-11
pjp
memcpy((char *)&pq, (char *)&pq0->pqi_pq, sizeof(struct parsequestion));
2791
2017-11-28
pjp
2792
2021-01-11
pjp
sm_lock(cfg->shptr_pq, cfg->shptr_pqsize);
2793
2021-01-11
pjp
pack32((char *)&pq0->u.s.read, 1);
2794
2021-01-11
pjp
sm_unlock(cfg->shptr_pq, cfg->shptr_pqsize);
2795
2021-01-11
pjp
2796
2017-11-28
pjp
if (pq.rc != PARSE_RETURN_ACK) {
2797
2017-11-28
pjp
switch (pq.rc) {
2798
2017-11-28
pjp
case PARSE_RETURN_MALFORMED:
2799
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" malformed question from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2800
2017-11-28
pjp
imsg_free(&imsg);
2801
2017-11-28
pjp
goto drop;
2802
2017-11-28
pjp
case PARSE_RETURN_NOQUESTION:
2803
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" header from %s has no question, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2804
2017-11-28
pjp
/* format error */
2805
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2806
2020-07-21
pjp
slen = reply_fmterror(&sreply, &sretlen, NULL);
2807
2019-06-07
pjp
dolog(LOG_INFO, "TCP question on descriptor %d interface \"%s\" from %s, did not have question of 1 replying format error\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2808
2017-11-28
pjp
imsg_free(&imsg);
2809
2017-11-28
pjp
goto drop;
2810
2017-11-28
pjp
case PARSE_RETURN_NOTAQUESTION:
2811
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" dns header from %s is not a question, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2812
2017-11-28
pjp
imsg_free(&imsg);
2813
2017-11-28
pjp
goto drop;
2814
2017-11-28
pjp
case PARSE_RETURN_NAK:
2815
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2816
2017-11-28
pjp
imsg_free(&imsg);
2817
2017-11-28
pjp
goto drop;
2818
2019-02-24
pjp
case PARSE_RETURN_NOTAUTH:
2819
2019-02-24
pjp
if (filter && pq.tsig.have_tsig == 0) {
2820
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2821
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
2822
2019-06-07
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s (ttl=TCP, region=%d) replying REFUSED, not a tsig\n", so, cfg->ident[tcpnp->intidx], tcpnp->address, aregion);
2823
2019-02-24
pjp
imsg_free(&imsg);
2824
2019-02-24
pjp
goto drop;
2825
2019-02-24
pjp
}
2826
2017-11-28
pjp
}
2827
2017-11-28
pjp
}
2828
2017-11-28
pjp
2829
2020-07-06
pjp
question = convert_question(&pq, 1);
2830
2017-11-28
pjp
if (question == NULL) {
2831
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" internal error from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2832
2017-11-28
pjp
imsg_free(&imsg);
2833
2017-11-28
pjp
goto drop;
2834
2017-11-28
pjp
}
2835
2017-11-28
pjp
2836
2017-11-28
pjp
2837
2017-11-28
pjp
break;
2838
2017-11-28
pjp
} /* switch */
2839
2017-11-28
pjp
2840
2017-11-28
pjp
imsg_free(&imsg);
2841
2017-11-28
pjp
} /* for (;;) */
2842
2017-11-28
pjp
2843
2016-07-06
pjp
/* goto drop beyond this point should goto out instead */
2844
2016-07-06
pjp
fakequestion = NULL;
2845
2019-10-25
pjp
/* handle tcp notifications , XXX not tested */
2846
2019-10-25
pjp
if (question->notify) {
2847
2019-10-25
pjp
if (question->tsig.have_tsig && notifysource(question, (struct sockaddr_storage *)from) &&
2848
2019-10-25
pjp
question->tsig.tsigverified == 1) {
2849
2019-10-25
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" authenticated dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2850
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
2851
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2852
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
2853
2019-11-04
pjp
/* send notify to replicant process */
2854
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
2855
2020-06-25
pjp
imsg_compose(ibuf, IMSG_NOTIFY_MESSAGE,
2856
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
2857
2020-06-25
pjp
msgbuf_write(&ibuf->w);
2858
2019-10-25
pjp
goto tcpout;
2859
2019-10-25
pjp
} else if (question->tsig.have_tsig && question->tsig.tsigerrorcode != 0) {
2860
2021-01-07
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" not authenticated dns NOTIFY packet (code = %d) from %s, replying notauth\n", so, cfg->ident[tcpnp->intidx], question->tsig.tsigerrorcode, tcpnp->address);
2861
2021-01-07
pjp
snprintf(replystring, DNS_MAXNAME, "NOTAUTH");
2862
2021-01-07
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2863
2021-01-07
pjp
slen = reply_notauth(&sreply, &sretlen, NULL);
2864
2021-01-07
pjp
goto tcpout;
2865
2019-10-25
pjp
}
2866
2016-07-06
pjp
2867
2019-10-25
pjp
if (notifysource(question, (struct sockaddr_storage *)from)) {
2868
2019-10-25
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2869
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
2870
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2871
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
2872
2019-11-04
pjp
/* send notify to replicant process */
2873
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
2874
2020-06-25
pjp
imsg_compose(ibuf, IMSG_NOTIFY_MESSAGE,
2875
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
2876
2020-06-25
pjp
msgbuf_write(&ibuf->w);
2877
2019-10-25
pjp
goto tcpout;
2878
2019-10-25
pjp
} else {
2879
2019-10-25
pjp
/* RFC 1996 - 3.10 is probably broken, replying REFUSED */
2880
2019-10-25
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" dns NOTIFY packet from %s, NOT in our list of MASTER servers replying REFUSED\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2881
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
2882
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2883
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
2884
2019-10-25
pjp
2885
2019-10-25
pjp
goto tcpout;
2886
2019-10-25
pjp
}
2887
2019-10-25
pjp
} /* if question->notify */
2888
2019-10-25
pjp
2889
2019-02-24
pjp
if (question->tsig.have_tsig && question->tsig.tsigerrorcode != 0) {
2890
2021-01-07
pjp
if (question->tsig.have_tsig &&
2891
2021-01-07
pjp
question->tsig.tsigerrorcode == DNS_BADTIME &&
2892
2021-01-07
pjp
tsigpassname &&
2893
2021-01-07
pjp
tsigpassname_contains(question->hdr->name, question->hdr->namelen, &passnamewc)) {
2894
2021-01-07
pjp
dolog(LOG_INFO, "passing on TCP name %s despite it not authenticating the TSIG\n", question->converted_name);
2895
2021-01-07
pjp
} else {
2896
2021-01-07
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" not authenticated dns packet (code = %d) from %s, replying notauth\n", so, cfg->ident[tcpnp->intidx], question->tsig.tsigerrorcode, tcpnp->address);
2897
2021-01-07
pjp
snprintf(replystring, DNS_MAXNAME, "NOTAUTH");
2898
2021-01-07
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2899
2021-01-07
pjp
slen = reply_notauth(&sreply, &sretlen, NULL);
2900
2021-01-07
pjp
goto tcpout;
2901
2021-01-07
pjp
}
2902
2019-02-24
pjp
}
2903
2019-02-24
pjp
/* hack around whether we're edns version 0 */
2904
2019-02-24
pjp
2905
2017-08-09
pjp
/*
2906
2017-08-09
pjp
* we check now for AXFR's in the query and deny if not found
2907
2017-08-09
pjp
* in our list of AXFR'ers
2908
2017-08-09
pjp
*/
2909
2017-08-09
pjp
2910
2017-08-09
pjp
switch (ntohs(question->hdr->qtype)) {
2911
2017-08-09
pjp
case DNS_TYPE_AXFR:
2912
2017-08-09
pjp
case DNS_TYPE_IXFR:
2913
2017-08-09
pjp
if (! axfr_acl) {
2914
2019-06-07
pjp
dolog(LOG_INFO, "AXFR connection from %s on interface \"%s\" was not in our axfr acl, drop\n", tcpnp->address, cfg->ident[tcpnp->intidx]);
2915
2017-08-09
pjp
2916
2017-08-09
pjp
snprintf(replystring, DNS_MAXNAME, "DROP");
2917
2019-10-25
pjp
slen = 0;
2918
2017-08-09
pjp
goto tcpout;
2919
2017-08-09
pjp
}
2920
2017-08-09
pjp
break;
2921
2017-08-09
pjp
default:
2922
2017-08-09
pjp
break;
2923
2017-08-09
pjp
}
2924
2017-08-09
pjp
2925
2019-02-18
pjp
if (ntohs(question->hdr->qclass) == DNS_CLASS_CH &&
2926
2019-02-18
pjp
ntohs(question->hdr->qtype) == DNS_TYPE_TXT &&
2927
2019-02-18
pjp
strcasecmp(question->converted_name, "version.bind.") == 0) {
2928
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "VERSION");
2929
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2930
2020-07-21
pjp
slen = reply_version(&sreply, &sretlen, NULL);
2931
2019-02-18
pjp
goto tcpout;
2932
2019-02-18
pjp
}
2933
2019-02-18
pjp
2934
2020-01-16
pjp
rbt0 = lookup_zone(cfg->db, question, &type0, &lzerrno, (char *)&replystring, sizeof(replystring));
2935
2016-07-06
pjp
if (type0 < 0) {
2936
2016-07-06
pjp
2937
2016-07-06
pjp
switch (lzerrno) {
2938
2016-07-06
pjp
default:
2939
2016-07-06
pjp
dolog(LOG_INFO, "invalid lzerrno! dropping\n");
2940
2016-07-06
pjp
/* FALLTHROUGH */
2941
2016-07-06
pjp
case ERR_DROP:
2942
2016-07-06
pjp
snprintf(replystring, DNS_MAXNAME, "DROP");
2943
2019-10-25
pjp
slen = 0;
2944
2016-07-06
pjp
goto tcpout;
2945
2016-07-06
pjp
2946
2016-07-06
pjp
case ERR_REFUSED:
2947
2016-07-06
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
2948
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, rbt0, NULL, aregion, istcp, 0, replybuf);
2949
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
2950
2016-07-06
pjp
goto tcpout;
2951
2016-07-06
pjp
break;
2952
2019-02-18
pjp
case ERR_NODATA:
2953
2020-07-03
pjp
if (rbt0) {
2954
2020-07-03
pjp
rbt0 = NULL;
2955
2020-07-03
pjp
}
2956
2019-02-18
pjp
2957
2020-07-03
pjp
rbt0 = get_soa(cfg->db, question);
2958
2020-07-03
pjp
if (rbt0 != NULL) {
2959
2020-07-03
pjp
snprintf(replystring, DNS_MAXNAME, "NODATA");
2960
2020-07-03
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, rbt0, NULL, aregion, istcp, 0, replybuf);
2961
2020-07-21
pjp
slen = reply_nodata(&sreply, &sretlen, cfg->db);
2962
2020-07-03
pjp
} else {
2963
2020-07-03
pjp
if (forward)
2964
2020-07-03
pjp
goto forwardtcp;
2965
2019-02-18
pjp
2966
2020-07-03
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
2967
2020-07-03
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, rbt0, NULL, aregion, istcp, 0, replybuf);
2968
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, cfg->db);
2969
2020-07-03
pjp
}
2970
2019-02-18
pjp
2971
2020-07-03
pjp
goto tcpout;
2972
2020-07-03
pjp
break;
2973
2020-07-03
pjp
2974
2019-02-18
pjp
case ERR_NXDOMAIN:
2975
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "NXDOMAIN");
2976
2019-02-18
pjp
2977
2019-02-18
pjp
/*
2978
2019-02-18
pjp
* lookup an authoritative soa
2979
2019-02-18
pjp
*/
2980
2019-02-18
pjp
if (rbt0 != NULL) {
2981
2019-02-18
pjp
2982
2019-02-18
pjp
build_reply( &sreply, so, pbuf, len, question,
2983
2019-02-18
pjp
from, fromlen, rbt0, NULL,
2984
2020-06-29
pjp
aregion, istcp, 0, replybuf);
2985
2019-02-18
pjp
2986
2020-07-21
pjp
slen = reply_nxdomain(&sreply, &sretlen, cfg->db);
2987
2019-02-18
pjp
}
2988
2019-02-18
pjp
goto tcpout;
2989
2020-06-30
pjp
2990
2020-06-30
pjp
case ERR_FORWARD:
2991
2020-07-03
pjp
forwardtcp:
2992
2020-07-01
pjp
if (forwardtsig) {
2993
2020-07-01
pjp
if (question->tsig.have_tsig &&
2994
2020-07-01
pjp
question->tsig.tsigverified) {
2995
2020-07-01
pjp
snprintf(replystring, DNS_MAXNAME, "FORWARD");
2996
2020-07-01
pjp
} else {
2997
2021-01-07
pjp
if (question->tsig.have_tsig &&
2998
2021-01-07
pjp
question->tsig.tsigerrorcode == DNS_BADTIME &&
2999
2021-01-07
pjp
tsigpassname &&
3000
2021-01-07
pjp
tsigpassname_contains(question->hdr->name, question->hdr->namelen, &passnamewc)) {
3001
2021-01-07
pjp
snprintf(replystring, DNS_MAXNAME,
3002
2021-01-07
pjp
"FORWARD");
3003
2021-01-07
pjp
3004
2021-01-07
pjp
dolog(LOG_INFO, "TCP passing %s despite being a TSIG unauthenticated query\n", question->converted_name);
3005
2021-01-07
pjp
} else {
3006
2021-01-07
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
3007
2021-01-07
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
3008
2021-01-07
pjp
slen = reply_refused(&sreply, &sretlen, cfg->db);
3009
2021-01-07
pjp
goto tcpout;
3010
2021-01-07
pjp
}
3011
2020-07-01
pjp
}
3012
2020-07-01
pjp
} else
3013
2020-07-01
pjp
snprintf(replystring, DNS_MAXNAME, "FORWARD");
3014
2020-07-01
pjp
3015
2020-06-30
pjp
/* send query to forward process/cortex */
3016
2020-07-03
pjp
if (len > 4000) {
3017
2020-07-03
pjp
dolog(LOG_INFO, "question is larger than 4000 bytes, not forwarding\n");
3018
2020-07-03
pjp
goto tcpout;
3019
2020-07-03
pjp
}
3020
2020-06-30
pjp
3021
2020-07-03
pjp
switch (from->sa_family) {
3022
2020-07-03
pjp
case AF_INET:
3023
2020-07-03
pjp
memcpy(&sforward->from4, from, fromlen);
3024
2020-07-03
pjp
sforward->rport = sin->sin_port;
3025
2020-07-03
pjp
sforward->family = AF_INET;
3026
2020-07-03
pjp
break;
3027
2020-07-03
pjp
case AF_INET6:
3028
2020-07-03
pjp
memcpy(&sforward->from6, from, fromlen);
3029
2020-07-03
pjp
sforward->rport = sin6->sin6_port;
3030
2020-07-03
pjp
sforward->family = AF_INET6;
3031
2020-07-03
pjp
break;
3032
2020-07-03
pjp
}
3033
2020-07-03
pjp
3034
2020-07-16
pjp
memcpy(&sforward->buf, question->hdr->original_name, question->hdr->namelen);
3035
2020-07-03
pjp
sforward->buflen = question->hdr->namelen;
3036
2020-07-03
pjp
3037
2020-07-03
pjp
memcpy((char *)&sforward->header, pbuf, sizeof(struct dns_header));
3038
2020-07-03
pjp
sforward->type = question->hdr->qtype;
3039
2020-07-03
pjp
sforward->class = question->hdr->qclass;
3040
2020-07-03
pjp
3041
2020-07-03
pjp
sforward->edns0len = question->edns0len;
3042
2020-07-04
pjp
sforward->dnssecok = question->dnssecok;
3043
2020-07-03
pjp
3044
2020-07-03
pjp
if (question->tsig.have_tsig && question->tsig.tsigverified) {
3045
2020-07-03
pjp
sforward->havemac = 1;
3046
2020-07-03
pjp
memcpy((char *)&sforward->tsigname, question->tsig.tsigkey, question->tsig.tsigkeylen);
3047
2020-07-03
pjp
sforward->tsignamelen = question->tsig.tsigkeylen;
3048
2020-07-03
pjp
memcpy(&sforward->mac, question->tsig.tsigmac, sizeof(sforward->mac));
3049
2020-07-03
pjp
sforward->tsigtimefudge = question->tsig.tsig_timefudge;
3050
2020-07-03
pjp
} else
3051
2020-07-03
pjp
sforward->havemac = 0;
3052
2020-07-03
pjp
3053
2020-07-10
pjp
sforward->gotit = time(NULL);
3054
2020-07-12
pjp
memcpy(&sf.sfi_sf, sforward, sizeof(struct sforward));
3055
2020-07-10
pjp
3056
2020-07-10
pjp
/* wait for lock */
3057
2021-01-11
pjp
sm_lock(cfg->shptr, cfg->shptrsize);
3058
2020-07-10
pjp
3059
2020-07-12
pjp
for (sfi = (struct sf_imsg *)&cfg->shptr[0], ix = 0;
3060
2020-07-10
pjp
ix < SHAREDMEMSIZE; ix++, sfi++) {
3061
2020-07-12
pjp
if (unpack32((char *)&sfi->u.s.read) == 1) {
3062
2020-07-10
pjp
memcpy(sfi, &sf, sizeof(struct sf_imsg));
3063
2020-07-12
pjp
pack32((char *)&sfi->u.s.read, 0);
3064
2020-07-10
pjp
break;
3065
2020-07-10
pjp
}
3066
2020-07-10
pjp
}
3067
2020-07-10
pjp
3068
2020-07-10
pjp
if (ix == SHAREDMEMSIZE) {
3069
2020-07-10
pjp
dolog(LOG_INFO, "delphinusdnsd udp: can't find an open slot in sharedmemsize\n");
3070
2020-07-10
pjp
goto tcpout;
3071
2020-07-10
pjp
}
3072
2020-07-10
pjp
3073
2021-01-11
pjp
sm_unlock(cfg->shptr, cfg->shptrsize);
3074
2020-07-10
pjp
3075
2020-07-03
pjp
imsg_compose(ibuf, IMSG_FORWARD_TCP,
3076
2020-07-10
pjp
0, 0, so, &ix, sizeof(int));
3077
2020-06-30
pjp
msgbuf_write(&ibuf->w);
3078
2020-07-03
pjp
slen = 0;
3079
2020-07-03
pjp
3080
2020-07-03
pjp
if (lflag)
3081
2020-07-25
pjp
dolog(LOG_INFO, "request on descriptor %u interface \"%s\" from %s (ttl=TCP, region=%d, tta=NA) for \"%s\" type=%s class=%u, %s%s%s answering \"%s\" (%d/%d)\n", so, cfg->ident[tcpnp->intidx], tcpnp->address, aregion, question->converted_name, get_dns_type(ntohs(question->hdr->qtype), 1), ntohs(question->hdr->qclass), (question->edns0len) ? "edns0, " : "", (question->dnssecok) ? "dnssecok, " : "", (question->tsig.tsigverified ? "tsig, " : ""), replystring, len, slen);
3082
2020-07-03
pjp
3083
2020-07-03
pjp
if (fakequestion != NULL) {
3084
2020-07-03
pjp
free_question(fakequestion);
3085
2020-07-03
pjp
}
3086
2020-07-03
pjp
3087
2020-07-03
pjp
free_question(question);
3088
2020-07-03
pjp
3089
2020-07-03
pjp
if (rbt0) {
3090
2020-07-03
pjp
rbt0 = NULL;
3091
2020-07-03
pjp
}
3092
2020-07-03
pjp
if (rbt1) {
3093
2020-07-03
pjp
rbt1 = NULL;