Blame
Date:
Thu Nov 19 09:25:28 2020 UTC
Message:
update README before 1.5.0 release
0001
2016-07-06
pjp
/*
0002
2020-06-25
pjp
* Copyright (c) 2002-2020 Peter J. Philipp
0003
2016-07-06
pjp
* All rights reserved.
0004
2016-07-06
pjp
*
0005
2016-07-06
pjp
* Redistribution and use in source and binary forms, with or without
0006
2016-07-06
pjp
* modification, are permitted provided that the following conditions
0007
2016-07-06
pjp
* are met:
0008
2016-07-06
pjp
* 1. Redistributions of source code must retain the above copyright
0009
2016-07-06
pjp
* notice, this list of conditions and the following disclaimer.
0010
2016-07-06
pjp
* 2. Redistributions in binary form must reproduce the above copyright
0011
2016-07-06
pjp
* notice, this list of conditions and the following disclaimer in the
0012
2016-07-06
pjp
* documentation and/or other materials provided with the distribution.
0013
2016-07-06
pjp
* 3. The name of the author may not be used to endorse or promote products
0014
2016-07-06
pjp
* derived from this software without specific prior written permission
0015
2016-07-06
pjp
*
0016
2016-07-06
pjp
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
0017
2016-07-06
pjp
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
0018
2016-07-06
pjp
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
0019
2016-07-06
pjp
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
0020
2016-07-06
pjp
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
0021
2016-07-06
pjp
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
0022
2016-07-06
pjp
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
0023
2016-07-06
pjp
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
0024
2016-07-06
pjp
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
0025
2016-07-06
pjp
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
0026
2016-07-06
pjp
*
0027
2016-07-06
pjp
*/
0028
2017-10-26
pjp
0029
2017-10-26
pjp
/*
0030
2020-09-30
pjp
* $Id: delphinusdnsd.c,v 1.142 2020/09/30 10:07:31 pjp Exp $
0031
2017-10-26
pjp
*/
0032
2017-10-26
pjp
0033
2019-06-06
pjp
0034
2019-06-06
pjp
#include <sys/types.h>
0035
2019-06-06
pjp
#include <sys/socket.h>
0036
2019-06-06
pjp
#include <sys/time.h>
0037
2019-06-06
pjp
#include <sys/stat.h>
0038
2019-06-06
pjp
#include <sys/uio.h>
0039
2019-06-06
pjp
#include <sys/mman.h>
0040
2019-06-06
pjp
#include <sys/wait.h>
0041
2019-06-06
pjp
#include <sys/un.h>
0042
2019-06-06
pjp
0043
2019-06-06
pjp
#include <net/if.h>
0044
2019-06-06
pjp
0045
2019-06-06
pjp
#include <netinet/in.h>
0046
2019-06-06
pjp
#include <arpa/inet.h>
0047
2019-06-06
pjp
#include <netdb.h>
0048
2019-06-06
pjp
0049
2019-06-06
pjp
#include <stdio.h>
0050
2019-06-06
pjp
#include <stdlib.h>
0051
2019-06-06
pjp
#include <stdint.h>
0052
2019-06-06
pjp
#include <stdarg.h>
0053
2019-06-06
pjp
#include <string.h>
0054
2019-06-06
pjp
#include <unistd.h>
0055
2019-06-06
pjp
#include <fcntl.h>
0056
2019-06-06
pjp
#include <errno.h>
0057
2019-06-06
pjp
#include <syslog.h>
0058
2019-06-06
pjp
#include <ctype.h>
0059
2019-06-06
pjp
#include <pwd.h>
0060
2019-06-06
pjp
#include <ifaddrs.h>
0061
2019-06-06
pjp
#include <dirent.h>
0062
2019-06-06
pjp
#include <signal.h>
0063
2019-06-06
pjp
#include <time.h>
0064
2019-06-06
pjp
0065
2019-06-06
pjp
#ifdef __linux__
0066
2020-07-13
pjp
#include <linux/bpf.h>
0067
2020-07-13
pjp
#include <linux/filter.h>
0068
2019-06-06
pjp
#include <grp.h>
0069
2019-06-06
pjp
#define __USE_BSD 1
0070
2019-06-06
pjp
#include <endian.h>
0071
2019-06-06
pjp
#include <bsd/stdlib.h>
0072
2019-06-06
pjp
#include <bsd/string.h>
0073
2019-06-06
pjp
#include <bsd/unistd.h>
0074
2019-06-06
pjp
#include <bsd/sys/queue.h>
0075
2019-06-06
pjp
#define __unused
0076
2019-06-06
pjp
#include <bsd/sys/tree.h>
0077
2019-06-06
pjp
#include <bsd/sys/endian.h>
0078
2019-06-06
pjp
#include "imsg.h"
0079
2019-06-06
pjp
#else /* not linux */
0080
2019-06-06
pjp
#include <sys/queue.h>
0081
2019-06-06
pjp
#include <sys/tree.h>
0082
2019-06-06
pjp
#ifdef __FreeBSD__
0083
2019-06-06
pjp
#include "imsg.h"
0084
2019-06-06
pjp
#else
0085
2019-06-06
pjp
#include <imsg.h>
0086
2019-06-06
pjp
#endif /* __FreeBSD__ */
0087
2019-06-06
pjp
#endif /* __linux__ */
0088
2019-06-06
pjp
0089
2019-06-06
pjp
#ifndef NTOHS
0090
2019-06-06
pjp
#include "endian.h"
0091
2019-06-06
pjp
#endif
0092
2019-06-06
pjp
0093
2016-07-06
pjp
#include "ddd-dns.h"
0094
2016-07-06
pjp
#include "ddd-db.h"
0095
2016-07-06
pjp
#include "ddd-config.h"
0096
2016-07-06
pjp
0097
2016-07-06
pjp
/* prototypes */
0098
2016-07-06
pjp
0099
2020-07-08
pjp
extern char *convert_name(char *, int);
0100
2019-12-03
pjp
extern void pack(char *, char *, int);
0101
2019-12-03
pjp
extern void pack32(char *, u_int32_t);
0102
2019-12-03
pjp
extern void pack16(char *, u_int16_t);
0103
2019-12-03
pjp
extern void pack8(char *, u_int8_t);
0104
2019-12-03
pjp
extern uint32_t unpack32(char *);
0105
2019-12-03
pjp
extern uint16_t unpack16(char *);
0106
2019-12-03
pjp
extern void unpack(char *, char *, int);
0107
2019-12-03
pjp
0108
2016-07-06
pjp
extern void add_rrlimit(int, u_int16_t *, int, char *);
0109
2017-08-09
pjp
extern void axfrloop(int *, int, char **, ddDB *, struct imsgbuf *);
0110
2020-07-03
pjp
extern void forwardloop(ddDB *, struct cfg *, struct imsgbuf *, struct imsgbuf *);
0111
2020-06-25
pjp
extern void replicantloop(ddDB *, struct imsgbuf *);
0112
2019-02-26
pjp
extern struct question *build_fake_question(char *, int, u_int16_t, char *, int);
0113
2017-01-09
pjp
extern int check_ent(char *, int);
0114
2016-07-06
pjp
extern int check_rrlimit(int, u_int16_t *, int, char *);
0115
2016-07-06
pjp
extern void collects_init(void);
0116
2016-07-06
pjp
extern void dolog(int, char *, ...);
0117
2017-08-09
pjp
extern int find_axfr(struct sockaddr_storage *, int);
0118
2016-07-06
pjp
extern int find_filter(struct sockaddr_storage *, int);
0119
2016-07-06
pjp
extern u_int8_t find_region(struct sockaddr_storage *, int);
0120
2020-07-16
pjp
extern int find_passlist(struct sockaddr_storage *, int);
0121
2019-02-24
pjp
extern int find_tsig(struct sockaddr_storage *, int);
0122
2016-08-30
pjp
extern char * get_dns_type(int, int);
0123
2016-07-06
pjp
extern void init_dnssec(void);
0124
2016-07-06
pjp
extern void init_region(void);
0125
2017-06-26
pjp
extern int init_entlist(ddDB *);
0126
2016-07-06
pjp
extern void init_filter(void);
0127
2020-07-16
pjp
extern void init_passlist(void);
0128
2019-02-24
pjp
extern void init_tsig(void);
0129
2020-06-25
pjp
extern void init_notifyddd(void);
0130
2020-01-16
pjp
extern struct rbtree * lookup_zone(ddDB *, struct question *, int *, int *, char *, int);
0131
2019-10-31
pjp
extern struct rbtree * Lookup_zone(ddDB *, char *, u_int16_t, u_int16_t, int);
0132
2017-01-11
pjp
extern int memcasecmp(u_char *, u_char *, int);
0133
2020-07-21
pjp
extern int reply_a(struct sreply *, int *, ddDB *);
0134
2020-07-21
pjp
extern int reply_aaaa(struct sreply *, int *, ddDB *);
0135
2020-07-21
pjp
extern int reply_any(struct sreply *, int *, ddDB *);
0136
2020-07-21
pjp
extern int reply_badvers(struct sreply *, int *, ddDB *);
0137
2020-07-21
pjp
extern int reply_nodata(struct sreply *, int *, ddDB *);
0138
2020-07-21
pjp
extern int reply_cname(struct sreply *, int *, ddDB *);
0139
2020-07-21
pjp
extern int reply_fmterror(struct sreply *, int *, ddDB *);
0140
2020-07-21
pjp
extern int reply_notauth(struct sreply *, int *, ddDB *);
0141
2020-07-21
pjp
extern int reply_notimpl(struct sreply *, int *, ddDB *);
0142
2020-07-21
pjp
extern int reply_nxdomain(struct sreply *, int *, ddDB *);
0143
2020-07-21
pjp
extern int reply_noerror(struct sreply *, int *, ddDB *);
0144
2020-07-21
pjp
extern int reply_notify(struct sreply *, int *, ddDB *);
0145
2020-07-21
pjp
extern int reply_soa(struct sreply *, int *, ddDB *);
0146
2020-07-21
pjp
extern int reply_mx(struct sreply *, int *, ddDB *);
0147
2020-07-21
pjp
extern int reply_naptr(struct sreply *, int *, ddDB *);
0148
2020-07-21
pjp
extern int reply_ns(struct sreply *, int *, ddDB *);
0149
2020-07-21
pjp
extern int reply_ptr(struct sreply *, int *, ddDB *);
0150
2020-07-21
pjp
extern int reply_refused(struct sreply *, int *, ddDB *);
0151
2020-07-21
pjp
extern int reply_srv(struct sreply *, int *, ddDB *);
0152
2020-07-21
pjp
extern int reply_sshfp(struct sreply *, int *, ddDB *);
0153
2020-07-21
pjp
extern int reply_tlsa(struct sreply *, int *, ddDB *);
0154
2020-07-21
pjp
extern int reply_txt(struct sreply *, int *, ddDB *);
0155
2020-07-21
pjp
extern int reply_version(struct sreply *, int *, ddDB *);
0156
2020-07-21
pjp
extern int reply_rrsig(struct sreply *, int *, ddDB *);
0157
2020-07-21
pjp
extern int reply_dnskey(struct sreply *, int *, ddDB *);
0158
2020-07-23
pjp
extern int reply_caa(struct sreply *, int *, ddDB *);
0159
2020-07-23
pjp
extern int reply_rp(struct sreply *, int *, ddDB *);
0160
2020-07-23
pjp
extern int reply_hinfo(struct sreply *, int *, ddDB *);
0161
2020-07-21
pjp
extern int reply_ds(struct sreply *, int *, ddDB *);
0162
2020-07-21
pjp
extern int reply_nsec(struct sreply *, int *, ddDB *);
0163
2020-07-21
pjp
extern int reply_nsec3(struct sreply *, int *, ddDB *);
0164
2020-07-21
pjp
extern int reply_nsec3param(struct sreply *, int *, ddDB *);
0165
2016-07-06
pjp
extern char *rrlimit_setup(int);
0166
2016-07-06
pjp
extern char *dns_label(char *, int *);
0167
2020-06-25
pjp
extern void ddd_shutdown(void);
0168
2017-06-26
pjp
extern int get_record_size(ddDB *, char *, int);
0169
2019-02-26
pjp
extern struct question *build_question(char *, int, int, char *);
0170
2019-02-07
pjp
extern int free_question(struct question *);
0171
2019-02-15
pjp
extern struct rbtree * find_rrset(ddDB *db, char *name, int len);
0172
2019-02-15
pjp
extern struct rrset * find_rr(struct rbtree *rbt, u_int16_t rrtype);
0173
2019-10-25
pjp
extern int add_rr(struct rbtree *, char *, int, u_int16_t, void *);
0174
2019-10-25
pjp
extern int display_rr(struct rrset *rrset);
0175
2019-10-25
pjp
extern int notifysource(struct question *, struct sockaddr_storage *);
0176
2019-11-06
pjp
extern int drop_privs(char *, struct passwd *);
0177
2019-11-11
pjp
extern struct rbtree * get_soa(ddDB *, struct question *);
0178
2019-11-11
pjp
extern struct rbtree * get_ns(ddDB *, struct rbtree *, int *);
0179
2020-08-26
pjp
extern void populate_zone(ddDB *db);
0180
2016-07-06
pjp
0181
2019-02-15
pjp
0182
2020-07-06
pjp
struct question *convert_question(struct parsequestion *, int);
0183
2020-06-29
pjp
void build_reply(struct sreply *, int, char *, int, struct question *, struct sockaddr *, socklen_t, struct rbtree *, struct rbtree *, u_int8_t, int, int, char *);
0184
2016-07-06
pjp
int compress_label(u_char *, u_int16_t, int);
0185
2019-11-11
pjp
int determine_glue(ddDB *db);
0186
2020-06-25
pjp
void mainloop(struct cfg *, struct imsgbuf *);
0187
2016-07-06
pjp
void master_reload(int);
0188
2016-07-06
pjp
void master_shutdown(int);
0189
2020-06-25
pjp
void setup_master(ddDB *, char **, char *, struct imsgbuf *);
0190
2020-06-25
pjp
void setup_cortex(struct imsgbuf *);
0191
2019-01-29
pjp
void setup_unixsocket(char *, struct imsgbuf *);
0192
2020-06-25
pjp
void ddd_signal(int);
0193
2020-07-03
pjp
void tcploop(struct cfg *, struct imsgbuf *, struct imsgbuf *);
0194
2020-06-25
pjp
void parseloop(struct cfg *, struct imsgbuf *);
0195
2020-06-25
pjp
struct imsgbuf * register_cortex(struct imsgbuf *, int);
0196
2020-06-25
pjp
void nomore_neurons(struct imsgbuf *);
0197
2020-07-13
pjp
int bind_this_res(struct addrinfo *, int);
0198
2020-07-13
pjp
int bind_this_pifap(struct ifaddrs *, int, int);
0199
2016-07-06
pjp
0200
2016-07-06
pjp
/* aliases */
0201
2016-07-06
pjp
0202
2016-07-06
pjp
0203
2016-07-06
pjp
#define MYDB_PATH "/var/db/delphinusdns"
0204
2016-07-06
pjp
0205
2019-01-25
pjp
/* structs */
0206
2019-01-25
pjp
0207
2020-07-06
pjp
/* reply_logic is mirrored with forward.c */
0208
2020-07-06
pjp
static struct reply_logic rlogic[] = {
0209
2019-01-25
pjp
{ DNS_TYPE_A, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0210
2019-01-25
pjp
{ DNS_TYPE_A, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0211
2019-01-25
pjp
{ DNS_TYPE_A, DNS_TYPE_A, BUILD_OTHER, reply_a },
0212
2019-01-25
pjp
{ DNS_TYPE_AAAA, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0213
2019-01-25
pjp
{ DNS_TYPE_AAAA, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0214
2019-01-25
pjp
{ DNS_TYPE_AAAA, DNS_TYPE_AAAA, BUILD_OTHER, reply_aaaa },
0215
2019-01-25
pjp
{ DNS_TYPE_DNSKEY, DNS_TYPE_DNSKEY, BUILD_OTHER, reply_dnskey },
0216
2019-01-25
pjp
{ DNS_TYPE_SOA, DNS_TYPE_SOA, BUILD_OTHER, reply_soa },
0217
2019-01-25
pjp
{ DNS_TYPE_SOA, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0218
2019-01-25
pjp
{ DNS_TYPE_MX, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0219
2019-01-25
pjp
{ DNS_TYPE_MX, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0220
2019-01-25
pjp
{ DNS_TYPE_MX, DNS_TYPE_MX, BUILD_OTHER, reply_mx },
0221
2019-01-25
pjp
{ DNS_TYPE_TXT, DNS_TYPE_TXT, BUILD_OTHER, reply_txt },
0222
2019-01-25
pjp
{ DNS_TYPE_NS, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0223
2019-01-25
pjp
{ DNS_TYPE_ANY, DNS_TYPE_ANY, BUILD_OTHER, reply_any },
0224
2019-01-25
pjp
{ DNS_TYPE_DS, DNS_TYPE_DS, BUILD_OTHER, reply_ds },
0225
2019-01-25
pjp
{ DNS_TYPE_SSHFP, DNS_TYPE_SSHFP, BUILD_OTHER, reply_sshfp },
0226
2019-01-25
pjp
{ DNS_TYPE_TLSA, DNS_TYPE_TLSA, BUILD_OTHER, reply_tlsa },
0227
2019-01-25
pjp
{ DNS_TYPE_SRV, DNS_TYPE_SRV, BUILD_OTHER, reply_srv },
0228
2019-01-25
pjp
{ DNS_TYPE_CNAME, DNS_TYPE_CNAME, BUILD_OTHER, reply_cname },
0229
2019-01-25
pjp
{ DNS_TYPE_CNAME, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0230
2019-01-25
pjp
{ DNS_TYPE_NSEC3PARAM, DNS_TYPE_NSEC3PARAM, BUILD_OTHER, reply_nsec3param },
0231
2019-01-25
pjp
{ DNS_TYPE_PTR, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0232
2019-01-25
pjp
{ DNS_TYPE_PTR, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0233
2019-01-25
pjp
{ DNS_TYPE_PTR, DNS_TYPE_PTR, BUILD_OTHER, reply_ptr },
0234
2019-01-25
pjp
{ DNS_TYPE_NAPTR, DNS_TYPE_NAPTR, BUILD_OTHER, reply_naptr },
0235
2019-01-25
pjp
{ DNS_TYPE_NSEC3, DNS_TYPE_NSEC3, BUILD_OTHER, reply_nsec3 },
0236
2019-01-25
pjp
{ DNS_TYPE_NSEC, DNS_TYPE_NSEC, BUILD_OTHER, reply_nsec },
0237
2019-01-25
pjp
{ DNS_TYPE_RRSIG, DNS_TYPE_RRSIG, BUILD_OTHER, reply_rrsig },
0238
2020-07-23
pjp
{ DNS_TYPE_CAA, DNS_TYPE_CAA, BUILD_OTHER, reply_caa },
0239
2020-07-23
pjp
{ DNS_TYPE_RP, DNS_TYPE_RP, BUILD_OTHER, reply_rp },
0240
2020-07-23
pjp
{ DNS_TYPE_HINFO, DNS_TYPE_HINFO, BUILD_OTHER, reply_hinfo },
0241
2019-01-25
pjp
{ 0, 0, 0, NULL }
0242
2019-01-25
pjp
};
0243
2020-07-06
pjp
0244
2019-01-25
pjp
0245
2020-07-06
pjp
0246
2019-06-07
pjp
TAILQ_HEAD(, tcpentry) tcphead;
0247
2019-06-07
pjp
0248
2019-06-07
pjp
struct tcpentry {
0249
2019-06-07
pjp
int intidx;
0250
2019-12-26
pjp
uint bytes_read;
0251
2019-06-07
pjp
int bytes_expected;
0252
2019-12-26
pjp
uint bytes_limit;
0253
2019-12-26
pjp
int seen; /* seen heading bytes */
0254
2019-06-07
pjp
int so;
0255
2019-06-07
pjp
time_t last_used;
0256
2020-01-14
pjp
char buf[0xffff + 3];
0257
2019-06-07
pjp
char *address;
0258
2019-06-07
pjp
TAILQ_ENTRY(tcpentry) tcpentries;
0259
2019-06-07
pjp
} *tcpn1, *tcpn2, *tcpnp;
0260
2019-06-07
pjp
0261
2016-07-06
pjp
/* global variables */
0262
2016-07-06
pjp
0263
2016-07-06
pjp
extern char *__progname;
0264
2016-07-06
pjp
extern int axfrport;
0265
2016-07-06
pjp
extern int ratelimit;
0266
2016-07-06
pjp
extern int ratelimit_packets_per_second;
0267
2020-07-16
pjp
extern int passlist;
0268
2019-02-24
pjp
extern int tsig;
0269
2017-01-09
pjp
extern int dnssec;
0270
2019-11-01
pjp
extern int raxfrflag;
0271
2020-09-30
pjp
extern u_int max_udp_payload;
0272
2016-07-06
pjp
0273
2016-07-06
pjp
static int reload = 0;
0274
2016-07-06
pjp
static int mshutdown = 0;
0275
2016-07-06
pjp
static int msig;
0276
2016-07-06
pjp
static char *rptr;
0277
2016-07-06
pjp
static int ratelimit_backlog;
0278
2016-07-06
pjp
0279
2016-07-06
pjp
int debug = 0;
0280
2016-07-06
pjp
int verbose = 0;
0281
2016-07-06
pjp
int bflag = 0;
0282
2016-07-06
pjp
int iflag = 0;
0283
2016-07-06
pjp
int lflag = 0;
0284
2016-07-06
pjp
int nflag = 0;
0285
2016-07-06
pjp
int bcount = 0;
0286
2016-07-06
pjp
int icount = 0;
0287
2020-06-30
pjp
int forward = 0;
0288
2020-07-01
pjp
int forwardtsig = 0;
0289
2020-07-17
pjp
int strictx20i = 1;
0290
2020-07-03
pjp
int zonecount = 0;
0291
2020-07-06
pjp
int cache = 0;
0292
2016-07-06
pjp
u_int16_t port = 53;
0293
2016-07-06
pjp
u_int32_t cachesize = 0;
0294
2016-07-06
pjp
char *bind_list[255];
0295
2016-07-06
pjp
char *interface_list[255];
0296
2017-01-03
pjp
#ifndef DD_VERSION
0297
2019-12-06
pjp
char *versionstring = "delphinusdnsd-1.4";
0298
2017-12-27
pjp
uint8_t vslen = 17;
0299
2017-01-03
pjp
#else
0300
2017-01-03
pjp
char *versionstring = DD_VERSION;
0301
2017-01-03
pjp
uint8_t vslen = DD_VERSION_LEN;
0302
2017-01-03
pjp
#endif
0303
2020-06-25
pjp
pid_t *ptr = 0;
0304
2020-03-10
pjp
long glob_time_offset = 0;
0305
2016-07-06
pjp
0306
2016-07-06
pjp
/*
0307
2016-07-06
pjp
* MAIN - set up arguments, set up database, set up sockets, call mainloop
0308
2016-07-06
pjp
*
0309
2016-07-06
pjp
*/
0310
2016-07-06
pjp
0311
2016-07-06
pjp
int
0312
2017-10-04
pjp
main(int argc, char *argv[], char *environ[])
0313
2016-07-06
pjp
{
0314
2016-07-06
pjp
static int udp[DEFAULT_SOCKET];
0315
2016-07-06
pjp
static int tcp[DEFAULT_SOCKET];
0316
2016-07-06
pjp
static int afd[DEFAULT_SOCKET];
0317
2016-07-06
pjp
static int uafd[DEFAULT_SOCKET];
0318
2017-06-26
pjp
int n;
0319
2016-07-06
pjp
0320
2016-07-06
pjp
int ch, i, j;
0321
2016-07-06
pjp
int gai_error;
0322
2017-06-26
pjp
int salen;
0323
2016-07-06
pjp
int found = 0;
0324
2016-07-06
pjp
int on = 1;
0325
2016-07-06
pjp
0326
2016-07-06
pjp
pid_t pid;
0327
2016-07-06
pjp
0328
2016-07-06
pjp
static char *ident[DEFAULT_SOCKET];
0329
2016-07-06
pjp
char *conffile = CONFFILE;
0330
2016-07-06
pjp
char buf[512];
0331
2016-07-06
pjp
char **av = NULL;
0332
2019-01-29
pjp
char *socketpath = SOCKPATH;
0333
2016-07-06
pjp
0334
2016-07-06
pjp
struct passwd *pw;
0335
2016-07-06
pjp
struct addrinfo hints, *res0, *res;
0336
2016-07-06
pjp
struct ifaddrs *ifap, *pifap;
0337
2016-07-06
pjp
struct sockaddr_in *sin;
0338
2016-07-06
pjp
struct sockaddr_in6 *sin6;
0339
2016-07-06
pjp
struct cfg *cfg;
0340
2020-06-25
pjp
struct imsgbuf cortex_ibuf;
0341
2020-06-25
pjp
struct imsgbuf *ibuf;
0342
2020-07-10
pjp
struct rr_imsg *ri = NULL;
0343
2020-07-10
pjp
struct sf_imsg *sf = NULL;
0344
2020-07-14
pjp
struct pkt_imsg *pi = NULL;
0345
2016-07-06
pjp
0346
2017-06-26
pjp
static ddDB *db;
0347
2020-03-10
pjp
0348
2020-03-10
pjp
time_t now;
0349
2020-03-10
pjp
struct tm *ltm;
0350
2017-06-27
pjp
0351
2020-07-10
pjp
char *shptr;
0352
2020-07-10
pjp
int shsize;
0353
2020-07-10
pjp
0354
2017-06-27
pjp
0355
2016-07-06
pjp
if (geteuid() != 0) {
0356
2019-09-12
pjp
fprintf(stderr, "must be started as root\n");
0357
2016-07-06
pjp
exit(1);
0358
2016-07-06
pjp
}
0359
2016-07-06
pjp
0360
2020-03-10
pjp
now = time(NULL);
0361
2020-03-10
pjp
ltm = localtime(&now);
0362
2020-03-10
pjp
glob_time_offset = ltm->tm_gmtoff;
0363
2020-03-10
pjp
0364
2016-07-06
pjp
av = argv;
0365
2019-12-19
pjp
0366
2017-10-04
pjp
#if __linux__
0367
2017-10-04
pjp
setproctitle_init(argc, av, environ);
0368
2017-10-04
pjp
#endif
0369
2017-10-04
pjp
0370
2017-10-04
pjp
0371
2019-01-29
pjp
while ((ch = getopt(argc, argv, "b:df:i:ln:p:s:v")) != -1) {
0372
2016-07-06
pjp
switch (ch) {
0373
2016-07-06
pjp
case 'b':
0374
2016-07-06
pjp
bflag = 1;
0375
2016-07-06
pjp
if (bcount > 253) {
0376
2016-07-06
pjp
fprintf(stderr, "too many -b flags\n");
0377
2016-07-06
pjp
exit(1);
0378
2016-07-06
pjp
}
0379
2016-07-06
pjp
bind_list[bcount++] = optarg;
0380
2016-07-06
pjp
break;
0381
2016-07-06
pjp
case 'd':
0382
2016-07-06
pjp
debug = 1;
0383
2016-07-06
pjp
break;
0384
2016-07-06
pjp
case 'f':
0385
2016-07-06
pjp
conffile = optarg;
0386
2016-07-06
pjp
break;
0387
2016-07-06
pjp
case 'i':
0388
2016-07-06
pjp
iflag = 1;
0389
2016-07-06
pjp
if (icount > 254) {
0390
2016-07-06
pjp
fprintf(stderr, "too many -i flags\n");
0391
2016-07-06
pjp
exit(1);
0392
2016-07-06
pjp
}
0393
2016-07-06
pjp
interface_list[icount++] = optarg;
0394
2016-07-06
pjp
break;
0395
2016-07-06
pjp
case 'l':
0396
2016-07-06
pjp
lflag = 1;
0397
2016-07-06
pjp
break;
0398
2016-07-06
pjp
case 'n':
0399
2016-07-06
pjp
nflag = atoi(optarg);
0400
2016-07-06
pjp
break;
0401
2016-07-06
pjp
case 'p':
0402
2016-07-06
pjp
port = atoi(optarg) & 0xffff;
0403
2016-07-06
pjp
break;
0404
2019-01-29
pjp
case 's':
0405
2019-01-29
pjp
socketpath = optarg;
0406
2019-01-29
pjp
break;
0407
2016-07-06
pjp
case 'v':
0408
2016-07-06
pjp
verbose++;
0409
2016-07-06
pjp
break;
0410
2016-07-06
pjp
default:
0411
2016-07-06
pjp
fprintf(stderr, "usage: delphinusdnsd [-i interface] [-b bindaddress] [-f configfile] [-p portnumber] [-drv]\n");
0412
2016-07-06
pjp
exit (1);
0413
2016-07-06
pjp
}
0414
2016-07-06
pjp
}
0415
2016-07-06
pjp
0416
2016-07-06
pjp
if (bflag && iflag) {
0417
2016-07-06
pjp
fprintf(stderr, "you may specify -i or -b but not both\n");
0418
2016-07-06
pjp
exit(1);
0419
2016-07-06
pjp
}
0420
2016-07-06
pjp
0421
2016-07-06
pjp
/*
0422
2016-07-06
pjp
* calling daemon before a sleuth of configurations ala rwhod.c
0423
2016-07-06
pjp
*/
0424
2016-07-06
pjp
0425
2016-07-06
pjp
if (! debug)
0426
2016-07-06
pjp
daemon(0,0);
0427
2018-07-11
pjp
else {
0428
2019-11-02
pjp
int status;
0429
2018-07-11
pjp
/*
0430
2019-11-02
pjp
* clean up any zombies left behind, this is only in debug mode
0431
2019-11-02
pjp
*/
0432
2019-11-02
pjp
0433
2019-11-02
pjp
while (waitpid(-1, &status, WNOHANG) > 0);
0434
2019-11-02
pjp
0435
2019-11-02
pjp
/*
0436
2018-07-11
pjp
* even if in debug mode we want to have our own parent group
0437
2018-07-11
pjp
* for reasons in that regress needs it when killing debug
0438
2018-07-11
pjp
* mode delphinusdnsd
0439
2018-07-11
pjp
*/
0440
2016-07-06
pjp
0441
2018-07-12
pjp
#if __linux__
0442
2018-07-12
pjp
if (setpgrp() < 0) {
0443
2018-07-12
pjp
#else
0444
2018-07-11
pjp
if (setpgrp(0, 0) < 0) {
0445
2018-07-12
pjp
#endif
0446
2018-07-11
pjp
perror("setpgrp");
0447
2018-07-11
pjp
exit(1);
0448
2018-07-11
pjp
}
0449
2018-07-11
pjp
}
0450
2018-07-11
pjp
0451
2018-07-11
pjp
0452
2016-07-06
pjp
openlog(__progname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
0453
2016-07-06
pjp
dolog(LOG_INFO, "starting up\n");
0454
2016-07-06
pjp
0455
2016-07-06
pjp
/* cfg struct */
0456
2016-07-06
pjp
cfg = calloc(1, sizeof(struct cfg));
0457
2016-07-06
pjp
if (cfg == NULL) {
0458
2016-07-06
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
0459
2016-07-06
pjp
exit(1);
0460
2016-07-06
pjp
}
0461
2017-08-09
pjp
0462
2016-07-06
pjp
/*
0463
2016-07-06
pjp
* make a shared memory segment for signaling kills between
0464
2016-07-06
pjp
* processes...
0465
2016-07-06
pjp
*/
0466
2016-07-06
pjp
0467
2016-07-06
pjp
0468
2020-06-25
pjp
ptr = mmap(NULL, sizeof(pid_t), PROT_READ | PROT_WRITE, MAP_SHARED |\
0469
2016-07-06
pjp
MAP_ANON, -1, 0);
0470
2016-07-06
pjp
0471
2016-07-06
pjp
if (ptr == MAP_FAILED) {
0472
2016-07-06
pjp
dolog(LOG_ERR, "failed to setup mmap segment, exit\n");
0473
2016-07-06
pjp
exit(1);
0474
2016-07-06
pjp
}
0475
2016-07-06
pjp
0476
2016-07-06
pjp
*ptr = 0;
0477
2016-07-06
pjp
0478
2017-06-26
pjp
/* open internal database */
0479
2016-07-06
pjp
0480
2017-06-26
pjp
db = dddbopen();
0481
2017-06-26
pjp
if (db == NULL) {
0482
2017-06-26
pjp
dolog(LOG_INFO, "dddbopen() failed\n");
0483
2020-06-25
pjp
ddd_shutdown();
0484
2016-07-06
pjp
exit(1);
0485
2016-07-06
pjp
}
0486
2016-07-06
pjp
0487
2020-06-25
pjp
0488
2020-06-25
pjp
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, &cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[0]) < 0) {
0489
2017-08-09
pjp
dolog(LOG_INFO, "socketpair() failed\n");
0490
2020-06-25
pjp
ddd_shutdown();
0491
2017-08-09
pjp
exit(1);
0492
2017-08-09
pjp
}
0493
2017-08-09
pjp
0494
2017-06-26
pjp
pid = fork();
0495
2017-06-26
pjp
switch (pid) {
0496
2017-06-26
pjp
case -1:
0497
2017-06-26
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
0498
2016-07-06
pjp
exit(1);
0499
2017-06-26
pjp
case 0:
0500
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[0]);
0501
2020-06-25
pjp
imsg_init(&cortex_ibuf, cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[1]);
0502
2020-06-25
pjp
setup_cortex(&cortex_ibuf);
0503
2020-06-25
pjp
/* NOTREACHED */
0504
2020-06-25
pjp
exit(1);
0505
2020-06-25
pjp
0506
2019-11-03
pjp
break;
0507
2019-11-03
pjp
default:
0508
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[1]);
0509
2020-06-25
pjp
imsg_init(&cortex_ibuf, cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[0]);
0510
2020-06-25
pjp
}
0511
2019-01-29
pjp
0512
2020-06-25
pjp
pid = fork();
0513
2020-06-25
pjp
switch (pid) {
0514
2020-06-25
pjp
case -1:
0515
2020-06-25
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
0516
2020-06-25
pjp
exit(1);
0517
2020-06-25
pjp
case 0:
0518
2020-06-25
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_MASTER);
0519
2020-06-25
pjp
if (ibuf != NULL) {
0520
2020-06-25
pjp
setup_master(db, av, socketpath, ibuf);
0521
2020-06-25
pjp
}
0522
2019-11-03
pjp
/* NOTREACHED */
0523
2020-06-25
pjp
ddd_shutdown();
0524
2016-07-06
pjp
exit(1);
0525
2020-06-25
pjp
break;
0526
2020-06-25
pjp
default:
0527
2020-06-25
pjp
break;
0528
2019-11-03
pjp
}
0529
2019-11-03
pjp
0530
2019-11-03
pjp
if (! debug) {
0531
2019-11-03
pjp
switch (pid = fork()) {
0532
2019-11-03
pjp
case -1:
0533
2019-11-03
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
0534
2019-11-03
pjp
exit(1);
0535
2019-11-03
pjp
case 0:
0536
2019-11-09
pjp
/*
0537
2019-11-09
pjp
* add signals here too
0538
2019-11-09
pjp
*/
0539
2019-11-09
pjp
0540
2019-11-09
pjp
signal(SIGPIPE, SIG_IGN);
0541
2019-11-09
pjp
0542
2020-06-25
pjp
signal(SIGTERM, ddd_signal);
0543
2020-06-25
pjp
signal(SIGINT, ddd_signal);
0544
2020-06-25
pjp
signal(SIGQUIT, ddd_signal);
0545
2019-11-09
pjp
0546
2020-06-25
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_UNIXCONTROL);
0547
2020-06-25
pjp
if (ibuf != NULL) {
0548
2020-06-25
pjp
setup_unixsocket(socketpath, ibuf);
0549
2020-06-25
pjp
}
0550
2020-06-25
pjp
ddd_shutdown();
0551
2019-11-03
pjp
exit(1);
0552
2019-11-03
pjp
default:
0553
2019-11-03
pjp
break;
0554
2019-11-03
pjp
}
0555
2019-01-29
pjp
}
0556
2019-01-29
pjp
0557
2019-01-29
pjp
0558
2016-07-06
pjp
/* end of setup_master code */
0559
2016-07-06
pjp
0560
2016-07-06
pjp
init_region();
0561
2016-07-06
pjp
init_filter();
0562
2020-07-16
pjp
init_passlist();
0563
2016-07-06
pjp
init_dnssec();
0564
2019-02-24
pjp
init_tsig();
0565
2019-06-07
pjp
TAILQ_INIT(&tcphead);
0566
2016-07-06
pjp
0567
2019-11-14
pjp
if (parse_file(db, conffile, 0) < 0) {
0568
2016-07-06
pjp
dolog(LOG_INFO, "parsing config file failed\n");
0569
2020-06-25
pjp
ddd_shutdown();
0570
2016-07-06
pjp
exit(1);
0571
2016-07-06
pjp
}
0572
2016-07-06
pjp
0573
2020-07-03
pjp
if (zonecount && determine_glue(db) < 0) {
0574
2019-11-11
pjp
dolog(LOG_INFO, "determine_glue() failed\n");
0575
2020-06-25
pjp
ddd_shutdown();
0576
2019-11-11
pjp
exit(1);
0577
2019-11-11
pjp
}
0578
2019-11-11
pjp
0579
2020-07-03
pjp
if (zonecount && init_entlist(db) < 0) {
0580
2017-01-09
pjp
dolog(LOG_INFO, "creating entlist failed\n");
0581
2020-06-25
pjp
ddd_shutdown();
0582
2017-01-09
pjp
exit(1);
0583
2017-01-09
pjp
}
0584
2017-01-09
pjp
0585
2016-07-06
pjp
/* ratelimiting setup */
0586
2016-07-06
pjp
if (ratelimit) {
0587
2016-07-06
pjp
ratelimit_backlog = ratelimit_packets_per_second * 2;
0588
2016-07-06
pjp
rptr = rrlimit_setup(ratelimit_backlog);
0589
2016-07-06
pjp
if (rptr == NULL) {
0590
2016-07-06
pjp
dolog(LOG_INFO, "ratelimiting error\n");
0591
2020-06-25
pjp
ddd_shutdown();
0592
2016-07-06
pjp
exit(1);
0593
2016-07-06
pjp
}
0594
2016-07-06
pjp
}
0595
2016-07-06
pjp
0596
2016-07-06
pjp
pw = getpwnam(DEFAULT_PRIVILEGE);
0597
2016-07-06
pjp
if (pw == NULL) {
0598
2016-07-06
pjp
dolog(LOG_INFO, "getpwnam: %s\n", strerror(errno));
0599
2020-06-25
pjp
ddd_shutdown();
0600
2016-07-06
pjp
exit(1);
0601
2016-07-06
pjp
}
0602
2016-07-06
pjp
0603
2016-07-06
pjp
if (bcount > DEFAULT_SOCKET) {
0604
2016-07-06
pjp
dolog(LOG_INFO, "not enough sockets available\n");
0605
2020-06-25
pjp
ddd_shutdown();
0606
2016-07-06
pjp
exit(1);
0607
2016-07-06
pjp
}
0608
2016-07-06
pjp
0609
2016-07-06
pjp
if (bflag) {
0610
2016-07-06
pjp
for (i = 0; i < bcount; i++) {
0611
2016-07-06
pjp
memset(&hints, 0, sizeof(hints));
0612
2016-07-06
pjp
0613
2016-07-06
pjp
if (strchr(bind_list[i], ':') != NULL) {
0614
2016-07-06
pjp
hints.ai_family = AF_INET6;
0615
2016-07-06
pjp
} else {
0616
2016-07-06
pjp
hints.ai_family = AF_INET;
0617
2016-07-06
pjp
}
0618
2016-07-06
pjp
0619
2016-07-06
pjp
hints.ai_socktype = SOCK_DGRAM;
0620
2016-07-06
pjp
hints.ai_protocol = IPPROTO_UDP;
0621
2016-07-06
pjp
hints.ai_flags = AI_NUMERICHOST;
0622
2016-07-06
pjp
0623
2016-07-06
pjp
snprintf(buf, sizeof(buf) - 1, "%u", port);
0624
2016-07-06
pjp
0625
2016-07-06
pjp
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0626
2016-07-06
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0627
2020-06-25
pjp
ddd_shutdown();
0628
2016-07-06
pjp
exit (1);
0629
2016-07-06
pjp
}
0630
2016-07-06
pjp
0631
2016-07-06
pjp
res = res0;
0632
2016-07-06
pjp
0633
2020-07-13
pjp
udp[i] = bind_this_res(res, 0);
0634
2020-07-21
pjp
memcpy((void *)&cfg->ss[i], (void *)res->ai_addr, res->ai_addrlen);
0635
2016-07-06
pjp
0636
2016-07-06
pjp
if (res->ai_family == AF_INET) {
0637
2020-06-30
pjp
on = 1;
0638
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IP, IP_RECVTTL,
0639
2016-07-06
pjp
&on, sizeof(on)) < 0) {
0640
2020-06-30
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0641
2016-07-06
pjp
}
0642
2016-07-06
pjp
} else if (res->ai_family == AF_INET6) {
0643
2016-07-06
pjp
/* RFC 3542 page 30 */
0644
2016-07-06
pjp
on = 1;
0645
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IPV6,
0646
2016-07-06
pjp
IPV6_RECVHOPLIMIT, &on, sizeof(on)) < 0) {
0647
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0648
2016-07-06
pjp
}
0649
2016-07-06
pjp
}
0650
2016-07-06
pjp
0651
2016-07-06
pjp
ident[i] = bind_list[i];
0652
2016-07-06
pjp
0653
2016-07-06
pjp
/* tcp below */
0654
2016-07-06
pjp
hints.ai_socktype = SOCK_STREAM;
0655
2016-07-06
pjp
hints.ai_protocol = IPPROTO_TCP;
0656
2016-07-06
pjp
hints.ai_flags = AI_NUMERICHOST;
0657
2016-07-06
pjp
0658
2016-07-06
pjp
snprintf(buf, sizeof(buf) - 1, "%u", port);
0659
2016-07-06
pjp
0660
2016-07-06
pjp
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0661
2016-07-06
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0662
2020-06-25
pjp
ddd_shutdown();
0663
2016-07-06
pjp
exit (1);
0664
2016-07-06
pjp
}
0665
2016-07-06
pjp
0666
2016-07-06
pjp
res = res0;
0667
2016-07-06
pjp
0668
2016-07-06
pjp
if ((tcp[i] = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) {
0669
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0670
2020-06-25
pjp
ddd_shutdown();
0671
2016-07-06
pjp
exit(1);
0672
2016-07-06
pjp
}
0673
2016-07-06
pjp
if (setsockopt(tcp[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0674
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0675
2020-06-25
pjp
ddd_shutdown();
0676
2016-07-06
pjp
exit(1);
0677
2016-07-06
pjp
}
0678
2016-07-06
pjp
if (bind(tcp[i], res->ai_addr, res->ai_addrlen) < 0) {
0679
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0680
2020-06-25
pjp
ddd_shutdown();
0681
2016-07-06
pjp
exit(1);
0682
2016-07-06
pjp
}
0683
2016-07-06
pjp
0684
2017-08-10
pjp
if (axfrport && axfrport != port) {
0685
2020-08-26
pjp
populate_zone(db);
0686
2016-07-06
pjp
/* axfr port below */
0687
2016-07-06
pjp
hints.ai_socktype = SOCK_STREAM;
0688
2016-07-06
pjp
hints.ai_protocol = IPPROTO_TCP;
0689
2016-07-06
pjp
hints.ai_flags = AI_NUMERICHOST;
0690
2016-07-06
pjp
0691
2016-07-06
pjp
snprintf(buf, sizeof(buf) - 1, "%u", axfrport);
0692
2016-07-06
pjp
0693
2016-07-06
pjp
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0694
2016-07-06
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0695
2020-06-25
pjp
ddd_shutdown();
0696
2016-07-06
pjp
exit (1);
0697
2016-07-06
pjp
}
0698
2016-07-06
pjp
0699
2016-07-06
pjp
res = res0;
0700
2016-07-06
pjp
0701
2016-07-06
pjp
if ((afd[i] = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) {
0702
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0703
2020-06-25
pjp
ddd_shutdown();
0704
2016-07-06
pjp
exit(1);
0705
2016-07-06
pjp
}
0706
2016-07-06
pjp
if (setsockopt(afd[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0707
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0708
2020-06-25
pjp
ddd_shutdown();
0709
2016-07-06
pjp
exit(1);
0710
2016-07-06
pjp
}
0711
2016-07-06
pjp
if (bind(afd[i], res->ai_addr, res->ai_addrlen) < 0) {
0712
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0713
2020-06-25
pjp
ddd_shutdown();
0714
2016-07-06
pjp
exit(1);
0715
2016-07-06
pjp
}
0716
2016-07-06
pjp
0717
2016-07-06
pjp
if ((uafd[i] = socket(res->ai_family, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
0718
2016-07-06
pjp
dolog(LOG_INFO, "axfr udp socket: %s\n", strerror(errno));
0719
2020-06-25
pjp
ddd_shutdown();
0720
2016-07-06
pjp
exit(1);
0721
2016-07-06
pjp
}
0722
2016-07-06
pjp
if (bind(uafd[i], res->ai_addr, res->ai_addrlen) < 0) {
0723
2016-07-06
pjp
dolog(LOG_INFO, "axfr udp socket bind: %s\n", strerror(errno));
0724
2020-06-25
pjp
ddd_shutdown();
0725
2016-07-06
pjp
exit(1);
0726
2016-07-06
pjp
}
0727
2017-12-14
pjp
} else if (axfrport && axfrport == port) {
0728
2020-08-26
pjp
populate_zone(db);
0729
2017-12-14
pjp
afd[i] = -1;
0730
2017-12-14
pjp
}
0731
2016-07-06
pjp
0732
2016-07-06
pjp
} /* for .. bcount */
0733
2016-07-06
pjp
0734
2016-07-06
pjp
} else {
0735
2016-07-06
pjp
if (getifaddrs(&ifap) < 0) {
0736
2016-07-06
pjp
dolog(LOG_INFO, "getifaddrs\n");
0737
2020-06-25
pjp
ddd_shutdown();
0738
2016-07-06
pjp
exit(1);
0739
2016-07-06
pjp
}
0740
2016-07-06
pjp
0741
2016-07-06
pjp
for (pifap = ifap, i = 0; i < DEFAULT_SOCKET && pifap; pifap = pifap->ifa_next, i++) {
0742
2016-07-06
pjp
0743
2016-07-06
pjp
found = 0;
0744
2016-07-06
pjp
0745
2016-07-06
pjp
/* we want only one interface not the rest */
0746
2016-07-06
pjp
if (icount > 0) {
0747
2016-07-06
pjp
for (j = 0; j < icount; j++) {
0748
2016-07-06
pjp
if (strcmp(pifap->ifa_name, interface_list[j]) == 0) {
0749
2016-07-06
pjp
found = 1;
0750
2016-07-06
pjp
}
0751
2016-07-06
pjp
}
0752
2016-07-06
pjp
0753
2016-07-06
pjp
if (! found) {
0754
2016-07-06
pjp
i--;
0755
2016-07-06
pjp
continue;
0756
2016-07-06
pjp
}
0757
2016-07-06
pjp
0758
2016-07-06
pjp
}
0759
2016-07-06
pjp
if ((pifap->ifa_flags & IFF_UP) != IFF_UP) {
0760
2016-07-06
pjp
dolog(LOG_INFO, "skipping interface %s\n", pifap->ifa_name);
0761
2016-07-06
pjp
i--;
0762
2016-07-06
pjp
continue;
0763
2016-07-06
pjp
}
0764
2016-07-06
pjp
0765
2016-07-06
pjp
if (pifap->ifa_addr->sa_family == AF_INET) {
0766
2016-07-06
pjp
sin = (struct sockaddr_in *)pifap->ifa_addr;
0767
2016-07-06
pjp
sin->sin_port = htons(port);
0768
2016-07-06
pjp
salen = sizeof(struct sockaddr_in);
0769
2016-07-06
pjp
/* no address bound to this interface */
0770
2016-07-06
pjp
if (sin->sin_addr.s_addr == INADDR_ANY) {
0771
2016-07-06
pjp
i--;
0772
2016-07-06
pjp
continue;
0773
2016-07-06
pjp
}
0774
2016-07-06
pjp
} else if (pifap->ifa_addr->sa_family == AF_INET6) {
0775
2016-07-06
pjp
sin6 = (struct sockaddr_in6 *)pifap->ifa_addr;
0776
2016-07-06
pjp
sin6->sin6_port = htons(port);
0777
2016-07-06
pjp
/* no address bound to this interface */
0778
2016-07-06
pjp
salen = sizeof(struct sockaddr_in6);
0779
2016-07-06
pjp
0780
2016-07-06
pjp
} else {
0781
2016-07-06
pjp
dolog(LOG_DEBUG, "unknown address family %d\n", pifap->ifa_addr->sa_family);
0782
2016-07-06
pjp
i--;
0783
2016-07-06
pjp
continue;
0784
2016-07-06
pjp
}
0785
2016-07-06
pjp
0786
2020-07-13
pjp
udp[i] = bind_this_pifap(pifap, 0, salen);
0787
2020-07-21
pjp
memcpy((void *)&cfg->ss[i], (void *)pifap->ifa_addr, salen);
0788
2016-07-06
pjp
0789
2016-07-06
pjp
if (pifap->ifa_addr->sa_family == AF_INET) {
0790
2020-06-30
pjp
on = 1;
0791
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IP, IP_RECVTTL,
0792
2016-07-06
pjp
&on, sizeof(on)) < 0) {
0793
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0794
2016-07-06
pjp
}
0795
2016-07-06
pjp
} else if (pifap->ifa_addr->sa_family == AF_INET6) {
0796
2016-07-06
pjp
/* RFC 3542 page 30 */
0797
2016-07-06
pjp
on = 1;
0798
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IPV6,
0799
2016-07-06
pjp
IPV6_RECVHOPLIMIT, &on, sizeof(on)) < 0) {
0800
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0801
2016-07-06
pjp
}
0802
2016-07-06
pjp
}
0803
2016-07-06
pjp
0804
2016-07-06
pjp
0805
2016-07-06
pjp
ident[i] = pifap->ifa_name;
0806
2016-07-06
pjp
0807
2016-07-06
pjp
if ((tcp[i] = socket(pifap->ifa_addr->sa_family, SOCK_STREAM, IPPROTO_TCP)) < 0) {
0808
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0809
2020-06-25
pjp
ddd_shutdown();
0810
2016-07-06
pjp
exit(1);
0811
2016-07-06
pjp
}
0812
2016-07-06
pjp
if (setsockopt(tcp[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0813
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0814
2020-06-25
pjp
ddd_shutdown();
0815
2016-07-06
pjp
exit(1);
0816
2016-07-06
pjp
}
0817
2016-07-06
pjp
0818
2016-07-06
pjp
if (bind(tcp[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0819
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0820
2020-06-25
pjp
ddd_shutdown();
0821
2016-07-06
pjp
exit(1);
0822
2016-07-06
pjp
}
0823
2016-07-06
pjp
0824
2016-07-06
pjp
0825
2016-07-06
pjp
/* axfr socket */
0826
2017-08-10
pjp
if (axfrport && axfrport != port) {
0827
2020-08-26
pjp
populate_zone(db);
0828
2016-07-06
pjp
if ((afd[i] = socket(pifap->ifa_addr->sa_family, SOCK_STREAM, IPPROTO_TCP)) < 0) {
0829
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0830
2020-06-25
pjp
ddd_shutdown();
0831
2016-07-06
pjp
exit(1);
0832
2016-07-06
pjp
}
0833
2016-07-06
pjp
if (setsockopt(afd[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0834
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0835
2020-06-25
pjp
ddd_shutdown();
0836
2016-07-06
pjp
exit(1);
0837
2016-07-06
pjp
}
0838
2016-07-06
pjp
0839
2016-07-06
pjp
((struct sockaddr_in *)pifap->ifa_addr)->sin_port = htons(axfrport);
0840
2016-07-06
pjp
0841
2016-07-06
pjp
if (bind(afd[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0842
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0843
2020-06-25
pjp
ddd_shutdown();
0844
2016-07-06
pjp
exit(1);
0845
2016-07-06
pjp
}
0846
2016-07-06
pjp
if ((uafd[i] = socket(pifap->ifa_addr->sa_family, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
0847
2016-07-06
pjp
dolog(LOG_INFO, "axfr udp socket: %s\n", strerror(errno));
0848
2020-06-25
pjp
ddd_shutdown();
0849
2016-07-06
pjp
exit(1);
0850
2016-07-06
pjp
}
0851
2016-07-06
pjp
if (bind(uafd[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0852
2016-07-06
pjp
dolog(LOG_INFO, "udp axfr bind: %s\n", strerror(errno));
0853
2020-06-25
pjp
ddd_shutdown();
0854
2016-07-06
pjp
exit(1);
0855
2016-07-06
pjp
}
0856
2017-12-14
pjp
} else if (axfrport && axfrport == port) {
0857
2020-08-26
pjp
populate_zone(db);
0858
2017-12-14
pjp
afd[i] = -1;
0859
2017-12-14
pjp
}
0860
2016-07-06
pjp
0861
2016-07-06
pjp
} /* AF_INET */
0862
2016-07-06
pjp
0863
2016-07-06
pjp
if (i >= DEFAULT_SOCKET) {
0864
2016-07-06
pjp
dolog(LOG_INFO, "not enough sockets available\n");
0865
2020-06-25
pjp
ddd_shutdown();
0866
2016-07-06
pjp
exit(1);
0867
2016-07-06
pjp
}
0868
2016-07-06
pjp
} /* if bflag? */
0869
2016-07-06
pjp
0870
2020-07-21
pjp
if ((cfg->raw[0] = socket(AF_INET, SOCK_RAW, IPPROTO_UDP)) < 0) {
0871
2020-07-21
pjp
dolog(LOG_INFO, "raw0 socket: %s\n", strerror(errno));
0872
2020-07-21
pjp
ddd_shutdown();
0873
2020-07-21
pjp
exit(1);
0874
2020-07-21
pjp
}
0875
2020-07-21
pjp
shutdown(cfg->raw[0], SHUT_RD);
0876
2020-07-21
pjp
if ((cfg->raw[1] = socket(AF_INET6, SOCK_RAW, IPPROTO_UDP)) < 0) {
0877
2020-07-21
pjp
dolog(LOG_INFO, "raw1 socket: %s\n", strerror(errno));
0878
2020-07-21
pjp
ddd_shutdown();
0879
2020-07-21
pjp
exit(1);
0880
2020-07-21
pjp
}
0881
2020-07-21
pjp
on = 1;
0882
2020-07-21
pjp
shutdown(cfg->raw[1], SHUT_RD);
0883
2020-07-21
pjp
cfg->port = port;
0884
2020-07-13
pjp
0885
2019-11-01
pjp
#if __OpenBSD__
0886
2019-11-01
pjp
if (unveil(DELPHINUS_RZONE_PATH, "rwc") < 0) {
0887
2019-11-01
pjp
perror("unveil");
0888
2020-06-25
pjp
ddd_shutdown();
0889
2019-11-01
pjp
exit(1);
0890
2019-11-01
pjp
}
0891
2019-11-01
pjp
if (unveil(pw->pw_dir, "wc") < 0) {
0892
2019-11-01
pjp
perror("unveil");
0893
2020-06-25
pjp
ddd_shutdown();
0894
2019-11-01
pjp
exit(1);
0895
2019-11-01
pjp
}
0896
2019-11-01
pjp
0897
2019-11-01
pjp
#endif
0898
2019-11-01
pjp
0899
2019-11-01
pjp
/*
0900
2019-11-01
pjp
* add signals
0901
2019-11-01
pjp
*/
0902
2019-11-01
pjp
0903
2019-11-01
pjp
signal(SIGPIPE, SIG_IGN);
0904
2019-11-01
pjp
0905
2020-06-25
pjp
signal(SIGTERM, ddd_signal);
0906
2020-06-25
pjp
signal(SIGINT, ddd_signal);
0907
2020-06-25
pjp
signal(SIGQUIT, ddd_signal);
0908
2019-11-01
pjp
0909
2020-07-10
pjp
/*
0910
2020-07-10
pjp
* start our axfr process
0911
2020-07-10
pjp
*/
0912
2020-07-10
pjp
0913
2020-07-10
pjp
if (axfrport) {
0914
2019-11-01
pjp
switch (pid = fork()) {
0915
2019-11-01
pjp
case -1:
0916
2019-11-01
pjp
dolog(LOG_ERR, "fork() failed: %s\n", strerror(errno));
0917
2020-06-25
pjp
ddd_shutdown();
0918
2019-11-01
pjp
exit(1);
0919
2019-11-01
pjp
case 0:
0920
2020-07-10
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_AXFR);
0921
2020-06-25
pjp
if (ibuf == NULL) {
0922
2020-06-25
pjp
ddd_shutdown();
0923
2020-06-25
pjp
exit(1);
0924
2020-06-25
pjp
}
0925
2020-06-25
pjp
0926
2019-11-01
pjp
/* chroot to the drop priv user home directory */
0927
2019-12-11
pjp
#ifdef DEFAULT_LOCATION
0928
2019-12-11
pjp
if (drop_privs(DEFAULT_LOCATION, pw) < 0) {
0929
2019-12-11
pjp
#else
0930
2019-11-01
pjp
if (drop_privs(pw->pw_dir, pw) < 0) {
0931
2019-12-11
pjp
#endif
0932
2020-07-10
pjp
dolog(LOG_INFO, "axfr dropping privileges\n", strerror(errno));
0933
2020-06-25
pjp
ddd_shutdown();
0934
2016-07-06
pjp
exit(1);
0935
2016-07-06
pjp
}
0936
2019-11-01
pjp
#if __OpenBSD__
0937
2020-07-10
pjp
if (pledge("stdio inet proc id sendfd recvfd unveil", NULL) < 0) {
0938
2019-11-01
pjp
perror("pledge");
0939
2019-11-01
pjp
exit(1);
0940
2019-11-01
pjp
}
0941
2019-11-01
pjp
#endif
0942
2019-11-01
pjp
0943
2019-11-01
pjp
/* close descriptors that we don't need */
0944
2019-11-01
pjp
for (j = 0; j < i; j++) {
0945
2019-11-01
pjp
close(tcp[j]);
0946
2019-11-01
pjp
close(udp[j]);
0947
2020-07-10
pjp
if (axfrport && axfrport != port)
0948
2020-06-30
pjp
close(uafd[j]);
0949
2020-07-10
pjp
0950
2019-11-01
pjp
}
0951
2020-07-21
pjp
close(cfg->raw[0]);
0952
2020-07-21
pjp
close(cfg->raw[1]);
0953
2019-11-01
pjp
0954
2020-07-10
pjp
setproctitle("AXFR engine on port %d", axfrport);
0955
2020-07-10
pjp
axfrloop(afd, (axfrport == port) ? 0 : i, ident, db, ibuf);
0956
2019-11-01
pjp
/* NOTREACHED */
0957
2019-11-01
pjp
exit(1);
0958
2019-11-01
pjp
default:
0959
2020-07-10
pjp
/* close afd descriptors, they aren't needed here */
0960
2020-07-10
pjp
for (j = 0; j < i; j++) {
0961
2020-07-10
pjp
if (axfrport && axfrport != port)
0962
2020-07-10
pjp
close(afd[j]);
0963
2020-07-10
pjp
}
0964
2016-07-06
pjp
break;
0965
2016-07-06
pjp
}
0966
2019-11-01
pjp
0967
2020-07-10
pjp
} /* axfrport */
0968
2020-07-10
pjp
0969
2020-07-10
pjp
/* raxfr */
0970
2020-07-10
pjp
if (raxfrflag) {
0971
2019-11-01
pjp
switch (pid = fork()) {
0972
2019-11-01
pjp
case -1:
0973
2019-11-01
pjp
dolog(LOG_ERR, "fork() failed: %s\n", strerror(errno));
0974
2020-06-25
pjp
ddd_shutdown();
0975
2019-11-01
pjp
exit(1);
0976
2019-11-01
pjp
case 0:
0977
2020-07-10
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_RAXFR);
0978
2020-06-25
pjp
if (ibuf == NULL) {
0979
2020-06-25
pjp
ddd_shutdown();
0980
2020-06-25
pjp
exit(1);
0981
2020-06-25
pjp
}
0982
2020-06-25
pjp
0983
2019-11-01
pjp
/* chroot to the drop priv user home directory */
0984
2020-07-10
pjp
if (drop_privs(DELPHINUS_RZONE_PATH, pw) < 0) {
0985
2020-07-10
pjp
dolog(LOG_INFO, "raxfr dropping privileges failed", strerror(errno));
0986
2020-06-25
pjp
ddd_shutdown();
0987
2016-07-06
pjp
exit(1);
0988
2016-07-06
pjp
}
0989
2020-07-10
pjp
0990
2019-11-01
pjp
#if __OpenBSD__
0991
2020-07-10
pjp
if (unveil("/replicant", "rwc") < 0) {
0992
2020-07-10
pjp
perror("unveil");
0993
2020-07-10
pjp
ddd_shutdown();
0994
2020-07-10
pjp
exit(1);
0995
2020-07-10
pjp
}
0996
2020-07-10
pjp
0997
2020-07-10
pjp
if (pledge("stdio inet proc id sendfd recvfd unveil cpath wpath rpath", NULL) < 0) {
0998
2019-11-01
pjp
perror("pledge");
0999
2020-07-10
pjp
ddd_shutdown();
1000
2016-07-06
pjp
exit(1);
1001
2016-07-06
pjp
}
1002
2019-11-01
pjp
#endif
1003
2019-11-01
pjp
1004
2019-11-01
pjp
/* close descriptors that we don't need */
1005
2019-11-01
pjp
for (j = 0; j < i; j++) {
1006
2019-11-01
pjp
close(tcp[j]);
1007
2019-11-01
pjp
close(udp[j]);
1008
2019-11-01
pjp
}
1009
2020-07-21
pjp
close(cfg->raw[0]);
1010
2020-07-21
pjp
close(cfg->raw[1]);
1011
2019-11-01
pjp
1012
2020-07-10
pjp
setproctitle("Replicant engine");
1013
2020-07-10
pjp
1014
2020-07-10
pjp
replicantloop(db, ibuf);
1015
2020-07-10
pjp
1016
2019-11-01
pjp
/* NOTREACHED */
1017
2019-11-01
pjp
exit(1);
1018
2020-07-10
pjp
1019
2019-11-01
pjp
default:
1020
2019-11-01
pjp
break;
1021
2019-11-01
pjp
}
1022
2020-07-10
pjp
1023
2020-07-10
pjp
} /* raxfrflag */
1024
2020-07-10
pjp
/* start our forwarding process */
1025
2020-06-30
pjp
1026
2020-07-10
pjp
if (forward) {
1027
2020-07-14
pjp
/* initialize the only global shared memory segment */
1028
2020-07-14
pjp
1029
2020-07-10
pjp
shsize = 16 + (SHAREDMEMSIZE * sizeof(struct sf_imsg));
1030
2020-07-10
pjp
1031
2020-07-10
pjp
shptr = mmap(NULL, shsize, PROT_READ | PROT_WRITE, MAP_SHARED |\
1032
2020-07-10
pjp
MAP_ANON, -1, 0);
1033
2020-07-10
pjp
1034
2020-07-10
pjp
if (shptr == MAP_FAILED) {
1035
2020-07-10
pjp
dolog(LOG_ERR, "failed to setup mmap segment, exit\n");
1036
2020-07-10
pjp
exit(1);
1037
2020-07-10
pjp
}
1038
2020-07-10
pjp
1039
2020-07-10
pjp
/* initialize */
1040
2020-07-12
pjp
for (sf = (struct sf_imsg *)&shptr[0], j = 0; j < SHAREDMEMSIZE; j++, sf++) {
1041
2020-07-12
pjp
pack32((char *)&sf->u.s.read, 1);
1042
2020-07-10
pjp
}
1043
2020-07-10
pjp
1044
2020-07-10
pjp
cfg->shptr = shptr;
1045
2020-07-11
pjp
cfg->shptrsize = shsize;
1046
2020-07-10
pjp
1047
2020-07-10
pjp
1048
2020-06-30
pjp
switch (pid = fork()) {
1049
2020-06-30
pjp
case -1:
1050
2020-06-30
pjp
dolog(LOG_ERR, "fork() failed: %s\n", strerror(errno));
1051
2020-06-30
pjp
ddd_shutdown();
1052
2020-06-30
pjp
exit(1);
1053
2020-06-30
pjp
case 0:
1054
2020-07-10
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_FORWARD);
1055
2020-06-30
pjp
if (ibuf == NULL) {
1056
2020-06-30
pjp
ddd_shutdown();
1057
2020-06-30
pjp
exit(1);
1058
2020-06-30
pjp
}
1059
2020-06-30
pjp
1060
2020-07-14
pjp
/* initialize shared memory for forward here */
1061
2020-07-14
pjp
shsize = 16 + (SHAREDMEMSIZE * sizeof(struct rr_imsg));
1062
2020-07-14
pjp
1063
2020-07-14
pjp
shptr = mmap(NULL, shsize, PROT_READ | PROT_WRITE, MAP_SHARED |\
1064
2020-07-14
pjp
MAP_ANON, -1, 0);
1065
2020-07-14
pjp
1066
2020-07-14
pjp
if (shptr == MAP_FAILED) {
1067
2020-07-14
pjp
dolog(LOG_ERR, "failed to setup mmap segment, exit\n");
1068
2020-07-14
pjp
exit(1);
1069
2020-07-14
pjp
}
1070
2020-07-14
pjp
1071
2020-07-14
pjp
/* initialize */
1072
2020-07-14
pjp
for (ri = (struct rr_imsg *)&shptr[0], j = 0; j < SHAREDMEMSIZE; j++, ri++) {
1073
2020-07-14
pjp
pack32((char *)&ri->u.s.read, 1);
1074
2020-07-14
pjp
}
1075
2020-07-14
pjp
1076
2020-07-14
pjp
cfg->shptr2 = shptr;
1077
2020-07-14
pjp
cfg->shptr2size = shsize;
1078
2020-07-14
pjp
1079
2020-07-14
pjp
shsize = 16 + (SHAREDMEMSIZE3 * sizeof(struct pkt_imsg));
1080
2020-07-14
pjp
1081
2020-07-14
pjp
shptr = mmap(NULL, shsize, PROT_READ | PROT_WRITE, MAP_SHARED |\
1082
2020-07-14
pjp
MAP_ANON, -1, 0);
1083
2020-07-14
pjp
1084
2020-07-14
pjp
if (shptr == MAP_FAILED) {
1085
2020-07-14
pjp
dolog(LOG_ERR, "failed to setup mmap segment, exit\n");
1086
2020-07-14
pjp
exit(1);
1087
2020-07-14
pjp
}
1088
2020-07-14
pjp
1089
2020-07-14
pjp
/* initialize */
1090
2020-07-14
pjp
for (pi = (struct pkt_imsg *)&shptr[0], j = 0; j < SHAREDMEMSIZE3; j++, pi++) {
1091
2020-07-14
pjp
pack32((char *)&pi->pkt_s.read, 1);
1092
2020-07-14
pjp
}
1093
2020-07-14
pjp
1094
2020-07-14
pjp
cfg->shptr3 = shptr;
1095
2020-07-14
pjp
cfg->shptr3size = shsize;
1096
2020-07-14
pjp
1097
2020-06-30
pjp
/* chroot to the drop priv user home directory */
1098
2020-07-10
pjp
#ifdef DEFAULT_LOCATION
1099
2020-07-10
pjp
if (drop_privs(DEFAULT_LOCATION, pw) < 0) {
1100
2020-07-10
pjp
#else
1101
2020-07-10
pjp
if (drop_privs(pw->pw_dir, pw) < 0) {
1102
2020-07-10
pjp
#endif
1103
2020-07-10
pjp
dolog(LOG_INFO, "forward dropping privileges\n", strerror(errno));
1104
2020-06-30
pjp
ddd_shutdown();
1105
2020-06-30
pjp
exit(1);
1106
2020-06-30
pjp
}
1107
2020-06-30
pjp
#if __OpenBSD__
1108
2020-07-10
pjp
if (unveil("/", "") < 0) {
1109
2020-07-10
pjp
dolog(LOG_INFO, "unveil locking failed: %s\n", strerror(errno));
1110
2020-06-30
pjp
ddd_shutdown();
1111
2020-06-30
pjp
exit(1);
1112
2020-06-30
pjp
}
1113
2020-06-30
pjp
1114
2020-07-10
pjp
if (unveil(NULL, NULL) < 0) {
1115
2020-07-10
pjp
dolog(LOG_INFO, "unveil locking failed: %s\n", strerror(errno));
1116
2020-06-30
pjp
ddd_shutdown();
1117
2020-06-30
pjp
exit(1);
1118
2020-06-30
pjp
}
1119
2020-07-10
pjp
if (pledge("stdio inet proc id sendfd recvfd", NULL) < 0) {
1120
2020-07-10
pjp
perror("pledge");
1121
2020-07-10
pjp
exit(1);
1122
2020-07-10
pjp
}
1123
2020-06-30
pjp
#endif
1124
2020-06-30
pjp
1125
2020-06-30
pjp
/* close descriptors that we don't need */
1126
2020-06-30
pjp
for (j = 0; j < i; j++) {
1127
2020-06-30
pjp
close(tcp[j]);
1128
2020-06-30
pjp
close(udp[j]);
1129
2020-07-21
pjp
if (axfrport && axfrport != port)
1130
2020-07-21
pjp
close(uafd[j]);
1131
2020-07-10
pjp
1132
2020-06-30
pjp
}
1133
2020-06-30
pjp
1134
2020-07-10
pjp
cfg->sockcount = i;
1135
2020-07-10
pjp
cfg->db = db;
1136
2020-06-30
pjp
1137
2020-07-11
pjp
/* shptr has no business in parse process */
1138
2020-07-13
pjp
#if __OpenBSD__
1139
2020-07-11
pjp
minherit(cfg->shptr, cfg->shptrsize,
1140
2020-07-11
pjp
MAP_INHERIT_NONE);
1141
2020-07-13
pjp
#endif
1142
2020-07-11
pjp
1143
2020-07-10
pjp
setproctitle("FORWARD engine");
1144
2020-07-10
pjp
forwardloop(db, cfg, ibuf, &cortex_ibuf);
1145
2020-06-30
pjp
/* NOTREACHED */
1146
2020-06-30
pjp
exit(1);
1147
2020-06-30
pjp
default:
1148
2020-06-30
pjp
break;
1149
2020-06-30
pjp
}
1150
2020-07-10
pjp
1151
2020-07-10
pjp
} /* forward */
1152
2020-06-30
pjp
1153
2020-07-21
pjp
close(cfg->raw[0]);
1154
2020-07-21
pjp
close(cfg->raw[1]);
1155
2020-06-30
pjp
1156
2020-07-10
pjp
1157
2019-11-01
pjp
/* the rest of the daemon goes on in TCP and UDP loops */
1158
2019-12-11
pjp
#ifdef DEFAULT_LOCATION
1159
2019-12-11
pjp
if (drop_privs(DEFAULT_LOCATION, pw) < 0) {
1160
2019-12-11
pjp
#else
1161
2019-11-01
pjp
if (drop_privs(pw->pw_dir, pw) < 0) {
1162
2019-12-11
pjp
#endif
1163
2019-11-01
pjp
dolog(LOG_INFO, "dropping privileges failed\n");
1164
2020-06-25
pjp
ddd_shutdown();
1165
2019-11-01
pjp
exit(1);
1166
2019-11-01
pjp
}
1167
2019-11-01
pjp
#if __OpenBSD__
1168
2019-11-01
pjp
if (unveil(NULL, NULL) < 0) {
1169
2019-11-01
pjp
dolog(LOG_INFO, "unveil locking failed: %s\n", strerror(errno));
1170
2020-06-25
pjp
ddd_shutdown();
1171
2019-11-01
pjp
exit(1);
1172
2019-11-01
pjp
}
1173
2019-11-01
pjp
if (pledge("stdio inet proc id sendfd recvfd", NULL) < 0) {
1174
2019-11-01
pjp
perror("pledge");
1175
2019-11-01
pjp
exit(1);
1176
2019-11-01
pjp
}
1177
2019-11-01
pjp
#endif
1178
2019-11-01
pjp
1179
2016-07-06
pjp
/* what follows is a bit mangled code, we set up nflag + 1 amount of
1180
2016-07-06
pjp
* server instances (1 per cpu?) and if we're recursive we also set up
1181
2016-07-06
pjp
* the same amount of recursive instances all connected through a
1182
2016-07-06
pjp
* socketpair() so that it looks somewhat like this (with 4 instances):
1183
2016-07-06
pjp
*
1184
2016-07-06
pjp
* replies <--- [] ---- [] recursive end
1185
2016-07-06
pjp
* |
1186
2016-07-06
pjp
* replies <--- [] ---- []
1187
2016-07-06
pjp
* request * ---> |
1188
2016-07-06
pjp
* replies <--- [] ---- []
1189
2016-07-06
pjp
* |
1190
2016-07-06
pjp
* replies <--- [] ---- []
1191
2016-07-06
pjp
*
1192
2016-07-06
pjp
*/
1193
2016-07-06
pjp
1194
2017-12-26
pjp
cfg->pid = 0;
1195
2017-12-26
pjp
cfg->nth = 0;
1196
2017-12-26
pjp
1197
2016-07-06
pjp
for (n = 0; n < nflag; n++) {
1198
2016-07-06
pjp
switch (pid = fork()) {
1199
2016-07-06
pjp
case 0:
1200
2017-12-26
pjp
cfg->pid = getpid();
1201
2017-12-26
pjp
cfg->nth = n;
1202
2016-07-06
pjp
cfg->sockcount = i;
1203
2016-07-06
pjp
cfg->db = db;
1204
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
1205
2016-07-06
pjp
cfg->udp[i] = udp[i];
1206
2016-07-06
pjp
cfg->tcp[i] = tcp[i];
1207
2016-07-06
pjp
1208
2017-08-10
pjp
if (axfrport && axfrport != port)
1209
2016-07-06
pjp
cfg->axfr[i] = uafd[i];
1210
2016-07-06
pjp
1211
2016-07-06
pjp
cfg->ident[i] = strdup(ident[i]);
1212
2020-07-03
pjp
1213
2016-07-06
pjp
}
1214
2016-07-06
pjp
1215
2017-12-26
pjp
setproctitle("child %d pid %d", n, cfg->pid);
1216
2020-06-25
pjp
(void)mainloop(cfg, &cortex_ibuf);
1217
2016-07-06
pjp
1218
2016-07-06
pjp
/* NOTREACHED */
1219
2016-07-06
pjp
default:
1220
2016-07-06
pjp
break;
1221
2016-07-06
pjp
} /* switch pid= fork */
1222
2016-07-06
pjp
} /* for (.. nflag */
1223
2016-07-06
pjp
1224
2016-07-06
pjp
cfg->sockcount = i;
1225
2016-07-06
pjp
cfg->db = db;
1226
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
1227
2016-07-06
pjp
cfg->udp[i] = udp[i];
1228
2016-07-06
pjp
cfg->tcp[i] = tcp[i];
1229
2016-07-06
pjp
1230
2017-08-10
pjp
if (axfrport && axfrport != port)
1231
2016-07-06
pjp
cfg->axfr[i] = uafd[i];
1232
2016-07-06
pjp
1233
2016-07-06
pjp
cfg->ident[i] = strdup(ident[i]);
1234
2016-07-06
pjp
}
1235
2016-07-06
pjp
1236
2020-06-25
pjp
(void)mainloop(cfg, &cortex_ibuf);
1237
2016-07-06
pjp
1238
2016-07-06
pjp
/* NOTREACHED */
1239
2016-07-06
pjp
return (0);
1240
2016-07-06
pjp
}
1241
2016-07-06
pjp
1242
2016-07-06
pjp
1243
2016-07-06
pjp
1244
2016-07-06
pjp
/*
1245
2016-07-06
pjp
* COMPRESS_LABEL - compress a DNS name, must be passed an entire reply
1246
2016-07-06
pjp
* with the to be compressed name before the offset of
1247
2016-07-06
pjp
* that reply.
1248
2016-07-06
pjp
*/
1249
2016-07-06
pjp
1250
2016-07-06
pjp
int
1251
2016-07-06
pjp
compress_label(u_char *buf, u_int16_t offset, int labellen)
1252
2016-07-06
pjp
{
1253
2016-07-06
pjp
u_char *label[256]; /* should be enough */
1254
2016-07-06
pjp
u_char *end = &buf[offset];
1255
2016-07-06
pjp
struct question {
1256
2016-07-06
pjp
u_int16_t type;
1257
2016-07-06
pjp
u_int16_t class;
1258
2016-07-06
pjp
} __attribute__((packed));
1259
2016-07-06
pjp
struct answer {
1260
2016-07-06
pjp
u_int16_t type;
1261
2016-07-06
pjp
u_int16_t class;
1262
2016-07-06
pjp
u_int32_t ttl;
1263
2016-07-06
pjp
u_int16_t rdlength;
1264
2016-07-06
pjp
} __attribute__((packed));
1265
2016-07-06
pjp
struct soa {
1266
2016-07-06
pjp
u_int32_t serial;
1267
2016-07-06
pjp
u_int32_t refresh;
1268
2016-07-06
pjp
u_int32_t retry;
1269
2016-07-06
pjp
u_int32_t expire;
1270
2016-07-06
pjp
u_int32_t minttl;
1271
2016-07-06
pjp
} __attribute__((packed));
1272
2016-07-06
pjp
1273
2016-07-06
pjp
struct answer *a;
1274
2016-07-06
pjp
1275
2016-07-06
pjp
u_int i, j;
1276
2016-07-06
pjp
u_int checklen;
1277
2016-07-06
pjp
1278
2016-07-06
pjp
u_char *p, *e;
1279
2016-07-06
pjp
u_char *compressmark;
1280
2016-07-06
pjp
1281
2016-07-06
pjp
1282
2016-07-06
pjp
p = &buf[sizeof(struct dns_header)];
1283
2016-07-06
pjp
label[0] = p;
1284
2016-07-06
pjp
1285
2016-07-06
pjp
while (p <= end && *p) {
1286
2016-07-06
pjp
p += *p;
1287
2016-07-06
pjp
p++;
1288
2016-07-06
pjp
}
1289
2016-07-06
pjp
1290
2016-07-06
pjp
/*
1291
2016-07-06
pjp
* the question label was bogus, we'll just get out of there, return 0
1292
2016-07-06
pjp
*/
1293
2016-07-06
pjp
1294
2016-07-06
pjp
if (p >= end)
1295
2016-07-06
pjp
return (0);
1296
2016-07-06
pjp
1297
2016-07-06
pjp
p += sizeof(struct question);
1298
2016-07-06
pjp
p++; /* one more */
1299
2016-07-06
pjp
/* start of answer/additional/authoritative */
1300
2016-07-06
pjp
1301
2016-07-06
pjp
for (i = 1; i < 100; i++) {
1302
2016-07-06
pjp
label[i] = p;
1303
2016-07-06
pjp
1304
2016-07-06
pjp
while (p <= end && *p) {
1305
2016-07-06
pjp
if ((*p & 0xc0) == 0xc0) {
1306
2016-07-06
pjp
p++;
1307
2016-07-06
pjp
break;
1308
2016-07-06
pjp
}
1309
2016-07-06
pjp
p += *p;
1310
2016-07-06
pjp
p++;
1311
2016-07-06
pjp
1312
2016-07-06
pjp
if (p >= end)
1313
2016-07-06
pjp
goto end;
1314
2016-07-06
pjp
}
1315
2016-07-06
pjp
1316
2016-07-06
pjp
p++; /* one more */
1317
2016-07-06
pjp
1318
2016-07-06
pjp
1319
2016-07-06
pjp
a = (struct answer *)p;
1320
2016-07-06
pjp
p += sizeof(struct answer);
1321
2016-07-06
pjp
1322
2016-07-06
pjp
/* Thanks FreeLogic! */
1323
2016-07-06
pjp
if (p >= end)
1324
2016-07-06
pjp
goto end;
1325
2016-07-06
pjp
1326
2016-07-06
pjp
switch (ntohs(a->type)) {
1327
2016-07-06
pjp
case DNS_TYPE_A:
1328
2016-07-06
pjp
p += sizeof(in_addr_t);
1329
2016-07-06
pjp
break;
1330
2016-07-06
pjp
case DNS_TYPE_AAAA:
1331
2016-07-06
pjp
p += 16; /* sizeof 4 * 32 bit */
1332
2016-07-06
pjp
break;
1333
2016-07-06
pjp
case DNS_TYPE_TXT:
1334
2016-07-06
pjp
p += *p;
1335
2016-07-06
pjp
p++;
1336
2016-07-06
pjp
break;
1337
2016-07-06
pjp
case DNS_TYPE_TLSA:
1338
2016-07-06
pjp
p += 2;
1339
2016-07-06
pjp
switch (*p) {
1340
2016-07-06
pjp
case 1:
1341
2016-07-06
pjp
p += DNS_TLSA_SIZE_SHA256 + 1;
1342
2016-07-06
pjp
break;
1343
2016-07-06
pjp
case 2:
1344
2016-07-06
pjp
p += DNS_TLSA_SIZE_SHA512 + 1;
1345
2016-07-06
pjp
break;
1346
2016-07-06
pjp
default:
1347
2016-07-06
pjp
/* XXX */
1348
2016-07-06
pjp
goto end;
1349
2016-07-06
pjp
}
1350
2016-07-06
pjp
1351
2016-07-06
pjp
break;
1352
2016-07-06
pjp
case DNS_TYPE_SSHFP:
1353
2016-07-06
pjp
p++;
1354
2016-07-06
pjp
switch (*p) {
1355
2016-07-06
pjp
case 1:
1356
2016-07-06
pjp
p += DNS_SSHFP_SIZE_SHA1 + 1;
1357
2016-07-06
pjp
break;
1358
2016-07-06
pjp
case 2:
1359
2016-07-06
pjp
p += DNS_SSHFP_SIZE_SHA256 + 1;
1360
2016-07-06
pjp
break;
1361
2016-07-06
pjp
default:
1362
2016-07-06
pjp
/* XXX */
1363
2016-07-06
pjp
goto end;
1364
2016-07-06
pjp
}
1365
2016-07-06
pjp
1366
2016-07-06
pjp
break;
1367
2016-07-06
pjp
case DNS_TYPE_SRV:
1368
2016-07-06
pjp
p += (2 * sizeof(u_int16_t)); /* priority, weight */
1369
2016-07-06
pjp
/* the port will be assumed in the fall through for
1370
2016-07-06
pjp
mx_priority..
1371
2016-07-06
pjp
*/
1372
2016-07-06
pjp
/* FALLTHROUGH */
1373
2016-07-06
pjp
case DNS_TYPE_MX:
1374
2016-07-06
pjp
p += sizeof(u_int16_t); /* mx_priority */
1375
2016-07-06
pjp
/* FALLTHROUGH */
1376
2016-07-06
pjp
case DNS_TYPE_NS:
1377
2016-07-06
pjp
case DNS_TYPE_PTR:
1378
2016-07-06
pjp
case DNS_TYPE_CNAME:
1379
2016-07-06
pjp
label[++i] = p;
1380
2016-07-06
pjp
while (p <= end && *p) {
1381
2016-07-06
pjp
if ((*p & 0xc0) == 0xc0) {
1382
2016-07-06
pjp
p++;
1383
2016-07-06
pjp
break;
1384
2016-07-06
pjp
}
1385
2016-07-06
pjp
p += *p;
1386
2016-07-06
pjp
p++;
1387
2016-07-06
pjp
1388
2016-07-06
pjp
if (p >= end)
1389
2016-07-06
pjp
goto end;
1390
2016-07-06
pjp
}
1391
2016-07-06
pjp
1392
2016-07-06
pjp
p++; /* one more */
1393
2016-07-06
pjp
break;
1394
2016-07-06
pjp
case DNS_TYPE_SOA:
1395
2016-07-06
pjp
/* nsserver */
1396
2016-07-06
pjp
label[++i] = p;
1397
2016-07-06
pjp
while (p <= end && *p) {
1398
2016-07-06
pjp
if ((*p & 0xc0) == 0xc0) {
1399
2016-07-06
pjp
p++;
1400
2016-07-06
pjp
break;
1401
2016-07-06
pjp
}
1402
2016-07-06
pjp
p += *p;
1403
2016-07-06
pjp
p++;
1404
2016-07-06
pjp
if (p >= end)
1405
2016-07-06
pjp
goto end;
1406
2016-07-06
pjp
}
1407
2016-07-06
pjp
1408
2016-07-06
pjp
p++; /* one more */
1409
2016-07-06
pjp
1410
2016-07-06
pjp
if (p >= end)
1411
2016-07-06
pjp
break;
1412
2016-07-06
pjp
1413
2016-07-06
pjp
/* responsible person */
1414
2016-07-06
pjp
label[++i] = p;
1415
2016-07-06
pjp
while (p <= end && *p) {
1416
2016-07-06
pjp
if ((*p & 0xc0) == 0xc0) {
1417
2016-07-06
pjp
p++;
1418
2016-07-06
pjp
break;
1419
2016-07-06
pjp
}
1420
2016-07-06
pjp
p += *p;
1421
2016-07-06
pjp
p++;
1422
2016-07-06
pjp
}
1423
2016-07-06
pjp
1424
2016-07-06
pjp
p++; /* one more */
1425
2016-07-06
pjp
1426
2016-07-06
pjp
if (p >= end)
1427
2016-07-06
pjp
break;
1428
2016-07-06
pjp
1429
2016-07-06
pjp
p += sizeof(struct soa); /* advance struct soa */
1430
2016-07-06
pjp
1431
2016-07-06
pjp
break;
1432
2016-07-06
pjp
case DNS_TYPE_NAPTR:
1433
2016-07-06
pjp
p += (2 * sizeof(u_int16_t)); /* order and preference */
1434
2016-07-06
pjp
p += *p; /* flags */
1435
2016-07-06
pjp
p++;
1436
2016-07-06
pjp
p += *p; /* services */
1437
2016-07-06
pjp
p++;
1438
2016-07-06
pjp
p += *p; /* regexp */
1439
2016-07-06
pjp
p++;
1440
2016-07-06
pjp
1441
2016-07-06
pjp
label[++i] = p;
1442
2016-07-06
pjp
while (p <= end && *p) {
1443
2016-07-06
pjp
if ((*p & 0xc0) == 0xc0) {
1444
2016-07-06
pjp
p++;
1445
2016-07-06
pjp
break;
1446
2016-07-06
pjp
}
1447
2016-07-06
pjp
p += *p;
1448
2016-07-06
pjp
p++;
1449
2016-07-06
pjp
1450
2016-07-06
pjp
if (p >= end)
1451
2016-07-06
pjp
goto end;
1452
2016-07-06
pjp
}
1453
2016-07-06
pjp
1454
2016-07-06
pjp
p++; /* one more */
1455
2016-07-06
pjp
break;
1456
2016-07-06
pjp
1457
2016-07-06
pjp
default:
1458
2016-07-06
pjp
break;
1459
2016-07-06
pjp
/* XXX */
1460
2016-07-06
pjp
} /* switch */
1461
2016-07-06
pjp
1462
2016-07-06
pjp
if (p >= end)
1463
2016-07-06
pjp
break;
1464
2016-07-06
pjp
} /* for (i *) */
1465
2016-07-06
pjp
1466
2016-07-06
pjp
end:
1467
2016-07-06
pjp
1468
2016-07-06
pjp
p = &buf[offset - labellen];
1469
2016-07-06
pjp
checklen = labellen;
1470
2016-07-06
pjp
1471
2016-07-06
pjp
for (;*p != 0;) {
1472
2016-07-06
pjp
for (j = 0; j < i; j++) {
1473
2016-07-06
pjp
for (e = label[j]; *e; e += *e, e++) {
1474
2016-07-06
pjp
if ((*e & 0xc0) == 0xc0)
1475
2016-07-06
pjp
break;
1476
2016-07-06
pjp
1477
2016-07-06
pjp
if (memcasecmp(e, p, checklen) == 0) {
1478
2016-07-06
pjp
/* e is now our compress offset */
1479
2016-07-06
pjp
compressmark = e;
1480
2016-07-06
pjp
goto out; /* found one */
1481
2016-07-06
pjp
}
1482
2016-07-06
pjp
} /* for (e .. */
1483
2016-07-06
pjp
1484
2016-07-06
pjp
} /* for (j .. */
1485
2016-07-06
pjp
1486
2016-07-06
pjp
if (*p > DNS_MAXLABEL)
1487
2016-07-06
pjp
return 0; /* totally bogus label */
1488
2016-07-06
pjp
1489
2016-07-06
pjp
checklen -= *p;
1490
2016-07-06
pjp
p += *p;
1491
2016-07-06
pjp
checklen--;
1492
2016-07-06
pjp
p++;
1493
2016-07-06
pjp
}
1494
2016-07-06
pjp
1495
2016-07-06
pjp
return (0); /* no compression possible */
1496
2016-07-06
pjp
1497
2016-07-06
pjp
out:
1498
2016-07-06
pjp
/* take off our compress length */
1499
2016-07-06
pjp
offset -= checklen;
1500
2016-07-06
pjp
/* write compressed label */
1501
2019-12-03
pjp
pack16(&buf[offset], htons((compressmark - &buf[0]) | 0xc000));
1502
2016-07-06
pjp
1503
2016-07-06
pjp
offset += sizeof(u_int16_t);
1504
2016-07-06
pjp
1505
2016-07-06
pjp
return (offset);
1506
2016-07-06
pjp
}
1507
2016-07-06
pjp
1508
2016-07-06
pjp
1509
2016-07-06
pjp
1510
2016-07-06
pjp
/*
1511
2016-07-06
pjp
* MAINLOOP - does the polling of tcp & udp descriptors and if ready receives the
1512
2016-07-06
pjp
* requests, builds the question and calls for replies, loops
1513
2016-07-06
pjp
*
1514
2016-07-06
pjp
*/
1515
2016-07-06
pjp
1516
2016-07-06
pjp
void
1517
2020-06-25
pjp
mainloop(struct cfg *cfg, struct imsgbuf *ibuf)
1518
2016-07-06
pjp
{
1519
2016-07-06
pjp
fd_set rset;
1520
2017-08-09
pjp
pid_t pid;
1521
2017-08-09
pjp
1522
2020-07-03
pjp
int sel, oldsel;
1523
2019-10-25
pjp
int len, slen = 0;
1524
2020-06-25
pjp
int i, nomore = 0;
1525
2016-07-06
pjp
int istcp = 1;
1526
2016-07-06
pjp
int maxso;
1527
2016-07-06
pjp
int so;
1528
2016-07-06
pjp
int type0, type1;
1529
2016-07-06
pjp
int lzerrno;
1530
2016-07-06
pjp
int filter = 0;
1531
2016-07-06
pjp
int rcheck = 0;
1532
2020-07-16
pjp
int blocklist = 1;
1533
2019-02-24
pjp
int require_tsig = 0;
1534
2020-06-25
pjp
pid_t idata;
1535
2016-07-06
pjp
1536
2018-07-13
pjp
u_int32_t received_ttl;
1537
2019-02-24
pjp
u_int32_t imsg_type;
1538
2016-07-06
pjp
u_char *ttlptr;
1539
2016-07-06
pjp
1540
2016-07-06
pjp
u_int8_t aregion; /* region where the address comes from */
1541
2016-07-06
pjp
1542
2016-07-06
pjp
char buf[4096];
1543
2016-07-06
pjp
char *replybuf = NULL;
1544
2016-07-06
pjp
char address[INET6_ADDRSTRLEN];
1545
2016-07-06
pjp
char replystring[DNS_MAXNAME + 1];
1546
2016-07-06
pjp
char fakereplystring[DNS_MAXNAME + 1];
1547
2016-07-06
pjp
char controlbuf[64];
1548
2016-07-06
pjp
1549
2016-07-06
pjp
union {
1550
2016-07-06
pjp
struct sockaddr sa;
1551
2016-07-06
pjp
struct sockaddr_in sin;
1552
2016-07-06
pjp
struct sockaddr_in6 sin6;
1553
2016-07-06
pjp
} sockaddr_large;
1554
2016-07-06
pjp
1555
2016-07-06
pjp
socklen_t fromlen = sizeof(sockaddr_large);
1556
2016-07-06
pjp
1557
2016-07-06
pjp
struct sockaddr *from = (void *)&sockaddr_large;
1558
2016-07-06
pjp
struct sockaddr_in *sin;
1559
2016-07-06
pjp
struct sockaddr_in6 *sin6;
1560
2016-07-06
pjp
1561
2016-07-06
pjp
struct question *question = NULL, *fakequestion = NULL;
1562
2017-11-28
pjp
struct parsequestion pq;
1563
2019-02-15
pjp
struct rbtree *rbt0 = NULL, *rbt1 = NULL;
1564
2019-02-15
pjp
struct rrset *csd;
1565
2019-02-15
pjp
struct rr *rr_csd;
1566
2020-07-10
pjp
struct sf_imsg sf, *sfi = NULL;
1567
2016-07-06
pjp
1568
2016-07-06
pjp
struct sreply sreply;
1569
2019-01-25
pjp
struct reply_logic *rl = NULL;
1570
2016-07-06
pjp
struct timeval tv = { 10, 0};
1571
2020-07-25
pjp
struct timeval rectv0, rectv1, *prectv;
1572
2016-07-06
pjp
1573
2016-07-06
pjp
struct msghdr msgh;
1574
2017-11-27
pjp
struct cmsghdr *cmsg = NULL;
1575
2016-07-06
pjp
struct iovec iov;
1576
2020-06-25
pjp
struct imsgbuf *tcp_ibuf, *udp_ibuf, parse_ibuf;
1577
2017-11-28
pjp
struct imsgbuf *pibuf;
1578
2017-11-28
pjp
struct imsg imsg;
1579
2017-11-28
pjp
1580
2020-07-03
pjp
struct sforward *sforward;
1581
2020-06-30
pjp
1582
2017-11-28
pjp
ssize_t n, datalen;
1583
2020-07-10
pjp
int ix;
1584
2020-07-21
pjp
int sretlen;
1585
2020-07-25
pjp
1586
2020-07-25
pjp
memset(&rectv0, 0, sizeof(struct timeval));
1587
2020-07-25
pjp
memset(&rectv1, 0, sizeof(struct timeval));
1588
2020-06-25
pjp
1589
2020-07-11
pjp
pid = fork();
1590
2020-07-11
pjp
switch (pid) {
1591
2020-07-11
pjp
case -1:
1592
2020-07-11
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
1593
2020-07-11
pjp
exit(1);
1594
2020-07-11
pjp
case 0:
1595
2020-07-11
pjp
for (i = 0; i < cfg->sockcount; i++) {
1596
2020-07-11
pjp
close(cfg->udp[i]);
1597
2020-07-11
pjp
if (axfrport && axfrport != port)
1598
2020-07-11
pjp
close(cfg->axfr[i]);
1599
2020-07-11
pjp
}
1600
2020-07-11
pjp
tcp_ibuf = register_cortex(ibuf, MY_IMSG_TCP);
1601
2020-07-11
pjp
if (tcp_ibuf == NULL) {
1602
2020-07-11
pjp
ddd_shutdown();
1603
2020-07-11
pjp
exit(1);
1604
2020-07-11
pjp
}
1605
2020-07-11
pjp
/* shptr has no business in a tcp parse process */
1606
2020-07-11
pjp
if (forward) {
1607
2020-07-13
pjp
#if __OpenBSD__
1608
2020-07-11
pjp
minherit(cfg->shptr, cfg->shptrsize,
1609
2020-07-11
pjp
MAP_INHERIT_NONE);
1610
2020-07-13
pjp
#endif
1611
2020-07-11
pjp
}
1612
2020-06-25
pjp
1613
2020-07-11
pjp
setproctitle("TCP engine %d", cfg->pid);
1614
2020-07-11
pjp
tcploop(cfg, tcp_ibuf, ibuf);
1615
2020-07-11
pjp
/* NOTREACHED */
1616
2020-07-11
pjp
exit(1);
1617
2020-07-11
pjp
default:
1618
2020-07-11
pjp
for (i = 0; i < cfg->sockcount; i++) {
1619
2020-07-11
pjp
close(cfg->tcp[i]);
1620
2020-07-11
pjp
}
1621
2020-07-11
pjp
break;
1622
2020-07-11
pjp
}
1623
2020-07-11
pjp
1624
2020-07-11
pjp
/* shptr has no business in a udp parse process */
1625
2020-07-11
pjp
if (forward) {
1626
2020-07-13
pjp
#if __OpenBSD__
1627
2020-07-11
pjp
minherit(cfg->shptr, cfg->shptrsize,
1628
2020-07-11
pjp
MAP_INHERIT_NONE);
1629
2020-07-13
pjp
#endif
1630
2020-07-11
pjp
}
1631
2020-07-11
pjp
1632
2020-07-03
pjp
sforward = (struct sforward *)calloc(1, sizeof(struct sforward));
1633
2020-07-03
pjp
if (sforward == NULL) {
1634
2020-06-30
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
1635
2020-06-30
pjp
ddd_shutdown();
1636
2020-06-30
pjp
exit(1);
1637
2020-06-30
pjp
}
1638
2020-06-30
pjp
1639
2020-06-25
pjp
replybuf = calloc(1, 65536);
1640
2020-06-25
pjp
if (replybuf == NULL) {
1641
2020-06-25
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
1642
2020-06-25
pjp
ddd_shutdown();
1643
2020-06-25
pjp
exit(1);
1644
2020-06-30
pjp
}
1645
2020-06-25
pjp
1646
2020-07-03
pjp
udp_ibuf = register_cortex(ibuf, MY_IMSG_UDP);
1647
2020-07-03
pjp
if (udp_ibuf == NULL) {
1648
2020-07-03
pjp
ddd_shutdown();
1649
2020-07-03
pjp
exit(1);
1650
2020-07-03
pjp
}
1651
2020-07-03
pjp
1652
2020-06-25
pjp
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, &cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]) < 0) {
1653
2017-08-09
pjp
dolog(LOG_INFO, "socketpair() failed\n");
1654
2020-06-25
pjp
ddd_shutdown();
1655
2017-08-09
pjp
exit(1);
1656
2017-08-09
pjp
}
1657
2016-07-06
pjp
1658
2017-08-09
pjp
pid = fork();
1659
2017-08-09
pjp
switch (pid) {
1660
2017-08-09
pjp
case -1:
1661
2017-08-09
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
1662
2017-08-09
pjp
exit(1);
1663
2017-08-09
pjp
case 0:
1664
2020-07-14
pjp
#ifndef __OpenBSD__
1665
2020-07-14
pjp
/* OpenBSD has minherit() */
1666
2020-07-14
pjp
if (munmap(cfg->shptr, cfg->shptrsize) == -1) {
1667
2020-07-14
pjp
dolog(LOG_INFO, "unmapping shptr failed: %s\n", \
1668
2020-07-14
pjp
strerror(errno));
1669
2020-07-14
pjp
}
1670
2020-07-14
pjp
#endif
1671
2020-07-14
pjp
cfg->shptrsize = 0;
1672
2020-07-11
pjp
/* close udp decriptors */
1673
2017-08-09
pjp
for (i = 0; i < cfg->sockcount; i++) {
1674
2017-08-09
pjp
close(cfg->udp[i]);
1675
2017-08-09
pjp
}
1676
2020-06-25
pjp
close(ibuf->fd);
1677
2020-07-03
pjp
close(udp_ibuf->fd);
1678
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
1679
2020-06-25
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
1680
2020-06-25
pjp
setproctitle("udp parse engine %d", cfg->pid);
1681
2020-06-25
pjp
parseloop(cfg, &parse_ibuf);
1682
2017-08-09
pjp
/* NOTREACHED */
1683
2017-08-09
pjp
exit(1);
1684
2017-08-09
pjp
default:
1685
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
1686
2020-06-25
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
1687
2020-06-25
pjp
pibuf = &parse_ibuf;
1688
2017-08-09
pjp
break;
1689
2017-08-09
pjp
}
1690
2016-07-06
pjp
1691
2020-06-25
pjp
1692
2020-06-25
pjp
1693
2017-11-27
pjp
#if __OpenBSD__
1694
2017-11-27
pjp
if (pledge("stdio inet sendfd recvfd", NULL) < 0) {
1695
2017-11-27
pjp
perror("pledge");
1696
2017-11-27
pjp
exit(1);
1697
2017-11-27
pjp
}
1698
2017-11-27
pjp
#endif
1699
2017-11-27
pjp
1700
2016-07-06
pjp
for (;;) {
1701
2016-07-06
pjp
maxso = 0;
1702
2016-07-06
pjp
1703
2016-07-06
pjp
FD_ZERO(&rset);
1704
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
1705
2016-07-06
pjp
if (maxso < cfg->udp[i])
1706
2016-07-06
pjp
maxso = cfg->udp[i];
1707
2016-07-06
pjp
1708
2017-08-10
pjp
if (axfrport && axfrport != port && maxso < cfg->axfr[i])
1709
2016-07-06
pjp
maxso = cfg->axfr[i];
1710
2016-07-06
pjp
1711
2016-07-06
pjp
FD_SET(cfg->udp[i], &rset);
1712
2016-07-06
pjp
1713
2017-08-10
pjp
if (axfrport && axfrport != port)
1714
2016-07-06
pjp
FD_SET(cfg->axfr[i], &rset);
1715
2016-07-06
pjp
}
1716
2016-07-06
pjp
1717
2016-07-06
pjp
tv.tv_sec = 10;
1718
2016-07-06
pjp
tv.tv_usec = 0;
1719
2016-07-06
pjp
1720
2016-07-06
pjp
sel = select(maxso + 1, &rset, NULL, NULL, &tv);
1721
2016-07-06
pjp
1722
2016-07-06
pjp
if (sel < 0) {
1723
2016-07-06
pjp
dolog(LOG_INFO, "select: %s\n", strerror(errno));
1724
2016-07-06
pjp
continue;
1725
2016-07-06
pjp
}
1726
2016-07-06
pjp
1727
2016-07-06
pjp
if (sel == 0) {
1728
2020-06-25
pjp
if (nomore)
1729
2020-06-25
pjp
continue;
1730
2017-08-09
pjp
1731
2017-08-09
pjp
idata = 42;
1732
2020-06-25
pjp
imsg_compose(ibuf, IMSG_CRIPPLE_NEURON,
1733
2017-08-09
pjp
0, 0, -1, &idata, sizeof(idata));
1734
2020-06-25
pjp
msgbuf_write(&ibuf->w);
1735
2017-08-09
pjp
1736
2020-06-25
pjp
nomore = 1;
1737
2020-06-25
pjp
1738
2016-07-06
pjp
continue;
1739
2016-07-06
pjp
}
1740
2016-07-06
pjp
1741
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
1742
2017-08-10
pjp
if (axfrport && axfrport != port && FD_ISSET(cfg->axfr[i], &rset)) {
1743
2017-08-09
pjp
istcp = 0;
1744
2017-08-09
pjp
so = cfg->axfr[i];
1745
2017-08-09
pjp
1746
2017-08-09
pjp
goto axfrentry;
1747
2017-08-09
pjp
}
1748
2017-08-09
pjp
1749
2017-08-09
pjp
if (FD_ISSET(cfg->udp[i], &rset)) {
1750
2017-08-09
pjp
istcp = 0;
1751
2017-08-09
pjp
so = cfg->udp[i];
1752
2020-07-03
pjp
oldsel = i;
1753
2017-08-09
pjp
axfrentry:
1754
2016-07-06
pjp
fromlen = sizeof(sockaddr_large);
1755
2016-07-06
pjp
1756
2017-08-09
pjp
memset(&msgh, 0, sizeof(msgh));
1757
2017-08-09
pjp
iov.iov_base = buf;
1758
2017-08-09
pjp
iov.iov_len = sizeof(buf);
1759
2017-08-09
pjp
msgh.msg_name = from;
1760
2017-08-09
pjp
msgh.msg_namelen = fromlen;
1761
2017-08-09
pjp
msgh.msg_iov = &iov;
1762
2017-08-09
pjp
msgh.msg_iovlen = 1;
1763
2017-08-09
pjp
msgh.msg_control = (struct cmsghdr*)&controlbuf;
1764
2017-08-09
pjp
msgh.msg_controllen = sizeof(controlbuf);
1765
2017-08-09
pjp
1766
2017-08-09
pjp
len = recvmsg(so, &msgh, 0);
1767
2017-08-09
pjp
if (len < 0) {
1768
2017-08-09
pjp
dolog(LOG_INFO, "recvmsg: on descriptor %u interface \"%s\" %s\n", so, cfg->ident[i], strerror(errno));
1769
2016-07-06
pjp
continue;
1770
2016-07-06
pjp
}
1771
2016-07-06
pjp
1772
2017-08-09
pjp
received_ttl = 0;
1773
2017-08-09
pjp
1774
2017-08-09
pjp
for (cmsg = CMSG_FIRSTHDR(&msgh);
1775
2017-08-09
pjp
cmsg != NULL;
1776
2017-08-09
pjp
cmsg = CMSG_NXTHDR(&msgh,cmsg)) {
1777
2017-08-09
pjp
if (cmsg->cmsg_level == IPPROTO_IP
1778
2017-08-09
pjp
#ifdef __linux__
1779
2017-08-09
pjp
&& cmsg->cmsg_type == IP_TTL) {
1780
2017-08-09
pjp
#else
1781
2017-08-09
pjp
1782
2017-08-09
pjp
&& cmsg->cmsg_type == IP_RECVTTL) {
1783
2017-08-09
pjp
#endif
1784
2017-08-09
pjp
1785
2017-08-09
pjp
ttlptr = (u_char *) CMSG_DATA(cmsg);
1786
2017-08-09
pjp
received_ttl = (u_int)*ttlptr;
1787
2017-08-09
pjp
}
1788
2017-08-09
pjp
1789
2017-08-09
pjp
if (cmsg->cmsg_level == IPPROTO_IPV6 &&
1790
2017-08-09
pjp
cmsg->cmsg_type == IPV6_HOPLIMIT) {
1791
2017-08-09
pjp
1792
2017-08-09
pjp
if (cmsg->cmsg_len !=
1793
2017-08-09
pjp
CMSG_LEN(sizeof(int))) {
1794
2020-07-25
pjp
dolog(LOG_INFO, "IPV6_HOPLIMIT cmsg->cmsg_len == %d\n", cmsg->cmsg_len);
1795
2017-08-09
pjp
continue;
1796
2017-08-09
pjp
}
1797
2017-08-09
pjp
1798
2017-08-09
pjp
ttlptr = (u_char *) CMSG_DATA(cmsg);
1799
2017-08-09
pjp
received_ttl = (u_int)*ttlptr;
1800
2017-08-09
pjp
}
1801
2020-07-25
pjp
1802
2020-07-25
pjp
if (cmsg->cmsg_level == SOL_SOCKET &&
1803
2020-07-25
pjp
cmsg->cmsg_type == SCM_TIMESTAMP) {
1804
2020-07-25
pjp
1805
2020-07-25
pjp
if (cmsg->cmsg_len !=
1806
2020-07-25
pjp
CMSG_LEN(sizeof(struct timeval))) {
1807
2020-07-25
pjp
dolog(LOG_INFO, "SCM_TIMESTAMP cmsg->cmsg_len == %d\n", cmsg->cmsg_len);
1808
2020-07-25
pjp
continue;
1809
2020-07-25
pjp
}
1810
2020-07-25
pjp
1811
2020-07-25
pjp
prectv = (struct timeval *) CMSG_DATA(cmsg);
1812
2020-07-25
pjp
memcpy((char *)&rectv0, (char *)prectv, sizeof(struct timeval));
1813
2020-07-25
pjp
}
1814
2017-08-09
pjp
}
1815
2017-08-09
pjp
1816
2016-07-06
pjp
if (from->sa_family == AF_INET6) {
1817
2016-07-06
pjp
1818
2016-07-06
pjp
fromlen = sizeof(struct sockaddr_in6);
1819
2016-07-06
pjp
sin6 = (struct sockaddr_in6 *)from;
1820
2016-07-06
pjp
inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, (char *)&address, sizeof(address));
1821
2017-08-09
pjp
if (ratelimit) {
1822
2017-08-09
pjp
add_rrlimit(ratelimit_backlog, (u_int16_t *)&sin6->sin6_addr, sizeof(sin6->sin6_addr), rptr);
1823
2017-08-09
pjp
1824
2017-08-09
pjp
rcheck = check_rrlimit(ratelimit_backlog, (u_int16_t *)&sin6->sin6_addr, sizeof(sin6->sin6_addr), rptr);
1825
2017-08-09
pjp
}
1826
2017-08-09
pjp
1827
2016-07-06
pjp
aregion = find_region((struct sockaddr_storage *)sin6, AF_INET6);
1828
2019-02-24
pjp
filter = 0;
1829
2016-07-06
pjp
filter = find_filter((struct sockaddr_storage *)sin6, AF_INET6);
1830
2020-07-16
pjp
if (passlist) {
1831
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin6, AF_INET6);
1832
2016-07-06
pjp
}
1833
2019-02-24
pjp
1834
2019-02-24
pjp
require_tsig = 0;
1835
2019-02-24
pjp
if (tsig) {
1836
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin6, AF_INET6);
1837
2019-02-24
pjp
}
1838
2019-02-24
pjp
1839
2016-07-06
pjp
} else if (from->sa_family == AF_INET) {
1840
2016-07-06
pjp
1841
2016-07-06
pjp
fromlen = sizeof(struct sockaddr_in);
1842
2016-07-06
pjp
sin = (struct sockaddr_in *)from;
1843
2016-07-06
pjp
inet_ntop(AF_INET, (void *)&sin->sin_addr, (char *)&address, sizeof(address));
1844
2017-08-09
pjp
if (ratelimit) {
1845
2017-08-09
pjp
add_rrlimit(ratelimit_backlog, (u_int16_t *)&sin->sin_addr.s_addr, sizeof(sin->sin_addr.s_addr), rptr);
1846
2017-08-09
pjp
1847
2017-08-09
pjp
rcheck = check_rrlimit(ratelimit_backlog, (u_int16_t *)&sin->sin_addr.s_addr, sizeof(sin->sin_addr.s_addr), rptr);
1848
2017-08-09
pjp
}
1849
2017-08-09
pjp
1850
2016-07-06
pjp
aregion = find_region((struct sockaddr_storage *)sin, AF_INET);
1851
2019-02-24
pjp
filter = 0;
1852
2016-07-06
pjp
filter = find_filter((struct sockaddr_storage *)sin, AF_INET);
1853
2020-07-16
pjp
if (passlist) {
1854
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin, AF_INET);
1855
2016-07-06
pjp
}
1856
2016-07-06
pjp
1857
2019-02-24
pjp
require_tsig = 0;
1858
2019-02-24
pjp
if (tsig) {
1859
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin, AF_INET);
1860
2019-02-24
pjp
}
1861
2019-02-24
pjp
1862
2017-08-09
pjp
} else {
1863
2017-08-09
pjp
dolog(LOG_INFO, "packet received on descriptor %u interface \"%s\" had weird address family (%u), drop\n", so, cfg->ident[i], from->sa_family);
1864
2017-08-09
pjp
goto drop;
1865
2016-07-06
pjp
}
1866
2016-07-06
pjp
1867
2017-08-09
pjp
/* if UDP packet check length for minimum / maximum */
1868
2017-08-09
pjp
if (len > DNS_MAXUDP || len < sizeof(struct dns_header)){
1869
2017-08-09
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[i], address);
1870
2017-08-09
pjp
goto drop;
1871
2016-07-06
pjp
}
1872
2016-07-06
pjp
1873
2019-02-24
pjp
if (filter && require_tsig == 0) {
1874
2016-07-06
pjp
1875
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1876
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
1877
2017-11-27
pjp
1878
2017-11-28
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) replying REFUSED, filter policy\n", so, cfg->ident[i], address, received_ttl, aregion);
1879
2017-08-09
pjp
goto drop;
1880
2017-08-09
pjp
}
1881
2016-07-06
pjp
1882
2020-07-16
pjp
if (passlist && blocklist == 0) {
1883
2016-07-06
pjp
1884
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1885
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
1886
2017-08-09
pjp
1887
2020-07-16
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) replying REFUSED, passlist policy\n", so, cfg->ident[i], address, received_ttl, aregion);
1888
2017-08-09
pjp
goto drop;
1889
2016-07-06
pjp
}
1890
2017-08-09
pjp
1891
2017-11-28
pjp
if (ratelimit && rcheck) {
1892
2017-11-28
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) ratelimit policy dropping packet\n", so, cfg->ident[i], address, received_ttl, aregion);
1893
2017-08-09
pjp
goto drop;
1894
2016-07-06
pjp
}
1895
2017-11-28
pjp
1896
2017-11-28
pjp
/* pjp - branch to pledge parser here */
1897
2019-02-24
pjp
imsg_type = IMSG_PARSE_MESSAGE;
1898
2019-02-24
pjp
1899
2019-02-24
pjp
if (imsg_compose(pibuf, imsg_type,
1900
2017-11-28
pjp
0, 0, -1, buf, len) < 0) {
1901
2017-11-28
pjp
dolog(LOG_INFO, "imsg_compose %s\n", strerror(errno));
1902
2017-11-28
pjp
}
1903
2017-11-28
pjp
msgbuf_write(&pibuf->w);
1904
2016-07-06
pjp
1905
2017-11-28
pjp
FD_ZERO(&rset);
1906
2017-11-28
pjp
FD_SET(pibuf->fd, &rset);
1907
2016-07-06
pjp
1908
2017-11-28
pjp
tv.tv_sec = 10;
1909
2017-11-28
pjp
tv.tv_usec = 0;
1910
2016-07-06
pjp
1911
2017-11-28
pjp
sel = select(pibuf->fd + 1, &rset, NULL, NULL, &tv);
1912
2017-11-28
pjp
1913
2017-11-28
pjp
if (sel < 0) {
1914
2017-11-28
pjp
dolog(LOG_ERR, "internal error around select, dropping packet\n");
1915
2017-08-09
pjp
goto drop;
1916
2016-07-06
pjp
}
1917
2016-07-06
pjp
1918
2017-11-28
pjp
if (sel == 0) {
1919
2017-11-28
pjp
dolog(LOG_ERR, "internal error, timeout on parse imsg, drop\n");
1920
2017-08-09
pjp
goto drop;
1921
2017-08-09
pjp
}
1922
2017-12-14
pjp
1923
2017-12-14
pjp
if (FD_ISSET(pibuf->fd, &rset)) {
1924
2017-11-28
pjp
1925
2017-12-14
pjp
if (((n = imsg_read(pibuf)) == -1 && errno != EAGAIN) || n == 0) {
1926
2017-12-14
pjp
dolog(LOG_ERR, "internal error, timeout on parse imsg, drop\n");
1927
2017-12-14
pjp
goto drop;
1928
2017-12-14
pjp
}
1929
2017-11-28
pjp
1930
2017-12-14
pjp
for (;;) {
1931
2017-12-14
pjp
1932
2017-12-14
pjp
if ((n = imsg_get(pibuf, &imsg)) == -1) {
1933
2017-12-14
pjp
break;
1934
2017-12-14
pjp
}
1935
2017-11-28
pjp
1936
2017-12-14
pjp
if (n == 0) {
1937
2017-12-14
pjp
break;
1938
2017-12-14
pjp
}
1939
2017-11-28
pjp
1940
2017-12-14
pjp
datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
1941
2017-11-28
pjp
1942
2017-12-14
pjp
switch (imsg.hdr.type) {
1943
2017-12-14
pjp
case IMSG_PARSEREPLY_MESSAGE:
1944
2017-12-14
pjp
if (datalen != sizeof(struct parsequestion)) {
1945
2017-12-14
pjp
dolog(LOG_ERR, "datalen != sizeof(struct parsequestion), can't work with this, drop\n");
1946
2017-12-14
pjp
goto drop;
1947
2017-12-14
pjp
}
1948
2017-12-14
pjp
1949
2017-12-14
pjp
memcpy((char *)&pq, imsg.data, datalen);
1950
2017-11-28
pjp
1951
2017-12-14
pjp
if (pq.rc != PARSE_RETURN_ACK) {
1952
2017-12-14
pjp
switch (pq.rc) {
1953
2017-12-14
pjp
case PARSE_RETURN_MALFORMED:
1954
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" malformed question from %s, drop\n", so, cfg->ident[i], address);
1955
2017-12-14
pjp
imsg_free(&imsg);
1956
2017-12-14
pjp
goto drop;
1957
2017-12-14
pjp
case PARSE_RETURN_NOQUESTION:
1958
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" header from %s has no question, drop\n", so, cfg->ident[i], address);
1959
2017-12-14
pjp
/* format error */
1960
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1961
2020-07-21
pjp
slen = reply_fmterror(&sreply, &sretlen, NULL);
1962
2017-12-14
pjp
dolog(LOG_INFO, "question on descriptor %d interface \"%s\" from %s, did not have question of 1 replying format error\n", so, cfg->ident[i], address);
1963
2017-12-14
pjp
imsg_free(&imsg);
1964
2017-12-14
pjp
goto drop;
1965
2017-12-14
pjp
case PARSE_RETURN_NOTAQUESTION:
1966
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" dns header from %s is not a question, drop\n", so, cfg->ident[i], address);
1967
2017-12-14
pjp
imsg_free(&imsg);
1968
2017-12-14
pjp
goto drop;
1969
2017-12-14
pjp
case PARSE_RETURN_NAK:
1970
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[i], address);
1971
2017-12-14
pjp
imsg_free(&imsg);
1972
2017-12-14
pjp
goto drop;
1973
2019-02-24
pjp
case PARSE_RETURN_NOTAUTH:
1974
2019-02-24
pjp
/* we didn't see a tsig header */
1975
2019-02-24
pjp
if (filter && pq.tsig.have_tsig == 0) {
1976
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1977
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
1978
2019-02-24
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) replying REFUSED, not a tsig\n", so, cfg->ident[i], address, received_ttl, aregion);
1979
2019-02-24
pjp
imsg_free(&imsg);
1980
2019-02-24
pjp
goto drop;
1981
2019-02-24
pjp
}
1982
2017-12-14
pjp
}
1983
2019-02-24
pjp
}
1984
2017-11-28
pjp
1985
2020-07-06
pjp
question = convert_question(&pq, 1);
1986
2017-12-14
pjp
if (question == NULL) {
1987
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" internal error from %s, drop\n", so, cfg->ident[i], address);
1988
2017-12-14
pjp
imsg_free(&imsg);
1989
2017-12-14
pjp
goto drop;
1990
2017-12-14
pjp
}
1991
2019-02-24
pjp
1992
2017-12-14
pjp
1993
2017-12-14
pjp
1994
2017-12-14
pjp
break;
1995
2017-12-14
pjp
} /* switch */
1996
2017-12-14
pjp
1997
2017-11-28
pjp
imsg_free(&imsg);
1998
2017-12-14
pjp
} /* for (;;) */
1999
2017-12-14
pjp
} else { /* FD_ISSET */
2000
2017-12-14
pjp
goto drop;
2001
2017-12-14
pjp
}
2002
2017-12-14
pjp
2003
2017-12-14
pjp
/* goto drop beyond this point should goto out instead */
2004
2019-10-25
pjp
/* handle notifications */
2005
2019-10-25
pjp
if (question->notify) {
2006
2019-10-25
pjp
if (question->tsig.have_tsig && notifysource(question, (struct sockaddr_storage *)from) &&
2007
2019-10-25
pjp
question->tsig.tsigverified == 1) {
2008
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" authenticated dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[i], address);
2009
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
2010
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2011
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
2012
2019-11-04
pjp
2013
2019-11-04
pjp
/* send notify to replicant process */
2014
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
2015
2020-06-25
pjp
imsg_compose(udp_ibuf, IMSG_NOTIFY_MESSAGE,
2016
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
2017
2020-06-25
pjp
msgbuf_write(&udp_ibuf->w);
2018
2019-10-25
pjp
goto udpout;
2019
2019-10-25
pjp
2020
2019-10-25
pjp
} else if (question->tsig.have_tsig && question->tsig.tsigerrorcode != 0) {
2021
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" not authenticated dns NOTIFY packet (code = %d) from %s, replying notauth\n", so, cfg->ident[i], question->tsig.tsigerrorcode, address);
2022
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTAUTH");
2023
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2024
2020-07-21
pjp
slen = reply_notauth(&sreply, &sretlen, NULL);
2025
2019-10-25
pjp
goto udpout;
2026
2019-10-25
pjp
}
2027
2019-10-25
pjp
2028
2019-10-25
pjp
if (notifysource(question, (struct sockaddr_storage *)from)) {
2029
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[i], address);
2030
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
2031
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2032
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
2033
2019-11-04
pjp
/* send notify to replicant process */
2034
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
2035
2020-06-25
pjp
imsg_compose(udp_ibuf, IMSG_NOTIFY_MESSAGE,
2036
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
2037
2020-06-25
pjp
msgbuf_write(&udp_ibuf->w);
2038
2019-10-25
pjp
goto udpout;
2039
2019-10-25
pjp
} else {
2040
2019-10-25
pjp
/* RFC 1996 - 3.10 is probably broken reply REFUSED */
2041
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" dns NOTIFY packet from %s, NOT in our list of MASTER servers replying REFUSED\n", so, cfg->ident[i], address);
2042
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
2043
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2044
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
2045
2019-10-25
pjp
2046
2019-10-25
pjp
goto udpout;
2047
2019-10-25
pjp
}
2048
2019-10-25
pjp
} /* if question->notify */
2049
2019-10-25
pjp
2050
2019-02-24
pjp
if (question->tsig.have_tsig && question->tsig.tsigerrorcode != 0) {
2051
2019-02-24
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" not authenticated dns packet (code = %d) from %s, replying notauth\n", so, cfg->ident[i], question->tsig.tsigerrorcode, address);
2052
2019-02-24
pjp
snprintf(replystring, DNS_MAXNAME, "NOTAUTH");
2053
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2054
2020-07-21
pjp
slen = reply_notauth(&sreply, &sretlen, NULL);
2055
2019-02-24
pjp
goto udpout;
2056
2019-02-24
pjp
}
2057
2017-08-09
pjp
/* hack around whether we're edns version 0 */
2058
2017-08-09
pjp
if (question->ednsversion != 0) {
2059
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2060
2020-07-21
pjp
slen = reply_badvers(&sreply, &sretlen, NULL);
2061
2016-07-06
pjp
2062
2019-02-24
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" edns version is %u from %s, replying badvers\n", so, cfg->ident[i], question->ednsversion, address);
2063
2017-08-09
pjp
2064
2017-08-09
pjp
snprintf(replystring, DNS_MAXNAME, "BADVERS");
2065
2017-08-09
pjp
goto udpout;
2066
2016-07-06
pjp
}
2067
2016-07-06
pjp
2068
2019-02-18
pjp
if (ntohs(question->hdr->qclass) == DNS_CLASS_CH &&
2069
2019-02-18
pjp
ntohs(question->hdr->qtype) == DNS_TYPE_TXT &&
2070
2019-02-18
pjp
strcasecmp(question->converted_name, "version.bind.") == 0) {
2071
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "VERSION");
2072
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2073
2020-07-21
pjp
slen = reply_version(&sreply, &sretlen, NULL);
2074
2019-02-18
pjp
goto udpout;
2075
2019-02-18
pjp
}
2076
2019-02-18
pjp
2077
2016-07-06
pjp
fakequestion = NULL;
2078
2016-07-06
pjp
2079
2020-01-16
pjp
rbt0 = lookup_zone(cfg->db, question, &type0, &lzerrno, (char *)&replystring, sizeof(replystring));
2080
2016-07-06
pjp
if (type0 < 0) {
2081
2016-07-06
pjp
switch (lzerrno) {
2082
2016-07-06
pjp
default:
2083
2016-07-06
pjp
dolog(LOG_INFO, "invalid lzerrno! dropping\n");
2084
2016-07-06
pjp
/* FALLTHROUGH */
2085
2016-07-06
pjp
case ERR_DROP:
2086
2016-07-06
pjp
snprintf(replystring, DNS_MAXNAME, "DROP");
2087
2019-10-25
pjp
slen = 0;
2088
2017-08-09
pjp
goto udpout;
2089
2016-07-06
pjp
case ERR_REFUSED:
2090
2016-07-06
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
2091
2017-08-09
pjp
2092
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt0, NULL, aregion, istcp, 0, replybuf);
2093
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
2094
2017-08-09
pjp
goto udpout;
2095
2016-07-06
pjp
break;
2096
2016-07-06
pjp
case ERR_NXDOMAIN:
2097
2019-02-18
pjp
/*
2098
2019-02-18
pjp
* lookup_zone could not find an RR for the
2099
2019-02-18
pjp
* question at all -> nxdomain
2100
2019-02-18
pjp
*/
2101
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "NXDOMAIN");
2102
2019-02-18
pjp
2103
2019-02-18
pjp
/*
2104
2019-02-18
pjp
* lookup an authoritative soa
2105
2019-02-18
pjp
*/
2106
2019-02-18
pjp
2107
2019-02-18
pjp
if (rbt0 != NULL) {
2108
2019-02-18
pjp
build_reply(&sreply, so, buf, len, question, from, \
2109
2019-02-18
pjp
fromlen, rbt0, NULL, aregion, istcp, \
2110
2020-06-29
pjp
0, replybuf);
2111
2019-02-18
pjp
2112
2020-07-21
pjp
slen = reply_nxdomain(&sreply, &sretlen, cfg->db);
2113
2019-02-18
pjp
}
2114
2019-02-18
pjp
goto udpout;
2115
2019-02-18
pjp
break;
2116
2019-02-18
pjp
2117
2019-02-18
pjp
case ERR_NODATA:
2118
2019-02-18
pjp
if (rbt1) {
2119
2019-02-18
pjp
rbt1 = NULL;
2120
2019-02-18
pjp
}
2121
2019-02-18
pjp
2122
2019-02-18
pjp
rbt1 = get_soa(cfg->db, question);
2123
2019-02-18
pjp
if (rbt1 != NULL) {
2124
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "NODATA");
2125
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
2126
2020-07-21
pjp
slen = reply_nodata(&sreply, &sretlen, cfg->db);
2127
2017-01-09
pjp
} else {
2128
2020-07-03
pjp
if (forward)
2129
2020-07-03
pjp
goto forwardudp;
2130
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
2131
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, cfg->db);
2132
2019-02-24
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
2133
2017-01-09
pjp
}
2134
2019-02-18
pjp
goto udpout;
2135
2019-02-18
pjp
break;
2136
2020-06-30
pjp
2137
2020-06-30
pjp
case ERR_FORWARD:
2138
2020-07-03
pjp
forwardudp:
2139
2020-07-01
pjp
if (forwardtsig) {
2140
2020-07-01
pjp
if (question->tsig.have_tsig &&
2141
2020-07-01
pjp
question->tsig.tsigverified) {
2142
2020-07-01
pjp
snprintf(replystring, DNS_MAXNAME, "FORWARD");
2143
2020-07-01
pjp
} else {
2144
2020-07-01
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
2145
2020-07-01
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
2146
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, cfg->db);
2147
2020-07-01
pjp
goto udpout;
2148
2020-07-01
pjp
}
2149
2020-07-01
pjp
} else
2150
2020-07-01
pjp
snprintf(replystring, DNS_MAXNAME, "FORWARD");
2151
2020-07-01
pjp
2152
2020-06-30
pjp
/* send query to forward process/cortex */
2153
2020-06-30
pjp
2154
2020-06-30
pjp
if (len > 4000) {
2155
2020-06-30
pjp
dolog(LOG_INFO, "question is larger than 4000 bytes, not forwarding\n");
2156
2020-06-30
pjp
goto udpout;
2157
2020-06-30
pjp
}
2158
2020-06-30
pjp
2159
2020-07-03
pjp
memset(sforward, 0, sizeof(struct sforward));
2160
2020-07-03
pjp
sforward->oldsel = oldsel;
2161
2020-07-03
pjp
2162
2020-07-01
pjp
switch (from->sa_family) {
2163
2020-07-01
pjp
case AF_INET:
2164
2020-07-03
pjp
sforward->rport = sin->sin_port;
2165
2020-07-03
pjp
memcpy((char *)&sforward->from4, sin, fromlen);
2166
2020-07-03
pjp
sforward->family = AF_INET;
2167
2020-07-03
pjp
2168
2020-07-01
pjp
break;
2169
2020-07-01
pjp
case AF_INET6:
2170
2020-07-03
pjp
sforward->rport = sin6->sin6_port;
2171
2020-07-03
pjp
memcpy((char *)&sforward->from6, sin6, fromlen);
2172
2020-07-03
pjp
sforward->family = AF_INET6;
2173
2020-07-03
pjp
2174
2020-07-01
pjp
break;
2175
2020-07-01
pjp
}
2176
2020-07-01
pjp
2177
2020-07-16
pjp
memcpy(&sforward->buf, question->hdr->original_name, question->hdr->namelen);
2178
2020-07-03
pjp
sforward->buflen = question->hdr->namelen;
2179
2020-07-03
pjp
2180
2020-07-03
pjp
memcpy((char *)&sforward->header, buf, sizeof(struct dns_header));
2181
2020-07-03
pjp
sforward->type = question->hdr->qtype;
2182
2020-07-03
pjp
sforward->class = question->hdr->qclass;
2183
2020-09-30
pjp
sforward->edns0len = MIN(question->edns0len, max_udp_payload);
2184
2020-07-04
pjp
sforward->dnssecok = question->dnssecok;
2185
2020-06-30
pjp
2186
2020-07-03
pjp
if (question->tsig.have_tsig && question->tsig.tsigverified) {
2187
2020-07-03
pjp
sforward->havemac = 1;
2188
2020-07-03
pjp
memcpy((char *)&sforward->tsigname, question->tsig.tsigkey, question->tsig.tsigkeylen);
2189
2020-07-03
pjp
sforward->tsignamelen = question->tsig.tsigkeylen;
2190
2020-07-03
pjp
memcpy(&sforward->mac, question->tsig.tsigmac, sizeof(sforward->mac));
2191
2020-07-03
pjp
sforward->tsigtimefudge = question->tsig.tsig_timefudge;
2192
2020-07-03
pjp
} else
2193
2020-07-03
pjp
sforward->havemac = 0;
2194
2020-07-01
pjp
2195
2020-07-10
pjp
sforward->gotit = time(NULL);
2196
2020-07-12
pjp
memcpy(&sf.sfi_sf, sforward, sizeof(struct sforward));
2197
2020-07-10
pjp
2198
2020-07-10
pjp
/* wait for lock */
2199
2020-07-12
pjp
while (cfg->shptr[cfg->shptrsize - 16] == '*') {
2200
2020-07-10
pjp
usleep(arc4random() % 300);
2201
2020-07-10
pjp
}
2202
2020-07-10
pjp
2203
2020-07-12
pjp
cfg->shptr[cfg->shptrsize - 16] = '*'; /* nice semaphore eh? */
2204
2020-07-10
pjp
2205
2020-07-12
pjp
for (sfi = (struct sf_imsg *)&cfg->shptr[0], ix = 0;
2206
2020-07-10
pjp
ix < SHAREDMEMSIZE; ix++, sfi++) {
2207
2020-07-12
pjp
if (unpack32((char *)&sfi->u.s.read) == 1) {
2208
2020-07-10
pjp
memcpy(sfi, &sf, sizeof(struct sf_imsg));
2209
2020-07-12
pjp
pack32((char *)&sfi->u.s.read, 0);
2210
2020-07-10
pjp
break;
2211
2020-07-10
pjp
}
2212
2020-07-10
pjp
}
2213
2020-07-10
pjp
2214
2020-07-10
pjp
if (ix == SHAREDMEMSIZE) {
2215
2020-07-10
pjp
dolog(LOG_INFO, "delphinusdnsd udp: can't find an open slot in sharedmemsize\n");
2216
2020-07-10
pjp
goto udpout;
2217
2020-07-10
pjp
}
2218
2020-07-10
pjp
2219
2020-07-12
pjp
cfg->shptr[cfg->shptrsize - 16] = ' ';
2220
2020-07-10
pjp
2221
2020-07-03
pjp
imsg_compose(udp_ibuf, IMSG_FORWARD_UDP,
2222
2020-07-10
pjp
0, 0, -1, &ix, sizeof(int));
2223
2020-07-03
pjp
2224
2020-07-03
pjp
msgbuf_write(&udp_ibuf->w);
2225
2020-06-30
pjp
goto udpout;
2226
2020-06-30
pjp
break;
2227
2020-06-30
pjp
2228
2019-02-18
pjp
case ERR_NOERROR:
2229
2016-07-06
pjp
/*
2230
2019-02-18
pjp
* this is hackish not sure if this should be here
2231
2016-07-06
pjp
*/
2232
2016-07-06
pjp
2233
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "NOERROR");
2234
2019-02-18
pjp
2235
2019-02-18
pjp
/*
2236
2019-02-18
pjp
* lookup an authoritative soa
2237
2016-07-06
pjp
*/
2238
2019-02-18
pjp
2239
2019-02-18
pjp
if (rbt0) {
2240
2019-02-18
pjp
rbt0 = NULL;
2241
2019-02-18
pjp
}
2242
2019-02-18
pjp
2243
2019-02-18
pjp
rbt0 = get_soa(cfg->db, question);
2244
2019-02-15
pjp
if (rbt0 != NULL) {
2245
2019-02-18
pjp
build_reply(&sreply, so, buf, len, question, from, \
2246
2019-02-18
pjp
fromlen, rbt0, NULL, aregion, istcp, 0,
2247
2020-06-29
pjp
replybuf);
2248
2019-02-15
pjp
2249
2020-07-21
pjp
slen = reply_noerror(&sreply, &sretlen, cfg->db);
2250
2019-02-24
pjp
2251
2019-02-24
pjp
goto udpout;
2252
2019-02-18
pjp
}
2253
2019-02-18
pjp
2254
2019-02-24
pjp
snprintf(replystring, DNS_MAXNAME, "DROP");
2255
2019-10-25
pjp
slen = 0;
2256
2019-10-25
pjp
goto udpout;
2257
2019-10-30
pjp
2258
2019-10-30
pjp
case ERR_DELEGATE:
2259
2019-10-30
pjp
if (rbt0 != NULL) {
2260
2019-10-30
pjp
build_reply(&sreply, so, buf, len, question, from, \
2261
2019-10-30
pjp
fromlen, rbt0, NULL, aregion, istcp, \
2262
2020-06-29
pjp
0, replybuf);
2263
2019-10-30
pjp
2264
2020-07-21
pjp
slen = reply_ns(&sreply, &sretlen, cfg->db);
2265
2019-10-30
pjp
} else {
2266
2019-10-30
pjp
slen = 0;
2267
2019-10-30
pjp
snprintf(replystring, DNS_MAXNAME, "DROP");
2268
2019-10-30
pjp
}
2269
2019-10-30
pjp
2270
2019-10-30
pjp
goto udpout;
2271
2019-10-30
pjp
break;
2272
2019-10-30
pjp
2273
2019-02-18
pjp
}
2274
2019-02-18
pjp
}
2275
2019-02-18
pjp
2276
2019-02-18
pjp
switch (type0) {
2277
2016-07-06
pjp
case DNS_TYPE_CNAME:
2278
2019-02-15
pjp
csd = find_rr(rbt0, DNS_TYPE_SOA);
2279
2019-02-15
pjp
if (csd == NULL)
2280
2019-02-15
pjp
break;
2281
2019-02-15
pjp
2282
2019-02-15
pjp
rr_csd = TAILQ_FIRST(&csd->rr_head);
2283
2019-02-15
pjp
if (rr_csd == NULL)
2284
2019-02-15
pjp
break;
2285
2019-02-15
pjp
2286
2019-02-26
pjp
fakequestion = build_fake_question(((struct cname *)rr_csd)->cname, ((struct cname *)rr_csd)->cnamelen, question->hdr->qtype, NULL, 0);
2287
2016-07-06
pjp
if (fakequestion == NULL) {
2288
2016-07-06
pjp
dolog(LOG_INFO, "fakequestion failed\n");
2289
2016-07-06
pjp
break;
2290
2016-07-06
pjp
}
2291
2016-07-06
pjp
2292
2020-01-16
pjp
rbt1 = lookup_zone(cfg->db, fakequestion, &type1, &lzerrno, (char *)&fakereplystring, sizeof(fakereplystring));
2293
2016-07-06
pjp
/* break CNAMES pointing to CNAMES */
2294
2016-07-06
pjp
if (type1 == DNS_TYPE_CNAME)
2295
2016-07-06
pjp
type1 = 0;
2296
2016-07-06
pjp
2297
2016-07-06
pjp
break;
2298
2016-07-06
pjp
default:
2299
2016-07-06
pjp
2300
2016-07-06
pjp
break;
2301
2016-07-06
pjp
}
2302
2016-07-06
pjp
2303
2016-07-06
pjp
/*
2304
2016-07-06
pjp
* Allow CLASS IN, CHAOS and others are
2305
2016-07-06
pjp
* not implemented and so we build a reply for
2306
2016-07-06
pjp
* that and go out.
2307
2016-07-06
pjp
*/
2308
2016-07-06
pjp
2309
2016-07-06
pjp
switch (ntohs(question->hdr->qclass)) {
2310
2016-07-06
pjp
case DNS_CLASS_IN:
2311
2016-07-06
pjp
break;
2312
2016-07-06
pjp
default:
2313
2017-08-09
pjp
build_reply(&sreply, so, buf, len, question, from, \
2314
2017-08-09
pjp
fromlen, NULL, NULL, aregion, istcp, 0, \
2315
2020-06-29
pjp
replybuf);
2316
2016-07-06
pjp
2317
2020-07-21
pjp
slen = reply_notimpl(&sreply, &sretlen, NULL);
2318
2016-07-06
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIMPL");
2319
2017-08-09
pjp
goto udpout;
2320
2016-07-06
pjp
}
2321
2016-07-06
pjp
2322
2019-01-25
pjp
for (rl = &rlogic[0]; rl->rrtype != 0; rl++) {
2323
2019-01-25
pjp
if (rl->rrtype == ntohs(question->hdr->qtype)) {
2324
2019-01-25
pjp
if (rl->type0 == type0) {
2325
2019-01-25
pjp
switch (rl->buildtype) {
2326
2019-01-25
pjp
case BUILD_CNAME:
2327
2019-01-25
pjp
build_reply(&sreply, so, buf, len, question,
2328
2019-02-15
pjp
from, fromlen, rbt0, ((type1 > 0) ? rbt1 :
2329
2020-06-29
pjp
NULL), aregion, istcp, 0, replybuf);
2330
2019-01-25
pjp
break;
2331
2019-01-25
pjp
case BUILD_OTHER:
2332
2019-01-25
pjp
build_reply(&sreply, so, buf, len, question,
2333
2019-02-15
pjp
from, fromlen, rbt0, NULL, aregion, istcp,
2334
2020-06-29
pjp
0, replybuf);
2335
2019-01-25
pjp
break;
2336
2019-01-25
pjp
}
2337
2019-01-25
pjp
} else {
2338
2019-01-25
pjp
continue;
2339
2019-01-25
pjp
}
2340
2019-01-25
pjp
2341
2020-07-21
pjp
slen = (*rl->reply)(&sreply, &sretlen, cfg->db);
2342
2016-07-06
pjp
break;
2343
2019-01-25
pjp
} /* if rl->rrtype == */
2344
2019-01-25
pjp
}
2345
2016-07-06
pjp
2346
2019-01-25
pjp
if (rl->rrtype == 0) {
2347
2017-08-09
pjp
/*
2348
2017-08-09
pjp
* ANY unkown RR TYPE gets a NOTIMPL
2349
2017-08-09
pjp
*/
2350
2017-08-09
pjp
/*
2351
2017-08-09
pjp
* except for delegations
2352
2017-08-09
pjp
*/
2353
2017-08-09
pjp
2354
2017-08-09
pjp
if (type0 == DNS_TYPE_NS) {
2355
2016-07-06
pjp
2356
2017-08-09
pjp
build_reply(&sreply, so, buf, len, question, from, \
2357
2019-02-15
pjp
fromlen, rbt0, NULL, aregion, istcp, 0, \
2358
2020-06-29
pjp
replybuf);
2359
2016-07-06
pjp
2360
2020-07-21
pjp
slen = reply_ns(&sreply, &sretlen, cfg->db);
2361
2017-08-09
pjp
} else {
2362
2016-07-06
pjp
2363
2016-07-06
pjp
2364
2017-08-09
pjp
build_reply(&sreply, so, buf, len, question, from, \
2365
2017-08-09
pjp
fromlen, NULL, NULL, aregion, istcp, 0, \
2366
2020-06-29
pjp
replybuf);
2367
2016-07-06
pjp
2368
2020-07-21
pjp
slen = reply_notimpl(&sreply, &sretlen, NULL);
2369
2017-08-09
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIMPL");
2370
2017-08-09
pjp
}
2371
2017-08-09
pjp
}
2372
2017-08-09
pjp
2373
2017-08-09
pjp
udpout:
2374
2017-08-09
pjp
if (lflag) {
2375
2020-07-25
pjp
double diffms;
2376
2016-07-06
pjp
2377
2020-07-25
pjp
gettimeofday(&rectv1, NULL);
2378
2020-07-25
pjp
if (rectv1.tv_sec - rectv0.tv_sec > 0) {
2379
2020-07-25
pjp
rectv1.tv_usec += 1000000;
2380
2020-07-25
pjp
rectv1.tv_sec--;
2381
2020-07-25
pjp
}
2382
2020-07-25
pjp
diffms = (((double)rectv1.tv_sec - (double)rectv0.tv_sec) \
2383
2020-07-25
pjp
* 1000) + \
2384
2020-07-25
pjp
(double)(rectv1.tv_usec - rectv0.tv_usec) / 1000;
2385
2020-07-25
pjp
2386
2020-07-25
pjp
dolog(LOG_INFO, "request on descriptor %u interface \"%s\" from %s (ttl=%u, region=%d, tta=%2.3fms) for \"%s\" type=%s class=%u, %s%s%sanswering \"%s\" (%d/%d)\n", so, cfg->ident[i], address, received_ttl, aregion, diffms, question->converted_name, get_dns_type(ntohs(question->hdr->qtype), 1), ntohs(question->hdr->qclass), (question->edns0len ? "edns0, " : ""), (question->dnssecok ? "dnssecok, " : ""), (question->tsig.tsigverified ? "tsig, " : "") , replystring, len, slen);
2387
2020-07-25
pjp
2388
2017-08-09
pjp
}
2389
2016-07-06
pjp
2390
2017-08-09
pjp
if (fakequestion != NULL) {
2391
2017-08-09
pjp
free_question(fakequestion);
2392
2017-08-09
pjp
}
2393
2017-08-09
pjp
2394
2017-08-09
pjp
free_question(question);
2395
2016-07-06
pjp
2396
2019-02-15
pjp
if (rbt0) {
2397
2019-02-15
pjp
rbt0 = NULL;
2398
2017-08-09
pjp
}
2399
2019-02-15
pjp
if (rbt1) {
2400
2019-02-15
pjp
rbt1 = NULL;
2401
2017-08-09
pjp
}
2402
2016-07-06
pjp
2403
2017-08-09
pjp
} /* END ISSET */
2404
2016-07-06
pjp
2405
2017-08-09
pjp
} /* for */
2406
2016-07-06
pjp
2407
2017-08-09
pjp
drop:
2408
2017-08-09
pjp
2409
2019-02-15
pjp
if (rbt0) {
2410
2019-02-15
pjp
rbt0 = NULL;
2411
2017-08-09
pjp
}
2412
2016-07-06
pjp
2413
2019-02-15
pjp
if (rbt1) {
2414
2019-02-15
pjp
rbt1 = NULL;
2415
2017-08-09
pjp
}
2416
2016-07-06
pjp
2417
2017-08-09
pjp
continue;
2418
2017-08-09
pjp
} /* for (;;) */
2419
2016-07-06
pjp
2420
2017-08-09
pjp
/* NOTREACHED */
2421
2017-08-09
pjp
}
2422
2016-07-06
pjp
2423
2017-08-09
pjp
/*
2424
2017-08-09
pjp
* BUILD_REPLY - a function that populates struct reply from arguments, doesn't
2425
2017-08-09
pjp
* return anything. This replaces the alias BUILD_REPLY.
2426
2017-08-09
pjp
*
2427
2017-08-09
pjp
*/
2428
2016-07-06
pjp
2429
2017-08-09
pjp
void
2430
2020-06-29
pjp
build_reply(struct sreply *reply, int so, char *buf, int len, struct question *q, struct sockaddr *sa, socklen_t slen, struct rbtree *rbt1, struct rbtree *rbt2, u_int8_t region, int istcp, int deprecated0, char *replybuf)
2431
2017-08-09
pjp
{
2432
2017-08-09
pjp
reply->so = so;
2433
2017-08-09
pjp
reply->buf = buf;
2434
2017-08-09
pjp
reply->len = len;
2435
2017-08-09
pjp
reply->q = q;
2436
2017-08-09
pjp
reply->sa = sa;
2437
2017-08-09
pjp
reply->salen = slen;
2438
2019-02-15
pjp
reply->rbt1 = rbt1;
2439
2019-02-15
pjp
reply->rbt2 = rbt2;
2440
2017-08-09
pjp
reply->region = region;
2441
2017-08-09
pjp
reply->istcp = istcp;
2442
2017-08-09
pjp
reply->wildcard = 0;
2443
2017-08-09
pjp
reply->replybuf = replybuf;
2444
2016-07-06
pjp
2445
2017-08-09
pjp
return;
2446
2017-08-09
pjp
}
2447
2017-08-09
pjp
2448
2016-07-06
pjp
2449
2017-08-09
pjp
/*
2450
2017-08-09
pjp
* The master process, waits to be killed, if any other processes are killed
2451
2017-08-09
pjp
* and they indicate shutdown through the shared memory segment it will kill
2452
2017-08-09
pjp
* the rest of processes in the parent group.
2453
2017-08-09
pjp
*/
2454
2016-07-06
pjp
2455
2017-08-09
pjp
void
2456
2019-01-29
pjp
setup_master(ddDB *db, char **av, char *socketpath, struct imsgbuf *ibuf)
2457
2017-08-09
pjp
{
2458
2017-08-09
pjp
pid_t pid;
2459
2017-08-09
pjp
int sel, max = 0;
2460
2016-07-06
pjp
2461
2017-08-09
pjp
ssize_t n;
2462
2017-08-09
pjp
fd_set rset;
2463
2016-07-06
pjp
2464
2017-08-09
pjp
struct timeval tv;
2465
2017-08-09
pjp
struct imsg imsg;
2466
2016-07-06
pjp
2467
2017-08-09
pjp
#if __OpenBSD__
2468
2019-01-29
pjp
if (unveil(socketpath, "rwc") < 0) {
2469
2018-10-19
pjp
perror("unveil");
2470
2017-08-09
pjp
exit(1);
2471
2017-08-09
pjp
}
2472
2018-10-19
pjp
if (unveil("/usr/local/sbin/delphinusdnsd", "rx") < 0) {
2473
2018-10-19
pjp
perror("unveil");
2474
2017-08-09
pjp
exit(1);
2475
2017-08-09
pjp
}
2476
2018-10-19
pjp
if (pledge("stdio wpath cpath exec proc", NULL) < 0) {
2477
2018-10-19
pjp
perror("pledge");
2478
2017-08-09
pjp
exit(1);
2479
2017-08-09
pjp
}
2480
2018-10-19
pjp
#endif
2481
2017-08-09
pjp
2482
2019-12-19
pjp
#ifndef NO_SETPROCTITLE
2483
2019-01-30
pjp
setproctitle("master");
2484
2019-12-19
pjp
#endif
2485
2018-10-19
pjp
2486
2017-08-09
pjp
pid = getpid();
2487
2016-07-06
pjp
2488
2017-08-09
pjp
signal(SIGTERM, master_shutdown);
2489
2017-08-09
pjp
signal(SIGINT, master_shutdown);
2490
2017-08-09
pjp
signal(SIGQUIT, master_shutdown);
2491
2017-08-09
pjp
signal(SIGHUP, master_reload);
2492
2016-07-06
pjp
2493
2017-08-09
pjp
FD_ZERO(&rset);
2494
2017-08-09
pjp
for (;;) {
2495
2019-01-29
pjp
tv.tv_sec = 1;
2496
2017-08-09
pjp
tv.tv_usec = 0;
2497
2016-07-06
pjp
2498
2017-08-09
pjp
FD_SET(ibuf->fd, &rset);
2499
2017-08-09
pjp
if (ibuf->fd > max)
2500
2017-08-09
pjp
max = ibuf->fd;
2501
2017-08-09
pjp
2502
2017-08-09
pjp
sel = select(max + 1, &rset, NULL, NULL, &tv);
2503
2017-08-09
pjp
/* on signal or timeout check...*/
2504
2017-08-09
pjp
if (sel < 1) {
2505
2017-08-09
pjp
if (*ptr) {
2506
2017-08-09
pjp
dolog(LOG_INFO, "pid %u died, killing delphinusdnsd\n", *ptr);
2507
2017-08-09
pjp
master_shutdown(SIGTERM);
2508
2017-08-09
pjp
}
2509
2016-07-06
pjp
2510
2017-08-09
pjp
if (mshutdown) {
2511
2017-08-09
pjp
dolog(LOG_INFO, "shutting down on signal %d\n", msig);
2512
2019-11-04
pjp
if (! debug)
2513
2019-11-04
pjp
unlink(socketpath);
2514
2016-07-06
pjp
2515
2017-08-09
pjp
pid = getpgrp();
2516
2017-08-09
pjp
killpg(pid, msig);
2517
2016-07-06
pjp
2518
2017-08-09
pjp
exit(0);
2519
2017-08-09
pjp
}
2520
2016-07-06
pjp
2521
2017-08-09
pjp
if (reload) {
2522
2017-08-09
pjp
signal(SIGTERM, SIG_IGN);
2523
2016-07-06
pjp
2524
2017-08-09
pjp
pid = getpgrp();
2525
2017-08-09
pjp
killpg(pid, SIGTERM);
2526
2020-06-25
pjp
if (munmap(ptr, sizeof(pid_t)) < 0) {
2527
2017-08-09
pjp
dolog(LOG_ERR, "munmap: %s\n", strerror(errno));
2528
2017-08-09
pjp
}
2529
2017-08-09
pjp
2530
2019-11-04
pjp
if (! debug)
2531
2019-11-04
pjp
unlink(socketpath);
2532
2016-07-06
pjp
2533
2019-01-29
pjp
dolog(LOG_INFO, "restarting on SIGHUP or command\n");
2534
2016-07-06
pjp
2535
2017-08-09
pjp
closelog();
2536
2019-12-19
pjp
#ifndef NO_SETPROCTITLE
2537
2019-12-07
pjp
#if __linux__
2538
2019-12-07
pjp
setproctitle(NULL);
2539
2019-12-07
pjp
#endif
2540
2019-12-19
pjp
#endif
2541
2017-08-09
pjp
if (execvp("/usr/local/sbin/delphinusdnsd", av) < 0) {
2542
2017-08-09
pjp
dolog(LOG_ERR, "execvp: %s\n", strerror(errno));
2543
2017-08-09
pjp
}
2544
2017-08-09
pjp
/* NOTREACHED */
2545
2017-08-09
pjp
exit(1);
2546
2017-08-09
pjp
}
2547
2017-08-09
pjp
continue;
2548
2017-08-09
pjp
}
2549
2017-08-09
pjp
2550
2017-08-09
pjp
if (FD_ISSET(ibuf->fd, &rset)) {
2551
2016-07-06
pjp
2552
2017-08-09
pjp
if ((n = imsg_read(ibuf)) < 0 && errno != EAGAIN) {
2553
2017-08-09
pjp
dolog(LOG_ERR, "imsg read failure %s\n", strerror(errno));
2554
2017-08-09
pjp
continue;
2555
2017-08-09
pjp
}
2556
2017-08-09
pjp
if (n == 0) {
2557
2017-08-09
pjp
/* child died? */
2558
2020-07-08
pjp
dolog(LOG_INFO, "sigpipe on child? delphinusdnsd master process exiting.\n");
2559
2017-08-09
pjp
exit(1);
2560
2017-08-09
pjp
}
2561
2016-07-06
pjp
2562
2017-08-09
pjp
for (;;) {
2563
2017-08-09
pjp
if ((n = imsg_get(ibuf, &imsg)) < 0) {
2564
2017-08-09
pjp
dolog(LOG_ERR, "imsg read error: %s\n", strerror(errno));
2565
2017-08-09
pjp
break;
2566
2017-08-09
pjp
} else {
2567
2017-08-09
pjp
if (n == 0)
2568
2016-07-06
pjp
break;
2569
2016-07-06
pjp
2570
2017-08-09
pjp
switch(imsg.hdr.type) {
2571
2017-08-09
pjp
case IMSG_HELLO_MESSAGE:
2572
2017-08-09
pjp
/* dolog(LOG_DEBUG, "received hello from child\n"); */
2573
2017-08-09
pjp
break;
2574
2019-01-29
pjp
case IMSG_RELOAD_MESSAGE:
2575
2019-01-29
pjp
reload = 1;
2576
2019-01-29
pjp
break;
2577
2019-01-29
pjp
case IMSG_SHUTDOWN_MESSAGE:
2578
2020-06-25
pjp
#if DEBUG
2579
2020-06-25
pjp
dolog(LOG_INFO, "received shutdown from cortex\n");
2580
2020-06-25
pjp
#endif
2581
2019-01-29
pjp
mshutdown = 1;
2582
2019-01-29
pjp
msig = SIGTERM;
2583
2019-01-29
pjp
break;
2584
2016-07-06
pjp
}
2585
2016-07-06
pjp
2586
2017-08-09
pjp
imsg_free(&imsg);
2587
2017-08-09
pjp
}
2588
2017-08-09
pjp
} /* for (;;) */
2589
2017-08-09
pjp
} /* FD_ISSET... */
2590
2017-08-09
pjp
} /* for (;;) */
2591
2016-07-06
pjp
2592
2017-08-09
pjp
/* NOTREACHED */
2593
2017-08-09
pjp
}
2594
2016-07-06
pjp
2595
2017-08-09
pjp
/*
2596
2017-08-09
pjp
* master_shutdown - unlink pid file and kill parent group
2597
2017-08-09
pjp
*/
2598
2016-07-06
pjp
2599
2017-08-09
pjp
void
2600
2017-08-09
pjp
master_shutdown(int sig)
2601
2017-08-09
pjp
{
2602
2017-08-09
pjp
msig = sig;
2603
2017-08-09
pjp
mshutdown = 1;
2604
2017-08-09
pjp
}
2605
2016-07-06
pjp
2606
2017-08-09
pjp
/*
2607
2020-06-25
pjp
* ddd_signal - delphinusdnsd got a signal, call ddd_shutdown and exit..
2608
2017-08-09
pjp
*/
2609
2016-07-06
pjp
2610
2017-08-09
pjp
void
2611
2020-06-25
pjp
ddd_signal(int sig)
2612
2017-08-09
pjp
{
2613
2020-06-25
pjp
ddd_shutdown();
2614
2017-08-09
pjp
dolog(LOG_INFO, "shutting down on signal\n");
2615
2017-08-09
pjp
exit(1);
2616
2017-08-09
pjp
}
2617
2016-07-06
pjp
2618
2017-08-09
pjp
/*
2619
2017-08-09
pjp
* master_reload - reload the delphinusdnsd system
2620
2017-08-09
pjp
*/
2621
2016-07-06
pjp
2622
2017-08-09
pjp
void
2623
2017-08-09
pjp
master_reload(int sig)
2624
2017-08-09
pjp
{
2625
2017-08-09
pjp
reload = 1;
2626
2017-08-09
pjp
}
2627
2016-07-06
pjp
2628
2017-08-09
pjp
2629
2017-08-09
pjp
/*
2630
2017-08-09
pjp
* TCPLOOP - does the polling of tcp descriptors and if ready receives the
2631
2017-08-09
pjp
* requests, builds the question and calls for replies, loops
2632
2017-08-09
pjp
*
2633
2017-08-09
pjp
*/
2634
2017-03-14
pjp
2635
2017-08-09
pjp
void
2636
2020-07-03
pjp
tcploop(struct cfg *cfg, struct imsgbuf *ibuf, struct imsgbuf *cortex)
2637
2017-08-09
pjp
{
2638
2017-08-09
pjp
fd_set rset;
2639
2017-08-09
pjp
int sel;
2640
2020-01-14
pjp
int len, slen = 0;
2641
2017-08-09
pjp
int i;
2642
2017-08-09
pjp
int istcp = 1;
2643
2017-08-09
pjp
int maxso;
2644
2017-08-09
pjp
int so;
2645
2017-08-09
pjp
int type0, type1;
2646
2017-08-09
pjp
int lzerrno;
2647
2017-08-09
pjp
int filter = 0;
2648
2020-07-16
pjp
int blocklist = 1;
2649
2019-02-24
pjp
int require_tsig = 0;
2650
2017-08-09
pjp
int axfr_acl = 0;
2651
2020-06-25
pjp
pid_t idata;
2652
2019-06-17
pjp
uint conncnt = 0;
2653
2019-06-07
pjp
int tcpflags;
2654
2017-11-28
pjp
pid_t pid;
2655
2016-07-06
pjp
2656
2017-08-09
pjp
u_int8_t aregion; /* region where the address comes from */
2657
2016-07-06
pjp
2658
2017-08-09
pjp
char *pbuf;
2659
2017-08-09
pjp
char *replybuf = NULL;
2660
2017-08-09
pjp
char address[INET6_ADDRSTRLEN];
2661
2017-08-09
pjp
char replystring[DNS_MAXNAME + 1];
2662
2017-08-09
pjp
char fakereplystring[DNS_MAXNAME + 1];
2663
2017-08-09
pjp
2664
2017-08-09
pjp
union {
2665
2017-08-09
pjp
struct sockaddr sa;
2666
2017-08-09
pjp
struct sockaddr_in sin;
2667
2017-08-09
pjp
struct sockaddr_in6 sin6;
2668
2017-08-09
pjp
} sockaddr_large;
2669
2017-08-09
pjp
2670
2017-08-09
pjp
socklen_t fromlen = sizeof(sockaddr_large);
2671
2017-08-09
pjp
2672
2017-08-09
pjp
struct sockaddr *from = (void *)&sockaddr_large;
2673
2017-08-09
pjp
struct sockaddr_in *sin;
2674
2017-08-09
pjp
struct sockaddr_in6 *sin6;
2675
2017-08-09
pjp
2676
2017-08-09
pjp
struct question *question = NULL, *fakequestion = NULL;
2677
2019-02-15
pjp
struct rbtree *rbt0 = NULL, *rbt1 = NULL;
2678
2019-02-15
pjp
struct rrset *csd;
2679
2019-02-15
pjp
struct rr *rr_csd;
2680
2020-07-10
pjp
struct sf_imsg sf, *sfi = NULL;
2681
2016-07-06
pjp
2682
2017-08-09
pjp
struct sreply sreply;
2683
2019-01-25
pjp
struct reply_logic *rl = NULL;
2684
2017-08-09
pjp
struct timeval tv = { 10, 0};
2685
2017-11-28
pjp
struct imsgbuf parse_ibuf;
2686
2017-11-28
pjp
struct imsgbuf *pibuf;
2687
2017-11-28
pjp
struct imsg imsg;
2688
2017-11-28
pjp
struct parsequestion pq;
2689
2016-07-06
pjp
2690
2017-11-28
pjp
ssize_t n, datalen;
2691
2019-02-24
pjp
u_int32_t imsg_type;
2692
2017-11-28
pjp
2693
2020-07-03
pjp
struct sforward *sforward;
2694
2020-07-10
pjp
int ix;
2695
2020-07-21
pjp
int sretlen;
2696
2020-07-03
pjp
2697
2020-07-03
pjp
2698
2020-07-03
pjp
sforward = (struct sforward *)calloc(1, sizeof(struct sforward));
2699
2020-07-03
pjp
if (sforward == NULL) {
2700
2020-07-03
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
2701
2020-07-03
pjp
ddd_shutdown();
2702
2020-07-03
pjp
exit(1);
2703
2020-07-03
pjp
}
2704
2020-07-03
pjp
2705
2020-06-25
pjp
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, &cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]) < 0) {
2706
2017-11-28
pjp
dolog(LOG_INFO, "socketpair() failed\n");
2707
2020-06-25
pjp
ddd_shutdown();
2708
2017-11-28
pjp
exit(1);
2709
2017-11-28
pjp
}
2710
2017-11-28
pjp
2711
2017-11-28
pjp
pid = fork();
2712
2017-11-28
pjp
switch (pid) {
2713
2017-11-28
pjp
case -1:
2714
2017-11-28
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
2715
2017-11-28
pjp
exit(1);
2716
2017-11-28
pjp
case 0:
2717
2020-07-14
pjp
#ifndef __OpenBSD__
2718
2020-07-14
pjp
/* OpenBSD has minherit() */
2719
2020-07-14
pjp
if (munmap(cfg->shptr, cfg->shptrsize) == -1) {
2720
2020-07-14
pjp
dolog(LOG_INFO, "unmapping shptr failed: %s\n", \
2721
2020-07-14
pjp
strerror(errno));
2722
2020-07-14
pjp
}
2723
2020-07-14
pjp
#endif
2724
2020-07-14
pjp
cfg->shptrsize = 0;
2725
2017-11-28
pjp
for (i = 0; i < cfg->sockcount; i++) {
2726
2017-11-28
pjp
close(cfg->tcp[i]);
2727
2017-11-28
pjp
}
2728
2020-06-25
pjp
close(ibuf->fd);
2729
2020-07-03
pjp
close(cortex->fd);
2730
2017-11-28
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
2731
2020-06-25
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
2732
2017-12-26
pjp
setproctitle("tcp parse engine %d", cfg->pid);
2733
2020-06-25
pjp
parseloop(cfg, &parse_ibuf);
2734
2017-11-28
pjp
/* NOTREACHED */
2735
2017-11-28
pjp
exit(1);
2736
2017-11-28
pjp
default:
2737
2017-11-28
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
2738
2017-11-28
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
2739
2017-11-28
pjp
pibuf = &parse_ibuf;
2740
2017-11-28
pjp
break;
2741
2017-11-28
pjp
}
2742
2017-11-28
pjp
2743
2017-11-27
pjp
#if __OpenBSD__
2744
2017-11-27
pjp
if (pledge("stdio inet sendfd recvfd", NULL) < 0) {
2745
2017-11-27
pjp
perror("pledge");
2746
2017-11-27
pjp
exit(1);
2747
2017-11-27
pjp
}
2748
2017-11-27
pjp
#endif
2749
2017-11-27
pjp
2750
2017-11-28
pjp
2751
2017-08-09
pjp
replybuf = calloc(1, 65536);
2752
2017-08-09
pjp
if (replybuf == NULL) {
2753
2017-08-09
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
2754
2020-06-25
pjp
ddd_shutdown();
2755
2017-08-09
pjp
exit(1);
2756
2017-08-09
pjp
}
2757
2016-07-06
pjp
2758
2016-07-06
pjp
2759
2017-08-09
pjp
/*
2760
2017-08-10
pjp
* listen on descriptors
2761
2017-08-09
pjp
*/
2762
2016-07-06
pjp
2763
2017-08-09
pjp
for (i = 0; i < cfg->sockcount; i++) {
2764
2017-08-09
pjp
listen(cfg->tcp[i], 5);
2765
2017-08-09
pjp
}
2766
2017-08-10
pjp
2767
2017-08-09
pjp
for (;;) {
2768
2017-08-09
pjp
maxso = 0;
2769
2016-07-06
pjp
2770
2017-08-09
pjp
FD_ZERO(&rset);
2771
2017-08-09
pjp
for (i = 0; i < cfg->sockcount; i++) {
2772
2017-08-09
pjp
if (maxso < cfg->tcp[i])
2773
2017-08-09
pjp
maxso = cfg->tcp[i];
2774
2017-08-09
pjp
2775
2017-08-09
pjp
FD_SET(cfg->tcp[i], &rset);
2776
2017-08-09
pjp
}
2777
2019-06-07
pjp
2778
2019-06-07
pjp
TAILQ_FOREACH(tcpnp, &tcphead, tcpentries) {
2779
2019-06-07
pjp
if (maxso < tcpnp->so)
2780
2019-06-07
pjp
maxso = tcpnp->so;
2781
2019-06-07
pjp
2782
2019-06-07
pjp
FD_SET(tcpnp->so, &rset);
2783
2019-06-07
pjp
}
2784
2017-08-09
pjp
2785
2019-06-07
pjp
tv.tv_sec = 3;
2786
2017-08-09
pjp
tv.tv_usec = 0;
2787
2016-07-06
pjp
2788
2017-08-09
pjp
sel = select(maxso + 1, &rset, NULL, NULL, &tv);
2789
2016-07-06
pjp
2790
2017-08-09
pjp
if (sel < 0) {
2791
2017-08-09
pjp
dolog(LOG_INFO, "select: %s\n", strerror(errno));
2792
2017-08-09
pjp
continue;
2793
2017-08-09
pjp
}
2794
2016-07-06
pjp
2795
2017-08-09
pjp
if (sel == 0) {
2796
2019-06-07
pjp
TAILQ_FOREACH_SAFE(tcpnp, &tcphead, tcpentries, tcpn1) {
2797
2019-06-07
pjp
if ((tcpnp->last_used + 3) < time(NULL)) {
2798
2019-06-07
pjp
dolog(LOG_INFO, "tcp timeout on interface \"%s\" for address %s\n", cfg->ident[tcpnp->intidx], tcpnp->address);
2799
2019-06-07
pjp
TAILQ_REMOVE(&tcphead, tcpnp, tcpentries);
2800
2019-06-07
pjp
close(tcpnp->so);
2801
2019-06-07
pjp
free(tcpnp->address);
2802
2019-06-07
pjp
free(tcpnp);
2803
2019-06-17
pjp
if (conncnt > 0)
2804
2019-06-07
pjp
conncnt--;
2805
2019-06-07
pjp
}
2806
2019-06-07
pjp
}
2807
2017-08-09
pjp
continue;
2808
2017-08-09
pjp
}
2809
2017-08-09
pjp
2810
2017-08-09
pjp
for (i = 0; i < cfg->sockcount; i++) {
2811
2017-08-09
pjp
if (FD_ISSET(cfg->tcp[i], &rset)) {
2812
2017-08-09
pjp
fromlen = sizeof(sockaddr_large);
2813
2017-08-09
pjp
2814
2017-08-09
pjp
so = accept(cfg->tcp[i], (struct sockaddr*)from, &fromlen);
2815
2017-08-09
pjp
2816
2017-08-09
pjp
if (so < 0) {
2817
2017-08-09
pjp
dolog(LOG_INFO, "tcp accept: %s\n", strerror(errno));
2818
2017-08-09
pjp
continue;
2819
2017-08-09
pjp
}
2820
2017-08-09
pjp
2821
2016-07-06
pjp
if (from->sa_family == AF_INET6) {
2822
2016-07-06
pjp
2823
2016-07-06
pjp
fromlen = sizeof(struct sockaddr_in6);
2824
2016-07-06
pjp
sin6 = (struct sockaddr_in6 *)from;
2825
2016-07-06
pjp
inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, (char *)&address, sizeof(address));
2826
2016-07-06
pjp
aregion = find_region((struct sockaddr_storage *)sin6, AF_INET6);
2827
2016-07-06
pjp
filter = find_filter((struct sockaddr_storage *)sin6, AF_INET6);
2828
2020-07-16
pjp
if (passlist) {
2829
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin6, AF_INET6);
2830
2016-07-06
pjp
}
2831
2017-08-09
pjp
axfr_acl = find_axfr((struct sockaddr_storage *)sin6, AF_INET6);
2832
2019-02-24
pjp
2833
2019-02-24
pjp
require_tsig = 0;
2834
2019-02-24
pjp
if (tsig) {
2835
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin6, AF_INET6);
2836
2019-02-24
pjp
}
2837
2016-07-06
pjp
} else if (from->sa_family == AF_INET) {
2838
2016-07-06
pjp
2839
2016-07-06
pjp
fromlen = sizeof(struct sockaddr_in);
2840
2016-07-06
pjp
sin = (struct sockaddr_in *)from;
2841
2016-07-06
pjp
inet_ntop(AF_INET, (void *)&sin->sin_addr, (char *)&address, sizeof(address));
2842
2016-07-06
pjp
aregion = find_region((struct sockaddr_storage *)sin, AF_INET);
2843
2016-07-06
pjp
filter = find_filter((struct sockaddr_storage *)sin, AF_INET);
2844
2020-07-16
pjp
if (passlist) {
2845
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin, AF_INET);
2846
2016-07-06
pjp
}
2847
2017-08-09
pjp
axfr_acl = find_axfr((struct sockaddr_storage *)sin, AF_INET);
2848
2019-02-24
pjp
2849
2019-02-24
pjp
require_tsig = 0;
2850
2019-02-24
pjp
if (tsig) {
2851
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin, AF_INET);
2852
2019-02-24
pjp
}
2853
2016-07-06
pjp
} else {
2854
2017-08-09
pjp
dolog(LOG_INFO, "TCP packet received on descriptor %u interface \"%s\" had weird address family (%u), drop\n", so, cfg->ident[i], from->sa_family);
2855
2017-08-09
pjp
close(so);
2856
2017-08-09
pjp
continue;
2857
2016-07-06
pjp
}
2858
2016-07-06
pjp
2859
2017-08-09
pjp
2860
2019-02-24
pjp
if (filter && require_tsig == 0) {
2861
2020-01-01
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s, filter policy, drop\n", so, cfg->ident[i], address);
2862
2020-01-01
pjp
#if 0
2863
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2864
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
2865
2020-01-01
pjp
#endif
2866
2017-08-09
pjp
close(so);
2867
2017-08-09
pjp
continue;
2868
2016-07-06
pjp
}
2869
2016-07-06
pjp
2870
2020-07-16
pjp
if (passlist && blocklist == 0) {
2871
2020-07-16
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s, passlist policy\n", so, cfg->ident[i], address);
2872
2017-08-09
pjp
close(so);
2873
2017-08-09
pjp
continue;
2874
2017-08-09
pjp
}
2875
2016-07-06
pjp
2876
2019-06-07
pjp
if (conncnt >= 64) {
2877
2019-06-07
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s, too many TCP connections", so
2878
2019-06-07
pjp
, cfg->ident[i], address);
2879
2017-08-09
pjp
close(so);
2880
2017-08-09
pjp
continue;
2881
2017-08-10
pjp
}
2882
2016-07-06
pjp
2883
2019-06-07
pjp
if ((tcpflags = fcntl(so, F_GETFL, 0)) < 0) {
2884
2019-06-07
pjp
dolog(LOG_INFO, "tcp fcntl can't query fcntl flags\n");
2885
2017-09-05
pjp
close(so);
2886
2017-09-05
pjp
continue;
2887
2019-06-07
pjp
}
2888
2019-06-07
pjp
2889
2019-06-07
pjp
tcpflags |= O_NONBLOCK;
2890
2019-12-06
pjp
if (fcntl(so, F_SETFL, tcpflags) < 0) {
2891
2019-06-07
pjp
dolog(LOG_INFO, "tcp fcntl can't set nonblocking\n");
2892
2017-09-05
pjp
close(so);
2893
2017-09-05
pjp
continue;
2894
2017-09-05
pjp
}
2895
2019-06-07
pjp
2896
2019-06-07
pjp
tcpn1 = malloc(sizeof(struct tcpentry));
2897
2019-06-07
pjp
if (tcpn1 == NULL) {
2898
2019-06-07
pjp
dolog(LOG_INFO, "malloc: %s\n", strerror(errno));
2899
2017-09-05
pjp
close(so);
2900
2017-09-05
pjp
continue;
2901
2017-09-05
pjp
}
2902
2019-06-07
pjp
tcpn1->bytes_read = 0;
2903
2019-06-07
pjp
tcpn1->bytes_expected = 0;
2904
2019-12-26
pjp
tcpn1->bytes_limit = 0;
2905
2019-12-26
pjp
tcpn1->seen = 0;
2906
2019-06-07
pjp
tcpn1->so = so;
2907
2019-06-07
pjp
tcpn1->last_used = time(NULL);
2908
2019-06-07
pjp
tcpn1->intidx = i;
2909
2019-06-07
pjp
tcpn1->address = strdup(address);
2910
2019-06-07
pjp
2911
2019-06-07
pjp
TAILQ_INSERT_TAIL(&tcphead, tcpn1, tcpentries);
2912
2019-06-07
pjp
conncnt++;
2913
2017-09-05
pjp
2914
2019-06-07
pjp
} /* FD_ISSET */
2915
2019-06-07
pjp
}
2916
2019-06-07
pjp
2917
2019-06-07
pjp
TAILQ_FOREACH_SAFE(tcpnp, &tcphead, tcpentries, tcpn1) {
2918
2019-06-07
pjp
if (FD_ISSET(tcpnp->so, &rset)) {
2919
2019-06-07
pjp
2920
2019-06-07
pjp
if (tcpnp->bytes_read < 2)
2921
2019-06-07
pjp
len = recv(tcpnp->so, &tcpnp->buf[tcpnp->bytes_read], 2, 0);
2922
2019-06-07
pjp
else
2923
2019-06-07
pjp
len = recv(tcpnp->so, &tcpnp->buf[tcpnp->bytes_read], tcpnp->bytes_expected, 0);
2924
2019-06-07
pjp
2925
2019-06-07
pjp
if (len <= 0) {
2926
2017-08-10
pjp
if (errno == EWOULDBLOCK) {
2927
2019-06-07
pjp
continue;
2928
2017-08-10
pjp
}
2929
2019-06-07
pjp
TAILQ_REMOVE(&tcphead, tcpnp, tcpentries);
2930
2019-06-07
pjp
close(tcpnp->so);
2931
2019-06-07
pjp
free(tcpnp->address);
2932
2019-06-07
pjp
free(tcpnp);
2933
2019-06-17
pjp
if (conncnt > 0)
2934
2019-06-17
pjp
conncnt--;
2935
2017-08-10
pjp
continue;
2936
2017-08-10
pjp
} /* if len */
2937
2019-06-07
pjp
2938
2019-06-07
pjp
tcpnp->bytes_read += len;
2939
2019-12-26
pjp
tcpnp->bytes_expected -= len;
2940
2019-12-26
pjp
2941
2019-12-26
pjp
if (tcpnp->bytes_expected < 0)
2942
2019-12-26
pjp
tcpnp->bytes_expected = 0;
2943
2019-12-26
pjp
2944
2019-12-26
pjp
if (tcpnp->seen == 0 && tcpnp->bytes_read >= 2) {
2945
2020-01-14
pjp
uint16_t u16tmp;
2946
2020-01-14
pjp
2947
2020-01-14
pjp
u16tmp = unpack16(&tcpnp->buf[0]);
2948
2020-01-14
pjp
tcpnp->bytes_expected = ntohs(u16tmp);
2949
2019-12-26
pjp
tcpnp->bytes_limit = tcpnp->bytes_expected;
2950
2019-12-26
pjp
tcpnp->seen = 1;
2951
2020-01-01
pjp
}
2952
2019-12-26
pjp
2953
2020-01-01
pjp
/*
2954
2020-01-01
pjp
* disallow continuing if we only have the
2955
2020-01-01
pjp
* length and nothing else
2956
2020-01-01
pjp
*/
2957
2020-01-01
pjp
2958
2020-01-01
pjp
if (tcpnp->bytes_read <= 2)
2959
2020-01-01
pjp
continue;
2960
2020-01-01
pjp
2961
2019-12-26
pjp
if ((tcpnp->bytes_read - 2) != tcpnp->bytes_limit)
2962
2019-06-07
pjp
continue;
2963
2017-08-10
pjp
2964
2019-06-07
pjp
len = tcpnp->bytes_read - 2;
2965
2019-06-07
pjp
pbuf = &tcpnp->buf[2];
2966
2019-06-07
pjp
so = tcpnp->so;
2967
2017-08-10
pjp
2968
2017-08-09
pjp
if (len > DNS_MAXUDP || len < sizeof(struct dns_header)){
2969
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2970
2019-06-07
pjp
2971
2016-07-06
pjp
goto drop;
2972
2016-07-06
pjp
}
2973
2016-07-06
pjp
2974
2019-06-07
pjp
imsg_type = IMSG_PARSE_MESSAGE;
2975
2019-02-24
pjp
if (imsg_compose(pibuf, imsg_type,
2976
2017-11-28
pjp
0, 0, -1, pbuf, len) < 0) {
2977
2017-11-28
pjp
dolog(LOG_INFO, "imsg_compose %s\n", strerror(errno));
2978
2017-08-09
pjp
}
2979
2017-11-28
pjp
msgbuf_write(&pibuf->w);
2980
2016-07-06
pjp
2981
2017-11-28
pjp
FD_ZERO(&rset);
2982
2017-11-28
pjp
FD_SET(pibuf->fd, &rset);
2983
2016-07-06
pjp
2984
2017-11-28
pjp
tv.tv_sec = 10;
2985
2017-11-28
pjp
tv.tv_usec = 0;
2986
2017-08-09
pjp
2987
2017-11-28
pjp
sel = select(pibuf->fd + 1, &rset, NULL, NULL, &tv);
2988
2017-08-09
pjp
2989
2017-11-28
pjp
if (sel < 0) {
2990
2017-11-28
pjp
dolog(LOG_ERR, "tcploop internal error around select, dropping packet\n");
2991
2016-07-06
pjp
goto drop;
2992
2016-07-06
pjp
}
2993
2017-11-28
pjp
2994
2017-11-28
pjp
if (sel == 0) {
2995
2017-11-28
pjp
dolog(LOG_ERR, "tcploop internal error, timeout on parse imsg, drop\n");
2996
2016-07-06
pjp
goto drop;
2997
2016-07-06
pjp
}
2998
2017-11-28
pjp
2999
2017-11-28
pjp
if (((n = imsg_read(pibuf)) == -1 && errno != EAGAIN) || n == 0) {
3000
2017-11-28
pjp
dolog(LOG_ERR, "tcploop internal error, timeout on parse imsg, drop\n");
3001
2017-11-28
pjp
goto drop;
3002
2017-11-28
pjp
}
3003
2017-11-28
pjp
3004
2017-11-28
pjp
for (;;) {
3005
2017-11-28
pjp
3006
2017-11-28
pjp
if ((n = imsg_get(pibuf, &imsg)) == -1) {
3007
2017-11-28
pjp
break;
3008
2017-11-28
pjp
}
3009
2017-11-28
pjp
3010
2017-11-28
pjp
if (n == 0) {
3011
2017-11-28
pjp
break;
3012
2017-11-28
pjp
}
3013
2017-11-28
pjp
3014
2017-11-28
pjp
datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
3015
2017-11-28
pjp
3016
2017-11-28
pjp
switch (imsg.hdr.type) {
3017
2017-11-28
pjp
case IMSG_PARSEREPLY_MESSAGE:
3018
2017-11-28
pjp
if (datalen != sizeof(struct parsequestion)) {
3019
2017-11-28
pjp
dolog(LOG_ERR, "tcploop datalen != sizeof(struct parsequestion), can't work with this, drop\n");
3020
2017-11-28
pjp
imsg_free(&imsg);
3021
2017-11-28
pjp
goto drop;
3022
2017-11-28
pjp
}
3023
2017-11-28
pjp
3024
2017-11-28
pjp
memcpy((char *)&pq, imsg.data, datalen);
3025
2017-11-28
pjp
3026
2017-11-28
pjp
if (pq.rc != PARSE_RETURN_ACK) {
3027
2017-11-28
pjp
switch (pq.rc) {
3028
2017-11-28
pjp
case PARSE_RETURN_MALFORMED:
3029
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" malformed question from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3030
2017-11-28
pjp
imsg_free(&imsg);
3031
2017-11-28
pjp
goto drop;
3032
2017-11-28
pjp
case PARSE_RETURN_NOQUESTION:
3033
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" header from %s has no question, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3034
2017-11-28
pjp
/* format error */
3035
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3036
2020-07-21
pjp
slen = reply_fmterror(&sreply, &sretlen, NULL);
3037
2019-06-07
pjp
dolog(LOG_INFO, "TCP question on descriptor %d interface \"%s\" from %s, did not have question of 1 replying format error\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3038
2017-11-28
pjp
imsg_free(&imsg);
3039
2017-11-28
pjp
goto drop;
3040
2017-11-28
pjp
case PARSE_RETURN_NOTAQUESTION:
3041
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" dns header from %s is not a question, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3042
2017-11-28
pjp
imsg_free(&imsg);
3043
2017-11-28
pjp
goto drop;
3044
2017-11-28
pjp
case PARSE_RETURN_NAK:
3045
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3046
2017-11-28
pjp
imsg_free(&imsg);
3047
2017-11-28
pjp
goto drop;
3048
2019-02-24
pjp
case PARSE_RETURN_NOTAUTH:
3049
2019-02-24
pjp
if (filter && pq.tsig.have_tsig == 0) {
3050
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3051
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
3052
2019-06-07
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s (ttl=TCP, region=%d) replying REFUSED, not a tsig\n", so, cfg->ident[tcpnp->intidx], tcpnp->address, aregion);
3053
2019-02-24
pjp
imsg_free(&imsg);
3054
2019-02-24
pjp
goto drop;
3055
2019-02-24
pjp
}
3056
2017-11-28
pjp
}
3057
2017-11-28
pjp
}
3058
2017-11-28
pjp
3059
2020-07-06
pjp
question = convert_question(&pq, 1);
3060
2017-11-28
pjp
if (question == NULL) {
3061
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" internal error from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3062
2017-11-28
pjp
imsg_free(&imsg);
3063
2017-11-28
pjp
goto drop;
3064
2017-11-28
pjp
}
3065
2017-11-28
pjp
3066
2017-11-28
pjp
3067
2017-11-28
pjp
break;
3068
2017-11-28
pjp
} /* switch */
3069
2017-11-28
pjp
3070
2017-11-28
pjp
imsg_free(&imsg);
3071
2017-11-28
pjp
} /* for (;;) */
3072
2017-11-28
pjp
3073
2016-07-06
pjp
/* goto drop beyond this point should goto out instead */
3074
2017-08-09
pjp
fakequestion = NULL;
3075
2019-10-25
pjp
/* handle tcp notifications , XXX not tested */
3076
2019-10-25
pjp
if (question->notify) {
3077
2019-10-25
pjp
if (question->tsig.have_tsig && notifysource(question, (struct sockaddr_storage *)from) &&
3078
2019-10-25
pjp
question->tsig.tsigverified == 1) {
3079
2019-10-25
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" authenticated dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3080
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
3081
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3082
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
3083
2019-11-04
pjp
/* send notify to replicant process */
3084
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
3085
2020-06-25
pjp
imsg_compose(ibuf, IMSG_NOTIFY_MESSAGE,
3086
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
3087
2020-06-25
pjp
msgbuf_write(&ibuf->w);
3088
2019-10-25
pjp
goto tcpout;
3089
2019-10-25
pjp
3090
2019-10-25
pjp
} else if (question->tsig.have_tsig && question->tsig.tsigerrorcode != 0) {
3091
2019-10-25
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" not authenticated dns NOTIFY packet (code = %d) from %s, replying notauth\n", so, cfg->ident[tcpnp->intidx], question->tsig.tsigerrorcode, tcpnp->address);
3092
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTAUTH");
3093
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3094
2020-07-21
pjp
slen = reply_notauth(&sreply, &sretlen, NULL);
3095
2019-10-25
pjp
goto tcpout;
3096
2019-10-25
pjp
}
3097
2016-07-06
pjp
3098
2019-10-25
pjp
if (notifysource(question, (struct sockaddr_storage *)from)) {
3099
2019-10-25
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3100
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
3101
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3102
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
3103
2019-11-04
pjp
/* send notify to replicant process */
3104
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
3105
2020-06-25
pjp
imsg_compose(ibuf, IMSG_NOTIFY_MESSAGE,
3106
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
3107
2020-06-25
pjp
msgbuf_write(&ibuf->w);
3108
2019-10-25
pjp
goto tcpout;
3109
2019-10-25
pjp
} else {
3110
2019-10-25
pjp
/* RFC 1996 - 3.10 is probably broken, replying REFUSED */
3111
2019-10-25
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" dns NOTIFY packet from %s, NOT in our list of MASTER servers replying REFUSED\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3112
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
3113
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3114
2020-07-21
pjp
slen = reply_refuse