Blame
Date:
Thu Sep 10 14:45:56 2020 UTC
Message:
I want to stick with ldns-verify-zone
0001
2016-07-06
pjp
/*
0002
2020-06-25
pjp
* Copyright (c) 2002-2020 Peter J. Philipp
0003
2016-07-06
pjp
* All rights reserved.
0004
2016-07-06
pjp
*
0005
2016-07-06
pjp
* Redistribution and use in source and binary forms, with or without
0006
2016-07-06
pjp
* modification, are permitted provided that the following conditions
0007
2016-07-06
pjp
* are met:
0008
2016-07-06
pjp
* 1. Redistributions of source code must retain the above copyright
0009
2016-07-06
pjp
* notice, this list of conditions and the following disclaimer.
0010
2016-07-06
pjp
* 2. Redistributions in binary form must reproduce the above copyright
0011
2016-07-06
pjp
* notice, this list of conditions and the following disclaimer in the
0012
2016-07-06
pjp
* documentation and/or other materials provided with the distribution.
0013
2016-07-06
pjp
* 3. The name of the author may not be used to endorse or promote products
0014
2016-07-06
pjp
* derived from this software without specific prior written permission
0015
2016-07-06
pjp
*
0016
2016-07-06
pjp
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
0017
2016-07-06
pjp
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
0018
2016-07-06
pjp
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
0019
2016-07-06
pjp
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
0020
2016-07-06
pjp
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
0021
2016-07-06
pjp
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
0022
2016-07-06
pjp
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
0023
2016-07-06
pjp
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
0024
2016-07-06
pjp
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
0025
2016-07-06
pjp
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
0026
2016-07-06
pjp
*
0027
2016-07-06
pjp
*/
0028
2017-10-26
pjp
0029
2017-10-26
pjp
/*
0030
2020-08-26
pjp
* $Id: delphinusdnsd.c,v 1.141 2020/08/26 07:17:26 pjp Exp $
0031
2017-10-26
pjp
*/
0032
2017-10-26
pjp
0033
2019-06-06
pjp
0034
2019-06-06
pjp
#include <sys/types.h>
0035
2019-06-06
pjp
#include <sys/socket.h>
0036
2019-06-06
pjp
#include <sys/time.h>
0037
2019-06-06
pjp
#include <sys/stat.h>
0038
2019-06-06
pjp
#include <sys/uio.h>
0039
2019-06-06
pjp
#include <sys/mman.h>
0040
2019-06-06
pjp
#include <sys/wait.h>
0041
2019-06-06
pjp
#include <sys/un.h>
0042
2019-06-06
pjp
0043
2019-06-06
pjp
#include <net/if.h>
0044
2019-06-06
pjp
0045
2019-06-06
pjp
#include <netinet/in.h>
0046
2019-06-06
pjp
#include <arpa/inet.h>
0047
2019-06-06
pjp
#include <netdb.h>
0048
2019-06-06
pjp
0049
2019-06-06
pjp
#include <stdio.h>
0050
2019-06-06
pjp
#include <stdlib.h>
0051
2019-06-06
pjp
#include <stdint.h>
0052
2019-06-06
pjp
#include <stdarg.h>
0053
2019-06-06
pjp
#include <string.h>
0054
2019-06-06
pjp
#include <unistd.h>
0055
2019-06-06
pjp
#include <fcntl.h>
0056
2019-06-06
pjp
#include <errno.h>
0057
2019-06-06
pjp
#include <syslog.h>
0058
2019-06-06
pjp
#include <ctype.h>
0059
2019-06-06
pjp
#include <pwd.h>
0060
2019-06-06
pjp
#include <ifaddrs.h>
0061
2019-06-06
pjp
#include <dirent.h>
0062
2019-06-06
pjp
#include <signal.h>
0063
2019-06-06
pjp
#include <time.h>
0064
2019-06-06
pjp
0065
2019-06-06
pjp
#ifdef __linux__
0066
2020-07-13
pjp
#include <linux/bpf.h>
0067
2020-07-13
pjp
#include <linux/filter.h>
0068
2019-06-06
pjp
#include <grp.h>
0069
2019-06-06
pjp
#define __USE_BSD 1
0070
2019-06-06
pjp
#include <endian.h>
0071
2019-06-06
pjp
#include <bsd/stdlib.h>
0072
2019-06-06
pjp
#include <bsd/string.h>
0073
2019-06-06
pjp
#include <bsd/unistd.h>
0074
2019-06-06
pjp
#include <bsd/sys/queue.h>
0075
2019-06-06
pjp
#define __unused
0076
2019-06-06
pjp
#include <bsd/sys/tree.h>
0077
2019-06-06
pjp
#include <bsd/sys/endian.h>
0078
2019-06-06
pjp
#include "imsg.h"
0079
2019-06-06
pjp
#else /* not linux */
0080
2019-06-06
pjp
#include <sys/queue.h>
0081
2019-06-06
pjp
#include <sys/tree.h>
0082
2019-06-06
pjp
#ifdef __FreeBSD__
0083
2019-06-06
pjp
#include "imsg.h"
0084
2019-06-06
pjp
#else
0085
2019-06-06
pjp
#include <imsg.h>
0086
2019-06-06
pjp
#endif /* __FreeBSD__ */
0087
2019-06-06
pjp
#endif /* __linux__ */
0088
2019-06-06
pjp
0089
2019-06-06
pjp
#ifndef NTOHS
0090
2019-06-06
pjp
#include "endian.h"
0091
2019-06-06
pjp
#endif
0092
2019-06-06
pjp
0093
2016-07-06
pjp
#include "ddd-dns.h"
0094
2016-07-06
pjp
#include "ddd-db.h"
0095
2016-07-06
pjp
#include "ddd-config.h"
0096
2016-07-06
pjp
0097
2016-07-06
pjp
/* prototypes */
0098
2016-07-06
pjp
0099
2020-07-08
pjp
extern char *convert_name(char *, int);
0100
2019-12-03
pjp
extern void pack(char *, char *, int);
0101
2019-12-03
pjp
extern void pack32(char *, u_int32_t);
0102
2019-12-03
pjp
extern void pack16(char *, u_int16_t);
0103
2019-12-03
pjp
extern void pack8(char *, u_int8_t);
0104
2019-12-03
pjp
extern uint32_t unpack32(char *);
0105
2019-12-03
pjp
extern uint16_t unpack16(char *);
0106
2019-12-03
pjp
extern void unpack(char *, char *, int);
0107
2019-12-03
pjp
0108
2016-07-06
pjp
extern void add_rrlimit(int, u_int16_t *, int, char *);
0109
2017-08-09
pjp
extern void axfrloop(int *, int, char **, ddDB *, struct imsgbuf *);
0110
2020-07-03
pjp
extern void forwardloop(ddDB *, struct cfg *, struct imsgbuf *, struct imsgbuf *);
0111
2020-06-25
pjp
extern void replicantloop(ddDB *, struct imsgbuf *);
0112
2019-02-26
pjp
extern struct question *build_fake_question(char *, int, u_int16_t, char *, int);
0113
2017-01-09
pjp
extern int check_ent(char *, int);
0114
2016-07-06
pjp
extern int check_rrlimit(int, u_int16_t *, int, char *);
0115
2016-07-06
pjp
extern void collects_init(void);
0116
2016-07-06
pjp
extern void dolog(int, char *, ...);
0117
2017-08-09
pjp
extern int find_axfr(struct sockaddr_storage *, int);
0118
2016-07-06
pjp
extern int find_filter(struct sockaddr_storage *, int);
0119
2016-07-06
pjp
extern u_int8_t find_region(struct sockaddr_storage *, int);
0120
2020-07-16
pjp
extern int find_passlist(struct sockaddr_storage *, int);
0121
2019-02-24
pjp
extern int find_tsig(struct sockaddr_storage *, int);
0122
2016-08-30
pjp
extern char * get_dns_type(int, int);
0123
2016-07-06
pjp
extern void init_dnssec(void);
0124
2016-07-06
pjp
extern void init_region(void);
0125
2017-06-26
pjp
extern int init_entlist(ddDB *);
0126
2016-07-06
pjp
extern void init_filter(void);
0127
2020-07-16
pjp
extern void init_passlist(void);
0128
2019-02-24
pjp
extern void init_tsig(void);
0129
2020-06-25
pjp
extern void init_notifyddd(void);
0130
2020-01-16
pjp
extern struct rbtree * lookup_zone(ddDB *, struct question *, int *, int *, char *, int);
0131
2019-10-31
pjp
extern struct rbtree * Lookup_zone(ddDB *, char *, u_int16_t, u_int16_t, int);
0132
2017-01-11
pjp
extern int memcasecmp(u_char *, u_char *, int);
0133
2020-07-21
pjp
extern int reply_a(struct sreply *, int *, ddDB *);
0134
2020-07-21
pjp
extern int reply_aaaa(struct sreply *, int *, ddDB *);
0135
2020-07-21
pjp
extern int reply_any(struct sreply *, int *, ddDB *);
0136
2020-07-21
pjp
extern int reply_badvers(struct sreply *, int *, ddDB *);
0137
2020-07-21
pjp
extern int reply_nodata(struct sreply *, int *, ddDB *);
0138
2020-07-21
pjp
extern int reply_cname(struct sreply *, int *, ddDB *);
0139
2020-07-21
pjp
extern int reply_fmterror(struct sreply *, int *, ddDB *);
0140
2020-07-21
pjp
extern int reply_notauth(struct sreply *, int *, ddDB *);
0141
2020-07-21
pjp
extern int reply_notimpl(struct sreply *, int *, ddDB *);
0142
2020-07-21
pjp
extern int reply_nxdomain(struct sreply *, int *, ddDB *);
0143
2020-07-21
pjp
extern int reply_noerror(struct sreply *, int *, ddDB *);
0144
2020-07-21
pjp
extern int reply_notify(struct sreply *, int *, ddDB *);
0145
2020-07-21
pjp
extern int reply_soa(struct sreply *, int *, ddDB *);
0146
2020-07-21
pjp
extern int reply_mx(struct sreply *, int *, ddDB *);
0147
2020-07-21
pjp
extern int reply_naptr(struct sreply *, int *, ddDB *);
0148
2020-07-21
pjp
extern int reply_ns(struct sreply *, int *, ddDB *);
0149
2020-07-21
pjp
extern int reply_ptr(struct sreply *, int *, ddDB *);
0150
2020-07-21
pjp
extern int reply_refused(struct sreply *, int *, ddDB *);
0151
2020-07-21
pjp
extern int reply_srv(struct sreply *, int *, ddDB *);
0152
2020-07-21
pjp
extern int reply_sshfp(struct sreply *, int *, ddDB *);
0153
2020-07-21
pjp
extern int reply_tlsa(struct sreply *, int *, ddDB *);
0154
2020-07-21
pjp
extern int reply_txt(struct sreply *, int *, ddDB *);
0155
2020-07-21
pjp
extern int reply_version(struct sreply *, int *, ddDB *);
0156
2020-07-21
pjp
extern int reply_rrsig(struct sreply *, int *, ddDB *);
0157
2020-07-21
pjp
extern int reply_dnskey(struct sreply *, int *, ddDB *);
0158
2020-07-23
pjp
extern int reply_caa(struct sreply *, int *, ddDB *);
0159
2020-07-23
pjp
extern int reply_rp(struct sreply *, int *, ddDB *);
0160
2020-07-23
pjp
extern int reply_hinfo(struct sreply *, int *, ddDB *);
0161
2020-07-21
pjp
extern int reply_ds(struct sreply *, int *, ddDB *);
0162
2020-07-21
pjp
extern int reply_nsec(struct sreply *, int *, ddDB *);
0163
2020-07-21
pjp
extern int reply_nsec3(struct sreply *, int *, ddDB *);
0164
2020-07-21
pjp
extern int reply_nsec3param(struct sreply *, int *, ddDB *);
0165
2016-07-06
pjp
extern char *rrlimit_setup(int);
0166
2016-07-06
pjp
extern char *dns_label(char *, int *);
0167
2020-06-25
pjp
extern void ddd_shutdown(void);
0168
2017-06-26
pjp
extern int get_record_size(ddDB *, char *, int);
0169
2019-02-26
pjp
extern struct question *build_question(char *, int, int, char *);
0170
2019-02-07
pjp
extern int free_question(struct question *);
0171
2019-02-15
pjp
extern struct rbtree * find_rrset(ddDB *db, char *name, int len);
0172
2019-02-15
pjp
extern struct rrset * find_rr(struct rbtree *rbt, u_int16_t rrtype);
0173
2019-10-25
pjp
extern int add_rr(struct rbtree *, char *, int, u_int16_t, void *);
0174
2019-10-25
pjp
extern int display_rr(struct rrset *rrset);
0175
2019-10-25
pjp
extern int notifysource(struct question *, struct sockaddr_storage *);
0176
2019-11-06
pjp
extern int drop_privs(char *, struct passwd *);
0177
2019-11-11
pjp
extern struct rbtree * get_soa(ddDB *, struct question *);
0178
2019-11-11
pjp
extern struct rbtree * get_ns(ddDB *, struct rbtree *, int *);
0179
2020-08-26
pjp
extern void populate_zone(ddDB *db);
0180
2016-07-06
pjp
0181
2019-02-15
pjp
0182
2020-07-06
pjp
struct question *convert_question(struct parsequestion *, int);
0183
2020-06-29
pjp
void build_reply(struct sreply *, int, char *, int, struct question *, struct sockaddr *, socklen_t, struct rbtree *, struct rbtree *, u_int8_t, int, int, char *);
0184
2016-07-06
pjp
int compress_label(u_char *, u_int16_t, int);
0185
2019-11-11
pjp
int determine_glue(ddDB *db);
0186
2020-06-25
pjp
void mainloop(struct cfg *, struct imsgbuf *);
0187
2016-07-06
pjp
void master_reload(int);
0188
2016-07-06
pjp
void master_shutdown(int);
0189
2020-06-25
pjp
void setup_master(ddDB *, char **, char *, struct imsgbuf *);
0190
2020-06-25
pjp
void setup_cortex(struct imsgbuf *);
0191
2019-01-29
pjp
void setup_unixsocket(char *, struct imsgbuf *);
0192
2020-06-25
pjp
void ddd_signal(int);
0193
2020-07-03
pjp
void tcploop(struct cfg *, struct imsgbuf *, struct imsgbuf *);
0194
2020-06-25
pjp
void parseloop(struct cfg *, struct imsgbuf *);
0195
2020-06-25
pjp
struct imsgbuf * register_cortex(struct imsgbuf *, int);
0196
2020-06-25
pjp
void nomore_neurons(struct imsgbuf *);
0197
2020-07-13
pjp
int bind_this_res(struct addrinfo *, int);
0198
2020-07-13
pjp
int bind_this_pifap(struct ifaddrs *, int, int);
0199
2016-07-06
pjp
0200
2016-07-06
pjp
/* aliases */
0201
2016-07-06
pjp
0202
2016-07-06
pjp
0203
2016-07-06
pjp
#define MYDB_PATH "/var/db/delphinusdns"
0204
2016-07-06
pjp
0205
2019-01-25
pjp
/* structs */
0206
2019-01-25
pjp
0207
2020-07-06
pjp
/* reply_logic is mirrored with forward.c */
0208
2020-07-06
pjp
static struct reply_logic rlogic[] = {
0209
2019-01-25
pjp
{ DNS_TYPE_A, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0210
2019-01-25
pjp
{ DNS_TYPE_A, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0211
2019-01-25
pjp
{ DNS_TYPE_A, DNS_TYPE_A, BUILD_OTHER, reply_a },
0212
2019-01-25
pjp
{ DNS_TYPE_AAAA, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0213
2019-01-25
pjp
{ DNS_TYPE_AAAA, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0214
2019-01-25
pjp
{ DNS_TYPE_AAAA, DNS_TYPE_AAAA, BUILD_OTHER, reply_aaaa },
0215
2019-01-25
pjp
{ DNS_TYPE_DNSKEY, DNS_TYPE_DNSKEY, BUILD_OTHER, reply_dnskey },
0216
2019-01-25
pjp
{ DNS_TYPE_SOA, DNS_TYPE_SOA, BUILD_OTHER, reply_soa },
0217
2019-01-25
pjp
{ DNS_TYPE_SOA, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0218
2019-01-25
pjp
{ DNS_TYPE_MX, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0219
2019-01-25
pjp
{ DNS_TYPE_MX, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0220
2019-01-25
pjp
{ DNS_TYPE_MX, DNS_TYPE_MX, BUILD_OTHER, reply_mx },
0221
2019-01-25
pjp
{ DNS_TYPE_TXT, DNS_TYPE_TXT, BUILD_OTHER, reply_txt },
0222
2019-01-25
pjp
{ DNS_TYPE_NS, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0223
2019-01-25
pjp
{ DNS_TYPE_ANY, DNS_TYPE_ANY, BUILD_OTHER, reply_any },
0224
2019-01-25
pjp
{ DNS_TYPE_DS, DNS_TYPE_DS, BUILD_OTHER, reply_ds },
0225
2019-01-25
pjp
{ DNS_TYPE_SSHFP, DNS_TYPE_SSHFP, BUILD_OTHER, reply_sshfp },
0226
2019-01-25
pjp
{ DNS_TYPE_TLSA, DNS_TYPE_TLSA, BUILD_OTHER, reply_tlsa },
0227
2019-01-25
pjp
{ DNS_TYPE_SRV, DNS_TYPE_SRV, BUILD_OTHER, reply_srv },
0228
2019-01-25
pjp
{ DNS_TYPE_CNAME, DNS_TYPE_CNAME, BUILD_OTHER, reply_cname },
0229
2019-01-25
pjp
{ DNS_TYPE_CNAME, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0230
2019-01-25
pjp
{ DNS_TYPE_NSEC3PARAM, DNS_TYPE_NSEC3PARAM, BUILD_OTHER, reply_nsec3param },
0231
2019-01-25
pjp
{ DNS_TYPE_PTR, DNS_TYPE_CNAME, BUILD_CNAME, reply_cname },
0232
2019-01-25
pjp
{ DNS_TYPE_PTR, DNS_TYPE_NS, BUILD_OTHER, reply_ns },
0233
2019-01-25
pjp
{ DNS_TYPE_PTR, DNS_TYPE_PTR, BUILD_OTHER, reply_ptr },
0234
2019-01-25
pjp
{ DNS_TYPE_NAPTR, DNS_TYPE_NAPTR, BUILD_OTHER, reply_naptr },
0235
2019-01-25
pjp
{ DNS_TYPE_NSEC3, DNS_TYPE_NSEC3, BUILD_OTHER, reply_nsec3 },
0236
2019-01-25
pjp
{ DNS_TYPE_NSEC, DNS_TYPE_NSEC, BUILD_OTHER, reply_nsec },
0237
2019-01-25
pjp
{ DNS_TYPE_RRSIG, DNS_TYPE_RRSIG, BUILD_OTHER, reply_rrsig },
0238
2020-07-23
pjp
{ DNS_TYPE_CAA, DNS_TYPE_CAA, BUILD_OTHER, reply_caa },
0239
2020-07-23
pjp
{ DNS_TYPE_RP, DNS_TYPE_RP, BUILD_OTHER, reply_rp },
0240
2020-07-23
pjp
{ DNS_TYPE_HINFO, DNS_TYPE_HINFO, BUILD_OTHER, reply_hinfo },
0241
2019-01-25
pjp
{ 0, 0, 0, NULL }
0242
2019-01-25
pjp
};
0243
2020-07-06
pjp
0244
2019-01-25
pjp
0245
2020-07-06
pjp
0246
2019-06-07
pjp
TAILQ_HEAD(, tcpentry) tcphead;
0247
2019-06-07
pjp
0248
2019-06-07
pjp
struct tcpentry {
0249
2019-06-07
pjp
int intidx;
0250
2019-12-26
pjp
uint bytes_read;
0251
2019-06-07
pjp
int bytes_expected;
0252
2019-12-26
pjp
uint bytes_limit;
0253
2019-12-26
pjp
int seen; /* seen heading bytes */
0254
2019-06-07
pjp
int so;
0255
2019-06-07
pjp
time_t last_used;
0256
2020-01-14
pjp
char buf[0xffff + 3];
0257
2019-06-07
pjp
char *address;
0258
2019-06-07
pjp
TAILQ_ENTRY(tcpentry) tcpentries;
0259
2019-06-07
pjp
} *tcpn1, *tcpn2, *tcpnp;
0260
2019-06-07
pjp
0261
2016-07-06
pjp
/* global variables */
0262
2016-07-06
pjp
0263
2016-07-06
pjp
extern char *__progname;
0264
2016-07-06
pjp
extern int axfrport;
0265
2016-07-06
pjp
extern int ratelimit;
0266
2016-07-06
pjp
extern int ratelimit_packets_per_second;
0267
2020-07-16
pjp
extern int passlist;
0268
2019-02-24
pjp
extern int tsig;
0269
2017-01-09
pjp
extern int dnssec;
0270
2019-11-01
pjp
extern int raxfrflag;
0271
2016-07-06
pjp
0272
2016-07-06
pjp
static int reload = 0;
0273
2016-07-06
pjp
static int mshutdown = 0;
0274
2016-07-06
pjp
static int msig;
0275
2016-07-06
pjp
static char *rptr;
0276
2016-07-06
pjp
static int ratelimit_backlog;
0277
2016-07-06
pjp
0278
2016-07-06
pjp
int debug = 0;
0279
2016-07-06
pjp
int verbose = 0;
0280
2016-07-06
pjp
int bflag = 0;
0281
2016-07-06
pjp
int iflag = 0;
0282
2016-07-06
pjp
int lflag = 0;
0283
2016-07-06
pjp
int nflag = 0;
0284
2016-07-06
pjp
int bcount = 0;
0285
2016-07-06
pjp
int icount = 0;
0286
2020-06-30
pjp
int forward = 0;
0287
2020-07-01
pjp
int forwardtsig = 0;
0288
2020-07-17
pjp
int strictx20i = 1;
0289
2020-07-03
pjp
int zonecount = 0;
0290
2020-07-06
pjp
int cache = 0;
0291
2016-07-06
pjp
u_int16_t port = 53;
0292
2016-07-06
pjp
u_int32_t cachesize = 0;
0293
2016-07-06
pjp
char *bind_list[255];
0294
2016-07-06
pjp
char *interface_list[255];
0295
2017-01-03
pjp
#ifndef DD_VERSION
0296
2019-12-06
pjp
char *versionstring = "delphinusdnsd-1.4";
0297
2017-12-27
pjp
uint8_t vslen = 17;
0298
2017-01-03
pjp
#else
0299
2017-01-03
pjp
char *versionstring = DD_VERSION;
0300
2017-01-03
pjp
uint8_t vslen = DD_VERSION_LEN;
0301
2017-01-03
pjp
#endif
0302
2020-06-25
pjp
pid_t *ptr = 0;
0303
2020-03-10
pjp
long glob_time_offset = 0;
0304
2016-07-06
pjp
0305
2016-07-06
pjp
/*
0306
2016-07-06
pjp
* MAIN - set up arguments, set up database, set up sockets, call mainloop
0307
2016-07-06
pjp
*
0308
2016-07-06
pjp
*/
0309
2016-07-06
pjp
0310
2016-07-06
pjp
int
0311
2017-10-04
pjp
main(int argc, char *argv[], char *environ[])
0312
2016-07-06
pjp
{
0313
2016-07-06
pjp
static int udp[DEFAULT_SOCKET];
0314
2016-07-06
pjp
static int tcp[DEFAULT_SOCKET];
0315
2016-07-06
pjp
static int afd[DEFAULT_SOCKET];
0316
2016-07-06
pjp
static int uafd[DEFAULT_SOCKET];
0317
2017-06-26
pjp
int n;
0318
2016-07-06
pjp
0319
2016-07-06
pjp
int ch, i, j;
0320
2016-07-06
pjp
int gai_error;
0321
2017-06-26
pjp
int salen;
0322
2016-07-06
pjp
int found = 0;
0323
2016-07-06
pjp
int on = 1;
0324
2016-07-06
pjp
0325
2016-07-06
pjp
pid_t pid;
0326
2016-07-06
pjp
0327
2016-07-06
pjp
static char *ident[DEFAULT_SOCKET];
0328
2016-07-06
pjp
char *conffile = CONFFILE;
0329
2016-07-06
pjp
char buf[512];
0330
2016-07-06
pjp
char **av = NULL;
0331
2019-01-29
pjp
char *socketpath = SOCKPATH;
0332
2016-07-06
pjp
0333
2016-07-06
pjp
struct passwd *pw;
0334
2016-07-06
pjp
struct addrinfo hints, *res0, *res;
0335
2016-07-06
pjp
struct ifaddrs *ifap, *pifap;
0336
2016-07-06
pjp
struct sockaddr_in *sin;
0337
2016-07-06
pjp
struct sockaddr_in6 *sin6;
0338
2016-07-06
pjp
struct cfg *cfg;
0339
2020-06-25
pjp
struct imsgbuf cortex_ibuf;
0340
2020-06-25
pjp
struct imsgbuf *ibuf;
0341
2020-07-10
pjp
struct rr_imsg *ri = NULL;
0342
2020-07-10
pjp
struct sf_imsg *sf = NULL;
0343
2020-07-14
pjp
struct pkt_imsg *pi = NULL;
0344
2016-07-06
pjp
0345
2017-06-26
pjp
static ddDB *db;
0346
2020-03-10
pjp
0347
2020-03-10
pjp
time_t now;
0348
2020-03-10
pjp
struct tm *ltm;
0349
2017-06-27
pjp
0350
2020-07-10
pjp
char *shptr;
0351
2020-07-10
pjp
int shsize;
0352
2020-07-10
pjp
0353
2017-06-27
pjp
0354
2016-07-06
pjp
if (geteuid() != 0) {
0355
2019-09-12
pjp
fprintf(stderr, "must be started as root\n");
0356
2016-07-06
pjp
exit(1);
0357
2016-07-06
pjp
}
0358
2016-07-06
pjp
0359
2020-03-10
pjp
now = time(NULL);
0360
2020-03-10
pjp
ltm = localtime(&now);
0361
2020-03-10
pjp
glob_time_offset = ltm->tm_gmtoff;
0362
2020-03-10
pjp
0363
2016-07-06
pjp
av = argv;
0364
2019-12-19
pjp
0365
2017-10-04
pjp
#if __linux__
0366
2017-10-04
pjp
setproctitle_init(argc, av, environ);
0367
2017-10-04
pjp
#endif
0368
2017-10-04
pjp
0369
2017-10-04
pjp
0370
2019-01-29
pjp
while ((ch = getopt(argc, argv, "b:df:i:ln:p:s:v")) != -1) {
0371
2016-07-06
pjp
switch (ch) {
0372
2016-07-06
pjp
case 'b':
0373
2016-07-06
pjp
bflag = 1;
0374
2016-07-06
pjp
if (bcount > 253) {
0375
2016-07-06
pjp
fprintf(stderr, "too many -b flags\n");
0376
2016-07-06
pjp
exit(1);
0377
2016-07-06
pjp
}
0378
2016-07-06
pjp
bind_list[bcount++] = optarg;
0379
2016-07-06
pjp
break;
0380
2016-07-06
pjp
case 'd':
0381
2016-07-06
pjp
debug = 1;
0382
2016-07-06
pjp
break;
0383
2016-07-06
pjp
case 'f':
0384
2016-07-06
pjp
conffile = optarg;
0385
2016-07-06
pjp
break;
0386
2016-07-06
pjp
case 'i':
0387
2016-07-06
pjp
iflag = 1;
0388
2016-07-06
pjp
if (icount > 254) {
0389
2016-07-06
pjp
fprintf(stderr, "too many -i flags\n");
0390
2016-07-06
pjp
exit(1);
0391
2016-07-06
pjp
}
0392
2016-07-06
pjp
interface_list[icount++] = optarg;
0393
2016-07-06
pjp
break;
0394
2016-07-06
pjp
case 'l':
0395
2016-07-06
pjp
lflag = 1;
0396
2016-07-06
pjp
break;
0397
2016-07-06
pjp
case 'n':
0398
2016-07-06
pjp
nflag = atoi(optarg);
0399
2016-07-06
pjp
break;
0400
2016-07-06
pjp
case 'p':
0401
2016-07-06
pjp
port = atoi(optarg) & 0xffff;
0402
2016-07-06
pjp
break;
0403
2019-01-29
pjp
case 's':
0404
2019-01-29
pjp
socketpath = optarg;
0405
2019-01-29
pjp
break;
0406
2016-07-06
pjp
case 'v':
0407
2016-07-06
pjp
verbose++;
0408
2016-07-06
pjp
break;
0409
2016-07-06
pjp
default:
0410
2016-07-06
pjp
fprintf(stderr, "usage: delphinusdnsd [-i interface] [-b bindaddress] [-f configfile] [-p portnumber] [-drv]\n");
0411
2016-07-06
pjp
exit (1);
0412
2016-07-06
pjp
}
0413
2016-07-06
pjp
}
0414
2016-07-06
pjp
0415
2016-07-06
pjp
if (bflag && iflag) {
0416
2016-07-06
pjp
fprintf(stderr, "you may specify -i or -b but not both\n");
0417
2016-07-06
pjp
exit(1);
0418
2016-07-06
pjp
}
0419
2016-07-06
pjp
0420
2016-07-06
pjp
/*
0421
2016-07-06
pjp
* calling daemon before a sleuth of configurations ala rwhod.c
0422
2016-07-06
pjp
*/
0423
2016-07-06
pjp
0424
2016-07-06
pjp
if (! debug)
0425
2016-07-06
pjp
daemon(0,0);
0426
2018-07-11
pjp
else {
0427
2019-11-02
pjp
int status;
0428
2018-07-11
pjp
/*
0429
2019-11-02
pjp
* clean up any zombies left behind, this is only in debug mode
0430
2019-11-02
pjp
*/
0431
2019-11-02
pjp
0432
2019-11-02
pjp
while (waitpid(-1, &status, WNOHANG) > 0);
0433
2019-11-02
pjp
0434
2019-11-02
pjp
/*
0435
2018-07-11
pjp
* even if in debug mode we want to have our own parent group
0436
2018-07-11
pjp
* for reasons in that regress needs it when killing debug
0437
2018-07-11
pjp
* mode delphinusdnsd
0438
2018-07-11
pjp
*/
0439
2016-07-06
pjp
0440
2018-07-12
pjp
#if __linux__
0441
2018-07-12
pjp
if (setpgrp() < 0) {
0442
2018-07-12
pjp
#else
0443
2018-07-11
pjp
if (setpgrp(0, 0) < 0) {
0444
2018-07-12
pjp
#endif
0445
2018-07-11
pjp
perror("setpgrp");
0446
2018-07-11
pjp
exit(1);
0447
2018-07-11
pjp
}
0448
2018-07-11
pjp
}
0449
2018-07-11
pjp
0450
2018-07-11
pjp
0451
2016-07-06
pjp
openlog(__progname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
0452
2016-07-06
pjp
dolog(LOG_INFO, "starting up\n");
0453
2016-07-06
pjp
0454
2016-07-06
pjp
/* cfg struct */
0455
2016-07-06
pjp
cfg = calloc(1, sizeof(struct cfg));
0456
2016-07-06
pjp
if (cfg == NULL) {
0457
2016-07-06
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
0458
2016-07-06
pjp
exit(1);
0459
2016-07-06
pjp
}
0460
2017-08-09
pjp
0461
2016-07-06
pjp
/*
0462
2016-07-06
pjp
* make a shared memory segment for signaling kills between
0463
2016-07-06
pjp
* processes...
0464
2016-07-06
pjp
*/
0465
2016-07-06
pjp
0466
2016-07-06
pjp
0467
2020-06-25
pjp
ptr = mmap(NULL, sizeof(pid_t), PROT_READ | PROT_WRITE, MAP_SHARED |\
0468
2016-07-06
pjp
MAP_ANON, -1, 0);
0469
2016-07-06
pjp
0470
2016-07-06
pjp
if (ptr == MAP_FAILED) {
0471
2016-07-06
pjp
dolog(LOG_ERR, "failed to setup mmap segment, exit\n");
0472
2016-07-06
pjp
exit(1);
0473
2016-07-06
pjp
}
0474
2016-07-06
pjp
0475
2016-07-06
pjp
*ptr = 0;
0476
2016-07-06
pjp
0477
2017-06-26
pjp
/* open internal database */
0478
2016-07-06
pjp
0479
2017-06-26
pjp
db = dddbopen();
0480
2017-06-26
pjp
if (db == NULL) {
0481
2017-06-26
pjp
dolog(LOG_INFO, "dddbopen() failed\n");
0482
2020-06-25
pjp
ddd_shutdown();
0483
2016-07-06
pjp
exit(1);
0484
2016-07-06
pjp
}
0485
2016-07-06
pjp
0486
2020-06-25
pjp
0487
2020-06-25
pjp
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, &cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[0]) < 0) {
0488
2017-08-09
pjp
dolog(LOG_INFO, "socketpair() failed\n");
0489
2020-06-25
pjp
ddd_shutdown();
0490
2017-08-09
pjp
exit(1);
0491
2017-08-09
pjp
}
0492
2017-08-09
pjp
0493
2017-06-26
pjp
pid = fork();
0494
2017-06-26
pjp
switch (pid) {
0495
2017-06-26
pjp
case -1:
0496
2017-06-26
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
0497
2016-07-06
pjp
exit(1);
0498
2017-06-26
pjp
case 0:
0499
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[0]);
0500
2020-06-25
pjp
imsg_init(&cortex_ibuf, cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[1]);
0501
2020-06-25
pjp
setup_cortex(&cortex_ibuf);
0502
2020-06-25
pjp
/* NOTREACHED */
0503
2020-06-25
pjp
exit(1);
0504
2020-06-25
pjp
0505
2019-11-03
pjp
break;
0506
2019-11-03
pjp
default:
0507
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[1]);
0508
2020-06-25
pjp
imsg_init(&cortex_ibuf, cfg->my_imsg[MY_IMSG_CORTEX].imsg_fds[0]);
0509
2020-06-25
pjp
}
0510
2019-01-29
pjp
0511
2020-06-25
pjp
pid = fork();
0512
2020-06-25
pjp
switch (pid) {
0513
2020-06-25
pjp
case -1:
0514
2020-06-25
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
0515
2020-06-25
pjp
exit(1);
0516
2020-06-25
pjp
case 0:
0517
2020-06-25
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_MASTER);
0518
2020-06-25
pjp
if (ibuf != NULL) {
0519
2020-06-25
pjp
setup_master(db, av, socketpath, ibuf);
0520
2020-06-25
pjp
}
0521
2019-11-03
pjp
/* NOTREACHED */
0522
2020-06-25
pjp
ddd_shutdown();
0523
2016-07-06
pjp
exit(1);
0524
2020-06-25
pjp
break;
0525
2020-06-25
pjp
default:
0526
2020-06-25
pjp
break;
0527
2019-11-03
pjp
}
0528
2019-11-03
pjp
0529
2019-11-03
pjp
if (! debug) {
0530
2019-11-03
pjp
switch (pid = fork()) {
0531
2019-11-03
pjp
case -1:
0532
2019-11-03
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
0533
2019-11-03
pjp
exit(1);
0534
2019-11-03
pjp
case 0:
0535
2019-11-09
pjp
/*
0536
2019-11-09
pjp
* add signals here too
0537
2019-11-09
pjp
*/
0538
2019-11-09
pjp
0539
2019-11-09
pjp
signal(SIGPIPE, SIG_IGN);
0540
2019-11-09
pjp
0541
2020-06-25
pjp
signal(SIGTERM, ddd_signal);
0542
2020-06-25
pjp
signal(SIGINT, ddd_signal);
0543
2020-06-25
pjp
signal(SIGQUIT, ddd_signal);
0544
2019-11-09
pjp
0545
2020-06-25
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_UNIXCONTROL);
0546
2020-06-25
pjp
if (ibuf != NULL) {
0547
2020-06-25
pjp
setup_unixsocket(socketpath, ibuf);
0548
2020-06-25
pjp
}
0549
2020-06-25
pjp
ddd_shutdown();
0550
2019-11-03
pjp
exit(1);
0551
2019-11-03
pjp
default:
0552
2019-11-03
pjp
break;
0553
2019-11-03
pjp
}
0554
2019-01-29
pjp
}
0555
2019-01-29
pjp
0556
2019-01-29
pjp
0557
2016-07-06
pjp
/* end of setup_master code */
0558
2016-07-06
pjp
0559
2016-07-06
pjp
init_region();
0560
2016-07-06
pjp
init_filter();
0561
2020-07-16
pjp
init_passlist();
0562
2016-07-06
pjp
init_dnssec();
0563
2019-02-24
pjp
init_tsig();
0564
2019-06-07
pjp
TAILQ_INIT(&tcphead);
0565
2016-07-06
pjp
0566
2019-11-14
pjp
if (parse_file(db, conffile, 0) < 0) {
0567
2016-07-06
pjp
dolog(LOG_INFO, "parsing config file failed\n");
0568
2020-06-25
pjp
ddd_shutdown();
0569
2016-07-06
pjp
exit(1);
0570
2016-07-06
pjp
}
0571
2016-07-06
pjp
0572
2020-07-03
pjp
if (zonecount && determine_glue(db) < 0) {
0573
2019-11-11
pjp
dolog(LOG_INFO, "determine_glue() failed\n");
0574
2020-06-25
pjp
ddd_shutdown();
0575
2019-11-11
pjp
exit(1);
0576
2019-11-11
pjp
}
0577
2019-11-11
pjp
0578
2020-07-03
pjp
if (zonecount && init_entlist(db) < 0) {
0579
2017-01-09
pjp
dolog(LOG_INFO, "creating entlist failed\n");
0580
2020-06-25
pjp
ddd_shutdown();
0581
2017-01-09
pjp
exit(1);
0582
2017-01-09
pjp
}
0583
2017-01-09
pjp
0584
2016-07-06
pjp
/* ratelimiting setup */
0585
2016-07-06
pjp
if (ratelimit) {
0586
2016-07-06
pjp
ratelimit_backlog = ratelimit_packets_per_second * 2;
0587
2016-07-06
pjp
rptr = rrlimit_setup(ratelimit_backlog);
0588
2016-07-06
pjp
if (rptr == NULL) {
0589
2016-07-06
pjp
dolog(LOG_INFO, "ratelimiting error\n");
0590
2020-06-25
pjp
ddd_shutdown();
0591
2016-07-06
pjp
exit(1);
0592
2016-07-06
pjp
}
0593
2016-07-06
pjp
}
0594
2016-07-06
pjp
0595
2016-07-06
pjp
pw = getpwnam(DEFAULT_PRIVILEGE);
0596
2016-07-06
pjp
if (pw == NULL) {
0597
2016-07-06
pjp
dolog(LOG_INFO, "getpwnam: %s\n", strerror(errno));
0598
2020-06-25
pjp
ddd_shutdown();
0599
2016-07-06
pjp
exit(1);
0600
2016-07-06
pjp
}
0601
2016-07-06
pjp
0602
2016-07-06
pjp
if (bcount > DEFAULT_SOCKET) {
0603
2016-07-06
pjp
dolog(LOG_INFO, "not enough sockets available\n");
0604
2020-06-25
pjp
ddd_shutdown();
0605
2016-07-06
pjp
exit(1);
0606
2016-07-06
pjp
}
0607
2016-07-06
pjp
0608
2016-07-06
pjp
if (bflag) {
0609
2016-07-06
pjp
for (i = 0; i < bcount; i++) {
0610
2016-07-06
pjp
memset(&hints, 0, sizeof(hints));
0611
2016-07-06
pjp
0612
2016-07-06
pjp
if (strchr(bind_list[i], ':') != NULL) {
0613
2016-07-06
pjp
hints.ai_family = AF_INET6;
0614
2016-07-06
pjp
} else {
0615
2016-07-06
pjp
hints.ai_family = AF_INET;
0616
2016-07-06
pjp
}
0617
2016-07-06
pjp
0618
2016-07-06
pjp
hints.ai_socktype = SOCK_DGRAM;
0619
2016-07-06
pjp
hints.ai_protocol = IPPROTO_UDP;
0620
2016-07-06
pjp
hints.ai_flags = AI_NUMERICHOST;
0621
2016-07-06
pjp
0622
2016-07-06
pjp
snprintf(buf, sizeof(buf) - 1, "%u", port);
0623
2016-07-06
pjp
0624
2016-07-06
pjp
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0625
2016-07-06
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0626
2020-06-25
pjp
ddd_shutdown();
0627
2016-07-06
pjp
exit (1);
0628
2016-07-06
pjp
}
0629
2016-07-06
pjp
0630
2016-07-06
pjp
res = res0;
0631
2016-07-06
pjp
0632
2020-07-13
pjp
udp[i] = bind_this_res(res, 0);
0633
2020-07-21
pjp
memcpy((void *)&cfg->ss[i], (void *)res->ai_addr, res->ai_addrlen);
0634
2016-07-06
pjp
0635
2016-07-06
pjp
if (res->ai_family == AF_INET) {
0636
2020-06-30
pjp
on = 1;
0637
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IP, IP_RECVTTL,
0638
2016-07-06
pjp
&on, sizeof(on)) < 0) {
0639
2020-06-30
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0640
2016-07-06
pjp
}
0641
2016-07-06
pjp
} else if (res->ai_family == AF_INET6) {
0642
2016-07-06
pjp
/* RFC 3542 page 30 */
0643
2016-07-06
pjp
on = 1;
0644
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IPV6,
0645
2016-07-06
pjp
IPV6_RECVHOPLIMIT, &on, sizeof(on)) < 0) {
0646
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0647
2016-07-06
pjp
}
0648
2016-07-06
pjp
}
0649
2016-07-06
pjp
0650
2016-07-06
pjp
ident[i] = bind_list[i];
0651
2016-07-06
pjp
0652
2016-07-06
pjp
/* tcp below */
0653
2016-07-06
pjp
hints.ai_socktype = SOCK_STREAM;
0654
2016-07-06
pjp
hints.ai_protocol = IPPROTO_TCP;
0655
2016-07-06
pjp
hints.ai_flags = AI_NUMERICHOST;
0656
2016-07-06
pjp
0657
2016-07-06
pjp
snprintf(buf, sizeof(buf) - 1, "%u", port);
0658
2016-07-06
pjp
0659
2016-07-06
pjp
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0660
2016-07-06
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0661
2020-06-25
pjp
ddd_shutdown();
0662
2016-07-06
pjp
exit (1);
0663
2016-07-06
pjp
}
0664
2016-07-06
pjp
0665
2016-07-06
pjp
res = res0;
0666
2016-07-06
pjp
0667
2016-07-06
pjp
if ((tcp[i] = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) {
0668
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0669
2020-06-25
pjp
ddd_shutdown();
0670
2016-07-06
pjp
exit(1);
0671
2016-07-06
pjp
}
0672
2016-07-06
pjp
if (setsockopt(tcp[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0673
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0674
2020-06-25
pjp
ddd_shutdown();
0675
2016-07-06
pjp
exit(1);
0676
2016-07-06
pjp
}
0677
2016-07-06
pjp
if (bind(tcp[i], res->ai_addr, res->ai_addrlen) < 0) {
0678
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0679
2020-06-25
pjp
ddd_shutdown();
0680
2016-07-06
pjp
exit(1);
0681
2016-07-06
pjp
}
0682
2016-07-06
pjp
0683
2017-08-10
pjp
if (axfrport && axfrport != port) {
0684
2020-08-26
pjp
populate_zone(db);
0685
2016-07-06
pjp
/* axfr port below */
0686
2016-07-06
pjp
hints.ai_socktype = SOCK_STREAM;
0687
2016-07-06
pjp
hints.ai_protocol = IPPROTO_TCP;
0688
2016-07-06
pjp
hints.ai_flags = AI_NUMERICHOST;
0689
2016-07-06
pjp
0690
2016-07-06
pjp
snprintf(buf, sizeof(buf) - 1, "%u", axfrport);
0691
2016-07-06
pjp
0692
2016-07-06
pjp
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0693
2016-07-06
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0694
2020-06-25
pjp
ddd_shutdown();
0695
2016-07-06
pjp
exit (1);
0696
2016-07-06
pjp
}
0697
2016-07-06
pjp
0698
2016-07-06
pjp
res = res0;
0699
2016-07-06
pjp
0700
2016-07-06
pjp
if ((afd[i] = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) {
0701
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0702
2020-06-25
pjp
ddd_shutdown();
0703
2016-07-06
pjp
exit(1);
0704
2016-07-06
pjp
}
0705
2016-07-06
pjp
if (setsockopt(afd[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0706
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0707
2020-06-25
pjp
ddd_shutdown();
0708
2016-07-06
pjp
exit(1);
0709
2016-07-06
pjp
}
0710
2016-07-06
pjp
if (bind(afd[i], res->ai_addr, res->ai_addrlen) < 0) {
0711
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0712
2020-06-25
pjp
ddd_shutdown();
0713
2016-07-06
pjp
exit(1);
0714
2016-07-06
pjp
}
0715
2016-07-06
pjp
0716
2016-07-06
pjp
if ((uafd[i] = socket(res->ai_family, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
0717
2016-07-06
pjp
dolog(LOG_INFO, "axfr udp socket: %s\n", strerror(errno));
0718
2020-06-25
pjp
ddd_shutdown();
0719
2016-07-06
pjp
exit(1);
0720
2016-07-06
pjp
}
0721
2016-07-06
pjp
if (bind(uafd[i], res->ai_addr, res->ai_addrlen) < 0) {
0722
2016-07-06
pjp
dolog(LOG_INFO, "axfr udp socket bind: %s\n", strerror(errno));
0723
2020-06-25
pjp
ddd_shutdown();
0724
2016-07-06
pjp
exit(1);
0725
2016-07-06
pjp
}
0726
2017-12-14
pjp
} else if (axfrport && axfrport == port) {
0727
2020-08-26
pjp
populate_zone(db);
0728
2017-12-14
pjp
afd[i] = -1;
0729
2017-12-14
pjp
}
0730
2016-07-06
pjp
0731
2016-07-06
pjp
} /* for .. bcount */
0732
2016-07-06
pjp
0733
2016-07-06
pjp
} else {
0734
2016-07-06
pjp
if (getifaddrs(&ifap) < 0) {
0735
2016-07-06
pjp
dolog(LOG_INFO, "getifaddrs\n");
0736
2020-06-25
pjp
ddd_shutdown();
0737
2016-07-06
pjp
exit(1);
0738
2016-07-06
pjp
}
0739
2016-07-06
pjp
0740
2016-07-06
pjp
for (pifap = ifap, i = 0; i < DEFAULT_SOCKET && pifap; pifap = pifap->ifa_next, i++) {
0741
2016-07-06
pjp
0742
2016-07-06
pjp
found = 0;
0743
2016-07-06
pjp
0744
2016-07-06
pjp
/* we want only one interface not the rest */
0745
2016-07-06
pjp
if (icount > 0) {
0746
2016-07-06
pjp
for (j = 0; j < icount; j++) {
0747
2016-07-06
pjp
if (strcmp(pifap->ifa_name, interface_list[j]) == 0) {
0748
2016-07-06
pjp
found = 1;
0749
2016-07-06
pjp
}
0750
2016-07-06
pjp
}
0751
2016-07-06
pjp
0752
2016-07-06
pjp
if (! found) {
0753
2016-07-06
pjp
i--;
0754
2016-07-06
pjp
continue;
0755
2016-07-06
pjp
}
0756
2016-07-06
pjp
0757
2016-07-06
pjp
}
0758
2016-07-06
pjp
if ((pifap->ifa_flags & IFF_UP) != IFF_UP) {
0759
2016-07-06
pjp
dolog(LOG_INFO, "skipping interface %s\n", pifap->ifa_name);
0760
2016-07-06
pjp
i--;
0761
2016-07-06
pjp
continue;
0762
2016-07-06
pjp
}
0763
2016-07-06
pjp
0764
2016-07-06
pjp
if (pifap->ifa_addr->sa_family == AF_INET) {
0765
2016-07-06
pjp
sin = (struct sockaddr_in *)pifap->ifa_addr;
0766
2016-07-06
pjp
sin->sin_port = htons(port);
0767
2016-07-06
pjp
salen = sizeof(struct sockaddr_in);
0768
2016-07-06
pjp
/* no address bound to this interface */
0769
2016-07-06
pjp
if (sin->sin_addr.s_addr == INADDR_ANY) {
0770
2016-07-06
pjp
i--;
0771
2016-07-06
pjp
continue;
0772
2016-07-06
pjp
}
0773
2016-07-06
pjp
} else if (pifap->ifa_addr->sa_family == AF_INET6) {
0774
2016-07-06
pjp
sin6 = (struct sockaddr_in6 *)pifap->ifa_addr;
0775
2016-07-06
pjp
sin6->sin6_port = htons(port);
0776
2016-07-06
pjp
/* no address bound to this interface */
0777
2016-07-06
pjp
salen = sizeof(struct sockaddr_in6);
0778
2016-07-06
pjp
0779
2016-07-06
pjp
} else {
0780
2016-07-06
pjp
dolog(LOG_DEBUG, "unknown address family %d\n", pifap->ifa_addr->sa_family);
0781
2016-07-06
pjp
i--;
0782
2016-07-06
pjp
continue;
0783
2016-07-06
pjp
}
0784
2016-07-06
pjp
0785
2020-07-13
pjp
udp[i] = bind_this_pifap(pifap, 0, salen);
0786
2020-07-21
pjp
memcpy((void *)&cfg->ss[i], (void *)pifap->ifa_addr, salen);
0787
2016-07-06
pjp
0788
2016-07-06
pjp
if (pifap->ifa_addr->sa_family == AF_INET) {
0789
2020-06-30
pjp
on = 1;
0790
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IP, IP_RECVTTL,
0791
2016-07-06
pjp
&on, sizeof(on)) < 0) {
0792
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0793
2016-07-06
pjp
}
0794
2016-07-06
pjp
} else if (pifap->ifa_addr->sa_family == AF_INET6) {
0795
2016-07-06
pjp
/* RFC 3542 page 30 */
0796
2016-07-06
pjp
on = 1;
0797
2016-07-06
pjp
if (setsockopt(udp[i], IPPROTO_IPV6,
0798
2016-07-06
pjp
IPV6_RECVHOPLIMIT, &on, sizeof(on)) < 0) {
0799
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0800
2016-07-06
pjp
}
0801
2016-07-06
pjp
}
0802
2016-07-06
pjp
0803
2016-07-06
pjp
0804
2016-07-06
pjp
ident[i] = pifap->ifa_name;
0805
2016-07-06
pjp
0806
2016-07-06
pjp
if ((tcp[i] = socket(pifap->ifa_addr->sa_family, SOCK_STREAM, IPPROTO_TCP)) < 0) {
0807
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0808
2020-06-25
pjp
ddd_shutdown();
0809
2016-07-06
pjp
exit(1);
0810
2016-07-06
pjp
}
0811
2016-07-06
pjp
if (setsockopt(tcp[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0812
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0813
2020-06-25
pjp
ddd_shutdown();
0814
2016-07-06
pjp
exit(1);
0815
2016-07-06
pjp
}
0816
2016-07-06
pjp
0817
2016-07-06
pjp
if (bind(tcp[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0818
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0819
2020-06-25
pjp
ddd_shutdown();
0820
2016-07-06
pjp
exit(1);
0821
2016-07-06
pjp
}
0822
2016-07-06
pjp
0823
2016-07-06
pjp
0824
2016-07-06
pjp
/* axfr socket */
0825
2017-08-10
pjp
if (axfrport && axfrport != port) {
0826
2020-08-26
pjp
populate_zone(db);
0827
2016-07-06
pjp
if ((afd[i] = socket(pifap->ifa_addr->sa_family, SOCK_STREAM, IPPROTO_TCP)) < 0) {
0828
2016-07-06
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0829
2020-06-25
pjp
ddd_shutdown();
0830
2016-07-06
pjp
exit(1);
0831
2016-07-06
pjp
}
0832
2016-07-06
pjp
if (setsockopt(afd[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0833
2016-07-06
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0834
2020-06-25
pjp
ddd_shutdown();
0835
2016-07-06
pjp
exit(1);
0836
2016-07-06
pjp
}
0837
2016-07-06
pjp
0838
2016-07-06
pjp
((struct sockaddr_in *)pifap->ifa_addr)->sin_port = htons(axfrport);
0839
2016-07-06
pjp
0840
2016-07-06
pjp
if (bind(afd[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0841
2016-07-06
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0842
2020-06-25
pjp
ddd_shutdown();
0843
2016-07-06
pjp
exit(1);
0844
2016-07-06
pjp
}
0845
2016-07-06
pjp
if ((uafd[i] = socket(pifap->ifa_addr->sa_family, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
0846
2016-07-06
pjp
dolog(LOG_INFO, "axfr udp socket: %s\n", strerror(errno));
0847
2020-06-25
pjp
ddd_shutdown();
0848
2016-07-06
pjp
exit(1);
0849
2016-07-06
pjp
}
0850
2016-07-06
pjp
if (bind(uafd[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0851
2016-07-06
pjp
dolog(LOG_INFO, "udp axfr bind: %s\n", strerror(errno));
0852
2020-06-25
pjp
ddd_shutdown();
0853
2016-07-06
pjp
exit(1);
0854
2016-07-06
pjp
}
0855
2017-12-14
pjp
} else if (axfrport && axfrport == port) {
0856
2020-08-26
pjp
populate_zone(db);
0857
2017-12-14
pjp
afd[i] = -1;
0858
2017-12-14
pjp
}
0859
2016-07-06
pjp
0860
2016-07-06
pjp
} /* AF_INET */
0861
2016-07-06
pjp
0862
2016-07-06
pjp
if (i >= DEFAULT_SOCKET) {
0863
2016-07-06
pjp
dolog(LOG_INFO, "not enough sockets available\n");
0864
2020-06-25
pjp
ddd_shutdown();
0865
2016-07-06
pjp
exit(1);
0866
2016-07-06
pjp
}
0867
2016-07-06
pjp
} /* if bflag? */
0868
2016-07-06
pjp
0869
2020-07-21
pjp
if ((cfg->raw[0] = socket(AF_INET, SOCK_RAW, IPPROTO_UDP)) < 0) {
0870
2020-07-21
pjp
dolog(LOG_INFO, "raw0 socket: %s\n", strerror(errno));
0871
2020-07-21
pjp
ddd_shutdown();
0872
2020-07-21
pjp
exit(1);
0873
2020-07-21
pjp
}
0874
2020-07-21
pjp
shutdown(cfg->raw[0], SHUT_RD);
0875
2020-07-21
pjp
if ((cfg->raw[1] = socket(AF_INET6, SOCK_RAW, IPPROTO_UDP)) < 0) {
0876
2020-07-21
pjp
dolog(LOG_INFO, "raw1 socket: %s\n", strerror(errno));
0877
2020-07-21
pjp
ddd_shutdown();
0878
2020-07-21
pjp
exit(1);
0879
2020-07-21
pjp
}
0880
2020-07-21
pjp
on = 1;
0881
2020-07-21
pjp
shutdown(cfg->raw[1], SHUT_RD);
0882
2020-07-21
pjp
cfg->port = port;
0883
2020-07-13
pjp
0884
2019-11-01
pjp
#if __OpenBSD__
0885
2019-11-01
pjp
if (unveil(DELPHINUS_RZONE_PATH, "rwc") < 0) {
0886
2019-11-01
pjp
perror("unveil");
0887
2020-06-25
pjp
ddd_shutdown();
0888
2019-11-01
pjp
exit(1);
0889
2019-11-01
pjp
}
0890
2019-11-01
pjp
if (unveil(pw->pw_dir, "wc") < 0) {
0891
2019-11-01
pjp
perror("unveil");
0892
2020-06-25
pjp
ddd_shutdown();
0893
2019-11-01
pjp
exit(1);
0894
2019-11-01
pjp
}
0895
2019-11-01
pjp
0896
2019-11-01
pjp
#endif
0897
2019-11-01
pjp
0898
2019-11-01
pjp
/*
0899
2019-11-01
pjp
* add signals
0900
2019-11-01
pjp
*/
0901
2019-11-01
pjp
0902
2019-11-01
pjp
signal(SIGPIPE, SIG_IGN);
0903
2019-11-01
pjp
0904
2020-06-25
pjp
signal(SIGTERM, ddd_signal);
0905
2020-06-25
pjp
signal(SIGINT, ddd_signal);
0906
2020-06-25
pjp
signal(SIGQUIT, ddd_signal);
0907
2019-11-01
pjp
0908
2020-07-10
pjp
/*
0909
2020-07-10
pjp
* start our axfr process
0910
2020-07-10
pjp
*/
0911
2020-07-10
pjp
0912
2020-07-10
pjp
if (axfrport) {
0913
2019-11-01
pjp
switch (pid = fork()) {
0914
2019-11-01
pjp
case -1:
0915
2019-11-01
pjp
dolog(LOG_ERR, "fork() failed: %s\n", strerror(errno));
0916
2020-06-25
pjp
ddd_shutdown();
0917
2019-11-01
pjp
exit(1);
0918
2019-11-01
pjp
case 0:
0919
2020-07-10
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_AXFR);
0920
2020-06-25
pjp
if (ibuf == NULL) {
0921
2020-06-25
pjp
ddd_shutdown();
0922
2020-06-25
pjp
exit(1);
0923
2020-06-25
pjp
}
0924
2020-06-25
pjp
0925
2019-11-01
pjp
/* chroot to the drop priv user home directory */
0926
2019-12-11
pjp
#ifdef DEFAULT_LOCATION
0927
2019-12-11
pjp
if (drop_privs(DEFAULT_LOCATION, pw) < 0) {
0928
2019-12-11
pjp
#else
0929
2019-11-01
pjp
if (drop_privs(pw->pw_dir, pw) < 0) {
0930
2019-12-11
pjp
#endif
0931
2020-07-10
pjp
dolog(LOG_INFO, "axfr dropping privileges\n", strerror(errno));
0932
2020-06-25
pjp
ddd_shutdown();
0933
2016-07-06
pjp
exit(1);
0934
2016-07-06
pjp
}
0935
2019-11-01
pjp
#if __OpenBSD__
0936
2020-07-10
pjp
if (pledge("stdio inet proc id sendfd recvfd unveil", NULL) < 0) {
0937
2019-11-01
pjp
perror("pledge");
0938
2019-11-01
pjp
exit(1);
0939
2019-11-01
pjp
}
0940
2019-11-01
pjp
#endif
0941
2019-11-01
pjp
0942
2019-11-01
pjp
/* close descriptors that we don't need */
0943
2019-11-01
pjp
for (j = 0; j < i; j++) {
0944
2019-11-01
pjp
close(tcp[j]);
0945
2019-11-01
pjp
close(udp[j]);
0946
2020-07-10
pjp
if (axfrport && axfrport != port)
0947
2020-06-30
pjp
close(uafd[j]);
0948
2020-07-10
pjp
0949
2019-11-01
pjp
}
0950
2020-07-21
pjp
close(cfg->raw[0]);
0951
2020-07-21
pjp
close(cfg->raw[1]);
0952
2019-11-01
pjp
0953
2020-07-10
pjp
setproctitle("AXFR engine on port %d", axfrport);
0954
2020-07-10
pjp
axfrloop(afd, (axfrport == port) ? 0 : i, ident, db, ibuf);
0955
2019-11-01
pjp
/* NOTREACHED */
0956
2019-11-01
pjp
exit(1);
0957
2019-11-01
pjp
default:
0958
2020-07-10
pjp
/* close afd descriptors, they aren't needed here */
0959
2020-07-10
pjp
for (j = 0; j < i; j++) {
0960
2020-07-10
pjp
if (axfrport && axfrport != port)
0961
2020-07-10
pjp
close(afd[j]);
0962
2020-07-10
pjp
}
0963
2016-07-06
pjp
break;
0964
2016-07-06
pjp
}
0965
2019-11-01
pjp
0966
2020-07-10
pjp
} /* axfrport */
0967
2020-07-10
pjp
0968
2020-07-10
pjp
/* raxfr */
0969
2020-07-10
pjp
if (raxfrflag) {
0970
2019-11-01
pjp
switch (pid = fork()) {
0971
2019-11-01
pjp
case -1:
0972
2019-11-01
pjp
dolog(LOG_ERR, "fork() failed: %s\n", strerror(errno));
0973
2020-06-25
pjp
ddd_shutdown();
0974
2019-11-01
pjp
exit(1);
0975
2019-11-01
pjp
case 0:
0976
2020-07-10
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_RAXFR);
0977
2020-06-25
pjp
if (ibuf == NULL) {
0978
2020-06-25
pjp
ddd_shutdown();
0979
2020-06-25
pjp
exit(1);
0980
2020-06-25
pjp
}
0981
2020-06-25
pjp
0982
2019-11-01
pjp
/* chroot to the drop priv user home directory */
0983
2020-07-10
pjp
if (drop_privs(DELPHINUS_RZONE_PATH, pw) < 0) {
0984
2020-07-10
pjp
dolog(LOG_INFO, "raxfr dropping privileges failed", strerror(errno));
0985
2020-06-25
pjp
ddd_shutdown();
0986
2016-07-06
pjp
exit(1);
0987
2016-07-06
pjp
}
0988
2020-07-10
pjp
0989
2019-11-01
pjp
#if __OpenBSD__
0990
2020-07-10
pjp
if (unveil("/replicant", "rwc") < 0) {
0991
2020-07-10
pjp
perror("unveil");
0992
2020-07-10
pjp
ddd_shutdown();
0993
2020-07-10
pjp
exit(1);
0994
2020-07-10
pjp
}
0995
2020-07-10
pjp
0996
2020-07-10
pjp
if (pledge("stdio inet proc id sendfd recvfd unveil cpath wpath rpath", NULL) < 0) {
0997
2019-11-01
pjp
perror("pledge");
0998
2020-07-10
pjp
ddd_shutdown();
0999
2016-07-06
pjp
exit(1);
1000
2016-07-06
pjp
}
1001
2019-11-01
pjp
#endif
1002
2019-11-01
pjp
1003
2019-11-01
pjp
/* close descriptors that we don't need */
1004
2019-11-01
pjp
for (j = 0; j < i; j++) {
1005
2019-11-01
pjp
close(tcp[j]);
1006
2019-11-01
pjp
close(udp[j]);
1007
2019-11-01
pjp
}
1008
2020-07-21
pjp
close(cfg->raw[0]);
1009
2020-07-21
pjp
close(cfg->raw[1]);
1010
2019-11-01
pjp
1011
2020-07-10
pjp
setproctitle("Replicant engine");
1012
2020-07-10
pjp
1013
2020-07-10
pjp
replicantloop(db, ibuf);
1014
2020-07-10
pjp
1015
2019-11-01
pjp
/* NOTREACHED */
1016
2019-11-01
pjp
exit(1);
1017
2020-07-10
pjp
1018
2019-11-01
pjp
default:
1019
2019-11-01
pjp
break;
1020
2019-11-01
pjp
}
1021
2020-07-10
pjp
1022
2020-07-10
pjp
} /* raxfrflag */
1023
2020-07-10
pjp
/* start our forwarding process */
1024
2020-06-30
pjp
1025
2020-07-10
pjp
if (forward) {
1026
2020-07-14
pjp
/* initialize the only global shared memory segment */
1027
2020-07-14
pjp
1028
2020-07-10
pjp
shsize = 16 + (SHAREDMEMSIZE * sizeof(struct sf_imsg));
1029
2020-07-10
pjp
1030
2020-07-10
pjp
shptr = mmap(NULL, shsize, PROT_READ | PROT_WRITE, MAP_SHARED |\
1031
2020-07-10
pjp
MAP_ANON, -1, 0);
1032
2020-07-10
pjp
1033
2020-07-10
pjp
if (shptr == MAP_FAILED) {
1034
2020-07-10
pjp
dolog(LOG_ERR, "failed to setup mmap segment, exit\n");
1035
2020-07-10
pjp
exit(1);
1036
2020-07-10
pjp
}
1037
2020-07-10
pjp
1038
2020-07-10
pjp
/* initialize */
1039
2020-07-12
pjp
for (sf = (struct sf_imsg *)&shptr[0], j = 0; j < SHAREDMEMSIZE; j++, sf++) {
1040
2020-07-12
pjp
pack32((char *)&sf->u.s.read, 1);
1041
2020-07-10
pjp
}
1042
2020-07-10
pjp
1043
2020-07-10
pjp
cfg->shptr = shptr;
1044
2020-07-11
pjp
cfg->shptrsize = shsize;
1045
2020-07-10
pjp
1046
2020-07-10
pjp
1047
2020-06-30
pjp
switch (pid = fork()) {
1048
2020-06-30
pjp
case -1:
1049
2020-06-30
pjp
dolog(LOG_ERR, "fork() failed: %s\n", strerror(errno));
1050
2020-06-30
pjp
ddd_shutdown();
1051
2020-06-30
pjp
exit(1);
1052
2020-06-30
pjp
case 0:
1053
2020-07-10
pjp
ibuf = register_cortex(&cortex_ibuf, MY_IMSG_FORWARD);
1054
2020-06-30
pjp
if (ibuf == NULL) {
1055
2020-06-30
pjp
ddd_shutdown();
1056
2020-06-30
pjp
exit(1);
1057
2020-06-30
pjp
}
1058
2020-06-30
pjp
1059
2020-07-14
pjp
/* initialize shared memory for forward here */
1060
2020-07-14
pjp
shsize = 16 + (SHAREDMEMSIZE * sizeof(struct rr_imsg));
1061
2020-07-14
pjp
1062
2020-07-14
pjp
shptr = mmap(NULL, shsize, PROT_READ | PROT_WRITE, MAP_SHARED |\
1063
2020-07-14
pjp
MAP_ANON, -1, 0);
1064
2020-07-14
pjp
1065
2020-07-14
pjp
if (shptr == MAP_FAILED) {
1066
2020-07-14
pjp
dolog(LOG_ERR, "failed to setup mmap segment, exit\n");
1067
2020-07-14
pjp
exit(1);
1068
2020-07-14
pjp
}
1069
2020-07-14
pjp
1070
2020-07-14
pjp
/* initialize */
1071
2020-07-14
pjp
for (ri = (struct rr_imsg *)&shptr[0], j = 0; j < SHAREDMEMSIZE; j++, ri++) {
1072
2020-07-14
pjp
pack32((char *)&ri->u.s.read, 1);
1073
2020-07-14
pjp
}
1074
2020-07-14
pjp
1075
2020-07-14
pjp
cfg->shptr2 = shptr;
1076
2020-07-14
pjp
cfg->shptr2size = shsize;
1077
2020-07-14
pjp
1078
2020-07-14
pjp
shsize = 16 + (SHAREDMEMSIZE3 * sizeof(struct pkt_imsg));
1079
2020-07-14
pjp
1080
2020-07-14
pjp
shptr = mmap(NULL, shsize, PROT_READ | PROT_WRITE, MAP_SHARED |\
1081
2020-07-14
pjp
MAP_ANON, -1, 0);
1082
2020-07-14
pjp
1083
2020-07-14
pjp
if (shptr == MAP_FAILED) {
1084
2020-07-14
pjp
dolog(LOG_ERR, "failed to setup mmap segment, exit\n");
1085
2020-07-14
pjp
exit(1);
1086
2020-07-14
pjp
}
1087
2020-07-14
pjp
1088
2020-07-14
pjp
/* initialize */
1089
2020-07-14
pjp
for (pi = (struct pkt_imsg *)&shptr[0], j = 0; j < SHAREDMEMSIZE3; j++, pi++) {
1090
2020-07-14
pjp
pack32((char *)&pi->pkt_s.read, 1);
1091
2020-07-14
pjp
}
1092
2020-07-14
pjp
1093
2020-07-14
pjp
cfg->shptr3 = shptr;
1094
2020-07-14
pjp
cfg->shptr3size = shsize;
1095
2020-07-14
pjp
1096
2020-06-30
pjp
/* chroot to the drop priv user home directory */
1097
2020-07-10
pjp
#ifdef DEFAULT_LOCATION
1098
2020-07-10
pjp
if (drop_privs(DEFAULT_LOCATION, pw) < 0) {
1099
2020-07-10
pjp
#else
1100
2020-07-10
pjp
if (drop_privs(pw->pw_dir, pw) < 0) {
1101
2020-07-10
pjp
#endif
1102
2020-07-10
pjp
dolog(LOG_INFO, "forward dropping privileges\n", strerror(errno));
1103
2020-06-30
pjp
ddd_shutdown();
1104
2020-06-30
pjp
exit(1);
1105
2020-06-30
pjp
}
1106
2020-06-30
pjp
#if __OpenBSD__
1107
2020-07-10
pjp
if (unveil("/", "") < 0) {
1108
2020-07-10
pjp
dolog(LOG_INFO, "unveil locking failed: %s\n", strerror(errno));
1109
2020-06-30
pjp
ddd_shutdown();
1110
2020-06-30
pjp
exit(1);
1111
2020-06-30
pjp
}
1112
2020-06-30
pjp
1113
2020-07-10
pjp
if (unveil(NULL, NULL) < 0) {
1114
2020-07-10
pjp
dolog(LOG_INFO, "unveil locking failed: %s\n", strerror(errno));
1115
2020-06-30
pjp
ddd_shutdown();
1116
2020-06-30
pjp
exit(1);
1117
2020-06-30
pjp
}
1118
2020-07-10
pjp
if (pledge("stdio inet proc id sendfd recvfd", NULL) < 0) {
1119
2020-07-10
pjp
perror("pledge");
1120
2020-07-10
pjp
exit(1);
1121
2020-07-10
pjp
}
1122
2020-06-30
pjp
#endif
1123
2020-06-30
pjp
1124
2020-06-30
pjp
/* close descriptors that we don't need */
1125
2020-06-30
pjp
for (j = 0; j < i; j++) {
1126
2020-06-30
pjp
close(tcp[j]);
1127
2020-06-30
pjp
close(udp[j]);
1128
2020-07-21
pjp
if (axfrport && axfrport != port)
1129
2020-07-21
pjp
close(uafd[j]);
1130
2020-07-10
pjp
1131
2020-06-30
pjp
}
1132
2020-06-30
pjp
1133
2020-07-10
pjp
cfg->sockcount = i;
1134
2020-07-10
pjp
cfg->db = db;
1135
2020-06-30
pjp
1136
2020-07-11
pjp
/* shptr has no business in parse process */
1137
2020-07-13
pjp
#if __OpenBSD__
1138
2020-07-11
pjp
minherit(cfg->shptr, cfg->shptrsize,
1139
2020-07-11
pjp
MAP_INHERIT_NONE);
1140
2020-07-13
pjp
#endif
1141
2020-07-11
pjp
1142
2020-07-10
pjp
setproctitle("FORWARD engine");
1143
2020-07-10
pjp
forwardloop(db, cfg, ibuf, &cortex_ibuf);
1144
2020-06-30
pjp
/* NOTREACHED */
1145
2020-06-30
pjp
exit(1);
1146
2020-06-30
pjp
default:
1147
2020-06-30
pjp
break;
1148
2020-06-30
pjp
}
1149
2020-07-10
pjp
1150
2020-07-10
pjp
} /* forward */
1151
2020-06-30
pjp
1152
2020-07-21
pjp
close(cfg->raw[0]);
1153
2020-07-21
pjp
close(cfg->raw[1]);
1154
2020-06-30
pjp
1155
2020-07-10
pjp
1156
2019-11-01
pjp
/* the rest of the daemon goes on in TCP and UDP loops */
1157
2019-12-11
pjp
#ifdef DEFAULT_LOCATION
1158
2019-12-11
pjp
if (drop_privs(DEFAULT_LOCATION, pw) < 0) {
1159
2019-12-11
pjp
#else
1160
2019-11-01
pjp
if (drop_privs(pw->pw_dir, pw) < 0) {
1161
2019-12-11
pjp
#endif
1162
2019-11-01
pjp
dolog(LOG_INFO, "dropping privileges failed\n");
1163
2020-06-25
pjp
ddd_shutdown();
1164
2019-11-01
pjp
exit(1);
1165
2019-11-01
pjp
}
1166
2019-11-01
pjp
#if __OpenBSD__
1167
2019-11-01
pjp
if (unveil(NULL, NULL) < 0) {
1168
2019-11-01
pjp
dolog(LOG_INFO, "unveil locking failed: %s\n", strerror(errno));
1169
2020-06-25
pjp
ddd_shutdown();
1170
2019-11-01
pjp
exit(1);
1171
2019-11-01
pjp
}
1172
2019-11-01
pjp
if (pledge("stdio inet proc id sendfd recvfd", NULL) < 0) {
1173
2019-11-01
pjp
perror("pledge");
1174
2019-11-01
pjp
exit(1);
1175
2019-11-01
pjp
}
1176
2019-11-01
pjp
#endif
1177
2019-11-01
pjp
1178
2016-07-06
pjp
/* what follows is a bit mangled code, we set up nflag + 1 amount of
1179
2016-07-06
pjp
* server instances (1 per cpu?) and if we're recursive we also set up
1180
2016-07-06
pjp
* the same amount of recursive instances all connected through a
1181
2016-07-06
pjp
* socketpair() so that it looks somewhat like this (with 4 instances):
1182
2016-07-06
pjp
*
1183
2016-07-06
pjp
* replies <--- [] ---- [] recursive end
1184
2016-07-06
pjp
* |
1185
2016-07-06
pjp
* replies <--- [] ---- []
1186
2016-07-06
pjp
* request * ---> |
1187
2016-07-06
pjp
* replies <--- [] ---- []
1188
2016-07-06
pjp
* |
1189
2016-07-06
pjp
* replies <--- [] ---- []
1190
2016-07-06
pjp
*
1191
2016-07-06
pjp
*/
1192
2016-07-06
pjp
1193
2017-12-26
pjp
cfg->pid = 0;
1194
2017-12-26
pjp
cfg->nth = 0;
1195
2017-12-26
pjp
1196
2016-07-06
pjp
for (n = 0; n < nflag; n++) {
1197
2016-07-06
pjp
switch (pid = fork()) {
1198
2016-07-06
pjp
case 0:
1199
2017-12-26
pjp
cfg->pid = getpid();
1200
2017-12-26
pjp
cfg->nth = n;
1201
2016-07-06
pjp
cfg->sockcount = i;
1202
2016-07-06
pjp
cfg->db = db;
1203
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
1204
2016-07-06
pjp
cfg->udp[i] = udp[i];
1205
2016-07-06
pjp
cfg->tcp[i] = tcp[i];
1206
2016-07-06
pjp
1207
2017-08-10
pjp
if (axfrport && axfrport != port)
1208
2016-07-06
pjp
cfg->axfr[i] = uafd[i];
1209
2016-07-06
pjp
1210
2016-07-06
pjp
cfg->ident[i] = strdup(ident[i]);
1211
2020-07-03
pjp
1212
2016-07-06
pjp
}
1213
2016-07-06
pjp
1214
2017-12-26
pjp
setproctitle("child %d pid %d", n, cfg->pid);
1215
2020-06-25
pjp
(void)mainloop(cfg, &cortex_ibuf);
1216
2016-07-06
pjp
1217
2016-07-06
pjp
/* NOTREACHED */
1218
2016-07-06
pjp
default:
1219
2016-07-06
pjp
break;
1220
2016-07-06
pjp
} /* switch pid= fork */
1221
2016-07-06
pjp
} /* for (.. nflag */
1222
2016-07-06
pjp
1223
2016-07-06
pjp
cfg->sockcount = i;
1224
2016-07-06
pjp
cfg->db = db;
1225
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
1226
2016-07-06
pjp
cfg->udp[i] = udp[i];
1227
2016-07-06
pjp
cfg->tcp[i] = tcp[i];
1228
2016-07-06
pjp
1229
2017-08-10
pjp
if (axfrport && axfrport != port)
1230
2016-07-06
pjp
cfg->axfr[i] = uafd[i];
1231
2016-07-06
pjp
1232
2016-07-06
pjp
cfg->ident[i] = strdup(ident[i]);
1233
2016-07-06
pjp
}
1234
2016-07-06
pjp
1235
2020-06-25
pjp
(void)mainloop(cfg, &cortex_ibuf);
1236
2016-07-06
pjp
1237
2016-07-06
pjp
/* NOTREACHED */
1238
2016-07-06
pjp
return (0);
1239
2016-07-06
pjp
}
1240
2016-07-06
pjp
1241
2016-07-06
pjp
1242
2016-07-06
pjp
1243
2016-07-06
pjp
/*
1244
2016-07-06
pjp
* COMPRESS_LABEL - compress a DNS name, must be passed an entire reply
1245
2016-07-06
pjp
* with the to be compressed name before the offset of
1246
2016-07-06
pjp
* that reply.
1247
2016-07-06
pjp
*/
1248
2016-07-06
pjp
1249
2016-07-06
pjp
int
1250
2016-07-06
pjp
compress_label(u_char *buf, u_int16_t offset, int labellen)
1251
2016-07-06
pjp
{
1252
2016-07-06
pjp
u_char *label[256]; /* should be enough */
1253
2016-07-06
pjp
u_char *end = &buf[offset];
1254
2016-07-06
pjp
struct question {
1255
2016-07-06
pjp
u_int16_t type;
1256
2016-07-06
pjp
u_int16_t class;
1257
2016-07-06
pjp
} __attribute__((packed));
1258
2016-07-06
pjp
struct answer {
1259
2016-07-06
pjp
u_int16_t type;
1260
2016-07-06
pjp
u_int16_t class;
1261
2016-07-06
pjp
u_int32_t ttl;
1262
2016-07-06
pjp
u_int16_t rdlength;
1263
2016-07-06
pjp
} __attribute__((packed));
1264
2016-07-06
pjp
struct soa {
1265
2016-07-06
pjp
u_int32_t serial;
1266
2016-07-06
pjp
u_int32_t refresh;
1267
2016-07-06
pjp
u_int32_t retry;
1268
2016-07-06
pjp
u_int32_t expire;
1269
2016-07-06
pjp
u_int32_t minttl;
1270
2016-07-06
pjp
} __attribute__((packed));
1271
2016-07-06
pjp
1272
2016-07-06
pjp
struct answer *a;
1273
2016-07-06
pjp
1274
2016-07-06
pjp
u_int i, j;
1275
2016-07-06
pjp
u_int checklen;
1276
2016-07-06
pjp
1277
2016-07-06
pjp
u_char *p, *e;
1278
2016-07-06
pjp
u_char *compressmark;
1279
2016-07-06
pjp
1280
2016-07-06
pjp
1281
2016-07-06
pjp
p = &buf[sizeof(struct dns_header)];
1282
2016-07-06
pjp
label[0] = p;
1283
2016-07-06
pjp
1284
2016-07-06
pjp
while (p <= end && *p) {
1285
2016-07-06
pjp
p += *p;
1286
2016-07-06
pjp
p++;
1287
2016-07-06
pjp
}
1288
2016-07-06
pjp
1289
2016-07-06
pjp
/*
1290
2016-07-06
pjp
* the question label was bogus, we'll just get out of there, return 0
1291
2016-07-06
pjp
*/
1292
2016-07-06
pjp
1293
2016-07-06
pjp
if (p >= end)
1294
2016-07-06
pjp
return (0);
1295
2016-07-06
pjp
1296
2016-07-06
pjp
p += sizeof(struct question);
1297
2016-07-06
pjp
p++; /* one more */
1298
2016-07-06
pjp
/* start of answer/additional/authoritative */
1299
2016-07-06
pjp
1300
2016-07-06
pjp
for (i = 1; i < 100; i++) {
1301
2016-07-06
pjp
label[i] = p;
1302
2016-07-06
pjp
1303
2016-07-06
pjp
while (p <= end && *p) {
1304
2016-07-06
pjp
if ((*p & 0xc0) == 0xc0) {
1305
2016-07-06
pjp
p++;
1306
2016-07-06
pjp
break;
1307
2016-07-06
pjp
}
1308
2016-07-06
pjp
p += *p;
1309
2016-07-06
pjp
p++;
1310
2016-07-06
pjp
1311
2016-07-06
pjp
if (p >= end)
1312
2016-07-06
pjp
goto end;
1313
2016-07-06
pjp
}
1314
2016-07-06
pjp
1315
2016-07-06
pjp
p++; /* one more */
1316
2016-07-06
pjp
1317
2016-07-06
pjp
1318
2016-07-06
pjp
a = (struct answer *)p;
1319
2016-07-06
pjp
p += sizeof(struct answer);
1320
2016-07-06
pjp
1321
2016-07-06
pjp
/* Thanks FreeLogic! */
1322
2016-07-06
pjp
if (p >= end)
1323
2016-07-06
pjp
goto end;
1324
2016-07-06
pjp
1325
2016-07-06
pjp
switch (ntohs(a->type)) {
1326
2016-07-06
pjp
case DNS_TYPE_A:
1327
2016-07-06
pjp
p += sizeof(in_addr_t);
1328
2016-07-06
pjp
break;
1329
2016-07-06
pjp
case DNS_TYPE_AAAA:
1330
2016-07-06
pjp
p += 16; /* sizeof 4 * 32 bit */
1331
2016-07-06
pjp
break;
1332
2016-07-06
pjp
case DNS_TYPE_TXT:
1333
2016-07-06
pjp
p += *p;
1334
2016-07-06
pjp
p++;
1335
2016-07-06
pjp
break;
1336
2016-07-06
pjp
case DNS_TYPE_TLSA:
1337
2016-07-06
pjp
p += 2;
1338
2016-07-06
pjp
switch (*p) {
1339
2016-07-06
pjp
case 1:
1340
2016-07-06
pjp
p += DNS_TLSA_SIZE_SHA256 + 1;
1341
2016-07-06
pjp
break;
1342
2016-07-06
pjp
case 2:
1343
2016-07-06
pjp
p += DNS_TLSA_SIZE_SHA512 + 1;
1344
2016-07-06
pjp
break;
1345
2016-07-06
pjp
default:
1346
2016-07-06
pjp
/* XXX */
1347
2016-07-06
pjp
goto end;
1348
2016-07-06
pjp
}
1349
2016-07-06
pjp
1350
2016-07-06
pjp
break;
1351
2016-07-06
pjp
case DNS_TYPE_SSHFP:
1352
2016-07-06
pjp
p++;
1353
2016-07-06
pjp
switch (*p) {
1354
2016-07-06
pjp
case 1:
1355
2016-07-06
pjp
p += DNS_SSHFP_SIZE_SHA1 + 1;
1356
2016-07-06
pjp
break;
1357
2016-07-06
pjp
case 2:
1358
2016-07-06
pjp
p += DNS_SSHFP_SIZE_SHA256 + 1;
1359
2016-07-06
pjp
break;
1360
2016-07-06
pjp
default:
1361
2016-07-06
pjp
/* XXX */
1362
2016-07-06
pjp
goto end;
1363
2016-07-06
pjp
}
1364
2016-07-06
pjp
1365
2016-07-06
pjp
break;
1366
2016-07-06
pjp
case DNS_TYPE_SRV:
1367
2016-07-06
pjp
p += (2 * sizeof(u_int16_t)); /* priority, weight */
1368
2016-07-06
pjp
/* the port will be assumed in the fall through for
1369
2016-07-06
pjp
mx_priority..
1370
2016-07-06
pjp
*/
1371
2016-07-06
pjp
/* FALLTHROUGH */
1372
2016-07-06
pjp
case DNS_TYPE_MX:
1373
2016-07-06
pjp
p += sizeof(u_int16_t); /* mx_priority */
1374
2016-07-06
pjp
/* FALLTHROUGH */
1375
2016-07-06
pjp
case DNS_TYPE_NS:
1376
2016-07-06
pjp
case DNS_TYPE_PTR:
1377
2016-07-06
pjp
case DNS_TYPE_CNAME:
1378
2016-07-06
pjp
label[++i] = p;
1379
2016-07-06
pjp
while (p <= end && *p) {
1380
2016-07-06
pjp
if ((*p & 0xc0) == 0xc0) {
1381
2016-07-06
pjp
p++;
1382
2016-07-06
pjp
break;
1383
2016-07-06
pjp
}
1384
2016-07-06
pjp
p += *p;
1385
2016-07-06
pjp
p++;
1386
2016-07-06
pjp
1387
2016-07-06
pjp
if (p >= end)
1388
2016-07-06
pjp
goto end;
1389
2016-07-06
pjp
}
1390
2016-07-06
pjp
1391
2016-07-06
pjp
p++; /* one more */
1392
2016-07-06
pjp
break;
1393
2016-07-06
pjp
case DNS_TYPE_SOA:
1394
2016-07-06
pjp
/* nsserver */
1395
2016-07-06
pjp
label[++i] = p;
1396
2016-07-06
pjp
while (p <= end && *p) {
1397
2016-07-06
pjp
if ((*p & 0xc0) == 0xc0) {
1398
2016-07-06
pjp
p++;
1399
2016-07-06
pjp
break;
1400
2016-07-06
pjp
}
1401
2016-07-06
pjp
p += *p;
1402
2016-07-06
pjp
p++;
1403
2016-07-06
pjp
if (p >= end)
1404
2016-07-06
pjp
goto end;
1405
2016-07-06
pjp
}
1406
2016-07-06
pjp
1407
2016-07-06
pjp
p++; /* one more */
1408
2016-07-06
pjp
1409
2016-07-06
pjp
if (p >= end)
1410
2016-07-06
pjp
break;
1411
2016-07-06
pjp
1412
2016-07-06
pjp
/* responsible person */
1413
2016-07-06
pjp
label[++i] = p;
1414
2016-07-06
pjp
while (p <= end && *p) {
1415
2016-07-06
pjp
if ((*p & 0xc0) == 0xc0) {
1416
2016-07-06
pjp
p++;
1417
2016-07-06
pjp
break;
1418
2016-07-06
pjp
}
1419
2016-07-06
pjp
p += *p;
1420
2016-07-06
pjp
p++;
1421
2016-07-06
pjp
}
1422
2016-07-06
pjp
1423
2016-07-06
pjp
p++; /* one more */
1424
2016-07-06
pjp
1425
2016-07-06
pjp
if (p >= end)
1426
2016-07-06
pjp
break;
1427
2016-07-06
pjp
1428
2016-07-06
pjp
p += sizeof(struct soa); /* advance struct soa */
1429
2016-07-06
pjp
1430
2016-07-06
pjp
break;
1431
2016-07-06
pjp
case DNS_TYPE_NAPTR:
1432
2016-07-06
pjp
p += (2 * sizeof(u_int16_t)); /* order and preference */
1433
2016-07-06
pjp
p += *p; /* flags */
1434
2016-07-06
pjp
p++;
1435
2016-07-06
pjp
p += *p; /* services */
1436
2016-07-06
pjp
p++;
1437
2016-07-06
pjp
p += *p; /* regexp */
1438
2016-07-06
pjp
p++;
1439
2016-07-06
pjp
1440
2016-07-06
pjp
label[++i] = p;
1441
2016-07-06
pjp
while (p <= end && *p) {
1442
2016-07-06
pjp
if ((*p & 0xc0) == 0xc0) {
1443
2016-07-06
pjp
p++;
1444
2016-07-06
pjp
break;
1445
2016-07-06
pjp
}
1446
2016-07-06
pjp
p += *p;
1447
2016-07-06
pjp
p++;
1448
2016-07-06
pjp
1449
2016-07-06
pjp
if (p >= end)
1450
2016-07-06
pjp
goto end;
1451
2016-07-06
pjp
}
1452
2016-07-06
pjp
1453
2016-07-06
pjp
p++; /* one more */
1454
2016-07-06
pjp
break;
1455
2016-07-06
pjp
1456
2016-07-06
pjp
default:
1457
2016-07-06
pjp
break;
1458
2016-07-06
pjp
/* XXX */
1459
2016-07-06
pjp
} /* switch */
1460
2016-07-06
pjp
1461
2016-07-06
pjp
if (p >= end)
1462
2016-07-06
pjp
break;
1463
2016-07-06
pjp
} /* for (i *) */
1464
2016-07-06
pjp
1465
2016-07-06
pjp
end:
1466
2016-07-06
pjp
1467
2016-07-06
pjp
p = &buf[offset - labellen];
1468
2016-07-06
pjp
checklen = labellen;
1469
2016-07-06
pjp
1470
2016-07-06
pjp
for (;*p != 0;) {
1471
2016-07-06
pjp
for (j = 0; j < i; j++) {
1472
2016-07-06
pjp
for (e = label[j]; *e; e += *e, e++) {
1473
2016-07-06
pjp
if ((*e & 0xc0) == 0xc0)
1474
2016-07-06
pjp
break;
1475
2016-07-06
pjp
1476
2016-07-06
pjp
if (memcasecmp(e, p, checklen) == 0) {
1477
2016-07-06
pjp
/* e is now our compress offset */
1478
2016-07-06
pjp
compressmark = e;
1479
2016-07-06
pjp
goto out; /* found one */
1480
2016-07-06
pjp
}
1481
2016-07-06
pjp
} /* for (e .. */
1482
2016-07-06
pjp
1483
2016-07-06
pjp
} /* for (j .. */
1484
2016-07-06
pjp
1485
2016-07-06
pjp
if (*p > DNS_MAXLABEL)
1486
2016-07-06
pjp
return 0; /* totally bogus label */
1487
2016-07-06
pjp
1488
2016-07-06
pjp
checklen -= *p;
1489
2016-07-06
pjp
p += *p;
1490
2016-07-06
pjp
checklen--;
1491
2016-07-06
pjp
p++;
1492
2016-07-06
pjp
}
1493
2016-07-06
pjp
1494
2016-07-06
pjp
return (0); /* no compression possible */
1495
2016-07-06
pjp
1496
2016-07-06
pjp
out:
1497
2016-07-06
pjp
/* take off our compress length */
1498
2016-07-06
pjp
offset -= checklen;
1499
2016-07-06
pjp
/* write compressed label */
1500
2019-12-03
pjp
pack16(&buf[offset], htons((compressmark - &buf[0]) | 0xc000));
1501
2016-07-06
pjp
1502
2016-07-06
pjp
offset += sizeof(u_int16_t);
1503
2016-07-06
pjp
1504
2016-07-06
pjp
return (offset);
1505
2016-07-06
pjp
}
1506
2016-07-06
pjp
1507
2016-07-06
pjp
1508
2016-07-06
pjp
1509
2016-07-06
pjp
/*
1510
2016-07-06
pjp
* MAINLOOP - does the polling of tcp & udp descriptors and if ready receives the
1511
2016-07-06
pjp
* requests, builds the question and calls for replies, loops
1512
2016-07-06
pjp
*
1513
2016-07-06
pjp
*/
1514
2016-07-06
pjp
1515
2016-07-06
pjp
void
1516
2020-06-25
pjp
mainloop(struct cfg *cfg, struct imsgbuf *ibuf)
1517
2016-07-06
pjp
{
1518
2016-07-06
pjp
fd_set rset;
1519
2017-08-09
pjp
pid_t pid;
1520
2017-08-09
pjp
1521
2020-07-03
pjp
int sel, oldsel;
1522
2019-10-25
pjp
int len, slen = 0;
1523
2020-06-25
pjp
int i, nomore = 0;
1524
2016-07-06
pjp
int istcp = 1;
1525
2016-07-06
pjp
int maxso;
1526
2016-07-06
pjp
int so;
1527
2016-07-06
pjp
int type0, type1;
1528
2016-07-06
pjp
int lzerrno;
1529
2016-07-06
pjp
int filter = 0;
1530
2016-07-06
pjp
int rcheck = 0;
1531
2020-07-16
pjp
int blocklist = 1;
1532
2019-02-24
pjp
int require_tsig = 0;
1533
2020-06-25
pjp
pid_t idata;
1534
2016-07-06
pjp
1535
2018-07-13
pjp
u_int32_t received_ttl;
1536
2019-02-24
pjp
u_int32_t imsg_type;
1537
2016-07-06
pjp
u_char *ttlptr;
1538
2016-07-06
pjp
1539
2016-07-06
pjp
u_int8_t aregion; /* region where the address comes from */
1540
2016-07-06
pjp
1541
2016-07-06
pjp
char buf[4096];
1542
2016-07-06
pjp
char *replybuf = NULL;
1543
2016-07-06
pjp
char address[INET6_ADDRSTRLEN];
1544
2016-07-06
pjp
char replystring[DNS_MAXNAME + 1];
1545
2016-07-06
pjp
char fakereplystring[DNS_MAXNAME + 1];
1546
2016-07-06
pjp
char controlbuf[64];
1547
2016-07-06
pjp
1548
2016-07-06
pjp
union {
1549
2016-07-06
pjp
struct sockaddr sa;
1550
2016-07-06
pjp
struct sockaddr_in sin;
1551
2016-07-06
pjp
struct sockaddr_in6 sin6;
1552
2016-07-06
pjp
} sockaddr_large;
1553
2016-07-06
pjp
1554
2016-07-06
pjp
socklen_t fromlen = sizeof(sockaddr_large);
1555
2016-07-06
pjp
1556
2016-07-06
pjp
struct sockaddr *from = (void *)&sockaddr_large;
1557
2016-07-06
pjp
struct sockaddr_in *sin;
1558
2016-07-06
pjp
struct sockaddr_in6 *sin6;
1559
2016-07-06
pjp
1560
2016-07-06
pjp
struct question *question = NULL, *fakequestion = NULL;
1561
2017-11-28
pjp
struct parsequestion pq;
1562
2019-02-15
pjp
struct rbtree *rbt0 = NULL, *rbt1 = NULL;
1563
2019-02-15
pjp
struct rrset *csd;
1564
2019-02-15
pjp
struct rr *rr_csd;
1565
2020-07-10
pjp
struct sf_imsg sf, *sfi = NULL;
1566
2016-07-06
pjp
1567
2016-07-06
pjp
struct sreply sreply;
1568
2019-01-25
pjp
struct reply_logic *rl = NULL;
1569
2016-07-06
pjp
struct timeval tv = { 10, 0};
1570
2020-07-25
pjp
struct timeval rectv0, rectv1, *prectv;
1571
2016-07-06
pjp
1572
2016-07-06
pjp
struct msghdr msgh;
1573
2017-11-27
pjp
struct cmsghdr *cmsg = NULL;
1574
2016-07-06
pjp
struct iovec iov;
1575
2020-06-25
pjp
struct imsgbuf *tcp_ibuf, *udp_ibuf, parse_ibuf;
1576
2017-11-28
pjp
struct imsgbuf *pibuf;
1577
2017-11-28
pjp
struct imsg imsg;
1578
2017-11-28
pjp
1579
2020-07-03
pjp
struct sforward *sforward;
1580
2020-06-30
pjp
1581
2017-11-28
pjp
ssize_t n, datalen;
1582
2020-07-10
pjp
int ix;
1583
2020-07-21
pjp
int sretlen;
1584
2020-07-25
pjp
1585
2020-07-25
pjp
memset(&rectv0, 0, sizeof(struct timeval));
1586
2020-07-25
pjp
memset(&rectv1, 0, sizeof(struct timeval));
1587
2020-06-25
pjp
1588
2020-07-11
pjp
pid = fork();
1589
2020-07-11
pjp
switch (pid) {
1590
2020-07-11
pjp
case -1:
1591
2020-07-11
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
1592
2020-07-11
pjp
exit(1);
1593
2020-07-11
pjp
case 0:
1594
2020-07-11
pjp
for (i = 0; i < cfg->sockcount; i++) {
1595
2020-07-11
pjp
close(cfg->udp[i]);
1596
2020-07-11
pjp
if (axfrport && axfrport != port)
1597
2020-07-11
pjp
close(cfg->axfr[i]);
1598
2020-07-11
pjp
}
1599
2020-07-11
pjp
tcp_ibuf = register_cortex(ibuf, MY_IMSG_TCP);
1600
2020-07-11
pjp
if (tcp_ibuf == NULL) {
1601
2020-07-11
pjp
ddd_shutdown();
1602
2020-07-11
pjp
exit(1);
1603
2020-07-11
pjp
}
1604
2020-07-11
pjp
/* shptr has no business in a tcp parse process */
1605
2020-07-11
pjp
if (forward) {
1606
2020-07-13
pjp
#if __OpenBSD__
1607
2020-07-11
pjp
minherit(cfg->shptr, cfg->shptrsize,
1608
2020-07-11
pjp
MAP_INHERIT_NONE);
1609
2020-07-13
pjp
#endif
1610
2020-07-11
pjp
}
1611
2020-06-25
pjp
1612
2020-07-11
pjp
setproctitle("TCP engine %d", cfg->pid);
1613
2020-07-11
pjp
tcploop(cfg, tcp_ibuf, ibuf);
1614
2020-07-11
pjp
/* NOTREACHED */
1615
2020-07-11
pjp
exit(1);
1616
2020-07-11
pjp
default:
1617
2020-07-11
pjp
for (i = 0; i < cfg->sockcount; i++) {
1618
2020-07-11
pjp
close(cfg->tcp[i]);
1619
2020-07-11
pjp
}
1620
2020-07-11
pjp
break;
1621
2020-07-11
pjp
}
1622
2020-07-11
pjp
1623
2020-07-11
pjp
/* shptr has no business in a udp parse process */
1624
2020-07-11
pjp
if (forward) {
1625
2020-07-13
pjp
#if __OpenBSD__
1626
2020-07-11
pjp
minherit(cfg->shptr, cfg->shptrsize,
1627
2020-07-11
pjp
MAP_INHERIT_NONE);
1628
2020-07-13
pjp
#endif
1629
2020-07-11
pjp
}
1630
2020-07-11
pjp
1631
2020-07-03
pjp
sforward = (struct sforward *)calloc(1, sizeof(struct sforward));
1632
2020-07-03
pjp
if (sforward == NULL) {
1633
2020-06-30
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
1634
2020-06-30
pjp
ddd_shutdown();
1635
2020-06-30
pjp
exit(1);
1636
2020-06-30
pjp
}
1637
2020-06-30
pjp
1638
2020-06-25
pjp
replybuf = calloc(1, 65536);
1639
2020-06-25
pjp
if (replybuf == NULL) {
1640
2020-06-25
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
1641
2020-06-25
pjp
ddd_shutdown();
1642
2020-06-25
pjp
exit(1);
1643
2020-06-30
pjp
}
1644
2020-06-25
pjp
1645
2020-07-03
pjp
udp_ibuf = register_cortex(ibuf, MY_IMSG_UDP);
1646
2020-07-03
pjp
if (udp_ibuf == NULL) {
1647
2020-07-03
pjp
ddd_shutdown();
1648
2020-07-03
pjp
exit(1);
1649
2020-07-03
pjp
}
1650
2020-07-03
pjp
1651
2020-06-25
pjp
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, &cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]) < 0) {
1652
2017-08-09
pjp
dolog(LOG_INFO, "socketpair() failed\n");
1653
2020-06-25
pjp
ddd_shutdown();
1654
2017-08-09
pjp
exit(1);
1655
2017-08-09
pjp
}
1656
2016-07-06
pjp
1657
2017-08-09
pjp
pid = fork();
1658
2017-08-09
pjp
switch (pid) {
1659
2017-08-09
pjp
case -1:
1660
2017-08-09
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
1661
2017-08-09
pjp
exit(1);
1662
2017-08-09
pjp
case 0:
1663
2020-07-14
pjp
#ifndef __OpenBSD__
1664
2020-07-14
pjp
/* OpenBSD has minherit() */
1665
2020-07-14
pjp
if (munmap(cfg->shptr, cfg->shptrsize) == -1) {
1666
2020-07-14
pjp
dolog(LOG_INFO, "unmapping shptr failed: %s\n", \
1667
2020-07-14
pjp
strerror(errno));
1668
2020-07-14
pjp
}
1669
2020-07-14
pjp
#endif
1670
2020-07-14
pjp
cfg->shptrsize = 0;
1671
2020-07-11
pjp
/* close udp decriptors */
1672
2017-08-09
pjp
for (i = 0; i < cfg->sockcount; i++) {
1673
2017-08-09
pjp
close(cfg->udp[i]);
1674
2017-08-09
pjp
}
1675
2020-06-25
pjp
close(ibuf->fd);
1676
2020-07-03
pjp
close(udp_ibuf->fd);
1677
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
1678
2020-06-25
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
1679
2020-06-25
pjp
setproctitle("udp parse engine %d", cfg->pid);
1680
2020-06-25
pjp
parseloop(cfg, &parse_ibuf);
1681
2017-08-09
pjp
/* NOTREACHED */
1682
2017-08-09
pjp
exit(1);
1683
2017-08-09
pjp
default:
1684
2020-06-25
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
1685
2020-06-25
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
1686
2020-06-25
pjp
pibuf = &parse_ibuf;
1687
2017-08-09
pjp
break;
1688
2017-08-09
pjp
}
1689
2016-07-06
pjp
1690
2020-06-25
pjp
1691
2020-06-25
pjp
1692
2017-11-27
pjp
#if __OpenBSD__
1693
2017-11-27
pjp
if (pledge("stdio inet sendfd recvfd", NULL) < 0) {
1694
2017-11-27
pjp
perror("pledge");
1695
2017-11-27
pjp
exit(1);
1696
2017-11-27
pjp
}
1697
2017-11-27
pjp
#endif
1698
2017-11-27
pjp
1699
2016-07-06
pjp
for (;;) {
1700
2016-07-06
pjp
maxso = 0;
1701
2016-07-06
pjp
1702
2016-07-06
pjp
FD_ZERO(&rset);
1703
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
1704
2016-07-06
pjp
if (maxso < cfg->udp[i])
1705
2016-07-06
pjp
maxso = cfg->udp[i];
1706
2016-07-06
pjp
1707
2017-08-10
pjp
if (axfrport && axfrport != port && maxso < cfg->axfr[i])
1708
2016-07-06
pjp
maxso = cfg->axfr[i];
1709
2016-07-06
pjp
1710
2016-07-06
pjp
FD_SET(cfg->udp[i], &rset);
1711
2016-07-06
pjp
1712
2017-08-10
pjp
if (axfrport && axfrport != port)
1713
2016-07-06
pjp
FD_SET(cfg->axfr[i], &rset);
1714
2016-07-06
pjp
}
1715
2016-07-06
pjp
1716
2016-07-06
pjp
tv.tv_sec = 10;
1717
2016-07-06
pjp
tv.tv_usec = 0;
1718
2016-07-06
pjp
1719
2016-07-06
pjp
sel = select(maxso + 1, &rset, NULL, NULL, &tv);
1720
2016-07-06
pjp
1721
2016-07-06
pjp
if (sel < 0) {
1722
2016-07-06
pjp
dolog(LOG_INFO, "select: %s\n", strerror(errno));
1723
2016-07-06
pjp
continue;
1724
2016-07-06
pjp
}
1725
2016-07-06
pjp
1726
2016-07-06
pjp
if (sel == 0) {
1727
2020-06-25
pjp
if (nomore)
1728
2020-06-25
pjp
continue;
1729
2017-08-09
pjp
1730
2017-08-09
pjp
idata = 42;
1731
2020-06-25
pjp
imsg_compose(ibuf, IMSG_CRIPPLE_NEURON,
1732
2017-08-09
pjp
0, 0, -1, &idata, sizeof(idata));
1733
2020-06-25
pjp
msgbuf_write(&ibuf->w);
1734
2017-08-09
pjp
1735
2020-06-25
pjp
nomore = 1;
1736
2020-06-25
pjp
1737
2016-07-06
pjp
continue;
1738
2016-07-06
pjp
}
1739
2016-07-06
pjp
1740
2016-07-06
pjp
for (i = 0; i < cfg->sockcount; i++) {
1741
2017-08-10
pjp
if (axfrport && axfrport != port && FD_ISSET(cfg->axfr[i], &rset)) {
1742
2017-08-09
pjp
istcp = 0;
1743
2017-08-09
pjp
so = cfg->axfr[i];
1744
2017-08-09
pjp
1745
2017-08-09
pjp
goto axfrentry;
1746
2017-08-09
pjp
}
1747
2017-08-09
pjp
1748
2017-08-09
pjp
if (FD_ISSET(cfg->udp[i], &rset)) {
1749
2017-08-09
pjp
istcp = 0;
1750
2017-08-09
pjp
so = cfg->udp[i];
1751
2020-07-03
pjp
oldsel = i;
1752
2017-08-09
pjp
axfrentry:
1753
2016-07-06
pjp
fromlen = sizeof(sockaddr_large);
1754
2016-07-06
pjp
1755
2017-08-09
pjp
memset(&msgh, 0, sizeof(msgh));
1756
2017-08-09
pjp
iov.iov_base = buf;
1757
2017-08-09
pjp
iov.iov_len = sizeof(buf);
1758
2017-08-09
pjp
msgh.msg_name = from;
1759
2017-08-09
pjp
msgh.msg_namelen = fromlen;
1760
2017-08-09
pjp
msgh.msg_iov = &iov;
1761
2017-08-09
pjp
msgh.msg_iovlen = 1;
1762
2017-08-09
pjp
msgh.msg_control = (struct cmsghdr*)&controlbuf;
1763
2017-08-09
pjp
msgh.msg_controllen = sizeof(controlbuf);
1764
2017-08-09
pjp
1765
2017-08-09
pjp
len = recvmsg(so, &msgh, 0);
1766
2017-08-09
pjp
if (len < 0) {
1767
2017-08-09
pjp
dolog(LOG_INFO, "recvmsg: on descriptor %u interface \"%s\" %s\n", so, cfg->ident[i], strerror(errno));
1768
2016-07-06
pjp
continue;
1769
2016-07-06
pjp
}
1770
2016-07-06
pjp
1771
2017-08-09
pjp
received_ttl = 0;
1772
2017-08-09
pjp
1773
2017-08-09
pjp
for (cmsg = CMSG_FIRSTHDR(&msgh);
1774
2017-08-09
pjp
cmsg != NULL;
1775
2017-08-09
pjp
cmsg = CMSG_NXTHDR(&msgh,cmsg)) {
1776
2017-08-09
pjp
if (cmsg->cmsg_level == IPPROTO_IP
1777
2017-08-09
pjp
#ifdef __linux__
1778
2017-08-09
pjp
&& cmsg->cmsg_type == IP_TTL) {
1779
2017-08-09
pjp
#else
1780
2017-08-09
pjp
1781
2017-08-09
pjp
&& cmsg->cmsg_type == IP_RECVTTL) {
1782
2017-08-09
pjp
#endif
1783
2017-08-09
pjp
1784
2017-08-09
pjp
ttlptr = (u_char *) CMSG_DATA(cmsg);
1785
2017-08-09
pjp
received_ttl = (u_int)*ttlptr;
1786
2017-08-09
pjp
}
1787
2017-08-09
pjp
1788
2017-08-09
pjp
if (cmsg->cmsg_level == IPPROTO_IPV6 &&
1789
2017-08-09
pjp
cmsg->cmsg_type == IPV6_HOPLIMIT) {
1790
2017-08-09
pjp
1791
2017-08-09
pjp
if (cmsg->cmsg_len !=
1792
2017-08-09
pjp
CMSG_LEN(sizeof(int))) {
1793
2020-07-25
pjp
dolog(LOG_INFO, "IPV6_HOPLIMIT cmsg->cmsg_len == %d\n", cmsg->cmsg_len);
1794
2017-08-09
pjp
continue;
1795
2017-08-09
pjp
}
1796
2017-08-09
pjp
1797
2017-08-09
pjp
ttlptr = (u_char *) CMSG_DATA(cmsg);
1798
2017-08-09
pjp
received_ttl = (u_int)*ttlptr;
1799
2017-08-09
pjp
}
1800
2020-07-25
pjp
1801
2020-07-25
pjp
if (cmsg->cmsg_level == SOL_SOCKET &&
1802
2020-07-25
pjp
cmsg->cmsg_type == SCM_TIMESTAMP) {
1803
2020-07-25
pjp
1804
2020-07-25
pjp
if (cmsg->cmsg_len !=
1805
2020-07-25
pjp
CMSG_LEN(sizeof(struct timeval))) {
1806
2020-07-25
pjp
dolog(LOG_INFO, "SCM_TIMESTAMP cmsg->cmsg_len == %d\n", cmsg->cmsg_len);
1807
2020-07-25
pjp
continue;
1808
2020-07-25
pjp
}
1809
2020-07-25
pjp
1810
2020-07-25
pjp
prectv = (struct timeval *) CMSG_DATA(cmsg);
1811
2020-07-25
pjp
memcpy((char *)&rectv0, (char *)prectv, sizeof(struct timeval));
1812
2020-07-25
pjp
}
1813
2017-08-09
pjp
}
1814
2017-08-09
pjp
1815
2016-07-06
pjp
if (from->sa_family == AF_INET6) {
1816
2016-07-06
pjp
1817
2016-07-06
pjp
fromlen = sizeof(struct sockaddr_in6);
1818
2016-07-06
pjp
sin6 = (struct sockaddr_in6 *)from;
1819
2016-07-06
pjp
inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, (char *)&address, sizeof(address));
1820
2017-08-09
pjp
if (ratelimit) {
1821
2017-08-09
pjp
add_rrlimit(ratelimit_backlog, (u_int16_t *)&sin6->sin6_addr, sizeof(sin6->sin6_addr), rptr);
1822
2017-08-09
pjp
1823
2017-08-09
pjp
rcheck = check_rrlimit(ratelimit_backlog, (u_int16_t *)&sin6->sin6_addr, sizeof(sin6->sin6_addr), rptr);
1824
2017-08-09
pjp
}
1825
2017-08-09
pjp
1826
2016-07-06
pjp
aregion = find_region((struct sockaddr_storage *)sin6, AF_INET6);
1827
2019-02-24
pjp
filter = 0;
1828
2016-07-06
pjp
filter = find_filter((struct sockaddr_storage *)sin6, AF_INET6);
1829
2020-07-16
pjp
if (passlist) {
1830
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin6, AF_INET6);
1831
2016-07-06
pjp
}
1832
2019-02-24
pjp
1833
2019-02-24
pjp
require_tsig = 0;
1834
2019-02-24
pjp
if (tsig) {
1835
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin6, AF_INET6);
1836
2019-02-24
pjp
}
1837
2019-02-24
pjp
1838
2016-07-06
pjp
} else if (from->sa_family == AF_INET) {
1839
2016-07-06
pjp
1840
2016-07-06
pjp
fromlen = sizeof(struct sockaddr_in);
1841
2016-07-06
pjp
sin = (struct sockaddr_in *)from;
1842
2016-07-06
pjp
inet_ntop(AF_INET, (void *)&sin->sin_addr, (char *)&address, sizeof(address));
1843
2017-08-09
pjp
if (ratelimit) {
1844
2017-08-09
pjp
add_rrlimit(ratelimit_backlog, (u_int16_t *)&sin->sin_addr.s_addr, sizeof(sin->sin_addr.s_addr), rptr);
1845
2017-08-09
pjp
1846
2017-08-09
pjp
rcheck = check_rrlimit(ratelimit_backlog, (u_int16_t *)&sin->sin_addr.s_addr, sizeof(sin->sin_addr.s_addr), rptr);
1847
2017-08-09
pjp
}
1848
2017-08-09
pjp
1849
2016-07-06
pjp
aregion = find_region((struct sockaddr_storage *)sin, AF_INET);
1850
2019-02-24
pjp
filter = 0;
1851
2016-07-06
pjp
filter = find_filter((struct sockaddr_storage *)sin, AF_INET);
1852
2020-07-16
pjp
if (passlist) {
1853
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin, AF_INET);
1854
2016-07-06
pjp
}
1855
2016-07-06
pjp
1856
2019-02-24
pjp
require_tsig = 0;
1857
2019-02-24
pjp
if (tsig) {
1858
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin, AF_INET);
1859
2019-02-24
pjp
}
1860
2019-02-24
pjp
1861
2017-08-09
pjp
} else {
1862
2017-08-09
pjp
dolog(LOG_INFO, "packet received on descriptor %u interface \"%s\" had weird address family (%u), drop\n", so, cfg->ident[i], from->sa_family);
1863
2017-08-09
pjp
goto drop;
1864
2016-07-06
pjp
}
1865
2016-07-06
pjp
1866
2017-08-09
pjp
/* if UDP packet check length for minimum / maximum */
1867
2017-08-09
pjp
if (len > DNS_MAXUDP || len < sizeof(struct dns_header)){
1868
2017-08-09
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[i], address);
1869
2017-08-09
pjp
goto drop;
1870
2016-07-06
pjp
}
1871
2016-07-06
pjp
1872
2019-02-24
pjp
if (filter && require_tsig == 0) {
1873
2016-07-06
pjp
1874
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1875
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
1876
2017-11-27
pjp
1877
2017-11-28
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) replying REFUSED, filter policy\n", so, cfg->ident[i], address, received_ttl, aregion);
1878
2017-08-09
pjp
goto drop;
1879
2017-08-09
pjp
}
1880
2016-07-06
pjp
1881
2020-07-16
pjp
if (passlist && blocklist == 0) {
1882
2016-07-06
pjp
1883
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1884
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
1885
2017-08-09
pjp
1886
2020-07-16
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) replying REFUSED, passlist policy\n", so, cfg->ident[i], address, received_ttl, aregion);
1887
2017-08-09
pjp
goto drop;
1888
2016-07-06
pjp
}
1889
2017-08-09
pjp
1890
2017-11-28
pjp
if (ratelimit && rcheck) {
1891
2017-11-28
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) ratelimit policy dropping packet\n", so, cfg->ident[i], address, received_ttl, aregion);
1892
2017-08-09
pjp
goto drop;
1893
2016-07-06
pjp
}
1894
2017-11-28
pjp
1895
2017-11-28
pjp
/* pjp - branch to pledge parser here */
1896
2019-02-24
pjp
imsg_type = IMSG_PARSE_MESSAGE;
1897
2019-02-24
pjp
1898
2019-02-24
pjp
if (imsg_compose(pibuf, imsg_type,
1899
2017-11-28
pjp
0, 0, -1, buf, len) < 0) {
1900
2017-11-28
pjp
dolog(LOG_INFO, "imsg_compose %s\n", strerror(errno));
1901
2017-11-28
pjp
}
1902
2017-11-28
pjp
msgbuf_write(&pibuf->w);
1903
2016-07-06
pjp
1904
2017-11-28
pjp
FD_ZERO(&rset);
1905
2017-11-28
pjp
FD_SET(pibuf->fd, &rset);
1906
2016-07-06
pjp
1907
2017-11-28
pjp
tv.tv_sec = 10;
1908
2017-11-28
pjp
tv.tv_usec = 0;
1909
2016-07-06
pjp
1910
2017-11-28
pjp
sel = select(pibuf->fd + 1, &rset, NULL, NULL, &tv);
1911
2017-11-28
pjp
1912
2017-11-28
pjp
if (sel < 0) {
1913
2017-11-28
pjp
dolog(LOG_ERR, "internal error around select, dropping packet\n");
1914
2017-08-09
pjp
goto drop;
1915
2016-07-06
pjp
}
1916
2016-07-06
pjp
1917
2017-11-28
pjp
if (sel == 0) {
1918
2017-11-28
pjp
dolog(LOG_ERR, "internal error, timeout on parse imsg, drop\n");
1919
2017-08-09
pjp
goto drop;
1920
2017-08-09
pjp
}
1921
2017-12-14
pjp
1922
2017-12-14
pjp
if (FD_ISSET(pibuf->fd, &rset)) {
1923
2017-11-28
pjp
1924
2017-12-14
pjp
if (((n = imsg_read(pibuf)) == -1 && errno != EAGAIN) || n == 0) {
1925
2017-12-14
pjp
dolog(LOG_ERR, "internal error, timeout on parse imsg, drop\n");
1926
2017-12-14
pjp
goto drop;
1927
2017-12-14
pjp
}
1928
2017-11-28
pjp
1929
2017-12-14
pjp
for (;;) {
1930
2017-12-14
pjp
1931
2017-12-14
pjp
if ((n = imsg_get(pibuf, &imsg)) == -1) {
1932
2017-12-14
pjp
break;
1933
2017-12-14
pjp
}
1934
2017-11-28
pjp
1935
2017-12-14
pjp
if (n == 0) {
1936
2017-12-14
pjp
break;
1937
2017-12-14
pjp
}
1938
2017-11-28
pjp
1939
2017-12-14
pjp
datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
1940
2017-11-28
pjp
1941
2017-12-14
pjp
switch (imsg.hdr.type) {
1942
2017-12-14
pjp
case IMSG_PARSEREPLY_MESSAGE:
1943
2017-12-14
pjp
if (datalen != sizeof(struct parsequestion)) {
1944
2017-12-14
pjp
dolog(LOG_ERR, "datalen != sizeof(struct parsequestion), can't work with this, drop\n");
1945
2017-12-14
pjp
goto drop;
1946
2017-12-14
pjp
}
1947
2017-12-14
pjp
1948
2017-12-14
pjp
memcpy((char *)&pq, imsg.data, datalen);
1949
2017-11-28
pjp
1950
2017-12-14
pjp
if (pq.rc != PARSE_RETURN_ACK) {
1951
2017-12-14
pjp
switch (pq.rc) {
1952
2017-12-14
pjp
case PARSE_RETURN_MALFORMED:
1953
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" malformed question from %s, drop\n", so, cfg->ident[i], address);
1954
2017-12-14
pjp
imsg_free(&imsg);
1955
2017-12-14
pjp
goto drop;
1956
2017-12-14
pjp
case PARSE_RETURN_NOQUESTION:
1957
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" header from %s has no question, drop\n", so, cfg->ident[i], address);
1958
2017-12-14
pjp
/* format error */
1959
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1960
2020-07-21
pjp
slen = reply_fmterror(&sreply, &sretlen, NULL);
1961
2017-12-14
pjp
dolog(LOG_INFO, "question on descriptor %d interface \"%s\" from %s, did not have question of 1 replying format error\n", so, cfg->ident[i], address);
1962
2017-12-14
pjp
imsg_free(&imsg);
1963
2017-12-14
pjp
goto drop;
1964
2017-12-14
pjp
case PARSE_RETURN_NOTAQUESTION:
1965
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" dns header from %s is not a question, drop\n", so, cfg->ident[i], address);
1966
2017-12-14
pjp
imsg_free(&imsg);
1967
2017-12-14
pjp
goto drop;
1968
2017-12-14
pjp
case PARSE_RETURN_NAK:
1969
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[i], address);
1970
2017-12-14
pjp
imsg_free(&imsg);
1971
2017-12-14
pjp
goto drop;
1972
2019-02-24
pjp
case PARSE_RETURN_NOTAUTH:
1973
2019-02-24
pjp
/* we didn't see a tsig header */
1974
2019-02-24
pjp
if (filter && pq.tsig.have_tsig == 0) {
1975
2020-06-29
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
1976
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
1977
2019-02-24
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) replying REFUSED, not a tsig\n", so, cfg->ident[i], address, received_ttl, aregion);
1978
2019-02-24
pjp
imsg_free(&imsg);
1979
2019-02-24
pjp
goto drop;
1980
2019-02-24
pjp
}
1981
2017-12-14
pjp
}
1982
2019-02-24
pjp
}
1983
2017-11-28
pjp
1984
2020-07-06
pjp
question = convert_question(&pq, 1);
1985
2017-12-14
pjp
if (question == NULL) {
1986
2017-12-14
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" internal error from %s, drop\n", so, cfg->ident[i], address);
1987
2017-12-14
pjp
imsg_free(&imsg);
1988
2017-12-14
pjp
goto drop;
1989
2017-12-14
pjp
}
1990
2019-02-24
pjp
1991
2017-12-14
pjp
1992
2017-12-14
pjp
1993
2017-12-14
pjp
break;
1994
2017-12-14
pjp
} /* switch */
1995
2017-12-14
pjp
1996
2017-11-28
pjp
imsg_free(&imsg);
1997
2017-12-14
pjp
} /* for (;;) */
1998
2017-12-14
pjp
} else { /* FD_ISSET */
1999
2017-12-14
pjp
goto drop;
2000
2017-12-14
pjp
}
2001
2017-12-14
pjp
2002
2017-12-14
pjp
/* goto drop beyond this point should goto out instead */
2003
2019-10-25
pjp
/* handle notifications */
2004
2019-10-25
pjp
if (question->notify) {
2005
2019-10-25
pjp
if (question->tsig.have_tsig && notifysource(question, (struct sockaddr_storage *)from) &&
2006
2019-10-25
pjp
question->tsig.tsigverified == 1) {
2007
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" authenticated dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[i], address);
2008
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
2009
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2010
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
2011
2019-11-04
pjp
2012
2019-11-04
pjp
/* send notify to replicant process */
2013
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
2014
2020-06-25
pjp
imsg_compose(udp_ibuf, IMSG_NOTIFY_MESSAGE,
2015
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
2016
2020-06-25
pjp
msgbuf_write(&udp_ibuf->w);
2017
2019-10-25
pjp
goto udpout;
2018
2019-10-25
pjp
2019
2019-10-25
pjp
} else if (question->tsig.have_tsig && question->tsig.tsigerrorcode != 0) {
2020
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" not authenticated dns NOTIFY packet (code = %d) from %s, replying notauth\n", so, cfg->ident[i], question->tsig.tsigerrorcode, address);
2021
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTAUTH");
2022
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2023
2020-07-21
pjp
slen = reply_notauth(&sreply, &sretlen, NULL);
2024
2019-10-25
pjp
goto udpout;
2025
2019-10-25
pjp
}
2026
2019-10-25
pjp
2027
2019-10-25
pjp
if (notifysource(question, (struct sockaddr_storage *)from)) {
2028
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[i], address);
2029
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
2030
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2031
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
2032
2019-11-04
pjp
/* send notify to replicant process */
2033
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
2034
2020-06-25
pjp
imsg_compose(udp_ibuf, IMSG_NOTIFY_MESSAGE,
2035
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
2036
2020-06-25
pjp
msgbuf_write(&udp_ibuf->w);
2037
2019-10-25
pjp
goto udpout;
2038
2019-10-25
pjp
} else {
2039
2019-10-25
pjp
/* RFC 1996 - 3.10 is probably broken reply REFUSED */
2040
2019-10-25
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" dns NOTIFY packet from %s, NOT in our list of MASTER servers replying REFUSED\n", so, cfg->ident[i], address);
2041
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
2042
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2043
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
2044
2019-10-25
pjp
2045
2019-10-25
pjp
goto udpout;
2046
2019-10-25
pjp
}
2047
2019-10-25
pjp
} /* if question->notify */
2048
2019-10-25
pjp
2049
2019-02-24
pjp
if (question->tsig.have_tsig && question->tsig.tsigerrorcode != 0) {
2050
2019-02-24
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" not authenticated dns packet (code = %d) from %s, replying notauth\n", so, cfg->ident[i], question->tsig.tsigerrorcode, address);
2051
2019-02-24
pjp
snprintf(replystring, DNS_MAXNAME, "NOTAUTH");
2052
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2053
2020-07-21
pjp
slen = reply_notauth(&sreply, &sretlen, NULL);
2054
2019-02-24
pjp
goto udpout;
2055
2019-02-24
pjp
}
2056
2017-08-09
pjp
/* hack around whether we're edns version 0 */
2057
2017-08-09
pjp
if (question->ednsversion != 0) {
2058
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2059
2020-07-21
pjp
slen = reply_badvers(&sreply, &sretlen, NULL);
2060
2016-07-06
pjp
2061
2019-02-24
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" edns version is %u from %s, replying badvers\n", so, cfg->ident[i], question->ednsversion, address);
2062
2017-08-09
pjp
2063
2017-08-09
pjp
snprintf(replystring, DNS_MAXNAME, "BADVERS");
2064
2017-08-09
pjp
goto udpout;
2065
2016-07-06
pjp
}
2066
2016-07-06
pjp
2067
2019-02-18
pjp
if (ntohs(question->hdr->qclass) == DNS_CLASS_CH &&
2068
2019-02-18
pjp
ntohs(question->hdr->qtype) == DNS_TYPE_TXT &&
2069
2019-02-18
pjp
strcasecmp(question->converted_name, "version.bind.") == 0) {
2070
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "VERSION");
2071
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2072
2020-07-21
pjp
slen = reply_version(&sreply, &sretlen, NULL);
2073
2019-02-18
pjp
goto udpout;
2074
2019-02-18
pjp
}
2075
2019-02-18
pjp
2076
2016-07-06
pjp
fakequestion = NULL;
2077
2016-07-06
pjp
2078
2020-01-16
pjp
rbt0 = lookup_zone(cfg->db, question, &type0, &lzerrno, (char *)&replystring, sizeof(replystring));
2079
2016-07-06
pjp
if (type0 < 0) {
2080
2016-07-06
pjp
switch (lzerrno) {
2081
2016-07-06
pjp
default:
2082
2016-07-06
pjp
dolog(LOG_INFO, "invalid lzerrno! dropping\n");
2083
2016-07-06
pjp
/* FALLTHROUGH */
2084
2016-07-06
pjp
case ERR_DROP:
2085
2016-07-06
pjp
snprintf(replystring, DNS_MAXNAME, "DROP");
2086
2019-10-25
pjp
slen = 0;
2087
2017-08-09
pjp
goto udpout;
2088
2016-07-06
pjp
case ERR_REFUSED:
2089
2016-07-06
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
2090
2017-08-09
pjp
2091
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt0, NULL, aregion, istcp, 0, replybuf);
2092
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
2093
2017-08-09
pjp
goto udpout;
2094
2016-07-06
pjp
break;
2095
2016-07-06
pjp
case ERR_NXDOMAIN:
2096
2019-02-18
pjp
/*
2097
2019-02-18
pjp
* lookup_zone could not find an RR for the
2098
2019-02-18
pjp
* question at all -> nxdomain
2099
2019-02-18
pjp
*/
2100
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "NXDOMAIN");
2101
2019-02-18
pjp
2102
2019-02-18
pjp
/*
2103
2019-02-18
pjp
* lookup an authoritative soa
2104
2019-02-18
pjp
*/
2105
2019-02-18
pjp
2106
2019-02-18
pjp
if (rbt0 != NULL) {
2107
2019-02-18
pjp
build_reply(&sreply, so, buf, len, question, from, \
2108
2019-02-18
pjp
fromlen, rbt0, NULL, aregion, istcp, \
2109
2020-06-29
pjp
0, replybuf);
2110
2019-02-18
pjp
2111
2020-07-21
pjp
slen = reply_nxdomain(&sreply, &sretlen, cfg->db);
2112
2019-02-18
pjp
}
2113
2019-02-18
pjp
goto udpout;
2114
2019-02-18
pjp
break;
2115
2019-02-18
pjp
2116
2019-02-18
pjp
case ERR_NODATA:
2117
2019-02-18
pjp
if (rbt1) {
2118
2019-02-18
pjp
rbt1 = NULL;
2119
2019-02-18
pjp
}
2120
2019-02-18
pjp
2121
2019-02-18
pjp
rbt1 = get_soa(cfg->db, question);
2122
2019-02-18
pjp
if (rbt1 != NULL) {
2123
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "NODATA");
2124
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
2125
2020-07-21
pjp
slen = reply_nodata(&sreply, &sretlen, cfg->db);
2126
2017-01-09
pjp
} else {
2127
2020-07-03
pjp
if (forward)
2128
2020-07-03
pjp
goto forwardudp;
2129
2020-06-29
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
2130
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, cfg->db);
2131
2019-02-24
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
2132
2017-01-09
pjp
}
2133
2019-02-18
pjp
goto udpout;
2134
2019-02-18
pjp
break;
2135
2020-06-30
pjp
2136
2020-06-30
pjp
case ERR_FORWARD:
2137
2020-07-03
pjp
forwardudp:
2138
2020-07-01
pjp
if (forwardtsig) {
2139
2020-07-01
pjp
if (question->tsig.have_tsig &&
2140
2020-07-01
pjp
question->tsig.tsigverified) {
2141
2020-07-01
pjp
snprintf(replystring, DNS_MAXNAME, "FORWARD");
2142
2020-07-01
pjp
} else {
2143
2020-07-01
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
2144
2020-07-01
pjp
build_reply(&sreply, so, buf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
2145
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, cfg->db);
2146
2020-07-01
pjp
goto udpout;
2147
2020-07-01
pjp
}
2148
2020-07-01
pjp
} else
2149
2020-07-01
pjp
snprintf(replystring, DNS_MAXNAME, "FORWARD");
2150
2020-07-01
pjp
2151
2020-06-30
pjp
/* send query to forward process/cortex */
2152
2020-06-30
pjp
2153
2020-06-30
pjp
if (len > 4000) {
2154
2020-06-30
pjp
dolog(LOG_INFO, "question is larger than 4000 bytes, not forwarding\n");
2155
2020-06-30
pjp
goto udpout;
2156
2020-06-30
pjp
}
2157
2020-06-30
pjp
2158
2020-07-03
pjp
memset(sforward, 0, sizeof(struct sforward));
2159
2020-07-03
pjp
sforward->oldsel = oldsel;
2160
2020-07-03
pjp
2161
2020-07-01
pjp
switch (from->sa_family) {
2162
2020-07-01
pjp
case AF_INET:
2163
2020-07-03
pjp
sforward->rport = sin->sin_port;
2164
2020-07-03
pjp
memcpy((char *)&sforward->from4, sin, fromlen);
2165
2020-07-03
pjp
sforward->family = AF_INET;
2166
2020-07-03
pjp
2167
2020-07-01
pjp
break;
2168
2020-07-01
pjp
case AF_INET6:
2169
2020-07-03
pjp
sforward->rport = sin6->sin6_port;
2170
2020-07-03
pjp
memcpy((char *)&sforward->from6, sin6, fromlen);
2171
2020-07-03
pjp
sforward->family = AF_INET6;
2172
2020-07-03
pjp
2173
2020-07-01
pjp
break;
2174
2020-07-01
pjp
}
2175
2020-07-01
pjp
2176
2020-07-16
pjp
memcpy(&sforward->buf, question->hdr->original_name, question->hdr->namelen);
2177
2020-07-03
pjp
sforward->buflen = question->hdr->namelen;
2178
2020-07-03
pjp
2179
2020-07-03
pjp
memcpy((char *)&sforward->header, buf, sizeof(struct dns_header));
2180
2020-07-03
pjp
sforward->type = question->hdr->qtype;
2181
2020-07-03
pjp
sforward->class = question->hdr->qclass;
2182
2020-07-03
pjp
sforward->edns0len = question->edns0len;
2183
2020-07-04
pjp
sforward->dnssecok = question->dnssecok;
2184
2020-06-30
pjp
2185
2020-07-03
pjp
if (question->tsig.have_tsig && question->tsig.tsigverified) {
2186
2020-07-03
pjp
sforward->havemac = 1;
2187
2020-07-03
pjp
memcpy((char *)&sforward->tsigname, question->tsig.tsigkey, question->tsig.tsigkeylen);
2188
2020-07-03
pjp
sforward->tsignamelen = question->tsig.tsigkeylen;
2189
2020-07-03
pjp
memcpy(&sforward->mac, question->tsig.tsigmac, sizeof(sforward->mac));
2190
2020-07-03
pjp
sforward->tsigtimefudge = question->tsig.tsig_timefudge;
2191
2020-07-03
pjp
} else
2192
2020-07-03
pjp
sforward->havemac = 0;
2193
2020-07-01
pjp
2194
2020-07-10
pjp
sforward->gotit = time(NULL);
2195
2020-07-12
pjp
memcpy(&sf.sfi_sf, sforward, sizeof(struct sforward));
2196
2020-07-10
pjp
2197
2020-07-10
pjp
/* wait for lock */
2198
2020-07-12
pjp
while (cfg->shptr[cfg->shptrsize - 16] == '*') {
2199
2020-07-10
pjp
usleep(arc4random() % 300);
2200
2020-07-10
pjp
}
2201
2020-07-10
pjp
2202
2020-07-12
pjp
cfg->shptr[cfg->shptrsize - 16] = '*'; /* nice semaphore eh? */
2203
2020-07-10
pjp
2204
2020-07-12
pjp
for (sfi = (struct sf_imsg *)&cfg->shptr[0], ix = 0;
2205
2020-07-10
pjp
ix < SHAREDMEMSIZE; ix++, sfi++) {
2206
2020-07-12
pjp
if (unpack32((char *)&sfi->u.s.read) == 1) {
2207
2020-07-10
pjp
memcpy(sfi, &sf, sizeof(struct sf_imsg));
2208
2020-07-12
pjp
pack32((char *)&sfi->u.s.read, 0);
2209
2020-07-10
pjp
break;
2210
2020-07-10
pjp
}
2211
2020-07-10
pjp
}
2212
2020-07-10
pjp
2213
2020-07-10
pjp
if (ix == SHAREDMEMSIZE) {
2214
2020-07-10
pjp
dolog(LOG_INFO, "delphinusdnsd udp: can't find an open slot in sharedmemsize\n");
2215
2020-07-10
pjp
goto udpout;
2216
2020-07-10
pjp
}
2217
2020-07-10
pjp
2218
2020-07-12
pjp
cfg->shptr[cfg->shptrsize - 16] = ' ';
2219
2020-07-10
pjp
2220
2020-07-03
pjp
imsg_compose(udp_ibuf, IMSG_FORWARD_UDP,
2221
2020-07-10
pjp
0, 0, -1, &ix, sizeof(int));
2222
2020-07-03
pjp
2223
2020-07-03
pjp
msgbuf_write(&udp_ibuf->w);
2224
2020-06-30
pjp
goto udpout;
2225
2020-06-30
pjp
break;
2226
2020-06-30
pjp
2227
2019-02-18
pjp
case ERR_NOERROR:
2228
2016-07-06
pjp
/*
2229
2019-02-18
pjp
* this is hackish not sure if this should be here
2230
2016-07-06
pjp
*/
2231
2016-07-06
pjp
2232
2019-02-18
pjp
snprintf(replystring, DNS_MAXNAME, "NOERROR");
2233
2019-02-18
pjp
2234
2019-02-18
pjp
/*
2235
2019-02-18
pjp
* lookup an authoritative soa
2236
2016-07-06
pjp
*/
2237
2019-02-18
pjp
2238
2019-02-18
pjp
if (rbt0) {
2239
2019-02-18
pjp
rbt0 = NULL;
2240
2019-02-18
pjp
}
2241
2019-02-18
pjp
2242
2019-02-18
pjp
rbt0 = get_soa(cfg->db, question);
2243
2019-02-15
pjp
if (rbt0 != NULL) {
2244
2019-02-18
pjp
build_reply(&sreply, so, buf, len, question, from, \
2245
2019-02-18
pjp
fromlen, rbt0, NULL, aregion, istcp, 0,
2246
2020-06-29
pjp
replybuf);
2247
2019-02-15
pjp
2248
2020-07-21
pjp
slen = reply_noerror(&sreply, &sretlen, cfg->db);
2249
2019-02-24
pjp
2250
2019-02-24
pjp
goto udpout;
2251
2019-02-18
pjp
}
2252
2019-02-18
pjp
2253
2019-02-24
pjp
snprintf(replystring, DNS_MAXNAME, "DROP");
2254
2019-10-25
pjp
slen = 0;
2255
2019-10-25
pjp
goto udpout;
2256
2019-10-30
pjp
2257
2019-10-30
pjp
case ERR_DELEGATE:
2258
2019-10-30
pjp
if (rbt0 != NULL) {
2259
2019-10-30
pjp
build_reply(&sreply, so, buf, len, question, from, \
2260
2019-10-30
pjp
fromlen, rbt0, NULL, aregion, istcp, \
2261
2020-06-29
pjp
0, replybuf);
2262
2019-10-30
pjp
2263
2020-07-21
pjp
slen = reply_ns(&sreply, &sretlen, cfg->db);
2264
2019-10-30
pjp
} else {
2265
2019-10-30
pjp
slen = 0;
2266
2019-10-30
pjp
snprintf(replystring, DNS_MAXNAME, "DROP");
2267
2019-10-30
pjp
}
2268
2019-10-30
pjp
2269
2019-10-30
pjp
goto udpout;
2270
2019-10-30
pjp
break;
2271
2019-10-30
pjp
2272
2019-02-18
pjp
}
2273
2019-02-18
pjp
}
2274
2019-02-18
pjp
2275
2019-02-18
pjp
switch (type0) {
2276
2016-07-06
pjp
case DNS_TYPE_CNAME:
2277
2019-02-15
pjp
csd = find_rr(rbt0, DNS_TYPE_SOA);
2278
2019-02-15
pjp
if (csd == NULL)
2279
2019-02-15
pjp
break;
2280
2019-02-15
pjp
2281
2019-02-15
pjp
rr_csd = TAILQ_FIRST(&csd->rr_head);
2282
2019-02-15
pjp
if (rr_csd == NULL)
2283
2019-02-15
pjp
break;
2284
2019-02-15
pjp
2285
2019-02-26
pjp
fakequestion = build_fake_question(((struct cname *)rr_csd)->cname, ((struct cname *)rr_csd)->cnamelen, question->hdr->qtype, NULL, 0);
2286
2016-07-06
pjp
if (fakequestion == NULL) {
2287
2016-07-06
pjp
dolog(LOG_INFO, "fakequestion failed\n");
2288
2016-07-06
pjp
break;
2289
2016-07-06
pjp
}
2290
2016-07-06
pjp
2291
2020-01-16
pjp
rbt1 = lookup_zone(cfg->db, fakequestion, &type1, &lzerrno, (char *)&fakereplystring, sizeof(fakereplystring));
2292
2016-07-06
pjp
/* break CNAMES pointing to CNAMES */
2293
2016-07-06
pjp
if (type1 == DNS_TYPE_CNAME)
2294
2016-07-06
pjp
type1 = 0;
2295
2016-07-06
pjp
2296
2016-07-06
pjp
break;
2297
2016-07-06
pjp
default:
2298
2016-07-06
pjp
2299
2016-07-06
pjp
break;
2300
2016-07-06
pjp
}
2301
2016-07-06
pjp
2302
2016-07-06
pjp
/*
2303
2016-07-06
pjp
* Allow CLASS IN, CHAOS and others are
2304
2016-07-06
pjp
* not implemented and so we build a reply for
2305
2016-07-06
pjp
* that and go out.
2306
2016-07-06
pjp
*/
2307
2016-07-06
pjp
2308
2016-07-06
pjp
switch (ntohs(question->hdr->qclass)) {
2309
2016-07-06
pjp
case DNS_CLASS_IN:
2310
2016-07-06
pjp
break;
2311
2016-07-06
pjp
default:
2312
2017-08-09
pjp
build_reply(&sreply, so, buf, len, question, from, \
2313
2017-08-09
pjp
fromlen, NULL, NULL, aregion, istcp, 0, \
2314
2020-06-29
pjp
replybuf);
2315
2016-07-06
pjp
2316
2020-07-21
pjp
slen = reply_notimpl(&sreply, &sretlen, NULL);
2317
2016-07-06
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIMPL");
2318
2017-08-09
pjp
goto udpout;
2319
2016-07-06
pjp
}
2320
2016-07-06
pjp
2321
2019-01-25
pjp
for (rl = &rlogic[0]; rl->rrtype != 0; rl++) {
2322
2019-01-25
pjp
if (rl->rrtype == ntohs(question->hdr->qtype)) {
2323
2019-01-25
pjp
if (rl->type0 == type0) {
2324
2019-01-25
pjp
switch (rl->buildtype) {
2325
2019-01-25
pjp
case BUILD_CNAME:
2326
2019-01-25
pjp
build_reply(&sreply, so, buf, len, question,
2327
2019-02-15
pjp
from, fromlen, rbt0, ((type1 > 0) ? rbt1 :
2328
2020-06-29
pjp
NULL), aregion, istcp, 0, replybuf);
2329
2019-01-25
pjp
break;
2330
2019-01-25
pjp
case BUILD_OTHER:
2331
2019-01-25
pjp
build_reply(&sreply, so, buf, len, question,
2332
2019-02-15
pjp
from, fromlen, rbt0, NULL, aregion, istcp,
2333
2020-06-29
pjp
0, replybuf);
2334
2019-01-25
pjp
break;
2335
2019-01-25
pjp
}
2336
2019-01-25
pjp
} else {
2337
2019-01-25
pjp
continue;
2338
2019-01-25
pjp
}
2339
2019-01-25
pjp
2340
2020-07-21
pjp
slen = (*rl->reply)(&sreply, &sretlen, cfg->db);
2341
2016-07-06
pjp
break;
2342
2019-01-25
pjp
} /* if rl->rrtype == */
2343
2019-01-25
pjp
}
2344
2016-07-06
pjp
2345
2019-01-25
pjp
if (rl->rrtype == 0) {
2346
2017-08-09
pjp
/*
2347
2017-08-09
pjp
* ANY unkown RR TYPE gets a NOTIMPL
2348
2017-08-09
pjp
*/
2349
2017-08-09
pjp
/*
2350
2017-08-09
pjp
* except for delegations
2351
2017-08-09
pjp
*/
2352
2017-08-09
pjp
2353
2017-08-09
pjp
if (type0 == DNS_TYPE_NS) {
2354
2016-07-06
pjp
2355
2017-08-09
pjp
build_reply(&sreply, so, buf, len, question, from, \
2356
2019-02-15
pjp
fromlen, rbt0, NULL, aregion, istcp, 0, \
2357
2020-06-29
pjp
replybuf);
2358
2016-07-06
pjp
2359
2020-07-21
pjp
slen = reply_ns(&sreply, &sretlen, cfg->db);
2360
2017-08-09
pjp
} else {
2361
2016-07-06
pjp
2362
2016-07-06
pjp
2363
2017-08-09
pjp
build_reply(&sreply, so, buf, len, question, from, \
2364
2017-08-09
pjp
fromlen, NULL, NULL, aregion, istcp, 0, \
2365
2020-06-29
pjp
replybuf);
2366
2016-07-06
pjp
2367
2020-07-21
pjp
slen = reply_notimpl(&sreply, &sretlen, NULL);
2368
2017-08-09
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIMPL");
2369
2017-08-09
pjp
}
2370
2017-08-09
pjp
}
2371
2017-08-09
pjp
2372
2017-08-09
pjp
udpout:
2373
2017-08-09
pjp
if (lflag) {
2374
2020-07-25
pjp
double diffms;
2375
2016-07-06
pjp
2376
2020-07-25
pjp
gettimeofday(&rectv1, NULL);
2377
2020-07-25
pjp
if (rectv1.tv_sec - rectv0.tv_sec > 0) {
2378
2020-07-25
pjp
rectv1.tv_usec += 1000000;
2379
2020-07-25
pjp
rectv1.tv_sec--;
2380
2020-07-25
pjp
}
2381
2020-07-25
pjp
diffms = (((double)rectv1.tv_sec - (double)rectv0.tv_sec) \
2382
2020-07-25
pjp
* 1000) + \
2383
2020-07-25
pjp
(double)(rectv1.tv_usec - rectv0.tv_usec) / 1000;
2384
2020-07-25
pjp
2385
2020-07-25
pjp
dolog(LOG_INFO, "request on descriptor %u interface \"%s\" from %s (ttl=%u, region=%d, tta=%2.3fms) for \"%s\" type=%s class=%u, %s%s%sanswering \"%s\" (%d/%d)\n", so, cfg->ident[i], address, received_ttl, aregion, diffms, question->converted_name, get_dns_type(ntohs(question->hdr->qtype), 1), ntohs(question->hdr->qclass), (question->edns0len ? "edns0, " : ""), (question->dnssecok ? "dnssecok, " : ""), (question->tsig.tsigverified ? "tsig, " : "") , replystring, len, slen);
2386
2020-07-25
pjp
2387
2017-08-09
pjp
}
2388
2016-07-06
pjp
2389
2017-08-09
pjp
if (fakequestion != NULL) {
2390
2017-08-09
pjp
free_question(fakequestion);
2391
2017-08-09
pjp
}
2392
2017-08-09
pjp
2393
2017-08-09
pjp
free_question(question);
2394
2016-07-06
pjp
2395
2019-02-15
pjp
if (rbt0) {
2396
2019-02-15
pjp
rbt0 = NULL;
2397
2017-08-09
pjp
}
2398
2019-02-15
pjp
if (rbt1) {
2399
2019-02-15
pjp
rbt1 = NULL;
2400
2017-08-09
pjp
}
2401
2016-07-06
pjp
2402
2017-08-09
pjp
} /* END ISSET */
2403
2016-07-06
pjp
2404
2017-08-09
pjp
} /* for */
2405
2016-07-06
pjp
2406
2017-08-09
pjp
drop:
2407
2017-08-09
pjp
2408
2019-02-15
pjp
if (rbt0) {
2409
2019-02-15
pjp
rbt0 = NULL;
2410
2017-08-09
pjp
}
2411
2016-07-06
pjp
2412
2019-02-15
pjp
if (rbt1) {
2413
2019-02-15
pjp
rbt1 = NULL;
2414
2017-08-09
pjp
}
2415
2016-07-06
pjp
2416
2017-08-09
pjp
continue;
2417
2017-08-09
pjp
} /* for (;;) */
2418
2016-07-06
pjp
2419
2017-08-09
pjp
/* NOTREACHED */
2420
2017-08-09
pjp
}
2421
2016-07-06
pjp
2422
2017-08-09
pjp
/*
2423
2017-08-09
pjp
* BUILD_REPLY - a function that populates struct reply from arguments, doesn't
2424
2017-08-09
pjp
* return anything. This replaces the alias BUILD_REPLY.
2425
2017-08-09
pjp
*
2426
2017-08-09
pjp
*/
2427
2016-07-06
pjp
2428
2017-08-09
pjp
void
2429
2020-06-29
pjp
build_reply(struct sreply *reply, int so, char *buf, int len, struct question *q, struct sockaddr *sa, socklen_t slen, struct rbtree *rbt1, struct rbtree *rbt2, u_int8_t region, int istcp, int deprecated0, char *replybuf)
2430
2017-08-09
pjp
{
2431
2017-08-09
pjp
reply->so = so;
2432
2017-08-09
pjp
reply->buf = buf;
2433
2017-08-09
pjp
reply->len = len;
2434
2017-08-09
pjp
reply->q = q;
2435
2017-08-09
pjp
reply->sa = sa;
2436
2017-08-09
pjp
reply->salen = slen;
2437
2019-02-15
pjp
reply->rbt1 = rbt1;
2438
2019-02-15
pjp
reply->rbt2 = rbt2;
2439
2017-08-09
pjp
reply->region = region;
2440
2017-08-09
pjp
reply->istcp = istcp;
2441
2017-08-09
pjp
reply->wildcard = 0;
2442
2017-08-09
pjp
reply->replybuf = replybuf;
2443
2016-07-06
pjp
2444
2017-08-09
pjp
return;
2445
2017-08-09
pjp
}
2446
2017-08-09
pjp
2447
2016-07-06
pjp
2448
2017-08-09
pjp
/*
2449
2017-08-09
pjp
* The master process, waits to be killed, if any other processes are killed
2450
2017-08-09
pjp
* and they indicate shutdown through the shared memory segment it will kill
2451
2017-08-09
pjp
* the rest of processes in the parent group.
2452
2017-08-09
pjp
*/
2453
2016-07-06
pjp
2454
2017-08-09
pjp
void
2455
2019-01-29
pjp
setup_master(ddDB *db, char **av, char *socketpath, struct imsgbuf *ibuf)
2456
2017-08-09
pjp
{
2457
2017-08-09
pjp
pid_t pid;
2458
2017-08-09
pjp
int sel, max = 0;
2459
2016-07-06
pjp
2460
2017-08-09
pjp
ssize_t n;
2461
2017-08-09
pjp
fd_set rset;
2462
2016-07-06
pjp
2463
2017-08-09
pjp
struct timeval tv;
2464
2017-08-09
pjp
struct imsg imsg;
2465
2016-07-06
pjp
2466
2017-08-09
pjp
#if __OpenBSD__
2467
2019-01-29
pjp
if (unveil(socketpath, "rwc") < 0) {
2468
2018-10-19
pjp
perror("unveil");
2469
2017-08-09
pjp
exit(1);
2470
2017-08-09
pjp
}
2471
2018-10-19
pjp
if (unveil("/usr/local/sbin/delphinusdnsd", "rx") < 0) {
2472
2018-10-19
pjp
perror("unveil");
2473
2017-08-09
pjp
exit(1);
2474
2017-08-09
pjp
}
2475
2018-10-19
pjp
if (pledge("stdio wpath cpath exec proc", NULL) < 0) {
2476
2018-10-19
pjp
perror("pledge");
2477
2017-08-09
pjp
exit(1);
2478
2017-08-09
pjp
}
2479
2018-10-19
pjp
#endif
2480
2017-08-09
pjp
2481
2019-12-19
pjp
#ifndef NO_SETPROCTITLE
2482
2019-01-30
pjp
setproctitle("master");
2483
2019-12-19
pjp
#endif
2484
2018-10-19
pjp
2485
2017-08-09
pjp
pid = getpid();
2486
2016-07-06
pjp
2487
2017-08-09
pjp
signal(SIGTERM, master_shutdown);
2488
2017-08-09
pjp
signal(SIGINT, master_shutdown);
2489
2017-08-09
pjp
signal(SIGQUIT, master_shutdown);
2490
2017-08-09
pjp
signal(SIGHUP, master_reload);
2491
2016-07-06
pjp
2492
2017-08-09
pjp
FD_ZERO(&rset);
2493
2017-08-09
pjp
for (;;) {
2494
2019-01-29
pjp
tv.tv_sec = 1;
2495
2017-08-09
pjp
tv.tv_usec = 0;
2496
2016-07-06
pjp
2497
2017-08-09
pjp
FD_SET(ibuf->fd, &rset);
2498
2017-08-09
pjp
if (ibuf->fd > max)
2499
2017-08-09
pjp
max = ibuf->fd;
2500
2017-08-09
pjp
2501
2017-08-09
pjp
sel = select(max + 1, &rset, NULL, NULL, &tv);
2502
2017-08-09
pjp
/* on signal or timeout check...*/
2503
2017-08-09
pjp
if (sel < 1) {
2504
2017-08-09
pjp
if (*ptr) {
2505
2017-08-09
pjp
dolog(LOG_INFO, "pid %u died, killing delphinusdnsd\n", *ptr);
2506
2017-08-09
pjp
master_shutdown(SIGTERM);
2507
2017-08-09
pjp
}
2508
2016-07-06
pjp
2509
2017-08-09
pjp
if (mshutdown) {
2510
2017-08-09
pjp
dolog(LOG_INFO, "shutting down on signal %d\n", msig);
2511
2019-11-04
pjp
if (! debug)
2512
2019-11-04
pjp
unlink(socketpath);
2513
2016-07-06
pjp
2514
2017-08-09
pjp
pid = getpgrp();
2515
2017-08-09
pjp
killpg(pid, msig);
2516
2016-07-06
pjp
2517
2017-08-09
pjp
exit(0);
2518
2017-08-09
pjp
}
2519
2016-07-06
pjp
2520
2017-08-09
pjp
if (reload) {
2521
2017-08-09
pjp
signal(SIGTERM, SIG_IGN);
2522
2016-07-06
pjp
2523
2017-08-09
pjp
pid = getpgrp();
2524
2017-08-09
pjp
killpg(pid, SIGTERM);
2525
2020-06-25
pjp
if (munmap(ptr, sizeof(pid_t)) < 0) {
2526
2017-08-09
pjp
dolog(LOG_ERR, "munmap: %s\n", strerror(errno));
2527
2017-08-09
pjp
}
2528
2017-08-09
pjp
2529
2019-11-04
pjp
if (! debug)
2530
2019-11-04
pjp
unlink(socketpath);
2531
2016-07-06
pjp
2532
2019-01-29
pjp
dolog(LOG_INFO, "restarting on SIGHUP or command\n");
2533
2016-07-06
pjp
2534
2017-08-09
pjp
closelog();
2535
2019-12-19
pjp
#ifndef NO_SETPROCTITLE
2536
2019-12-07
pjp
#if __linux__
2537
2019-12-07
pjp
setproctitle(NULL);
2538
2019-12-07
pjp
#endif
2539
2019-12-19
pjp
#endif
2540
2017-08-09
pjp
if (execvp("/usr/local/sbin/delphinusdnsd", av) < 0) {
2541
2017-08-09
pjp
dolog(LOG_ERR, "execvp: %s\n", strerror(errno));
2542
2017-08-09
pjp
}
2543
2017-08-09
pjp
/* NOTREACHED */
2544
2017-08-09
pjp
exit(1);
2545
2017-08-09
pjp
}
2546
2017-08-09
pjp
continue;
2547
2017-08-09
pjp
}
2548
2017-08-09
pjp
2549
2017-08-09
pjp
if (FD_ISSET(ibuf->fd, &rset)) {
2550
2016-07-06
pjp
2551
2017-08-09
pjp
if ((n = imsg_read(ibuf)) < 0 && errno != EAGAIN) {
2552
2017-08-09
pjp
dolog(LOG_ERR, "imsg read failure %s\n", strerror(errno));
2553
2017-08-09
pjp
continue;
2554
2017-08-09
pjp
}
2555
2017-08-09
pjp
if (n == 0) {
2556
2017-08-09
pjp
/* child died? */
2557
2020-07-08
pjp
dolog(LOG_INFO, "sigpipe on child? delphinusdnsd master process exiting.\n");
2558
2017-08-09
pjp
exit(1);
2559
2017-08-09
pjp
}
2560
2016-07-06
pjp
2561
2017-08-09
pjp
for (;;) {
2562
2017-08-09
pjp
if ((n = imsg_get(ibuf, &imsg)) < 0) {
2563
2017-08-09
pjp
dolog(LOG_ERR, "imsg read error: %s\n", strerror(errno));
2564
2017-08-09
pjp
break;
2565
2017-08-09
pjp
} else {
2566
2017-08-09
pjp
if (n == 0)
2567
2016-07-06
pjp
break;
2568
2016-07-06
pjp
2569
2017-08-09
pjp
switch(imsg.hdr.type) {
2570
2017-08-09
pjp
case IMSG_HELLO_MESSAGE:
2571
2017-08-09
pjp
/* dolog(LOG_DEBUG, "received hello from child\n"); */
2572
2017-08-09
pjp
break;
2573
2019-01-29
pjp
case IMSG_RELOAD_MESSAGE:
2574
2019-01-29
pjp
reload = 1;
2575
2019-01-29
pjp
break;
2576
2019-01-29
pjp
case IMSG_SHUTDOWN_MESSAGE:
2577
2020-06-25
pjp
#if DEBUG
2578
2020-06-25
pjp
dolog(LOG_INFO, "received shutdown from cortex\n");
2579
2020-06-25
pjp
#endif
2580
2019-01-29
pjp
mshutdown = 1;
2581
2019-01-29
pjp
msig = SIGTERM;
2582
2019-01-29
pjp
break;
2583
2016-07-06
pjp
}
2584
2016-07-06
pjp
2585
2017-08-09
pjp
imsg_free(&imsg);
2586
2017-08-09
pjp
}
2587
2017-08-09
pjp
} /* for (;;) */
2588
2017-08-09
pjp
} /* FD_ISSET... */
2589
2017-08-09
pjp
} /* for (;;) */
2590
2016-07-06
pjp
2591
2017-08-09
pjp
/* NOTREACHED */
2592
2017-08-09
pjp
}
2593
2016-07-06
pjp
2594
2017-08-09
pjp
/*
2595
2017-08-09
pjp
* master_shutdown - unlink pid file and kill parent group
2596
2017-08-09
pjp
*/
2597
2016-07-06
pjp
2598
2017-08-09
pjp
void
2599
2017-08-09
pjp
master_shutdown(int sig)
2600
2017-08-09
pjp
{
2601
2017-08-09
pjp
msig = sig;
2602
2017-08-09
pjp
mshutdown = 1;
2603
2017-08-09
pjp
}
2604
2016-07-06
pjp
2605
2017-08-09
pjp
/*
2606
2020-06-25
pjp
* ddd_signal - delphinusdnsd got a signal, call ddd_shutdown and exit..
2607
2017-08-09
pjp
*/
2608
2016-07-06
pjp
2609
2017-08-09
pjp
void
2610
2020-06-25
pjp
ddd_signal(int sig)
2611
2017-08-09
pjp
{
2612
2020-06-25
pjp
ddd_shutdown();
2613
2017-08-09
pjp
dolog(LOG_INFO, "shutting down on signal\n");
2614
2017-08-09
pjp
exit(1);
2615
2017-08-09
pjp
}
2616
2016-07-06
pjp
2617
2017-08-09
pjp
/*
2618
2017-08-09
pjp
* master_reload - reload the delphinusdnsd system
2619
2017-08-09
pjp
*/
2620
2016-07-06
pjp
2621
2017-08-09
pjp
void
2622
2017-08-09
pjp
master_reload(int sig)
2623
2017-08-09
pjp
{
2624
2017-08-09
pjp
reload = 1;
2625
2017-08-09
pjp
}
2626
2016-07-06
pjp
2627
2017-08-09
pjp
2628
2017-08-09
pjp
/*
2629
2017-08-09
pjp
* TCPLOOP - does the polling of tcp descriptors and if ready receives the
2630
2017-08-09
pjp
* requests, builds the question and calls for replies, loops
2631
2017-08-09
pjp
*
2632
2017-08-09
pjp
*/
2633
2017-03-14
pjp
2634
2017-08-09
pjp
void
2635
2020-07-03
pjp
tcploop(struct cfg *cfg, struct imsgbuf *ibuf, struct imsgbuf *cortex)
2636
2017-08-09
pjp
{
2637
2017-08-09
pjp
fd_set rset;
2638
2017-08-09
pjp
int sel;
2639
2020-01-14
pjp
int len, slen = 0;
2640
2017-08-09
pjp
int i;
2641
2017-08-09
pjp
int istcp = 1;
2642
2017-08-09
pjp
int maxso;
2643
2017-08-09
pjp
int so;
2644
2017-08-09
pjp
int type0, type1;
2645
2017-08-09
pjp
int lzerrno;
2646
2017-08-09
pjp
int filter = 0;
2647
2020-07-16
pjp
int blocklist = 1;
2648
2019-02-24
pjp
int require_tsig = 0;
2649
2017-08-09
pjp
int axfr_acl = 0;
2650
2020-06-25
pjp
pid_t idata;
2651
2019-06-17
pjp
uint conncnt = 0;
2652
2019-06-07
pjp
int tcpflags;
2653
2017-11-28
pjp
pid_t pid;
2654
2016-07-06
pjp
2655
2017-08-09
pjp
u_int8_t aregion; /* region where the address comes from */
2656
2016-07-06
pjp
2657
2017-08-09
pjp
char *pbuf;
2658
2017-08-09
pjp
char *replybuf = NULL;
2659
2017-08-09
pjp
char address[INET6_ADDRSTRLEN];
2660
2017-08-09
pjp
char replystring[DNS_MAXNAME + 1];
2661
2017-08-09
pjp
char fakereplystring[DNS_MAXNAME + 1];
2662
2017-08-09
pjp
2663
2017-08-09
pjp
union {
2664
2017-08-09
pjp
struct sockaddr sa;
2665
2017-08-09
pjp
struct sockaddr_in sin;
2666
2017-08-09
pjp
struct sockaddr_in6 sin6;
2667
2017-08-09
pjp
} sockaddr_large;
2668
2017-08-09
pjp
2669
2017-08-09
pjp
socklen_t fromlen = sizeof(sockaddr_large);
2670
2017-08-09
pjp
2671
2017-08-09
pjp
struct sockaddr *from = (void *)&sockaddr_large;
2672
2017-08-09
pjp
struct sockaddr_in *sin;
2673
2017-08-09
pjp
struct sockaddr_in6 *sin6;
2674
2017-08-09
pjp
2675
2017-08-09
pjp
struct question *question = NULL, *fakequestion = NULL;
2676
2019-02-15
pjp
struct rbtree *rbt0 = NULL, *rbt1 = NULL;
2677
2019-02-15
pjp
struct rrset *csd;
2678
2019-02-15
pjp
struct rr *rr_csd;
2679
2020-07-10
pjp
struct sf_imsg sf, *sfi = NULL;
2680
2016-07-06
pjp
2681
2017-08-09
pjp
struct sreply sreply;
2682
2019-01-25
pjp
struct reply_logic *rl = NULL;
2683
2017-08-09
pjp
struct timeval tv = { 10, 0};
2684
2017-11-28
pjp
struct imsgbuf parse_ibuf;
2685
2017-11-28
pjp
struct imsgbuf *pibuf;
2686
2017-11-28
pjp
struct imsg imsg;
2687
2017-11-28
pjp
struct parsequestion pq;
2688
2016-07-06
pjp
2689
2017-11-28
pjp
ssize_t n, datalen;
2690
2019-02-24
pjp
u_int32_t imsg_type;
2691
2017-11-28
pjp
2692
2020-07-03
pjp
struct sforward *sforward;
2693
2020-07-10
pjp
int ix;
2694
2020-07-21
pjp
int sretlen;
2695
2020-07-03
pjp
2696
2020-07-03
pjp
2697
2020-07-03
pjp
sforward = (struct sforward *)calloc(1, sizeof(struct sforward));
2698
2020-07-03
pjp
if (sforward == NULL) {
2699
2020-07-03
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
2700
2020-07-03
pjp
ddd_shutdown();
2701
2020-07-03
pjp
exit(1);
2702
2020-07-03
pjp
}
2703
2020-07-03
pjp
2704
2020-06-25
pjp
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, &cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]) < 0) {
2705
2017-11-28
pjp
dolog(LOG_INFO, "socketpair() failed\n");
2706
2020-06-25
pjp
ddd_shutdown();
2707
2017-11-28
pjp
exit(1);
2708
2017-11-28
pjp
}
2709
2017-11-28
pjp
2710
2017-11-28
pjp
pid = fork();
2711
2017-11-28
pjp
switch (pid) {
2712
2017-11-28
pjp
case -1:
2713
2017-11-28
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
2714
2017-11-28
pjp
exit(1);
2715
2017-11-28
pjp
case 0:
2716
2020-07-14
pjp
#ifndef __OpenBSD__
2717
2020-07-14
pjp
/* OpenBSD has minherit() */
2718
2020-07-14
pjp
if (munmap(cfg->shptr, cfg->shptrsize) == -1) {
2719
2020-07-14
pjp
dolog(LOG_INFO, "unmapping shptr failed: %s\n", \
2720
2020-07-14
pjp
strerror(errno));
2721
2020-07-14
pjp
}
2722
2020-07-14
pjp
#endif
2723
2020-07-14
pjp
cfg->shptrsize = 0;
2724
2017-11-28
pjp
for (i = 0; i < cfg->sockcount; i++) {
2725
2017-11-28
pjp
close(cfg->tcp[i]);
2726
2017-11-28
pjp
}
2727
2020-06-25
pjp
close(ibuf->fd);
2728
2020-07-03
pjp
close(cortex->fd);
2729
2017-11-28
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
2730
2020-06-25
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
2731
2017-12-26
pjp
setproctitle("tcp parse engine %d", cfg->pid);
2732
2020-06-25
pjp
parseloop(cfg, &parse_ibuf);
2733
2017-11-28
pjp
/* NOTREACHED */
2734
2017-11-28
pjp
exit(1);
2735
2017-11-28
pjp
default:
2736
2017-11-28
pjp
close(cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[0]);
2737
2017-11-28
pjp
imsg_init(&parse_ibuf, cfg->my_imsg[MY_IMSG_PARSER].imsg_fds[1]);
2738
2017-11-28
pjp
pibuf = &parse_ibuf;
2739
2017-11-28
pjp
break;
2740
2017-11-28
pjp
}
2741
2017-11-28
pjp
2742
2017-11-27
pjp
#if __OpenBSD__
2743
2017-11-27
pjp
if (pledge("stdio inet sendfd recvfd", NULL) < 0) {
2744
2017-11-27
pjp
perror("pledge");
2745
2017-11-27
pjp
exit(1);
2746
2017-11-27
pjp
}
2747
2017-11-27
pjp
#endif
2748
2017-11-27
pjp
2749
2017-11-28
pjp
2750
2017-08-09
pjp
replybuf = calloc(1, 65536);
2751
2017-08-09
pjp
if (replybuf == NULL) {
2752
2017-08-09
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
2753
2020-06-25
pjp
ddd_shutdown();
2754
2017-08-09
pjp
exit(1);
2755
2017-08-09
pjp
}
2756
2016-07-06
pjp
2757
2016-07-06
pjp
2758
2017-08-09
pjp
/*
2759
2017-08-10
pjp
* listen on descriptors
2760
2017-08-09
pjp
*/
2761
2016-07-06
pjp
2762
2017-08-09
pjp
for (i = 0; i < cfg->sockcount; i++) {
2763
2017-08-09
pjp
listen(cfg->tcp[i], 5);
2764
2017-08-09
pjp
}
2765
2017-08-10
pjp
2766
2017-08-09
pjp
for (;;) {
2767
2017-08-09
pjp
maxso = 0;
2768
2016-07-06
pjp
2769
2017-08-09
pjp
FD_ZERO(&rset);
2770
2017-08-09
pjp
for (i = 0; i < cfg->sockcount; i++) {
2771
2017-08-09
pjp
if (maxso < cfg->tcp[i])
2772
2017-08-09
pjp
maxso = cfg->tcp[i];
2773
2017-08-09
pjp
2774
2017-08-09
pjp
FD_SET(cfg->tcp[i], &rset);
2775
2017-08-09
pjp
}
2776
2019-06-07
pjp
2777
2019-06-07
pjp
TAILQ_FOREACH(tcpnp, &tcphead, tcpentries) {
2778
2019-06-07
pjp
if (maxso < tcpnp->so)
2779
2019-06-07
pjp
maxso = tcpnp->so;
2780
2019-06-07
pjp
2781
2019-06-07
pjp
FD_SET(tcpnp->so, &rset);
2782
2019-06-07
pjp
}
2783
2017-08-09
pjp
2784
2019-06-07
pjp
tv.tv_sec = 3;
2785
2017-08-09
pjp
tv.tv_usec = 0;
2786
2016-07-06
pjp
2787
2017-08-09
pjp
sel = select(maxso + 1, &rset, NULL, NULL, &tv);
2788
2016-07-06
pjp
2789
2017-08-09
pjp
if (sel < 0) {
2790
2017-08-09
pjp
dolog(LOG_INFO, "select: %s\n", strerror(errno));
2791
2017-08-09
pjp
continue;
2792
2017-08-09
pjp
}
2793
2016-07-06
pjp
2794
2017-08-09
pjp
if (sel == 0) {
2795
2019-06-07
pjp
TAILQ_FOREACH_SAFE(tcpnp, &tcphead, tcpentries, tcpn1) {
2796
2019-06-07
pjp
if ((tcpnp->last_used + 3) < time(NULL)) {
2797
2019-06-07
pjp
dolog(LOG_INFO, "tcp timeout on interface \"%s\" for address %s\n", cfg->ident[tcpnp->intidx], tcpnp->address);
2798
2019-06-07
pjp
TAILQ_REMOVE(&tcphead, tcpnp, tcpentries);
2799
2019-06-07
pjp
close(tcpnp->so);
2800
2019-06-07
pjp
free(tcpnp->address);
2801
2019-06-07
pjp
free(tcpnp);
2802
2019-06-17
pjp
if (conncnt > 0)
2803
2019-06-07
pjp
conncnt--;
2804
2019-06-07
pjp
}
2805
2019-06-07
pjp
}
2806
2017-08-09
pjp
continue;
2807
2017-08-09
pjp
}
2808
2017-08-09
pjp
2809
2017-08-09
pjp
for (i = 0; i < cfg->sockcount; i++) {
2810
2017-08-09
pjp
if (FD_ISSET(cfg->tcp[i], &rset)) {
2811
2017-08-09
pjp
fromlen = sizeof(sockaddr_large);
2812
2017-08-09
pjp
2813
2017-08-09
pjp
so = accept(cfg->tcp[i], (struct sockaddr*)from, &fromlen);
2814
2017-08-09
pjp
2815
2017-08-09
pjp
if (so < 0) {
2816
2017-08-09
pjp
dolog(LOG_INFO, "tcp accept: %s\n", strerror(errno));
2817
2017-08-09
pjp
continue;
2818
2017-08-09
pjp
}
2819
2017-08-09
pjp
2820
2016-07-06
pjp
if (from->sa_family == AF_INET6) {
2821
2016-07-06
pjp
2822
2016-07-06
pjp
fromlen = sizeof(struct sockaddr_in6);
2823
2016-07-06
pjp
sin6 = (struct sockaddr_in6 *)from;
2824
2016-07-06
pjp
inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, (char *)&address, sizeof(address));
2825
2016-07-06
pjp
aregion = find_region((struct sockaddr_storage *)sin6, AF_INET6);
2826
2016-07-06
pjp
filter = find_filter((struct sockaddr_storage *)sin6, AF_INET6);
2827
2020-07-16
pjp
if (passlist) {
2828
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin6, AF_INET6);
2829
2016-07-06
pjp
}
2830
2017-08-09
pjp
axfr_acl = find_axfr((struct sockaddr_storage *)sin6, AF_INET6);
2831
2019-02-24
pjp
2832
2019-02-24
pjp
require_tsig = 0;
2833
2019-02-24
pjp
if (tsig) {
2834
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin6, AF_INET6);
2835
2019-02-24
pjp
}
2836
2016-07-06
pjp
} else if (from->sa_family == AF_INET) {
2837
2016-07-06
pjp
2838
2016-07-06
pjp
fromlen = sizeof(struct sockaddr_in);
2839
2016-07-06
pjp
sin = (struct sockaddr_in *)from;
2840
2016-07-06
pjp
inet_ntop(AF_INET, (void *)&sin->sin_addr, (char *)&address, sizeof(address));
2841
2016-07-06
pjp
aregion = find_region((struct sockaddr_storage *)sin, AF_INET);
2842
2016-07-06
pjp
filter = find_filter((struct sockaddr_storage *)sin, AF_INET);
2843
2020-07-16
pjp
if (passlist) {
2844
2020-07-16
pjp
blocklist = find_passlist((struct sockaddr_storage *)sin, AF_INET);
2845
2016-07-06
pjp
}
2846
2017-08-09
pjp
axfr_acl = find_axfr((struct sockaddr_storage *)sin, AF_INET);
2847
2019-02-24
pjp
2848
2019-02-24
pjp
require_tsig = 0;
2849
2019-02-24
pjp
if (tsig) {
2850
2019-02-24
pjp
require_tsig = find_tsig((struct sockaddr_storage *)sin, AF_INET);
2851
2019-02-24
pjp
}
2852
2016-07-06
pjp
} else {
2853
2017-08-09
pjp
dolog(LOG_INFO, "TCP packet received on descriptor %u interface \"%s\" had weird address family (%u), drop\n", so, cfg->ident[i], from->sa_family);
2854
2017-08-09
pjp
close(so);
2855
2017-08-09
pjp
continue;
2856
2016-07-06
pjp
}
2857
2016-07-06
pjp
2858
2017-08-09
pjp
2859
2019-02-24
pjp
if (filter && require_tsig == 0) {
2860
2020-01-01
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s, filter policy, drop\n", so, cfg->ident[i], address);
2861
2020-01-01
pjp
#if 0
2862
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
2863
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
2864
2020-01-01
pjp
#endif
2865
2017-08-09
pjp
close(so);
2866
2017-08-09
pjp
continue;
2867
2016-07-06
pjp
}
2868
2016-07-06
pjp
2869
2020-07-16
pjp
if (passlist && blocklist == 0) {
2870
2020-07-16
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s, passlist policy\n", so, cfg->ident[i], address);
2871
2017-08-09
pjp
close(so);
2872
2017-08-09
pjp
continue;
2873
2017-08-09
pjp
}
2874
2016-07-06
pjp
2875
2019-06-07
pjp
if (conncnt >= 64) {
2876
2019-06-07
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s, too many TCP connections", so
2877
2019-06-07
pjp
, cfg->ident[i], address);
2878
2017-08-09
pjp
close(so);
2879
2017-08-09
pjp
continue;
2880
2017-08-10
pjp
}
2881
2016-07-06
pjp
2882
2019-06-07
pjp
if ((tcpflags = fcntl(so, F_GETFL, 0)) < 0) {
2883
2019-06-07
pjp
dolog(LOG_INFO, "tcp fcntl can't query fcntl flags\n");
2884
2017-09-05
pjp
close(so);
2885
2017-09-05
pjp
continue;
2886
2019-06-07
pjp
}
2887
2019-06-07
pjp
2888
2019-06-07
pjp
tcpflags |= O_NONBLOCK;
2889
2019-12-06
pjp
if (fcntl(so, F_SETFL, tcpflags) < 0) {
2890
2019-06-07
pjp
dolog(LOG_INFO, "tcp fcntl can't set nonblocking\n");
2891
2017-09-05
pjp
close(so);
2892
2017-09-05
pjp
continue;
2893
2017-09-05
pjp
}
2894
2019-06-07
pjp
2895
2019-06-07
pjp
tcpn1 = malloc(sizeof(struct tcpentry));
2896
2019-06-07
pjp
if (tcpn1 == NULL) {
2897
2019-06-07
pjp
dolog(LOG_INFO, "malloc: %s\n", strerror(errno));
2898
2017-09-05
pjp
close(so);
2899
2017-09-05
pjp
continue;
2900
2017-09-05
pjp
}
2901
2019-06-07
pjp
tcpn1->bytes_read = 0;
2902
2019-06-07
pjp
tcpn1->bytes_expected = 0;
2903
2019-12-26
pjp
tcpn1->bytes_limit = 0;
2904
2019-12-26
pjp
tcpn1->seen = 0;
2905
2019-06-07
pjp
tcpn1->so = so;
2906
2019-06-07
pjp
tcpn1->last_used = time(NULL);
2907
2019-06-07
pjp
tcpn1->intidx = i;
2908
2019-06-07
pjp
tcpn1->address = strdup(address);
2909
2019-06-07
pjp
2910
2019-06-07
pjp
TAILQ_INSERT_TAIL(&tcphead, tcpn1, tcpentries);
2911
2019-06-07
pjp
conncnt++;
2912
2017-09-05
pjp
2913
2019-06-07
pjp
} /* FD_ISSET */
2914
2019-06-07
pjp
}
2915
2019-06-07
pjp
2916
2019-06-07
pjp
TAILQ_FOREACH_SAFE(tcpnp, &tcphead, tcpentries, tcpn1) {
2917
2019-06-07
pjp
if (FD_ISSET(tcpnp->so, &rset)) {
2918
2019-06-07
pjp
2919
2019-06-07
pjp
if (tcpnp->bytes_read < 2)
2920
2019-06-07
pjp
len = recv(tcpnp->so, &tcpnp->buf[tcpnp->bytes_read], 2, 0);
2921
2019-06-07
pjp
else
2922
2019-06-07
pjp
len = recv(tcpnp->so, &tcpnp->buf[tcpnp->bytes_read], tcpnp->bytes_expected, 0);
2923
2019-06-07
pjp
2924
2019-06-07
pjp
if (len <= 0) {
2925
2017-08-10
pjp
if (errno == EWOULDBLOCK) {
2926
2019-06-07
pjp
continue;
2927
2017-08-10
pjp
}
2928
2019-06-07
pjp
TAILQ_REMOVE(&tcphead, tcpnp, tcpentries);
2929
2019-06-07
pjp
close(tcpnp->so);
2930
2019-06-07
pjp
free(tcpnp->address);
2931
2019-06-07
pjp
free(tcpnp);
2932
2019-06-17
pjp
if (conncnt > 0)
2933
2019-06-17
pjp
conncnt--;
2934
2017-08-10
pjp
continue;
2935
2017-08-10
pjp
} /* if len */
2936
2019-06-07
pjp
2937
2019-06-07
pjp
tcpnp->bytes_read += len;
2938
2019-12-26
pjp
tcpnp->bytes_expected -= len;
2939
2019-12-26
pjp
2940
2019-12-26
pjp
if (tcpnp->bytes_expected < 0)
2941
2019-12-26
pjp
tcpnp->bytes_expected = 0;
2942
2019-12-26
pjp
2943
2019-12-26
pjp
if (tcpnp->seen == 0 && tcpnp->bytes_read >= 2) {
2944
2020-01-14
pjp
uint16_t u16tmp;
2945
2020-01-14
pjp
2946
2020-01-14
pjp
u16tmp = unpack16(&tcpnp->buf[0]);
2947
2020-01-14
pjp
tcpnp->bytes_expected = ntohs(u16tmp);
2948
2019-12-26
pjp
tcpnp->bytes_limit = tcpnp->bytes_expected;
2949
2019-12-26
pjp
tcpnp->seen = 1;
2950
2020-01-01
pjp
}
2951
2019-12-26
pjp
2952
2020-01-01
pjp
/*
2953
2020-01-01
pjp
* disallow continuing if we only have the
2954
2020-01-01
pjp
* length and nothing else
2955
2020-01-01
pjp
*/
2956
2020-01-01
pjp
2957
2020-01-01
pjp
if (tcpnp->bytes_read <= 2)
2958
2020-01-01
pjp
continue;
2959
2020-01-01
pjp
2960
2019-12-26
pjp
if ((tcpnp->bytes_read - 2) != tcpnp->bytes_limit)
2961
2019-06-07
pjp
continue;
2962
2017-08-10
pjp
2963
2019-06-07
pjp
len = tcpnp->bytes_read - 2;
2964
2019-06-07
pjp
pbuf = &tcpnp->buf[2];
2965
2019-06-07
pjp
so = tcpnp->so;
2966
2017-08-10
pjp
2967
2017-08-09
pjp
if (len > DNS_MAXUDP || len < sizeof(struct dns_header)){
2968
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
2969
2019-06-07
pjp
2970
2016-07-06
pjp
goto drop;
2971
2016-07-06
pjp
}
2972
2016-07-06
pjp
2973
2019-06-07
pjp
imsg_type = IMSG_PARSE_MESSAGE;
2974
2019-02-24
pjp
if (imsg_compose(pibuf, imsg_type,
2975
2017-11-28
pjp
0, 0, -1, pbuf, len) < 0) {
2976
2017-11-28
pjp
dolog(LOG_INFO, "imsg_compose %s\n", strerror(errno));
2977
2017-08-09
pjp
}
2978
2017-11-28
pjp
msgbuf_write(&pibuf->w);
2979
2016-07-06
pjp
2980
2017-11-28
pjp
FD_ZERO(&rset);
2981
2017-11-28
pjp
FD_SET(pibuf->fd, &rset);
2982
2016-07-06
pjp
2983
2017-11-28
pjp
tv.tv_sec = 10;
2984
2017-11-28
pjp
tv.tv_usec = 0;
2985
2017-08-09
pjp
2986
2017-11-28
pjp
sel = select(pibuf->fd + 1, &rset, NULL, NULL, &tv);
2987
2017-08-09
pjp
2988
2017-11-28
pjp
if (sel < 0) {
2989
2017-11-28
pjp
dolog(LOG_ERR, "tcploop internal error around select, dropping packet\n");
2990
2016-07-06
pjp
goto drop;
2991
2016-07-06
pjp
}
2992
2017-11-28
pjp
2993
2017-11-28
pjp
if (sel == 0) {
2994
2017-11-28
pjp
dolog(LOG_ERR, "tcploop internal error, timeout on parse imsg, drop\n");
2995
2016-07-06
pjp
goto drop;
2996
2016-07-06
pjp
}
2997
2017-11-28
pjp
2998
2017-11-28
pjp
if (((n = imsg_read(pibuf)) == -1 && errno != EAGAIN) || n == 0) {
2999
2017-11-28
pjp
dolog(LOG_ERR, "tcploop internal error, timeout on parse imsg, drop\n");
3000
2017-11-28
pjp
goto drop;
3001
2017-11-28
pjp
}
3002
2017-11-28
pjp
3003
2017-11-28
pjp
for (;;) {
3004
2017-11-28
pjp
3005
2017-11-28
pjp
if ((n = imsg_get(pibuf, &imsg)) == -1) {
3006
2017-11-28
pjp
break;
3007
2017-11-28
pjp
}
3008
2017-11-28
pjp
3009
2017-11-28
pjp
if (n == 0) {
3010
2017-11-28
pjp
break;
3011
2017-11-28
pjp
}
3012
2017-11-28
pjp
3013
2017-11-28
pjp
datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
3014
2017-11-28
pjp
3015
2017-11-28
pjp
switch (imsg.hdr.type) {
3016
2017-11-28
pjp
case IMSG_PARSEREPLY_MESSAGE:
3017
2017-11-28
pjp
if (datalen != sizeof(struct parsequestion)) {
3018
2017-11-28
pjp
dolog(LOG_ERR, "tcploop datalen != sizeof(struct parsequestion), can't work with this, drop\n");
3019
2017-11-28
pjp
imsg_free(&imsg);
3020
2017-11-28
pjp
goto drop;
3021
2017-11-28
pjp
}
3022
2017-11-28
pjp
3023
2017-11-28
pjp
memcpy((char *)&pq, imsg.data, datalen);
3024
2017-11-28
pjp
3025
2017-11-28
pjp
if (pq.rc != PARSE_RETURN_ACK) {
3026
2017-11-28
pjp
switch (pq.rc) {
3027
2017-11-28
pjp
case PARSE_RETURN_MALFORMED:
3028
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" malformed question from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3029
2017-11-28
pjp
imsg_free(&imsg);
3030
2017-11-28
pjp
goto drop;
3031
2017-11-28
pjp
case PARSE_RETURN_NOQUESTION:
3032
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" header from %s has no question, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3033
2017-11-28
pjp
/* format error */
3034
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3035
2020-07-21
pjp
slen = reply_fmterror(&sreply, &sretlen, NULL);
3036
2019-06-07
pjp
dolog(LOG_INFO, "TCP question on descriptor %d interface \"%s\" from %s, did not have question of 1 replying format error\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3037
2017-11-28
pjp
imsg_free(&imsg);
3038
2017-11-28
pjp
goto drop;
3039
2017-11-28
pjp
case PARSE_RETURN_NOTAQUESTION:
3040
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" dns header from %s is not a question, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3041
2017-11-28
pjp
imsg_free(&imsg);
3042
2017-11-28
pjp
goto drop;
3043
2017-11-28
pjp
case PARSE_RETURN_NAK:
3044
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3045
2017-11-28
pjp
imsg_free(&imsg);
3046
2017-11-28
pjp
goto drop;
3047
2019-02-24
pjp
case PARSE_RETURN_NOTAUTH:
3048
2019-02-24
pjp
if (filter && pq.tsig.have_tsig == 0) {
3049
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3050
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
3051
2019-06-07
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s (ttl=TCP, region=%d) replying REFUSED, not a tsig\n", so, cfg->ident[tcpnp->intidx], tcpnp->address, aregion);
3052
2019-02-24
pjp
imsg_free(&imsg);
3053
2019-02-24
pjp
goto drop;
3054
2019-02-24
pjp
}
3055
2017-11-28
pjp
}
3056
2017-11-28
pjp
}
3057
2017-11-28
pjp
3058
2020-07-06
pjp
question = convert_question(&pq, 1);
3059
2017-11-28
pjp
if (question == NULL) {
3060
2019-06-07
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" internal error from %s, drop\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3061
2017-11-28
pjp
imsg_free(&imsg);
3062
2017-11-28
pjp
goto drop;
3063
2017-11-28
pjp
}
3064
2017-11-28
pjp
3065
2017-11-28
pjp
3066
2017-11-28
pjp
break;
3067
2017-11-28
pjp
} /* switch */
3068
2017-11-28
pjp
3069
2017-11-28
pjp
imsg_free(&imsg);
3070
2017-11-28
pjp
} /* for (;;) */
3071
2017-11-28
pjp
3072
2016-07-06
pjp
/* goto drop beyond this point should goto out instead */
3073
2017-08-09
pjp
fakequestion = NULL;
3074
2019-10-25
pjp
/* handle tcp notifications , XXX not tested */
3075
2019-10-25
pjp
if (question->notify) {
3076
2019-10-25
pjp
if (question->tsig.have_tsig && notifysource(question, (struct sockaddr_storage *)from) &&
3077
2019-10-25
pjp
question->tsig.tsigverified == 1) {
3078
2019-10-25
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" authenticated dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3079
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
3080
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3081
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
3082
2019-11-04
pjp
/* send notify to replicant process */
3083
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
3084
2020-06-25
pjp
imsg_compose(ibuf, IMSG_NOTIFY_MESSAGE,
3085
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
3086
2020-06-25
pjp
msgbuf_write(&ibuf->w);
3087
2019-10-25
pjp
goto tcpout;
3088
2019-10-25
pjp
3089
2019-10-25
pjp
} else if (question->tsig.have_tsig && question->tsig.tsigerrorcode != 0) {
3090
2019-10-25
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" not authenticated dns NOTIFY packet (code = %d) from %s, replying notauth\n", so, cfg->ident[tcpnp->intidx], question->tsig.tsigerrorcode, tcpnp->address);
3091
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTAUTH");
3092
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3093
2020-07-21
pjp
slen = reply_notauth(&sreply, &sretlen, NULL);
3094
2019-10-25
pjp
goto tcpout;
3095
2019-10-25
pjp
}
3096
2016-07-06
pjp
3097
2019-10-25
pjp
if (notifysource(question, (struct sockaddr_storage *)from)) {
3098
2019-10-25
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" dns NOTIFY packet from %s, replying NOTIFY\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3099
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "NOTIFY");
3100
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3101
2020-07-21
pjp
slen = reply_notify(&sreply, &sretlen, NULL);
3102
2019-11-04
pjp
/* send notify to replicant process */
3103
2020-06-25
pjp
idata = (pid_t)question->hdr->namelen;
3104
2020-06-25
pjp
imsg_compose(ibuf, IMSG_NOTIFY_MESSAGE,
3105
2019-11-04
pjp
0, 0, -1, question->hdr->name, idata);
3106
2020-06-25
pjp
msgbuf_write(&ibuf->w);
3107
2019-10-25
pjp
goto tcpout;
3108
2019-10-25
pjp
} else {
3109
2019-10-25
pjp
/* RFC 1996 - 3.10 is probably broken, replying REFUSED */
3110
2019-10-25
pjp
dolog(LOG_INFO, "on TCP descriptor %u interface \"%s\" dns NOTIFY packet from %s, NOT in our list of MASTER servers replying REFUSED\n", so, cfg->ident[tcpnp->intidx], tcpnp->address);
3111
2019-10-25
pjp
snprintf(replystring, DNS_MAXNAME, "REFUSED");
3112
2020-06-29
pjp
build_reply(&sreply, so, pbuf, len, question, from, fromlen, NULL, NULL, aregion, istcp, 0, replybuf);
3113
2020-07-21
pjp
slen = reply_refused(&sreply, &sretlen, NULL);
3114
2019-10-25
pjp