Commit Diff
Diff:
d774e9584a08eb515b70fd4085d78edb445e770f
6b36d7a46e61d679d1cf4878333818e44c9f8561
Commit:
6b36d7a46e61d679d1cf4878333818e44c9f8561
Tree:
8c564cc7e87feda504558be8cdb8352a2e0a901c
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Wed Jul 1 05:07:47 2020 UTC
Message:
- commit yesterdays forwarding code - forward "" {} in parse.y is complete now - forward.c still needs more work to work
blob - 632dd9bce43b3f18adc72ffbc01718207433a1c3
blob + 8b5218a5f1d570ccc0e8dc520f118e48d2468296
--- ddd-db.h
+++ ddd-db.h
@@ -27,7 +27,7 @@
*/
/*
- * $Id: ddd-db.h,v 1.36 2020/06/30 14:06:21 pjp Exp $
+ * $Id: ddd-db.h,v 1.37 2020/07/01 05:07:47 pjp Exp $
*/
#ifndef _DB_H
@@ -422,7 +422,8 @@ struct raxfr_logic {
};
struct forward {
- struct sockaddr_in from;
+ struct sockaddr_storage from;
+ uint16_t rport;
char buf[4000]; /* the maximum payload of an imsg is 0xffff */
int buflen;
};
blob - 7ed0a03adb41a2f293cb161608191d360077173c
blob + 9456046f18c0fb520fb88c817a0fb3f2795111d4
--- dddctl.c
+++ dddctl.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: dddctl.c,v 1.107 2020/06/30 07:09:46 pjp Exp $
+ * $Id: dddctl.c,v 1.108 2020/07/01 05:07:47 pjp Exp $
*/
#include <sys/types.h>
@@ -82,6 +82,7 @@
int debug = 0;
int verbose = 0;
int forward = 0;
+int forwardtsig = 0;
extern int dnssec;
extern int bytes_received;
@@ -105,6 +106,7 @@ int insert_axfr(char *, char *);
int insert_filter(char *, char *);
int insert_whitelist(char *, char *);
int insert_notifyddd(char *, char *);
+int insert_forward(struct sockaddr_storage *, uint16_t, char *);
int illdestination;
@@ -222,8 +224,11 @@ insert_notifyddd(char *address, char *prefixlen)
return 0;
}
-
-
+int
+insert_forward(struct sockaddr_storage *sso, uint16_t port, char *tsigkey)
+{
+ return 0;
+}
/*
* dolog() - is a wrapper to syslog and printf depending on debug flag
blob - 8b27b9b0c553ff5d28878480eb4e50d029206c1a
blob + e970fa2ecfb54b6e49bd82a34e149221b59b7436
--- delphinusdnsd.c
+++ delphinusdnsd.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: delphinusdnsd.c,v 1.108 2020/06/30 14:06:21 pjp Exp $
+ * $Id: delphinusdnsd.c,v 1.109 2020/07/01 05:07:47 pjp Exp $
*/
@@ -277,6 +277,7 @@ int nflag = 0;
int bcount = 0;
int icount = 0;
int forward = 0;
+int forwardtsig = 0;
u_int16_t port = 53;
u_int32_t cachesize = 0;
char *bind_list[255];
@@ -2022,7 +2023,19 @@ axfrentry:
break;
case ERR_FORWARD:
- snprintf(replystring, DNS_MAXNAME, "FORWARD");
+ if (forwardtsig) {
+ if (question->tsig.have_tsig &&
+ question->tsig.tsigverified) {
+ snprintf(replystring, DNS_MAXNAME, "FORWARD");
+ } else {
+ snprintf(replystring, DNS_MAXNAME, "REFUSED");
+ build_reply(&sreply, so, buf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
+ slen = reply_refused(&sreply, cfg->db);
+ goto udpout;
+ }
+ } else
+ snprintf(replystring, DNS_MAXNAME, "FORWARD");
+
/* send query to forward process/cortex */
if (len > 4000) {
@@ -2030,7 +2043,16 @@ axfrentry:
goto udpout;
}
- forward->from.sin_addr.s_addr = sin->sin_addr.s_addr;
+ memcpy(&forward->from, from, fromlen);
+ switch (from->sa_family) {
+ case AF_INET:
+ forward->rport = sin->sin_port;
+ break;
+ case AF_INET6:
+ forward->rport = sin6->sin6_port;
+ break;
+ }
+
memcpy(&forward->buf, buf, len);
forward->buflen = len;
@@ -3008,7 +3030,19 @@ tcploop(struct cfg *cfg, struct imsgbuf *ibuf)
goto tcpout;
case ERR_FORWARD:
- snprintf(replystring, DNS_MAXNAME, "FORWARD");
+ if (forwardtsig) {
+ if (question->tsig.have_tsig &&
+ question->tsig.tsigverified) {
+ snprintf(replystring, DNS_MAXNAME, "FORWARD");
+ } else {
+ snprintf(replystring, DNS_MAXNAME, "REFUSED");
+ build_reply(&sreply, so, pbuf, len, question, from, fromlen, rbt1, rbt0, aregion, istcp, 0, replybuf);
+ slen = reply_refused(&sreply, cfg->db);
+ goto tcpout;
+ }
+ } else
+ snprintf(replystring, DNS_MAXNAME, "FORWARD");
+
/* send query to forward process/cortex */
imsg_compose(ibuf, IMSG_FORWARD_TCP,
0, 0, tcpnp->so, &tcpnp->buf, tcpnp->bytes_read);
blob - 6b8b830644a1e6ec18b4295a94153c588d5ff5bb
blob + 20258f6572cfab2725d52153c74f9bf4bcde738e
--- forward.c
+++ forward.c
@@ -27,7 +27,7 @@
*/
/*
- * $Id: forward.c,v 1.2 2020/06/30 14:06:21 pjp Exp $
+ * $Id: forward.c,v 1.3 2020/07/01 05:07:47 pjp Exp $
*/
#include <sys/types.h>
@@ -81,7 +81,7 @@
#include "ddd-db.h"
void init_forward(void);
-int insert_forward(void);
+int insert_forward(struct sockaddr_storage *, uint16_t, char *);
void forwardloop(ddDB *, struct cfg *, struct imsgbuf *);
void forwardthis(int, struct forward *);
@@ -94,15 +94,26 @@ SLIST_HEAD(, forwardentry) forwardhead;
static struct forwardentry {
char name[INET6_ADDRSTRLEN];
int family;
- struct sockaddr_storage hostmask;
- struct sockaddr_storage netmask;
- u_int8_t prefixlen;
+ struct sockaddr_storage host;
uint16_t destport;
char *tsigkey;
SLIST_ENTRY(forwardentry) forward_entry;
} *fw2, *fwp;
+SLIST_HEAD(, forwardqueue) fwqhead;
+static struct forwardqueue {
+ time_t time;
+ struct sockaddr_storage host;
+ uint16_t id;
+ uint16_t port;
+ struct sockaddr_storage oldhost;
+ uint16_t oldid;
+ uint16_t oldport;
+ int so;
+ SLIST_ENTRY(forwardqueue) entries;
+} *fwq1, *fwq2, *fwqp;
+
/*
* INIT_FORWARD - initialize the forward singly linked list
*/
@@ -111,6 +122,7 @@ void
init_forward(void)
{
SLIST_INIT(&forwardhead);
+ SLIST_INIT(&fwqhead);
return;
}
@@ -119,10 +131,38 @@ init_forward(void)
*/
int
-insert_forward(void)
+insert_forward(struct sockaddr_storage *ip, uint16_t port, char *tsigkey)
{
- /* SLIST_INSERT_HEAD(&forwardhead, fw2, forward_entry); */
+ fw2 = calloc(1, sizeof(struct forwardentry));
+ if (fw2 == NULL) {
+ dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
+ return 1;
+ }
+ switch (fw2->family = ip->ss_family) {
+ case AF_INET:
+ inet_ntop(AF_INET, (struct sockaddr_in *)ip, fw2->name, sizeof(fw2->name));
+ break;
+ case AF_INET6:
+ inet_ntop(AF_INET6, (struct sockaddr_in6 *)ip, fw2->name, sizeof(fw2->name));
+ break;
+ }
+
+ memcpy(&fw2->host, ip, sizeof(struct sockaddr_storage));
+ fw2->destport = port;
+
+ if (strcmp(tsigkey, "NOKEY") == 0)
+ fw2->tsigkey = NULL;
+ else {
+ fw2->tsigkey = strdup(tsigkey);
+ if (fw2->tsigkey == NULL) {
+ dolog(LOG_INFO, "strdup: %s\n", strerror(errno));
+ return 1;
+ }
+ }
+
+ SLIST_INSERT_HEAD(&forwardhead, fw2, forward_entry);
+
return (0);
}
@@ -198,7 +238,36 @@ forwardloop(ddDB *db, struct cfg *cfg, struct imsgbuf
void
forwardthis(int so, struct forward *forward)
{
+ struct dns_header *dh = (struct dns_header *)forward->buf;
+ time_t now;
+ char *p;
+
+ now = time(NULL);
+ p = forward->buf;
+ SLIST_FOREACH_SAFE(fwq1, &fwqhead, entries, fwq2) {
+ if (difftime(now, fwq1->time) > 15) {
+ SLIST_REMOVE(&fwqhead, fwq1, forwardqueue, entries);
+ continue;
+ }
+
+ if (memcmp(&fwq1->oldhost, &forward->from,
+ sizeof(struct sockaddr_storage)) == 0 &&
+ fwq1->oldport == forward->rport &&
+ fwq1->oldid == dh->id) {
+ /* found, break... */
+ break;
+ }
+ }
+ if (fwq1 == NULL) {
+ /* create a new queue and send it */
+
+ } else {
+ /* resend this one */
+
+ fwq1->time = now;
+ }
+
}
blob - 20c8b245785fd3d5126ae837502bf0701e0b9fd4
blob + 0798042f6da6f2510745eaf4632f28e56ecb9caa
--- parse.y
+++ parse.y
@@ -21,7 +21,7 @@
*/
/*
- * $Id: parse.y,v 1.99 2020/06/30 07:09:46 pjp Exp $
+ * $Id: parse.y,v 1.100 2020/07/01 05:07:47 pjp Exp $
*/
%{
@@ -92,6 +92,7 @@ extern int insert_region(char *, char *, u_int8_t);
extern int insert_axfr(char *, char *);
extern int insert_notifyddd(char *, char *);
extern int insert_filter(char *, char *);
+extern int insert_forward(struct sockaddr_storage *, uint16_t, char *);
extern int insert_whitelist(char *, char *);
extern int insert_tsig(char *, char *);
extern int insert_tsig_key(char *, int, char *, int);
@@ -112,6 +113,7 @@ extern int notify;
extern int errno;
extern int debug;
extern int forward;
+extern int forwardtsig;
extern int verbose;
extern int bflag;
extern int iflag;
@@ -250,7 +252,7 @@ int drop_privs(char *, struct passwd *);
%token ERROR AXFRPORT OPTIONS FILTER MZONE
%token WHITELIST ZINCLUDE MASTER MASTERPORT TSIGAUTH
%token TSIG NOTIFYDEST NOTIFYBIND PORT FORWARD
-%token INCOMINGKEY DESTINATION
+%token INCOMINGTSIG DESTINATION
%token <v.string> POUND
%token <v.string> SEMICOLON
@@ -259,6 +261,8 @@ int drop_privs(char *, struct passwd *);
%token <v.string> IPV6
%token <v.string> SLASH
%token <v.string> QUOTEDSTRING
+%token <v.string> DESTINATION
+%token <v.string> INCOMINGTSIG
%token <v.intval> NUMBER
@@ -1431,11 +1435,33 @@ forwardstatements :
| forwardstatement
;
-forwardstatement : INCOMINGKEY STRING SEMICOLON CRLF
+forwardstatement : INCOMINGTSIG STRING SEMICOLON CRLF
{
+ if (strcmp($2, "yes") == 0 ||
+ strcmp($2, "on") == 0 ||
+ strcmp($2, "1") == 0) {
+ forwardtsig = 1;
+ }
+
+ free($2);
}
| DESTINATION ipcidr PORT NUMBER STRING STRING SEMICOLON CRLF
{
+ struct sockaddr_storage sso;
+ struct sockaddr_in *sin = (struct sockaddr_in *)&sso;
+ struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&sso;
+
+ memset(&sso, 0, sizeof(struct sockaddr_storage));
+
+ if (strchr($2, ':') != NULL)
+ inet_pton(AF_INET6, $2, sin6);
+ else
+ inet_pton(AF_INET, $2, sin);
+
+ insert_forward(&sso, $4, $6);
+
+ free($5);
+ free($6);
}
| comment CRLF
;
@@ -1624,7 +1650,7 @@ struct tab cmdtab[] = {
{ "filter", FILTER, STATE_IP },
{ "forward", FORWARD, 0 },
{ "include", INCLUDE, 0 },
- { "incoming-key", INCOMINGKEY, 0 },
+ { "incoming-tsig", INCOMINGTSIG, 0 },
{ "master", MASTER, 0 },
{ "masterport", MASTERPORT, 0 },
{ "mzone", MZONE, 0},
repomaster@centroid.eu