Blame
Date:
Sat Nov 8 20:28:31 2014 UTC
Message:
0.9.0 is the last version of Wildcarddnsd, the succeeding project is called Delphinusdnsd and will have its first release around November 15th, 2015. The new project page is at http://delphinusdns.centroid.eu.
0001
2005-11-29
pbug
/*
0002
2014-04-13
pjp
* Copyright (c) 2002-2014 Peter J. Philipp
0003
2005-11-29
pbug
* All rights reserved.
0004
2005-11-29
pbug
*
0005
2005-11-29
pbug
* Redistribution and use in source and binary forms, with or without
0006
2005-11-29
pbug
* modification, are permitted provided that the following conditions
0007
2005-11-29
pbug
* are met:
0008
2005-11-29
pbug
* 1. Redistributions of source code must retain the above copyright
0009
2005-11-29
pbug
* notice, this list of conditions and the following disclaimer.
0010
2005-11-29
pbug
* 2. Redistributions in binary form must reproduce the above copyright
0011
2005-11-29
pbug
* notice, this list of conditions and the following disclaimer in the
0012
2005-11-29
pbug
* documentation and/or other materials provided with the distribution.
0013
2005-11-29
pbug
* 3. The name of the author may not be used to endorse or promote products
0014
2005-11-29
pbug
* derived from this software without specific prior written permission
0015
2005-11-29
pbug
*
0016
2005-11-29
pbug
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
0017
2005-11-29
pbug
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
0018
2005-11-29
pbug
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
0019
2005-11-29
pbug
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
0020
2005-11-29
pbug
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
0021
2005-11-29
pbug
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
0022
2005-11-29
pbug
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
0023
2005-11-29
pbug
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
0024
2005-11-29
pbug
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
0025
2005-11-29
pbug
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
0026
2005-11-29
pbug
*
0027
2005-11-29
pbug
*/
0028
2005-11-29
pbug
#include "include.h"
0029
2005-11-29
pbug
#include "dns.h"
0030
2005-11-29
pbug
#include "db.h"
0031
2011-04-22
pbug
#include "config.h"
0032
2005-11-29
pbug
0033
2005-11-29
pbug
/* prototypes */
0034
2005-11-29
pbug
0035
2014-05-18
pjp
extern void add_rrlimit(int, u_int16_t *, int, char *);
0036
2014-05-18
pjp
extern void axfrloop(int *, int, char **, DB *);
0037
2014-05-18
pjp
extern int check_rrlimit(int, u_int16_t *, int, char *);
0038
2014-05-18
pjp
extern void collects_init(void);
0039
2014-05-18
pjp
extern void dolog(int, char *, ...);
0040
2014-05-18
pjp
extern int find_filter(struct sockaddr_storage *, int);
0041
2014-05-18
pjp
extern int find_recurse(struct sockaddr_storage *, int);
0042
2014-05-18
pjp
extern u_int8_t find_region(struct sockaddr_storage *, int);
0043
2014-05-18
pjp
extern int find_whitelist(struct sockaddr_storage *, int);
0044
2014-05-18
pjp
extern int find_wildcard(struct sockaddr_storage *, int);
0045
2014-05-18
pjp
extern void init_wildcard(void);
0046
2014-05-18
pjp
extern void init_recurse(void);
0047
2014-05-18
pjp
extern void init_region(void);
0048
2014-05-18
pjp
extern void init_filter(void);
0049
2014-05-18
pjp
extern void init_notifyslave(void);
0050
2014-05-18
pjp
extern void init_whitelist(void);
0051
2014-05-18
pjp
extern void recurseloop(int sp, int *, DB *);
0052
2014-05-18
pjp
extern void receivelog(char *, int);
0053
2014-10-08
pjp
extern int reply_a(struct sreply *, DB *);
0054
2014-10-08
pjp
extern int reply_aaaa(struct sreply *, DB *);
0055
2014-10-08
pjp
extern int reply_any(struct sreply *);
0056
2014-10-08
pjp
extern int reply_cname(struct sreply *);
0057
2014-10-08
pjp
extern int reply_fmterror(struct sreply *);
0058
2014-10-08
pjp
extern int reply_notimpl(struct sreply *);
0059
2014-10-08
pjp
extern int reply_nxdomain(struct sreply *);
0060
2014-10-08
pjp
extern int reply_noerror(struct sreply *);
0061
2014-10-08
pjp
extern int reply_soa(struct sreply *);
0062
2014-10-08
pjp
extern int reply_mx(struct sreply *, DB *);
0063
2014-10-08
pjp
extern int reply_naptr(struct sreply *, DB *);
0064
2014-10-08
pjp
extern int reply_ns(struct sreply *, DB *);
0065
2014-10-08
pjp
extern int reply_ptr(struct sreply *);
0066
2014-10-08
pjp
extern int reply_refused(struct sreply *);
0067
2014-10-08
pjp
extern int reply_spf(struct sreply *);
0068
2014-10-08
pjp
extern int reply_srv(struct sreply *, DB *);
0069
2014-10-08
pjp
extern int reply_sshfp(struct sreply *);
0070
2014-10-08
pjp
extern int reply_txt(struct sreply *);
0071
2014-05-18
pjp
extern int remotelog(int, char *, ...);
0072
2014-05-18
pjp
extern char *rrlimit_setup(int);
0073
2005-11-29
pbug
0074
2014-05-18
pjp
struct question *build_fake_question(char *, int, u_int16_t);
0075
2014-05-18
pjp
struct question *build_question(char *, int, int);
0076
2014-05-18
pjp
void build_reply(struct sreply *, int, char *, int, struct question *, struct sockaddr *, socklen_t, struct domain *, struct domain *, u_int8_t, int, int, struct recurses *, char *);
0077
2014-05-18
pjp
int compress_label(u_char *, u_int16_t, int);
0078
2014-05-18
pjp
u_int16_t check_qtype(struct domain *, u_int16_t, int, int *);
0079
2014-05-18
pjp
char *dns_label(char *, int *);
0080
2014-05-18
pjp
int free_question(struct question *);
0081
2014-05-18
pjp
char *get_dns_type(int dnstype);
0082
2014-05-18
pjp
int get_soa(DB *, struct question *, struct domain *, int);
0083
2014-05-18
pjp
int lookup_zone(DB *, struct question *, struct domain *, int *, char *, int);
0084
2014-05-18
pjp
void mainloop(struct cfg *);
0085
2014-05-18
pjp
void master_reload(int);
0086
2014-05-18
pjp
void master_shutdown(int);
0087
2014-05-18
pjp
int memcasecmp(u_char *, u_char *, int);
0088
2014-05-18
pjp
void recurseheader(struct srecurseheader *, int, struct sockaddr_storage *, struct sockaddr_storage *, int);
0089
2014-09-29
pjp
void setup_master(DB *, DB_ENV *, char **);
0090
2014-05-18
pjp
void slave_signal(int);
0091
2014-05-18
pjp
void slave_shutdown(void);
0092
2005-11-29
pbug
0093
2008-07-10
pbug
/* aliases */
0094
2005-11-29
pbug
0095
2011-04-22
pbug
#ifndef DEFAULT_PRIVILEGE
0096
2011-04-22
pbug
#define DEFAULT_PRIVILEGE "wdnsd"
0097
2011-04-22
pbug
#endif
0098
2011-04-22
pbug
0099
2011-04-12
pbug
#define PIDFILE "/var/run/wildcarddnsd.pid"
0100
2011-09-19
pbug
#define MYDB_PATH "/var/db/wdns"
0101
2005-11-29
pbug
0102
2011-04-12
pbug
0103
2009-03-10
pbug
struct typetable {
0104
2009-03-10
pbug
char *type;
0105
2009-03-10
pbug
int number;
0106
2009-03-10
pbug
} TT[] = {
0107
2009-03-10
pbug
{ "A", DNS_TYPE_A},
0108
2009-03-10
pbug
{ "NS", DNS_TYPE_NS},
0109
2009-03-10
pbug
{ "CNAME", DNS_TYPE_CNAME},
0110
2009-03-10
pbug
{ "SOA", DNS_TYPE_SOA},
0111
2009-03-10
pbug
{ "PTR", DNS_TYPE_PTR},
0112
2009-03-10
pbug
{ "MX", DNS_TYPE_MX},
0113
2009-03-10
pbug
{ "TXT", DNS_TYPE_TXT},
0114
2009-03-10
pbug
{ "AAAA", DNS_TYPE_AAAA},
0115
2010-12-27
pbug
{ "ANY", DNS_TYPE_ANY },
0116
2012-04-30
pbug
{ "SRV", DNS_TYPE_SRV },
0117
2014-04-21
pjp
{ "SPF", DNS_TYPE_SPF },
0118
2014-04-21
pjp
{ "SSHFP", DNS_TYPE_SSHFP },
0119
2014-05-11
pjp
{ "NAPTR", DNS_TYPE_NAPTR },
0120
2009-03-10
pbug
{ NULL, 0}
0121
2009-03-10
pbug
};
0122
2009-03-10
pbug
0123
2009-03-10
pbug
0124
2008-07-10
pbug
/* global variables */
0125
2008-07-10
pbug
0126
2005-11-29
pbug
extern char *__progname;
0127
2011-06-28
pbug
extern struct logging logging;
0128
2011-09-19
pbug
extern int axfrport;
0129
2014-05-05
pjp
extern int ratelimit;
0130
2014-05-05
pjp
extern int ratelimit_packets_per_second;
0131
2014-05-18
pjp
extern int whitelist;
0132
2013-02-16
pjp
0133
2011-04-12
pbug
static int *ptr = NULL;
0134
2011-04-12
pbug
static int reload = 0;
0135
2011-09-19
pbug
static int mshutdown = 0;
0136
2011-09-19
pbug
static int msig;
0137
2011-09-19
pbug
static char *database;
0138
2011-09-19
pbug
static char mydatabase[512];
0139
2014-05-05
pjp
static char *rptr;
0140
2014-05-09
pjp
static int ratelimit_backlog;
0141
2011-04-12
pbug
0142
2014-04-15
pjp
int debug = 0;
0143
2014-04-15
pjp
int verbose = 0;
0144
2014-04-15
pjp
int bflag = 0;
0145
2014-04-15
pjp
int iflag = 0;
0146
2014-04-15
pjp
int lflag = 0;
0147
2014-04-15
pjp
int nflag = 0;
0148
2014-04-15
pjp
int rflag = 0;
0149
2014-04-15
pjp
int bcount = 0;
0150
2014-04-15
pjp
int icount = 0;
0151
2014-04-15
pjp
u_int16_t port = 53;
0152
2014-04-15
pjp
u_int32_t cachesize = 0;
0153
2014-04-15
pjp
char *bind_list[255];
0154
2014-04-15
pjp
char *interface_list[255];
0155
2013-02-16
pjp
0156
2010-03-12
pbug
/* singly linked list for tcp operations */
0157
2010-03-12
pbug
SLIST_HEAD(listhead, tcps) tcpshead;
0158
2010-03-12
pbug
0159
2014-05-01
pjp
static struct tcps {
0160
2010-03-12
pbug
char *input;
0161
2010-03-12
pbug
char *ident;
0162
2010-03-12
pbug
char *address;
0163
2010-03-12
pbug
int offset;
0164
2010-03-12
pbug
int length;
0165
2010-03-12
pbug
int maxlen;
0166
2010-03-12
pbug
int so;
0167
2010-03-12
pbug
int isv6;
0168
2010-04-05
pbug
u_int8_t region;
0169
2010-04-05
pbug
int wildcard;
0170
2010-03-12
pbug
time_t time;
0171
2014-05-01
pjp
SLIST_ENTRY(tcps) tcps_entry;
0172
2014-05-01
pjp
} *tn1, *tnp, *tntmp;
0173
2010-03-12
pbug
0174
2010-03-12
pbug
0175
2014-11-07
pjp
static const char rcsid[] = "$Id: main.c,v 1.103 2014/11/07 10:33:12 pjp Exp $";
0176
2011-06-28
pbug
0177
2005-11-29
pbug
/*
0178
2005-11-29
pbug
* MAIN - set up arguments, set up database, set up sockets, call mainloop
0179
2005-11-29
pbug
*
0180
2005-11-29
pbug
*/
0181
2005-11-29
pbug
0182
2005-11-29
pbug
int
0183
2005-11-29
pbug
main(int argc, char *argv[])
0184
2005-11-29
pbug
{
0185
2011-06-28
pbug
static int udp[DEFAULT_SOCKET];
0186
2011-06-28
pbug
static int tcp[DEFAULT_SOCKET];
0187
2011-09-19
pbug
static int afd[DEFAULT_SOCKET];
0188
2011-09-19
pbug
static int uafd[DEFAULT_SOCKET];
0189
2010-04-15
pbug
int raw[2];
0190
2011-09-19
pbug
int lfd = -1;
0191
2011-09-19
pbug
int fd, n;
0192
2005-11-29
pbug
0193
2005-11-29
pbug
int ch, i, j;
0194
2005-11-29
pbug
int gai_error;
0195
2011-09-19
pbug
int salen, ret;
0196
2005-11-29
pbug
int found = 0;
0197
2009-08-31
pbug
int on = 1;
0198
2010-04-15
pbug
int sp[2];
0199
2005-11-29
pbug
0200
2010-04-15
pbug
pid_t pid;
0201
2010-04-15
pbug
0202
2008-07-10
pbug
static char *ident[DEFAULT_SOCKET];
0203
2008-07-10
pbug
char *conffile = CONFFILE;
0204
2008-07-10
pbug
char buf[512];
0205
2011-04-12
pbug
char **av = NULL;
0206
2005-11-29
pbug
0207
2005-11-29
pbug
struct passwd *pw;
0208
2005-11-29
pbug
struct addrinfo hints, *res0, *res;
0209
2005-11-29
pbug
struct ifaddrs *ifap, *pifap;
0210
2005-11-29
pbug
struct sockaddr_in *sin;
0211
2005-11-29
pbug
struct sockaddr_in6 *sin6;
0212
2011-06-28
pbug
struct cfg *cfg;
0213
2005-11-29
pbug
0214
2011-09-19
pbug
static DB_ENV *dbenv;
0215
2005-11-29
pbug
static DB *db;
0216
2011-09-19
pbug
0217
2011-09-19
pbug
key_t key;
0218
2005-11-29
pbug
0219
2005-11-29
pbug
if (geteuid() != 0) {
0220
2005-11-29
pbug
fprintf(stderr, "must be started as root\n"); /* .. dolt */
0221
2005-11-29
pbug
exit(1);
0222
2005-11-29
pbug
}
0223
2005-11-29
pbug
0224
2011-04-12
pbug
av = argv;
0225
2011-04-12
pbug
0226
2013-02-16
pjp
while ((ch = getopt(argc, argv, "b:c:df:i:ln:p:rv")) != -1) {
0227
2005-11-29
pbug
switch (ch) {
0228
2005-11-29
pbug
case 'b':
0229
2005-11-29
pbug
bflag = 1;
0230
2005-11-29
pbug
if (bcount > 253) {
0231
2014-04-15
pjp
fprintf(stderr, "too many -b flags\n");
0232
2005-11-29
pbug
exit(1);
0233
2005-11-29
pbug
}
0234
2005-11-29
pbug
bind_list[bcount++] = optarg;
0235
2005-11-29
pbug
break;
0236
2011-09-19
pbug
case 'c':
0237
2014-11-07
pjp
#if !defined __OpenBSD__
0238
2011-09-19
pbug
cachesize = atoi(optarg);
0239
2011-09-19
pbug
#else
0240
2011-09-19
pbug
cachesize = strtonum(optarg, 1, 0xffffffff, NULL);
0241
2011-09-19
pbug
#endif
0242
2011-09-19
pbug
break;
0243
2013-02-16
pjp
case 'd':
0244
2013-02-16
pjp
debug = 1;
0245
2013-02-16
pjp
break;
0246
2009-02-16
pbug
case 'f':
0247
2009-02-16
pbug
conffile = optarg;
0248
2009-02-16
pbug
break;
0249
2005-11-29
pbug
case 'i':
0250
2005-11-29
pbug
iflag = 1;
0251
2005-11-29
pbug
if (icount > 254) {
0252
2005-11-29
pbug
fprintf(stderr, "too many -i flags\n");
0253
2005-11-29
pbug
exit(1);
0254
2005-11-29
pbug
}
0255
2005-11-29
pbug
interface_list[icount++] = optarg;
0256
2005-11-29
pbug
break;
0257
2009-02-16
pbug
case 'l':
0258
2009-02-16
pbug
lflag = 1;
0259
2005-11-29
pbug
break;
0260
2011-09-19
pbug
case 'n':
0261
2011-09-19
pbug
nflag = atoi(optarg);
0262
2011-09-19
pbug
break;
0263
2005-11-29
pbug
case 'p':
0264
2005-11-29
pbug
port = atoi(optarg) & 0xffff;
0265
2005-11-29
pbug
break;
0266
2010-04-15
pbug
case 'r':
0267
2010-04-15
pbug
rflag = 1;
0268
2010-04-15
pbug
break;
0269
2013-02-16
pjp
case 'v':
0270
2013-02-16
pjp
verbose++;
0271
2013-02-16
pjp
break;
0272
2005-11-29
pbug
default:
0273
2013-02-16
pjp
fprintf(stderr, "usage: wildcarddnsd [-i interface] [-b bindaddress] [-f configfile] [-p portnumber] [-drv]\n");
0274
2005-11-29
pbug
exit (1);
0275
2005-11-29
pbug
}
0276
2005-11-29
pbug
}
0277
2005-11-29
pbug
0278
2005-11-29
pbug
if (bflag && iflag) {
0279
2005-11-29
pbug
fprintf(stderr, "you may specify -i or -b but not both\n");
0280
2005-11-29
pbug
exit(1);
0281
2005-11-29
pbug
}
0282
2005-11-29
pbug
0283
2009-03-01
pbug
/*
0284
2009-03-01
pbug
* calling daemon before a sleuth of configurations ala rwhod.c
0285
2009-03-01
pbug
*/
0286
2013-02-16
pjp
0287
2013-02-16
pjp
if (! debug)
0288
2013-02-16
pjp
daemon(0,0);
0289
2009-03-01
pbug
0290
2011-06-28
pbug
0291
2009-02-28
pbug
openlog(__progname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
0292
2013-02-16
pjp
dolog(LOG_INFO, "starting up\n");
0293
2009-02-28
pbug
0294
2011-06-28
pbug
/* cfg struct */
0295
2011-06-28
pbug
cfg = calloc(1, sizeof(struct cfg));
0296
2011-06-28
pbug
if (cfg == NULL) {
0297
2013-02-16
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
0298
2011-06-28
pbug
exit(1);
0299
2011-06-28
pbug
}
0300
2011-06-28
pbug
0301
2011-04-12
pbug
/*
0302
2011-04-12
pbug
* make a shared memory segment for signaling kills between
0303
2011-04-12
pbug
* processes...
0304
2011-04-12
pbug
*/
0305
2009-02-28
pbug
0306
2011-04-12
pbug
0307
2011-04-12
pbug
ptr = mmap(NULL, sizeof(int), PROT_READ | PROT_WRITE, MAP_SHARED |\
0308
2011-04-12
pbug
MAP_ANON, -1, 0);
0309
2011-04-12
pbug
0310
2011-04-12
pbug
if (ptr == MAP_FAILED) {
0311
2013-02-16
pjp
dolog(LOG_ERR, "failed to setup mmap segment, exit\n");
0312
2011-04-12
pbug
exit(1);
0313
2011-04-12
pbug
}
0314
2011-04-12
pbug
0315
2011-04-12
pbug
*ptr = 0;
0316
2011-04-12
pbug
0317
2011-09-19
pbug
if ((ret = db_env_create(&dbenv, 0)) != 0) {
0318
2013-02-16
pjp
dolog(LOG_INFO, "db_env_create: %s\n", db_strerror(ret));
0319
2011-09-19
pbug
slave_shutdown();
0320
2011-09-19
pbug
exit(1);
0321
2011-09-19
pbug
}
0322
2011-04-12
pbug
0323
2011-09-19
pbug
key = ftok("/usr/local/sbin/wildcarddnsd", 1);
0324
2012-06-21
pbug
if (key == (key_t)-1) {
0325
2013-02-16
pjp
dolog(LOG_INFO, "ftok failed, does /usr/local/sbin/wildcarddnsd exist?\n");
0326
2012-06-21
pbug
slave_shutdown();
0327
2012-06-21
pbug
exit(1);
0328
2012-06-21
pbug
}
0329
2012-06-21
pbug
0330
2011-04-12
pbug
0331
2011-09-19
pbug
if ((ret = dbenv->set_shm_key(dbenv, key)) != 0) {
0332
2013-02-16
pjp
dolog(LOG_INFO, "dbenv->set_shm_key failed\n");
0333
2011-09-19
pbug
slave_shutdown();
0334
2011-09-19
pbug
exit(1);
0335
2011-09-19
pbug
}
0336
2011-04-12
pbug
0337
2011-09-19
pbug
/* set cache size , if requested */
0338
2011-09-19
pbug
0339
2011-09-19
pbug
if (cachesize) {
0340
2011-09-19
pbug
if ((ret = dbenv->set_cachesize(dbenv, 0, cachesize, 0)) != 0) {
0341
2013-02-16
pjp
dolog(LOG_INFO, "dbenv->set_cachesize: %s\n",
0342
2011-09-19
pbug
db_strerror(ret));
0343
2011-09-19
pbug
slave_shutdown();
0344
2011-09-19
pbug
exit(1);
0345
2011-09-19
pbug
}
0346
2011-09-19
pbug
}
0347
2011-09-19
pbug
0348
2011-09-19
pbug
(void)mkdir(MYDB_PATH, 0700);
0349
2014-05-10
pjp
snprintf(mydatabase, sizeof(mydatabase), "%s/%ld",
0350
2014-05-10
pjp
MYDB_PATH, (long)getpid());
0351
2011-09-19
pbug
0352
2014-05-10
pjp
if (mkdir(mydatabase, 0750) < 0) {
0353
2014-05-10
pjp
if (errno != EEXIST) {
0354
2014-05-10
pjp
dolog(LOG_ERR, "mkdir: %s\n", strerror(errno));
0355
2014-05-10
pjp
exit(1);
0356
2014-05-10
pjp
}
0357
2014-05-10
pjp
}
0358
2014-05-10
pjp
0359
2014-05-10
pjp
if ((ret = dbenv->open(dbenv, mydatabase, DB_CREATE | \
0360
2011-09-19
pbug
DB_INIT_LOCK | DB_INIT_MPOOL | DB_SYSTEM_MEM, \
0361
2011-09-19
pbug
S_IRUSR | S_IWUSR)) != 0) {
0362
2013-02-16
pjp
dolog(LOG_INFO, "dbenv->open failed: %s\n", db_strerror(ret));
0363
2011-04-12
pbug
slave_shutdown();
0364
2011-09-19
pbug
exit(1);
0365
2011-09-19
pbug
}
0366
2011-09-19
pbug
0367
2011-09-19
pbug
if (db_create((DB **)&db, (DB_ENV *)dbenv, 0) != 0) {
0368
2013-02-16
pjp
dolog(LOG_INFO, "db_create: %s\n", strerror(errno));
0369
2011-04-12
pbug
slave_shutdown();
0370
2005-11-29
pbug
exit(1);
0371
2008-04-10
pbug
}
0372
2011-09-19
pbug
0373
2011-09-19
pbug
/*
0374
2011-09-19
pbug
* we want to run multiple instances of different versions so we'll
0375
2011-09-19
pbug
* make a temporary database...
0376
2011-09-19
pbug
*/
0377
2011-09-19
pbug
0378
2014-05-10
pjp
0379
2014-05-10
pjp
snprintf(mydatabase, sizeof(mydatabase), "%s/%ld/wdns.db",
0380
2011-09-19
pbug
MYDB_PATH, (long)getpid());
0381
2014-05-10
pjp
0382
2014-05-10
pjp
(void)unlink(mydatabase);
0383
2014-05-10
pjp
0384
2011-09-19
pbug
database = mydatabase;
0385
2011-09-19
pbug
0386
2014-05-10
pjp
0387
2011-09-19
pbug
fd = open(database, O_WRONLY | O_CREAT, 0600);
0388
2011-09-19
pbug
if (fd < 0) {
0389
2013-02-16
pjp
dolog(LOG_INFO, "open: %s\n", strerror(errno));
0390
2011-09-19
pbug
}
0391
2011-09-19
pbug
close(fd);
0392
2011-09-19
pbug
0393
2011-09-19
pbug
if (db->open(db, NULL, database, NULL, DB_BTREE, DB_CREATE, 0600) != 0) {
0394
2013-02-16
pjp
dolog(LOG_INFO, "db->open: %s\n", strerror(errno));
0395
2008-04-10
pbug
db->close(db, DB_NOSYNC);
0396
2011-04-12
pbug
slave_shutdown();
0397
2008-04-10
pbug
exit(1);
0398
2008-04-10
pbug
}
0399
2008-04-10
pbug
0400
2011-09-19
pbug
/* make a master program that holds the pidfile, boss of ... eek */
0401
2008-04-10
pbug
0402
2011-09-19
pbug
pid = fork();
0403
2011-09-19
pbug
switch (pid) {
0404
2011-09-19
pbug
case -1:
0405
2013-02-16
pjp
dolog(LOG_ERR, "fork(): %s\n", strerror(errno));
0406
2011-09-19
pbug
exit(1);
0407
2011-09-19
pbug
case 0:
0408
2011-09-19
pbug
break;
0409
2011-09-19
pbug
default:
0410
2014-09-29
pjp
setup_master(db, dbenv, av);
0411
2011-09-19
pbug
/* NOTREACHED */
0412
2011-09-19
pbug
exit(1);
0413
2011-09-19
pbug
}
0414
2008-04-10
pbug
0415
2011-09-19
pbug
/* end of setup_master code */
0416
2011-09-19
pbug
0417
2010-04-05
pbug
init_wildcard();
0418
2010-04-15
pbug
init_recurse();
0419
2014-04-13
pjp
init_region();
0420
2014-05-01
pjp
init_filter();
0421
2014-05-18
pjp
init_whitelist();
0422
2014-05-17
pjp
init_notifyslave();
0423
2008-04-10
pbug
0424
2009-02-16
pbug
if (parse_file(db, conffile) < 0) {
0425
2013-02-16
pjp
dolog(LOG_INFO, "parsing config file failed\n");
0426
2011-04-12
pbug
slave_shutdown();
0427
2009-02-16
pbug
exit(1);
0428
2009-02-16
pbug
}
0429
2008-04-10
pbug
0430
2014-05-05
pjp
/* ratelimiting setup */
0431
2014-05-05
pjp
if (ratelimit) {
0432
2014-05-05
pjp
ratelimit_backlog = ratelimit_packets_per_second * 2;
0433
2014-05-05
pjp
rptr = rrlimit_setup(ratelimit_backlog);
0434
2014-05-05
pjp
if (rptr == NULL) {
0435
2014-05-05
pjp
dolog(LOG_INFO, "ratelimiting error\n");
0436
2014-05-05
pjp
slave_shutdown();
0437
2014-05-05
pjp
exit(1);
0438
2014-05-05
pjp
}
0439
2014-05-05
pjp
}
0440
2014-05-05
pjp
0441
2014-05-05
pjp
0442
2005-11-29
pbug
pw = getpwnam(DEFAULT_PRIVILEGE);
0443
2005-11-29
pbug
if (pw == NULL) {
0444
2013-02-16
pjp
dolog(LOG_INFO, "getpwnam: %s\n", strerror(errno));
0445
2011-04-12
pbug
slave_shutdown();
0446
2005-11-29
pbug
exit(1);
0447
2005-11-29
pbug
}
0448
2005-11-29
pbug
0449
2005-11-29
pbug
if (bcount > DEFAULT_SOCKET) {
0450
2013-02-16
pjp
dolog(LOG_INFO, "not enough sockets available\n");
0451
2011-04-12
pbug
slave_shutdown();
0452
2005-11-29
pbug
exit(1);
0453
2005-11-29
pbug
}
0454
2005-11-29
pbug
0455
2005-11-29
pbug
if (bflag) {
0456
2005-11-29
pbug
for (i = 0; i < bcount; i++) {
0457
2005-11-29
pbug
memset(&hints, 0, sizeof(hints));
0458
2005-11-29
pbug
0459
2005-11-29
pbug
if (strchr(bind_list[i], ':') != NULL) {
0460
2005-11-29
pbug
hints.ai_family = AF_INET6;
0461
2005-11-29
pbug
} else {
0462
2005-11-29
pbug
hints.ai_family = AF_INET;
0463
2005-11-29
pbug
}
0464
2005-11-29
pbug
0465
2005-11-29
pbug
hints.ai_socktype = SOCK_DGRAM;
0466
2005-11-29
pbug
hints.ai_protocol = IPPROTO_UDP;
0467
2005-11-29
pbug
hints.ai_flags = AI_NUMERICHOST;
0468
2005-11-29
pbug
0469
2005-11-29
pbug
snprintf(buf, sizeof(buf) - 1, "%u", port);
0470
2005-11-29
pbug
0471
2005-11-29
pbug
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0472
2013-02-16
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0473
2011-04-12
pbug
slave_shutdown();
0474
2005-11-29
pbug
exit (1);
0475
2005-11-29
pbug
}
0476
2005-11-29
pbug
0477
2005-11-29
pbug
res = res0;
0478
2005-11-29
pbug
0479
2005-11-29
pbug
if ((udp[i] = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) {
0480
2013-02-16
pjp
dolog(LOG_INFO, "socket: %s\n", strerror(errno));
0481
2011-04-12
pbug
slave_shutdown();
0482
2005-11-29
pbug
exit(1);
0483
2005-11-29
pbug
}
0484
2005-11-29
pbug
0485
2005-11-29
pbug
if (bind(udp[i], res->ai_addr, res->ai_addrlen) < 0) {
0486
2013-02-16
pjp
dolog(LOG_INFO, "bind: %s\n", strerror(errno));
0487
2011-04-12
pbug
slave_shutdown();
0488
2005-11-29
pbug
exit(1);
0489
2005-11-29
pbug
}
0490
2005-11-29
pbug
0491
2009-08-31
pbug
if (res->ai_family == AF_INET) {
0492
2010-03-28
pbug
#ifdef __NetBSD__
0493
2010-03-28
pbug
if (setsockopt(udp[i], IPPROTO_IP, IP_TTL,
0494
2010-03-28
pbug
&on, sizeof(on)) < 0) {
0495
2010-03-28
pbug
#else
0496
2009-08-31
pbug
if (setsockopt(udp[i], IPPROTO_IP, IP_RECVTTL,
0497
2009-08-31
pbug
&on, sizeof(on)) < 0) {
0498
2010-03-28
pbug
#endif
0499
2013-02-16
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0500
2009-08-31
pbug
}
0501
2012-06-11
pbug
} else if (res->ai_family == AF_INET6) {
0502
2012-06-11
pbug
/* RFC 3542 page 30 */
0503
2012-06-11
pbug
on = 1;
0504
2012-06-11
pbug
if (setsockopt(udp[i], IPPROTO_IPV6,
0505
2012-06-11
pbug
IPV6_RECVHOPLIMIT, &on, sizeof(on)) < 0) {
0506
2013-02-16
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0507
2012-06-11
pbug
}
0508
2009-08-31
pbug
}
0509
2012-06-11
pbug
0510
2005-11-29
pbug
ident[i] = bind_list[i];
0511
2005-11-29
pbug
0512
2010-03-12
pbug
/* tcp below */
0513
2010-03-12
pbug
hints.ai_socktype = SOCK_STREAM;
0514
2010-03-12
pbug
hints.ai_protocol = IPPROTO_TCP;
0515
2010-03-12
pbug
hints.ai_flags = AI_NUMERICHOST;
0516
2010-03-12
pbug
0517
2010-03-12
pbug
snprintf(buf, sizeof(buf) - 1, "%u", port);
0518
2010-03-12
pbug
0519
2010-03-12
pbug
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0520
2013-02-16
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0521
2011-04-12
pbug
slave_shutdown();
0522
2010-03-12
pbug
exit (1);
0523
2010-03-12
pbug
}
0524
2010-03-12
pbug
0525
2010-03-12
pbug
res = res0;
0526
2010-03-12
pbug
0527
2010-03-12
pbug
if ((tcp[i] = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) {
0528
2013-02-16
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0529
2011-04-12
pbug
slave_shutdown();
0530
2010-03-12
pbug
exit(1);
0531
2010-03-12
pbug
}
0532
2010-03-12
pbug
if (setsockopt(tcp[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0533
2013-02-16
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0534
2011-04-12
pbug
slave_shutdown();
0535
2010-03-12
pbug
exit(1);
0536
2010-03-12
pbug
}
0537
2010-03-12
pbug
if (bind(tcp[i], res->ai_addr, res->ai_addrlen) < 0) {
0538
2013-02-16
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0539
2011-04-12
pbug
slave_shutdown();
0540
2010-03-12
pbug
exit(1);
0541
2010-03-12
pbug
}
0542
2010-03-12
pbug
0543
2011-09-19
pbug
if (axfrport) {
0544
2011-09-19
pbug
/* axfr port below */
0545
2011-09-19
pbug
hints.ai_socktype = SOCK_STREAM;
0546
2011-09-19
pbug
hints.ai_protocol = IPPROTO_TCP;
0547
2011-09-19
pbug
hints.ai_flags = AI_NUMERICHOST;
0548
2011-09-19
pbug
0549
2011-09-19
pbug
snprintf(buf, sizeof(buf) - 1, "%u", axfrport);
0550
2011-09-19
pbug
0551
2011-09-19
pbug
if ((gai_error = getaddrinfo(bind_list[i], buf, &hints, &res0)) != 0) {
0552
2013-02-16
pjp
dolog(LOG_INFO, "getaddrinfo: %s\n", gai_strerror(gai_error));
0553
2011-09-19
pbug
slave_shutdown();
0554
2011-09-19
pbug
exit (1);
0555
2011-09-19
pbug
}
0556
2011-09-19
pbug
0557
2011-09-19
pbug
res = res0;
0558
2011-09-19
pbug
0559
2011-09-19
pbug
if ((afd[i] = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) {
0560
2013-02-16
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0561
2011-09-19
pbug
slave_shutdown();
0562
2011-09-19
pbug
exit(1);
0563
2011-09-19
pbug
}
0564
2011-09-19
pbug
if (setsockopt(afd[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0565
2013-02-16
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0566
2011-09-19
pbug
slave_shutdown();
0567
2011-09-19
pbug
exit(1);
0568
2011-09-19
pbug
}
0569
2011-09-19
pbug
if (bind(afd[i], res->ai_addr, res->ai_addrlen) < 0) {
0570
2013-02-16
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0571
2011-09-19
pbug
slave_shutdown();
0572
2011-09-19
pbug
exit(1);
0573
2011-09-19
pbug
}
0574
2011-09-19
pbug
0575
2014-04-16
pjp
if ((uafd[i] = socket(res->ai_family, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
0576
2013-02-16
pjp
dolog(LOG_INFO, "axfr udp socket: %s\n", strerror(errno));
0577
2011-09-19
pbug
slave_shutdown();
0578
2011-09-19
pbug
exit(1);
0579
2011-09-19
pbug
}
0580
2011-09-19
pbug
if (bind(uafd[i], res->ai_addr, res->ai_addrlen) < 0) {
0581
2013-02-16
pjp
dolog(LOG_INFO, "axfr udp socket bind: %s\n", strerror(errno));
0582
2011-09-19
pbug
slave_shutdown();
0583
2011-09-19
pbug
exit(1);
0584
2011-09-19
pbug
}
0585
2011-09-19
pbug
} /* axfrport */
0586
2011-09-19
pbug
0587
2010-03-12
pbug
} /* for .. bcount */
0588
2010-03-12
pbug
0589
2005-11-29
pbug
} else {
0590
2005-11-29
pbug
if (getifaddrs(&ifap) < 0) {
0591
2013-02-16
pjp
dolog(LOG_INFO, "getifaddrs\n");
0592
2011-04-12
pbug
slave_shutdown();
0593
2005-11-29
pbug
exit(1);
0594
2005-11-29
pbug
}
0595
2005-11-29
pbug
0596
2005-11-29
pbug
for (pifap = ifap, i = 0; i < DEFAULT_SOCKET && pifap; pifap = pifap->ifa_next, i++) {
0597
2005-11-29
pbug
0598
2005-11-29
pbug
found = 0;
0599
2005-11-29
pbug
0600
2005-11-29
pbug
/* we want only one interface not the rest */
0601
2005-11-29
pbug
if (icount > 0) {
0602
2005-11-29
pbug
for (j = 0; j < icount; j++) {
0603
2005-11-29
pbug
if (strcmp(pifap->ifa_name, interface_list[j]) == 0) {
0604
2005-11-29
pbug
found = 1;
0605
2005-11-29
pbug
}
0606
2005-11-29
pbug
}
0607
2005-11-29
pbug
0608
2005-11-29
pbug
if (! found) {
0609
2005-11-29
pbug
i--;
0610
2005-11-29
pbug
continue;
0611
2005-11-29
pbug
}
0612
2005-11-29
pbug
0613
2005-11-29
pbug
}
0614
2005-11-29
pbug
if ((pifap->ifa_flags & IFF_UP) != IFF_UP) {
0615
2013-02-16
pjp
dolog(LOG_INFO, "skipping interface %s\n", pifap->ifa_name);
0616
2005-11-29
pbug
i--;
0617
2005-11-29
pbug
continue;
0618
2005-11-29
pbug
}
0619
2005-11-29
pbug
0620
2005-11-29
pbug
if (pifap->ifa_addr->sa_family == AF_INET) {
0621
2005-11-29
pbug
sin = (struct sockaddr_in *)pifap->ifa_addr;
0622
2005-11-29
pbug
sin->sin_port = htons(port);
0623
2005-11-29
pbug
salen = sizeof(struct sockaddr_in);
0624
2005-11-29
pbug
/* no address bound to this interface */
0625
2005-11-29
pbug
if (sin->sin_addr.s_addr == INADDR_ANY) {
0626
2005-11-29
pbug
i--;
0627
2005-11-29
pbug
continue;
0628
2005-11-29
pbug
}
0629
2005-11-29
pbug
} else if (pifap->ifa_addr->sa_family == AF_INET6) {
0630
2005-11-29
pbug
sin6 = (struct sockaddr_in6 *)pifap->ifa_addr;
0631
2010-03-09
pbug
sin6->sin6_port = htons(port);
0632
2005-11-29
pbug
/* no address bound to this interface */
0633
2005-11-29
pbug
salen = sizeof(struct sockaddr_in6);
0634
2010-04-15
pbug
0635
2005-11-29
pbug
} else {
0636
2013-02-16
pjp
dolog(LOG_DEBUG, "unknown address family %d\n", pifap->ifa_addr->sa_family);
0637
2005-11-29
pbug
i--;
0638
2005-11-29
pbug
continue;
0639
2005-11-29
pbug
}
0640
2005-11-29
pbug
0641
2005-11-29
pbug
0642
2005-11-29
pbug
if ((udp[i] = socket(pifap->ifa_addr->sa_family, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
0643
2013-02-16
pjp
dolog(LOG_INFO, "socket: %s\n", strerror(errno));
0644
2011-04-12
pbug
slave_shutdown();
0645
2005-11-29
pbug
exit(1);
0646
2005-11-29
pbug
}
0647
2005-11-29
pbug
0648
2005-11-29
pbug
if (bind(udp[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0649
2013-02-16
pjp
dolog(LOG_INFO, "bind: %s\n", strerror(errno));
0650
2011-04-12
pbug
slave_shutdown();
0651
2005-11-29
pbug
exit(1);
0652
2005-11-29
pbug
}
0653
2005-11-29
pbug
0654
2009-08-31
pbug
if (pifap->ifa_addr->sa_family == AF_INET) {
0655
2010-03-28
pbug
#ifdef __NetBSD__
0656
2010-03-28
pbug
if (setsockopt(udp[i], IPPROTO_IP, IP_TTL,
0657
2010-03-28
pbug
&on, sizeof(on)) < 0) {
0658
2010-03-28
pbug
#else
0659
2009-08-31
pbug
if (setsockopt(udp[i], IPPROTO_IP, IP_RECVTTL,
0660
2009-08-31
pbug
&on, sizeof(on)) < 0) {
0661
2010-03-28
pbug
#endif
0662
2013-02-16
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0663
2009-08-31
pbug
}
0664
2012-06-11
pbug
} else if (pifap->ifa_addr->sa_family == AF_INET6) {
0665
2012-06-11
pbug
/* RFC 3542 page 30 */
0666
2012-06-11
pbug
on = 1;
0667
2012-06-11
pbug
if (setsockopt(udp[i], IPPROTO_IPV6,
0668
2012-06-11
pbug
IPV6_RECVHOPLIMIT, &on, sizeof(on)) < 0) {
0669
2013-02-16
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0670
2012-06-11
pbug
}
0671
2009-08-31
pbug
}
0672
2009-08-31
pbug
0673
2012-06-11
pbug
0674
2008-04-10
pbug
ident[i] = pifap->ifa_name;
0675
2005-11-29
pbug
0676
2010-03-12
pbug
if ((tcp[i] = socket(pifap->ifa_addr->sa_family, SOCK_STREAM, IPPROTO_TCP)) < 0) {
0677
2013-02-16
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0678
2011-04-12
pbug
slave_shutdown();
0679
2010-03-12
pbug
exit(1);
0680
2010-03-12
pbug
}
0681
2010-03-12
pbug
if (setsockopt(tcp[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0682
2013-02-16
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0683
2011-04-12
pbug
slave_shutdown();
0684
2010-03-12
pbug
exit(1);
0685
2010-03-12
pbug
}
0686
2010-03-12
pbug
0687
2010-03-12
pbug
if (bind(tcp[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0688
2013-02-16
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0689
2011-04-12
pbug
slave_shutdown();
0690
2010-03-12
pbug
exit(1);
0691
2011-04-12
pbug
}
0692
2005-11-29
pbug
0693
2011-09-19
pbug
0694
2011-09-19
pbug
/* axfr socket */
0695
2011-09-19
pbug
if (axfrport) {
0696
2011-09-19
pbug
if ((afd[i] = socket(pifap->ifa_addr->sa_family, SOCK_STREAM, IPPROTO_TCP)) < 0) {
0697
2013-02-16
pjp
dolog(LOG_INFO, "tcp socket: %s\n", strerror(errno));
0698
2011-09-19
pbug
slave_shutdown();
0699
2011-09-19
pbug
exit(1);
0700
2011-09-19
pbug
}
0701
2011-09-19
pbug
if (setsockopt(afd[i], SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
0702
2013-02-16
pjp
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
0703
2011-09-19
pbug
slave_shutdown();
0704
2011-09-19
pbug
exit(1);
0705
2011-09-19
pbug
}
0706
2011-09-19
pbug
0707
2011-09-19
pbug
((struct sockaddr_in *)pifap->ifa_addr)->sin_port = htons(axfrport);
0708
2011-09-19
pbug
0709
2011-09-19
pbug
if (bind(afd[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0710
2013-02-16
pjp
dolog(LOG_INFO, "tcp bind: %s\n", strerror(errno));
0711
2011-09-19
pbug
slave_shutdown();
0712
2011-09-19
pbug
exit(1);
0713
2011-09-19
pbug
}
0714
2011-09-19
pbug
if ((uafd[i] = socket(pifap->ifa_addr->sa_family, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
0715
2013-02-16
pjp
dolog(LOG_INFO, "axfr udp socket: %s\n", strerror(errno));
0716
2011-09-19
pbug
slave_shutdown();
0717
2011-09-19
pbug
exit(1);
0718
2011-09-19
pbug
}
0719
2011-09-19
pbug
if (bind(uafd[i], (struct sockaddr *)pifap->ifa_addr, salen) < 0) {
0720
2013-02-16
pjp
dolog(LOG_INFO, "udp axfr bind: %s\n", strerror(errno));
0721
2011-09-19
pbug
slave_shutdown();
0722
2011-09-19
pbug
exit(1);
0723
2011-09-19
pbug
}
0724
2011-09-19
pbug
} /* axfrport */
0725
2011-09-19
pbug
0726
2010-04-15
pbug
} /* AF_INET */
0727
2010-04-15
pbug
0728
2008-04-10
pbug
if (i >= DEFAULT_SOCKET) {
0729
2013-02-16
pjp
dolog(LOG_INFO, "not enough sockets available\n");
0730
2011-04-12
pbug
slave_shutdown();
0731
2008-04-10
pbug
exit(1);
0732
2008-04-10
pbug
}
0733
2011-06-28
pbug
} /* if bflag? */
0734
2005-11-29
pbug
0735
2010-04-15
pbug
if (rflag == 1) {
0736
2010-04-15
pbug
if ((raw[0] = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
0737
2013-02-16
pjp
dolog(LOG_INFO, "raw socket: %s\n", strerror(errno));
0738
2011-04-12
pbug
slave_shutdown();
0739
2010-04-15
pbug
exit(1);
0740
2010-04-15
pbug
}
0741
2010-04-15
pbug
0742
2010-04-15
pbug
if (setsockopt(raw[0], IPPROTO_IP, IP_HDRINCL, &on, sizeof(on)) < 0) {
0743
2013-02-16
pjp
dolog(LOG_INFO, "raw setsockopt: %s\n", strerror(errno));
0744
2011-04-12
pbug
slave_shutdown();
0745
2010-04-15
pbug
exit(1);
0746
2010-04-15
pbug
}
0747
2010-04-15
pbug
0748
2010-09-30
pbug
if ((raw[1] = socket(AF_INET6, SOCK_RAW, IPPROTO_UDP)) < 0) {
0749
2013-02-16
pjp
dolog(LOG_INFO, "raw socket[1]: %s\n", strerror(errno));
0750
2011-04-12
pbug
slave_shutdown();
0751
2010-04-15
pbug
exit(1);
0752
2010-04-15
pbug
}
0753
2010-04-15
pbug
0754
2010-04-15
pbug
} /* rflag */
0755
2011-06-28
pbug
0756
2011-06-28
pbug
0757
2011-06-28
pbug
/* if we are binding a log socket do it now */
0758
2011-06-28
pbug
if (logging.bind == 1 || logging.active == 1) {
0759
2011-06-28
pbug
switch (logging.loghost2.ss_family) {
0760
2011-06-28
pbug
case AF_INET:
0761
2011-06-28
pbug
lfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
0762
2011-06-28
pbug
if (lfd < 0) {
0763
2013-02-16
pjp
dolog(LOG_INFO, "logging socket: %s\n", strerror(errno));
0764
2011-06-28
pbug
slave_shutdown();
0765
2011-06-28
pbug
exit(1);
0766
2011-06-28
pbug
}
0767
2011-06-28
pbug
sin = (struct sockaddr_in *)&logging.loghost2;
0768
2011-06-28
pbug
sin->sin_port = htons(logging.logport2);
0769
2011-06-28
pbug
break;
0770
2011-06-28
pbug
case AF_INET6:
0771
2011-06-28
pbug
lfd = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
0772
2011-06-28
pbug
if (lfd < 0) {
0773
2013-02-16
pjp
dolog(LOG_INFO, "logging socket: %s\n", strerror(errno));
0774
2011-06-28
pbug
slave_shutdown();
0775
2011-06-28
pbug
exit(1);
0776
2011-06-28
pbug
}
0777
2011-06-28
pbug
sin6 = (struct sockaddr_in6 *)&logging.loghost2;
0778
2011-06-28
pbug
sin6->sin6_port = htons(logging.logport2);
0779
2011-06-28
pbug
break;
0780
2011-06-28
pbug
}
0781
2011-06-28
pbug
0782
2011-06-28
pbug
if (logging.bind == 1) {
0783
2011-06-28
pbug
if (bind(lfd, (struct sockaddr *)&logging.loghost2,
0784
2011-06-28
pbug
((logging.loghost2.ss_family == AF_INET6) ?
0785
2011-06-28
pbug
sizeof(struct sockaddr_in6) :
0786
2011-06-28
pbug
sizeof(struct sockaddr_in))
0787
2011-06-28
pbug
) < 0) {
0788
2013-02-16
pjp
dolog(LOG_INFO, "binding log socket: %s\n", strerror(errno));
0789
2011-06-28
pbug
slave_shutdown();
0790
2011-06-28
pbug
exit(1);
0791
2011-06-28
pbug
}
0792
2011-06-28
pbug
0793
2011-06-28
pbug
#ifndef __linux__
0794
2011-06-28
pbug
if (shutdown(lfd, SHUT_WR) < 0) {
0795
2013-02-16
pjp
dolog(LOG_INFO, "shutdown log socket: %s\n", strerror(errno));
0796
2011-06-28
pbug
slave_shutdown();
0797
2011-06-28
pbug
exit(1);
0798
2011-06-28
pbug
}
0799
2011-06-28
pbug
#endif
0800
2011-06-28
pbug
0801
2011-06-28
pbug
} else {
0802
2011-06-28
pbug
if (connect(lfd, (struct sockaddr *)&logging.loghost2,
0803
2011-06-28
pbug
((logging.loghost2.ss_family == AF_INET6) ?
0804
2011-06-28
pbug
sizeof(struct sockaddr_in6) :
0805
2011-06-28
pbug
sizeof(struct sockaddr_in))) < 0) {
0806
2013-02-16
pjp
dolog(LOG_INFO, "connecting log socket: %s\n", strerror(errno));
0807
2011-06-28
pbug
slave_shutdown();
0808
2011-06-28
pbug
exit(1);
0809
2011-06-28
pbug
}
0810
2011-06-28
pbug
0811
2011-06-28
pbug
if (shutdown(lfd, SHUT_RD) < 0) {
0812
2013-02-16
pjp
dolog(LOG_INFO, "shutdown log socket: %s\n", strerror(errno));
0813
2011-06-28
pbug
slave_shutdown();
0814
2011-06-28
pbug
exit(1);
0815
2011-06-28
pbug
}
0816
2011-06-28
pbug
0817
2011-06-28
pbug
} /* if logging.bind */
0818
2011-06-28
pbug
0819
2011-06-28
pbug
} /* if logging.bind */
0820
2011-06-28
pbug
0821
2009-02-26
pbug
/* chroot to the drop priv user home directory */
0822
2009-02-26
pbug
if (chroot(pw->pw_dir) < 0) {
0823
2013-02-16
pjp
dolog(LOG_INFO, "chroot: %s\n", strerror(errno));
0824
2011-04-12
pbug
slave_shutdown();
0825
2009-02-26
pbug
exit(1);
0826
2009-02-26
pbug
}
0827
2009-02-26
pbug
0828
2009-04-07
pbug
if (chdir("/") < 0) {
0829
2013-02-16
pjp
dolog(LOG_INFO, "chdir: %s\n", strerror(errno));
0830
2011-04-12
pbug
slave_shutdown();
0831
2009-04-07
pbug
exit(1);
0832
2009-04-07
pbug
}
0833
2009-04-07
pbug
0834
2009-02-26
pbug
/*
0835
2011-04-12
pbug
* add signals
0836
2010-03-22
pbug
*/
0837
2010-03-22
pbug
0838
2010-03-22
pbug
signal(SIGPIPE, SIG_IGN);
0839
2010-03-22
pbug
0840
2011-04-12
pbug
signal(SIGTERM, slave_signal);
0841
2011-04-12
pbug
signal(SIGINT, slave_signal);
0842
2011-04-12
pbug
signal(SIGQUIT, slave_signal);
0843
2011-04-12
pbug
0844
2010-03-22
pbug
/*
0845
2009-02-26
pbug
* I open the log again after the chroot just in case I can't
0846
2009-02-26
pbug
* reach the old /dev/log anymore.
0847
2009-02-26
pbug
*/
0848
2009-02-26
pbug
0849
2009-03-01
pbug
closelog();
0850
2009-02-26
pbug
openlog(__progname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
0851
2009-02-26
pbug
0852
2008-04-10
pbug
/* set groups */
0853
2005-11-29
pbug
0854
2008-04-10
pbug
if (setgroups(1, &pw->pw_gid) < 0) {
0855
2013-02-16
pjp
dolog(LOG_INFO, "setgroups: %s\n", strerror(errno));
0856
2011-04-12
pbug
slave_shutdown();
0857
2008-04-10
pbug
exit(1);
0858
2008-04-10
pbug
}
0859
2005-11-29
pbug
0860
2011-09-19
pbug
#if defined __OpenBSD__ || defined __FreeBSD__
0861
2008-04-10
pbug
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0) {
0862
2013-02-16
pjp
dolog(LOG_INFO, "setresgid: %s\n", strerror(errno));
0863
2011-04-12
pbug
slave_shutdown();
0864
2008-04-10
pbug
exit(1);
0865
2008-04-10
pbug
}
0866
2005-11-29
pbug
0867
2008-04-10
pbug
if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0) {
0868
2013-02-16
pjp
dolog(LOG_INFO, "setresuid: %s\n", strerror(errno));
0869
2011-04-12
pbug
slave_shutdown();
0870
2008-04-10
pbug
exit(1);
0871
2008-04-10
pbug
}
0872
2005-11-29
pbug
0873
2008-04-10
pbug
#else
0874
2008-04-10
pbug
if (setgid(pw->pw_gid) < 0) {
0875
2013-02-16
pjp
dolog(LOG_INFO, "setgid: %s\n", strerror(errno));
0876
2011-04-12
pbug
slave_shutdown();
0877
2008-04-10
pbug
exit(1);
0878
2008-04-10
pbug
}
0879
2008-04-10
pbug
if (setuid(pw->pw_uid) < 0) {
0880
2013-02-16
pjp
dolog(LOG_INFO, "setuid: %s\n", strerror(errno));
0881
2011-04-12
pbug
slave_shutdown();
0882
2008-04-10
pbug
exit(1);
0883
2008-04-10
pbug
}
0884
2008-04-10
pbug
#endif
0885
2005-11-29
pbug
0886
2011-09-19
pbug
/*
0887
2011-09-19
pbug
* start our axfr process
0888
2011-09-19
pbug
*/
0889
2011-09-19
pbug
0890
2011-09-19
pbug
if (axfrport) {
0891
2011-09-19
pbug
switch (pid = fork()) {
0892
2011-09-19
pbug
case 0:
0893
2011-09-19
pbug
/* close descriptors that we don't need */
0894
2011-09-19
pbug
for (j = 0; j < i; j++) {
0895
2011-09-19
pbug
close(tcp[j]);
0896
2011-09-19
pbug
close(udp[j]);
0897
2011-09-22
pbug
close(uafd[j]);
0898
2011-09-19
pbug
}
0899
2011-09-19
pbug
0900
2011-09-22
pbug
if (rflag) {
0901
2011-09-22
pbug
close(raw[0]);
0902
2011-09-22
pbug
close(raw[1]);
0903
2011-09-22
pbug
}
0904
2011-09-22
pbug
0905
2013-02-16
pjp
#if !defined __linux__ && !defined __APPLE__
0906
2011-09-19
pbug
setproctitle("AXFR engine on port %d", axfrport);
0907
2011-09-19
pbug
#endif
0908
2011-09-19
pbug
0909
2011-09-19
pbug
axfrloop(afd, i, ident, db);
0910
2011-09-19
pbug
/* NOTREACHED */
0911
2011-09-19
pbug
exit(1);
0912
2011-09-19
pbug
default:
0913
2011-09-19
pbug
/* close afd descriptors, they aren't needed here */
0914
2011-09-19
pbug
for (j = 0; j < i; j++) {
0915
2011-09-22
pbug
close(afd[j]);
0916
2011-09-19
pbug
}
0917
2011-09-19
pbug
0918
2011-09-19
pbug
break;
0919
2011-09-19
pbug
}
0920
2011-09-19
pbug
0921
2011-09-19
pbug
} /* axfrport */
0922
2011-09-19
pbug
0923
2011-09-19
pbug
/* what follows is a bit mangled code, we set up nflag + 1 amount of
0924
2011-09-19
pbug
* server instances (1 per cpu?) and if we're recursive we also set up
0925
2011-09-19
pbug
* the same amount of recursive instances all connected through a
0926
2011-09-19
pbug
* socketpair() so that it looks somewhat like this (with 4 instances):
0927
2011-09-19
pbug
*
0928
2011-09-19
pbug
* replies <--- [] ---- [] recursive end
0929
2011-09-19
pbug
* |
0930
2011-09-19
pbug
* replies <--- [] ---- []
0931
2011-09-19
pbug
* request * ---> |
0932
2011-09-19
pbug
* replies <--- [] ---- []
0933
2011-09-19
pbug
* |
0934
2011-09-19
pbug
* replies <--- [] ---- []
0935
2011-09-19
pbug
*
0936
2011-09-19
pbug
*/
0937
2011-09-19
pbug
0938
2011-09-19
pbug
for (n = 0; n < nflag; n++) {
0939
2011-09-19
pbug
switch (pid = fork()) {
0940
2011-09-19
pbug
case 0:
0941
2011-09-19
pbug
if (rflag) {
0942
2011-09-19
pbug
/*
0943
2011-09-19
pbug
* set up socket pair
0944
2011-09-19
pbug
*/
0945
2011-09-19
pbug
0946
2011-09-19
pbug
if (socketpair(AF_UNIX, SOCK_DGRAM, 0, (int *)&sp) < 0) {
0947
2013-02-16
pjp
dolog(LOG_INFO, "socketpair: %s\n", strerror(errno));
0948
2011-09-19
pbug
slave_shutdown();
0949
2011-09-19
pbug
exit(1);
0950
2011-09-19
pbug
}
0951
2011-09-19
pbug
0952
2011-09-19
pbug
switch (pid = fork()) {
0953
2011-09-19
pbug
case -1:
0954
2013-02-16
pjp
dolog(LOG_INFO, "fork: %s\n", strerror(errno));
0955
2011-09-19
pbug
slave_shutdown();
0956
2011-09-19
pbug
exit(1);
0957
2011-09-19
pbug
0958
2011-09-19
pbug
case 0:
0959
2011-09-19
pbug
for (j = 0; j < i; j++) {
0960
2011-09-19
pbug
close(tcp[j]);
0961
2011-09-19
pbug
close(udp[j]);
0962
2011-09-19
pbug
}
0963
2011-09-19
pbug
close (sp[1]);
0964
2011-09-19
pbug
0965
2011-09-19
pbug
recurseloop(sp[0], (int *)&raw, db);
0966
2011-09-19
pbug
/* NOTREACHED */
0967
2011-09-19
pbug
break;
0968
2011-09-19
pbug
0969
2011-09-19
pbug
default:
0970
2011-09-19
pbug
close(raw[0]);
0971
2011-09-19
pbug
close(raw[1]);
0972
2011-09-19
pbug
close (sp[0]);
0973
2011-09-19
pbug
break;
0974
2011-09-19
pbug
} /* switch */
0975
2011-09-19
pbug
} /* rflag */
0976
2011-09-19
pbug
0977
2011-09-19
pbug
0978
2011-09-19
pbug
cfg->sockcount = i;
0979
2011-09-19
pbug
cfg->db = db;
0980
2011-09-19
pbug
for (i = 0; i < cfg->sockcount; i++) {
0981
2011-09-19
pbug
cfg->udp[i] = udp[i];
0982
2011-09-19
pbug
cfg->tcp[i] = tcp[i];
0983
2011-09-19
pbug
0984
2011-09-19
pbug
if (axfrport)
0985
2011-09-19
pbug
cfg->axfr[i] = uafd[i];
0986
2011-09-19
pbug
0987
2011-09-19
pbug
cfg->ident[i] = strdup(ident[i]);
0988
2011-09-19
pbug
}
0989
2011-09-19
pbug
cfg->recurse = (rflag ? sp[1] : -1);
0990
2011-09-19
pbug
cfg->log = lfd;
0991
2011-09-19
pbug
0992
2011-09-19
pbug
0993
2011-09-19
pbug
(void)mainloop(cfg);
0994
2011-09-19
pbug
0995
2011-09-19
pbug
/* NOTREACHED */
0996
2011-09-19
pbug
default:
0997
2011-09-19
pbug
break;
0998
2011-09-19
pbug
} /* switch pid= fork */
0999
2011-09-19
pbug
} /* for (.. nflag */
1000
2011-09-19
pbug
1001
2010-04-15
pbug
if (rflag) {
1002
2010-04-15
pbug
/*
1003
2010-04-15
pbug
* set up socket pair
1004
2010-04-15
pbug
*/
1005
2010-04-15
pbug
1006
2010-04-15
pbug
if (socketpair(AF_UNIX, SOCK_DGRAM, 0, (int *)&sp) < 0) {
1007
2013-02-16
pjp
dolog(LOG_INFO, "socketpair: %s\n", strerror(errno));
1008
2011-04-12
pbug
slave_shutdown();
1009
2010-04-15
pbug
exit(1);
1010
2010-04-15
pbug
}
1011
2010-04-15
pbug
1012
2010-04-15
pbug
switch (pid = fork()) {
1013
2010-04-15
pbug
case -1:
1014
2013-02-16
pjp
dolog(LOG_INFO, "fork: %s\n", strerror(errno));
1015
2011-04-12
pbug
slave_shutdown();
1016
2010-04-15
pbug
exit(1);
1017
2010-04-15
pbug
1018
2010-04-15
pbug
case 0:
1019
2010-04-15
pbug
for (j = 0; j < i; j++) {
1020
2010-04-15
pbug
close(tcp[j]);
1021
2010-04-15
pbug
close(udp[j]);
1022
2011-09-22
pbug
close(uafd[j]);
1023
2010-04-15
pbug
}
1024
2010-04-15
pbug
close (sp[1]);
1025
2010-04-15
pbug
1026
2010-04-15
pbug
recurseloop(sp[0], (int *)&raw, db);
1027
2010-04-15
pbug
/* NOTREACHED */
1028
2010-04-15
pbug
break;
1029
2010-04-15
pbug
1030
2010-04-15
pbug
default:
1031
2010-04-15
pbug
close(raw[0]);
1032
2010-04-15
pbug
close(raw[1]);
1033
2010-04-15
pbug
close (sp[0]);
1034
2010-04-15
pbug
break;
1035
2010-04-15
pbug
} /* switch */
1036
2011-09-19
pbug
1037
2011-09-19
pbug
} /* rflag */
1038
2010-04-15
pbug
1039
2011-06-28
pbug
1040
2011-06-28
pbug
cfg->sockcount = i;
1041
2011-06-28
pbug
cfg->db = db;
1042
2011-06-28
pbug
for (i = 0; i < cfg->sockcount; i++) {
1043
2011-06-28
pbug
cfg->udp[i] = udp[i];
1044
2011-06-28
pbug
cfg->tcp[i] = tcp[i];
1045
2011-09-19
pbug
1046
2011-09-19
pbug
if (axfrport)
1047
2011-09-19
pbug
cfg->axfr[i] = uafd[i];
1048
2011-09-19
pbug
1049
2011-06-28
pbug
cfg->ident[i] = strdup(ident[i]);
1050
2011-06-28
pbug
}
1051
2011-06-28
pbug
cfg->recurse = (rflag ? sp[1] : -1);
1052
2011-06-28
pbug
cfg->log = lfd;
1053
2011-06-28
pbug
1054
2011-09-19
pbug
1055
2011-06-28
pbug
(void)mainloop(cfg);
1056
2011-06-28
pbug
1057
2005-11-29
pbug
/* NOTREACHED */
1058
2010-05-29
pbug
return (0);
1059
2005-11-29
pbug
}
1060
2005-11-29
pbug
1061
2010-03-14
pbug
1062
2005-11-29
pbug
/*
1063
2005-11-29
pbug
* BUILD_QUESTION - fill the question structure with the DNS query.
1064
2005-11-29
pbug
*/
1065
2005-11-29
pbug
1066
2005-11-29
pbug
struct question *
1067
2014-05-10
pjp
build_question(char *buf, int len, int additional)
1068
2005-11-29
pbug
{
1069
2005-11-29
pbug
u_int i;
1070
2005-11-29
pbug
u_int namelen = 0;
1071
2008-07-10
pbug
u_int16_t *qtype, *qclass;
1072
2005-11-29
pbug
int num_label;
1073
2008-07-10
pbug
1074
2005-11-29
pbug
char *p, *end_name = NULL;
1075
2005-11-29
pbug
1076
2014-05-09
pjp
struct dns_optrr *opt = NULL;
1077
2014-05-09
pjp
struct question *q = NULL;
1078
2005-11-29
pbug
1079
2005-11-29
pbug
/* find the end of name */
1080
2005-11-29
pbug
for (i = sizeof(struct dns_header); i < len; i++) {
1081
2008-04-10
pbug
/* XXX */
1082
2008-04-10
pbug
if (buf[i] == 0) {
1083
2005-11-29
pbug
end_name = &buf[i];
1084
2005-11-29
pbug
break;
1085
2005-11-29
pbug
}
1086
2005-11-29
pbug
}
1087
2005-11-29
pbug
1088
2009-02-17
pbug
/*
1089
2009-02-17
pbug
* implies i >= len , because end_name still points to NULL and not
1090
2009-02-17
pbug
* &buf[i]
1091
2009-02-17
pbug
*/
1092
2009-02-17
pbug
1093
2005-11-29
pbug
if (end_name == NULL) {
1094
2013-02-16
pjp
dolog(LOG_INFO, "query name is not null terminated\n");
1095
2005-11-29
pbug
return NULL;
1096
2005-11-29
pbug
}
1097
2005-11-29
pbug
1098
2005-11-29
pbug
/* parse the size of the name */
1099
2005-11-29
pbug
for (i = sizeof(struct dns_header), num_label = 0; i < len && &buf[i] < end_name;) {
1100
2005-11-29
pbug
u_int labellen;
1101
2005-11-29
pbug
1102
2005-11-29
pbug
++num_label;
1103
2005-11-29
pbug
1104
2005-11-29
pbug
labellen = (u_int)buf[i];
1105
2005-11-29
pbug
1106
2005-11-29
pbug
/*
1107
2005-11-29
pbug
* do some checks on the label, if it's 0 or over 63 it's
1108
2005-11-29
pbug
* illegal, also if it reaches beyond the entire name it's
1109
2005-11-29
pbug
* also illegal.
1110
2005-11-29
pbug
*/
1111
2005-11-29
pbug
if (labellen == 0) {
1112
2013-02-16
pjp
dolog(LOG_INFO, "illegal label len (0)\n");
1113
2005-11-29
pbug
return NULL;
1114
2005-11-29
pbug
}
1115
2005-11-29
pbug
if (labellen > DNS_MAXLABEL) {
1116
2013-02-16
pjp
dolog(LOG_INFO, "illegal label len (> 63)\n");
1117
2005-11-29
pbug
return NULL;
1118
2005-11-29
pbug
}
1119
2005-11-29
pbug
if (labellen > (end_name - &buf[i])) {
1120
2013-02-16
pjp
dolog(LOG_INFO, "label len extends beyond name\n");
1121
2005-11-29
pbug
return NULL;
1122
2005-11-29
pbug
}
1123
2005-11-29
pbug
1124
2005-11-29
pbug
i += (labellen + 1);
1125
2005-11-29
pbug
namelen += labellen;
1126
2005-11-29
pbug
}
1127
2005-11-29
pbug
1128
2005-11-29
pbug
if (&buf[i] != end_name || i >= len) {
1129
2013-02-16
pjp
dolog(LOG_INFO, "query name is maliciously malformed\n");
1130
2005-11-29
pbug
return NULL;
1131
2005-11-29
pbug
}
1132
2005-11-29
pbug
1133
2005-11-29
pbug
if (i > DNS_MAXNAME) {
1134
2013-02-16
pjp
dolog(LOG_INFO, "query name is too long (%u)\n", i);
1135
2005-11-29
pbug
return NULL;
1136
2005-11-29
pbug
}
1137
2005-11-29
pbug
1138
2005-11-29
pbug
1139
2005-11-29
pbug
/* check if there is space for qtype and qclass */
1140
2005-11-29
pbug
if (len < ((end_name - &buf[0]) + (2 * sizeof(u_int16_t)))) {
1141
2013-02-16
pjp
dolog(LOG_INFO, "question rr is truncated\n");
1142
2005-11-29
pbug
return NULL;
1143
2005-11-29
pbug
}
1144
2005-11-29
pbug
1145
2005-11-29
pbug
1146
2005-11-29
pbug
q = (void *)calloc(1, sizeof(struct question));
1147
2005-11-29
pbug
if (q == NULL) {
1148
2013-02-16
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
1149
2005-11-29
pbug
return NULL;
1150
2005-11-29
pbug
}
1151
2005-11-29
pbug
q->hdr = (void *)calloc(1, sizeof(struct dns_question_hdr));
1152
2005-11-29
pbug
if (q->hdr == NULL) {
1153
2013-02-16
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
1154
2005-11-29
pbug
free(q);
1155
2005-11-29
pbug
return NULL;
1156
2005-11-29
pbug
}
1157
2005-11-29
pbug
q->hdr->namelen = (end_name - &buf[sizeof(struct dns_header)]) + 1; /* XXX */
1158
2005-11-29
pbug
q->hdr->name = (void *) calloc(1, q->hdr->namelen);
1159
2005-11-29
pbug
if (q->hdr->name == NULL) {
1160
2013-02-16
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
1161
2005-11-29
pbug
free(q->hdr);
1162
2005-11-29
pbug
free(q);
1163
2005-11-29
pbug
return NULL;
1164
2005-11-29
pbug
}
1165
2005-11-29
pbug
q->converted_name = (void *)calloc(1, namelen + num_label + 2);
1166
2005-11-29
pbug
if (q->converted_name == NULL) {
1167
2013-02-16
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
1168
2005-11-29
pbug
free(q->hdr->name);
1169
2005-11-29
pbug
free(q->hdr);
1170
2005-11-29
pbug
free(q);
1171
2005-11-29
pbug
return NULL;
1172
2005-11-29
pbug
}
1173
2005-11-29
pbug
1174
2005-11-29
pbug
p = q->converted_name;
1175
2005-11-29
pbug
1176
2005-11-29
pbug
/*
1177
2005-11-29
pbug
* parse the name again this time filling the labels
1178
2005-11-29
pbug
* XXX this is expensive going over the buffer twice
1179
2005-11-29
pbug
*/
1180
2005-11-29
pbug
for (i = sizeof(struct dns_header); i < len && &buf[i] < end_name;) {
1181
2005-11-29
pbug
u_int labelend;
1182
2005-11-29
pbug
1183
2014-05-09
pjp
1184
2014-05-09
pjp
/* check for compression */
1185
2014-05-09
pjp
if ((buf[i] & 0xc0) == 0xc0) {
1186
2014-05-09
pjp
dolog(LOG_INFO, "question has compressed name, drop\n");
1187
2014-05-09
pjp
free_question(q);
1188
2014-05-09
pjp
return NULL; /* XXX should say error */
1189
2014-05-09
pjp
}
1190
2014-05-09
pjp
1191
2005-11-29
pbug
labelend = (u_int)buf[i] + 1 + i; /* i = offset, plus contents of buf[i], + 1 */
1192
2005-11-29
pbug
1193
2009-02-17
pbug
/*
1194
2009-02-17
pbug
* i is reused here to count every character, this is not
1195
2009-02-17
pbug
* a bug!
1196
2009-02-17
pbug
*/
1197
2009-02-17
pbug
1198
2005-11-29
pbug
for (i++; i < labelend; i++) {
1199
2008-04-10
pbug
int c0;
1200
2008-04-10
pbug
1201
2008-04-10
pbug
c0 = buf[i];
1202
2008-04-10
pbug
*p++ = tolower(c0);
1203
2005-11-29
pbug
}
1204
2005-11-29
pbug
1205
2005-11-29
pbug
*p++ = '.';
1206
2005-11-29
pbug
}
1207
2005-11-29
pbug
1208
2005-11-29
pbug
/* XXX */
1209
2005-11-29
pbug
if (&buf[sizeof(struct dns_header)] == end_name)
1210
2005-11-29
pbug
*p++ = '.';
1211
2005-11-29
pbug
1212
2005-11-29
pbug
*p = '\0';
1213
2005-11-29
pbug
1214
2014-05-09
pjp
/* check for edns0 opt rr */
1215
2014-05-09
pjp
do {
1216
2014-05-09
pjp
/* if we don't have an additional section, break */
1217
2014-05-09
pjp
if (additional != 1)
1218
2014-05-09
pjp
break;
1219
2014-05-09
pjp
1220
2014-05-10
pjp
i += (2 * sizeof(u_int16_t)) + 1;
1221
2014-05-09
pjp
1222
2014-05-09
pjp
/* check that the minimum optrr fits */
1223
2014-05-10
pjp
/* 10 */
1224
2014-05-10
pjp
if (i + sizeof(struct dns_optrr) > len)
1225
2014-05-09
pjp
break;
1226
2014-05-09
pjp
1227
2014-05-09
pjp
opt = (struct dns_optrr *)&buf[i];
1228
2014-05-10
pjp
if (opt->name[0] != 0)
1229
2014-05-09
pjp
break;
1230
2014-05-09
pjp
1231
2014-05-09
pjp
if (ntohs(opt->type) != DNS_TYPE_OPT)
1232
2014-05-09
pjp
break;
1233
2014-05-09
pjp
1234
2014-05-09
pjp
/* if we got options here I don't want to know about them */
1235
2014-05-09
pjp
if (ntohs(opt->rdlen) > 0)
1236
2014-05-09
pjp
break;
1237
2014-05-09
pjp
1238
2014-05-09
pjp
/* RFC 3225 */
1239
2014-05-09
pjp
if (ntohl(opt->ttl) & DNSSEC_OK)
1240
2014-05-09
pjp
q->dnssecok = 1;
1241
2014-05-09
pjp
else if (ntohl(opt->ttl) != 0)
1242
2014-05-09
pjp
break;
1243
2014-05-09
pjp
1244
2014-05-09
pjp
q->edns0len = ntohs(opt->class);
1245
2014-05-10
pjp
if (q->edns0len < 512)
1246
2014-05-10
pjp
q->edns0len = 512; /* RFC 6891 - page 10 */
1247
2014-05-09
pjp
1248
2014-05-09
pjp
} while (0);
1249
2014-05-09
pjp
1250
2005-11-29
pbug
/* fill our name into the dns header struct */
1251
2014-05-09
pjp
1252
2005-11-29
pbug
memcpy(q->hdr->name, &buf[sizeof(struct dns_header)], q->hdr->namelen);
1253
2005-11-29
pbug
1254
2005-11-29
pbug
/* make it lower case */
1255
2005-11-29
pbug
1256
2005-11-29
pbug
for (i = 0; i < q->hdr->namelen; i++) {
1257
2008-04-10
pbug
int c0;
1258
2008-04-10
pbug
1259
2008-04-10
pbug
c0 = q->hdr->name[i];
1260
2008-04-10
pbug
if (isalpha(c0)) {
1261
2008-04-10
pbug
q->hdr->name[i] = tolower(c0);
1262
2005-11-29
pbug
}
1263
2005-11-29
pbug
}
1264
2005-11-29
pbug
1265
2005-11-29
pbug
/* parse type and class from the question */
1266
2005-11-29
pbug
1267
2005-11-29
pbug
qtype = (u_int16_t *)(end_name + 1);
1268
2005-11-29
pbug
qclass = (u_int16_t *)(end_name + sizeof(u_int16_t) + 1);
1269
2005-11-29
pbug
1270
2005-11-29
pbug
memcpy((char *)&q->hdr->qtype, (char *)qtype, sizeof(u_int16_t));
1271
2005-11-29
pbug
memcpy((char *)&q->hdr->qclass, (char *)qclass, sizeof(u_int16_t));
1272
2005-11-29
pbug
1273
2014-05-09
pjp
1274
2005-11-29
pbug
return (q);
1275
2005-11-29
pbug
}
1276
2005-11-29
pbug
1277
2005-11-29
pbug
/*
1278
2005-11-29
pbug
* FREE_QUESTION - free a question struct
1279
2005-11-29
pbug
*
1280
2005-11-29
pbug
*/
1281
2005-11-29
pbug
1282
2005-11-29
pbug
int
1283
2005-11-29
pbug
free_question(struct question *q)
1284
2005-11-29
pbug
{
1285
2005-11-29
pbug
free(q->hdr->name);
1286
2005-11-29
pbug
free(q->hdr);
1287
2005-11-29
pbug
free(q->converted_name);
1288
2005-11-29
pbug
free(q);
1289
2005-11-29
pbug
1290
2005-11-29
pbug
return 0;
1291
2005-11-29
pbug
}
1292
2005-11-29
pbug
1293
2005-11-29
pbug
/*
1294
2005-11-29
pbug
* DNS_LABEL - build a DNS NAME (with labels) from a canonical name
1295
2005-11-29
pbug
*
1296
2005-11-29
pbug
*/
1297
2005-11-29
pbug
1298
2005-11-29
pbug
char *
1299
2005-11-29
pbug
dns_label(char *name, int *returnlen)
1300
2005-11-29
pbug
{
1301
2005-11-29
pbug
int len, newlen = 0;
1302
2005-11-29
pbug
int i, lc = 0; /* lc = label count */
1303
2008-07-10
pbug
1304
2005-11-29
pbug
char *dnslabel, *p;
1305
2005-11-29
pbug
char *labels[255];
1306
2005-11-29
pbug
char **pl;
1307
2008-07-10
pbug
char tname[DNS_MAXNAME + 1]; /* 255 bytes + 1*/
1308
2008-07-10
pbug
char *pt = &tname[0];
1309
2005-11-29
pbug
1310
2005-11-29
pbug
1311
2005-11-29
pbug
if (name == NULL)
1312
2005-11-29
pbug
return NULL;
1313
2005-11-29
pbug
1314
2008-04-10
pbug
#if __linux__
1315
2008-04-10
pbug
strncpy(tname, name, sizeof(tname));
1316
2008-04-10
pbug
tname[sizeof(tname) - 1] = 0;
1317
2008-04-10
pbug
#else
1318
2005-11-29
pbug
strlcpy(tname, name, sizeof(tname));
1319
2008-04-10
pbug
#endif
1320
2005-11-29
pbug
1321
2005-11-29
pbug
len = strlen(tname);
1322
2005-11-29
pbug
if (tname[len - 1] == '.')
1323
2005-11-29
pbug
tname[len - 1] = '\0';
1324
2005-11-29
pbug
1325
2005-11-29
pbug
for (pl=labels;pl<&labels[254]&&(*pl=strsep(&pt,"."))!= NULL;pl++,lc++)
1326
2005-11-29
pbug
newlen += strlen(*pl);
1327
2005-11-29
pbug
1328
2005-11-29
pbug
newlen += lc; /* add label count to length */
1329
2005-11-29
pbug
1330
2005-11-29
pbug
1331
2005-11-29
pbug
/* make the buffer space, add 1 for trailing NULL */
1332
2005-11-29
pbug
if ((dnslabel = malloc(newlen + 1)) == NULL) {
1333
2005-11-29
pbug
return NULL;
1334
2005-11-29
pbug
}
1335
2005-11-29
pbug
1336
2005-11-29
pbug
*returnlen = newlen + 1;
1337
2005-11-29
pbug
dnslabel[newlen] = '\0'; /* trailing NULL */
1338
2005-11-29
pbug
1339
2005-11-29
pbug
for (i = 0, p = dnslabel; i < lc; i++) {
1340
2005-11-29
pbug
len = strlen(labels[i]);
1341
2005-11-29
pbug
*p++ = len;
1342
2008-04-10
pbug
#if __linux__
1343
2008-04-10
pbug
/* XXX */
1344
2008-04-10
pbug
strncpy(p, labels[i], newlen - (p - dnslabel) + 1);
1345
2008-04-10
pbug
p[newlen - (p - dnslabel)] = 0;
1346
2008-04-10
pbug
#else
1347
2005-11-29
pbug
strlcpy(p, labels[i], newlen - (p - dnslabel) + 1);
1348
2008-04-10
pbug
#endif
1349
2005-11-29
pbug
p += len;
1350
2005-11-29
pbug
}
1351
2005-11-29
pbug
1352
2005-11-29
pbug
/*
1353
2005-11-29
pbug
* XXX hack to make all DNS names lower case, we only preserve
1354
2005-11-29
pbug
* case on compressed answers..
1355
2005-11-29
pbug
*/
1356
2005-11-29
pbug
1357
2005-11-29
pbug
for (i = 0, p = dnslabel; i < *returnlen; i++) {
1358
2008-04-10
pbug
int c;
1359
2008-04-10
pbug
1360
2008-04-10
pbug
c = *p;
1361
2008-04-10
pbug
if (isalpha(c))
1362
2008-04-10
pbug
*p = tolower(c);
1363
2005-11-29
pbug
p++;
1364
2005-11-29
pbug
}
1365
2005-11-29
pbug
1366
2013-02-16
pjp
dolog(LOG_DEBUG, "converting name= %s\n", name);
1367
2005-11-29
pbug
1368
2005-11-29
pbug
return dnslabel;
1369
2005-11-29
pbug
}
1370
2005-11-29
pbug
1371
2005-11-29
pbug
/*
1372
2005-11-29
pbug
* COMPRESS_LABEL - compress a DNS name, must be passed an entire reply
1373
2005-11-29
pbug
* with the to be compressed name before the offset of
1374
2005-11-29
pbug
* that reply.
1375
2005-11-29
pbug
*/
1376
2005-11-29
pbug
1377
2010-04-15
pbug
int
1378
2010-04-15
pbug
compress_label(u_char *buf, u_int16_t offset, int labellen)
1379
2005-11-29
pbug
{
1380
2010-04-15
pbug
u_char *label[256]; /* should be enough */
1381
2010-04-15
pbug
u_char *end = &buf[offset];
1382
2010-04-15
pbug
struct question {
1383
2010-04-15
pbug
u_int16_t type;
1384
2010-04-15
pbug
u_int16_t class;
1385
2010-04-15
pbug
} __attribute__((packed));
1386
2010-04-15
pbug
struct answer {
1387
2010-04-15
pbug
u_int16_t type;
1388
2010-04-15
pbug
u_int16_t class;
1389
2010-04-15
pbug
u_int32_t ttl;
1390
2010-04-15
pbug
u_int16_t rdlength;
1391
2010-04-15
pbug
} __attribute__((packed));
1392
2010-04-15
pbug
struct soa {
1393
2010-04-15
pbug
u_int32_t serial;
1394
2010-04-15
pbug
u_int32_t refresh;
1395
2010-04-15
pbug
u_int32_t retry;
1396
2010-04-15
pbug
u_int32_t expire;
1397
2010-04-15
pbug
u_int32_t minttl;
1398
2010-04-15
pbug
} __attribute__((packed));
1399
2010-04-15
pbug
1400
2010-04-15
pbug
struct answer *a;
1401
2010-04-15
pbug
1402
2010-04-15
pbug
u_int i, j;
1403
2010-04-15
pbug
u_int checklen;
1404
2005-11-29
pbug
u_int16_t *compressor;
1405
2005-11-29
pbug
1406
2010-04-15
pbug
u_char *p, *e;
1407
2010-04-15
pbug
u_char *compressmark;
1408
2005-11-29
pbug
1409
2005-11-29
pbug
1410
2010-04-15
pbug
p = &buf[sizeof(struct dns_header)];
1411
2010-04-15
pbug
label[0] = p;
1412
2010-04-15
pbug
1413
2010-04-15
pbug
while (p <= end && *p) {
1414
2010-04-15
pbug
p += *p;
1415
2010-04-15
pbug
p++;
1416
2010-04-15
pbug
}
1417
2010-04-15
pbug
1418
2010-04-15
pbug
/*
1419
2010-04-15
pbug
* the question label was bogus, we'll just get out of there, return 0
1420
2010-04-15
pbug
*/
1421
2005-11-29
pbug
1422
2010-04-15
pbug
if (p >= end)
1423
2010-04-15
pbug
return (0);
1424
2005-11-29
pbug
1425
2010-04-15
pbug
p += sizeof(struct question);
1426
2010-04-15
pbug
p++; /* one more */
1427
2010-04-15
pbug
/* start of answer/additional/authoritative */
1428
2005-11-29
pbug
1429
2010-04-15
pbug
for (i = 1; i < 100; i++) {
1430
2010-04-15
pbug
label[i] = p;
1431
2005-11-29
pbug
1432
2010-04-15
pbug
while (p <= end && *p) {
1433
2010-04-15
pbug
if ((*p & 0xc0) == 0xc0) {
1434
2010-04-15
pbug
p++;
1435
2010-04-15
pbug
break;
1436
2010-04-15
pbug
}
1437
2010-04-15
pbug
p += *p;
1438
2010-04-15
pbug
p++;
1439
2005-11-29
pbug
1440
2010-04-15
pbug
if (p >= end)
1441
2010-04-15
pbug
goto end;
1442
2010-04-15
pbug
}
1443
2010-04-15
pbug
1444
2010-04-15
pbug
p++; /* one more */
1445
2005-11-29
pbug
1446
2005-11-29
pbug
1447
2010-04-15
pbug
a = (struct answer *)p;
1448
2010-04-15
pbug
p += sizeof(struct answer);
1449
2005-11-29
pbug
1450
2011-02-27
pbug
/* Thanks FreeLogic! */
1451
2011-02-27
pbug
if (p >= end)
1452
2011-02-27
pbug
goto end;
1453
2011-02-27
pbug
1454
2010-04-15
pbug
switch (ntohs(a->type)) {
1455
2010-04-15
pbug
case DNS_TYPE_A:
1456
2010-04-15
pbug
p += sizeof(in_addr_t);
1457
2010-04-15
pbug
break;
1458
2010-04-15
pbug
case DNS_TYPE_AAAA:
1459
2010-04-15
pbug
p += 16; /* sizeof 4 * 32 bit */
1460
2010-04-15
pbug
break;
1461
2010-04-15
pbug
case DNS_TYPE_TXT:
1462
2014-04-21
pjp
case DNS_TYPE_SPF:
1463
2010-04-15
pbug
p += *p;
1464
2010-04-15
pbug
p++;
1465
2010-04-15
pbug
break;
1466
2014-04-21
pjp
case DNS_TYPE_SSHFP:
1467
2014-04-21
pjp
p++;
1468
2014-04-21
pjp
switch (*p) {
1469
2014-04-21
pjp
case 1:
1470
2014-04-21
pjp
p += DNS_SSHFP_SIZE_SHA1 + 1;
1471
2014-04-21
pjp
break;
1472
2014-04-21
pjp
case 2:
1473
2014-04-21
pjp
p += DNS_SSHFP_SIZE_SHA256 + 1;
1474
2014-04-21
pjp
break;
1475
2014-04-21
pjp
default:
1476
2014-04-21
pjp
/* XXX */
1477
2014-04-21
pjp
goto end;
1478
2014-04-21
pjp
}
1479
2014-04-21
pjp
1480
2014-04-21
pjp
break;
1481
2012-04-30
pbug
case DNS_TYPE_SRV:
1482
2012-04-30
pbug
p += (2 * sizeof(u_int16_t)); /* priority, weight */
1483
2012-04-30
pbug
/* the port will be assumed in the fall through for
1484
2012-04-30
pbug
mx_priority..
1485
2012-04-30
pbug
*/
1486
2012-04-30
pbug
/* FALLTHROUGH */
1487
2010-04-15
pbug
case DNS_TYPE_MX:
1488
2010-04-15
pbug
p += sizeof(u_int16_t); /* mx_priority */
1489
2010-04-15
pbug
/* FALLTHROUGH */
1490
2010-04-15
pbug
case DNS_TYPE_NS:
1491
2010-04-15
pbug
case DNS_TYPE_PTR:
1492
2010-04-15
pbug
case DNS_TYPE_CNAME:
1493
2010-04-15
pbug
label[++i] = p;
1494
2010-04-15
pbug
while (p <= end && *p) {
1495
2010-04-15
pbug
if ((*p & 0xc0) == 0xc0) {
1496
2010-04-15
pbug
p++;
1497
2010-04-15
pbug
break;
1498
2010-04-15
pbug
}
1499
2010-04-15
pbug
p += *p;
1500
2010-04-15
pbug
p++;
1501
2010-04-15
pbug
1502
2010-04-15
pbug
if (p >= end)
1503
2010-04-15
pbug
goto end;
1504
2010-04-15
pbug
}
1505
2010-04-15
pbug
1506
2010-04-15
pbug
p++; /* one more */
1507
2010-04-15
pbug
break;
1508
2010-04-15
pbug
case DNS_TYPE_SOA:
1509
2010-04-15
pbug
/* nsserver */
1510
2010-04-15
pbug
label[++i] = p;
1511
2010-04-15
pbug
while (p <= end && *p) {
1512
2010-04-15
pbug
if ((*p & 0xc0) == 0xc0) {
1513
2010-04-15
pbug
p++;
1514
2010-04-15
pbug
break;
1515
2010-04-15
pbug
}
1516
2010-04-15
pbug
p += *p;
1517
2010-04-15
pbug
p++;
1518
2010-04-15
pbug
if (p >= end)
1519
2010-04-15
pbug
goto end;
1520
2010-04-15
pbug
}
1521
2010-04-15
pbug
1522
2010-04-15
pbug
p++; /* one more */
1523
2010-04-15
pbug
1524
2010-04-15
pbug
if (p >= end)
1525
2010-04-15
pbug
break;
1526
2010-04-15
pbug
1527
2010-04-15
pbug
/* responsible person */
1528
2010-04-15
pbug
label[++i] = p;
1529
2010-04-15
pbug
while (p <= end && *p) {
1530
2010-04-15
pbug
if ((*p & 0xc0) == 0xc0) {
1531
2010-04-15
pbug
p++;
1532
2010-04-15
pbug
break;
1533
2010-04-15
pbug
}
1534
2010-04-15
pbug
p += *p;
1535
2010-04-15
pbug
p++;
1536
2010-04-15
pbug
}
1537
2010-04-15
pbug
1538
2010-04-15
pbug
p++; /* one more */
1539
2010-04-15
pbug
1540
2010-04-15
pbug
if (p >= end)
1541
2010-04-15
pbug
break;
1542
2010-04-15
pbug
1543
2010-04-15
pbug
p += sizeof(struct soa); /* advance struct soa */
1544
2010-04-15
pbug
1545
2010-04-15
pbug
break;
1546
2014-05-11
pjp
case DNS_TYPE_NAPTR:
1547
2014-05-11
pjp
p += (2 * sizeof(u_int16_t)); /* order and preference */
1548
2014-05-11
pjp
p += *p; /* flags */
1549
2014-05-11
pjp
p++;
1550
2014-05-11
pjp
p += *p; /* services */
1551
2014-05-11
pjp
p++;
1552
2014-05-11
pjp
p += *p; /* regexp */
1553
2014-05-11
pjp
p++;
1554
2014-05-11
pjp
1555
2014-05-11
pjp
label[++i] = p;
1556
2014-05-11
pjp
while (p <= end && *p) {
1557
2014-05-11
pjp
if ((*p & 0xc0) == 0xc0) {
1558
2014-05-11
pjp
p++;
1559
2014-05-11
pjp
break;
1560
2014-05-11
pjp
}
1561
2014-05-11
pjp
p += *p;
1562
2014-05-11
pjp
p++;
1563
2014-05-11
pjp
1564
2014-05-11
pjp
if (p >= end)
1565
2014-05-11
pjp
goto end;
1566
2014-05-11
pjp
}
1567
2014-05-11
pjp
1568
2014-05-11
pjp
p++; /* one more */
1569
2014-05-11
pjp
break;
1570
2014-05-11
pjp
1571
2010-04-15
pbug
default:
1572
2010-04-15
pbug
break;
1573
2010-04-15
pbug
/* XXX */
1574
2010-04-15
pbug
} /* switch */
1575
2010-04-15
pbug
1576
2010-04-15
pbug
if (p >= end)
1577
2010-04-15
pbug
break;
1578
2010-04-15
pbug
} /* for (i *) */
1579
2010-04-15
pbug
1580
2010-04-15
pbug
end:
1581
2010-04-15
pbug
1582
2010-04-15
pbug
p = &buf[offset - labellen];
1583
2010-04-15
pbug
checklen = labellen;
1584
2010-04-15
pbug
1585
2010-04-15
pbug
for (;*p != 0;) {
1586
2010-04-15
pbug
for (j = 0; j < i; j++) {
1587
2010-04-15
pbug
for (e = label[j]; *e; e += *e, e++) {
1588
2010-04-15
pbug
if ((*e & 0xc0) == 0xc0)
1589
2010-04-15
pbug
break;
1590
2010-04-15
pbug
1591
2010-04-15
pbug
if (memcasecmp(e, p, checklen) == 0) {
1592
2010-04-15
pbug
/* e is now our compress offset */
1593
2010-04-15
pbug
compressmark = e;
1594
2010-04-15
pbug
goto out; /* found one */
1595
2010-04-15
pbug
}
1596
2010-04-15
pbug
} /* for (e .. */
1597
2010-04-15
pbug
1598
2010-04-15
pbug
} /* for (j .. */
1599
2010-04-15
pbug
1600
2005-11-29
pbug
if (*p > DNS_MAXLABEL)
1601
2005-11-29
pbug
return 0; /* totally bogus label */
1602
2005-11-29
pbug
1603
2005-11-29
pbug
checklen -= *p;
1604
2005-11-29
pbug
p += *p;
1605
2005-11-29
pbug
checklen--;
1606
2005-11-29
pbug
p++;
1607
2005-11-29
pbug
}
1608
2005-11-29
pbug
1609
2010-04-15
pbug
return (0); /* no compression possible */
1610
2005-11-29
pbug
1611
2005-11-29
pbug
out:
1612
2005-11-29
pbug
/* take off our compress length */
1613
2005-11-29
pbug
offset -= checklen;
1614
2005-11-29
pbug
/* write compressed label */
1615
2005-11-29
pbug
compressor = (u_int16_t *)&buf[offset];
1616
2005-11-29
pbug
1617
2005-11-29
pbug
*compressor = (compressmark - &buf[0]);
1618
2005-11-29
pbug
*compressor |= 0xc000;
1619
2005-11-29
pbug
1620
2005-11-29
pbug
/* network byte order */
1621
2010-03-28
pbug
HTONS(*compressor);
1622
2005-11-29
pbug
1623
2005-11-29
pbug
offset += sizeof(u_int16_t);
1624
2005-11-29
pbug
1625
2005-11-29
pbug
return (offset);
1626
2005-11-29
pbug
}
1627
2005-11-29
pbug
1628
2005-11-29
pbug
/*
1629
2005-11-29
pbug
* MEMCASECMP - check if buffer is identical to another buffer with
1630
2005-11-29
pbug
* one exception if a character is alphabetic it's
1631
2005-11-29
pbug
* compared to it's lower case value so that heLLo is
1632
2005-11-29
pbug
* the same as hello
1633
2005-11-29
pbug
*/
1634
2005-11-29
pbug
1635
2005-11-29
pbug
int
1636
2010-07-27
pbug
memcasecmp(u_char *b1, u_char *b2, int len)
1637
2005-11-29
pbug
{
1638
2005-11-29
pbug
int i;
1639
2005-11-29
pbug
int identical = 1;
1640
2005-11-29
pbug
1641
2005-11-29
pbug
for (i = 0; i < len; i++) {
1642
2008-04-10
pbug
int c0, c1;
1643
2008-04-10
pbug
1644
2008-04-10
pbug
c0 = b1[i];
1645
2008-04-10
pbug
c1 = b2[i];
1646
2008-04-10
pbug
1647
2008-04-10
pbug
if ((isalpha(c0) ? tolower(c0) : c0) !=
1648
2008-04-10
pbug
(isalpha(c1) ? tolower(c1) : c1)) {
1649
2005-11-29
pbug
identical = 0;
1650
2005-11-29
pbug
break;
1651
2005-11-29
pbug
}
1652
2005-11-29
pbug
}
1653
2005-11-29
pbug
1654
2005-11-29
pbug
if (identical)
1655
2005-11-29
pbug
return 0;
1656
2005-11-29
pbug
1657
2005-11-29
pbug
return 1; /* XXX */
1658
2005-11-29
pbug
}
1659
2005-11-29
pbug
1660
2005-11-29
pbug
1661
2005-11-29
pbug
/*
1662
2005-11-29
pbug
* LOOKUP_ZONE - look up a zone filling sd and returning RR TYPE, if error
1663
2005-11-29
pbug
* occurs returns -1, and sets errno on what type of error.
1664
2005-11-29
pbug
*/
1665
2005-11-29
pbug
1666
2005-11-29
pbug
1667
2005-11-29
pbug
int
1668
2010-04-05
pbug
lookup_zone(DB *db, struct question *question, struct domain *sd, int *lzerrno, char *replystring, int wildcard)
1669
2005-11-29
pbug
{
1670
2005-11-29
pbug
1671
2005-11-29
pbug
int plen, onemore = 0;
1672
2005-11-29
pbug
int ret = 0;
1673
2014-05-18
pjp
int returnval, error;
1674
2010-04-05
pbug
int w = 0;
1675
2008-04-10
pbug
1676
2005-11-29
pbug
char *wildlookup = "*";
1677
2008-04-10
pbug
char *p;
1678
2005-11-29
pbug
1679
2005-11-29
pbug
DBT key, data;
1680
2005-11-29
pbug
1681
2005-11-29
pbug
/*
1682
2005-11-29
pbug
* if the asked domain name is foo.bar.baz.org then
1683
2005-11-29
pbug
* lookup foo.bar.baz.org, bar.baz.org, baz.org,
1684
2005-11-29
pbug
* org and if there is a match return that.
1685
2005-11-29
pbug
*/
1686
2005-11-29
pbug
1687
2005-11-29
pbug
p = question->hdr->name;
1688
2005-11-29
pbug
plen = question->hdr->namelen;
1689
2005-11-29
pbug
onemore = 0;
1690
2005-11-29
pbug
1691
2005-11-29
pbug
returnval = 0;
1692
2005-11-29
pbug
1693
2005-11-29
pbug
do {
1694
2005-11-29
pbug
1695
2008-04-10
pbug
memset(&key, 0, sizeof(key));
1696
2008-04-10
pbug
memset(&data, 0, sizeof(data));
1697
2008-04-10
pbug
1698
2005-11-29
pbug
key.data = (char *)p;
1699
2005-11-29
pbug
key.size = plen;
1700
2005-11-29
pbug
1701
2005-11-29
pbug
data.data = NULL;
1702
2005-11-29
pbug
data.size = 0;
1703
2005-11-29
pbug
1704
2008-04-10
pbug
ret = db->get(db, NULL, &key, &data, 0);
1705
2008-04-10
pbug
1706
2005-11-29
pbug
if (ret != 0) {
1707
2010-04-05
pbug
if (! wildcard)
1708
2010-04-05
pbug
w = 1;
1709
2005-11-29
pbug
/* next label */
1710
2008-04-10
pbug
if (*p != 0) {
1711
2005-11-29
pbug
plen -= (*p + 1);
1712
2005-11-29
pbug
p = (p + (*p + 1));
1713
2008-04-10
pbug
} else if (*p == 0 && ! onemore) {
1714
2005-11-29
pbug
plen = 1;
1715
2005-11-29
pbug
onemore = 1;
1716
2005-11-29
pbug
continue;
1717
2005-11-29
pbug
}
1718
2005-11-29
pbug
} else {
1719
2005-11-29
pbug
/* we have a match check if the type has an answer, if not we leave */
1720
2005-11-29
pbug
if (data.size != sizeof(struct domain)) {
1721
2013-02-16
pjp
dolog(LOG_INFO, "btree db is damaged, drop\n");
1722
2005-11-29
pbug
*lzerrno = ERR_DROP;
1723
2005-11-29
pbug
return -1;
1724
2005-11-29
pbug
}
1725
2005-11-29
pbug
1726
2005-11-29
pbug
memcpy((char *)sd, (char *)data.data, data.size);
1727
2005-11-29
pbug
snprintf(replystring, DNS_MAXNAME, "%s", sd->zonename);
1728
2005-11-29
pbug
1729
2010-04-05
pbug
/*
1730
2010-04-05
pbug
* If we're not wildcarding and ns_type is 0, NXDOMAIN
1731
2010-04-05
pbug
*/
1732
2010-04-05
pbug
if (! wildcard)
1733
2010-04-05
pbug
if (w && sd->ns_type == 0) {
1734
2010-03-19
pbug
*lzerrno = ERR_NXDOMAIN;
1735
2010-03-19
pbug
return -1;
1736
2005-11-29
pbug
}
1737
2005-11-29
pbug
1738
2010-04-05
pbug
/*
1739
2010-04-05
pbug
* we're of ns_type > 0, return an NS record
1740
2010-04-05
pbug
*/
1741
2010-04-05
pbug
1742
2010-04-01
pbug
if (sd->ns_type > 0) {
1743
2010-03-19
pbug
returnval = DNS_TYPE_NS;
1744
2009-03-07
pbug
*lzerrno = ERR_NOERROR;
1745
2010-03-19
pbug
goto out;
1746
2010-03-19
pbug
}
1747
2005-11-29
pbug
1748
2011-09-19
pbug
/*
1749
2011-09-19
pbug
* check if our record is dynamic (non-static)
1750
2011-09-19
pbug
* if so, we'll hand it down to the recurse
1751
2011-09-19
pbug
* process later on...
1752
2011-09-19
pbug
*/
1753
2005-11-29
pbug
1754
2011-09-19
pbug
if (! (sd->flags & DOMAIN_STATIC_ZONE)) {
1755
2013-02-16
pjp
dolog(LOG_INFO, "non-static zone %s passed to recurse process\n", sd->zonename);
1756
2009-03-07
pbug
*lzerrno = ERR_NOERROR;
1757
2011-09-19
pbug
return (-1);
1758
2011-09-19
pbug
}
1759
2005-11-29
pbug
1760
2005-11-29
pbug
1761
2014-05-18
pjp
returnval = check_qtype(sd, ntohs(question->hdr->qtype), 0, &error);
1762
2014-05-18
pjp
if (returnval == 0) {
1763
2009-11-03
pbug
*lzerrno = ERR_NOERROR;
1764
2014-05-18
pjp
return (-1);
1765
2005-11-29
pbug
}
1766
2005-11-29
pbug
1767
2005-11-29
pbug
break;
1768
2005-11-29
pbug
}
1769
2005-11-29
pbug
1770
2005-11-29
pbug
1771
2008-04-10
pbug
} while (*p != 0 && ret != 0);
1772
2005-11-29
pbug
1773
2005-11-29
pbug
if (ret != 0) {
1774
2010-04-05
pbug
/*
1775
2010-04-05
pbug
* somehow we managed to get here and wildcardding is off
1776
2010-04-05
pbug
* return with NXDOMAIN
1777
2010-04-05
pbug
*/
1778
2010-04-05
pbug
if (! wildcard) {
1779
2010-04-05
pbug
*lzerrno = ERR_NXDOMAIN;
1780
2010-04-05
pbug
return -1;
1781
2010-04-05
pbug
}
1782
2010-04-05
pbug
1783
2008-04-10
pbug
memset(&key, 0, sizeof(key));
1784
2008-04-10
pbug
memset(&data, 0, sizeof(data));
1785
2008-04-10
pbug
1786
2005-11-29
pbug
key.data = wildlookup;
1787
2005-11-29
pbug
key.size = 1;
1788
2005-11-29
pbug
1789
2008-04-10
pbug
if ((ret = db->get(db, NULL, &key, &data, 0)) != 0) {
1790
2008-04-10
pbug
db->err(db, ret, "db->get");
1791
2013-02-16
pjp
dolog(LOG_INFO, "don't have wildcard answer\n");
1792
2005-11-29
pbug
*lzerrno = ERR_NXDOMAIN;
1793
2005-11-29
pbug
return -1;
1794
2005-11-29
pbug
1795
2005-11-29
pbug
}
1796
2005-11-29
pbug
if (data.size != sizeof(struct domain)) {
1797
2013-02-16
pjp
dolog(LOG_INFO, "btree db is damaged, drop\n");
1798
2005-11-29
pbug
*lzerrno = ERR_DROP;
1799
2005-11-29
pbug
return -1;
1800
2005-11-29
pbug
}
1801
2005-11-29
pbug
1802
2005-11-29
pbug
memcpy((char *)sd, (char *)data.data, data.size);
1803
2005-11-29
pbug
1804
2010-04-01
pbug
if (sd->ns_type > 0) {
1805
2010-03-19
pbug
returnval = DNS_TYPE_NS;
1806
2010-03-19
pbug
goto out;
1807
2010-03-19
pbug
}
1808
2005-11-29
pbug
1809
2014-05-18
pjp
returnval = check_qtype(sd, ntohs(question->hdr->qtype), 1, &error);
1810
2014-05-18
pjp
if (returnval == 0) {
1811
2014-05-18
pjp
switch (error) {
1812
2014-05-18
pjp
case -2:
1813
2010-03-27
pbug
*lzerrno = ERR_NXDOMAIN;
1814
2014-05-18
pjp
break;
1815
2014-05-18
pjp
case -1:
1816
2010-03-27
pbug
*lzerrno = ERR_NOERROR;
1817
2005-11-29
pbug
break;
1818
2005-11-29
pbug
}
1819
2014-05-18
pjp
1820
2014-05-18
pjp
return (-1);
1821
2005-11-29
pbug
}
1822
2005-11-29
pbug
1823
2005-11-29
pbug
snprintf(replystring, DNS_MAXNAME, "*");
1824
2005-11-29
pbug
}
1825
2005-11-29
pbug
1826
2010-03-19
pbug
out:
1827
2005-11-29
pbug
return returnval;
1828
2005-11-29
pbug
}
1829
2005-11-29
pbug
1830
2005-11-29
pbug
/*
1831
2005-11-29
pbug
* BUILD_FAKE_QUESTION - fill the fake question structure with the DNS query.
1832
2005-11-29
pbug
*/
1833
2005-11-29
pbug
1834
2005-11-29
pbug
struct question *
1835
2005-11-29
pbug
build_fake_question(char *name, int namelen, u_int16_t type)
1836
2005-11-29
pbug
{
1837
2005-11-29
pbug
struct question *q;
1838
2005-11-29
pbug
1839
2005-11-29
pbug
q = (void *)calloc(1, sizeof(struct question));
1840
2005-11-29
pbug
if (q == NULL) {
1841
2013-02-16
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
1842
2005-11-29
pbug
return NULL;
1843
2005-11-29
pbug
}
1844
2005-11-29
pbug
1845
2005-11-29
pbug
q->hdr = (void *)calloc(1, sizeof(struct dns_question_hdr));
1846
2005-11-29
pbug
if (q->hdr == NULL) {
1847
2013-02-16
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
1848
2005-11-29
pbug
free(q);
1849
2005-11-29
pbug
return NULL;
1850
2005-11-29
pbug
}
1851
2005-11-29
pbug
q->hdr->namelen = namelen;
1852
2005-11-29
pbug
q->hdr->name = (void *) calloc(1, q->hdr->namelen);
1853
2005-11-29
pbug
if (q->hdr->name == NULL) {
1854
2013-02-16
pjp
dolog(LOG_INFO, "calloc: %s\n", strerror(errno));
1855
2005-11-29
pbug
free(q->hdr);
1856
2005-11-29
pbug
free(q);
1857
2005-11-29
pbug
return NULL;
1858
2005-11-29
pbug
}
1859
2005-11-29
pbug
q->converted_name = NULL;
1860
2005-11-29
pbug
1861
2005-11-29
pbug
/* fill our name into the dns header struct */
1862
2005-11-29
pbug
1863
2005-11-29
pbug
memcpy(q->hdr->name, name, q->hdr->namelen);
1864
2005-11-29
pbug
1865
2005-11-29
pbug
q->hdr->qtype = type;
1866
2005-11-29
pbug
q->hdr->qclass = htons(DNS_CLASS_IN);
1867
2005-11-29
pbug
1868
2005-11-29
pbug
return (q);
1869
2008-07-24
pbug
}
1870
2008-07-24
pbug
1871
2008-07-24
pbug
/*
1872
2008-07-24
pbug
* GET_SOA - get authoritative soa for a particular domain
1873
2008-07-24
pbug
*/
1874
2008-07-24
pbug
1875
2008-07-24
pbug
int
1876
2010-04-05
pbug
get_soa(DB *db, struct question *question, struct domain *sd, int wildcard)
1877
2008-07-24
pbug
{
1878
2008-07-24
pbug
int plen;
1879
2008-07-24
pbug
int ret = 0;
1880
2008-07-24
pbug
1881
2008-07-24
pbug
DBT key, data;
1882
2008-07-24
pbug
1883
2008-07-24
pbug
char *p;
1884
2008-07-24
pbug
1885
2008-07-24
pbug
p = question->hdr->name;
1886
2008-07-24
pbug
plen = question->hdr->namelen;
1887
2008-07-24
pbug
1888
2008-07-24
pbug
do {
1889
2008-07-24
pbug
1890
2008-07-24
pbug
memset(&key, 0, sizeof(key));
1891
2008-07-24
pbug
memset(&data, 0, sizeof(data));
1892
2008-07-24
pbug
1893
2008-07-24
pbug
key.data = (char *)p;
1894
2008-07-24
pbug
key.size = plen;
1895
2008-07-24
pbug
1896
2008-07-24
pbug
data.data = NULL;
1897
2008-07-24
pbug
data.size = 0;
1898
2008-07-24
pbug
1899
2008-07-24
pbug
ret = db->get(db, NULL, &key, &data, 0);
1900
2008-07-24
pbug
if (ret != 0) {
1901
2010-04-05
pbug
/*
1902
2010-04-05
pbug
* If we're not wildcarding end the search here and
1903
2010-04-05
pbug
* return with -1
1904
2010-04-05
pbug
*/
1905
2010-04-05
pbug
if (! wildcard)
1906
2009-11-08
pbug
return -1;
1907
2009-11-08
pbug
1908
2008-07-24
pbug
plen -= (*p + 1);
1909
2008-07-24
pbug
p = (p + (*p + 1));
1910
2008-07-24
pbug
continue;
1911
2008-07-24
pbug
}
1912
2008-07-24
pbug
1913
2008-07-24
pbug
if (data.size != sizeof(struct domain)) {
1914
2013-02-16
pjp
dolog(LOG_INFO, "btree db is damaged, drop\n");
1915
2008-07-24
pbug
return -1;
1916
2008-07-24
pbug
}
1917
2008-07-24
pbug
1918
2008-07-24
pbug
memcpy((char *)sd, (char *)data.data, data.size);
1919
2008-07-24
pbug
1920
2008-07-24
pbug
if ((sd->flags & DOMAIN_HAVE_SOA) == DOMAIN_HAVE_SOA) {
1921
2008-07-24
pbug
/* we'll take this one */
1922
2008-07-24
pbug
return 0;
1923
2008-07-24
pbug
} else {
1924
2008-07-24
pbug
plen -= (*p + 1);
1925
2008-07-24
pbug
p = (p + (*p + 1));
1926
2008-07-24
pbug
}
1927
2008-07-24
pbug
1928
2008-07-24
pbug
} while (*p);
1929
2008-07-24
pbug
1930
2008-07-24
pbug
return -1;
1931
2009-03-10
pbug
}
1932
2009-03-10
pbug
1933
2009-03-10
pbug
/*
1934
2009-03-10
pbug
* GET_DNS_TYPE - take integer and compare to table, then spit back a static
1935
2009-03-10
pbug
* string with the result. This function can't fail.
1936
2009-03-10
pbug
*/
1937
2009-03-10
pbug
1938
2009-03-10
pbug
char *
1939
2009-03-10
pbug
get_dns_type(int dnstype)
1940
2009-03-10
pbug
{
1941
2009-03-10
pbug
static char type[128];
1942
2009-03-10
pbug
struct typetable *t;
1943
2009-03-10
pbug
1944
2009-03-10
pbug
t = TT;
1945
2009-03-10
pbug
1946
2009-03-10
pbug
while (t->type != NULL) {
1947
2009-03-10
pbug
if (dnstype == t->number)
1948
2009-03-10
pbug
break;
1949
2009-03-10
pbug
1950
2009-03-10
pbug
t = (t + 1);
1951
2009-03-10
pbug
}
1952
2009-03-10
pbug
1953
2009-03-10
pbug
if (t->type == NULL) {
1954
2009-03-10
pbug
snprintf(type, sizeof(type) - 1, "%u", dnstype);
1955
2009-03-10
pbug
} else
1956
2009-03-13
pbug
snprintf(type, sizeof(type) - 1, "%s(%u)", t->type, dnstype);
1957
2009-03-10
pbug
1958
2009-03-10
pbug
return (type);
1959
2009-03-10
pbug
}
1960
2009-03-10
pbug
1961
2010-03-12
pbug
/*
1962
2010-03-14
pbug
* MAINLOOP - does the polling of tcp & udp descriptors and if ready receives the
1963
2010-03-12
pbug
* requests, builds the question and calls for replies, loops
1964
2010-03-12
pbug
*
1965
2010-03-12
pbug
*/
1966
2010-03-12
pbug
1967
2010-03-12
pbug
void
1968
2011-06-28
pbug
mainloop(struct cfg *cfg)
1969
2010-03-12
pbug
{
1970
2010-03-12
pbug
fd_set rset;
1971
2010-03-12
pbug
int sel;
1972
2014-10-08
pjp
int len, slen;
1973
2010-03-12
pbug
int is_ipv6;
1974
2010-03-12
pbug
int i;
1975
2010-03-12
pbug
int istcp = 1;
1976
2010-03-12
pbug
int maxso;
1977
2010-03-12
pbug
int so;
1978
2010-03-12
pbug
int type0, type1;
1979
2010-03-12
pbug
int lzerrno;
1980
2010-04-05
pbug
int wildcard = 0;
1981
2014-05-01
pjp
int filter = 0;
1982
2014-05-05
pjp
int rcheck = 0;
1983
2014-05-18
pjp
int blacklist = 1;
1984
2011-06-28
pbug
int sp;
1985
2011-06-28
pbug
int lfd;
1986
2010-03-12
pbug
1987
2010-03-14
pbug
u_int32_t received_ttl;
1988
2011-02-13
pbug
#if defined __FreeBSD__ || defined __OpenBSD__
1989
2010-03-14
pbug
u_char *ttlptr;
1990
2010-03-14
pbug
#else
1991
2010-03-14
pbug
int *ttlptr;
1992
2010-03-14
pbug
#endif
1993
2010-03-14
pbug
1994
2010-03-12
pbug
u_int8_t aregion; /* region where the address comes from */
1995
2010-03-12
pbug
1996
2010-03-12
pbug
char *pbuf;
1997
2010-03-14
pbug
char buf[4096];
1998
2014-04-21
pjp
char *replybuf = NULL;
1999
2010-03-12
pbug
char address[INET6_ADDRSTRLEN];
2000
2010-03-12
pbug
char replystring[DNS_MAXNAME + 1];
2001
2010-03-12
pbug
char fakereplystring[DNS_MAXNAME + 1];
2002
2010-03-14
pbug
char controlbuf[64];
2003
2010-03-12
pbug
2004
2010-03-12
pbug
union {
2005
2010-03-12
pbug
struct sockaddr sa;
2006
2010-03-12
pbug
struct sockaddr_in sin;
2007
2010-03-12
pbug
struct sockaddr_in6 sin6;
2008
2010-03-12
pbug
} sockaddr_large;
2009
2010-03-12
pbug
2010
2010-03-28
pbug
socklen_t fromlen = sizeof(sockaddr_large);
2011
2010-04-15
pbug
socklen_t namelen = sizeof(struct sockaddr_storage);
2012
2011-06-28
pbug
socklen_t logfromlen = sizeof(struct sockaddr_storage);
2013
2010-03-12
pbug
2014
2010-03-12
pbug
struct sockaddr *from = (void *)&sockaddr_large;
2015
2010-03-12
pbug
struct sockaddr_in *sin;
2016
2010-03-12
pbug
struct sockaddr_in6 *sin6;
2017
2010-04-15
pbug
struct sockaddr_storage sto;
2018
2011-06-28
pbug
struct sockaddr_storage logfrom;
2019
2010-03-12
pbug
2020
2010-03-12
pbug
struct dns_header *dh;
2021
2010-03-12
pbug
struct question *question, *fakequestion;
2022
2010-03-12
pbug
struct domain sd0, sd1;
2023
2010-03-12
pbug
2024
2010-03-12
pbug
struct sreply sreply;
2025
2010-04-15
pbug
struct srecurseheader rh;
2026
2010-03-12
pbug
struct timeval tv = { 10, 0};
2027
2010-03-14
pbug
2028
2010-03-14
pbug
struct msghdr msgh;
2029
2010-03-14
pbug
struct cmsghdr *cmsg;
2030
2010-03-14
pbug
struct iovec iov;
2031
2010-03-12
pbug
2032
2010-03-12
pbug
int flag;
2033
2010-04-15
pbug
int recursion = 0;
2034
2010-03-12
pbug
2035
2011-06-28
pbug
2036
2010-03-12
pbug
SLIST_INIT(&tcpshead);
2037
2010-03-19
pbug
collects_init();
2038
2010-03-12
pbug
2039
2014-04-21
pjp
replybuf = calloc(1, 65536);
2040
2014-04-21
pjp
if (replybuf == NULL) {
2041
2014-04-21
pjp
dolog(LOG_ERR, "calloc: %s\n", strerror(errno));
2042
2014-04-21
pjp
slave_shutdown();
2043
2014-04-21
pjp
exit(1);
2044
2014-04-21
pjp
}
2045
2014-04-21
pjp
2046
2014-04-21
pjp
2047
2011-06-28
pbug
sp = cfg->recurse;
2048
2011-06-28
pbug
lfd = cfg->log;
2049
2011-06-28
pbug
2050
2010-03-12
pbug
/*
2051
2010-03-12
pbug
* set descriptors nonblocking, and listen on them
2052
2010-03-12
pbug
*/
2053
2010-03-12
pbug
2054
2011-06-28
pbug
for (i = 0; i < cfg->sockcount; i++) {
2055
2011-06-28
pbug
listen(cfg->tcp[i], 5);
2056
2010-03-12
pbug
}
2057
2010-03-12
pbug
2058
2010-03-12
pbug
for (;;) {
2059
2010-03-12
pbug
is_ipv6 = 0;
2060
2010-03-12
pbug
maxso = 0;
2061
2010-03-12
pbug
/*
2062
2010-03-12
pbug
* check for timeouts
2063
2010-03-12
pbug
*/
2064
2010-03-12
pbug
2065
2014-05-01
pjp
#ifdef __linux__
2066
2014-05-01
pjp
SLIST_FOREACH(tnp, &tcpshead, tcps_entry) {
2067
2014-05-01
pjp
#else
2068
2014-05-01
pjp
SLIST_FOREACH_SAFE(tnp, &tcpshead, tcps_entry, tntmp) {
2069
2014-05-01
pjp
#endif
2070
2010-03-12
pbug
if ((tnp->time + 10) < time(NULL)) {
2071
2010-03-12
pbug
free(tnp->input);
2072
2010-03-12
pbug
free(tnp->ident);
2073
2010-03-12
pbug
free(tnp->address);
2074
2010-03-12
pbug
close(tnp->so);
2075
2014-05-01
pjp
SLIST_REMOVE(&tcpshead, tnp, tcps, tcps_entry);
2076
2010-03-12
pbug
free(tnp);
2077
2010-03-12
pbug
}
2078
2010-03-12
pbug
}
2079
2010-03-12
pbug
2080
2010-03-12
pbug
FD_ZERO(&rset);
2081
2011-06-28
pbug
for (i = 0; i < cfg->sockcount; i++) {
2082
2011-06-28
pbug
if (maxso < cfg->tcp[i])
2083
2011-06-28
pbug
maxso = cfg->tcp[i];
2084
2010-03-14
pbug
2085
2011-06-28
pbug
if (maxso < cfg->udp[i])
2086
2011-06-28
pbug
maxso = cfg->udp[i];
2087
2010-03-12
pbug
2088
2011-09-19
pbug
if (axfrport && maxso < cfg->axfr[i])
2089
2011-09-19
pbug
maxso = cfg->axfr[i];
2090
2011-09-19
pbug
2091
2011-06-28
pbug
FD_SET(cfg->tcp[i], &rset);
2092
2011-06-28
pbug
FD_SET(cfg->udp[i], &rset);
2093
2011-09-19
pbug
2094
2011-09-19
pbug
if (axfrport)
2095
2011-09-19
pbug
FD_SET(cfg->axfr[i], &rset);
2096
2010-03-12
pbug
}
2097
2010-03-12
pbug
2098
2014-05-01
pjp
SLIST_FOREACH(tnp, &tcpshead, tcps_entry) {
2099
2010-03-12
pbug
if (maxso < tnp->so)
2100
2010-03-12
pbug
maxso = tnp->so;
2101
2010-03-12
pbug
2102
2010-03-12
pbug
FD_SET(tnp->so, &rset);
2103
2010-03-12
pbug
}
2104
2010-03-12
pbug
2105
2011-06-28
pbug
if (logging.bind == 1) {
2106
2011-06-28
pbug
if (maxso < lfd)
2107
2011-06-28
pbug
maxso = lfd;
2108
2011-06-28
pbug
FD_SET(lfd, &rset);
2109
2011-06-28
pbug
}
2110
2011-06-28
pbug
2111
2010-03-13
pbug
tv.tv_sec = 10;
2112
2010-03-13
pbug
tv.tv_usec = 0;
2113
2010-03-13
pbug
2114
2010-03-12
pbug
sel = select(maxso + 1, &rset, NULL, NULL, &tv);
2115
2010-03-12
pbug
2116
2010-03-12
pbug
if (sel < 0) {
2117
2013-02-16
pjp
dolog(LOG_INFO, "select: %s\n", strerror(errno));
2118
2010-03-12
pbug
continue;
2119
2010-03-12
pbug
}
2120
2010-03-12
pbug
2121
2010-03-12
pbug
if (sel == 0) {
2122
2014-05-01
pjp
#ifdef __linux__
2123
2014-05-01
pjp
SLIST_FOREACH(tnp, &tcpshead, tcps_entry) {
2124
2014-05-01
pjp
#else
2125
2014-05-01
pjp
SLIST_FOREACH_SAFE(tnp, &tcpshead, tcps_entry, tntmp) {
2126
2014-05-01
pjp
#endif
2127
2010-03-12
pbug
if ((tnp->time + 10) < time(NULL)) {
2128
2010-03-12
pbug
free(tnp->input);
2129
2010-03-12
pbug
free(tnp->ident);
2130
2010-03-12
pbug
free(tnp->address);
2131
2010-03-12
pbug
close(tnp->so);
2132
2014-05-01
pjp
SLIST_REMOVE(&tcpshead, tnp, tcps, tcps_entry);
2133
2010-03-12
pbug
free(tnp);
2134
2010-03-12
pbug
}
2135
2010-03-12
pbug
}
2136
2010-03-12
pbug
continue;
2137
2010-03-12
pbug
}
2138
2010-03-12
pbug
2139
2011-06-28
pbug
for (i = 0; i < cfg->sockcount; i++) {
2140
2011-06-28
pbug
if (FD_ISSET(cfg->tcp[i], &rset)) {
2141
2010-03-12
pbug
fromlen = sizeof(sockaddr_large);
2142
2010-03-12
pbug
2143
2011-06-28
pbug
so = accept(cfg->tcp[i], (struct sockaddr*)from, &fromlen);
2144
2010-03-12
pbug
2145
2010-03-12
pbug
if (so < 0) {
2146
2013-02-16
pjp
dolog(LOG_INFO, "tcp accept: %s\n", strerror(errno));
2147
2010-03-12
pbug
continue;
2148
2010-03-12
pbug
}
2149
2010-03-12
pbug
2150
2010-03-12
pbug
if (from->sa_family == AF_INET6) {
2151
2010-03-12
pbug
is_ipv6 = 1;
2152
2010-03-12
pbug
2153
2010-03-12
pbug
fromlen = sizeof(struct sockaddr_in6);
2154
2010-03-12
pbug
sin6 = (struct sockaddr_in6 *)from;
2155
2010-03-12
pbug
inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, (char *)&address, sizeof(address));
2156
2010-03-27
pbug
aregion = find_region((struct sockaddr_storage *)sin6, AF_INET6);
2157
2010-04-05
pbug
wildcard = find_wildcard((struct sockaddr_storage *)sin6, AF_INET6);
2158
2014-05-18
pjp
filter = find_filter((struct sockaddr_storage *)sin6, AF_INET6);
2159
2014-05-18
pjp
if (whitelist) {
2160
2014-05-18
pjp
blacklist = find_whitelist((struct sockaddr_storage *)sin6, AF_INET6);
2161
2014-05-18
pjp
}
2162
2010-03-12
pbug
} else if (from->sa_family == AF_INET) {
2163
2010-03-12
pbug
is_ipv6 = 0;
2164
2010-03-12
pbug
2165
2010-03-12
pbug
fromlen = sizeof(struct sockaddr_in);
2166
2010-03-12
pbug
sin = (struct sockaddr_in *)from;
2167
2010-03-12
pbug
inet_ntop(AF_INET, (void *)&sin->sin_addr, (char *)&address, sizeof(address));
2168
2010-04-05
pbug
wildcard = find_wildcard((struct sockaddr_storage *)sin, AF_INET);
2169
2010-03-27
pbug
aregion = find_region((struct sockaddr_storage *)sin, AF_INET);
2170
2014-05-01
pjp
filter = find_filter((struct sockaddr_storage *)sin, AF_INET);
2171
2014-05-18
pjp
if (whitelist) {
2172
2014-05-18
pjp
blacklist = find_whitelist((struct sockaddr_storage *)sin, AF_INET);
2173
2014-05-18
pjp
}
2174
2010-03-12
pbug
} else {
2175
2013-02-16
pjp
dolog(LOG_INFO, "TCP packet received on descriptor %u interface \"%s\" had weird address family (%u), drop\n", so, cfg->ident[i], from->sa_family);
2176
2010-03-12
pbug
close(so);
2177
2010-03-12
pbug
continue;
2178
2010-03-12
pbug
}
2179
2010-03-12
pbug
2180
2014-05-01
pjp
2181
2014-05-01
pjp
if (filter) {
2182
2014-05-01
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s, filter policy\n", so, cfg->ident[i], address);
2183
2014-05-01
pjp
close(so);
2184
2014-05-01
pjp
continue;
2185
2014-05-01
pjp
}
2186
2014-05-01
pjp
2187
2014-05-18
pjp
if (whitelist && blacklist == 0) {
2188
2014-05-18
pjp
dolog(LOG_INFO, "TCP connection refused on descriptor %u interface \"%s\" from %s, whitelist policy\n", so, cfg->ident[i], address);
2189
2014-05-18
pjp
close(so);
2190
2014-05-18
pjp
continue;
2191
2014-05-18
pjp
}
2192
2014-05-01
pjp
2193
2014-05-18
pjp
2194
2014-05-18
pjp
2195
2014-05-18
pjp
2196
2010-03-13
pbug
/*
2197
2010-03-13
pbug
* make this socket nonblocking
2198
2010-03-13
pbug
*/
2199
2010-03-13
pbug
2200
2010-03-13
pbug
if ((flag = fcntl(so, F_GETFL)) < 0) {
2201
2013-02-16
pjp
dolog(LOG_INFO, "fcntl: %s\n", strerror(errno));
2202
2010-03-13
pbug
}
2203
2010-03-13
pbug
flag |= O_NONBLOCK;
2204
2010-03-13
pbug
if (fcntl(so, F_SETFL, flag) < 0) {
2205
2013-02-16
pjp
dolog(LOG_INFO, "fcntl 2: %s\n", strerror(errno));
2206
2010-03-13
pbug
}
2207
2010-03-13
pbug
2208
2010-03-13
pbug
2209
2010-03-12
pbug
/* fill the tcps struct */
2210
2010-03-12
pbug
2211
2010-03-12
pbug
tn1 = malloc(sizeof(struct tcps));
2212
2010-03-12
pbug
if (tn1 == NULL) {
2213
2013-02-16
pjp
dolog(LOG_INFO, "malloc: %s\n", strerror(errno));
2214
2010-03-12
pbug
close(so);
2215
2010-03-12
pbug
continue;
2216
2010-03-12
pbug
}
2217
2010-03-12
pbug
2218
2010-03-12
pbug
tn1->input = (char *)malloc(0xffff + 2);
2219
2010-03-12
pbug
if (tn1->input == NULL) {
2220
2013-02-16
pjp
dolog(LOG_INFO, "tcp malloc 2: %s\n", strerror(errno));
2221
2010-03-12
pbug
close(so);
2222
2010-03-12
pbug
continue;
2223
2010-03-12
pbug
}
2224
2010-03-12
pbug
2225
2010-03-12
pbug
tn1->offset = 0;
2226
2010-03-12
pbug
tn1->length = 0;
2227
2010-03-12
pbug
tn1->maxlen = 0xffff + 2;
2228
2010-03-12
pbug
tn1->so = so;
2229
2010-03-12
pbug
tn1->isv6 = is_ipv6;
2230
2011-06-28
pbug
tn1->ident = strdup(cfg->ident[i]);
2231
2010-03-12
pbug
tn1->address = strdup(address);
2232
2010-03-12
pbug
tn1->region = aregion;
2233
2010-04-05
pbug
tn1->wildcard = wildcard;
2234
2010-03-12
pbug
tn1->time = time(NULL);
2235
2010-03-12
pbug
2236
2014-05-01
pjp
SLIST_INSERT_HEAD(&tcpshead, tn1, tcps_entry);
2237
2010-03-12
pbug
2238
2010-03-12
pbug
} /* FD_ISSET(); */
2239
2010-03-12
pbug
} /* if sockcount */
2240
2010-03-12
pbug
2241
2014-05-01
pjp
#ifdef __linux__
2242
2014-05-01
pjp
SLIST_FOREACH(tnp, &tcpshead, tcps_entry) {
2243
2014-05-01
pjp
#else
2244
2014-05-01
pjp
SLIST_FOREACH_SAFE(tnp, &tcpshead, tcps_entry, tntmp) {
2245
2014-05-01
pjp
#endif
2246
2010-03-12
pbug
if (FD_ISSET(tnp->so, &rset)) {
2247
2010-03-12
pbug
2248
2010-03-14
pbug
istcp = 1;
2249
2010-03-12
pbug
len = recv(tnp->so, tnp->input + tnp->offset, tnp->maxlen - tnp->offset, 0);
2250
2010-03-12
pbug
if (len < 0) {
2251
2010-03-12
pbug
if (errno == EWOULDBLOCK)
2252
2010-03-12
pbug
continue;
2253
2010-03-12
pbug
else {
2254
2010-03-12
pbug
free(tnp->input);
2255
2010-03-12
pbug
free(tnp->ident);
2256
2010-03-12
pbug
free(tnp->address);
2257
2010-03-12
pbug
close(tnp->so);
2258
2014-05-01
pjp
SLIST_REMOVE(&tcpshead, tnp, tcps, tcps_entry);
2259
2010-03-12
pbug
free(tnp);
2260
2010-03-12
pbug
continue;
2261
2010-03-12
pbug
}
2262
2010-03-12
pbug
} /* if len */
2263
2010-03-12
pbug
2264
2010-03-12
pbug
if (len == 0) {
2265
2010-03-12
pbug
free(tnp->input);
2266
2010-03-12
pbug
free(tnp->ident);
2267
2010-03-12
pbug
free(tnp->address);
2268
2010-03-12
pbug
close(tnp->so);
2269
2014-05-01
pjp
SLIST_REMOVE(&tcpshead, tnp, tcps, tcps_entry);
2270
2010-03-12
pbug
free(tnp);
2271
2010-03-12
pbug
continue;
2272
2010-03-12
pbug
}
2273
2010-03-12
pbug
2274
2010-03-12
pbug
tnp->offset += len;
2275
2010-03-12
pbug
tnp->time = time(NULL);
2276
2010-03-12
pbug
2277
2010-03-12
pbug
if (tnp->offset >= 2) {
2278
2010-03-12
pbug
tnp->length = ntohs(*((u_int16_t *) tnp->input));
2279
2010-03-12
pbug
}
2280
2010-03-12
pbug
2281
2010-03-12
pbug
/*
2282
2010-03-12
pbug
* only go on if the full packet was written
2283
2010-03-12
pbug
*/
2284
2010-03-12
pbug
2285
2010-03-12
pbug
if (tnp->length + 2 != tnp->offset)
2286
2010-03-12
pbug
continue;
2287
2010-03-12
pbug
2288
2010-03-12
pbug
len = tnp->length;
2289
2010-03-12
pbug
pbuf = tnp->input + 2;
2290
2010-03-12
pbug
2291
2010-03-12
pbug
/* if UDP packet check length for minimum / maximum */
2292
2010-03-12
pbug
if (len > DNS_MAXUDP || len < sizeof(struct dns_header)){
2293
2013-02-16
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", tnp->so, tnp->ident, tnp->address);
2294
2010-03-12
pbug
goto drop;
2295
2010-03-12
pbug
}
2296
2010-03-12
pbug
2297
2010-03-12
pbug
dh = (struct dns_header *)&pbuf[0];
2298
2010-03-12
pbug
2299
2010-03-12
pbug
/* check if we're a question or reply, drop replies */
2300
2010-03-12
pbug
if ((ntohs(dh->query) & DNS_REPLY)) {
2301
2013-02-16
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" dns header from %s is not a question, drop\n", tnp->so, tnp->ident, tnp->address);
2302
2010-03-12
pbug
goto drop;
2303
2010-03-12
pbug
}
2304
2010-03-12
pbug
2305
2010-03-12
pbug
/*
2306
2010-03-12
pbug
* if questions aren't exactly 1 then drop
2307
2010-03-12
pbug
*/
2308
2010-03-12
pbug
2309
2010-03-12
pbug
if (ntohs(dh->question) != 1) {
2310
2013-02-16
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" header from %s has no question, drop\n", tnp->so, tnp->ident, tnp->address);
2311
2010-03-12
pbug
2312
2010-03-12
pbug
/* format error */
2313
2010-08-27
pbug
build_reply( &sreply, tnp->so, pbuf, len, NULL,
2314
2010-04-05
pbug
from, fromlen, NULL, NULL, tnp->region,
2315
2014-04-21
pjp
istcp, tnp->wildcard, NULL, replybuf);
2316
2010-04-05
pbug
2317
2014-10-08
pjp
slen = reply_fmterror(&sreply);
2318
2013-02-16
pjp
dolog(LOG_INFO, "TCP question on descriptor %d interface \"%s\" from %s, did not have question of 1 replying format error\n", tnp->so, tnp->ident, tnp->address);
2319
2010-03-12
pbug
goto drop;
2320
2010-03-12
pbug
}
2321
2010-03-12
pbug
2322
2010-03-12
pbug
2323
2014-05-09
pjp
if ((question = build_question(pbuf, len, 0)) == NULL) {
2324
2013-02-16
pjp
dolog(LOG_INFO, "TCP packet on descriptor %u interface \"%s\" malformed question from %s, drop\n", tnp->so, tnp->ident, tnp->address);
2325
2010-03-12
pbug
goto drop;
2326
2010-03-12
pbug
}
2327
2010-03-12
pbug
2328
2010-03-12
pbug
/* goto drop beyond this point should goto out instead */
2329
2010-03-12
pbug
fakequestion = NULL;
2330
2010-03-12
pbug
2331
2011-06-28
pbug
if ((type0 = lookup_zone(cfg->db, question, &sd0, &lzerrno, (char *)&replystring, wildcard)) < 0) {
2332
2010-03-19
pbug
2333
2010-03-12
pbug
switch (lzerrno) {
2334
2010-03-12
pbug
default:
2335
2013-02-16
pjp
dolog(LOG_INFO, "invalid lzerrno! dropping\n");
2336
2010-03-12
pbug
/* FALLTHROUGH */
2337
2010-03-12
pbug
case ERR_DROP:
2338
2010-03-12
pbug
snprintf(replystring, DNS_MAXNAME, "DROP");
2339
2010-03-14
pbug
goto tcpout;
2340
2010-03-12
pbug
2341
2010-03-12
pbug
case ERR_NXDOMAIN:
2342
2010-03-14
pbug
goto tcpnxdomain;
2343
2010-03-12
pbug
case ERR_NOERROR:
2344
2010-03-12
pbug
/*
2345
2010-03-12
pbug
* this is hackish not sure if this should be here
2346
2010-03-12
pbug
*/
2347
2010-03-12
pbug
2348
2010-03-12
pbug
snprintf(replystring, DNS_MAXNAME, "NOERROR");
2349
2010-03-12
pbug
2350
2010-03-12
pbug
/*
2351
2010-03-12
pbug
* lookup an authoritative soa
2352
2010-03-12
pbug
*/
2353
2010-03-12
pbug
2354
2010-03-12
pbug
memset(&sd0, 0, sizeof(sd0));
2355
2011-06-28
pbug
(void)get_soa(cfg->db, question, &sd0, wildcard);
2356
2010-03-12
pbug
2357
2010-08-27
pbug
build_reply( &sreply, tnp->so, pbuf, len,
2358
2010-04-05
pbug
question, from, fromlen,
2359
2010-04-05
pbug
&sd0, NULL, tnp->region, istcp,
2360
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2361
2010-03-12
pbug
2362
2014-10-08
pjp
slen = reply_noerror(&sreply);
2363
2010-03-14
pbug
goto tcpout;
2364
2010-03-12
pbug
2365
2010-03-12
pbug
}
2366
2010-03-12
pbug
}
2367
2010-03-12
pbug
2368
2010-03-12
pbug
switch (type0) {
2369
2010-03-12
pbug
case 0:
2370
2010-03-12
pbug
/*
2371
2010-03-12
pbug
* lookup_zone could not find an RR for the
2372
2010-03-12
pbug
* question at all -> nxdomain
2373
2010-03-12
pbug
*/
2374
2010-03-14
pbug
tcpnxdomain:
2375
2010-03-12
pbug
snprintf(replystring, DNS_MAXNAME, "NXDOMAIN");
2376
2010-03-12
pbug
2377
2010-03-12
pbug
/*
2378
2010-03-12
pbug
* lookup an authoritative soa
2379
2010-03-12
pbug
*/
2380
2010-03-12
pbug
2381
2010-03-12
pbug
memset(&sd0, 0, sizeof(sd0));
2382
2011-06-28
pbug
(void)get_soa(cfg->db, question, &sd0, wildcard);
2383
2010-03-12
pbug
2384
2010-08-27
pbug
build_reply( &sreply, tnp->so, pbuf, len, question,
2385
2010-04-05
pbug
from, fromlen, &sd0, NULL,
2386
2014-04-21
pjp
tnp->region, istcp, tnp->wildcard, NULL,
2387
2014-04-21
pjp
replybuf);
2388
2010-04-05
pbug
2389
2014-10-08
pjp
slen = reply_nxdomain(&sreply);
2390
2010-03-14
pbug
goto tcpout;
2391
2010-03-12
pbug
case DNS_TYPE_CNAME:
2392
2010-03-12
pbug
fakequestion = build_fake_question(sd0.cname, sd0.cnamelen, question->hdr->qtype);
2393
2010-03-12
pbug
if (fakequestion == NULL) {
2394
2013-02-16
pjp
dolog(LOG_INFO, "fakequestion failed\n");
2395
2010-03-12
pbug
break;
2396
2010-03-12
pbug
}
2397
2010-03-12
pbug
2398
2011-06-28
pbug
type1 = lookup_zone(cfg->db, fakequestion, &sd1, &lzerrno, (char *)&fakereplystring, wildcard);
2399
2010-03-12
pbug
/* break CNAMES pointing to CNAMES */
2400
2010-03-12
pbug
if (type1 == DNS_TYPE_CNAME)
2401
2010-03-12
pbug
type1 = 0;
2402
2010-03-12
pbug
2403
2010-03-12
pbug
break;
2404
2010-03-12
pbug
default:
2405
2010-03-12
pbug
2406
2010-03-12
pbug
break;
2407
2010-03-12
pbug
}
2408
2010-03-12
pbug
2409
2010-03-12
pbug
/*
2410
2010-03-12
pbug
* Allow CLASS IN, CHAOS and others are
2411
2010-03-12
pbug
* not implemented and so we build a reply for
2412
2010-03-12
pbug
* that and go out.
2413
2010-03-12
pbug
*/
2414
2010-03-12
pbug
2415
2010-03-12
pbug
switch (ntohs(question->hdr->qclass)) {
2416
2010-03-12
pbug
case DNS_CLASS_IN:
2417
2010-03-12
pbug
break;
2418
2010-03-12
pbug
default:
2419
2010-08-27
pbug
build_reply( &sreply, tnp->so, pbuf, len, question,
2420
2010-04-05
pbug
from, fromlen, NULL, NULL, tnp->region,
2421
2014-04-21
pjp
istcp, tnp->wildcard, NULL, replybuf);
2422
2010-04-05
pbug
2423
2014-10-08
pjp
slen = reply_notimpl(&sreply);
2424
2010-03-12
pbug
snprintf(replystring, DNS_MAXNAME, "NOTIMPL");
2425
2010-03-14
pbug
goto tcpout;
2426
2010-03-12
pbug
}
2427
2010-03-12
pbug
2428
2010-03-12
pbug
switch (ntohs(question->hdr->qtype)) {
2429
2010-03-12
pbug
case DNS_TYPE_A:
2430
2010-03-12
pbug
if (type0 == DNS_TYPE_CNAME) {
2431
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2432
2010-03-12
pbug
fromlen, &sd0, ((type1 > 0) ? &sd1 : NULL), \
2433
2014-04-21
pjp
tnp->region, istcp, tnp->wildcard, NULL, replybuf);
2434
2014-10-08
pjp
slen = reply_cname(&sreply);
2435
2010-03-19
pbug
} else if (type0 == DNS_TYPE_NS) {
2436
2010-04-05
pbug
2437
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question,
2438
2010-04-05
pbug
from, fromlen, &sd0, NULL,
2439
2014-04-21
pjp
tnp->region, istcp, tnp->wildcard, NULL,
2440
2014-04-21
pjp
replybuf);
2441
2010-04-05
pbug
2442
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
2443
2010-03-19
pbug
break;
2444
2010-03-12
pbug
} else if (type0 == DNS_TYPE_A) {
2445
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2446
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp, tnp->wildcard,
2447
2014-04-21
pjp
NULL, replybuf);
2448
2014-10-08
pjp
slen = reply_a(&sreply, cfg->db);
2449
2010-03-12
pbug
break; /* must break here */
2450
2010-03-12
pbug
}
2451
2010-03-12
pbug
2452
2010-03-12
pbug
break;
2453
2010-12-27
pbug
2454
2010-12-27
pbug
case DNS_TYPE_ANY:
2455
2010-12-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2456
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp, tnp->wildcard,
2457
2014-04-21
pjp
NULL, replybuf);
2458
2014-04-21
pjp
2459
2014-10-08
pjp
slen = reply_any(&sreply);
2460
2010-12-27
pbug
break; /* must break here */
2461
2010-12-27
pbug
2462
2010-03-12
pbug
case DNS_TYPE_AAAA:
2463
2010-03-12
pbug
2464
2010-03-12
pbug
if (type0 == DNS_TYPE_CNAME) {
2465
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2466
2010-03-12
pbug
fromlen, &sd0, ((type1 > 0) ? &sd1 : NULL), \
2467
2014-04-21
pjp
tnp->region, istcp, tnp->wildcard, NULL, replybuf);
2468
2014-10-08
pjp
slen = reply_cname(&sreply);
2469
2010-03-19
pbug
} else if (type0 == DNS_TYPE_NS) {
2470
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2471
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2472
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2473
2014-04-21
pjp
2474
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
2475
2010-03-19
pbug
break;
2476
2010-03-12
pbug
} else if (type0 == DNS_TYPE_AAAA) {
2477
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from,
2478
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2479
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2480
2014-04-21
pjp
2481
2014-10-08
pjp
slen = reply_aaaa(&sreply, cfg->db);
2482
2010-03-12
pbug
break; /* must break here */
2483
2010-03-12
pbug
}
2484
2010-03-12
pbug
2485
2010-03-12
pbug
break;
2486
2010-03-12
pbug
case DNS_TYPE_MX:
2487
2010-03-12
pbug
2488
2010-03-12
pbug
if (type0 == DNS_TYPE_CNAME) {
2489
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2490
2010-03-12
pbug
fromlen, &sd0, ((type1 > 0) ? &sd1 : NULL), \
2491
2014-04-21
pjp
tnp->region, istcp, tnp->wildcard, NULL, replybuf);
2492
2014-04-21
pjp
2493
2014-10-08
pjp
slen = reply_cname(&sreply);
2494
2014-04-21
pjp
2495
2010-03-19
pbug
} else if (type0 == DNS_TYPE_NS) {
2496
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2497
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2498
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2499
2014-04-21
pjp
2500
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
2501
2014-04-21
pjp
2502
2010-03-19
pbug
break;
2503
2010-03-12
pbug
} else if (type0 == DNS_TYPE_MX) {
2504
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2505
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2506
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2507
2014-04-21
pjp
2508
2014-10-08
pjp
slen = reply_mx(&sreply, cfg->db);
2509
2010-03-12
pbug
break; /* must break here */
2510
2010-03-12
pbug
}
2511
2010-03-12
pbug
2512
2010-03-12
pbug
break;
2513
2010-03-12
pbug
case DNS_TYPE_SOA:
2514
2010-03-12
pbug
if (type0 == DNS_TYPE_SOA) {
2515
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2516
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2517
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2518
2014-04-21
pjp
2519
2014-10-08
pjp
slen = reply_soa(&sreply);
2520
2010-03-19
pbug
} else if (type0 == DNS_TYPE_NS) {
2521
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2522
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2523
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2524
2014-04-21
pjp
2525
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
2526
2010-03-19
pbug
break;
2527
2010-03-12
pbug
}
2528
2010-03-12
pbug
break;
2529
2010-03-12
pbug
case DNS_TYPE_NS:
2530
2010-03-12
pbug
if (type0 == DNS_TYPE_NS) {
2531
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2532
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2533
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2534
2014-04-21
pjp
2535
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
2536
2010-03-12
pbug
}
2537
2010-03-12
pbug
break;
2538
2010-03-12
pbug
2539
2014-04-21
pjp
case DNS_TYPE_SSHFP:
2540
2014-04-21
pjp
if (type0 == DNS_TYPE_SSHFP) {
2541
2014-04-21
pjp
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2542
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2543
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2544
2014-04-21
pjp
2545
2014-10-08
pjp
slen = reply_sshfp(&sreply);
2546
2014-04-21
pjp
}
2547
2014-04-21
pjp
break;
2548
2014-04-21
pjp
2549
2014-04-21
pjp
2550
2012-04-30
pbug
case DNS_TYPE_SRV:
2551
2012-04-30
pbug
if (type0 == DNS_TYPE_SRV) {
2552
2012-04-30
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2553
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2554
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2555
2014-04-21
pjp
2556
2014-10-08
pjp
slen = reply_srv(&sreply, cfg->db);
2557
2012-04-30
pbug
}
2558
2012-04-30
pbug
break;
2559
2012-04-30
pbug
2560
2014-05-11
pjp
case DNS_TYPE_NAPTR:
2561
2014-05-11
pjp
if (type0 == DNS_TYPE_NAPTR) {
2562
2014-05-11
pjp
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2563
2014-05-11
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2564
2014-05-11
pjp
tnp->wildcard, NULL, replybuf);
2565
2012-04-30
pbug
2566
2014-10-08
pjp
slen = reply_naptr(&sreply, cfg->db);
2567
2014-05-11
pjp
}
2568
2014-05-11
pjp
break;
2569
2012-04-30
pbug
2570
2010-03-12
pbug
case DNS_TYPE_CNAME:
2571
2010-03-12
pbug
if (type0 == DNS_TYPE_CNAME) {
2572
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2573
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2574
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2575
2014-04-21
pjp
2576
2014-10-08
pjp
slen = reply_cname(&sreply);
2577
2010-03-19
pbug
} else if (type0 == DNS_TYPE_NS) {
2578
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2579
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2580
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2581
2014-04-21
pjp
2582
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
2583
2010-03-19
pbug
break;
2584
2010-03-12
pbug
}
2585
2010-03-12
pbug
break;
2586
2010-03-12
pbug
2587
2010-03-12
pbug
case DNS_TYPE_PTR:
2588
2010-03-12
pbug
if (type0 == DNS_TYPE_CNAME) {
2589
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2590
2010-03-12
pbug
fromlen, &sd0, ((type1 > 0) ? &sd1 : NULL) \
2591
2014-04-21
pjp
, tnp->region, istcp, tnp->wildcard, NULL,
2592
2014-04-21
pjp
replybuf);
2593
2014-04-21
pjp
2594
2014-10-08
pjp
slen = reply_cname(&sreply);
2595
2014-04-21
pjp
2596
2010-03-19
pbug
} else if (type0 == DNS_TYPE_NS) {
2597
2014-04-21
pjp
2598
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2599
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2600
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2601
2014-04-21
pjp
2602
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
2603
2014-04-21
pjp
2604
2010-03-19
pbug
break;
2605
2010-03-12
pbug
} else if (type0 == DNS_TYPE_PTR) {
2606
2014-04-21
pjp
2607
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from,
2608
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2609
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2610
2014-04-21
pjp
2611
2014-10-08
pjp
slen = reply_ptr(&sreply);
2612
2010-03-12
pbug
break; /* must break here */
2613
2010-03-12
pbug
}
2614
2010-03-12
pbug
break;
2615
2010-03-12
pbug
2616
2010-03-27
pbug
case DNS_TYPE_TXT:
2617
2010-03-27
pbug
if (type0 == DNS_TYPE_TXT) {
2618
2014-04-21
pjp
2619
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2620
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2621
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2622
2014-04-21
pjp
2623
2014-10-08
pjp
slen = reply_txt(&sreply);
2624
2010-03-27
pbug
}
2625
2010-03-27
pbug
break;
2626
2010-03-27
pbug
2627
2014-04-21
pjp
case DNS_TYPE_SPF:
2628
2014-04-21
pjp
if (type0 == DNS_TYPE_SPF) {
2629
2014-04-21
pjp
2630
2014-04-21
pjp
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2631
2014-04-21
pjp
fromlen, &sd0, NULL, tnp->region, istcp,
2632
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2633
2014-04-21
pjp
2634
2014-10-08
pjp
slen = reply_spf(&sreply);
2635
2014-04-21
pjp
}
2636
2014-04-21
pjp
break;
2637
2014-04-21
pjp
2638
2014-04-21
pjp
2639
2010-03-12
pbug
default:
2640
2010-03-12
pbug
2641
2010-03-12
pbug
/*
2642
2010-03-19
pbug
* ANY unknown RR TYPE gets a NOTIMPL
2643
2010-03-12
pbug
*/
2644
2010-03-12
pbug
2645
2010-03-19
pbug
/*
2646
2010-03-19
pbug
* except for delegations
2647
2010-03-19
pbug
*/
2648
2010-03-19
pbug
2649
2010-03-19
pbug
if (type0 == DNS_TYPE_NS) {
2650
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2651
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp,
2652
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2653
2014-04-21
pjp
2654
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
2655
2014-04-21
pjp
2656
2010-03-19
pbug
} else {
2657
2010-03-19
pbug
2658
2010-08-27
pbug
build_reply(&sreply, tnp->so, pbuf, len, question, from, \
2659
2014-04-21
pjp
fromlen, NULL, NULL, tnp->region, istcp,
2660
2014-04-21
pjp
tnp->wildcard, NULL, replybuf);
2661
2010-03-19
pbug
2662
2014-10-08
pjp
slen = reply_notimpl(&sreply);
2663
2010-03-19
pbug
snprintf(replystring, DNS_MAXNAME, "NOTIMPL");
2664
2010-03-19
pbug
}
2665
2010-03-12
pbug
break;
2666
2010-03-12
pbug
}
2667
2010-03-12
pbug
2668
2010-03-14
pbug
tcpout:
2669
2010-03-12
pbug
if (lflag)
2670
2014-10-08
pjp
dolog(LOG_INFO, "request on descriptor %u interface \"%s\" from %s (ttl=TCP, region=%d) for \"%s\" type=%s class=%u, answering \"%s\" (%d/%d)\n", tnp->so, tnp->ident, tnp->address, tnp->region, question->converted_name, get_dns_type(ntohs(question->hdr->qtype)), ntohs(question->hdr->qclass), replystring, len, slen);
2671
2010-03-12
pbug
2672
2010-03-12
pbug
2673
2010-03-12
pbug
if (fakequestion != NULL) {
2674
2010-03-12
pbug
free_question(fakequestion);
2675
2010-03-12
pbug
}
2676
2010-03-12
pbug
2677
2010-03-12
pbug
free_question(question);
2678
2010-03-12
pbug
2679
2010-03-12
pbug
} /* END ISSET */
2680
2010-03-12
pbug
2681
2010-03-13
pbug
memset(tnp->input, 0, tnp->maxlen);
2682
2010-03-13
pbug
tnp->offset = 0;
2683
2010-03-13
pbug
2684
2010-03-13
pbug
} /* SLIST_FOREACH */
2685
2010-03-13
pbug
2686
2010-03-14
pbug
/* UDP marriage */
2687
2011-06-28
pbug
for (i = 0; i < cfg->sockcount; i++) {
2688
2011-09-19
pbug
if (axfrport && FD_ISSET(cfg->axfr[i], &rset)) {
2689
2011-09-19
pbug
istcp = 0;
2690
2011-09-19
pbug
so = cfg->axfr[i];
2691
2011-09-19
pbug
2692
2011-09-19
pbug
goto axfrentry;
2693
2011-09-19
pbug
}
2694
2011-09-19
pbug
2695
2011-06-28
pbug
if (FD_ISSET(cfg->udp[i], &rset)) {
2696
2011-06-28
pbug
istcp = 0;
2697
2011-06-28
pbug
so = cfg->udp[i];
2698
2011-09-19
pbug
axfrentry:
2699
2010-03-14
pbug
fromlen = sizeof(sockaddr_large);
2700
2010-03-14
pbug
2701
2010-03-14
pbug
memset(&msgh, 0, sizeof(msgh));
2702
2010-03-14
pbug
iov.iov_base = buf;
2703
2010-03-14
pbug
iov.iov_len = sizeof(buf);
2704
2010-03-14
pbug
msgh.msg_name = from;
2705
2010-03-14
pbug
msgh.msg_namelen = fromlen;
2706
2010-03-14
pbug
msgh.msg_iov = &iov;
2707
2010-03-14
pbug
msgh.msg_iovlen = 1;
2708
2010-03-14
pbug
msgh.msg_control = (struct cmsghdr*)&controlbuf;
2709
2010-03-14
pbug
msgh.msg_controllen = sizeof(controlbuf);
2710
2010-03-14
pbug
2711
2010-03-14
pbug
len = recvmsg(so, &msgh, 0);
2712
2010-03-14
pbug
if (len < 0) {
2713
2013-02-16
pjp
dolog(LOG_INFO, "recvmsg: on descriptor %u interface \"%s\" %s\n", so, cfg->ident[i], strerror(errno));
2714
2010-03-14
pbug
continue;
2715
2010-03-14
pbug
}
2716
2010-03-14
pbug
2717
2010-03-14
pbug
received_ttl = 0;
2718
2010-03-14
pbug
2719
2010-03-14
pbug
for (cmsg = CMSG_FIRSTHDR(&msgh);
2720
2010-03-14
pbug
cmsg != NULL;
2721
2010-03-14
pbug
cmsg = CMSG_NXTHDR(&msgh,cmsg)) {
2722
2010-03-14
pbug
if (cmsg->cmsg_level == IPPROTO_IP
2723
2010-03-28
pbug
#ifdef __linux__
2724
2010-03-14
pbug
&& cmsg->cmsg_type == IP_TTL) {
2725
2010-03-28
pbug
#elif defined __NetBSD__
2726
2010-03-28
pbug
&& cmsg->cmsg_type == IP_TTL) {
2727
2010-03-28
pbug
2728
2010-03-14
pbug
#else
2729
2010-03-28
pbug
2730
2010-03-14
pbug
&& cmsg->cmsg_type == IP_RECVTTL) {
2731
2010-03-14
pbug
#endif
2732
2010-03-14
pbug
2733
2011-02-13
pbug
#if defined __FreeBSD__ || defined __OpenBSD__
2734
2010-03-14
pbug
2735
2010-03-14
pbug
ttlptr = (u_char *) CMSG_DATA(cmsg);
2736
2010-03-14
pbug
received_ttl = (u_int)*ttlptr;
2737
2010-03-14
pbug
#else
2738
2010-03-14
pbug
2739
2010-03-14
pbug
ttlptr = (int *) CMSG_DATA(cmsg);
2740
2010-03-14
pbug
received_ttl = (u_int)*ttlptr;
2741
2010-03-14
pbug
#endif
2742
2010-03-14
pbug
}
2743
2012-06-11
pbug
2744
2012-06-11
pbug
if (cmsg->cmsg_level == IPPROTO_IPV6 &&
2745
2012-06-11
pbug
cmsg->cmsg_type == IPV6_HOPLIMIT) {
2746
2012-06-11
pbug
2747
2012-06-11
pbug
if (cmsg->cmsg_len !=
2748
2012-06-11
pbug
CMSG_LEN(sizeof(int))) {
2749
2013-02-16
pjp
dolog(LOG_INFO, "cmsg->cmsg_len == %d\n", cmsg->cmsg_len);
2750
2012-06-11
pbug
continue;
2751
2012-06-11
pbug
}
2752
2012-06-11
pbug
2753
2014-11-07
pjp
#ifdef __NetBSD__
2754
2014-11-07
pjp
ttlptr = (int *) CMSG_DATA(cmsg);
2755
2014-11-07
pjp
#else
2756
2012-06-11
pbug
ttlptr = (u_char *) CMSG_DATA(cmsg);
2757
2014-11-07
pjp
#endif
2758
2014-11-07
pjp
2759
2014-11-07
pjp
2760
2012-06-11
pbug
received_ttl = (u_int)*ttlptr;
2761
2012-06-11
pbug
}
2762
2010-03-14
pbug
}
2763
2010-04-15
pbug
2764
2010-04-15
pbug
if (rflag) {
2765
2010-04-15
pbug
if (getsockname(so, (struct sockaddr*)&sto, &namelen) < 0) {
2766
2013-02-16
pjp
dolog(LOG_INFO, "getsockname failed: %s\n", strerror(errno));
2767
2010-04-15
pbug
}
2768
2010-04-15
pbug
2769
2010-04-15
pbug
memset(&rh, 0, sizeof(rh));
2770
2010-04-15
pbug
}
2771
2010-03-14
pbug
2772
2010-03-14
pbug
if (from->sa_family == AF_INET6) {
2773
2010-03-14
pbug
is_ipv6 = 1;
2774
2010-03-14
pbug
2775
2010-03-14
pbug
fromlen = sizeof(struct sockaddr_in6);
2776
2010-03-14
pbug
sin6 = (struct sockaddr_in6 *)from;
2777
2010-03-14
pbug
inet_ntop(AF_INET6, (void *)&sin6->sin6_addr, (char *)&address, sizeof(address));
2778
2014-05-05
pjp
if (ratelimit) {
2779
2014-05-05
pjp
add_rrlimit(ratelimit_backlog, (u_int16_t *)&sin6->sin6_addr, sizeof(sin6->sin6_addr), rptr);
2780
2014-05-05
pjp
2781
2014-05-05
pjp
rcheck = check_rrlimit(ratelimit_backlog, (u_int16_t *)&sin6->sin6_addr, sizeof(sin6->sin6_addr), rptr);
2782
2014-05-05
pjp
}
2783
2014-05-05
pjp
2784
2010-03-27
pbug
aregion = find_region((struct sockaddr_storage *)sin6, AF_INET6);
2785
2010-04-05
pbug
wildcard = find_wildcard((struct sockaddr_storage *)sin6, AF_INET6);
2786
2014-05-01
pjp
filter = find_filter((struct sockaddr_storage *)sin6, AF_INET6);
2787
2014-05-18
pjp
if (whitelist) {
2788
2014-05-18
pjp
blacklist = find_whitelist((struct sockaddr_storage *)sin6, AF_INET6);
2789
2014-05-18
pjp
}
2790
2010-04-15
pbug
if (rflag) {
2791
2010-04-15
pbug
recursion = find_recurse((struct sockaddr_storage *)sin6, AF_INET6);
2792
2010-04-15
pbug
recurseheader(&rh, IPPROTO_UDP, (struct sockaddr_storage*)sin6, &sto, AF_INET6);
2793
2010-04-15
pbug
}
2794
2010-03-14
pbug
} else if (from->sa_family == AF_INET) {
2795
2010-03-14
pbug
is_ipv6 = 0;
2796
2010-03-14
pbug
2797
2010-03-14
pbug
fromlen = sizeof(struct sockaddr_in);
2798
2010-03-14
pbug
sin = (struct sockaddr_in *)from;
2799
2010-03-14
pbug
inet_ntop(AF_INET, (void *)&sin->sin_addr, (char *)&address, sizeof(address));
2800
2014-05-05
pjp
if (ratelimit) {
2801
2014-05-05
pjp
add_rrlimit(ratelimit_backlog, (u_int16_t *)&sin->sin_addr.s_addr, sizeof(sin->sin_addr.s_addr), rptr);
2802
2014-05-05
pjp
2803
2014-05-05
pjp
rcheck = check_rrlimit(ratelimit_backlog, (u_int16_t *)&sin->sin_addr.s_addr, sizeof(sin->sin_addr.s_addr), rptr);
2804
2014-05-05
pjp
}
2805
2014-05-05
pjp
2806
2010-03-27
pbug
aregion = find_region((struct sockaddr_storage *)sin, AF_INET);
2807
2010-04-05
pbug
wildcard = find_wildcard((struct sockaddr_storage *)sin, AF_INET);
2808
2014-05-01
pjp
filter = find_filter((struct sockaddr_storage *)sin, AF_INET);
2809
2014-05-18
pjp
if (whitelist) {
2810
2014-05-18
pjp
blacklist = find_whitelist((struct sockaddr_storage *)sin, AF_INET);
2811
2014-05-18
pjp
}
2812
2014-05-18
pjp
2813
2010-04-15
pbug
if (rflag) {
2814
2010-04-15
pbug
recursion = find_recurse((struct sockaddr_storage *)sin, AF_INET);
2815
2010-04-15
pbug
recurseheader(&rh, IPPROTO_UDP, (struct sockaddr_storage*)sin, &sto, AF_INET);
2816
2010-04-15
pbug
}
2817
2010-03-14
pbug
} else {
2818
2013-02-16
pjp
dolog(LOG_INFO, "packet received on descriptor %u interface \"%s\" had weird address family (%u), drop\n", so, cfg->ident[i], from->sa_family);
2819
2010-03-14
pbug
goto drop;
2820
2010-03-14
pbug
}
2821
2010-03-14
pbug
2822
2010-03-14
pbug
/* if UDP packet check length for minimum / maximum */
2823
2010-03-14
pbug
if (len > DNS_MAXUDP || len < sizeof(struct dns_header)){
2824
2013-02-16
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" illegal dns packet length from %s, drop\n", so, cfg->ident[i], address);
2825
2010-03-14
pbug
goto drop;
2826
2010-03-14
pbug
}
2827
2010-03-14
pbug
2828
2010-03-14
pbug
dh = (struct dns_header *)&buf[0];
2829
2010-03-14
pbug
2830
2010-03-14
pbug
/* check if we're a question or reply, drop replies */
2831
2010-03-14
pbug
if ((ntohs(dh->query) & DNS_REPLY)) {
2832
2013-02-16
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" dns header from %s is not a question, drop\n", so, cfg->ident[i], address);
2833
2010-03-14
pbug
goto drop;
2834
2010-03-14
pbug
}
2835
2010-03-14
pbug
2836
2010-03-14
pbug
/*
2837
2010-03-14
pbug
* if questions aren't exactly 1 then drop
2838
2010-03-14
pbug
*/
2839
2010-03-14
pbug
2840
2010-03-14
pbug
if (ntohs(dh->question) != 1) {
2841
2013-02-16
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" header from %s has no question, drop\n", so, cfg->ident[i], address);
2842
2010-03-14
pbug
2843
2010-03-14
pbug
/* format error */
2844
2014-04-21
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, wildcard, NULL, replybuf);
2845
2014-04-21
pjp
2846
2014-10-08
pjp
slen = reply_fmterror(&sreply);
2847
2013-02-16
pjp
dolog(LOG_INFO, "question on descriptor %d interface \"%s\" from %s, did not have question of 1 replying format error\n", so, cfg->ident[i], address);
2848
2010-03-14
pbug
goto drop;
2849
2010-03-14
pbug
}
2850
2014-05-01
pjp
2851
2014-05-01
pjp
if (filter) {
2852
2014-05-01
pjp
2853
2014-05-01
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, wildcard, NULL, replybuf);
2854
2014-10-08
pjp
slen = reply_refused(&sreply);
2855
2014-05-01
pjp
2856
2014-05-01
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) replying REFUSED, filter policy\n", so, cfg->ident[i], address, received_ttl, aregion);
2857
2014-05-01
pjp
goto drop;
2858
2014-05-01
pjp
}
2859
2014-05-01
pjp
2860
2014-05-18
pjp
if (whitelist && blacklist == 0) {
2861
2014-05-18
pjp
2862
2014-05-18
pjp
build_reply(&sreply, so, buf, len, NULL, from, fromlen, NULL, NULL, aregion, istcp, wildcard, NULL, replybuf);
2863
2014-10-08
pjp
slen = reply_refused(&sreply);
2864
2014-05-18
pjp
2865
2014-05-18
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) replying REFUSED, whitelist policy\n", so, cfg->ident[i], address, received_ttl, aregion);
2866
2014-05-18
pjp
goto drop;
2867
2014-05-18
pjp
}
2868
2014-05-18
pjp
2869
2014-05-05
pjp
if (ratelimit && rcheck) {
2870
2014-05-05
pjp
dolog(LOG_INFO, "UDP connection refused on descriptor %u interface \"%s\" from %s (ttl=%d, region=%d) ratelimit policy dropping packet\n", so, cfg->ident[i], address, received_ttl, aregion);
2871
2014-05-05
pjp
goto drop;
2872
2014-05-05
pjp
}
2873
2010-03-14
pbug
2874
2010-04-15
pbug
if (rflag && recursion) {
2875
2010-04-15
pbug
memcpy(&rh.buf, buf, len);
2876
2010-04-15
pbug
rh.len = len;
2877
2010-04-15
pbug
}
2878
2010-03-14
pbug
2879
2014-05-09
pjp
if ((question = build_question(buf, len, ntohs(dh->additional))) == NULL) {
2880
2013-02-16
pjp
dolog(LOG_INFO, "on descriptor %u interface \"%s\" malformed question from %s, drop\n", so, cfg->ident[i], address);
2881
2010-03-14
pbug
goto drop;
2882
2010-03-14
pbug
}
2883
2010-03-14
pbug
2884
2010-03-14
pbug
/* goto drop beyond this point should goto out instead */
2885
2010-03-14
pbug
fakequestion = NULL;
2886
2010-03-14
pbug
2887
2011-06-28
pbug
if ((type0 = lookup_zone(cfg->db, question, &sd0, &lzerrno, (char *)&replystring, wildcard)) < 0) {
2888
2010-03-14
pbug
switch (lzerrno) {
2889
2010-03-14
pbug
default:
2890
2013-02-16
pjp
dolog(LOG_INFO, "invalid lzerrno! dropping\n");
2891
2010-03-14
pbug
/* FALLTHROUGH */
2892
2010-03-14
pbug
case ERR_DROP:
2893
2010-03-14
pbug
snprintf(replystring, DNS_MAXNAME, "DROP");
2894
2010-03-14
pbug
goto udpout;
2895
2010-03-14
pbug
2896
2010-03-14
pbug
case ERR_NXDOMAIN:
2897
2010-03-14
pbug
goto udpnxdomain;
2898
2010-03-14
pbug
case ERR_NOERROR:
2899
2010-04-15
pbug
if (rflag && recursion) {
2900
2010-04-15
pbug
snprintf(replystring, DNS_MAXNAME, "RECURSE");
2901
2010-04-15
pbug
if (send(sp, (char *)&rh, sizeof(rh), 0) < 0) {
2902
2013-02-16
pjp
dolog(LOG_INFO, "send sp: %s\n", strerror(errno));
2903
2010-04-15
pbug
}
2904
2010-03-14
pbug
2905
2010-04-15
pbug
goto udpout;
2906
2010-04-15
pbug
} else {
2907
2010-04-15
pbug
/*
2908
2010-04-15
pbug
* this is hackish not sure if this should be here
2909
2010-04-15
pbug
*/
2910
2010-03-14
pbug
2911
2010-04-15
pbug
snprintf(replystring, DNS_MAXNAME, "NOERROR");
2912
2010-03-14
pbug
2913
2010-04-15
pbug
/*
2914
2010-04-15
pbug
* lookup an authoritative soa
2915
2010-04-15
pbug
*/
2916
2010-03-14
pbug
2917
2010-04-15
pbug
memset(&sd0, 0, sizeof(sd0));
2918
2011-06-28
pbug
(void)get_soa(cfg->db, question, &sd0, wildcard);
2919
2010-03-14
pbug
2920
2010-04-15
pbug
build_reply(&sreply, so, buf, len, question, from, \
2921
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard,
2922
2014-04-21
pjp
NULL, replybuf);
2923
2010-03-14
pbug
2924
2014-10-08
pjp
slen = reply_noerror(&sreply);
2925
2010-04-15
pbug
goto udpout;
2926
2010-04-15
pbug
} /* else rflag */
2927
2010-03-14
pbug
}
2928
2010-03-14
pbug
}
2929
2010-03-14
pbug
2930
2010-03-14
pbug
switch (type0) {
2931
2010-03-14
pbug
case 0:
2932
2010-03-14
pbug
udpnxdomain:
2933
2010-04-15
pbug
if (rflag && recursion) {
2934
2010-04-15
pbug
snprintf(replystring, DNS_MAXNAME, "RECURSE");
2935
2010-04-15
pbug
if (send(sp, (char *)&rh, sizeof(rh), 0) < 0) {
2936
2013-02-16
pjp
dolog(LOG_INFO, "send sp: %s\n", strerror(errno));
2937
2010-04-15
pbug
}
2938
2010-03-14
pbug
2939
2010-04-15
pbug
goto udpout;
2940
2010-04-15
pbug
} else {
2941
2010-04-15
pbug
2942
2010-04-15
pbug
/*
2943
2010-04-15
pbug
* lookup_zone could not find an RR for the
2944
2010-04-15
pbug
* question at all -> nxdomain
2945
2010-04-15
pbug
*/
2946
2010-04-15
pbug
snprintf(replystring, DNS_MAXNAME, "NXDOMAIN");
2947
2010-04-15
pbug
2948
2010-04-15
pbug
/*
2949
2010-04-15
pbug
* lookup an authoritative soa
2950
2010-04-15
pbug
*/
2951
2010-03-14
pbug
2952
2010-04-15
pbug
memset(&sd0, 0, sizeof(sd0));
2953
2011-06-28
pbug
(void)get_soa(cfg->db, question, &sd0, wildcard);
2954
2010-04-15
pbug
2955
2010-04-15
pbug
build_reply(&sreply, so, buf, len, question, from, \
2956
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, \
2957
2014-04-21
pjp
wildcard, NULL, replybuf);
2958
2014-04-21
pjp
2959
2014-10-08
pjp
slen = reply_nxdomain(&sreply);
2960
2010-04-15
pbug
goto udpout;
2961
2010-04-15
pbug
} /* else rflag */
2962
2010-03-14
pbug
case DNS_TYPE_CNAME:
2963
2010-03-14
pbug
fakequestion = build_fake_question(sd0.cname, sd0.cnamelen, question->hdr->qtype);
2964
2010-03-14
pbug
if (fakequestion == NULL) {
2965
2013-02-16
pjp
dolog(LOG_INFO, "fakequestion failed\n");
2966
2010-03-14
pbug
break;
2967
2010-03-14
pbug
}
2968
2010-03-14
pbug
2969
2011-06-28
pbug
type1 = lookup_zone(cfg->db, fakequestion, &sd1, &lzerrno, (char *)&fakereplystring, wildcard);
2970
2010-03-14
pbug
/* break CNAMES pointing to CNAMES */
2971
2010-03-14
pbug
if (type1 == DNS_TYPE_CNAME)
2972
2010-03-14
pbug
type1 = 0;
2973
2010-03-14
pbug
2974
2010-03-14
pbug
break;
2975
2010-03-14
pbug
default:
2976
2010-03-14
pbug
2977
2010-03-14
pbug
break;
2978
2010-03-14
pbug
}
2979
2010-03-14
pbug
2980
2010-03-14
pbug
/*
2981
2010-03-14
pbug
* Allow CLASS IN, CHAOS and others are
2982
2010-03-14
pbug
* not implemented and so we build a reply for
2983
2010-03-14
pbug
* that and go out.
2984
2010-03-14
pbug
*/
2985
2010-03-14
pbug
2986
2010-03-14
pbug
switch (ntohs(question->hdr->qclass)) {
2987
2010-03-14
pbug
case DNS_CLASS_IN:
2988
2010-03-14
pbug
break;
2989
2010-03-14
pbug
default:
2990
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
2991
2014-04-21
pjp
fromlen, NULL, NULL, aregion, istcp, wildcard, \
2992
2014-04-21
pjp
NULL, replybuf);
2993
2014-04-21
pjp
2994
2014-10-08
pjp
slen = reply_notimpl(&sreply);
2995
2010-03-14
pbug
snprintf(replystring, DNS_MAXNAME, "NOTIMPL");
2996
2010-03-14
pbug
goto udpout;
2997
2010-03-14
pbug
}
2998
2010-03-14
pbug
2999
2010-03-14
pbug
switch (ntohs(question->hdr->qtype)) {
3000
2010-03-14
pbug
case DNS_TYPE_A:
3001
2010-03-14
pbug
if (type0 == DNS_TYPE_CNAME) {
3002
2014-04-21
pjp
3003
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
3004
2010-03-14
pbug
fromlen, &sd0, ((type1 > 0) ? &sd1 : NULL), \
3005
2014-04-21
pjp
aregion, istcp, wildcard, NULL, replybuf);
3006
2014-04-21
pjp
3007
2014-10-08
pjp
slen = reply_cname(&sreply);
3008
2010-03-19
pbug
} else if (type0 == DNS_TYPE_NS) {
3009
2014-04-21
pjp
3010
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
3011
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard, \
3012
2014-04-21
pjp
NULL, replybuf);
3013
2014-04-21
pjp
3014
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
3015
2010-03-19
pbug
break;
3016
2010-03-14
pbug
} else if (type0 == DNS_TYPE_A) {
3017
2014-04-21
pjp
3018
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
3019
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard,
3020
2014-04-21
pjp
NULL, replybuf);
3021
2014-04-21
pjp
3022
2014-10-08
pjp
slen = reply_a(&sreply, cfg->db);
3023
2010-03-14
pbug
break; /* must break here */
3024
2010-03-14
pbug
}
3025
2010-03-14
pbug
3026
2010-03-14
pbug
break;
3027
2010-12-27
pbug
3028
2010-12-27
pbug
case DNS_TYPE_ANY:
3029
2014-04-21
pjp
3030
2010-12-27
pbug
build_reply(&sreply, so, buf, len, question, from, \
3031
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard, NULL,
3032
2014-04-21
pjp
replybuf);
3033
2014-04-21
pjp
3034
2014-10-08
pjp
slen = reply_any(&sreply);
3035
2010-12-27
pbug
break; /* must break here */
3036
2010-12-27
pbug
3037
2010-03-14
pbug
case DNS_TYPE_AAAA:
3038
2010-03-14
pbug
3039
2010-03-14
pbug
if (type0 == DNS_TYPE_CNAME) {
3040
2014-04-21
pjp
3041
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
3042
2010-03-14
pbug
fromlen, &sd0, ((type1 > 0) ? &sd1 : NULL), \
3043
2014-04-21
pjp
aregion, istcp, wildcard, NULL, replybuf);
3044
2014-04-21
pjp
3045
2014-10-08
pjp
slen = reply_cname(&sreply);
3046
2010-03-19
pbug
} else if (type0 == DNS_TYPE_NS) {
3047
2014-04-21
pjp
3048
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
3049
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard, \
3050
2014-04-21
pjp
NULL, replybuf);
3051
2014-04-21
pjp
3052
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
3053
2010-03-19
pbug
break;
3054
2010-03-14
pbug
} else if (type0 == DNS_TYPE_AAAA) {
3055
2014-04-21
pjp
3056
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from,
3057
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard,
3058
2014-04-21
pjp
NULL, replybuf);
3059
2014-04-21
pjp
3060
2014-10-08
pjp
slen = reply_aaaa(&sreply, cfg->db);
3061
2010-03-14
pbug
break; /* must break here */
3062
2010-03-14
pbug
}
3063
2010-03-14
pbug
3064
2010-03-14
pbug
break;
3065
2010-03-14
pbug
case DNS_TYPE_MX:
3066
2010-03-14
pbug
3067
2010-03-14
pbug
if (type0 == DNS_TYPE_CNAME) {
3068
2014-04-21
pjp
3069
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
3070
2010-03-14
pbug
fromlen, &sd0, ((type1 > 0) ? &sd1 : NULL), \
3071
2014-04-21
pjp
aregion, istcp, wildcard, NULL, replybuf);
3072
2014-04-21
pjp
3073
2014-10-08
pjp
slen = reply_cname(&sreply);
3074
2014-04-21
pjp
} else if (type0 == DNS_TYPE_NS) {
3075
2014-04-21
pjp
3076
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
3077
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard, \
3078
2014-04-21
pjp
NULL, replybuf);
3079
2014-04-21
pjp
3080
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
3081
2010-03-19
pbug
break;
3082
2010-03-14
pbug
} else if (type0 == DNS_TYPE_MX) {
3083
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
3084
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard, \
3085
2014-04-21
pjp
NULL, replybuf);
3086
2014-10-08
pjp
slen = reply_mx(&sreply, cfg->db);
3087
2010-03-14
pbug
break; /* must break here */
3088
2010-03-14
pbug
}
3089
2010-03-14
pbug
3090
2010-03-14
pbug
break;
3091
2010-03-14
pbug
case DNS_TYPE_SOA:
3092
2010-03-14
pbug
if (type0 == DNS_TYPE_SOA) {
3093
2014-04-21
pjp
3094
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
3095
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard, \
3096
2014-04-21
pjp
NULL, replybuf);
3097
2014-04-21
pjp
3098
2014-10-08
pjp
slen = reply_soa(&sreply);
3099
2010-03-19
pbug
} else if (type0 == DNS_TYPE_NS) {
3100
2014-04-21
pjp
3101
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
3102
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard, \
3103
2014-04-21
pjp
NULL, replybuf);
3104
2014-04-21
pjp
3105
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
3106
2010-03-19
pbug
break;
3107
2010-03-14
pbug
}
3108
2010-03-14
pbug
break;
3109
2010-03-14
pbug
case DNS_TYPE_NS:
3110
2010-03-14
pbug
if (type0 == DNS_TYPE_NS) {
3111
2014-04-21
pjp
3112
2010-04-05
pbug
build_reply(&sreply, so, buf, len, question, from, \
3113
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard, \
3114
2014-04-21
pjp
NULL, replybuf);
3115
2014-04-21
pjp
3116
2014-10-08
pjp
slen = reply_ns(&sreply, cfg->db);
3117
2010-03-14
pbug
}
3118
2010-03-14
pbug
break;
3119
2010-03-14
pbug
3120
2014-04-21
pjp
case DNS_TYPE_SSHFP:
3121
2014-04-21
pjp
if (type0 == DNS_TYPE_SSHFP) {
3122
2014-04-21
pjp
build_reply(&sreply, so, buf, len, question, from, \
3123
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard, \
3124
2014-04-21
pjp
NULL, replybuf);
3125
2014-04-21
pjp
3126
2014-10-08
pjp
slen = reply_sshfp(&sreply);
3127
2014-04-21
pjp
}
3128
2014-04-21
pjp
break;
3129
2014-04-21
pjp
3130
2014-04-21
pjp
3131
2012-04-30
pbug
case DNS_TYPE_SRV:
3132
2012-04-30
pbug
if (type0 == DNS_TYPE_SRV) {
3133
2014-04-21
pjp
3134
2012-04-30
pbug
build_reply(&sreply, so, buf, len, question, from, \
3135
2014-04-21
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard, \
3136
2014-04-21
pjp
NULL, replybuf);
3137
2014-04-21
pjp
3138
2014-10-08
pjp
slen = reply_srv(&sreply, cfg->db);
3139
2012-04-30
pbug
}
3140
2012-04-30
pbug
break;
3141
2012-04-30
pbug
3142
2014-05-11
pjp
case DNS_TYPE_NAPTR:
3143
2014-05-11
pjp
if (type0 == DNS_TYPE_NAPTR) {
3144
2014-05-11
pjp
3145
2014-05-11
pjp
build_reply(&sreply, so, buf, len, question, from, \
3146
2014-05-11
pjp
fromlen, &sd0, NULL, aregion, istcp, wildcard, \
3147
2014-05-11
pjp
NULL, replybuf);
3148
2014-05-11
pjp
3149
2014-10-08
pjp
slen = reply_naptr(&sreply, cfg->db);
3150
2014-05-11
pjp
}
3151
2014-05-11