resolver.c

   1 /*
   2  * This file is part of secnet.
   3  * See README for full list of copyright holders.
   4  *
   5  * secnet is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version d of the License, or
   8  * (at your option) any later version.
   9  *
  10  * secnet is distributed in the hope that it will be useful, but
  11  * WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13  * General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License
  16  * version 3 along with secnet; if not, see
  17  * https://www.gnu.org/licenses/gpl.html.
  18  */
  19 /* Name resolution using adns */
  20
  21 #include <errno.h>
  22 #include "secnet.h"
  23 #include "util.h"
  24 #ifndef HAVE_LIBADNS
  25 #error secnet requires ADNS version 1.0 or above
  26 #endif
  27 #include <adns.h>
  28 #include <arpa/inet.h>
  29 #include <string.h>
  30
  31
  32 struct adns {
  33     closure_t cl;
  34     struct resolver_if ops;
  35     struct cloc loc;
  36     adns_state ast;
  37 };
  38
  39 struct query {
  40     void *cst;
  41     const char *name;
  42     int port;
  43     struct comm_if *comm;
  44     resolve_answer_fn *answer;
  45     adns_query query;
  46 };
  47
  48 static resolve_request_fn resolve_request;
  49 static bool_t resolve_request(void *sst, cstring_t name,
  50                               int port, struct comm_if *comm,
  51                               resolve_answer_fn *cb, void *cst)
  52 {
  53     struct adns *st=sst;
  54     struct query *q;
  55     int rv;
  56     const int maxlitlen=
  57 #ifdef CONFIG_IPV6
  58         ADNS_ADDR2TEXT_BUFLEN*2
  59 #else
  60         50
  61 #endif
  62         ;
  63     ssize_t l=strlen(name);
  64     if (name[0]=='[' && l<maxlitlen && l>2 && name[l-1]==']') {
  65         char trimmed[maxlitlen+1];
  66         memcpy(trimmed,name+1,l-2);
  67         trimmed[l-2]=0;
  68         struct comm_addr ca;
  69         ca.comm=comm;
  70         ca.ix=-1;
  71 #ifdef CONFIG_IPV6
  72         socklen_t salen=sizeof(ca.ia);
  73         rv=adns_text2addr(trimmed, port, adns_qf_addrlit_ipv4_quadonly,
  74                           &ca.ia.sa, &salen);
  75         assert(rv!=ENOSPC);
  76         if (rv) {
  77             char msg[250];
  78             snprintf(msg,sizeof(msg),"invalid address literal: %s",
  79                      strerror(rv));
  80             msg[sizeof(msg)-1]=0;
  81             cb(cst,0,0,0,name,msg);
  82         } else {
  83             cb(cst,&ca,1,1,name,0);
  84         }
  85 #else
  86         ca.ia.sin.sin_family=AF_INET;
  87         ca.ia.sin.sin_port=htons(port);
  88         if (inet_aton(trimmed,&ca.ia.sin.sin_addr))
  89             cb(cst,&ca,1,1,name,0);
  90         else
  91             cb(cst,0,0,0,name,"invalid IP address");
  92 #endif
  93         return True;
  94     }
  95
  96     NEW(q);
  97     q->cst=cst;
  98     q->comm=comm;
  99     q->port=port;
 100     q->name=name;
 101     q->answer=cb;
 102
 103     rv=adns_submit(st->ast, name, adns_r_addr, 0, q, &q->query);
 104     if (rv) {
 105         Message(M_WARNING,
 106                 "resolver: failed to submit lookup for %s: %s",name,
 107                 adns_strerror(rv));
 108         free(q);
 109         return False;
 110     }
 111
 112     return True;
 113 }
 114
 115 static int resolver_beforepoll(void *sst, struct pollfd *fds, int *nfds_io,
 116                                int *timeout_io)
 117 {
 118     struct adns *st=sst;
 119     return adns_beforepoll(st->ast, fds, nfds_io, timeout_io, tv_now);
 120 }
 121
 122 static void resolver_afterpoll(void *sst, struct pollfd *fds, int nfds)
 123 {
 124     struct adns *st=sst;
 125     adns_query aq;
 126     adns_answer *ans;
 127     void *qp;
 128     struct query *q;
 129     int rv;
 130
 131     adns_afterpoll(st->ast, fds, nfds, tv_now);
 132
 133     while (True) {
 134         aq=NULL;
 135         rv=adns_check(st->ast, &aq, &ans, &qp);
 136         if (rv==0) {
 137             q=qp;
 138             if (ans->status!=adns_s_ok) {
 139                 q->answer(q->cst,NULL,0,0,q->name,adns_strerror(ans->status));
 140                 free(q);
 141                 free(ans);
 142             } else {
 143                 int rslot, wslot, total;
 144                 int ca_len=MIN(ans->nrrs,MAX_PEER_ADDRS);
 145                 struct comm_addr ca_buf[ca_len];
 146                 for (rslot=0, wslot=0, total=0;
 147                      rslot<ans->nrrs;
 148                      rslot++) {
 149                     total++;
 150                     if (!(wslot<ca_len)) continue;
 151                     adns_rr_addr *ra=&ans->rrs.addr[rslot];
 152                     struct comm_addr *ca=&ca_buf[wslot];
 153                     ca->comm=q->comm;
 154                     ca->ix=-1;
 155                     assert(ra->len <= (int)sizeof(ca->ia));
 156                     memcpy(&ca->ia,&ra->addr,ra->len);
 157                     switch (ra->addr.sa.sa_family) {
 158                     case AF_INET:
 159                         assert(ra->len == sizeof(ca->ia.sin));
 160                         ca->ia.sin.sin_port=htons(q->port);
 161                         break;
 162 #ifdef CONFIG_IPV6
 163                     case AF_INET6:
 164                         assert(ra->len == sizeof(ca->ia.sin6));
 165                         ca->ia.sin6.sin6_port=htons(q->port);
 166                         break;
 167 #endif /*CONFIG_IPV6*/
 168                     default:
 169                         /* silently skip unexpected AFs from adns */
 170                         continue;
 171                     }
 172                     wslot++;
 173                 }
 174                 q->answer(q->cst,ca_buf,wslot,total,q->name,0);
 175                 free(q);
 176                 free(ans);
 177             }
 178         } else if (rv==EAGAIN || rv==ESRCH) {
 179             break;
 180         } else {
 181             fatal("resolver_afterpoll: adns_check() returned %d",rv);
 182         }
 183     }
 184
 185     return;
 186 }
 187
 188 /* Initialise adns, using parameters supplied */
 189 static list_t *adnsresolver_apply(closure_t *self, struct cloc loc,
 190                                   dict_t *context, list_t *args)
 191 {
 192     struct adns *st;
 193     dict_t *d;
 194     item_t *i;
 195     string_t conf;
 196
 197     NEW(st);
 198     st->cl.description="adns";
 199     st->cl.type=CL_RESOLVER;
 200     st->cl.apply=NULL;
 201     st->cl.interface=&st->ops;
 202     st->loc=loc;
 203     st->ops.st=st;
 204     st->ops.request=resolve_request;
 205
 206     i=list_elem(args,0);
 207     if (!i || i->type!=t_dict) {
 208         cfgfatal(st->loc,"adns","first argument must be a dictionary\n");
 209     }
 210     d=i->data.dict;
 211     conf=dict_read_string(d,"config",False,"adns",loc);
 212
 213     if (conf) {
 214         if (adns_init_strcfg(&st->ast, 0, 0, conf)) {
 215             fatal_perror("Failed to initialise ADNS");
 216         }
 217     } else {
 218         if (adns_init(&st->ast, 0, 0)) {
 219             fatal_perror("Failed to initialise ADNS");
 220         }
 221     }
 222
 223     register_for_poll(st, resolver_beforepoll, resolver_afterpoll,
 224                       "resolver");
 225
 226     return new_closure(&st->cl);
 227 }
 228
 229 void resolver_module(dict_t *dict)
 230 {
 231     add_closure(dict,"adns",adnsresolver_apply);
 232 }