[secnet] / resolver.c

/*
 * This file is part of secnet.
 * See README for full list of copyright holders.
 *
 * secnet is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version d of the License, or
 * (at your option) any later version.
 * 
 * secnet is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * version 3 along with secnet; if not, see
 * https://www.gnu.org/licenses/gpl.html.
 */
/* Name resolution using adns */

#include <errno.h>
#include "secnet.h"
#include "util.h"
#ifndef HAVE_LIBADNS
#error secnet requires ADNS version 1.0 or above
#endif
#include <adns.h>
#include <arpa/inet.h>
#include <string.h>


struct adns {
    closure_t cl;
    struct resolver_if ops;
    struct cloc loc;
    adns_state ast;
};

struct query {
    void *cst;
    const char *name;
    int port;
    struct comm_if *comm;
    resolve_answer_fn *answer;
    adns_query query;
};

static resolve_request_fn resolve_request;
static bool_t resolve_request(void *sst, cstring_t name,
			      int port, struct comm_if *comm,
			      resolve_answer_fn *cb, void *cst)
{
    struct adns *st=sst;
    struct query *q;
    int rv;
    const int maxlitlen=
#ifdef CONFIG_IPV6
	ADNS_ADDR2TEXT_BUFLEN*2
#else
	50
#endif
	;
    ssize_t l=strlen(name);
    if (name[0]=='[' && l<maxlitlen && l>2 && name[l-1]==']') {
	char trimmed[maxlitlen+1];
	memcpy(trimmed,name+1,l-2);
	trimmed[l-2]=0;
	struct comm_addr ca;
	ca.comm=comm;
	ca.ix=-1;
#ifdef CONFIG_IPV6
	socklen_t salen=sizeof(ca.ia);
	rv=adns_text2addr(trimmed, port, adns_qf_addrlit_ipv4_quadonly,
			  &ca.ia.sa, &salen);
	assert(rv!=ENOSPC);
	if (rv) {
	    char msg[250];
	    snprintf(msg,sizeof(msg),"invalid address literal: %s",
		     strerror(rv));
	    msg[sizeof(msg)-1]=0;
	    cb(cst,0,0,0,name,msg);
	} else {
	    cb(cst,&ca,1,1,name,0);
	}
#else
	ca.ia.sin.sin_family=AF_INET;
	ca.ia.sin.sin_port=htons(port);
	if (inet_aton(trimmed,&ca.ia.sin.sin_addr))
	    cb(cst,&ca,1,1,name,0);
	else
	    cb(cst,0,0,0,name,"invalid IP address");
#endif
	return True;
    }

    NEW(q);
    q->cst=cst;
    q->comm=comm;
    q->port=port;
    q->name=name;
    q->answer=cb;

    rv=adns_submit(st->ast, name, adns_r_addr, 0, q, &q->query);
    if (rv) {
        Message(M_WARNING,
		"resolver: failed to submit lookup for %s: %s",name,
		adns_strerror(rv));
	free(q);
	return False;
    }

    return True;
}

static int resolver_beforepoll(void *sst, struct pollfd *fds, int *nfds_io,
			       int *timeout_io)
{
    struct adns *st=sst;
    return adns_beforepoll(st->ast, fds, nfds_io, timeout_io, tv_now);
}

static void resolver_afterpoll(void *sst, struct pollfd *fds, int nfds)
{
    struct adns *st=sst;
    adns_query aq;
    adns_answer *ans;
    void *qp;
    struct query *q;
    int rv;

    adns_afterpoll(st->ast, fds, nfds, tv_now);

    while (True) {
	aq=NULL;
	rv=adns_check(st->ast, &aq, &ans, &qp);
	if (rv==0) {
	    q=qp;
	    if (ans->status!=adns_s_ok) {
		q->answer(q->cst,NULL,0,0,q->name,adns_strerror(ans->status));
		free(q);
		free(ans);
	    } else {
		int rslot, wslot, total;
		int ca_len=MIN(ans->nrrs,MAX_PEER_ADDRS);
		struct comm_addr ca_buf[ca_len];
		for (rslot=0, wslot=0, total=0;
		     rslot<ans->nrrs;
		     rslot++) {
		    total++;
		    if (!(wslot<ca_len)) continue;
		    adns_rr_addr *ra=&ans->rrs.addr[rslot];
		    struct comm_addr *ca=&ca_buf[wslot];
		    ca->comm=q->comm;
		    ca->ix=-1;
		    assert(ra->len <= (int)sizeof(ca->ia));
		    memcpy(&ca->ia,&ra->addr,ra->len);
		    switch (ra->addr.sa.sa_family) {
		    case AF_INET:
			assert(ra->len == sizeof(ca->ia.sin));
			ca->ia.sin.sin_port=htons(q->port);
			break;
#ifdef CONFIG_IPV6
		    case AF_INET6:
			assert(ra->len == sizeof(ca->ia.sin6));
			ca->ia.sin6.sin6_port=htons(q->port);
			break;
#endif /*CONFIG_IPV6*/
		    default:
			/* silently skip unexpected AFs from adns */
			continue;
		    }
		    wslot++;
		}
		q->answer(q->cst,ca_buf,wslot,total,q->name,0);
		free(q);
		free(ans);
	    }
	} else if (rv==EAGAIN || rv==ESRCH) {
	    break;
	} else {
	    fatal("resolver_afterpoll: adns_check() returned %d",rv);
	}
    }

    return;
}

/* Initialise adns, using parameters supplied */
static list_t *adnsresolver_apply(closure_t *self, struct cloc loc,
				  dict_t *context, list_t *args)
{
    struct adns *st;
    dict_t *d;
    item_t *i;
    string_t conf;

    NEW(st);
    st->cl.description="adns";
    st->cl.type=CL_RESOLVER;
    st->cl.apply=NULL;
    st->cl.interface=&st->ops;
    st->loc=loc;
    st->ops.st=st;
    st->ops.request=resolve_request;

    i=list_elem(args,0);
    if (!i || i->type!=t_dict) {
	cfgfatal(st->loc,"adns","first argument must be a dictionary\n");
    }
    d=i->data.dict;
    conf=dict_read_string(d,"config",False,"adns",loc);

    if (conf) {
	if (adns_init_strcfg(&st->ast, 0, 0, conf)) {
	    fatal_perror("Failed to initialise ADNS");
	}
    } else {
	if (adns_init(&st->ast, 0, 0)) {
	    fatal_perror("Failed to initialise ADNS");
	}
    }

    register_for_poll(st, resolver_beforepoll, resolver_afterpoll,
		      "resolver");

    return new_closure(&st->cl);
}

void resolver_module(dict_t *dict)
{
    add_closure(dict,"adns",adnsresolver_apply);
}
Commit	Line	Data
c215a4bc IJ	1	/*
	2	* This file is part of secnet.
	3	* See README for full list of copyright holders.
	4	*
	5	* secnet is free software; you can redistribute it and/or modify it
	6	* under the terms of the GNU General Public License as published by
	7	* the Free Software Foundation; either version d of the License, or
	8	* (at your option) any later version.
	9	*
	10	* secnet is distributed in the hope that it will be useful, but
	11	* WITHOUT ANY WARRANTY; without even the implied warranty of
	12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	13	* General Public License for more details.
	14	*
	15	* You should have received a copy of the GNU General Public License
	16	* version 3 along with secnet; if not, see
	17	* https://www.gnu.org/licenses/gpl.html.
	18	*/
2fe58dfd SE	19	/* Name resolution using adns */
	20
	21	#include <errno.h>
	22	#include "secnet.h"
cc420616	23	#include "util.h"
d3fe100d SE	24	#ifndef HAVE_LIBADNS
	25	#error secnet requires ADNS version 1.0 or above
	26	#endif
2fe58dfd	27	#include <adns.h>
d1e8fd82 IJ	28	#include <arpa/inet.h>
d1e8fd82 IJ	29	#include <string.h>
2fe58dfd	30
d3fe100d	31
2fe58dfd SE	32	struct adns {
	33	closure_t cl;
	34	struct resolver_if ops;
	35	struct cloc loc;
	36	adns_state ast;
	37	};
	38
	39	struct query {
	40	void *cst;
bc07424d	41	const char *name;
cc420616 IJ	42	int port;
cc420616 IJ	43	struct comm_if *comm;
2fe58dfd SE	44	resolve_answer_fn *answer;
	45	adns_query query;
	46	};
	47
fe5e9cc4 SE	48	static resolve_request_fn resolve_request;
fe5e9cc4 SE	49	static bool_t resolve_request(void *sst, cstring_t name,
cc420616	50	int port, struct comm_if *comm,
2fe58dfd SE	51	resolve_answer_fn cb, void cst)
	52	{
	53	struct adns *st=sst;
	54	struct query *q;
	55	int rv;
3f2c70f6 IJ	56	const int maxlitlen=
	57	#ifdef CONFIG_IPV6
	58	ADNS_ADDR2TEXT_BUFLEN*2
	59	#else
	60	50
	61	#endif
	62	;
d1e8fd82 IJ	63	ssize_t l=strlen(name);
	64	if (name[0]=='[' && l<maxlitlen && l>2 && name[l-1]==']') {
	65	char trimmed[maxlitlen+1];
	66	memcpy(trimmed,name+1,l-2);
	67	trimmed[l-2]=0;
cc420616	68	struct comm_addr ca;
cc420616	69	ca.comm=comm;
08b62a6c	70	ca.ix=-1;
3f2c70f6 IJ	71	#ifdef CONFIG_IPV6
	72	socklen_t salen=sizeof(ca.ia);
	73	rv=adns_text2addr(trimmed, port, adns_qf_addrlit_ipv4_quadonly,
	74	&ca.ia.sa, &salen);
	75	assert(rv!=ENOSPC);
	76	if (rv) {
	77	char msg[250];
	78	snprintf(msg,sizeof(msg),"invalid address literal: %s",
	79	strerror(rv));
	80	msg[sizeof(msg)-1]=0;
bc07424d	81	cb(cst,0,0,0,name,msg);
3f2c70f6	82	} else {
bc07424d	83	cb(cst,&ca,1,1,name,0);
3f2c70f6 IJ	84	}
3f2c70f6 IJ	85	#else
a32d56fb IJ	86	ca.ia.sin.sin_family=AF_INET;
	87	ca.ia.sin.sin_port=htons(port);
	88	if (inet_aton(trimmed,&ca.ia.sin.sin_addr))
bc07424d	89	cb(cst,&ca,1,1,name,0);
d1e8fd82	90	else
bc07424d	91	cb(cst,0,0,0,name,"invalid IP address");
3f2c70f6	92	#endif
d1e8fd82 IJ	93	return True;
d1e8fd82 IJ	94	}
2fe58dfd	95
952f601f	96	NEW(q);
2fe58dfd	97	q->cst=cst;
cc420616 IJ	98	q->comm=comm;
cc420616 IJ	99	q->port=port;
bc07424d	100	q->name=name;
2fe58dfd SE	101	q->answer=cb;
2fe58dfd SE	102
cc420616	103	rv=adns_submit(st->ast, name, adns_r_addr, 0, q, &q->query);
75829536 IJ	104	if (rv) {
	105	Message(M_WARNING,
	106	"resolver: failed to submit lookup for %s: %s",name,
	107	adns_strerror(rv));
	108	free(q);
	109	return False;
	110	}
2fe58dfd	111
75829536	112	return True;
2fe58dfd SE	113	}
	114
	115	static int resolver_beforepoll(void sst, struct pollfd fds, int *nfds_io,
90a39563	116	int *timeout_io)
2fe58dfd SE	117	{
	118	struct adns *st=sst;
	119	return adns_beforepoll(st->ast, fds, nfds_io, timeout_io, tv_now);
	120	}
	121
90a39563	122	static void resolver_afterpoll(void sst, struct pollfd fds, int nfds)
2fe58dfd SE	123	{
	124	struct adns *st=sst;
	125	adns_query aq;
	126	adns_answer *ans;
	127	void *qp;
	128	struct query *q;
	129	int rv;
	130
	131	adns_afterpoll(st->ast, fds, nfds, tv_now);
	132
	133	while (True) {
	134	aq=NULL;
	135	rv=adns_check(st->ast, &aq, &ans, &qp);
	136	if (rv==0) {
	137	q=qp;
	138	if (ans->status!=adns_s_ok) {
bc07424d	139	q->answer(q->cst,NULL,0,0,q->name,adns_strerror(ans->status));
2fe58dfd SE	140	free(q);
	141	free(ans);
	142	} else {
cc420616 IJ	143	int rslot, wslot, total;
	144	int ca_len=MIN(ans->nrrs,MAX_PEER_ADDRS);
	145	struct comm_addr ca_buf[ca_len];
cc420616 IJ	146	for (rslot=0, wslot=0, total=0;
	147	rslot<ans->nrrs;
	148	rslot++) {
	149	total++;
	150	if (!(wslot<ca_len)) continue;
	151	adns_rr_addr *ra=&ans->rrs.addr[rslot];
	152	struct comm_addr *ca=&ca_buf[wslot];
	153	ca->comm=q->comm;
08b62a6c	154	ca->ix=-1;
f3d19c02 IJ	155	assert(ra->len <= (int)sizeof(ca->ia));
f3d19c02 IJ	156	memcpy(&ca->ia,&ra->addr,ra->len);
cc420616 IJ	157	switch (ra->addr.sa.sa_family) {
cc420616 IJ	158	case AF_INET:
a32d56fb	159	assert(ra->len == sizeof(ca->ia.sin));
f3d19c02	160	ca->ia.sin.sin_port=htons(q->port);
cc420616	161	break;
0e646750 IJ	162	#ifdef CONFIG_IPV6
	163	case AF_INET6:
	164	assert(ra->len == sizeof(ca->ia.sin6));
f3d19c02	165	ca->ia.sin6.sin6_port=htons(q->port);
0e646750 IJ	166	break;
0e646750 IJ	167	#endif /CONFIG_IPV6/
cc420616	168	default:
2093fb5c IJ	169	/* silently skip unexpected AFs from adns */
2093fb5c IJ	170	continue;
cc420616	171	}
2093fb5c	172	wslot++;
cc420616	173	}
bc07424d	174	q->answer(q->cst,ca_buf,wslot,total,q->name,0);
2fe58dfd SE	175	free(q);
	176	free(ans);
	177	}
	178	} else if (rv==EAGAIN \|\| rv==ESRCH) {
	179	break;
	180	} else {
4f5e39ec	181	fatal("resolver_afterpoll: adns_check() returned %d",rv);
2fe58dfd SE	182	}
	183	}
	184
	185	return;
	186	}
	187
	188	/* Initialise adns, using parameters supplied */
	189	static list_t adnsresolver_apply(closure_t self, struct cloc loc,
	190	dict_t context, list_t args)
	191	{
	192	struct adns *st;
	193	dict_t *d;
	194	item_t *i;
	195	string_t conf;
	196
b7886fd4	197	NEW(st);
2fe58dfd SE	198	st->cl.description="adns";
	199	st->cl.type=CL_RESOLVER;
	200	st->cl.apply=NULL;
	201	st->cl.interface=&st->ops;
	202	st->loc=loc;
	203	st->ops.st=st;
	204	st->ops.request=resolve_request;
	205
	206	i=list_elem(args,0);
	207	if (!i \|\| i->type!=t_dict) {
	208	cfgfatal(st->loc,"adns","first argument must be a dictionary\n");
	209	}
	210	d=i->data.dict;
	211	conf=dict_read_string(d,"config",False,"adns",loc);
	212
	213	if (conf) {
	214	if (adns_init_strcfg(&st->ast, 0, 0, conf)) {
	215	fatal_perror("Failed to initialise ADNS");
	216	}
	217	} else {
	218	if (adns_init(&st->ast, 0, 0)) {
	219	fatal_perror("Failed to initialise ADNS");
	220	}
	221	}
	222
	223	register_for_poll(st, resolver_beforepoll, resolver_afterpoll,
32fc582f	224	"resolver");
2fe58dfd SE	225
	226	return new_closure(&st->cl);
	227	}
	228
2fe58dfd SE	229	void resolver_module(dict_t *dict)
	230	{
	231	add_closure(dict,"adns",adnsresolver_apply);
	232	}