GNUnet  0.10.x
gnunet-service-gns_interceptor.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet.
3  Copyright (C) 2009-2013 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
26 #include "platform.h"
27 #include "gnunet_util_lib.h"
28 #include "gnunet_dns_service.h"
29 #include "gnunet_dnsparser_lib.h"
30 #include "gnunet-service-gns.h"
33 #include "gns.h"
34 
35 
45 
50 
55 
60 
65 };
66 
67 
72 
77 
82 
83 
91 static void
92 reply_to_dns(void *cls, uint32_t rd_count,
93  const struct GNUNET_GNSRECORD_Data *rd)
94 {
95  struct InterceptLookupHandle *ilh = cls;
96  struct GNUNET_DNSPARSER_Packet *packet = ilh->packet;
97  struct GNUNET_DNSPARSER_Query *query = &packet->queries[0];
98  uint32_t i;
99  size_t len;
100  int ret;
101  char *buf;
102  unsigned int num_answers;
103  unsigned int skip_answers;
104  unsigned int skip_additional;
105  size_t off = 0;
106 
107  /* Put records in the DNS packet */
108  num_answers = 0;
109  for (i = 0; i < rd_count; i++)
110  if (rd[i].record_type == query->type)
111  num_answers++;
112  skip_answers = 0;
113  skip_additional = 0;
114 
115  {
116  struct GNUNET_DNSPARSER_Record answer_records[num_answers];
117  struct GNUNET_DNSPARSER_Record additional_records[rd_count - num_answers];
118 
119  packet->answers = answer_records;
120  packet->additional_records = additional_records;
121  /* FIXME: need to handle #GNUNET_GNSRECORD_RF_SHADOW_RECORD option
122  (by ignoring records where this flag is set if there is any
123  other record of that type in the result set) */
124  for (i = 0; i < rd_count; i++)
125  {
126  if (rd[i].record_type == query->type)
127  {
128  answer_records[i - skip_answers].name = query->name;
129  answer_records[i - skip_answers].type = rd[i].record_type;
130  switch (rd[i].record_type)
131  {
135  answer_records[i - skip_answers].data.hostname
137  rd[i].data_size,
138  &off);
139  if ((off != rd[i].data_size) ||
140  (NULL == answer_records[i].data.hostname))
141  {
142  GNUNET_break_op(0);
143  skip_answers++;
144  }
145  break;
146 
148  answer_records[i - skip_answers].data.soa
149  = GNUNET_DNSPARSER_parse_soa(rd[i].data,
150  rd[i].data_size,
151  &off);
152  if ((off != rd[i].data_size) ||
153  (NULL == answer_records[i].data.soa))
154  {
155  GNUNET_break_op(0);
156  skip_answers++;
157  }
158  break;
159 
161  /* FIXME: SRV is not yet supported */
162  skip_answers++;
163  break;
164 
166  answer_records[i - skip_answers].data.mx
167  = GNUNET_DNSPARSER_parse_mx(rd[i].data,
168  rd[i].data_size,
169  &off);
170  if ((off != rd[i].data_size) ||
171  (NULL == answer_records[i].data.hostname))
172  {
173  GNUNET_break_op(0);
174  skip_answers++;
175  }
176  break;
177 
178  default:
179  answer_records[i - skip_answers].data.raw.data_len = rd[i].data_size;
180  answer_records[i - skip_answers].data.raw.data = (char*)rd[i].data;
181  break;
182  }
183  GNUNET_break(0 == (rd[i - skip_answers].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION));
184  answer_records[i - skip_answers].expiration_time.abs_value_us = rd[i].expiration_time;
185  answer_records[i - skip_answers].dns_traffic_class = GNUNET_TUN_DNS_CLASS_INTERNET;
186  }
187  else
188  {
189  additional_records[i - skip_additional].name = query->name;
190  additional_records[i - skip_additional].type = rd[i].record_type;
191  switch (rd[i].record_type)
192  {
196  additional_records[i - skip_additional].data.hostname
198  rd[i].data_size,
199  &off);
200  if ((off != rd[i].data_size) ||
201  (NULL == additional_records[i].data.hostname))
202  {
203  GNUNET_break_op(0);
204  skip_additional++;
205  }
206  break;
207 
209  additional_records[i - skip_additional].data.soa
210  = GNUNET_DNSPARSER_parse_soa(rd[i].data,
211  rd[i].data_size,
212  &off);
213  if ((off != rd[i].data_size) ||
214  (NULL == additional_records[i].data.hostname))
215  {
216  GNUNET_break_op(0);
217  skip_additional++;
218  }
219  break;
220 
222  additional_records[i - skip_additional].data.mx
223  = GNUNET_DNSPARSER_parse_mx(rd[i].data,
224  rd[i].data_size,
225  &off);
226  if ((off != rd[i].data_size) ||
227  (NULL == additional_records[i].data.hostname))
228  {
229  GNUNET_break_op(0);
230  skip_additional++;
231  }
232  break;
233 
235  /* FIXME: SRV is not yet supported */
236  skip_answers++;
237  break;
238 
239  default:
240  additional_records[i - skip_additional].data.raw.data_len = rd[i].data_size;
241  additional_records[i - skip_additional].data.raw.data = (char*)rd[i].data;
242  break;
243  }
244  GNUNET_break(0 == (rd[i - skip_additional].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION));
245  additional_records[i - skip_additional].expiration_time.abs_value_us = rd[i].expiration_time;
246  additional_records[i - skip_additional].dns_traffic_class = GNUNET_TUN_DNS_CLASS_INTERNET;
247  }
248  }
249  packet->num_answers = num_answers - skip_answers;
250  packet->num_additional_records = rd_count - num_answers - skip_additional;
251  packet->flags.authoritative_answer = 1;
252  if (NULL == rd)
254  else
256  packet->flags.query_or_response = 1;
257  ret = GNUNET_DNSPARSER_pack(packet,
258  1024, /* maximum allowed size for DNS reply */
259  &buf,
260  &len);
261  if (GNUNET_OK != ret)
262  {
264  _("Error converting GNS response to DNS response!\n"));
265  if (GNUNET_NO == ret)
266  GNUNET_free(buf);
267  }
268  else
269  {
271  len,
272  buf);
273  GNUNET_free(buf);
274  }
275  packet->num_answers = 0;
276  packet->answers = NULL;
277  packet->num_additional_records = 0;
278  packet->additional_records = NULL;
280  }
281  GNUNET_CONTAINER_DLL_remove(ilh_head, ilh_tail, ilh);
282  GNUNET_free(ilh);
283 }
284 
285 
294 static void
296  struct GNUNET_DNS_RequestHandle *rh,
297  size_t request_length,
298  const char *request)
299 {
300  struct GNUNET_DNSPARSER_Packet *p;
301  struct InterceptLookupHandle *ilh;
302  struct GNUNET_CRYPTO_EcdsaPublicKey zone;
303 
305  "Hijacked a DNS request. Processing.\n");
306  if (NULL == (p = GNUNET_DNSPARSER_parse(request, request_length)))
307  {
309  "Received malformed DNS packet, leaving it untouched.\n");
312  return;
313  }
314 
315  /* Check TLD and decide if we or legacy dns is responsible */
316  if (1 != p->num_queries)
317  {
319  "Not exactly one query in DNS packet. Forwarding untouched.\n");
322  return;
323  }
324 
325  /* Check for GNS TLDs. */
326  if (GNUNET_YES ==
328  &zone))
329  {
330  /* Start resolution in GNS */
331  ilh = GNUNET_new(struct InterceptLookupHandle);
333  ilh_tail,
334  ilh);
335  ilh->packet = p;
336  ilh->request_handle = rh;
337  ilh->lookup = GNS_resolver_lookup(&zone,
338  p->queries[0].type,
339  p->queries[0].name,
340  GNUNET_NO,
341  &reply_to_dns, ilh);
342  return;
343  }
344  /* This request does not concern us. Forward to real DNS. */
346  "Request for `%s' is forwarded to DNS untouched.\n",
347  p->queries[0].name);
350 }
351 
352 
359 int
361 {
363  "DNS hijacking enabled. Connecting to DNS service.\n");
364  dns_handle = GNUNET_DNS_connect(c,
367  NULL);
368  if (NULL == dns_handle)
369  {
371  _("Failed to connect to the DNS service!\n"));
372  return GNUNET_SYSERR;
373  }
374  return GNUNET_YES;
375 }
376 
377 
381 void
383 {
384  struct InterceptLookupHandle *ilh;
385 
386  while (NULL != (ilh = ilh_head))
387  {
389  ilh_tail,
390  ilh);
394  GNUNET_free(ilh);
395  }
396  if (NULL != dns_handle)
397  {
398  GNUNET_DNS_disconnect(dns_handle);
399  dns_handle = NULL;
400  }
401 }
402 
403 /* end of gnunet-service-gns_interceptor.c */
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct GNUNET_DNSPARSER_Record * answers
Array of all answers in the packet, must contain "num_answers" entries.
uint16_t type
See GNUNET_DNSPARSER_TYPE_*.
void GNS_resolver_lookup_cancel(struct GNS_ResolverHandle *rh)
Cancel active resolution (i.e.
uint16_t type
See GNUNET_DNSPARSER_TYPE_*.
static struct GNUNET_VPN_RedirectionRequest * request
Opaque redirection request handle.
Definition: gnunet-vpn.c:41
char * GNUNET_DNSPARSER_parse_name(const char *udp_payload, size_t udp_payload_length, size_t *off)
Parse name inside of a DNS query or record.
Definition: dnsparser.c:334
struct InterceptLookupHandle * prev
We keep these in a DLL.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
struct GNUNET_DNSPARSER_Packet * packet
the dns parser packet received
#define GNUNET_DNSPARSER_TYPE_CNAME
static struct InterceptLookupHandle * ilh_tail
Tail of the DLL.
const char * GNS_get_tld(const char *name)
Obtain the TLD of the given name.
unsigned int return_code
See GNUNET_TUN_DNS_RETURN_CODE_ defines.
int GNUNET_DNSPARSER_pack(const struct GNUNET_DNSPARSER_Packet *p, uint16_t max, char **buf, size_t *buf_length)
Given a DNS packet p, generate the corresponding UDP payload.
Definition: dnsparser.c:1256
Handle to a DNS intercepted reslution request.
void GNUNET_DNSPARSER_free_packet(struct GNUNET_DNSPARSER_Packet *p)
Free memory taken by a packet.
Definition: dnsparser.c:853
#define GNUNET_NO
Definition: gnunet_common.h:78
struct GNUNET_DNSPARSER_SoaRecord * GNUNET_DNSPARSER_parse_soa(const char *udp_payload, size_t udp_payload_length, size_t *off)
Parse a DNS SOA record.
Definition: dnsparser.c:391
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
size_t data_size
Number of bytes in data.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
struct GNUNET_DNSPARSER_Record * additional_records
Array of all additional answers in the packet, must contain "num_additional_records" entries...
static int ret
Final status code.
Definition: gnunet-arm.c:89
#define GNUNET_DNSPARSER_TYPE_MX
unsigned int num_answers
Number of answers in the packet, should be 0 for queries.
uint64_t abs_value_us
The actual value.
IPC messages between GNS API and GNS service.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
int GNS_interceptor_init(const struct GNUNET_CONFIGURATION_Handle *c)
Initialized the interceptor.
Handle to a currenty pending resolution.
unsigned int authoritative_answer
Set to 1 if this is an authoritative answer.
#define _(String)
GNU gettext support macro.
Definition: platform.h:181
#define GNUNET_DNSPARSER_TYPE_PTR
unsigned int query_or_response
query:0, response:1
void GNUNET_DNS_disconnect(struct GNUNET_DNS_Handle *dh)
Disconnect from the DNS service.
Definition: dns_api.c:368
#define GNUNET_DNSPARSER_TYPE_SOA
struct GNS_ResolverHandle * lookup
Handle for the lookup operation.
char * name
Name of the record that the query is for (0-terminated).
char * hostname
For NS, CNAME and PTR records, this is the uncompressed 0-terminated hostname.
static struct GNUNET_OS_Process * p
Helper process we started.
Definition: gnunet-qr.c:59
struct GNUNET_DNSPARSER_SoaRecord * soa
SOA data for SOA records.
unsigned int num_additional_records
Number of additional records in the packet, should be 0 for queries.
struct GNUNET_DNSPARSER_Packet * GNUNET_DNSPARSER_parse(const char *udp_payload, size_t udp_payload_length)
Parse a UDP payload of a DNS packet in to a nice struct for further processing and manipulation...
Definition: dnsparser.c:656
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
uint64_t expiration_time
Expiration time for the DNS record.
static struct InterceptLookupHandle * ilh_head
Head of the DLL.
static void handle_dns_request(void *cls, struct GNUNET_DNS_RequestHandle *rh, size_t request_length, const char *request)
The DNS request handler.
#define GNUNET_TUN_DNS_RETURN_CODE_NO_ERROR
RFC 1035 codes.
static char buf[2048]
void GNS_interceptor_done()
Disconnect from interceptor.
GNU Name System (main service)
static struct GNUNET_DNS_Handle * dns_handle
Our handle to the DNS handler library.
A DNS response record.
struct GNUNET_DNSPARSER_Query * queries
Array of all queries in the packet, must contain "num_queries" entries.
struct GNUNET_DNSPARSER_MxRecord * GNUNET_DNSPARSER_parse_mx(const char *udp_payload, size_t udp_payload_length, size_t *off)
Parse a DNS MX record.
Definition: dnsparser.c:436
struct InterceptLookupHandle * next
We keep these in a DLL.
DNS handle.
Definition: dns_api.c:55
GNUnet GNS service.
#define GNUNET_SYSERR
Definition: gnunet_common.h:76
size_t data_len
Number of bytes in data.
void * data
Binary record data.
struct GNUNET_DNS_RequestHandle * request_handle
the request handle to reply to
struct GNS_ResolverHandle * GNS_resolver_lookup(const struct GNUNET_CRYPTO_EcdsaPublicKey *zone, uint32_t record_type, const char *name, enum GNUNET_GNS_LocalOptions options, GNS_ResultProcessor proc, void *proc_cls)
Lookup of a record in a specific zone calls lookup result processor on result.
#define GNUNET_TUN_DNS_CLASS_INTERNET
A few common DNS classes (ok, only one is common, but I list a couple more to make it clear what we&#39;r...
struct GNUNET_DNS_Handle * GNUNET_DNS_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, enum GNUNET_DNS_Flags flags, GNUNET_DNS_RequestHandler rh, void *rh_cls)
Connect to the service-dns.
Definition: dns_api.c:345
struct GNUNET_TIME_Absolute expiration_time
When does the record expire?
void GNUNET_DNS_request_answer(struct GNUNET_DNS_RequestHandle *rh, uint16_t reply_length, const char *reply)
If a GNUNET_DNS_RequestHandler calls this function, the request is supposed to be answered with the d...
Definition: dns_api.c:301
struct GNUNET_DNSPARSER_MxRecord * mx
MX data for MX records.
#define GNUNET_TUN_DNS_RETURN_CODE_NAME_ERROR
uint32_t record_type
Type of the GNS/DNS record.
Handle to identify an individual DNS request.
Definition: dns_api.c:34
configuration data
Definition: configuration.c:83
void GNUNET_DNS_request_forward(struct GNUNET_DNS_RequestHandle *rh)
If a GNUNET_DNS_RequestHandler calls this function, the request is given to other clients or the glob...
Definition: dns_api.c:242
#define GNUNET_DNSPARSER_TYPE_NS
int GNS_find_tld(const char *tld_str, struct GNUNET_CRYPTO_EcdsaPublicKey *pkey)
Find GNS zone belonging to TLD tld.
Easy-to-process, parsed version of a DNS packet.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
#define GNUNET_log(kind,...)
uint16_t dns_traffic_class
See GNUNET_TUN_DNS_CLASS_*.
void GNUNET_DNS_request_drop(struct GNUNET_DNS_RequestHandle *rh)
If a GNUNET_DNS_RequestHandler calls this function, the request is to be dropped and no response shou...
Definition: dns_api.c:270
char * name
Name of the record that the query is for (0-terminated).
This client should be called on requests that have not yet been resolved as this client provides a re...
unsigned int num_queries
Number of queries in the packet.
#define GNUNET_YES
Definition: gnunet_common.h:77
This flag is currently unused; former RF_PENDING flag.
union GNUNET_DNSPARSER_Record::@27 data
Payload of the record (which one of these is valid depends on the &#39;type&#39;).
struct GNUNET_TUN_DnsFlags flags
Bitfield of DNS flags.
#define GNUNET_DNSPARSER_TYPE_SRV
uint32_t data
The data value.
static size_t data_size
Number of bytes in data.
struct GNUNET_DNSPARSER_RawRecord raw
Raw data for all other types.
#define GNUNET_free(ptr)
Wrapper around free.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
static void reply_to_dns(void *cls, uint32_t rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Reply to dns request with the result from our lookup.