GNUnet  0.11.x
gnunet-service-gns_interceptor.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet.
3  Copyright (C) 2009-2013 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
26 #include "platform.h"
27 #include "gnunet_util_lib.h"
28 #include "gnunet_dns_service.h"
29 #include "gnunet_dnsparser_lib.h"
30 #include "gnunet-service-gns.h"
33 #include "gns.h"
34 
35 
41 {
46 
51 
56 
61 
66 };
67 
68 
73 
78 
83 
84 
92 static void
93 reply_to_dns (void *cls, uint32_t rd_count,
94  const struct GNUNET_GNSRECORD_Data *rd)
95 {
96  struct InterceptLookupHandle *ilh = cls;
97  struct GNUNET_DNSPARSER_Packet *packet = ilh->packet;
98  struct GNUNET_DNSPARSER_Query *query = &packet->queries[0];
99  uint32_t i;
100  size_t len;
101  int ret;
102  char *buf;
103  unsigned int num_answers;
104  unsigned int skip_answers;
105  unsigned int skip_additional;
106  size_t off = 0;
107 
108  /* Put records in the DNS packet */
109  num_answers = 0;
110  for (i = 0; i < rd_count; i++)
111  if (rd[i].record_type == query->type)
112  num_answers++;
113  skip_answers = 0;
114  skip_additional = 0;
115 
116  {
117  struct GNUNET_DNSPARSER_Record answer_records[num_answers];
118  struct GNUNET_DNSPARSER_Record additional_records[rd_count - num_answers];
119 
120  packet->answers = answer_records;
121  packet->additional_records = additional_records;
122  /* FIXME: need to handle #GNUNET_GNSRECORD_RF_SHADOW_RECORD option
123  (by ignoring records where this flag is set if there is any
124  other record of that type in the result set) */
125  for (i = 0; i < rd_count; i++)
126  {
127  if (rd[i].record_type == query->type)
128  {
129  answer_records[i - skip_answers].name = query->name;
130  answer_records[i - skip_answers].type = rd[i].record_type;
131  switch (rd[i].record_type)
132  {
136  answer_records[i - skip_answers].data.hostname
138  rd[i].data_size,
139  &off);
140  if ((off != rd[i].data_size) ||
141  (NULL == answer_records[i].data.hostname))
142  {
143  GNUNET_break_op (0);
144  skip_answers++;
145  }
146  break;
147 
149  answer_records[i - skip_answers].data.soa
150  = GNUNET_DNSPARSER_parse_soa (rd[i].data,
151  rd[i].data_size,
152  &off);
153  if ((off != rd[i].data_size) ||
154  (NULL == answer_records[i].data.soa))
155  {
156  GNUNET_break_op (0);
157  skip_answers++;
158  }
159  break;
160 
162  /* FIXME: SRV is not yet supported */
163  skip_answers++;
164  break;
165 
167  answer_records[i - skip_answers].data.mx
168  = GNUNET_DNSPARSER_parse_mx (rd[i].data,
169  rd[i].data_size,
170  &off);
171  if ((off != rd[i].data_size) ||
172  (NULL == answer_records[i].data.hostname))
173  {
174  GNUNET_break_op (0);
175  skip_answers++;
176  }
177  break;
178 
179  default:
180  answer_records[i - skip_answers].data.raw.data_len = rd[i].data_size;
181  answer_records[i - skip_answers].data.raw.data = (char*) rd[i].data;
182  break;
183  }
184  GNUNET_break (0 == (rd[i - skip_answers].flags
186  answer_records[i - skip_answers].expiration_time.abs_value_us =
187  rd[i].expiration_time;
188  answer_records[i - skip_answers].dns_traffic_class =
190  }
191  else
192  {
193  additional_records[i - skip_additional].name = query->name;
194  additional_records[i - skip_additional].type = rd[i].record_type;
195  switch (rd[i].record_type)
196  {
200  additional_records[i - skip_additional].data.hostname
202  rd[i].data_size,
203  &off);
204  if ((off != rd[i].data_size) ||
205  (NULL == additional_records[i].data.hostname))
206  {
207  GNUNET_break_op (0);
208  skip_additional++;
209  }
210  break;
211 
213  additional_records[i - skip_additional].data.soa
214  = GNUNET_DNSPARSER_parse_soa (rd[i].data,
215  rd[i].data_size,
216  &off);
217  if ((off != rd[i].data_size) ||
218  (NULL == additional_records[i].data.hostname))
219  {
220  GNUNET_break_op (0);
221  skip_additional++;
222  }
223  break;
224 
226  additional_records[i - skip_additional].data.mx
227  = GNUNET_DNSPARSER_parse_mx (rd[i].data,
228  rd[i].data_size,
229  &off);
230  if ((off != rd[i].data_size) ||
231  (NULL == additional_records[i].data.hostname))
232  {
233  GNUNET_break_op (0);
234  skip_additional++;
235  }
236  break;
237 
239  /* FIXME: SRV is not yet supported */
240  skip_answers++;
241  break;
242 
243  default:
244  additional_records[i - skip_additional].data.raw.data_len =
245  rd[i].data_size;
246  additional_records[i - skip_additional].data.raw.data =
247  (char*) rd[i].data;
248  break;
249  }
250  GNUNET_break (0 == (rd[i - skip_additional].flags
252  additional_records[i - skip_additional].expiration_time.abs_value_us =
253  rd[i].expiration_time;
254  additional_records[i - skip_additional].dns_traffic_class =
256  }
257  }
258  packet->num_answers = num_answers - skip_answers;
259  packet->num_additional_records = rd_count - num_answers - skip_additional;
260  packet->flags.authoritative_answer = 1;
261  if (NULL == rd)
263  else
265  packet->flags.query_or_response = 1;
266  ret = GNUNET_DNSPARSER_pack (packet,
267  1024, /* maximum allowed size for DNS reply */
268  &buf,
269  &len);
270  if (GNUNET_OK != ret)
271  {
273  _ ("Error converting GNS response to DNS response!\n"));
274  if (GNUNET_NO == ret)
275  GNUNET_free (buf);
276  }
277  else
278  {
280  len,
281  buf);
282  GNUNET_free (buf);
283  }
284  packet->num_answers = 0;
285  packet->answers = NULL;
286  packet->num_additional_records = 0;
287  packet->additional_records = NULL;
289  }
290  GNUNET_CONTAINER_DLL_remove (ilh_head, ilh_tail, ilh);
291  GNUNET_free (ilh);
292 }
293 
294 
303 static void
305  struct GNUNET_DNS_RequestHandle *rh,
306  size_t request_length,
307  const char *request)
308 {
309  struct GNUNET_DNSPARSER_Packet *p;
310  struct InterceptLookupHandle *ilh;
311  struct GNUNET_CRYPTO_EcdsaPublicKey zone;
312 
314  "Hijacked a DNS request. Processing.\n");
315  if (NULL == (p = GNUNET_DNSPARSER_parse (request, request_length)))
316  {
318  "Received malformed DNS packet, leaving it untouched.\n");
321  return;
322  }
323 
324  /* Check TLD and decide if we or legacy dns is responsible */
325  if (1 != p->num_queries)
326  {
328  "Not exactly one query in DNS packet. Forwarding untouched.\n");
331  return;
332  }
333 
334  /* Check for GNS TLDs. */
335  if (GNUNET_YES ==
337  &zone))
338  {
339  /* Start resolution in GNS */
340  ilh = GNUNET_new (struct InterceptLookupHandle);
341  GNUNET_CONTAINER_DLL_insert (ilh_head,
342  ilh_tail,
343  ilh);
344  ilh->packet = p;
345  ilh->request_handle = rh;
346  ilh->lookup = GNS_resolver_lookup (&zone,
347  p->queries[0].type,
348  p->queries[0].name,
349  GNUNET_NO,
350  &reply_to_dns, ilh);
351  return;
352  }
353  /* This request does not concern us. Forward to real DNS. */
355  "Request for `%s' is forwarded to DNS untouched.\n",
356  p->queries[0].name);
359 }
360 
361 
368 int
370 {
372  "DNS hijacking enabled. Connecting to DNS service.\n");
373  dns_handle = GNUNET_DNS_connect (c,
376  NULL);
377  if (NULL == dns_handle)
378  {
380  _ ("Failed to connect to the DNS service!\n"));
381  return GNUNET_SYSERR;
382  }
383  return GNUNET_YES;
384 }
385 
386 
390 void
392 {
393  struct InterceptLookupHandle *ilh;
394 
395  while (NULL != (ilh = ilh_head))
396  {
397  GNUNET_CONTAINER_DLL_remove (ilh_head,
398  ilh_tail,
399  ilh);
403  GNUNET_free (ilh);
404  }
405  if (NULL != dns_handle)
406  {
407  GNUNET_DNS_disconnect (dns_handle);
408  dns_handle = NULL;
409  }
410 }
411 
412 
413 /* end of gnunet-service-gns_interceptor.c */
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct GNUNET_DNSPARSER_Record * answers
Array of all answers in the packet, must contain "num_answers" entries.
uint16_t type
See GNUNET_DNSPARSER_TYPE_*.
void GNS_resolver_lookup_cancel(struct GNS_ResolverHandle *rh)
Cancel active resolution (i.e.
uint16_t type
See GNUNET_DNSPARSER_TYPE_*.
static struct GNUNET_VPN_RedirectionRequest * request
Opaque redirection request handle.
Definition: gnunet-vpn.c:41
char * GNUNET_DNSPARSER_parse_name(const char *udp_payload, size_t udp_payload_length, size_t *off)
Parse name inside of a DNS query or record.
Definition: dnsparser.c:334
struct InterceptLookupHandle * prev
We keep these in a DLL.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
struct GNUNET_DNSPARSER_Packet * packet
the dns parser packet received
#define GNUNET_DNSPARSER_TYPE_CNAME
static struct InterceptLookupHandle * ilh_tail
Tail of the DLL.
const char * GNS_get_tld(const char *name)
Obtain the TLD of the given name.
unsigned int return_code
See GNUNET_TUN_DNS_RETURN_CODE_ defines.
static size_t data_size
Number of bytes in data.
Definition: gnunet-abd.c:187
int GNUNET_DNSPARSER_pack(const struct GNUNET_DNSPARSER_Packet *p, uint16_t max, char **buf, size_t *buf_length)
Given a DNS packet p, generate the corresponding UDP payload.
Definition: dnsparser.c:1257
Handle to a DNS intercepted reslution request.
static int ret
Return value of the commandline.
Definition: gnunet-abd.c:81
void GNUNET_DNSPARSER_free_packet(struct GNUNET_DNSPARSER_Packet *p)
Free memory taken by a packet.
Definition: dnsparser.c:854
#define GNUNET_NO
Definition: gnunet_common.h:78
struct GNUNET_DNSPARSER_SoaRecord * GNUNET_DNSPARSER_parse_soa(const char *udp_payload, size_t udp_payload_length, size_t *off)
Parse a DNS SOA record.
Definition: dnsparser.c:391
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
size_t data_size
Number of bytes in data.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
struct GNUNET_DNSPARSER_Record * additional_records
Array of all additional answers in the packet, must contain "num_additional_records" entries...
#define GNUNET_DNSPARSER_TYPE_MX
unsigned int num_answers
Number of answers in the packet, should be 0 for queries.
uint64_t abs_value_us
The actual value.
IPC messages between GNS API and GNS service.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
int GNS_interceptor_init(const struct GNUNET_CONFIGURATION_Handle *c)
Initialized the interceptor.
Handle to a currenty pending resolution.
unsigned int authoritative_answer
Set to 1 if this is an authoritative answer.
#define _(String)
GNU gettext support macro.
Definition: platform.h:181
#define GNUNET_DNSPARSER_TYPE_PTR
unsigned int query_or_response
query:0, response:1
void GNUNET_DNS_disconnect(struct GNUNET_DNS_Handle *dh)
Disconnect from the DNS service.
Definition: dns_api.c:369
#define GNUNET_DNSPARSER_TYPE_SOA
struct GNS_ResolverHandle * lookup
Handle for the lookup operation.
char * name
Name of the record that the query is for (0-terminated).
char * hostname
For NS, CNAME and PTR records, this is the uncompressed 0-terminated hostname.
static struct GNUNET_OS_Process * p
Helper process we started.
Definition: gnunet-qr.c:59
struct GNUNET_DNSPARSER_SoaRecord * soa
SOA data for SOA records.
unsigned int num_additional_records
Number of additional records in the packet, should be 0 for queries.
struct GNUNET_DNSPARSER_Packet * GNUNET_DNSPARSER_parse(const char *udp_payload, size_t udp_payload_length)
Parse a UDP payload of a DNS packet in to a nice struct for further processing and manipulation...
Definition: dnsparser.c:656
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
uint64_t expiration_time
Expiration time for the DNS record.
static struct InterceptLookupHandle * ilh_head
Head of the DLL.
static void handle_dns_request(void *cls, struct GNUNET_DNS_RequestHandle *rh, size_t request_length, const char *request)
The DNS request handler.
#define GNUNET_TUN_DNS_RETURN_CODE_NO_ERROR
RFC 1035 codes.
static char buf[2048]
union GNUNET_DNSPARSER_Record::@24 data
Payload of the record (which one of these is valid depends on the &#39;type&#39;).
void GNS_interceptor_done()
Disconnect from interceptor.
GNU Name System (main service)
static struct GNUNET_DNS_Handle * dns_handle
Our handle to the DNS handler library.
A DNS response record.
struct GNUNET_DNSPARSER_Query * queries
Array of all queries in the packet, must contain "num_queries" entries.
struct GNUNET_DNSPARSER_MxRecord * GNUNET_DNSPARSER_parse_mx(const char *udp_payload, size_t udp_payload_length, size_t *off)
Parse a DNS MX record.
Definition: dnsparser.c:436
struct InterceptLookupHandle * next
We keep these in a DLL.
DNS handle.
Definition: dns_api.c:56
GNUnet GNS service.
#define GNUNET_SYSERR
Definition: gnunet_common.h:76
size_t data_len
Number of bytes in data.
void * data
Binary record data.
struct GNUNET_DNS_RequestHandle * request_handle
the request handle to reply to
struct GNS_ResolverHandle * GNS_resolver_lookup(const struct GNUNET_CRYPTO_EcdsaPublicKey *zone, uint32_t record_type, const char *name, enum GNUNET_GNS_LocalOptions options, GNS_ResultProcessor proc, void *proc_cls)
Lookup of a record in a specific zone calls lookup result processor on result.
#define GNUNET_TUN_DNS_CLASS_INTERNET
A few common DNS classes (ok, only one is common, but I list a couple more to make it clear what we&#39;r...
struct GNUNET_DNS_Handle * GNUNET_DNS_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, enum GNUNET_DNS_Flags flags, GNUNET_DNS_RequestHandler rh, void *rh_cls)
Connect to the service-dns.
Definition: dns_api.c:346
struct GNUNET_TIME_Absolute expiration_time
When does the record expire?
void GNUNET_DNS_request_answer(struct GNUNET_DNS_RequestHandle *rh, uint16_t reply_length, const char *reply)
If a GNUNET_DNS_RequestHandler calls this function, the request is supposed to be answered with the d...
Definition: dns_api.c:302
struct GNUNET_DNSPARSER_MxRecord * mx
MX data for MX records.
#define GNUNET_TUN_DNS_RETURN_CODE_NAME_ERROR
uint32_t record_type
Type of the GNS/DNS record.
Handle to identify an individual DNS request.
Definition: dns_api.c:34
configuration data
Definition: configuration.c:85
void GNUNET_DNS_request_forward(struct GNUNET_DNS_RequestHandle *rh)
If a GNUNET_DNS_RequestHandler calls this function, the request is given to other clients or the glob...
Definition: dns_api.c:243
#define GNUNET_DNSPARSER_TYPE_NS
int GNS_find_tld(const char *tld_str, struct GNUNET_CRYPTO_EcdsaPublicKey *pkey)
Find GNS zone belonging to TLD tld.
Easy-to-process, parsed version of a DNS packet.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
#define GNUNET_log(kind,...)
uint16_t dns_traffic_class
See GNUNET_TUN_DNS_CLASS_*.
void GNUNET_DNS_request_drop(struct GNUNET_DNS_RequestHandle *rh)
If a GNUNET_DNS_RequestHandler calls this function, the request is to be dropped and no response shou...
Definition: dns_api.c:271
char * name
Name of the record that the query is for (0-terminated).
This client should be called on requests that have not yet been resolved as this client provides a re...
unsigned int num_queries
Number of queries in the packet.
#define GNUNET_YES
Definition: gnunet_common.h:77
This flag is currently unused; former RF_PENDING flag.
struct GNUNET_TUN_DnsFlags flags
Bitfield of DNS flags.
#define GNUNET_DNSPARSER_TYPE_SRV
uint32_t data
The data value.
struct GNUNET_DNSPARSER_RawRecord raw
Raw data for all other types.
#define GNUNET_free(ptr)
Wrapper around free.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
static void reply_to_dns(void *cls, uint32_t rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Reply to dns request with the result from our lookup.