GNUnet  0.11.x
gnunet-service-gns_interceptor.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet.
3  Copyright (C) 2009-2013 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
26 #include "platform.h"
27 #include "gnunet_util_lib.h"
28 #include "gnunet_dns_service.h"
29 #include "gnunet_dnsparser_lib.h"
30 #include "gnunet-service-gns.h"
33 #include "gns.h"
34 
35 
39 #define MAX_RECURSION 256
40 
41 
47 {
52 
57 
62 
67 
72 };
73 
74 
79 
84 
89 
90 
98 static void
99 reply_to_dns (void *cls, uint32_t rd_count,
100  const struct GNUNET_GNSRECORD_Data *rd)
101 {
102  struct InterceptLookupHandle *ilh = cls;
103  struct GNUNET_DNSPARSER_Packet *packet = ilh->packet;
104  struct GNUNET_DNSPARSER_Query *query = &packet->queries[0];
105  uint32_t i;
106  size_t len;
107  int ret;
108  char *buf;
109  unsigned int num_answers;
110  unsigned int skip_answers;
111  unsigned int skip_additional;
112  size_t off = 0;
113 
114  /* Put records in the DNS packet */
115  num_answers = 0;
116  for (i = 0; i < rd_count; i++)
117  if (rd[i].record_type == query->type)
118  num_answers++;
119  skip_answers = 0;
120  skip_additional = 0;
121 
122  {
123  struct GNUNET_DNSPARSER_Record answer_records[num_answers];
124  struct GNUNET_DNSPARSER_Record additional_records[rd_count - num_answers];
125 
126  packet->answers = answer_records;
127  packet->additional_records = additional_records;
128  /* FIXME: need to handle #GNUNET_GNSRECORD_RF_SHADOW_RECORD option
129  (by ignoring records where this flag is set if there is any
130  other record of that type in the result set) */
131  for (i = 0; i < rd_count; i++)
132  {
133  if (rd[i].record_type == query->type)
134  {
135  answer_records[i - skip_answers].name = query->name;
136  answer_records[i - skip_answers].type = rd[i].record_type;
137  switch (rd[i].record_type)
138  {
142  answer_records[i - skip_answers].data.hostname
144  rd[i].data_size,
145  &off);
146  if ((off != rd[i].data_size) ||
147  (NULL == answer_records[i].data.hostname))
148  {
149  GNUNET_break_op (0);
150  skip_answers++;
151  }
152  break;
153 
155  answer_records[i - skip_answers].data.soa
156  = GNUNET_DNSPARSER_parse_soa (rd[i].data,
157  rd[i].data_size,
158  &off);
159  if ((off != rd[i].data_size) ||
160  (NULL == answer_records[i].data.soa))
161  {
162  GNUNET_break_op (0);
163  skip_answers++;
164  }
165  break;
166 
168  /* FIXME: SRV is not yet supported */
169  skip_answers++;
170  break;
171 
173  answer_records[i - skip_answers].data.mx
174  = GNUNET_DNSPARSER_parse_mx (rd[i].data,
175  rd[i].data_size,
176  &off);
177  if ((off != rd[i].data_size) ||
178  (NULL == answer_records[i].data.hostname))
179  {
180  GNUNET_break_op (0);
181  skip_answers++;
182  }
183  break;
184 
185  default:
186  answer_records[i - skip_answers].data.raw.data_len = rd[i].data_size;
187  answer_records[i - skip_answers].data.raw.data = (char *) rd[i].data;
188  break;
189  }
190  GNUNET_break (0 == (rd[i - skip_answers].flags
192  answer_records[i - skip_answers].expiration_time.abs_value_us =
193  rd[i].expiration_time;
194  answer_records[i - skip_answers].dns_traffic_class =
196  }
197  else
198  {
199  additional_records[i - skip_additional].name = query->name;
200  additional_records[i - skip_additional].type = rd[i].record_type;
201  switch (rd[i].record_type)
202  {
206  additional_records[i - skip_additional].data.hostname
208  rd[i].data_size,
209  &off);
210  if ((off != rd[i].data_size) ||
211  (NULL == additional_records[i].data.hostname))
212  {
213  GNUNET_break_op (0);
214  skip_additional++;
215  }
216  break;
217 
219  additional_records[i - skip_additional].data.soa
220  = GNUNET_DNSPARSER_parse_soa (rd[i].data,
221  rd[i].data_size,
222  &off);
223  if ((off != rd[i].data_size) ||
224  (NULL == additional_records[i].data.hostname))
225  {
226  GNUNET_break_op (0);
227  skip_additional++;
228  }
229  break;
230 
232  additional_records[i - skip_additional].data.mx
233  = GNUNET_DNSPARSER_parse_mx (rd[i].data,
234  rd[i].data_size,
235  &off);
236  if ((off != rd[i].data_size) ||
237  (NULL == additional_records[i].data.hostname))
238  {
239  GNUNET_break_op (0);
240  skip_additional++;
241  }
242  break;
243 
245  /* FIXME: SRV is not yet supported */
246  skip_answers++;
247  break;
248 
249  default:
250  additional_records[i - skip_additional].data.raw.data_len =
251  rd[i].data_size;
252  additional_records[i - skip_additional].data.raw.data =
253  (char *) rd[i].data;
254  break;
255  }
256  GNUNET_break (0 == (rd[i - skip_additional].flags
258  additional_records[i - skip_additional].expiration_time.abs_value_us =
259  rd[i].expiration_time;
260  additional_records[i - skip_additional].dns_traffic_class =
262  }
263  }
264  packet->num_answers = num_answers - skip_answers;
265  packet->num_additional_records = rd_count - num_answers - skip_additional;
266  packet->flags.authoritative_answer = 1;
267  if (NULL == rd)
269  else
271  packet->flags.query_or_response = 1;
272  ret = GNUNET_DNSPARSER_pack (packet,
273  1024, /* maximum allowed size for DNS reply */
274  &buf,
275  &len);
276  if (GNUNET_OK != ret)
277  {
279  _ ("Error converting GNS response to DNS response!\n"));
280  if (GNUNET_NO == ret)
281  GNUNET_free (buf);
282  }
283  else
284  {
286  len,
287  buf);
288  GNUNET_free (buf);
289  }
290  packet->num_answers = 0;
291  packet->answers = NULL;
292  packet->num_additional_records = 0;
293  packet->additional_records = NULL;
295  }
296  GNUNET_CONTAINER_DLL_remove (ilh_head, ilh_tail, ilh);
297  GNUNET_free (ilh);
298 }
299 
300 
309 static void
311  struct GNUNET_DNS_RequestHandle *rh,
312  size_t request_length,
313  const char *request)
314 {
315  struct GNUNET_DNSPARSER_Packet *p;
316  struct InterceptLookupHandle *ilh;
317  struct GNUNET_CRYPTO_EcdsaPublicKey zone;
318 
320  "Hijacked a DNS request. Processing.\n");
321  if (NULL == (p = GNUNET_DNSPARSER_parse (request, request_length)))
322  {
324  "Received malformed DNS packet, leaving it untouched.\n");
327  return;
328  }
329 
330  /* Check TLD and decide if we or legacy dns is responsible */
331  if (1 != p->num_queries)
332  {
334  "Not exactly one query in DNS packet. Forwarding untouched.\n");
337  return;
338  }
339 
340  /* Check for GNS TLDs. */
341  if (GNUNET_YES ==
343  &zone))
344  {
345  /* Start resolution in GNS */
346  ilh = GNUNET_new (struct InterceptLookupHandle);
347  GNUNET_CONTAINER_DLL_insert (ilh_head,
348  ilh_tail,
349  ilh);
350  ilh->packet = p;
351  ilh->request_handle = rh;
352  ilh->lookup = GNS_resolver_lookup (&zone,
353  p->queries[0].type,
354  p->queries[0].name,
355  GNUNET_NO,
357  &reply_to_dns, ilh);
358  return;
359  }
360  /* This request does not concern us. Forward to real DNS. */
362  "Request for `%s' is forwarded to DNS untouched.\n",
363  p->queries[0].name);
366 }
367 
368 
375 int
377 {
379  "DNS hijacking enabled. Connecting to DNS service.\n");
380  dns_handle = GNUNET_DNS_connect (c,
383  NULL);
384  if (NULL == dns_handle)
385  {
387  _ ("Failed to connect to the DNS service!\n"));
388  return GNUNET_SYSERR;
389  }
390  return GNUNET_YES;
391 }
392 
393 
397 void
399 {
400  struct InterceptLookupHandle *ilh;
401 
402  while (NULL != (ilh = ilh_head))
403  {
404  GNUNET_CONTAINER_DLL_remove (ilh_head,
405  ilh_tail,
406  ilh);
410  GNUNET_free (ilh);
411  }
412  if (NULL != dns_handle)
413  {
414  GNUNET_DNS_disconnect (dns_handle);
415  dns_handle = NULL;
416  }
417 }
418 
419 
420 /* end of gnunet-service-gns_interceptor.c */
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct GNUNET_DNSPARSER_Record * answers
Array of all answers in the packet, must contain "num_answers" entries.
uint16_t type
See GNUNET_DNSPARSER_TYPE_*.
void GNS_resolver_lookup_cancel(struct GNS_ResolverHandle *rh)
Cancel active resolution (i.e.
uint16_t type
See GNUNET_DNSPARSER_TYPE_*.
static struct GNUNET_VPN_RedirectionRequest * request
Opaque redirection request handle.
Definition: gnunet-vpn.c:41
char * GNUNET_DNSPARSER_parse_name(const char *udp_payload, size_t udp_payload_length, size_t *off)
Parse name inside of a DNS query or record.
Definition: dnsparser.c:334
struct InterceptLookupHandle * prev
We keep these in a DLL.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
struct GNUNET_DNSPARSER_Packet * packet
the dns parser packet received
#define GNUNET_DNSPARSER_TYPE_CNAME
static struct InterceptLookupHandle * ilh_tail
Tail of the DLL.
const char * GNS_get_tld(const char *name)
Obtain the TLD of the given name.
unsigned int return_code
See GNUNET_TUN_DNS_RETURN_CODE_ defines.
static size_t data_size
Number of bytes in data.
Definition: gnunet-abd.c:187
int GNUNET_DNSPARSER_pack(const struct GNUNET_DNSPARSER_Packet *p, uint16_t max, char **buf, size_t *buf_length)
Given a DNS packet p, generate the corresponding UDP payload.
Definition: dnsparser.c:1257
Handle to a DNS intercepted reslution request.
static int ret
Return value of the commandline.
Definition: gnunet-abd.c:81
void GNUNET_DNSPARSER_free_packet(struct GNUNET_DNSPARSER_Packet *p)
Free memory taken by a packet.
Definition: dnsparser.c:854
#define GNUNET_NO
Definition: gnunet_common.h:86
struct GNUNET_DNSPARSER_SoaRecord * GNUNET_DNSPARSER_parse_soa(const char *udp_payload, size_t udp_payload_length, size_t *off)
Parse a DNS SOA record.
Definition: dnsparser.c:391
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:83
size_t data_size
Number of bytes in data.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
struct GNUNET_DNSPARSER_Record * additional_records
Array of all additional answers in the packet, must contain "num_additional_records" entries...
#define GNUNET_DNSPARSER_TYPE_MX
unsigned int num_answers
Number of answers in the packet, should be 0 for queries.
uint64_t abs_value_us
The actual value.
IPC messages between GNS API and GNS service.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
int GNS_interceptor_init(const struct GNUNET_CONFIGURATION_Handle *c)
Initialized the interceptor.
Handle to a currenty pending resolution.
unsigned int authoritative_answer
Set to 1 if this is an authoritative answer.
#define _(String)
GNU gettext support macro.
Definition: platform.h:180
#define GNUNET_DNSPARSER_TYPE_PTR
unsigned int query_or_response
query:0, response:1
void GNUNET_DNS_disconnect(struct GNUNET_DNS_Handle *dh)
Disconnect from the DNS service.
Definition: dns_api.c:369
#define GNUNET_DNSPARSER_TYPE_SOA
struct GNS_ResolverHandle * lookup
Handle for the lookup operation.
char * name
Name of the record that the query is for (0-terminated).
char * hostname
For NS, CNAME and PTR records, this is the uncompressed 0-terminated hostname.
static struct GNUNET_OS_Process * p
Helper process we started.
Definition: gnunet-qr.c:59
struct GNUNET_DNSPARSER_SoaRecord * soa
SOA data for SOA records.
unsigned int num_additional_records
Number of additional records in the packet, should be 0 for queries.
struct GNUNET_DNSPARSER_Packet * GNUNET_DNSPARSER_parse(const char *udp_payload, size_t udp_payload_length)
Parse a UDP payload of a DNS packet in to a nice struct for further processing and manipulation...
Definition: dnsparser.c:656
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
uint64_t expiration_time
Expiration time for the DNS record.
static struct InterceptLookupHandle * ilh_head
Head of the DLL.
static void handle_dns_request(void *cls, struct GNUNET_DNS_RequestHandle *rh, size_t request_length, const char *request)
The DNS request handler.
#define GNUNET_TUN_DNS_RETURN_CODE_NO_ERROR
RFC 1035 codes.
static char buf[2048]
union GNUNET_DNSPARSER_Record::@24 data
Payload of the record (which one of these is valid depends on the &#39;type&#39;).
void GNS_interceptor_done()
Disconnect from interceptor.
GNU Name System (main service)
static struct GNUNET_DNS_Handle * dns_handle
Our handle to the DNS handler library.
A DNS response record.
struct GNUNET_DNSPARSER_Query * queries
Array of all queries in the packet, must contain "num_queries" entries.
struct GNUNET_DNSPARSER_MxRecord * GNUNET_DNSPARSER_parse_mx(const char *udp_payload, size_t udp_payload_length, size_t *off)
Parse a DNS MX record.
Definition: dnsparser.c:436
struct InterceptLookupHandle * next
We keep these in a DLL.
DNS handle.
Definition: dns_api.c:56
GNUnet GNS service.
#define GNUNET_SYSERR
Definition: gnunet_common.h:84
size_t data_len
Number of bytes in data.
void * data
Binary record data.
struct GNUNET_DNS_RequestHandle * request_handle
the request handle to reply to
#define GNUNET_TUN_DNS_CLASS_INTERNET
A few common DNS classes (ok, only one is common, but I list a couple more to make it clear what we&#39;r...
struct GNUNET_DNS_Handle * GNUNET_DNS_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, enum GNUNET_DNS_Flags flags, GNUNET_DNS_RequestHandler rh, void *rh_cls)
Connect to the service-dns.
Definition: dns_api.c:346
struct GNUNET_TIME_Absolute expiration_time
When does the record expire?
void GNUNET_DNS_request_answer(struct GNUNET_DNS_RequestHandle *rh, uint16_t reply_length, const char *reply)
If a GNUNET_DNS_RequestHandler calls this function, the request is supposed to be answered with the d...
Definition: dns_api.c:302
struct GNUNET_DNSPARSER_MxRecord * mx
MX data for MX records.
#define GNUNET_TUN_DNS_RETURN_CODE_NAME_ERROR
uint32_t record_type
Type of the GNS/DNS record.
Handle to identify an individual DNS request.
Definition: dns_api.c:34
configuration data
Definition: configuration.c:84
void GNUNET_DNS_request_forward(struct GNUNET_DNS_RequestHandle *rh)
If a GNUNET_DNS_RequestHandler calls this function, the request is given to other clients or the glob...
Definition: dns_api.c:243
#define GNUNET_DNSPARSER_TYPE_NS
int GNS_find_tld(const char *tld_str, struct GNUNET_CRYPTO_EcdsaPublicKey *pkey)
Find GNS zone belonging to TLD tld.
Easy-to-process, parsed version of a DNS packet.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
struct GNS_ResolverHandle * GNS_resolver_lookup(const struct GNUNET_CRYPTO_EcdsaPublicKey *zone, uint32_t record_type, const char *name, enum GNUNET_GNS_LocalOptions options, uint16_t recursion_depth_limit, GNS_ResultProcessor proc, void *proc_cls)
Lookup of a record in a specific zone calls lookup result processor on result.
#define GNUNET_log(kind,...)
uint16_t dns_traffic_class
See GNUNET_TUN_DNS_CLASS_*.
void GNUNET_DNS_request_drop(struct GNUNET_DNS_RequestHandle *rh)
If a GNUNET_DNS_RequestHandler calls this function, the request is to be dropped and no response shou...
Definition: dns_api.c:271
char * name
Name of the record that the query is for (0-terminated).
This client should be called on requests that have not yet been resolved as this client provides a re...
unsigned int num_queries
Number of queries in the packet.
#define GNUNET_YES
Definition: gnunet_common.h:85
This flag is currently unused; former RF_PENDING flag.
struct GNUNET_TUN_DnsFlags flags
Bitfield of DNS flags.
#define GNUNET_DNSPARSER_TYPE_SRV
uint32_t data
The data value.
struct GNUNET_DNSPARSER_RawRecord raw
Raw data for all other types.
#define MAX_RECURSION
How deep do we allow recursions to go before we abort?
#define GNUNET_free(ptr)
Wrapper around free.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
static void reply_to_dns(void *cls, uint32_t rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Reply to dns request with the result from our lookup.