gnunet-service-dns.c File Reference

service to intercept and modify DNS queries (and replies) of this system More...

#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_protocols.h"
#include "dns.h"
#include "gnunet_dns_service.h"
#include "gnunet_statistics_service.h"

Include dependency graph for gnunet-service-dns.c:

Go to the source code of this file.

Data Structures
struct	ClientRecord
	Entry we keep for each client. More...
struct	RequestRecord
	Entry we keep for each active request. More...

Macros
#define	DNS_PORT   53
	Port number for DNS. More...
#define	LOG(kind, ...)    GNUNET_log_from (kind, "dns", __VA_ARGS__);
	Generic logging shorthand. More...

Enumerations
enum	RequestPhase {   RP_INIT , RP_REQUEST_MONITOR , RP_QUERY , RP_INTERNET_DNS ,   RP_MODIFY , RP_RESPONSE_MONITOR , RP_DROP }
	Phases each request goes through. More...

Functions
static void	cleanup_rr (struct RequestRecord *rr)
	We're done processing a DNS request, free associated memory. More...
static void	cleanup_task (void *cls)
	Task run during shutdown. More...
static void	request_done (struct RequestRecord *rr)
	We're done with some request, finish processing. More...
static void	send_request_to_client (struct RequestRecord *rr, struct ClientRecord *cr)
	Show the payload of the given request record to the client (and wait for a response). More...
static void	process_dns_result (void *cls, const struct GNUNET_TUN_DnsHeader *dns, size_t r)
	Callback called from DNSSTUB resolver when a resolution succeeded. More...
static void	next_phase (struct RequestRecord *rr)
	A client has completed its processing for this request. More...
static void *	client_connect_cb (void *cls, struct GNUNET_SERVICE_Client *client, struct GNUNET_MQ_Handle *mq)
	A client connected, setup our data structures. More...
static void	client_disconnect_cb (void *cls, struct GNUNET_SERVICE_Client *client, void *app_ctx)
	A client disconnected, clean up after it. More...
static void	handle_client_init (void *cls, const struct GNUNET_DNS_Register *reg)
	We got a new client. More...
static int	check_client_response (void *cls, const struct GNUNET_DNS_Response *resp)
	Check a response from a client. More...
static void	handle_client_response (void *cls, const struct GNUNET_DNS_Response *resp)
	Handle a response from a client. More...
static int	process_helper_messages (void *cls, const struct GNUNET_MessageHeader *message)
	Functions with this signature are called whenever a complete message is received by the tokenizer from the DNS hijack process. More...
static void	run (void *cls, const struct GNUNET_CONFIGURATION_Handle *cfg_, struct GNUNET_SERVICE_Handle *service)
	GNUNET_SERVICE_MAIN (GNUNET_OS_project_data_gnunet(), "dns", GNUNET_SERVICE_OPTION_NONE, &run, &client_connect_cb, &client_disconnect_cb, NULL, GNUNET_MQ_hd_fixed_size(client_init, GNUNET_MESSAGE_TYPE_DNS_CLIENT_INIT, struct GNUNET_DNS_Register, NULL), GNUNET_MQ_hd_var_size(client_response, GNUNET_MESSAGE_TYPE_DNS_CLIENT_RESPONSE, struct GNUNET_DNS_Response, NULL), GNUNET_MQ_handler_end())
	Define "main" method using service macro. More...

Variables
static int	global_ret
	Global return value from 'main'. More...
static const struct GNUNET_CONFIGURATION_Handle *	cfg
	The configuration to use. More...
static struct GNUNET_STATISTICS_Handle *	stats
	Statistics. More...
static struct GNUNET_HELPER_Handle *	hijacker
	Handle to DNS hijacker helper process ("gnunet-helper-dns"). More...
static char *	helper_argv [8]
	Command-line arguments we are giving to the hijacker process. More...
static struct ClientRecord *	clients_head
	Head of DLL of clients we consult. More...
static struct ClientRecord *	clients_tail
	Tail of DLL of clients we consult. More...
static struct RequestRecord	requests [UINT16_MAX+1]
	Array of all open requests. More...
static uint64_t	request_id_gen
	Generator for unique request IDs. More...
static struct GNUNET_DNSSTUB_Context *	dnsstub
	Handle to the DNS Stub resolver. More...

Detailed Description

service to intercept and modify DNS queries (and replies) of this system

Author

Christian Grothoff

For "secure" interaction with the legacy DNS system, we permit replies only to arrive within a 5s window (and they must match ports, IPs and request IDs). Furthermore, we let the OS pick a source port, opening up to 128 sockets per address family (IPv4 or IPv6). Those sockets are closed if they are not in use for 5s (which means they will be freshly randomized afterwards). For new requests, we pick a random slot in the array with 128 socket slots (and reuse an existing socket if the slot is still in use). Thus each request will be given one of 128 random source ports, and the 128 random source ports will also change "often" (less often if the system is very busy, each time if we are mostly idle). At the same time, the system will never use more than 256 UDP sockets.

Definition in file gnunet-service-dns.c.

Macro Definition Documentation

DNS_PORT

#define DNS_PORT   53

Port number for DNS.

Definition at line 49 of file gnunet-service-dns.c.

LOG

#define LOG	(		kind,
			...
	)		GNUNET_log_from (kind, "dns", __VA_ARGS__);

Generic logging shorthand.

Definition at line 55 of file gnunet-service-dns.c.

Enumeration Type Documentation

RequestPhase

enum RequestPhase

Phases each request goes through.

Enumerator
RP_INIT	Request has just been received.
RP_REQUEST_MONITOR	Showing the request to all monitor clients. If client list is empty, will enter QUERY phase.
RP_QUERY	Showing the request to PRE-RESOLUTION clients to find an answer. If client list is empty, will trigger global DNS request.
RP_INTERNET_DNS	Global Internet query is now pending.
RP_MODIFY	Client (or global DNS request) has resulted in a response. Forward to all POST-RESOLUTION clients. If client list is empty, will enter RESPONSE_MONITOR phase.
RP_RESPONSE_MONITOR	Showing the request to all monitor clients. If client list is empty, give the result to the hijacker (and be done).
RP_DROP	Some client has told us to drop the request.

Definition at line 62 of file gnunet-service-dns.c.

{
  RP_INIT,
 
  RP_REQUEST_MONITOR,
 
  RP_QUERY,
 
  RP_INTERNET_DNS,
 
  RP_MODIFY,
 
  RP_RESPONSE_MONITOR,
 
  RP_DROP
};

Function Documentation

cleanup_rr()

static void cleanup_rr ( struct RequestRecord *  rr )

static

We're done processing a DNS request, free associated memory.

Parameters

rr	request to clean up

Definition at line 252 of file gnunet-service-dns.c.

{
  GNUNET_free (rr->payload);
  rr->payload = NULL;
  rr->payload_length = 0;
  GNUNET_array_grow (rr->client_wait_list,
                     rr->client_wait_list_length,
                     0);
}

References RequestRecord::client_wait_list, RequestRecord::client_wait_list_length, GNUNET_array_grow, GNUNET_free, RequestRecord::payload, and RequestRecord::payload_length.

Referenced by cleanup_task(), next_phase(), request_done(), and send_request_to_client().

Here is the caller graph for this function:

cleanup_task()

static void cleanup_task ( void *  cls )

static

Task run during shutdown.

Parameters

cls

unused

Definition at line 269 of file gnunet-service-dns.c.

{
  if (NULL != hijacker)
  {
    GNUNET_HELPER_stop (hijacker, GNUNET_NO);
    hijacker = NULL;
  }
  for (unsigned int i = 0; i < 8; i++)
    GNUNET_free (helper_argv[i]);
  for (unsigned int i = 0; i <= UINT16_MAX; i++)
    cleanup_rr (&requests[i]);
  if (NULL != stats)
  {
    GNUNET_STATISTICS_destroy (stats,
                               GNUNET_NO);
    stats = NULL;
  }
  if (NULL != dnsstub)
  {
    GNUNET_DNSSTUB_stop (dnsstub);
    dnsstub = NULL;
  }
}

References cleanup_rr(), dnsstub, GNUNET_DNSSTUB_stop(), GNUNET_free, GNUNET_HELPER_stop(), GNUNET_NO, GNUNET_STATISTICS_destroy(), helper_argv, hijacker, requests, and stats.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

request_done()

static void request_done ( struct RequestRecord *  rr )

static

We're done with some request, finish processing.

Parameters

rr	request send to the network or just clean up.

Definition at line 300 of file gnunet-service-dns.c.

{
  struct GNUNET_MessageHeader *hdr;
  size_t reply_len;
  uint16_t source_port;
  uint16_t destination_port;
 
  GNUNET_array_grow (rr->client_wait_list,
                     rr->client_wait_list_length,
                     0);
  if (RP_RESPONSE_MONITOR != rr->phase)
  {
    /* no response, drop */
    LOG (GNUNET_ERROR_TYPE_DEBUG,
         "Got no response for request %llu, dropping\n",
         (unsigned long long) rr->request_id);
    cleanup_rr (rr);
    return;
  }
 
  LOG (GNUNET_ERROR_TYPE_DEBUG,
       "Transmitting response for request %llu\n",
       (unsigned long long) rr->request_id);
  /* send response via hijacker */
  reply_len = sizeof(struct GNUNET_MessageHeader);
  reply_len += sizeof(struct GNUNET_TUN_Layer2PacketHeader);
  switch (rr->src_addr.ss_family)
  {
  case AF_INET:
    reply_len += sizeof(struct GNUNET_TUN_IPv4Header);
    break;
 
  case AF_INET6:
    reply_len += sizeof(struct GNUNET_TUN_IPv6Header);
    break;
 
  default:
    GNUNET_break (0);
    cleanup_rr (rr);
    return;
  }
  reply_len += sizeof(struct GNUNET_TUN_UdpHeader);
  reply_len += rr->payload_length;
  if (reply_len >= GNUNET_MAX_MESSAGE_SIZE)
  {
    /* response too big, drop */
    GNUNET_break (0);  /* how can this be? */
    cleanup_rr (rr);
    return;
  }
  {
    char buf[reply_len] GNUNET_ALIGN;
    size_t off;
    struct GNUNET_TUN_IPv4Header ip4;
    struct GNUNET_TUN_IPv6Header ip6;
 
    /* first, GNUnet message header */
    hdr = (struct GNUNET_MessageHeader*) buf;
    hdr->type = htons (GNUNET_MESSAGE_TYPE_DNS_HELPER);
    hdr->size = htons ((uint16_t) reply_len);
    off = sizeof(struct GNUNET_MessageHeader);
 
    /* first, TUN header */
    {
      struct GNUNET_TUN_Layer2PacketHeader tun;
 
      tun.flags = htons (0);
      if (rr->src_addr.ss_family == AF_INET)
        tun.proto = htons (ETH_P_IPV4);
      else
        tun.proto = htons (ETH_P_IPV6);
      GNUNET_memcpy (&buf[off],
                     &tun,
                     sizeof(struct GNUNET_TUN_Layer2PacketHeader));
      off += sizeof(struct GNUNET_TUN_Layer2PacketHeader);
    }
 
    /* now IP header */
    switch (rr->src_addr.ss_family)
    {
    case AF_INET:
      {
        struct sockaddr_in *src = (struct sockaddr_in *) &rr->src_addr;
        struct sockaddr_in *dst = (struct sockaddr_in *) &rr->dst_addr;
 
        source_port = dst->sin_port;
        destination_port = src->sin_port;
        GNUNET_TUN_initialize_ipv4_header (&ip4,
                                           IPPROTO_UDP,
                                           reply_len - off - sizeof(struct
                                                                    GNUNET_TUN_IPv4Header),
                                           &dst->sin_addr,
                                           &src->sin_addr);
        GNUNET_memcpy (&buf[off],
                       &ip4,
                       sizeof(ip4));
        off += sizeof(ip4);
      }
      break;
 
    case AF_INET6:
      {
        struct sockaddr_in6 *src = (struct sockaddr_in6 *) &rr->src_addr;
        struct sockaddr_in6 *dst = (struct sockaddr_in6 *) &rr->dst_addr;
 
        source_port = dst->sin6_port;
        destination_port = src->sin6_port;
        GNUNET_TUN_initialize_ipv6_header (&ip6,
                                           IPPROTO_UDP,
                                           reply_len - off - sizeof(struct
                                                                    GNUNET_TUN_IPv6Header),
                                           &dst->sin6_addr,
                                           &src->sin6_addr);
        GNUNET_memcpy (&buf[off],
                       &ip6,
                       sizeof(ip6));
        off += sizeof(ip6);
      }
      break;
 
    default:
      GNUNET_assert (0);
    }
 
    /* now UDP header */
    {
      struct GNUNET_TUN_UdpHeader udp;
 
      udp.source_port = source_port;
      udp.destination_port = destination_port;
      udp.len = htons (reply_len - off);
      if (AF_INET == rr->src_addr.ss_family)
        GNUNET_TUN_calculate_udp4_checksum (&ip4,
                                            &udp,
                                            rr->payload,
                                            rr->payload_length);
      else
        GNUNET_TUN_calculate_udp6_checksum (&ip6,
                                            &udp,
                                            rr->payload,
                                            rr->payload_length);
      GNUNET_memcpy (&buf[off],
                     &udp,
                     sizeof(udp));
      off += sizeof(udp);
    }
 
    /* now DNS payload */
    {
      GNUNET_memcpy (&buf[off], rr->payload, rr->payload_length);
      off += rr->payload_length;
    }
    /* final checks & sending */
    GNUNET_assert (off == reply_len);
    (void) GNUNET_HELPER_send (hijacker,
                               hdr,
                               GNUNET_YES,
                               NULL, NULL);
    GNUNET_STATISTICS_update (stats,
                              gettext_noop (
                                "# DNS requests answered via TUN interface"),
                              1, GNUNET_NO);
  }
  /* clean up, we're done */
  cleanup_rr (rr);
}

References cleanup_rr(), RequestRecord::client_wait_list, RequestRecord::client_wait_list_length, GNUNET_TUN_UdpHeader::destination_port, RequestRecord::dst_addr, ETH_P_IPV4, ETH_P_IPV6, GNUNET_TUN_Layer2PacketHeader::flags, gettext_noop, GNUNET_ALIGN, GNUNET_array_grow, GNUNET_assert, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_HELPER_send(), GNUNET_MAX_MESSAGE_SIZE, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_DNS_HELPER, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_TUN_calculate_udp4_checksum(), GNUNET_TUN_calculate_udp6_checksum(), GNUNET_TUN_initialize_ipv4_header(), GNUNET_TUN_initialize_ipv6_header(), GNUNET_YES, hijacker, LOG, RequestRecord::payload, RequestRecord::payload_length, RequestRecord::phase, GNUNET_TUN_Layer2PacketHeader::proto, RequestRecord::request_id, RP_RESPONSE_MONITOR, GNUNET_TUN_UdpHeader::source_port, RequestRecord::src_addr, stats, GNUNET_MessageHeader::type, and udp.

Referenced by next_phase().

Here is the call graph for this function:

Here is the caller graph for this function:

send_request_to_client()

static void send_request_to_client ( struct RequestRecord *  rr, struct ClientRecord *  cr  )

static

Show the payload of the given request record to the client (and wait for a response).

Parameters

rr	request to send to client
cr	client to send the response to

Definition at line 476 of file gnunet-service-dns.c.

{
  struct GNUNET_MQ_Envelope *env;
  struct GNUNET_DNS_Request *req;
 
  if (sizeof(struct GNUNET_DNS_Request) + rr->payload_length >=
      GNUNET_MAX_MESSAGE_SIZE)
  {
    GNUNET_break (0);
    cleanup_rr (rr);
    return;
  }
  LOG (GNUNET_ERROR_TYPE_DEBUG,
       "Sending information about request %llu to local client\n",
       (unsigned long long) rr->request_id);
  env = GNUNET_MQ_msg_extra (req,
                             rr->payload_length,
                             GNUNET_MESSAGE_TYPE_DNS_CLIENT_REQUEST);
  req->reserved = htonl (0);
  req->request_id = rr->request_id;
  GNUNET_memcpy (&req[1],
                 rr->payload,
                 rr->payload_length);
  GNUNET_MQ_send (cr->mq,
                  env);
}

References cleanup_rr(), env, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_MAX_MESSAGE_SIZE, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_DNS_CLIENT_REQUEST, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), LOG, ClientRecord::mq, RequestRecord::payload, RequestRecord::payload_length, GNUNET_DNS_Request::request_id, RequestRecord::request_id, and GNUNET_DNS_Request::reserved.

Referenced by next_phase().

Here is the call graph for this function:

Here is the caller graph for this function:

process_dns_result()

static void process_dns_result ( void *  cls, const struct GNUNET_TUN_DnsHeader *  dns, size_t  r  )

static

Callback called from DNSSTUB resolver when a resolution succeeded.

Parameters

cls	NULL
dns	the response itself
r	number of bytes in dns

Definition at line 732 of file gnunet-service-dns.c.

{
  struct RequestRecord *rr;
 
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Processing DNS result from stub resolver\n");
  GNUNET_assert (NULL == cls);
  if (NULL == dns)
    return; /* ignore */
 
  rr = &requests[dns->id];
  if (rr->phase != RP_INTERNET_DNS)
  {
    /* unexpected / bogus reply */
    GNUNET_STATISTICS_update (stats,
                              gettext_noop (
                                "# External DNS response discarded (no matching request)"),
                              1, GNUNET_NO);
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Received DNS reply that does not match any pending request.  Dropping.\n");
    return;
  }
  LOG (GNUNET_ERROR_TYPE_DEBUG,
       "Got a response from the stub resolver for DNS request %llu intercepted locally!\n",
       (unsigned long long) rr->request_id);
  GNUNET_free (rr->payload);
  rr->payload = GNUNET_malloc (r);
  GNUNET_memcpy (rr->payload,
                 dns,
                 r);
  rr->payload_length = r;
  next_phase (rr);
}

References gettext_noop, GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_log, GNUNET_malloc, GNUNET_memcpy, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_TUN_DnsHeader::id, LOG, next_phase(), RequestRecord::payload, RequestRecord::payload_length, RequestRecord::phase, RequestRecord::request_id, requests, RP_INTERNET_DNS, and stats.

Referenced by next_phase().

Here is the call graph for this function:

Here is the caller graph for this function:

next_phase()

static void next_phase ( struct RequestRecord *  rr )

static

A client has completed its processing for this request.

Move on.

Parameters

rr	request to process further

Definition at line 526 of file gnunet-service-dns.c.

{
  struct ClientRecord *cr;
  int nz;
 
  if (rr->phase == RP_DROP)
  {
    cleanup_rr (rr);
    return;
  }
  nz = -1;
  for (unsigned int j = 0; j < rr->client_wait_list_length; j++)
  {
    if (NULL != rr->client_wait_list[j])
    {
      nz = (int) j;
      break;
    }
  }
  if (-1 != nz)
  {
    send_request_to_client (rr,
                            rr->client_wait_list[nz]);
    return;
  }
  /* done with current phase, advance! */
  LOG (GNUNET_ERROR_TYPE_DEBUG,
       "Request %llu now in phase %d\n",
       (unsigned long long) rr->request_id,
       rr->phase);
  switch (rr->phase)
  {
  case RP_INIT:
    rr->phase = RP_REQUEST_MONITOR;
    for (cr = clients_head; NULL != cr; cr = cr->next)
    {
      if (0 != (cr->flags & GNUNET_DNS_FLAG_REQUEST_MONITOR))
        GNUNET_array_append (rr->client_wait_list,
                             rr->client_wait_list_length,
                             cr);
    }
    next_phase (rr);
    return;
 
  case RP_REQUEST_MONITOR:
    rr->phase = RP_QUERY;
    for (cr = clients_head; NULL != cr; cr = cr->next)
    {
      if (0 != (cr->flags & GNUNET_DNS_FLAG_PRE_RESOLUTION))
        GNUNET_array_append (rr->client_wait_list,
                             rr->client_wait_list_length,
                             cr);
    }
    next_phase (rr);
    return;
 
  case RP_QUERY:
#if 0
    /* TODO: optionally, use this to forward DNS requests to the
     * original* DNS server instead of the one we have configured...
       (but then we need to create a fresh dnsstub for each request
     * and* manage the timeout) */
    switch (rr->dst_addr.ss_family)
    {
    case AF_INET:
      salen = sizeof(struct sockaddr_in);
      sa = (const struct sockaddr *) &rr->dst_addr;
      break;
 
    case AF_INET6:
      salen = sizeof(struct sockaddr_in6);
      sa = (const struct sockaddr *) &rr->dst_addr;
      break;
 
    default:
      GNUNET_assert (0);
    }
#endif
    rr->phase = RP_INTERNET_DNS;
    rr->rs = GNUNET_DNSSTUB_resolve (dnsstub,
                                     rr->payload,
                                     rr->payload_length,
                                     &process_dns_result,
                                     NULL);
    if (NULL == rr->rs)
    {
      GNUNET_STATISTICS_update (stats,
                                gettext_noop (
                                  "# DNS exit failed (failed to open socket)"),
                                1,
                                GNUNET_NO);
      cleanup_rr (rr);
      return;
    }
    return;
 
  case RP_INTERNET_DNS:
    rr->phase = RP_MODIFY;
    for (cr = clients_head; NULL != cr; cr = cr->next)
    {
      if (0 != (cr->flags & GNUNET_DNS_FLAG_POST_RESOLUTION))
        GNUNET_array_append (rr->client_wait_list,
                             rr->client_wait_list_length,
                             cr);
    }
    next_phase (rr);
    return;
 
  case RP_MODIFY:
    rr->phase = RP_RESPONSE_MONITOR;
    for (cr = clients_head; NULL != cr; cr = cr->next)
    {
      if (0 != (cr->flags & GNUNET_DNS_FLAG_RESPONSE_MONITOR))
        GNUNET_array_append (rr->client_wait_list,
                             rr->client_wait_list_length,
                             cr);
    }
    next_phase (rr);
    return;
 
  case RP_RESPONSE_MONITOR:
    request_done (rr);
    break;
 
  case RP_DROP:
    cleanup_rr (rr);
    break;
 
  default:
    GNUNET_break (0);
    cleanup_rr (rr);
    break;
  }
}

References cleanup_rr(), RequestRecord::client_wait_list, RequestRecord::client_wait_list_length, clients_head, dnsstub, RequestRecord::dst_addr, ClientRecord::flags, gettext_noop, GNUNET_array_append, GNUNET_assert, GNUNET_break, GNUNET_DNS_FLAG_POST_RESOLUTION, GNUNET_DNS_FLAG_PRE_RESOLUTION, GNUNET_DNS_FLAG_REQUEST_MONITOR, GNUNET_DNS_FLAG_RESPONSE_MONITOR, GNUNET_DNSSTUB_resolve(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_NO, GNUNET_STATISTICS_update(), LOG, ClientRecord::next, next_phase(), RequestRecord::payload, RequestRecord::payload_length, RequestRecord::phase, process_dns_result(), request_done(), RequestRecord::request_id, RP_DROP, RP_INIT, RP_INTERNET_DNS, RP_MODIFY, RP_QUERY, RP_REQUEST_MONITOR, RP_RESPONSE_MONITOR, RequestRecord::rs, send_request_to_client(), and stats.

Referenced by client_disconnect_cb(), handle_client_response(), next_phase(), process_dns_result(), and process_helper_messages().

Here is the call graph for this function:

Here is the caller graph for this function:

client_connect_cb()

static void * client_connect_cb ( void *  cls, struct GNUNET_SERVICE_Client *  client, struct GNUNET_MQ_Handle *  mq  )

static

A client connected, setup our data structures.

Parameters

cls	unused
client	handle of client that connected
mq	message queue to talk to client

Returns

our struct ClientRecord

Definition at line 671 of file gnunet-service-dns.c.

{
  struct ClientRecord *cr = cls;
 
  cr = GNUNET_new (struct ClientRecord);
  cr->client = client;
  cr->mq = mq;
  GNUNET_CONTAINER_DLL_insert (clients_head,
                               clients_tail,
                               cr);
  return cr;
}

References ClientRecord::client, clients_head, clients_tail, GNUNET_CONTAINER_DLL_insert, GNUNET_new, mq, and ClientRecord::mq.

client_disconnect_cb()

static void client_disconnect_cb ( void *  cls, struct GNUNET_SERVICE_Client *  client, void *  app_ctx  )

static

A client disconnected, clean up after it.

Parameters

cls	unused
client	handle of client that disconnected
app_ctx	our struct ClientRecord

Definition at line 695 of file gnunet-service-dns.c.

{
  struct ClientRecord *cr = app_ctx;
  struct RequestRecord *rr;
 
  GNUNET_CONTAINER_DLL_remove (clients_head,
                               clients_tail,
                               cr);
  for (unsigned int i = 0; i < UINT16_MAX; i++)
  {
    rr = &requests[i];
    if (0 == rr->client_wait_list_length)
      continue;   /* not in use */
    for (unsigned int j = 0; j < rr->client_wait_list_length; j++)
    {
      if (rr->client_wait_list[j] == cr)
      {
        rr->client_wait_list[j] = NULL;
        next_phase (rr);
      }
    }
  }
  GNUNET_free (cr);
}

References RequestRecord::client_wait_list, RequestRecord::client_wait_list_length, clients_head, clients_tail, GNUNET_CONTAINER_DLL_remove, GNUNET_free, next_phase(), and requests.

Here is the call graph for this function:

handle_client_init()

static void handle_client_init ( void *  cls, const struct GNUNET_DNS_Register *  reg  )

static

We got a new client.

Make sure all new DNS requests pass by its desk.

Parameters

cls	the client
reg	the init message

Definition at line 776 of file gnunet-service-dns.c.

{
  struct ClientRecord *cr = cls;
 
  cr->flags =  ntohl (reg->flags);
  GNUNET_SERVICE_client_continue (cr->client);
}

References ClientRecord::client, GNUNET_DNS_Register::flags, ClientRecord::flags, and GNUNET_SERVICE_client_continue().

Here is the call graph for this function:

check_client_response()

static int check_client_response ( void *  cls, const struct GNUNET_DNS_Response *  resp  )

static

Check a response from a client.

Parameters

cls	the client
resp	the response

Returns

GNUNET_OK (always fine)

Definition at line 794 of file gnunet-service-dns.c.

{
  return GNUNET_OK; /* any payload is acceptable */
}

References GNUNET_OK.

handle_client_response()

static void handle_client_response ( void *  cls, const struct GNUNET_DNS_Response *  resp  )

static

Handle a response from a client.

Parameters

cls	the client
resp	the response

Definition at line 808 of file gnunet-service-dns.c.

{
  struct ClientRecord *cr = cls;
  struct RequestRecord *rr;
  uint16_t msize;
  uint16_t off;
 
  msize = ntohs (resp->header.size);
  off = (uint16_t) resp->request_id;
  rr = &requests[off];
  LOG (GNUNET_ERROR_TYPE_DEBUG,
       "Received DNS response with ID %llu from local client!\n",
       (unsigned long long) resp->request_id);
  if (rr->request_id != resp->request_id)
  {
    GNUNET_STATISTICS_update (stats,
                              gettext_noop (
                                "# Client response discarded (no matching request)"),
                              1,
                              GNUNET_NO);
    GNUNET_SERVICE_client_continue (cr->client);
    return;
  }
  for (unsigned int i = 0; i < rr->client_wait_list_length; i++)
  {
    if (NULL == rr->client_wait_list[i])
      continue;
    if (rr->client_wait_list[i] != cr)
      continue;
    rr->client_wait_list[i] = NULL;
    switch (ntohl (resp->drop_flag))
    {
    case 0:     /* drop */
      rr->phase = RP_DROP;
      break;
 
    case 1:     /* no change */
      break;
 
    case 2:     /* update */
      msize -= sizeof(struct GNUNET_DNS_Response);
      if ((sizeof(struct GNUNET_TUN_DnsHeader) > msize) ||
          (RP_REQUEST_MONITOR == rr->phase) ||
          (RP_RESPONSE_MONITOR == rr->phase))
      {
        GNUNET_break (0);
        GNUNET_SERVICE_client_drop (cr->client);
        next_phase (rr);
        return;
      }
      GNUNET_free (rr->payload);
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Changing DNS reply according to client specifications\n");
      rr->payload = GNUNET_malloc (msize);
      rr->payload_length = msize;
      GNUNET_memcpy (rr->payload, &resp[1], msize);
      if (rr->phase == RP_QUERY)
      {
        /* clear wait list, we're moving to MODIFY phase next */
        GNUNET_array_grow (rr->client_wait_list,
                           rr->client_wait_list_length,
                           0);
      }
      /* if query changed to answer, move past DNS resolution phase... */
      if ((RP_QUERY == rr->phase) &&
          (rr->payload_length > sizeof(struct GNUNET_TUN_DnsHeader)) &&
          ( ((struct GNUNET_TUN_DnsFlags*) &(((struct
                                               GNUNET_TUN_DnsHeader*) rr->
                                              payload)->flags))->
            query_or_response == 1) )
      {
        rr->phase = RP_INTERNET_DNS;
        GNUNET_array_grow (rr->client_wait_list,
                           rr->client_wait_list_length,
                           0);
      }
      break;
    }
    next_phase (rr);
    GNUNET_SERVICE_client_continue (cr->client);
    return;
  }
  /* odd, client was not on our list for the request, that ought
     to be an error */
  GNUNET_break (0);
  GNUNET_SERVICE_client_drop (cr->client);
}

References ClientRecord::client, RequestRecord::client_wait_list, RequestRecord::client_wait_list_length, GNUNET_DNS_Response::drop_flag, gettext_noop, GNUNET_array_grow, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_log, GNUNET_malloc, GNUNET_memcpy, GNUNET_NO, GNUNET_SERVICE_client_continue(), GNUNET_SERVICE_client_drop(), GNUNET_STATISTICS_update(), GNUNET_DNS_Response::header, LOG, next_phase(), payload, RequestRecord::payload, RequestRecord::payload_length, RequestRecord::phase, GNUNET_DNS_Response::request_id, RequestRecord::request_id, requests, RP_DROP, RP_INTERNET_DNS, RP_QUERY, RP_REQUEST_MONITOR, RP_RESPONSE_MONITOR, GNUNET_MessageHeader::size, and stats.

Here is the call graph for this function:

process_helper_messages()

static int process_helper_messages ( void *  cls, const struct GNUNET_MessageHeader *  message  )

static

Functions with this signature are called whenever a complete message is received by the tokenizer from the DNS hijack process.

Parameters

cls	closure
message	the actual message, a DNS request we should handle

Definition at line 906 of file gnunet-service-dns.c.

{
  uint16_t msize;
  const struct GNUNET_TUN_Layer2PacketHeader *tun;
  const struct GNUNET_TUN_IPv4Header *ip4;
  const struct GNUNET_TUN_IPv6Header *ip6;
  const struct GNUNET_TUN_UdpHeader *udp;
  const struct GNUNET_TUN_DnsHeader *dns;
  struct RequestRecord *rr;
  struct sockaddr_in *srca4;
  struct sockaddr_in6 *srca6;
  struct sockaddr_in *dsta4;
  struct sockaddr_in6 *dsta6;
 
  LOG (GNUNET_ERROR_TYPE_DEBUG,
       "Intercepted message via DNS hijacker\n");
  msize = ntohs (message->size);
  if (msize < sizeof(struct GNUNET_MessageHeader) + sizeof(struct
                                                           GNUNET_TUN_Layer2PacketHeader)
      + sizeof(struct GNUNET_TUN_IPv4Header))
  {
    /* non-IP packet received on TUN!? */
    GNUNET_break (0);
    return GNUNET_OK;
  }
  msize -= sizeof(struct GNUNET_MessageHeader);
  tun = (const struct GNUNET_TUN_Layer2PacketHeader *) &message[1];
  msize -= sizeof(struct GNUNET_TUN_Layer2PacketHeader);
  switch (ntohs (tun->proto))
  {
  case ETH_P_IPV4:
    ip4 = (const struct GNUNET_TUN_IPv4Header *) &tun[1];
    ip6 = NULL;   /* make compiler happy */
    if ((msize < sizeof(struct GNUNET_TUN_IPv4Header)) ||
        (ip4->version != 4) ||
        (ip4->header_length != sizeof(struct GNUNET_TUN_IPv4Header) / 4) ||
        (ntohs (ip4->total_length) != msize) ||
        (ip4->protocol != IPPROTO_UDP))
    {
      /* non-IP/UDP packet received on TUN (or with options) */
      GNUNET_log (GNUNET_ERROR_TYPE_INFO,
                  _ ("Received malformed IPv4-UDP packet on TUN interface.\n"));
      return GNUNET_OK;
    }
    udp = (const struct GNUNET_TUN_UdpHeader*) &ip4[1];
    msize -= sizeof(struct GNUNET_TUN_IPv4Header);
    break;
 
  case ETH_P_IPV6:
    ip4 = NULL;   /* make compiler happy */
    ip6 = (const struct GNUNET_TUN_IPv6Header *) &tun[1];
    if ((msize < sizeof(struct GNUNET_TUN_IPv6Header)) ||
        (ip6->version != 6) ||
        (ntohs (ip6->payload_length) != msize - sizeof(struct
                                                       GNUNET_TUN_IPv6Header))
        ||
        (ip6->next_header != IPPROTO_UDP))
    {
      /* non-IP/UDP packet received on TUN (or with extensions) */
      GNUNET_log (GNUNET_ERROR_TYPE_INFO,
                  _ ("Received malformed IPv6-UDP packet on TUN interface.\n"));
      return GNUNET_OK;
    }
    udp = (const struct GNUNET_TUN_UdpHeader *) &ip6[1];
    msize -= sizeof(struct GNUNET_TUN_IPv6Header);
    break;
 
  default:
    /* non-IP packet received on TUN!? */
    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
                _ (
                  "Got non-IP packet with %u bytes and protocol %u from TUN\n"),
                (unsigned int) msize,
                ntohs (tun->proto));
    return GNUNET_OK;
  }
  if ((msize <= sizeof(struct GNUNET_TUN_UdpHeader) + sizeof(struct
                                                             GNUNET_TUN_DnsHeader))
      ||
      (DNS_PORT != ntohs (udp->destination_port)))
  {
    /* non-DNS packet received on TUN, ignore */
    GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
                _ ("DNS interceptor got non-DNS packet (dropped)\n"));
    GNUNET_STATISTICS_update (stats,
                              gettext_noop (
                                "# Non-DNS UDP packet received via TUN interface"),
                              1, GNUNET_NO);
    return GNUNET_OK;
  }
  msize -= sizeof(struct GNUNET_TUN_UdpHeader);
  dns = (const struct GNUNET_TUN_DnsHeader*) &udp[1];
  rr = &requests[dns->id];
 
  /* clean up from previous request */
  GNUNET_free (rr->payload);
  rr->payload = NULL;
  GNUNET_array_grow (rr->client_wait_list,
                     rr->client_wait_list_length,
                     0);
 
  /* setup new request */
  rr->phase = RP_INIT;
  switch (ntohs (tun->proto))
  {
  case ETH_P_IPV4:
    {
      srca4 = (struct sockaddr_in*) &rr->src_addr;
      dsta4 = (struct sockaddr_in*) &rr->dst_addr;
      memset (srca4, 0, sizeof(struct sockaddr_in));
      memset (dsta4, 0, sizeof(struct sockaddr_in));
      srca4->sin_family = AF_INET;
      dsta4->sin_family = AF_INET;
      srca4->sin_addr = ip4->source_address;
      dsta4->sin_addr = ip4->destination_address;
      srca4->sin_port = udp->source_port;
      dsta4->sin_port = udp->destination_port;
#if HAVE_SOCKADDR_IN_SIN_LEN
      srca4->sin_len = sizeof(struct sockaddr_in);
      dsta4->sin_len = sizeof(struct sockaddr_in);
#endif
    }
    break;
 
  case ETH_P_IPV6:
    {
      srca6 = (struct sockaddr_in6*) &rr->src_addr;
      dsta6 = (struct sockaddr_in6*) &rr->dst_addr;
      memset (srca6, 0, sizeof(struct sockaddr_in6));
      memset (dsta6, 0, sizeof(struct sockaddr_in6));
      srca6->sin6_family = AF_INET6;
      dsta6->sin6_family = AF_INET6;
      srca6->sin6_addr = ip6->source_address;
      dsta6->sin6_addr = ip6->destination_address;
      srca6->sin6_port = udp->source_port;
      dsta6->sin6_port = udp->destination_port;
#if HAVE_SOCKADDR_IN_SIN_LEN
      srca6->sin6_len = sizeof(struct sockaddr_in6);
      dsta6->sin6_len = sizeof(struct sockaddr_in6);
#endif
    }
    break;
 
  default:
    GNUNET_assert (0);
  }
  rr->payload = GNUNET_malloc (msize);
  rr->payload_length = msize;
  GNUNET_memcpy (rr->payload, dns, msize);
  rr->request_id = dns->id | (request_id_gen << 16);
  request_id_gen++;
  LOG (GNUNET_ERROR_TYPE_DEBUG,
       "Creating new DNS request %llu\n",
       (unsigned long long) rr->request_id);
  GNUNET_STATISTICS_update (stats,
                            gettext_noop (
                              "# DNS requests received via TUN interface"),
                            1, GNUNET_NO);
  /* start request processing state machine */
  next_phase (rr);
  return GNUNET_OK;
}

References _, RequestRecord::client_wait_list, RequestRecord::client_wait_list_length, GNUNET_TUN_IPv4Header::destination_address, GNUNET_TUN_IPv6Header::destination_address, DNS_PORT, RequestRecord::dst_addr, ETH_P_IPV4, ETH_P_IPV6, gettext_noop, GNUNET_array_grow, GNUNET_assert, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_INFO, GNUNET_ERROR_TYPE_WARNING, GNUNET_free, GNUNET_log, GNUNET_malloc, GNUNET_memcpy, GNUNET_NO, GNUNET_OK, GNUNET_STATISTICS_update(), GNUNET_TUN_IPv4Header::header_length, GNUNET_TUN_DnsHeader::id, LOG, GNUNET_TUN_IPv6Header::next_header, next_phase(), RequestRecord::payload, GNUNET_TUN_IPv6Header::payload_length, RequestRecord::payload_length, RequestRecord::phase, GNUNET_TUN_Layer2PacketHeader::proto, GNUNET_TUN_IPv4Header::protocol, RequestRecord::request_id, request_id_gen, requests, RP_INIT, GNUNET_MessageHeader::size, GNUNET_TUN_IPv4Header::source_address, GNUNET_TUN_IPv6Header::source_address, RequestRecord::src_addr, stats, GNUNET_TUN_IPv4Header::total_length, udp, GNUNET_TUN_IPv4Header::version, and GNUNET_TUN_IPv6Header::version.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

run()

static void run ( void *  cls, const struct GNUNET_CONFIGURATION_Handle *  cfg_, struct GNUNET_SERVICE_Handle *  service  )

static

Parameters

cls	closure
cfg_	configuration to use
service	the initialized service

Definition at line 1077 of file gnunet-service-dns.c.

{
  char *ifc_name;
  char *ipv4addr;
  char *ipv4mask;
  char *ipv6addr;
  char *ipv6prefix;
  char *dns_exit;
  char *binary;
  int nortsetup;
 
  cfg = cfg_;
  stats = GNUNET_STATISTICS_create ("dns", cfg);
  GNUNET_SCHEDULER_add_shutdown (&cleanup_task,
                                 cls);
  dnsstub = GNUNET_DNSSTUB_start (128);
  /* TODO: support multiple DNS_EXIT servers being configured */
  /* TODO: see above TODO on using DNS server from original packet.
     Not sure which is best... */
  dns_exit = NULL;
  if ((GNUNET_OK !=
       GNUNET_CONFIGURATION_get_value_string (cfg,
                                              "dns",
                                              "DNS_EXIT",
                                              &dns_exit)) ||
      (GNUNET_OK !=
       GNUNET_DNSSTUB_add_dns_ip (dnsstub,
                                  dns_exit)))
  {
    GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
                               "dns",
                               "DNS_EXIT",
                               _ ("need a valid IPv4 or IPv6 address\n"));
    GNUNET_free (dns_exit);
  }
  binary = GNUNET_OS_get_suid_binary_path (GNUNET_OS_project_data_gnunet (),
                                           cfg,
                                           "gnunet-helper-dns");
 
  if (GNUNET_YES !=
      GNUNET_OS_check_helper_binary (binary,
                                     GNUNET_YES,
                                     NULL)) // TODO: once we have a windows-testcase, add test parameters here
  {
    GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
                _ ("`%s' is not SUID or the path is invalid, "
                   "will not run DNS interceptor\n"),
                binary);
    global_ret = 1;
    GNUNET_free (binary);
    return;
  }
  GNUNET_free (binary);
 
  helper_argv[0] = GNUNET_strdup ("gnunet-dns");
  if (GNUNET_SYSERR ==
      GNUNET_CONFIGURATION_get_value_string (cfg,
                                             "dns",
                                             "IFNAME",
                                             &ifc_name))
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "No entry 'IFNAME' in configuration!\n");
    GNUNET_free (binary);
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
  helper_argv[1] = ifc_name;
  if ((GNUNET_SYSERR ==
       GNUNET_CONFIGURATION_get_value_string (cfg,
                                              "dns",
                                              "IPV6ADDR",
                                              &ipv6addr)))
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "No entry 'IPV6ADDR' in configuration!\n");
    GNUNET_free (binary);
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
  helper_argv[2] = ipv6addr;
  if (GNUNET_SYSERR ==
      GNUNET_CONFIGURATION_get_value_string (cfg,
                                             "dns",
                                             "IPV6PREFIX",
                                             &ipv6prefix))
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "No entry 'IPV6PREFIX' in configuration!\n");
    GNUNET_free (binary);
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
  helper_argv[3] = ipv6prefix;
 
  if (GNUNET_SYSERR ==
      GNUNET_CONFIGURATION_get_value_string (cfg,
                                             "dns",
                                             "IPV4ADDR",
                                             &ipv4addr))
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "No entry 'IPV4ADDR' in configuration!\n");
    GNUNET_free (binary);
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
  helper_argv[4] = ipv4addr;
  if (GNUNET_SYSERR ==
      GNUNET_CONFIGURATION_get_value_string (cfg, "dns", "IPV4MASK",
                                             &ipv4mask))
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "No entry 'IPV4MASK' in configuration!\n");
    GNUNET_free (binary);
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
  helper_argv[5] = ipv4mask;
 
  nortsetup = GNUNET_CONFIGURATION_get_value_yesno (cfg, "dns",
                                                    "SKIP_ROUTING_SETUP");
  if (GNUNET_YES == nortsetup)
    helper_argv[6] = GNUNET_strdup ("1");
  else
    helper_argv[6] = GNUNET_strdup ("0");
 
  helper_argv[7] = NULL;
  hijacker = GNUNET_HELPER_start (GNUNET_OS_project_data_gnunet (),
                                  GNUNET_NO,
                                  binary,
                                  helper_argv,
                                  &process_helper_messages,
                                  NULL, NULL);
  GNUNET_free (binary);
}

References _, cfg, cleanup_task(), dnsstub, global_ret, GNUNET_CONFIGURATION_get_value_string(), GNUNET_CONFIGURATION_get_value_yesno(), GNUNET_DNSSTUB_add_dns_ip(), GNUNET_DNSSTUB_start(), GNUNET_ERROR_TYPE_ERROR, GNUNET_ERROR_TYPE_WARNING, GNUNET_free, GNUNET_HELPER_start(), GNUNET_log, GNUNET_log_config_invalid(), GNUNET_NO, GNUNET_OK, GNUNET_OS_check_helper_binary(), GNUNET_OS_get_suid_binary_path(), GNUNET_OS_project_data_gnunet(), GNUNET_SCHEDULER_add_shutdown(), GNUNET_SCHEDULER_shutdown(), GNUNET_STATISTICS_create(), GNUNET_strdup, GNUNET_SYSERR, GNUNET_YES, helper_argv, hijacker, ipv6prefix, process_helper_messages(), and stats.

Here is the call graph for this function:

GNUNET_SERVICE_MAIN()

GNUNET_SERVICE_MAIN	(	GNUNET_OS_project_data_gnunet()	,
		"dns"	,
		GNUNET_SERVICE_OPTION_NONE	,
		&	run,
		&	client_connect_cb,
		&	client_disconnect_cb,
		NULL	,
		GNUNET_MQ_hd_fixed_size(client_init, GNUNET_MESSAGE_TYPE_DNS_CLIENT_INIT, struct GNUNET_DNS_Register, NULL)	,
		GNUNET_MQ_hd_var_size(client_response, GNUNET_MESSAGE_TYPE_DNS_CLIENT_RESPONSE, struct GNUNET_DNS_Response, NULL)	,
		GNUNET_MQ_handler_end()
	)

Define "main" method using service macro.

Variable Documentation

global_ret

int global_ret

static

Global return value from 'main'.

Definition at line 198 of file gnunet-service-dns.c.

Referenced by run().

cfg

const struct GNUNET_CONFIGURATION_Handle* cfg

static

The configuration to use.

Definition at line 203 of file gnunet-service-dns.c.

Referenced by run().

stats

struct GNUNET_STATISTICS_Handle* stats

static

Statistics.

Definition at line 208 of file gnunet-service-dns.c.

Referenced by cleanup_task(), handle_client_response(), next_phase(), process_dns_result(), process_helper_messages(), request_done(), and run().

hijacker

struct GNUNET_HELPER_Handle* hijacker

static

Handle to DNS hijacker helper process ("gnunet-helper-dns").

Definition at line 213 of file gnunet-service-dns.c.

Referenced by cleanup_task(), request_done(), and run().

helper_argv

char* helper_argv[8]

static

Command-line arguments we are giving to the hijacker process.

Definition at line 218 of file gnunet-service-dns.c.

Referenced by cleanup_task(), and run().

clients_head

struct ClientRecord* clients_head

static

Head of DLL of clients we consult.

Definition at line 223 of file gnunet-service-dns.c.

Referenced by client_connect_cb(), client_disconnect_cb(), and next_phase().

clients_tail

struct ClientRecord* clients_tail

static

Tail of DLL of clients we consult.

Definition at line 228 of file gnunet-service-dns.c.

Referenced by client_connect_cb(), and client_disconnect_cb().

requests

struct RequestRecord requests[UINT16_MAX+1]

static

Array of all open requests.

Definition at line 233 of file gnunet-service-dns.c.

Referenced by cleanup_task(), client_disconnect_cb(), handle_client_response(), process_dns_result(), and process_helper_messages().

request_id_gen

uint64_t request_id_gen

static

Generator for unique request IDs.

Definition at line 238 of file gnunet-service-dns.c.

Referenced by process_helper_messages().

dnsstub

struct GNUNET_DNSSTUB_Context* dnsstub

static

Handle to the DNS Stub resolver.

Definition at line 243 of file gnunet-service-dns.c.

Referenced by cleanup_task(), next_phase(), and run().