Home Verkennen Help
Inloggen
OWEALs
/
gnunet
spiegel van https://gnunet.org/git/gnunet.git
2
0
Vork 0
Bestanden Issues 0 Wiki
Boom: 670ebb20b9
Aftakkingen Labels
gnunet
/
src
/
gns
/
gnunet-service-gns_interceptor.c

gnunet-service-gns_interceptor.c 11 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398 
  1. /*
    2. 

  2.      This file is part of GNUnet.
    3. 

  3.      Copyright (C) 2009-2013 GNUnet e.V.
    4. 

  4. 

  5.      GNUnet is free software: you can redistribute it and/or modify it
    6. 

  6.      under the terms of the GNU Affero General Public License as published
    7. 

  7.      by the Free Software Foundation, either version 3 of the License,
    8. 

  8.      or (at your option) any later version.
    9. 

  9. 

  10.      GNUnet is distributed in the hope that it will be useful, but
    11. 

  11.      WITHOUT ANY WARRANTY; without even the implied warranty of
    12. 

  12.      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    13. 

  13.      Affero General Public License for more details.
    14. 

  14.     
    15. 

  15.      You should have received a copy of the GNU Affero General Public License
    16. 

  16.      along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17. 

  17. 

  18.      SPDX-License-Identifier: AGPL3.0-or-later
    19. 

  19. */
    20. 

  20. /**
    21. 

  21.  * @file gns/gnunet-service-gns_interceptor.c
    22. 

  22.  * @brief GNUnet GNS interceptor logic
    23. 

  23.  * @author Martin Schanzenbach
    24. 

  24.  * @author Christian Grothoff
    25. 

  25.  */
    26. 

  26. #include "platform.h"
    27. 

  27. #include "gnunet_util_lib.h"
    28. 

  28. #include "gnunet_dns_service.h"
    29. 

  29. #include "gnunet_dnsparser_lib.h"
    30. 

  30. #include "gnunet-service-gns.h"
    31. 

  31. #include "gnunet-service-gns_resolver.h"
    32. 

  32. #include "gnunet-service-gns_interceptor.h"
    33. 

  33. #include "gns.h"
    34. 

  34. 

  35. 

  36. /**
    37. 

  37.  * Handle to a DNS intercepted
    38. 

  38.  * reslution request
    39. 

  39.  */
    40. 

  40. struct InterceptLookupHandle
    41. 

  41. {
    42. 

  42. 

  43.   /**
    44. 

  44.    * We keep these in a DLL.
    45. 

  45.    */
    46. 

  46.   struct InterceptLookupHandle *next;
    47. 

  47. 

  48.   /**
    49. 

  49.    * We keep these in a DLL.
    50. 

  50.    */
    51. 

  51.   struct InterceptLookupHandle *prev;
    52. 

  52. 

  53.   /**
    54. 

  54.    * the request handle to reply to
    55. 

  55.    */
    56. 

  56.   struct GNUNET_DNS_RequestHandle *request_handle;
    57. 

  57. 

  58.   /**
    59. 

  59.    * the dns parser packet received
    60. 

  60.    */
    61. 

  61.   struct GNUNET_DNSPARSER_Packet *packet;
    62. 

  62. 

  63.   /**
    64. 

  64.    * Handle for the lookup operation.
    65. 

  65.    */
    66. 

  66.   struct GNS_ResolverHandle *lookup;
    67. 

  67. 

  68. };
    69. 

  69. 

  70. 

  71. /**
    72. 

  72.  * Our handle to the DNS handler library
    73. 

  73.  */
    74. 

  74. static struct GNUNET_DNS_Handle *dns_handle;
    75. 

  75. 

  76. /**
    77. 

  77.  * Head of the DLL.
    78. 

  78.  */
    79. 

  79. static struct InterceptLookupHandle *ilh_head;
    80. 

  80. 

  81. /**
    82. 

  82.  * Tail of the DLL.
    83. 

  83.  */
    84. 

  84. static struct InterceptLookupHandle *ilh_tail;
    85. 

  85. 

  86. 

  87. /**
    88. 

  88.  * Reply to dns request with the result from our lookup.
    89. 

  89.  *
    90. 

  90.  * @param cls the closure to the request (an InterceptLookupHandle)
    91. 

  91.  * @param rd_count the number of records to return
    92. 

  92.  * @param rd the record data
    93. 

  93.  */
    94. 

  94. static void
    95. 

  95. reply_to_dns (void *cls, uint32_t rd_count,
    96. 

  96. 	      const struct GNUNET_GNSRECORD_Data *rd)
    97. 

  97. {
    98. 

  98.   struct InterceptLookupHandle *ilh = cls;
    99. 

  99.   struct GNUNET_DNSPARSER_Packet *packet = ilh->packet;
    100. 

  100.   struct GNUNET_DNSPARSER_Query *query = &packet->queries[0];
    101. 

  101.   uint32_t i;
    102. 

  102.   size_t len;
    103. 

  103.   int ret;
    104. 

  104.   char *buf;
    105. 

  105.   unsigned int num_answers;
    106. 

  106.   unsigned int skip_answers;
    107. 

  107.   unsigned int skip_additional;
    108. 

  108.   size_t off = 0;
    109. 

  109. 

  110.   /* Put records in the DNS packet */
    111. 

  111.   num_answers = 0;
    112. 

  112.   for (i=0; i < rd_count; i++)
    113. 

  113.     if (rd[i].record_type == query->type)
    114. 

  114.       num_answers++;
    115. 

  115.   skip_answers = 0;
    116. 

  116.   skip_additional = 0;
    117. 

  117. 

  118.   {
    119. 

  119.     struct GNUNET_DNSPARSER_Record answer_records[num_answers];
    120. 

  120.     struct GNUNET_DNSPARSER_Record additional_records[rd_count - num_answers];
    121. 

  121. 

  122.     packet->answers = answer_records;
    123. 

  123.     packet->additional_records = additional_records;
    124. 

  124.     /* FIXME: need to handle #GNUNET_GNSRECORD_RF_SHADOW_RECORD option
    125. 

  125.        (by ignoring records where this flag is set if there is any
    126. 

  126.        other record of that type in the result set) */
    127. 

  127.     for (i=0; i < rd_count; i++)
    128. 

  128.     {
    129. 

  129.       if (rd[i].record_type == query->type)
    130. 

  130.       {
    131. 

  131. 	answer_records[i - skip_answers].name = query->name;
    132. 

  132. 	answer_records[i - skip_answers].type = rd[i].record_type;
    133. 

  133. 	switch(rd[i].record_type)
    134. 

  134. 	{
    135. 

  135. 	case GNUNET_DNSPARSER_TYPE_NS:
    136. 

  136. 	case GNUNET_DNSPARSER_TYPE_CNAME:
    137. 

  137. 	case GNUNET_DNSPARSER_TYPE_PTR:
    138. 

  138. 	  answer_records[i - skip_answers].data.hostname
    139. 

  139. 	    = GNUNET_DNSPARSER_parse_name (rd[i].data,
    140. 

  140. 					   rd[i].data_size,
    141. 

  141. 					   &off);
    142. 

  142. 	  if ( (off != rd[i].data_size) ||
    143. 

  143. 	       (NULL == answer_records[i].data.hostname) )
    144. 

  144. 	  {
    145. 

  145. 	    GNUNET_break_op (0);
    146. 

  146. 	    skip_answers++;
    147. 

  147. 	  }
    148. 

  148. 	  break;
    149. 

  149. 	case GNUNET_DNSPARSER_TYPE_SOA:
    150. 

  150. 	  answer_records[i - skip_answers].data.soa
    151. 

  151. 	    = GNUNET_DNSPARSER_parse_soa (rd[i].data,
    152. 

  152. 					  rd[i].data_size,
    153. 

  153. 					  &off);
    154. 

  154. 	  if ( (off != rd[i].data_size) ||
    155. 

  155. 	       (NULL == answer_records[i].data.soa) )
    156. 

  156. 	  {
    157. 

  157. 	    GNUNET_break_op (0);
    158. 

  158. 	    skip_answers++;
    159. 

  159. 	  }
    160. 

  160. 	  break;
    161. 

  161. 	case GNUNET_DNSPARSER_TYPE_SRV:
    162. 

  162. 	  /* FIXME: SRV is not yet supported */
    163. 

  163. 	  skip_answers++;
    164. 

  164. 	  break;
    165. 

  165. 	case GNUNET_DNSPARSER_TYPE_MX:
    166. 

  166. 	  answer_records[i - skip_answers].data.mx
    167. 

  167. 	    = GNUNET_DNSPARSER_parse_mx (rd[i].data,
    168. 

  168. 					 rd[i].data_size,
    169. 

  169. 					 &off);
    170. 

  170. 	  if ( (off != rd[i].data_size) ||
    171. 

  171. 	       (NULL == answer_records[i].data.hostname) )
    172. 

  172. 	  {
    173. 

  173. 	    GNUNET_break_op (0);
    174. 

  174. 	    skip_answers++;
    175. 

  175. 	  }
    176. 

  176. 	  break;
    177. 

  177. 	default:
    178. 

  178. 	  answer_records[i - skip_answers].data.raw.data_len = rd[i].data_size;
    179. 

  179. 	  answer_records[i - skip_answers].data.raw.data = (char*)rd[i].data;
    180. 

  180. 	  break;
    181. 

  181. 	}
    182. 

  182. 	GNUNET_break (0 == (rd[i - skip_answers].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION));
    183. 

  183. 	answer_records[i - skip_answers].expiration_time.abs_value_us = rd[i].expiration_time;
    184. 

  184. 	answer_records[i - skip_answers].dns_traffic_class = GNUNET_TUN_DNS_CLASS_INTERNET;
    185. 

  185.       }
    186. 

  186.       else
    187. 

  187.       {
    188. 

  188. 	additional_records[i - skip_additional].name = query->name;
    189. 

  189. 	additional_records[i - skip_additional].type = rd[i].record_type;
    190. 

  190. 	switch(rd[i].record_type)
    191. 

  191. 	{
    192. 

  192. 	case GNUNET_DNSPARSER_TYPE_NS:
    193. 

  193. 	case GNUNET_DNSPARSER_TYPE_CNAME:
    194. 

  194. 	case GNUNET_DNSPARSER_TYPE_PTR:
    195. 

  195. 	  additional_records[i - skip_additional].data.hostname
    196. 

  196. 	    = GNUNET_DNSPARSER_parse_name (rd[i].data,
    197. 

  197. 					   rd[i].data_size,
    198. 

  198. 					   &off);
    199. 

  199. 	  if ( (off != rd[i].data_size) ||
    200. 

  200. 	       (NULL == additional_records[i].data.hostname) )
    201. 

  201. 	  {
    202. 

  202. 	    GNUNET_break_op (0);
    203. 

  203. 	    skip_additional++;
    204. 

  204. 	  }
    205. 

  205. 	  break;
    206. 

  206. 	case GNUNET_DNSPARSER_TYPE_SOA:
    207. 

  207. 	  additional_records[i - skip_additional].data.soa
    208. 

  208. 	    = GNUNET_DNSPARSER_parse_soa (rd[i].data,
    209. 

  209. 					  rd[i].data_size,
    210. 

  210. 					  &off);
    211. 

  211. 	  if ( (off != rd[i].data_size) ||
    212. 

  212. 	       (NULL == additional_records[i].data.hostname) )
    213. 

  213. 	  {
    214. 

  214. 	    GNUNET_break_op (0);
    215. 

  215. 	    skip_additional++;
    216. 

  216. 	  }
    217. 

  217. 	  break;
    218. 

  218. 	case GNUNET_DNSPARSER_TYPE_MX:
    219. 

  219. 	  additional_records[i - skip_additional].data.mx
    220. 

  220. 	    = GNUNET_DNSPARSER_parse_mx (rd[i].data,
    221. 

  221. 					 rd[i].data_size,
    222. 

  222. 					 &off);
    223. 

  223. 	  if ( (off != rd[i].data_size) ||
    224. 

  224. 	       (NULL == additional_records[i].data.hostname) )
    225. 

  225. 	  {
    226. 

  226. 	    GNUNET_break_op (0);
    227. 

  227. 	    skip_additional++;
    228. 

  228. 	  }
    229. 

  229. 	  break;
    230. 

  230. 	case GNUNET_DNSPARSER_TYPE_SRV:
    231. 

  231. 	  /* FIXME: SRV is not yet supported */
    232. 

  232. 	  skip_answers++;
    233. 

  233. 	  break;
    234. 

  234. 	default:
    235. 

  235. 	  additional_records[i - skip_additional].data.raw.data_len = rd[i].data_size;
    236. 

  236. 	  additional_records[i - skip_additional].data.raw.data = (char*)rd[i].data;
    237. 

  237. 	  break;
    238. 

  238. 	}
    239. 

  239. 	GNUNET_break (0 == (rd[i - skip_additional].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION));
    240. 

  240. 	additional_records[i - skip_additional].expiration_time.abs_value_us = rd[i].expiration_time;
    241. 

  241. 	additional_records[i - skip_additional].dns_traffic_class = GNUNET_TUN_DNS_CLASS_INTERNET;
    242. 

  242.       }
    243. 

  243.     }
    244. 

  244.     packet->num_answers = num_answers - skip_answers;
    245. 

  245.     packet->num_additional_records = rd_count - num_answers - skip_additional;
    246. 

  246.     packet->flags.authoritative_answer = 1;
    247. 

  247.     if (NULL == rd)
    248. 

  248.       packet->flags.return_code = GNUNET_TUN_DNS_RETURN_CODE_NAME_ERROR;
    249. 

  249.     else
    250. 

  250.       packet->flags.return_code = GNUNET_TUN_DNS_RETURN_CODE_NO_ERROR;
    251. 

  251.     packet->flags.query_or_response = 1;
    252. 

  252.     ret = GNUNET_DNSPARSER_pack (packet,
    253. 

  253. 				 1024, /* maximum allowed size for DNS reply */
    254. 

  254. 				 &buf,
    255. 

  255. 				 &len);
    256. 

  256.     if (GNUNET_OK != ret)
    257. 

  257.     {
    258. 

  258.       GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    259. 

  259. 		  _("Error converting GNS response to DNS response!\n"));
    260. 

  260.       if (GNUNET_NO == ret)
    261. 

  261.         GNUNET_free (buf);
    262. 

  262.     }
    263. 

  263.     else
    264. 

  264.     {
    265. 

  265.       GNUNET_DNS_request_answer (ilh->request_handle,
    266. 

  266. 				 len,
    267. 

  267. 				 buf);
    268. 

  268.       GNUNET_free (buf);
    269. 

  269.     }
    270. 

  270.     packet->num_answers = 0;
    271. 

  271.     packet->answers = NULL;
    272. 

  272.     packet->num_additional_records = 0;
    273. 

  273.     packet->additional_records = NULL;
    274. 

  274.     GNUNET_DNSPARSER_free_packet (packet);
    275. 

  275.   }
    276. 

  276.   GNUNET_CONTAINER_DLL_remove (ilh_head, ilh_tail, ilh);
    277. 

  277.   GNUNET_free (ilh);
    278. 

  278. }
    279. 

  279. 

  280. 

  281. /**
    282. 

  282.  * The DNS request handler.  Called for every incoming DNS request.
    283. 

  283.  *
    284. 

  284.  * @param cls closure, unused
    285. 

  285.  * @param rh request handle to user for reply
    286. 

  286.  * @param request_length number of bytes in @a request
    287. 

  287.  * @param request UDP payload of the DNS request
    288. 

  288.  */
    289. 

  289. static void
    290. 

  290. handle_dns_request (void *cls,
    291. 

  291. 		    struct GNUNET_DNS_RequestHandle *rh,
    292. 

  292. 		    size_t request_length,
    293. 

  293. 		    const char *request)
    294. 

  294. {
    295. 

  295.   struct GNUNET_DNSPARSER_Packet *p;
    296. 

  296.   struct InterceptLookupHandle *ilh;
    297. 

  297.   struct GNUNET_CRYPTO_EcdsaPublicKey zone;
    298. 

  298. 

  299.   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
    300. 

  300. 	      "Hijacked a DNS request. Processing.\n");
    301. 

  301.   if (NULL == (p = GNUNET_DNSPARSER_parse (request, request_length)))
    302. 

  302.   {
    303. 

  303.     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    304. 

  304.                 "Received malformed DNS packet, leaving it untouched.\n");
    305. 

  305.     GNUNET_DNS_request_forward (rh);
    306. 

  306.     GNUNET_DNSPARSER_free_packet (p);
    307. 

  307.     return;
    308. 

  308.   }
    309. 

  309. 

  310.   /* Check TLD and decide if we or legacy dns is responsible */
    311. 

  311.   if (1 != p->num_queries)
    312. 

  312.   {
    313. 

  313.     GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
    314. 

  314.                 "Not exactly one query in DNS packet. Forwarding untouched.\n");
    315. 

  315.     GNUNET_DNS_request_forward (rh);
    316. 

  316.     GNUNET_DNSPARSER_free_packet(p);
    317. 

  317.     return;
    318. 

  318.   }
    319. 

  319. 

  320.   /* Check for GNS TLDs. */
    321. 

  321.   if (GNUNET_YES ==
    322. 

  322.       GNS_find_tld (GNS_get_tld (p->queries[0].name),
    323. 

  323.                     &zone))
    324. 

  324.   {
    325. 

  325.     /* Start resolution in GNS */
    326. 

  326.     ilh = GNUNET_new (struct InterceptLookupHandle);
    327. 

  327.     GNUNET_CONTAINER_DLL_insert (ilh_head,
    328. 

  328.                                  ilh_tail,
    329. 

  329.                                  ilh);
    330. 

  330.     ilh->packet = p;
    331. 

  331.     ilh->request_handle = rh;
    332. 

  332.     ilh->lookup = GNS_resolver_lookup (&zone,
    333. 

  333. 				       p->queries[0].type,
    334. 

  334. 				       p->queries[0].name,
    335. 

  335. 				       GNUNET_NO,
    336. 

  336. 				       &reply_to_dns, ilh);
    337. 

  337.     return;
    338. 

  338.   }
    339. 

  339.   /* This request does not concern us. Forward to real DNS. */
    340. 

  340.   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
    341. 

  341. 	      "Request for `%s' is forwarded to DNS untouched.\n",
    342. 

  342. 	      p->queries[0].name);
    343. 

  343.   GNUNET_DNS_request_forward (rh);
    344. 

  344.   GNUNET_DNSPARSER_free_packet (p);
    345. 

  345. }
    346. 

  346. 

  347. 

  348. /**
    349. 

  349.  * Initialized the interceptor
    350. 

  350.  *
    351. 

  351.  * @param c the configuration
    352. 

  352.  * @return #GNUNET_OK on success
    353. 

  353.  */
    354. 

  354. int
    355. 

  355. GNS_interceptor_init (const struct GNUNET_CONFIGURATION_Handle *c)
    356. 

  356. {
    357. 

  357.   GNUNET_log (GNUNET_ERROR_TYPE_INFO,
    358. 

  358. 	      "DNS hijacking enabled. Connecting to DNS service.\n");
    359. 

  359.   dns_handle = GNUNET_DNS_connect (c,
    360. 

  360. 				   GNUNET_DNS_FLAG_PRE_RESOLUTION,
    361. 

  361. 				   &handle_dns_request,
    362. 

  362. 				   NULL);
    363. 

  363.   if (NULL == dns_handle)
    364. 

  364.   {
    365. 

  365.     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
    366. 

  366. 		_("Failed to connect to the DNS service!\n"));
    367. 

  367.     return GNUNET_SYSERR;
    368. 

  368.   }
    369. 

  369.   return GNUNET_YES;
    370. 

  370. }
    371. 

  371. 

  372. 

  373. /**
    374. 

  374.  * Disconnect from interceptor
    375. 

  375.  */
    376. 

  376. void
    377. 

  377. GNS_interceptor_done ()
    378. 

  378. {
    379. 

  379.   struct InterceptLookupHandle *ilh;
    380. 

  380. 

  381.   while (NULL != (ilh = ilh_head))
    382. 

  382.   {
    383. 

  383.     GNUNET_CONTAINER_DLL_remove (ilh_head,
    384. 

  384.                                  ilh_tail,
    385. 

  385.                                  ilh);
    386. 

  386.     GNS_resolver_lookup_cancel (ilh->lookup);
    387. 

  387.     GNUNET_DNS_request_drop (ilh->request_handle);
    388. 

  388.     GNUNET_DNSPARSER_free_packet (ilh->packet);
    389. 

  389.     GNUNET_free (ilh);
    390. 

  390.   }
    391. 

  391.   if (NULL != dns_handle)
    392. 

  392.   {
    393. 

  393.     GNUNET_DNS_disconnect (dns_handle);
    394. 

  394.     dns_handle = NULL;
    395. 

  395.   }
    396. 

  396. }
    397. 

  397. 

  398. /* end of gnunet-service-gns_interceptor.c */
    399.