123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038 |
- #include <u.h>
- #include <libc.h>
- #include <ip.h>
- #include <bio.h>
- #include <ndb.h>
- #include "dns.h"
- enum
- {
- Maxdest= 24, /* maximum destinations for a request message */
- Maxtrans= 3, /* maximum transmissions to a server */
- };
- int inside, straddle, serve;
- static int netquery(DN*, int, RR*, Request*, int);
- static RR* dnresolve1(char*, int, int, Request*, int, int);
- char *LOG = "dns";
- /*
- * reading /proc/pid/args yields either "name" or "name [display args]",
- * so return only display args, if any.
- */
- static char *
- procgetname(void)
- {
- int fd, n;
- char *lp, *rp;
- char buf[256];
- snprint(buf, sizeof buf, "#p/%d/args", getpid());
- if((fd = open(buf, OREAD)) < 0)
- return strdup("");
- *buf = '\0';
- n = read(fd, buf, sizeof buf-1);
- close(fd);
- if (n >= 0)
- buf[n] = '\0';
- if ((lp = strchr(buf, '[')) == nil ||
- (rp = strrchr(buf, ']')) == nil)
- return strdup("");
- *rp = '\0';
- return strdup(lp+1);
- }
- /*
- * lookup 'type' info for domain name 'name'. If it doesn't exist, try
- * looking it up as a canonical name.
- */
- RR*
- dnresolve(char *name, int class, int type, Request *req, RR **cn, int depth,
- int recurse, int rooted, int *status)
- {
- RR *rp, *nrp, *drp;
- DN *dp;
- int loops;
- char *procname;
- char nname[Domlen];
- if(status)
- *status = 0;
- procname = procgetname();
- /*
- * hack for systems that don't have resolve search
- * lists. Just look up the simple name in the database.
- */
- if(!rooted && strchr(name, '.') == 0){
- rp = nil;
- drp = domainlist(class);
- for(nrp = drp; nrp != nil; nrp = nrp->next){
- snprint(nname, sizeof nname, "%s.%s", name,
- nrp->ptr->name);
- rp = dnresolve(nname, class, type, req, cn, depth,
- recurse, rooted, status);
- rrfreelist(rrremneg(&rp));
- if(rp != nil)
- break;
- }
- if(drp != nil)
- rrfree(drp);
- procsetname(procname);
- free(procname);
- return rp;
- }
- /*
- * try the name directly
- */
- rp = dnresolve1(name, class, type, req, depth, recurse);
- if(rp) {
- procsetname(procname);
- free(procname);
- return randomize(rp);
- }
- /* try it as a canonical name if we weren't told the name didn't exist */
- dp = dnlookup(name, class, 0);
- if(type != Tptr && dp->respcode != Rname)
- for(loops = 0; rp == nil && loops < 32; loops++){
- rp = dnresolve1(name, class, Tcname, req, depth, recurse);
- if(rp == nil)
- break;
- if(rp->negative){
- rrfreelist(rp);
- rp = nil;
- break;
- }
- name = rp->host->name;
- if(cn)
- rrcat(cn, rp);
- else
- rrfreelist(rp);
- rp = dnresolve1(name, class, type, req, depth, recurse);
- }
- /* distinction between not found and not good */
- if(rp == nil && status != nil && dp->respcode != 0)
- *status = dp->respcode;
- procsetname(procname);
- free(procname);
- return randomize(rp);
- }
- static RR*
- dnresolve1(char *name, int class, int type, Request *req, int depth,
- int recurse)
- {
- DN *dp, *nsdp;
- RR *rp, *nsrp, *dbnsrp;
- char *cp;
- if(debug)
- syslog(0, LOG, "[%d] dnresolve1 %s %d %d",
- getpid(), name, type, class);
- /* only class Cin implemented so far */
- if(class != Cin)
- return nil;
- dp = dnlookup(name, class, 1);
- /*
- * Try the cache first
- */
- rp = rrlookup(dp, type, OKneg);
- if(rp)
- if(rp->db){
- /* unauthenticated db entries are hints */
- if(rp->auth)
- return rp;
- } else
- /* cached entry must still be valid */
- if(rp->ttl > now)
- /* but Tall entries are special */
- if(type != Tall || rp->query == Tall)
- return rp;
- rrfreelist(rp);
- /*
- * try the cache for a canonical name. if found punt
- * since we'll find it during the canonical name search
- * in dnresolve().
- */
- if(type != Tcname){
- rp = rrlookup(dp, Tcname, NOneg);
- rrfreelist(rp);
- if(rp)
- return nil;
- }
- /*
- * if we're running as just a resolver, go to our
- * designated name servers
- */
- if(resolver){
- nsrp = randomize(getdnsservers(class));
- if(nsrp != nil) {
- if(netquery(dp, type, nsrp, req, depth+1)){
- rrfreelist(nsrp);
- return rrlookup(dp, type, OKneg);
- }
- rrfreelist(nsrp);
- }
- }
- /*
- * walk up the domain name looking for
- * a name server for the domain.
- */
- for(cp = name; cp; cp = walkup(cp)){
- /*
- * if this is a local (served by us) domain,
- * return answer
- */
- dbnsrp = randomize(dblookup(cp, class, Tns, 0, 0));
- if(dbnsrp && dbnsrp->local){
- rp = dblookup(name, class, type, 1, dbnsrp->ttl);
- rrfreelist(dbnsrp);
- return rp;
- }
- /*
- * if recursion isn't set, just accept local
- * entries
- */
- if(recurse == Dontrecurse){
- if(dbnsrp)
- rrfreelist(dbnsrp);
- continue;
- }
- /* look for ns in cache */
- nsdp = dnlookup(cp, class, 0);
- nsrp = nil;
- if(nsdp)
- nsrp = randomize(rrlookup(nsdp, Tns, NOneg));
- /* if the entry timed out, ignore it */
- if(nsrp && nsrp->ttl < now){
- rrfreelist(nsrp);
- nsrp = nil;
- }
- if(nsrp){
- rrfreelist(dbnsrp);
- /* try the name servers found in cache */
- if(netquery(dp, type, nsrp, req, depth+1)){
- rrfreelist(nsrp);
- return rrlookup(dp, type, OKneg);
- }
- rrfreelist(nsrp);
- continue;
- }
- /* use ns from db */
- if(dbnsrp){
- /* try the name servers found in db */
- if(netquery(dp, type, dbnsrp, req, depth+1)){
- /* we got an answer */
- rrfreelist(dbnsrp);
- return rrlookup(dp, type, NOneg);
- }
- rrfreelist(dbnsrp);
- }
- }
- /* settle for a non-authoritative answer */
- rp = rrlookup(dp, type, OKneg);
- if(rp)
- return rp;
- /* noone answered. try the database, we might have a chance. */
- return dblookup(name, class, type, 0, 0);
- }
- /*
- * walk a domain name one element to the right.
- * return a pointer to that element.
- * in other words, return a pointer to the parent domain name.
- */
- char*
- walkup(char *name)
- {
- char *cp;
- cp = strchr(name, '.');
- if(cp)
- return cp+1;
- else if(*name)
- return "";
- else
- return 0;
- }
- /*
- * Get a udpport for requests and replies. Put the port
- * into "headers" mode.
- */
- static char *hmsg = "headers";
- static char *ohmsg = "oldheaders";
- int
- udpport(char *mtpt)
- {
- int fd, ctl;
- char ds[64], adir[64];
- /* get a udp port */
- snprint(ds, sizeof ds, "%s/udp!*!0", (mtpt? mtpt: "/net"));
- ctl = announce(ds, adir);
- if(ctl < 0){
- /* warning("can't get udp port"); */
- return -1;
- }
- /* turn on header style interface */
- if(write(ctl, hmsg, strlen(hmsg)) , 0){
- close(ctl);
- warning(hmsg);
- return -1;
- }
- write(ctl, ohmsg, strlen(ohmsg));
- /* grab the data file */
- snprint(ds, sizeof ds, "%s/data", adir);
- fd = open(ds, ORDWR);
- close(ctl);
- if(fd < 0)
- warning("can't open udp port %s: %r", ds);
- return fd;
- }
- int
- mkreq(DN *dp, int type, uchar *buf, int flags, ushort reqno)
- {
- DNSmsg m;
- int len;
- OUdphdr *uh = (OUdphdr*)buf;
- /* stuff port number into output buffer */
- memset(uh, 0, sizeof(*uh));
- hnputs(uh->rport, 53);
- /* make request and convert it to output format */
- memset(&m, 0, sizeof(m));
- m.flags = flags;
- m.id = reqno;
- m.qd = rralloc(type);
- m.qd->owner = dp;
- m.qd->type = type;
- len = convDNS2M(&m, &buf[OUdphdrsize], Maxudp);
- if(len < 0)
- abort(); /* "can't convert" */
- rrfree(m.qd);
- return len;
- }
- /* for alarms in readreply */
- static void
- ding(void *x, char *msg)
- {
- USED(x);
- if(strcmp(msg, "alarm") == 0)
- noted(NCONT);
- else
- noted(NDFLT);
- }
- static void
- freeanswers(DNSmsg *mp)
- {
- rrfreelist(mp->qd);
- rrfreelist(mp->an);
- rrfreelist(mp->ns);
- rrfreelist(mp->ar);
- mp->qd = mp->an = mp->ns = mp->ar = nil;
- }
- /*
- * read replies to a request. ignore any of the wrong type.
- * wait at most 5 seconds.
- */
- static int
- readreply(int fd, DN *dp, int type, ushort req,
- uchar *ibuf, DNSmsg *mp, ulong endtime, Request *reqp)
- {
- char *err;
- int len;
- ulong now;
- RR *rp;
- notify(ding);
- for(; ; freeanswers(mp)){
- now = time(0);
- if(now >= endtime)
- return -1; /* timed out */
- /* timed read */
- alarm((endtime - now) * 1000);
- len = read(fd, ibuf, OUdphdrsize+Maxudpin);
- alarm(0);
- len -= OUdphdrsize;
- if(len < 0)
- return -1; /* timed out */
- /* convert into internal format */
- memset(mp, 0, sizeof(*mp));
- err = convM2DNS(&ibuf[OUdphdrsize], len, mp, nil);
- if(err){
- syslog(0, LOG, "input err: %s: %I", err, ibuf);
- continue;
- }
- if(debug)
- logreply(reqp->id, ibuf, mp);
- /* answering the right question? */
- if(mp->id != req){
- syslog(0, LOG, "%d: id %d instead of %d: %I", reqp->id,
- mp->id, req, ibuf);
- continue;
- }
- if(mp->qd == 0){
- syslog(0, LOG, "%d: no question RR: %I", reqp->id, ibuf);
- continue;
- }
- if(mp->qd->owner != dp){
- syslog(0, LOG, "%d: owner %s instead of %s: %I",
- reqp->id, mp->qd->owner->name, dp->name, ibuf);
- continue;
- }
- if(mp->qd->type != type){
- syslog(0, LOG, "%d: type %d instead of %d: %I",
- reqp->id, mp->qd->type, type, ibuf);
- continue;
- }
- /* remember what request this is in answer to */
- for(rp = mp->an; rp; rp = rp->next)
- rp->query = type;
- return 0;
- }
- }
- /*
- * return non-0 if first list includes second list
- */
- int
- contains(RR *rp1, RR *rp2)
- {
- RR *trp1, *trp2;
- for(trp2 = rp2; trp2; trp2 = trp2->next){
- for(trp1 = rp1; trp1; trp1 = trp1->next){
- if(trp1->type == trp2->type)
- if(trp1->host == trp2->host)
- if(trp1->owner == trp2->owner)
- break;
- }
- if(trp1 == nil)
- return 0;
- }
- return 1;
- }
- typedef struct Dest Dest;
- struct Dest
- {
- uchar a[IPaddrlen]; /* ip address */
- DN *s; /* name server */
- int nx; /* number of transmissions */
- int code; /* response code; used to clear dp->respcode */
- };
- /*
- * return multicast version if any
- */
- int
- ipisbm(uchar *ip)
- {
- if(isv4(ip)){
- if (ip[IPv4off] >= 0xe0 && ip[IPv4off] < 0xf0 ||
- ipcmp(ip, IPv4bcast) == 0)
- return 4;
- } else
- if(ip[0] == 0xff)
- return 6;
- return 0;
- }
- static Ndb *db;
- static Ndbtuple *indoms, *innmsrvs, *outnmsrvs;
- static QLock ndblock;
- static void
- loaddomsrvs(Ndb *db)
- {
- Ndbs s;
- if (indoms == nil) {
- free(ndbgetvalue(db, &s, "sys", "inside-dom", "dom", &indoms));
- free(ndbgetvalue(db, &s, "sys", "inside-ns", "ip", &innmsrvs));
- free(ndbgetvalue(db, &s, "sys", "outside-ns", "ip", &outnmsrvs));
- syslog(0, LOG, "reloaded inside-dom, inside-ns, outside-ns");
- }
- }
- /*
- * is this domain (or DOMAIN or Domain or dOMAIN)
- * internal to our organisation (behind our firewall)?
- * only inside straddling servers care, everybody else gets told `yes',
- * so they'll use mntpt for their queries.
- */
- static int
- insideaddr(char *dom)
- {
- int domlen, vallen, rv;
- Ndbtuple *t;
- if (!inside || !straddle || !serve)
- return 1;
- qlock(&ndblock);
- if (indoms == nil) {
- db = ndbopen(nil);
- if (db != nil)
- loaddomsrvs(db);
- /* leave db open so we can quickly test for changes */
- } else if (ndbchanged(db)) {
- ndbfree(indoms);
- ndbfree(innmsrvs);
- ndbfree(outnmsrvs);
- indoms = innmsrvs = outnmsrvs = nil;
- ndbreopen(db);
- loaddomsrvs(db);
- }
- if (indoms == nil) {
- qunlock(&ndblock);
- return 1; /* no "inside" sys, try inside nameservers */
- }
- rv = 0;
- domlen = strlen(dom);
- for (t = indoms; t != nil; t = t->entry) {
- if (strcmp(t->attr, "dom") != 0)
- continue;
- vallen = strlen(t->val);
- if (cistrcmp(dom, t->val) == 0 ||
- domlen > vallen &&
- cistrcmp(dom + domlen - vallen, t->val) == 0 &&
- dom[domlen - vallen - 1] == '.') {
- rv = 1;
- break;
- }
- }
- qunlock(&ndblock);
- return rv;
- }
- static int
- insidens(uchar *ip)
- {
- uchar ipa[IPaddrlen];
- Ndbtuple *t;
- for (t = innmsrvs; t != nil; t = t->entry)
- if (strcmp(t->attr, "ip") == 0) {
- parseip(ipa, t->val);
- if (memcmp(ipa, ip, sizeof ipa) == 0)
- return 1;
- }
- return 0;
- }
- static uchar *
- outsidens(void)
- {
- Ndbtuple *t;
- static uchar ipa[IPaddrlen];
- for (t = outnmsrvs; t != nil; t = t->entry)
- if (strcmp(t->attr, "ip") == 0) {
- parseip(ipa, t->val);
- return ipa;
- }
- return nil;
- }
- /*
- * Get next server address
- */
- static int
- serveraddrs(DN *dp, RR *nsrp, Dest *dest, int nd, int depth, Request *reqp)
- {
- RR *rp, *arp, *trp;
- Dest *cur;
- if(nd >= Maxdest)
- return 0;
- /*
- * look for a server whose address we already know.
- * if we find one, mark it so we ignore this on
- * subsequent passes.
- */
- arp = 0;
- for(rp = nsrp; rp; rp = rp->next){
- assert(rp->magic == RRmagic);
- if(rp->marker)
- continue;
- arp = rrlookup(rp->host, Ta, NOneg);
- if(arp){
- rp->marker = 1;
- break;
- }
- arp = dblookup(rp->host->name, Cin, Ta, 0, 0);
- if(arp){
- rp->marker = 1;
- break;
- }
- }
- /*
- * if the cache and database lookup didn't find any new
- * server addresses, try resolving one via the network.
- * Mark any we try to resolve so we don't try a second time.
- */
- if(arp == 0)
- for(rp = nsrp; rp; rp = rp->next){
- if(rp->marker)
- continue;
- rp->marker = 1;
- /*
- * avoid loops looking up a server under itself
- */
- if(subsume(rp->owner->name, rp->host->name))
- continue;
- arp = dnresolve(rp->host->name, Cin, Ta, reqp, 0,
- depth+1, Recurse, 1, 0);
- rrfreelist(rrremneg(&arp));
- if(arp)
- break;
- }
- /* use any addresses that we found */
- for(trp = arp; trp; trp = trp->next){
- if(nd >= Maxdest)
- break;
- cur = &dest[nd];
- parseip(cur->a, trp->ip->name);
- if (ipisbm(cur->a) ||
- !insideaddr(dp->name) && insidens(cur->a))
- continue;
- cur->nx = 0;
- cur->s = trp->owner;
- cur->code = Rtimeout;
- nd++;
- }
- rrfreelist(arp);
- return nd;
- }
- /*
- * cache negative responses
- */
- static void
- cacheneg(DN *dp, int type, int rcode, RR *soarr)
- {
- RR *rp;
- DN *soaowner;
- ulong ttl;
- /* no cache time specified, don't make anything up */
- if(soarr != nil){
- if(soarr->next != nil){
- rrfreelist(soarr->next);
- soarr->next = nil;
- }
- soaowner = soarr->owner;
- } else
- soaowner = nil;
- /* the attach can cause soarr to be freed so mine it now */
- if(soarr != nil && soarr->soa != nil)
- ttl = soarr->soa->minttl+now;
- else
- ttl = 5*Min;
- /* add soa and negative RR to the database */
- rrattach(soarr, 1);
- rp = rralloc(type);
- rp->owner = dp;
- rp->negative = 1;
- rp->negsoaowner = soaowner;
- rp->negrcode = rcode;
- rp->ttl = ttl;
- rrattach(rp, 1);
- }
- /*
- * query name servers. If the name server returns a pointer to another
- * name server, recurse.
- */
- static int
- netquery1(int fd, DN *dp, int type, RR *nsrp, Request *reqp, int depth,
- uchar *ibuf, uchar *obuf, int waitsecs, int inns)
- {
- int ndest, j, len, replywaits, rv;
- ulong endtime;
- ushort req;
- char buf[12];
- DN *ndp;
- DNSmsg m;
- Dest *p, *l, *np;
- Dest dest[Maxdest];
- RR *tp, *soarr;
- /* pack request into a message */
- req = rand();
- len = mkreq(dp, type, obuf, Frecurse|Oquery, req);
- /* no server addresses yet */
- l = dest;
- /*
- * transmit requests and wait for answers.
- * at most Maxtrans attempts to each address.
- * each cycle send one more message than the previous.
- */
- for(ndest = 1; ndest < Maxdest; ndest++){
- p = dest;
- endtime = time(0);
- if(endtime >= reqp->aborttime)
- break;
- /* get a server address if we need one */
- if(ndest > l - p){
- j = serveraddrs(dp, nsrp, dest, l - p, depth, reqp);
- l = &dest[j];
- }
- /* no servers, punt */
- if(l == dest)
- if (straddle && inside) {
- /* HACK: use sys=outside ips */
- if (outsidens() == nil)
- sysfatal("no outside-ns in ndb");
- p = dest;
- memmove(p->a, outsidens(), sizeof p->a);
- p->s = dnlookup("outside", Cin, 1);
- p->nx = p->code = 0;
- l = p + 1;
- } else {
- syslog(0, LOG, "netquery1: no servers for %s", dp->name); // DEBUG
- break;
- }
- /* send to first 'ndest' destinations */
- j = 0;
- for(; p < &dest[ndest] && p < l; p++){
- /* skip destinations we've finished with */
- if(p->nx >= Maxtrans)
- continue;
- j++;
- /* exponential backoff of requests */
- if((1<<p->nx) > ndest)
- continue;
- memmove(obuf, p->a, sizeof p->a);
- procsetname("req slave: %sside query to %I/%s %s %s",
- (inns? "in": "out"), obuf, p->s->name, dp->name,
- rrname(type, buf, sizeof buf));
- if(debug)
- logsend(reqp->id, depth, obuf, p->s->name,
- dp->name, type);
- /* actually send the UDP packet */
- if(write(fd, obuf, len + OUdphdrsize) < 0)
- warning("sending udp msg %r");
- p->nx++;
- }
- if(j == 0)
- break; /* no destinations left */
- endtime = time(0) + waitsecs;
- if(endtime > reqp->aborttime)
- endtime = reqp->aborttime;
- for(replywaits = 0; replywaits < ndest; replywaits++){
- procsetname(
- "req slave: reading %sside reply from %I for %s %s",
- (inns? "in": "out"), obuf, dp->name,
- rrname(type, buf, sizeof buf));
- memset(&m, 0, sizeof m);
- if(readreply(fd, dp, type, req, ibuf, &m, endtime, reqp) < 0)
- break; /* timed out */
- /* find responder */
- for(p = dest; p < l; p++)
- if(memcmp(p->a, ibuf, sizeof(p->a)) == 0)
- break;
- /* remove all addrs of responding server from list */
- for(np = dest; np < l; np++)
- if(np->s == p->s)
- p->nx = Maxtrans;
- /* ignore any error replies */
- if((m.flags & Rmask) == Rserver){
- rrfreelist(m.qd);
- rrfreelist(m.an);
- rrfreelist(m.ar);
- rrfreelist(m.ns);
- if(p != l)
- p->code = Rserver;
- continue;
- }
- /* ignore any bad delegations */
- if(m.ns && baddelegation(m.ns, nsrp, ibuf)){
- rrfreelist(m.ns);
- m.ns = nil;
- if(m.an == nil){
- rrfreelist(m.qd);
- rrfreelist(m.ar);
- if(p != l)
- p->code = Rserver;
- continue;
- }
- }
- /* remove any soa's from the authority section */
- soarr = rrremtype(&m.ns, Tsoa);
- /* incorporate answers */
- if(m.an)
- rrattach(m.an, (m.flags & Fauth) != 0);
- if(m.ar)
- rrattach(m.ar, 0);
- if(m.ns){
- ndp = m.ns->owner;
- rrattach(m.ns, 0);
- } else
- ndp = nil;
- /* free the question */
- if(m.qd)
- rrfreelist(m.qd);
- /*
- * Any reply from an authoritative server,
- * or a positive reply terminates the search
- */
- if(m.an != nil || (m.flags & Fauth)){
- if(m.an == nil && (m.flags & Rmask) == Rname)
- dp->respcode = Rname;
- else
- dp->respcode = 0;
- /*
- * cache any negative responses, free soarr
- */
- if((m.flags & Fauth) && m.an == nil)
- cacheneg(dp, type, (m.flags & Rmask),
- soarr);
- else
- rrfreelist(soarr);
- return 1;
- }
- rrfreelist(soarr);
- /*
- * if we've been given better name servers,
- * recurse. we're called from udpquery, called from
- * netquery, which current holds dp->querylck,
- * so release it now and acquire it upon return.
- */
- if(m.ns){
- tp = rrlookup(ndp, Tns, NOneg);
- if(!contains(nsrp, tp)){
- procsetname(
- "req slave: recursive query for %s %s",
- dp->name,
- rrname(type, buf, sizeof buf));
- qunlock(&dp->querylck);
- rv = netquery(dp, type, tp, reqp,
- depth + 1);
- qlock(&dp->querylck);
- rrfreelist(tp);
- return rv;
- } else
- rrfreelist(tp);
- }
- }
- }
- /* if all servers returned failure, propagate it */
- dp->respcode = Rserver;
- for(p = dest; p < l; p++)
- if(p->code != Rserver)
- dp->respcode = 0;
- return 0;
- }
- /*
- * run a command with a supplied fd as standard input
- */
- char *
- system(int fd, char *cmd)
- {
- int pid, p, i;
- static Waitmsg msg;
- if((pid = fork()) == -1)
- sysfatal("fork failed: %r");
- else if(pid == 0){
- dup(fd, 0);
- close(fd);
- for (i = 3; i < 200; i++)
- close(i); /* don't leak fds */
- execl("/bin/rc", "rc", "-c", cmd, nil);
- sysfatal("exec rc: %r");
- }
- for(p = waitpid(); p >= 0; p = waitpid())
- if(p == pid)
- return msg.msg;
- return "lost child";
- }
- enum { Hurry, Patient, };
- enum { Outns, Inns, };
- static int
- udpquery(char *mntpt, DN *dp, int type, RR *nsrp, Request *reqp, int depth,
- int patient, int inns)
- {
- int fd, rv = 0;
- char *msg;
- uchar *obuf, *ibuf;
- /* use alloced buffers rather than ones from the stack */
- ibuf = emalloc(Maxudpin+OUdphdrsize);
- obuf = emalloc(Maxudp+OUdphdrsize);
- fd = udpport(mntpt);
- if (fd < 0 && straddle && strcmp(mntpt, "/net.alt") == 0) {
- /* HACK: remount /net.alt */
- syslog(0, LOG, "remounting /net.alt");
- unmount(nil, "/net.alt");
- msg = system(open("/dev/null", ORDWR), "outside");
- if (msg && *msg) {
- syslog(0, LOG, "can't remount /net.alt: %s", msg);
- sleep(2000); /* don't spin wildly */
- } else
- fd = udpport(mntpt);
- }
- if(fd >= 0) {
- reqp->aborttime = time(0) + (patient? Maxreqtm: Maxreqtm/2);
- rv = netquery1(fd, dp, type, nsrp, reqp, depth,
- ibuf, obuf, (patient? 15: 10), inns);
- close(fd);
- }
- free(obuf);
- free(ibuf);
- return rv;
- }
- /* look up (dp->name,type) via *nsrp with results in *reqp */
- static int
- netquery(DN *dp, int type, RR *nsrp, Request *reqp, int depth)
- {
- int lock, rv, triedin;
- RR *rp;
- if(depth > 12) /* in a recursive loop? */
- return 0;
- slave(reqp); /* might fork */
- /* if so, parent process longjmped to req->mret; we're child slave */
- if (!reqp->isslave)
- syslog(0, LOG,
- "[%d] netquery: slave returned with reqp->isslave==0",
- getpid());
- /* don't lock before call to slave so only children can block */
- lock = reqp->isslave != 0;
- if(lock) {
- procsetname("waiting for query lock on %s", dp->name);
- /* don't make concurrent queries for this name */
- qlock(&dp->querylck);
- procsetname("netquery: %s", dp->name);
- }
- /* prepare server RR's for incremental lookup */
- for(rp = nsrp; rp; rp = rp->next)
- rp->marker = 0;
- rv = 0; /* pessimism */
- triedin = 0;
- /*
- * normal resolvers and servers will just use mntpt for all addresses,
- * even on the outside. straddling servers will use mntpt (/net)
- * for inside addresses and /net.alt for outside addresses,
- * thus bypassing other inside nameservers.
- */
- if (!straddle || insideaddr(dp->name)) {
- rv = udpquery(mntpt, dp, type, nsrp, reqp, depth, Hurry,
- (inside? Inns: Outns));
- triedin = 1;
- }
- /*
- * if we're still looking, are inside, and have an outside domain,
- * try it on our outside interface, if any.
- */
- if (rv == 0 && inside && !insideaddr(dp->name)) {
- if (triedin)
- syslog(0, LOG,
- "[%d] netquery: internal nameservers failed for %s; trying external",
- getpid(), dp->name);
- /* prepare server RR's for incremental lookup */
- for(rp = nsrp; rp; rp = rp->next)
- rp->marker = 0;
- rv = udpquery("/net.alt", dp, type, nsrp, reqp, depth, Patient,
- Outns);
- if (rv == 0)
- syslog(0, LOG, "[%d] netquery: no luck for %s",
- getpid(), dp->name);
- }
- if(lock)
- qunlock(&dp->querylck);
- return rv;
- }
|