src/gns/gnunet-service-gns_interceptor.c

   1 /*
   2      This file is part of GNUnet.
   3      (C) 2009, 2010, 2011 Christian Grothoff (and other contributing authors)
   4
   5      GNUnet is free software; you can redistribute it and/or modify
   6      it under the terms of the GNU General Public License as published
   7      by the Free Software Foundation; either version 3, or (at your
   8      option) any later version.
   9
  10      GNUnet is distributed in the hope that it will be useful, but
  11      WITHOUT ANY WARRANTY; without even the implied warranty of
  12      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13      General Public License for more details.
  14
  15      You should have received a copy of the GNU General Public License
  16      along with GNUnet; see the file COPYING.  If not, write to the
  17      Free Software Foundation, Inc., 59 Temple Place - Suite 330,
  18      Boston, MA 02111-1307, USA.
  19 */
  20
  21 /**
  22  *
  23  * @file gns/gnunet-service-gns_interceptor.c
  24  * @brief GNUnet GNS interceptor logic
  25  * @author Martin Schanzenbach
  26  */
  27 #include "platform.h"
  28 #include "gnunet_util_lib.h"
  29 #include "gnunet_transport_service.h"
  30 #include "gnunet_dns_service.h"
  31 #include "gnunet_dnsparser_lib.h"
  32 #include "gnunet-service-gns_resolver.h"
  33 #include "gns.h"
  34
  35 #define MAX_DNS_LABEL_LENGTH 63
  36
  37 /**
  38  * Handle to a DNS intercepted
  39  * reslution request
  40  */
  41 struct InterceptLookupHandle
  42 {
  43   /**
  44    * the request handle to reply to
  45    */
  46   struct GNUNET_DNS_RequestHandle *request_handle;
  47
  48   /**
  49    * the dns parser packet received
  50    */
  51   struct GNUNET_DNSPARSER_Packet *packet;
  52
  53   /**
  54    * the query parsed from the packet
  55    */
  56   struct GNUNET_DNSPARSER_Query *query;
  57 };
  58
  59
  60 /**
  61  * Our handle to the DNS handler library
  62  */
  63 static struct GNUNET_DNS_Handle *dns_handle;
  64
  65 /**
  66  * The root zone for this interceptor
  67  */
  68 static struct GNUNET_CRYPTO_ShortHashCode our_zone;
  69
  70 /**
  71  * Our priv key
  72  */
  73 static struct GNUNET_CRYPTO_RsaPrivateKey *our_key;
  74
  75 /**
  76  * Default timeout
  77  */
  78 static struct GNUNET_TIME_Relative default_lookup_timeout;
  79
  80
  81 /**
  82  * Reply to dns request with the result from our lookup.
  83  *
  84  * @param cls the closure to the request (an InterceptLookupHandle)
  85  * @param rd_count the number of records to return
  86  * @param rd the record data
  87  */
  88 static void
  89 reply_to_dns(void* cls, uint32_t rd_count,
  90              const struct GNUNET_NAMESTORE_RecordData *rd)
  91 {
  92   uint32_t i;
  93   size_t len;
  94   int ret;
  95   char *buf;
  96   struct InterceptLookupHandle* ilh = (struct InterceptLookupHandle*)cls;
  97   struct GNUNET_DNSPARSER_Packet *packet = ilh->packet;
  98   unsigned int num_answers = 0;
  99
 100
 101   /**
 102    * Put records in the DNS packet and modify it
 103    * to a response
 104    */
 105   for (i=0; i < rd_count; i++)
 106   {
 107     if (rd[i].record_type == ilh->query->type)
 108       num_answers++;
 109   }
 110
 111   struct GNUNET_DNSPARSER_Record answer_records[num_answers];
 112   struct GNUNET_DNSPARSER_Record additional_records[rd_count-(num_answers)];
 113   packet->answers = answer_records;
 114   packet->additional_records = additional_records;
 115
 116   for (i=0; i < rd_count; i++)
 117   {
 118     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
 119                "Adding type %d to DNS response\n", rd[i].record_type);
 120     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Name: %s\n", ilh->query->name);
 121     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Record %d/%d\n", i+1, rd_count);
 122     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Record len %d\n", rd[i].data_size);
 123
 124     if (rd[i].record_type == ilh->query->type)
 125     {
 126       answer_records[i].name = ilh->query->name;
 127       answer_records[i].type = rd[i].record_type;
 128       switch(rd[i].record_type)
 129       {
 130        case GNUNET_GNS_RECORD_NS:
 131        case GNUNET_GNS_RECORD_CNAME:
 132        case GNUNET_GNS_RECORD_PTR:
 133          answer_records[i].data.hostname = (char*)rd[i].data;
 134          break;
 135        case GNUNET_GNS_RECORD_SOA:
 136          answer_records[i].data.soa =
 137            (struct GNUNET_DNSPARSER_SoaRecord *)rd[i].data;
 138          break;
 139        case GNUNET_GNS_RECORD_MX:
 140          answer_records[i].data.mx =
 141            (struct GNUNET_DNSPARSER_MxRecord *)rd[i].data;
 142          break;
 143        default:
 144         answer_records[i].data.raw.data_len = rd[i].data_size;
 145         answer_records[i].data.raw.data = (char*)rd[i].data;
 146       }
 147       GNUNET_break (0 == (rd[i].flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION));
 148       answer_records[i].expiration_time.abs_value = rd[i].expiration_time;
 149       answer_records[i].class = GNUNET_DNSPARSER_CLASS_INTERNET;//hmmn
 150     }
 151     else
 152     {
 153       additional_records[i].name = ilh->query->name;
 154       additional_records[i].type = rd[i].record_type;
 155       switch(rd[i].record_type)
 156       {
 157        case GNUNET_GNS_RECORD_NS:
 158        case GNUNET_GNS_RECORD_CNAME:
 159        case GNUNET_GNS_RECORD_PTR:
 160          additional_records[i].data.hostname = (char*)rd[i].data;
 161          break;
 162        case GNUNET_GNS_RECORD_SOA:
 163          additional_records[i].data.soa =
 164            (struct GNUNET_DNSPARSER_SoaRecord *)rd[i].data;
 165          break;
 166        case GNUNET_GNS_RECORD_MX:
 167          additional_records[i].data.mx =
 168            (struct GNUNET_DNSPARSER_MxRecord *)rd[i].data;
 169          break;
 170        default:
 171         additional_records[i].data.raw.data_len = rd[i].data_size;
 172         additional_records[i].data.raw.data = (char*)rd[i].data;
 173       }
 174       GNUNET_break (0 == (rd[i].flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION));
 175       additional_records[i].expiration_time.abs_value = rd[i].expiration_time;
 176       additional_records[i].class = GNUNET_DNSPARSER_CLASS_INTERNET;//hmmn
 177     }
 178   }
 179
 180   packet->num_answers = num_answers;
 181   packet->num_additional_records = rd_count-(num_answers);
 182
 183   packet->flags.authoritative_answer = 1;
 184
 185   if (rd == NULL)
 186     packet->flags.return_code = GNUNET_DNSPARSER_RETURN_CODE_NAME_ERROR;
 187   else
 188     packet->flags.return_code = GNUNET_DNSPARSER_RETURN_CODE_NO_ERROR;
 189
 190   packet->flags.query_or_response = 1;
 191
 192
 193   /**
 194    * Reply to DNS
 195    */
 196   GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
 197              "Building DNS response\n");
 198   ret = GNUNET_DNSPARSER_pack (packet,
 199                                1024, /* FIXME magic from dns redirector */
 200                                &buf,
 201                                &len);
 202   GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
 203              "Built DNS response! (ret=%d,len=%d)\n", ret, len);
 204   if (ret == GNUNET_OK)
 205   {
 206     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
 207                "Answering DNS request\n");
 208     GNUNET_DNS_request_answer(ilh->request_handle,
 209                               len,
 210                               buf);
 211
 212     GNUNET_free(buf);
 213     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Answered DNS request\n");
 214   }
 215   else
 216   {
 217     GNUNET_log(GNUNET_ERROR_TYPE_ERROR,
 218                "Error building DNS response! (ret=%d)", ret);
 219   }
 220
 221   packet->num_answers = 0;
 222   packet->answers = NULL;
 223   packet->num_additional_records = 0;
 224   packet->additional_records = NULL;
 225   GNUNET_DNSPARSER_free_packet(packet);
 226   GNUNET_free(ilh);
 227 }
 228
 229
 230 /**
 231  * Entry point for name resolution
 232  * Setup a new query and try to resolve
 233  *
 234  * @param request the request handle of the DNS request from a client
 235  * @param p the DNS query packet we received
 236  * @param q the DNS query we received parsed from p
 237  */
 238 static void
 239 start_resolution_for_dns(struct GNUNET_DNS_RequestHandle *request,
 240                           struct GNUNET_DNSPARSER_Packet *p,
 241                           struct GNUNET_DNSPARSER_Query *q)
 242 {
 243   struct InterceptLookupHandle* ilh;
 244
 245   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
 246               "Starting resolution for %s (type=%d)!\n",
 247               q->name, q->type);
 248
 249   ilh = GNUNET_malloc(sizeof(struct InterceptLookupHandle));
 250   ilh->packet = p;
 251   ilh->query = q;
 252   ilh->request_handle = request;
 253
 254   /* Start resolution in our zone */
 255   gns_resolver_lookup_record(our_zone, our_zone, q->type, q->name,
 256                              our_key,
 257                              default_lookup_timeout,
 258                              GNUNET_NO,
 259                              &reply_to_dns, ilh);
 260 }
 261
 262
 263
 264 /**
 265  * The DNS request handler
 266  * Called for every incoming DNS request.
 267  *
 268  * @param cls closure
 269  * @param rh request handle to user for reply
 270  * @param request_length number of bytes in request
 271  * @param request udp payload of the DNS request
 272  */
 273 static void
 274 handle_dns_request(void *cls,
 275                    struct GNUNET_DNS_RequestHandle *rh,
 276                    size_t request_length,
 277                    const char *request)
 278 {
 279   struct GNUNET_DNSPARSER_Packet *p;
 280
 281   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Hijacked a DNS request...processing\n");
 282   p = GNUNET_DNSPARSER_parse (request, request_length);
 283
 284   if (NULL == p)
 285   {
 286     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
 287                 "Received malformed DNS packet, leaving it untouched\n");
 288     GNUNET_DNS_request_forward (rh);
 289     GNUNET_DNSPARSER_free_packet (p);
 290     return;
 291   }
 292
 293   /**
 294    * Check tld and decide if we or
 295    * legacy dns is responsible
 296    *
 297    * FIXME now in theory there could be more than 1 query in the request
 298    * but if this is case we get into trouble:
 299    * either we query the GNS or the DNS. We cannot do both!
 300    * So I suggest to either only allow a single query per request or
 301    * only allow GNS or DNS requests.
 302    * The way it is implemented here now is buggy and will lead to erratic
 303    * behaviour (if multiple queries are present).
 304    */
 305   if (p->num_queries == 0)
 306   {
 307     GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
 308                 "No Queries in DNS packet... forwarding\n");
 309     GNUNET_DNS_request_forward (rh);
 310     GNUNET_DNSPARSER_free_packet(p);
 311     return;
 312   }
 313
 314   if (p->num_queries > 1)
 315   {
 316     /* Note: We could also look for .gnunet */
 317     GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
 318                 ">1 queriy in DNS packet... odd. We only process #1\n");
 319   }
 320
 321
 322   /**
 323    * Check for .gnunet/.zkey
 324    */
 325
 326   if ((is_gnunet_tld(p->queries[0].name) == GNUNET_YES) ||
 327       (is_zkey_tld(p->queries[0].name) == GNUNET_YES) ||
 328       (strcmp(p->queries[0].name, GNUNET_GNS_TLD) == 0))
 329   {
 330     start_resolution_for_dns(rh, p, p->queries);
 331   }
 332   else
 333   {
 334     /**
 335      * This request does not concern us. Forward to real DNS.
 336      */
 337     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
 338                "Request for %s is forwarded to DNS\n", p->queries[0].name);
 339     GNUNET_DNS_request_forward (rh);
 340     GNUNET_DNSPARSER_free_packet (p);
 341   }
 342
 343 }
 344
 345
 346 /**
 347  * Initialized the interceptor
 348  *
 349  * @param zone the zone to work in
 350  * @param key the prov key of the zone (can be null, needed for caching)
 351  * @param c the configuration
 352  * @return GNUNET_OK on success
 353  */
 354 int
 355 gns_interceptor_init(struct GNUNET_CRYPTO_ShortHashCode zone,
 356                      struct GNUNET_CRYPTO_RsaPrivateKey *key,
 357                      const struct GNUNET_CONFIGURATION_Handle *c)
 358 {
 359   unsigned long long default_lookup_timeout_secs = 0;
 360
 361   GNUNET_log(GNUNET_ERROR_TYPE_INFO,
 362              "DNS hijacking enabled... connecting to service.\n");
 363
 364   our_zone = zone;
 365   our_key = key;
 366   /**
 367    * Do gnunet dns init here
 368    */
 369   dns_handle = GNUNET_DNS_connect(c,
 370                                   GNUNET_DNS_FLAG_PRE_RESOLUTION,
 371                                   &handle_dns_request, /* rh */
 372                                   NULL); /* Closure */
 373
 374   if (GNUNET_OK ==
 375       GNUNET_CONFIGURATION_get_value_number(c, "gns",
 376                                             "DEFAULT_LOOKUP_TIMEOUT",
 377                                             &default_lookup_timeout_secs))
 378   {
 379     default_lookup_timeout = GNUNET_TIME_relative_multiply(
 380                                                   GNUNET_TIME_UNIT_SECONDS,
 381                                                   default_lookup_timeout_secs);
 382   }
 383
 384   if (NULL == dns_handle)
 385   {
 386     GNUNET_log(GNUNET_ERROR_TYPE_ERROR,
 387              "Failed to connect to the dnsservice!\n");
 388     return GNUNET_SYSERR;
 389   }
 390
 391   return GNUNET_YES;
 392 }
 393
 394 /**
 395  * Disconnect from interceptor
 396  */
 397 void
 398 gns_interceptor_stop(void)
 399 {
 400   if (dns_handle)
 401     GNUNET_DNS_disconnect(dns_handle);
 402 }
 403
 404 /* end of gns_interceptor.c */