src/gns/gnunet-service-gns_interceptor.c

   1 /*
   2      This file is part of GNUnet.
   3      (C) 2009, 2010, 2011 Christian Grothoff (and other contributing authors)
   4
   5      GNUnet is free software; you can redistribute it and/or modify
   6      it under the terms of the GNU General Public License as published
   7      by the Free Software Foundation; either version 3, or (at your
   8      option) any later version.
   9
  10      GNUnet is distributed in the hope that it will be useful, but
  11      WITHOUT ANY WARRANTY; without even the implied warranty of
  12      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13      General Public License for more details.
  14
  15      You should have received a copy of the GNU General Public License
  16      along with GNUnet; see the file COPYING.  If not, write to the
  17      Free Software Foundation, Inc., 59 Temple Place - Suite 330,
  18      Boston, MA 02111-1307, USA.
  19 */
  20
  21 /**
  22  *
  23  * @file gns/gnunet-service-gns_interceptor.c
  24  * @brief GNUnet GNS interceptor logic
  25  * @author Martin Schanzenbach
  26  */
  27 #include "platform.h"
  28 #include "gnunet_util_lib.h"
  29 #include "gnunet_transport_service.h"
  30 #include "gnunet_dns_service.h"
  31 #include "gnunet_dnsparser_lib.h"
  32 #include "gnunet-service-gns_resolver.h"
  33 #include "gns.h"
  34
  35 #define MAX_DNS_LABEL_LENGTH 63
  36
  37 /**
  38  * Handle to a DNS intercepted
  39  * reslution request
  40  */
  41 struct InterceptLookupHandle
  42 {
  43   /* the request handle to reply to */
  44   struct GNUNET_DNS_RequestHandle *request_handle;
  45
  46   /* the dns parser packet received */
  47   struct GNUNET_DNSPARSER_Packet *packet;
  48
  49   /* the query parsed from the packet */
  50   struct GNUNET_DNSPARSER_Query *query;
  51 };
  52
  53
  54 /**
  55  * Our handle to the DNS handler library
  56  */
  57 static struct GNUNET_DNS_Handle *dns_handle;
  58
  59 /**
  60  * The root zone for this interceptor
  61  */
  62 static struct GNUNET_CRYPTO_ShortHashCode our_zone;
  63
  64 /**
  65  * Our priv key
  66  */
  67 static struct GNUNET_CRYPTO_RsaPrivateKey *our_key;
  68
  69 /**
  70  * Reply to dns request with the result from our lookup.
  71  *
  72  * @param cls the closure to the request (an InterceptLookupHandle)
  73  * @param rd_count the number of records to return
  74  * @param rd the record data
  75  */
  76 static void
  77 reply_to_dns(void* cls, uint32_t rd_count,
  78              const struct GNUNET_NAMESTORE_RecordData *rd)
  79 {
  80   int i;
  81   size_t len;
  82   int ret;
  83   char *buf;
  84   struct InterceptLookupHandle* ilh = (struct InterceptLookupHandle*)cls;
  85   struct GNUNET_DNSPARSER_Packet *packet = ilh->packet;
  86   unsigned int num_answers = 0;
  87
  88
  89   /**
  90    * Put records in the DNS packet and modify it
  91    * to a response
  92    */
  93   for (i=0; i < rd_count; i++)
  94   {
  95     if (rd[i].record_type == ilh->query->type)
  96       num_answers++;
  97   }
  98
  99   struct GNUNET_DNSPARSER_Record answer_records[num_answers];
 100   struct GNUNET_DNSPARSER_Record additional_records[rd_count-(num_answers)];
 101   packet->answers = answer_records;
 102   packet->additional_records = additional_records;
 103
 104   for (i=0; i < rd_count; i++)
 105   {
 106     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
 107                "Adding type %d to DNS response\n", rd[i].record_type);
 108     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Name: %s\n", ilh->query->name);
 109     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Record %d/%d\n", i+1, rd_count);
 110     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Record len %d\n", rd[i].data_size);
 111
 112     if (rd[i].record_type == ilh->query->type)
 113     {
 114       answer_records[i].name = ilh->query->name;
 115       answer_records[i].type = rd[i].record_type;
 116       switch(rd[i].record_type)
 117       {
 118        case GNUNET_GNS_RECORD_TYPE_NS:
 119        case GNUNET_GNS_RECORD_TYPE_CNAME:
 120        case GNUNET_GNS_RECORD_TYPE_PTR:
 121          answer_records[i].data.hostname = (char*)rd[i].data;
 122          break;
 123        case GNUNET_GNS_RECORD_TYPE_SOA:
 124          answer_records[i].data.soa =
 125            (struct GNUNET_DNSPARSER_SoaRecord *)rd[i].data;
 126          break;
 127        case GNUNET_GNS_RECORD_MX:
 128          answer_records[i].data.mx =
 129            (struct GNUNET_DNSPARSER_MxRecord *)rd[i].data;
 130          break;
 131        default:
 132         answer_records[i].data.raw.data_len = rd[i].data_size;
 133         answer_records[i].data.raw.data = (char*)rd[i].data;
 134       }
 135       answer_records[i].expiration_time = rd[i].expiration;
 136       answer_records[i].class = GNUNET_DNSPARSER_CLASS_INTERNET;//hmmn
 137     }
 138     else
 139     {
 140       additional_records[i].name = ilh->query->name;
 141       additional_records[i].type = rd[i].record_type;
 142       switch(rd[i].record_type)
 143       {
 144        case GNUNET_GNS_RECORD_TYPE_NS:
 145        case GNUNET_GNS_RECORD_TYPE_CNAME:
 146        case GNUNET_GNS_RECORD_TYPE_PTR:
 147          additional_records[i].data.hostname = (char*)rd[i].data;
 148          break;
 149        case GNUNET_GNS_RECORD_TYPE_SOA:
 150          additional_records[i].data.soa =
 151            (struct GNUNET_DNSPARSER_SoaRecord *)rd[i].data;
 152          break;
 153        case GNUNET_GNS_RECORD_MX:
 154          additional_records[i].data.mx =
 155            (struct GNUNET_DNSPARSER_MxRecord *)rd[i].data;
 156          break;
 157        default:
 158         additional_records[i].data.raw.data_len = rd[i].data_size;
 159         additional_records[i].data.raw.data = (char*)rd[i].data;
 160       }
 161       additional_records[i].expiration_time = rd[i].expiration;
 162       additional_records[i].class = GNUNET_DNSPARSER_CLASS_INTERNET;//hmmn
 163     }
 164   }
 165
 166   packet->num_answers = num_answers;
 167   packet->num_additional_records = rd_count-(num_answers);
 168
 169   packet->flags.authoritative_answer = 1;
 170
 171   if (rd == NULL)
 172     packet->flags.return_code = GNUNET_DNSPARSER_RETURN_CODE_NAME_ERROR;
 173   else
 174     packet->flags.return_code = GNUNET_DNSPARSER_RETURN_CODE_NO_ERROR;
 175
 176   packet->flags.query_or_response = 1;
 177
 178
 179   /**
 180    * Reply to DNS
 181    */
 182   GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
 183              "Building DNS response\n");
 184   ret = GNUNET_DNSPARSER_pack (packet,
 185                                1024, /* FIXME magic from dns redirector */
 186                                &buf,
 187                                &len);
 188   GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
 189              "Built DNS response! (ret=%d,len=%d)\n", ret, len);
 190   if (ret == GNUNET_OK)
 191   {
 192     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
 193                "Answering DNS request\n");
 194     GNUNET_DNS_request_answer(ilh->request_handle,
 195                               len,
 196                               buf);
 197
 198     GNUNET_free(buf);
 199     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Answered DNS request\n");
 200   }
 201   else
 202   {
 203     GNUNET_log(GNUNET_ERROR_TYPE_ERROR,
 204                "Error building DNS response! (ret=%d)", ret);
 205   }
 206
 207   packet->num_answers = 0;
 208   packet->answers = NULL;
 209   packet->num_additional_records = 0;
 210   packet->additional_records = NULL;
 211   GNUNET_DNSPARSER_free_packet(packet);
 212   GNUNET_free(ilh);
 213 }
 214
 215
 216 /**
 217  * Entry point for name resolution
 218  * Setup a new query and try to resolve
 219  *
 220  * @param request the request handle of the DNS request from a client
 221  * @param p the DNS query packet we received
 222  * @param q the DNS query we received parsed from p
 223  */
 224 static void
 225 start_resolution_for_dns(struct GNUNET_DNS_RequestHandle *request,
 226                           struct GNUNET_DNSPARSER_Packet *p,
 227                           struct GNUNET_DNSPARSER_Query *q)
 228 {
 229   struct InterceptLookupHandle* ilh;
 230
 231   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
 232               "Starting resolution for %s (type=%d)!\n",
 233               q->name, q->type);
 234
 235   ilh = GNUNET_malloc(sizeof(struct InterceptLookupHandle));
 236   ilh->packet = p;
 237   ilh->query = q;
 238   ilh->request_handle = request;
 239
 240   /* Start resolution in our zone */
 241   gns_resolver_lookup_record(our_zone, q->type, q->name,
 242                              our_key,
 243                              GNUNET_GNS_DEFAULT_LOOKUP_TIMEOUT,
 244                              &reply_to_dns, ilh);
 245 }
 246
 247
 248
 249 /**
 250  * The DNS request handler
 251  * Called for every incoming DNS request.
 252  *
 253  * @param cls closure
 254  * @param rh request handle to user for reply
 255  * @param request_length number of bytes in request
 256  * @param request udp payload of the DNS request
 257  */
 258 static void
 259 handle_dns_request(void *cls,
 260                    struct GNUNET_DNS_RequestHandle *rh,
 261                    size_t request_length,
 262                    const char *request)
 263 {
 264   struct GNUNET_DNSPARSER_Packet *p;
 265
 266   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Hijacked a DNS request...processing\n");
 267   p = GNUNET_DNSPARSER_parse (request, request_length);
 268
 269   if (NULL == p)
 270   {
 271     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
 272                 "Received malformed DNS packet, leaving it untouched\n");
 273     GNUNET_DNS_request_forward (rh);
 274     GNUNET_DNSPARSER_free_packet (p);
 275     return;
 276   }
 277
 278   /**
 279    * Check tld and decide if we or
 280    * legacy dns is responsible
 281    *
 282    * FIXME now in theory there could be more than 1 query in the request
 283    * but if this is case we get into trouble:
 284    * either we query the GNS or the DNS. We cannot do both!
 285    * So I suggest to either only allow a single query per request or
 286    * only allow GNS or DNS requests.
 287    * The way it is implemented here now is buggy and will lead to erratic
 288    * behaviour (if multiple queries are present).
 289    */
 290   if (p->num_queries == 0)
 291   {
 292     GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
 293                 "No Queries in DNS packet... forwarding\n");
 294     GNUNET_DNS_request_forward (rh);
 295     GNUNET_DNSPARSER_free_packet(p);
 296     return;
 297   }
 298
 299   if (p->num_queries > 1)
 300   {
 301     /* Note: We could also look for .gnunet */
 302     GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
 303                 ">1 queriy in DNS packet... odd. We only process #1\n");
 304   }
 305
 306
 307   /**
 308    * Check for .gnunet/.zkey
 309    */
 310
 311   if ((is_gnunet_tld(p->queries[0].name) == GNUNET_YES) ||
 312       (is_zkey_tld(p->queries[0].name) == GNUNET_YES))
 313   {
 314     start_resolution_for_dns(rh, p, p->queries);
 315   }
 316   else
 317   {
 318     /**
 319      * This request does not concern us. Forward to real DNS.
 320      */
 321     GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
 322                "Request for %s is forwarded to DNS\n", p->queries[0].name);
 323     GNUNET_DNS_request_forward (rh);
 324     GNUNET_DNSPARSER_free_packet (p);
 325   }
 326
 327 }
 328
 329
 330 /**
 331  * Initialized the interceptor
 332  *
 333  * @param zone the zone to work in
 334  * @param key the prov key of the zone (can be null, needed for caching)
 335  * @param c the configuration
 336  * @return GNUNET_OK on success
 337  */
 338 int
 339 gns_interceptor_init(struct GNUNET_CRYPTO_ShortHashCode zone,
 340                      struct GNUNET_CRYPTO_RsaPrivateKey *key,
 341                      const struct GNUNET_CONFIGURATION_Handle *c)
 342 {
 343   GNUNET_log(GNUNET_ERROR_TYPE_INFO,
 344              "DNS hijacking enabled... connecting to service.\n");
 345
 346   our_zone = zone;
 347   our_key = key;
 348   /**
 349    * Do gnunet dns init here
 350    */
 351   dns_handle = GNUNET_DNS_connect(c,
 352                                   GNUNET_DNS_FLAG_PRE_RESOLUTION,
 353                                   &handle_dns_request, /* rh */
 354                                   NULL); /* Closure */
 355   if (NULL == dns_handle)
 356   {
 357     GNUNET_log(GNUNET_ERROR_TYPE_ERROR,
 358              "Failed to connect to the dnsservice!\n");
 359     return GNUNET_SYSERR;
 360   }
 361
 362   return GNUNET_YES;
 363 }
 364
 365 /* end of gns_interceptor.c */