2 This file is part of GNUnet.
3 (C) 2009, 2010, 2011, 2012 Christian Grothoff (and other contributing authors)
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
21 * @file gns/gnunet-service-gns_interceptor.c
22 * @brief GNUnet GNS interceptor logic
23 * @author Martin Schanzenbach
26 #include "gnunet_util_lib.h"
27 #include "gnunet_transport_service.h"
28 #include "gnunet_dns_service.h"
29 #include "gnunet_dnsparser_lib.h"
30 #include "gnunet-service-gns_resolver.h"
34 * Handle to a DNS intercepted
37 struct InterceptLookupHandle
40 * the request handle to reply to
42 struct GNUNET_DNS_RequestHandle *request_handle;
45 * the dns parser packet received
47 struct GNUNET_DNSPARSER_Packet *packet;
50 * the query parsed from the packet
52 struct GNUNET_DNSPARSER_Query *query;
57 * Our handle to the DNS handler library
59 static struct GNUNET_DNS_Handle *dns_handle;
62 * The root zone for this interceptor
64 static struct GNUNET_CRYPTO_ShortHashCode our_zone;
69 static struct GNUNET_CRYPTO_RsaPrivateKey *our_key;
74 static struct GNUNET_TIME_Relative default_lookup_timeout;
78 * Reply to dns request with the result from our lookup.
80 * @param cls the closure to the request (an InterceptLookupHandle)
81 * @param rd_count the number of records to return
82 * @param rd the record data
85 reply_to_dns (void* cls, uint32_t rd_count,
86 const struct GNUNET_NAMESTORE_RecordData *rd)
92 struct InterceptLookupHandle* ilh = (struct InterceptLookupHandle*)cls;
93 struct GNUNET_DNSPARSER_Packet *packet = ilh->packet;
94 unsigned int num_answers = 0;
98 * Put records in the DNS packet and modify it
101 for (i=0; i < rd_count; i++)
103 if (rd[i].record_type == ilh->query->type)
107 struct GNUNET_DNSPARSER_Record answer_records[num_answers];
108 struct GNUNET_DNSPARSER_Record additional_records[rd_count-(num_answers)];
109 packet->answers = answer_records;
110 packet->additional_records = additional_records;
112 for (i=0; i < rd_count; i++)
114 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
115 "Adding type %d to DNS response\n", rd[i].record_type);
116 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Name: %s\n", ilh->query->name);
117 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Record %d/%d\n", i+1, rd_count);
118 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Record len %d\n", rd[i].data_size);
120 if (rd[i].record_type == ilh->query->type)
122 answer_records[i].name = ilh->query->name;
123 answer_records[i].type = rd[i].record_type;
124 switch(rd[i].record_type)
126 case GNUNET_GNS_RECORD_NS:
127 case GNUNET_GNS_RECORD_CNAME:
128 case GNUNET_GNS_RECORD_PTR:
129 answer_records[i].data.hostname = (char*)rd[i].data;
131 case GNUNET_GNS_RECORD_SOA:
132 answer_records[i].data.soa =
133 (struct GNUNET_DNSPARSER_SoaRecord *)rd[i].data;
135 case GNUNET_GNS_RECORD_MX:
136 answer_records[i].data.mx =
137 (struct GNUNET_DNSPARSER_MxRecord *)rd[i].data;
140 answer_records[i].data.raw.data_len = rd[i].data_size;
141 answer_records[i].data.raw.data = (char*)rd[i].data;
143 GNUNET_break (0 == (rd[i].flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION));
144 answer_records[i].expiration_time.abs_value = rd[i].expiration_time;
145 answer_records[i].class = GNUNET_DNSPARSER_CLASS_INTERNET;//hmmn
149 additional_records[i].name = ilh->query->name;
150 additional_records[i].type = rd[i].record_type;
151 switch(rd[i].record_type)
153 case GNUNET_GNS_RECORD_NS:
154 case GNUNET_GNS_RECORD_CNAME:
155 case GNUNET_GNS_RECORD_PTR:
156 additional_records[i].data.hostname = (char*)rd[i].data;
158 case GNUNET_GNS_RECORD_SOA:
159 additional_records[i].data.soa =
160 (struct GNUNET_DNSPARSER_SoaRecord *)rd[i].data;
162 case GNUNET_GNS_RECORD_MX:
163 additional_records[i].data.mx =
164 (struct GNUNET_DNSPARSER_MxRecord *)rd[i].data;
167 additional_records[i].data.raw.data_len = rd[i].data_size;
168 additional_records[i].data.raw.data = (char*)rd[i].data;
170 GNUNET_break (0 == (rd[i].flags & GNUNET_NAMESTORE_RF_RELATIVE_EXPIRATION));
171 additional_records[i].expiration_time.abs_value = rd[i].expiration_time;
172 additional_records[i].class = GNUNET_DNSPARSER_CLASS_INTERNET;//hmmn
176 packet->num_answers = num_answers;
177 packet->num_additional_records = rd_count-(num_answers);
179 packet->flags.authoritative_answer = 1;
182 packet->flags.return_code = GNUNET_DNSPARSER_RETURN_CODE_NAME_ERROR;
184 packet->flags.return_code = GNUNET_DNSPARSER_RETURN_CODE_NO_ERROR;
186 packet->flags.query_or_response = 1;
192 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
193 "Building DNS response\n");
194 ret = GNUNET_DNSPARSER_pack (packet,
195 1024, /* FIXME magic from dns redirector */
198 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
199 "Built DNS response! (ret=%d,len=%d)\n",
201 if (ret == GNUNET_OK)
203 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
204 "Answering DNS request\n");
205 GNUNET_DNS_request_answer (ilh->request_handle,
210 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
211 "Answered DNS request\n");
215 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
216 "Error building DNS response! (ret=%d)", ret);
219 packet->num_answers = 0;
220 packet->answers = NULL;
221 packet->num_additional_records = 0;
222 packet->additional_records = NULL;
223 GNUNET_DNSPARSER_free_packet(packet);
229 * Entry point for name resolution
230 * Setup a new query and try to resolve
232 * @param request the request handle of the DNS request from a client
233 * @param p the DNS query packet we received
234 * @param q the DNS query we received parsed from p
237 start_resolution_for_dns (struct GNUNET_DNS_RequestHandle *request,
238 struct GNUNET_DNSPARSER_Packet *p,
239 struct GNUNET_DNSPARSER_Query *q)
241 struct InterceptLookupHandle* ilh;
243 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
244 "Starting resolution for %s (type=%d)!\n",
246 ilh = GNUNET_malloc(sizeof(struct InterceptLookupHandle));
249 ilh->request_handle = request;
251 /* Start resolution in our zone */
252 gns_resolver_lookup_record(our_zone, our_zone, q->type, q->name,
254 default_lookup_timeout,
261 * The DNS request handler
262 * Called for every incoming DNS request.
265 * @param rh request handle to user for reply
266 * @param request_length number of bytes in request
267 * @param request udp payload of the DNS request
270 handle_dns_request (void *cls,
271 struct GNUNET_DNS_RequestHandle *rh,
272 size_t request_length,
275 struct GNUNET_DNSPARSER_Packet *p;
277 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
278 "Hijacked a DNS request...processing\n");
279 if (NULL == (p = GNUNET_DNSPARSER_parse (request, request_length)))
281 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
282 "Received malformed DNS packet, leaving it untouched\n");
283 GNUNET_DNS_request_forward (rh);
284 GNUNET_DNSPARSER_free_packet (p);
289 * Check tld and decide if we or
290 * legacy dns is responsible
292 * FIXME now in theory there could be more than 1 query in the request
293 * but if this is case we get into trouble:
294 * either we query the GNS or the DNS. We cannot do both!
295 * So I suggest to either only allow a single query per request or
296 * only allow GNS or DNS requests.
297 * The way it is implemented here now is buggy and will lead to erratic
298 * behaviour (if multiple queries are present).
300 if (0 == p->num_queries)
302 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
303 "No Queries in DNS packet... forwarding\n");
304 GNUNET_DNS_request_forward (rh);
305 GNUNET_DNSPARSER_free_packet(p);
310 * Check for .gads/.zkey
313 if ((is_gads_tld(p->queries[0].name) == GNUNET_YES) ||
314 (is_zkey_tld(p->queries[0].name) == GNUNET_YES) ||
315 (strcmp(p->queries[0].name, GNUNET_GNS_TLD) == 0))
317 if (p->num_queries > 1)
319 /* Note: We could also look for .gads */
320 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
321 ">1 queriy in DNS packet... odd. We only process #1\n");
323 start_resolution_for_dns (rh, p, p->queries);
327 * This request does not concern us. Forward to real DNS.
329 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
330 "Request for %s is forwarded to DNS\n",
332 GNUNET_DNS_request_forward (rh);
333 GNUNET_DNSPARSER_free_packet (p);
338 * Initialized the interceptor
340 * @param zone the zone to work in
341 * @param key the prov key of the zone (can be null, needed for caching)
342 * @param c the configuration
343 * @return GNUNET_OK on success
346 gns_interceptor_init (struct GNUNET_CRYPTO_ShortHashCode zone,
347 struct GNUNET_CRYPTO_RsaPrivateKey *key,
348 const struct GNUNET_CONFIGURATION_Handle *c)
350 GNUNET_log(GNUNET_ERROR_TYPE_INFO,
351 "DNS hijacking enabled... connecting to service.\n");
355 * Do gnunet dns init here
357 dns_handle = GNUNET_DNS_connect (c,
358 GNUNET_DNS_FLAG_PRE_RESOLUTION,
359 &handle_dns_request, /* rh */
363 GNUNET_CONFIGURATION_get_value_time (c, "gns",
364 "DEFAULT_LOOKUP_TIMEOUT",
365 &default_lookup_timeout))
366 default_lookup_timeout = GNUNET_TIME_UNIT_ZERO;
367 if (NULL == dns_handle)
369 GNUNET_log(GNUNET_ERROR_TYPE_ERROR,
370 "Failed to connect to the dnsservice!\n");
371 return GNUNET_SYSERR;
378 * Disconnect from interceptor
381 gns_interceptor_stop ()
383 if (NULL != dns_handle)
385 GNUNET_DNS_disconnect(dns_handle);
390 /* end of gns_interceptor.c */