2 This file is part of GNUnet.
3 (C) 2009 Christian Grothoff (and other contributing authors)
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file vpn/gnunet-service-dns.c
23 * @author Philipp Toelke
26 #include "gnunet_getopt_lib.h"
27 #include "gnunet_service_lib.h"
28 #include "gnunet_network_lib.h"
29 #include "gnunet_os_lib.h"
30 #include "gnunet-service-dns-p.h"
31 #include "gnunet_protocols.h"
32 #include "gnunet-vpn-packet.h"
33 #include "gnunet-vpn-pretty-print.h"
34 #include "gnunet_container_lib.h"
35 #include "gnunet-dns-parser.h"
36 #include "gnunet_dht_service.h"
37 #include "gnunet_block_lib.h"
38 #include "block_dns.h"
39 #include "gnunet_crypto_lib.h"
40 #include "gnunet_signatures.h"
43 struct GNUNET_SCHEDULER_Handle *sched;
45 struct GNUNET_NETWORK_Handle *dnsout;
47 struct GNUNET_DHT_Handle *dht;
49 unsigned short dnsoutport;
51 const struct GNUNET_CONFIGURATION_Handle *cfg;
53 struct answer_packet_list *head;
54 struct answer_packet_list *tail;
56 static struct dns_cls mycls;
58 struct dns_query_id_state {
60 struct GNUNET_SERVER_Client* client;
62 unsigned remote_ip:32;
63 unsigned local_port:16;
67 static struct dns_query_id_state query_states[65536]; /* This is < 1.5MiB */
69 void hijack(unsigned short port) {
72 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Hijacking, port is %d\n", port);
73 snprintf(port_s, 6, "%d", port);
74 GNUNET_OS_start_process(NULL, NULL, "gnunet-helper-hijack-dns", "gnunet-hijack-dns", port_s, NULL);
77 void unhijack(unsigned short port) {
80 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "unHijacking, port is %d\n", port);
81 snprintf(port_s, 6, "%d", port);
82 GNUNET_OS_start_process(NULL, NULL, "gnunet-helper-hijack-dns", "gnunet-hijack-dns", "-d", port_s, NULL);
85 size_t send_answer(void* cls, size_t size, void* buf);
87 struct receive_dht_cls {
89 struct GNUNET_DHT_GetHandle* handle;
92 void receive_dht(void *cls,
93 struct GNUNET_TIME_Absolute exp,
94 const GNUNET_HashCode *key,
95 const struct GNUNET_PeerIdentity *const *get_path,
96 const struct GNUNET_PeerIdentity *const *put_path,
97 enum GNUNET_BLOCK_Type type,
101 unsigned short id = ((struct receive_dht_cls*)cls)->id;
102 struct GNUNET_DHT_GetHandle* handle = ((struct receive_dht_cls*)cls)->handle;
105 GNUNET_assert(type == GNUNET_BLOCK_TYPE_DNS);
107 if (query_states[id].valid != GNUNET_YES) return;
108 query_states[id].valid = GNUNET_NO;
110 const struct GNUNET_DNS_Record* rec = data;
111 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Got block of size %d, peer: %08x, desc: %08x\n", size, *((unsigned int*)&rec->peer), *((unsigned int*)&rec->service_descriptor));
113 size_t len = sizeof(struct answer_packet) - 1 \
114 + sizeof(struct dns_static) \
115 + query_states[id].namelen \
116 + sizeof(struct dns_query_line) \
117 + 2 /* To hold the pointer to the name */ \
118 + sizeof(struct dns_record_line) - 1 \
121 struct answer_packet_list* answer = GNUNET_malloc(len + 2*sizeof(struct answer_packet_list*));
122 memset(answer, 0, len + 2*sizeof(struct answer_packet_list*));
124 answer->pkt.hdr.type = htons(GNUNET_MESSAGE_TYPE_LOCAL_RESPONSE_DNS);
125 answer->pkt.hdr.size = htons(len);
126 answer->pkt.subtype = GNUNET_DNS_ANSWER_TYPE_SERVICE;
128 GNUNET_CRYPTO_hash(&rec->peer, sizeof(struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded), &answer->pkt.peer);
129 memcpy(&answer->pkt.service_descriptor, &rec->service_descriptor, sizeof(GNUNET_HashCode));
130 memcpy(&answer->pkt.service_type, &rec->service_type, sizeof(answer->pkt.service_type));
131 memcpy(&answer->pkt.ports, &rec->ports, sizeof(answer->pkt.ports));
133 answer->pkt.from = query_states[id].remote_ip;
135 answer->pkt.to = query_states[id].local_ip;
136 answer->pkt.dst_port = query_states[id].local_port;
138 struct dns_pkt *dpkt = (struct dns_pkt*)answer->pkt.data;
144 dpkt->s.qdcount = htons(1);
145 dpkt->s.ancount = htons(1);
147 memcpy(dpkt->data, query_states[id].name, query_states[id].namelen);
148 GNUNET_free(query_states[id].name);
151 struct dns_query_line* dque = (struct dns_query_line*)(dpkt->data+(query_states[id].namelen));
152 dque->type = htons(28);
153 dque->class = htons(1);
155 char* anname = (char*)(dpkt->data+(query_states[id].namelen)+sizeof(struct dns_query_line));
156 memcpy(anname, (char[]){0xc0, 0x0c}, 2);
158 struct dns_record_line *drec_data = (struct dns_record_line*)(dpkt->data+(query_states[id].namelen)+sizeof(struct dns_query_line)+2);
159 drec_data->type = htons(28); /* AAAA */
160 drec_data->class = htons(1); /* IN */
161 drec_data->ttl = htonl(3600); /* FIXME: read from block */
162 drec_data->data_len = htons(16);
164 answer->pkt.addroffset = htons((unsigned short)((unsigned long)(&drec_data->data)-(unsigned long)(&answer->pkt)));
166 GNUNET_CONTAINER_DLL_insert_after(mycls.head, mycls.tail, mycls.tail, answer);
168 GNUNET_SERVER_notify_transmit_ready(query_states[id].client,
170 GNUNET_TIME_UNIT_FOREVER_REL,
172 query_states[id].client);
174 GNUNET_DHT_get_stop(handle);
178 * This receives a GNUNET_MESSAGE_TYPE_REHIJACK and rehijacks the DNS
180 void rehijack(void *cls, struct GNUNET_SERVER_Client *client, const struct GNUNET_MessageHeader *message) {
181 unhijack(mycls.dnsoutport);
182 hijack(mycls.dnsoutport);
186 * This receives the dns-payload from the daemon-vpn and sends it on over the udp-socket
188 void receive_query(void *cls, struct GNUNET_SERVER_Client *client, const struct GNUNET_MessageHeader *message)
190 struct query_packet* pkt = (struct query_packet*)message;
191 struct dns_pkt* dns = (struct dns_pkt*)pkt->data;
192 struct dns_pkt_parsed* pdns = parse_dns_packet(dns);
194 query_states[dns->s.id].valid = GNUNET_YES;
195 query_states[dns->s.id].client = client;
196 query_states[dns->s.id].local_ip = pkt->orig_from;
197 query_states[dns->s.id].local_port = pkt->src_port;
198 query_states[dns->s.id].remote_ip = pkt->orig_to;
199 query_states[dns->s.id].namelen = strlen((char*)dns->data) + 1;
200 query_states[dns->s.id].name = GNUNET_malloc(query_states[dns->s.id].namelen);
201 memcpy(query_states[dns->s.id].name, dns->data, query_states[dns->s.id].namelen);
203 if (pdns->queries[0]->namelen > 9 &&
204 0 == strncmp(pdns->queries[0]->name+(pdns->queries[0]->namelen - 9), ".gnunet.", 9)) {
206 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Query for .gnunet!\n");
208 GNUNET_CRYPTO_hash(pdns->queries[0]->name, pdns->queries[0]->namelen, &key);
210 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Getting with key %08x, len is %d\n", *((unsigned int*)&key), pdns->queries[0]->namelen);
212 struct receive_dht_cls* cls = GNUNET_malloc(sizeof(struct receive_dht_cls));
215 cls->handle = GNUNET_DHT_get_start(mycls.dht,
216 GNUNET_TIME_UNIT_MINUTES,
217 GNUNET_BLOCK_TYPE_DNS,
230 /* The query should be sent to the network */
233 struct sockaddr_in dest;
234 memset(&dest, 0, sizeof dest);
235 dest.sin_port = htons(53);
236 dest.sin_addr.s_addr = pkt->orig_to;
238 /* int r = */ GNUNET_NETWORK_socket_sendto(mycls.dnsout, dns, ntohs(pkt->hdr.size) - sizeof(struct query_packet) + 1, (struct sockaddr*) &dest, sizeof dest);
241 GNUNET_SERVER_receive_done(client, GNUNET_OK);
244 size_t send_answer(void* cls, size_t size, void* buf) {
245 struct answer_packet_list* query = mycls.head;
246 size_t len = ntohs(query->pkt.hdr.size);
248 GNUNET_assert(len <= size);
250 memcpy(buf, &query->pkt.hdr, len);
252 GNUNET_CONTAINER_DLL_remove (mycls.head, mycls.tail, query);
256 if (mycls.head != NULL) {
257 GNUNET_SERVER_notify_transmit_ready(cls, ntohs(mycls.head->pkt.hdr.size), GNUNET_TIME_UNIT_FOREVER_REL, &send_answer, cls);
263 static void read_response (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc) {
264 unsigned char buf[65536];
265 struct dns_pkt* dns = (struct dns_pkt*)buf;
267 if (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN)
270 struct sockaddr_in addr;
271 memset(&addr, 0, sizeof addr);
272 unsigned int addrlen = sizeof addr;
275 r = GNUNET_NETWORK_socket_recvfrom(mycls.dnsout, buf, 65536, (struct sockaddr*)&addr, &addrlen);
277 /* if (r < 0) TODO */
279 if (query_states[dns->s.id].valid == GNUNET_YES) {
280 query_states[dns->s.id].valid = GNUNET_NO;
282 size_t len = sizeof(struct answer_packet) + r - 1; /* 1 for the unsigned char data[1]; */
283 struct answer_packet_list* answer = GNUNET_malloc(len + 2*sizeof(struct answer_packet_list*));
284 answer->pkt.hdr.type = htons(GNUNET_MESSAGE_TYPE_LOCAL_RESPONSE_DNS);
285 answer->pkt.hdr.size = htons(len);
286 answer->pkt.subtype = GNUNET_DNS_ANSWER_TYPE_IP;
287 answer->pkt.from = addr.sin_addr.s_addr;
288 answer->pkt.to = query_states[dns->s.id].local_ip;
289 answer->pkt.dst_port = query_states[dns->s.id].local_port;
290 memcpy(answer->pkt.data, buf, r);
292 GNUNET_CONTAINER_DLL_insert_after(mycls.head, mycls.tail, mycls.tail, answer);
294 /* struct GNUNET_CONNECTION_TransmitHandle* th = */ GNUNET_SERVER_notify_transmit_ready(query_states[dns->s.id].client, len, GNUNET_TIME_UNIT_FOREVER_REL, &send_answer, query_states[dns->s.id].client);
297 GNUNET_SCHEDULER_add_read_net(mycls.sched, GNUNET_TIME_UNIT_FOREVER_REL, mycls.dnsout, &read_response, NULL);
302 * Task run during shutdown.
308 cleanup_task (void *cls,
309 const struct GNUNET_SCHEDULER_TaskContext *tc)
311 unhijack(mycls.dnsoutport);
312 GNUNET_DHT_disconnect(mycls.dht);
316 publish_name (void *cls,
317 const struct GNUNET_SCHEDULER_TaskContext *tc)
319 if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
322 char* name = "philipptoelke.gnunet.";
323 size_t size = sizeof(struct GNUNET_DNS_Record);
324 struct GNUNET_DNS_Record data;
325 memset(&data, 0, size);
327 data.purpose.size = htonl(size - sizeof(struct GNUNET_CRYPTO_RsaSignature));
328 data.purpose.purpose = GNUNET_SIGNATURE_PURPOSE_DNS_RECORD;
330 GNUNET_CRYPTO_hash(name, strlen(name)+1, &data.service_descriptor);
333 if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename(mycls.cfg, "GNUNETD",
334 "HOSTKEY", &keyfile))
336 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "could not read keyfile-value\n");
337 if (keyfile != NULL) GNUNET_free(keyfile);
341 struct GNUNET_CRYPTO_RsaPrivateKey *my_private_key = GNUNET_CRYPTO_rsa_key_create_from_file(keyfile);
342 GNUNET_free(keyfile);
344 GNUNET_CRYPTO_rsa_key_get_public(my_private_key, &data.peer);
346 data.expiration_time = GNUNET_TIME_relative_to_absolute(GNUNET_TIME_UNIT_HOURS);
351 if (GNUNET_OK != GNUNET_CRYPTO_rsa_sign(my_private_key,
355 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "could not sign DNS_Record\n");
358 GNUNET_free(my_private_key);
360 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Putting with key %08x\n", *((unsigned int*)&data.service_descriptor));
362 GNUNET_DHT_put(mycls.dht,
363 &data.service_descriptor,
365 GNUNET_BLOCK_TYPE_DNS,
368 GNUNET_TIME_relative_to_absolute(GNUNET_TIME_UNIT_HOURS),
369 GNUNET_TIME_UNIT_MINUTES,
373 GNUNET_SCHEDULER_add_delayed (mycls.sched, GNUNET_TIME_UNIT_HOURS, publish_name, NULL);
378 * @param sched scheduler to use
379 * @param server the initialized server
380 * @param cfg configuration to use
384 struct GNUNET_SCHEDULER_Handle *sched,
385 struct GNUNET_SERVER_Handle *server,
386 const struct GNUNET_CONFIGURATION_Handle *cfg)
388 static const struct GNUNET_SERVER_MessageHandler handlers[] = {
389 /* callback, cls, type, size */
390 {&receive_query, NULL, GNUNET_MESSAGE_TYPE_LOCAL_QUERY_DNS, 0},
391 {&rehijack, NULL, GNUNET_MESSAGE_TYPE_REHIJACK, sizeof(struct GNUNET_MessageHeader)},
399 for (i = 0; i < 65536; i++) {
400 query_states[i].valid = GNUNET_NO;
404 mycls.dht = GNUNET_DHT_connect(sched, cfg, 1024);
406 struct sockaddr_in addr;
409 mycls.dnsout = GNUNET_NETWORK_socket_create (AF_INET, SOCK_DGRAM, 0);
410 if (mycls.dnsout == NULL)
412 memset(&addr, 0, sizeof(struct sockaddr_in));
414 int err = GNUNET_NETWORK_socket_bind (mycls.dnsout,
415 (struct sockaddr*)&addr,
416 sizeof(struct sockaddr_in));
418 if (err != GNUNET_YES) {
419 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "Could not bind a port, exiting\n");
422 socklen_t addrlen = sizeof(struct sockaddr_in);
423 err = getsockname(GNUNET_NETWORK_get_fd(mycls.dnsout),
424 (struct sockaddr*) &addr,
427 mycls.dnsoutport = htons(addr.sin_port);
429 hijack(htons(addr.sin_port));
431 GNUNET_SCHEDULER_add_now (mycls.sched, publish_name, NULL);
433 GNUNET_SCHEDULER_add_read_net(sched, GNUNET_TIME_UNIT_FOREVER_REL, mycls.dnsout, &read_response, NULL);
435 GNUNET_SERVER_add_handlers (server, handlers);
436 GNUNET_SCHEDULER_add_delayed (sched,
437 GNUNET_TIME_UNIT_FOREVER_REL,
443 * The main function for the dns service.
445 * @param argc number of arguments from the command line
446 * @param argv command line arguments
447 * @return 0 ok, 1 on error
450 main (int argc, char *const *argv)
453 GNUNET_SERVICE_run (argc,
456 GNUNET_SERVICE_OPTION_NONE,
457 &run, NULL)) ? 0 : 1;
projects / oweals / gnunet.git / blob