diff options
author | Bertrand Marc <beberking@gmail.com> | 2013-08-03 13:07:32 +0200 |
---|---|---|
committer | Bertrand Marc <beberking@gmail.com> | 2013-08-03 13:07:32 +0200 |
commit | 1ae32bc989973c2e8909c3b085d34b2454f92d1e (patch) | |
tree | dfde89b41437def7ce23af24db53a11a9b5f1075 /src/dns | |
parent | 740b30688bd745a527f96f9116c19acb3480971a (diff) |
Imported Upstream version 0.9.5a
Diffstat (limited to 'src/dns')
-rw-r--r-- | src/dns/Makefile.am | 28 | ||||
-rw-r--r-- | src/dns/Makefile.in | 269 | ||||
-rw-r--r-- | src/dns/dns.conf.in | 11 | ||||
-rw-r--r-- | src/dns/dnsparser.c | 302 | ||||
-rw-r--r-- | src/dns/dnsparser.h | 195 | ||||
-rw-r--r-- | src/dns/dnsstub.c | 561 | ||||
-rw-r--r-- | src/dns/gnunet-dns-monitor.c | 35 | ||||
-rw-r--r-- | src/dns/gnunet-dns-redirector.c | 16 | ||||
-rw-r--r-- | src/dns/gnunet-helper-dns.c | 88 | ||||
-rw-r--r-- | src/dns/gnunet-service-dns.c | 758 | ||||
-rw-r--r-- | src/dns/plugin_block_dns.c | 6 | ||||
-rwxr-xr-x | src/dns/test_gnunet_dns.sh | 30 |
12 files changed, 1479 insertions, 820 deletions
diff --git a/src/dns/Makefile.am b/src/dns/Makefile.am index ed000aa..345c131 100644 --- a/src/dns/Makefile.am +++ b/src/dns/Makefile.am @@ -10,6 +10,8 @@ endif pkgcfgdir= $(pkgdatadir)/config.d/ +libexecdir= $(pkglibdir)/libexec/ + plugindir = $(libdir)/gnunet pkgcfg_DATA = \ @@ -18,20 +20,17 @@ pkgcfg_DATA = \ if LINUX HIJACKBIN = gnunet-helper-dns install-exec-hook: - $(SUDO_BINARY) chown root $(bindir)/gnunet-helper-dns || true - $(SUDO_BINARY) chgrp $(GNUNETDNS_GROUP) $(bindir)/gnunet-helper-dns || true - $(SUDO_BINARY) chmod 4750 $(bindir)/gnunet-helper-dns || true - $(SUDO_BINARY) chown gnunet:$(GNUNETDNS_GROUP) $(bindir)/gnunet-service-dns || true - $(SUDO_BINARY) chmod 2750 $(bindir)/gnunet-service-dns || true + $(top_srcdir)/src/dns/install-dns-helper.sh $(libexecdir) $(GNUNETDNS_GROUP) $(SUDO_BINARY) || true else install-exec-hook: endif lib_LTLIBRARIES = \ libgnunetdnsparser.la \ + libgnunetdnsstub.la \ libgnunetdns.la -bin_PROGRAMS = \ +libexec_PROGRAMS = \ gnunet-service-dns $(HIJACKBIN) noinst_PROGRAMS = \ @@ -74,18 +73,29 @@ gnunet_dns_redirector_DEPENDENCIES = \ gnunet_service_dns_SOURCES = \ gnunet-service-dns.c gnunet_service_dns_LDADD = \ + $(top_builddir)/src/dns/libgnunetdnsstub.la \ $(top_builddir)/src/tun/libgnunettun.la \ - $(top_builddir)/src/mesh/libgnunetmesh.la \ $(top_builddir)/src/statistics/libgnunetstatistics.la \ $(top_builddir)/src/util/libgnunetutil.la \ $(GN_LIBINTL) +gnunet_service_dns_DEPENDENCIES = \ + libgnunetdnsstub.la libgnunetdnsparser_la_SOURCES = \ - dnsparser.c + dnsparser.c dnsparser.h libgnunetdnsparser_la_LIBADD = \ - $(top_builddir)/src/util/libgnunetutil.la $(XLIB) + $(top_builddir)/src/util/libgnunetutil.la $(XLIB) \ + -lidn libgnunetdnsparser_la_LDFLAGS = \ $(GN_LIB_LDFLAGS) \ + -version-info 1:0:1 + +libgnunetdnsstub_la_SOURCES = \ + dnsstub.c +libgnunetdnsstub_la_LIBADD = \ + $(top_builddir)/src/util/libgnunetutil.la $(XLIB) +libgnunetdnsstub_la_LDFLAGS = \ + $(GN_LIB_LDFLAGS) \ -version-info 0:0:0 libgnunetdns_la_SOURCES = \ diff --git a/src/dns/Makefile.in b/src/dns/Makefile.in index 3a717ab..5047c5c 100644 --- a/src/dns/Makefile.in +++ b/src/dns/Makefile.in @@ -1,9 +1,9 @@ -# Makefile.in generated by automake 1.11.1 from Makefile.am. +# Makefile.in generated by automake 1.11.6 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, -# Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software +# Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -18,6 +18,23 @@ VPATH = @srcdir@ +am__make_dryrun = \ + { \ + am__dry=no; \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ + | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ + *) \ + for am__flg in $$MAKEFLAGS; do \ + case $$am__flg in \ + *=*|--*) ;; \ + *n*) am__dry=yes; break;; \ + esac; \ + done;; \ + esac; \ + test $$am__dry = yes; \ + } pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -37,7 +54,7 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ target_triplet = @target@ -bin_PROGRAMS = gnunet-service-dns$(EXEEXT) $(am__EXEEXT_1) +libexec_PROGRAMS = gnunet-service-dns$(EXEEXT) $(am__EXEEXT_1) noinst_PROGRAMS = gnunet-dns-monitor$(EXEEXT) \ gnunet-dns-redirector$(EXEEXT) @ENABLE_TEST_RUN_TRUE@TESTS = $(check_SCRIPTS) @@ -47,14 +64,15 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/absolute-header.m4 \ $(top_srcdir)/m4/align.m4 $(top_srcdir)/m4/argz.m4 \ - $(top_srcdir)/m4/gettext.m4 $(top_srcdir)/m4/iconv.m4 \ - $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \ - $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libcurl.m4 \ - $(top_srcdir)/m4/libgcrypt.m4 $(top_srcdir)/m4/libtool.m4 \ - $(top_srcdir)/m4/libunistring.m4 $(top_srcdir)/m4/ltdl.m4 \ - $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ - $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \ + $(top_srcdir)/m4/gettext.m4 $(top_srcdir)/m4/glib-2.0.m4 \ + $(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \ + $(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \ + $(top_srcdir)/m4/libcurl.m4 $(top_srcdir)/m4/libgcrypt.m4 \ + $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/libunistring.m4 \ + $(top_srcdir)/m4/ltdl.m4 $(top_srcdir)/m4/ltoptions.m4 \ + $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ + $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/nls.m4 \ + $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/m4/po.m4 \ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \ $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ @@ -84,16 +102,22 @@ am__nobase_list = $(am__nobase_strip_setup); \ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(plugindir)" \ - "$(DESTDIR)$(bindir)" "$(DESTDIR)$(pkgcfgdir)" + "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(pkgcfgdir)" LTLIBRARIES = $(lib_LTLIBRARIES) $(plugin_LTLIBRARIES) libgnunet_plugin_block_dns_la_DEPENDENCIES = \ $(top_builddir)/src/util/libgnunetutil.la am_libgnunet_plugin_block_dns_la_OBJECTS = plugin_block_dns.lo libgnunet_plugin_block_dns_la_OBJECTS = \ $(am_libgnunet_plugin_block_dns_la_OBJECTS) -AM_V_lt = $(am__v_lt_$(V)) -am__v_lt_ = $(am__v_lt_$(AM_DEFAULT_VERBOSITY)) +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent libgnunet_plugin_block_dns_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ @@ -115,8 +139,16 @@ libgnunetdnsparser_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ $(AM_CFLAGS) $(CFLAGS) $(libgnunetdnsparser_la_LDFLAGS) \ $(LDFLAGS) -o $@ +libgnunetdnsstub_la_DEPENDENCIES = \ + $(top_builddir)/src/util/libgnunetutil.la +am_libgnunetdnsstub_la_OBJECTS = dnsstub.lo +libgnunetdnsstub_la_OBJECTS = $(am_libgnunetdnsstub_la_OBJECTS) +libgnunetdnsstub_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(libgnunetdnsstub_la_LDFLAGS) \ + $(LDFLAGS) -o $@ @LINUX_TRUE@am__EXEEXT_1 = gnunet-helper-dns$(EXEEXT) -PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) +PROGRAMS = $(libexec_PROGRAMS) $(noinst_PROGRAMS) am_gnunet_dns_monitor_OBJECTS = gnunet-dns-monitor.$(OBJEXT) gnunet_dns_monitor_OBJECTS = $(am_gnunet_dns_monitor_OBJECTS) am__DEPENDENCIES_1 = @@ -127,12 +159,6 @@ gnunet_helper_dns_OBJECTS = $(am_gnunet_helper_dns_OBJECTS) gnunet_helper_dns_LDADD = $(LDADD) am_gnunet_service_dns_OBJECTS = gnunet-service-dns.$(OBJEXT) gnunet_service_dns_OBJECTS = $(am_gnunet_service_dns_OBJECTS) -gnunet_service_dns_DEPENDENCIES = \ - $(top_builddir)/src/tun/libgnunettun.la \ - $(top_builddir)/src/mesh/libgnunetmesh.la \ - $(top_builddir)/src/statistics/libgnunetstatistics.la \ - $(top_builddir)/src/util/libgnunetutil.la \ - $(am__DEPENDENCIES_1) DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -143,30 +169,37 @@ LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ $(AM_CFLAGS) $(CFLAGS) -AM_V_CC = $(am__v_CC_$(V)) -am__v_CC_ = $(am__v_CC_$(AM_DEFAULT_VERBOSITY)) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) am__v_CC_0 = @echo " CC " $@; -AM_V_at = $(am__v_at_$(V)) -am__v_at_ = $(am__v_at_$(AM_DEFAULT_VERBOSITY)) +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ CCLD = $(CC) LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(AM_LDFLAGS) $(LDFLAGS) -o $@ -AM_V_CCLD = $(am__v_CCLD_$(V)) -am__v_CCLD_ = $(am__v_CCLD_$(AM_DEFAULT_VERBOSITY)) +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; -AM_V_GEN = $(am__v_GEN_$(V)) -am__v_GEN_ = $(am__v_GEN_$(AM_DEFAULT_VERBOSITY)) +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; SOURCES = $(libgnunet_plugin_block_dns_la_SOURCES) \ $(libgnunetdns_la_SOURCES) $(libgnunetdnsparser_la_SOURCES) \ - $(gnunet_dns_monitor_SOURCES) $(gnunet_dns_redirector_SOURCES) \ - $(gnunet_helper_dns_SOURCES) $(gnunet_service_dns_SOURCES) + $(libgnunetdnsstub_la_SOURCES) $(gnunet_dns_monitor_SOURCES) \ + $(gnunet_dns_redirector_SOURCES) $(gnunet_helper_dns_SOURCES) \ + $(gnunet_service_dns_SOURCES) DIST_SOURCES = $(libgnunet_plugin_block_dns_la_SOURCES) \ $(libgnunetdns_la_SOURCES) $(libgnunetdnsparser_la_SOURCES) \ - $(gnunet_dns_monitor_SOURCES) $(gnunet_dns_redirector_SOURCES) \ - $(gnunet_helper_dns_SOURCES) $(gnunet_service_dns_SOURCES) + $(libgnunetdnsstub_la_SOURCES) $(gnunet_dns_monitor_SOURCES) \ + $(gnunet_dns_redirector_SOURCES) $(gnunet_helper_dns_SOURCES) \ + $(gnunet_service_dns_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac DATA = $(pkgcfg_DATA) ETAGS = etags CTAGS = ctags @@ -208,6 +241,10 @@ EXEEXT = @EXEEXT@ EXT_LIBS = @EXT_LIBS@ EXT_LIB_PATH = @EXT_LIB_PATH@ FGREP = @FGREP@ +GLIB_CFLAGS = @GLIB_CFLAGS@ +GLIB_GENMARSHAL = @GLIB_GENMARSHAL@ +GLIB_LIBS = @GLIB_LIBS@ +GLIB_MKENUMS = @GLIB_MKENUMS@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GNUNETDNS_GROUP = @GNUNETDNS_GROUP@ @@ -218,6 +255,7 @@ GN_LIBINTL = @GN_LIBINTL@ GN_LIB_LDFLAGS = @GN_LIB_LDFLAGS@ GN_PLUGIN_LDFLAGS = @GN_PLUGIN_LDFLAGS@ GN_USER_HOME_DIR = @GN_USER_HOME_DIR@ +GOBJECT_QUERY = @GOBJECT_QUERY@ GREP = @GREP@ HAVE_LIBUNISTRING = @HAVE_LIBUNISTRING@ INCLTDL = @INCLTDL@ @@ -240,6 +278,8 @@ LIBCURL_CPPFLAGS = @LIBCURL_CPPFLAGS@ LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ +LIBGTOP_CFLAGS = @LIBGTOP_CFLAGS@ +LIBGTOP_LIBS = @LIBGTOP_LIBS@ LIBICONV = @LIBICONV@ LIBINTL = @LIBINTL@ LIBLTDL = @LIBLTDL@ @@ -261,6 +301,7 @@ LT_CONFIG_H = @LT_CONFIG_H@ LT_DLLOADERS = @LT_DLLOADERS@ LT_DLPREOPEN = @LT_DLPREOPEN@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ MONKEYPREFIX = @MONKEYPREFIX@ MSGFMT = @MSGFMT@ @@ -270,6 +311,7 @@ MYSQL_CPPFLAGS = @MYSQL_CPPFLAGS@ MYSQL_LDFLAGS = @MYSQL_LDFLAGS@ NM = @NM@ NMEDIT = @NMEDIT@ +NSS_DIR = @NSS_DIR@ OBJC = @OBJC@ OBJCDEPMODE = @OBJCDEPMODE@ OBJCFLAGS = @OBJCFLAGS@ @@ -285,6 +327,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ POSTGRES_CPPFLAGS = @POSTGRES_CPPFLAGS@ POSTGRES_LDFLAGS = @POSTGRES_LDFLAGS@ POSUB = @POSUB@ @@ -316,6 +359,7 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ @@ -338,6 +382,7 @@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ +gitcommand = @gitcommand@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -348,10 +393,9 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ -libexecdir = @libexecdir@ +libexecdir = $(pkglibdir)/libexec/ localedir = @localedir@ localstatedir = @localstatedir@ -lt_ECHO = @lt_ECHO@ ltdl_LIBOBJS = @ltdl_LIBOBJS@ ltdl_LTLIBOBJS = @ltdl_LTLIBOBJS@ mandir = @mandir@ @@ -369,6 +413,7 @@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ subdirs = @subdirs@ +svnversioncommand = @svnversioncommand@ sys_symbol_underscore = @sys_symbol_underscore@ sysconfdir = @sysconfdir@ target = @target@ @@ -390,6 +435,7 @@ pkgcfg_DATA = \ @LINUX_TRUE@HIJACKBIN = gnunet-helper-dns lib_LTLIBRARIES = \ libgnunetdnsparser.la \ + libgnunetdnsstub.la \ libgnunetdns.la plugin_LTLIBRARIES = \ @@ -431,20 +477,34 @@ gnunet_service_dns_SOURCES = \ gnunet-service-dns.c gnunet_service_dns_LDADD = \ + $(top_builddir)/src/dns/libgnunetdnsstub.la \ $(top_builddir)/src/tun/libgnunettun.la \ - $(top_builddir)/src/mesh/libgnunetmesh.la \ $(top_builddir)/src/statistics/libgnunetstatistics.la \ $(top_builddir)/src/util/libgnunetutil.la \ $(GN_LIBINTL) +gnunet_service_dns_DEPENDENCIES = \ + libgnunetdnsstub.la + libgnunetdnsparser_la_SOURCES = \ - dnsparser.c + dnsparser.c dnsparser.h libgnunetdnsparser_la_LIBADD = \ - $(top_builddir)/src/util/libgnunetutil.la $(XLIB) + $(top_builddir)/src/util/libgnunetutil.la $(XLIB) \ + -lidn libgnunetdnsparser_la_LDFLAGS = \ $(GN_LIB_LDFLAGS) \ + -version-info 1:0:1 + +libgnunetdnsstub_la_SOURCES = \ + dnsstub.c + +libgnunetdnsstub_la_LIBADD = \ + $(top_builddir)/src/util/libgnunetutil.la $(XLIB) + +libgnunetdnsstub_la_LDFLAGS = \ + $(GN_LIB_LDFLAGS) \ -version-info 0:0:0 libgnunetdns_la_SOURCES = \ @@ -507,7 +567,6 @@ dns.conf: $(top_builddir)/config.status $(srcdir)/dns.conf.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ list2=; for p in $$list; do \ if test -f $$p; then \ @@ -515,6 +574,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) else :; fi; \ done; \ test -z "$$list2" || { \ + echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ } @@ -538,7 +599,6 @@ clean-libLTLIBRARIES: done install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) - test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ list2=; for p in $$list; do \ if test -f $$p; then \ @@ -546,6 +606,8 @@ install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) else :; fi; \ done; \ test -z "$$list2" || { \ + echo " $(MKDIR_P) '$(DESTDIR)$(plugindir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(plugindir)" || exit 1; \ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \ } @@ -567,16 +629,21 @@ clean-pluginLTLIBRARIES: echo "rm -f \"$${dir}/so_locations\""; \ rm -f "$${dir}/so_locations"; \ done -libgnunet_plugin_block_dns.la: $(libgnunet_plugin_block_dns_la_OBJECTS) $(libgnunet_plugin_block_dns_la_DEPENDENCIES) +libgnunet_plugin_block_dns.la: $(libgnunet_plugin_block_dns_la_OBJECTS) $(libgnunet_plugin_block_dns_la_DEPENDENCIES) $(EXTRA_libgnunet_plugin_block_dns_la_DEPENDENCIES) $(AM_V_CCLD)$(libgnunet_plugin_block_dns_la_LINK) -rpath $(plugindir) $(libgnunet_plugin_block_dns_la_OBJECTS) $(libgnunet_plugin_block_dns_la_LIBADD) $(LIBS) -libgnunetdns.la: $(libgnunetdns_la_OBJECTS) $(libgnunetdns_la_DEPENDENCIES) +libgnunetdns.la: $(libgnunetdns_la_OBJECTS) $(libgnunetdns_la_DEPENDENCIES) $(EXTRA_libgnunetdns_la_DEPENDENCIES) $(AM_V_CCLD)$(libgnunetdns_la_LINK) -rpath $(libdir) $(libgnunetdns_la_OBJECTS) $(libgnunetdns_la_LIBADD) $(LIBS) -libgnunetdnsparser.la: $(libgnunetdnsparser_la_OBJECTS) $(libgnunetdnsparser_la_DEPENDENCIES) +libgnunetdnsparser.la: $(libgnunetdnsparser_la_OBJECTS) $(libgnunetdnsparser_la_DEPENDENCIES) $(EXTRA_libgnunetdnsparser_la_DEPENDENCIES) $(AM_V_CCLD)$(libgnunetdnsparser_la_LINK) -rpath $(libdir) $(libgnunetdnsparser_la_OBJECTS) $(libgnunetdnsparser_la_LIBADD) $(LIBS) -install-binPROGRAMS: $(bin_PROGRAMS) +libgnunetdnsstub.la: $(libgnunetdnsstub_la_OBJECTS) $(libgnunetdnsstub_la_DEPENDENCIES) $(EXTRA_libgnunetdnsstub_la_DEPENDENCIES) + $(AM_V_CCLD)$(libgnunetdnsstub_la_LINK) -rpath $(libdir) $(libgnunetdnsstub_la_OBJECTS) $(libgnunetdnsstub_la_LIBADD) $(LIBS) +install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(libexecdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(libexecdir)" || exit 1; \ + fi; \ for p in $$list; do echo "$$p $$p"; done | \ sed 's/$(EXEEXT)$$//' | \ while read p p1; do if test -f $$p || test -f $$p1; \ @@ -593,23 +660,23 @@ install-binPROGRAMS: $(bin_PROGRAMS) while read type dir files; do \ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ test -z "$$files" || { \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ } \ ; done -uninstall-binPROGRAMS: +uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ files=`for p in $$list; do echo "$$p"; done | \ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ -e 's/$$/$(EXEEXT)/' `; \ test -n "$$list" || exit 0; \ - echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ - cd "$(DESTDIR)$(bindir)" && rm -f $$files + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ +clean-libexecPROGRAMS: + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ echo " rm -f" $$list; \ rm -f $$list || exit $$?; \ test -n "$(EXEEXT)" || exit 0; \ @@ -625,16 +692,16 @@ clean-noinstPROGRAMS: list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ echo " rm -f" $$list; \ rm -f $$list -gnunet-dns-monitor$(EXEEXT): $(gnunet_dns_monitor_OBJECTS) $(gnunet_dns_monitor_DEPENDENCIES) +gnunet-dns-monitor$(EXEEXT): $(gnunet_dns_monitor_OBJECTS) $(gnunet_dns_monitor_DEPENDENCIES) $(EXTRA_gnunet_dns_monitor_DEPENDENCIES) @rm -f gnunet-dns-monitor$(EXEEXT) $(AM_V_CCLD)$(LINK) $(gnunet_dns_monitor_OBJECTS) $(gnunet_dns_monitor_LDADD) $(LIBS) -gnunet-dns-redirector$(EXEEXT): $(gnunet_dns_redirector_OBJECTS) $(gnunet_dns_redirector_DEPENDENCIES) +gnunet-dns-redirector$(EXEEXT): $(gnunet_dns_redirector_OBJECTS) $(gnunet_dns_redirector_DEPENDENCIES) $(EXTRA_gnunet_dns_redirector_DEPENDENCIES) @rm -f gnunet-dns-redirector$(EXEEXT) $(AM_V_CCLD)$(LINK) $(gnunet_dns_redirector_OBJECTS) $(gnunet_dns_redirector_LDADD) $(LIBS) -gnunet-helper-dns$(EXEEXT): $(gnunet_helper_dns_OBJECTS) $(gnunet_helper_dns_DEPENDENCIES) +gnunet-helper-dns$(EXEEXT): $(gnunet_helper_dns_OBJECTS) $(gnunet_helper_dns_DEPENDENCIES) $(EXTRA_gnunet_helper_dns_DEPENDENCIES) @rm -f gnunet-helper-dns$(EXEEXT) $(AM_V_CCLD)$(LINK) $(gnunet_helper_dns_OBJECTS) $(gnunet_helper_dns_LDADD) $(LIBS) -gnunet-service-dns$(EXEEXT): $(gnunet_service_dns_OBJECTS) $(gnunet_service_dns_DEPENDENCIES) +gnunet-service-dns$(EXEEXT): $(gnunet_service_dns_OBJECTS) $(gnunet_service_dns_DEPENDENCIES) $(EXTRA_gnunet_service_dns_DEPENDENCIES) @rm -f gnunet-service-dns$(EXEEXT) $(AM_V_CCLD)$(LINK) $(gnunet_service_dns_OBJECTS) $(gnunet_service_dns_LDADD) $(LIBS) @@ -646,6 +713,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dns_api.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dnsparser.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dnsstub.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gnunet-dns-monitor.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gnunet-dns-redirector.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gnunet-helper-dns.Po@am__quote@ @@ -655,26 +723,23 @@ distclean-compile: .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo @@ -683,8 +748,11 @@ clean-libtool: -rm -rf .libs _libs install-pkgcfgDATA: $(pkgcfg_DATA) @$(NORMAL_INSTALL) - test -z "$(pkgcfgdir)" || $(MKDIR_P) "$(DESTDIR)$(pkgcfgdir)" @list='$(pkgcfg_DATA)'; test -n "$(pkgcfgdir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(pkgcfgdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(pkgcfgdir)" || exit 1; \ + fi; \ for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ echo "$$d$$p"; \ @@ -698,9 +766,7 @@ uninstall-pkgcfgDATA: @$(NORMAL_UNINSTALL) @list='$(pkgcfg_DATA)'; test -n "$(pkgcfgdir)" || list=; \ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ - test -n "$$files" || exit 0; \ - echo " ( cd '$(DESTDIR)$(pkgcfgdir)' && rm -f" $$files ")"; \ - cd "$(DESTDIR)$(pkgcfgdir)" && rm -f $$files + dir='$(DESTDIR)$(pkgcfgdir)'; $(am__uninstall_files_from_dir) ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ @@ -835,14 +901,15 @@ check-TESTS: $(TESTS) fi; \ dashes=`echo "$$dashes" | sed s/./=/g`; \ if test "$$failed" -eq 0; then \ - echo "$$grn$$dashes"; \ + col="$$grn"; \ else \ - echo "$$red$$dashes"; \ + col="$$red"; \ fi; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes$$std"; \ + echo "$${col}$$dashes$${std}"; \ + echo "$${col}$$banner$${std}"; \ + test -z "$$skipped" || echo "$${col}$$skipped$${std}"; \ + test -z "$$report" || echo "$${col}$$report$${std}"; \ + echo "$${col}$$dashes$${std}"; \ test "$$failed" -eq 0; \ else :; fi @@ -881,10 +948,8 @@ check-am: all-am $(MAKE) $(AM_MAKEFLAGS) check-TESTS check: check-am all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(DATA) -install-binPROGRAMS: install-libLTLIBRARIES - installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(pkgcfgdir)"; do \ + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(pkgcfgdir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am @@ -897,10 +962,15 @@ install-am: all-am installcheck: installcheck-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi mostlyclean-generic: clean-generic: @@ -914,7 +984,7 @@ maintainer-clean-generic: @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ +clean-am: clean-generic clean-libLTLIBRARIES clean-libexecPROGRAMS \ clean-libtool clean-noinstPROGRAMS clean-pluginLTLIBRARIES \ mostlyclean-am @@ -942,7 +1012,7 @@ install-dvi: install-dvi-am install-dvi-am: -install-exec-am: install-binPROGRAMS install-libLTLIBRARIES +install-exec-am: install-libLTLIBRARIES install-libexecPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook install-html: install-html-am @@ -983,35 +1053,32 @@ ps: ps-am ps-am: -uninstall-am: uninstall-binPROGRAMS uninstall-libLTLIBRARIES \ +uninstall-am: uninstall-libLTLIBRARIES uninstall-libexecPROGRAMS \ uninstall-pkgcfgDATA uninstall-pluginLTLIBRARIES .MAKE: check-am install-am install-exec-am install-strip .PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \ - clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ + clean-generic clean-libLTLIBRARIES clean-libexecPROGRAMS \ clean-libtool clean-noinstPROGRAMS clean-pluginLTLIBRARIES \ ctags distclean distclean-compile distclean-generic \ distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-binPROGRAMS \ - install-data install-data-am install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am \ - install-libLTLIBRARIES install-man install-pdf install-pdf-am \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-exec-hook install-html install-html-am \ + install-info install-info-am install-libLTLIBRARIES \ + install-libexecPROGRAMS install-man install-pdf install-pdf-am \ install-pkgcfgDATA install-pluginLTLIBRARIES install-ps \ install-ps-am install-strip installcheck installcheck-am \ installdirs maintainer-clean maintainer-clean-generic \ mostlyclean mostlyclean-compile mostlyclean-generic \ mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-binPROGRAMS uninstall-libLTLIBRARIES \ - uninstall-pkgcfgDATA uninstall-pluginLTLIBRARIES + uninstall-am uninstall-libLTLIBRARIES \ + uninstall-libexecPROGRAMS uninstall-pkgcfgDATA \ + uninstall-pluginLTLIBRARIES @LINUX_TRUE@install-exec-hook: -@LINUX_TRUE@ $(SUDO_BINARY) chown root $(bindir)/gnunet-helper-dns || true -@LINUX_TRUE@ $(SUDO_BINARY) chgrp $(GNUNETDNS_GROUP) $(bindir)/gnunet-helper-dns || true -@LINUX_TRUE@ $(SUDO_BINARY) chmod 4750 $(bindir)/gnunet-helper-dns || true -@LINUX_TRUE@ $(SUDO_BINARY) chown gnunet:$(GNUNETDNS_GROUP) $(bindir)/gnunet-service-dns || true -@LINUX_TRUE@ $(SUDO_BINARY) chmod 2750 $(bindir)/gnunet-service-dns || true +@LINUX_TRUE@ $(top_srcdir)/src/dns/install-dns-helper.sh $(libexecdir) $(GNUNETDNS_GROUP) $(SUDO_BINARY) || true @LINUX_FALSE@install-exec-hook: # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/src/dns/dns.conf.in b/src/dns/dns.conf.in index d2c6795..7944b41 100644 --- a/src/dns/dns.conf.in +++ b/src/dns/dns.conf.in @@ -2,7 +2,6 @@ AUTOSTART = YES HOSTNAME = localhost HOME = $SERVICEHOME -CONFIG = $DEFAULTCONFIG BINARY = gnunet-service-dns UNIXPATH = /tmp/gnunet-service-dns.sock @@ -16,14 +15,6 @@ UNIX_MATCH_GID = YES # we never use it, even if @UNIXONLY@ is not set (just to be safe) @UNIXONLY@ PORT = 0 -# This option should be set to YES to allow the DNS service to -# perform lookups against the locally configured DNS resolver. -# (set to "NO" if no normal ISP is locally available and thus -# requests for normal ".com"/".org"/etc. must be routed via -# the GNUnet VPN (the GNUNET PT daemon then needs to be configured -# to intercept and route DNS queries via mesh). -PROVIDE_EXIT = YES - # Name of the virtual interface we use to intercept DNS traffic. IFNAME = gnunet-dns @@ -40,5 +31,5 @@ IPV4MASK = 255.255.0.0 # of a DNS resolver to use. Only works if "PROVIDE_EXIT" is also set to YES. Must absolutely # NOT be an address of any of GNUnet's virtual tunnel interfaces. Use a well-known # public DNS resolver or your ISP's resolver from /etc/resolv.conf. -# DNS_EXIT = 8.8.8.8 +DNS_EXIT = 8.8.8.8 diff --git a/src/dns/dnsparser.c b/src/dns/dnsparser.c index 0e658bd..6ddfebb 100644 --- a/src/dns/dnsparser.c +++ b/src/dns/dnsparser.c @@ -25,47 +25,80 @@ * @author Christian Grothoff */ #include "platform.h" +#include <idna.h> +#if WINDOWS +#include <idn-free.h> +#endif #include "gnunet_util_lib.h" #include "gnunet_dnsparser_lib.h" +#include "dnsparser.h" -// DNS-Stuff -GNUNET_NETWORK_STRUCT_BEGIN -/* FIXME: replace this one with the one from tcpip_tun.h! */ -struct GNUNET_TUN_DnsHeader -{ - uint16_t id GNUNET_PACKED; - struct GNUNET_DNSPARSER_Flags flags; - uint16_t query_count GNUNET_PACKED; // number of questions - uint16_t answer_rcount GNUNET_PACKED; // number of answers - uint16_t authority_rcount GNUNET_PACKED; // number of authority-records - uint16_t additional_rcount GNUNET_PACKED; // number of additional records -}; - -struct query_line +/** + * Check if a label in UTF-8 format can be coded into valid IDNA. + * This can fail if the ASCII-conversion becomes longer than 63 characters. + * + * @param label label to check (UTF-8 string) + * @return GNUNET_OK if the label can be converted to IDNA, + * GNUNET_SYSERR if the label is not valid for DNS names + */ +int +GNUNET_DNSPARSER_check_label (const char *label) { - uint16_t type GNUNET_PACKED; - uint16_t class GNUNET_PACKED; -}; + char *output; + size_t slen; + + if (NULL != strchr (label, '.')) + return GNUNET_SYSERR; /* not a label! Did you mean GNUNET_DNSPARSER_check_name? */ + if (IDNA_SUCCESS != + idna_to_ascii_8z (label, &output, IDNA_USE_STD3_ASCII_RULES)) + return GNUNET_SYSERR; + slen = strlen (output); +#if WINDOWS + idn_free (output); +#else + free (output); +#endif + return (slen > 63) ? GNUNET_SYSERR : GNUNET_OK; +} -struct record_line -{ - uint16_t type GNUNET_PACKED; - uint16_t class GNUNET_PACKED; - uint32_t ttl GNUNET_PACKED; - uint16_t data_len GNUNET_PACKED; -}; -struct soa_data +/** + * Check if a label in UTF-8 format can be coded into valid IDNA. + * This can fail if the ASCII-conversion becomes longer than 253 characters. + * + * @param name name to check (UTF-8 string) + * @return GNUNET_OK if the label can be converted to IDNA, + * GNUNET_SYSERR if the label is not valid for DNS names + */ +int +GNUNET_DNSPARSER_check_name (const char *name) { - uint32_t serial GNUNET_PACKED; - uint32_t refresh GNUNET_PACKED; - uint32_t retry GNUNET_PACKED; - uint32_t expire GNUNET_PACKED; - uint32_t minimum GNUNET_PACKED; -}; - -GNUNET_NETWORK_STRUCT_END + char *ldup; + char *output; + size_t slen; + char *tok; + + ldup = GNUNET_strdup (name); + for (tok = strtok (ldup, "."); NULL != tok; tok = strtok (NULL, ".")) + if (GNUNET_OK != + GNUNET_DNSPARSER_check_label (tok)) + { + GNUNET_free (ldup); + return GNUNET_SYSERR; + } + GNUNET_free (ldup); + if (IDNA_SUCCESS != + idna_to_ascii_8z (name, &output, IDNA_USE_STD3_ASCII_RULES)) + return GNUNET_SYSERR; + slen = strlen (output); +#if WINDOWS + idn_free (output); +#else + free (output); +#endif + return (slen > 253) ? GNUNET_SYSERR : GNUNET_OK; +} /** @@ -90,6 +123,8 @@ parse_name (const char *udp_payload, char *xstr; uint8_t len; size_t xoff; + char *utf8; + Idna_rc rc; ret = GNUNET_strdup (""); while (1) @@ -107,10 +142,36 @@ parse_name (const char *udp_payload, if (*off + 1 + len > udp_payload_length) goto error; GNUNET_asprintf (&tmp, - "%s%.*s.", - ret, + "%.*s", (int) len, &udp_payload[*off + 1]); + if (IDNA_SUCCESS != + (rc = idna_to_unicode_8z8z (tmp, &utf8, IDNA_USE_STD3_ASCII_RULES))) + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + _("Failed to convert DNS IDNA name `%s' to UTF-8: %s\n"), + tmp, + idna_strerror (rc)); + GNUNET_free (tmp); + GNUNET_asprintf (&tmp, + "%s%.*s.", + ret, + (int) len, + &udp_payload[*off + 1]); + } + else + { + GNUNET_free (tmp); + GNUNET_asprintf (&tmp, + "%s%s.", + ret, + utf8); +#if WINDOWS + idn_free (utf8); +#else + free (utf8); +#endif + } GNUNET_free (ret); ret = tmp; *off += 1 + len; @@ -214,6 +275,9 @@ parse_record (const char *udp_payload, struct soa_data soa; uint16_t mxpref; uint16_t data_len; + struct srv_data srv; + char *ndup; + char *tok; name = parse_name (udp_payload, udp_payload_length, @@ -282,6 +346,50 @@ parse_record (const char *udp_payload, if (old_off + data_len != *off) return GNUNET_SYSERR; return GNUNET_OK; + case GNUNET_DNSPARSER_TYPE_SRV: + if ('_' != *r->name) + return GNUNET_SYSERR; /* all valid srv names must start with "_" */ + if (NULL == strstr (r->name, "._")) + return GNUNET_SYSERR; /* necessary string from "._$PROTO" not present */ + old_off = *off; + if (*off + sizeof (struct srv_data) > udp_payload_length) + return GNUNET_SYSERR; + memcpy (&srv, &udp_payload[*off], sizeof (struct srv_data)); + (*off) += sizeof (struct srv_data); + r->data.srv = GNUNET_malloc (sizeof (struct GNUNET_DNSPARSER_SrvRecord)); + r->data.srv->priority = ntohs (srv.prio); + r->data.srv->weight = ntohs (srv.weight); + r->data.srv->port = ntohs (srv.port); + /* parse 'data.hostname' into components, which are + "_$SERVICE._$PROTO.$DOMAIN_NAME" */ + ndup = GNUNET_strdup (r->name); + tok = strtok (ndup, "."); + GNUNET_assert (NULL != tok); + GNUNET_assert ('_' == *tok); + r->data.srv->service = GNUNET_strdup (&tok[1]); + tok = strtok (NULL, "."); + if ( (NULL == tok) || ('_' != *tok) ) + { + GNUNET_free (r->data.srv); + GNUNET_free (ndup); + return GNUNET_SYSERR; + } + r->data.srv->proto = GNUNET_strdup (&tok[1]); + tok = strtok (NULL, "."); + if (NULL == tok) + { + GNUNET_free (r->data.srv); + GNUNET_free (ndup); + return GNUNET_SYSERR; + } + r->data.srv->domain_name = GNUNET_strdup (tok); + GNUNET_free (ndup); + r->data.srv->target = parse_name (udp_payload, + udp_payload_length, + off, 0); + if (old_off + data_len != *off) + return GNUNET_SYSERR; + return GNUNET_OK; default: r->data.raw.data = GNUNET_malloc (data_len); r->data.raw.data_len = data_len; @@ -394,6 +502,24 @@ free_soa (struct GNUNET_DNSPARSER_SoaRecord *soa) /** + * Free SRV information record. + * + * @param srv record to free + */ +static void +free_srv (struct GNUNET_DNSPARSER_SrvRecord *srv) +{ + if (NULL == srv) + return; + GNUNET_free_non_null (srv->target); + GNUNET_free_non_null (srv->domain_name); + GNUNET_free_non_null (srv->proto); + GNUNET_free_non_null (srv->service); + GNUNET_free (srv); +} + + +/** * Free MX information record. * * @param mx record to free @@ -420,6 +546,9 @@ free_record (struct GNUNET_DNSPARSER_Record *r) case GNUNET_DNSPARSER_TYPE_SOA: free_soa (r->data.soa); break; + case GNUNET_DNSPARSER_TYPE_SRV: + free_srv (r->data.srv); + break; case GNUNET_DNSPARSER_TYPE_NS: case GNUNET_DNSPARSER_TYPE_CNAME: case GNUNET_DNSPARSER_TYPE_PTR: @@ -480,34 +609,60 @@ add_name (char *dst, const char *name) { const char *dot; + const char *idna_name; + char *idna_start; size_t start; size_t pos; size_t len; + Idna_rc rc; if (NULL == name) return GNUNET_SYSERR; - start = *off; - if (start + strlen (name) + 2 > dst_len) + + if (IDNA_SUCCESS != + (rc = idna_to_ascii_8z (name, &idna_start, IDNA_USE_STD3_ASCII_RULES))) + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + _("Failed to convert UTF-8 name `%s' to DNS IDNA format: %s\n"), + name, + idna_strerror (rc)); return GNUNET_NO; + } + idna_name = idna_start; + start = *off; + if (start + strlen (idna_name) + 2 > dst_len) + goto fail; pos = start; do { - dot = strchr (name, '.'); + dot = strchr (idna_name, '.'); if (NULL == dot) - len = strlen (name); + len = strlen (idna_name); else - len = dot - name; + len = dot - idna_name; if ( (len >= 64) || (len == 0) ) - return GNUNET_NO; /* segment too long or empty */ + goto fail; /* segment too long or empty */ dst[pos++] = (char) (uint8_t) len; - memcpy (&dst[pos], name, len); + memcpy (&dst[pos], idna_name, len); pos += len; - name += len + 1; /* also skip dot */ + idna_name += len + 1; /* also skip dot */ } while (NULL != dot); dst[pos++] = '\0'; /* terminator */ *off = pos; +#if WINDOWS + idn_free (idna_start); +#else + free (idna_start); +#endif return GNUNET_OK; + fail: +#if WINDOWS + idn_free (idna_start); +#else + free (idna_start); +#endif + return GNUNET_NO; } @@ -616,6 +771,43 @@ add_soa (char *dst, /** + * Add an SRV record to the UDP packet at the given location. + * + * @param dst where to write the SRV record + * @param dst_len number of bytes in dst + * @param off pointer to offset where to write the SRV information (increment by bytes used) + * can also change if there was an error + * @param srv SRV information to write + * @return GNUNET_SYSERR if 'srv' is invalid + * GNUNET_NO if 'srv' did not fit + * GNUNET_OK if 'srv' was added to 'dst' + */ +static int +add_srv (char *dst, + size_t dst_len, + size_t *off, + const struct GNUNET_DNSPARSER_SrvRecord *srv) +{ + struct srv_data sd; + int ret; + + if (*off + sizeof (struct srv_data) > dst_len) + return GNUNET_NO; + sd.prio = htons (srv->priority); + sd.weight = htons (srv->weight); + sd.port = htons (srv->port); + memcpy (&dst[*off], &sd, sizeof (sd)); + (*off) += sizeof (sd); + if (GNUNET_OK != (ret = add_name (dst, + dst_len, + off, + srv->target))) + return ret; + return GNUNET_OK; +} + + +/** * Add a DNS record to the UDP packet at the given location. * * @param dst where to write the query @@ -637,10 +829,23 @@ add_record (char *dst, size_t start; size_t pos; struct record_line rl; - + char *name; + start = *off; - ret = add_name (dst, dst_len - sizeof (struct record_line), off, record->name); - if (ret != GNUNET_OK) + /* for SRV records, we can create the name from the details + of the record if needed */ + name = record->name; + if ( (GNUNET_DNSPARSER_TYPE_SRV == record->type) && + (NULL == name) ) + GNUNET_asprintf (&name, + "_%s._%s.%s", + record->data.srv->service, + record->data.srv->proto, + record->data.srv->domain_name); + ret = add_name (dst, dst_len - sizeof (struct record_line), off, name); + if (name != record->name) + GNUNET_free (name); + if (GNUNET_OK != ret) return ret; /* '*off' is now the position where we will need to write the record line */ @@ -658,6 +863,9 @@ add_record (char *dst, case GNUNET_DNSPARSER_TYPE_PTR: ret = add_name (dst, dst_len, &pos, record->data.hostname); break; + case GNUNET_DNSPARSER_TYPE_SRV: + ret = add_srv (dst, dst_len, &pos, record->data.srv); + break; default: if (pos + record->data.raw.data_len > dst_len) { @@ -669,7 +877,7 @@ add_record (char *dst, ret = GNUNET_OK; break; } - if (ret != GNUNET_OK) + if (GNUNET_OK != ret) { *off = start; return GNUNET_NO; diff --git a/src/dns/dnsparser.h b/src/dns/dnsparser.h new file mode 100644 index 0000000..d312f89 --- /dev/null +++ b/src/dns/dnsparser.h @@ -0,0 +1,195 @@ +/* + This file is part of GNUnet + (C) 2010, 2011, 2012 Christian Grothoff (and other contributing authors) + + GNUnet is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published + by the Free Software Foundation; either version 2, or (at your + option) any later version. + + GNUnet is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with GNUnet; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. + */ + +/** + * @file dns/dnsparser.h + * @brief helper library to parse DNS packets. + * @author Philipp Toelke + * @author Christian Grothoff + * @author Martin Schanzenbach + */ +GNUNET_NETWORK_STRUCT_BEGIN + +/* FIXME: replace this one with the one from tcpip_tun.h!? */ +/** + * Head of a any DNS message. + */ +struct GNUNET_TUN_DnsHeader +{ + /** + * Request/response ID. (NBO) + */ + uint16_t id GNUNET_PACKED; + + /** + * Flags for the operation. + */ + struct GNUNET_DNSPARSER_Flags flags; + + /** + * number of questions (NBO) + */ + uint16_t query_count GNUNET_PACKED; + + /** + * number of answers (NBO) + */ + uint16_t answer_rcount GNUNET_PACKED; + + /** + * number of authority-records (NBO) + */ + uint16_t authority_rcount GNUNET_PACKED; + + /** + * number of additional records (NBO) + */ + uint16_t additional_rcount GNUNET_PACKED; +}; + + +/** + * DNS query prefix. + */ +struct query_line +{ + /** + * Desired type (GNUNET_DNSPARSER_TYPE_XXX). (NBO) + */ + uint16_t type GNUNET_PACKED; + + /** + * Desired class (usually GNUNET_DNSPARSER_CLASS_INTERNET). (NBO) + */ + uint16_t class GNUNET_PACKED; +}; + + +/** + * General DNS record prefix. + */ +struct record_line +{ + /** + * Record type (GNUNET_DNSPARSER_TYPE_XXX). (NBO) + */ + uint16_t type GNUNET_PACKED; + + /** + * Record class (usually GNUNET_DNSPARSER_CLASS_INTERNET). (NBO) + */ + uint16_t class GNUNET_PACKED; + + /** + * Expiration for the record (in seconds). (NBO) + */ + uint32_t ttl GNUNET_PACKED; + + /** + * Number of bytes of data that follow. (NBO) + */ + uint16_t data_len GNUNET_PACKED; +}; + + +/** + * Payload of DNS SOA record (header). + */ +struct soa_data +{ + /** + * The version number of the original copy of the zone. (NBO) + */ + uint32_t serial GNUNET_PACKED; + + /** + * Time interval before the zone should be refreshed. (NBO) + */ + uint32_t refresh GNUNET_PACKED; + + /** + * Time interval that should elapse before a failed refresh should + * be retried. (NBO) + */ + uint32_t retry GNUNET_PACKED; + + /** + * Time value that specifies the upper limit on the time interval + * that can elapse before the zone is no longer authoritative. (NBO) + */ + uint32_t expire GNUNET_PACKED; + + /** + * The bit minimum TTL field that should be exported with any RR + * from this zone. (NBO) + */ + uint32_t minimum GNUNET_PACKED; +}; + + +/** + * Payload of DNS SRV record (header). + */ +struct srv_data +{ + + /** + * Preference for this entry (lower value is higher preference). Clients + * will contact hosts from the lowest-priority group first and fall back + * to higher priorities if the low-priority entries are unavailable. (NBO) + */ + uint16_t prio GNUNET_PACKED; + + /** + * Relative weight for records with the same priority. Clients will use + * the hosts of the same (lowest) priority with a probability proportional + * to the weight given. (NBO) + */ + uint16_t weight GNUNET_PACKED; + + /** + * TCP or UDP port of the service. (NBO) + */ + uint16_t port GNUNET_PACKED; + + /* followed by 'target' name */ +}; + + +/** + * Payload of GNS VPN record + */ +struct vpn_data +{ + /** + * The peer to contact + */ + struct GNUNET_HashCode peer; + + /** + * The protocol to use + */ + uint16_t proto GNUNET_PACKED; + + + /* followed by the servicename / identifier / password (0-terminated) */ +}; + +GNUNET_NETWORK_STRUCT_END diff --git a/src/dns/dnsstub.c b/src/dns/dnsstub.c new file mode 100644 index 0000000..c755aff --- /dev/null +++ b/src/dns/dnsstub.c @@ -0,0 +1,561 @@ +/* + This file is part of GNUnet. + (C) 2012 Christian Grothoff (and other contributing authors) + + GNUnet is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published + by the Free Software Foundation; either version 3, or (at your + option) any later version. + + GNUnet is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with GNUnet; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. +*/ +/** + * @file dns/dnsstub.c + * @brief DNS stub resolver which sends DNS requests to an actual resolver + * @author Christian Grothoff + */ +#include "platform.h" +#include "gnunet_util_lib.h" +#include "gnunet_dnsstub_lib.h" + +/** + * Timeout for an external (Internet-DNS) DNS resolution + */ +#define REQUEST_TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5) + +/** + * How many DNS sockets do we open at most at the same time? + * (technical socket maximum is this number x2 for IPv4+IPv6) + */ +#define DNS_SOCKET_MAX 128 + + +/** + * UDP socket we are using for sending DNS requests to the Internet. + */ +struct GNUNET_DNSSTUB_RequestSocket +{ + + /** + * UDP socket we use for this request for IPv4 + */ + struct GNUNET_NETWORK_Handle *dnsout4; + + /** + * UDP socket we use for this request for IPv6 + */ + struct GNUNET_NETWORK_Handle *dnsout6; + + /** + * Function to call with result. + */ + GNUNET_DNSSTUB_ResultCallback rc; + + /** + * Closure for 'rc'. + */ + void *rc_cls; + + /** + * Task for reading from dnsout4 and dnsout6. + */ + GNUNET_SCHEDULER_TaskIdentifier read_task; + + /** + * When should this request time out? + */ + struct GNUNET_TIME_Absolute timeout; + + /** + * Address we sent the DNS request to. + */ + struct sockaddr_storage addr; + + /** + * Number of bytes in 'addr'. + */ + socklen_t addrlen; + +}; + + +/** + * Handle to the stub resolver. + */ +struct GNUNET_DNSSTUB_Context +{ + + /** + * Array of all open sockets for DNS requests. + */ + struct GNUNET_DNSSTUB_RequestSocket sockets[DNS_SOCKET_MAX]; + + /** + * IP address to use for the DNS server if we are a DNS exit service + * (for VPN via mesh); otherwise NULL. + */ + char *dns_exit; +}; + + + +/** + * We're done with a GNUNET_DNSSTUB_RequestSocket, close it for now. + * + * @param rs request socket to clean up + */ +static void +cleanup_rs (struct GNUNET_DNSSTUB_RequestSocket *rs) +{ + if (NULL != rs->dnsout4) + { + GNUNET_NETWORK_socket_close (rs->dnsout4); + rs->dnsout4 = NULL; + } + if (NULL != rs->dnsout6) + { + GNUNET_NETWORK_socket_close (rs->dnsout6); + rs->dnsout6 = NULL; + } + if (GNUNET_SCHEDULER_NO_TASK != rs->read_task) + { + GNUNET_SCHEDULER_cancel (rs->read_task); + rs->read_task = GNUNET_SCHEDULER_NO_TASK; + } +} + + +/** + * Open source port for sending DNS requests + * + * @param af AF_INET or AF_INET6 + * @return GNUNET_OK on success + */ +static struct GNUNET_NETWORK_Handle * +open_socket (int af) +{ + struct sockaddr_in a4; + struct sockaddr_in6 a6; + struct sockaddr *sa; + socklen_t alen; + struct GNUNET_NETWORK_Handle *ret; + + ret = GNUNET_NETWORK_socket_create (af, SOCK_DGRAM, 0); + if (NULL == ret) + return NULL; + switch (af) + { + case AF_INET: + memset (&a4, 0, alen = sizeof (struct sockaddr_in)); + sa = (struct sockaddr *) &a4; + break; + case AF_INET6: + memset (&a6, 0, alen = sizeof (struct sockaddr_in6)); + sa = (struct sockaddr *) &a6; + break; + default: + GNUNET_break (0); + GNUNET_NETWORK_socket_close (ret); + return NULL; + } + sa->sa_family = af; + if (GNUNET_OK != GNUNET_NETWORK_socket_bind (ret, + sa, + alen)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _("Could not bind to any port: %s\n"), + STRERROR (errno)); + GNUNET_NETWORK_socket_close (ret); + return NULL; + } + return ret; +} + + +/** + * Read a DNS response from the (unhindered) UDP-Socket + * + * @param cls socket to read from + * @param tc scheduler context (must be shutdown or read ready) + */ +static void +read_response (void *cls, + const struct GNUNET_SCHEDULER_TaskContext *tc); + + +/** + * Get a socket of the specified address family to send out a + * UDP DNS request to the Internet. + * + * @param ctx the DNSSTUB context + * @param af desired address family + * @return NULL on error (given AF not "supported") + */ +static struct GNUNET_DNSSTUB_RequestSocket * +get_request_socket (struct GNUNET_DNSSTUB_Context *ctx, + int af) +{ + struct GNUNET_DNSSTUB_RequestSocket *rs; + struct GNUNET_NETWORK_FDSet *rset; + + rs = &ctx->sockets[GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, + DNS_SOCKET_MAX)]; + rs->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT); + switch (af) + { + case AF_INET: + if (NULL == rs->dnsout4) + rs->dnsout4 = open_socket (AF_INET); + break; + case AF_INET6: + if (NULL == rs->dnsout6) + rs->dnsout6 = open_socket (AF_INET6); + break; + default: + return NULL; + } + if (GNUNET_SCHEDULER_NO_TASK != rs->read_task) + { + GNUNET_SCHEDULER_cancel (rs->read_task); + rs->read_task = GNUNET_SCHEDULER_NO_TASK; + } + if ( (NULL == rs->dnsout4) && + (NULL == rs->dnsout6) ) + return NULL; + rset = GNUNET_NETWORK_fdset_create (); + if (NULL != rs->dnsout4) + GNUNET_NETWORK_fdset_set (rset, rs->dnsout4); + if (NULL != rs->dnsout6) + GNUNET_NETWORK_fdset_set (rset, rs->dnsout6); + rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT, + REQUEST_TIMEOUT, + rset, + NULL, + &read_response, rs); + GNUNET_NETWORK_fdset_destroy (rset); + return rs; +} + + +/** + * Perform DNS resolution. + * + * @param ctx stub resolver to use + * @param sa the socket address + * @param sa_len the socket length + * @param request DNS request to transmit + * @param request_len number of bytes in msg + * @param rc function to call with result + * @param rc_cls closure for 'rc' + * @return socket used for the request, NULL on error + */ +struct GNUNET_DNSSTUB_RequestSocket * +GNUNET_DNSSTUB_resolve (struct GNUNET_DNSSTUB_Context *ctx, + const struct sockaddr *sa, + socklen_t sa_len, + const void *request, + size_t request_len, + GNUNET_DNSSTUB_ResultCallback rc, + void *rc_cls) +{ + struct GNUNET_DNSSTUB_RequestSocket *rs; + struct GNUNET_NETWORK_Handle *ret; + int af; + + af = sa->sa_family; + if (NULL == (rs = get_request_socket (ctx, af))) + return NULL; + if (NULL != rs->dnsout4) + ret = rs->dnsout4; + else + ret = rs->dnsout6; + GNUNET_assert (NULL != ret); + memcpy (&rs->addr, + sa, + sa_len); + rs->addrlen = sa_len; + rs->rc = rc; + rs->rc_cls = rc_cls; + if (GNUNET_SYSERR == + GNUNET_NETWORK_socket_sendto (ret, + request, + request_len, + sa, + sa_len)) + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _("Failed to send DNS request to %s\n"), + GNUNET_a2s (sa, sa_len)); + else + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + _("Sent DNS request to %s\n"), + GNUNET_a2s (sa, sa_len)); + return rs; +} + + +/** + * Perform DNS resolution using our default IP from init. + * + * @param ctx stub resolver to use + * @param request DNS request to transmit + * @param request_len number of bytes in msg + * @param rc function to call with result + * @param rc_cls closure for 'rc' + * @return socket used for the request, NULL on error + */ +struct GNUNET_DNSSTUB_RequestSocket * +GNUNET_DNSSTUB_resolve2 (struct GNUNET_DNSSTUB_Context *ctx, + const void *request, + size_t request_len, + GNUNET_DNSSTUB_ResultCallback rc, + void *rc_cls) +{ + int af; + struct sockaddr_in v4; + struct sockaddr_in6 v6; + struct sockaddr *sa; + socklen_t salen; + struct GNUNET_NETWORK_Handle *dnsout; + struct GNUNET_DNSSTUB_RequestSocket *rs; + + memset (&v4, 0, sizeof (v4)); + memset (&v6, 0, sizeof (v6)); + if (1 == inet_pton (AF_INET, ctx->dns_exit, &v4.sin_addr)) + { + salen = sizeof (v4); + v4.sin_family = AF_INET; + v4.sin_port = htons (53); +#if HAVE_SOCKADDR_IN_SIN_LEN + v4.sin_len = (u_char) salen; +#endif + sa = (struct sockaddr *) &v4; + af = AF_INET; + } + else if (1 == inet_pton (AF_INET6, ctx->dns_exit, &v6.sin6_addr)) + { + salen = sizeof (v6); + v6.sin6_family = AF_INET6; + v6.sin6_port = htons (53); +#if HAVE_SOCKADDR_IN_SIN_LEN + v6.sin6_len = (u_char) salen; +#endif + sa = (struct sockaddr *) &v6; + af = AF_INET6; + } + else + { + GNUNET_break (0); + return NULL; + } + if (NULL == (rs = get_request_socket (ctx, af))) + return NULL; + if (NULL != rs->dnsout4) + dnsout = rs->dnsout4; + else + dnsout = rs->dnsout6; + if (NULL == dnsout) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _("Configured DNS exit `%s' is not working / valid.\n"), + ctx->dns_exit); + return NULL; + } + memcpy (&rs->addr, + sa, + salen); + rs->addrlen = salen; + rs->rc = rc; + rs->rc_cls = rc_cls; + if (GNUNET_SYSERR == + GNUNET_NETWORK_socket_sendto (dnsout, + request, + request_len, sa, salen)) + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _("Failed to send DNS request to %s\n"), + GNUNET_a2s (sa, salen)); + rs->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT); + + return rs; + +} + + +/** + * Actually do the reading of a DNS packet from our UDP socket and see + * if we have a valid, matching, pending request. + * + * @param rs request socket with callback details + * @param dnsout socket to read from + * @return GNUNET_OK on success, GNUNET_NO on drop, GNUNET_SYSERR on IO-errors (closed socket) + */ +static int +do_dns_read (struct GNUNET_DNSSTUB_RequestSocket *rs, + struct GNUNET_NETWORK_Handle *dnsout) +{ + struct sockaddr_storage addr; + socklen_t addrlen; + struct GNUNET_TUN_DnsHeader *dns; + ssize_t r; + int len; + +#ifndef MINGW + if (0 != ioctl (GNUNET_NETWORK_get_fd (dnsout), FIONREAD, &len)) + { + /* conservative choice: */ + len = UINT16_MAX; + } +#else + /* port the code above? */ + len = UINT16_MAX; +#endif + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Receiving %d byte DNS reply\n", + len); + { + unsigned char buf[len] GNUNET_ALIGN; + + addrlen = sizeof (addr); + memset (&addr, 0, sizeof (addr)); + r = GNUNET_NETWORK_socket_recvfrom (dnsout, + buf, sizeof (buf), + (struct sockaddr*) &addr, &addrlen); + if (-1 == r) + { + GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "recvfrom"); + GNUNET_NETWORK_socket_close (dnsout); + return GNUNET_SYSERR; + } + if (sizeof (struct GNUNET_TUN_DnsHeader) > r) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _("Received DNS response that is too small (%u bytes)"), + r); + return GNUNET_NO; + } + dns = (struct GNUNET_TUN_DnsHeader *) buf; + if ( (addrlen != rs->addrlen) || + (0 != memcmp (&rs->addr, + &addr, + addrlen)) || + (0 == GNUNET_TIME_absolute_get_remaining (rs->timeout).rel_value) ) + { + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Request timeout or invalid sender address; ignoring reply\n"); + return GNUNET_NO; + } + if (NULL != rs->rc) + rs->rc (rs->rc_cls, + rs, + dns, + r); + } + return GNUNET_OK; +} + + +/** + * Read a DNS response from the (unhindered) UDP-Socket + * + * @param cls socket to read from + * @param tc scheduler context (must be shutdown or read ready) + */ +static void +read_response (void *cls, + const struct GNUNET_SCHEDULER_TaskContext *tc) +{ + struct GNUNET_DNSSTUB_RequestSocket *rs = cls; + struct GNUNET_NETWORK_FDSet *rset; + + rs->read_task = GNUNET_SCHEDULER_NO_TASK; + if (0 == (tc->reason & GNUNET_SCHEDULER_REASON_READ_READY)) + { + /* timeout or shutdown */ + cleanup_rs (rs); + return; + } + /* read and process ready sockets */ + if ((NULL != rs->dnsout4) && + (GNUNET_NETWORK_fdset_isset (tc->read_ready, rs->dnsout4)) && + (GNUNET_SYSERR == do_dns_read (rs, rs->dnsout4))) + rs->dnsout4 = NULL; + if ((NULL != rs->dnsout6) && + (GNUNET_NETWORK_fdset_isset (tc->read_ready, rs->dnsout6)) && + (GNUNET_SYSERR == do_dns_read (rs, rs->dnsout6))) + rs->dnsout6 = NULL; + + /* re-schedule read task */ + rset = GNUNET_NETWORK_fdset_create (); + if (NULL != rs->dnsout4) + GNUNET_NETWORK_fdset_set (rset, rs->dnsout4); + if (NULL != rs->dnsout6) + GNUNET_NETWORK_fdset_set (rset, rs->dnsout6); + rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT, + GNUNET_TIME_absolute_get_remaining (rs->timeout), + rset, + NULL, + &read_response, rs); + GNUNET_NETWORK_fdset_destroy (rset); +} + + +/** + * Cancel DNS resolution. + * + * @param rs resolution to cancel + */ +void +GNUNET_DNSSTUB_resolve_cancel (struct GNUNET_DNSSTUB_RequestSocket *rs) +{ + rs->rc = NULL; +} + + +/** + * Start a DNS stub resolver. + * + * @param dns_ip target IP address to use + * @return NULL on error + */ +struct GNUNET_DNSSTUB_Context * +GNUNET_DNSSTUB_start (const char *dns_ip) +{ + struct GNUNET_DNSSTUB_Context *ctx; + + ctx = GNUNET_malloc (sizeof (struct GNUNET_DNSSTUB_Context)); + if (NULL != dns_ip) + ctx->dns_exit = GNUNET_strdup (dns_ip); + return ctx; +} + + +/** + * Cleanup DNSSTUB resolver. + * + * @param ctx stub resolver to clean up + */ +void +GNUNET_DNSSTUB_stop (struct GNUNET_DNSSTUB_Context *ctx) +{ + unsigned int i; + + for (i=0;i<DNS_SOCKET_MAX;i++) + cleanup_rs (&ctx->sockets[i]); + if (NULL != ctx->dns_exit) + { + GNUNET_free (ctx->dns_exit); + ctx->dns_exit = NULL; + } + GNUNET_free (ctx); +} + + +/* end of dnsstub.c */ diff --git a/src/dns/gnunet-dns-monitor.c b/src/dns/gnunet-dns-monitor.c index 82715aa..747a875 100644 --- a/src/dns/gnunet-dns-monitor.c +++ b/src/dns/gnunet-dns-monitor.c @@ -75,6 +75,7 @@ get_type (uint16_t type) case GNUNET_DNSPARSER_TYPE_MX: return "MX"; case GNUNET_DNSPARSER_TYPE_TXT: return "TXT"; case GNUNET_DNSPARSER_TYPE_AAAA: return "AAAA"; + case GNUNET_DNSPARSER_TYPE_SRV: return "SRV"; } GNUNET_snprintf (buf, sizeof (buf), "%u", (unsigned int) type); return buf; @@ -151,7 +152,7 @@ display_record (const struct GNUNET_DNSPARSER_Record *record) format = record->data.hostname; break; case GNUNET_DNSPARSER_TYPE_SOA: - if (record->data.soa == NULL) + if (NULL == record->data.soa) format = "<invalid>"; else { @@ -179,6 +180,23 @@ display_record (const struct GNUNET_DNSPARSER_Record *record) format = tmp; } break; + case GNUNET_DNSPARSER_TYPE_SRV: + if (NULL == record->data.srv) + format = "<invalid>"; + else + { + GNUNET_asprintf (&tmp, + "service: %s, protocol: %s, domain_name = %s, priority %u, weight = %s, port = %u, target = %s", + record->data.srv->service, + record->data.srv->proto, + record->data.srv->domain_name, + (unsigned int) record->data.srv->priority, + (unsigned int) record->data.srv->weight, + (unsigned int) record->data.srv->port, + record->data.srv->target); + format = tmp; + } + break; case GNUNET_DNSPARSER_TYPE_TXT: GNUNET_asprintf (&tmp, "%.*s", @@ -342,11 +360,16 @@ main (int argc, char *const *argv) GNUNET_GETOPT_OPTION_VERBOSE (&verbosity), GNUNET_GETOPT_OPTION_END }; - return (GNUNET_OK == - GNUNET_PROGRAM_run (argc, argv, "gnunet-dns-monitor", - gettext_noop - ("Monitor DNS queries."), options, - &run, NULL)) ? ret : 1; + + if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv)) + return 2; + ret = (GNUNET_OK == + GNUNET_PROGRAM_run (argc, argv, "gnunet-dns-monitor", + gettext_noop + ("Monitor DNS queries."), options, + &run, NULL)) ? ret : 1; + GNUNET_free ((void*) argv); + return ret; } diff --git a/src/dns/gnunet-dns-redirector.c b/src/dns/gnunet-dns-redirector.c index a45b896..3df2ac2 100644 --- a/src/dns/gnunet-dns-redirector.c +++ b/src/dns/gnunet-dns-redirector.c @@ -241,11 +241,17 @@ main (int argc, char *const *argv) GNUNET_GETOPT_OPTION_VERBOSE (&verbosity), GNUNET_GETOPT_OPTION_END }; - return (GNUNET_OK == - GNUNET_PROGRAM_run (argc, argv, "gnunet-dns-redirector", - gettext_noop - ("Change DNS replies to point elsewhere."), options, - &run, NULL)) ? ret : 1; + + if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv)) + return 2; + + ret = (GNUNET_OK == + GNUNET_PROGRAM_run (argc, argv, "gnunet-dns-redirector", + gettext_noop + ("Change DNS replies to point elsewhere."), options, + &run, NULL)) ? ret : 1; + GNUNET_free ((void*) argv); + return ret; } diff --git a/src/dns/gnunet-helper-dns.c b/src/dns/gnunet-helper-dns.c index dfeb45a..c230ec5 100644 --- a/src/dns/gnunet-helper-dns.c +++ b/src/dns/gnunet-helper-dns.c @@ -100,6 +100,11 @@ struct in6_ifreq static const char *sbin_iptables; /** + * Name and full path of sysctl binary + */ +static const char *sbin_sysctl; + +/** * Name and full path of IPTABLES binary. */ static const char *sbin_ip; @@ -150,6 +155,33 @@ signal_handler (int signal) /** + * Open '/dev/null' and make the result the given + * file descriptor. + * + * @param target_fd desired FD to point to /dev/null + * @param flags open flags (O_RDONLY, O_WRONLY) + */ +static void +open_dev_null (int target_fd, + int flags) +{ + int fd; + + fd = open ("/dev/null", flags); + if (-1 == fd) + abort (); + if (fd == target_fd) + return; + if (-1 == dup2 (fd, target_fd)) + { + (void) close (fd); + abort (); + } + (void) close (fd); +} + + +/** * Run the given command and wait for it to complete. * * @param file name of the binary to run @@ -178,7 +210,9 @@ fork_and_exec (const char *file, /* close stdin/stdout to not cause interference with the helper's main protocol! */ (void) close (0); + open_dev_null (0, O_RDONLY); (void) close (1); + open_dev_null (1, O_WRONLY); (void) execv (file, cmd); /* can only get here on error */ fprintf (stderr, @@ -492,7 +526,7 @@ run (int fd_tun) * We are supposed to read and the buffer is not empty * -> select on write to stdout */ - if (0 != buftun_size) + if (0 < buftun_size) FD_SET (1, &fds_w); /* @@ -536,7 +570,10 @@ run (int fd_tun) { if ( (errno == EINTR) || (errno == EAGAIN) ) - continue; + { + buftun_size = 0; + continue; + } fprintf (stderr, "read-error: %s\n", strerror (errno)); return; } @@ -675,6 +712,7 @@ PROCESS_BUFFER: * 25-39 failed to drop privs and then failed to undo some changes to routing table * 40 failed to regain privs * 41-55 failed to regain prisv and then failed to undo some changes to routing table + * 254 insufficient priviledges * 255 failed to handle kill signal properly */ int @@ -684,6 +722,7 @@ main (int argc, char *const*argv) char dev[IFNAMSIZ]; char mygid[32]; int fd_tun; + uid_t uid; if (6 != argc) { @@ -691,6 +730,22 @@ main (int argc, char *const*argv) return 1; } + /* assert privs so we can modify the firewall rules! */ + uid = getuid (); +#ifdef HAVE_SETRESUID + if (0 != setresuid (uid, 0, 0)) + { + fprintf (stderr, "Failed to setresuid to root: %s\n", strerror (errno)); + return 254; + } +#else + if (0 != seteuid (0)) + { + fprintf (stderr, "Failed to seteuid back to root: %s\n", strerror (errno)); + return 254; + } +#endif + /* verify that the binaries were care about are executable */ if (0 == access ("/sbin/iptables", X_OK)) sbin_iptables = "/sbin/iptables"; @@ -714,6 +769,17 @@ main (int argc, char *const*argv) strerror (errno)); return 4; } + if (0 == access ("/sbin/sysctl", X_OK)) + sbin_sysctl = "/sbin/sysctl"; + else if (0 == access ("/usr/sbin/sysctl", X_OK)) + sbin_sysctl = "/usr/sbin/sysctl"; + else + { + fprintf (stderr, + "Fatal: executable sysctl not found in approved directories: %s\n", + strerror (errno)); + return 5; + } /* setup 'mygid' string */ snprintf (mygid, sizeof (mygid), "%d", (int) getegid()); @@ -778,6 +844,22 @@ main (int argc, char *const*argv) strncpy (dev, argv[1], IFNAMSIZ); dev[IFNAMSIZ - 1] = '\0'; + /* Disable rp filtering */ + { + char *const sysctl_args[] = {"sysctl", "-w", + "net.ipv4.conf.all.rp_filter=0", NULL}; + char *const sysctl_args2[] = {"sysctl", "-w", + "net.ipv4.conf.default.rp_filter=0", NULL}; + if ((0 != fork_and_exec (sbin_sysctl, sysctl_args)) || + (0 != fork_and_exec (sbin_sysctl, sysctl_args2))) + { + fprintf (stderr, + "Failed to disable rp filtering.\n"); + return 5; + } + } + + /* now open virtual interface (first part that requires root) */ if (-1 == (fd_tun = init_tun (dev))) { @@ -814,6 +896,7 @@ main (int argc, char *const*argv) set_address4 (dev, address, mask); } + /* update routing tables -- next part why we need SUID! */ /* Forward everything from our EGID (which should only be held @@ -863,7 +946,6 @@ main (int argc, char *const*argv) /* drop privs *except* for the saved UID; this is not perfect, but better than doing nothing */ - uid_t uid = getuid (); #ifdef HAVE_SETRESUID if (0 != setresuid (uid, uid, 0)) { diff --git a/src/dns/gnunet-service-dns.c b/src/dns/gnunet-service-dns.c index 6337538..d1689f4 100644 --- a/src/dns/gnunet-service-dns.c +++ b/src/dns/gnunet-service-dns.c @@ -45,21 +45,22 @@ #include "dns.h" #include "gnunet_dns_service.h" #include "gnunet_dnsparser_lib.h" -#include "gnunet_mesh_service.h" +#include "gnunet_dnsstub_lib.h" #include "gnunet_statistics_service.h" #include "gnunet_tun_lib.h" - /** - * Timeout for an external (Internet-DNS) DNS resolution + * Port number for DNS */ -#define REQUEST_TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5) +#define DNS_PORT 53 + /** - * How many DNS sockets do we open at most at the same time? - * (technical socket maximum is this number x2 for IPv4+IPv6) + * Generic logging shorthand */ -#define DNS_SOCKET_MAX 128 +#define LOG(kind, ...) \ + GNUNET_log_from (kind, "dns", __VA_ARGS__); + /** * Phases each request goes through. @@ -137,34 +138,6 @@ struct ClientRecord /** - * UDP socket we are using for sending DNS requests to the Internet. - */ -struct RequestSocket -{ - - /** - * UDP socket we use for this request for IPv4 - */ - struct GNUNET_NETWORK_Handle *dnsout4; - - /** - * UDP socket we use for this request for IPv6 - */ - struct GNUNET_NETWORK_Handle *dnsout6; - - /** - * Task for reading from dnsout4 and dnsout6. - */ - GNUNET_SCHEDULER_TaskIdentifier read_task; - - /** - * When should this socket be closed? - */ - struct GNUNET_TIME_Absolute timeout; -}; - - -/** * Entry we keep for each active request. */ struct RequestRecord @@ -184,10 +157,9 @@ struct RequestRecord /** * Socket we are using to transmit this request (must match if we receive - * a response). Must NOT be freed as part of this request record (as it - * might be shared with other requests). + * a response). */ - struct GNUNET_NETWORK_Handle *dnsout; + struct GNUNET_DNSSTUB_RequestSocket *rs; /** * Source address of the original request (for sending response). @@ -200,11 +172,6 @@ struct RequestRecord struct sockaddr_storage dst_addr; /** - * When should this request time out? - */ - struct GNUNET_TIME_Absolute timeout; - - /** * ID of this request, also basis for hashing. Lowest 16 bit will * be our message ID when doing a global DNS request and our index * into the 'requests' array. @@ -230,66 +197,6 @@ struct RequestRecord /** - * State we keep for each DNS tunnel that terminates at this node. - */ -struct TunnelState -{ - - /** - * Associated MESH tunnel. - */ - struct GNUNET_MESH_Tunnel *tunnel; - - /** - * Active request for sending a reply. - */ - struct GNUNET_MESH_TransmitHandle *th; - - /** - * DNS reply ready for transmission. - */ - char *reply; - - /** - * Socket we are using to transmit this request (must match if we receive - * a response). Must NOT be freed as part of this request record (as it - * might be shared with other requests). - */ - struct GNUNET_NETWORK_Handle *dnsout; - - /** - * Address we sent the DNS request to. - */ - struct sockaddr_storage addr; - - /** - * When should this request time out? - */ - struct GNUNET_TIME_Absolute timeout; - - /** - * Number of bytes in 'addr'. - */ - socklen_t addrlen; - - /** - * Number of bytes in 'reply'. - */ - size_t reply_length; - - /** - * Original DNS request ID as used by the client. - */ - uint16_t original_id; - - /** - * DNS request ID that we used for forwarding. - */ - uint16_t my_id; -}; - - -/** * Global return value from 'main'. */ static int global_ret; @@ -335,57 +242,14 @@ static struct GNUNET_SERVER_NotificationContext *nc; static struct RequestRecord requests[UINT16_MAX + 1]; /** - * Array of all open requests from tunnels. - */ -static struct TunnelState *tunnels[UINT16_MAX + 1]; - -/** - * Array of all open sockets for DNS requests. - */ -static struct RequestSocket sockets[DNS_SOCKET_MAX]; - -/** * Generator for unique request IDs. */ static uint64_t request_id_gen; /** - * IP address to use for the DNS server if we are a DNS exit service - * (for VPN via mesh); otherwise NULL. - */ -static char *dns_exit; - -/** - * Handle to the MESH service (for receiving DNS queries), or NULL - * if we are not a DNS exit. - */ -static struct GNUNET_MESH_Handle *mesh; - - -/** - * We're done with a RequestSocket, close it for now. - * - * @param rs request socket to clean up + * Handle to the DNS Stub resolver. */ -static void -cleanup_rs (struct RequestSocket *rs) -{ - if (NULL != rs->dnsout4) - { - GNUNET_NETWORK_socket_close (rs->dnsout4); - rs->dnsout4 = NULL; - } - if (NULL != rs->dnsout6) - { - GNUNET_NETWORK_socket_close (rs->dnsout6); - rs->dnsout6 = NULL; - } - if (GNUNET_SCHEDULER_NO_TASK != rs->read_task) - { - GNUNET_SCHEDULER_cancel (rs->read_task); - rs->read_task = GNUNET_SCHEDULER_NO_TASK; - } -} +static struct GNUNET_DNSSTUB_Context *dnsstub; /** @@ -430,64 +294,11 @@ cleanup_task (void *cls GNUNET_UNUSED, GNUNET_STATISTICS_destroy (stats, GNUNET_NO); stats = NULL; } - if (NULL != dns_exit) - { - GNUNET_free (dns_exit); - dns_exit = NULL; - } - if (NULL != mesh) - { - GNUNET_MESH_disconnect(mesh); - mesh = NULL; - } -} - - -/** - * Open source port for sending DNS requests - * - * @param af AF_INET or AF_INET6 - * @return GNUNET_OK on success - */ -static struct GNUNET_NETWORK_Handle * -open_socket (int af) -{ - struct sockaddr_in a4; - struct sockaddr_in6 a6; - struct sockaddr *sa; - socklen_t alen; - struct GNUNET_NETWORK_Handle *ret; - - ret = GNUNET_NETWORK_socket_create (af, SOCK_DGRAM, 0); - if (NULL == ret) - return NULL; - switch (af) - { - case AF_INET: - memset (&a4, 0, alen = sizeof (struct sockaddr_in)); - sa = (struct sockaddr *) &a4; - break; - case AF_INET6: - memset (&a6, 0, alen = sizeof (struct sockaddr_in6)); - sa = (struct sockaddr *) &a6; - break; - default: - GNUNET_break (0); - GNUNET_NETWORK_socket_close (ret); - return NULL; - } - sa->sa_family = af; - if (GNUNET_OK != GNUNET_NETWORK_socket_bind (ret, - sa, - alen)) + if (NULL != dnsstub) { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - _("Could not bind to any port: %s\n"), - STRERROR (errno)); - GNUNET_NETWORK_socket_close (ret); - return NULL; + GNUNET_DNSSTUB_stop (dnsstub); + dnsstub = NULL; } - return ret; } @@ -510,10 +321,16 @@ request_done (struct RequestRecord *rr) if (RP_RESPONSE_MONITOR != rr->phase) { /* no response, drop */ + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Got no response for request %llu, dropping\n", + (unsigned long long) rr->request_id); cleanup_rr (rr); return; } - + + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Transmitting response for request %llu\n", + (unsigned long long) rr->request_id); /* send response via hijacker */ reply_len = sizeof (struct GNUNET_MessageHeader); reply_len += sizeof (struct GNUNET_TUN_Layer2PacketHeader); @@ -664,6 +481,9 @@ send_request_to_client (struct RequestRecord *rr, cleanup_rr (rr); return; } + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Sending information about request %llu to local client\n", + (unsigned long long) rr->request_id); req = (struct GNUNET_DNS_Request*) buf; req->header.type = htons (GNUNET_MESSAGE_TYPE_DNS_CLIENT_REQUEST); req->header.size = htons (sizeof (buf)); @@ -677,70 +497,21 @@ send_request_to_client (struct RequestRecord *rr, } -/** - * Read a DNS response from the (unhindered) UDP-Socket - * - * @param cls socket to read from - * @param tc scheduler context (must be shutdown or read ready) - */ -static void -read_response (void *cls, - const struct GNUNET_SCHEDULER_TaskContext *tc); - /** - * Get a socket of the specified address family to send out a - * UDP DNS request to the Internet. + * Callback called from DNSSTUB resolver when a resolution + * succeeded. * - * @param af desired address family - * @return NULL on error (given AF not "supported") + * @param cls NULL + * @param rs the socket that received the response + * @param dns the response itself + * @param r number of bytes in dns */ -static struct GNUNET_NETWORK_Handle * -get_request_socket (int af) -{ - struct RequestSocket *rs; - struct GNUNET_NETWORK_FDSet *rset; - static struct GNUNET_NETWORK_Handle *ret; - - rs = &sockets[GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, - DNS_SOCKET_MAX)]; - rs->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT); - switch (af) - { - case AF_INET: - if (NULL == rs->dnsout4) - rs->dnsout4 = open_socket (AF_INET); - ret = rs->dnsout4; - break; - case AF_INET6: - if (NULL == rs->dnsout6) - rs->dnsout6 = open_socket (AF_INET6); - ret = rs->dnsout6; - break; - default: - return NULL; - } - if (GNUNET_SCHEDULER_NO_TASK != rs->read_task) - { - GNUNET_SCHEDULER_cancel (rs->read_task); - rs->read_task = GNUNET_SCHEDULER_NO_TASK; - } - if ( (NULL == rs->dnsout4) && - (NULL == rs->dnsout6) ) - return NULL; - rset = GNUNET_NETWORK_fdset_create (); - if (NULL != rs->dnsout4) - GNUNET_NETWORK_fdset_set (rset, rs->dnsout4); - if (NULL != rs->dnsout6) - GNUNET_NETWORK_fdset_set (rset, rs->dnsout6); - rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT, - REQUEST_TIMEOUT, - rset, - NULL, - &read_response, rs); - GNUNET_NETWORK_fdset_destroy (rset); - return ret; -} +static void +process_dns_result (void *cls, + struct GNUNET_DNSSTUB_RequestSocket *rs, + const struct GNUNET_TUN_DnsHeader *dns, + size_t r); /** @@ -777,6 +548,10 @@ next_phase (struct RequestRecord *rr) return; } /* done with current phase, advance! */ + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Request %llu now in phase %d\n", + rr->request_id, + rr->phase); switch (rr->phase) { case RP_INIT: @@ -815,8 +590,14 @@ next_phase (struct RequestRecord *rr) } rr->phase = RP_INTERNET_DNS; - rr->dnsout = get_request_socket (rr->dst_addr.ss_family); - if (NULL == rr->dnsout) + rr->rs = GNUNET_DNSSTUB_resolve (dnsstub, + (struct sockaddr*) &rr->dst_addr, + salen, + rr->payload, + rr->payload_length, + &process_dns_result, + NULL); + if (NULL == rr->rs) { GNUNET_STATISTICS_update (stats, gettext_noop ("# DNS exit failed (failed to open socket)"), @@ -824,12 +605,6 @@ next_phase (struct RequestRecord *rr) cleanup_rr (rr); return; } - GNUNET_NETWORK_socket_sendto (rr->dnsout, - rr->payload, - rr->payload_length, - (struct sockaddr*) &rr->dst_addr, - salen); - rr->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT); return; case RP_INTERNET_DNS: rr->phase = RP_MODIFY; @@ -911,199 +686,45 @@ client_disconnect (void *cls, struct GNUNET_SERVER_Client *client) /** - * We got a reply from DNS for a request of a MESH tunnel. Send it - * via the tunnel (after changing the request ID back). + * Callback called from DNSSTUB resolver when a resolution + * succeeded. * - * @param cls the 'struct TunnelState' - * @param size number of bytes available in buf - * @param buf where to copy the reply - * @return number of bytes written to buf - */ -static size_t -transmit_reply_to_mesh (void *cls, - size_t size, - void *buf) -{ - struct TunnelState *ts = cls; - size_t off; - size_t ret; - char *cbuf = buf; - struct GNUNET_MessageHeader hdr; - struct GNUNET_TUN_DnsHeader dns; - - ts->th = NULL; - GNUNET_assert (ts->reply != NULL); - if (size == 0) - return 0; - ret = sizeof (struct GNUNET_MessageHeader) + ts->reply_length; - GNUNET_assert (ret <= size); - hdr.size = htons (ret); - hdr.type = htons (GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET); - memcpy (&dns, ts->reply, sizeof (dns)); - dns.id = ts->original_id; - off = 0; - memcpy (&cbuf[off], &hdr, sizeof (hdr)); - off += sizeof (hdr); - memcpy (&cbuf[off], &dns, sizeof (dns)); - off += sizeof (dns); - memcpy (&cbuf[off], &ts->reply[sizeof (dns)], ts->reply_length - sizeof (dns)); - off += ts->reply_length - sizeof (dns); - GNUNET_free (ts->reply); - ts->reply = NULL; - ts->reply_length = 0; - GNUNET_assert (ret == off); - return ret; -} - - -/** - * Actually do the reading of a DNS packet from our UDP socket and see - * if we have a valid, matching, pending request. - * - * @param dnsout socket to read from - * @return GNUNET_OK on success, GNUNET_NO on drop, GNUNET_SYSERR on IO-errors (closed socket) - */ -static int -do_dns_read (struct GNUNET_NETWORK_Handle *dnsout) -{ - struct sockaddr_storage addr; - socklen_t addrlen; - struct GNUNET_TUN_DnsHeader *dns; - struct RequestRecord *rr; - struct TunnelState *ts; - ssize_t r; - int len; - -#ifndef MINGW - if (0 != ioctl (GNUNET_NETWORK_get_fd (dnsout), FIONREAD, &len)) - { - /* conservative choice: */ - len = UINT16_MAX; - } -#else - /* port the code above? */ - len = UINT16_MAX; -#endif - - { - unsigned char buf[len] GNUNET_ALIGN; - - addrlen = sizeof (addr); - memset (&addr, 0, sizeof (addr)); - r = GNUNET_NETWORK_socket_recvfrom (dnsout, - buf, sizeof (buf), - (struct sockaddr*) &addr, &addrlen); - if (-1 == r) - { - GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "recvfrom"); - GNUNET_NETWORK_socket_close (dnsout); - return GNUNET_SYSERR; - } - if (sizeof (struct GNUNET_TUN_DnsHeader) > r) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - _("Received DNS response that is too small (%u bytes)"), - r); - return GNUNET_NO; - } - dns = (struct GNUNET_TUN_DnsHeader *) buf; - /* Handle case that this is a reply to a request from a MESH DNS tunnel */ - ts = tunnels[dns->id]; - if ( (NULL == ts) || - (ts->dnsout != dnsout) || - (addrlen != ts->addrlen) || - (0 != memcmp (&ts->addr, - &addr, - addrlen)) || - (0 == GNUNET_TIME_absolute_get_remaining (ts->timeout).rel_value) ) - ts = NULL; /* DNS responder address missmatch */ - if (NULL != ts) - { - tunnels[dns->id] = NULL; - GNUNET_free_non_null (ts->reply); - ts->reply = GNUNET_malloc (r); - ts->reply_length = r; - memcpy (ts->reply, dns, r); - if (ts->th != NULL) - GNUNET_MESH_notify_transmit_ready_cancel (ts->th); - ts->th = GNUNET_MESH_notify_transmit_ready (ts->tunnel, - GNUNET_NO, 0, - GNUNET_TIME_UNIT_FOREVER_REL, - NULL, - sizeof (struct GNUNET_MessageHeader) + r, - &transmit_reply_to_mesh, - ts); - } - /* Handle case that this is a reply to a local request (intercepted from TUN interface) */ - rr = &requests[dns->id]; - if ( (rr->phase != RP_INTERNET_DNS) || - (rr->dnsout != dnsout) || - (0 != memcmp (&rr->dst_addr, - &addr, - addrlen)) || - (0 == GNUNET_TIME_absolute_get_remaining (rr->timeout).rel_value) ) - { - if (NULL == ts) - { - /* unexpected / bogus reply */ - GNUNET_STATISTICS_update (stats, - gettext_noop ("# External DNS response discarded (no matching request)"), - 1, GNUNET_NO); - } - return GNUNET_NO; - } - GNUNET_free_non_null (rr->payload); - rr->payload = GNUNET_malloc (r); - memcpy (rr->payload, buf, r); - rr->payload_length = r; - next_phase (rr); - } - return GNUNET_OK; -} - - -/** - * Read a DNS response from the (unhindered) UDP-Socket - * - * @param cls socket to read from - * @param tc scheduler context (must be shutdown or read ready) + * @param cls NULL + * @param rs the socket that received the response + * @param dns the response itself + * @param r number of bytes in dns */ static void -read_response (void *cls, - const struct GNUNET_SCHEDULER_TaskContext *tc) +process_dns_result (void *cls, + struct GNUNET_DNSSTUB_RequestSocket *rs, + const struct GNUNET_TUN_DnsHeader *dns, + size_t r) { - struct RequestSocket *rs = cls; - struct GNUNET_NETWORK_FDSet *rset; + struct RequestRecord *rr; - rs->read_task = GNUNET_SCHEDULER_NO_TASK; - if (0 == (tc->reason & GNUNET_SCHEDULER_REASON_READ_READY)) + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Processing DNS result from stub resolver\n"); + GNUNET_assert (NULL == cls); + rr = &requests[dns->id]; + if ( (rr->phase != RP_INTERNET_DNS) || + (rr->rs != rs) ) { - /* timeout or shutdown */ - cleanup_rs (rs); - return; + /* unexpected / bogus reply */ + GNUNET_STATISTICS_update (stats, + gettext_noop ("# External DNS response discarded (no matching request)"), + 1, GNUNET_NO); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received DNS reply that does not match any pending request. Dropping.\n"); + return; } - /* read and process ready sockets */ - if ((NULL != rs->dnsout4) && - (GNUNET_NETWORK_fdset_isset (tc->read_ready, rs->dnsout4)) && - (GNUNET_SYSERR == do_dns_read (rs->dnsout4))) - rs->dnsout4 = NULL; - if ((NULL != rs->dnsout6) && - (GNUNET_NETWORK_fdset_isset (tc->read_ready, rs->dnsout6)) && - (GNUNET_SYSERR == do_dns_read (rs->dnsout6))) - rs->dnsout6 = NULL; - - /* re-schedule read task */ - rset = GNUNET_NETWORK_fdset_create (); - if (NULL != rs->dnsout4) - GNUNET_NETWORK_fdset_set (rset, rs->dnsout4); - if (NULL != rs->dnsout6) - GNUNET_NETWORK_fdset_set (rset, rs->dnsout6); - rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT, - GNUNET_TIME_absolute_get_remaining (rs->timeout), - rset, - NULL, - &read_response, rs); - GNUNET_NETWORK_fdset_destroy (rset); + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Got a response from the stub resolver for DNS request %llu intercepted locally!\n", + (unsigned long long) rr->request_id); + GNUNET_free_non_null (rr->payload); + rr->payload = GNUNET_malloc (r); + memcpy (rr->payload, dns, r); + rr->payload_length = r; + next_phase (rr); } @@ -1162,6 +783,9 @@ handle_client_response (void *cls GNUNET_UNUSED, resp = (const struct GNUNET_DNS_Response*) message; off = (uint16_t) resp->request_id; rr = &requests[off]; + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Received DNS response with ID %llu from local client!\n", + (unsigned long long) resp->request_id); if (rr->request_id != resp->request_id) { GNUNET_STATISTICS_update (stats, @@ -1255,6 +879,8 @@ process_helper_messages (void *cls GNUNET_UNUSED, void *client, struct sockaddr_in *dsta4; struct sockaddr_in6 *dsta6; + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Intercepted message via DNS hijacker\n"); msize = ntohs (message->size); if (msize < sizeof (struct GNUNET_MessageHeader) + sizeof (struct GNUNET_TUN_Layer2PacketHeader) + sizeof (struct GNUNET_TUN_IPv4Header)) { @@ -1308,7 +934,8 @@ process_helper_messages (void *cls GNUNET_UNUSED, void *client, ntohs (tun->proto)); return GNUNET_OK; } - if (msize <= sizeof (struct GNUNET_TUN_UdpHeader) + sizeof (struct GNUNET_TUN_DnsHeader)) + if ( (msize <= sizeof (struct GNUNET_TUN_UdpHeader) + sizeof (struct GNUNET_TUN_DnsHeader)) || + (DNS_PORT != ntohs (udp->destination_port)) ) { /* non-DNS packet received on TUN, ignore */ GNUNET_STATISTICS_update (stats, @@ -1375,7 +1002,9 @@ process_helper_messages (void *cls GNUNET_UNUSED, void *client, memcpy (rr->payload, dns, msize); rr->request_id = dns->id | (request_id_gen << 16); request_id_gen++; - + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Creating new DNS request %llu\n", + (unsigned long long) rr->request_id); GNUNET_STATISTICS_update (stats, gettext_noop ("# DNS requests received via TUN interface"), 1, GNUNET_NO); @@ -1386,150 +1015,6 @@ process_helper_messages (void *cls GNUNET_UNUSED, void *client, /** - * Process a request via mesh to perform a DNS query. - * - * @param cls closure, NULL - * @param tunnel connection to the other end - * @param tunnel_ctx pointer to our 'struct TunnelState *' - * @param sender who sent the message - * @param message the actual message - * @param atsi performance data for the connection - * @return GNUNET_OK to keep the connection open, - * GNUNET_SYSERR to close it (signal serious error) - */ -static int -receive_dns_request (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel, - void **tunnel_ctx, - const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED, - const struct GNUNET_MessageHeader *message, - const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED) -{ - struct TunnelState *ts = *tunnel_ctx; - const struct GNUNET_TUN_DnsHeader *dns; - size_t mlen = ntohs (message->size); - size_t dlen = mlen - sizeof (struct GNUNET_MessageHeader); - char buf[dlen] GNUNET_ALIGN; - struct GNUNET_TUN_DnsHeader *dout; - struct sockaddr_in v4; - struct sockaddr_in6 v6; - struct sockaddr *so; - socklen_t salen; - - if (dlen < sizeof (struct GNUNET_TUN_DnsHeader)) - { - GNUNET_break_op (0); - return GNUNET_SYSERR; - } - dns = (const struct GNUNET_TUN_DnsHeader *) &message[1]; - ts->original_id = dns->id; - if (tunnels[ts->my_id] == ts) - tunnels[ts->my_id] = NULL; - ts->my_id = (uint16_t) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, - UINT16_MAX + 1); - tunnels[ts->my_id] = ts; - memcpy (buf, dns, dlen); - dout = (struct GNUNET_TUN_DnsHeader*) buf; - dout->id = ts->my_id; - memset (&v4, 0, sizeof (v4)); - memset (&v6, 0, sizeof (v6)); - if (1 == inet_pton (AF_INET, dns_exit, &v4.sin_addr)) - { - salen = sizeof (v4); - v4.sin_family = AF_INET; - v4.sin_port = htons (53); -#if HAVE_SOCKADDR_IN_SIN_LEN - v4.sin_len = (u_char) salen; -#endif - so = (struct sockaddr *) &v4; - ts->dnsout = get_request_socket (AF_INET); - } - else if (1 == inet_pton (AF_INET6, dns_exit, &v6.sin6_addr)) - { - salen = sizeof (v6); - v6.sin6_family = AF_INET6; - v6.sin6_port = htons (53); -#if HAVE_SOCKADDR_IN_SIN_LEN - v6.sin6_len = (u_char) salen; -#endif - so = (struct sockaddr *) &v6; - ts->dnsout = get_request_socket (AF_INET6); - } - else - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - if (NULL == ts->dnsout) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - _("Configured DNS exit `%s' is not working / valid.\n"), - dns_exit); - return GNUNET_SYSERR; - } - memcpy (&ts->addr, - so, - salen); - ts->addrlen = salen; - GNUNET_NETWORK_socket_sendto (ts->dnsout, - buf, dlen, so, salen); - ts->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT); - return GNUNET_OK; -} - - -/** - * Callback from GNUNET_MESH for new tunnels. - * - * @param cls closure - * @param tunnel new handle to the tunnel - * @param initiator peer that started the tunnel - * @param ats performance information for the tunnel - * @return initial tunnel context for the tunnel - */ -static void * -accept_dns_tunnel (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel, - const struct GNUNET_PeerIdentity *initiator GNUNET_UNUSED, - const struct GNUNET_ATS_Information *ats GNUNET_UNUSED) -{ - struct TunnelState *ts = GNUNET_malloc (sizeof (struct TunnelState)); - - GNUNET_STATISTICS_update (stats, - gettext_noop ("# Inbound MESH tunnels created"), - 1, GNUNET_NO); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Received inbound tunnel from `%s'\n", - GNUNET_i2s (initiator)); - ts->tunnel = tunnel; - return ts; -} - - -/** - * Function called by mesh whenever an inbound tunnel is destroyed. - * Should clean up any associated state. - * - * @param cls closure (set from GNUNET_MESH_connect) - * @param tunnel connection to the other end (henceforth invalid) - * @param tunnel_ctx place where local state associated - * with the tunnel is stored - */ -static void -destroy_dns_tunnel (void *cls GNUNET_UNUSED, - const struct GNUNET_MESH_Tunnel *tunnel, - void *tunnel_ctx) -{ - struct TunnelState *ts = tunnel_ctx; - - if (tunnels[ts->my_id] == ts) - tunnels[ts->my_id] = NULL; - if (NULL != ts->th) - GNUNET_MESH_notify_transmit_ready_cancel (ts->th); - GNUNET_free_non_null (ts->reply); - GNUNET_free (ts); -} - - -/** * @param cls closure * @param server the initialized server * @param cfg_ configuration to use @@ -1552,37 +1037,40 @@ run (void *cls, struct GNUNET_SERVER_Handle *server, char *ipv6prefix; struct in_addr dns_exit4; struct in6_addr dns_exit6; + char *dns_exit; + char *binary; cfg = cfg_; + binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-dns"); if (GNUNET_YES != - GNUNET_OS_check_helper_binary ("gnunet-helper-dns")) + GNUNET_OS_check_helper_binary (binary)) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, _("`%s' must be installed SUID, refusing to run\n"), - "gnunet-helper-dns"); + binary); global_ret = 1; + GNUNET_free (binary); return; } - + GNUNET_free (binary); stats = GNUNET_STATISTICS_create ("dns", cfg); nc = GNUNET_SERVER_notification_context_create (server, 1); GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &cleanup_task, cls); - if ( (GNUNET_YES == - GNUNET_CONFIGURATION_get_value_yesno (cfg_, "dns", "PROVIDE_EXIT")) && - ( (GNUNET_OK != + dns_exit = NULL; + if ( ( (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string (cfg, "dns", "DNS_EXIT", &dns_exit)) || ( (1 != inet_pton (AF_INET, dns_exit, &dns_exit4)) && (1 != inet_pton (AF_INET6, dns_exit, &dns_exit6)) ) ) ) { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - _("Configured to provide DNS exit, but no valid DNS server configured!\n")); + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "dns", "DNS_EXIT", + _("need a valid IPv4 or IPv6 address\n")); GNUNET_free_non_null (dns_exit); dns_exit = NULL; } - + dnsstub = GNUNET_DNSSTUB_start (dns_exit); helper_argv[0] = GNUNET_strdup ("gnunet-dns"); if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg, "dns", "IFNAME", &ifc_name)) @@ -1635,28 +1123,11 @@ run (void *cls, struct GNUNET_SERVER_Handle *server, } helper_argv[5] = ipv4mask; helper_argv[6] = NULL; - - if (NULL != dns_exit) - { - static struct GNUNET_MESH_MessageHandler mesh_handlers[] = { - {&receive_dns_request, GNUNET_MESSAGE_TYPE_VPN_DNS_TO_INTERNET, 0}, - {NULL, 0, 0} - }; - static GNUNET_MESH_ApplicationType mesh_types[] = { - GNUNET_APPLICATION_TYPE_INTERNET_RESOLVER, - GNUNET_APPLICATION_TYPE_END - }; - mesh = GNUNET_MESH_connect (cfg, - 1, NULL, - &accept_dns_tunnel, - &destroy_dns_tunnel, - mesh_handlers, - mesh_types); - } - hijacker = GNUNET_HELPER_start ("gnunet-helper-dns", + hijacker = GNUNET_HELPER_start (GNUNET_NO, + "gnunet-helper-dns", helper_argv, &process_helper_messages, - NULL); + NULL, NULL); GNUNET_SERVER_add_handlers (server, handlers); GNUNET_SERVER_disconnect_notify (server, &client_disconnect, NULL); } @@ -1672,6 +1143,25 @@ run (void *cls, struct GNUNET_SERVER_Handle *server, int main (int argc, char *const *argv) { + /* make use of SGID capabilities on POSIX */ + /* FIXME: this might need a port on systems without 'getresgid' */ +#if HAVE_GETRESGID + gid_t rgid; + gid_t egid; + gid_t sgid; + + if (-1 == getresgid (&rgid, &egid, &sgid)) + { + fprintf (stderr, + "getresgid failed: %s\n", + strerror (errno)); + } + else if (sgid != rgid) + { + if (-1 == setregid (sgid, sgid)) + fprintf (stderr, "setregid failed: %s\n", strerror (errno)); + } +#endif return (GNUNET_OK == GNUNET_SERVICE_run (argc, argv, "dns", GNUNET_SERVICE_OPTION_NONE, &run, NULL)) ? global_ret : 1; diff --git a/src/dns/plugin_block_dns.c b/src/dns/plugin_block_dns.c index da8add5..8ac1ef2 100644 --- a/src/dns/plugin_block_dns.c +++ b/src/dns/plugin_block_dns.c @@ -48,7 +48,7 @@ */ static enum GNUNET_BLOCK_EvaluationResult block_plugin_dns_evaluate (void *cls, enum GNUNET_BLOCK_Type type, - const GNUNET_HashCode * query, + const struct GNUNET_HashCode * query, struct GNUNET_CONTAINER_BloomFilter **bf, int32_t bf_mutator, const void *xquery, size_t xquery_size, const void *reply_block, @@ -124,13 +124,13 @@ block_plugin_dns_evaluate (void *cls, enum GNUNET_BLOCK_Type type, static int block_plugin_dns_get_key (void *cls, enum GNUNET_BLOCK_Type type, const void *block, size_t block_size, - GNUNET_HashCode * key) + struct GNUNET_HashCode * key) { if (type != GNUNET_BLOCK_TYPE_DNS) return GNUNET_SYSERR; const struct GNUNET_DNS_Record *rec = block; - memcpy (key, &rec->service_descriptor, sizeof (GNUNET_HashCode)); + memcpy (key, &rec->service_descriptor, sizeof (struct GNUNET_HashCode)); return GNUNET_OK; } diff --git a/src/dns/test_gnunet_dns.sh b/src/dns/test_gnunet_dns.sh index 35585d4..33dfd6c 100755 --- a/src/dns/test_gnunet_dns.sh +++ b/src/dns/test_gnunet_dns.sh @@ -6,13 +6,39 @@ then echo "This test only works if run as root. Skipping." exit 0 fi +if ! which sudo > /dev/null +then + echo "This test requires sudo. Skipping." + exit 0 +fi +if [ ! -x `which sudo` ] +then + echo "This test requires sudo. Skipping." + exit 0 +fi +if ! which nslookup +then + echo "This test requires nslookup. Skipping." + exit 0 +fi +if [ ! -x `which nslookup` ] +then + echo "This test requires nslookup. Skipping." + exit 0 +fi export PATH=".:$PATH" gnunet-service-dns -c dns.conf & gnunet-dns-redirector -c dns.conf -4 127.0.0.1 & sleep 1 -LO=`nslookup gnunet.org | grep Address | tail -n1` +# need to run 'nslookup' as 'nobody', as gnunet-service-dns runs as root +# and thus 'root' is excepted from DNS interception! +LO=`sudo -u nobody nslookup gnunet.org | grep Address | tail -n1` if [ "$LO" != "Address: 127.0.0.1" ] then - echo "Fail: $LO" + echo "Fail: got address $LO, wanted 127.0.0.1" + ret=1 +else + ret=0 fi kill `jobs -p` +exit $ret |