aboutsummaryrefslogtreecommitdiff
path: root/src/dns
diff options
context:
space:
mode:
authorBertrand Marc <beberking@gmail.com>2013-08-03 13:07:32 +0200
committerBertrand Marc <beberking@gmail.com>2013-08-03 13:07:32 +0200
commit1ae32bc989973c2e8909c3b085d34b2454f92d1e (patch)
treedfde89b41437def7ce23af24db53a11a9b5f1075 /src/dns
parent740b30688bd745a527f96f9116c19acb3480971a (diff)
Imported Upstream version 0.9.5a
Diffstat (limited to 'src/dns')
-rw-r--r--src/dns/Makefile.am28
-rw-r--r--src/dns/Makefile.in269
-rw-r--r--src/dns/dns.conf.in11
-rw-r--r--src/dns/dnsparser.c302
-rw-r--r--src/dns/dnsparser.h195
-rw-r--r--src/dns/dnsstub.c561
-rw-r--r--src/dns/gnunet-dns-monitor.c35
-rw-r--r--src/dns/gnunet-dns-redirector.c16
-rw-r--r--src/dns/gnunet-helper-dns.c88
-rw-r--r--src/dns/gnunet-service-dns.c758
-rw-r--r--src/dns/plugin_block_dns.c6
-rwxr-xr-xsrc/dns/test_gnunet_dns.sh30
12 files changed, 1479 insertions, 820 deletions
diff --git a/src/dns/Makefile.am b/src/dns/Makefile.am
index ed000aa..345c131 100644
--- a/src/dns/Makefile.am
+++ b/src/dns/Makefile.am
@@ -10,6 +10,8 @@ endif
pkgcfgdir= $(pkgdatadir)/config.d/
+libexecdir= $(pkglibdir)/libexec/
+
plugindir = $(libdir)/gnunet
pkgcfg_DATA = \
@@ -18,20 +20,17 @@ pkgcfg_DATA = \
if LINUX
HIJACKBIN = gnunet-helper-dns
install-exec-hook:
- $(SUDO_BINARY) chown root $(bindir)/gnunet-helper-dns || true
- $(SUDO_BINARY) chgrp $(GNUNETDNS_GROUP) $(bindir)/gnunet-helper-dns || true
- $(SUDO_BINARY) chmod 4750 $(bindir)/gnunet-helper-dns || true
- $(SUDO_BINARY) chown gnunet:$(GNUNETDNS_GROUP) $(bindir)/gnunet-service-dns || true
- $(SUDO_BINARY) chmod 2750 $(bindir)/gnunet-service-dns || true
+ $(top_srcdir)/src/dns/install-dns-helper.sh $(libexecdir) $(GNUNETDNS_GROUP) $(SUDO_BINARY) || true
else
install-exec-hook:
endif
lib_LTLIBRARIES = \
libgnunetdnsparser.la \
+ libgnunetdnsstub.la \
libgnunetdns.la
-bin_PROGRAMS = \
+libexec_PROGRAMS = \
gnunet-service-dns $(HIJACKBIN)
noinst_PROGRAMS = \
@@ -74,18 +73,29 @@ gnunet_dns_redirector_DEPENDENCIES = \
gnunet_service_dns_SOURCES = \
gnunet-service-dns.c
gnunet_service_dns_LDADD = \
+ $(top_builddir)/src/dns/libgnunetdnsstub.la \
$(top_builddir)/src/tun/libgnunettun.la \
- $(top_builddir)/src/mesh/libgnunetmesh.la \
$(top_builddir)/src/statistics/libgnunetstatistics.la \
$(top_builddir)/src/util/libgnunetutil.la \
$(GN_LIBINTL)
+gnunet_service_dns_DEPENDENCIES = \
+ libgnunetdnsstub.la
libgnunetdnsparser_la_SOURCES = \
- dnsparser.c
+ dnsparser.c dnsparser.h
libgnunetdnsparser_la_LIBADD = \
- $(top_builddir)/src/util/libgnunetutil.la $(XLIB)
+ $(top_builddir)/src/util/libgnunetutil.la $(XLIB) \
+ -lidn
libgnunetdnsparser_la_LDFLAGS = \
$(GN_LIB_LDFLAGS) \
+ -version-info 1:0:1
+
+libgnunetdnsstub_la_SOURCES = \
+ dnsstub.c
+libgnunetdnsstub_la_LIBADD = \
+ $(top_builddir)/src/util/libgnunetutil.la $(XLIB)
+libgnunetdnsstub_la_LDFLAGS = \
+ $(GN_LIB_LDFLAGS) \
-version-info 0:0:0
libgnunetdns_la_SOURCES = \
diff --git a/src/dns/Makefile.in b/src/dns/Makefile.in
index 3a717ab..5047c5c 100644
--- a/src/dns/Makefile.in
+++ b/src/dns/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11.6 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -18,6 +18,23 @@
VPATH = @srcdir@
+am__make_dryrun = \
+ { \
+ am__dry=no; \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \
+ | grep '^AM OK$$' >/dev/null || am__dry=yes;; \
+ *) \
+ for am__flg in $$MAKEFLAGS; do \
+ case $$am__flg in \
+ *=*|--*) ;; \
+ *n*) am__dry=yes; break;; \
+ esac; \
+ done;; \
+ esac; \
+ test $$am__dry = yes; \
+ }
pkgdatadir = $(datadir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
@@ -37,7 +54,7 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
target_triplet = @target@
-bin_PROGRAMS = gnunet-service-dns$(EXEEXT) $(am__EXEEXT_1)
+libexec_PROGRAMS = gnunet-service-dns$(EXEEXT) $(am__EXEEXT_1)
noinst_PROGRAMS = gnunet-dns-monitor$(EXEEXT) \
gnunet-dns-redirector$(EXEEXT)
@ENABLE_TEST_RUN_TRUE@TESTS = $(check_SCRIPTS)
@@ -47,14 +64,15 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/absolute-header.m4 \
$(top_srcdir)/m4/align.m4 $(top_srcdir)/m4/argz.m4 \
- $(top_srcdir)/m4/gettext.m4 $(top_srcdir)/m4/iconv.m4 \
- $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
- $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libcurl.m4 \
- $(top_srcdir)/m4/libgcrypt.m4 $(top_srcdir)/m4/libtool.m4 \
- $(top_srcdir)/m4/libunistring.m4 $(top_srcdir)/m4/ltdl.m4 \
- $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
- $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
- $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
+ $(top_srcdir)/m4/gettext.m4 $(top_srcdir)/m4/glib-2.0.m4 \
+ $(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
+ $(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
+ $(top_srcdir)/m4/libcurl.m4 $(top_srcdir)/m4/libgcrypt.m4 \
+ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/libunistring.m4 \
+ $(top_srcdir)/m4/ltdl.m4 $(top_srcdir)/m4/ltoptions.m4 \
+ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+ $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/nls.m4 \
+ $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
@@ -84,16 +102,22 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(plugindir)" \
- "$(DESTDIR)$(bindir)" "$(DESTDIR)$(pkgcfgdir)"
+ "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(pkgcfgdir)"
LTLIBRARIES = $(lib_LTLIBRARIES) $(plugin_LTLIBRARIES)
libgnunet_plugin_block_dns_la_DEPENDENCIES = \
$(top_builddir)/src/util/libgnunetutil.la
am_libgnunet_plugin_block_dns_la_OBJECTS = plugin_block_dns.lo
libgnunet_plugin_block_dns_la_OBJECTS = \
$(am_libgnunet_plugin_block_dns_la_OBJECTS)
-AM_V_lt = $(am__v_lt_$(V))
-am__v_lt_ = $(am__v_lt_$(AM_DEFAULT_VERBOSITY))
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
libgnunet_plugin_block_dns_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
@@ -115,8 +139,16 @@ libgnunetdnsparser_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
$(AM_CFLAGS) $(CFLAGS) $(libgnunetdnsparser_la_LDFLAGS) \
$(LDFLAGS) -o $@
+libgnunetdnsstub_la_DEPENDENCIES = \
+ $(top_builddir)/src/util/libgnunetutil.la
+am_libgnunetdnsstub_la_OBJECTS = dnsstub.lo
+libgnunetdnsstub_la_OBJECTS = $(am_libgnunetdnsstub_la_OBJECTS)
+libgnunetdnsstub_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+ $(AM_CFLAGS) $(CFLAGS) $(libgnunetdnsstub_la_LDFLAGS) \
+ $(LDFLAGS) -o $@
@LINUX_TRUE@am__EXEEXT_1 = gnunet-helper-dns$(EXEEXT)
-PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS)
+PROGRAMS = $(libexec_PROGRAMS) $(noinst_PROGRAMS)
am_gnunet_dns_monitor_OBJECTS = gnunet-dns-monitor.$(OBJEXT)
gnunet_dns_monitor_OBJECTS = $(am_gnunet_dns_monitor_OBJECTS)
am__DEPENDENCIES_1 =
@@ -127,12 +159,6 @@ gnunet_helper_dns_OBJECTS = $(am_gnunet_helper_dns_OBJECTS)
gnunet_helper_dns_LDADD = $(LDADD)
am_gnunet_service_dns_OBJECTS = gnunet-service-dns.$(OBJEXT)
gnunet_service_dns_OBJECTS = $(am_gnunet_service_dns_OBJECTS)
-gnunet_service_dns_DEPENDENCIES = \
- $(top_builddir)/src/tun/libgnunettun.la \
- $(top_builddir)/src/mesh/libgnunetmesh.la \
- $(top_builddir)/src/statistics/libgnunetstatistics.la \
- $(top_builddir)/src/util/libgnunetutil.la \
- $(am__DEPENDENCIES_1)
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -143,30 +169,37 @@ LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
$(AM_CFLAGS) $(CFLAGS)
-AM_V_CC = $(am__v_CC_$(V))
-am__v_CC_ = $(am__v_CC_$(AM_DEFAULT_VERBOSITY))
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
am__v_CC_0 = @echo " CC " $@;
-AM_V_at = $(am__v_at_$(V))
-am__v_at_ = $(am__v_at_$(AM_DEFAULT_VERBOSITY))
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
am__v_at_0 = @
CCLD = $(CC)
LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
-AM_V_CCLD = $(am__v_CCLD_$(V))
-am__v_CCLD_ = $(am__v_CCLD_$(AM_DEFAULT_VERBOSITY))
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
am__v_CCLD_0 = @echo " CCLD " $@;
-AM_V_GEN = $(am__v_GEN_$(V))
-am__v_GEN_ = $(am__v_GEN_$(AM_DEFAULT_VERBOSITY))
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
am__v_GEN_0 = @echo " GEN " $@;
SOURCES = $(libgnunet_plugin_block_dns_la_SOURCES) \
$(libgnunetdns_la_SOURCES) $(libgnunetdnsparser_la_SOURCES) \
- $(gnunet_dns_monitor_SOURCES) $(gnunet_dns_redirector_SOURCES) \
- $(gnunet_helper_dns_SOURCES) $(gnunet_service_dns_SOURCES)
+ $(libgnunetdnsstub_la_SOURCES) $(gnunet_dns_monitor_SOURCES) \
+ $(gnunet_dns_redirector_SOURCES) $(gnunet_helper_dns_SOURCES) \
+ $(gnunet_service_dns_SOURCES)
DIST_SOURCES = $(libgnunet_plugin_block_dns_la_SOURCES) \
$(libgnunetdns_la_SOURCES) $(libgnunetdnsparser_la_SOURCES) \
- $(gnunet_dns_monitor_SOURCES) $(gnunet_dns_redirector_SOURCES) \
- $(gnunet_helper_dns_SOURCES) $(gnunet_service_dns_SOURCES)
+ $(libgnunetdnsstub_la_SOURCES) $(gnunet_dns_monitor_SOURCES) \
+ $(gnunet_dns_redirector_SOURCES) $(gnunet_helper_dns_SOURCES) \
+ $(gnunet_service_dns_SOURCES)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
DATA = $(pkgcfg_DATA)
ETAGS = etags
CTAGS = ctags
@@ -208,6 +241,10 @@ EXEEXT = @EXEEXT@
EXT_LIBS = @EXT_LIBS@
EXT_LIB_PATH = @EXT_LIB_PATH@
FGREP = @FGREP@
+GLIB_CFLAGS = @GLIB_CFLAGS@
+GLIB_GENMARSHAL = @GLIB_GENMARSHAL@
+GLIB_LIBS = @GLIB_LIBS@
+GLIB_MKENUMS = @GLIB_MKENUMS@
GMSGFMT = @GMSGFMT@
GMSGFMT_015 = @GMSGFMT_015@
GNUNETDNS_GROUP = @GNUNETDNS_GROUP@
@@ -218,6 +255,7 @@ GN_LIBINTL = @GN_LIBINTL@
GN_LIB_LDFLAGS = @GN_LIB_LDFLAGS@
GN_PLUGIN_LDFLAGS = @GN_PLUGIN_LDFLAGS@
GN_USER_HOME_DIR = @GN_USER_HOME_DIR@
+GOBJECT_QUERY = @GOBJECT_QUERY@
GREP = @GREP@
HAVE_LIBUNISTRING = @HAVE_LIBUNISTRING@
INCLTDL = @INCLTDL@
@@ -240,6 +278,8 @@ LIBCURL_CPPFLAGS = @LIBCURL_CPPFLAGS@
LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@
LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@
LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@
+LIBGTOP_CFLAGS = @LIBGTOP_CFLAGS@
+LIBGTOP_LIBS = @LIBGTOP_LIBS@
LIBICONV = @LIBICONV@
LIBINTL = @LIBINTL@
LIBLTDL = @LIBLTDL@
@@ -261,6 +301,7 @@ LT_CONFIG_H = @LT_CONFIG_H@
LT_DLLOADERS = @LT_DLLOADERS@
LT_DLPREOPEN = @LT_DLPREOPEN@
MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
MONKEYPREFIX = @MONKEYPREFIX@
MSGFMT = @MSGFMT@
@@ -270,6 +311,7 @@ MYSQL_CPPFLAGS = @MYSQL_CPPFLAGS@
MYSQL_LDFLAGS = @MYSQL_LDFLAGS@
NM = @NM@
NMEDIT = @NMEDIT@
+NSS_DIR = @NSS_DIR@
OBJC = @OBJC@
OBJCDEPMODE = @OBJCDEPMODE@
OBJCFLAGS = @OBJCFLAGS@
@@ -285,6 +327,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
+PKG_CONFIG = @PKG_CONFIG@
POSTGRES_CPPFLAGS = @POSTGRES_CPPFLAGS@
POSTGRES_LDFLAGS = @POSTGRES_LDFLAGS@
POSUB = @POSUB@
@@ -316,6 +359,7 @@ abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
@@ -338,6 +382,7 @@ datarootdir = @datarootdir@
docdir = @docdir@
dvidir = @dvidir@
exec_prefix = @exec_prefix@
+gitcommand = @gitcommand@
host = @host@
host_alias = @host_alias@
host_cpu = @host_cpu@
@@ -348,10 +393,9 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
-libexecdir = @libexecdir@
+libexecdir = $(pkglibdir)/libexec/
localedir = @localedir@
localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
ltdl_LIBOBJS = @ltdl_LIBOBJS@
ltdl_LTLIBOBJS = @ltdl_LTLIBOBJS@
mandir = @mandir@
@@ -369,6 +413,7 @@ sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
subdirs = @subdirs@
+svnversioncommand = @svnversioncommand@
sys_symbol_underscore = @sys_symbol_underscore@
sysconfdir = @sysconfdir@
target = @target@
@@ -390,6 +435,7 @@ pkgcfg_DATA = \
@LINUX_TRUE@HIJACKBIN = gnunet-helper-dns
lib_LTLIBRARIES = \
libgnunetdnsparser.la \
+ libgnunetdnsstub.la \
libgnunetdns.la
plugin_LTLIBRARIES = \
@@ -431,20 +477,34 @@ gnunet_service_dns_SOURCES = \
gnunet-service-dns.c
gnunet_service_dns_LDADD = \
+ $(top_builddir)/src/dns/libgnunetdnsstub.la \
$(top_builddir)/src/tun/libgnunettun.la \
- $(top_builddir)/src/mesh/libgnunetmesh.la \
$(top_builddir)/src/statistics/libgnunetstatistics.la \
$(top_builddir)/src/util/libgnunetutil.la \
$(GN_LIBINTL)
+gnunet_service_dns_DEPENDENCIES = \
+ libgnunetdnsstub.la
+
libgnunetdnsparser_la_SOURCES = \
- dnsparser.c
+ dnsparser.c dnsparser.h
libgnunetdnsparser_la_LIBADD = \
- $(top_builddir)/src/util/libgnunetutil.la $(XLIB)
+ $(top_builddir)/src/util/libgnunetutil.la $(XLIB) \
+ -lidn
libgnunetdnsparser_la_LDFLAGS = \
$(GN_LIB_LDFLAGS) \
+ -version-info 1:0:1
+
+libgnunetdnsstub_la_SOURCES = \
+ dnsstub.c
+
+libgnunetdnsstub_la_LIBADD = \
+ $(top_builddir)/src/util/libgnunetutil.la $(XLIB)
+
+libgnunetdnsstub_la_LDFLAGS = \
+ $(GN_LIB_LDFLAGS) \
-version-info 0:0:0
libgnunetdns_la_SOURCES = \
@@ -507,7 +567,6 @@ dns.conf: $(top_builddir)/config.status $(srcdir)/dns.conf.in
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@$(NORMAL_INSTALL)
- test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
list2=; for p in $$list; do \
if test -f $$p; then \
@@ -515,6 +574,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
else :; fi; \
done; \
test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
}
@@ -538,7 +599,6 @@ clean-libLTLIBRARIES:
done
install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
@$(NORMAL_INSTALL)
- test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
@list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
list2=; for p in $$list; do \
if test -f $$p; then \
@@ -546,6 +606,8 @@ install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
else :; fi; \
done; \
test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(plugindir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(plugindir)" || exit 1; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \
}
@@ -567,16 +629,21 @@ clean-pluginLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
-libgnunet_plugin_block_dns.la: $(libgnunet_plugin_block_dns_la_OBJECTS) $(libgnunet_plugin_block_dns_la_DEPENDENCIES)
+libgnunet_plugin_block_dns.la: $(libgnunet_plugin_block_dns_la_OBJECTS) $(libgnunet_plugin_block_dns_la_DEPENDENCIES) $(EXTRA_libgnunet_plugin_block_dns_la_DEPENDENCIES)
$(AM_V_CCLD)$(libgnunet_plugin_block_dns_la_LINK) -rpath $(plugindir) $(libgnunet_plugin_block_dns_la_OBJECTS) $(libgnunet_plugin_block_dns_la_LIBADD) $(LIBS)
-libgnunetdns.la: $(libgnunetdns_la_OBJECTS) $(libgnunetdns_la_DEPENDENCIES)
+libgnunetdns.la: $(libgnunetdns_la_OBJECTS) $(libgnunetdns_la_DEPENDENCIES) $(EXTRA_libgnunetdns_la_DEPENDENCIES)
$(AM_V_CCLD)$(libgnunetdns_la_LINK) -rpath $(libdir) $(libgnunetdns_la_OBJECTS) $(libgnunetdns_la_LIBADD) $(LIBS)
-libgnunetdnsparser.la: $(libgnunetdnsparser_la_OBJECTS) $(libgnunetdnsparser_la_DEPENDENCIES)
+libgnunetdnsparser.la: $(libgnunetdnsparser_la_OBJECTS) $(libgnunetdnsparser_la_DEPENDENCIES) $(EXTRA_libgnunetdnsparser_la_DEPENDENCIES)
$(AM_V_CCLD)$(libgnunetdnsparser_la_LINK) -rpath $(libdir) $(libgnunetdnsparser_la_OBJECTS) $(libgnunetdnsparser_la_LIBADD) $(LIBS)
-install-binPROGRAMS: $(bin_PROGRAMS)
+libgnunetdnsstub.la: $(libgnunetdnsstub_la_OBJECTS) $(libgnunetdnsstub_la_DEPENDENCIES) $(EXTRA_libgnunetdnsstub_la_DEPENDENCIES)
+ $(AM_V_CCLD)$(libgnunetdnsstub_la_LINK) -rpath $(libdir) $(libgnunetdnsstub_la_OBJECTS) $(libgnunetdnsstub_la_LIBADD) $(LIBS)
+install-libexecPROGRAMS: $(libexec_PROGRAMS)
@$(NORMAL_INSTALL)
- test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)"
- @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \
+ @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libexecdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libexecdir)" || exit 1; \
+ fi; \
for p in $$list; do echo "$$p $$p"; done | \
sed 's/$(EXEEXT)$$//' | \
while read p p1; do if test -f $$p || test -f $$p1; \
@@ -593,23 +660,23 @@ install-binPROGRAMS: $(bin_PROGRAMS)
while read type dir files; do \
if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \
test -z "$$files" || { \
- echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \
- $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \
} \
; done
-uninstall-binPROGRAMS:
+uninstall-libexecPROGRAMS:
@$(NORMAL_UNINSTALL)
- @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \
+ @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \
files=`for p in $$list; do echo "$$p"; done | \
sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \
-e 's/$$/$(EXEEXT)/' `; \
test -n "$$list" || exit 0; \
- echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \
- cd "$(DESTDIR)$(bindir)" && rm -f $$files
+ echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \
+ cd "$(DESTDIR)$(libexecdir)" && rm -f $$files
-clean-binPROGRAMS:
- @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \
+clean-libexecPROGRAMS:
+ @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \
echo " rm -f" $$list; \
rm -f $$list || exit $$?; \
test -n "$(EXEEXT)" || exit 0; \
@@ -625,16 +692,16 @@ clean-noinstPROGRAMS:
list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
echo " rm -f" $$list; \
rm -f $$list
-gnunet-dns-monitor$(EXEEXT): $(gnunet_dns_monitor_OBJECTS) $(gnunet_dns_monitor_DEPENDENCIES)
+gnunet-dns-monitor$(EXEEXT): $(gnunet_dns_monitor_OBJECTS) $(gnunet_dns_monitor_DEPENDENCIES) $(EXTRA_gnunet_dns_monitor_DEPENDENCIES)
@rm -f gnunet-dns-monitor$(EXEEXT)
$(AM_V_CCLD)$(LINK) $(gnunet_dns_monitor_OBJECTS) $(gnunet_dns_monitor_LDADD) $(LIBS)
-gnunet-dns-redirector$(EXEEXT): $(gnunet_dns_redirector_OBJECTS) $(gnunet_dns_redirector_DEPENDENCIES)
+gnunet-dns-redirector$(EXEEXT): $(gnunet_dns_redirector_OBJECTS) $(gnunet_dns_redirector_DEPENDENCIES) $(EXTRA_gnunet_dns_redirector_DEPENDENCIES)
@rm -f gnunet-dns-redirector$(EXEEXT)
$(AM_V_CCLD)$(LINK) $(gnunet_dns_redirector_OBJECTS) $(gnunet_dns_redirector_LDADD) $(LIBS)
-gnunet-helper-dns$(EXEEXT): $(gnunet_helper_dns_OBJECTS) $(gnunet_helper_dns_DEPENDENCIES)
+gnunet-helper-dns$(EXEEXT): $(gnunet_helper_dns_OBJECTS) $(gnunet_helper_dns_DEPENDENCIES) $(EXTRA_gnunet_helper_dns_DEPENDENCIES)
@rm -f gnunet-helper-dns$(EXEEXT)
$(AM_V_CCLD)$(LINK) $(gnunet_helper_dns_OBJECTS) $(gnunet_helper_dns_LDADD) $(LIBS)
-gnunet-service-dns$(EXEEXT): $(gnunet_service_dns_OBJECTS) $(gnunet_service_dns_DEPENDENCIES)
+gnunet-service-dns$(EXEEXT): $(gnunet_service_dns_OBJECTS) $(gnunet_service_dns_DEPENDENCIES) $(EXTRA_gnunet_service_dns_DEPENDENCIES)
@rm -f gnunet-service-dns$(EXEEXT)
$(AM_V_CCLD)$(LINK) $(gnunet_service_dns_OBJECTS) $(gnunet_service_dns_LDADD) $(LIBS)
@@ -646,6 +713,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dns_api.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dnsparser.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dnsstub.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gnunet-dns-monitor.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gnunet-dns-redirector.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gnunet-helper-dns.Po@am__quote@
@@ -655,26 +723,23 @@ distclean-compile:
.c.o:
@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $<
.c.obj:
@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
.c.lo:
@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
-@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
mostlyclean-libtool:
-rm -f *.lo
@@ -683,8 +748,11 @@ clean-libtool:
-rm -rf .libs _libs
install-pkgcfgDATA: $(pkgcfg_DATA)
@$(NORMAL_INSTALL)
- test -z "$(pkgcfgdir)" || $(MKDIR_P) "$(DESTDIR)$(pkgcfgdir)"
@list='$(pkgcfg_DATA)'; test -n "$(pkgcfgdir)" || list=; \
+ if test -n "$$list"; then \
+ echo " $(MKDIR_P) '$(DESTDIR)$(pkgcfgdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(pkgcfgdir)" || exit 1; \
+ fi; \
for p in $$list; do \
if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
echo "$$d$$p"; \
@@ -698,9 +766,7 @@ uninstall-pkgcfgDATA:
@$(NORMAL_UNINSTALL)
@list='$(pkgcfg_DATA)'; test -n "$(pkgcfgdir)" || list=; \
files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
- test -n "$$files" || exit 0; \
- echo " ( cd '$(DESTDIR)$(pkgcfgdir)' && rm -f" $$files ")"; \
- cd "$(DESTDIR)$(pkgcfgdir)" && rm -f $$files
+ dir='$(DESTDIR)$(pkgcfgdir)'; $(am__uninstall_files_from_dir)
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
@@ -835,14 +901,15 @@ check-TESTS: $(TESTS)
fi; \
dashes=`echo "$$dashes" | sed s/./=/g`; \
if test "$$failed" -eq 0; then \
- echo "$$grn$$dashes"; \
+ col="$$grn"; \
else \
- echo "$$red$$dashes"; \
+ col="$$red"; \
fi; \
- echo "$$banner"; \
- test -z "$$skipped" || echo "$$skipped"; \
- test -z "$$report" || echo "$$report"; \
- echo "$$dashes$$std"; \
+ echo "$${col}$$dashes$${std}"; \
+ echo "$${col}$$banner$${std}"; \
+ test -z "$$skipped" || echo "$${col}$$skipped$${std}"; \
+ test -z "$$report" || echo "$${col}$$report$${std}"; \
+ echo "$${col}$$dashes$${std}"; \
test "$$failed" -eq 0; \
else :; fi
@@ -881,10 +948,8 @@ check-am: all-am
$(MAKE) $(AM_MAKEFLAGS) check-TESTS
check: check-am
all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(DATA)
-install-binPROGRAMS: install-libLTLIBRARIES
-
installdirs:
- for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(pkgcfgdir)"; do \
+ for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(pkgcfgdir)"; do \
test -z "$$dir" || $(MKDIR_P) "$$dir"; \
done
install: install-am
@@ -897,10 +962,15 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
- install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
- `test -z '$(STRIP)' || \
- echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
mostlyclean-generic:
clean-generic:
@@ -914,7 +984,7 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \
+clean-am: clean-generic clean-libLTLIBRARIES clean-libexecPROGRAMS \
clean-libtool clean-noinstPROGRAMS clean-pluginLTLIBRARIES \
mostlyclean-am
@@ -942,7 +1012,7 @@ install-dvi: install-dvi-am
install-dvi-am:
-install-exec-am: install-binPROGRAMS install-libLTLIBRARIES
+install-exec-am: install-libLTLIBRARIES install-libexecPROGRAMS
@$(NORMAL_INSTALL)
$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
install-html: install-html-am
@@ -983,35 +1053,32 @@ ps: ps-am
ps-am:
-uninstall-am: uninstall-binPROGRAMS uninstall-libLTLIBRARIES \
+uninstall-am: uninstall-libLTLIBRARIES uninstall-libexecPROGRAMS \
uninstall-pkgcfgDATA uninstall-pluginLTLIBRARIES
.MAKE: check-am install-am install-exec-am install-strip
.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \
- clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \
+ clean-generic clean-libLTLIBRARIES clean-libexecPROGRAMS \
clean-libtool clean-noinstPROGRAMS clean-pluginLTLIBRARIES \
ctags distclean distclean-compile distclean-generic \
distclean-libtool distclean-tags distdir dvi dvi-am html \
- html-am info info-am install install-am install-binPROGRAMS \
- install-data install-data-am install-dvi install-dvi-am \
- install-exec install-exec-am install-exec-hook install-html \
- install-html-am install-info install-info-am \
- install-libLTLIBRARIES install-man install-pdf install-pdf-am \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-exec-hook install-html install-html-am \
+ install-info install-info-am install-libLTLIBRARIES \
+ install-libexecPROGRAMS install-man install-pdf install-pdf-am \
install-pkgcfgDATA install-pluginLTLIBRARIES install-ps \
install-ps-am install-strip installcheck installcheck-am \
installdirs maintainer-clean maintainer-clean-generic \
mostlyclean mostlyclean-compile mostlyclean-generic \
mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \
- uninstall-am uninstall-binPROGRAMS uninstall-libLTLIBRARIES \
- uninstall-pkgcfgDATA uninstall-pluginLTLIBRARIES
+ uninstall-am uninstall-libLTLIBRARIES \
+ uninstall-libexecPROGRAMS uninstall-pkgcfgDATA \
+ uninstall-pluginLTLIBRARIES
@LINUX_TRUE@install-exec-hook:
-@LINUX_TRUE@ $(SUDO_BINARY) chown root $(bindir)/gnunet-helper-dns || true
-@LINUX_TRUE@ $(SUDO_BINARY) chgrp $(GNUNETDNS_GROUP) $(bindir)/gnunet-helper-dns || true
-@LINUX_TRUE@ $(SUDO_BINARY) chmod 4750 $(bindir)/gnunet-helper-dns || true
-@LINUX_TRUE@ $(SUDO_BINARY) chown gnunet:$(GNUNETDNS_GROUP) $(bindir)/gnunet-service-dns || true
-@LINUX_TRUE@ $(SUDO_BINARY) chmod 2750 $(bindir)/gnunet-service-dns || true
+@LINUX_TRUE@ $(top_srcdir)/src/dns/install-dns-helper.sh $(libexecdir) $(GNUNETDNS_GROUP) $(SUDO_BINARY) || true
@LINUX_FALSE@install-exec-hook:
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/dns/dns.conf.in b/src/dns/dns.conf.in
index d2c6795..7944b41 100644
--- a/src/dns/dns.conf.in
+++ b/src/dns/dns.conf.in
@@ -2,7 +2,6 @@
AUTOSTART = YES
HOSTNAME = localhost
HOME = $SERVICEHOME
-CONFIG = $DEFAULTCONFIG
BINARY = gnunet-service-dns
UNIXPATH = /tmp/gnunet-service-dns.sock
@@ -16,14 +15,6 @@ UNIX_MATCH_GID = YES
# we never use it, even if @UNIXONLY@ is not set (just to be safe)
@UNIXONLY@ PORT = 0
-# This option should be set to YES to allow the DNS service to
-# perform lookups against the locally configured DNS resolver.
-# (set to "NO" if no normal ISP is locally available and thus
-# requests for normal ".com"/".org"/etc. must be routed via
-# the GNUnet VPN (the GNUNET PT daemon then needs to be configured
-# to intercept and route DNS queries via mesh).
-PROVIDE_EXIT = YES
-
# Name of the virtual interface we use to intercept DNS traffic.
IFNAME = gnunet-dns
@@ -40,5 +31,5 @@ IPV4MASK = 255.255.0.0
# of a DNS resolver to use. Only works if "PROVIDE_EXIT" is also set to YES. Must absolutely
# NOT be an address of any of GNUnet's virtual tunnel interfaces. Use a well-known
# public DNS resolver or your ISP's resolver from /etc/resolv.conf.
-# DNS_EXIT = 8.8.8.8
+DNS_EXIT = 8.8.8.8
diff --git a/src/dns/dnsparser.c b/src/dns/dnsparser.c
index 0e658bd..6ddfebb 100644
--- a/src/dns/dnsparser.c
+++ b/src/dns/dnsparser.c
@@ -25,47 +25,80 @@
* @author Christian Grothoff
*/
#include "platform.h"
+#include <idna.h>
+#if WINDOWS
+#include <idn-free.h>
+#endif
#include "gnunet_util_lib.h"
#include "gnunet_dnsparser_lib.h"
+#include "dnsparser.h"
-// DNS-Stuff
-GNUNET_NETWORK_STRUCT_BEGIN
-/* FIXME: replace this one with the one from tcpip_tun.h! */
-struct GNUNET_TUN_DnsHeader
-{
- uint16_t id GNUNET_PACKED;
- struct GNUNET_DNSPARSER_Flags flags;
- uint16_t query_count GNUNET_PACKED; // number of questions
- uint16_t answer_rcount GNUNET_PACKED; // number of answers
- uint16_t authority_rcount GNUNET_PACKED; // number of authority-records
- uint16_t additional_rcount GNUNET_PACKED; // number of additional records
-};
-
-struct query_line
+/**
+ * Check if a label in UTF-8 format can be coded into valid IDNA.
+ * This can fail if the ASCII-conversion becomes longer than 63 characters.
+ *
+ * @param label label to check (UTF-8 string)
+ * @return GNUNET_OK if the label can be converted to IDNA,
+ * GNUNET_SYSERR if the label is not valid for DNS names
+ */
+int
+GNUNET_DNSPARSER_check_label (const char *label)
{
- uint16_t type GNUNET_PACKED;
- uint16_t class GNUNET_PACKED;
-};
+ char *output;
+ size_t slen;
+
+ if (NULL != strchr (label, '.'))
+ return GNUNET_SYSERR; /* not a label! Did you mean GNUNET_DNSPARSER_check_name? */
+ if (IDNA_SUCCESS !=
+ idna_to_ascii_8z (label, &output, IDNA_USE_STD3_ASCII_RULES))
+ return GNUNET_SYSERR;
+ slen = strlen (output);
+#if WINDOWS
+ idn_free (output);
+#else
+ free (output);
+#endif
+ return (slen > 63) ? GNUNET_SYSERR : GNUNET_OK;
+}
-struct record_line
-{
- uint16_t type GNUNET_PACKED;
- uint16_t class GNUNET_PACKED;
- uint32_t ttl GNUNET_PACKED;
- uint16_t data_len GNUNET_PACKED;
-};
-struct soa_data
+/**
+ * Check if a label in UTF-8 format can be coded into valid IDNA.
+ * This can fail if the ASCII-conversion becomes longer than 253 characters.
+ *
+ * @param name name to check (UTF-8 string)
+ * @return GNUNET_OK if the label can be converted to IDNA,
+ * GNUNET_SYSERR if the label is not valid for DNS names
+ */
+int
+GNUNET_DNSPARSER_check_name (const char *name)
{
- uint32_t serial GNUNET_PACKED;
- uint32_t refresh GNUNET_PACKED;
- uint32_t retry GNUNET_PACKED;
- uint32_t expire GNUNET_PACKED;
- uint32_t minimum GNUNET_PACKED;
-};
-
-GNUNET_NETWORK_STRUCT_END
+ char *ldup;
+ char *output;
+ size_t slen;
+ char *tok;
+
+ ldup = GNUNET_strdup (name);
+ for (tok = strtok (ldup, "."); NULL != tok; tok = strtok (NULL, "."))
+ if (GNUNET_OK !=
+ GNUNET_DNSPARSER_check_label (tok))
+ {
+ GNUNET_free (ldup);
+ return GNUNET_SYSERR;
+ }
+ GNUNET_free (ldup);
+ if (IDNA_SUCCESS !=
+ idna_to_ascii_8z (name, &output, IDNA_USE_STD3_ASCII_RULES))
+ return GNUNET_SYSERR;
+ slen = strlen (output);
+#if WINDOWS
+ idn_free (output);
+#else
+ free (output);
+#endif
+ return (slen > 253) ? GNUNET_SYSERR : GNUNET_OK;
+}
/**
@@ -90,6 +123,8 @@ parse_name (const char *udp_payload,
char *xstr;
uint8_t len;
size_t xoff;
+ char *utf8;
+ Idna_rc rc;
ret = GNUNET_strdup ("");
while (1)
@@ -107,10 +142,36 @@ parse_name (const char *udp_payload,
if (*off + 1 + len > udp_payload_length)
goto error;
GNUNET_asprintf (&tmp,
- "%s%.*s.",
- ret,
+ "%.*s",
(int) len,
&udp_payload[*off + 1]);
+ if (IDNA_SUCCESS !=
+ (rc = idna_to_unicode_8z8z (tmp, &utf8, IDNA_USE_STD3_ASCII_RULES)))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ _("Failed to convert DNS IDNA name `%s' to UTF-8: %s\n"),
+ tmp,
+ idna_strerror (rc));
+ GNUNET_free (tmp);
+ GNUNET_asprintf (&tmp,
+ "%s%.*s.",
+ ret,
+ (int) len,
+ &udp_payload[*off + 1]);
+ }
+ else
+ {
+ GNUNET_free (tmp);
+ GNUNET_asprintf (&tmp,
+ "%s%s.",
+ ret,
+ utf8);
+#if WINDOWS
+ idn_free (utf8);
+#else
+ free (utf8);
+#endif
+ }
GNUNET_free (ret);
ret = tmp;
*off += 1 + len;
@@ -214,6 +275,9 @@ parse_record (const char *udp_payload,
struct soa_data soa;
uint16_t mxpref;
uint16_t data_len;
+ struct srv_data srv;
+ char *ndup;
+ char *tok;
name = parse_name (udp_payload,
udp_payload_length,
@@ -282,6 +346,50 @@ parse_record (const char *udp_payload,
if (old_off + data_len != *off)
return GNUNET_SYSERR;
return GNUNET_OK;
+ case GNUNET_DNSPARSER_TYPE_SRV:
+ if ('_' != *r->name)
+ return GNUNET_SYSERR; /* all valid srv names must start with "_" */
+ if (NULL == strstr (r->name, "._"))
+ return GNUNET_SYSERR; /* necessary string from "._$PROTO" not present */
+ old_off = *off;
+ if (*off + sizeof (struct srv_data) > udp_payload_length)
+ return GNUNET_SYSERR;
+ memcpy (&srv, &udp_payload[*off], sizeof (struct srv_data));
+ (*off) += sizeof (struct srv_data);
+ r->data.srv = GNUNET_malloc (sizeof (struct GNUNET_DNSPARSER_SrvRecord));
+ r->data.srv->priority = ntohs (srv.prio);
+ r->data.srv->weight = ntohs (srv.weight);
+ r->data.srv->port = ntohs (srv.port);
+ /* parse 'data.hostname' into components, which are
+ "_$SERVICE._$PROTO.$DOMAIN_NAME" */
+ ndup = GNUNET_strdup (r->name);
+ tok = strtok (ndup, ".");
+ GNUNET_assert (NULL != tok);
+ GNUNET_assert ('_' == *tok);
+ r->data.srv->service = GNUNET_strdup (&tok[1]);
+ tok = strtok (NULL, ".");
+ if ( (NULL == tok) || ('_' != *tok) )
+ {
+ GNUNET_free (r->data.srv);
+ GNUNET_free (ndup);
+ return GNUNET_SYSERR;
+ }
+ r->data.srv->proto = GNUNET_strdup (&tok[1]);
+ tok = strtok (NULL, ".");
+ if (NULL == tok)
+ {
+ GNUNET_free (r->data.srv);
+ GNUNET_free (ndup);
+ return GNUNET_SYSERR;
+ }
+ r->data.srv->domain_name = GNUNET_strdup (tok);
+ GNUNET_free (ndup);
+ r->data.srv->target = parse_name (udp_payload,
+ udp_payload_length,
+ off, 0);
+ if (old_off + data_len != *off)
+ return GNUNET_SYSERR;
+ return GNUNET_OK;
default:
r->data.raw.data = GNUNET_malloc (data_len);
r->data.raw.data_len = data_len;
@@ -394,6 +502,24 @@ free_soa (struct GNUNET_DNSPARSER_SoaRecord *soa)
/**
+ * Free SRV information record.
+ *
+ * @param srv record to free
+ */
+static void
+free_srv (struct GNUNET_DNSPARSER_SrvRecord *srv)
+{
+ if (NULL == srv)
+ return;
+ GNUNET_free_non_null (srv->target);
+ GNUNET_free_non_null (srv->domain_name);
+ GNUNET_free_non_null (srv->proto);
+ GNUNET_free_non_null (srv->service);
+ GNUNET_free (srv);
+}
+
+
+/**
* Free MX information record.
*
* @param mx record to free
@@ -420,6 +546,9 @@ free_record (struct GNUNET_DNSPARSER_Record *r)
case GNUNET_DNSPARSER_TYPE_SOA:
free_soa (r->data.soa);
break;
+ case GNUNET_DNSPARSER_TYPE_SRV:
+ free_srv (r->data.srv);
+ break;
case GNUNET_DNSPARSER_TYPE_NS:
case GNUNET_DNSPARSER_TYPE_CNAME:
case GNUNET_DNSPARSER_TYPE_PTR:
@@ -480,34 +609,60 @@ add_name (char *dst,
const char *name)
{
const char *dot;
+ const char *idna_name;
+ char *idna_start;
size_t start;
size_t pos;
size_t len;
+ Idna_rc rc;
if (NULL == name)
return GNUNET_SYSERR;
- start = *off;
- if (start + strlen (name) + 2 > dst_len)
+
+ if (IDNA_SUCCESS !=
+ (rc = idna_to_ascii_8z (name, &idna_start, IDNA_USE_STD3_ASCII_RULES)))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ _("Failed to convert UTF-8 name `%s' to DNS IDNA format: %s\n"),
+ name,
+ idna_strerror (rc));
return GNUNET_NO;
+ }
+ idna_name = idna_start;
+ start = *off;
+ if (start + strlen (idna_name) + 2 > dst_len)
+ goto fail;
pos = start;
do
{
- dot = strchr (name, '.');
+ dot = strchr (idna_name, '.');
if (NULL == dot)
- len = strlen (name);
+ len = strlen (idna_name);
else
- len = dot - name;
+ len = dot - idna_name;
if ( (len >= 64) || (len == 0) )
- return GNUNET_NO; /* segment too long or empty */
+ goto fail; /* segment too long or empty */
dst[pos++] = (char) (uint8_t) len;
- memcpy (&dst[pos], name, len);
+ memcpy (&dst[pos], idna_name, len);
pos += len;
- name += len + 1; /* also skip dot */
+ idna_name += len + 1; /* also skip dot */
}
while (NULL != dot);
dst[pos++] = '\0'; /* terminator */
*off = pos;
+#if WINDOWS
+ idn_free (idna_start);
+#else
+ free (idna_start);
+#endif
return GNUNET_OK;
+ fail:
+#if WINDOWS
+ idn_free (idna_start);
+#else
+ free (idna_start);
+#endif
+ return GNUNET_NO;
}
@@ -616,6 +771,43 @@ add_soa (char *dst,
/**
+ * Add an SRV record to the UDP packet at the given location.
+ *
+ * @param dst where to write the SRV record
+ * @param dst_len number of bytes in dst
+ * @param off pointer to offset where to write the SRV information (increment by bytes used)
+ * can also change if there was an error
+ * @param srv SRV information to write
+ * @return GNUNET_SYSERR if 'srv' is invalid
+ * GNUNET_NO if 'srv' did not fit
+ * GNUNET_OK if 'srv' was added to 'dst'
+ */
+static int
+add_srv (char *dst,
+ size_t dst_len,
+ size_t *off,
+ const struct GNUNET_DNSPARSER_SrvRecord *srv)
+{
+ struct srv_data sd;
+ int ret;
+
+ if (*off + sizeof (struct srv_data) > dst_len)
+ return GNUNET_NO;
+ sd.prio = htons (srv->priority);
+ sd.weight = htons (srv->weight);
+ sd.port = htons (srv->port);
+ memcpy (&dst[*off], &sd, sizeof (sd));
+ (*off) += sizeof (sd);
+ if (GNUNET_OK != (ret = add_name (dst,
+ dst_len,
+ off,
+ srv->target)))
+ return ret;
+ return GNUNET_OK;
+}
+
+
+/**
* Add a DNS record to the UDP packet at the given location.
*
* @param dst where to write the query
@@ -637,10 +829,23 @@ add_record (char *dst,
size_t start;
size_t pos;
struct record_line rl;
-
+ char *name;
+
start = *off;
- ret = add_name (dst, dst_len - sizeof (struct record_line), off, record->name);
- if (ret != GNUNET_OK)
+ /* for SRV records, we can create the name from the details
+ of the record if needed */
+ name = record->name;
+ if ( (GNUNET_DNSPARSER_TYPE_SRV == record->type) &&
+ (NULL == name) )
+ GNUNET_asprintf (&name,
+ "_%s._%s.%s",
+ record->data.srv->service,
+ record->data.srv->proto,
+ record->data.srv->domain_name);
+ ret = add_name (dst, dst_len - sizeof (struct record_line), off, name);
+ if (name != record->name)
+ GNUNET_free (name);
+ if (GNUNET_OK != ret)
return ret;
/* '*off' is now the position where we will need to write the record line */
@@ -658,6 +863,9 @@ add_record (char *dst,
case GNUNET_DNSPARSER_TYPE_PTR:
ret = add_name (dst, dst_len, &pos, record->data.hostname);
break;
+ case GNUNET_DNSPARSER_TYPE_SRV:
+ ret = add_srv (dst, dst_len, &pos, record->data.srv);
+ break;
default:
if (pos + record->data.raw.data_len > dst_len)
{
@@ -669,7 +877,7 @@ add_record (char *dst,
ret = GNUNET_OK;
break;
}
- if (ret != GNUNET_OK)
+ if (GNUNET_OK != ret)
{
*off = start;
return GNUNET_NO;
diff --git a/src/dns/dnsparser.h b/src/dns/dnsparser.h
new file mode 100644
index 0000000..d312f89
--- /dev/null
+++ b/src/dns/dnsparser.h
@@ -0,0 +1,195 @@
+/*
+ This file is part of GNUnet
+ (C) 2010, 2011, 2012 Christian Grothoff (and other contributing authors)
+
+ GNUnet is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 2, or (at your
+ option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNUnet; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+ */
+
+/**
+ * @file dns/dnsparser.h
+ * @brief helper library to parse DNS packets.
+ * @author Philipp Toelke
+ * @author Christian Grothoff
+ * @author Martin Schanzenbach
+ */
+GNUNET_NETWORK_STRUCT_BEGIN
+
+/* FIXME: replace this one with the one from tcpip_tun.h!? */
+/**
+ * Head of a any DNS message.
+ */
+struct GNUNET_TUN_DnsHeader
+{
+ /**
+ * Request/response ID. (NBO)
+ */
+ uint16_t id GNUNET_PACKED;
+
+ /**
+ * Flags for the operation.
+ */
+ struct GNUNET_DNSPARSER_Flags flags;
+
+ /**
+ * number of questions (NBO)
+ */
+ uint16_t query_count GNUNET_PACKED;
+
+ /**
+ * number of answers (NBO)
+ */
+ uint16_t answer_rcount GNUNET_PACKED;
+
+ /**
+ * number of authority-records (NBO)
+ */
+ uint16_t authority_rcount GNUNET_PACKED;
+
+ /**
+ * number of additional records (NBO)
+ */
+ uint16_t additional_rcount GNUNET_PACKED;
+};
+
+
+/**
+ * DNS query prefix.
+ */
+struct query_line
+{
+ /**
+ * Desired type (GNUNET_DNSPARSER_TYPE_XXX). (NBO)
+ */
+ uint16_t type GNUNET_PACKED;
+
+ /**
+ * Desired class (usually GNUNET_DNSPARSER_CLASS_INTERNET). (NBO)
+ */
+ uint16_t class GNUNET_PACKED;
+};
+
+
+/**
+ * General DNS record prefix.
+ */
+struct record_line
+{
+ /**
+ * Record type (GNUNET_DNSPARSER_TYPE_XXX). (NBO)
+ */
+ uint16_t type GNUNET_PACKED;
+
+ /**
+ * Record class (usually GNUNET_DNSPARSER_CLASS_INTERNET). (NBO)
+ */
+ uint16_t class GNUNET_PACKED;
+
+ /**
+ * Expiration for the record (in seconds). (NBO)
+ */
+ uint32_t ttl GNUNET_PACKED;
+
+ /**
+ * Number of bytes of data that follow. (NBO)
+ */
+ uint16_t data_len GNUNET_PACKED;
+};
+
+
+/**
+ * Payload of DNS SOA record (header).
+ */
+struct soa_data
+{
+ /**
+ * The version number of the original copy of the zone. (NBO)
+ */
+ uint32_t serial GNUNET_PACKED;
+
+ /**
+ * Time interval before the zone should be refreshed. (NBO)
+ */
+ uint32_t refresh GNUNET_PACKED;
+
+ /**
+ * Time interval that should elapse before a failed refresh should
+ * be retried. (NBO)
+ */
+ uint32_t retry GNUNET_PACKED;
+
+ /**
+ * Time value that specifies the upper limit on the time interval
+ * that can elapse before the zone is no longer authoritative. (NBO)
+ */
+ uint32_t expire GNUNET_PACKED;
+
+ /**
+ * The bit minimum TTL field that should be exported with any RR
+ * from this zone. (NBO)
+ */
+ uint32_t minimum GNUNET_PACKED;
+};
+
+
+/**
+ * Payload of DNS SRV record (header).
+ */
+struct srv_data
+{
+
+ /**
+ * Preference for this entry (lower value is higher preference). Clients
+ * will contact hosts from the lowest-priority group first and fall back
+ * to higher priorities if the low-priority entries are unavailable. (NBO)
+ */
+ uint16_t prio GNUNET_PACKED;
+
+ /**
+ * Relative weight for records with the same priority. Clients will use
+ * the hosts of the same (lowest) priority with a probability proportional
+ * to the weight given. (NBO)
+ */
+ uint16_t weight GNUNET_PACKED;
+
+ /**
+ * TCP or UDP port of the service. (NBO)
+ */
+ uint16_t port GNUNET_PACKED;
+
+ /* followed by 'target' name */
+};
+
+
+/**
+ * Payload of GNS VPN record
+ */
+struct vpn_data
+{
+ /**
+ * The peer to contact
+ */
+ struct GNUNET_HashCode peer;
+
+ /**
+ * The protocol to use
+ */
+ uint16_t proto GNUNET_PACKED;
+
+
+ /* followed by the servicename / identifier / password (0-terminated) */
+};
+
+GNUNET_NETWORK_STRUCT_END
diff --git a/src/dns/dnsstub.c b/src/dns/dnsstub.c
new file mode 100644
index 0000000..c755aff
--- /dev/null
+++ b/src/dns/dnsstub.c
@@ -0,0 +1,561 @@
+/*
+ This file is part of GNUnet.
+ (C) 2012 Christian Grothoff (and other contributing authors)
+
+ GNUnet is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 3, or (at your
+ option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNUnet; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+*/
+/**
+ * @file dns/dnsstub.c
+ * @brief DNS stub resolver which sends DNS requests to an actual resolver
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_dnsstub_lib.h"
+
+/**
+ * Timeout for an external (Internet-DNS) DNS resolution
+ */
+#define REQUEST_TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5)
+
+/**
+ * How many DNS sockets do we open at most at the same time?
+ * (technical socket maximum is this number x2 for IPv4+IPv6)
+ */
+#define DNS_SOCKET_MAX 128
+
+
+/**
+ * UDP socket we are using for sending DNS requests to the Internet.
+ */
+struct GNUNET_DNSSTUB_RequestSocket
+{
+
+ /**
+ * UDP socket we use for this request for IPv4
+ */
+ struct GNUNET_NETWORK_Handle *dnsout4;
+
+ /**
+ * UDP socket we use for this request for IPv6
+ */
+ struct GNUNET_NETWORK_Handle *dnsout6;
+
+ /**
+ * Function to call with result.
+ */
+ GNUNET_DNSSTUB_ResultCallback rc;
+
+ /**
+ * Closure for 'rc'.
+ */
+ void *rc_cls;
+
+ /**
+ * Task for reading from dnsout4 and dnsout6.
+ */
+ GNUNET_SCHEDULER_TaskIdentifier read_task;
+
+ /**
+ * When should this request time out?
+ */
+ struct GNUNET_TIME_Absolute timeout;
+
+ /**
+ * Address we sent the DNS request to.
+ */
+ struct sockaddr_storage addr;
+
+ /**
+ * Number of bytes in 'addr'.
+ */
+ socklen_t addrlen;
+
+};
+
+
+/**
+ * Handle to the stub resolver.
+ */
+struct GNUNET_DNSSTUB_Context
+{
+
+ /**
+ * Array of all open sockets for DNS requests.
+ */
+ struct GNUNET_DNSSTUB_RequestSocket sockets[DNS_SOCKET_MAX];
+
+ /**
+ * IP address to use for the DNS server if we are a DNS exit service
+ * (for VPN via mesh); otherwise NULL.
+ */
+ char *dns_exit;
+};
+
+
+
+/**
+ * We're done with a GNUNET_DNSSTUB_RequestSocket, close it for now.
+ *
+ * @param rs request socket to clean up
+ */
+static void
+cleanup_rs (struct GNUNET_DNSSTUB_RequestSocket *rs)
+{
+ if (NULL != rs->dnsout4)
+ {
+ GNUNET_NETWORK_socket_close (rs->dnsout4);
+ rs->dnsout4 = NULL;
+ }
+ if (NULL != rs->dnsout6)
+ {
+ GNUNET_NETWORK_socket_close (rs->dnsout6);
+ rs->dnsout6 = NULL;
+ }
+ if (GNUNET_SCHEDULER_NO_TASK != rs->read_task)
+ {
+ GNUNET_SCHEDULER_cancel (rs->read_task);
+ rs->read_task = GNUNET_SCHEDULER_NO_TASK;
+ }
+}
+
+
+/**
+ * Open source port for sending DNS requests
+ *
+ * @param af AF_INET or AF_INET6
+ * @return GNUNET_OK on success
+ */
+static struct GNUNET_NETWORK_Handle *
+open_socket (int af)
+{
+ struct sockaddr_in a4;
+ struct sockaddr_in6 a6;
+ struct sockaddr *sa;
+ socklen_t alen;
+ struct GNUNET_NETWORK_Handle *ret;
+
+ ret = GNUNET_NETWORK_socket_create (af, SOCK_DGRAM, 0);
+ if (NULL == ret)
+ return NULL;
+ switch (af)
+ {
+ case AF_INET:
+ memset (&a4, 0, alen = sizeof (struct sockaddr_in));
+ sa = (struct sockaddr *) &a4;
+ break;
+ case AF_INET6:
+ memset (&a6, 0, alen = sizeof (struct sockaddr_in6));
+ sa = (struct sockaddr *) &a6;
+ break;
+ default:
+ GNUNET_break (0);
+ GNUNET_NETWORK_socket_close (ret);
+ return NULL;
+ }
+ sa->sa_family = af;
+ if (GNUNET_OK != GNUNET_NETWORK_socket_bind (ret,
+ sa,
+ alen))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ _("Could not bind to any port: %s\n"),
+ STRERROR (errno));
+ GNUNET_NETWORK_socket_close (ret);
+ return NULL;
+ }
+ return ret;
+}
+
+
+/**
+ * Read a DNS response from the (unhindered) UDP-Socket
+ *
+ * @param cls socket to read from
+ * @param tc scheduler context (must be shutdown or read ready)
+ */
+static void
+read_response (void *cls,
+ const struct GNUNET_SCHEDULER_TaskContext *tc);
+
+
+/**
+ * Get a socket of the specified address family to send out a
+ * UDP DNS request to the Internet.
+ *
+ * @param ctx the DNSSTUB context
+ * @param af desired address family
+ * @return NULL on error (given AF not "supported")
+ */
+static struct GNUNET_DNSSTUB_RequestSocket *
+get_request_socket (struct GNUNET_DNSSTUB_Context *ctx,
+ int af)
+{
+ struct GNUNET_DNSSTUB_RequestSocket *rs;
+ struct GNUNET_NETWORK_FDSet *rset;
+
+ rs = &ctx->sockets[GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE,
+ DNS_SOCKET_MAX)];
+ rs->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT);
+ switch (af)
+ {
+ case AF_INET:
+ if (NULL == rs->dnsout4)
+ rs->dnsout4 = open_socket (AF_INET);
+ break;
+ case AF_INET6:
+ if (NULL == rs->dnsout6)
+ rs->dnsout6 = open_socket (AF_INET6);
+ break;
+ default:
+ return NULL;
+ }
+ if (GNUNET_SCHEDULER_NO_TASK != rs->read_task)
+ {
+ GNUNET_SCHEDULER_cancel (rs->read_task);
+ rs->read_task = GNUNET_SCHEDULER_NO_TASK;
+ }
+ if ( (NULL == rs->dnsout4) &&
+ (NULL == rs->dnsout6) )
+ return NULL;
+ rset = GNUNET_NETWORK_fdset_create ();
+ if (NULL != rs->dnsout4)
+ GNUNET_NETWORK_fdset_set (rset, rs->dnsout4);
+ if (NULL != rs->dnsout6)
+ GNUNET_NETWORK_fdset_set (rset, rs->dnsout6);
+ rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
+ REQUEST_TIMEOUT,
+ rset,
+ NULL,
+ &read_response, rs);
+ GNUNET_NETWORK_fdset_destroy (rset);
+ return rs;
+}
+
+
+/**
+ * Perform DNS resolution.
+ *
+ * @param ctx stub resolver to use
+ * @param sa the socket address
+ * @param sa_len the socket length
+ * @param request DNS request to transmit
+ * @param request_len number of bytes in msg
+ * @param rc function to call with result
+ * @param rc_cls closure for 'rc'
+ * @return socket used for the request, NULL on error
+ */
+struct GNUNET_DNSSTUB_RequestSocket *
+GNUNET_DNSSTUB_resolve (struct GNUNET_DNSSTUB_Context *ctx,
+ const struct sockaddr *sa,
+ socklen_t sa_len,
+ const void *request,
+ size_t request_len,
+ GNUNET_DNSSTUB_ResultCallback rc,
+ void *rc_cls)
+{
+ struct GNUNET_DNSSTUB_RequestSocket *rs;
+ struct GNUNET_NETWORK_Handle *ret;
+ int af;
+
+ af = sa->sa_family;
+ if (NULL == (rs = get_request_socket (ctx, af)))
+ return NULL;
+ if (NULL != rs->dnsout4)
+ ret = rs->dnsout4;
+ else
+ ret = rs->dnsout6;
+ GNUNET_assert (NULL != ret);
+ memcpy (&rs->addr,
+ sa,
+ sa_len);
+ rs->addrlen = sa_len;
+ rs->rc = rc;
+ rs->rc_cls = rc_cls;
+ if (GNUNET_SYSERR ==
+ GNUNET_NETWORK_socket_sendto (ret,
+ request,
+ request_len,
+ sa,
+ sa_len))
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ _("Failed to send DNS request to %s\n"),
+ GNUNET_a2s (sa, sa_len));
+ else
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ _("Sent DNS request to %s\n"),
+ GNUNET_a2s (sa, sa_len));
+ return rs;
+}
+
+
+/**
+ * Perform DNS resolution using our default IP from init.
+ *
+ * @param ctx stub resolver to use
+ * @param request DNS request to transmit
+ * @param request_len number of bytes in msg
+ * @param rc function to call with result
+ * @param rc_cls closure for 'rc'
+ * @return socket used for the request, NULL on error
+ */
+struct GNUNET_DNSSTUB_RequestSocket *
+GNUNET_DNSSTUB_resolve2 (struct GNUNET_DNSSTUB_Context *ctx,
+ const void *request,
+ size_t request_len,
+ GNUNET_DNSSTUB_ResultCallback rc,
+ void *rc_cls)
+{
+ int af;
+ struct sockaddr_in v4;
+ struct sockaddr_in6 v6;
+ struct sockaddr *sa;
+ socklen_t salen;
+ struct GNUNET_NETWORK_Handle *dnsout;
+ struct GNUNET_DNSSTUB_RequestSocket *rs;
+
+ memset (&v4, 0, sizeof (v4));
+ memset (&v6, 0, sizeof (v6));
+ if (1 == inet_pton (AF_INET, ctx->dns_exit, &v4.sin_addr))
+ {
+ salen = sizeof (v4);
+ v4.sin_family = AF_INET;
+ v4.sin_port = htons (53);
+#if HAVE_SOCKADDR_IN_SIN_LEN
+ v4.sin_len = (u_char) salen;
+#endif
+ sa = (struct sockaddr *) &v4;
+ af = AF_INET;
+ }
+ else if (1 == inet_pton (AF_INET6, ctx->dns_exit, &v6.sin6_addr))
+ {
+ salen = sizeof (v6);
+ v6.sin6_family = AF_INET6;
+ v6.sin6_port = htons (53);
+#if HAVE_SOCKADDR_IN_SIN_LEN
+ v6.sin6_len = (u_char) salen;
+#endif
+ sa = (struct sockaddr *) &v6;
+ af = AF_INET6;
+ }
+ else
+ {
+ GNUNET_break (0);
+ return NULL;
+ }
+ if (NULL == (rs = get_request_socket (ctx, af)))
+ return NULL;
+ if (NULL != rs->dnsout4)
+ dnsout = rs->dnsout4;
+ else
+ dnsout = rs->dnsout6;
+ if (NULL == dnsout)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ _("Configured DNS exit `%s' is not working / valid.\n"),
+ ctx->dns_exit);
+ return NULL;
+ }
+ memcpy (&rs->addr,
+ sa,
+ salen);
+ rs->addrlen = salen;
+ rs->rc = rc;
+ rs->rc_cls = rc_cls;
+ if (GNUNET_SYSERR ==
+ GNUNET_NETWORK_socket_sendto (dnsout,
+ request,
+ request_len, sa, salen))
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ _("Failed to send DNS request to %s\n"),
+ GNUNET_a2s (sa, salen));
+ rs->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT);
+
+ return rs;
+
+}
+
+
+/**
+ * Actually do the reading of a DNS packet from our UDP socket and see
+ * if we have a valid, matching, pending request.
+ *
+ * @param rs request socket with callback details
+ * @param dnsout socket to read from
+ * @return GNUNET_OK on success, GNUNET_NO on drop, GNUNET_SYSERR on IO-errors (closed socket)
+ */
+static int
+do_dns_read (struct GNUNET_DNSSTUB_RequestSocket *rs,
+ struct GNUNET_NETWORK_Handle *dnsout)
+{
+ struct sockaddr_storage addr;
+ socklen_t addrlen;
+ struct GNUNET_TUN_DnsHeader *dns;
+ ssize_t r;
+ int len;
+
+#ifndef MINGW
+ if (0 != ioctl (GNUNET_NETWORK_get_fd (dnsout), FIONREAD, &len))
+ {
+ /* conservative choice: */
+ len = UINT16_MAX;
+ }
+#else
+ /* port the code above? */
+ len = UINT16_MAX;
+#endif
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Receiving %d byte DNS reply\n",
+ len);
+ {
+ unsigned char buf[len] GNUNET_ALIGN;
+
+ addrlen = sizeof (addr);
+ memset (&addr, 0, sizeof (addr));
+ r = GNUNET_NETWORK_socket_recvfrom (dnsout,
+ buf, sizeof (buf),
+ (struct sockaddr*) &addr, &addrlen);
+ if (-1 == r)
+ {
+ GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "recvfrom");
+ GNUNET_NETWORK_socket_close (dnsout);
+ return GNUNET_SYSERR;
+ }
+ if (sizeof (struct GNUNET_TUN_DnsHeader) > r)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ _("Received DNS response that is too small (%u bytes)"),
+ r);
+ return GNUNET_NO;
+ }
+ dns = (struct GNUNET_TUN_DnsHeader *) buf;
+ if ( (addrlen != rs->addrlen) ||
+ (0 != memcmp (&rs->addr,
+ &addr,
+ addrlen)) ||
+ (0 == GNUNET_TIME_absolute_get_remaining (rs->timeout).rel_value) )
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Request timeout or invalid sender address; ignoring reply\n");
+ return GNUNET_NO;
+ }
+ if (NULL != rs->rc)
+ rs->rc (rs->rc_cls,
+ rs,
+ dns,
+ r);
+ }
+ return GNUNET_OK;
+}
+
+
+/**
+ * Read a DNS response from the (unhindered) UDP-Socket
+ *
+ * @param cls socket to read from
+ * @param tc scheduler context (must be shutdown or read ready)
+ */
+static void
+read_response (void *cls,
+ const struct GNUNET_SCHEDULER_TaskContext *tc)
+{
+ struct GNUNET_DNSSTUB_RequestSocket *rs = cls;
+ struct GNUNET_NETWORK_FDSet *rset;
+
+ rs->read_task = GNUNET_SCHEDULER_NO_TASK;
+ if (0 == (tc->reason & GNUNET_SCHEDULER_REASON_READ_READY))
+ {
+ /* timeout or shutdown */
+ cleanup_rs (rs);
+ return;
+ }
+ /* read and process ready sockets */
+ if ((NULL != rs->dnsout4) &&
+ (GNUNET_NETWORK_fdset_isset (tc->read_ready, rs->dnsout4)) &&
+ (GNUNET_SYSERR == do_dns_read (rs, rs->dnsout4)))
+ rs->dnsout4 = NULL;
+ if ((NULL != rs->dnsout6) &&
+ (GNUNET_NETWORK_fdset_isset (tc->read_ready, rs->dnsout6)) &&
+ (GNUNET_SYSERR == do_dns_read (rs, rs->dnsout6)))
+ rs->dnsout6 = NULL;
+
+ /* re-schedule read task */
+ rset = GNUNET_NETWORK_fdset_create ();
+ if (NULL != rs->dnsout4)
+ GNUNET_NETWORK_fdset_set (rset, rs->dnsout4);
+ if (NULL != rs->dnsout6)
+ GNUNET_NETWORK_fdset_set (rset, rs->dnsout6);
+ rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
+ GNUNET_TIME_absolute_get_remaining (rs->timeout),
+ rset,
+ NULL,
+ &read_response, rs);
+ GNUNET_NETWORK_fdset_destroy (rset);
+}
+
+
+/**
+ * Cancel DNS resolution.
+ *
+ * @param rs resolution to cancel
+ */
+void
+GNUNET_DNSSTUB_resolve_cancel (struct GNUNET_DNSSTUB_RequestSocket *rs)
+{
+ rs->rc = NULL;
+}
+
+
+/**
+ * Start a DNS stub resolver.
+ *
+ * @param dns_ip target IP address to use
+ * @return NULL on error
+ */
+struct GNUNET_DNSSTUB_Context *
+GNUNET_DNSSTUB_start (const char *dns_ip)
+{
+ struct GNUNET_DNSSTUB_Context *ctx;
+
+ ctx = GNUNET_malloc (sizeof (struct GNUNET_DNSSTUB_Context));
+ if (NULL != dns_ip)
+ ctx->dns_exit = GNUNET_strdup (dns_ip);
+ return ctx;
+}
+
+
+/**
+ * Cleanup DNSSTUB resolver.
+ *
+ * @param ctx stub resolver to clean up
+ */
+void
+GNUNET_DNSSTUB_stop (struct GNUNET_DNSSTUB_Context *ctx)
+{
+ unsigned int i;
+
+ for (i=0;i<DNS_SOCKET_MAX;i++)
+ cleanup_rs (&ctx->sockets[i]);
+ if (NULL != ctx->dns_exit)
+ {
+ GNUNET_free (ctx->dns_exit);
+ ctx->dns_exit = NULL;
+ }
+ GNUNET_free (ctx);
+}
+
+
+/* end of dnsstub.c */
diff --git a/src/dns/gnunet-dns-monitor.c b/src/dns/gnunet-dns-monitor.c
index 82715aa..747a875 100644
--- a/src/dns/gnunet-dns-monitor.c
+++ b/src/dns/gnunet-dns-monitor.c
@@ -75,6 +75,7 @@ get_type (uint16_t type)
case GNUNET_DNSPARSER_TYPE_MX: return "MX";
case GNUNET_DNSPARSER_TYPE_TXT: return "TXT";
case GNUNET_DNSPARSER_TYPE_AAAA: return "AAAA";
+ case GNUNET_DNSPARSER_TYPE_SRV: return "SRV";
}
GNUNET_snprintf (buf, sizeof (buf), "%u", (unsigned int) type);
return buf;
@@ -151,7 +152,7 @@ display_record (const struct GNUNET_DNSPARSER_Record *record)
format = record->data.hostname;
break;
case GNUNET_DNSPARSER_TYPE_SOA:
- if (record->data.soa == NULL)
+ if (NULL == record->data.soa)
format = "<invalid>";
else
{
@@ -179,6 +180,23 @@ display_record (const struct GNUNET_DNSPARSER_Record *record)
format = tmp;
}
break;
+ case GNUNET_DNSPARSER_TYPE_SRV:
+ if (NULL == record->data.srv)
+ format = "<invalid>";
+ else
+ {
+ GNUNET_asprintf (&tmp,
+ "service: %s, protocol: %s, domain_name = %s, priority %u, weight = %s, port = %u, target = %s",
+ record->data.srv->service,
+ record->data.srv->proto,
+ record->data.srv->domain_name,
+ (unsigned int) record->data.srv->priority,
+ (unsigned int) record->data.srv->weight,
+ (unsigned int) record->data.srv->port,
+ record->data.srv->target);
+ format = tmp;
+ }
+ break;
case GNUNET_DNSPARSER_TYPE_TXT:
GNUNET_asprintf (&tmp,
"%.*s",
@@ -342,11 +360,16 @@ main (int argc, char *const *argv)
GNUNET_GETOPT_OPTION_VERBOSE (&verbosity),
GNUNET_GETOPT_OPTION_END
};
- return (GNUNET_OK ==
- GNUNET_PROGRAM_run (argc, argv, "gnunet-dns-monitor",
- gettext_noop
- ("Monitor DNS queries."), options,
- &run, NULL)) ? ret : 1;
+
+ if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
+ return 2;
+ ret = (GNUNET_OK ==
+ GNUNET_PROGRAM_run (argc, argv, "gnunet-dns-monitor",
+ gettext_noop
+ ("Monitor DNS queries."), options,
+ &run, NULL)) ? ret : 1;
+ GNUNET_free ((void*) argv);
+ return ret;
}
diff --git a/src/dns/gnunet-dns-redirector.c b/src/dns/gnunet-dns-redirector.c
index a45b896..3df2ac2 100644
--- a/src/dns/gnunet-dns-redirector.c
+++ b/src/dns/gnunet-dns-redirector.c
@@ -241,11 +241,17 @@ main (int argc, char *const *argv)
GNUNET_GETOPT_OPTION_VERBOSE (&verbosity),
GNUNET_GETOPT_OPTION_END
};
- return (GNUNET_OK ==
- GNUNET_PROGRAM_run (argc, argv, "gnunet-dns-redirector",
- gettext_noop
- ("Change DNS replies to point elsewhere."), options,
- &run, NULL)) ? ret : 1;
+
+ if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
+ return 2;
+
+ ret = (GNUNET_OK ==
+ GNUNET_PROGRAM_run (argc, argv, "gnunet-dns-redirector",
+ gettext_noop
+ ("Change DNS replies to point elsewhere."), options,
+ &run, NULL)) ? ret : 1;
+ GNUNET_free ((void*) argv);
+ return ret;
}
diff --git a/src/dns/gnunet-helper-dns.c b/src/dns/gnunet-helper-dns.c
index dfeb45a..c230ec5 100644
--- a/src/dns/gnunet-helper-dns.c
+++ b/src/dns/gnunet-helper-dns.c
@@ -100,6 +100,11 @@ struct in6_ifreq
static const char *sbin_iptables;
/**
+ * Name and full path of sysctl binary
+ */
+static const char *sbin_sysctl;
+
+/**
* Name and full path of IPTABLES binary.
*/
static const char *sbin_ip;
@@ -150,6 +155,33 @@ signal_handler (int signal)
/**
+ * Open '/dev/null' and make the result the given
+ * file descriptor.
+ *
+ * @param target_fd desired FD to point to /dev/null
+ * @param flags open flags (O_RDONLY, O_WRONLY)
+ */
+static void
+open_dev_null (int target_fd,
+ int flags)
+{
+ int fd;
+
+ fd = open ("/dev/null", flags);
+ if (-1 == fd)
+ abort ();
+ if (fd == target_fd)
+ return;
+ if (-1 == dup2 (fd, target_fd))
+ {
+ (void) close (fd);
+ abort ();
+ }
+ (void) close (fd);
+}
+
+
+/**
* Run the given command and wait for it to complete.
*
* @param file name of the binary to run
@@ -178,7 +210,9 @@ fork_and_exec (const char *file,
/* close stdin/stdout to not cause interference
with the helper's main protocol! */
(void) close (0);
+ open_dev_null (0, O_RDONLY);
(void) close (1);
+ open_dev_null (1, O_WRONLY);
(void) execv (file, cmd);
/* can only get here on error */
fprintf (stderr,
@@ -492,7 +526,7 @@ run (int fd_tun)
* We are supposed to read and the buffer is not empty
* -> select on write to stdout
*/
- if (0 != buftun_size)
+ if (0 < buftun_size)
FD_SET (1, &fds_w);
/*
@@ -536,7 +570,10 @@ run (int fd_tun)
{
if ( (errno == EINTR) ||
(errno == EAGAIN) )
- continue;
+ {
+ buftun_size = 0;
+ continue;
+ }
fprintf (stderr, "read-error: %s\n", strerror (errno));
return;
}
@@ -675,6 +712,7 @@ PROCESS_BUFFER:
* 25-39 failed to drop privs and then failed to undo some changes to routing table
* 40 failed to regain privs
* 41-55 failed to regain prisv and then failed to undo some changes to routing table
+ * 254 insufficient priviledges
* 255 failed to handle kill signal properly
*/
int
@@ -684,6 +722,7 @@ main (int argc, char *const*argv)
char dev[IFNAMSIZ];
char mygid[32];
int fd_tun;
+ uid_t uid;
if (6 != argc)
{
@@ -691,6 +730,22 @@ main (int argc, char *const*argv)
return 1;
}
+ /* assert privs so we can modify the firewall rules! */
+ uid = getuid ();
+#ifdef HAVE_SETRESUID
+ if (0 != setresuid (uid, 0, 0))
+ {
+ fprintf (stderr, "Failed to setresuid to root: %s\n", strerror (errno));
+ return 254;
+ }
+#else
+ if (0 != seteuid (0))
+ {
+ fprintf (stderr, "Failed to seteuid back to root: %s\n", strerror (errno));
+ return 254;
+ }
+#endif
+
/* verify that the binaries were care about are executable */
if (0 == access ("/sbin/iptables", X_OK))
sbin_iptables = "/sbin/iptables";
@@ -714,6 +769,17 @@ main (int argc, char *const*argv)
strerror (errno));
return 4;
}
+ if (0 == access ("/sbin/sysctl", X_OK))
+ sbin_sysctl = "/sbin/sysctl";
+ else if (0 == access ("/usr/sbin/sysctl", X_OK))
+ sbin_sysctl = "/usr/sbin/sysctl";
+ else
+ {
+ fprintf (stderr,
+ "Fatal: executable sysctl not found in approved directories: %s\n",
+ strerror (errno));
+ return 5;
+ }
/* setup 'mygid' string */
snprintf (mygid, sizeof (mygid), "%d", (int) getegid());
@@ -778,6 +844,22 @@ main (int argc, char *const*argv)
strncpy (dev, argv[1], IFNAMSIZ);
dev[IFNAMSIZ - 1] = '\0';
+ /* Disable rp filtering */
+ {
+ char *const sysctl_args[] = {"sysctl", "-w",
+ "net.ipv4.conf.all.rp_filter=0", NULL};
+ char *const sysctl_args2[] = {"sysctl", "-w",
+ "net.ipv4.conf.default.rp_filter=0", NULL};
+ if ((0 != fork_and_exec (sbin_sysctl, sysctl_args)) ||
+ (0 != fork_and_exec (sbin_sysctl, sysctl_args2)))
+ {
+ fprintf (stderr,
+ "Failed to disable rp filtering.\n");
+ return 5;
+ }
+ }
+
+
/* now open virtual interface (first part that requires root) */
if (-1 == (fd_tun = init_tun (dev)))
{
@@ -814,6 +896,7 @@ main (int argc, char *const*argv)
set_address4 (dev, address, mask);
}
+
/* update routing tables -- next part why we need SUID! */
/* Forward everything from our EGID (which should only be held
@@ -863,7 +946,6 @@ main (int argc, char *const*argv)
/* drop privs *except* for the saved UID; this is not perfect, but better
than doing nothing */
- uid_t uid = getuid ();
#ifdef HAVE_SETRESUID
if (0 != setresuid (uid, uid, 0))
{
diff --git a/src/dns/gnunet-service-dns.c b/src/dns/gnunet-service-dns.c
index 6337538..d1689f4 100644
--- a/src/dns/gnunet-service-dns.c
+++ b/src/dns/gnunet-service-dns.c
@@ -45,21 +45,22 @@
#include "dns.h"
#include "gnunet_dns_service.h"
#include "gnunet_dnsparser_lib.h"
-#include "gnunet_mesh_service.h"
+#include "gnunet_dnsstub_lib.h"
#include "gnunet_statistics_service.h"
#include "gnunet_tun_lib.h"
-
/**
- * Timeout for an external (Internet-DNS) DNS resolution
+ * Port number for DNS
*/
-#define REQUEST_TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5)
+#define DNS_PORT 53
+
/**
- * How many DNS sockets do we open at most at the same time?
- * (technical socket maximum is this number x2 for IPv4+IPv6)
+ * Generic logging shorthand
*/
-#define DNS_SOCKET_MAX 128
+#define LOG(kind, ...) \
+ GNUNET_log_from (kind, "dns", __VA_ARGS__);
+
/**
* Phases each request goes through.
@@ -137,34 +138,6 @@ struct ClientRecord
/**
- * UDP socket we are using for sending DNS requests to the Internet.
- */
-struct RequestSocket
-{
-
- /**
- * UDP socket we use for this request for IPv4
- */
- struct GNUNET_NETWORK_Handle *dnsout4;
-
- /**
- * UDP socket we use for this request for IPv6
- */
- struct GNUNET_NETWORK_Handle *dnsout6;
-
- /**
- * Task for reading from dnsout4 and dnsout6.
- */
- GNUNET_SCHEDULER_TaskIdentifier read_task;
-
- /**
- * When should this socket be closed?
- */
- struct GNUNET_TIME_Absolute timeout;
-};
-
-
-/**
* Entry we keep for each active request.
*/
struct RequestRecord
@@ -184,10 +157,9 @@ struct RequestRecord
/**
* Socket we are using to transmit this request (must match if we receive
- * a response). Must NOT be freed as part of this request record (as it
- * might be shared with other requests).
+ * a response).
*/
- struct GNUNET_NETWORK_Handle *dnsout;
+ struct GNUNET_DNSSTUB_RequestSocket *rs;
/**
* Source address of the original request (for sending response).
@@ -200,11 +172,6 @@ struct RequestRecord
struct sockaddr_storage dst_addr;
/**
- * When should this request time out?
- */
- struct GNUNET_TIME_Absolute timeout;
-
- /**
* ID of this request, also basis for hashing. Lowest 16 bit will
* be our message ID when doing a global DNS request and our index
* into the 'requests' array.
@@ -230,66 +197,6 @@ struct RequestRecord
/**
- * State we keep for each DNS tunnel that terminates at this node.
- */
-struct TunnelState
-{
-
- /**
- * Associated MESH tunnel.
- */
- struct GNUNET_MESH_Tunnel *tunnel;
-
- /**
- * Active request for sending a reply.
- */
- struct GNUNET_MESH_TransmitHandle *th;
-
- /**
- * DNS reply ready for transmission.
- */
- char *reply;
-
- /**
- * Socket we are using to transmit this request (must match if we receive
- * a response). Must NOT be freed as part of this request record (as it
- * might be shared with other requests).
- */
- struct GNUNET_NETWORK_Handle *dnsout;
-
- /**
- * Address we sent the DNS request to.
- */
- struct sockaddr_storage addr;
-
- /**
- * When should this request time out?
- */
- struct GNUNET_TIME_Absolute timeout;
-
- /**
- * Number of bytes in 'addr'.
- */
- socklen_t addrlen;
-
- /**
- * Number of bytes in 'reply'.
- */
- size_t reply_length;
-
- /**
- * Original DNS request ID as used by the client.
- */
- uint16_t original_id;
-
- /**
- * DNS request ID that we used for forwarding.
- */
- uint16_t my_id;
-};
-
-
-/**
* Global return value from 'main'.
*/
static int global_ret;
@@ -335,57 +242,14 @@ static struct GNUNET_SERVER_NotificationContext *nc;
static struct RequestRecord requests[UINT16_MAX + 1];
/**
- * Array of all open requests from tunnels.
- */
-static struct TunnelState *tunnels[UINT16_MAX + 1];
-
-/**
- * Array of all open sockets for DNS requests.
- */
-static struct RequestSocket sockets[DNS_SOCKET_MAX];
-
-/**
* Generator for unique request IDs.
*/
static uint64_t request_id_gen;
/**
- * IP address to use for the DNS server if we are a DNS exit service
- * (for VPN via mesh); otherwise NULL.
- */
-static char *dns_exit;
-
-/**
- * Handle to the MESH service (for receiving DNS queries), or NULL
- * if we are not a DNS exit.
- */
-static struct GNUNET_MESH_Handle *mesh;
-
-
-/**
- * We're done with a RequestSocket, close it for now.
- *
- * @param rs request socket to clean up
+ * Handle to the DNS Stub resolver.
*/
-static void
-cleanup_rs (struct RequestSocket *rs)
-{
- if (NULL != rs->dnsout4)
- {
- GNUNET_NETWORK_socket_close (rs->dnsout4);
- rs->dnsout4 = NULL;
- }
- if (NULL != rs->dnsout6)
- {
- GNUNET_NETWORK_socket_close (rs->dnsout6);
- rs->dnsout6 = NULL;
- }
- if (GNUNET_SCHEDULER_NO_TASK != rs->read_task)
- {
- GNUNET_SCHEDULER_cancel (rs->read_task);
- rs->read_task = GNUNET_SCHEDULER_NO_TASK;
- }
-}
+static struct GNUNET_DNSSTUB_Context *dnsstub;
/**
@@ -430,64 +294,11 @@ cleanup_task (void *cls GNUNET_UNUSED,
GNUNET_STATISTICS_destroy (stats, GNUNET_NO);
stats = NULL;
}
- if (NULL != dns_exit)
- {
- GNUNET_free (dns_exit);
- dns_exit = NULL;
- }
- if (NULL != mesh)
- {
- GNUNET_MESH_disconnect(mesh);
- mesh = NULL;
- }
-}
-
-
-/**
- * Open source port for sending DNS requests
- *
- * @param af AF_INET or AF_INET6
- * @return GNUNET_OK on success
- */
-static struct GNUNET_NETWORK_Handle *
-open_socket (int af)
-{
- struct sockaddr_in a4;
- struct sockaddr_in6 a6;
- struct sockaddr *sa;
- socklen_t alen;
- struct GNUNET_NETWORK_Handle *ret;
-
- ret = GNUNET_NETWORK_socket_create (af, SOCK_DGRAM, 0);
- if (NULL == ret)
- return NULL;
- switch (af)
- {
- case AF_INET:
- memset (&a4, 0, alen = sizeof (struct sockaddr_in));
- sa = (struct sockaddr *) &a4;
- break;
- case AF_INET6:
- memset (&a6, 0, alen = sizeof (struct sockaddr_in6));
- sa = (struct sockaddr *) &a6;
- break;
- default:
- GNUNET_break (0);
- GNUNET_NETWORK_socket_close (ret);
- return NULL;
- }
- sa->sa_family = af;
- if (GNUNET_OK != GNUNET_NETWORK_socket_bind (ret,
- sa,
- alen))
+ if (NULL != dnsstub)
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _("Could not bind to any port: %s\n"),
- STRERROR (errno));
- GNUNET_NETWORK_socket_close (ret);
- return NULL;
+ GNUNET_DNSSTUB_stop (dnsstub);
+ dnsstub = NULL;
}
- return ret;
}
@@ -510,10 +321,16 @@ request_done (struct RequestRecord *rr)
if (RP_RESPONSE_MONITOR != rr->phase)
{
/* no response, drop */
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Got no response for request %llu, dropping\n",
+ (unsigned long long) rr->request_id);
cleanup_rr (rr);
return;
}
-
+
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Transmitting response for request %llu\n",
+ (unsigned long long) rr->request_id);
/* send response via hijacker */
reply_len = sizeof (struct GNUNET_MessageHeader);
reply_len += sizeof (struct GNUNET_TUN_Layer2PacketHeader);
@@ -664,6 +481,9 @@ send_request_to_client (struct RequestRecord *rr,
cleanup_rr (rr);
return;
}
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Sending information about request %llu to local client\n",
+ (unsigned long long) rr->request_id);
req = (struct GNUNET_DNS_Request*) buf;
req->header.type = htons (GNUNET_MESSAGE_TYPE_DNS_CLIENT_REQUEST);
req->header.size = htons (sizeof (buf));
@@ -677,70 +497,21 @@ send_request_to_client (struct RequestRecord *rr,
}
-/**
- * Read a DNS response from the (unhindered) UDP-Socket
- *
- * @param cls socket to read from
- * @param tc scheduler context (must be shutdown or read ready)
- */
-static void
-read_response (void *cls,
- const struct GNUNET_SCHEDULER_TaskContext *tc);
-
/**
- * Get a socket of the specified address family to send out a
- * UDP DNS request to the Internet.
+ * Callback called from DNSSTUB resolver when a resolution
+ * succeeded.
*
- * @param af desired address family
- * @return NULL on error (given AF not "supported")
+ * @param cls NULL
+ * @param rs the socket that received the response
+ * @param dns the response itself
+ * @param r number of bytes in dns
*/
-static struct GNUNET_NETWORK_Handle *
-get_request_socket (int af)
-{
- struct RequestSocket *rs;
- struct GNUNET_NETWORK_FDSet *rset;
- static struct GNUNET_NETWORK_Handle *ret;
-
- rs = &sockets[GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE,
- DNS_SOCKET_MAX)];
- rs->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT);
- switch (af)
- {
- case AF_INET:
- if (NULL == rs->dnsout4)
- rs->dnsout4 = open_socket (AF_INET);
- ret = rs->dnsout4;
- break;
- case AF_INET6:
- if (NULL == rs->dnsout6)
- rs->dnsout6 = open_socket (AF_INET6);
- ret = rs->dnsout6;
- break;
- default:
- return NULL;
- }
- if (GNUNET_SCHEDULER_NO_TASK != rs->read_task)
- {
- GNUNET_SCHEDULER_cancel (rs->read_task);
- rs->read_task = GNUNET_SCHEDULER_NO_TASK;
- }
- if ( (NULL == rs->dnsout4) &&
- (NULL == rs->dnsout6) )
- return NULL;
- rset = GNUNET_NETWORK_fdset_create ();
- if (NULL != rs->dnsout4)
- GNUNET_NETWORK_fdset_set (rset, rs->dnsout4);
- if (NULL != rs->dnsout6)
- GNUNET_NETWORK_fdset_set (rset, rs->dnsout6);
- rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
- REQUEST_TIMEOUT,
- rset,
- NULL,
- &read_response, rs);
- GNUNET_NETWORK_fdset_destroy (rset);
- return ret;
-}
+static void
+process_dns_result (void *cls,
+ struct GNUNET_DNSSTUB_RequestSocket *rs,
+ const struct GNUNET_TUN_DnsHeader *dns,
+ size_t r);
/**
@@ -777,6 +548,10 @@ next_phase (struct RequestRecord *rr)
return;
}
/* done with current phase, advance! */
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Request %llu now in phase %d\n",
+ rr->request_id,
+ rr->phase);
switch (rr->phase)
{
case RP_INIT:
@@ -815,8 +590,14 @@ next_phase (struct RequestRecord *rr)
}
rr->phase = RP_INTERNET_DNS;
- rr->dnsout = get_request_socket (rr->dst_addr.ss_family);
- if (NULL == rr->dnsout)
+ rr->rs = GNUNET_DNSSTUB_resolve (dnsstub,
+ (struct sockaddr*) &rr->dst_addr,
+ salen,
+ rr->payload,
+ rr->payload_length,
+ &process_dns_result,
+ NULL);
+ if (NULL == rr->rs)
{
GNUNET_STATISTICS_update (stats,
gettext_noop ("# DNS exit failed (failed to open socket)"),
@@ -824,12 +605,6 @@ next_phase (struct RequestRecord *rr)
cleanup_rr (rr);
return;
}
- GNUNET_NETWORK_socket_sendto (rr->dnsout,
- rr->payload,
- rr->payload_length,
- (struct sockaddr*) &rr->dst_addr,
- salen);
- rr->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT);
return;
case RP_INTERNET_DNS:
rr->phase = RP_MODIFY;
@@ -911,199 +686,45 @@ client_disconnect (void *cls, struct GNUNET_SERVER_Client *client)
/**
- * We got a reply from DNS for a request of a MESH tunnel. Send it
- * via the tunnel (after changing the request ID back).
+ * Callback called from DNSSTUB resolver when a resolution
+ * succeeded.
*
- * @param cls the 'struct TunnelState'
- * @param size number of bytes available in buf
- * @param buf where to copy the reply
- * @return number of bytes written to buf
- */
-static size_t
-transmit_reply_to_mesh (void *cls,
- size_t size,
- void *buf)
-{
- struct TunnelState *ts = cls;
- size_t off;
- size_t ret;
- char *cbuf = buf;
- struct GNUNET_MessageHeader hdr;
- struct GNUNET_TUN_DnsHeader dns;
-
- ts->th = NULL;
- GNUNET_assert (ts->reply != NULL);
- if (size == 0)
- return 0;
- ret = sizeof (struct GNUNET_MessageHeader) + ts->reply_length;
- GNUNET_assert (ret <= size);
- hdr.size = htons (ret);
- hdr.type = htons (GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET);
- memcpy (&dns, ts->reply, sizeof (dns));
- dns.id = ts->original_id;
- off = 0;
- memcpy (&cbuf[off], &hdr, sizeof (hdr));
- off += sizeof (hdr);
- memcpy (&cbuf[off], &dns, sizeof (dns));
- off += sizeof (dns);
- memcpy (&cbuf[off], &ts->reply[sizeof (dns)], ts->reply_length - sizeof (dns));
- off += ts->reply_length - sizeof (dns);
- GNUNET_free (ts->reply);
- ts->reply = NULL;
- ts->reply_length = 0;
- GNUNET_assert (ret == off);
- return ret;
-}
-
-
-/**
- * Actually do the reading of a DNS packet from our UDP socket and see
- * if we have a valid, matching, pending request.
- *
- * @param dnsout socket to read from
- * @return GNUNET_OK on success, GNUNET_NO on drop, GNUNET_SYSERR on IO-errors (closed socket)
- */
-static int
-do_dns_read (struct GNUNET_NETWORK_Handle *dnsout)
-{
- struct sockaddr_storage addr;
- socklen_t addrlen;
- struct GNUNET_TUN_DnsHeader *dns;
- struct RequestRecord *rr;
- struct TunnelState *ts;
- ssize_t r;
- int len;
-
-#ifndef MINGW
- if (0 != ioctl (GNUNET_NETWORK_get_fd (dnsout), FIONREAD, &len))
- {
- /* conservative choice: */
- len = UINT16_MAX;
- }
-#else
- /* port the code above? */
- len = UINT16_MAX;
-#endif
-
- {
- unsigned char buf[len] GNUNET_ALIGN;
-
- addrlen = sizeof (addr);
- memset (&addr, 0, sizeof (addr));
- r = GNUNET_NETWORK_socket_recvfrom (dnsout,
- buf, sizeof (buf),
- (struct sockaddr*) &addr, &addrlen);
- if (-1 == r)
- {
- GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "recvfrom");
- GNUNET_NETWORK_socket_close (dnsout);
- return GNUNET_SYSERR;
- }
- if (sizeof (struct GNUNET_TUN_DnsHeader) > r)
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _("Received DNS response that is too small (%u bytes)"),
- r);
- return GNUNET_NO;
- }
- dns = (struct GNUNET_TUN_DnsHeader *) buf;
- /* Handle case that this is a reply to a request from a MESH DNS tunnel */
- ts = tunnels[dns->id];
- if ( (NULL == ts) ||
- (ts->dnsout != dnsout) ||
- (addrlen != ts->addrlen) ||
- (0 != memcmp (&ts->addr,
- &addr,
- addrlen)) ||
- (0 == GNUNET_TIME_absolute_get_remaining (ts->timeout).rel_value) )
- ts = NULL; /* DNS responder address missmatch */
- if (NULL != ts)
- {
- tunnels[dns->id] = NULL;
- GNUNET_free_non_null (ts->reply);
- ts->reply = GNUNET_malloc (r);
- ts->reply_length = r;
- memcpy (ts->reply, dns, r);
- if (ts->th != NULL)
- GNUNET_MESH_notify_transmit_ready_cancel (ts->th);
- ts->th = GNUNET_MESH_notify_transmit_ready (ts->tunnel,
- GNUNET_NO, 0,
- GNUNET_TIME_UNIT_FOREVER_REL,
- NULL,
- sizeof (struct GNUNET_MessageHeader) + r,
- &transmit_reply_to_mesh,
- ts);
- }
- /* Handle case that this is a reply to a local request (intercepted from TUN interface) */
- rr = &requests[dns->id];
- if ( (rr->phase != RP_INTERNET_DNS) ||
- (rr->dnsout != dnsout) ||
- (0 != memcmp (&rr->dst_addr,
- &addr,
- addrlen)) ||
- (0 == GNUNET_TIME_absolute_get_remaining (rr->timeout).rel_value) )
- {
- if (NULL == ts)
- {
- /* unexpected / bogus reply */
- GNUNET_STATISTICS_update (stats,
- gettext_noop ("# External DNS response discarded (no matching request)"),
- 1, GNUNET_NO);
- }
- return GNUNET_NO;
- }
- GNUNET_free_non_null (rr->payload);
- rr->payload = GNUNET_malloc (r);
- memcpy (rr->payload, buf, r);
- rr->payload_length = r;
- next_phase (rr);
- }
- return GNUNET_OK;
-}
-
-
-/**
- * Read a DNS response from the (unhindered) UDP-Socket
- *
- * @param cls socket to read from
- * @param tc scheduler context (must be shutdown or read ready)
+ * @param cls NULL
+ * @param rs the socket that received the response
+ * @param dns the response itself
+ * @param r number of bytes in dns
*/
static void
-read_response (void *cls,
- const struct GNUNET_SCHEDULER_TaskContext *tc)
+process_dns_result (void *cls,
+ struct GNUNET_DNSSTUB_RequestSocket *rs,
+ const struct GNUNET_TUN_DnsHeader *dns,
+ size_t r)
{
- struct RequestSocket *rs = cls;
- struct GNUNET_NETWORK_FDSet *rset;
+ struct RequestRecord *rr;
- rs->read_task = GNUNET_SCHEDULER_NO_TASK;
- if (0 == (tc->reason & GNUNET_SCHEDULER_REASON_READ_READY))
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Processing DNS result from stub resolver\n");
+ GNUNET_assert (NULL == cls);
+ rr = &requests[dns->id];
+ if ( (rr->phase != RP_INTERNET_DNS) ||
+ (rr->rs != rs) )
{
- /* timeout or shutdown */
- cleanup_rs (rs);
- return;
+ /* unexpected / bogus reply */
+ GNUNET_STATISTICS_update (stats,
+ gettext_noop ("# External DNS response discarded (no matching request)"),
+ 1, GNUNET_NO);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Received DNS reply that does not match any pending request. Dropping.\n");
+ return;
}
- /* read and process ready sockets */
- if ((NULL != rs->dnsout4) &&
- (GNUNET_NETWORK_fdset_isset (tc->read_ready, rs->dnsout4)) &&
- (GNUNET_SYSERR == do_dns_read (rs->dnsout4)))
- rs->dnsout4 = NULL;
- if ((NULL != rs->dnsout6) &&
- (GNUNET_NETWORK_fdset_isset (tc->read_ready, rs->dnsout6)) &&
- (GNUNET_SYSERR == do_dns_read (rs->dnsout6)))
- rs->dnsout6 = NULL;
-
- /* re-schedule read task */
- rset = GNUNET_NETWORK_fdset_create ();
- if (NULL != rs->dnsout4)
- GNUNET_NETWORK_fdset_set (rset, rs->dnsout4);
- if (NULL != rs->dnsout6)
- GNUNET_NETWORK_fdset_set (rset, rs->dnsout6);
- rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
- GNUNET_TIME_absolute_get_remaining (rs->timeout),
- rset,
- NULL,
- &read_response, rs);
- GNUNET_NETWORK_fdset_destroy (rset);
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Got a response from the stub resolver for DNS request %llu intercepted locally!\n",
+ (unsigned long long) rr->request_id);
+ GNUNET_free_non_null (rr->payload);
+ rr->payload = GNUNET_malloc (r);
+ memcpy (rr->payload, dns, r);
+ rr->payload_length = r;
+ next_phase (rr);
}
@@ -1162,6 +783,9 @@ handle_client_response (void *cls GNUNET_UNUSED,
resp = (const struct GNUNET_DNS_Response*) message;
off = (uint16_t) resp->request_id;
rr = &requests[off];
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Received DNS response with ID %llu from local client!\n",
+ (unsigned long long) resp->request_id);
if (rr->request_id != resp->request_id)
{
GNUNET_STATISTICS_update (stats,
@@ -1255,6 +879,8 @@ process_helper_messages (void *cls GNUNET_UNUSED, void *client,
struct sockaddr_in *dsta4;
struct sockaddr_in6 *dsta6;
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Intercepted message via DNS hijacker\n");
msize = ntohs (message->size);
if (msize < sizeof (struct GNUNET_MessageHeader) + sizeof (struct GNUNET_TUN_Layer2PacketHeader) + sizeof (struct GNUNET_TUN_IPv4Header))
{
@@ -1308,7 +934,8 @@ process_helper_messages (void *cls GNUNET_UNUSED, void *client,
ntohs (tun->proto));
return GNUNET_OK;
}
- if (msize <= sizeof (struct GNUNET_TUN_UdpHeader) + sizeof (struct GNUNET_TUN_DnsHeader))
+ if ( (msize <= sizeof (struct GNUNET_TUN_UdpHeader) + sizeof (struct GNUNET_TUN_DnsHeader)) ||
+ (DNS_PORT != ntohs (udp->destination_port)) )
{
/* non-DNS packet received on TUN, ignore */
GNUNET_STATISTICS_update (stats,
@@ -1375,7 +1002,9 @@ process_helper_messages (void *cls GNUNET_UNUSED, void *client,
memcpy (rr->payload, dns, msize);
rr->request_id = dns->id | (request_id_gen << 16);
request_id_gen++;
-
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Creating new DNS request %llu\n",
+ (unsigned long long) rr->request_id);
GNUNET_STATISTICS_update (stats,
gettext_noop ("# DNS requests received via TUN interface"),
1, GNUNET_NO);
@@ -1386,150 +1015,6 @@ process_helper_messages (void *cls GNUNET_UNUSED, void *client,
/**
- * Process a request via mesh to perform a DNS query.
- *
- * @param cls closure, NULL
- * @param tunnel connection to the other end
- * @param tunnel_ctx pointer to our 'struct TunnelState *'
- * @param sender who sent the message
- * @param message the actual message
- * @param atsi performance data for the connection
- * @return GNUNET_OK to keep the connection open,
- * GNUNET_SYSERR to close it (signal serious error)
- */
-static int
-receive_dns_request (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
- void **tunnel_ctx,
- const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED,
- const struct GNUNET_MessageHeader *message,
- const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED)
-{
- struct TunnelState *ts = *tunnel_ctx;
- const struct GNUNET_TUN_DnsHeader *dns;
- size_t mlen = ntohs (message->size);
- size_t dlen = mlen - sizeof (struct GNUNET_MessageHeader);
- char buf[dlen] GNUNET_ALIGN;
- struct GNUNET_TUN_DnsHeader *dout;
- struct sockaddr_in v4;
- struct sockaddr_in6 v6;
- struct sockaddr *so;
- socklen_t salen;
-
- if (dlen < sizeof (struct GNUNET_TUN_DnsHeader))
- {
- GNUNET_break_op (0);
- return GNUNET_SYSERR;
- }
- dns = (const struct GNUNET_TUN_DnsHeader *) &message[1];
- ts->original_id = dns->id;
- if (tunnels[ts->my_id] == ts)
- tunnels[ts->my_id] = NULL;
- ts->my_id = (uint16_t) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
- UINT16_MAX + 1);
- tunnels[ts->my_id] = ts;
- memcpy (buf, dns, dlen);
- dout = (struct GNUNET_TUN_DnsHeader*) buf;
- dout->id = ts->my_id;
- memset (&v4, 0, sizeof (v4));
- memset (&v6, 0, sizeof (v6));
- if (1 == inet_pton (AF_INET, dns_exit, &v4.sin_addr))
- {
- salen = sizeof (v4);
- v4.sin_family = AF_INET;
- v4.sin_port = htons (53);
-#if HAVE_SOCKADDR_IN_SIN_LEN
- v4.sin_len = (u_char) salen;
-#endif
- so = (struct sockaddr *) &v4;
- ts->dnsout = get_request_socket (AF_INET);
- }
- else if (1 == inet_pton (AF_INET6, dns_exit, &v6.sin6_addr))
- {
- salen = sizeof (v6);
- v6.sin6_family = AF_INET6;
- v6.sin6_port = htons (53);
-#if HAVE_SOCKADDR_IN_SIN_LEN
- v6.sin6_len = (u_char) salen;
-#endif
- so = (struct sockaddr *) &v6;
- ts->dnsout = get_request_socket (AF_INET6);
- }
- else
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- if (NULL == ts->dnsout)
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _("Configured DNS exit `%s' is not working / valid.\n"),
- dns_exit);
- return GNUNET_SYSERR;
- }
- memcpy (&ts->addr,
- so,
- salen);
- ts->addrlen = salen;
- GNUNET_NETWORK_socket_sendto (ts->dnsout,
- buf, dlen, so, salen);
- ts->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT);
- return GNUNET_OK;
-}
-
-
-/**
- * Callback from GNUNET_MESH for new tunnels.
- *
- * @param cls closure
- * @param tunnel new handle to the tunnel
- * @param initiator peer that started the tunnel
- * @param ats performance information for the tunnel
- * @return initial tunnel context for the tunnel
- */
-static void *
-accept_dns_tunnel (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
- const struct GNUNET_PeerIdentity *initiator GNUNET_UNUSED,
- const struct GNUNET_ATS_Information *ats GNUNET_UNUSED)
-{
- struct TunnelState *ts = GNUNET_malloc (sizeof (struct TunnelState));
-
- GNUNET_STATISTICS_update (stats,
- gettext_noop ("# Inbound MESH tunnels created"),
- 1, GNUNET_NO);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Received inbound tunnel from `%s'\n",
- GNUNET_i2s (initiator));
- ts->tunnel = tunnel;
- return ts;
-}
-
-
-/**
- * Function called by mesh whenever an inbound tunnel is destroyed.
- * Should clean up any associated state.
- *
- * @param cls closure (set from GNUNET_MESH_connect)
- * @param tunnel connection to the other end (henceforth invalid)
- * @param tunnel_ctx place where local state associated
- * with the tunnel is stored
- */
-static void
-destroy_dns_tunnel (void *cls GNUNET_UNUSED,
- const struct GNUNET_MESH_Tunnel *tunnel,
- void *tunnel_ctx)
-{
- struct TunnelState *ts = tunnel_ctx;
-
- if (tunnels[ts->my_id] == ts)
- tunnels[ts->my_id] = NULL;
- if (NULL != ts->th)
- GNUNET_MESH_notify_transmit_ready_cancel (ts->th);
- GNUNET_free_non_null (ts->reply);
- GNUNET_free (ts);
-}
-
-
-/**
* @param cls closure
* @param server the initialized server
* @param cfg_ configuration to use
@@ -1552,37 +1037,40 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
char *ipv6prefix;
struct in_addr dns_exit4;
struct in6_addr dns_exit6;
+ char *dns_exit;
+ char *binary;
cfg = cfg_;
+ binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-dns");
if (GNUNET_YES !=
- GNUNET_OS_check_helper_binary ("gnunet-helper-dns"))
+ GNUNET_OS_check_helper_binary (binary))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
_("`%s' must be installed SUID, refusing to run\n"),
- "gnunet-helper-dns");
+ binary);
global_ret = 1;
+ GNUNET_free (binary);
return;
}
-
+ GNUNET_free (binary);
stats = GNUNET_STATISTICS_create ("dns", cfg);
nc = GNUNET_SERVER_notification_context_create (server, 1);
GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &cleanup_task,
cls);
- if ( (GNUNET_YES ==
- GNUNET_CONFIGURATION_get_value_yesno (cfg_, "dns", "PROVIDE_EXIT")) &&
- ( (GNUNET_OK !=
+ dns_exit = NULL;
+ if ( ( (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_string (cfg, "dns",
"DNS_EXIT",
&dns_exit)) ||
( (1 != inet_pton (AF_INET, dns_exit, &dns_exit4)) &&
(1 != inet_pton (AF_INET6, dns_exit, &dns_exit6)) ) ) )
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _("Configured to provide DNS exit, but no valid DNS server configured!\n"));
+ GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "dns", "DNS_EXIT",
+ _("need a valid IPv4 or IPv6 address\n"));
GNUNET_free_non_null (dns_exit);
dns_exit = NULL;
}
-
+ dnsstub = GNUNET_DNSSTUB_start (dns_exit);
helper_argv[0] = GNUNET_strdup ("gnunet-dns");
if (GNUNET_SYSERR ==
GNUNET_CONFIGURATION_get_value_string (cfg, "dns", "IFNAME", &ifc_name))
@@ -1635,28 +1123,11 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
}
helper_argv[5] = ipv4mask;
helper_argv[6] = NULL;
-
- if (NULL != dns_exit)
- {
- static struct GNUNET_MESH_MessageHandler mesh_handlers[] = {
- {&receive_dns_request, GNUNET_MESSAGE_TYPE_VPN_DNS_TO_INTERNET, 0},
- {NULL, 0, 0}
- };
- static GNUNET_MESH_ApplicationType mesh_types[] = {
- GNUNET_APPLICATION_TYPE_INTERNET_RESOLVER,
- GNUNET_APPLICATION_TYPE_END
- };
- mesh = GNUNET_MESH_connect (cfg,
- 1, NULL,
- &accept_dns_tunnel,
- &destroy_dns_tunnel,
- mesh_handlers,
- mesh_types);
- }
- hijacker = GNUNET_HELPER_start ("gnunet-helper-dns",
+ hijacker = GNUNET_HELPER_start (GNUNET_NO,
+ "gnunet-helper-dns",
helper_argv,
&process_helper_messages,
- NULL);
+ NULL, NULL);
GNUNET_SERVER_add_handlers (server, handlers);
GNUNET_SERVER_disconnect_notify (server, &client_disconnect, NULL);
}
@@ -1672,6 +1143,25 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
int
main (int argc, char *const *argv)
{
+ /* make use of SGID capabilities on POSIX */
+ /* FIXME: this might need a port on systems without 'getresgid' */
+#if HAVE_GETRESGID
+ gid_t rgid;
+ gid_t egid;
+ gid_t sgid;
+
+ if (-1 == getresgid (&rgid, &egid, &sgid))
+ {
+ fprintf (stderr,
+ "getresgid failed: %s\n",
+ strerror (errno));
+ }
+ else if (sgid != rgid)
+ {
+ if (-1 == setregid (sgid, sgid))
+ fprintf (stderr, "setregid failed: %s\n", strerror (errno));
+ }
+#endif
return (GNUNET_OK ==
GNUNET_SERVICE_run (argc, argv, "dns", GNUNET_SERVICE_OPTION_NONE,
&run, NULL)) ? global_ret : 1;
diff --git a/src/dns/plugin_block_dns.c b/src/dns/plugin_block_dns.c
index da8add5..8ac1ef2 100644
--- a/src/dns/plugin_block_dns.c
+++ b/src/dns/plugin_block_dns.c
@@ -48,7 +48,7 @@
*/
static enum GNUNET_BLOCK_EvaluationResult
block_plugin_dns_evaluate (void *cls, enum GNUNET_BLOCK_Type type,
- const GNUNET_HashCode * query,
+ const struct GNUNET_HashCode * query,
struct GNUNET_CONTAINER_BloomFilter **bf,
int32_t bf_mutator, const void *xquery,
size_t xquery_size, const void *reply_block,
@@ -124,13 +124,13 @@ block_plugin_dns_evaluate (void *cls, enum GNUNET_BLOCK_Type type,
static int
block_plugin_dns_get_key (void *cls, enum GNUNET_BLOCK_Type type,
const void *block, size_t block_size,
- GNUNET_HashCode * key)
+ struct GNUNET_HashCode * key)
{
if (type != GNUNET_BLOCK_TYPE_DNS)
return GNUNET_SYSERR;
const struct GNUNET_DNS_Record *rec = block;
- memcpy (key, &rec->service_descriptor, sizeof (GNUNET_HashCode));
+ memcpy (key, &rec->service_descriptor, sizeof (struct GNUNET_HashCode));
return GNUNET_OK;
}
diff --git a/src/dns/test_gnunet_dns.sh b/src/dns/test_gnunet_dns.sh
index 35585d4..33dfd6c 100755
--- a/src/dns/test_gnunet_dns.sh
+++ b/src/dns/test_gnunet_dns.sh
@@ -6,13 +6,39 @@ then
echo "This test only works if run as root. Skipping."
exit 0
fi
+if ! which sudo > /dev/null
+then
+ echo "This test requires sudo. Skipping."
+ exit 0
+fi
+if [ ! -x `which sudo` ]
+then
+ echo "This test requires sudo. Skipping."
+ exit 0
+fi
+if ! which nslookup
+then
+ echo "This test requires nslookup. Skipping."
+ exit 0
+fi
+if [ ! -x `which nslookup` ]
+then
+ echo "This test requires nslookup. Skipping."
+ exit 0
+fi
export PATH=".:$PATH"
gnunet-service-dns -c dns.conf &
gnunet-dns-redirector -c dns.conf -4 127.0.0.1 &
sleep 1
-LO=`nslookup gnunet.org | grep Address | tail -n1`
+# need to run 'nslookup' as 'nobody', as gnunet-service-dns runs as root
+# and thus 'root' is excepted from DNS interception!
+LO=`sudo -u nobody nslookup gnunet.org | grep Address | tail -n1`
if [ "$LO" != "Address: 127.0.0.1" ]
then
- echo "Fail: $LO"
+ echo "Fail: got address $LO, wanted 127.0.0.1"
+ ret=1
+else
+ ret=0
fi
kill `jobs -p`
+exit $ret