adns.c

This a good VPN source

/* Pluto Asynchronous DNS Helper Program -- for internal use only!
 * Copyright (C) 2002  D. Hugh Redelmeier.
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 *
 * RCSID $Id: adns.c,v 1.11 2004/03/08 01:50:34 ken Exp $
 */

#ifndef USE_LWRES	/* whole file! */

/* This program executes as multiple processes.  The Master process
 * receives queries (struct adns_query messages) from Pluto and distributes
 * them amongst Worker processes.  These Worker processes are created
 * by the Master whenever a query arrives and no existing Worker is free.
 * At most MAX_WORKERS will be created; after that, the Master will queue
 * queries until a Worker becomes free.  When a Worker has an answer from
 * the resolver, it sends the answer as a struct adns_answer message to the
 * Master.  The Master then forwards the answer to Pluto, noting that
 * the Worker is free to accept another query.
 *
 * The protocol is simple: Pluto sends a sequence of queries and receives
 * a sequence of answers.  select(2) is used by Pluto and by the Master
 * process to decide when to read, but writes are done without checking
 * for readiness.  Communications is via pipes.  Since only one process
 * can write to each pipe, messages will not be interleaved.  Fixed length
 * records are used for simplicity.
 *
 * Pluto needs a way to indicate to the Master when to shut down
 * and the Master needs to indicate this to each worker.  EOF on the pipe
 * signifies this.
 *
 * The interfaces between these components are considered private to
 * Pluto.  This allows us to get away with less checking.  This is a
 * reason to use pipes instead of TCP/IP.
 *
 * Although the code uses plain old UNIX processes, it could be modified
 * to use threads.  That might reduce resource requirements.  It would
 * preclude running on systems without thread-safe resolvers.
 */

#include <stdio.h>
#include <stdlib.h>
#include <stddef.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
#include <syslog.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <netinet/in.h>
#include <arpa/nameser.h>
#include <resolv.h>
#include <netdb.h>	/* ??? for h_errno */

#include <openswan.h>

/* GCC magic! */
#ifdef GCC_LINT
# define UNUSED __attribute__ ((unused))
#else
# define UNUSED /* ignore */
#endif

#include "constants.h"
#include "adns.h"	/* needs <resolv.h> */

/* shared by all processes */

static const char *name;	/* program name, for messages */

static bool debug = FALSE;

/* Read a variable-length record from a pipe (and no more!).
 * First bytes must be a size_t containing the length.
 * HES_CONTINUE if record read
 * HES_OK if EOF
 * HES_IO_ERROR_IN if errno tells the tale.
 * Others are errors.
 */
static enum helper_exit_status
read_pipe(int fd, unsigned char *stuff, size_t minlen, size_t maxlen)
{
    size_t n = 0;
    size_t goal = minlen;

    do {
	ssize_t m = read(fd, stuff + n, goal - n);

	if (m == -1)
	{
	    if (errno != EINTR)
	    {
		syslog(LOG_ERR, "Input error on pipe: %s", strerror(errno));
		return HES_IO_ERROR_IN;
	    }
	}
	else if (m == 0)
	{
	    return HES_OK;	/* treat empty message as EOF */
	}
	else
	{
	    n += m;
	    if (n >= sizeof(size_t))
	    {
		goal = *(size_t *)(void *)stuff;
		if (goal < minlen || maxlen < goal)
		{
		    if (debug)
			fprintf(stderr, "%lu : [%lu, %lu]\n"
			    , (unsigned long)goal
			    , (unsigned long)minlen, (unsigned long)maxlen);
		    return HES_BAD_LEN;
		}
	    }
	}
    } while (n < goal);

    return HES_CONTINUE;
}

/* Write a variable-length record to a pipe.
 * First bytes must be a size_t containing the length.
 * HES_CONTINUE if record written
 * Others are errors.
 */
static enum helper_exit_status
write_pipe(int fd, const unsigned char *stuff)
{
    size_t len = *(const size_t *)(const void *)stuff;
    size_t n = 0;

    do {
	ssize_t m = write(fd, stuff + n, len - n);

	if (m == -1)
	{
	    /* error, but ignore and retry if EINTR */
	    if (errno != EINTR)
	    {
		syslog(LOG_ERR, "Output error from master: %s", strerror(errno));
		return HES_IO_ERROR_OUT;
	    }
	}
	else
	{
	    n += m;
	}
    } while (n != len);
    return HES_CONTINUE;
}

/**************** worker process ****************/

/* The interface in RHL6.x and BIND distribution 8.2.2 are different,
 * so we build some of our own :-(
 */

/* Support deprecated interface to allow for older releases of the resolver.
 * Fake new interface!
 * See resolver(3) bind distribution (should be in RHL6.1, but isn't).
 * __RES was 19960801 in RHL6.2, an old resolver.
 */

#if (__RES) <= 19960801
# define OLD_RESOLVER	1
#endif

#ifdef OLD_RESOLVER

# define res_ninit(statp) res_init()
# define res_nquery(statp, dname, class, type, answer, anslen) \
    res_query(dname, class, type, answer, anslen)
# define res_nclose(statp) res_close()

static struct __res_state *statp = &_res;

#else /* !OLD_RESOLVER */

static struct __res_state my_res_state /* = { 0 } */;
static res_state statp = &my_res_state;

#endif /* !OLD_RESOLVER */

static int
worker(int qfd, int afd)
{
    {
	int r = res_ninit(statp);

	if (r != 0)
	{
	    syslog(LOG_ERR, "cannot initialize resolver");
	    return HES_RES_INIT;
	}
#ifndef OLD_RESOLVER
	statp->options |= RES_ROTATE;
#endif
	statp->options |= RES_DEBUG;
    }

    for (;;)
    {
	struct adns_query q;
	struct adns_answer a;

	enum helper_exit_status r = read_pipe(qfd, (unsigned char *)&q
	    , sizeof(q), sizeof(q));

	if (r != HES_CONTINUE)
	    return r;	/* some kind of exit */

	if (q.qmagic != ADNS_Q_MAGIC)
	{
	    syslog(LOG_ERR, "error in input from master: bad magic");
	    return HES_BAD_MAGIC;
	}

	a.amagic = ADNS_A_MAGIC;
	a.serial = q.serial;

	a.result = res_nquery(statp, q.name_buf, C_IN, q.type, a.ans, sizeof(a.ans));
	a.h_errno_val = h_errno;

	a.len = offsetof(struct adns_answer, ans) + (a.result < 0? 0 : a.result);

#ifdef DEBUG
	if (((q.debugging & IMPAIR_DELAY_ADNS_KEY_ANSWER) && q.type == T_KEY)
	|| ((q.debugging & IMPAIR_DELAY_ADNS_TXT_ANSWER) && q.type == T_TXT))
	    sleep(30);	/* delay the answer */
#endif

	/* write answer, possibly a bit at a time */
	r = write_pipe(afd, (const unsigned char *)&a);

	if (r != HES_CONTINUE)
	    return r;	/* some kind of exit */
    }
}

/**************** master process ****************/

bool eof_from_pluto = FALSE;
#define PLUTO_QFD	0	/* queries come on stdin */
#define PLUTO_AFD	1	/* answers go out on stdout */

#ifndef MAX_WORKERS
# define MAX_WORKERS 10	/* number of in-flight queries */
#endif

struct worker_info {
    int qfd;	/* query pipe's file descriptor */
    int afd;	/* answer pipe's file descriptor */
    pid_t pid;
    bool busy;
    void *continuation;	/* of outstanding request */
};

static struct worker_info wi[MAX_WORKERS];
static struct worker_info *wi_roof = wi;

/* request FIFO */

struct query_list {
    struct query_list *next;
    struct adns_query aq;
};

static struct query_list *oldest_query = NULL;
static struct query_list *newest_query;	/* undefined when oldest == NULL */
static struct query_list *free_queries = NULL;

static bool
spawn_worker(void)
{
    int qfds[2];
    int afds[2];
    pid_t p;

    if (pipe(qfds) != 0 || pipe(afds) != 0)
    {
	syslog(LOG_ERR, "pipe(2) failed: %s", strerror(errno));
	exit(HES_PIPE);
    }

    wi_roof->qfd = qfds[1];	/* write end of query pipe */
    wi_roof->afd = afds[0];	/* read end of answer pipe */

    p = fork();
    if (p == -1)
    {
	/* fork failed: ignore if at least one worker exists */
	if (wi_roof == wi)
	{
	    syslog(LOG_ERR, "fork(2) error creating first worker: %s", strerror(errno));
	    exit(HES_FORK);
	}
	close(qfds[0]);
	close(qfds[1]);
	close(afds[0]);
	close(afds[1]);
	return FALSE;
    }
    else if (p == 0)
    {
	/* child */
	struct worker_info *w;

	close(PLUTO_QFD);
	close(PLUTO_AFD);
	/* close all master pipes, including ours */
	for (w = wi; w <= wi_roof; w++)
	{
	    close(w->qfd);
	    close(w->afd);
	}
	exit(worker(qfds[0], afds[1]));
    }
    else
    {
	/* parent */
	struct worker_info *w = wi_roof++;

	w->pid = p;
	w->busy = FALSE;
	close(qfds[0]);
	close(afds[1]);
	return TRUE;
    }
}

static void
send_eof(struct worker_info *w)
{
    pid_t p;
    int status;

    close(w->qfd);
    w->qfd = NULL_FD;

    close(w->afd);
    w->afd = NULL_FD;

    /* reap child */
    p = waitpid(w->pid, &status, 0);
    /* ignore result -- what could we do with it? */
}

static void
forward_query(struct worker_info *w)
{
    struct query_list *q = oldest_query;

    if (q == NULL)
    {
	if (eof_from_pluto)
	    send_eof(w);
    }
    else
    {
	enum helper_exit_status r
	    = write_pipe(w->qfd, (const unsigned char *) &q->aq);

	if (r != HES_CONTINUE)
	    exit(r);

	w->busy = TRUE;

	oldest_query = q->next;
	q->next = free_queries;
	free_queries = q;
    }
}

static void
query(void)
{
    struct query_list *q = free_queries;
    enum helper_exit_status r;

    /* find an unused queue entry */
    if (q == NULL)
    {
	q = malloc(sizeof(*q));
	if (q == NULL)
	{
	    syslog(LOG_ERR, "malloc(3) failed");
	    exit(HES_MALLOC);
	}
    }
    else
    {
	free_queries = q->next;
    }

    r = read_pipe(PLUTO_QFD, (unsigned char *)&q->aq
	, sizeof(q->aq), sizeof(q->aq));

    if (r == HES_OK)
    {
	/* EOF: we're done, except for unanswered queries */
	struct worker_info *w;

	eof_from_pluto = TRUE;
	q->next = free_queries;
	free_queries = q;

	/* Send bye-bye to unbusy processes.
	 * Note that if there are queued queries, there won't be
	 * any non-busy workers.
	 */
	for (w = wi; w != wi_roof; w++)
	    if (!w->busy)
		send_eof(w);
    }
    else if (r != HES_CONTINUE)
    {
	exit(r);
    }
    else if (q->aq.qmagic != ADNS_Q_MAGIC)
    {
	syslog(LOG_ERR, "error in query from Pluto: bad magic");
	exit(HES_BAD_MAGIC);
    }
    else
    {
	struct worker_info *w;

	/* got a query */

	/* add it to FIFO */
	q->next = NULL;
	if (oldest_query == NULL)
	    oldest_query = q;
	else
	    newest_query->next = q;
	newest_query = q;

	/* See if any worker available */
	for (w = wi; ; w++)
	{
	    if (w == wi_roof)
	    {
		/* no free worker */
		if (w == wi + MAX_WORKERS)
		    break;	/* no more to be created */
		/* make a new one */
		if (!spawn_worker())
		    break;	/* cannot create one at this time */
	    }
	    if (!w->busy)
	    {
		/* assign first to free worker */
		forward_query(w);
		break;
	    }
	}
    }
    return;
}

static void
answer(struct worker_info *w)
{
    struct adns_answer a;
    enum helper_exit_status r = read_pipe(w->afd, (unsigned char *)&a
	, offsetof(struct adns_answer, ans), sizeof(a));

    if (r == HES_OK)
    {
	/* unexpected EOF */
	syslog(LOG_ERR, "unexpected EOF from worker");
	exit(HES_IO_ERROR_IN);
    }
    else if (r != HES_CONTINUE)
    {
	exit(r);
    }
    else if (a.amagic != ADNS_A_MAGIC)
    {
	syslog(LOG_ERR, "Input from worker error: bad magic");
	exit(HES_BAD_MAGIC);
    }
    else if (a.continuation != w->continuation)
    {
	/* answer doesn't match query */
	syslog(LOG_ERR, "Input from worker error: continuation mismatch");
	exit(HES_SYNC);
    }
    else
    {
	/* pass the answer on to Pluto */
	enum helper_exit_status r
	    = write_pipe(PLUTO_AFD, (const unsigned char *) &a);

	if (r != HES_CONTINUE)
	    exit(r);
	w->busy = FALSE;
	forward_query(w);
    }
}

/* assumption: input limited; accept blocking on output */
static int
master(void)
{
    for (;;)
    {
	fd_set readfds;
	int maxfd = PLUTO_QFD;		/* approximate lower bound */
	int ndes = 0;
	struct worker_info *w;

	FD_ZERO(&readfds);
	if (!eof_from_pluto)
	{
	    FD_SET(PLUTO_QFD, &readfds);
	    ndes++;
	}
	for (w = wi; w != wi_roof; w++)
	{
	    if (w->busy)
	    {
		FD_SET(w->afd, &readfds);
		ndes++;
		if (maxfd < w->afd)
		    maxfd = w->afd;
	    }
	}

	if (ndes == 0)
	    return HES_OK;	/* done! */

	do {
	    ndes = select(maxfd + 1, &readfds, NULL, NULL, NULL);
	} while (ndes == -1 && errno == EINTR);
	if (ndes == -1)
	{
	    syslog(LOG_ERR, "select(2) error: %s", strerror(errno));
	    exit(HES_IO_ERROR_SELECT);
	}
	else if (ndes > 0)
	{
	    if (FD_ISSET(PLUTO_QFD, &readfds))
	    {
		query();
		ndes--;
	    }
	    for (w = wi; ndes > 0 && w != wi_roof; w++)
	    {
		if (w->busy && FD_ISSET(w->afd, &readfds))
		{
		    answer(w);
		    ndes--;
		}
	    }
	}
    }
}

/* Not to be invoked by strangers -- user hostile.
 * Mandatory args: query-fd answer-fd
 * Optional arg: -d, signifying "debug".
 */

static void
adns_usage(const char *fmt, const char *arg)
{
    const char **sp = ipsec_copyright_notice();

    fprintf(stderr, "INTERNAL TO PLUTO: DO NOT EXECUTE\n");

    fprintf(stderr, fmt, arg);
    fprintf(stderr, "\n%s\n", ipsec_version_string());

    for (; *sp != NULL; sp++)
	fprintf(stderr, "%s\n", *sp);

    syslog(LOG_ERR, fmt, arg);
    exit(HES_INVOCATION);
}

int
main(int argc UNUSED, char **argv)
{
    int i = 1;

    name = argv[0];

    while (i < argc)
    {
	if (streq(argv[i], "-d"))
	{
	    i++;
	    debug = TRUE;
	}
	else
	{
	    adns_usage("unexpected argument \"%s\"", argv[i]);
	    /*NOTREACHED*/
	}
    }

    return master();
}

#endif /* !USE_LWRES */