📄 dns.c
字号:
static void
send_resolved_cell(edge_connection_t *conn, uint8_t answer_type)
{
char buf[RELAY_PAYLOAD_SIZE];
size_t buflen;
uint32_t ttl;
buf[0] = answer_type;
ttl = dns_clip_ttl(conn->address_ttl);
switch (answer_type)
{
case RESOLVED_TYPE_IPV4:
buf[1] = 4;
set_uint32(buf+2, htonl(conn->_base.addr));
set_uint32(buf+6, htonl(ttl));
buflen = 10;
break;
case RESOLVED_TYPE_ERROR_TRANSIENT:
case RESOLVED_TYPE_ERROR:
{
const char *errmsg = "Error resolving hostname";
size_t msglen = strlen(errmsg);
buf[1] = msglen;
strlcpy(buf+2, errmsg, sizeof(buf)-2);
set_uint32(buf+2+msglen, htonl(ttl));
buflen = 6+msglen;
break;
}
default:
tor_assert(0);
return;
}
// log_notice(LD_EXIT, "Sending a regular RESOLVED reply: ");
connection_edge_send_command(conn, RELAY_COMMAND_RESOLVED, buf, buflen);
}
/** Send a response to the RESOLVE request of a connection for an in-addr.arpa
* address on connection <b>conn</b> which yielded the result <b>hostname</b>.
* The answer type will be RESOLVED_HOSTNAME.
*
* If <b>circ</b> is provided, and we have a cached answer, send the
* answer back along circ; otherwise, send the answer back along
* <b>conn</b>'s attached circuit.
*/
static void
send_resolved_hostname_cell(edge_connection_t *conn, const char *hostname)
{
char buf[RELAY_PAYLOAD_SIZE];
size_t buflen;
uint32_t ttl;
size_t namelen = strlen(hostname);
tor_assert(hostname);
tor_assert(namelen < 256);
ttl = dns_clip_ttl(conn->address_ttl);
buf[0] = RESOLVED_TYPE_HOSTNAME;
buf[1] = (uint8_t)namelen;
memcpy(buf+2, hostname, namelen);
set_uint32(buf+2+namelen, htonl(ttl));
buflen = 2+namelen+4;
// log_notice(LD_EXIT, "Sending a reply RESOLVED reply: %s", hostname);
connection_edge_send_command(conn, RELAY_COMMAND_RESOLVED, buf, buflen);
// log_notice(LD_EXIT, "Sent");
}
/** Given a lower-case <b>address</b>, check to see whether it's a
* 1.2.3.4.in-addr.arpa address used for reverse lookups. If so,
* parse it and place the address in <b>in</b> if present. Return 1 on success;
* 0 if the address is not in in-addr.arpa format, and -1 if the address is
* malformed. */
/* XXXX021 move this to util.c. */
int
parse_inaddr_arpa_address(const char *address, struct in_addr *in)
{
char buf[INET_NTOA_BUF_LEN];
char *cp;
size_t len;
struct in_addr inaddr;
cp = strstr(address, ".in-addr.arpa");
if (!cp || *(cp+strlen(".in-addr.arpa")))
return 0; /* not an .in-addr.arpa address */
len = cp - address;
if (len >= INET_NTOA_BUF_LEN)
return -1; /* Too long. */
memcpy(buf, address, len);
buf[len] = '\0';
if (tor_inet_aton(buf, &inaddr) == 0)
return -1; /* malformed. */
if (in) {
uint32_t a;
/* reverse the bytes */
a = (uint32_t) ( ((inaddr.s_addr & 0x000000fful) << 24)
|((inaddr.s_addr & 0x0000ff00ul) << 8)
|((inaddr.s_addr & 0x00ff0000ul) >> 8)
|((inaddr.s_addr & 0xff000000ul) >> 24));
inaddr.s_addr = a;
memcpy(in, &inaddr, sizeof(inaddr));
}
return 1;
}
/** See if we have a cache entry for <b>exitconn</b>-\>address. if so,
* if resolve valid, put it into <b>exitconn</b>-\>addr and return 1.
* If resolve failed, free exitconn and return -1.
*
* (For EXIT_PURPOSE_RESOLVE connections, send back a RESOLVED error cell
* on returning -1. For EXIT_PURPOSE_CONNECT connections, there's no
* need to send back an END cell, since connection_exit_begin_conn will
* do that for us.)
*
* If we have a cached answer, send the answer back along <b>exitconn</b>'s
* circuit.
*
* Else, if seen before and pending, add conn to the pending list,
* and return 0.
*
* Else, if not seen before, add conn to pending list, hand to
* dns farm, and return 0.
*
* Exitconn's on_circuit field must be set, but exitconn should not
* yet be linked onto the n_streams/resolving_streams list of that circuit.
* On success, link the connection to n_streams if it's an exit connection.
* On "pending", link the connection to resolving streams. Otherwise,
* clear its on_circuit field.
*/
int
dns_resolve(edge_connection_t *exitconn)
{
or_circuit_t *oncirc = TO_OR_CIRCUIT(exitconn->on_circuit);
int is_resolve, r;
char *hostname = NULL;
routerinfo_t *me;
is_resolve = exitconn->_base.purpose == EXIT_PURPOSE_RESOLVE;
if (is_resolve &&
(!(me = router_get_my_routerinfo()) ||
policy_is_reject_star(me->exit_policy))) /* non-exit */
r = -1;
else
r = dns_resolve_impl(exitconn, is_resolve, oncirc, &hostname);
switch (r) {
case 1:
/* We got an answer without a lookup -- either the answer was
* cached, or it was obvious (like an IP address). */
if (is_resolve) {
/* Send the answer back right now, and detach. */
if (hostname)
send_resolved_hostname_cell(exitconn, hostname);
else
send_resolved_cell(exitconn, RESOLVED_TYPE_IPV4);
exitconn->on_circuit = NULL;
} else {
/* Add to the n_streams list; the calling function will send back a
* connected cell. */
exitconn->next_stream = oncirc->n_streams;
oncirc->n_streams = exitconn;
}
break;
case 0:
/* The request is pending: add the connection into the linked list of
* resolving_streams on this circuit. */
exitconn->_base.state = EXIT_CONN_STATE_RESOLVING;
exitconn->next_stream = oncirc->resolving_streams;
oncirc->resolving_streams = exitconn;
break;
case -2:
case -1:
/* The request failed before it could start: cancel this connection,
* and stop everybody waiting for the same connection. */
if (is_resolve) {
send_resolved_cell(exitconn,
(r == -1) ? RESOLVED_TYPE_ERROR : RESOLVED_TYPE_ERROR_TRANSIENT);
}
exitconn->on_circuit = NULL;
dns_cancel_pending_resolve(exitconn->_base.address);
if (!exitconn->_base.marked_for_close) {
connection_free(TO_CONN(exitconn));
//XXX020 ... and we just leak exitconn otherwise? -RD
// If it's marked for close, it's on closeable_connection_lst in
// main.c. If it's on the closeable list, it will get freed from
// main.c. -NM
// "<armadev> If that's true, there are other bugs around, where we
// don't check if it's marked, and will end up double-freeing."
// On the other hand, I don't know of any actual bugs here, so this
// shouldn't be holding up the rc. -RD
}
break;
default:
tor_assert(0);
}
tor_free(hostname);
return r;
}
/** Helper function for dns_resolve: same functionality, but does not handle:
* - marking connections on error and clearing their on_circuit
* - linking connections to n_streams/resolving_streams,
* - sending resolved cells if we have an answer/error right away,
*
* Return -2 on a transient error. If it's a reverse resolve and it's
* successful, sets *<b>hostname_out</b> to a newly allocated string
* holding the cached reverse DNS value.
*/
static int
dns_resolve_impl(edge_connection_t *exitconn, int is_resolve,
or_circuit_t *oncirc, char **hostname_out)
{
cached_resolve_t *resolve;
cached_resolve_t search;
pending_connection_t *pending_connection;
struct in_addr in;
time_t now = time(NULL);
uint8_t is_reverse = 0;
int r;
assert_connection_ok(TO_CONN(exitconn), 0);
tor_assert(exitconn->_base.s == -1);
assert_cache_ok();
tor_assert(oncirc);
/* first check if exitconn->_base.address is an IP. If so, we already
* know the answer. */
if (tor_inet_aton(exitconn->_base.address, &in) != 0) {
exitconn->_base.addr = ntohl(in.s_addr);
exitconn->address_ttl = DEFAULT_DNS_TTL;
return 1;
}
if (address_is_invalid_destination(exitconn->_base.address, 0)) {
log(LOG_PROTOCOL_WARN, LD_EXIT,
"Rejecting invalid destination address %s",
escaped_safe_str(exitconn->_base.address));
return -1;
}
/* then take this opportunity to see if there are any expired
* resolves in the hash table. */
purge_expired_resolves(now);
/* lower-case exitconn->_base.address, so it's in canonical form */
tor_strlower(exitconn->_base.address);
/* Check whether this is a reverse lookup. If it's malformed, or it's a
* .in-addr.arpa address but this isn't a resolve request, kill the
* connection.
*/
if ((r = parse_inaddr_arpa_address(exitconn->_base.address, &in)) != 0) {
if (r == 1) {
is_reverse = 1;
if (is_internal_IP(ntohl(in.s_addr), 0)) /* internal address */
return -1;
}
if (!is_reverse || !is_resolve) {
if (!is_reverse)
log_info(LD_EXIT, "Bad .in-addr.arpa address \"%s\"; sending error.",
escaped_safe_str(exitconn->_base.address));
else if (!is_resolve)
log_info(LD_EXIT,
"Attempt to connect to a .in-addr.arpa address \"%s\"; "
"sending error.",
escaped_safe_str(exitconn->_base.address));
return -1;
}
//log_notice(LD_EXIT, "Looks like an address %s",
//exitconn->_base.address);
}
/* now check the hash table to see if 'address' is already there. */
strlcpy(search.address, exitconn->_base.address, sizeof(search.address));
resolve = HT_FIND(cache_map, &cache_root, &search);
if (resolve && resolve->expire > now) { /* already there */
switch (resolve->state) {
case CACHE_STATE_PENDING:
/* add us to the pending list */
pending_connection = tor_malloc_zero(
sizeof(pending_connection_t));
pending_connection->conn = exitconn;
pending_connection->next = resolve->pending_connections;
resolve->pending_connections = pending_connection;
log_debug(LD_EXIT,"Connection (fd %d) waiting for pending DNS "
"resolve of %s", exitconn->_base.s,
escaped_safe_str(exitconn->_base.address));
return 0;
case CACHE_STATE_CACHED_VALID:
log_debug(LD_EXIT,"Connection (fd %d) found cached answer for %s",
exitconn->_base.s,
escaped_safe_str(resolve->address));
exitconn->address_ttl = resolve->ttl;
if (resolve->is_reverse) {
tor_assert(is_resolve);
*hostname_out = tor_strdup(resolve->result.hostname);
} else {
exitconn->_base.addr = resolve->result.addr;
}
return 1;
case CACHE_STATE_CACHED_FAILED:
log_debug(LD_EXIT,"Connection (fd %d) found cached error for %s",
exitconn->_base.s,
escaped_safe_str(exitconn->_base.address));
return -1;
case CACHE_STATE_DONE:
log_err(LD_BUG, "Found a 'DONE' dns resolve still in the cache.");
tor_fragile_assert();
}
tor_assert(0);
}
tor_assert(!resolve);
/* not there, need to add it */
resolve = tor_malloc_zero(sizeof(cached_resolve_t));
resolve->magic = CACHED_RESOLVE_MAGIC;
resolve->state = CACHE_STATE_PENDING;
resolve->is_reverse = is_reverse;
strlcpy(resolve->address, exitconn->_base.address, sizeof(resolve->address));
/* add this connection to the pending list */
pending_connection = tor_malloc_zero(sizeof(pending_connection_t));
pending_connection->conn = exitconn;
resolve->pending_connections = pending_connection;
/* Add this resolve to the cache and priority queue. */
HT_INSERT(cache_map, &cache_root, resolve);
set_expiry(resolve, now + RESOLVE_MAX_TIMEOUT);
log_debug(LD_EXIT,"Launching %s.",
escaped_safe_str(exitconn->_base.address));
assert_cache_ok();
return launch_resolve(exitconn);
}
/** Log an error and abort if conn is waiting for a DNS resolve.
*/
void
assert_connection_edge_not_dns_pending(edge_connection_t *conn)
{
pending_connection_t *pend;
cached_resolve_t **resolve;
HT_FOREACH(resolve, cache_map, &cache_root) {
for (pend = (*resolve)->pending_connections;
pend;
pend = pend->next) {
tor_assert(pend->conn != conn);
}
}
}
/** Log an error and abort if any connection waiting for a DNS resolve is
* corrupted. */
void
assert_all_pending_dns_resolves_ok(void)
{
pending_connection_t *pend;
cached_resolve_t **resolve;
HT_FOREACH(resolve, cache_map, &cache_root) {
for (pend = (*resolve)->pending_connections;
pend;
pend = pend->next) {
assert_connection_ok(TO_CONN(pend->conn), 0);
tor_assert(pend->conn->_base.s == -1);
tor_assert(!connection_in_array(TO_CONN(pend->conn)));
}
}
}
/** Remove <b>conn</b> from the list of connections waiting for conn-\>address.
*/
void
connection_dns_remove(edge_connection_t *conn)
{
pending_connection_t *pend, *victim;
cached_resolve_t search;
cached_resolve_t *resolve;
tor_assert(conn->_base.type == CONN_TYPE_EXIT);
tor_assert(conn->_base.state == EXIT_CONN_STATE_RESOLVING);
strlcpy(search.address, conn->_base.address, sizeof(search.address));
resolve = HT_FIND(cache_map, &cache_root, &search);
if (!resolve) {
log_notice(LD_BUG, "Address %s is not pending. Dropping.",
escaped_safe_str(conn->_base.address));
return;
}
tor_assert(resolve->pending_connections);
assert_connection_ok(TO_CONN(conn),0);
pend = resolve->pending_connections;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -