aboutsummaryrefslogtreecommitdiff
path: root/src/dns
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2018-04-05 16:25:46 +0200
committerChristian Grothoff <christian@grothoff.org>2018-04-05 16:25:46 +0200
commit32f590da99c8c77c063b58e3a105a3c05fa5e988 (patch)
treee40710b59eb8a89957841c810f0fb8fa9db1edda /src/dns
parenteea5388958b3c21336972a0c979dc344e3bc66e7 (diff)
downloadgnunet-32f590da99c8c77c063b58e3a105a3c05fa5e988.tar.gz
gnunet-32f590da99c8c77c063b58e3a105a3c05fa5e988.zip
where applicable, check DNS ID in responses before processing further
Diffstat (limited to 'src/dns')
-rw-r--r--src/dns/dnsstub.c85
-rw-r--r--src/dns/gnunet-service-dns.c3
2 files changed, 64 insertions, 24 deletions
diff --git a/src/dns/dnsstub.c b/src/dns/dnsstub.c
index 364b6fe28..c79502ce9 100644
--- a/src/dns/dnsstub.c
+++ b/src/dns/dnsstub.c
@@ -235,8 +235,22 @@ get_request_socket (struct GNUNET_DNSSTUB_Context *ctx,
235 struct GNUNET_DNSSTUB_RequestSocket *rs; 235 struct GNUNET_DNSSTUB_RequestSocket *rs;
236 struct GNUNET_NETWORK_FDSet *rset; 236 struct GNUNET_NETWORK_FDSet *rset;
237 237
238 rs = &ctx->sockets[GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, 238 for (unsigned int i=0;i<256;i++)
239 DNS_SOCKET_MAX)]; 239 {
240 rs = &ctx->sockets[GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE,
241 DNS_SOCKET_MAX)];
242 if (NULL == rs->rc)
243 break;
244 }
245 if (NULL != rs->rc)
246 {
247 /* signal "failure" */
248 rs->rc (rs->rc_cls,
249 rs,
250 NULL,
251 0);
252 rs->rc = NULL;
253 }
240 rs->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT); 254 rs->timeout = GNUNET_TIME_relative_to_absolute (REQUEST_TIMEOUT);
241 switch (af) 255 switch (af)
242 { 256 {
@@ -271,9 +285,11 @@ get_request_socket (struct GNUNET_DNSSTUB_Context *ctx,
271 return NULL; 285 return NULL;
272 rset = GNUNET_NETWORK_fdset_create (); 286 rset = GNUNET_NETWORK_fdset_create ();
273 if (NULL != rs->dnsout4) 287 if (NULL != rs->dnsout4)
274 GNUNET_NETWORK_fdset_set (rset, rs->dnsout4); 288 GNUNET_NETWORK_fdset_set (rset,
289 rs->dnsout4);
275 if (NULL != rs->dnsout6) 290 if (NULL != rs->dnsout6)
276 GNUNET_NETWORK_fdset_set (rset, rs->dnsout6); 291 GNUNET_NETWORK_fdset_set (rset,
292 rs->dnsout6);
277 rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT, 293 rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
278 REQUEST_TIMEOUT, 294 REQUEST_TIMEOUT,
279 rset, 295 rset,
@@ -326,11 +342,11 @@ transmit_query (void *cls)
326 * 342 *
327 * @param ctx stub resolver to use 343 * @param ctx stub resolver to use
328 * @param sa the socket address 344 * @param sa the socket address
329 * @param sa_len the socket length 345 * @param sa_len the length of @a sa
330 * @param request DNS request to transmit 346 * @param request DNS request to transmit
331 * @param request_len number of bytes in msg 347 * @param request_len number of bytes in @a request
332 * @param rc function to call with result 348 * @param rc function to call with result
333 * @param rc_cls closure for 'rc' 349 * @param rc_cls closure for @a rc
334 * @return socket used for the request, NULL on error 350 * @return socket used for the request, NULL on error
335 */ 351 */
336struct GNUNET_DNSSTUB_RequestSocket * 352struct GNUNET_DNSSTUB_RequestSocket *
@@ -347,6 +363,7 @@ GNUNET_DNSSTUB_resolve (struct GNUNET_DNSSTUB_Context *ctx,
347 if (NULL == (rs = get_request_socket (ctx, 363 if (NULL == (rs = get_request_socket (ctx,
348 sa->sa_family))) 364 sa->sa_family)))
349 return NULL; 365 return NULL;
366 GNUNET_assert (NULL == rs->rc);
350 GNUNET_memcpy (&rs->addr, 367 GNUNET_memcpy (&rs->addr,
351 sa, 368 sa,
352 sa_len); 369 sa_len);
@@ -389,7 +406,9 @@ GNUNET_DNSSTUB_resolve2 (struct GNUNET_DNSSTUB_Context *ctx,
389 406
390 memset (&v4, 0, sizeof (v4)); 407 memset (&v4, 0, sizeof (v4));
391 memset (&v6, 0, sizeof (v6)); 408 memset (&v6, 0, sizeof (v6));
392 if (1 == inet_pton (AF_INET, ctx->dns_exit, &v4.sin_addr)) 409 if (1 == inet_pton (AF_INET,
410 ctx->dns_exit,
411 &v4.sin_addr))
393 { 412 {
394 salen = sizeof (v4); 413 salen = sizeof (v4);
395 v4.sin_family = AF_INET; 414 v4.sin_family = AF_INET;
@@ -400,7 +419,9 @@ GNUNET_DNSSTUB_resolve2 (struct GNUNET_DNSSTUB_Context *ctx,
400 sa = (struct sockaddr *) &v4; 419 sa = (struct sockaddr *) &v4;
401 af = AF_INET; 420 af = AF_INET;
402 } 421 }
403 else if (1 == inet_pton (AF_INET6, ctx->dns_exit, &v6.sin6_addr)) 422 else if (1 == inet_pton (AF_INET6,
423 ctx->dns_exit,
424 &v6.sin6_addr))
404 { 425 {
405 salen = sizeof (v6); 426 salen = sizeof (v6);
406 v6.sin6_family = AF_INET6; 427 v6.sin6_family = AF_INET6;
@@ -416,8 +437,10 @@ GNUNET_DNSSTUB_resolve2 (struct GNUNET_DNSSTUB_Context *ctx,
416 GNUNET_break (0); 437 GNUNET_break (0);
417 return NULL; 438 return NULL;
418 } 439 }
419 if (NULL == (rs = get_request_socket (ctx, af))) 440 if (NULL == (rs = get_request_socket (ctx,
441 af)))
420 return NULL; 442 return NULL;
443 GNUNET_assert (NULL == rs->rc);
421 if (NULL != rs->dnsout4) 444 if (NULL != rs->dnsout4)
422 dnsout = rs->dnsout4; 445 dnsout = rs->dnsout4;
423 else 446 else
@@ -430,15 +453,17 @@ GNUNET_DNSSTUB_resolve2 (struct GNUNET_DNSSTUB_Context *ctx,
430 return NULL; 453 return NULL;
431 } 454 }
432 GNUNET_memcpy (&rs->addr, 455 GNUNET_memcpy (&rs->addr,
433 sa, 456 sa,
434 salen); 457 salen);
435 rs->addrlen = salen; 458 rs->addrlen = salen;
436 rs->rc = rc; 459 rs->rc = rc;
437 rs->rc_cls = rc_cls; 460 rs->rc_cls = rc_cls;
438 if (GNUNET_SYSERR == 461 if (GNUNET_SYSERR ==
439 GNUNET_NETWORK_socket_sendto (dnsout, 462 GNUNET_NETWORK_socket_sendto (dnsout,
440 request, 463 request,
441 request_len, sa, salen)) 464 request_len,
465 sa,
466 salen))
442 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 467 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
443 _("Failed to send DNS request to %s\n"), 468 _("Failed to send DNS request to %s\n"),
444 GNUNET_a2s (sa, salen)); 469 GNUNET_a2s (sa, salen));
@@ -466,7 +491,9 @@ do_dns_read (struct GNUNET_DNSSTUB_RequestSocket *rs,
466 int len; 491 int len;
467 492
468#ifndef MINGW 493#ifndef MINGW
469 if (0 != ioctl (GNUNET_NETWORK_get_fd (dnsout), FIONREAD, &len)) 494 if (0 != ioctl (GNUNET_NETWORK_get_fd (dnsout),
495 FIONREAD,
496 &len))
470 { 497 {
471 /* conservative choice: */ 498 /* conservative choice: */
472 len = UINT16_MAX; 499 len = UINT16_MAX;
@@ -484,11 +511,14 @@ do_dns_read (struct GNUNET_DNSSTUB_RequestSocket *rs,
484 addrlen = sizeof (addr); 511 addrlen = sizeof (addr);
485 memset (&addr, 0, sizeof (addr)); 512 memset (&addr, 0, sizeof (addr));
486 r = GNUNET_NETWORK_socket_recvfrom (dnsout, 513 r = GNUNET_NETWORK_socket_recvfrom (dnsout,
487 buf, sizeof (buf), 514 buf,
488 (struct sockaddr*) &addr, &addrlen); 515 sizeof (buf),
516 (struct sockaddr*) &addr,
517 &addrlen);
489 if (-1 == r) 518 if (-1 == r)
490 { 519 {
491 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "recvfrom"); 520 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
521 "recvfrom");
492 GNUNET_NETWORK_socket_close (dnsout); 522 GNUNET_NETWORK_socket_close (dnsout);
493 return GNUNET_SYSERR; 523 return GNUNET_SYSERR;
494 } 524 }
@@ -543,25 +573,32 @@ read_response (void *cls)
543 } 573 }
544 /* read and process ready sockets */ 574 /* read and process ready sockets */
545 if ((NULL != rs->dnsout4) && 575 if ((NULL != rs->dnsout4) &&
546 (GNUNET_NETWORK_fdset_isset (tc->read_ready, rs->dnsout4)) && 576 (GNUNET_NETWORK_fdset_isset (tc->read_ready,
547 (GNUNET_SYSERR == do_dns_read (rs, rs->dnsout4))) 577 rs->dnsout4)) &&
578 (GNUNET_SYSERR == do_dns_read (rs,
579 rs->dnsout4)))
548 rs->dnsout4 = NULL; 580 rs->dnsout4 = NULL;
549 if ((NULL != rs->dnsout6) && 581 if ((NULL != rs->dnsout6) &&
550 (GNUNET_NETWORK_fdset_isset (tc->read_ready, rs->dnsout6)) && 582 (GNUNET_NETWORK_fdset_isset (tc->read_ready,
551 (GNUNET_SYSERR == do_dns_read (rs, rs->dnsout6))) 583 rs->dnsout6)) &&
584 (GNUNET_SYSERR == do_dns_read (rs,
585 rs->dnsout6)))
552 rs->dnsout6 = NULL; 586 rs->dnsout6 = NULL;
553 587
554 /* re-schedule read task */ 588 /* re-schedule read task */
555 rset = GNUNET_NETWORK_fdset_create (); 589 rset = GNUNET_NETWORK_fdset_create ();
556 if (NULL != rs->dnsout4) 590 if (NULL != rs->dnsout4)
557 GNUNET_NETWORK_fdset_set (rset, rs->dnsout4); 591 GNUNET_NETWORK_fdset_set (rset,
592 rs->dnsout4);
558 if (NULL != rs->dnsout6) 593 if (NULL != rs->dnsout6)
559 GNUNET_NETWORK_fdset_set (rset, rs->dnsout6); 594 GNUNET_NETWORK_fdset_set (rset,
595 rs->dnsout6);
560 rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT, 596 rs->read_task = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
561 GNUNET_TIME_absolute_get_remaining (rs->timeout), 597 GNUNET_TIME_absolute_get_remaining (rs->timeout),
562 rset, 598 rset,
563 NULL, 599 NULL,
564 &read_response, rs); 600 &read_response,
601 rs);
565 GNUNET_NETWORK_fdset_destroy (rset); 602 GNUNET_NETWORK_fdset_destroy (rset);
566} 603}
567 604
diff --git a/src/dns/gnunet-service-dns.c b/src/dns/gnunet-service-dns.c
index ffc94afb7..9feaa8413 100644
--- a/src/dns/gnunet-service-dns.c
+++ b/src/dns/gnunet-service-dns.c
@@ -729,6 +729,9 @@ process_dns_result (void *cls,
729 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 729 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
730 "Processing DNS result from stub resolver\n"); 730 "Processing DNS result from stub resolver\n");
731 GNUNET_assert (NULL == cls); 731 GNUNET_assert (NULL == cls);
732 if (NULL == dns)
733 return; /* ignore */
734
732 rr = &requests[dns->id]; 735 rr = &requests[dns->id];
733 if ( (rr->phase != RP_INTERNET_DNS) || 736 if ( (rr->phase != RP_INTERNET_DNS) ||
734 (rr->rs != rs) ) 737 (rr->rs != rs) )
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-19 02:27:50 +0000