selfresolve check wip

author Otto Moerbeek <otto.moerbeek@open-xchange.com>

Mon, 11 Mar 2024 16:34:02 +0000 (17:34 +0100)

committer Otto Moerbeek <otto.moerbeek@open-xchange.com>

Mon, 25 Mar 2024 09:22:07 +0000 (10:22 +0100)
author Otto Moerbeek <otto.moerbeek@open-xchange.com>
Mon, 11 Mar 2024 16:34:02 +0000 (17:34 +0100)
committer Otto Moerbeek <otto.moerbeek@open-xchange.com>
Mon, 25 Mar 2024 09:22:07 +0000 (10:22 +0100)
diff --git a/pdns/recursordist/Makefile.am b/pdns/recursordist/Makefile.am

index 762f7a37622665c45e9428b71f859a4cd6c8a435..56c5465977749e461d3885b2fba1d6dbec4486f0 100644 (file)
--- a/pdns/recursordist/Makefile.am
+++ b/pdns/recursordist/Makefile.am
@@ -248,7 +248,8 @@ pdns_recursor_LDADD = \
         $(PROBDS_LIBS) \
         $(LIBCAP_LIBS) \
         $(ARC4RANDOM_LIBS) \
-       $(RUST_LIBS)
+       $(RUST_LIBS) \
+        -lresolv
  
  pdns_recursor_LDFLAGS = $(AM_LDFLAGS) \
         $(LIBCRYPTO_LDFLAGS) $(BOOST_CONTEXT_LDFLAGS) \
@@ -403,7 +404,8 @@ testrunner_LDADD = \
         $(PROBDS_LIBS) \
         $(LIBCAP_LIBS) \
         $(ARC4RANDOM_LIBS) \
-       $(RUST_LIBS)
+       $(RUST_LIBS) \
+        -lresolv
  
  if NOD_ENABLED
  testrunner_SOURCES +=   nod.hh nod.cc \
diff --git a/pdns/recursordist/configure.ac b/pdns/recursordist/configure.ac

index 241e0386d19da438306d8f386fe043c23bfee72c..7485daf8f4faa6350b14597efee4063bee4201f0 100644 (file)
--- a/pdns/recursordist/configure.ac
+++ b/pdns/recursordist/configure.ac
@@ -43,6 +43,7 @@ AC_SUBST([LIBDL], [$lt_cv_dlopen_libs])
  
  PDNS_CHECK_OS
  PDNS_CHECK_NETWORK_LIBS
+AC_SEARCH_LIBS([res_query], [resolv])
  PTHREAD_SET_NAME
  AC_FUNC_STRERROR_R
  
@@ -119,6 +120,7 @@ dnl the *_r functions are in posix so we can use them unconditionally, but the e
  dnl using the defines.
  AC_CHECK_FUNCS_ONCE([localtime_r gmtime_r strcasestr])
  AC_CHECK_FUNCS_ONCE([getrandom getentropy arc4random arc4random_uniform arc4random_buf])
+
  PDNS_CHECK_SECURE_MEMSET
  
  AC_CHECK_HEADERS([sys/random.h])
diff --git a/pdns/recursordist/rec-system-resolve.cc b/pdns/recursordist/rec-system-resolve.cc

index ced2c3eb46533038a59bb68a56f62d36813dd0fb..6d7327454be4c809c886d924689b33cf7ec02253 100644 (file)
--- a/pdns/recursordist/rec-system-resolve.cc
+++ b/pdns/recursordist/rec-system-resolve.cc
@@ -23,10 +23,16 @@
  #include <sys/types.h>
  #include <sys/socket.h>
  #include <netdb.h>
+#include <arpa/nameser.h>
+#include <resolv.h>
  
+#include "dnsparser.hh"
+#include "dnsrecords.hh"
  #include "rec-system-resolve.hh"
  #include "logging.hh"
+#include "noinitvector.hh"
  #include "threadname.hh"
+#include "syncres.hh"
  
  namespace
  {
@@ -46,6 +52,46 @@ ComboAddress resolve(const std::string& name)
    }
    return {};
  }
+
+PacketBuffer resolve(const string& name, QClass cls, QType type)
+{
+  PacketBuffer answer(512);
+  auto ret = res_query(name.c_str(), cls, type, answer.data(), static_cast<int>(answer.size()));
+  cerr << ret << endl;
+  if (ret == -1) {
+    answer.resize(0);
+  }
+  else {
+    answer.resize(ret);
+  }
+  return answer;
+}
+
+std::string serverID()
+{
+  auto buffer = resolve("id.server", QClass::CHAOS, QType::TXT);
+  if (buffer.empty()) {
+    cerr << "XXXXXXXXX SID case 1" << endl;
+    return {};
+  }
+  MOADNSParser parser(false,  reinterpret_cast<char *>(buffer.data()), buffer.size()); // NOLINT
+  if (parser.d_header.rcode != RCode::NoError || parser.d_answers.size() != 1) {
+    cerr << "XXXXXXXXX SID case 2" << endl;
+    return {};
+  }
+  const auto&  answer = parser.d_answers.at(0);
+  if (answer.first.d_type == QType::TXT) {
+    if (auto txt = getRR<TXTRecordContent>(answer.first); txt != nullptr) {
+      cerr << "XXXXXXXXX SID is " << txt->d_text << endl;
+      if (txt->d_text.size() >= 2) {
+        return txt->d_text.substr(1, txt->d_text.size() - 2);
+      }
+      return txt->d_text;
+    }
+  }
+    cerr << "XXXXXXXXX SID case 3" << endl;
+  return {};
+}
  } // anonymous namespace
  
  std::function<void()> pdns::RecResolve::s_callback;
@@ -184,6 +230,7 @@ pdns::RecResolve::Refresher::~Refresher()
  void pdns::RecResolve::Refresher::refreshLoop()
  {
    setThreadName("rec/sysres");
+  time_t lastSelfCheck = 0;
  
    while (!stop) {
      const time_t startTime = time(nullptr);
@@ -200,6 +247,15 @@ void pdns::RecResolve::Refresher::refreshLoop()
        if (stop) {
          break;
        }
+      if (lastSelfCheck < time(nullptr) - 60) {
+        lastSelfCheck = time(nullptr);
+        auto resolvedServerID = serverID();
+        cerr << "SyncRes::s_serverID " << SyncRes::s_serverID << endl;
+        if (resolvedServerID == SyncRes::s_serverID) {
+          auto log = g_slog->withName("system-resolver");
+          log->info(Logr::Error, "id.server/CH/TXT resolves to my own server identidy", "id.server", Logging::Loggable(resolvedServerID));
+        }
+      }
        changes = d_resolver.refresh(time(nullptr));
        wakeTime = time(nullptr);
        if (changes) {
author	Otto Moerbeek <otto.moerbeek@open-xchange.com>
	Mon, 11 Mar 2024 16:34:02 +0000 (17:34 +0100)
committer	Otto Moerbeek <otto.moerbeek@open-xchange.com>
	Mon, 25 Mar 2024 09:22:07 +0000 (10:22 +0100)
pdns/recursordist/Makefile.am		patch \| blob \| blame \| history
pdns/recursordist/configure.ac		patch \| blob \| blame \| history
pdns/recursordist/rec-system-resolve.cc		patch \| blob \| blame \| history