From: Otto Moerbeek Date: Mon, 11 Mar 2024 16:34:02 +0000 (+0100) Subject: selfresolve check wip X-Git-Tag: rec-5.1.0-alpha1~82^2~12 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0e107ef659537f47eab76f35e64806cb0783122a;p=thirdparty%2Fpdns.git selfresolve check wip --- diff --git a/pdns/recursordist/Makefile.am b/pdns/recursordist/Makefile.am index 762f7a3762..56c5465977 100644 --- a/pdns/recursordist/Makefile.am +++ b/pdns/recursordist/Makefile.am @@ -248,7 +248,8 @@ pdns_recursor_LDADD = \ $(PROBDS_LIBS) \ $(LIBCAP_LIBS) \ $(ARC4RANDOM_LIBS) \ - $(RUST_LIBS) + $(RUST_LIBS) \ + -lresolv pdns_recursor_LDFLAGS = $(AM_LDFLAGS) \ $(LIBCRYPTO_LDFLAGS) $(BOOST_CONTEXT_LDFLAGS) \ @@ -403,7 +404,8 @@ testrunner_LDADD = \ $(PROBDS_LIBS) \ $(LIBCAP_LIBS) \ $(ARC4RANDOM_LIBS) \ - $(RUST_LIBS) + $(RUST_LIBS) \ + -lresolv if NOD_ENABLED testrunner_SOURCES += nod.hh nod.cc \ diff --git a/pdns/recursordist/configure.ac b/pdns/recursordist/configure.ac index 241e0386d1..7485daf8f4 100644 --- a/pdns/recursordist/configure.ac +++ b/pdns/recursordist/configure.ac @@ -43,6 +43,7 @@ AC_SUBST([LIBDL], [$lt_cv_dlopen_libs]) PDNS_CHECK_OS PDNS_CHECK_NETWORK_LIBS +AC_SEARCH_LIBS([res_query], [resolv]) PTHREAD_SET_NAME AC_FUNC_STRERROR_R @@ -119,6 +120,7 @@ dnl the *_r functions are in posix so we can use them unconditionally, but the e dnl using the defines. AC_CHECK_FUNCS_ONCE([localtime_r gmtime_r strcasestr]) AC_CHECK_FUNCS_ONCE([getrandom getentropy arc4random arc4random_uniform arc4random_buf]) + PDNS_CHECK_SECURE_MEMSET AC_CHECK_HEADERS([sys/random.h]) diff --git a/pdns/recursordist/rec-system-resolve.cc b/pdns/recursordist/rec-system-resolve.cc index ced2c3eb46..6d7327454b 100644 --- a/pdns/recursordist/rec-system-resolve.cc +++ b/pdns/recursordist/rec-system-resolve.cc @@ -23,10 +23,16 @@ #include #include #include +#include +#include +#include "dnsparser.hh" +#include "dnsrecords.hh" #include "rec-system-resolve.hh" #include "logging.hh" +#include "noinitvector.hh" #include "threadname.hh" +#include "syncres.hh" namespace { @@ -46,6 +52,46 @@ ComboAddress resolve(const std::string& name) } return {}; } + +PacketBuffer resolve(const string& name, QClass cls, QType type) +{ + PacketBuffer answer(512); + auto ret = res_query(name.c_str(), cls, type, answer.data(), static_cast(answer.size())); + cerr << ret << endl; + if (ret == -1) { + answer.resize(0); + } + else { + answer.resize(ret); + } + return answer; +} + +std::string serverID() +{ + auto buffer = resolve("id.server", QClass::CHAOS, QType::TXT); + if (buffer.empty()) { + cerr << "XXXXXXXXX SID case 1" << endl; + return {}; + } + MOADNSParser parser(false, reinterpret_cast(buffer.data()), buffer.size()); // NOLINT + if (parser.d_header.rcode != RCode::NoError || parser.d_answers.size() != 1) { + cerr << "XXXXXXXXX SID case 2" << endl; + return {}; + } + const auto& answer = parser.d_answers.at(0); + if (answer.first.d_type == QType::TXT) { + if (auto txt = getRR(answer.first); txt != nullptr) { + cerr << "XXXXXXXXX SID is " << txt->d_text << endl; + if (txt->d_text.size() >= 2) { + return txt->d_text.substr(1, txt->d_text.size() - 2); + } + return txt->d_text; + } + } + cerr << "XXXXXXXXX SID case 3" << endl; + return {}; +} } // anonymous namespace std::function pdns::RecResolve::s_callback; @@ -184,6 +230,7 @@ pdns::RecResolve::Refresher::~Refresher() void pdns::RecResolve::Refresher::refreshLoop() { setThreadName("rec/sysres"); + time_t lastSelfCheck = 0; while (!stop) { const time_t startTime = time(nullptr); @@ -200,6 +247,15 @@ void pdns::RecResolve::Refresher::refreshLoop() if (stop) { break; } + if (lastSelfCheck < time(nullptr) - 60) { + lastSelfCheck = time(nullptr); + auto resolvedServerID = serverID(); + cerr << "SyncRes::s_serverID " << SyncRes::s_serverID << endl; + if (resolvedServerID == SyncRes::s_serverID) { + auto log = g_slog->withName("system-resolver"); + log->info(Logr::Error, "id.server/CH/TXT resolves to my own server identidy", "id.server", Logging::Loggable(resolvedServerID)); + } + } changes = d_resolver.refresh(time(nullptr)); wakeTime = time(nullptr); if (changes) {