}
#endif
#ifdef USE_DNSTAP
- if(worker->dtenv.log_client_query_messages)
- dt_msg_send_client_query(&worker->dtenv, &repinfo->addr, c->type,
- c->buffer);
+ /*
+ * sending src (client)/dst (local service) addresses over DNSTAP from incoming request handler
+ */
+ if(worker->dtenv.log_client_query_messages) {
+ struct sockaddr_storage* dst_addr;
+ if(repinfo->addr.ss_family == AF_INET)
+ dst_addr = mk_local_addr(&((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_addr, ((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_port, repinfo->addr.ss_family);
+ else
+ dst_addr = mk_local_addr(&((struct sockaddr_in6*)repinfo->c->socket->addr->ai_addr)->sin6_addr, ((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_port, repinfo->addr.ss_family);
+ log_addr(VERB_ALGO, "request from client", &repinfo->addr, repinfo->addrlen);
+ log_addr(VERB_ALGO, "to local addr", dst_addr, sizeof(dst_addr));
+ dt_msg_send_client_query(&worker->dtenv, &repinfo->addr, dst_addr, c->type, c->buffer);
+ if(dst_addr)
+ free(dst_addr);
+ }
#endif
acladdr = acl_addr_lookup(worker->daemon->acl, &repinfo->addr,
repinfo->addrlen);
if(is_secure_answer) worker->stats.ans_secure++;
}
#ifdef USE_DNSTAP
- if(worker->dtenv.log_client_response_messages)
- dt_msg_send_client_response(&worker->dtenv, &repinfo->addr,
- c->type, c->buffer);
+ /*
+ * sending src (client)/dst (local service) addresses over DNSTAP from send_reply code label (when we serviced local zone for ex.)
+ */
+ if(worker->dtenv.log_client_response_messages) {
+ struct sockaddr_storage* dst_addr;
+ if(repinfo->addr.ss_family == AF_INET)
+ dst_addr = mk_local_addr(&((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_addr, ((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_port, repinfo->addr.ss_family);
+ else
+ dst_addr = mk_local_addr(&((struct sockaddr_in6*)repinfo->c->socket->addr->ai_addr)->sin6_addr, ((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_port, repinfo->addr.ss_family);
+ log_addr(VERB_ALGO, "from local addr", dst_addr, sizeof(dst_addr));
+ log_addr(VERB_ALGO, "response to client", &repinfo->addr, repinfo->addrlen);
+ dt_msg_send_client_response(&worker->dtenv, &repinfo->addr, dst_addr, c->type, c->buffer);
+ if(dst_addr)
+ free(dst_addr);
+ }
#endif
if(worker->env.cfg->log_replies)
{
static void
dt_msg_fill_net(struct dt_msg *dm,
- struct sockaddr_storage *ss,
+ struct sockaddr_storage *qs,
+ struct sockaddr_storage *rs,
enum comm_point_type cptype,
- ProtobufCBinaryData *addr, protobuf_c_boolean *has_addr,
- uint32_t *port, protobuf_c_boolean *has_port)
+ ProtobufCBinaryData *qaddr, protobuf_c_boolean *has_qaddr,
+ uint32_t *qport, protobuf_c_boolean *has_qport,
+ ProtobufCBinaryData *raddr, protobuf_c_boolean *has_raddr,
+ uint32_t *rport, protobuf_c_boolean *has_rport)
{
- log_assert(ss->ss_family == AF_INET6 || ss->ss_family == AF_INET);
- if (ss->ss_family == AF_INET6) {
- struct sockaddr_in6 *s = (struct sockaddr_in6 *) ss;
+ log_assert(qs->ss_family == AF_INET6 || qs->ss_family == AF_INET);
+ if (qs->ss_family == AF_INET6) {
+ struct sockaddr_in6 *q = (struct sockaddr_in6 *) qs;
/* socket_family */
dm->m.socket_family = DNSTAP__SOCKET_FAMILY__INET6;
dm->m.has_socket_family = 1;
/* addr: query_address or response_address */
- addr->data = s->sin6_addr.s6_addr;
- addr->len = 16; /* IPv6 */
- *has_addr = 1;
+ qaddr->data = q->sin6_addr.s6_addr;
+ qaddr->len = 16; /* IPv6 */
+ *has_qaddr = 1;
/* port: query_port or response_port */
- *port = ntohs(s->sin6_port);
- *has_port = 1;
- } else if (ss->ss_family == AF_INET) {
- struct sockaddr_in *s = (struct sockaddr_in *) ss;
+ *qport = ntohs(q->sin6_port);
+ *has_qport = 1;
+ } else if (qs->ss_family == AF_INET) {
+ struct sockaddr_in *q = (struct sockaddr_in *) qs;
/* socket_family */
dm->m.socket_family = DNSTAP__SOCKET_FAMILY__INET;
dm->m.has_socket_family = 1;
/* addr: query_address or response_address */
- addr->data = (uint8_t *) &s->sin_addr.s_addr;
- addr->len = 4; /* IPv4 */
- *has_addr = 1;
+ qaddr->data = (uint8_t *) &q->sin_addr.s_addr;
+ qaddr->len = 4; /* IPv4 */
+ *has_qaddr = 1;
/* port: query_port or response_port */
- *port = ntohs(s->sin_port);
- *has_port = 1;
+ *qport = ntohs(q->sin_port);
+ *has_qport = 1;
}
+ /*
+ * This block is to fill second set of fields in DNSTAP-message defined as request_/response_ names.
+ * Additional responsive structure is: struct sockaddr_storage *rs
+ */
+ if (rs->ss_family == AF_INET6) {
+ struct sockaddr_in6 *r = (struct sockaddr_in6 *) rs;
+
+ /* addr: query_address or response_address */
+ raddr->data = r->sin6_addr.s6_addr;
+ raddr->len = 16; /* IPv6 */
+ *has_raddr = 1;
+
+ /* port: query_port or response_port */
+ *rport = ntohs(r->sin6_port);
+ *has_rport = 1;
+ } else if (rs->ss_family == AF_INET) {
+ struct sockaddr_in *r = (struct sockaddr_in *) rs;
+
+ /* addr: query_address or response_address */
+ raddr->data = (uint8_t *) &r->sin_addr.s_addr;
+ raddr->len = 4; /* IPv4 */
+ *has_raddr = 1;
+
+ /* port: query_port or response_port */
+ *rport = ntohs(r->sin_port);
+ *has_rport = 1;
+ }
+
log_assert(cptype == comm_udp || cptype == comm_tcp);
if (cptype == comm_udp) {
/* socket_protocol */
void
dt_msg_send_client_query(struct dt_env *env,
struct sockaddr_storage *qsock,
+ struct sockaddr_storage *rsock,
enum comm_point_type cptype,
sldns_buffer *qmsg)
{
/* query_message */
dt_fill_buffer(qmsg, &dm.m.query_message, &dm.m.has_query_message);
- /* socket_family, socket_protocol, query_address, query_port */
+ /* socket_family, socket_protocol, query_address, query_port, response_address, response_port */
log_assert(cptype == comm_udp || cptype == comm_tcp);
- dt_msg_fill_net(&dm, qsock, cptype,
+ dt_msg_fill_net(&dm, qsock, rsock, cptype,
&dm.m.query_address, &dm.m.has_query_address,
- &dm.m.query_port, &dm.m.has_query_port);
+ &dm.m.query_port, &dm.m.has_query_port,
+ &dm.m.response_address, &dm.m.has_response_address,
+ &dm.m.response_port, &dm.m.has_response_port);
+
if (dt_pack(&dm.d, &dm.buf, &dm.len_buf))
dt_send(env, dm.buf, dm.len_buf);
void
dt_msg_send_client_response(struct dt_env *env,
struct sockaddr_storage *qsock,
+ struct sockaddr_storage *rsock,
enum comm_point_type cptype,
sldns_buffer *rmsg)
{
/* response_message */
dt_fill_buffer(rmsg, &dm.m.response_message, &dm.m.has_response_message);
- /* socket_family, socket_protocol, query_address, query_port */
+ /* socket_family, socket_protocol, query_address, query_port, response_address, response_port */
log_assert(cptype == comm_udp || cptype == comm_tcp);
- dt_msg_fill_net(&dm, qsock, cptype,
+ dt_msg_fill_net(&dm, qsock, rsock, cptype,
&dm.m.query_address, &dm.m.has_query_address,
- &dm.m.query_port, &dm.m.has_query_port);
+ &dm.m.query_port, &dm.m.has_query_port,
+ &dm.m.response_address, &dm.m.has_response_address,
+ &dm.m.response_port, &dm.m.has_response_port);
if (dt_pack(&dm.d, &dm.buf, &dm.len_buf))
dt_send(env, dm.buf, dm.len_buf);
void
dt_msg_send_outside_query(struct dt_env *env,
struct sockaddr_storage *rsock,
+ struct sockaddr_storage *qsock,
enum comm_point_type cptype,
uint8_t *zone, size_t zone_len,
sldns_buffer *qmsg)
/* query_message */
dt_fill_buffer(qmsg, &dm.m.query_message, &dm.m.has_query_message);
- /* socket_family, socket_protocol, response_address, response_port */
+ /* socket_family, socket_protocol, response_address, response_port, query_address, query_port */
log_assert(cptype == comm_udp || cptype == comm_tcp);
- dt_msg_fill_net(&dm, rsock, cptype,
+ dt_msg_fill_net(&dm, rsock, qsock, cptype,
&dm.m.response_address, &dm.m.has_response_address,
- &dm.m.response_port, &dm.m.has_response_port);
+ &dm.m.response_port, &dm.m.has_response_port,
+ &dm.m.query_address, &dm.m.has_query_address,
+ &dm.m.query_port, &dm.m.has_query_port);
if (dt_pack(&dm.d, &dm.buf, &dm.len_buf))
dt_send(env, dm.buf, dm.len_buf);
void
dt_msg_send_outside_response(struct dt_env *env,
struct sockaddr_storage *rsock,
+ struct sockaddr_storage *qsock,
enum comm_point_type cptype,
uint8_t *zone, size_t zone_len,
uint8_t *qbuf, size_t qbuf_len,
/* response_message */
dt_fill_buffer(rmsg, &dm.m.response_message, &dm.m.has_response_message);
- /* socket_family, socket_protocol, response_address, response_port */
+ /* socket_family, socket_protocol, response_address, response_port, query_address, query_port */
log_assert(cptype == comm_udp || cptype == comm_tcp);
- dt_msg_fill_net(&dm, rsock, cptype,
+ dt_msg_fill_net(&dm, rsock, qsock, cptype,
&dm.m.response_address, &dm.m.has_response_address,
- &dm.m.response_port, &dm.m.has_response_port);
+ &dm.m.response_port, &dm.m.has_response_port,
+ &dm.m.query_address, &dm.m.has_query_address,
+ &dm.m.query_port, &dm.m.has_query_port);
if (dt_pack(&dm.d, &dm.buf, &dm.len_buf))
dt_send(env, dm.buf, dm.len_buf);
* Create and send a new dnstap "Message" event of type CLIENT_QUERY.
* @param env: dnstap environment object.
* @param qsock: address/port of client.
+ * @param rsock: local (service) address/port.
* @param cptype: comm_udp or comm_tcp.
* @param qmsg: query message.
*/
void
dt_msg_send_client_query(struct dt_env *env,
struct sockaddr_storage *qsock,
+ struct sockaddr_storage *rsock,
enum comm_point_type cptype,
struct sldns_buffer *qmsg);
* Create and send a new dnstap "Message" event of type CLIENT_RESPONSE.
* @param env: dnstap environment object.
* @param qsock: address/port of client.
+ * @param rsock: local (service) address/port.
* @param cptype: comm_udp or comm_tcp.
* @param rmsg: response message.
*/
void
dt_msg_send_client_response(struct dt_env *env,
struct sockaddr_storage *qsock,
+ struct sockaddr_storage *rsock,
enum comm_point_type cptype,
struct sldns_buffer *rmsg);
* FORWARDER_QUERY. The type used is dependent on the value of the RD bit
* in the query header.
* @param env: dnstap environment object.
- * @param rsock: address/port of server the query is being sent to.
+ * @param rsock: address/port of server (upstream) the query is being sent to.
+ * @param qsock: address/port of server (local) the query is being sent from.
* @param cptype: comm_udp or comm_tcp.
* @param zone: query zone.
* @param zone_len: length of zone.
void
dt_msg_send_outside_query(struct dt_env *env,
struct sockaddr_storage *rsock,
+ struct sockaddr_storage *qsock,
enum comm_point_type cptype,
uint8_t *zone, size_t zone_len,
struct sldns_buffer *qmsg);
* FORWARDER_RESPONSE. The type used is dependent on the value of the RD bit
* in the query header.
* @param env: dnstap environment object.
- * @param rsock: address/port of server the response was received from.
+ * @param rsock: address/port of server (upstream) the response was received from.
+ * @param qsock: address/port of server (local) the response was received to.
* @param cptype: comm_udp or comm_tcp.
* @param zone: query zone.
* @param zone_len: length of zone.
void
dt_msg_send_outside_response(struct dt_env *env,
struct sockaddr_storage *rsock,
+ struct sockaddr_storage *qsock,
enum comm_point_type cptype,
uint8_t *zone, size_t zone_len,
uint8_t *qbuf, size_t qbuf_len,
}
}
+void
+verbose_print_unbound_socket(struct unbound_socket* ub_sock)
+{
+ if(verbosity >= VERB_ALGO) {
+ log_info("listing of unbound_socket structure:");
+ verbose_print_addr(ub_sock->addr);
+ log_info("s is: %d, fam is: %s, tcp_read_fd is: %d", ub_sock->s, ub_sock->fam == AF_INET?"AF_INET":"AF_INET6", ub_sock->tcp_read_fd);
+ }
+}
+
#ifdef HAVE_SYSTEMD
static int
systemd_get_activated(int family, int socktype, int listen,
make_sock(int stype, const char* ifname, const char* port,
struct addrinfo *hints, int v6only, int* noip6, size_t rcv, size_t snd,
int* reuseport, int transparent, int tcp_mss, int nodelay, int freebind,
- int use_systemd, int dscp)
+ int use_systemd, int dscp, struct unbound_socket** ub_sock)
{
struct addrinfo *res = NULL;
int r, s, inuse, noproto;
*noip6 = 1;
}
}
- freeaddrinfo(res);
+
+ (*ub_sock)->addr = res;
+ (*ub_sock)->s = s;
+ (*ub_sock)->fam = hints->ai_family;
+ (*ub_sock)->tcp_read_fd = -1;
+
return s;
}
make_sock_port(int stype, const char* ifname, const char* port,
struct addrinfo *hints, int v6only, int* noip6, size_t rcv, size_t snd,
int* reuseport, int transparent, int tcp_mss, int nodelay, int freebind,
- int use_systemd, int dscp)
+ int use_systemd, int dscp, struct unbound_socket** ub_sock)
{
char* s = strchr(ifname, '@');
if(s) {
p[strlen(s+1)]=0;
return make_sock(stype, newif, p, hints, v6only, noip6, rcv,
snd, reuseport, transparent, tcp_mss, nodelay, freebind,
- use_systemd, dscp);
+ use_systemd, dscp, ub_sock);
}
return make_sock(stype, ifname, port, hints, v6only, noip6, rcv, snd,
reuseport, transparent, tcp_mss, nodelay, freebind, use_systemd,
- dscp);
+ dscp, ub_sock);
}
/**
* @return false on failure. list in unchanged then.
*/
static int
-port_insert(struct listen_port** list, int s, enum listen_type ftype)
+port_insert(struct listen_port** list, int s, enum listen_type ftype, struct unbound_socket* ub_sock)
{
struct listen_port* item = (struct listen_port*)malloc(
sizeof(struct listen_port));
item->next = *list;
item->fd = s;
item->ftype = ftype;
+ item->socket = ub_sock;
*list = item;
return 1;
}
return 0;
}
# else
- log_err("no IPV6_RECVPKTINFO and no IPV6_PKTINFO option, please "
+ log_err("no IPV6_RECVPKTINFO and IPV6_PKTINFO options, please "
"disable interface-automatic or do-ip6 in config");
return 0;
# endif /* defined IPV6_RECVPKTINFO */
int s, noip6=0;
int is_https = if_is_https(ifname, port, https_port);
int nodelay = is_https && http2_nodelay;
+ struct unbound_socket* ub_sock;
#ifdef USE_DNSCRYPT
int is_dnscrypt = ((strchr(ifname, '@') &&
atoi(strchr(ifname, '@')+1) == dnscrypt_port) ||
if(!do_udp && !do_tcp)
return 0;
+
if(do_auto) {
+ ub_sock = malloc(sizeof(struct unbound_socket));
+ if(!ub_sock)
+ return 0;
if((s = make_sock_port(SOCK_DGRAM, ifname, port, hints, 1,
&noip6, rcv, snd, reuseport, transparent,
- tcp_mss, nodelay, freebind, use_systemd, dscp)) == -1) {
+ tcp_mss, nodelay, freebind, use_systemd, dscp, &ub_sock)) == -1) {
if(noip6) {
log_warn("IPv6 protocol not available");
return 1;
return 0;
}
if(!port_insert(list, s,
- is_dnscrypt?listen_type_udpancil_dnscrypt:listen_type_udpancil)) {
+ is_dnscrypt?listen_type_udpancil_dnscrypt:listen_type_udpancil, ub_sock)) {
sock_close(s);
return 0;
}
} else if(do_udp) {
+ ub_sock = malloc(sizeof(struct unbound_socket));
+ if(!ub_sock)
+ return 0;
/* regular udp socket */
if((s = make_sock_port(SOCK_DGRAM, ifname, port, hints, 1,
&noip6, rcv, snd, reuseport, transparent,
- tcp_mss, nodelay, freebind, use_systemd, dscp)) == -1) {
+ tcp_mss, nodelay, freebind, use_systemd, dscp, &ub_sock)) == -1) {
if(noip6) {
log_warn("IPv6 protocol not available");
return 1;
return 0;
}
if(!port_insert(list, s,
- is_dnscrypt?listen_type_udp_dnscrypt:listen_type_udp)) {
+ is_dnscrypt?listen_type_udp_dnscrypt:listen_type_udp, ub_sock)) {
sock_close(s);
return 0;
}
}
if(do_tcp) {
+ ub_sock = malloc(sizeof(struct unbound_socket));
+ if(!ub_sock)
+ return 0;
int is_ssl = if_is_ssl(ifname, port, ssl_port,
tls_additional_port);
enum listen_type port_type;
port_type = listen_type_tcp;
if((s = make_sock_port(SOCK_STREAM, ifname, port, hints, 1,
&noip6, 0, 0, reuseport, transparent, tcp_mss, nodelay,
- freebind, use_systemd, dscp)) == -1) {
+ freebind, use_systemd, dscp, &ub_sock)) == -1) {
if(noip6) {
/*log_warn("IPv6 protocol not available");*/
return 1;
}
if(is_ssl)
verbose(VERB_ALGO, "setup TCP for SSL service");
- if(!port_insert(list, s, port_type)) {
+ if(!port_insert(list, s, port_type, ub_sock)) {
sock_close(s);
return 0;
}
if(ports->ftype == listen_type_udp ||
ports->ftype == listen_type_udp_dnscrypt)
cp = comm_point_create_udp(base, ports->fd,
- front->udp_buff, cb, cb_arg);
+ front->udp_buff, cb, cb_arg, ports->socket);
else if(ports->ftype == listen_type_tcp ||
ports->ftype == listen_type_tcp_dnscrypt)
cp = comm_point_create_tcp(base, ports->fd,
tcp_accept_count, tcp_idle_timeout,
harden_large_queries, 0, NULL,
tcp_conn_limit, bufsize, front->udp_buff,
- ports->ftype, cb, cb_arg);
+ ports->ftype, cb, cb_arg, ports->socket);
else if(ports->ftype == listen_type_ssl ||
ports->ftype == listen_type_http) {
cp = comm_point_create_tcp(base, ports->fd,
harden_large_queries,
http_max_streams, http_endpoint,
tcp_conn_limit, bufsize, front->udp_buff,
- ports->ftype, cb, cb_arg);
+ ports->ftype, cb, cb_arg, ports->socket);
if(http_notls && ports->ftype == listen_type_http)
cp->ssl = NULL;
else
} else if(ports->ftype == listen_type_udpancil ||
ports->ftype == listen_type_udpancil_dnscrypt)
cp = comm_point_create_udp_ancil(base, ports->fd,
- front->udp_buff, cb, cb_arg);
+ front->udp_buff, cb, cb_arg, ports->socket);
if(!cp) {
log_err("can't create commpoint");
listen_delete(front);
}
}
}
+
return list;
}
if(list->fd != -1) {
sock_close(list->fd);
}
+ free(list->socket->addr);
+ free(list->socket);
free(list);
list = nx;
}
listen_type_http
};
+/*
+ * socket properties (just like NSD nsd_socket structure definition)
+ */
+struct unbound_socket {
+ /** socket-address structure */
+ struct addrinfo * addr;
+ /** socket descriptor returned by socket() syscall */
+ int s;
+ /** address family (AF_INET/IF_INET6) */
+ int fam;
+ /** descriptor returned by accept() syscall for further usage. TODO: actually it might be useless here unlike in NSD where we have no comm_points mechanism with callback pointers for every created communication point */
+ int tcp_read_fd;
+};
+
/**
* Single linked list to store shared ports that have been
* opened for use by all threads.
int fd;
/** type of file descriptor, udp or tcp */
enum listen_type ftype;
+ /** fill in unbpound_socket structure for every opened socket at Unbound startup */
+ struct unbound_socket* socket;
};
/**
char* set_ip_dscp(int socket, int addrfamily, int ds);
+/** for debug and profiling purposes only
+ * @param unbound_socket: the structure containing created socket info we want to print or log for
+ */
+void verbose_print_unbound_socket(struct unbound_socket* ub_sock);
+
#endif /* LISTEN_DNSPORT_H */
return NULL;
}
pc->cp = comm_point_create_udp(outnet->base, -1,
- outnet->udp_buff, outnet_udp_cb, outnet);
+ outnet->udp_buff, outnet_udp_cb, outnet, NULL);
if(!pc->cp) {
log_err("malloc failed");
free(pc);
comm_timer_set(pend->timer, &tv);
#ifdef USE_DNSTAP
+ /*
+ * sending src (local service)/dst (upstream) addresses over DNSTAP
+ * TODO: right now there are no chances to get the src (local service) addr. So we will pass 0.0.0.0 (::)
+ * to argument for dt_msg_send_outside_query()/dt_msg_send_outside_response() calls.
+ * For the both UDP and TCP.
+ */
if(outnet->dtenv &&
(outnet->dtenv->log_resolver_query_messages ||
- outnet->dtenv->log_forwarder_query_messages))
- dt_msg_send_outside_query(outnet->dtenv, &pend->addr, comm_udp,
- pend->sq->zone, pend->sq->zonelen, packet);
+ sq->outnet->dtenv->log_forwarder_query_messages)) {
+ if(addr_is_ip6(&sq->addr, sq->addrlen)) {
+ log_addr(VERB_ALGO, "from local addr", &sq->outnet->ip6_ifs->addr, sq->outnet->ip6_ifs->addrlen);
+ log_addr(VERB_ALGO, "request to upstream", &sq->addr, sq->addrlen);
+ dt_msg_send_outside_query(sq->outnet->dtenv, &sq->addr, &sq->outnet->ip6_ifs->addr,
+ comm_tcp, sq->zone, sq->zonelen, packet);
+ } else {
+ log_addr(VERB_ALGO, "from local addr", &sq->outnet->ip4_ifs->addr, sq->outnet->ip4_ifs->addrlen);
+ log_addr(VERB_ALGO, "request to upstream", &sq->addr, sq->addrlen);
+ dt_msg_send_outside_query(sq->outnet->dtenv, &sq->addr, &sq->outnet->ip4_ifs->addr,
+ comm_tcp, sq->zone, sq->zonelen, packet);
+ }
+ }
#endif
return 1;
}
infra_update_tcp_works(sq->outnet->infra, &sq->addr,
sq->addrlen, sq->zone, sq->zonelen);
#ifdef USE_DNSTAP
+ /*
+ * sending src (local service)/dst (upstream) addresses over DNSTAP
+ */
if(error==NETEVENT_NOERROR && sq->outnet->dtenv &&
(sq->outnet->dtenv->log_resolver_response_messages ||
- sq->outnet->dtenv->log_forwarder_response_messages))
- dt_msg_send_outside_response(sq->outnet->dtenv, &sq->addr,
- c->type, sq->zone, sq->zonelen, sq->qbuf, sq->qbuflen,
- &sq->last_sent_time, sq->outnet->now_tv, c->buffer);
+ sq->outnet->dtenv->log_forwarder_response_messages)) {
+ if(addr_is_ip6(&sq->addr, sq->addrlen)) {
+ log_addr(VERB_ALGO, "response from upstream", &sq->addr, sq->addrlen);
+ log_addr(VERB_ALGO, "to local addr", &sq->outnet->ip6_ifs->addr, sq->outnet->ip6_ifs->addrlen);
+ dt_msg_send_outside_response(sq->outnet->dtenv, &sq->addr, &sq->outnet->ip6_ifs->addr,
+ c->type, sq->zone, sq->zonelen, sq->qbuf, sq->qbuflen,
+ &sq->last_sent_time, sq->outnet->now_tv, c->buffer);
+ } else {
+ log_addr(VERB_ALGO, "response from upstream", &sq->addr, sq->addrlen);
+ log_addr(VERB_ALGO, "to local addr", &sq->outnet->ip4_ifs->addr, sq->outnet->ip4_ifs->addrlen);
+ dt_msg_send_outside_response(sq->outnet->dtenv, &sq->addr, &sq->outnet->ip4_ifs->addr,
+ c->type, sq->zone, sq->zonelen, sq->qbuf, sq->qbuflen,
+ &sq->last_sent_time, sq->outnet->now_tv, c->buffer);
+ }
+ }
#endif
if(error==NETEVENT_NOERROR && sq->status == serviced_query_TCP_EDNS &&
(LDNS_RCODE_WIRE(sldns_buffer_begin(c->buffer)) ==
return 0;
}
#ifdef USE_DNSTAP
+ /*
+ * sending src (local service)/dst (upstream) addresses over DNSTAP
+ */
if(error == NETEVENT_NOERROR && outnet->dtenv &&
(outnet->dtenv->log_resolver_response_messages ||
- outnet->dtenv->log_forwarder_response_messages))
- dt_msg_send_outside_response(outnet->dtenv, &sq->addr, c->type,
- sq->zone, sq->zonelen, sq->qbuf, sq->qbuflen,
- &sq->last_sent_time, sq->outnet->now_tv, c->buffer);
+ outnet->dtenv->log_forwarder_response_messages)) {
+ if(addr_is_ip6(&sq->addr, sq->addrlen)) {
+ log_addr(VERB_ALGO, "response from upstream", &sq->addr, sq->addrlen);
+ log_addr(VERB_ALGO, "to local addr", &sq->outnet->ip6_ifs->addr, sq->outnet->ip6_ifs->addrlen);
+ dt_msg_send_outside_response(outnet->dtenv, &sq->addr, &sq->outnet->ip6_ifs->addr, c->type,
+ sq->zone, sq->zonelen, sq->qbuf, sq->qbuflen,
+ &sq->last_sent_time, sq->outnet->now_tv, c->buffer);
+ } else {
+ log_addr(VERB_ALGO, "response from upstream", &sq->addr, sq->addrlen);
+ log_addr(VERB_ALGO, "to addr", &sq->outnet->ip4_ifs->addr, sq->outnet->ip4_ifs->addrlen);
+ dt_msg_send_outside_response(outnet->dtenv, &sq->addr, &sq->outnet->ip4_ifs->addr, c->type,
+ sq->zone, sq->zonelen, sq->qbuf, sq->qbuflen,
+ &sq->last_sent_time, sq->outnet->now_tv, c->buffer);
+ }
+ }
#endif
if( (sq->status == serviced_query_UDP_EDNS
||sq->status == serviced_query_UDP_EDNS_FRAG)
return NULL;
}
cp = comm_point_create_udp(outnet->base, fd, outnet->udp_buff,
- cb, cb_arg);
+ cb, cb_arg, NULL);
if(!cp) {
log_err("malloc failure");
close(fd);
{
closesocket(socket);
}
-
# endif /* USE_WINSOCK */
+
+
+struct sockaddr_storage*
+mk_local_addr(void* addr, u_short port, u_char family)
+{
+ struct sockaddr_storage* dst_addr = malloc(sizeof(struct sockaddr_storage));
+ if(!dst_addr) {
+ log_err("malloc failure");
+ return NULL;
+ }
+ if(family == AF_INET) {
+ struct in_addr* v4addr = (struct in_addr*)addr;
+ struct sockaddr_in sin;
+ memset(&sin, 0, sizeof(sin));
+ sin.sin_family = AF_INET;
+ sin.sin_addr = *v4addr;
+ sin.sin_port = port;
+ memcpy(dst_addr, &sin, sizeof(sin));
+ } else if(family == AF_INET6) {
+ struct in6_addr* v6addr = (struct in6_addr*)addr;
+ struct sockaddr_in6 sin6;
+ memset(&sin6, 0, sizeof(sin6));
+ sin6.sin6_len = sizeof(sin6);
+ sin6.sin6_family = AF_INET6;
+ sin6.sin6_addr = *v6addr;
+ sin6.sin6_port = port;
+ sin6.sin6_flowinfo = 0;
+ memcpy(dst_addr, &sin6, sizeof(sin6));
+ } else {
+ log_err("unknown inet address family");
+ free(dst_addr);
+ return NULL;
+ }
+ return dst_addr;
+}
/** close the socket with close, or wsa closesocket */
void sock_close(int socket);
+/**
+ * Make and fill a stucture of sockaddr_storage* (malloced) type
+ * Note: currently it needed to form local address used by dnstap functions only
+ * @param addr: this is in_addr or in6_addr internet address structure
+ * @param port: TCP/UDP port
+ * @param family: Internet address family
+ * @return: pointer to created sockaddr_storage structure or NULL on error
+ */
+struct sockaddr_storage* mk_local_addr(void* addr, u_short port, u_char family);
+
#endif /* NET_HELP_H */
#include "dnstap/dnstap.h"
#include "dnscrypt/dnscrypt.h"
#include "services/listen_dnsport.h"
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef HAVE_NETDB_H
+#include <netdb.h>
+#endif
+
#ifdef HAVE_OPENSSL_SSL_H
#include <openssl/ssl.h>
#endif
static struct comm_point* comm_point_create_tcp_handler(
struct comm_base *base, struct comm_point* parent, size_t bufsize,
struct sldns_buffer* spoolbuf, comm_point_callback_type* callback,
- void* callback_arg);
+ void* callback_arg, struct unbound_socket* socket);
/* -------- End of local definitions -------- */
log_info("%s: unknown srctype %d", str, r->srctype);
return;
}
+
if(r->srctype == 6) {
- char buf[1024];
- if(inet_ntop(AF_INET6, &r->pktinfo.v6info.ipi6_addr,
- buf, (socklen_t)sizeof(buf)) == 0) {
- (void)strlcpy(buf, "(inet_ntop error)", sizeof(buf));
- }
- buf[sizeof(buf)-1]=0;
- log_info("%s: %s %d", str, buf, r->pktinfo.v6info.ipi6_ifindex);
+#ifdef IPV6_PKTINFO
+ char buf[1024];
+ if(inet_ntop(AF_INET6, &r->pktinfo.v6info.ipi6_addr,
+ buf, (socklen_t)sizeof(buf)) == 0) {
+ (void)strlcpy(buf, "(inet_ntop error)", sizeof(buf));
+ }
+ buf[sizeof(buf)-1]=0;
+ log_info("%s: %s %d", str, buf, r->pktinfo.v6info.ipi6_ifindex);
+#endif
} else if(r->srctype == 4) {
#ifdef IP_PKTINFO
char buf1[1024], buf2[1024];
struct comm_point*
comm_point_create_udp(struct comm_base *base, int fd, sldns_buffer* buffer,
- comm_point_callback_type* callback, void* callback_arg)
+ comm_point_callback_type* callback, void* callback_arg, struct unbound_socket* socket)
{
struct comm_point* c = (struct comm_point*)calloc(1,
sizeof(struct comm_point));
c->inuse = 0;
c->callback = callback;
c->cb_arg = callback_arg;
+ c->socket = socket;
evbits = UB_EV_READ | UB_EV_PERSIST;
/* ub_event stuff */
c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits,
struct comm_point*
comm_point_create_udp_ancil(struct comm_base *base, int fd,
sldns_buffer* buffer,
- comm_point_callback_type* callback, void* callback_arg)
+ comm_point_callback_type* callback, void* callback_arg, struct unbound_socket* socket)
{
struct comm_point* c = (struct comm_point*)calloc(1,
sizeof(struct comm_point));
#endif
c->callback = callback;
c->cb_arg = callback_arg;
+ c->socket = socket;
evbits = UB_EV_READ | UB_EV_PERSIST;
/* ub_event stuff */
c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits,
comm_point_create_tcp_handler(struct comm_base *base,
struct comm_point* parent, size_t bufsize,
struct sldns_buffer* spoolbuf, comm_point_callback_type* callback,
- void* callback_arg)
+ void* callback_arg, struct unbound_socket* socket)
{
struct comm_point* c = (struct comm_point*)calloc(1,
sizeof(struct comm_point));
c->repinfo.c = c;
c->callback = callback;
c->cb_arg = callback_arg;
+ c->socket = socket;
if(spoolbuf) {
c->tcp_req_info = tcp_req_info_create(spoolbuf);
if(!c->tcp_req_info) {
uint32_t http_max_streams, char* http_endpoint,
struct tcl_list* tcp_conn_limit, size_t bufsize,
struct sldns_buffer* spoolbuf, enum listen_type port_type,
- comm_point_callback_type* callback, void* callback_arg)
+ comm_point_callback_type* callback, void* callback_arg, struct unbound_socket* socket)
{
struct comm_point* c = (struct comm_point*)calloc(1,
sizeof(struct comm_point));
#endif
c->callback = NULL;
c->cb_arg = NULL;
+ c->socket = socket;
evbits = UB_EV_READ | UB_EV_PERSIST;
/* ub_event stuff */
c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits,
port_type == listen_type_ssl ||
port_type == listen_type_tcp_dnscrypt) {
c->tcp_handlers[i] = comm_point_create_tcp_handler(base,
- c, bufsize, spoolbuf, callback, callback_arg);
+ c, bufsize, spoolbuf, callback, callback_arg, socket);
} else if(port_type == listen_type_http) {
c->tcp_handlers[i] = comm_point_create_http_handler(
base, c, bufsize, harden_large_queries,
comm_point_send_udp_msg(repinfo->c, buffer,
(struct sockaddr*)&repinfo->addr, repinfo->addrlen);
#ifdef USE_DNSTAP
- if(repinfo->c->dtenv != NULL &&
- repinfo->c->dtenv->log_client_response_messages)
- dt_msg_send_client_response(repinfo->c->dtenv,
- &repinfo->addr, repinfo->c->type, repinfo->c->buffer);
+ /*
+ * sending src (client)/dst (local service) addresses over DNSTAP from udp callback
+ */
+ if(repinfo->c->dtenv != NULL && repinfo->c->dtenv->log_client_response_messages) {
+ struct sockaddr_storage* dst_addr;
+ if(repinfo->addr.ss_family == AF_INET)
+ dst_addr = mk_local_addr(&((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_addr, ((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_port, repinfo->addr.ss_family);
+ else
+ dst_addr = mk_local_addr(&((struct sockaddr_in6*)repinfo->c->socket->addr->ai_addr)->sin6_addr, ((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_port, repinfo->addr.ss_family);
+ log_addr(VERB_ALGO, "from local addr", dst_addr, sizeof(dst_addr));
+ log_addr(VERB_ALGO, "response to client", &repinfo->addr, repinfo->addrlen);
+ dt_msg_send_client_response(repinfo->c->dtenv, &repinfo->addr, dst_addr, repinfo->c->type, repinfo->c->buffer);
+ if(dst_addr)
+ free(dst_addr);
+ }
#endif
} else {
#ifdef USE_DNSTAP
- if(repinfo->c->tcp_parent->dtenv != NULL &&
- repinfo->c->tcp_parent->dtenv->log_client_response_messages)
- dt_msg_send_client_response(repinfo->c->tcp_parent->dtenv,
- &repinfo->addr, repinfo->c->type,
- ( repinfo->c->tcp_req_info
- ? repinfo->c->tcp_req_info->spool_buffer
- : repinfo->c->buffer ));
+ /*
+ * sending src (client)/dst (local service) addresses over DNSTAP from TCP callback
+ */
+ if(repinfo->c->tcp_parent->dtenv != NULL && repinfo->c->tcp_parent->dtenv->log_client_response_messages) {
+ struct sockaddr_storage* dst_addr;
+ if(repinfo->addr.ss_family == AF_INET)
+ dst_addr = mk_local_addr(&((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_addr, ((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_port, repinfo->addr.ss_family);
+ else
+ dst_addr = mk_local_addr(&((struct sockaddr_in6*)repinfo->c->socket->addr->ai_addr)->sin6_addr, ((struct sockaddr_in*)repinfo->c->socket->addr->ai_addr)->sin_port, repinfo->addr.ss_family);
+ log_addr(VERB_ALGO, "from local addr", dst_addr, sizeof(dst_addr));
+ log_addr(VERB_ALGO, "response to client", &repinfo->addr, repinfo->addrlen);
+ dt_msg_send_client_response(repinfo->c->tcp_parent->dtenv, &repinfo->addr, dst_addr, repinfo->c->type,
+ ( repinfo->c->tcp_req_info? repinfo->c->tcp_req_info->spool_buffer: repinfo->c->buffer ));
+ if(dst_addr)
+ free(dst_addr);
+ }
#endif
if(repinfo->c->tcp_req_info) {
tcp_req_info_send_reply(repinfo->c->tcp_req_info);
struct comm_reply;
struct tcl_list;
struct ub_event_base;
+struct unbound_socket;
struct mesh_state;
struct mesh_area;
/** behind the scenes structure, with say libevent info. alloced. */
struct internal_event* ev;
+ struct unbound_socket* socket;
+
/** file descriptor for communication point */
int fd;
* @param buffer: shared buffer by UDP sockets from this thread.
* @param callback: callback function pointer.
* @param callback_arg: will be passed to your callback function.
+ * @param unbound_socket: and opened socket properties will be passed to your callback function.
* @return: returns the allocated communication point. NULL on error.
* Sets timeout to NULL. Turns off TCP options.
*/
struct comm_point* comm_point_create_udp(struct comm_base* base,
int fd, struct sldns_buffer* buffer,
- comm_point_callback_type* callback, void* callback_arg);
+ comm_point_callback_type* callback, void* callback_arg, struct unbound_socket* socket);
/**
* Create an UDP with ancillary data comm point. Calls malloc.
* @param buffer: shared buffer by UDP sockets from this thread.
* @param callback: callback function pointer.
* @param callback_arg: will be passed to your callback function.
+ * @param unbound_socket: and opened socket properties will be passed to your callback function.
* @return: returns the allocated communication point. NULL on error.
* Sets timeout to NULL. Turns off TCP options.
*/
struct comm_point* comm_point_create_udp_ancil(struct comm_base* base,
int fd, struct sldns_buffer* buffer,
- comm_point_callback_type* callback, void* callback_arg);
+ comm_point_callback_type* callback, void* callback_arg, struct unbound_socket* socket);
/**
* Create a TCP listener comm point. Calls malloc.
* to select handler type to use.
* @param callback: callback function pointer for TCP handlers.
* @param callback_arg: will be passed to your callback function.
+ * @param unbound_socket: and opened socket properties will be passed to your callback function.
* @return: returns the TCP listener commpoint. You can find the
* TCP handlers in the array inside the listener commpoint.
* returns NULL on error.
projects / thirdparty / unbound.git / commitdiff
