diff --git a/.gitignore b/.gitignore index 0f4482ef..d9315494 100644 --- a/.gitignore +++ b/.gitignore @@ -39,6 +39,7 @@ src/test/check_getdns_ev src/test/scratchpad src/test/scratchpad.c src/tools/getdns_query +src/tools/stubby doc/*.3 src/getdns/getdns.h *.log @@ -54,6 +55,13 @@ m4/ltsugar.m4 m4/ltversion.m4 m4/lt~obsolete.m4 src/config.h.in -build/ getdns.pc getdns_ext_event.pc +/src/test/tpkg/result.* +/src/test/tpkg/.done-* +/src/test/tpkg/.tpkg.var.master +/src/test/tpkg/scan-build-reports/ +/src/test/tpkg/install/ +/src/test/tpkg/build/ +/src/test/tpkg/build-stub-only/ +/src/test/tpkg/build-event-loops/ diff --git a/ChangeLog b/ChangeLog index 1adfe0b6..7b7cdf82 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,56 @@ +* 2017-04-13: Version 1.1.0 + * bugfix: Check size of tls_auth_name. + * Improvements that came from Visual Studio static analysis + * Fix to compile with libressl. Thanks phicoh. + * Spelling fixes. Thanks Andreas Schulze. + * bugfix: Reschedule request timeout when getting the DNSSEC chain. + * getdns_context_unset_edns_maximum_udp_payload_size() to reset + to default IPv4/IPv6 dependent edns max udp payload size. + * Implement sensible default edns0 padding policy. Thanks DKG. + * Keep connections open with sync requests too. + * Fix of event loops so they do not give up with naked timers with + windows. Thanks Christian Huitema. + * Include peer certificate with DNS-over-TLS in combination with + the return_call_reporting extension. + * More fine grained control over TLS upstream retry and back off + behaviour with getdns_context_set_tls_backoff_time() and + getdns_context_set_tls_connection_retries(). + * New round robin over the available upstreams feaure. + Enable with getdns_context_set_round_robin_upstreams() + * Bugfix: Queue requests when no sockets available for outgoing queries. + * Obey the outstanding query limit with STUB resolution mode too. + * Updated stubby config file + * Draft MDNS client implementation by Christian Huitema. + Enable with --enable-draft-mdns-support to configure + * bugfix: Let synchronous queries use fds > MAX_FDSETSIZE; + By moving default eventloop from select to poll + Thanks Neil Cook + * bugfix: authentication failure for self signed cert + only pinset + * bugfix: issue with session re-use making authentication appear to fail + +* 2017-01-13: Version 1.0.0 + * edns0_cookies extension enabled by default (per RFC7873) + * dnssec_roadblock_avoidance enabled by default (per RFC8027) + * bugfix: DSA support with OpenSSL 1.1.0 + * Initialize OpenSSL just once in a thread safe way + * Thread safety with arc4random function + * Improvements that came from Visual Studio static analysis + Thanks Christian Huitema + * Conventional RFC3986 IPv6 [address]:port parsing from getdns_query + * bugfix: OpenSSL 1.1.0 style crypto locking + Thanks volkommenheit + * configure tells *which* dependency is missing + * bugfix: Exclude terminating '\0' from bindata's returned by + getdns_get_suffix(). Thanks Jim Hague + * Better README.md. Thanks Andrew Sullivan + +* 2016-10-19: Version 1.1.0-a2 + * Improved TLS connection management + * OpenSSL 1.1 support + * Stubby, Server version of getdns_query that by default listens + on 127.0.0.1 and ::1 and reads config from /etc/stubby.conf + and $HOME/.stubby.conf + * 2016-07-14: Version 1.1.0a1 * Conversion functions from text strings to getdns native types: getdns_str2dict(), getdns_str2list(), getdns_str2bindata() and @@ -127,7 +180,7 @@ '-1' to append suffix only to single label after failure '-M' to append suffix only to multi label name after failure '-N' to never append a suffix - '-Z ' to set suffixes with the given comma separed list + '-Z ' to set suffixes with the given comma separated list * Better help text for getdns_query (printed with the '-h' option) * Setting the +specify_class extension with getdns_query * Return NOT_IMPLEMENTED for not implemented namespaces, and the diff --git a/Makefile.in b/Makefile.in index b0a478a2..2b924c59 100644 --- a/Makefile.in +++ b/Makefile.in @@ -44,7 +44,7 @@ libdir = @libdir@ srcdir = @srcdir@ INSTALL = @INSTALL@ -all : default @GETDNS_QUERY@ +all : default @GETDNS_QUERY@ @STUBBY@ everything: default cd src/test && $(MAKE) @@ -52,7 +52,7 @@ everything: default default: cd src && $(MAKE) $@ -install: all getdns.pc getdns_ext_event.pc @INSTALL_GETDNS_QUERY@ +install: all getdns.pc getdns_ext_event.pc @INSTALL_GETDNS_QUERY@ @INSTALL_STUBBY@ $(INSTALL) -m 755 -d $(DESTDIR)$(docdir) $(INSTALL) -m 644 $(srcdir)/AUTHORS $(DESTDIR)$(docdir) $(INSTALL) -m 644 $(srcdir)/ChangeLog $(DESTDIR)$(docdir) @@ -66,7 +66,6 @@ install: all getdns.pc getdns_ext_event.pc @INSTALL_GETDNS_QUERY@ $(INSTALL) -m 644 getdns_ext_event.pc $(DESTDIR)$(libdir)/pkgconfig $(INSTALL) -m 755 -d $(DESTDIR)$(docdir)/spec $(INSTALL) -m 644 $(srcdir)/spec/index.html $(DESTDIR)$(docdir)/spec - $(INSTALL) -m 644 $(srcdir)/spec/getdns*tgz $(DESTDIR)$(docdir)/spec || true cd src && $(MAKE) $@ cd doc && $(MAKE) $@ @echo "***" @@ -87,7 +86,7 @@ install: all getdns.pc getdns_ext_event.pc @INSTALL_GETDNS_QUERY@ @echo "*** at package installation time from the post-install script." @echo "***" -uninstall: @UNINSTALL_GETDNS_QUERY@ +uninstall: @UNINSTALL_GETDNS_QUERY@ @UNINSTALL_STUBBY@ rm -rf $(DESTDIR)$(docdir) cd doc && $(MAKE) $@ cd src && $(MAKE) $@ @@ -104,6 +103,9 @@ test: getdns_query: cd src && $(MAKE) $@ +stubby: + cd src && $(MAKE) $@ + scratchpad: cd src && $(MAKE) $@ @@ -111,10 +113,16 @@ pad: scratchpad src/test/scratchpad || ./libtool exec gdb src/test/scratchpad install-getdns_query: - cd src/tools && $(MAKE) install + cd src/tools && $(MAKE) $@ uninstall-getdns_query: - cd src/tools && $(MAKE) uninstall + cd src/tools && $(MAKE) $@ + +install-stubby: + cd src/tools && $(MAKE) $@ + +uninstall-stubby: + cd src/tools && $(MAKE) $@ clean: cd src && $(MAKE) $@ @@ -141,18 +149,22 @@ distclean: rm -f m4/ltoptions.m4 rm -f m4/ltsugar.m4 rm -f m4/ltversion.m4 - rm -f $(distdir).tar.gz $(distdir).tar.gz.sha1 + rm -f $(distdir).tar.gz $(distdir).tar.gz.sha256 rm -f $(distdir).tar.gz.md5 $(distdir).tar.gz.asc megaclean: - cd $(srcdir) && rm -fr * .dir-locals.el .gitignore .indent.pro .travis.yml && git reset --hard + cd $(srcdir) && rm -fr * .dir-locals.el .gitignore .indent.pro .travis.yml && git reset --hard && git submodule update --init + +autoclean: megaclean + libtoolize -ci + autoreconf -fi dist: $(distdir).tar.gz -pub: $(distdir).tar.gz.sha1 $(distdir).tar.gz.md5 $(distdir).tar.gz.asc +pub: $(distdir).tar.gz.sha256 $(distdir).tar.gz.md5 $(distdir).tar.gz.asc -$(distdir).tar.gz.sha1: $(distdir).tar.gz - openssl sha1 $(distdir).tar.gz >$@ +$(distdir).tar.gz.sha256: $(distdir).tar.gz + openssl sha256 $(distdir).tar.gz >$@ $(distdir).tar.gz.md5: $(distdir).tar.gz openssl md5 $(distdir).tar.gz >$@ @@ -219,12 +231,13 @@ $(distdir): cp $(srcdir)/src/test/*.good $(distdir)/src/test cp $(srcdir)/src/compat/*.[ch] $(distdir)/src/compat cp $(srcdir)/src/util/*.[ch] $(distdir)/src/util + cp -r $(srcdir)/src/util/orig-headers $(distdir)/src/util + cp -r $(srcdir)/src/util/auxiliary $(distdir)/src/util cp $(srcdir)/src/gldns/*.[ch] $(distdir)/src/gldns cp $(srcdir)/doc/Makefile.in $(distdir)/doc cp $(srcdir)/doc/*.in $(distdir)/doc cp $(srcdir)/doc/manpgaltnames $(distdir)/doc cp $(srcdir)/spec/*.html $(distdir)/spec - cp $(srcdir)/spec/*.tgz $(distdir)/spec || true cp $(srcdir)/spec/example/Makefile.in $(distdir)/spec/example cp $(srcdir)/spec/example/*.[ch] $(distdir)/spec/example cp $(srcdir)/src/tools/Makefile.in $(distdir)/src/tools diff --git a/README.md b/README.md index 623a786f..4bc2b040 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,8 @@ Traditional access to DNS data from applications has several limitations: * Sophisticated uses of the DNS (things like IDNA and DNSSEC validation) require considerable application work, possibly by application developers with little experience with the vagaries of DNS. +getdns also provides an experimental DNS Privacy enabled client called 'stubby' - see below for more details. + ## Motivation for providing the API The developers are of the opinion that DNSSEC offers a unique global infrastructure for establishing and enhancing cryptographic trust relations. With the development of this API we intend to offer application developers a modern and flexible interface that enables end-to-end trust in the DNS architecture, and which will inspire application developers to implement innovative security solutions in their applications. @@ -73,9 +75,13 @@ If you want to make use of the configuration files that utilise a JSON-like form before building. -If you want to use the getdns_query command line wrapper script for testing or to enable getdns as a daemon then you must build it using +As well as building the getdns library 2 other tools are installed by default by the above process: + +* getdns_query: a command line test script wrapper for getdns +* stubby: an experimental DNS Privacy enabled client + +Note: If you only want to build stubby, then use the `--enable-stub-only` and `--without-libidn` options when running 'configure'. - # make getdns_query ## Minimizing dependencies @@ -83,7 +89,7 @@ If you want to use the getdns_query command line wrapper script for testing or t * Currently getdns only offers two helper functions to deal with IDN: `getdns_convert_ulabel_to_alabel` and `getdns_convert_alabel_to_ulabel`. If you do not need these functions, getdns can be configured to compile without them with the `--without-libidn` option to configure. * When both `--enable-stub-only` and `--without-libidn` options are used, getdns has only one dependency left, which is OpenSSL. -## Extensions / Event loop dependencies +## Extensions and Event loop dependencies The implementation works with a variety of event loops, each built as a separate shared library. See [the wiki](https://github.com/getdnsapi/getdns/wiki/Asynchronous-Support#wiki-included-event-loop-integrations) for more details. @@ -91,6 +97,18 @@ The implementation works with a variety of event loops, each built as a separate * [libuv](https://github.com/joyent/libuv) * [libev](http://software.schmorp.de/pkg/libev.html) +## Stubby + +* Stubby is an experimental implementation of a DNS Privacy enabled stub resolver. It is currently suitable for advanced/technical users - all feedback is welcome! Also see [dnsprivacy.org](https://dnsprivacy.org) for more information on DNS Privacy and stubby. +* By default stubby will attempt to use 'Opportunistic' Privacy for DNS queries. +* A sample configuration file is available in the source code (src/tools/stubby.conf) which uses 'Strict' Privacy and some of the available test DNS Privacy servers to resolve queries. Note these servers are test servers that offer no service guarantees. The location of a configuration file can be specified with the '-C' flag +* RECOMMENDED: Minimal logging output from Stubby is available (e.g. which servers are used and connection level statistics) by also using the '--enable-debug-daemon' flag when running 'configure'. + +To use stubby +* Start stubby from the command line +* Test it by doing, for example, 'dig @127.0.0.1 www.example.com' +* Alter the default DNS resolvers on your system to point at localhost (127.0.0.1, ::1) + ## Regression Tests A suite of regression tests are included with the library, if you make changes or just @@ -124,7 +142,7 @@ We have a [getdns users list](https://getdnsapi.net/mailman/listinfo/users) for The [getdns-api mailing list](https://getdnsapi.net/mailman/listinfo/spec) is a good place to engage in discussions regarding the design of the API. -# Tickets/Bug Reports +# Tickets and Bug Reports Tickets and bug reports should be reported via the [GitHub issues list](https://github.com/getdnsapi/getdns/issues). @@ -203,7 +221,7 @@ If you're using [FreeBSD](https://www.freebsd.org/), you may install getdns via If you are using FreeBSD 10 getdns can be intalled via 'pkg install getdns'. -### CentOS/RHEL 6.5 +### CentOS and RHEL 6.5 We rely on the most excellent package manager fpm to build the linux packages, which means that the packaging platform requires ruby 2.1.0. There are other ways to @@ -261,29 +279,30 @@ The build has been tested using the following: 32 bit only Mingw: [Mingw(3.21.0) and Msys 1.0](http://www.mingw.org/) on Windows 8.1 32 bit build on a 64 bit Mingw [Download latest from: http://mingw-w64.org/doku.php/download/mingw-builds and http://msys2.github.io/]. IMPORTANT: Install tested ONLY on the "x86_64" for 64-bit installer of msys2. -Dependencies: +#### Dependencies The following dependencies are -openssl-1.0.2e -libidn +* openssl-1.0.2j +* libidn -Instructions to build openssl-1.0.2e: +Instructions to build openssl-1.0.2j: Open the mingw32_shell.bat from msys2 in order to build: If necessary, install the following using pacman: -pacman -S pkg-config libtool automake -pacman -S autoconf automake-wrapper - tar -xvf openssl-1.0.2e.tar -cd openssl-1.0.2e/ -./Configure --prefix=${LOCALDESTDIR} --openssldir=${LOCALDESTDIR}/etc/ssl --libdir=lib shared zlib-dynamic mingw -make -make install + pacman -S pkg-config libtool automake + pacman -S autoconf automake-wrapper + + tar -xvf openssl-1.0.2j.tar + cd openssl-1.0.2j/ + ./Configure --prefix=${LOCALDESTDIR} --openssldir=${LOCALDESTDIR}/etc/ssl --libdir=lib shared zlib-dynamic mingw + make + make install To configure: ./configure --enable-stub-only --with-trust-anchor="c:\\\MinGW\\\msys\\\1.0\\\etc\\\unbound\\\getdns-root.key" --with-ssl= --with-getdns_query - The trust anchor is also installed by unbound on c:\program Files (X86)\unbound\root.key and can be referenced from there + The trust anchor is also installed by unbound on `c:\program Files (X86)\unbound\root.key` and can be referenced from there or anywhere else that the user chooses to configure it. After configuring, do a `make` and `make install` to build getdns for Windows. @@ -312,8 +331,10 @@ Contributors * Neel Goyal, Verisign, Inc. * Bryan Graham, Verisign, Inc. * Robert Groenenberg +* Jim Hague, Sinodun * Paul Hoffman * Scott Hollenbeck, Verising, Inc. +* Christian Huitema * Shumon Huque, Verisign Labs * Jelte Janssen * Guillem Jover @@ -328,6 +349,7 @@ Contributors * Joel Purra * Tom Pusateri * Prithvi Ranganath, Verisign, Inc. +* Hoda Rohani, NLnet Labs * Rushi Shah, Verisign, Inc. * Vinay Soni, Verisign, Inc. * Melinda Shore, No Mountain Software LLC diff --git a/configure.ac b/configure.ac index 73150114..1aa801f2 100644 --- a/configure.ac +++ b/configure.ac @@ -37,7 +37,7 @@ sinclude(./m4/ax_check_compile_flag.m4) sinclude(./m4/pkg.m4) AC_INIT([getdns], [1.1.0], [users@getdnsapi.net], [], [https://getdnsapi.net]) -AC_SUBST(RELEASE_CANDIDATE, [a1]) +AC_SUBST(RELEASE_CANDIDATE, []) # Set current date from system if not set AC_ARG_WITH([current-date], @@ -47,7 +47,7 @@ AC_ARG_WITH([current-date], [CURRENT_DATE="`date -u +%Y-%m-%dT%H:%M:%SZ`"]) AC_SUBST(GETDNS_VERSION, ["AC_PACKAGE_VERSION$RELEASE_CANDIDATE"]) -AC_SUBST(GETDNS_NUMERIC_VERSION, [0x0100A100]) +AC_SUBST(GETDNS_NUMERIC_VERSION, [0x01010000]) AC_SUBST(API_VERSION, ["December 2015"]) AC_SUBST(API_NUMERIC_VERSION, [0x07df0c00]) GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRENT_DATE for the $API_VERSION version of the API" @@ -77,10 +77,10 @@ GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRE # getdns-0.5.0 had libversion 4:0:3 # getdns-0.5.1 had libversion 4:1:3 (but should have been getdns-0.6.0) # getdns-0.9.0 had libversion 5:0:4 -# getdns-1.0.0 will have libversion 5:1:4 -# getdns-1.1.0 will have libversion 6:0:5 +# getdns-1.0.0 had libversion 5:1:4 +# getdns-1.1.0 will have libversion 6:0:0 # -GETDNS_LIBVERSION=6:0:5 +GETDNS_LIBVERSION=6:0:0 AC_SUBST(GETDNS_COMPILATION_COMMENT) AC_SUBST(GETDNS_LIBVERSION) @@ -96,9 +96,17 @@ AC_PROG_CPP AC_CANONICAL_HOST CFLAGS="$CFLAGS" +WPEDANTICFLAG="" +WNOERRORFLAG="" AC_PROG_CC_C99 AX_CHECK_COMPILE_FLAG([-xc99],[CFLAGS="$CFLAGS -xc99"],[],[]) AX_CHECK_COMPILE_FLAG([-Wall],[CFLAGS="$CFLAGS -Wall"],[],[]) +AX_CHECK_COMPILE_FLAG([-Wextra],[CFLAGS="$CFLAGS -Wextra"],[],[]) +AX_CHECK_COMPILE_FLAG([-Wpedantic],[WPEDANTICFLAG="-Wpedantic"],[],[]) +AX_CHECK_COMPILE_FLAG([-Wno-error=unused-parameter],[WNOERRORFLAG="-Wno-error=unused-parameter"],[],[]) +AX_CHECK_COMPILE_FLAG([-Wno-unused-parameter],[WNOERRORFLAG="$WNOERRORFLAG -Wno-unused-parameter"],[],[]) +AC_SUBST(WPEDANTICFLAG) +AC_SUBST(WNOERRORFLAG) case "$host_os" in linux* ) CFLAGS="$CFLAGS -D_BSD_SOURCE -D_DEFAULT_SOURCE" @@ -141,22 +149,32 @@ fi ]) ACX_ARG_RPATH - +AC_ARG_ENABLE(debug-req, AC_HELP_STRING([--enable-debug-req], [Enable request debugging])) AC_ARG_ENABLE(debug-sched, AC_HELP_STRING([--enable-debug-sched], [Enable scheduling debugging messages])) AC_ARG_ENABLE(debug-stub, AC_HELP_STRING([--enable-debug-stub], [Enable stub debugging messages])) +AC_ARG_ENABLE(debug-daemon, AC_HELP_STRING([--enable-debug-daemon], [Enable daemon debugging messages])) AC_ARG_ENABLE(debug-sec, AC_HELP_STRING([--enable-debug-sec], [Enable dnssec debugging messages])) AC_ARG_ENABLE(debug-server, AC_HELP_STRING([--enable-debug-server], [Enable server debugging messages])) -AC_ARG_ENABLE(all-debugging, AC_HELP_STRING([--enable-all-debugging], [Enable scheduling, stub and dnssec debugging])) +AC_ARG_ENABLE(all-debugging, AC_HELP_STRING([--enable-all-debugging], [Enable all debugging messages])) case "$enable_all_debugging" in yes) + enable_debug_req=yes enable_debug_sched=yes enable_debug_stub=yes + enable_debug_daemon=yes enable_debug_sec=yes enable_debug_server=yes ;; no|*) ;; esac +case "$enable_debug_req" in + yes) + AC_DEFINE_UNQUOTED([REQ_DEBUG], [1], [Define this to enable printing of request debugging messages.]) + ;; + no|*) + ;; +esac case "$enable_debug_sched" in yes) AC_DEFINE_UNQUOTED([SCHED_DEBUG], [1], [Define this to enable printing of scheduling debugging messages.]) @@ -171,6 +189,13 @@ case "$enable_debug_stub" in no|*) ;; esac +case "$enable_debug_daemon" in + yes) + AC_DEFINE_UNQUOTED([DAEMON_DEBUG], [1], [Define this to enable printing of daemon debugging messages.]) + ;; + no|*) + ;; +esac case "$enable_debug_sec" in yes) AC_DEFINE_UNQUOTED([SEC_DEBUG], [1], [Define this to enable printing of dnssec debugging messages.]) @@ -198,6 +223,30 @@ case "$enable_debug_keep_connections_open" in ;; esac + +DEFAULT_EVENTLOOP=select_eventloop +AC_CHECK_HEADERS([sys/poll.h poll.h sys/resource.h],,, [AC_INCLUDES_DEFAULT]) +AC_ARG_ENABLE(poll-eventloop, AC_HELP_STRING([--disable-poll-eventloop], [Disable default eventloop based on poll (default=enabled if available)])) +case "$enable_poll_eventloop" in + no) + ;; + yes|*) +AC_MSG_CHECKING(for poll) +AC_LINK_IFELSE([AC_LANG_PROGRAM([ +#ifdef HAVE_SYS_POLL_H +#include +#else +#include +#endif +], [int rc; rc = poll((struct pollfd *)(0), 0, 0);])], [ +AC_MSG_RESULT(yes) +AC_DEFINE_UNQUOTED([USE_POLL_DEFAULT_EVENTLOOP], [1], [Define this to enable a default eventloop based on poll().]) +DEFAULT_EVENTLOOP=poll_eventloop +],[AC_MSG_RESULT(no)]) + ;; +esac +AC_SUBST(DEFAULT_EVENTLOOP) + AC_ARG_ENABLE(tcp-fastopen, AC_HELP_STRING([--disable-tcp-fastopen], Disable TCP Fast Open (default=enabled if available)), enable_tcp_fastopen="$enableval", enable_tcp_fastopen=yes) if test "x$enable_tcp_fastopen" = xno; then @@ -246,7 +295,8 @@ else fi AC_CHECK_HEADERS([openssl/conf.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_HEADERS([openssl/engine.h],,, [AC_INCLUDES_DEFAULT]) -AC_CHECK_FUNCS([OPENSSL_config EVP_md5 EVP_sha1 EVP_sha224 EVP_sha256 EVP_sha384 EVP_sha512 FIPS_mode ENGINE_load_cryptodev EVP_PKEY_keygen ECDSA_SIG_get0 EVP_MD_CTX_new EVP_PKEY_base_id HMAC_CTX_new HMAC_CTX_free TLS_client_method]) +AC_CHECK_HEADERS([openssl/bn.h openssl/rsa.h openssl/dsa.h],,, [AC_INCLUDES_DEFAULT]) +AC_CHECK_FUNCS([OPENSSL_config EVP_md5 EVP_sha1 EVP_sha224 EVP_sha256 EVP_sha384 EVP_sha512 FIPS_mode ENGINE_load_cryptodev EVP_PKEY_keygen ECDSA_SIG_get0 EVP_MD_CTX_new EVP_PKEY_base_id HMAC_CTX_new HMAC_CTX_free TLS_client_method DSA_SIG_set0 EVP_dss1 SSL_CTX_set_min_proto_version]) AC_CHECK_DECLS([SSL_COMP_get_compression_methods,sk_SSL_COMP_pop_free,SSL_CTX_set_ecdh_auto], [], [], [ AC_INCLUDES_DEFAULT #ifdef HAVE_OPENSSL_ERR_H @@ -270,6 +320,15 @@ AC_INCLUDES_DEFAULT fi +AC_ARG_ENABLE(sha1, AC_HELP_STRING([--disable-sha1], [Disable SHA1 RRSIG support, does not disable nsec3 support])) + case "$enable_sha1" in + no) + ;; + yes|*) + AC_DEFINE([USE_SHA1], [1], [Define this to enable SHA1 support.]) + ;; +esac + AC_ARG_ENABLE(sha2, AC_HELP_STRING([--disable-sha2], [Disable SHA256 and SHA512 RRSIG support])) case "$enable_sha2" in no) @@ -433,39 +492,39 @@ case "$enable_dsa" in ;; *) dnl default # detect if DSA is supported, and turn it off if not. - AC_CHECK_FUNC(EVP_dss1, [ + AC_CHECK_FUNC(DSA_SIG_new, [ AC_DEFINE_UNQUOTED([USE_DSA], [1], [Define this to enable DSA support.]) ], [if test "x$enable_dsa" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support DSA and you used --enable-dsa.]) fi ]) ;; esac -AC_ARG_ENABLE(draft-dnssec-roadblock-avoidance, AC_HELP_STRING([--enable-draft-dnssec-roadblock-avoidance], [Enable experimental dnssec roadblock avoidance])) -AC_ARG_ENABLE(draft-edns-cookies, AC_HELP_STRING([--enable-draft-edns-cookies], [Enable experimental edns cookies])) -AC_ARG_ENABLE(all-drafts, AC_HELP_STRING([--enable-all-drafts], [Enable cookies and roadblock avoidance])) +AC_ARG_ENABLE(all-drafts, AC_HELP_STRING([--enable-all-drafts], [Enables the draft mdns client support])) case "$enable_all_drafts" in yes) - enable_draft_dnssec_roadblock_avoidance=yes - enable_draft_edns_cookies=yes + AC_DEFINE_UNQUOTED([HAVE_MDNS_SUPPORT], [1], [Define this to enable the draft mdns client support.]) ;; no|*) ;; esac -case "$enable_draft_dnssec_roadblock_avoidance" in - yes) - AC_DEFINE_UNQUOTED([DNSSEC_ROADBLOCK_AVOIDANCE], [1], [Define this to enable the experimental draft dnssec roadblock avoidance.]) +AC_ARG_ENABLE(dnssec-roadblock-avoidance, AC_HELP_STRING([--disable-dnssec-roadblock-avoidance], [Disable dnssec roadblock avoidance])) +case "$enable_dnssec_roadblock_avoidance" in + no) ;; - no|*) + yes|*) + AC_DEFINE_UNQUOTED([DNSSEC_ROADBLOCK_AVOIDANCE], [1], [Define this to enable the experimental dnssec roadblock avoidance.]) ;; esac -case "$enable_draft_edns_cookies" in - yes) + +AC_ARG_ENABLE(edns-cookies, AC_HELP_STRING([--disable-edns-cookies], [Disable edns cookies])) +case "$enable_edns_cookies" in + no) + ;; + yes|*) if test "x_$HAVE_SSL" != "x_yes"; then - AC_MSG_ERROR([edns cookies need openssl libcrypto which is not available, please rerun without --enable-draft-edns-cookies]) + AC_MSG_ERROR([edns cookies need openssl libcrypto which is not available, please rerun with --disable-edns-cookies]) fi - AC_DEFINE_UNQUOTED([EDNS_COOKIES], [1], [Define this to enable the experimental draft edns cookies.]) - ;; - no|*) + AC_DEFINE_UNQUOTED([EDNS_COOKIES], [1], [Define this to enable the experimental edns cookies.]) ;; esac AC_DEFINE_UNQUOTED([EDNS_COOKIE_OPCODE], [10], [The edns cookie option code.]) @@ -474,6 +533,15 @@ AC_DEFINE_UNQUOTED([EDNS_COOKIE_ROLLOVER_TIME], [(24 * 60 * 60)], [How often the AC_DEFINE_UNQUOTED([MAXIMUM_UPSTREAM_OPTION_SPACE], [3000], [limit for dynamically-generated DNS options]) AC_DEFINE_UNQUOTED([EDNS_PADDING_OPCODE], [12], [The edns padding option code.]) +AC_ARG_ENABLE(draft-mdns-support, AC_HELP_STRING([--enable-draft-mdns-support], [Enable draft mdns client support])) +case "$enable_draft_mdns_support" in + yes) + AC_DEFINE_UNQUOTED([HAVE_MDNS_SUPPORT], [1], [Define this to enable the draft mdns client support.]) + ;; + no|*) + ;; +esac + my_with_libunbound=1 AC_ARG_ENABLE(stub-only, AC_HELP_STRING([--enable-stub-only], [Restricts resolution modes to STUB (which will be the default mode). Removes the libunbound dependency.])) case "$enable_stub_only" in @@ -553,10 +621,16 @@ fi # Checks for libraries. found_all_libs=1 +MISSING_DEPS="" +MISSING_SEP="" if test $my_with_libidn = 1 then AC_MSG_NOTICE([Checking for dependency libidn]) - AC_CHECK_LIB([idn], [idna_to_ascii_8z], [], [found_all_libs=0]) + AC_CHECK_LIB([idn], [idna_to_ascii_8z], [], [ + MISSING_DEPS="${MISSING_DEPS}${MISSING_SEP}libidn" + MISSING_SEP=", " + found_all_libs=0 + ]) fi AC_ARG_ENABLE(unbound-event-api, AC_HELP_STRING([--disable-unbound-event-api], [Disable usage of libunbounds event API])) @@ -585,12 +659,16 @@ then ]) fi AC_CHECK_FUNCS([ub_ctx_set_stub]) - ], [found_all_libs=0]) + ], [ + MISSING_DEPS="${MISSING_DEPS}${MISSING_SEP}libunbound" + MISSING_SEP=", " + found_all_libs=0 + ]) fi if test $found_all_libs = 0 then - AC_MSG_ERROR([One more dependencies is missing]) + AC_MSG_ERROR([Missing dependencies: $MISSING_DEPS]) fi AC_PATH_PROG([DOXYGEN], [doxygen]) @@ -607,7 +685,7 @@ AC_TYPE_UINT16_T AC_TYPE_UINT32_T AC_TYPE_UINT64_T AC_TYPE_UINT8_T -AC_CHECK_TYPE([u_char]) +AC_CHECK_TYPES([u_char]) AC_CHECK_FUNCS([fcntl]) # check ioctlsocket @@ -692,7 +770,7 @@ AS_IF([test x_$withval = x_no], [AC_MSG_ERROR([event2/event.h and event.h missing, try without libevent])] [have_libevent=0], [AC_INCLUDES_DEFAULT] - [#if HAVE_U_CHAR == 0 + [#ifndef HAVE_U_CHAR typedef unsigned char u_char; #endif])], [AC_INCLUDES_DEFAULT])], @@ -903,6 +981,26 @@ else INSTALL_GETDNS_QUERY="install-getdns_query" UNINSTALL_GETDNS_QUERY="uninstall-getdns_query" fi +AC_SUBST(GETDNS_QUERY) +AC_SUBST(INSTALL_GETDNS_QUERY) +AC_SUBST(UNINSTALL_GETDNS_QUERY) + +AC_ARG_WITH(stubby, AS_HELP_STRING([--without-stubby], + [Do not compile and install stubby, the (stub) resolver daemon]), + [], [withval="yes"]) +if test x_$withval = x_no; then + STUBBY="" + INSTALL_STUBBY="" + UNINSTALL_STUBBY="" +else + STUBBY="stubby" + INSTALL_STUBBY="install-stubby" + UNINSTALL_STUBBY="uninstall-stubby" +fi +AC_SUBST(STUBBY) +AC_SUBST(INSTALL_STUBBY) +AC_SUBST(UNINSTALL_STUBBY) + AC_ARG_WITH(fd-setsize, AS_HELP_STRING([--with-fd-setsize=size], [Set maximum file descriptor number that can be used by select]), [], [withval="no"]) @@ -915,22 +1013,33 @@ case "$withval" in ;; esac -AC_SUBST(GETDNS_QUERY) -AC_SUBST(INSTALL_GETDNS_QUERY) -AC_SUBST(UNINSTALL_GETDNS_QUERY) - AC_CONFIG_FILES([Makefile src/Makefile src/version.c src/getdns/getdns.h src/getdns/getdns_extra.h spec/example/Makefile src/test/Makefile src/tools/Makefile doc/Makefile getdns.pc getdns_ext_event.pc]) if [ test -n "$DOXYGEN" ] then AC_CONFIG_FILES([src/Doxyfile]) fi +#---- check for pthreads library +AC_SEARCH_LIBS([pthread_mutex_init],[pthread], [ + AC_DEFINE([HAVE_PTHREAD], [1], [Have pthreads library]) + LIBS="-lpthread $LIBS" +], [AC_MSG_WARN([pthreads not available])]) + +AC_MSG_CHECKING([whether the C compiler (${CC-cc}) supports the __func__ variable]) +AC_LANG_PUSH(C) +AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[char*s=__func__;]],[[]])], + [AC_MSG_RESULT([yes]) + AC_DEFINE(HAVE___FUNC__, [1], [Whether the C compiler support the __func__ variable])], + [AC_MSG_RESULT([no])]) +AC_LANG_POP(C) + dnl ----- dnl ----- Start of "Things needed for gldns" section dnl ----- dnl --------------------------------------------------------------------------- -AC_CHECK_HEADERS([stdarg.h stdint.h netinet/in.h arpa/inet.h netdb.h sys/socket.h time.h sys/time.h sys/select.h],,, [AC_INCLUDES_DEFAULT]) +AC_CHECK_HEADERS([stdarg.h stdint.h netinet/in.h arpa/inet.h netdb.h sys/socket.h time.h sys/time.h sys/select.h endian.h],,, [AC_INCLUDES_DEFAULT]) dnl Check the printf-format attribute (if any) dnl result in HAVE_ATTR_FORMAT. @@ -1022,8 +1131,6 @@ if test "$ac_cv_func_arc4random" = "no"; then ]) fi -AC_DEFINE(USE_MINI_EVENT, 1, [Needed for sync stub resolver functions]) - AC_TYPE_SIGNAL case `uname` in @@ -1040,18 +1147,23 @@ AC_DEFINE_UNQUOTED([MAX_CNAME_REFERRALS], [100], [The maximum number of cname re AH_BOTTOM([ -#ifdef GETDNS_ON_WINDOWS -/* On windows it is allowed to increase the FD_SETSIZE - * (and nescessary to make our custom eventloop work) - * See: https://support.microsoft.com/en-us/kb/111855 - */ -#ifndef FD_SETSIZE -#define FD_SETSIZE 1024 +#ifdef HAVE___FUNC__ +#define __FUNC__ __func__ +#else +#define __FUNC__ __FUNCTION__ #endif -#define PRIsz "%Iu" +#ifdef GETDNS_ON_WINDOWS + /* On windows it is allowed to increase the FD_SETSIZE + * (and nescessary to make our custom eventloop work) + * See: https://support.microsoft.com/en-us/kb/111855 + */ +# ifndef FD_SETSIZE +# define FD_SETSIZE 1024 +# endif +# define PRIsz "%Iu" #else -#define PRIsz "%zu" +# define PRIsz "%zu" #endif #include @@ -1088,8 +1200,6 @@ AH_BOTTOM([ #define FD_SET_T #endif - - #ifdef __cplusplus extern "C" { #endif @@ -1144,6 +1254,12 @@ int inet_pton(int af, const char* src, void* dst); const char *inet_ntop(int af, const void *src, char *dst, size_t size); #endif +#ifdef USE_WINSOCK +static inline int _gldns_custom_vsnprintf(char *str, size_t size, const char *format, va_list ap) +{ int r = vsnprintf(str, size, format, ap); return r == -1 ? _vscprintf(format, ap) : r; } +# define vsnprintf _gldns_custom_vsnprintf +#endif + #ifdef __cplusplus } #endif diff --git a/doc/Makefile.in b/doc/Makefile.in index 301175bf..94770c77 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -77,6 +77,7 @@ uninstall: clean: for x in $(MANPAGES3); do rm -f $$($(srcdir)/manpgaltnames $$x); done + rm -f tagfile rm -rf $(DOCDIRS) $(MANPAGES3) distclean : clean diff --git a/doc/getdns_address.3.in b/doc/getdns_address.3.in index 122f2392..561518d9 100644 --- a/doc/getdns_address.3.in +++ b/doc/getdns_address.3.in @@ -33,7 +33,7 @@ -- get ip address(es) for a name .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_cancel_callback.3.in b/doc/getdns_cancel_callback.3.in index 012bd3ef..297e3053 100644 --- a/doc/getdns_cancel_callback.3.in +++ b/doc/getdns_cancel_callback.3.in @@ -32,7 +32,7 @@ -- cancel an outstanding asyn getdns request .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_context.3.in b/doc/getdns_context.3.in index 71ed4b15..6fb089bb 100644 --- a/doc/getdns_context.3.in +++ b/doc/getdns_context.3.in @@ -39,7 +39,7 @@ .ad n .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include @@ -141,7 +141,7 @@ in use might have a requirements on this issue. You may need to provide one or two functions to allow it to function properly. For example before you call getdns_context_create() you may need to use the openssl functions CRYPTO_set_id_callback and CRYPTO_set_locking_callback to set up -asyncronous operation (the application calls these functions once for initialisation). +asynchronous operation (the application calls these functions once for initialisation). Openssl 1.0.0 or later uses the CRYPTO_THREADID_set_callback function. .HP 3 diff --git a/doc/getdns_context_set.3.in b/doc/getdns_context_set.3.in index 606a653d..b97bc243 100644 --- a/doc/getdns_context_set.3.in +++ b/doc/getdns_context_set.3.in @@ -45,7 +45,7 @@ .ad n .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_context_set_context_update_callback.3.in b/doc/getdns_context_set_context_update_callback.3.in index d85b1b3e..d51b34ff 100644 --- a/doc/getdns_context_set_context_update_callback.3.in +++ b/doc/getdns_context_set_context_update_callback.3.in @@ -32,7 +32,7 @@ -- get informed on getdns context updates .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_convert.3.in b/doc/getdns_convert.3.in index 25614585..fb8fca91 100644 --- a/doc/getdns_convert.3.in +++ b/doc/getdns_convert.3.in @@ -34,7 +34,7 @@ -- convert dname between presentation- and wire-format .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_dict.3.in b/doc/getdns_dict.3.in index d4d9b3b9..2ee2b45c 100644 --- a/doc/getdns_dict.3.in +++ b/doc/getdns_dict.3.in @@ -38,7 +38,7 @@ .ad n .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_dict_get.3.in b/doc/getdns_dict_get.3.in index 956c0523..45c71870 100644 --- a/doc/getdns_dict_get.3.in +++ b/doc/getdns_dict_get.3.in @@ -38,7 +38,7 @@ -- get value by name from a getdns dict .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_dict_set.3.in b/doc/getdns_dict_set.3.in index ee684090..f42e455a 100644 --- a/doc/getdns_dict_set.3.in +++ b/doc/getdns_dict_set.3.in @@ -36,7 +36,7 @@ -- set a value by name in a getdns dict .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_display_ip_address.3.in b/doc/getdns_display_ip_address.3.in index a038f4e9..08ea7da1 100644 --- a/doc/getdns_display_ip_address.3.in +++ b/doc/getdns_display_ip_address.3.in @@ -32,7 +32,7 @@ -- convert an getdns ip address to string .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_general.3.in b/doc/getdns_general.3.in index 9b983d0d..27b25574 100644 --- a/doc/getdns_general.3.in +++ b/doc/getdns_general.3.in @@ -33,7 +33,7 @@ -- do a getdns DNS lookup .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_hostname.3.in b/doc/getdns_hostname.3.in index e45c3620..25f53b39 100644 --- a/doc/getdns_hostname.3.in +++ b/doc/getdns_hostname.3.in @@ -33,7 +33,7 @@ -- get hostname by address .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_list.3.in b/doc/getdns_list.3.in index 2bbd8f3c..47a17272 100644 --- a/doc/getdns_list.3.in +++ b/doc/getdns_list.3.in @@ -38,7 +38,7 @@ .ad n .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_list_get.3.in b/doc/getdns_list_get.3.in index 1749ef08..d58d6851 100644 --- a/doc/getdns_list_get.3.in +++ b/doc/getdns_list_get.3.in @@ -38,7 +38,7 @@ -- get a value by index from a getdns list .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_list_set.3.in b/doc/getdns_list_set.3.in index 301bb882..cbba6959 100644 --- a/doc/getdns_list_set.3.in +++ b/doc/getdns_list_set.3.in @@ -36,7 +36,7 @@ -- set a value by index from a getdns list .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_pretty_print_dict.3.in b/doc/getdns_pretty_print_dict.3.in index 7ab966e3..e3e9f73e 100644 --- a/doc/getdns_pretty_print_dict.3.in +++ b/doc/getdns_pretty_print_dict.3.in @@ -32,7 +32,7 @@ -- return a string representation of a getdns dict .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_root_trust_anchor.3.in b/doc/getdns_root_trust_anchor.3.in index 401cd297..3d16b238 100644 --- a/doc/getdns_root_trust_anchor.3.in +++ b/doc/getdns_root_trust_anchor.3.in @@ -32,7 +32,7 @@ -- return the getdns list of default root trust anchors .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_service.3.in b/doc/getdns_service.3.in index 35f40579..ab03c880 100644 --- a/doc/getdns_service.3.in +++ b/doc/getdns_service.3.in @@ -33,7 +33,7 @@ -- getdns lookup of a service .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/getdns_validate_dnssec.3.in b/doc/getdns_validate_dnssec.3.in index bce70b85..a97ca72e 100644 --- a/doc/getdns_validate_dnssec.3.in +++ b/doc/getdns_validate_dnssec.3.in @@ -32,7 +32,7 @@ -- DNSSEC validate a given getdns record .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS #include diff --git a/doc/libgetdns.3.in b/doc/libgetdns.3.in index 0c4d2ece..791ed384 100644 --- a/doc/libgetdns.3.in +++ b/doc/libgetdns.3.in @@ -32,7 +32,7 @@ libgetdns -- an implementation of a modern asynchronous DNS API by and for application developers .SH LIBRARY -DNS Resolver library (libgetdns, -lgetdns) +DNS Resolver library (libgetdns, \-lgetdns) .SH SYNOPSIS .B libgetdns @@ -230,7 +230,7 @@ Set to GETDNS_EXTENSION_TRUE to include the DNSSEC status for each DNS record in .HP 3 "dnssec_return_only_secure" (int) -Set to GETDNS_EXTENSION_TRUE to cause only records that the API can validate as secure withe DNSSEC to be returned in the +Set to GETDNS_EXTENSION_TRUE to cause only records that the API can validate as secure with DNSSEC to be returned in the .I replies_tree and .I replies_full lists diff --git a/project-doc/cachedesign.txt b/project-doc/cachedesign.txt index fcce2b3d..71606e7c 100644 --- a/project-doc/cachedesign.txt +++ b/project-doc/cachedesign.txt @@ -13,10 +13,10 @@ Recursive Resolver Cache Caching is arguably an important feature for most recursive resolvers. In this case we are not intending a replacement for the fully functional recursive resolvers already available (BIND, Unbound, etc.) -so we shoudl limit a cache implementation to behaviors important to +so we should limit a cache implementation to behaviors important to proper operation of a recursive resolver. -DNSSEC validation can potentially triggers more queries than a simple +DNSSEC validation can potentially trigger more queries than a simple request for a A RR so I think it makes sense to cache root and TLD data. Once we have gone that far it isn't much of a reach to cache at each layer in the hierarchy (depth will not increase the coding diff --git a/project-doc/release-procedure.txt b/project-doc/release-procedure.txt index 6438a4cf..3222a85b 100644 --- a/project-doc/release-procedure.txt +++ b/project-doc/release-procedure.txt @@ -1,61 +1,52 @@ -High level release procedure that we follow to make a formal release for the -getdns API project. This is a recipe - if you have a better way to do it then -update this document and share it with us. +High level release procedure for formal release for the getdns API project. -- code freeze - confirm with core team that all commits are in, from this point forward - only bug fixes should be committed to the release branch, once the release - is cut nothing should be committed to the release branch (make a new release) +1) Git branching for a release + -- Confirm with core team (preferably via email) that all commits to be included + in the release are in the develop branch. Development for the next release can + continue on develop. + -- Create a release branch. We use the pattern "release/v1.0.0-b3" for naming + release branches. This branch is used for testing + and bug fixing while preparing the release (which can take several days + if there are un-foreseen issues). Note that from this point forward _only_ + bug fixes for this release should be committed to the release branch. + -- Once the release is published there should be no further commits on that + release branch. -- create a release branch - in git repository named for the release, e.g. "release/v1.0.0-b3" - we do this because folks may want to continue to work in the develop branch - and be free to commit changes without injuring the release process. Since - building and testing binaries for a release takes a few days we don't want to - force changes to queue up. - - One might argue that a release can be cut more quickly, however there are - inevitably little tweaks that need to be made that get uncovered as a result - of the binary builds - these tweaks need to be included in the souces for - this release so building the source tarball can't be done until all of the - binaries have been built and tested. - -- clone repo release branch to a clean local repo - this should be a brand spanking new directory - don't try to shortcut it and - use a working directory with lots of cruft - crap will find its way into the - release and embarass you: +2) Prepare the release + -- Clone the upstream to a _new_ local directory. (Do NOT re-use and + existing working copy as this can lead to issues). # git clone -b v1.0.0-b3 https://github.com/getdnsapi/getdns.git getdns-1.0.0-b3 -- update files to reflect release number/date - ./README.md - ./ChangeLog - ./configure.ac - - Watch for and change values: - - AC_INIT - - RELEASE_CANDIDATE - - GETDNS_NUMERIC_VERSION - - API_VERSION and API_NUMERUC_VERSION - - read section "Library version" and - update GETDNS_LIBVERSION carefully! + -- Update several files to reflect release number/date + ./README.md + ./ChangeLog + ./configure.ac + - Check and change the values for: + - AC_INIT + - RELEASE_CANDIDATE + - GETDNS_NUMERIC_VERSION + - API_VERSION and API_NUMERUC_VERSION + - read the section "Library version" and update GETDNS_LIBVERSION carefully! - # autoreconf -fi + # autoreconf -fi - commit these changes to the release branch + Commit these changes to the release branch - # git commit -a -m "release number and date updates" - # git push + # git commit -a -m "release number and date updates" + # git push -- Do the unit tests on as many different systems as you can. They must all - be able to fulfill all requirements. So they have libidn, libev, libuv, libevent, - latest libunbound, latest openssl (at least 1.0.2) lastest clang compiler - (for static analysis), latest valigrind. Then run: +3) Test + The unit and tpkg tests should be run on all the supported platforms. They must all + be able to fulfil all requirements. So they must have libidn, libev, libuv, libevent, + latest libunbound, latest openssl (at least 1.0.2) latest clang compiler + (for static analysis), latest valgrind. The tests can be run using: - # ${GETDNS_SRCDIR}/src/test/tpkg/run-all.sh + # ${GETDNS_SRCDIR}/src/test/tpkg/run-all.sh - and evaluate the results. + and evaluating the results. -- build and sign source distribution tarball: +4) Build and sign source distribution tarball # rm -fr * # git reset --hard # git submodule update --init @@ -64,47 +55,39 @@ update this document and share it with us. # ./configure # make pub - - test the resulting tar by building it and running the regression tests - on as many different systems as you can. + The resulting tarball must be built, installed and tested on all the supported + platforms. Be sure to use a user that was NOT used for the build, this will uncover + any issues related to absolute paths in the build -- install on each target platform - - make sure and use a user that was NOT used for the build, this will uncover - any silliness related to absolute paths in the build +5) Fix any problems + -- If a build breaks or an install fails then commit fixes to the release branch. + Then re-run steps 3 and 4 for all supported platforms using the new code. -- if a build breaks or an install fails then commit fixes to the relase branch - - rebuild EVERY binary using the changed release branch +6) Merge branch changes back into master/develop + -- If this is a production release - then the release branch must be merged into master + Sign the merge tag if possible. + -- Now the release is ready, all the relevant commits on the release branch + should also be merged back into develop. -- merge branch changes back into master +7) Create the tarball + # make clean + # make pub + This generates getdns-1.0.0-b3.tar.gz + checksums + signatures. -- once all binaries are built and tested clean, create source tar ball +8) Upload source tarball and checksums and signatures to the getdnsapi.net site - you may need to run this as root to permit the chown - # make clean - # make pub - generates getdns-1.0.0-b3.tar.gz + checksums + signatures + # scp getdns-1.0.0-b3.tar.gz* getdnsapi.net:/usr/local/www/apache24/data/dist -- upload source tarball and checsums and signatures to the getdnsapi.net site +9) Create and push signed tags to github - # scp getdns-1.0.0-b3.tar.gz* getdnsapi.net:/usr/local/www/apache24/data/dist + # git -s v1.0.0-b3 + # git push --tags -- Create and push signed tags to github +10) Update getdnsapi.net web site + - Create an entry the the 'Checksum' page using the content of ChangeLog + - Create a new 'News' entry - # git -s v1.0.0-b3 - # git push --tags - -- update getdnsapi.net web site - - create a getdns-1.0.0-b3.tar.gz.changelog and - getdns-1.0.0-b3.tar.gz.html in - /usr/local/www/apache24/data/dist - with the content of ChangeLog - and the release announcement respectively. - - Edit /usr/local/www/apache24/build_site.py. - Change latest entry and create a new news_item entry. - - rebuild website - # cd /usr/local/www/apache24 - # ./build_site.py - -- announce message to +11) Announce the release to the lists (make sure to sign the emails) users@getdnsapi.net, spec@getdnsapi.net and maintainers@nlnetlabs.nl diff --git a/src/Doxyfile.in b/src/Doxyfile.in index 2e8b3d63..e12f9c58 100644 --- a/src/Doxyfile.in +++ b/src/Doxyfile.in @@ -1657,7 +1657,7 @@ TAGFILES = # When a file name is specified after GENERATE_TAGFILE, doxygen will create # a tag file that is based on the input files it reads. -GENERATE_TAGFILE = +GENERATE_TAGFILE = ../doc/tagfile # If the ALLEXTERNALS tag is set to YES all external classes will be listed # in the class index. If set to NO only the inherited external classes diff --git a/src/Makefile.in b/src/Makefile.in index ecfcf082..c1cb8f12 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -48,7 +48,9 @@ srcdir = @srcdir@ LIBTOOL = ../libtool CC=@CC@ -CFLAGS=-I$(srcdir) -I. @CFLAGS@ @CPPFLAGS@ +CFLAGS=-I$(srcdir) -I. -I$(srcdir)/util/auxiliary @CFLAGS@ @CPPFLAGS@ $(XTRA_CFLAGS) +WPEDANTICFLAG=@WPEDANTICFLAG@ +WNOERRORFLAG=@WNOERRORFLAG@ LDFLAGS=@LDFLAGS@ @LIBS@ EXTENSION_LIBEVENT_LIB=@EXTENSION_LIBEVENT_LIB@ @@ -63,9 +65,12 @@ EXTENSION_LIBUV_LDFLAGS=@EXTENSION_LIBUV_LDFLAGS@ C99COMPATFLAGS=@C99COMPATFLAGS@ +DEFAULT_EVENTLOOP_OBJ=@DEFAULT_EVENTLOOP@.lo + GETDNS_OBJ=const-info.lo convert.lo dict.lo dnssec.lo general.lo \ list.lo request-internal.lo pubkey-pinning.lo rr-dict.lo \ - rr-iter.lo server.lo stub.lo sync.lo ub_loop.lo util-internal.lo + rr-iter.lo server.lo stub.lo sync.lo ub_loop.lo util-internal.lo \ + mdns.lo GLDNS_OBJ=keyraw.lo gbuffer.lo wire2str.lo parse.lo parseutil.lo rrdef.lo \ str2wire.lo @@ -74,49 +79,49 @@ LIBOBJDIR= LIBOBJS=@LIBOBJS@ COMPAT_OBJ=$(LIBOBJS:.o=.lo) -UTIL_OBJ=rbtree.lo val_secalgo.lo +UTIL_OBJ=rbtree.lo val_secalgo.lo lruhash.lo lookup3.lo locks.lo JSMN_OBJ=jsmn.lo -EXTENSION_OBJ=default_eventloop.lo libevent.lo libev.lo +EXTENSION_OBJ=$(DEFAULT_EVENTLOOP_OBJ) libevent.lo libev.lo NON_C99_OBJS=context.lo libuv.lo .SUFFIXES: .c .o .a .lo .h .c.o: - $(CC) $(CFLAGS) -c $< -o $@ + $(CC) $(CFLAGS) $(WPEDANTICFLAG) -c $< -o $@ .c.lo: - $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $< -o $@ + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(WPEDANTICFLAG) -c $< -o $@ default: all all: libgetdns.la $(EXTENSION_LIBEVENT_LIB) $(EXTENSION_LIBUV_LIB) $(EXTENSION_LIBEV_LIB) $(GETDNS_OBJ): - $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $(srcdir)/$(@:.lo=.c) -o $@ + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(WPEDANTICFLAG) -c $(srcdir)/$(@:.lo=.c) -o $@ $(GLDNS_OBJ): - $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $(srcdir)/gldns/$(@:.lo=.c) -o $@ + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(WPEDANTICFLAG) -c $(srcdir)/gldns/$(@:.lo=.c) -o $@ $(COMPAT_OBJ): $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $(srcdir)/compat/$(@:.lo=.c) -o $@ $(UTIL_OBJ): - $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $(srcdir)/util/$(@:.lo=.c) -o $@ + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(WNOERRORFLAG) -c $(srcdir)/util/$(@:.lo=.c) -o $@ $(JSMN_OBJ): $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -DJSMN_GETDNS -c $(srcdir)/jsmn/$(@:.lo=.c) -o $@ $(EXTENSION_OBJ): - $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $(srcdir)/extension/$(@:.lo=.c) -o $@ + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(WPEDANTICFLAG) -c $(srcdir)/extension/$(@:.lo=.c) -o $@ context.lo: - $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(C99COMPATFLAGS) -c $(srcdir)/context.c -o context.lo + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(WPEDANTICFLAG) $(C99COMPATFLAGS) -c $(srcdir)/context.c -o context.lo libuv.lo: - $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(C99COMPATFLAGS) -c $(srcdir)/extension/libuv.c -o libuv.lo + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(WPEDANTICFLAG) $(C99COMPATFLAGS) -c $(srcdir)/extension/libuv.c -o libuv.lo install: libgetdns.la $(INSTALL) -m 755 -d $(DESTDIR)$(includedir) @@ -139,19 +144,18 @@ uninstall: if test $(have_libev) = 1; then $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$(EXTENSION_LIBEV_LIB) ; fi libgetdns_ext_event.la: libgetdns.la libevent.lo - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ libevent.lo libgetdns.la $(LDFLAGS) $(EXTENSION_LIBEVENT_LDFLAGS) $(EXTENSION_LIBEVENT_EXT_LIBS) -rpath $(libdir) -version-info $(libversion) -no-undefined -export-symbols $(srcdir)/extension/libevent.symbols + $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ libevent.lo libgetdns.la $(LDFLAGS) $(EXTENSION_LIBEVENT_LDFLAGS) $(EXTENSION_LIBEVENT_EXT_LIBS) -rpath $(libdir) -version-info $(libversion) -no-undefined -export-symbols $(srcdir)/extension/libevent.symbols libgetdns_ext_uv.la: libgetdns.la libuv.lo - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ libuv.lo libgetdns.la $(LDFLAGS) $(EXTENSION_LIBUV_LDFLAGS) $(EXTENSION_LIBUV_EXT_LIBS) -rpath $(libdir) -version-info $(libversion) -no-undefined -export-symbols $(srcdir)/extension/libuv.symbols + $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ libuv.lo libgetdns.la $(LDFLAGS) $(EXTENSION_LIBUV_LDFLAGS) $(EXTENSION_LIBUV_EXT_LIBS) -rpath $(libdir) -version-info $(libversion) -no-undefined -export-symbols $(srcdir)/extension/libuv.symbols libgetdns_ext_ev.la: libgetdns.la libev.lo - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ libev.lo libgetdns.la $(LDFLAGS) $(EXTENSION_LIBEV_LDFLAGS) $(EXTENSION_LIBEV_EXT_LIBS) -rpath $(libdir) -version-info $(libversion) -no-undefined -export-symbols $(srcdir)/extension/libev.symbols + $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ libev.lo libgetdns.la $(LDFLAGS) $(EXTENSION_LIBEV_LDFLAGS) $(EXTENSION_LIBEV_EXT_LIBS) -rpath $(libdir) -version-info $(libversion) -no-undefined -export-symbols $(srcdir)/extension/libev.symbols -libgetdns.la: $(GETDNS_OBJ) version.lo context.lo default_eventloop.lo $(GLDNS_OBJ) $(COMPAT_OBJ) $(UTIL_OBJ) $(JSMN_OBJ) - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ $(GETDNS_OBJ) version.lo context.lo default_eventloop.lo $(GLDNS_OBJ) $(COMPAT_OBJ) $(UTIL_OBJ) $(JSMN_OBJ) $(LDFLAGS) -rpath $(libdir) -version-info $(libversion) -no-undefined -export-symbols $(srcdir)/libgetdns.symbols - +libgetdns.la: $(GETDNS_OBJ) version.lo context.lo $(DEFAULT_EVENTLOOP_OBJ) $(GLDNS_OBJ) $(COMPAT_OBJ) $(UTIL_OBJ) $(JSMN_OBJ) + $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ $(GETDNS_OBJ) version.lo context.lo $(DEFAULT_EVENTLOOP_OBJ) $(GLDNS_OBJ) $(COMPAT_OBJ) $(UTIL_OBJ) $(JSMN_OBJ) $(LDFLAGS) -rpath $(libdir) -version-info $(libversion) -no-undefined -export-symbols $(srcdir)/libgetdns.symbols test: all cd test && $(MAKE) $@ @@ -159,6 +163,9 @@ test: all getdns_query: all cd tools && $(MAKE) $@ +stubby: all + cd tools && $(MAKE) $@ + scratchpad: all cd test && $(MAKE) $@ @@ -184,13 +191,14 @@ Makefile: $(srcdir)/Makefile.in ../config.status depend: (cd $(srcdir) ; awk 'BEGIN{P=1}{if(P)print}/^# Dependencies/{P=0}' Makefile.in > Makefile.in.new ) - (blddir=`pwd`; cd $(srcdir) ; gcc -MM -I. -I"$$blddir" *.c gldns/*.c compat/*.c util/*.c jsmn/*.c extension/*.c| \ + (blddir=`pwd`; cd $(srcdir) ; gcc -MM -I. -I"$$blddir" -Iutil/auxiliary *.c gldns/*.c compat/*.c util/*.c jsmn/*.c extension/*.c| \ sed -e "s? $$blddir/? ?g" \ - -e 's?gldns/?$$(srcdir)/gldns/?g' \ - -e 's?compat/?$$(srcdir)/compat/?g' \ - -e 's?util/?$$(srcdir)/util/?g' \ - -e 's?jsmn/?$$(srcdir)/jsmn/?g' \ - -e 's?extension/?$$(srcdir)/extension/?g' \ + -e 's? gldns/? $$(srcdir)/gldns/?g' \ + -e 's? compat/? $$(srcdir)/compat/?g' \ + -e 's? util/auxiliary/util/? $$(srcdir)/util/auxiliary/util/?g' \ + -e 's? util/? $$(srcdir)/util/?g' \ + -e 's? jsmn/? $$(srcdir)/jsmn/?g' \ + -e 's? extension/? $$(srcdir)/extension/?g' \ -e 's? \([a-z_-]*\)\.\([ch]\)? $$(srcdir)/\1.\2?g' \ -e 's? \$$(srcdir)/config\.h? config.h?g' \ -e 's? \$$(srcdir)/getdns/getdns_extra\.h? getdns/getdns_extra.h?g' \ @@ -217,16 +225,22 @@ context.lo context.o: $(srcdir)/context.c \ $(srcdir)/debug.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/context.h \ getdns/getdns.h \ getdns/getdns_extra.h \ - $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \ - $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \ - $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/stub.h $(srcdir)/list.h $(srcdir)/dict.h \ - $(srcdir)/pubkey-pinning.h + $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h \ + $(srcdir)/extension/default_eventloop.h $(srcdir)/extension/poll_eventloop.h \ + $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/server.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \ + $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/stub.h $(srcdir)/list.h \ + $(srcdir)/dict.h $(srcdir)/pubkey-pinning.h convert.lo convert.o: $(srcdir)/convert.c \ config.h \ getdns/getdns.h \ getdns/getdns_extra.h \ $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h \ - $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h \ + $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/extension/default_eventloop.h \ + $(srcdir)/extension/poll_eventloop.h $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h \ + $(srcdir)/util/lruhash.h $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h \ + $(srcdir)/util/orig-headers/locks.h $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/rr-iter.h \ $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/wire2str.h \ $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/parseutil.h $(srcdir)/const-info.h $(srcdir)/dict.h \ $(srcdir)/list.h $(srcdir)/jsmn/jsmn.h $(srcdir)/convert.h @@ -235,62 +249,98 @@ dict.lo dict.o: $(srcdir)/dict.c \ $(srcdir)/types-internal.h \ getdns/getdns.h \ getdns/getdns_extra.h \ - $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h \ - $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \ - $(srcdir)/gldns/pkthdr.h $(srcdir)/dict.h $(srcdir)/list.h $(srcdir)/const-info.h $(srcdir)/gldns/wire2str.h + $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/util-internal.h $(srcdir)/context.h \ + $(srcdir)/extension/default_eventloop.h $(srcdir)/extension/poll_eventloop.h \ + $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \ + $(srcdir)/gldns/pkthdr.h $(srcdir)/dict.h $(srcdir)/list.h $(srcdir)/const-info.h $(srcdir)/gldns/wire2str.h \ + $(srcdir)/gldns/parseutil.h dnssec.lo dnssec.o: $(srcdir)/dnssec.c \ config.h \ $(srcdir)/debug.h \ getdns/getdns.h \ $(srcdir)/context.h \ getdns/getdns_extra.h \ - $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \ - $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \ - $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h \ - $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/keyraw.h $(srcdir)/gldns/parseutil.h $(srcdir)/general.h $(srcdir)/dict.h \ - $(srcdir)/list.h $(srcdir)/util/val_secalgo.h + $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h \ + $(srcdir)/extension/default_eventloop.h $(srcdir)/extension/poll_eventloop.h \ + $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/server.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \ + $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/str2wire.h \ + $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/keyraw.h $(srcdir)/gldns/parseutil.h \ + $(srcdir)/general.h $(srcdir)/dict.h $(srcdir)/list.h $(srcdir)/util/val_secalgo.h \ + $(srcdir)/util/orig-headers/val_secalgo.h general.lo general.o: $(srcdir)/general.c \ config.h \ $(srcdir)/general.h \ getdns/getdns.h \ $(srcdir)/types-internal.h \ getdns/getdns_extra.h \ - $(srcdir)/util/rbtree.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/gldns/wire2str.h $(srcdir)/context.h \ - $(srcdir)/extension/default_eventloop.h $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h \ - $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/stub.h \ - $(srcdir)/dict.h + $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/ub_loop.h $(srcdir)/debug.h \ + $(srcdir)/gldns/wire2str.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h \ + $(srcdir)/extension/poll_eventloop.h $(srcdir)/types-internal.h $(srcdir)/server.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \ + $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/stub.h $(srcdir)/dict.h \ + $(srcdir)/mdns.h list.lo list.o: $(srcdir)/list.c $(srcdir)/types-internal.h \ getdns/getdns.h \ getdns/getdns_extra.h \ - $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h \ + $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/util-internal.h \ config.h \ - $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h \ - $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/list.h $(srcdir)/dict.h + $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h $(srcdir)/extension/poll_eventloop.h \ + $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \ + $(srcdir)/gldns/pkthdr.h $(srcdir)/list.h $(srcdir)/dict.h +mdns.lo mdns.o: $(srcdir)/mdns.c \ + config.h \ + $(srcdir)/debug.h $(srcdir)/context.h \ + getdns/getdns.h \ + getdns/getdns_extra.h \ + $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h \ + $(srcdir)/extension/default_eventloop.h $(srcdir)/extension/poll_eventloop.h \ + $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/server.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/general.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/rrdef.h \ + $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/mdns.h \ + $(srcdir)/util/auxiliary/util/fptr_wlist.h $(srcdir)/util/lookup3.h \ + $(srcdir)/util/orig-headers/lookup3.h pubkey-pinning.lo pubkey-pinning.o: $(srcdir)/pubkey-pinning.c \ config.h \ $(srcdir)/debug.h \ getdns/getdns.h \ $(srcdir)/context.h \ getdns/getdns_extra.h \ - $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \ - $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \ - $(srcdir)/gldns/pkthdr.h + $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h \ + $(srcdir)/extension/default_eventloop.h $(srcdir)/extension/poll_eventloop.h \ + $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/server.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \ + $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h request-internal.lo request-internal.o: $(srcdir)/request-internal.c \ config.h \ $(srcdir)/types-internal.h \ getdns/getdns.h \ getdns/getdns_extra.h \ - $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h \ - $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \ + $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/util-internal.h $(srcdir)/context.h \ + $(srcdir)/extension/default_eventloop.h $(srcdir)/extension/poll_eventloop.h \ + $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \ $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/dict.h \ - $(srcdir)/convert.h + $(srcdir)/convert.h $(srcdir)/general.h rr-dict.lo rr-dict.o: $(srcdir)/rr-dict.c $(srcdir)/rr-dict.h \ config.h \ getdns/getdns.h \ $(srcdir)/gldns/gbuffer.h $(srcdir)/util-internal.h $(srcdir)/context.h \ getdns/getdns_extra.h \ - $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \ - $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dict.h + $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h \ + $(srcdir)/extension/default_eventloop.h $(srcdir)/extension/poll_eventloop.h \ + $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/rr-iter.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dict.h rr-iter.lo rr-iter.o: $(srcdir)/rr-iter.c $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \ config.h \ getdns/getdns.h \ @@ -299,40 +349,52 @@ server.lo server.o: $(srcdir)/server.c \ config.h \ getdns/getdns_extra.h \ getdns/getdns.h \ - $(srcdir)/context.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h \ - $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h + $(srcdir)/context.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h \ + $(srcdir)/extension/default_eventloop.h $(srcdir)/extension/poll_eventloop.h \ + $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h stub.lo stub.o: $(srcdir)/stub.c \ config.h \ $(srcdir)/debug.h $(srcdir)/stub.h \ getdns/getdns.h \ $(srcdir)/types-internal.h \ getdns/getdns_extra.h \ - $(srcdir)/util/rbtree.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/rrdef.h \ - $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \ - $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h $(srcdir)/server.h \ + $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h \ + $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/rr-iter.h \ + $(srcdir)/rr-dict.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h \ + $(srcdir)/extension/poll_eventloop.h $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/server.h \ + $(srcdir)/util/lruhash.h $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h \ + $(srcdir)/util/orig-headers/locks.h $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h \ $(srcdir)/util-internal.h $(srcdir)/general.h $(srcdir)/pubkey-pinning.h sync.lo sync.o: $(srcdir)/sync.c \ getdns/getdns.h \ config.h \ $(srcdir)/context.h \ getdns/getdns_extra.h \ - $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \ - $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/general.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \ - $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/stub.h \ + $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h \ + $(srcdir)/extension/default_eventloop.h $(srcdir)/extension/poll_eventloop.h \ + $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/general.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h \ + $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/stub.h \ $(srcdir)/gldns/wire2str.h ub_loop.lo ub_loop.o: $(srcdir)/ub_loop.c $(srcdir)/ub_loop.h \ config.h \ getdns/getdns.h \ getdns/getdns_extra.h \ - $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/debug.h + $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/debug.h util-internal.lo util-internal.o: $(srcdir)/util-internal.c \ config.h \ getdns/getdns.h \ - $(srcdir)/dict.h $(srcdir)/util/rbtree.h $(srcdir)/types-internal.h \ + $(srcdir)/dict.h $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/types-internal.h \ getdns/getdns_extra.h \ - $(srcdir)/list.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \ - $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h \ - $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h + $(srcdir)/list.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h \ + $(srcdir)/extension/poll_eventloop.h $(srcdir)/types-internal.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h \ + $(srcdir)/util/lruhash.h $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h \ + $(srcdir)/util/orig-headers/locks.h $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/rr-iter.h \ + $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h \ + $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h gbuffer.lo gbuffer.o: $(srcdir)/gldns/gbuffer.c \ config.h \ $(srcdir)/gldns/gbuffer.h @@ -372,6 +434,8 @@ getentropy_osx.lo getentropy_osx.o: $(srcdir)/compat/getentropy_osx.c \ getentropy_solaris.lo getentropy_solaris.o: $(srcdir)/compat/getentropy_solaris.c \ config.h getentropy_win.lo getentropy_win.o: $(srcdir)/compat/getentropy_win.c +gettimeofday.lo gettimeofday.o: $(srcdir)/compat/gettimeofday.c \ + config.h inet_ntop.lo inet_ntop.o: $(srcdir)/compat/inet_ntop.c \ config.h inet_pton.lo inet_pton.o: $(srcdir)/compat/inet_pton.c \ @@ -380,35 +444,59 @@ sha512.lo sha512.o: $(srcdir)/compat/sha512.c \ config.h strlcpy.lo strlcpy.o: $(srcdir)/compat/strlcpy.c \ config.h +locks.lo locks.o: $(srcdir)/util/locks.c \ + config.h \ + $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h +lookup3.lo lookup3.o: $(srcdir)/util/lookup3.c \ + config.h \ + $(srcdir)/util/auxiliary/util/storage/lookup3.h $(srcdir)/util/lookup3.h \ + $(srcdir)/util/orig-headers/lookup3.h +lruhash.lo lruhash.o: $(srcdir)/util/lruhash.c \ + config.h \ + $(srcdir)/util/auxiliary/util/storage/lruhash.h $(srcdir)/util/lruhash.h \ + $(srcdir)/util/orig-headers/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/orig-headers/locks.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/util/auxiliary/util/fptr_wlist.h rbtree.lo rbtree.o: $(srcdir)/util/rbtree.c \ config.h \ - $(srcdir)/util/log.h $(srcdir)/debug.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/rbtree.h + $(srcdir)/util/auxiliary/log.h $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h \ + $(srcdir)/util/auxiliary/fptr_wlist.h $(srcdir)/util/auxiliary/util/fptr_wlist.h \ + $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h val_secalgo.lo val_secalgo.o: $(srcdir)/util/val_secalgo.c \ config.h \ - $(srcdir)/util/val_secalgo.h $(srcdir)/util/log.h $(srcdir)/debug.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/keyraw.h \ - $(srcdir)/gldns/gbuffer.h + $(srcdir)/util/auxiliary/util/data/packed_rrset.h \ + $(srcdir)/util/auxiliary/validator/val_secalgo.h $(srcdir)/util/val_secalgo.h \ + $(srcdir)/util/orig-headers/val_secalgo.h $(srcdir)/util/auxiliary/validator/val_nsec3.h \ + $(srcdir)/util/auxiliary/util/log.h $(srcdir)/debug.h $(srcdir)/util/auxiliary/sldns/rrdef.h \ + $(srcdir)/gldns/rrdef.h $(srcdir)/util/auxiliary/sldns/keyraw.h $(srcdir)/gldns/keyraw.h \ + $(srcdir)/util/auxiliary/sldns/sbuffer.h $(srcdir)/gldns/gbuffer.h jsmn.lo jsmn.o: $(srcdir)/jsmn/jsmn.c $(srcdir)/jsmn/jsmn.h -default_eventloop.lo default_eventloop.o: $(srcdir)/extension/default_eventloop.c \ - $(srcdir)/extension/default_eventloop.h \ - config.h \ - getdns/getdns.h \ - getdns/getdns_extra.h \ - $(srcdir)/debug.h libev.lo libev.o: $(srcdir)/extension/libev.c \ config.h \ $(srcdir)/types-internal.h \ getdns/getdns.h \ getdns/getdns_extra.h \ - $(srcdir)/util/rbtree.h $(srcdir)/getdns/getdns_ext_libev.h + $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/getdns/getdns_ext_libev.h libevent.lo libevent.o: $(srcdir)/extension/libevent.c \ config.h \ $(srcdir)/types-internal.h \ getdns/getdns.h \ getdns/getdns_extra.h \ - $(srcdir)/util/rbtree.h $(srcdir)/getdns/getdns_ext_libevent.h + $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/getdns/getdns_ext_libevent.h libuv.lo libuv.o: $(srcdir)/extension/libuv.c \ config.h \ $(srcdir)/debug.h $(srcdir)/types-internal.h \ getdns/getdns.h \ getdns/getdns_extra.h \ - $(srcdir)/util/rbtree.h $(srcdir)/getdns/getdns_ext_libuv.h + $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/getdns/getdns_ext_libuv.h +poll_eventloop.lo poll_eventloop.o: $(srcdir)/extension/poll_eventloop.c \ + config.h \ + $(srcdir)/extension/poll_eventloop.h \ + getdns/getdns.h \ + getdns/getdns_extra.h \ + $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h $(srcdir)/debug.h +select_eventloop.lo select_eventloop.o: $(srcdir)/extension/select_eventloop.c \ + config.h \ + $(srcdir)/extension/select_eventloop.h \ + getdns/getdns.h \ + getdns/getdns_extra.h \ + $(srcdir)/debug.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/util/orig-headers/rbtree.h diff --git a/src/compat/arc4_lock.c b/src/compat/arc4_lock.c index 44662841..cb9b5056 100644 --- a/src/compat/arc4_lock.c +++ b/src/compat/arc4_lock.c @@ -34,6 +34,79 @@ #include "config.h" #define LOCKRET(func) func +#ifdef HAVE_PTHREAD +#include "pthread.h" + +static pthread_mutex_t arc_lock = PTHREAD_MUTEX_INITIALIZER; + +void _ARC4_LOCK(void) +{ + pthread_mutex_lock(&arc_lock); +} + +void _ARC4_UNLOCK(void) +{ + pthread_mutex_unlock(&arc_lock); +} +#elif defined(GETDNS_ON_WINDOWS) + /* + * There is no explicit arc4random_init call, and thus + * the critical section must be allocated on the first call to + * ARC4_LOCK(). The interlocked test is used to verify that + * the critical section will be allocated only once. + * + * The work around is for the main program to call arc4random() + * at the beginning of execution, before spinning new threads. + * + * There is also no explicit arc4random_close call, and thus + * the critical section is never deleted. It will remain allocated + * as long as the program runs. + */ +static CRITICAL_SECTION arc_critical_section; +static volatile long arc_critical_section_initialized = 0; + +void _ARC4_LOCK(void) +{ + long r = InterlockedCompareExchange(&arc_critical_section_initialized, 1, 0); + + if (r != 2) + { + if (r == 0) + { + InitializeCriticalSection(&arc_critical_section); + arc_critical_section_initialized = 2; + } + else if (r == 1) + { + /* + * If the critical section is initialized, the first test + * will return the value 2. + * + * If several threads try to initialize the arc4random + * state "at the same time", the first one will find + * the "initialized" variable at 0, the other ones at 1. + * + * Since this is a fairly rare event, we resolve it with a + * simple active wait loop. + */ + + while (arc_critical_section_initialized != 2) + { + Sleep(1); + } + } + } + + EnterCriticalSection(&arc_critical_section); +} + +void _ARC4_UNLOCK(void) +{ + LeaveCriticalSection(&arc_critical_section); +} + +#else + /* XXX - add non pthread specific lock routines here */ void _ARC4_LOCK(void) { } @@ -41,4 +114,4 @@ void _ARC4_LOCK(void) void _ARC4_UNLOCK(void) { } - +#endif diff --git a/src/compat/arc4random.c b/src/compat/arc4random.c index 2c78818f..7c9570b9 100644 --- a/src/compat/arc4random.c +++ b/src/compat/arc4random.c @@ -38,6 +38,9 @@ #ifndef GETDNS_ON_WINDOWS #include #endif +#if defined(GETDNS_ON_WINDOWS) && !defined(MAP_INHERIT_ZERO) +#define explicit_bzero(rnd, rnd_size) memset(rnd, 0, rnd_size) +#endif #define KEYSTREAM_ONLY #include "chacha_private.h" @@ -114,6 +117,9 @@ _rs_stir(void) #ifdef SIGKILL raise(SIGKILL); #else +#ifdef GETDNS_ON_WINDOWS + DebugBreak(); +#endif exit(9); /* windows */ #endif } @@ -125,6 +131,9 @@ _rs_stir(void) explicit_bzero(rnd, sizeof(rnd)); /* discard source seed */ /* invalidate rs_buf */ +#ifdef GETDNS_ON_WINDOWS + _Analysis_assume_(rs != NULL); +#endif rs->rs_have = 0; memset(rsx->rs_buf, 0, sizeof(rsx->rs_buf)); @@ -136,7 +145,15 @@ _rs_stir_if_needed(size_t len) { #ifndef MAP_INHERIT_ZERO static pid_t _rs_pid = 0; +#ifdef GETDNS_ON_WINDOWS + /* + * TODO: if compiling for the Windows Runtime, use GetCurrentProcessId(), + * but this requires linking with kernel32.lib + */ + pid_t pid = _getpid(); +#else pid_t pid = getpid(); +#endif /* If a system lacks MAP_INHERIT_ZERO, resort to getpid() */ if (_rs_pid == 0 || _rs_pid != pid) { @@ -147,6 +164,9 @@ _rs_stir_if_needed(size_t len) #endif if (!rs || rs->rs_count <= len) _rs_stir(); +#ifdef GETDNS_ON_WINDOWS + _Analysis_assume_(rs != NULL); +#endif if (rs->rs_count <= len) rs->rs_count = 0; else diff --git a/src/compat/arc4random_uniform.c b/src/compat/arc4random_uniform.c index 154260eb..c03c2c9b 100644 --- a/src/compat/arc4random_uniform.c +++ b/src/compat/arc4random_uniform.c @@ -39,7 +39,7 @@ arc4random_uniform(uint32_t upper_bound) return 0; /* 2**32 % x == (2**32 - x) % x */ - min = -upper_bound % upper_bound; + min = ((uint32_t)(-(int32_t)upper_bound)) % upper_bound; /* * This could theoretically loop forever but each retry has diff --git a/src/compat/gettimeofday.c b/src/compat/gettimeofday.c new file mode 100644 index 00000000..d8fe91bc --- /dev/null +++ b/src/compat/gettimeofday.c @@ -0,0 +1,73 @@ +/* + * Copyright (c) 2016 Christian Huitema + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + + /* + * Numerous places in the code make reference to the Unix/Linux + * "gettimeofday()" function, which is not available in the standard + * windows libraries. This code provides a compatible implementation. + */ +#include "config.h" + +#ifdef GETDNS_ON_WINDOWS +int gettimeofday(struct timeval* tv, struct timezone* tz) +{ + FILETIME ft; + uint64_t now = 0; + + /* + * The GetSystemTimeAsFileTime API returns the number + * of 100-nanosecond intervals since January 1, 1601 (UTC), + * in FILETIME format. + */ + GetSystemTimeAsFileTime(&ft); + + /* + * Convert to plain 64 bit format, without making + * assumptions about the FILETIME structure alignment. + */ + now |= ft.dwHighDateTime; + now <<= 32; + now |= ft.dwLowDateTime; + /* + * Convert units from 100ns to 1us + */ + now /= 10; + /* + * Account for microseconds elapsed between 1601 and 1970. + */ + now -= 11644473600000000ULL; + + if (tv != NULL) + { + uint64_t sec = now / 1000000; + uint64_t usec = now % 1000000; + + tv->tv_sec = (long)sec; + tv->tv_usec = (long)usec; + } + + if (tz != NULL) + { + /* + * TODO: implement a timezone retrieval function. + * Not urgent, since the GetDNS code always set this parameter to NULL. + */ + return -1; + } + + return 0; +} +#endif /* GETDNS_ON_WINDOWS */ \ No newline at end of file diff --git a/src/const-info.c b/src/const-info.c index 0294e281..c78f4816 100644 --- a/src/const-info.c +++ b/src/const-info.c @@ -24,6 +24,7 @@ static struct const_info consts_info[] = { { 310, "GETDNS_RETURN_MEMORY_ERROR", GETDNS_RETURN_MEMORY_ERROR_TEXT }, { 311, "GETDNS_RETURN_INVALID_PARAMETER", GETDNS_RETURN_INVALID_PARAMETER_TEXT }, { 312, "GETDNS_RETURN_NOT_IMPLEMENTED", GETDNS_RETURN_NOT_IMPLEMENTED_TEXT }, + { 398, "GETDNS_RETURN_NO_UPSTREAM_AVAILABLE", GETDNS_RETURN_NO_UPSTREAM_AVAILABLE_TEXT }, { 399, "GETDNS_RETURN_NEED_MORE_SPACE", GETDNS_RETURN_NEED_MORE_SPACE_TEXT }, { 400, "GETDNS_DNSSEC_SECURE", GETDNS_DNSSEC_SECURE_TEXT }, { 401, "GETDNS_DNSSEC_BOGUS", GETDNS_DNSSEC_BOGUS_TEXT }, @@ -72,6 +73,9 @@ static struct const_info consts_info[] = { { 619, "GETDNS_CONTEXT_CODE_EDNS_CLIENT_SUBNET_PRIVATE", GETDNS_CONTEXT_CODE_EDNS_CLIENT_SUBNET_PRIVATE_TEXT }, { 620, "GETDNS_CONTEXT_CODE_TLS_QUERY_PADDING_BLOCKSIZE", GETDNS_CONTEXT_CODE_TLS_QUERY_PADDING_BLOCKSIZE_TEXT }, { 621, "GETDNS_CONTEXT_CODE_PUBKEY_PINSET", GETDNS_CONTEXT_CODE_PUBKEY_PINSET_TEXT }, + { 622, "GETDNS_CONTEXT_CODE_ROUND_ROBIN_UPSTREAMS", GETDNS_CONTEXT_CODE_ROUND_ROBIN_UPSTREAMS_TEXT }, + { 623, "GETDNS_CONTEXT_CODE_TLS_BACKOFF_TIME", GETDNS_CONTEXT_CODE_TLS_BACKOFF_TIME_TEXT }, + { 624, "GETDNS_CONTEXT_CODE_TLS_CONNECTION_RETRIES", GETDNS_CONTEXT_CODE_TLS_CONNECTION_RETRIES_TEXT }, { 700, "GETDNS_CALLBACK_COMPLETE", GETDNS_CALLBACK_COMPLETE_TEXT }, { 701, "GETDNS_CALLBACK_CANCEL", GETDNS_CALLBACK_CANCEL_TEXT }, { 702, "GETDNS_CALLBACK_TIMEOUT", GETDNS_CALLBACK_TIMEOUT_TEXT }, @@ -156,9 +160,12 @@ static struct const_name_info consts_name_info[] = { { "GETDNS_CONTEXT_CODE_NAMESPACES", 600 }, { "GETDNS_CONTEXT_CODE_PUBKEY_PINSET", 621 }, { "GETDNS_CONTEXT_CODE_RESOLUTION_TYPE", 601 }, + { "GETDNS_CONTEXT_CODE_ROUND_ROBIN_UPSTREAMS", 622 }, { "GETDNS_CONTEXT_CODE_SUFFIX", 608 }, { "GETDNS_CONTEXT_CODE_TIMEOUT", 616 }, { "GETDNS_CONTEXT_CODE_TLS_AUTHENTICATION", 618 }, + { "GETDNS_CONTEXT_CODE_TLS_BACKOFF_TIME", 623 }, + { "GETDNS_CONTEXT_CODE_TLS_CONNECTION_RETRIES", 624 }, { "GETDNS_CONTEXT_CODE_TLS_QUERY_PADDING_BLOCKSIZE", 620 }, { "GETDNS_CONTEXT_CODE_UPSTREAM_RECURSIVE_SERVERS", 603 }, { "GETDNS_DNSSEC_BOGUS", 401 }, @@ -188,6 +195,7 @@ static struct const_name_info consts_name_info[] = { { "GETDNS_RCODE_BADTIME", 18 }, { "GETDNS_RCODE_BADTRUNC", 22 }, { "GETDNS_RCODE_BADVERS", 16 }, + { "GETDNS_RCODE_COOKIE", 23 }, { "GETDNS_RCODE_FORMERR", 1 }, { "GETDNS_RCODE_NOERROR", 0 }, { "GETDNS_RCODE_NOTAUTH", 9 }, @@ -222,6 +230,7 @@ static struct const_name_info consts_name_info[] = { { "GETDNS_RETURN_NO_SUCH_DICT_NAME", 305 }, { "GETDNS_RETURN_NO_SUCH_EXTENSION", 307 }, { "GETDNS_RETURN_NO_SUCH_LIST_ITEM", 304 }, + { "GETDNS_RETURN_NO_UPSTREAM_AVAILABLE", 398 }, { "GETDNS_RETURN_UNKNOWN_TRANSACTION", 303 }, { "GETDNS_RETURN_WRONG_TYPE_REQUESTED", 306 }, { "GETDNS_RRCLASS_ANY", 255 }, diff --git a/src/context.c b/src/context.c index 5b9de124..2a8a53a8 100644 --- a/src/context.c +++ b/src/context.c @@ -62,6 +62,11 @@ typedef unsigned short in_port_t; #include #include +#ifdef HAVE_PTHREAD +#include +#endif +#include + #include "config.h" #ifdef HAVE_LIBUNBOUND #include @@ -85,6 +90,21 @@ typedef unsigned short in_port_t; #define GETDNS_STR_PORT_DNS "53" #define GETDNS_STR_PORT_DNS_OVER_TLS "853" +#ifdef HAVE_PTHREAD +static pthread_mutex_t ssl_init_lock = PTHREAD_MUTEX_INITIALIZER; +#endif +static bool ssl_init=false; + +#ifdef HAVE_MDNS_SUPPORT +/* + * Forward declaration of MDNS context init and destroy function. + * We do this here instead of including mdns.h, in order to + * minimize dependencies. + */ +void _getdns_mdns_context_init(struct getdns_context *context); +void _getdns_mdns_context_destroy(struct getdns_context *context); +#endif + void *plain_mem_funcs_user_arg = MF_PLAIN; typedef struct host_name_addrs { @@ -122,8 +142,7 @@ static getdns_return_t create_default_namespaces(struct getdns_context *context) static getdns_return_t create_default_dns_transports(struct getdns_context *context); static int transaction_id_cmp(const void *, const void *); static void dispatch_updated(struct getdns_context *, uint16_t); -static void cancel_dns_req(getdns_dns_req *); -static void cancel_outstanding_requests(struct getdns_context*, int); +static void cancel_outstanding_requests(getdns_context*); /* unbound helpers */ #ifdef HAVE_LIBUNBOUND @@ -134,8 +153,6 @@ static getdns_return_t set_ub_dns_transport(struct getdns_context*); static void set_ub_limit_outstanding_queries(struct getdns_context*, uint16_t); static void set_ub_dnssec_allowed_skew(struct getdns_context*, uint32_t); -static void set_ub_edns_maximum_udp_payload_size(struct getdns_context*, - int); #endif /* Stuff to make it compile pedantically */ @@ -152,7 +169,7 @@ add_WIN_cacerts_to_openssl_store(SSL_CTX* tls_ctx) HCERTSTORE hSystemStore; PCCERT_CONTEXT pTargetCert = NULL; - DEBUG_STUB("%s %-35s: %s\n", STUB_DEBUG_SETUP_TLS, __FUNCTION__, + DEBUG_STUB("%s %-35s: %s\n", STUB_DEBUG_SETUP_TLS, __FUNC__, "Adding Windows certificates to CA store"); /* load just once per context lifetime for this version of getdns @@ -181,7 +198,7 @@ add_WIN_cacerts_to_openssl_store(SSL_CTX* tls_ctx) /* failure if the CA store is empty or the call fails */ if ((pTargetCert = CertEnumCertificatesInStore( hSystemStore, pTargetCert)) == 0) { - DEBUG_STUB("%s %-35s: %s\n", STUB_DEBUG_SETUP_TLS, __FUNCTION__, + DEBUG_STUB("%s %-35s: %s\n", STUB_DEBUG_SETUP_TLS, __FUNC__, "CA certificate store for Windows is empty."); return 0; } @@ -193,7 +210,7 @@ add_WIN_cacerts_to_openssl_store(SSL_CTX* tls_ctx) pTargetCert->cbCertEncoded); if (!cert1) { /* return error if a cert fails */ - DEBUG_STUB("%s %-35s: %s %d:%s\n", STUB_DEBUG_SETUP_TLS, __FUNCTION__, + DEBUG_STUB("%s %-35s: %s %d:%s\n", STUB_DEBUG_SETUP_TLS, __FUNC__, "Unable to parse certificate in memory", ERR_get_error(), ERR_error_string(ERR_get_error(), NULL)); return 0; @@ -201,7 +218,7 @@ add_WIN_cacerts_to_openssl_store(SSL_CTX* tls_ctx) else { /* return error if a cert add to store fails */ if (X509_STORE_add_cert(store, cert1) == 0) { - DEBUG_STUB("%s %-35s: %s %d:%s\n", STUB_DEBUG_SETUP_TLS, __FUNCTION__, + DEBUG_STUB("%s %-35s: %s %d:%s\n", STUB_DEBUG_SETUP_TLS, __FUNC__, "Error adding certificate", ERR_get_error(), ERR_error_string(ERR_get_error(), NULL)); return 0; @@ -224,6 +241,25 @@ add_WIN_cacerts_to_openssl_store(SSL_CTX* tls_ctx) } #endif +#if !defined(STUB_NATIVE_DNSSEC) || (defined(DAEMON_DEBUG) && DAEMON_DEBUG) +static uint8_t* +upstream_addr(getdns_upstream *upstream) +{ + return upstream->addr.ss_family == AF_INET + ? (void *)&((struct sockaddr_in*)&upstream->addr)->sin_addr + : (void *)&((struct sockaddr_in6*)&upstream->addr)->sin6_addr; +} +#endif + + +static in_port_t +upstream_port(getdns_upstream *upstream) +{ + return ntohs(upstream->addr.ss_family == AF_INET + ? ((struct sockaddr_in *)&upstream->addr)->sin_port + : ((struct sockaddr_in6*)&upstream->addr)->sin6_port); +} + static void destroy_local_host(_getdns_rbnode_t * node, void *arg) { getdns_context *context = (getdns_context *)arg; @@ -418,7 +454,7 @@ sockaddr_dict(getdns_context *context, struct sockaddr *sa) break; port = ntohs(((struct sockaddr_in6 *)sa)->sin6_port); - if (port != GETDNS_PORT_DNS && port != GETDNS_PORT_DNS && + if (port != GETDNS_PORT_ZERO && port != GETDNS_PORT_DNS && getdns_dict_set_int(address, "port", (uint32_t)port)) break; @@ -616,6 +652,9 @@ upstreams_create(getdns_context *context, size_t size) r->referenced = 1; r->count = 0; r->current_udp = 0; + r->current_stateful = 0; + r->tls_backoff_time = context->tls_backoff_time; + r->tls_connection_retries = context->tls_connection_retries; return r; } @@ -650,17 +689,26 @@ _getdns_upstreams_dereference(getdns_upstreams *upstreams) while (upstream->finished_dnsreqs) { dnsreq = upstream->finished_dnsreqs; upstream->finished_dnsreqs = dnsreq->finished_next; - (void) _getdns_context_cancel_request(dnsreq->context, - dnsreq->trans_id, 1); + if (!dnsreq->internal_cb) { /* Not part of chain */ + debug_req("Destroy ", *dnsreq->netreqs); + _getdns_context_cancel_request(dnsreq); + } } + if (upstream->tls_session != NULL) + SSL_SESSION_free(upstream->tls_session); + if (upstream->tls_obj != NULL) { - if (upstream->tls_session != NULL) - SSL_SESSION_free(upstream->tls_session); SSL_shutdown(upstream->tls_obj); SSL_free(upstream->tls_obj); } if (upstream->fd != -1) + { +#ifdef USE_WINSOCK + closesocket(upstream->fd); +#else close(upstream->fd); +#endif + } while (pin) { sha256_pin_t *nextpin = pin->next; GETDNS_FREE(upstreams->mf, pin); @@ -679,38 +727,62 @@ _getdns_upstream_shutdown(getdns_upstream *upstream) /* Update total stats for the upstream.*/ upstream->total_responses+=upstream->responses_received; upstream->total_timeouts+=upstream->responses_timeouts; - /* Pick up the auth state if it is of interest*/ - if (upstream->tls_auth_state != GETDNS_AUTH_NONE) - upstream->past_tls_auth_state = upstream->tls_auth_state; - - DEBUG_STUB("%s %-35s: FD: %d Upstream Stats: Resp=%d,Timeouts=%d,Conns=%d,Conn_fails=%d,Conn_shutdowns=%d,Auth=%d\n", - STUB_DEBUG_CLEANUP, __FUNCTION__, upstream->fd, - (int)upstream->total_responses, (int)upstream->total_timeouts, - (int)upstream->conn_completed, (int)upstream->conn_setup_failed, - (int)upstream->conn_shutdowns, upstream->past_tls_auth_state); + /* Need the last auth state when using session resumption*/ + upstream->last_tls_auth_state = upstream->tls_auth_state; + /* Keep track of the best auth state this upstream has had*/ + if (upstream->tls_auth_state > upstream->best_tls_auth_state) + upstream->best_tls_auth_state = upstream->tls_auth_state; +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + DEBUG_DAEMON("%s %-40s : Conn closed : Transport=%s - Resp=%d,Timeouts=%d,Auth=%s,Keepalive(ms)=%d\n", + STUB_DEBUG_DAEMON, upstream->addr_str, + (upstream->transport == GETDNS_TRANSPORT_TLS ? "TLS" : "TCP"), + (int)upstream->responses_received, (int)upstream->responses_timeouts, + _getdns_auth_str(upstream->tls_auth_state), (int)upstream->keepalive_timeout); + DEBUG_DAEMON("%s %-40s : Upstream stats: Transport=%s - Resp=%d,Timeouts=%d,Best_auth=%s\n", + STUB_DEBUG_DAEMON, upstream->addr_str, + (upstream->transport == GETDNS_TRANSPORT_TLS ? "TLS" : "TCP"), + (int)upstream->total_responses, (int)upstream->total_timeouts, + _getdns_auth_str(upstream->best_tls_auth_state)); + DEBUG_DAEMON("%s %-40s : Upstream stats: Transport=%s - Conns=%d,Conn_fails=%d,Conn_shutdowns=%d,Backoffs=%d\n", + STUB_DEBUG_DAEMON, upstream->addr_str, + (upstream->transport == GETDNS_TRANSPORT_TLS ? "TLS" : "TCP"), + (int)upstream->conn_completed, (int)upstream->conn_setup_failed, + (int)upstream->conn_shutdowns, (int)upstream->conn_backoffs); +#endif /* Back off connections that never got up service at all (probably no TCP service or incompatible TLS version/cipher). Leave choice between working upstreams to the stub. This back-off should be time based for TLS according to RFC7858. For now, use the same basis if we simply can't get TCP service either.*/ - + uint16_t conn_retries = upstream->upstreams->tls_connection_retries; /* [TLS1]TODO: This arbitrary logic at the moment - review and improve!*/ - if (upstream->conn_setup_failed >= GETDNS_CONN_ATTEMPTS || - (upstream->conn_shutdowns >= GETDNS_CONN_ATTEMPTS*GETDNS_TRANSPORT_FAIL_MULT - && upstream->total_responses == 0) || - (upstream->conn_completed >= GETDNS_CONN_ATTEMPTS && + if (upstream->conn_setup_failed >= conn_retries + || ((int)upstream->conn_shutdowns >= conn_retries*GETDNS_TRANSPORT_FAIL_MULT + && upstream->total_responses == 0) + || (upstream->conn_completed >= conn_retries && upstream->total_responses == 0 && upstream->total_timeouts > GETDNS_TRANSPORT_FAIL_MULT)) { - DEBUG_STUB("%s %-35s: FD: %d BACKING OFF THIS UPSTREAM! \n", - STUB_DEBUG_CLEANUP, __FUNCTION__, upstream->fd); upstream->conn_state = GETDNS_CONN_BACKOFF; - } + upstream->conn_retry_time = time(NULL) + upstream->upstreams->tls_backoff_time; + upstream->total_responses = 0; + upstream->total_timeouts = 0; + upstream->conn_completed = 0; + upstream->conn_setup_failed = 0; + upstream->conn_shutdowns = 0; + upstream->conn_backoffs++; +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + DEBUG_DAEMON("%s %-40s : !Backing off this upstream - Will retry as new upstream at %s", + STUB_DEBUG_DAEMON, upstream->addr_str, + asctime(gmtime(&upstream->conn_retry_time))); +#endif + } // Reset per connection counters upstream->queries_sent = 0; upstream->responses_received = 0; upstream->responses_timeouts = 0; upstream->keepalive_timeout = 0; + upstream->keepalive_shutdown = 0; /* Now TLS stuff*/ upstream->tls_auth_state = GETDNS_AUTH_NONE; @@ -720,7 +792,11 @@ _getdns_upstream_shutdown(getdns_upstream *upstream) upstream->tls_obj = NULL; } if (upstream->fd != -1) { +#ifdef USE_WINSOCK + closesocket(upstream->fd); +#else close(upstream->fd); +#endif upstream->fd = -1; } /* Set connection ready for use again*/ @@ -729,8 +805,11 @@ _getdns_upstream_shutdown(getdns_upstream *upstream) } static int -tls_is_in_transports_list(getdns_context *context) { - for (int i=0; i< context->dns_transport_count;i++) { +tls_is_in_transports_list(getdns_context *context) +{ + size_t i; + + for (i = 0; i< context->dns_transport_count;i++) { if (context->dns_transports[i] == GETDNS_TRANSPORT_TLS) return 1; } @@ -750,9 +829,22 @@ tls_only_is_in_transports_list(getdns_context *context) { static int net_req_query_id_cmp(const void *id1, const void *id2) { - return (intptr_t)id1 - (intptr_t)id2; + /* + * old code was: + * return (intptr_t)id1 - (intptr_t)id2; + *but this is incorrect on 64 bit architectures. + */ + int ret = 0; + + if (id1 != id2) + { + ret = ((intptr_t)id1 < (intptr_t)id2) ? -1 : 1; + } + + return ret; } + static getdns_tsig_info const tsig_info[] = { { GETDNS_NO_TSIG, NULL, 0, NULL, 0, 0, 0 } , { GETDNS_HMAC_MD5 , "hmac-md5.sig-alg.reg.int", 24 @@ -779,7 +871,7 @@ static getdns_tsig_info const * const last_tsig_info = const getdns_tsig_info *_getdns_get_tsig_info(getdns_tsig_algo tsig_alg) { - return tsig_alg > n_tsig_infos - 1 + return ((unsigned) tsig_alg > n_tsig_infos - 1) || tsig_info[tsig_alg].alg == GETDNS_NO_TSIG ? NULL : &tsig_info[tsig_alg]; } @@ -828,17 +920,30 @@ upstream_init(getdns_upstream *upstream, upstream->addr_len = ai->ai_addrlen; (void) memcpy(&upstream->addr, ai->ai_addr, ai->ai_addrlen); +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + inet_ntop(upstream->addr.ss_family, upstream_addr(upstream), + upstream->addr_str, INET6_ADDRSTRLEN); +#endif - /* How is this upstream doing? */ - upstream->conn_setup_failed = 0; + /* How is this upstream doing on connections? */ + upstream->conn_completed = 0; upstream->conn_shutdowns = 0; + upstream->conn_setup_failed = 0; + upstream->conn_retry_time = 0; + upstream->conn_backoffs = 0; + upstream->total_responses = 0; + upstream->total_timeouts = 0; upstream->conn_state = GETDNS_CONN_CLOSED; upstream->queries_sent = 0; upstream->responses_received = 0; upstream->responses_timeouts = 0; + upstream->keepalive_shutdown = 0; upstream->keepalive_timeout = 0; - upstream->to_retry = 2; + /* How is this upstream doing on UDP? */ + upstream->to_retry = 1; upstream->back_off = 1; + upstream->udp_responses = 0; + upstream->udp_timeouts = 0; /* For sharing a socket to this upstream with TCP */ upstream->fd = -1; @@ -848,6 +953,8 @@ upstream_init(getdns_upstream *upstream, upstream->tls_hs_state = GETDNS_HS_NONE; upstream->tls_auth_name[0] = '\0'; upstream->tls_auth_state = GETDNS_AUTH_NONE; + upstream->last_tls_auth_state = GETDNS_AUTH_NONE; + upstream->best_tls_auth_state = GETDNS_AUTH_NONE; upstream->tls_pubkey_pinset = NULL; upstream->loop = NULL; (void) getdns_eventloop_event_init( @@ -950,6 +1057,7 @@ set_os_defaults_windows(struct getdns_context *context) getdns_upstream *upstream; size_t length; int s; + uint32_t info_err = 0; if (context->fchg_resolvconf == NULL) { context->fchg_resolvconf = @@ -982,15 +1090,16 @@ set_os_defaults_windows(struct getdns_context *context) if (info == NULL) return GETDNS_RETURN_GENERIC_ERROR; - if (GetNetworkParams(info, &buflen) == ERROR_BUFFER_OVERFLOW) { + if ((info_err = GetNetworkParams(info, &buflen)) == ERROR_BUFFER_OVERFLOW) { free(info); info = (FIXED_INFO *)malloc(buflen); if (info == NULL) return GETDNS_RETURN_GENERIC_ERROR; + info_err = GetNetworkParams(info, &buflen); } - if (GetNetworkParams(info, &buflen) == NO_ERROR) { - ptr = info->DnsServerList.Next; + if (info_err == NO_ERROR) { + ptr = &info->DnsServerList; *domain = 0; while (ptr) { for (size_t i = 0; i < GETDNS_UPSTREAM_TRANSPORTS; i++) { @@ -1007,11 +1116,12 @@ set_os_defaults_windows(struct getdns_context *context) freeaddrinfo(result); } ptr = ptr->Next; - } - free(info); } + if (info != NULL) + free(info); + suffix = getdns_list_create_with_context(context); if (get_dns_suffix_windows(suffix, domain)) { @@ -1182,6 +1292,26 @@ NULL_update_callback( getdns_context *context, getdns_context_code_t code, void *userarg) { (void)context; (void)code; (void)userarg; } +static int +netreq_expiry_cmp(const void *id1, const void *id2) +{ + getdns_network_req *req1 = (getdns_network_req *)id1; + getdns_network_req *req2 = (getdns_network_req *)id2; + + return req1->owner->expires < req2->owner->expires ? -1 : + req1->owner->expires > req2->owner->expires ? 1 : + req1 < req2 ? -1 : + req1 > req2 ? 1 : 0; +} + +void _getdns_check_expired_pending_netreqs( + getdns_context *context, uint64_t *now_ms); +static void _getdns_check_expired_pending_netreqs_cb(void *arg) +{ + uint64_t now_ms = 0; + _getdns_check_expired_pending_netreqs((getdns_context *)arg, &now_ms); +} + /* * getdns_context_create * @@ -1245,6 +1375,15 @@ getdns_context_create_with_extended_memory_functions( _getdns_rbtree_init(&result->outbound_requests, transaction_id_cmp); _getdns_rbtree_init(&result->local_hosts, local_host_cmp); + _getdns_rbtree_init(&result->pending_netreqs, netreq_expiry_cmp); + result->first_pending_netreq = NULL; + result->netreqs_in_flight = 0; + result->pending_timeout_event.userarg = result; + result->pending_timeout_event.read_cb = NULL; + result->pending_timeout_event.write_cb = NULL; + result->pending_timeout_event.timeout_cb = + _getdns_check_expired_pending_netreqs_cb; + result->pending_timeout_event.ev = NULL; result->server = NULL; @@ -1267,7 +1406,7 @@ getdns_context_create_with_extended_memory_functions( result->suffixes = no_suffixes; result->suffixes_len = sizeof(no_suffixes); - gldns_buffer_init_frm_data(&gbuf, result->trust_anchors_spc + gldns_buffer_init_vfixed_frm_data(&gbuf, result->trust_anchors_spc , sizeof(result->trust_anchors_spc)); if (!_getdns_parse_ta_file(NULL, &gbuf)) { @@ -1297,12 +1436,12 @@ getdns_context_create_with_extended_memory_functions( result->edns_version = 0; result->edns_do_bit = 0; result->edns_client_subnet_private = 0; - result->tls_query_padding_blocksize = 1; /* default is to not try to pad */ + result->tls_query_padding_blocksize = 1; /* default is to pad queries sensibly */ result->tls_ctx = NULL; result->extension = &result->default_eventloop.loop; - _getdns_default_eventloop_init(&result->default_eventloop); - _getdns_default_eventloop_init(&result->sync_eventloop); + _getdns_default_eventloop_init(&result->mf, &result->default_eventloop); + _getdns_default_eventloop_init(&result->mf, &result->sync_eventloop); /* request extension defaults */ @@ -1348,14 +1487,30 @@ getdns_context_create_with_extended_memory_functions( goto error; result->tls_auth = GETDNS_AUTHENTICATION_NONE; result->tls_auth_min = GETDNS_AUTHENTICATION_NONE; + result->round_robin_upstreams = 0; + result->tls_backoff_time = 3600; + result->tls_connection_retries = 2; result->limit_outstanding_queries = 0; /* unbound context is initialized here */ /* Unbound needs SSL to be init'ed this early when TLS is used. However we * don't know that till later so we will have to do this every time. */ - if ((set_from_os & 2) == 0) +#ifdef HAVE_PTHREAD + pthread_mutex_lock(&ssl_init_lock); +#else + /* XXX implement Windows-style lock here */ +#endif + /* Only initialise SSL once and ideally in a thread-safe manner */ + if (ssl_init == false) { SSL_library_init(); + ssl_init = true; + } +#ifdef HAVE_PTHREAD + pthread_mutex_unlock(&ssl_init_lock); +#else + /* XXX implement Windows-style unlock here */ +#endif #ifdef HAVE_LIBUNBOUND result->unbound_ctx = NULL; @@ -1363,8 +1518,14 @@ getdns_context_create_with_extended_memory_functions( goto error; #endif + +#ifdef HAVE_MDNS_SUPPORT + _getdns_mdns_context_init(result); +#endif + create_local_hosts(result); + *context = result; return GETDNS_RETURN_GOOD; error: @@ -1426,10 +1587,10 @@ getdns_context_destroy(struct getdns_context *context) context->destroying = 1; /* cancel all outstanding requests */ - cancel_outstanding_requests(context, 1); + cancel_outstanding_requests(context); /* Destroy listening addresses */ - (void) getdns_context_set_listen_addresses(context, NULL, NULL); + (void) getdns_context_set_listen_addresses(context, NULL, NULL, NULL); /* This needs to be done before cleaning the extension, because there * might be an idle_timeout schedules, which will not get unscheduled @@ -1444,6 +1605,13 @@ getdns_context_destroy(struct getdns_context *context) ub_ctx_delete(context->unbound_ctx); #endif +#ifdef HAVE_MDNS_SUPPORT + /* + * Release all ressource allocated for MDNS. + */ + _getdns_mdns_context_destroy(context); +#endif + if (context->namespaces) GETDNS_FREE(context->my_mf, context->namespaces); @@ -1561,7 +1729,7 @@ getdns_context_request_count_changed(getdns_context *context) if (context->outbound_requests.count && ! context->ub_event.ev){ DEBUG_SCHED("gc_request_count_changed " "-> ub schedule(el_ev = %p, el_ev->ev = %p)\n", - &context->ub_event, context->ub_event.ev); + (void *)&context->ub_event, (void *)context->ub_event.ev); #ifndef USE_WINSOCK #ifdef HAVE_UNBOUND_EVENT_API if (!_getdns_ub_loop_enabled(&context->ub_loop)) @@ -1575,7 +1743,7 @@ getdns_context_request_count_changed(getdns_context *context) context->ub_event.ev) { DEBUG_SCHED("gc_request_count_changed " "-> ub clear(el_ev = %p, el_ev->ev = %p)\n", - &context->ub_event, context->ub_event.ev); + (void *)&context->ub_event, (void *)context->ub_event.ev); #ifndef USE_WINSOCK #ifdef HAVE_UNBOUND_EVENT_API @@ -1610,7 +1778,7 @@ static getdns_return_t rebuild_ub_ctx(struct getdns_context* context) { if (context->unbound_ctx != NULL) { /* cancel all requests and delete */ - cancel_outstanding_requests(context, 1); + cancel_outstanding_requests(context); ub_ctx_delete(context->unbound_ctx); context->unbound_ctx = NULL; } @@ -1635,9 +1803,9 @@ rebuild_ub_ctx(struct getdns_context* context) { "target-fetch-policy:", "0 0 0 0 0"); #endif set_ub_dnssec_allowed_skew(context, - context->dnssec_allowed_skew); - set_ub_edns_maximum_udp_payload_size(context, - context->edns_maximum_udp_payload_size); + context->dnssec_allowed_skew); + set_ub_number_opt(context, "edns-buffer-size:", + context->edns_maximum_udp_payload_size); set_ub_dns_transport(context); context->ub_event.userarg = context; @@ -1718,12 +1886,17 @@ getdns_context_set_namespaces(getdns_context *context, for (i = 0; i < namespace_count; i++) { if (namespaces[i] == GETDNS_NAMESPACE_NETBIOS || - namespaces[i] == GETDNS_NAMESPACE_MDNS || +#ifndef HAVE_MDNS_SUPPORT + namespaces[i] == GETDNS_NAMESPACE_MDNS || +#endif namespaces[i] == GETDNS_NAMESPACE_NIS) r = GETDNS_RETURN_NOT_IMPLEMENTED; else if (namespaces[i] != GETDNS_NAMESPACE_DNS && - namespaces[i] != GETDNS_NAMESPACE_LOCALNAMES) +#ifdef HAVE_MDNS_SUPPORT + namespaces[i] != GETDNS_NAMESPACE_MDNS && +#endif + namespaces[i] != GETDNS_NAMESPACE_LOCALNAMES ) return GETDNS_RETURN_CONTEXT_UPDATE_FAIL; } GETDNS_FREE(context->my_mf, context->namespaces); @@ -1933,11 +2106,69 @@ getdns_context_set_tls_authentication(getdns_context *context, return GETDNS_RETURN_GOOD; } /* getdns_context_set_tls_authentication_list */ +/* + * getdns_context_set_round_robin_upstreams + * + */ +getdns_return_t +getdns_context_set_round_robin_upstreams(getdns_context *context, uint8_t value) +{ + RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); + /* only allow 0 or 1 */ + if (value != 0 && value != 1) { + return GETDNS_RETURN_CONTEXT_UPDATE_FAIL; + } + + context->round_robin_upstreams = value; + + dispatch_updated(context, GETDNS_CONTEXT_CODE_ROUND_ROBIN_UPSTREAMS); + + return GETDNS_RETURN_GOOD; +} /* getdns_context_set_round_robin_upstreams */ + +/* + * getdns_context_set_tls_backoff_time + * + */ +getdns_return_t +getdns_context_set_tls_backoff_time(getdns_context *context, uint16_t value) +{ + RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); + /* Value is in seconds. Should we have a lower limit? 1 second?*/ + context->tls_backoff_time = value; + + dispatch_updated(context, GETDNS_CONTEXT_CODE_TLS_BACKOFF_TIME); + + return GETDNS_RETURN_GOOD; +} /* getdns_context_set_tls_backoff_time */ + +/* + * getdns_context_set_tls_connection_retries + * + */ +getdns_return_t +getdns_context_set_tls_connection_retries(getdns_context *context, uint16_t value) +{ + RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); + /* Should we put a sensible upper limit on this? 10?*/ + // if (value > 10) { + // return GETDNS_RETURN_CONTEXT_UPDATE_FAIL; + // } + + context->tls_connection_retries = value; + + dispatch_updated(context, GETDNS_CONTEXT_CODE_TLS_CONNECTION_RETRIES); + + return GETDNS_RETURN_GOOD; +} /* getdns_context_set_tls_connection retries */ + +#ifdef HAVE_LIBUNBOUND static void -set_ub_limit_outstanding_queries(struct getdns_context* context, uint16_t value) { +set_ub_limit_outstanding_queries(getdns_context* context, uint16_t value) { /* num-queries-per-thread */ set_ub_number_opt(context, "num-queries-per-thread:", value); } +#endif /* * getdns_context_set_limit_outstanding_queries * @@ -1947,7 +2178,9 @@ getdns_context_set_limit_outstanding_queries(struct getdns_context *context, uint16_t limit) { RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); +#ifdef HAVE_LIBUNBOUND set_ub_limit_outstanding_queries(context, limit); +#endif if (limit != context->limit_outstanding_queries) { context->limit_outstanding_queries = limit; dispatch_updated(context, @@ -1982,18 +2215,38 @@ getdns_context_set_timeout(struct getdns_context *context, uint64_t timeout) * */ getdns_return_t -getdns_context_set_idle_timeout(struct getdns_context *context, uint64_t timeout) +getdns_context_set_idle_timeout(getdns_context *context, uint64_t timeout) { - RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); + size_t i; - /* Shuold we enforce maximum based on edns-tcp-keepalive spec? */ - /* 0 should be allowed as that is the default.*/ + if (!context) + return GETDNS_RETURN_INVALID_PARAMETER; - context->idle_timeout = timeout; + /* Shuold we enforce maximum based on edns-tcp-keepalive spec? */ + /* 0 should be allowed as that is the default.*/ - dispatch_updated(context, GETDNS_CONTEXT_CODE_IDLE_TIMEOUT); + context->idle_timeout = timeout; - return GETDNS_RETURN_GOOD; + dispatch_updated(context, GETDNS_CONTEXT_CODE_IDLE_TIMEOUT); + + if (timeout) + return GETDNS_RETURN_GOOD; + + /* If timeout == 0, call scheduled idle timeout events */ + for (i = 0; i < context->upstreams->count; i++) { + getdns_upstream *upstream = + &context->upstreams->upstreams[i]; + + if (!upstream->event.ev || + !upstream->event.timeout_cb || + upstream->event.read_cb || + upstream->event.write_cb) + continue; + + GETDNS_CLEAR_EVENT(upstream->loop, &upstream->event); + upstream->event.timeout_cb(upstream->event.userarg); + } + return GETDNS_RETURN_GOOD; } /* getdns_context_set_timeout */ @@ -2229,7 +2482,7 @@ getdns_context_set_suffix(getdns_context *context, getdns_list *value) context->suffixes_len = sizeof(no_suffixes); return GETDNS_RETURN_GOOD; } - gldns_buffer_init_frm_data(&gbuf, buf_spc, sizeof(buf_spc)); + gldns_buffer_init_vfixed_frm_data(&gbuf, buf_spc, sizeof(buf_spc)); for (;;) { for ( i = 0 ; !(r = getdns_list_get_bindata(value, i, &bindata)) @@ -2251,7 +2504,7 @@ getdns_context_set_suffix(getdns_context *context, getdns_list *value) if (gldns_str2wire_dname_buf(name, dname, &dname_len)) return GETDNS_RETURN_GENERIC_ERROR; - gldns_buffer_write_u8(&gbuf, dname_len); + gldns_buffer_write_u8(&gbuf, (uint8_t) dname_len); gldns_buffer_write(&gbuf, dname, dname_len); } if (r == GETDNS_RETURN_NO_SUCH_LIST_ITEM) @@ -2319,11 +2572,13 @@ getdns_context_set_dnssec_trust_anchors( return GETDNS_RETURN_GOOD; } /* getdns_context_set_dnssec_trust_anchors */ +#ifdef HAVE_LIBUNBOUND static void set_ub_dnssec_allowed_skew(struct getdns_context* context, uint32_t value) { set_ub_number_opt(context, "val-sig-skew-min:", value); set_ub_number_opt(context, "val-sig-skew-max:", value); } +#endif /* * getdns_context_set_dnssec_allowed_skew * @@ -2333,7 +2588,9 @@ getdns_context_set_dnssec_allowed_skew(struct getdns_context *context, uint32_t value) { RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); +#ifdef HAVE_LIBUNBOUND set_ub_dnssec_allowed_skew(context, value); +#endif if (value != context->dnssec_allowed_skew) { context->dnssec_allowed_skew = value; dispatch_updated(context, GETDNS_CONTEXT_CODE_DNSSEC_ALLOWED_SKEW); @@ -2544,12 +2801,21 @@ getdns_context_set_upstream_recursive_servers(struct getdns_context *context, if (getdns_upstream_transports[j] == GETDNS_TRANSPORT_TLS) { getdns_list *pubkey_pinset = NULL; if (dict && (r = getdns_dict_get_bindata( - dict, "tls_auth_name", &tls_auth_name)) == GETDNS_RETURN_GOOD) { - /*TODO: VALIDATE THIS STRING!*/ + dict, "tls_auth_name", &tls_auth_name)) == GETDNS_RETURN_GOOD) { + + if (tls_auth_name->size >= sizeof(upstream->tls_auth_name)) { + /* tls_auth_name's are just + * domain names and should + * thus not be larger than 256 + * bytes. + */ + goto invalid_parameter; + } memcpy(upstream->tls_auth_name, (char *)tls_auth_name->data, tls_auth_name->size); - upstream->tls_auth_name[tls_auth_name->size] = '\0'; + upstream->tls_auth_name + [tls_auth_name->size] = '\0'; } if (dict && (r = getdns_dict_get_list(dict, "tls_pubkey_pinset", &pubkey_pinset)) == GETDNS_RETURN_GOOD) { @@ -2601,13 +2867,26 @@ error: } /* getdns_context_set_upstream_recursive_servers */ -static void -set_ub_edns_maximum_udp_payload_size(struct getdns_context* context, - int value) { - /* edns-buffer-size */ - if (value >= 512 && value <= 65535) - set_ub_number_opt(context, "edns-buffer-size:", (uint16_t)value); -} +/* + * getdns_context_unset_edns_maximum_udp_payload_size + * + */ +getdns_return_t +getdns_context_unset_edns_maximum_udp_payload_size(getdns_context *context) +{ + if (!context) + return GETDNS_RETURN_INVALID_PARAMETER; + +#ifdef HAVE_LIBUNBOUND + set_ub_number_opt(context, "edns-buffer-size:", 4096); +#endif + if (context->edns_maximum_udp_payload_size != -1) { + context->edns_maximum_udp_payload_size = -1; + dispatch_updated(context, + GETDNS_CONTEXT_CODE_EDNS_MAXIMUM_UDP_PAYLOAD_SIZE); + } + return GETDNS_RETURN_GOOD; +} /* getdns_context_set_edns_maximum_udp_payload_size */ /* * getdns_context_set_edns_maximum_udp_payload_size @@ -2620,11 +2899,9 @@ getdns_context_set_edns_maximum_udp_payload_size(struct getdns_context *context, if (!context) return GETDNS_RETURN_INVALID_PARAMETER; - /* check for < 512. uint16_t won't let it go above max) */ - if (value < 512) - value = 512; - - set_ub_edns_maximum_udp_payload_size(context, value); +#ifdef HAVE_LIBUNBOUND + set_ub_number_opt(context, "edns-buffer-size:", value); +#endif if (value != context->edns_maximum_udp_payload_size) { context->edns_maximum_udp_payload_size = value; dispatch_updated(context, @@ -2770,28 +3047,68 @@ getdns_context_set_memory_functions(struct getdns_context *context, context, MF_PLAIN, mf.ext.malloc, mf.ext.realloc, mf.ext.free); } /* getdns_context_set_memory_functions*/ -/* cancel the request */ -static void -cancel_dns_req(getdns_dns_req *req) +void +_getdns_context_track_outbound_request(getdns_dns_req *dnsreq) +{ + /* Called only by getdns_general_ns() after successful allocation */ + assert(dnsreq); + + dnsreq->node.key = &(dnsreq->trans_id); + if (_getdns_rbtree_insert( + &dnsreq->context->outbound_requests, &dnsreq->node)) + getdns_context_request_count_changed(dnsreq->context); +} + +void +_getdns_context_clear_outbound_request(getdns_dns_req *dnsreq) +{ + if (!dnsreq) return; + + if (dnsreq->loop && dnsreq->loop->vmt && dnsreq->timeout.timeout_cb) { + dnsreq->loop->vmt->clear(dnsreq->loop, &dnsreq->timeout); + dnsreq->timeout.timeout_cb = NULL; + } + /* delete the node from the tree */ + if (_getdns_rbtree_delete( + &dnsreq->context->outbound_requests, &dnsreq->trans_id)) + getdns_context_request_count_changed(dnsreq->context); + + if (dnsreq->chain) + _getdns_cancel_validation_chain(dnsreq); +} + +void +_getdns_context_cancel_request(getdns_dns_req *dnsreq) { getdns_network_req *netreq, **netreq_p; - for (netreq_p = req->netreqs; (netreq = *netreq_p); netreq_p++) + DEBUG_SCHED("%s(%p)\n", __FUNC__, (void *)dnsreq); + if (!dnsreq) return; + + _getdns_context_clear_outbound_request(dnsreq); + + /* cancel network requests */ + for (netreq_p = dnsreq->netreqs; (netreq = *netreq_p); netreq_p++) #ifdef HAVE_LIBUNBOUND if (netreq->unbound_id != -1) { - ub_cancel(req->context->unbound_ctx, + ub_cancel(dnsreq->context->unbound_ctx, netreq->unbound_id); netreq->unbound_id = -1; } else #endif _getdns_cancel_stub_request(netreq); - req->canceled = 1; + /* clean up */ + _getdns_dns_req_free(dnsreq); } +/* + * getdns_cancel_callback + * + */ getdns_return_t -_getdns_context_cancel_request(getdns_context *context, - getdns_transaction_t transaction_id, int fire_callback) +getdns_cancel_callback(getdns_context *context, + getdns_transaction_t transaction_id) { getdns_dns_req *dnsreq; @@ -2803,54 +3120,73 @@ _getdns_context_cancel_request(getdns_context *context, &context->outbound_requests, &transaction_id))) return GETDNS_RETURN_UNKNOWN_TRANSACTION; - /* do the cancel */ - cancel_dns_req(dnsreq); - - if (fire_callback) { - context->processing = 1; - dnsreq->user_callback(context, GETDNS_CALLBACK_CANCEL, - NULL, dnsreq->user_pointer, transaction_id); - context->processing = 0; - } - - /* clean up */ - _getdns_dns_req_free(dnsreq); - return GETDNS_RETURN_GOOD; -} - -/* - * getdns_cancel_callback - * - */ -getdns_return_t -getdns_cancel_callback(getdns_context *context, - getdns_transaction_t transaction_id) -{ - if (!context) - return GETDNS_RETURN_INVALID_PARAMETER; - - getdns_return_t r = _getdns_context_cancel_request(context, transaction_id, 1); getdns_context_request_count_changed(context); - return r; + + debug_req("CB Cancel ", *dnsreq->netreqs); + if (dnsreq->user_callback) { + dnsreq->context->processing = 1; + dnsreq->user_callback(dnsreq->context, GETDNS_CALLBACK_CANCEL, + NULL, dnsreq->user_pointer, dnsreq->trans_id); + dnsreq->context->processing = 0; + } + if (!dnsreq->internal_cb) { /* Not part of chain */ + debug_req("Destroy ", *dnsreq->netreqs); + _getdns_context_cancel_request(dnsreq); + } + return GETDNS_RETURN_GOOD; } /* getdns_cancel_callback */ -#ifndef STUB_NATIVE_DNSSEC -static uint8_t* -upstream_addr(getdns_upstream *upstream) +void +_getdns_context_request_timed_out(getdns_dns_req *dnsreq) { - return upstream->addr.ss_family == AF_INET - ? (void *)&((struct sockaddr_in*)&upstream->addr)->sin_addr - : (void *)&((struct sockaddr_in6*)&upstream->addr)->sin6_addr; + DEBUG_SCHED("%s(%p)\n", __FUNC__, (void *)dnsreq); + + debug_req("CB Timeout ", *dnsreq->netreqs); + if (dnsreq->user_callback) { + dnsreq->context->processing = 1; + dnsreq->user_callback(dnsreq->context, GETDNS_CALLBACK_TIMEOUT, + _getdns_create_getdns_response(dnsreq), + dnsreq->user_pointer, dnsreq->trans_id); + dnsreq->context->processing = 0; + } + _getdns_context_cancel_request(dnsreq); } -static in_port_t -upstream_port(getdns_upstream *upstream) +static void +accumulate_outstanding_transactions(_getdns_rbnode_t *node, void* arg) { - return ntohs(upstream->addr.ss_family == AF_INET - ? ((struct sockaddr_in *)&upstream->addr)->sin_port - : ((struct sockaddr_in6*)&upstream->addr)->sin6_port); + *(*(getdns_transaction_t**)arg)++ = ((getdns_dns_req*)node)->trans_id; } +static void +cancel_outstanding_requests(getdns_context* context) +{ + getdns_transaction_t *trans_ids, *tids_a, *tids_i; + + if (context->outbound_requests.count == 0) + return; + + tids_i = tids_a = trans_ids = GETDNS_XMALLOC(context->my_mf, + getdns_transaction_t, context->outbound_requests.count); + + _getdns_traverse_postorder(&context->outbound_requests, + accumulate_outstanding_transactions, &tids_a); + + while (tids_i < tids_a) { + + /* We have to cancel by transaction_id because we do not know + * what happens when the user_callback is called. It might + * delete getdns_dns_req's that were scheduled to be canceled. + * The extra lookup with transaction_id makes sure we do not + * access freed memory. + */ + (void) getdns_cancel_callback(context, *tids_i++); + } + GETDNS_FREE(context->my_mf, trans_ids); +} + +#ifndef STUB_NATIVE_DNSSEC + static uint32_t * upstream_scope_id(getdns_upstream *upstream) { @@ -3025,7 +3361,7 @@ getdns_return_t _getdns_context_prepare_for_resolution(struct getdns_context *context, int usenamespaces) { - int i; + size_t i; getdns_return_t r; RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); @@ -3057,7 +3393,7 @@ _getdns_context_prepare_for_resolution(struct getdns_context *context, if(context->tls_ctx == NULL) return GETDNS_RETURN_BAD_CONTEXT; -# ifdef HAVE_TLS_CLIENT_METHOD +# ifdef HAVE_SSL_CTX_SET_MIN_PROTO_VERSION if (!SSL_CTX_set_min_proto_version( context->tls_ctx, TLS1_2_VERSION)) { SSL_CTX_free(context->tls_ctx); @@ -3133,54 +3469,6 @@ _getdns_context_prepare_for_resolution(struct getdns_context *context, return r; } /* _getdns_context_prepare_for_resolution */ -getdns_return_t -_getdns_context_track_outbound_request(getdns_dns_req *dnsreq) -{ - if (!dnsreq) - return GETDNS_RETURN_INVALID_PARAMETER; - - dnsreq->node.key = &(dnsreq->trans_id); - if (!_getdns_rbtree_insert( - &dnsreq->context->outbound_requests, &dnsreq->node)) - return GETDNS_RETURN_GENERIC_ERROR; - - getdns_context_request_count_changed(dnsreq->context); - return GETDNS_RETURN_GOOD; -} - -getdns_return_t -_getdns_context_clear_outbound_request(getdns_dns_req *dnsreq) -{ - if (!dnsreq) - return GETDNS_RETURN_INVALID_PARAMETER; - - if (!_getdns_rbtree_delete( - &dnsreq->context->outbound_requests, &dnsreq->trans_id)) - return GETDNS_RETURN_GENERIC_ERROR; - - getdns_context_request_count_changed(dnsreq->context); - return GETDNS_RETURN_GOOD; -} - -getdns_return_t -_getdns_context_request_timed_out(getdns_dns_req *req) -{ - /* Don't use req after callback */ - getdns_context* context = req->context; - getdns_transaction_t trans_id = req->trans_id; - getdns_callback_t cb = req->user_callback; - void *user_arg = req->user_pointer; - getdns_dict *response = _getdns_create_getdns_response(req); - - /* cancel the req - also clears it from outbound and cleans up*/ - _getdns_context_cancel_request(context, trans_id, 0); - context->processing = 1; - cb(context, GETDNS_CALLBACK_TIMEOUT, response, user_arg, trans_id); - context->processing = 0; - getdns_context_request_count_changed(context); - return GETDNS_RETURN_GOOD; -} - char * _getdns_strdup(const struct mem_funcs *mfs, const char *s) { @@ -3262,33 +3550,6 @@ getdns_context_run(getdns_context *context) context->extension->vmt->run(context->extension); } -typedef struct timeout_accumulator { - getdns_transaction_t* ids; - int idx; -} timeout_accumulator; - -static void -accumulate_outstanding_transactions(_getdns_rbnode_t* node, void* arg) { - timeout_accumulator* acc = (timeout_accumulator*) arg; - acc->ids[acc->idx] = *((getdns_transaction_t*) node->key); - acc->idx++; -} - -static void -cancel_outstanding_requests(struct getdns_context* context, int fire_callback) { - if (context->outbound_requests.count > 0) { - timeout_accumulator acc; - int i; - acc.idx = 0; - acc.ids = GETDNS_XMALLOC(context->my_mf, getdns_transaction_t, context->outbound_requests.count); - _getdns_traverse_postorder(&context->outbound_requests, accumulate_outstanding_transactions, &acc); - for (i = 0; i < acc.idx; ++i) { - _getdns_context_cancel_request(context, acc.ids[i], fire_callback); - } - GETDNS_FREE(context->my_mf, acc.ids); - } -} - getdns_return_t getdns_context_detach_eventloop(struct getdns_context* context) { @@ -3302,10 +3563,10 @@ getdns_context_detach_eventloop(struct getdns_context* context) * and they may destroy the context ) */ /* cancel all outstanding requests */ - cancel_outstanding_requests(context, 1); + cancel_outstanding_requests(context); context->extension->vmt->cleanup(context->extension); context->extension = &context->default_eventloop.loop; - _getdns_default_eventloop_init(&context->default_eventloop); + _getdns_default_eventloop_init(&context->mf, &context->default_eventloop); #ifdef HAVE_UNBOUND_EVENT_API if (_getdns_ub_loop_enabled(&context->ub_loop)) context->ub_loop.extension = context->extension; @@ -3320,7 +3581,7 @@ getdns_context_set_eventloop(getdns_context* context, getdns_eventloop* loop) return GETDNS_RETURN_INVALID_PARAMETER; if (context->extension) { - cancel_outstanding_requests(context, 1); + cancel_outstanding_requests(context); context->extension->vmt->cleanup(context->extension); } context->extension = loop; @@ -3345,14 +3606,6 @@ getdns_context_get_eventloop(getdns_context *context, getdns_eventloop **loop) return GETDNS_RETURN_GOOD; } -static in_port_t -upstream_port(getdns_upstream *upstream) -{ - return ntohs(upstream->addr.ss_family == AF_INET - ? ((struct sockaddr_in *)&upstream->addr)->sin_port - : ((struct sockaddr_in6*)&upstream->addr)->sin6_port); -} - static getdns_dict* _get_context_settings(getdns_context* context) { @@ -3364,10 +3617,12 @@ _get_context_settings(getdns_context* context) return NULL; /* int fields */ + /* the timeouts are stored as uint64, but the value maximum used in + practice is 6553500ms, so we just trim the value to be on the safe side. */ if ( getdns_dict_set_int(result, "timeout", - context->timeout) + (context->timeout > 0xFFFFFFFFull) ? 0xFFFFFFFF: (uint32_t) context->timeout) || getdns_dict_set_int(result, "idle_timeout", - context->idle_timeout) + (context->idle_timeout > 0xFFFFFFFFull) ? 0xFFFFFFFF : (uint32_t) context->idle_timeout) || getdns_dict_set_int(result, "limit_outstanding_queries", context->limit_outstanding_queries) || getdns_dict_set_int(result, "dnssec_allowed_skew", @@ -3386,7 +3641,13 @@ _get_context_settings(getdns_context* context) || getdns_dict_set_int(result, "append_name", context->append_name) || getdns_dict_set_int(result, "tls_authentication", - context->tls_auth)) + context->tls_auth) + || getdns_dict_set_int(result, "round_robin_upstreams", + context->round_robin_upstreams) + || getdns_dict_set_int(result, "tls_backoff_time", + context->tls_backoff_time) + || getdns_dict_set_int(result, "tls_connection_retries", + context->tls_connection_retries)) goto error; /* list fields */ @@ -3511,7 +3772,7 @@ _getdns_context_local_namespace_resolve( getdns_context *context = dnsreq->context; host_name_addrs *hnas; uint8_t lookup[256]; - getdns_list empty_list = { 0 }; + getdns_list empty_list = { 0, 0, NULL, { NULL, {{ NULL, NULL, NULL }}}}; getdns_bindata bindata; getdns_list *jaa; size_t i; @@ -3682,6 +3943,33 @@ getdns_context_get_tls_authentication(getdns_context *context, return GETDNS_RETURN_GOOD; } +getdns_return_t +getdns_context_get_round_robin_upstreams(getdns_context *context, + uint8_t* value) { + RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); + RETURN_IF_NULL(value, GETDNS_RETURN_INVALID_PARAMETER); + *value = context->round_robin_upstreams; + return GETDNS_RETURN_GOOD; +} + +getdns_return_t +getdns_context_get_tls_backoff_time(getdns_context *context, + uint16_t* value) { + RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); + RETURN_IF_NULL(value, GETDNS_RETURN_INVALID_PARAMETER); + *value = context->tls_backoff_time; + return GETDNS_RETURN_GOOD; +} + +getdns_return_t +getdns_context_get_tls_connection_retries(getdns_context *context, + uint16_t* value) { + RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); + RETURN_IF_NULL(value, GETDNS_RETURN_INVALID_PARAMETER); + *value = context->tls_connection_retries; + return GETDNS_RETURN_GOOD; +} + getdns_return_t getdns_context_get_limit_outstanding_queries(getdns_context *context, uint16_t* value) { @@ -3761,8 +4049,7 @@ getdns_context_get_suffix(getdns_context *context, getdns_list **value) r = GETDNS_RETURN_GENERIC_ERROR; break; } - if ((r = _getdns_list_append_const_bindata( - list, strlen(name) + 1, name))) + if ((r = _getdns_list_append_string(list, name))) break; dname += dname_len; dname_len = *dname++; @@ -3911,7 +4198,8 @@ getdns_context_get_edns_maximum_udp_payload_size(getdns_context *context, uint16_t* value) { RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); RETURN_IF_NULL(value, GETDNS_RETURN_INVALID_PARAMETER); - *value = context->edns_maximum_udp_payload_size; + *value = context->edns_maximum_udp_payload_size == -1 ? 0 + : context->edns_maximum_udp_payload_size; return GETDNS_RETURN_GOOD; } @@ -4023,7 +4311,7 @@ static getdns_return_t _get_list_or_read_file(const getdns_dict *config_dict, break; \ X[i] = (getdns_ ## T ## _t)n; \ } \ - r = getdns_context_set_ ##X (context, count, X); \ + r = getdns_context_set_ ##X (context, i, X); \ } #define EXTENSION_SETTING_BOOL(X) \ @@ -4079,6 +4367,9 @@ _getdns_context_config_setting(getdns_context *context, CONTEXT_SETTING_INT(edns_client_subnet_private) CONTEXT_SETTING_INT(tls_authentication) + CONTEXT_SETTING_INT(round_robin_upstreams) + CONTEXT_SETTING_INT(tls_backoff_time) + CONTEXT_SETTING_INT(tls_connection_retries) CONTEXT_SETTING_INT(tls_query_padding_blocksize) /**************************************/ diff --git a/src/context.h b/src/context.h index c6288965..b05eb183 100644 --- a/src/context.h +++ b/src/context.h @@ -45,6 +45,9 @@ #include "util/rbtree.h" #include "ub_loop.h" #include "server.h" +#ifdef HAVE_MDNS_SUPPORT +#include "util/lruhash.h" +#endif struct getdns_dns_req; struct ub_ctx; @@ -124,10 +127,38 @@ typedef struct getdns_upstream { socklen_t addr_len; struct sockaddr_storage addr; +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + char addr_str[INET6_ADDRSTRLEN]; +#endif - /* How is this upstream doing over UDP? */ - int to_retry; - int back_off; + /** + * How is this upstream doing over UDP? + * + * to_retry = 1, back_off = 1, in context.c:upstream_init() + * + * When querying over UDP, first a upstream is selected which to_retry + * value > 0 in stub.c:upstream_select(). + * + * Every time a udp request times out, to_retry is decreased, and if + * it reaches 0, it is set to minus back_off in + * stub.c:stub_next_upstream(). + * + * to_retry will become > 0 again. because each time an upstream is + * selected for a UDP query in stub.c:upstream_select(), all to_retry + * counters <= 0 are incremented. + * + * On continuous failure, the stubs are less likely to be reselected, + * because each time to_retry is set to minus back_off, in + * stub.c:stub_next_upstream(), the back_off value is doubled. + * + * Finally, if all upstreams are failing, the upstreams with the + * smallest back_off value will be selected, and the back_off value + * decremented by one. + */ + int to_retry; /* (initialized to 1) */ + int back_off; /* (initialized to 1) */ + size_t udp_responses; + size_t udp_timeouts; /* For stateful upstreams, need to share the connection and track the activity on the connection */ @@ -140,14 +171,18 @@ typedef struct getdns_upstream { size_t conn_completed; size_t conn_shutdowns; size_t conn_setup_failed; + time_t conn_retry_time; + size_t conn_backoffs; size_t total_responses; size_t total_timeouts; - getdns_auth_state_t past_tls_auth_state; + getdns_auth_state_t best_tls_auth_state; + getdns_auth_state_t last_tls_auth_state; /* These are per connection. */ getdns_conn_state_t conn_state; size_t queries_sent; size_t responses_received; size_t responses_timeouts; + size_t keepalive_shutdown; uint64_t keepalive_timeout; /* Management of outstanding requests on stateful transports */ @@ -208,6 +243,9 @@ typedef struct getdns_upstreams { size_t referenced; size_t count; size_t current_udp; + size_t current_stateful; + uint16_t tls_backoff_time; + uint16_t tls_connection_retries; getdns_upstream upstreams[]; } getdns_upstreams; @@ -215,7 +253,7 @@ struct getdns_context { /* Context values */ getdns_resolution_t resolution_type; getdns_namespace_t *namespaces; - int namespace_count; + size_t namespace_count; uint64_t timeout; uint64_t idle_timeout; getdns_redirects_t follow_redirects; @@ -239,6 +277,9 @@ struct getdns_context { uint32_t dnssec_allowed_skew; getdns_tls_authentication_t tls_auth; /* What user requested for TLS*/ getdns_tls_authentication_t tls_auth_min; /* Derived minimum auth allowed*/ + uint8_t round_robin_upstreams; + uint16_t tls_backoff_time; + uint16_t tls_connection_retries; getdns_transport_list_t *dns_transports; size_t dns_transport_count; @@ -282,6 +323,14 @@ struct getdns_context { */ _getdns_rbtree_t outbound_requests; + /* network requests + */ + size_t netreqs_in_flight; + + _getdns_rbtree_t pending_netreqs; + getdns_network_req *first_pending_netreq; + getdns_eventloop_event pending_timeout_event; + struct listen_set *server; /* Event loop extension. */ @@ -300,20 +349,20 @@ struct getdns_context { /* request extension defaults */ getdns_dict *header; getdns_dict *add_opt_parameters; - int add_warning_for_bad_dns : 1; - int dns64 : 1; - int dnssec_return_all_statuses : 1; - int dnssec_return_full_validation_chain : 1; - int dnssec_return_only_secure : 1; - int dnssec_return_status : 1; - int dnssec_return_validation_chain : 1; + unsigned add_warning_for_bad_dns : 1; + unsigned dns64 : 1; + unsigned dnssec_return_all_statuses : 1; + unsigned dnssec_return_full_validation_chain : 1; + unsigned dnssec_return_only_secure : 1; + unsigned dnssec_return_status : 1; + unsigned dnssec_return_validation_chain : 1; #ifdef DNSSEC_ROADBLOCK_AVOIDANCE - int dnssec_roadblock_avoidance : 1; + unsigned dnssec_roadblock_avoidance : 1; #endif - int edns_cookies : 1; - int return_api_information : 1; /* Not used */ - int return_both_v4_and_v6 : 1; - int return_call_reporting : 1; + unsigned edns_cookies : 1; + unsigned return_api_information : 1; /* Not used */ + unsigned return_both_v4_and_v6 : 1; + unsigned return_call_reporting : 1; uint16_t specify_class; uint8_t dns64_prefix[16]; @@ -329,6 +378,23 @@ struct getdns_context { /* We need to run WSAStartup() to be able to use getaddrinfo() */ WSADATA wsaData; #endif + + /* MDNS */ +#ifdef HAVE_MDNS_SUPPORT + /* + * If supporting MDNS, context may be instantiated either in basic mode + * or in full mode. If working in extended mode, two multicast sockets are + * left open, for IPv4 and IPv6. Data can be received on either socket. + * The context also keeps a list of open queries, characterized by a + * name and an RR type, and a list of received answers, characterized + * by name, RR type and data value. + */ + int mdns_extended_support; /* 0 = no support, 1 = supported, 2 = initialization needed */ + int mdns_connection_nb; /* typically 0 or 2 for IPv4 and IPv6 */ + struct mdns_network_connection * mdns_connection; + struct lruhash * mdns_cache; + +#endif /* HAVE_MDNS_SUPPORT */ }; /* getdns_context */ /** internal functions **/ @@ -342,19 +408,33 @@ struct getdns_context { getdns_return_t _getdns_context_prepare_for_resolution(struct getdns_context *context, int usenamespaces); -/* track an outbound request */ -getdns_return_t _getdns_context_track_outbound_request(struct getdns_dns_req - *req); -/* clear the outbound request from being tracked - does not cancel it */ -getdns_return_t _getdns_context_clear_outbound_request(struct getdns_dns_req - *req); +/* Register a getdns_dns_req with context. + * - Without pluggable unbound event API, + * ub_fd() is scheduled when this was the first request. + */ +void _getdns_context_track_outbound_request(getdns_dns_req *dnsreq); -getdns_return_t _getdns_context_request_timed_out(struct getdns_dns_req - *req); +/* Deregister getdns_dns_req from the context. + * - Without pluggable unbound event API, + * ub_fd() is scheduled when this was the first request. + * - Potential timeout events will be cleared. + * - All associated getdns_dns_reqs (to get the validation chain) + * will be canceled. + */ +void _getdns_context_clear_outbound_request(getdns_dns_req *dnsreq); -/* cancel callback internal - flag to indicate if req should be freed and callback fired */ -getdns_return_t _getdns_context_cancel_request(struct getdns_context *context, - getdns_transaction_t transaction_id, int fire_callback); +/* Cancels and frees a getdns_dns_req (without calling user callbacks) + * - Deregisters getdns_dns_req with _getdns_context_clear_outbound_request() + * - Cancels associated getdns_network_reqs + * (by calling ub_cancel() or _getdns_cancel_stub_request()) + * - Frees the getdns_dns_req + */ +void _getdns_context_cancel_request(getdns_dns_req *dnsreq); + +/* Calls user callback (with GETDNS_CALLBACK_TIMEOUT + response dict), then + * cancels and frees the getdns_dns_req with _getdns_context_cancel_request() + */ +void _getdns_context_request_timed_out(getdns_dns_req *dnsreq); char *_getdns_strdup(const struct mem_funcs *mfs, const char *str); diff --git a/src/convert.c b/src/convert.c index f0b4251d..6417c6d1 100644 --- a/src/convert.c +++ b/src/convert.c @@ -57,8 +57,14 @@ #include "convert.h" #include "debug.h" -/* stuff to make it compile pedantically */ -#define UNUSED_PARAM(x) ((void)(x)) +/* strdup is marked deprecated by the Windows compiler */ +#ifndef STRDUP +#ifdef GETDNS_ON_WINDOWS +#define STRDUP(x) _strdup(x) +#else +#define STRDUP(x) strdup(x) +#endif +#endif getdns_return_t getdns_convert_dns_name_to_fqdn( @@ -154,6 +160,7 @@ getdns_convert_ulabel_to_alabel(const char *ulabel) free(prepped2); return buf; #else + (void)ulabel; return NULL; #endif } @@ -183,6 +190,7 @@ getdns_convert_alabel_to_ulabel(const char *alabel) } return buf; #else + (void)alabel; return NULL; #endif } @@ -204,7 +212,7 @@ getdns_display_ip_address(const struct getdns_bindata buff, 256); if (ipStr) { - return strdup(ipStr); + return STRDUP(ipStr); } } else if (bindata_of_ipv4_or_ipv6_address->size == 16) { const char *ipStr = inet_ntop(AF_INET6, @@ -212,7 +220,7 @@ getdns_display_ip_address(const struct getdns_bindata buff, 256); if (ipStr) { - return strdup(ipStr); + return STRDUP(ipStr); } } return NULL; @@ -289,7 +297,7 @@ getdns_rr_dict2wire_scan( return GETDNS_RETURN_INVALID_PARAMETER; - gldns_buffer_init_frm_data(&gbuf, *wire, *wire_sz); + gldns_buffer_init_vfixed_frm_data(&gbuf, *wire, *wire_sz); if ((r = _getdns_rr_dict2wire(rr_dict, &gbuf))) return r; @@ -439,7 +447,7 @@ getdns_rr_dict2str_scan( if (!rr_dict || !str || !*str || !str_len) return GETDNS_RETURN_INVALID_PARAMETER; - gldns_buffer_init_frm_data(&gbuf, buf, sizeof(buf_spc)); + gldns_buffer_init_vfixed_frm_data(&gbuf, buf, sizeof(buf_spc)); r = _getdns_rr_dict2wire(rr_dict, &gbuf); if (gldns_buffer_position(&gbuf) > sizeof(buf_spc)) { if (!(buf = GETDNS_XMALLOC( @@ -830,7 +838,6 @@ _getdns_reply_dict2wire( } } remove_dnssec = !getdns_dict_get_int(reply, "/header/do", &n) && n == 0; - DEBUG_SERVER("remove_dnssec: %d\n", remove_dnssec); if (!getdns_dict_get_list(reply, "answer", §ion)) { for ( n = 0, i = 0 @@ -953,7 +960,7 @@ getdns_msg_dict2wire_scan( if (!msg_dict || !wire || !wire_sz || (!*wire && *wire_sz)) return GETDNS_RETURN_INVALID_PARAMETER; - gldns_buffer_init_frm_data(&gbuf, *wire, *wire_sz); + gldns_buffer_init_vfixed_frm_data(&gbuf, *wire, *wire_sz); if ((r = _getdns_msg_dict2wire_buf(msg_dict, &gbuf))) return r; @@ -1029,7 +1036,7 @@ getdns_msg_dict2str_scan( if (!msg_dict || !str || !*str || !str_len) return GETDNS_RETURN_INVALID_PARAMETER; - gldns_buffer_init_frm_data(&gbuf, buf, sizeof(buf_spc)); + gldns_buffer_init_vfixed_frm_data(&gbuf, buf, sizeof(buf_spc)); r = _getdns_msg_dict2wire_buf(msg_dict, &gbuf); if (gldns_buffer_position(&gbuf) > sizeof(buf_spc)) { if (!(buf = GETDNS_XMALLOC( @@ -1066,7 +1073,7 @@ getdns_msg_dict2str_scan( } static getdns_dict * -_getdns_ipaddr_dict_mf(struct mem_funcs *mf, char *ipstr) +_getdns_ipaddr_dict_mf(struct mem_funcs *mf, const char *ipstr) { getdns_dict *r = _getdns_dict_create_with_mf(mf); char *s = strchr(ipstr, '%'), *scope_id_str = ""; @@ -1187,7 +1194,7 @@ static int _jsmn_get_ipdict(struct mem_funcs *mf, const char *js, jsmntok_t *t, char value_str[3072]; int size = t->end - t->start; - if (size <= 0 || size >= sizeof(value_str)) + if (size <= 0 || size >= (int)sizeof(value_str)) return 0; (void) memcpy(value_str, js + t->start, size); @@ -1197,21 +1204,81 @@ static int _jsmn_get_ipdict(struct mem_funcs *mf, const char *js, jsmntok_t *t, return *value != NULL; } +static int _jsmn_get_base64_data(struct mem_funcs *mf, const char *js, jsmntok_t *t, + getdns_bindata **value) +{ + int e, i; + int size = t->end - t->start; + char value_str_buf[1025]; + char *value_str; + size_t target_buf_size; + + assert(size >= 4); + + if (size % 4 != 0) + return 0; + + e = t->end; + if (js[e - 1] == '=') e -= 1; + if (js[e - 1] == '=') e -= 1; + + for (i = t->start; i < e; i++) + if (!((js[i] >= '0' && js[i] <= '9') + ||(js[i] >= 'a' && js[i] <= 'z') + ||(js[i] >= 'A' && js[i] <= 'Z') + || js[i] == '+' || js[i] == '/')) + return 0; + + target_buf_size = gldns_b64_pton_calculate_size(size); + if (!(*value = GETDNS_MALLOC(*mf, getdns_bindata))) + return 0; + + else if (!((*value)->data = GETDNS_XMALLOC( + *mf, uint8_t, target_buf_size))) { + GETDNS_FREE(*mf, *value); + return 0; + } + if ((size_t)size >= sizeof(value_str_buf)) + value_str = GETDNS_XMALLOC(*mf, char, size + 1); + else value_str = value_str_buf; + + if (value_str) { + (void) memcpy(value_str, js + t->start, size); + value_str[size] = '\0'; + + e = gldns_b64_pton(value_str, (*value)->data, target_buf_size); + + if (value_str != value_str_buf) + GETDNS_FREE(*mf, value_str); + + if (e > 0) { + (*value)->size = e; + return 1; + } + } + GETDNS_FREE(*mf, (*value)->data); + GETDNS_FREE(*mf, *value); + return 0; +} + static int _jsmn_get_data(struct mem_funcs *mf, const char *js, jsmntok_t *t, getdns_bindata **value) { - size_t i, j; + int i; + size_t j; uint8_t h, l; - if ((t->end - t->start) < 4 || (t->end - t->start) % 2 == 1 || - js[t->start] != '0' || js[t->start + 1] != 'x') + if ((t->end - t->start) < 4 || (t->end - t->start) % 2 == 1) return 0; + if (js[t->start] != '0' || js[t->start + 1] != 'x') + return _jsmn_get_base64_data(mf, js, t, value); + for (i = t->start + 2; i < t->end; i++) if (!((js[i] >= '0' && js[i] <= '9') ||(js[i] >= 'a' && js[i] <= 'f') ||(js[i] >= 'A' && js[i] <= 'F'))) - return 0; + return _jsmn_get_base64_data(mf, js, t, value); if (!(*value = GETDNS_MALLOC(*mf, getdns_bindata))) return 0; @@ -1241,8 +1308,9 @@ static int _jsmn_get_dname(struct mem_funcs *mf, const char *js, jsmntok_t *t, { char value_str[1025]; int size = t->end - t->start; + (void)mf; /* TODO: Fix to use mf */ - if (size <= 0 || size >= sizeof(value_str) || js[t->end - 1] != '.') + if (size <= 0 || size >= (int)sizeof(value_str) || js[t->end - 1] != '.') return 0; (void) memcpy(value_str, js + t->start, size); @@ -1258,7 +1326,7 @@ static int _jsmn_get_ipv4(struct mem_funcs *mf, const char *js, jsmntok_t *t, int size = t->end - t->start; uint8_t buf[4]; - if (size <= 0 || size >= sizeof(value_str)) + if (size <= 0 || size >= (int)sizeof(value_str)) return 0; (void) memcpy(value_str, js + t->start, size); @@ -1288,7 +1356,7 @@ static int _jsmn_get_ipv6(struct mem_funcs *mf, const char *js, jsmntok_t *t, int size = t->end - t->start; uint8_t buf[16]; - if (size <= 0 || size >= sizeof(value_str)) + if (size <= 0 || size >= (int)sizeof(value_str)) return 0; (void) memcpy(value_str, js + t->start, size); @@ -1311,14 +1379,13 @@ static int _jsmn_get_ipv6(struct mem_funcs *mf, const char *js, jsmntok_t *t, return 0; } -static int _jsmn_get_int(struct mem_funcs *mf, const char *js, jsmntok_t *t, - uint32_t *value) +static int _jsmn_get_int(const char *js, jsmntok_t *t, uint32_t *value) { char value_str[11]; int size = t->end - t->start; char *endptr; - if (size <= 0 || size >= sizeof(value_str)) + if (size <= 0 || size >= (int)sizeof(value_str)) return 0; (void) memcpy(value_str, js + t->start, size); @@ -1328,13 +1395,12 @@ static int _jsmn_get_int(struct mem_funcs *mf, const char *js, jsmntok_t *t, return *value_str != '\0' && *endptr == '\0'; } -static int _jsmn_get_const(struct mem_funcs *mf, const char *js, jsmntok_t *t, - uint32_t *value) +static int _jsmn_get_const(const char *js, jsmntok_t *t, uint32_t *value) { char value_str[80]; int size = t->end - t->start; - if (size <= 0 || size >= sizeof(value_str)) + if (size <= 0 || size >= (int)sizeof(value_str)) return 0; (void) memcpy(value_str, js + t->start, size); @@ -1368,7 +1434,8 @@ static int _jsmn_get_item(struct mem_funcs *mf, const char *js, jsmntok_t *t, static int _jsmn_get_dict(struct mem_funcs *mf, const char *js, jsmntok_t *t, size_t count, getdns_dict *dict, getdns_return_t *r) { - size_t i, j = 1; + int i; + size_t j = 1; char key_spc[1024], *key = NULL; getdns_item child_item; @@ -1388,7 +1455,7 @@ static int _jsmn_get_dict(struct mem_funcs *mf, const char *js, jsmntok_t *t, *r = GETDNS_RETURN_GENERIC_ERROR; /* range error */ break; } - if (t[j].end - t[j].start < sizeof(key_spc)) + if (t[j].end - t[j].start < (int)sizeof(key_spc)) key = key_spc; else if (!(key = GETDNS_XMALLOC( @@ -1446,7 +1513,8 @@ static int _jsmn_get_dict(struct mem_funcs *mf, const char *js, jsmntok_t *t, static int _jsmn_get_list(struct mem_funcs *mf, const char *js, jsmntok_t *t, size_t count, getdns_list *list, getdns_return_t *r) { - size_t i, j = 1, index = 0; + int i; + size_t j = 1, index = 0; getdns_item child_item; if (t->size <= 0) @@ -1525,8 +1593,8 @@ static int _jsmn_get_item(struct mem_funcs *mf, const char *js, jsmntok_t *t, *r = GETDNS_RETURN_GENERIC_ERROR; break; - } else if (_jsmn_get_int(mf, js, t, &item->data.n) - || _jsmn_get_const(mf, js, t, &item->data.n)) { + } else if (_jsmn_get_int(js, t, &item->data.n) + || _jsmn_get_const(js, t, &item->data.n)) { item->dtype = t_int; } @@ -1607,6 +1675,21 @@ getdns_str2dict(const char *str, getdns_dict **dict) getdns_item item; getdns_return_t r; + if (!str || !dict) + return GETDNS_RETURN_INVALID_PARAMETER; + + while (*str && isspace(*str)) + str++; + + if (*str != '{') { + getdns_dict *dict_r = _getdns_ipaddr_dict_mf( + &_getdns_plain_mem_funcs, str); + + if (dict_r) { + *dict = dict_r; + return GETDNS_RETURN_GOOD; + } + } if ((r = _getdns_str2item_mf(&_getdns_plain_mem_funcs, str, &item))) return r; @@ -1664,6 +1747,9 @@ getdns_str2list(const char *str, getdns_list **list) getdns_item item; getdns_return_t r; + if (!str || !list) + return GETDNS_RETURN_INVALID_PARAMETER; + if ((r = _getdns_str2item_mf(&_getdns_plain_mem_funcs, str, &item))) return r; @@ -1681,6 +1767,9 @@ getdns_str2bindata(const char *str, getdns_bindata **bindata) getdns_item item; getdns_return_t r; + if (!str || !bindata) + return GETDNS_RETURN_INVALID_PARAMETER; + if ((r = _getdns_str2item_mf(&_getdns_plain_mem_funcs, str, &item))) return r; @@ -1698,6 +1787,9 @@ getdns_str2int(const char *str, uint32_t *value) getdns_item item; getdns_return_t r; + if (!str || !value) + return GETDNS_RETURN_INVALID_PARAMETER; + if ((r = _getdns_str2item_mf(&_getdns_plain_mem_funcs, str, &item))) return r; diff --git a/src/debug.h b/src/debug.h index 91051435..fb74527c 100644 --- a/src/debug.h +++ b/src/debug.h @@ -36,7 +36,6 @@ #define DEBUG_H #include "config.h" - #define STUB_DEBUG_ENTRY "=> ENTRY: " #define STUB_DEBUG_SETUP "--- SETUP: " #define STUB_DEBUG_SETUP_TLS "--- SETUP(TLS): " @@ -45,7 +44,23 @@ #define STUB_DEBUG_READ "------- READ: " #define STUB_DEBUG_WRITE "------- WRITE: " #define STUB_DEBUG_CLEANUP "--- CLEANUP: " +#define STUB_DEBUG_DAEMON "GETDNS_DAEMON: " +#ifdef GETDNS_ON_WINDOWS +#define DEBUG_ON(...) do { \ + struct timeval tv; \ + struct tm tm; \ + char buf[10]; \ + time_t tsec; \ + \ + gettimeofday(&tv, NULL); \ + tsec = (time_t) tv.tv_sec; \ + gmtime_s(&tm, (const time_t *) &tsec); \ + strftime(buf, 10, "%H:%M:%S", &tm); \ + fprintf(stderr, "[%s.%.6d] ", buf, (int)tv.tv_usec); \ + fprintf(stderr, __VA_ARGS__); \ + } while (0) +#else #define DEBUG_ON(...) do { \ struct timeval tv; \ struct tm tm; \ @@ -57,6 +72,7 @@ fprintf(stderr, "[%s.%.6d] ", buf, (int)tv.tv_usec); \ fprintf(stderr, __VA_ARGS__); \ } while (0) +#endif #define DEBUG_NL(...) do { \ struct timeval tv; \ @@ -74,6 +90,31 @@ #define DEBUG_OFF(...) do {} while (0) +#if defined(REQ_DEBUG) && REQ_DEBUG +#include +#define DEBUG_REQ(...) DEBUG_ON(__VA_ARGS__) +#include "gldns/wire2str.h" +#include "rr-dict.h" +#include "types-internal.h" +static inline void debug_req(const char *msg, getdns_network_req *netreq) +{ + char str[1024]; + struct timeval tv; + uint64_t t; + + (void) gettimeofday(&tv, NULL); + t = tv.tv_sec * 1000 + tv.tv_usec / 1000; + t = t >= netreq->owner->expires ? 0 : netreq->owner->expires - t; + (void) gldns_wire2str_dname_buf(netreq->owner->name, + netreq->owner->name_len, str, sizeof(str)); + DEBUG_REQ("NETREQ %s %4"PRIu64" %s %s\n", msg, t, + str, _getdns_rr_type_name(netreq->request_type)); +} +#else +#define DEBUG_REQ(...) DEBUG_OFF(__VA_ARGS__) +#define debug_req(...) DEBUG_OFF(__VA_ARGS__) +#endif + #if defined(SCHED_DEBUG) && SCHED_DEBUG #include #define DEBUG_SCHED(...) DEBUG_ON(__VA_ARGS__) @@ -88,6 +129,13 @@ #define DEBUG_STUB(...) DEBUG_OFF(__VA_ARGS__) #endif +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG +#include +#define DEBUG_DAEMON(...) DEBUG_ON(__VA_ARGS__) +#else +#define DEBUG_DAEMON(...) DEBUG_OFF(__VA_ARGS__) +#endif + #if defined(SEC_DEBUG) && SEC_DEBUG #include #define DEBUG_SEC(...) DEBUG_ON(__VA_ARGS__) @@ -102,5 +150,28 @@ #define DEBUG_SERVER(...) DEBUG_OFF(__VA_ARGS__) #endif +#define MDNS_DEBUG_ENTRY "-> MDNS ENTRY: " +#define MDNS_DEBUG_READ "-- MDNS READ: " +#define MDNS_DEBUG_MREAD "-- MDNS MREAD: " +#define MDNS_DEBUG_WRITE "-- MDNS WRITE: " +#define MDNS_DEBUG_CLEANUP "-- MDNS CLEANUP:" + +#if defined(MDNS_DEBUG) && MDNS_DEBUG +#include +#define DEBUG_MDNS(...) DEBUG_ON(__VA_ARGS__) +#else +#define DEBUG_MDNS(...) DEBUG_OFF(__VA_ARGS__) +#endif + +#if (defined(REQ_DEBUG) && REQ_DEBUG) || \ + (defined(SCHED_DEBUG) && SCHED_DEBUG) || \ + (defined(STUB_DEBUG) && STUB_DEBUG) || \ + (defined(DAEMON_DEBUG) && DAEMON_DEBUG) || \ + (defined(SEC_DEBUG) && SEC_DEBUG) || \ + (defined(SERVER_DEBUG) && SERVER_DEBUG) || \ + (defined(MDNS_DEBUG) && MDNS_DEBUG) +#define DEBUGGING 1 +#endif + #endif /* debug.h */ diff --git a/src/dict.c b/src/dict.c index e7294e62..b8c9db99 100644 --- a/src/dict.c +++ b/src/dict.c @@ -51,10 +51,11 @@ #include "const-info.h" #include "gldns/gbuffer.h" #include "gldns/wire2str.h" +#include "gldns/parseutil.h" static char *_json_ptr_first(const struct mem_funcs *mf, - const char *jptr, char *first, size_t first_sz) + const char *jptr, char *first, ssize_t first_sz) { const char *next_ref, *k; char *j; @@ -65,7 +66,7 @@ static char *_json_ptr_first(const struct mem_funcs *mf, if (!(next_ref = strchr(jptr, '/'))) next_ref = strchr(jptr, '\0'); - if (next_ref - jptr + 1 > first_sz || !first) + if ((unsigned)(next_ref - jptr + 1) > first_sz || !first) first = GETDNS_XMALLOC(*mf, char, next_ref - jptr + 1); for (j = first, k = jptr; k < next_ref; j++, k++) @@ -731,18 +732,44 @@ _getdns_bindata_is_dname(getdns_bindata *bindata) bindata->data[bindata->size - 1] == 0; } +static int +getdns_pp_base64(gldns_buffer *buf, getdns_bindata *bindata) +{ + size_t p = gldns_buffer_position(buf); + size_t base64str_sz; + char *target; + size_t avail; + + if (gldns_buffer_printf(buf, " size); + target = (char *)gldns_buffer_current(buf); + avail = gldns_buffer_remaining(buf); + if (avail >= base64str_sz) + gldns_buffer_skip(buf, gldns_b64_ntop( + bindata->data, bindata->size, + target, base64str_sz)); + else + gldns_buffer_skip(buf, base64str_sz); + + if (gldns_buffer_printf(buf, ">") < 0) + return -1; + + return gldns_buffer_position(buf) - p; +} + /*---------------------------------------- getdns_pp_bindata */ /** * private function to pretty print bindata to a gldns_buffer * @param buf buffer to write to - * @param indent number of spaces to append after newline * @param bindata the bindata to print * @return on success the number of written characters * if an output error is encountered, a negative value */ static int -getdns_pp_bindata(gldns_buffer *buf, size_t indent, - getdns_bindata *bindata, int rdata_raw, int json) +getdns_pp_bindata(gldns_buffer *buf, getdns_bindata *bindata, + int rdata_raw, int json) { size_t i, p = gldns_buffer_position(buf); uint8_t *dptr; @@ -887,7 +914,7 @@ getdns_pp_list(gldns_buffer *buf, size_t indent, const getdns_list *list, GETDNS_RETURN_GOOD) return -1; if (getdns_pp_bindata( - buf, indent, bindata_item, 0, json) < 0) + buf, bindata_item, 0, json) < 0) return -1; break; @@ -1095,8 +1122,18 @@ getdns_pp_dict(gldns_buffer * buf, size_t indent, )) < 0) return -1; + } else if (!json && + (strcmp(item->node.key, "pin-sha256") == 0 || + strcmp(item->node.key, "value") == 0) && + item->i.data.bindata->size > 0 && + item->i.data.bindata->size % 4 == 0) { + + if (getdns_pp_base64(buf, + item->i.data.bindata) < 0) + return -1; + } else if (getdns_pp_bindata( - buf, indent, item->i.data.bindata, + buf, item->i.data.bindata, (strcmp(item->node.key, "rdata_raw") == 0), json) < 0) return -1; @@ -1187,9 +1224,9 @@ getdns_pretty_snprint_dict(char *str, size_t size, const getdns_dict *dict) if (!dict) return -1; - gldns_buffer_init_frm_data(&buf, str, size); + gldns_buffer_init_vfixed_frm_data(&buf, str, size); return getdns_pp_dict(&buf, 0, dict, 0) < 0 - ? -1 : gldns_buffer_position(&buf); + ? -1 : (int)gldns_buffer_position(&buf); } char * @@ -1221,9 +1258,9 @@ getdns_pretty_snprint_list(char *str, size_t size, const getdns_list *list) if (!list) return -1; - gldns_buffer_init_frm_data(&buf, str, size); + gldns_buffer_init_vfixed_frm_data(&buf, str, size); return getdns_pp_list(&buf, 0, list, 0, 0) < 0 - ? -1 : gldns_buffer_position(&buf); + ? -1 : (int)gldns_buffer_position(&buf); } char * @@ -1256,9 +1293,9 @@ getdns_snprint_json_dict( if (!dict) return -1; - gldns_buffer_init_frm_data(&buf, str, size); + gldns_buffer_init_vfixed_frm_data(&buf, str, size); return getdns_pp_dict(&buf, 0, dict, pretty ? 1 : 2) < 0 - ? -1 : gldns_buffer_position(&buf); + ? -1 : (int)gldns_buffer_position(&buf); } char * @@ -1291,9 +1328,9 @@ getdns_snprint_json_list( if (!list) return -1; - gldns_buffer_init_frm_data(&buf, str, size); + gldns_buffer_init_vfixed_frm_data(&buf, str, size); return getdns_pp_list(&buf, 0, list, 0, pretty ? 1 : 2) < 0 - ? -1 : gldns_buffer_position(&buf); + ? -1 : (int)gldns_buffer_position(&buf); } /* dict.c */ diff --git a/src/dnssec.c b/src/dnssec.c index f567b96b..b6bbe328 100644 --- a/src/dnssec.c +++ b/src/dnssec.c @@ -256,7 +256,7 @@ static uint8_t *_dname_label_copy(uint8_t *dst, const uint8_t *src, size_t dst_l { uint8_t *r = dst, i; - if (!src || *src + 1 > dst_len) + if (!src || (size_t)*src + 1 > dst_len) return NULL; for (i = (*dst++ = *src++); i ; i--) @@ -528,7 +528,7 @@ static chain_head *add_rrset2val_chain(struct mem_funcs *mf, chain_head *head; const uint8_t *labels[128], **last_label, **label; - size_t max_labels; /* max labels in common */ + ssize_t max_labels; /* max labels in common */ chain_head *max_head; chain_node *max_node; @@ -559,7 +559,7 @@ static chain_head *add_rrset2val_chain(struct mem_funcs *mf, if (! _dname_is_parent(*label, head->rrset.name)) break; } - if (label - labels > max_labels) { + if ((unsigned)(label - labels) > max_labels) { max_labels = label - labels; max_head = head; } @@ -616,6 +616,11 @@ static chain_head *add_rrset2val_chain(struct mem_funcs *mf, head->node_count = node_count; if (!node_count) { + /* When this head has no nodes of itself, it must have found + * another head which has nodes for its labels (i.e. max_head) + */ + assert(max_head != NULL); + head->parent = max_head->parent; return head; } @@ -857,6 +862,7 @@ static getdns_dict *CD_extension(getdns_dns_req *dnsreq) ? dnssec_ok_checking_disabled_roadblock_avoidance : dnssec_ok_checking_disabled_avoid_roadblocks; #else + (void)dnsreq; return dnssec_ok_checking_disabled; #endif } @@ -1038,7 +1044,6 @@ static void val_chain_node_cb(getdns_dns_req *dnsreq) _getdns_rrsig_iter *rrsig, rrsig_spc; size_t n_signers; - _getdns_context_clear_outbound_request(dnsreq); switch (netreq->request_type) { case GETDNS_RRTYPE_DS : node->ds.pkt = netreq->response; node->ds.pkt_len = netreq->response_len; @@ -1088,7 +1093,9 @@ static void val_chain_node_soa_cb(getdns_dns_req *dnsreq) _getdns_rrset_iter i_spc, *i; _getdns_rrset *rrset; - _getdns_context_clear_outbound_request(dnsreq); + /* A SOA query is always scheduled with a node as the user argument. + */ + assert(node != NULL); for ( i = _getdns_rrset_iter_init(&i_spc, netreq->response , netreq->response_len @@ -1097,10 +1104,8 @@ static void val_chain_node_soa_cb(getdns_dns_req *dnsreq) ; i = _getdns_rrset_iter_next(i)) { rrset = _getdns_rrset_iter_value(i); - if (rrset->rr_type == GETDNS_RRTYPE_SOA) - break; - } - if (i) { + if (rrset->rr_type != GETDNS_RRTYPE_SOA) + continue; while (node && ! _dname_equal(node->ds.name, rrset->name)) @@ -1112,11 +1117,14 @@ static void val_chain_node_soa_cb(getdns_dns_req *dnsreq) } else { /* SOA for a different name */ node = (chain_node *)dnsreq->user_pointer; - node->lock++; - val_chain_sched_soa_node(node->parent); + if (node->parent) { + node->lock++; + val_chain_sched_soa_node(node->parent); + } } - - } else if (node->parent) { + break; + } + if (!i && node->parent) { node->lock++; val_chain_sched_soa_node(node->parent); } @@ -1314,7 +1322,7 @@ static int _rr_iter_rdata_cmp(const void *a, const void *b) * When the rrset was a wildcard expansion (rrsig labels < labels owner name), * nc_name will be set to the next closer (within rrset->name). */ -#define VAL_RRSET_SPC_SZ 1024 +#define VAL_RRSET_SPC_SZ 256 static int _getdns_verify_rrsig(struct mem_funcs *mf, _getdns_rrset *rrset, _getdns_rrsig_iter *rrsig, _getdns_rrtype_iter *key, const uint8_t **nc_name) { @@ -1626,7 +1634,7 @@ static int nsec3_iteration_count_high(_getdns_rrtype_iter *dnskey, _getdns_rrset return gldns_read_uint16(rr->rr_i.rr_type + 12) > 150; } -static int check_dates(int32_t now, int32_t skew, int32_t exp, int32_t inc) +static int check_dates(time_t now, int32_t skew, int32_t exp, int32_t inc) { return (exp - inc > 0) && (inc - now < skew) && (now - exp < skew); } @@ -1871,7 +1879,7 @@ static int ds_authenticates_keys(struct mem_funcs *mf, max_supported_digest = ds->rr_i.rr_type[13]; max_supported_result = 0; - if (digest_len != ds->rr_i.nxt - ds->rr_i.rr_type-14 + if ((int)digest_len != ds->rr_i.nxt - ds->rr_i.rr_type-14 || memcmp(digest, ds->rr_i.rr_type+14, digest_len) != 0) { if (digest != digest_spc) GETDNS_FREE(*mf, digest); @@ -2687,6 +2695,7 @@ static int chain_head_validate(struct mem_funcs *mf, time_t now, uint32_t skew, * evaluated by processing each head in turn. The worst outcome per network request * is the dnssec status for that network request. */ +#ifdef STUB_NATIVE_DNSSEC static void chain_set_netreq_dnssec_status(chain_head *chain, _getdns_rrset_iter *tas) { chain_head *head; @@ -2723,6 +2732,7 @@ static void chain_set_netreq_dnssec_status(chain_head *chain, _getdns_rrset_iter } } } +#endif /* The DNSSEC status of all heads for a chain structure is evaluated by * processing each head in turn. The worst outcome is the dnssec status for @@ -3021,6 +3031,7 @@ static void check_chain_complete(chain_head *chain) int r = GETDNS_RETURN_GOOD; getdns_network_req **netreq_p, *netreq; + uint64_t now_ms = 0; dnsreq->avoid_dnssec_roadblocks = 1; @@ -3028,9 +3039,9 @@ static void check_chain_complete(chain_head *chain) ; !r && (netreq = *netreq_p) ; netreq_p++) { - netreq->state = NET_REQ_NOT_SENT; + _getdns_netreq_change_state(netreq, NET_REQ_NOT_SENT); netreq->owner = dnsreq; - r = _getdns_submit_netreq(netreq); + r = _getdns_submit_netreq(netreq, &now_ms); } return; } @@ -3038,7 +3049,10 @@ static void check_chain_complete(chain_head *chain) val_chain_list = dnsreq->dnssec_return_validation_chain ? getdns_list_create_with_context(context) : NULL; - /* Walk chain to add values to val_chain_list and to cleanup */ + /* Walk chain to add values to val_chain_list. We do not cleanup yet. + * The chain will eventually be freed when the dns request is descheduled + * with getdns_context_clear_outbound_request(). + */ for ( head = chain; head ; head = next ) { next = head->next; if (dnsreq->dnssec_return_full_validation_chain && @@ -3065,7 +3079,6 @@ static void check_chain_complete(chain_head *chain) context, val_chain_list, node->dnskey_req, node->dnskey_signer); - _getdns_dns_req_free(node->dnskey_req->owner); } if (node->ds_req) { if (val_chain_list) @@ -3083,13 +3096,8 @@ static void check_chain_complete(chain_head *chain) context, val_chain_list, &node->ds); } - _getdns_dns_req_free(node->ds_req->owner); - } - if (node->soa_req) { - _getdns_dns_req_free(node->soa_req->owner); } } - GETDNS_FREE(head->my_mf, head); } response_dict = _getdns_create_getdns_response(dnsreq); @@ -3104,6 +3112,73 @@ static void check_chain_complete(chain_head *chain) _getdns_call_user_callback(dnsreq, response_dict); } +void _getdns_validation_chain_timeout(getdns_dns_req *dnsreq) +{ + chain_head *head = dnsreq->chain, *next; + chain_node *node; + size_t node_count; + + while (head) { + next = head->next; + + for ( node_count = head->node_count, node = head->parent + ; node_count + ; node_count--, node = node->parent ) { + + if (!_getdns_netreq_finished(node->dnskey_req)) { + _getdns_context_cancel_request( + node->dnskey_req->owner); + node->dnskey_req = NULL; + } + + if (!_getdns_netreq_finished(node->ds_req)) { + _getdns_context_cancel_request( + node->ds_req->owner); + node->ds_req = NULL; + } + + if (!_getdns_netreq_finished(node->soa_req)) { + _getdns_context_cancel_request( + node->soa_req->owner); + node->soa_req = NULL; + } + } + head = next; + } + dnsreq->request_timed_out = 1; + check_chain_complete(dnsreq->chain); +} + +void _getdns_cancel_validation_chain(getdns_dns_req *dnsreq) +{ + chain_head *head = dnsreq->chain, *next; + chain_node *node; + size_t node_count; + + dnsreq->chain = NULL; + while (head) { + next = head->next; + + for ( node_count = head->node_count, node = head->parent + ; node_count + ; node_count--, node = node->parent ) { + + if (node->dnskey_req) + _getdns_context_cancel_request( + node->dnskey_req->owner); + + if (node->ds_req) + _getdns_context_cancel_request( + node->ds_req->owner); + + if (node->soa_req) + _getdns_context_cancel_request( + node->soa_req->owner); + } + GETDNS_FREE(head->my_mf, head); + head = next; + } +} void _getdns_get_validation_chain(getdns_dns_req *dnsreq) { @@ -3141,6 +3216,7 @@ void _getdns_get_validation_chain(getdns_dns_req *dnsreq) for (chain_p = chain; chain_p; chain_p = chain_p->next) { if (chain_p->lock) chain_p->lock--; } + dnsreq->chain = chain; check_chain_complete(chain); } else { dnsreq->validating = 0; diff --git a/src/dnssec.h b/src/dnssec.h index 4237f933..b0334d52 100644 --- a/src/dnssec.h +++ b/src/dnssec.h @@ -46,6 +46,8 @@ /* Do some additional requests to fetch the complete validation chain */ void _getdns_get_validation_chain(getdns_dns_req *dns_req); +void _getdns_cancel_validation_chain(getdns_dns_req *dns_req); +void _getdns_validation_chain_timeout(getdns_dns_req *dns_req); uint16_t _getdns_parse_ta_file(time_t *ta_mtime, gldns_buffer *gbuf); diff --git a/src/extension/default_eventloop.h b/src/extension/default_eventloop.h index 7f6b78f0..7b611349 100644 --- a/src/extension/default_eventloop.h +++ b/src/extension/default_eventloop.h @@ -1,6 +1,6 @@ /* * \file default_eventloop.h - * @brief Build in default eventloop extension that uses select. + * @brief Build in default eventloop extension that uses either poll or select. * */ /* @@ -32,28 +32,13 @@ #ifndef DEFAULT_EVENTLOOP_H_ #define DEFAULT_EVENTLOOP_H_ #include "config.h" -#include "getdns/getdns.h" -#include "getdns/getdns_extra.h" - -/* No more than select's capability queries can be outstanding, - * The number of outstanding timeouts should be less or equal then - * the number of outstanding queries, so MAX_TIMEOUTS equal to - * FD_SETSIZE should be safe. - */ -#define MAX_TIMEOUTS FD_SETSIZE - -/* Eventloop based on select */ -typedef struct _getdns_default_eventloop { - getdns_eventloop loop; - getdns_eventloop_event *fd_events[FD_SETSIZE]; - uint64_t fd_timeout_times[FD_SETSIZE]; - getdns_eventloop_event *timeout_events[MAX_TIMEOUTS]; - uint64_t timeout_times[MAX_TIMEOUTS]; -} _getdns_default_eventloop; - - -void -_getdns_default_eventloop_init(_getdns_default_eventloop *loop); - +#ifdef USE_POLL_DEFAULT_EVENTLOOP +#include "extension/poll_eventloop.h" +#define _getdns_default_eventloop _getdns_poll_eventloop +#define _getdns_default_eventloop_init _getdns_poll_eventloop_init +#else +#include "extension/select_eventloop.h" +#define _getdns_default_eventloop _getdns_select_eventloop +#define _getdns_default_eventloop_init _getdns_select_eventloop_init +#endif #endif - diff --git a/src/extension/libev.c b/src/extension/libev.c index 6a8c26e9..ff36b5c2 100644 --- a/src/extension/libev.c +++ b/src/extension/libev.c @@ -97,6 +97,7 @@ static void getdns_libev_read_cb(struct ev_loop *l, struct ev_io *io, int revents) { getdns_eventloop_event *el_ev = (getdns_eventloop_event *)io->data; + (void)l; (void)revents; assert(el_ev->read_cb); el_ev->read_cb(el_ev->userarg); } @@ -105,14 +106,16 @@ static void getdns_libev_write_cb(struct ev_loop *l, struct ev_io *io, int revents) { getdns_eventloop_event *el_ev = (getdns_eventloop_event *)io->data; + (void)l; (void)revents; assert(el_ev->write_cb); el_ev->write_cb(el_ev->userarg); } static void -getdns_libev_timeout_cb(struct ev_loop *l, struct ev_timer *timer, int revent) +getdns_libev_timeout_cb(struct ev_loop *l, struct ev_timer *timer, int revents) { getdns_eventloop_event *el_ev = (getdns_eventloop_event *)timer->data; + (void)l; (void)revents; assert(el_ev->timeout_cb); el_ev->timeout_cb(el_ev->userarg); } diff --git a/src/extension/libevent.c b/src/extension/libevent.c index 800ebe8e..d096d347 100644 --- a/src/extension/libevent.c +++ b/src/extension/libevent.c @@ -95,6 +95,7 @@ static getdns_return_t getdns_libevent_clear(getdns_eventloop *loop, getdns_eventloop_event *el_ev) { struct event *my_ev = (struct event *)el_ev->ev; + (void)loop; assert(my_ev); @@ -110,6 +111,7 @@ static void getdns_libevent_callback(evutil_socket_t fd, short bits, void *arg) { getdns_eventloop_event *el_ev = (getdns_eventloop_event *)arg; + (void)fd; if (bits & EV_READ) { assert(el_ev->read_cb); diff --git a/src/extension/libuv.c b/src/extension/libuv.c index adf97835..ec9257be 100644 --- a/src/extension/libuv.c +++ b/src/extension/libuv.c @@ -104,6 +104,7 @@ getdns_libuv_clear(getdns_eventloop *loop, getdns_eventloop_event *el_ev) poll_timer *my_ev = (poll_timer *)el_ev->ev; uv_poll_t *my_poll; uv_timer_t *my_timer; + (void)loop; assert(my_ev); @@ -141,6 +142,7 @@ static void getdns_libuv_read_cb(uv_poll_t *poll, int status, int events) { getdns_eventloop_event *el_ev = (getdns_eventloop_event *)poll->data; + (void)status; (void)events; assert(el_ev->read_cb); DEBUG_UV("enter libuv_read_cb(el_ev = %p, el_ev->ev = %p)\n" , el_ev, el_ev->ev); @@ -153,6 +155,7 @@ static void getdns_libuv_write_cb(uv_poll_t *poll, int status, int events) { getdns_eventloop_event *el_ev = (getdns_eventloop_event *)poll->data; + (void)status; (void)events; assert(el_ev->write_cb); DEBUG_UV("enter libuv_write_cb(el_ev = %p, el_ev->ev = %p)\n" , el_ev, el_ev->ev); diff --git a/src/extension/poll_eventloop.c b/src/extension/poll_eventloop.c new file mode 100644 index 00000000..cb629d18 --- /dev/null +++ b/src/extension/poll_eventloop.c @@ -0,0 +1,551 @@ +/* + * Copyright (c) 2013, NLNet Labs, Verisign, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the names of the copyright holders nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL Verisign, Inc. BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" + +#ifdef HAVE_SYS_POLL_H +#include +#else +#ifndef USE_WINSOCK +#include +#endif +#endif +#ifdef HAVE_SYS_RESOURCE_H +#include +#endif +#include "extension/poll_eventloop.h" +#include "debug.h" + +enum { init_fd_events_capacity = 64 + , init_to_events_capacity = 64 }; + +static void *get_to_event(_getdns_poll_eventloop *loop, + getdns_eventloop_event *event, uint64_t timeout_time) +{ + if (loop->to_events_free == loop->to_events_capacity) { + if (loop->to_events_free) { + _getdns_poll_event *to_events = GETDNS_XREALLOC( + loop->mf, loop->to_events, _getdns_poll_event, + loop->to_events_free * 2); + if (!to_events) + return NULL; + (void) memset(&to_events[loop->to_events_free], + 0, sizeof(_getdns_poll_event) + * loop->to_events_free); + + loop->to_events_capacity = loop->to_events_free * 2; + loop->to_events = to_events; + } else { + if (!(loop->to_events = GETDNS_XMALLOC(loop->mf, + _getdns_poll_event, init_to_events_capacity))) + return NULL; + + (void) memset(loop->to_events, 0, + sizeof(_getdns_poll_event) + * init_to_events_capacity); + + loop->to_events_capacity = init_to_events_capacity; + } + } + loop->to_events[loop->to_events_free].event = event; + loop->to_events[loop->to_events_free].timeout_time = timeout_time; + loop->to_events_n_used++; + return (void *) (intptr_t) (++loop->to_events_free); +} + +static void *get_fd_event(_getdns_poll_eventloop *loop, int fd, + getdns_eventloop_event *event, uint64_t timeout_time) +{ + size_t i; + + if (loop->fd_events_free == loop->fd_events_capacity) { + if (loop->fd_events_free) { + _getdns_poll_event *fd_events = GETDNS_XREALLOC( + loop->mf, loop->fd_events, _getdns_poll_event, + loop->fd_events_free * 2); + struct pollfd *pfds = GETDNS_XREALLOC( + loop->mf, loop->pfds, struct pollfd, + loop->fd_events_free * 2); + + if (!fd_events || !pfds) { + if (fd_events) + GETDNS_FREE(loop->mf, fd_events); + if (pfds) + GETDNS_FREE(loop->mf, pfds); + return NULL; + } + (void) memset(&fd_events[loop->fd_events_free], + 0, sizeof(_getdns_poll_event) + * loop->fd_events_free); + for ( i = loop->fd_events_free + ; i < loop->fd_events_free * 2 + ; i++) { + pfds[i].fd = -1; + pfds[i].events = 0; + pfds[i].revents = 0; + } + loop->fd_events_capacity = loop->fd_events_free * 2; + loop->fd_events = fd_events; + loop->pfds = pfds; + } else { + if (!(loop->fd_events = GETDNS_XMALLOC(loop->mf, + _getdns_poll_event, init_fd_events_capacity)) || + !(loop->pfds = GETDNS_XMALLOC(loop->mf, + struct pollfd, init_fd_events_capacity))) { + GETDNS_NULL_FREE(loop->mf, loop->fd_events); + return NULL; + } + (void) memset(loop->fd_events, 0, + sizeof(_getdns_poll_event) + * init_fd_events_capacity); + for (i = 0; i < init_fd_events_capacity; i++) { + loop->pfds[i].fd = -1; + loop->pfds[i].events = 0; + loop->pfds[i].revents = 0; + } + loop->fd_events_capacity = init_fd_events_capacity; + } + } + loop->pfds[loop->fd_events_free].fd = fd; + loop->pfds[loop->fd_events_free].events = 0; + if (event->read_cb) + loop->pfds[loop->fd_events_free].events |= POLLIN; + if (event->write_cb) + loop->pfds[loop->fd_events_free].events |= POLLOUT; + loop->fd_events[loop->fd_events_free].event = event; + loop->fd_events[loop->fd_events_free].timeout_time = timeout_time; + loop->fd_events_n_used++; + return (void *) (intptr_t) (++loop->fd_events_free); +} + +static uint64_t get_now_plus(uint64_t amount) +{ + struct timeval tv; + uint64_t now; + + if (gettimeofday(&tv, NULL)) { + perror("gettimeofday() failed"); + exit(EXIT_FAILURE); + } + now = tv.tv_sec * 1000000 + tv.tv_usec; + + return (now + amount * 1000) >= now + ? now + amount * 1000 : TIMEOUT_FOREVER; +} + +static getdns_return_t +poll_eventloop_schedule(getdns_eventloop *loop, + int fd, uint64_t timeout, getdns_eventloop_event *event) +{ + _getdns_poll_eventloop *poll_loop = (_getdns_poll_eventloop *)loop; + + DEBUG_SCHED( "%s(loop: %p, fd: %d, timeout: %"PRIu64", event: %p)\n" + , __FUNC__, (void *)loop, fd, timeout, (void *)event); + + if (!loop || !event) + return GETDNS_RETURN_INVALID_PARAMETER; + + if (fd >= 0 && !(event->read_cb || event->write_cb)) { + DEBUG_SCHED("WARNING: fd event without " + "read or write cb!\n"); + fd = -1; + } + if (fd >= 0) { + if (!(event->ev = get_fd_event( + poll_loop, fd, event, get_now_plus(timeout)))) { + DEBUG_SCHED("ERROR: scheduled read/write slots!\n"); + return GETDNS_RETURN_GENERIC_ERROR; + } + DEBUG_SCHED( "scheduled read/write at for %d at %p\n" + , fd, (void *)event->ev); + return GETDNS_RETURN_GOOD; + } + if (!event->timeout_cb) { + DEBUG_SCHED("ERROR: fd < 0 without timeout_cb!\n"); + return GETDNS_RETURN_GENERIC_ERROR; + } + if (event->read_cb) { + DEBUG_SCHED("ERROR: timeout event with read_cb! Clearing.\n"); + event->read_cb = NULL; + } + if (event->write_cb) { + DEBUG_SCHED("ERROR: timeout event with write_cb! Clearing.\n"); + event->write_cb = NULL; + } + if (!(event->ev = get_to_event(poll_loop, event, get_now_plus(timeout)))) { + DEBUG_SCHED("ERROR: Out of timeout slots!\n"); + return GETDNS_RETURN_GENERIC_ERROR; + } + DEBUG_SCHED("scheduled timeout at slot %p\n", (void *)event->ev); + return GETDNS_RETURN_GOOD; +} + +static getdns_return_t +poll_eventloop_clear(getdns_eventloop *loop, getdns_eventloop_event *event) +{ + _getdns_poll_eventloop *poll_loop = (_getdns_poll_eventloop *)loop; + + if (!loop || !event) + return GETDNS_RETURN_INVALID_PARAMETER; + + DEBUG_SCHED( "%s(loop: %p, event: %p)\n", __FUNC__, (void *)loop, (void *)event); + + if (!event->ev) + return GETDNS_RETURN_GOOD; + + else if (event->timeout_cb && !event->read_cb && !event->write_cb) { + size_t i = ((size_t) (intptr_t) event->ev) - 1; + + /* This may happen with full recursive synchronous requests + * with the unbound pluggable event API, because the default + * poll_eventloop is temporarily replaced by a poll_eventloop + * used only in synchronous calls. When the synchronous request + * had an answer, the poll_eventloop for the synchronous is + * cleaned, however it could still have outstanding events. + */ + if (i >= poll_loop->to_events_capacity || + poll_loop->to_events[i].event != event) { + event->ev = NULL; + DEBUG_SCHED( "ERROR: Event mismatch %p\n", (void *)event->ev); + return GETDNS_RETURN_GENERIC_ERROR; + } + poll_loop->to_events[i].event = NULL; + if (--poll_loop->to_events_n_used == 0) { + poll_loop->to_events_free = 0; + } + DEBUG_SCHED( "cleared timeout at slot %p\n", (void *)event->ev); + } else { + size_t i = ((size_t) (intptr_t) event->ev) - 1; + + /* This may happen with full recursive synchronous requests + * with the unbound pluggable event API, because the default + * poll_eventloop is temporarily replaced by a poll_eventloop + * used only in synchronous calls. When the synchronous request + * had an answer, the poll_eventloop for the synchronous is + * cleaned, however it could still have outstanding events. + */ + if (i >= poll_loop->fd_events_capacity || + poll_loop->fd_events[i].event != event) { + event->ev = NULL; + DEBUG_SCHED( "ERROR: Event mismatch %p\n", (void *)event->ev); + return GETDNS_RETURN_GENERIC_ERROR; + } + poll_loop->fd_events[i].event = NULL; + if (--poll_loop->fd_events_n_used == 0) { + poll_loop->fd_events_free = 0; + } + DEBUG_SCHED( "cleared read/write for %d at slot %p\n" + , poll_loop->pfds[i].fd, (void *)event->ev); + poll_loop->pfds[i].fd = -1; /* Not necessary, but to be sure */ + } + event->ev = NULL; + return GETDNS_RETURN_GOOD; +} + +static void +poll_eventloop_cleanup(getdns_eventloop *loop) +{ + _getdns_poll_eventloop *poll_loop = (_getdns_poll_eventloop *)loop; + struct mem_funcs *mf = &poll_loop->mf; + + GETDNS_NULL_FREE(*mf, poll_loop->pfds); + if (poll_loop->fd_events) { + GETDNS_FREE(*mf, poll_loop->fd_events); + poll_loop->fd_events = NULL; + poll_loop->fd_events_capacity = 0; + poll_loop->fd_events_free = 0; + poll_loop->fd_events_n_used = 0; + } + if (poll_loop->to_events) { + GETDNS_FREE(*mf, poll_loop->to_events); + poll_loop->to_events = NULL; + poll_loop->to_events_capacity = 0; + poll_loop->to_events_free = 0; + poll_loop->to_events_n_used = 0; + } +} + +static void +poll_read_cb(int fd, getdns_eventloop_event *event) +{ +#if !defined(SCHED_DEBUG) || !SCHED_DEBUG + (void)fd; +#endif + DEBUG_SCHED( "%s(fd: %d, event: %p)\n", __FUNC__, fd, (void *)event); + event->read_cb(event->userarg); +} + +static void +poll_write_cb(int fd, getdns_eventloop_event *event) +{ +#if !defined(SCHED_DEBUG) || !SCHED_DEBUG + (void)fd; +#endif + DEBUG_SCHED( "%s(fd: %d, event: %p)\n", __FUNC__, fd, (void *)event); + event->write_cb(event->userarg); +} + +static void +poll_timeout_cb(getdns_eventloop_event *event) +{ + DEBUG_SCHED( "%s(event: %p)\n", __FUNC__, (void *)event); + event->timeout_cb(event->userarg); +} + +static void +poll_eventloop_run_once(getdns_eventloop *loop, int blocking) +{ + _getdns_poll_eventloop *poll_loop = (_getdns_poll_eventloop *)loop; + uint64_t now, timeout = TIMEOUT_FOREVER; + size_t i = 0, j; + int poll_timeout = 0; + + if (!loop) + return; + + now = get_now_plus(0); + + for (i = 0, j = 0; i < poll_loop->to_events_free; i++, j++) { + while (poll_loop->to_events[i].event == NULL) { + if (++i == poll_loop->to_events_free) { + poll_loop->to_events_free = j; + break; + } + } + if (j < i) { + if (j >= poll_loop->to_events_free) + break; + poll_loop->to_events[j] = poll_loop->to_events[i]; + poll_loop->to_events[i].event = NULL; + poll_loop->to_events[j].event->ev = + (void *) (intptr_t) (j + 1); + } + if (poll_loop->to_events[j].timeout_time < now) + poll_timeout_cb(poll_loop->to_events[j].event); + } + for (i = 0, j = 0; i < poll_loop->to_events_free; i++, j++) { + while (poll_loop->to_events[i].event == NULL) { + if (++i == poll_loop->to_events_free) { + poll_loop->to_events_free = j; + break; + } + } + if (j < i) { + if (j >= poll_loop->to_events_free) + break; + poll_loop->to_events[j] = poll_loop->to_events[i]; + poll_loop->to_events[i].event = NULL; + poll_loop->to_events[j].event->ev = + (void *) (intptr_t) (j + 1); + } + if (poll_loop->to_events[j].timeout_time < timeout) + timeout = poll_loop->to_events[j].timeout_time; + } + if ((timeout == TIMEOUT_FOREVER) && (poll_loop->fd_events_free == 0)) + return; + + for (i = 0, j = 0; i < poll_loop->fd_events_free; i++, j++) { + while (poll_loop->fd_events[i].event == NULL) { + if (++i == poll_loop->fd_events_free) { + poll_loop->fd_events_free = j; + break; + } + } + if (j < i) { + if (j >= poll_loop->fd_events_free) + break; + poll_loop->fd_events[j] = poll_loop->fd_events[i]; + poll_loop->fd_events[i].event = NULL; + poll_loop->fd_events[j].event->ev = + (void *) (intptr_t) (j + 1); + poll_loop->pfds[j] = poll_loop->pfds[i]; + poll_loop->pfds[i].fd = -1; + } + if (poll_loop->fd_events[j].timeout_time < timeout) + timeout = poll_loop->fd_events[j].timeout_time; + } + + if (timeout == TIMEOUT_FOREVER) { + poll_timeout = -1; + + } else if (! blocking || now > timeout) { + poll_timeout = 0; + } else { + /* turn microseconds into milliseconds */ + poll_timeout = (timeout - now) / 1000; + } + DEBUG_SCHED( "poll(fd_free: %d, fd_used: %d, to_free: %d, to_used: %d, timeout: %d)\n" + , (int)poll_loop->fd_events_free, (int)poll_loop->fd_events_n_used + , (int)poll_loop->to_events_free, (int)poll_loop->to_events_n_used + , poll_timeout + ); +#ifdef USE_WINSOCK + if (poll_loop->fd_events_free == 0) + { + Sleep(poll_timeout); + } else + if (WSAPoll(poll_loop->pfds, poll_loop->fd_events_free, poll_timeout) < 0) { +#else + if (poll(poll_loop->pfds, poll_loop->fd_events_free, poll_timeout) < 0) { +#endif + perror("poll() failed"); + exit(EXIT_FAILURE); + } + now = get_now_plus(0); + + for (i = 0, j = 0; i < poll_loop->fd_events_free; i++, j++) { + while (poll_loop->fd_events[i].event == NULL) { + if (++i == poll_loop->fd_events_free) { + poll_loop->fd_events_free = j; + break; + } + } + if (j < i) { + if (j >= poll_loop->fd_events_free) + break; + poll_loop->fd_events[j] = poll_loop->fd_events[i]; + poll_loop->fd_events[i].event = NULL; + poll_loop->fd_events[j].event->ev = + (void *) (intptr_t) (j + 1); + poll_loop->pfds[j] = poll_loop->pfds[i]; + poll_loop->pfds[i].fd = -1; + } + if (poll_loop->fd_events[j].event->write_cb && + poll_loop->pfds[j].revents & POLLOUT) + poll_write_cb( poll_loop->pfds[j].fd + , poll_loop->fd_events[j].event); + + if (poll_loop->fd_events[j].event && + poll_loop->fd_events[j].event->read_cb && + poll_loop->pfds[j].revents & POLLIN) + poll_read_cb( poll_loop->pfds[j].fd + , poll_loop->fd_events[j].event); + } + for (i = 0, j = 0; i < poll_loop->fd_events_free; i++, j++) { + while (poll_loop->fd_events[i].event == NULL) { + if (++i == poll_loop->fd_events_free) { + poll_loop->fd_events_free = j; + break; + } + } + if (j < i) { + if (j >= poll_loop->fd_events_free) + break; + poll_loop->fd_events[j] = poll_loop->fd_events[i]; + poll_loop->fd_events[i].event = NULL; + poll_loop->fd_events[j].event->ev = + (void *) (intptr_t) (j + 1); + poll_loop->pfds[j] = poll_loop->pfds[i]; + poll_loop->pfds[i].fd = -1; + } + if (poll_loop->fd_events[j].timeout_time < now) + poll_timeout_cb(poll_loop->fd_events[j].event); + } + + for (i = 0, j = 0; i < poll_loop->to_events_free; i++, j++) { + while (poll_loop->to_events[i].event == NULL) { + if (++i == poll_loop->to_events_free) { + poll_loop->to_events_free = j; + break; + } + } + if (j < i) { + if (j >= poll_loop->to_events_free) + break; + poll_loop->to_events[j] = poll_loop->to_events[i]; + poll_loop->to_events[i].event = NULL; + poll_loop->to_events[j].event->ev = + (void *) (intptr_t) (j + 1); + } + if (poll_loop->to_events[j].timeout_time < now) + poll_timeout_cb(poll_loop->to_events[j].event); + } +} + +static void +poll_eventloop_run(getdns_eventloop *loop) +{ + _getdns_poll_eventloop *poll_loop = (_getdns_poll_eventloop *)loop; + + if (!loop) + return; + + /* keep going until all the events are cleared */ + while (poll_loop->fd_events_n_used || poll_loop->to_events_n_used) { + poll_eventloop_run_once(loop, 1); + } +} + +void +_getdns_poll_eventloop_init(struct mem_funcs *mf, _getdns_poll_eventloop *loop) +{ + static getdns_eventloop_vmt poll_eventloop_vmt = { + poll_eventloop_cleanup, + poll_eventloop_schedule, + poll_eventloop_clear, + poll_eventloop_run, + poll_eventloop_run_once + }; + + loop->loop.vmt = &poll_eventloop_vmt; + loop->mf = *mf; + + loop->to_events_capacity = init_to_events_capacity; + if ((loop->to_events = GETDNS_XMALLOC( + *mf, _getdns_poll_event, init_to_events_capacity))) + (void) memset(loop->to_events, 0, + sizeof(_getdns_poll_event) * init_to_events_capacity); + else + loop->to_events_capacity = 0; + loop->to_events_free = 0; + loop->to_events_n_used = 0; + + loop->fd_events_capacity = init_fd_events_capacity; + if ((loop->fd_events = GETDNS_XMALLOC( + *mf, _getdns_poll_event, init_fd_events_capacity)) && + (loop->pfds = GETDNS_XMALLOC( + *mf, struct pollfd, init_fd_events_capacity))) { + size_t i; + + (void) memset(loop->fd_events, 0, + sizeof(_getdns_poll_event) * init_fd_events_capacity); + for (i = 0; i < init_fd_events_capacity; i++) { + loop->pfds[i].fd = -1; + loop->pfds[i].events = 0; + loop->pfds[i].revents = 0; + } + } else { + loop->fd_events_capacity = 0; + if (loop->fd_events) { + GETDNS_FREE(*mf, loop->fd_events); + loop->fd_events = NULL; + } + } + loop->fd_events_free = 0; + loop->fd_events_n_used = 0; +} + diff --git a/src/extension/poll_eventloop.h b/src/extension/poll_eventloop.h new file mode 100644 index 00000000..e4e4bb7e --- /dev/null +++ b/src/extension/poll_eventloop.h @@ -0,0 +1,66 @@ +/* + * \file poll_eventloop.h + * @brief Build in default eventloop extension that uses select. + * + */ +/* + * Copyright (c) 2013, NLNet Labs, Verisign, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the names of the copyright holders nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL Verisign, Inc. BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef POLL_EVENTLOOP_H_ +#define POLL_EVENTLOOP_H_ +#include "config.h" +#include "getdns/getdns.h" +#include "getdns/getdns_extra.h" +#include "types-internal.h" + +/* Eventloop based on poll */ + +typedef struct _getdns_poll_event { + getdns_eventloop_event *event; + uint64_t timeout_time; +} _getdns_poll_event; + +typedef struct _getdns_poll_eventloop { + getdns_eventloop loop; + struct mem_funcs mf; + + struct pollfd *pfds; + size_t fd_events_capacity; + _getdns_poll_event *fd_events; + size_t fd_events_free; + size_t fd_events_n_used; + + size_t to_events_capacity; + _getdns_poll_event *to_events; + size_t to_events_free; + size_t to_events_n_used; +} _getdns_poll_eventloop; + +void +_getdns_poll_eventloop_init(struct mem_funcs *mf, _getdns_poll_eventloop *loop); + +#endif + diff --git a/src/extension/default_eventloop.c b/src/extension/select_eventloop.c similarity index 52% rename from src/extension/default_eventloop.c rename to src/extension/select_eventloop.c index 10efff59..47769afd 100644 --- a/src/extension/default_eventloop.c +++ b/src/extension/select_eventloop.c @@ -25,32 +25,36 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "extension/default_eventloop.h" +#include "config.h" + +#include "extension/select_eventloop.h" #include "debug.h" +#include "types-internal.h" static uint64_t get_now_plus(uint64_t amount) { struct timeval tv; uint64_t now; - + if (gettimeofday(&tv, NULL)) { perror("gettimeofday() failed"); exit(EXIT_FAILURE); } now = tv.tv_sec * 1000000 + tv.tv_usec; - return (now + amount * 1000) >= now ? now + amount * 1000 : -1; + return (now + amount * 1000) >= now + ? now + amount * 1000 : TIMEOUT_FOREVER; } static getdns_return_t -default_eventloop_schedule(getdns_eventloop *loop, +select_eventloop_schedule(getdns_eventloop *loop, int fd, uint64_t timeout, getdns_eventloop_event *event) { - _getdns_default_eventloop *default_loop = (_getdns_default_eventloop *)loop; + _getdns_select_eventloop *select_loop = (_getdns_select_eventloop *)loop; size_t i; DEBUG_SCHED( "%s(loop: %p, fd: %d, timeout: %"PRIu64", event: %p, FD_SETSIZE: %d)\n" - , __FUNCTION__, loop, fd, timeout, event, FD_SETSIZE); + , __FUNC__, (void *)loop, fd, timeout, (void *)event, FD_SETSIZE); if (!loop || !event) return GETDNS_RETURN_INVALID_PARAMETER; @@ -67,22 +71,21 @@ default_eventloop_schedule(getdns_eventloop *loop, } if (fd >= 0) { #if defined(SCHED_DEBUG) && SCHED_DEBUG - if (default_loop->fd_events[fd]) { - if (default_loop->fd_events[fd] == event) { + if (select_loop->fd_events[fd]) { + if (select_loop->fd_events[fd] == event) { DEBUG_SCHED("WARNING: Event %p not cleared " "before being rescheduled!\n" - , default_loop->fd_events[fd]); + , (void *)select_loop->fd_events[fd]); } else { DEBUG_SCHED("ERROR: A different event is " "already present at fd slot: %p!\n" - , default_loop->fd_events[fd]); + , (void *)select_loop->fd_events[fd]); } } #endif - default_loop->fd_events[fd] = event; - default_loop->fd_timeout_times[fd] = get_now_plus(timeout); - event->ev = (void *) (intptr_t) fd + 1; - + select_loop->fd_events[fd] = event; + select_loop->fd_timeout_times[fd] = get_now_plus(timeout); + event->ev = (void *)(intptr_t)(fd + 1); DEBUG_SCHED( "scheduled read/write at %d\n", fd); return GETDNS_RETURN_GOOD; } @@ -99,11 +102,10 @@ default_eventloop_schedule(getdns_eventloop *loop, event->write_cb = NULL; } for (i = 0; i < MAX_TIMEOUTS; i++) { - if (default_loop->timeout_events[i] == NULL) { - default_loop->timeout_events[i] = event; - default_loop->timeout_times[i] = get_now_plus(timeout); - event->ev = (void *) (intptr_t) i + 1; - + if (select_loop->timeout_events[i] == NULL) { + select_loop->timeout_events[i] = event; + select_loop->timeout_times[i] = get_now_plus(timeout); + event->ev = (void *)(intptr_t)(i + 1); DEBUG_SCHED( "scheduled timeout at %d\n", (int)i); return GETDNS_RETURN_GOOD; } @@ -113,75 +115,85 @@ default_eventloop_schedule(getdns_eventloop *loop, } static getdns_return_t -default_eventloop_clear(getdns_eventloop *loop, getdns_eventloop_event *event) +select_eventloop_clear(getdns_eventloop *loop, getdns_eventloop_event *event) { - _getdns_default_eventloop *default_loop = (_getdns_default_eventloop *)loop; + _getdns_select_eventloop *select_loop = (_getdns_select_eventloop *)loop; ssize_t i; if (!loop || !event) return GETDNS_RETURN_INVALID_PARAMETER; - DEBUG_SCHED( "%s(loop: %p, event: %p)\n", __FUNCTION__, loop, event); + DEBUG_SCHED( "%s(loop: %p, event: %p)\n", __FUNC__, (void *)loop, (void *)event); i = (intptr_t)event->ev - 1; - if (i < 0 || i > FD_SETSIZE) { + if (i < 0 || i >= FD_SETSIZE) { return GETDNS_RETURN_GENERIC_ERROR; } if (event->timeout_cb && !event->read_cb && !event->write_cb) { #if defined(SCHED_DEBUG) && SCHED_DEBUG - if (default_loop->timeout_events[i] != event) + if (select_loop->timeout_events[i] != event) DEBUG_SCHED( "ERROR: Different/wrong event present at " "timeout slot: %p!\n" - , default_loop->timeout_events[i]); + , (void *)select_loop->timeout_events[i]); #endif - default_loop->timeout_events[i] = NULL; + select_loop->timeout_events[i] = NULL; } else { #if defined(SCHED_DEBUG) && SCHED_DEBUG - if (default_loop->fd_events[i] != event) + if (select_loop->fd_events[i] != event) DEBUG_SCHED( "ERROR: Different/wrong event present at " "fd slot: %p!\n" - , default_loop->fd_events[i]); + , (void *)select_loop->fd_events[i]); #endif - default_loop->fd_events[i] = NULL; + select_loop->fd_events[i] = NULL; } event->ev = NULL; return GETDNS_RETURN_GOOD; } static void -default_eventloop_cleanup(getdns_eventloop *loop) +select_eventloop_cleanup(getdns_eventloop *loop) { + (void)loop; } static void -default_read_cb(int fd, getdns_eventloop_event *event) +select_read_cb(int fd, getdns_eventloop_event *event) { - DEBUG_SCHED( "%s(fd: %d, event: %p)\n", __FUNCTION__, fd, event); +#if !defined(SCHED_DEBUG) || !SCHED_DEBUG + (void)fd; +#endif + DEBUG_SCHED( "%s(fd: %d, event: %p)\n", __FUNC__, fd, (void *)event); event->read_cb(event->userarg); } static void -default_write_cb(int fd, getdns_eventloop_event *event) +select_write_cb(int fd, getdns_eventloop_event *event) { - DEBUG_SCHED( "%s(fd: %d, event: %p)\n", __FUNCTION__, fd, event); +#if !defined(SCHED_DEBUG) || !SCHED_DEBUG + (void)fd; +#endif + DEBUG_SCHED( "%s(fd: %d, event: %p)\n", __FUNC__, fd, (void *)event); event->write_cb(event->userarg); } static void -default_timeout_cb(int fd, getdns_eventloop_event *event) +select_timeout_cb(int fd, getdns_eventloop_event *event) { - DEBUG_SCHED( "%s(fd: %d, event: %p)\n", __FUNCTION__, fd, event); +#if !defined(SCHED_DEBUG) || !SCHED_DEBUG + (void)fd; +#endif + DEBUG_SCHED( "%s(fd: %d, event: %p)\n", __FUNC__, fd, (void *)event); event->timeout_cb(event->userarg); } static void -default_eventloop_run_once(getdns_eventloop *loop, int blocking) +select_eventloop_run_once(getdns_eventloop *loop, int blocking) { - _getdns_default_eventloop *default_loop = (_getdns_default_eventloop *)loop; + _getdns_select_eventloop *select_loop = (_getdns_select_eventloop *)loop; fd_set readfds, writefds; int fd, max_fd = -1; - uint64_t now, timeout = (uint64_t)-1; + uint64_t now, timeout = TIMEOUT_FOREVER; size_t i; struct timeval tv; @@ -193,69 +205,79 @@ default_eventloop_run_once(getdns_eventloop *loop, int blocking) now = get_now_plus(0); for (i = 0; i < MAX_TIMEOUTS; i++) { - if (!default_loop->timeout_events[i]) + if (!select_loop->timeout_events[i]) continue; - if (now > default_loop->timeout_times[i]) - default_timeout_cb(-1, default_loop->timeout_events[i]); - else if (default_loop->timeout_times[i] < timeout) - timeout = default_loop->timeout_times[i]; + if (now > select_loop->timeout_times[i]) + select_timeout_cb(-1, select_loop->timeout_events[i]); + else if (select_loop->timeout_times[i] < timeout) + timeout = select_loop->timeout_times[i]; } - for (fd = 0; fd < FD_SETSIZE; fd++) { - if (!default_loop->fd_events[fd]) + for (fd = 0; fd < (int)FD_SETSIZE; fd++) { + if (!select_loop->fd_events[fd]) continue; - if (default_loop->fd_events[fd]->read_cb) + if (select_loop->fd_events[fd]->read_cb) FD_SET(fd, &readfds); - if (default_loop->fd_events[fd]->write_cb) + if (select_loop->fd_events[fd]->write_cb) FD_SET(fd, &writefds); if (fd > max_fd) max_fd = fd; - if (default_loop->fd_timeout_times[fd] < timeout) - timeout = default_loop->fd_timeout_times[fd]; + if (select_loop->fd_timeout_times[fd] < timeout) + timeout = select_loop->fd_timeout_times[fd]; } - if (max_fd == -1 && timeout == (uint64_t)-1) + if (max_fd == -1 && timeout == TIMEOUT_FOREVER) return; if (! blocking || now > timeout) { tv.tv_sec = 0; tv.tv_usec = 0; } else { - tv.tv_sec = (timeout - now) / 1000000; - tv.tv_usec = (timeout - now) % 1000000; + tv.tv_sec = (long)((timeout - now) / 1000000); + tv.tv_usec = (long)((timeout - now) % 1000000); } +#ifdef USE_WINSOCK + if (max_fd == -1) + { + if (timeout != TIMEOUT_FOREVER) + { + uint32_t timeout_ms = (tv.tv_usec / 1000) + (tv.tv_sec * 1000); + Sleep(timeout_ms); + } + } else +#endif if (select(max_fd + 1, &readfds, &writefds, NULL, - (timeout == ((uint64_t)-1) ? NULL : &tv)) < 0) { + (timeout == TIMEOUT_FOREVER ? NULL : &tv)) < 0) { perror("select() failed"); exit(EXIT_FAILURE); } now = get_now_plus(0); - for (fd = 0; fd < FD_SETSIZE; fd++) { - if (default_loop->fd_events[fd] && - default_loop->fd_events[fd]->read_cb && + for (fd = 0; fd < (int)FD_SETSIZE; fd++) { + if (select_loop->fd_events[fd] && + select_loop->fd_events[fd]->read_cb && FD_ISSET(fd, &readfds)) - default_read_cb(fd, default_loop->fd_events[fd]); + select_read_cb(fd, select_loop->fd_events[fd]); - if (default_loop->fd_events[fd] && - default_loop->fd_events[fd]->write_cb && + if (select_loop->fd_events[fd] && + select_loop->fd_events[fd]->write_cb && FD_ISSET(fd, &writefds)) - default_write_cb(fd, default_loop->fd_events[fd]); + select_write_cb(fd, select_loop->fd_events[fd]); - if (default_loop->fd_events[fd] && - default_loop->fd_events[fd]->timeout_cb && - now > default_loop->fd_timeout_times[fd]) - default_timeout_cb(fd, default_loop->fd_events[fd]); + if (select_loop->fd_events[fd] && + select_loop->fd_events[fd]->timeout_cb && + now > select_loop->fd_timeout_times[fd]) + select_timeout_cb(fd, select_loop->fd_events[fd]); i = fd; - if (default_loop->timeout_events[i] && - default_loop->timeout_events[i]->timeout_cb && - now > default_loop->timeout_times[i]) - default_timeout_cb(-1, default_loop->timeout_events[i]); + if (select_loop->timeout_events[i] && + select_loop->timeout_events[i]->timeout_cb && + now > select_loop->timeout_times[i]) + select_timeout_cb(-1, select_loop->timeout_events[i]); } } static void -default_eventloop_run(getdns_eventloop *loop) +select_eventloop_run(getdns_eventloop *loop) { - _getdns_default_eventloop *default_loop = (_getdns_default_eventloop *)loop; + _getdns_select_eventloop *select_loop = (_getdns_select_eventloop *)loop; size_t i; if (!loop) @@ -263,8 +285,8 @@ default_eventloop_run(getdns_eventloop *loop) i = 0; while (i < MAX_TIMEOUTS) { - if (default_loop->fd_events[i] || default_loop->timeout_events[i]) { - default_eventloop_run_once(loop, 1); + if (select_loop->fd_events[i] || select_loop->timeout_events[i]) { + select_eventloop_run_once(loop, 1); i = 0; } else { i++; @@ -273,16 +295,16 @@ default_eventloop_run(getdns_eventloop *loop) } void -_getdns_default_eventloop_init(_getdns_default_eventloop *loop) +_getdns_select_eventloop_init(struct mem_funcs *mf, _getdns_select_eventloop *loop) { - static getdns_eventloop_vmt default_eventloop_vmt = { - default_eventloop_cleanup, - default_eventloop_schedule, - default_eventloop_clear, - default_eventloop_run, - default_eventloop_run_once + static getdns_eventloop_vmt select_eventloop_vmt = { + select_eventloop_cleanup, + select_eventloop_schedule, + select_eventloop_clear, + select_eventloop_run, + select_eventloop_run_once }; - - (void) memset(loop, 0, sizeof(_getdns_default_eventloop)); - loop->loop.vmt = &default_eventloop_vmt; + (void) mf; + (void) memset(loop, 0, sizeof(_getdns_select_eventloop)); + loop->loop.vmt = &select_eventloop_vmt; } diff --git a/src/extension/select_eventloop.h b/src/extension/select_eventloop.h new file mode 100644 index 00000000..e830a2ac --- /dev/null +++ b/src/extension/select_eventloop.h @@ -0,0 +1,58 @@ +/* + * \file select_eventloop.h + * @brief Build in default eventloop extension that uses select. + * + */ +/* + * Copyright (c) 2013, NLNet Labs, Verisign, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the names of the copyright holders nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL Verisign, Inc. BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef SELECT_EVENTLOOP_H_ +#define SELECT_EVENTLOOP_H_ +#include "config.h" +#include "getdns/getdns.h" +#include "getdns/getdns_extra.h" + +/* No more than select's capability queries can be outstanding, + * The number of outstanding timeouts should be less or equal then + * the number of outstanding queries, so MAX_TIMEOUTS equal to + * FD_SETSIZE should be safe. + */ +#define MAX_TIMEOUTS FD_SETSIZE + +/* Eventloop based on select */ +typedef struct _getdns_select_eventloop { + getdns_eventloop loop; + getdns_eventloop_event *fd_events[FD_SETSIZE]; + uint64_t fd_timeout_times[FD_SETSIZE]; + getdns_eventloop_event *timeout_events[MAX_TIMEOUTS]; + uint64_t timeout_times[MAX_TIMEOUTS]; +} _getdns_select_eventloop; + + +void +_getdns_select_eventloop_init(struct mem_funcs *mf, _getdns_select_eventloop *loop); + +#endif diff --git a/src/general.c b/src/general.c index 882a0ba2..0a1428c2 100644 --- a/src/general.c +++ b/src/general.c @@ -52,32 +52,23 @@ #include "dnssec.h" #include "stub.h" #include "dict.h" +#include "mdns.h" +#include "debug.h" -/* cancel, cleanup and send timeout to callback */ -static void -ub_resolve_timeout(void *arg) +void _getdns_call_user_callback(getdns_dns_req *dnsreq, getdns_dict *response) { - getdns_dns_req *dns_req = (getdns_dns_req *) arg; - (void) _getdns_context_request_timed_out(dns_req); -} + _getdns_context_clear_outbound_request(dnsreq); -void _getdns_call_user_callback(getdns_dns_req *dns_req, - struct getdns_dict *response) -{ - struct getdns_context *context = dns_req->context; - getdns_transaction_t trans_id = dns_req->trans_id; - getdns_callback_t cb = dns_req->user_callback; - void *user_arg = dns_req->user_pointer; - - /* clean up */ - _getdns_context_clear_outbound_request(dns_req); - _getdns_dns_req_free(dns_req); - - context->processing = 1; - cb(context, - (response ? GETDNS_CALLBACK_COMPLETE : GETDNS_CALLBACK_ERROR), - response, user_arg, trans_id); - context->processing = 0; + if (dnsreq->user_callback) { + dnsreq->context->processing = 1; + dnsreq->user_callback(dnsreq->context, + ( ! response ? GETDNS_CALLBACK_ERROR + : dnsreq->request_timed_out ? GETDNS_CALLBACK_TIMEOUT + : GETDNS_CALLBACK_COMPLETE ), + response, dnsreq->user_pointer, dnsreq->trans_id); + dnsreq->context->processing = 0; + } + _getdns_dns_req_free(dnsreq); } static int @@ -101,17 +92,28 @@ void _getdns_check_dns_req_complete(getdns_dns_req *dns_req) { getdns_network_req **netreq_p, *netreq; - int results_found = 0, r; + int results_found = 0, timed_out = 1, r; + uint64_t now_ms = 0; for (netreq_p = dns_req->netreqs; (netreq = *netreq_p); netreq_p++) if (!_getdns_netreq_finished(netreq)) return; - else if (netreq->response_len > 0) - results_found = 1; + else { + if (netreq->state != NET_REQ_TIMED_OUT) + timed_out = 0; + if (netreq->response_len > 0) + results_found = 1; + } + + if (timed_out) { + _getdns_context_request_timed_out(dns_req); + return; + } /* Do we have to check more suffixes on nxdomain/nodata? */ - if (dns_req->suffix_appended && /* Something was appended */ + if (dns_req->is_dns_request && + dns_req->suffix_appended && /* Something was appended */ dns_req->suffix_len > 1 && /* Next suffix available */ no_answer(dns_req)) { /* Remove suffix from name */ @@ -137,16 +139,17 @@ _getdns_check_dns_req_complete(getdns_dns_req *dns_req) ; (netreq = *netreq_p) ; netreq_p++ ) { _getdns_netreq_reinit(netreq); - if ((r = _getdns_submit_netreq(netreq))) { + if ((r = _getdns_submit_netreq(netreq, &now_ms))) { if (r == DNS_REQ_FINISHED) return; - netreq->state = NET_REQ_FINISHED; + _getdns_netreq_change_state(netreq, NET_REQ_ERRORED); } } _getdns_check_dns_req_complete(dns_req); return; } } else if ( + dns_req->is_dns_request && ( dns_req->append_name == GETDNS_APPEND_NAME_ONLY_TO_SINGLE_LABEL_AFTER_FAILURE || dns_req->append_name == @@ -175,21 +178,32 @@ _getdns_check_dns_req_complete(getdns_dns_req *dns_req) ; (netreq = *netreq_p) ; netreq_p++ ) { _getdns_netreq_reinit(netreq); - if ((r = _getdns_submit_netreq(netreq))) { + if ((r = _getdns_submit_netreq(netreq, &now_ms))) { if (r == DNS_REQ_FINISHED) return; - netreq->state = NET_REQ_FINISHED; + _getdns_netreq_change_state(netreq, NET_REQ_ERRORED); } } _getdns_check_dns_req_complete(dns_req); return; } } +#if defined(REQ_DEBUG) && REQ_DEBUG if (dns_req->internal_cb) + debug_req("CB Internal", *dns_req->netreqs); + else if (results_found) + debug_req("CB Complete", *dns_req->netreqs); + else + debug_req("CB Error ", *dns_req->netreqs); +#endif + if (dns_req->internal_cb) { + _getdns_context_clear_outbound_request(dns_req); dns_req->internal_cb(dns_req); - else if (! results_found) + } else if (! results_found) _getdns_call_user_callback(dns_req, NULL); - else if (dns_req->dnssec_return_validation_chain + else if ( + dns_req->is_dns_request && + (dns_req->dnssec_return_validation_chain #ifdef DNSSEC_ROADBLOCK_AVOIDANCE || ( dns_req->dnssec_roadblock_avoidance && !dns_req->avoid_dnssec_roadblocks) @@ -202,9 +216,20 @@ _getdns_check_dns_req_complete(getdns_dns_req *dns_req) dns_req->dnssec_return_all_statuses )) #endif - ) + )) { + /* Reschedule timeout for this DNS request + */ + if (dns_req->timeout.timeout_cb && dns_req->timeout.ev) + GETDNS_CLEAR_EVENT(dns_req->loop, &dns_req->timeout); + + GETDNS_SCHEDULE_EVENT(dns_req->loop, -1, + _getdns_ms_until_expiry2(dns_req->expires, &now_ms), + getdns_eventloop_event_init(&dns_req->timeout, dns_req, + NULL, NULL, (getdns_eventloop_callback) + _getdns_validation_chain_timeout)); + _getdns_get_validation_chain(dns_req); - else + } else _getdns_call_user_callback( dns_req, _getdns_create_getdns_response(dns_req)); } @@ -218,7 +243,7 @@ ub_resolve_event_callback(void* arg, int rcode, void *pkt, int pkt_len, getdns_network_req *netreq = (getdns_network_req *) arg; getdns_dns_req *dns_req = netreq->owner; - netreq->state = NET_REQ_FINISHED; + _getdns_netreq_change_state(netreq, NET_REQ_FINISHED); /* parse */ if (getdns_apply_network_result( netreq, rcode, pkt, pkt_len, sec, why_bogus)) { @@ -236,7 +261,7 @@ ub_resolve_callback(void* arg, int err, struct ub_result* ub_res) getdns_network_req *netreq = (getdns_network_req *) arg; getdns_dns_req *dns_req = netreq->owner; - netreq->state = NET_REQ_FINISHED; + _getdns_netreq_change_state(netreq, NET_REQ_FINISHED); if (err != 0) { _getdns_call_user_callback(dns_req, NULL); return; @@ -257,28 +282,131 @@ ub_resolve_callback(void* arg, int err, struct ub_result* ub_res) #endif +void _getdns_check_expired_pending_netreqs( + getdns_context *context, uint64_t *now_ms) +{ + getdns_network_req *first; + + assert(context); + + while (context->pending_netreqs.count) { + first = (getdns_network_req *) + _getdns_rbtree_first(&context->pending_netreqs); + + if (_getdns_ms_until_expiry2(first->owner->expires, now_ms) > 0) + break; + + (void) _getdns_rbtree_delete(&context->pending_netreqs, first); + _getdns_netreq_change_state(first, NET_REQ_TIMED_OUT); + _getdns_check_dns_req_complete(first->owner); + } + first = context->pending_netreqs.count ? (getdns_network_req *) + _getdns_rbtree_first(&context->pending_netreqs) : NULL; + + if (first == context->first_pending_netreq || + (first && context->first_pending_netreq && + first->owner->expires == context->first_pending_netreq->owner->expires)) + return; /* Nothing changed */ + + if (context->first_pending_netreq) + GETDNS_CLEAR_EVENT( context->extension + , &context->pending_timeout_event); + + if ((context->first_pending_netreq = first)) + GETDNS_SCHEDULE_EVENT( context->extension, -1, + _getdns_ms_until_expiry2(first->owner->expires, now_ms), + &context->pending_timeout_event); +} + +void +_getdns_netreq_change_state( + getdns_network_req *netreq, network_req_state new_state) +{ + getdns_context *context; + uint64_t now_ms; + getdns_network_req *prev; + + if (!netreq) + return; + + if (!netreq->owner->is_dns_request) { + netreq->state = new_state; + return; + } + + context = netreq->owner->context; + + if (netreq->state != NET_REQ_IN_FLIGHT) { + if (new_state == NET_REQ_IN_FLIGHT) + context->netreqs_in_flight += 1; + netreq->state = new_state; + return; + } + if (new_state == NET_REQ_IN_FLIGHT) /* No change */ + return; + netreq->state = new_state; + context->netreqs_in_flight -= 1; + + now_ms = 0; + prev = NULL; + while (context->pending_netreqs.count > 0 && + ( context->limit_outstanding_queries > context->netreqs_in_flight + || context->limit_outstanding_queries == 0 )) { + + getdns_network_req *first = (getdns_network_req *) + _getdns_rbtree_first(&context->pending_netreqs); + + /* To prevent loops due to _getdns_submit_netreq re-inserting + * because of errno == EMFILE + */ + if (first == prev) + break; + else + prev = first; + + (void) _getdns_rbtree_delete(&context->pending_netreqs, first); + (void) _getdns_submit_netreq(first, &now_ms); + } +} + int -_getdns_submit_netreq(getdns_network_req *netreq) +_getdns_submit_netreq(getdns_network_req *netreq, uint64_t *now_ms) { getdns_return_t r; getdns_dns_req *dns_req = netreq->owner; + getdns_context *context = dns_req->context; char name[1024]; int dnsreq_freed = 0; #ifdef HAVE_LIBUNBOUND int ub_resolve_r; #endif + if (context->limit_outstanding_queries > 0 && + context->netreqs_in_flight >= context->limit_outstanding_queries) { + + netreq->node.key = netreq; + if (_getdns_rbtree_insert( + &context->pending_netreqs, &netreq->node)) { + + _getdns_check_expired_pending_netreqs(context, now_ms); + return GETDNS_RETURN_GOOD; + } + } + _getdns_netreq_change_state(netreq, NET_REQ_IN_FLIGHT); + + debug_req("Submitting ", netreq); + #ifdef STUB_NATIVE_DNSSEC # ifdef DNSSEC_ROADBLOCK_AVOIDANCE - if ((dns_req->context->resolution_type == GETDNS_RESOLUTION_RECURSING + if ((context->resolution_type == GETDNS_RESOLUTION_RECURSING && !dns_req->dnssec_roadblock_avoidance) || dns_req->avoid_dnssec_roadblocks) { # else - if ( dns_req->context->resolution_type == GETDNS_RESOLUTION_RECURSING) { + if ( context->resolution_type == GETDNS_RESOLUTION_RECURSING) { # endif #else - if ( dns_req->context->resolution_type == GETDNS_RESOLUTION_RECURSING + if ( context->resolution_type == GETDNS_RESOLUTION_RECURSING || dns_req->dnssec_return_status || dns_req->dnssec_return_only_secure || dns_req->dnssec_return_all_statuses @@ -289,10 +417,13 @@ _getdns_submit_netreq(getdns_network_req *netreq) dns_req->timeout.userarg = dns_req; dns_req->timeout.read_cb = NULL; dns_req->timeout.write_cb = NULL; - dns_req->timeout.timeout_cb = ub_resolve_timeout; + dns_req->timeout.timeout_cb = + (getdns_eventloop_callback) + _getdns_context_request_timed_out; dns_req->timeout.ev = NULL; if ((r = dns_req->loop->vmt->schedule(dns_req->loop, -1, - dns_req->context->timeout, &dns_req->timeout))) + _getdns_ms_until_expiry2(dns_req->expires, now_ms), + &dns_req->timeout))) return r; } (void) gldns_wire2str_dname_buf(dns_req->name, @@ -301,15 +432,15 @@ _getdns_submit_netreq(getdns_network_req *netreq) #ifdef HAVE_LIBUNBOUND dns_req->freed = &dnsreq_freed; #ifdef HAVE_UNBOUND_EVENT_API - if (_getdns_ub_loop_enabled(&dns_req->context->ub_loop)) - ub_resolve_r = ub_resolve_event(dns_req->context->unbound_ctx, - name, netreq->request_type, netreq->owner->request_class, + if (_getdns_ub_loop_enabled(&context->ub_loop)) + ub_resolve_r = ub_resolve_event(context->unbound_ctx, + name, netreq->request_type, dns_req->request_class, netreq, ub_resolve_event_callback, &(netreq->unbound_id)) ? GETDNS_RETURN_GENERIC_ERROR : GETDNS_RETURN_GOOD; else #endif - ub_resolve_r = ub_resolve_async(dns_req->context->unbound_ctx, - name, netreq->request_type, netreq->owner->request_class, + ub_resolve_r = ub_resolve_async(context->unbound_ctx, + name, netreq->request_type, dns_req->request_class, netreq, ub_resolve_callback, &(netreq->unbound_id)) ? GETDNS_RETURN_GENERIC_ERROR : GETDNS_RETURN_GOOD; if (dnsreq_freed) @@ -322,7 +453,7 @@ _getdns_submit_netreq(getdns_network_req *netreq) } /* Submit with stub resolver */ dns_req->freed = &dnsreq_freed; - r = _getdns_submit_stub_request(netreq); + r = _getdns_submit_stub_request(netreq, now_ms); if (dnsreq_freed) return DNS_REQ_FINISHED; dns_req->freed = NULL; @@ -423,6 +554,7 @@ getdns_general_ns(getdns_context *context, getdns_eventloop *loop, getdns_dns_req *req; getdns_dict *localnames_response; size_t i; + uint64_t now_ms = 0; if (!context || !name || (!callbackfn && !internal_cb)) return GETDNS_RETURN_INVALID_PARAMETER; @@ -440,7 +572,7 @@ getdns_general_ns(getdns_context *context, getdns_eventloop *loop, /* create the request */ if (!(req = _getdns_dns_req_new( - context, loop, name, request_type, extensions))) + context, loop, name, request_type, extensions, &now_ms))) return GETDNS_RETURN_MEMORY_ERROR; req->user_pointer = userarg; @@ -458,13 +590,13 @@ getdns_general_ns(getdns_context *context, getdns_eventloop *loop, for ( netreq_p = req->netreqs ; !r && (netreq = *netreq_p) ; netreq_p++) { - if ((r = _getdns_submit_netreq(netreq))) { + if ((r = _getdns_submit_netreq(netreq, &now_ms))) { if (r == DNS_REQ_FINISHED) { if (return_netreq_p) *return_netreq_p = NULL; return GETDNS_RETURN_GOOD; } - netreq->state = NET_REQ_FINISHED; + _getdns_netreq_change_state(netreq, NET_REQ_ERRORED); } } @@ -473,11 +605,34 @@ getdns_general_ns(getdns_context *context, getdns_eventloop *loop, if (!(r = _getdns_context_local_namespace_resolve( req, &localnames_response))) { - + req->is_dns_request = 0; _getdns_call_user_callback ( req, localnames_response); break; } +#ifdef HAVE_MDNS_SUPPORT + } else if (context->namespaces[i] == GETDNS_NAMESPACE_MDNS) { + /* Check whether the name belongs in the MDNS space */ + if (!(r = _getdns_mdns_namespace_check(req))) + { + req->is_dns_request = 0; + // Submit the query to the MDNS transport. + for (netreq_p = req->netreqs + ; !r && (netreq = *netreq_p) + ; netreq_p++) { + if ((r = _getdns_submit_mdns_request(netreq))) { + if (r == DNS_REQ_FINISHED) { + if (return_netreq_p) + *return_netreq_p = NULL; + return GETDNS_RETURN_GOOD; + } + _getdns_netreq_change_state(netreq, NET_REQ_ERRORED); + } + } + /* Stop processing more namespaces, since there was a match */ + break; + } +#endif /* HAVE_MDNS_SUPPORT */ } else if (context->namespaces[i] == GETDNS_NAMESPACE_DNS) { /* TODO: We will get a good return code here even if @@ -488,13 +643,13 @@ getdns_general_ns(getdns_context *context, getdns_eventloop *loop, for ( netreq_p = req->netreqs ; !r && (netreq = *netreq_p) ; netreq_p++) { - if ((r = _getdns_submit_netreq(netreq))) { + if ((r = _getdns_submit_netreq(netreq, &now_ms))) { if (r == DNS_REQ_FINISHED) { if (return_netreq_p) *return_netreq_p = NULL; return GETDNS_RETURN_GOOD; } - netreq->state = NET_REQ_FINISHED; + _getdns_netreq_change_state(netreq, NET_REQ_ERRORED); } } break; diff --git a/src/general.h b/src/general.h index 29b52f47..e0860c78 100644 --- a/src/general.h +++ b/src/general.h @@ -45,8 +45,20 @@ #define DNS_REQ_FINISHED -1 void _getdns_call_user_callback(getdns_dns_req *, getdns_dict *); + +/* Change state of the netreq req. + * - Increments context->netreqs_in_flight + * when state changes from NOT_SENT to IN_FLIGHT + * - Decrements context->netreqs_in_flight + * when state changes from IN_FLIGHT to FINISHED, TIMED_OUT or ERRORED + * - Resubmits NOT_SENT netreqs from context->pending_netreqs, + * when # pending_netreqs < limit_outstanding_queries + */ +void _getdns_netreq_change_state( + getdns_network_req *netreq, network_req_state new_state); + void _getdns_check_dns_req_complete(getdns_dns_req *dns_req); -int _getdns_submit_netreq(getdns_network_req *netreq); +int _getdns_submit_netreq(getdns_network_req *netreq, uint64_t *now_ms); getdns_return_t diff --git a/src/getdns/getdns.h.in b/src/getdns/getdns.h.in index 2a8f7f2a..bd1e36fd 100644 --- a/src/getdns/getdns.h.in +++ b/src/getdns/getdns.h.in @@ -485,21 +485,45 @@ typedef enum getdns_callback_type_t { #define GETDNS_RCODE_BADNAME 20 #define GETDNS_RCODE_BADALG 21 #define GETDNS_RCODE_BADTRUNC 22 +#define GETDNS_RCODE_COOKIE 23 /** @} */ +/** + * Many calls in the DNS API require a DNS context. A DNS context contains + * the information that the API needs in order to process DNS calls, such + * as the locations of upstream DNS servers, DNSSEC trust anchors, and so on. + * The internal structure of the DNS context is opaque, and might be different + * on each OS. When a context is passed to any function, it must be an + * allocated context; the context must not be NULL. + * + * Use getdns_context_set_* functions to configure a context. + */ typedef struct getdns_context getdns_context; + +/** + * When scheduling asynchronous requests, transaction identifiers associated + * with the request are returned. These identifiers are of the type: + * getdns_transaction_t. These identifiers can be used to associate answers + * with requests, and also to cancel outstanding requests. + */ typedef uint64_t getdns_transaction_t; /** - * used to check data types within complex types (dict, list) + * getdns_list_get_data_type() and getdns_dict_get_data_type() return the type + * of data on an index in a getdns_list, or on a name in a getdns_dict. */ typedef enum getdns_data_type { t_dict, t_list, t_int, t_bindata } getdns_data_type; + + +/** + * A struct to hold binary data. + */ typedef struct getdns_bindata { size_t size; @@ -708,12 +732,46 @@ getdns_return_t getdns_dict_get_int(const getdns_dict *dict, * @return pointer to an allocated list, NULL if insufficient memory */ getdns_list *getdns_list_create(); + +/** + * create a new list with no items, creating and initializing it with the + * custom memory function from context. These memory functions will be used + * for creating, and inherited by the list members when populating the list. + * The custom deallocator will be used for destroying the list. + * @param context The context from which the custom memory functions will be + * used to create and initialize the list. + * @return pointer to an allocated list, NULL if insufficient memory + */ getdns_list *getdns_list_create_with_context(getdns_context *context); + +/** + * create a new list with no items, creating and initializing it with the + * provided custom memory function. These memory functions will be used + * for creating, and inherited by the list members when populating the list. + * The custom deallocator will be used for destroying the list. + * @param malloc Custom allocator + * @param realloc Custom reallocator + * @param free Custom deallocator + * @return pointer to an allocated list, NULL if insufficient memory + */ getdns_list *getdns_list_create_with_memory_functions( void *(*malloc) (size_t), void *(*realloc) (void *, size_t), void (*free) (void *) ); + +/** + * create a new list with no items, creating and initializing it with the + * provided extended custom memory function. These memory functions will be + * used for creating, and inherited by the list members when populating the + * list. The custom deallocator will be used for destroying the list. + * @param userarg Will be passed as the first argument to the extended + * custom malloc, realloc, and free. + * @param malloc Custom allocator + * @param realloc Custom reallocator + * @param free Custom deallocator + * @return pointer to an allocated list, NULL if insufficient memory + */ getdns_list *getdns_list_create_with_extended_memory_functions( void *userarg, void *(*malloc) (void *userarg, size_t), @@ -794,12 +852,46 @@ getdns_return_t getdns_list_set_int(getdns_list *list, size_t index, * @return pointer to an allocated dictionary, NULL if insufficient memory */ getdns_dict *getdns_dict_create(); + +/** + * create a new dict with no items, creating and initializing it with the + * custom memory function from context. These memory functions will be used + * for creating, and inherited by the list members when populating the dict. + * The custom deallocator will be used for destroying the dict. + * @param context The context from which the custom memory functions will be + * used to create and initialize the dict. + * @return pointer to an allocated dict, NULL if insufficient memory + */ getdns_dict *getdns_dict_create_with_context(getdns_context *context); + +/** + * create a new dict with no items, creating and initializing it with the + * provided custom memory function. These memory functions will be used + * for creating, and inherited by the dict members when populating the dict. + * The custom deallocator will be used for destroying the dict. + * @param malloc Custom allocator + * @param realloc Custom reallocator + * @param free Custom deallocator + * @return pointer to an allocated dict, NULL if insufficient memory + */ getdns_dict *getdns_dict_create_with_memory_functions( void *(*malloc) (size_t), void *(*realloc) (void *, size_t), void (*free) (void *) ); + +/** + * create a new dict with no items, creating and initializing it with the + * provided extended custom memory function. These memory functions will be + * used for creating, and inherited by the dict members when populating the + * dict. The custom deallocator will be used for destroying the dict. + * @param userarg Will be passed as the first argument to the extended + * custom malloc, realloc, and free. + * @param malloc Custom allocator + * @param realloc Custom reallocator + * @param free Custom deallocator + * @return pointer to an allocated dict, NULL if insufficient memory + */ getdns_dict *getdns_dict_create_with_extended_memory_functions( void *userarg, void *(*malloc) (void *userarg, size_t), @@ -822,8 +914,17 @@ void getdns_dict_destroy(getdns_dict *dict); * @{ */ +/** + * create a new entry in the dictionary, or replace the value of an existing entry + * this routine makes a copy of the child_dict_ + * @param dict dictionary in which to add or change the value + * @param name key that identifies which item in the dictionary to add/change + * @param child_dict value to assign to the node identified by name + * @return GETDNS_RETURN_GOOD on success + */ getdns_return_t getdns_dict_set_dict(getdns_dict *dict, const char *name, const getdns_dict *child_dict); + /** * create a new entry in the dictionary, or replace the value of an existing entry * this routine makes a copy of the child_list @@ -871,7 +972,31 @@ getdns_return_t getdns_dict_remove_name(getdns_dict *dict, const char *name); /** * \addtogroup callbackfns getdns_callback functions */ -/* Callback arguments */ +/** + * The type of the callback function that must be registered when scheduling + * asynchronous requests. The registered function will be called from the + * eventloop with the following parameters. + * @param context The DNS context that was used in the calling function + * @param callback_type Supplies the reason for the callback. + * This will be one of: + * - GETDNS_CALLBACK_COMPLETE The response has the + * requested data in it + * - GETDNS_CALLBACK_CANCEL The calling program cancelled + * the callback; response is NULL + * - GETDNS_CALLBACK_TIMEOUT The requested action timed + * out; response is filled in with empty structures or + * will contain additional information about the timeout + * when used in combination with the + * return_call_reporting extension. + * - GETDNS_CALLBACK_ERROR The requested action had an + * error; response is NULL. + * @param response A response object with the response data. + * The application is responsible for cleaning up the response + * object with getdns_dict_destroy. + * @param userarg Identical to the userarg passed to the calling function. + * @param transaction_id The transaction identifier that was assigned by the + * calling function. + */ typedef void (*getdns_callback_t) (getdns_context *context, getdns_callback_type_t callback_type, getdns_dict * response, @@ -1018,6 +1143,10 @@ getdns_context_create_with_extended_memory_functions( void (*free) (void *userarg, void *) ); +/** + * destroy the context. All outstanding requests will be cancelled with + * the getdns_cancel_callback() function. + */ void getdns_context_destroy(getdns_context *context); /** @} */ @@ -1027,6 +1156,11 @@ void getdns_context_destroy(getdns_context *context); * \addtogroup callbackfns getdns_callback functions * @{ */ +/** + * Cancel an outstanding asynchronous request. The callback registered with + * the request will be called with the getdns_callback_type_t set to + * GETDNS_CALLBACK_CANCEL and the response set to NULL. + */ getdns_return_t getdns_cancel_callback(getdns_context *context, getdns_transaction_t transaction_id); @@ -1110,26 +1244,93 @@ getdns_service_sync(getdns_context *context, * @{ */ +/** + * Convert a domain name in DNS wire format to presentation format. + * The newly allocated string should be freed with free. + * @param dns_name_wire_fmt A bindata to the DNS name in wire format + * @param fqdn_as_string A reference to a pointer that will be set + * to a newly allocated string containing the + * presentation format of the name. The caller + * is responsible for deallocate this space with free(). + * @return GETDNS_RETURN_GOOD on success or GETDNS_RETURN_GENERIC_ERROR + * when the wireformat name could not be parsed. + */ getdns_return_t getdns_convert_dns_name_to_fqdn( const getdns_bindata *dns_name_wire_fmt, char **fqdn_as_string); +/** + * Convert a domain name in presentation format to DNS wire format. + * @param fqdn_as_string The name to convert in presentation format. + * @param dns_name_wire_fmt A reference to a pointer that will be set + * to a newly allocated bindata containing the + * DNS wire format of the name. The caller + * is responsible for deallocate this space with free(). + * @return GETDNS_RETURN_GOOD on success or GETDNS_RETURN_GENERIC_ERROR + * when the presentation format name could not be parsed. + */ getdns_return_t getdns_convert_fqdn_to_dns_name( const char *fqdn_as_string, getdns_bindata **dns_name_wire_fmt); +/** + * Convert an Unicode encoded label to ASCII encoding following the + * rules for IDNA 2008 described in RFC 5890-5892. + * @param ulabel The Unicode encoded label to convert. + * @return The ASCII encoding label. The caller is responsible for deallocate + * this space with free(). + */ char *getdns_convert_ulabel_to_alabel(const char *ulabel); +/** + * Convert an ASCII encoded label to Unicode encoding following the + * rules for IDNA 2008 described in RFC 5890-5892. + * @param alabel The ASCII encoded label to convert. + * @return The Unicode encoding label. The caller is responsible for + * deallocation with free(). + */ char *getdns_convert_alabel_to_ulabel(const char *alabel); +/** + * Offline DNSSEC validate Resource Records with the help of support + * records and a DNSSEC trust anchor. + * @param to_validate This is a list of reply_dicts to validate (as can + * be seen under "replies_tree" in a response dict), or + * an RRset with signatures represented as a list of + * rr_dicts. The format of rr_dict can be seen in + * the sections of reply_dicts in response dicts. + * It is also possible to validate the non-existance + * of a query. Besides all the necessary NSEC(3)s plus + * signature, the to_validate should then also contain + * a question rr_dict with a qname, qclass and qtype. + * @param support_records A list of all the DNSKEY, DS and NSEC(3) RRsets + * (in the form of rr_dicts) that may be used to + * validate the RRsets or replies in to_validate. + * The value returned under "validation_chain" in a + * response dict when the dnssec_return_validation_chain + * extension was used, can be used directly for this. + * @param trust_anchors A list of rr_dicts containing the DNSSEC trust anchors. + * The return value of the getdns_root_trust_anchor() + * can be used directly for this. + * @return The function returns one of GETDNS_DNSSEC_SECURE, + * GETDNS_DNSSEC_BOGUS, GETDNS_DNSSEC_INDETERMINATE, or GETDNS_DNSSEC_INSECURE + * depending on the validation status. + */ getdns_return_t getdns_validate_dnssec(getdns_list *to_validate, getdns_list *support_records, getdns_list *trust_anchors); -/* Get root trust anchor */ +/** + * Get the default list of trust anchor records that is used by the library + * to validate DNSSEC. + * @param utc_date_of_anchor Set to the number of seconds since epoch + * the trust anchors were obtained + * @return The list of DNSSEC trust anchors, or NULL on error. The caller is + * responsible for deallocating the list with getdns_list_destroy(). + */ getdns_list *getdns_root_trust_anchor(time_t *utc_date_of_anchor); /** @@ -1140,6 +1341,13 @@ getdns_list *getdns_root_trust_anchor(time_t *utc_date_of_anchor); */ char *getdns_pretty_print_dict(const getdns_dict *some_dict); +/** + * Converts a getdns_bindata representing an IPv4 or IPv6 address to a + * textual representation. + * @param bindata_of_ipv4_or_ipv6_address The IP address to convert. + * @return character array (caller must free this) containing the textual + * representation of the address. + */ char *getdns_display_ip_address(const getdns_bindata *bindata_of_ipv4_or_ipv6_address); @@ -1151,6 +1359,19 @@ char *getdns_display_ip_address(const getdns_bindata * \addtogroup context_set getdns_context_set functions * @{ */ + +/** + * An application can be notified when the context is changed. + * Note that this implementation has an extended version of this function + * in which an additional userarg parameter can be registered: + * #getdns_context_set_update_callback . + * @param context The context for which to monitor changes + * @param value The callback function that will be called when any context is + * changed. A update callback function can be deregistered by + * passing NULL. + * @return GETDNS_RETURN_GOOD when succesful. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL. + */ getdns_return_t getdns_context_set_context_update_callback( getdns_context *context, @@ -1158,73 +1379,362 @@ getdns_context_set_context_update_callback( getdns_context_code_t changed_item) ); +/** + * Specify whether DNS queries are performed with recursive lookups or as a + * stub resolver. The default value is GETDNS_RESOLUTION_RECURSING. + * @see getdns_context_get_resolution_type + * @param context The context to configure + * @param value GETDNS_RESOLUTION_RECURSING or GETDNS_RESOLUTION_STUB. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_CONTEXT_UPDATE_FAIL with unknown resolution types + * @return GETDNS_RETURN_NOT_IMPLEMENTED when getdns was compiled for stub + * resolution only and recursing resolution type was requested. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL. + */ getdns_return_t getdns_context_set_resolution_type(getdns_context *context, getdns_resolution_t value); +/** + * Sets the ordered list of namespaces that will be queried. + * This context setting is ignored for the getdns_general and + * getdns_general_sync functions; it is used for the other funtions. + * When a normal lookup is done, the API does the lookups in the order given + * and stops when it gets the first result + * @see getdns_context_get_namespaces + * @param context The context to configure + * @param namespace_count The number of values in the namespaces list. + * @param namespaces An ordered list of namespaces that will be queried. + * The values are: GETDNS_NAMESPACE_DNS, + * GETDNS_NAMESPACE_LOCALNAMES, GETDNS_NAMESPACE_NETBIOS, + * GETDNS_NAMESPACE_MDNS, and GETDNS_NAMESPACE_NIS. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_CONTEXT_UPDATE_FAIL with unknown namespace types + * @return GETDNS_RETURN_NOT_IMPLEMENTED when unsupported namespaces were + * given. Currently this implementation supports only + * GETDNS_NAMESPACE_DNS, GETDNS_NAMESPACE_LOCALNAMES and has an + * draft implementation of GETDNS_NAMESPACE_MDNS, which has to be + * enabled at configure time. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL. + */ getdns_return_t getdns_context_set_namespaces(getdns_context *context, size_t namespace_count, getdns_namespace_t *namespaces); +/** + * Specifies what transport are used for DNS lookups. The default is + * GETDNS_TRANSPORT_UDP_FIRST_AND_FALL_BACK_TO_TCP. Use of this function + * is discouraged. Please use #getdns_context_set_dns_transport_list() + * instead of this function. + * @see getdns_context_get_dns_transport + * @see getdns_context_set_dns_transport_list + * @see getdns_context_get_dns_transport_list + * @param context The context to configure + * @param value The transport to use for DNS lookups. + * The value is GETDNS_TRANSPORT_UDP_FIRST_AND_FALL_BACK_TO_TCP, + * GETDNS_TRANSPORT_UDP_ONLY, GETDNS_TRANSPORT_TCP_ONLY, + * GETDNS_TRANSPORT_TCP_ONLY_KEEP_CONNECTIONS_OPEN, + * GETDNS_TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN or + * GETDNS_TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_CONTEXT_UPDATE_FAIL with unknown values + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL. + */ getdns_return_t getdns_context_set_dns_transport(getdns_context *context, getdns_transport_t value); +/** + * Specifies what transport is used for DNS lookups. The default is a list + * containing GETDNS_TRANSPORT_UDP then GETDNS_TRANSPORT_TCP. The API will + * return information on the actual transport used to fulfill the request in + * the response dict, when the return_call_reporting extension is used. + * @see getdns_context_get_dns_transport_list + * @see getdns_context_set_dns_transport + * @see getdns_context_get_dns_transport + * @param context The context to configure + * @param transport_count The number of values in the transports list. + * @param transports An ordered list of transports that will be used for DNS + * lookups. If only one transport value is specified it will + * be the only transport used. Should it not be available + * basic resolution will fail. Fallback transport options are + * specified by including multiple values in the list. + * The values are: GETDNS_TRANSPORT_UDP, GETDNS_TRANSPORT_TCP, + * or GETDNS_TRANSPORT_TLS + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_CONTEXT_UPDATE_FAIL with unknown values + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL. + */ getdns_return_t getdns_context_set_dns_transport_list(getdns_context *context, size_t transport_count, getdns_transport_list_t *transports); +/** + * Specify number of milliseconds the API will leave an idle TCP or TLS + * connection open for (idle means no outstanding responses and no pending + * queries). When set to 0, all currently open idle connections will be + * closed immediately. The default is 0. + * Note with synchronous queries, idle connections can not reliably be timed. + * Each new synchronous request, will reset the counter no matter the time + * in between requests, and thus leave the connection open always. This + * setting is thus only meaningful when doing requests asynchronously. + * @see getdns_context_get_idle_timeout + * @param context The context to configure + * @param timeout The number of milliseconds the API will leave an idle TCP + * or TLS connection open for + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL. + */ getdns_return_t getdns_context_set_idle_timeout(getdns_context *context, uint64_t timeout); +/** + * Limit the number of outstanding DNS queries. When more than limit requests + * are scheduled, they are kept on an internal queue, to be rescheduled when + * the number of outstanding queries drops below the limit again. + * A value of 0 indicates that the number of outstanding DNS queries is + * unlimited, however, queries will be put on the internal queue too when + * system resources are exhausted (i.e. number of available sockets). + * The default value is 0. + * @see getdns_context_get_limit_outstanding_queries + * @param context The context to configure + * @param limit The maximum number of outstanding DNS queries. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL. + */ getdns_return_t getdns_context_set_limit_outstanding_queries(getdns_context *context, uint16_t limit); +/** + * Specifies number of milliseconds the API will wait for request to return. + * The default is 5000 (i.e. 5 seconds). + * @see getdns_context_get_timeout + * @param context The context to configure + * @param timeout The number of milliseconds the API will wait for request to + * return. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER for a timeout 0, + * or when context was NULL + */ getdns_return_t getdns_context_set_timeout(getdns_context *context, uint64_t timeout); +/** + * Specifies whether or not DNS queries follow redirects. + * The default value is GETDNS_REDIRECTS_FOLLOW. + * In this implementation, redirects are only actively followed in the recursing + * resolution mode. The GETDNS_REDIRECTS_DO_NOT_FOLLOW will not prevent this, + * but the response will be stripped of all resource records that could only be + * found through following redirects. The setting will do this with answers + * provided by an upstream in stub resolution mode too. + * @see getdns_context_get_follow_redirects + * @param context The context to configure + * @param value GETDNS_REDIRECTS_FOLLOW for normal following of redirects + * through CNAME and DNAME; or GETDNS_REDIRECTS_DO_NOT_FOLLOW to + * cause any lookups that would have gone through CNAME and DNAME + * to return the CNAME or DNAME, not the eventual target. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER for an unknown value, + * or when context was NULL + */ getdns_return_t getdns_context_set_follow_redirects(getdns_context *context, getdns_redirects_t value); +/** + * Configure the list of addresses to be used for looking up top-level domains. + * The default is the list of "normal" IANA root servers + * @see getdns_context_get_dns_root_servers + * @param context The context to configure + * @param addresses The list contains dicts that are addresses to be used for + * looking up top-level domains. Each dict in the list + * contains at least two names: address_type (whose value is + * a bindata; it is currently either "IPv4" or "IPv6") and + * address_data (whose value is a bindata). + * This implementation also accepts a list of addressxi + * bindatas. Or a list of rr_dicts for address records (i.e. + * the additional section of a NS query for ".", or a with + * getdns_fp2rr_list() converted root.hints file). + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_ CONTEXT_UPDATE_FAIL when there were problems + * parsing the provided addresses list. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL + */ getdns_return_t getdns_context_set_dns_root_servers(getdns_context *context, getdns_list *addresses); +/** + * Specifies whether, how and when to append a suffix to the query string. + * The non-standard implementation default is + * GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRST. + * @see getdns_context_get_append_name + * @param context The context to configure + * @param value GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRST, + * GETDNS_APPEND_NAME_ALWAYS, + * GETDNS_APPEND_NAME_ONLY_TO_SINGLE_LABEL_AFTER_FAILURE, + * GETDNS_APPEND_NAME_ONLY_TO_MULTIPLE_LABEL_NAME_AFTER_FAILURE, + * or GETDNS_APPEND_NAME_NEVER. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_ CONTEXT_UPDATE_FAIL with unknown values. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL + */ getdns_return_t getdns_context_set_append_name(getdns_context *context, getdns_append_name_t value); +/** + * Specify the list of suffixes to be appended based on the value off the + * append_name setting. The default is read from OS, or an empty list when + * the context is not initialized with OS defaults. + * @see getdns_context_get_suffix + * @param context The context to configure + * @param value A list of bindatas that are strings that are to be appended + * based on the value off the append_name setting. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_ CONTEXT_UPDATE_FAIL with unknown values. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL + */ getdns_return_t getdns_context_set_suffix(getdns_context *context, getdns_list *value); +/** + * Specify the DNSSEC trust anchors. The default is to read it from + * @TRUST_ANCHOR_FILE@. + * @see getdns_context_get_dnssec_trust_anchors + * @param context The context to configure + * @param value A list of rr_dicts for DS or DNSKEY that are the DNSSEC + * trust anchors. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_ CONTEXT_UPDATE_FAIL with unknown values. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL + */ getdns_return_t getdns_context_set_dnssec_trust_anchors(getdns_context *context, getdns_list *value); +/** + * Specify the DNSSEC allowed skew. The default is 0. + * @see getdns_context_get_dnssec_allowed_skew + * @param context The context to configure + * @param value The number of seconds of skew that is allowed in either + * direction when checking an RRSIG's Expiration and Inception + * fields. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL + */ getdns_return_t getdns_context_set_dnssec_allowed_skew(getdns_context *context, uint32_t value); + +/** + * Specify where a stub resolver will send queries. The default value is set + * from the OS when the context is created with the set_from_os flag, or + * empty otherwise. + * @see getdns_context_get_upstream_recursive_servers + * @param context The context to configure + * @param upstream_list The upstreams are specified either by a getdns_bindata + * containing a IPv4 or IPv6 address in network format + * or a `getdns_dict`, containing at least a name + * `address_data` whose value is the address bindata, and + * optionally also: + * - `scode_id` containing an getdns_bindata with the + * scope ID for IPv6 link-local addresses. + * - `port` an integer specifying which port to use to + * contact this upstream over UDP and TCP; + * the default is 53 + * - `tsig_algorithm` (a bindata) that is the name of the + * TSIG hash algorithm + * - `tsig_name` (a bindata) that is the name of the TSIG key + * - `tsig_secret` (a bindata) that is the TSIG key + * - `tls_port` (a integer) that is the port to use to + * contact this upstream over TLS + * - `tls_auth_name` (a bindata) that is the name of the + * upstream (as a bindata containing a string) which + * must be verified to confirm its identity. + * - `tls_pubkey_pinset` (a list) containing dicts with + * - `digest` which must be a bindata containing the + * text sha256 + * - `value` A SHA256 hash of the `SubjectPublicKeyInfo` + * of the upstream, which will be used to authenticate + * it. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER when `context` or `upstream_list` was `NULL` + * @return GETDNS_RETURN_CONTEXT_UPDATE_FAIL when there were problems parsing + * the `upstream_list`. + */ getdns_return_t getdns_context_set_upstream_recursive_servers(getdns_context *context, getdns_list *upstream_list); +/** + * Set the maximum UDP payload size advertised in a EDNS0 OPT record. + * When not set (the default), outgoing values will adhere to the suggestions + * in RFC 6891 and may follow a scheme that uses multiple values to maximize + * receptivity. + * @see getdns_context_get_edns_maximum_udp_payload_size + * @see getdns_context_unset_edns_maximum_udp_payload_size + * @param context The context to configure + * @param value The maximum UDP payload size advertised in a EDNS0 OPT record. + * The value must be between 512 and 65536 + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL + */ getdns_return_t getdns_context_set_edns_maximum_udp_payload_size(getdns_context *context, uint16_t value); +/** + * Set the rcode advertised in a EDNS0 OPT record. The default is 0. + * @see getdns_context_get_edns_extended_rcode + * @param context The context to configure + * @param value A value between 0 and 255. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL + */ getdns_return_t getdns_context_set_edns_extended_rcode(getdns_context *context, uint8_t value); +/** + * Set the version advertised in a EDNS0 OPT record. The default is 0. + * @see getdns_context_get_edns_version + * @param context The context to configure + * @param value A value between 0 and 255. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL + */ getdns_return_t getdns_context_set_edns_version(getdns_context *context, uint8_t value); +/** + * Set the DO ibit advertised in a EDNS0 OPT record. The default is 0. + * However use of any of the dnssec_* extension will override this setting + * and set the DO bit. + * @see getdns_context_get_edns_do_bit + * @param context The context to configure + * @param value A value between 0 and 1. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL + */ getdns_return_t getdns_context_set_edns_do_bit(getdns_context *context, uint8_t value); +/** + * Specify custom memory management functions to be used with this context. + * The given memory management functions will be used for creating the response + * dicts. The response dicts inherit the custom memory management functions + * from the context and will deallocate themselves (and their members) with the + * custom deallocator. By default, the system `malloc`, `realloc`, and `free` are used. + * @param context The context to configure + * @param malloc A custom memory allocator. The default is `malloc`. + * @param realloc A custom memory reallocator. The default is `realloc`. + * @param free A custom memory deallocator. The default is `free`. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL + */ getdns_return_t getdns_context_set_memory_functions(getdns_context *context, void *(*malloc) (size_t), @@ -1232,6 +1742,22 @@ getdns_context_set_memory_functions(getdns_context *context, void (*free) (void *) ); +/** + * Specify custom extended memory management functions to be used with this + * context. The value of `userarg` argument will be passed to the custom + * `malloc`, `realloc`, and `free`. + * The response dicts inherit the custom memory management functions + * from the context and will deallocate themselves (and their members) with the + * custom deallocator. By default, the system `malloc`, `realloc`, and `free` are used. + * @param context The context to configure + * @param userarg This value will be passed as the `userarg` argument to the + * custom `malloc`, `realloc` and `free` function. + * @param malloc A custom memory allocator. The default is a wrapper for `malloc`. + * @param realloc A custom memory reallocator. The default is a wrapper for `realloc`. + * @param free A custom memory deallocator. The default is a wrapper for `free`. + * @return GETDNS_RETURN_GOOD when successful. + * @return GETDNS_RETURN_INVALID_PARAMETER when context was NULL + */ getdns_return_t getdns_context_set_extended_memory_functions(getdns_context *context, void *userarg, @@ -1242,7 +1768,22 @@ getdns_context_set_extended_memory_functions(getdns_context *context, /** @} */ -/* api information support */ +/** + * Retrieve information about the API itself and inspect the current context. + * The returned dictionary can be used with getdns_context_config() directly + * to configure another context with precisely these settings. + * @param context The context from which to get the information + * @return A getdns_dict containing the following name/value pairs: + * - `version_string` (a bindata) represents the version string for this version of the DNS API. + * - `implementation_string` (a bindata) is a string showing which + * implementation of the getdns API this is. In our implementation + * this will always be set to "https://getdnsapi.net" + * - resolution_type (an int) is the type of resolver that the API is + * acting as in this context: GETDNS_RESOLUTION_RECURSING or + * GETDNS_RESOLUTION_STUB. + * - all_context (a dict) with names for all the other settings in + * context. + */ getdns_dict* getdns_context_get_api_information(getdns_context* context); diff --git a/src/getdns/getdns_ext_libev.h b/src/getdns/getdns_ext_libev.h index c65ef8d3..3a39530f 100644 --- a/src/getdns/getdns_ext_libev.h +++ b/src/getdns/getdns_ext_libev.h @@ -48,7 +48,21 @@ struct ev_loop; /** * \ingroup eventloops */ -/* For libevent, which we are using for these examples */ +/** + * Associate the libev ev_loop with the context, so that all + * asynchronous requests will schedule Input/Output with it. + * Synchronous requests will still use a default eventloop based on `poll()`. + * Applications need to @code #include @endcode + * and link with libgetdns_ext_ev to use this function. + * getdns needs to have been configured with --with-libev for this + * extension to be available. + * @param context The context to configure + * @param ev_loop The libev event loop to associate with this context. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_BAD_CONTEXT when context is NULL + * @return GETDNS_RETURN_INVALID_PARAMETER when ev_loop is NULL + * @return GETDNS_RETURN_MEMORY_ERROR when memory could not be allocated + */ getdns_return_t getdns_extension_set_libev_loop(struct getdns_context *context, struct ev_loop *ev_loop); diff --git a/src/getdns/getdns_ext_libevent.h b/src/getdns/getdns_ext_libevent.h index de364e3f..a7fbc9b5 100644 --- a/src/getdns/getdns_ext_libevent.h +++ b/src/getdns/getdns_ext_libevent.h @@ -47,7 +47,21 @@ struct event_base; /** * \ingroup eventloops */ -/* For libevent, which we are using for these examples */ +/** + * Associate the libevent event_base with the context, so that all + * asynchronous requests will schedule Input/Output with it. + * Synchronous requests will still use a default eventloop based on `poll()`. + * Applications need to @code #include @endcode + * and link with libgetdns_ext_event to use this function. + * getdns needs to have been configured with --with-libevent for this + * extension to be available. + * @param context The context to configure + * @param this_event_base The libevent event base to associate with this context. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_BAD_CONTEXT when context is NULL + * @return GETDNS_RETURN_INVALID_PARAMETER when this_event_base is NULL + * @return GETDNS_RETURN_MEMORY_ERROR when memory could not be allocated + */ getdns_return_t getdns_extension_set_libevent_base(struct getdns_context *context, struct event_base *this_event_base); diff --git a/src/getdns/getdns_ext_libuv.h b/src/getdns/getdns_ext_libuv.h index f8809149..03463499 100644 --- a/src/getdns/getdns_ext_libuv.h +++ b/src/getdns/getdns_ext_libuv.h @@ -47,7 +47,21 @@ struct uv_loop_s; /** * \ingroup eventloops */ -/* For libevent, which we are using for these examples */ +/** + * Associate the libuv uv_loop with the context, so that all + * asynchronous requests will schedule Input/Output with it. + * Synchronous requests will still use a default eventloop based on `poll()`. + * Applications need to @code #include @endcode + * and link with libgetdns_ext_uv to use this function. + * getdns needs to have been configured with --with-libuv for this + * extension to be available. + * @param context The context to configure + * @param uv_loop The libuv event loop to associate with this context. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_BAD_CONTEXT when context is NULL + * @return GETDNS_RETURN_INVALID_PARAMETER when uv_loop is NULL + * @return GETDNS_RETURN_MEMORY_ERROR when memory could not be allocated + */ getdns_return_t getdns_extension_set_libuv_loop(struct getdns_context *context, struct uv_loop_s *uv_loop); diff --git a/src/getdns/getdns_extra.h.in b/src/getdns/getdns_extra.h.in index 9c973a5e..bd41f51f 100644 --- a/src/getdns/getdns_extra.h.in +++ b/src/getdns/getdns_extra.h.in @@ -56,6 +56,8 @@ extern "C" { * \defgroup Ureturnvaluesandtext Additional return values and texts * @{ */ +#define GETDNS_RETURN_NO_UPSTREAM_AVAILABLE ((getdns_return_t) 398 ) +#define GETDNS_RETURN_NO_UPSTREAM_AVAILABLE_TEXT "None of the configured upstreams could be used to send queries on the specified transports" #define GETDNS_RETURN_NEED_MORE_SPACE ((getdns_return_t) 399 ) #define GETDNS_RETURN_NEED_MORE_SPACE_TEXT "The buffer was too small" /** @} @@ -74,6 +76,12 @@ extern "C" { #define GETDNS_CONTEXT_CODE_TLS_QUERY_PADDING_BLOCKSIZE_TEXT "Change related to getdns_context_set_tls_query_padding_blocksize" #define GETDNS_CONTEXT_CODE_PUBKEY_PINSET 621 #define GETDNS_CONTEXT_CODE_PUBKEY_PINSET_TEXT "Change related to getdns_context_set_pubkey_pinset" +#define GETDNS_CONTEXT_CODE_ROUND_ROBIN_UPSTREAMS 622 +#define GETDNS_CONTEXT_CODE_ROUND_ROBIN_UPSTREAMS_TEXT "Change related to getdns_context_set_round_robin_upstreams" +#define GETDNS_CONTEXT_CODE_TLS_BACKOFF_TIME 623 +#define GETDNS_CONTEXT_CODE_TLS_BACKOFF_TIME_TEXT "Change related to getdns_context_set_tls_backoff_time" +#define GETDNS_CONTEXT_CODE_TLS_CONNECTION_RETRIES 624 +#define GETDNS_CONTEXT_CODE_TLS_CONNECTION_RETRIES_TEXT "Change related to getdns_context_set_tls_connection_retries" /** @} */ @@ -118,7 +126,6 @@ typedef enum getdns_tls_authentication_t { /** @} */ - /** * \defgroup Uvaluesandtextsdepricated Additional transport values and texts (will be deprecated) * @{ @@ -150,90 +157,221 @@ typedef enum getdns_tls_authentication_t { * @{ */ +/** + * The type of callback function that is used by the callbacks in an + * getdns_eventloop_event. + * @param userarg This will have the value of the userarg attribute of the + * getdns_eventloop_event struct in which this callback was + * present. + */ typedef void (*getdns_eventloop_callback)(void *userarg); -/* context extension event data */ -typedef struct getdns_eventloop_event { + +typedef struct getdns_eventloop_event getdns_eventloop_event; +/** + * getdns uses an event loop abstraction layer to interface with event loop + * extensions. The extension accepts registration of getdns_eventloop_events + * and translates them to the underlying event loop API for which it is an + * extension. Also applications using getdns can use the abstraction layer + * themselves and in doing so inherit the flexibility being immediately + * compatible with all the event loop systems for which there is an extension + * already (i.e. libevent, libev and libuv). + */ +struct getdns_eventloop_event { + /** + * The userarg argument that will be passed to the + * getdns_eventloop_callbacks when they are fired. + */ void *userarg; + + /** + * When not NULL, it will be fired when the associated file descriptor + * is readable. + */ getdns_eventloop_callback read_cb; + + /** + * When not NULL, it will be fired when the associated file descriptor + * is writable. + */ getdns_eventloop_callback write_cb; + + /** + * When not NULL, it will be fired when the during scheduling specified + * timeout time has passed. + */ getdns_eventloop_callback timeout_cb; - /* Pointer to the underlying event - * that the eventloop extension will create and free. + /** + * Pointer to the underlying event + * that an eventloop extension must manage (i.e. create and free.) */ void *ev; -} getdns_eventloop_event; +}; typedef struct getdns_eventloop_vmt getdns_eventloop_vmt; + +/** + * The manifestation of the event loop abstraction layer. Event loop + * extension implementers should extend this with attributed needed for the + * underlying event loop. + * The current event loop extension can be obtained with the + * getdns_context_get_eventloop() function. + */ typedef struct getdns_eventloop { + /** + * The Virtual Method Table providing the interface for this specific + * event loop extension. + */ getdns_eventloop_vmt *vmt; } getdns_eventloop; -/* A prototype for a method having no arguments and not return value. */ +/** + * The function prototype for the `cleanup` and `run` functions in an getdns + * event loop's Virtual Method Table. These methods have no (extra) arguments + * and return nothing. + * @param loop The event loop to `run` or `cleanup` + */ typedef void (*getdns_eventloop_noargs)(getdns_eventloop *loop); -/* Call the extension to schedule an event - * +/** + * The function prototype for the `schedule` function in an event loop + * Virtual Method Table. * The getdns_eventloop_event must be provided by the caller with the callbacks * and userarg therein already supplied (by the caller). This function will set * the ev pointer (in the getdns_eventloop_event) to refer to the underlying * (extension) event. + * @param loop The event loop for which to register the event. + * @param fd The file descriptor for which to schedule the read_cb and/or + * write_cb callbacks. + * @param timeout The number of milliseconds that must pass without read + * and/or write event after which the timeout_cb callback is fired. + * @param ev The event with all attributes provisioned, except for the ev->ev + * attribute, which will be provisioned by the implementation of + * the schedule method. + * @return GETDNS_RETURN_GOOD when successful and an error code otherwise. */ typedef getdns_return_t (*getdns_eventloop_schedule)(getdns_eventloop *loop, int fd, uint64_t timeout, getdns_eventloop_event *ev); -/* Call the extension to clean a scheduled event */ +/** + * The function prototype for the `clean` function in an event loop + * Virtual Method Table. + * The implementation must clear the event (which is referred to with + * ev->ev) in the underlying event loop and make ev->ev NULL when done. + * getdns will test for this value to determine if events are scheduled or not. + * @param loop The event loop for which to event needs to be cleared. + * @param ev [in,out] The event with the ev->ev attribute referring to the + * underlying event. ev->ev must be set to NULL after the event + * was cleared. + * @return GETDNS_RETURN_GOOD when successful and an error code otherwise. + */ typedef getdns_return_t (*getdns_eventloop_clear) (getdns_eventloop *loop, getdns_eventloop_event *ev); +/** + * The function prototype for the `run_once` function in an event loop + * Virtual Method Table. The implementation must do a single round of + * firing callbacks, either blocking or not. + * @param loop The event loop to run + * @param blocking When 0, only callbacks for file descriptors that are + * immediately readable or writable or timeouts that have + * passed will be fired. When 1, the eventloop will wait + * until the first callback can be fired, either because a + * associated file descriptor has become readable or writeable, + * or because a timeout time passed. + */ typedef void (*getdns_eventloop_run_once)(getdns_eventloop *loop,int blocking); - /* Virtual Method Table */ +/** + * The Virtual Method Table providing the interface for this specific + * event loop extension. + */ struct getdns_eventloop_vmt { + /** + * Destroy the getdns_eventloop and the associated underlying event + * loop for which it is an extension. + */ getdns_eventloop_noargs cleanup; + + /** + * Schedule a getdns_eventloop_event with a getdns_eventloop. + */ getdns_eventloop_schedule schedule; + + /** + * Clear a getdns_eventloop_event + */ getdns_eventloop_clear clear; + + /** + * Run the getdns_eventloop until it has no getdns_eventloop_events + * scheduled. + */ getdns_eventloop_noargs run; + + /** + * Do a single iteration of firing callbacks for scheduled events + * and then return. + */ getdns_eventloop_run_once run_once; }; -/* set an event loop extension on the context */ +/** + * Configure a context to use the specified event loop abstraction extension. + * This function must be called with an provisioned eventloop by the + * event loop extension registration functions. + * @see getdns_context_get_eventloop + * @param context The context to configure + * @param eventloop The event loop abstraction extension with a completely + * provisioned Virtual Method Table and other associated + * data which is opaque to the user. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or eventloop were NULL. + */ getdns_return_t getdns_context_set_eventloop(getdns_context* context, getdns_eventloop *eventloop); -/* get the currently active (pluggable) eventloop from the context */ +/** + * Get the current event loop abstraction extension from the context + * Applications using getdns can use the event loop abstraction extension + * themselves directly to inherit the flexibility being immediately + * compatible with all the event loop systems for which there is an extension + * (i.e. libevent, libev and libuv). + * @see getdns_context_set_eventloop + * @param context [in] The context to get the eventloop from + * @param eventloop [out] The currently active event loop abstraction extension + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or evenloop were NULL + */ getdns_return_t getdns_context_get_eventloop(getdns_context* context, getdns_eventloop **eventloop); -/* detach the eventloop from the context */ -getdns_return_t -getdns_context_detach_eventloop(getdns_context *context); - -/* Run the context's event loop until nothing more to do */ +/** + * Run the context's event loop until nothing more to do. + * This is equivalend to: + * ```c + * if (getdns_context_get_eventloop(context, &loop) == GETDNS_RETURN_GOOD) + * loop->vmt->run(loop); + * ``` + * @param context The context which event loop to run. + */ void getdns_context_run(getdns_context *context); /** @} */ -/** - * \defgroup contextfunction Additional getdns_context async functions - * @{ - */ -/* process async reqs */ -getdns_return_t getdns_context_process_async(getdns_context* context); -/** @} - */ - /** * \defgroup Ucontextset Additional getdns_context_set functions * @{ */ + /** * Register a callback function for context changes. + * @see getdns_context_set_context_update_callback * @param context The context to monitor for changes * @param userarg A user defined argument that will be passed to the callback * function. @@ -248,26 +386,122 @@ getdns_return_t getdns_context_set_update_callback(getdns_context *context, void *userarg, void (*value) (getdns_context *, getdns_context_code_t, void *)); -/* Enable the return_dnssec_status extension on every request. - value is either GETDNS_EXTENSION_TRUE or GETDNS_EXTENSION_FALSE - returns GETDNS_RETURN_GOOD on success or GETDNS_RETURN_INVALID_PARAMETER - if context or value is invalid */ +/** + * Enable the return_dnssec_status extension on every request. + * @param context The context to configure + * @param enabled is either GETDNS_EXTENSION_TRUE or GETDNS_EXTENSION_FALSE + * @return GETDNS_RETURN_GOOD on success + * @return GETDNS_RETURN_INVALID_PARAMETER if context or value is invalid + */ getdns_return_t getdns_context_set_return_dnssec_status( getdns_context *context, int enabled); -/* tells underlying unbound to use background threads or fork */ -getdns_return_t getdns_context_set_use_threads(getdns_context* context, - int use_threads); - +/** + * Configure context for oppertunistic or scrict usage profile with DNS + * over TLS. + * @see getdns_context_get_tls_authentication + * @param context The context to configure + * @param value is either GETDNS_AUTHENTICATION_REQUIRED for the strict + * usage profile or GETDNS_AUTHENTICATION_NONE for opportunistic + * profile. + * See #getdns_context_set_upstream_recursive_servers + * for details on how to configure credentials per upstream. + * @return GETDNS_RETURN_GOOD on success + * @return GETDNS_RETURN_INVALID_PARAMETER if context is null or value has an + * invalid value. + */ getdns_return_t getdns_context_set_tls_authentication( getdns_context *context, getdns_tls_authentication_t value); +/** + * Configure context to round robin queries over the available upstreams + * when resolving with the stub resolution type. + * @see getdns_context_get_round_robin_upstreams + * @param context The context to configure + * @param value is either 1 to enable and 0 to disable round robin. + * @return GETDNS_RETURN_GOOD on success + * @return GETDNS_RETURN_INVALID_PARAMETER if context is null or value has an + * invalid value. + */ +getdns_return_t +getdns_context_set_round_robin_upstreams(getdns_context *context, uint8_t value); + +/** + * Configure the amount of seconds a TLS connection should not be tried with + * an upstream when it has never been tried before. Default is 3600 which is + * one hour. + * @see getdns_context_get_tls_backoff_time + * @param context The context to configure + * @param value Number of seconds before an attempt to setup DNS over TLS, + * with an upstream for which setting up an TLS connection has + * never been successful before, will be retried. + * @return GETDNS_RETURN_GOOD on success + * @return GETDNS_RETURN_INVALID_PARAMETER if context is null. + */ +getdns_return_t +getdns_context_set_tls_backoff_time(getdns_context *context, uint16_t value); + +/** + * Configure the number of times getdns retries to setup DNS over TLS with a + * specific upstream, before it decides to give up for tls_backoff_time + * seconds. The default is 2. + * @see getdns_context_get_tls_connection_retries + * @param context The context to configure + * @param value Number of attempts to retry setting up a DNS over TLS + * connection before giving up. + * @return GETDNS_RETURN_GOOD on success + * @return GETDNS_RETURN_INVALID_PARAMETER if context is null. + */ +getdns_return_t +getdns_context_set_tls_connection_retries(getdns_context *context, uint16_t value); + +/** + * Configure context to sent queries with the EDNS Client Subnet option set + * to hide the originating network when resolving in stub resolution. + * The default is 0 (disabled). + * @see getdns_context_get_edns_client_subnet_private + * @param context The context to configure + * @param value is either 1 to enable and 0 to disable. + * @return GETDNS_RETURN_GOOD on success + * @return GETDNS_RETURN_INVALID_PARAMETER if context is null or value has an + * invalid value. + */ getdns_return_t getdns_context_set_edns_client_subnet_private(getdns_context *context, uint8_t value); +/** + * Configure context to pad each outgoing query over TLS to a multiple of the + * requested blocksizes. A value of 0 means disable, and a value of 1 means + * to "pad using a sensible policy". The default is 1 (pad using sensible policy). + * @see getdns_context_get_tls_query_padding_blocksize + * @param context The context to configure + * @param value The requested block size to pad to, or 0 to disable, or 1 to + * indicate that the library should use a sinsible policy. + * Currently that just means to pad to a multiple of 128 octets for + * outgoing queries, but this might change in the future. + * @return GETDNS_RETURN_GOOD on success + * @return GETDNS_RETURN_INVALID_PARAMETER if context is null or value has an + * invalid value. + */ getdns_return_t getdns_context_set_tls_query_padding_blocksize(getdns_context *context, uint16_t value); + +/** + * Configure context to advertise maximum UDP payload size values, that + * adhere to the suggestions in RFC 6891 and may follow a scheme that uses + * multiple values to maximize receptivity. In practice with our implementation + * this means 1432 for IPv4 upstreams and 1232 for IPv6 upstreams. + * The default is to have the edns maximum UDP payload size to be unset and + * thus use the adaptive scheme. + * @see getdns_context_set_edns_maximum_udp_payload_size + * @see getdns_context_get_edns_maximum_udp_payload_size + * @param context The context to configure + * @return GETDNS_RETURN_GOOD on success + * @return GETDNS_RETURN_INVALID_PARAMETER if context is null. + */ +getdns_return_t +getdns_context_unset_edns_maximum_udp_payload_size(getdns_context *context); /** @} */ @@ -275,85 +509,349 @@ getdns_context_set_tls_query_padding_blocksize(getdns_context *context, uint16_t * \defgroup Ucontextget Additional getdns_context_get functions * @{ */ -/** begin getters **/ + +/** + * Get the current resolution type setting from this context. + * @see getdns_context_set_resolution_type + * @param context [in] The context from which to get the setting + * @param value [out] The resolution type, either GETDNS_RESOLUTION_RECURSING + * or GETDNS_RESOLUTION_STUB. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ getdns_return_t getdns_context_get_resolution_type(getdns_context *context, getdns_resolution_t* value); -/** users must call free on the resulting namespaces if not NULL */ +/** + * Get a copy of the namespaces list setting from this context. + * Users must call free on the resulting namespaces if not NULL + * @see getdns_context_set_namespaces + * @param context [in] The context from which to get the setting + * @param namespace_count [out] The length of the list. + * @param namespaces [out] The returned namespaces list. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when any of the arguments was NULL. + */ getdns_return_t getdns_context_get_namespaces(getdns_context *context, size_t* namespace_count, getdns_namespace_t **namespaces); +/** + * Get what transports are used for DNS lookups. + * @see getdns_context_set_dns_transport + * @see getdns_context_get_dns_transport_list + * @see getdns_context_set_dns_transport_list + * @param context [in] The context from which to get the setting + * @param value [out] The transport to use for DNS lookups. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when any of the arguments was NULL. + */ getdns_return_t getdns_context_get_dns_transport(getdns_context *context, getdns_transport_t* value); +/** + * Get a copy of the transports list setting from this context. + * Users must call free on the resulting transports if not NULL + * @see getdns_context_set_dns_transport_list + * @see getdns_context_get_dns_transport + * @see getdns_context_set_dns_transport + * @param context [in] The context from which to get the setting + * @param transport_count [out] The length of the list. + * @param transports [out] The returned transports list. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when any of the arguments was NULL. + */ getdns_return_t getdns_context_get_dns_transport_list(getdns_context *context, size_t* transport_count, getdns_transport_list_t **transports); +/** + * Get the current limit for oustanding queries setting from this context. + * @see getdns_context_set_limit_outstanding_queries + * @param context [in] The context from which to get the setting + * @param limit [out] The current limit for oustanding queries + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or limit was NULL. + */ getdns_return_t getdns_context_get_limit_outstanding_queries(getdns_context *context, uint16_t* limit); +/** + * Get the current number of milliseconds the API will wait for request + * to return setting from this context. + * @see getdns_context_set_timeout + * @param context [in] The context from which to get the setting + * @param timeout [out] The number of milliseconds the API will wait for a + * response. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or limit was NULL. + */ getdns_return_t getdns_context_get_timeout(getdns_context *context, uint64_t* timeout); +/** + * Get the current number of milliseconds the API will leave an idle TCP or TLS + * connection open for (idle means no outstanding responses and no pending + * queries). + * @see getdns_context_set_idle_timeout + * @param context [in] The context from which to get the setting + * @param timeout [out] The number of milliseconds the API will leave an idle TCP + * or TLS connection open for + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or timeout was NULL. + */ getdns_return_t getdns_context_get_idle_timeout(getdns_context *context, uint64_t* timeout); +/** + * Get the setting that says whether or not DNS queries follow redirects. + * @see getdns_context_set_follow_redirects + * @param context [in] The context from which to get the setting + * @param value [out] Either GETDNS_REDIRECTS_FOLLOW or GETDNS_REDIRECTS_DO_NOT_FOLLOW + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ getdns_return_t getdns_context_get_follow_redirects(getdns_context *context, getdns_redirects_t* value); +/** + * Get a copy of the list of addresses in use for looking up top-level domains + * in use by the context. + * Callers are responsible for deallocating the returned list with + * #getdns_list_destroy() + * @see getdns_context_set_dns_root_servers + * @param context [in] The context from which to get the setting + * @param addresses [out] A copy of the list of dns root servers in use for + * looking up top level domains. The caller must + * destroy this list. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or adresses was NULL. + * @return GETDNS_RETURN_MEMORY_ERROR when the copy could not be allocated + */ getdns_return_t getdns_context_get_dns_root_servers(getdns_context *context, getdns_list **addresses); +/** + * Get whether, how and when a suffix is appended to a query string with + * the context. + * @see getdns_context_set_append_name + * @param context [in] The context from which to get the setting + * @param value [out] GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRST, + * GETDNS_APPEND_NAME_ALWAYS, + * GETDNS_APPEND_NAME_ONLY_TO_SINGLE_LABEL_AFTER_FAILURE, + * GETDNS_APPEND_NAME_ONLY_TO_MULTIPLE_LABEL_NAME_AFTER_FAILURE, + * or GETDNS_APPEND_NAME_NEVER + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ getdns_return_t getdns_context_get_append_name(getdns_context *context, getdns_append_name_t* value); +/** + * Get a copy of the list of suffixes to be appended based on the value off the + * append_name setting in use by context + * Callers are responsible for deallocating the returned list with + * #getdns_list_destroy() + * @see getdns_context_set_suffix + * @param context [in] The context from which to get the setting + * @param value [out] A copy of the list of suffixes. The caller must destroy + * this list. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + * @return GETDNS_RETURN_MEMORY_ERROR when the copy could not be allocated + */ getdns_return_t getdns_context_get_suffix(getdns_context *context, getdns_list **value); +/** + * Get a copy of the list of DNSSEC trust anchors in use by context. + * Callers are responsible for deallocating the returned list with + * #getdns_list_destroy() + * @see getdns_context_set_dnssec_trust_anchors + * @param context [in] The context from which to get the setting + * @param value [out] A copy of the list of DNSSEC trust anchors. + * The caller must destroy this list. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + * @return GETDNS_RETURN_MEMORY_ERROR when the copy could not be allocated + */ getdns_return_t getdns_context_get_dnssec_trust_anchors(getdns_context *context, getdns_list **value); +/** + * Get the allowed DNSSEC skew setting from context + * @see getdns_context_set_dnssec_allowed_skew + * @param context [in] The context from which to get the setting + * @param value [out] The number of seconds of skew that is allowed in either + * direction when checking an RRSIG's Expiration and Inception + * fields. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ getdns_return_t getdns_context_get_dnssec_allowed_skew(getdns_context *context, uint32_t* value); +/** + * Get a copy of the list of upstream that will be targeted in stub resolution + * mode. + * Callers are responsible for deallocating the returned list with + * #getdns_list_destroy() + * @see getdns_context_set_upstream_recursive_servers + * @param context [in] The context from which to get the setting + * @param upstream_list [out] A copy of the list of upstreams. + * The caller must destroy this list. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + * @return GETDNS_RETURN_MEMORY_ERROR when the copy could not be allocated + */ getdns_return_t getdns_context_get_upstream_recursive_servers(getdns_context *context, getdns_list **upstream_list); +/** + * Get the maximum UDP payload size advertised in an EDNS0 OPT record + * setting from context + * @see getdns_context_set_edns_maximum_udp_payload_size + * @see getdns_context_unset_edns_maximum_udp_payload_size + * @param context [in] The context from which to get the setting + * @param value [out] the maximum UDP payload size advertised in an EDNS0 + * OPT record. When the value is unset, 0 is returned. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ getdns_return_t getdns_context_get_edns_maximum_udp_payload_size(getdns_context *context, uint16_t* value); +/** + * Get the rcode advertised in an EDNS0 OPT record setting from context + * @see getdns_context_set_edns_extended_rcode + * @param context [in] The context from which to get the setting + * @param value [out] The rcode advertised in an EDNS0 OPT record + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ getdns_return_t getdns_context_get_edns_extended_rcode(getdns_context *context, uint8_t* value); +/** + * Get the version advertised in an EDNS0 OPT record setting from context + * @see getdns_context_set_edns_version + * @param context [in] The context from which to get the setting + * @param value [out] The version advertised in an EDNS0 OPT record + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ getdns_return_t getdns_context_get_edns_version(getdns_context *context, uint8_t* value); +/** + * Get the DO bit advertised in an EDNS0 OPT record setting from context + * @see getdns_context_set_edns_do_bit + * @param context [in] The context from which to get the setting + * @param value [out] 1 if the DO bit is advertised in EDNS0 OPT records, + * 0 otherwise. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ getdns_return_t getdns_context_get_edns_do_bit(getdns_context *context, uint8_t* value); +/** + * Get whether queries with this context will have the EDNS Client Subnet + * option set to hide the originating network when resolving in stub + * resolution. + * @see getdns_context_set_edns_do_bit + * @param context [in] The context from which to get the setting + * @param value [out] 1 if the setting is on, 0 otherwise + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ getdns_return_t getdns_context_get_edns_client_subnet_private(getdns_context *context, uint8_t* value); +/** + * Get the blocksize that will be used to pad outgoing queries over TLS. + * @see getdns_context_set_tls_query_padding_blocksize + * @param context [in] The context from which to get the setting + * @param value [out] The padding blocksize, or 0 if padding is disabled, + * or 1 if the setting is to pad using a sensible policy. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ getdns_return_t getdns_context_get_tls_query_padding_blocksize(getdns_context *context, uint16_t* value); +/** + * Get whether the upstream needs to be authenticated whith DNS over TLS. + * @see getdns_context_set_tls_authentication + * @param context [in] The context from which to get the setting + * @param value [out] is either GETDNS_AUTHENTICATION_REQUIRED if + * authentication is required, or GETDNS_AUTHENTICATION_NONE + * if authentication is optional. When credentials are + * available, the API will still try to authenticate the + * upstream. + * See #getdns_context_set_upstream_recursive_servers + * for details on how to configure credentials per upstream. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ getdns_return_t getdns_context_get_tls_authentication(getdns_context *context, getdns_tls_authentication_t* value); +/** + * Get whether the context is configured to round robin queries over the available + * upstreams. + * @see getdns_context_get_round_robin_upstreams + * @param context [in] The context from which to get the setting + * @param value [out] 1 if the setting is on, 0 otherwise + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ +getdns_return_t +getdns_context_get_round_robin_upstreams(getdns_context *context, + uint8_t* value); + +/** + * Get the amount of seconds a TLS connection should not be tried with + * an upstream when it has never been tried before. + * @see getdns_context_set_tls_backoff_time + * @param context [in] The context from which to get the setting + * @param value [out] Number of seconds before an attempt to setup DNS over TLS, + * with an upstream for which setting up an TLS connection has + * never been successful before, will be retried. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ +getdns_return_t +getdns_context_get_tls_backoff_time(getdns_context *context, + uint16_t* value); + +/** + * Get the number of times getdns retries to setup DNS over TLS with a + * specific upstream, before it decides to give up for tls_backoff_time + * seconds. + * @see getdns_context_set_tls_connection_retries + * @param context [in] The context from which to get the setting + * @param value [out] Number of attempts to retry setting up a DNS over TLS + * connection before giving up. + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context or value was NULL. + */ +getdns_return_t +getdns_context_get_tls_connection_retries(getdns_context *context, + uint16_t* value); + /** * Get the currently registered callback function and user defined argument * for context changes. @@ -371,9 +869,6 @@ getdns_return_t getdns_context_get_update_callback(getdns_context *context, void **userarg, void (**value) (getdns_context *, getdns_context_code_t, void *)); -/* Async support */ -uint32_t getdns_context_get_num_pending_requests(getdns_context* context, - struct timeval* next_timeout); /** @} */ @@ -383,9 +878,36 @@ uint32_t getdns_context_get_num_pending_requests(getdns_context* context, * @{ */ +/** + * Get the version number of this implementation. + * @return The version number as string. For example "@GETDNS_VERSION@". + */ const char *getdns_get_version(void); + +/** + * Get the version number of this implementation as number. + * @return The version number as number. For example @GETDNS_NUMERIC_VERSION@. + * - The most significant byte of this uint32_t is the Major version. + * - The second most significant byte is the Minor version. + * - The third most significant byte the Patch version. + */ uint32_t getdns_get_version_number(void); + +/** + * Get the version of the getdns API specification this library implements + * as a string. + * @return The API specification version as string. For example "@API_VERSION@" + */ const char *getdns_get_api_version(void); + +/** + * Get the version of the getdns API specification this library implements + * as a number. + * @return The API specification version as number. For example "@API_NUMERIC_VERSION@" + * - The most significant 16 bits represent the year. + * - The third most significant byte the day. + */ + uint32_t getdns_get_api_version_number(void); /** @@ -397,14 +919,35 @@ uint32_t getdns_get_api_version_number(void); */ const char *getdns_get_errorstr_by_id(uint16_t err); -/* dict util */ -/* set a string as bindata */ -getdns_return_t getdns_dict_util_set_string(getdns_dict * dict, - char *name, const char *value); +/** + * Create a new entry in the dictionary, or replace the value of an existing + * entry, with a getdns_bindata representing a string. The string will be + * copied. The size of the bindata will be strlen(value), though there will + * be a '\0' byte directly after the size'd position even, though the size + * argument suggests that this would not be part of the bindata's date space. + * @see getdns_dict_set_bindata + * @param dict dictionary in which to add or change the value + * @param name key that identifies which item in the dictionary to add/change + * @param value string to be copied and stored in the bindata at key + * @return GETDNS_RETURN_GOOD on success + * @return GETDNS_RETURN_INVALID_PARAMETER when one of the arguments was NULL + * @return GETDNS_RETURN_MEMORY_ERROR when the copy could not be allocated + */ +getdns_return_t +getdns_dict_util_set_string(getdns_dict *dict, char *name, const char *value); -/* get a string from a dict. the result must be freed if valid */ -getdns_return_t getdns_dict_util_get_string(getdns_dict * dict, - char *name, char **result); +/** + * Get the string associated with the speicifed name. The string should not + * be free()'d by the caller. + * @see getdns_dict_get_bindata + * @param dict dictionary from which to fetch the bindata + * @param name a name/key value to look up in the dictionary + * @param result The bindata's data value + * @return GETDNS_RETURN_GOOD on success + * @return GETDNS_RETURN_NO_SUCH_DICT_NAME if dict is invalid or name does not exist + */ +getdns_return_t +getdns_dict_util_get_string(getdns_dict * dict, char *name, char **result); /** * Validate replies or resource records. @@ -492,6 +1035,51 @@ getdns_return_t getdns_pubkey_pinset_sanity_check( const getdns_list* pinset, getdns_list* errorlist); +/** + * Configure a context with settings given in a getdns_dict. + * + * @param context The context to be configured. + * @param config_dict The getdns_dict containing the settings. + * The settings have the same name as returned by the + * getdns_context_get_api_information() function, or as + * used in the names of the getdns_context_get_*() and + * getdns_context_set_*() functions. + * - The dict returned by + * getdns_context_get_api_information() can be used + * as the config_dict directly, but context settings + * do *not* have to be below a `"all_context"` key. + * - It is possible to set default values for extensions + * that could otherwise only be given on a per query + * basis. For example: + * `{ dnssec_return_status: GETDNS_EXTENSION_TRUE }` is + * equivalent to using the + * getdns_context_set_return_dnssec_status() function + * with that value, but default values for the other + * extensions can be set by this method now too. + * For example + * `{ return_call_reporting: GETDNS_EXTENSION_TRUE}` + * - Trust anchor files and root hints content can also be + * given by file, for example: + * + * { dns_root_servers : "named.root" + * , dnssec_trust_anchors: "/etc/unbound/getdns-root.key" + * } + * @return GETDNS_RETURN_GOOD on success or an error code on failure. + * **Beware** that context might be partially configured on error. For retry + * strategies it is advised to recreate a new config. + */ +getdns_return_t +getdns_context_config(getdns_context *context, const getdns_dict *config_dict); + + + +/** @} + */ + +/** + * \defgroup UXTRAPrettyPrinting Pretty printing of getdns dicts and lists + * @{ + */ /** * Pretty print the getdns_dict in a given buffer snprintf style. @@ -588,6 +1176,14 @@ getdns_snprint_json_list( char *str, size_t size, const getdns_list *list, int pretty); +/** @} + */ + +/** + * \defgroup UDNSDataConversionFunctions Functions for converting between getdns DNS dicts, DNS wire format and DNS presentation format + * @{ + */ + /** * Convert rr_dict to wireformat representation of the resource record. * @@ -901,6 +1497,14 @@ getdns_return_t getdns_msg_dict2str_scan( const getdns_dict *msg_dict, char **str, int *str_len); +/** @} + */ + +/** + * \defgroup Ustring2getdns_data Functions for converting strings to getdns data structures + * @{ + */ + /** * Convert string text to a getdns_dict. * @@ -948,7 +1552,8 @@ getdns_str2list(const char *str, getdns_list **list); * - bindata representation of IP or IPv6 addresses may be * given in their presentation format. For example: * `{ dns_root_servers: [ 2001:7fd::1, 193.0.14.129 ] }` - * - Arbitrary binary data may be given with a `0x` prefix. + * - Arbitrary binary data may be given with a `0x` prefix, + * or in base64 encoding. * For example: * * { add_opt_parameters: @@ -965,7 +1570,7 @@ getdns_str2list(const char *str, getdns_list **list); * [ { address_data : 2a04:b900:0:100::37 * , tsig_name : hmac-md5.tsigs.getdnsapi.net. * , tsig_algorithm: hmac-md5.sig-alg.reg.int. - * , tsig_secret : 0xD7A1BAF4E4DE5D6EB149 + * , tsig_secret : 16G69OTeXW6xSQ== * } ] * } * @@ -989,50 +1594,23 @@ getdns_str2bindata(const char *str, getdns_bindata **bindata); getdns_return_t getdns_str2int(const char *str, uint32_t *value); -/** - * Configure a context with settings given in a getdns_dict. - * - * @param context The context to be configured. - * @param config_dict The getdns_dict containing the settings. - * The settings have the same name as returned by the - * getdns_context_get_api_information() function, or as - * used in the names of the getdns_context_get_*() and - * getdns_context_set_*() functions. - * - The dict returned by - * getdns_context_get_api_information() can be used - * as the config_dict directly, but context settings - * do *not* have to be below a `"all_context"` key. - * - It is possible to set default values for extensions - * that could otherwise only be given on a per query - * basis. For example: - * `{ dnssec_return_status: GETDNS_EXTENSION_TRUE }` is - * equivalent to using the - * getdns_context_set_return_dnssec_status() function - * with that value, but default values for the other - * extensions can be set by this method now too. - * For example - * `{ return_call_reporting: GETDNS_EXTENSION_TRUE}` - * - Trust anchor files and root hints content can also be - * given by file, for example: - * - * { dns_root_servers : "named.root" - * , dnssec_trust_anchors: "/etc/unbound/getdns-root.key" - * } - * @return GETDNS_RETURN_GOOD on success or an error code on failure. - * **Beware** that context might be partially configured on error. For retry - * strategies it is advised to recreate a new config. +/** @} */ -getdns_return_t -getdns_context_config(getdns_context *context, const getdns_dict *config_dict); +/** + * \defgroup UServerFunctions Functions for creating simple DNS servers + * @{ + */ /** * The user defined request handler that will be called on incoming requests. */ typedef void (*getdns_request_handler_t)( - getdns_context *context, - getdns_dict *request, - getdns_transaction_t request_id + getdns_context *context, + getdns_callback_type_t callback_type, + getdns_dict *request, + void *userarg, + getdns_transaction_t request_id ); /** @@ -1041,6 +1619,11 @@ typedef void (*getdns_request_handler_t)( * * @param context The context managing the eventloop that needs to be run to * start serving. + * @param listen_addresses A list of address dicts or bindatas that will be + * listened on for DNS requests. Both UDP and TCP + * transports will be used. + * @param userarg A user defined argument that will be passed to the handler + * untouched. * @param handler The user defined request handler that will be called with the * request received in reply dict format. To reply to this request * the function has to construct a response (or modify the request) @@ -1050,9 +1633,6 @@ typedef void (*getdns_request_handler_t)( * not answered by the function, by not calling getdns_reply() this * will cause a memory leak. The user most use getdns_reply() * with NULL as the response to not answer/cancel a request. - * @param listen_addresses A list of address dicts or bindatas that will be - * listened on for DNS requests. Both UDP and TCP - * transports will be used. * @return GETDNS_RETURN_GOOD on success or an error code on failure. * On failure, the current set of listening addresses is left in place. * Also, if there is overlap in listening_addresses between the active set @@ -1061,8 +1641,9 @@ typedef void (*getdns_request_handler_t)( * DNS transactions will remain. */ getdns_return_t -getdns_context_set_listen_addresses(getdns_context *context, - getdns_request_handler_t handler, const getdns_list *listen_addresses); +getdns_context_set_listen_addresses( + getdns_context *context, const getdns_list *listen_addresses, + void *userarg, getdns_request_handler_t handler); /** * Answer the request associated with a request_id that is received by a @@ -1070,11 +1651,11 @@ getdns_context_set_listen_addresses(getdns_context *context, * * @param context The context managing the eventloop that needs to be run to * listen for and answer requests. - * @param request_id The identifier that links this response with the - * received request. * @param reply The answer in getdns reply dict or response dict format. * When NULL is given as reply, the request is not answered * but all associated state is deleted. + * @param request_id The identifier that links this response with the + * received request. * @return GETDNS_RETURN_GOOD on success or an error code on failure. * On fatal failure (no retry strategy possible) the user still needs to * cancel the request by recalling getdns_reply() but with NULL as response, @@ -1082,7 +1663,7 @@ getdns_context_set_listen_addresses(getdns_context *context, */ getdns_return_t getdns_reply(getdns_context *context, - getdns_transaction_t request_id, getdns_dict *reply); + getdns_dict *reply, getdns_transaction_t request_id); /** @} @@ -1093,12 +1674,56 @@ getdns_reply(getdns_context *context, * \defgroup Uutilityfunctionsdeprecated Additional utility functions (will be deprecated) * @{ */ -/* WARNING! Function getdns_strerror is not in the API specification and +/** + * WARNING! Function getdns_strerror is not in the API specification and * is likely to be removed from future versions of our implementation, to be * replaced by getdns_get_errorstr_by_id or something similar. * Please use getdns_get_errorstr_by_id instead of getdns_strerror. */ getdns_return_t getdns_strerror(getdns_return_t err, char *buf, size_t buflen); + +/** + * Runs the event loop once non blocking. + * WARNING! Do not use this function. This function will be removed in + * future versions of getdns. + */ +getdns_return_t getdns_context_process_async(getdns_context* context); + +/** + * Return the number of pending requests and the point of time of the next + * timeout. + * WARNING! Do not use this function. This function will be removed in + * future versions of getdns. + */ +uint32_t getdns_context_get_num_pending_requests(getdns_context* context, + struct timeval* next_timeout); + +/** + * Detach the eventloop from the context. Resets the context with the default + * event loop based on poll(). WARNING! Do not use this function. It is For + * internal use only and may disappear in future releases. + * @param context The context to reset to default event loop usage + * @return GETDNS_RETURN_GOOD when successful + * @return GETDNS_RETURN_INVALID_PARAMETER when context is NULL + */ +getdns_return_t +getdns_context_detach_eventloop(getdns_context *context); + +/** + * Tell underlying unbound context to use background threads or fork. + * This is only relevant for libunbound version before 1.5.9. After this + * version the underlying unbound will share the event loop with getdns + * eliminating the use for threads. Since the need for this function is + * doubtful and likely to disappear in the future, use is strongly + * discouraged. + * @param context The context to configure + * @param use_threads is either 1 to use threads, or 0 to use fork + * @return GETDNS_RETURN_GOOD on success + * @return GETDNS_RETURN_INVALID_PARAMETER if context is NULL + */ +getdns_return_t getdns_context_set_use_threads(getdns_context* context, + int use_threads); + /** @} */ /** @} diff --git a/src/gldns/gbuffer.c b/src/gldns/gbuffer.c index ac70415d..04c257fb 100644 --- a/src/gldns/gbuffer.c +++ b/src/gldns/gbuffer.c @@ -33,6 +33,7 @@ gldns_buffer_new(size_t capacity) buffer->_position = 0; buffer->_limit = buffer->_capacity = capacity; buffer->_fixed = 0; + buffer->_vfixed = 0; buffer->_status_err = 0; gldns_buffer_invariant(buffer); @@ -48,6 +49,7 @@ gldns_buffer_new_frm_data(gldns_buffer *buffer, void *data, size_t size) buffer->_position = 0; buffer->_limit = buffer->_capacity = size; buffer->_fixed = 0; + buffer->_vfixed = 0; buffer->_data = malloc(size); if(!buffer->_data) { buffer->_status_err = 1; @@ -66,6 +68,17 @@ gldns_buffer_init_frm_data(gldns_buffer *buffer, void *data, size_t size) buffer->_data = data; buffer->_capacity = buffer->_limit = size; buffer->_fixed = 1; + buffer->_vfixed = 0; +} + +void +gldns_buffer_init_vfixed_frm_data(gldns_buffer *buffer, void *data, size_t size) +{ + memset(buffer, 0, sizeof(*buffer)); + buffer->_data = data; + buffer->_capacity = buffer->_limit = size; + buffer->_fixed = 1; + buffer->_vfixed = 1; } int @@ -120,20 +133,19 @@ gldns_buffer_printf(gldns_buffer *buffer, const char *format, ...) remaining = gldns_buffer_remaining(buffer); va_start(args, format); - written = _gldns_vsnprintf((char*)gldns_buffer_current(buffer), - remaining, format, args); + written = vsnprintf((char *) gldns_buffer_current(buffer), remaining, + format, args); va_end(args); if (written == -1) { buffer->_status_err = 1; return -1; - } else if (!buffer->_fixed && (size_t) written >= remaining) { + } else if (!buffer->_vfixed && (size_t) written >= remaining) { if (!gldns_buffer_reserve(buffer, (size_t) written + 1)) { buffer->_status_err = 1; return -1; } va_start(args, format); - written = _gldns_vsnprintf( - (char *) gldns_buffer_current(buffer), + written = vsnprintf((char *) gldns_buffer_current(buffer), gldns_buffer_remaining(buffer), format, args); va_end(args); if (written == -1) { diff --git a/src/gldns/gbuffer.h b/src/gldns/gbuffer.h index 2db9e250..1b1eb498 100644 --- a/src/gldns/gbuffer.h +++ b/src/gldns/gbuffer.h @@ -27,21 +27,6 @@ extern "C" { # endif #endif -#ifndef USE_WINSOCK -#define _gldns_vsnprintf vsnprintf -#else -/* Unlike Linux and BSD, vsnprintf on Windows returns -1 on overflow. - * Here it is redefined to always return the amount printed - * if enough space had been available. - */ -INLINE int -_gldns_vsnprintf(char *str, size_t size, const char *format, va_list ap) -{ - int r = vsnprintf(str, size, format, ap); - return r == -1 ? _vscprintf(format, ap) : r; -} -#endif - /* * Copy data allowing for unaligned accesses in network byte order * (big endian). @@ -145,6 +130,17 @@ struct gldns_buffer /** If the buffer is fixed it cannot be resized */ unsigned _fixed : 1; + /** If the buffer is vfixed, no more than capacity bytes willl be + * written to _data, however the _position counter will be updated + * with the amount that would have been written in consecutive + * writes. This allows for a modus operandi in which a sequence is + * written on a fixed capacity buffer (perhaps with _data on stack). + * When everything could be written, then the _data is immediately + * usable, if not, then a buffer could be allocated sized precisely + * to fit the data for a second attempt. + */ + unsigned _vfixed : 1; + /** The current state of the buffer. If writing to the buffer fails * for any reason, this value is changed. This way, you can perform * multiple writes in sequence and check for success afterwards. */ @@ -162,9 +158,9 @@ INLINE void gldns_buffer_invariant(gldns_buffer *buffer) { assert(buffer != NULL); - assert(buffer->_position <= buffer->_limit || buffer->_fixed); + assert(buffer->_position <= buffer->_limit || buffer->_vfixed); assert(buffer->_limit <= buffer->_capacity); - assert(buffer->_data != NULL || (buffer->_capacity == 0 && buffer->_fixed)); + assert(buffer->_data != NULL || (buffer->_vfixed && buffer->_capacity == 0)); } #endif @@ -196,6 +192,19 @@ void gldns_buffer_new_frm_data(gldns_buffer *buffer, void *data, size_t size); */ void gldns_buffer_init_frm_data(gldns_buffer *buffer, void *data, size_t size); +/** + * Setup a buffer with the data pointed to. No data copied, no memory allocs. + * The buffer is "virtually" fixed. Writes beyond size (the capacity) will + * only update position, but no data will be written beyond capacity. This + * allows to determine how big the buffer should have been to contain all the + * written data, by looking at the position with gldns_buffer_position(), + * similarly to the return value of POSIX's snprintf. + * \param[in] buffer pointer to the buffer to put the data in + * \param[in] data the data to encapsulate in the buffer + * \param[in] size the size of the data + */ +void gldns_buffer_init_vfixed_frm_data(gldns_buffer *buffer, void *data, size_t size); + /** * clears the buffer and make it ready for writing. The buffer's limit * is set to the capacity and the position is set to 0. @@ -259,7 +268,7 @@ gldns_buffer_position(gldns_buffer *buffer) INLINE void gldns_buffer_set_position(gldns_buffer *buffer, size_t mark) { - assert(mark <= buffer->_limit || buffer->_fixed); + assert(mark <= buffer->_limit || buffer->_vfixed); buffer->_position = mark; } @@ -273,7 +282,7 @@ gldns_buffer_set_position(gldns_buffer *buffer, size_t mark) INLINE void gldns_buffer_skip(gldns_buffer *buffer, ssize_t count) { - assert(buffer->_position + count <= buffer->_limit || buffer->_fixed); + assert(buffer->_position + count <= buffer->_limit || buffer->_vfixed); buffer->_position += count; } @@ -345,7 +354,7 @@ int gldns_buffer_reserve(gldns_buffer *buffer, size_t amount); INLINE uint8_t * gldns_buffer_at(const gldns_buffer *buffer, size_t at) { - assert(at <= buffer->_limit || buffer->_fixed); + assert(at <= buffer->_limit || buffer->_vfixed); return buffer->_data + at; } @@ -395,6 +404,7 @@ INLINE size_t gldns_buffer_remaining_at(gldns_buffer *buffer, size_t at) { gldns_buffer_invariant(buffer); + assert(at <= buffer->_limit || buffer->_vfixed); return at < buffer->_limit ? buffer->_limit - at : 0; } @@ -447,7 +457,7 @@ gldns_buffer_available(gldns_buffer *buffer, size_t count) INLINE void gldns_buffer_write_at(gldns_buffer *buffer, size_t at, const void *data, size_t count) { - if (!buffer->_fixed) + if (!buffer->_vfixed) assert(gldns_buffer_available_at(buffer, at, count)); else if (gldns_buffer_remaining_at(buffer, at) == 0) return; @@ -504,7 +514,7 @@ gldns_buffer_write_string(gldns_buffer *buffer, const char *str) INLINE void gldns_buffer_write_u8_at(gldns_buffer *buffer, size_t at, uint8_t data) { - if (buffer->_fixed && at + sizeof(data) > buffer->_limit) return; + if (buffer->_vfixed && at + sizeof(data) > buffer->_limit) return; assert(gldns_buffer_available_at(buffer, at, sizeof(data))); buffer->_data[at] = data; } @@ -530,7 +540,7 @@ gldns_buffer_write_u8(gldns_buffer *buffer, uint8_t data) INLINE void gldns_buffer_write_u16_at(gldns_buffer *buffer, size_t at, uint16_t data) { - if (buffer->_fixed && at + sizeof(data) > buffer->_limit) return; + if (buffer->_vfixed && at + sizeof(data) > buffer->_limit) return; assert(gldns_buffer_available_at(buffer, at, sizeof(data))); gldns_write_uint16(buffer->_data + at, data); } @@ -556,7 +566,7 @@ gldns_buffer_write_u16(gldns_buffer *buffer, uint16_t data) INLINE void gldns_buffer_write_u32_at(gldns_buffer *buffer, size_t at, uint32_t data) { - if (buffer->_fixed && at + sizeof(data) > buffer->_limit) return; + if (buffer->_vfixed && at + sizeof(data) > buffer->_limit) return; assert(gldns_buffer_available_at(buffer, at, sizeof(data))); gldns_write_uint32(buffer->_data + at, data); } @@ -570,7 +580,7 @@ gldns_buffer_write_u32_at(gldns_buffer *buffer, size_t at, uint32_t data) INLINE void gldns_buffer_write_u48_at(gldns_buffer *buffer, size_t at, uint64_t data) { - if (buffer->_fixed && at + 6 > buffer->_limit) return; + if (buffer->_vfixed && at + 6 > buffer->_limit) return; assert(gldns_buffer_available_at(buffer, at, 6)); gldns_write_uint48(buffer->_data + at, data); } diff --git a/src/gldns/keyraw.c b/src/gldns/keyraw.c index 7a27e7f0..9e6adcb2 100644 --- a/src/gldns/keyraw.c +++ b/src/gldns/keyraw.c @@ -23,6 +23,15 @@ #ifdef HAVE_OPENSSL_ENGINE_H # include #endif +#ifdef HAVE_OPENSSL_BN_H +#include +#endif +#ifdef HAVE_OPENSSL_RSA_H +#include +#endif +#ifdef HAVE_OPENSSL_DSA_H +#include +#endif #endif /* HAVE_SSL */ size_t @@ -215,6 +224,7 @@ gldns_key_buf2dsa_raw(unsigned char* key, size_t len) BN_free(Y); return NULL; } +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) #ifndef S_SPLINT_S dsa->p = P; dsa->q = Q; @@ -222,6 +232,25 @@ gldns_key_buf2dsa_raw(unsigned char* key, size_t len) dsa->pub_key = Y; #endif /* splint */ +#else /* OPENSSL_VERSION_NUMBER */ + if (!DSA_set0_pqg(dsa, P, Q, G)) { + /* QPG not yet attached, need to free */ + BN_free(Q); + BN_free(P); + BN_free(G); + + DSA_free(dsa); + BN_free(Y); + return NULL; + } + if (!DSA_set0_key(dsa, Y, NULL)) { + /* QPG attached, cleaned up by DSA_fre() */ + DSA_free(dsa); + BN_free(Y); + return NULL; + } +#endif + return dsa; } @@ -273,11 +302,21 @@ gldns_key_buf2rsa_raw(unsigned char* key, size_t len) BN_free(modulus); return NULL; } +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) #ifndef S_SPLINT_S rsa->n = modulus; rsa->e = exponent; #endif /* splint */ +#else /* OPENSSL_VERSION_NUMBER */ + if (!RSA_set0_key(rsa, modulus, exponent, NULL)) { + BN_free(exponent); + BN_free(modulus); + RSA_free(rsa); + return NULL; + } +#endif + return rsa; } diff --git a/src/gldns/rrdef.h b/src/gldns/rrdef.h index b13580ea..58132c23 100644 --- a/src/gldns/rrdef.h +++ b/src/gldns/rrdef.h @@ -195,7 +195,7 @@ enum gldns_enum_rr_type GLDNS_RR_TYPE_TALINK = 58, GLDNS_RR_TYPE_CDS = 59, /** RFC 7344 */ GLDNS_RR_TYPE_CDNSKEY = 60, /** RFC 7344 */ - GLDNS_RR_TYPE_OPENPGPKEY = 61, /* draft-ietf-dane-openpgpkey */ + GLDNS_RR_TYPE_OPENPGPKEY = 61, /* RFC 7929 */ GLDNS_RR_TYPE_CSYNC = 62, /* RFC 7477 */ GLDNS_RR_TYPE_SPF = 99, /* RFC 4408 */ @@ -372,6 +372,8 @@ enum gldns_enum_algorithm GLDNS_ECC_GOST = 12, /* RFC 5933 */ GLDNS_ECDSAP256SHA256 = 13, /* RFC 6605 */ GLDNS_ECDSAP384SHA384 = 14, /* RFC 6605 */ + GLDNS_ED25519 = 15, /* RFC 8080 */ + GLDNS_ED448 = 16, /* RFC 8080 */ GLDNS_INDIRECT = 252, GLDNS_PRIVATEDNS = 253, GLDNS_PRIVATEOID = 254 diff --git a/src/gldns/str2wire.c b/src/gldns/str2wire.c index 4550a29a..89844f13 100644 --- a/src/gldns/str2wire.c +++ b/src/gldns/str2wire.c @@ -328,7 +328,7 @@ rrinternal_write_typeclassttl(gldns_buffer* strbuf, uint8_t* rr, size_t len, /** find delimiters for type */ static const char* -rrinternal_get_delims(gldns_rdf_type rdftype, uint16_t r_cnt, uint16_t r_max) +rrinternal_get_delims(gldns_rdf_type rdftype, size_t r_cnt, size_t r_max) { switch(rdftype) { case GLDNS_RDF_TYPE_B64 : @@ -463,7 +463,7 @@ rrinternal_parse_unknown(gldns_buffer* strbuf, char* token, size_t token_len, static int rrinternal_parse_rdf(gldns_buffer* strbuf, char* token, size_t token_len, uint8_t* rr, size_t rr_len, size_t* rr_cur_len, gldns_rdf_type rdftype, - uint16_t rr_type, uint16_t r_cnt, uint16_t r_max, size_t dname_len, + uint16_t rr_type, size_t r_cnt, size_t r_max, size_t dname_len, uint8_t* origin, size_t origin_len) { size_t len; @@ -613,7 +613,7 @@ rrinternal_parse_rdata(gldns_buffer* strbuf, char* token, size_t token_len, uint8_t* origin, size_t origin_len) { const gldns_rr_descriptor *desc = gldns_rr_descript((uint16_t)rr_type); - uint16_t r_cnt, r_min, r_max; + size_t r_cnt, r_min, r_max; size_t rr_cur_len = dname_len + 10, pre_data_pos, token_strlen; int was_unknown_rr_format = 0, parens = 0, status, quoted; const char* delimiters; @@ -693,7 +693,7 @@ rrinternal_parse_rdata(gldns_buffer* strbuf, char* token, size_t token_len, gldns_buffer_position(strbuf)); } /* write rdata length */ - gldns_write_uint16(rr+dname_len+8, rr_cur_len-dname_len-10); + gldns_write_uint16(rr+dname_len+8, (uint16_t)(rr_cur_len-dname_len-10)); *rr_len = rr_cur_len; return GLDNS_WIREPARSE_ERR_OK; } @@ -1369,7 +1369,7 @@ int gldns_str2wire_time_buf(const char* str, uint8_t* rd, size_t* len) if (tm.tm_sec < 0 || tm.tm_sec > 59) return GLDNS_WIREPARSE_ERR_SYNTAX_TIME; - gldns_write_uint32(rd, gldns_mktime_from_utc(&tm)); + gldns_write_uint32(rd, (uint32_t)gldns_mktime_from_utc(&tm)); } else { /* handle it as 32 bits timestamp */ char *end; @@ -1932,7 +1932,7 @@ int gldns_str2wire_tag_buf(const char* str, uint8_t* rd, size_t* len) if(!isalnum((unsigned char)*ptr)) return RET_ERR(GLDNS_WIREPARSE_ERR_SYNTAX_TAG, ptr-str); } - rd[0] = slen; + rd[0] = (uint8_t)slen; memmove(rd+1, str, slen); *len = slen+1; return GLDNS_WIREPARSE_ERR_OK; @@ -2000,7 +2000,7 @@ int gldns_str2wire_hip_buf(const char* str, uint8_t* rd, size_t* len) return RET_ERR_SHIFT(e, s-(char*)str); if(pklen > 65535) return RET_ERR(GLDNS_WIREPARSE_ERR_LABEL_OVERFLOW, s-(char*)str+65535); - gldns_write_uint16(rd+2, pklen); + gldns_write_uint16(rd+2, (uint16_t)pklen); *len = 4 + hitlen + pklen; return GLDNS_WIREPARSE_ERR_OK; diff --git a/src/gldns/wire2str.c b/src/gldns/wire2str.c index abc055d7..55a16f86 100644 --- a/src/gldns/wire2str.c +++ b/src/gldns/wire2str.c @@ -47,6 +47,8 @@ static gldns_lookup_table gldns_algorithms_data[] = { { GLDNS_ECC_GOST, "ECC-GOST"}, { GLDNS_ECDSAP256SHA256, "ECDSAP256SHA256"}, { GLDNS_ECDSAP384SHA384, "ECDSAP384SHA384"}, + { GLDNS_ED25519, "ED25519"}, + { GLDNS_ED448, "ED448"}, { GLDNS_INDIRECT, "INDIRECT" }, { GLDNS_PRIVATEDNS, "PRIVATEDNS" }, { GLDNS_PRIVATEOID, "PRIVATEOID" }, @@ -193,14 +195,22 @@ char* gldns_wire2str_type(uint16_t rrtype) { char buf[16]; gldns_wire2str_type_buf(rrtype, buf, sizeof(buf)); +#ifndef USE_WINSOCK return strdup(buf); +#else + return _strdup(buf); +#endif } char* gldns_wire2str_class(uint16_t rrclass) { char buf[16]; gldns_wire2str_class_buf(rrclass, buf, sizeof(buf)); +#ifndef USE_WINSOCK return strdup(buf); +#else + return _strdup(buf); +#endif } char* gldns_wire2str_dname(uint8_t* dname, size_t dname_len) @@ -216,7 +226,11 @@ char* gldns_wire2str_rcode(int rcode) { char buf[16]; gldns_wire2str_rcode_buf(rcode, buf, sizeof(buf)); +#ifndef USE_WINSOCK return strdup(buf); +#else + return _strdup(buf); +#endif } int gldns_wire2str_pkt_buf(uint8_t* d, size_t dlen, char* s, size_t slen) @@ -279,7 +293,7 @@ int gldns_wire2str_dname_buf(uint8_t* d, size_t dlen, char* s, size_t slen) int gldns_str_vprint(char** str, size_t* slen, const char* format, va_list args) { - int w = _gldns_vsnprintf(*str, *slen, format, args); + int w = vsnprintf(*str, *slen, format, args); if(w < 0) { /* error in printout */ return 0; @@ -668,7 +682,7 @@ int gldns_wire2str_rdata_scan(uint8_t** d, size_t* dlen, char** s, uint8_t* origd = *d; char* origs = *s; size_t origdlen = *dlen, origslen = *slen; - uint16_t r_cnt, r_max; + size_t r_cnt, r_max; gldns_rdf_type rdftype; int w = 0, n; @@ -789,8 +803,9 @@ int gldns_wire2str_dname_scan(uint8_t** d, size_t* dlen, char** s, size_t* slen, } /* spool label characters, end with '.' */ - if(in_buf && *dlen < labellen) labellen = *dlen; - else if(!in_buf && pos+labellen > pkt+pktlen) + if(in_buf && *dlen < (size_t)labellen) + labellen = (uint8_t)*dlen; + else if(!in_buf && pos+(size_t)labellen > pkt+pktlen) labellen = (uint8_t)(pkt + pktlen - pos); for(i=0; i<(unsigned)labellen; i++) { w += dname_char_print(s, slen, *pos++); @@ -1983,10 +1998,10 @@ int gldns_wire2str_edns_scan(uint8_t** data, size_t* data_len, char** str, w += gldns_str_print(str, str_len, " ; udp: %u", (unsigned)udpsize); if(rdatalen) { - if(*data_len < rdatalen) { + if((size_t)*data_len < rdatalen) { w += gldns_str_print(str, str_len, " ; Error EDNS rdata too short; "); - rdatalen = *data_len; + rdatalen = (uint16_t)*data_len; } w += print_edns_opts(str, str_len, *data, rdatalen); (*data) += rdatalen; diff --git a/src/gldns/wire2str.h b/src/gldns/wire2str.h index 050fb8e7..a4409991 100644 --- a/src/gldns/wire2str.h +++ b/src/gldns/wire2str.h @@ -118,7 +118,7 @@ int gldns_str_print(char** str, size_t* slen, const char* format, ...) * @param str_len: the size of the string buffer. If more is needed, it'll * silently truncate the output to fit in the buffer. * @return the number of characters for this element, excluding zerobyte. - * Is larger than str_len if output was truncated. + * Is larger or equal than str_len if output was truncated. */ int gldns_wire2str_pkt_buf(uint8_t* data, size_t data_len, char* str, size_t str_len); @@ -351,7 +351,7 @@ int gldns_wire2str_edns_option_code_print(char** str, size_t* str_len, * @param str_len: the size of the string buffer. If more is needed, it'll * silently truncate the output to fit in the buffer. * @return the number of characters for this element, excluding zerobyte. - * Is larger than str_len if output was truncated. + * Is larger or equal than str_len if output was truncated. */ int gldns_wire2str_rr_buf(uint8_t* rr, size_t rr_len, char* str, size_t str_len); @@ -369,7 +369,7 @@ int gldns_wire2str_rr_buf(uint8_t* rr, size_t rr_len, char* str, * @param str_len: the size of the string buffer. If more is needed, it'll * silently truncate the output to fit in the buffer. * @return the number of characters for this element, excluding zerobyte. - * Is larger than str_len if output was truncated. + * Is larger or equal than str_len if output was truncated. */ int gldns_wire2str_rr_unknown_buf(uint8_t* rr, size_t rr_len, char* str, size_t str_len); @@ -389,7 +389,7 @@ int gldns_wire2str_rr_unknown_buf(uint8_t* rr, size_t rr_len, char* str, * @param str_len: the size of the string buffer. If more is needed, it'll * silently truncate the output to fit in the buffer. * @return the number of characters for this element, excluding zerobyte. - * Is larger than str_len if output was truncated. + * Is larger or equal than str_len if output was truncated. */ int gldns_wire2str_rr_comment_buf(uint8_t* rr, size_t rr_len, size_t dname_len, char* str, size_t str_len); @@ -406,7 +406,7 @@ int gldns_wire2str_rr_comment_buf(uint8_t* rr, size_t rr_len, size_t dname_len, * silently truncate the output to fit in the buffer. * @param rrtype: rr type of the data * @return the number of characters for this element, excluding zerobyte. - * Is larger than str_len if output was truncated. + * Is larger or equal than str_len if output was truncated. */ int gldns_wire2str_rdata_buf(uint8_t* rdata, size_t rdata_len, char* str, size_t str_len, uint16_t rrtype); @@ -417,7 +417,7 @@ int gldns_wire2str_rdata_buf(uint8_t* rdata, size_t rdata_len, char* str, * @param str: the string to write to. * @param len: length of str. * @return the number of characters for this element, excluding zerobyte. - * Is larger than str_len if output was truncated. + * Is larger or equal than str_len if output was truncated. */ int gldns_wire2str_type_buf(uint16_t rrtype, char* str, size_t len); @@ -427,7 +427,7 @@ int gldns_wire2str_type_buf(uint16_t rrtype, char* str, size_t len); * @param str: the string to write to. * @param len: length of str. * @return the number of characters for this element, excluding zerobyte. - * Is larger than str_len if output was truncated. + * Is larger or equal than str_len if output was truncated. */ int gldns_wire2str_class_buf(uint16_t rrclass, char* str, size_t len); @@ -437,7 +437,7 @@ int gldns_wire2str_class_buf(uint16_t rrclass, char* str, size_t len); * @param str: the string to write to. * @param len: length of str. * @return the number of characters for this element, excluding zerobyte. - * Is larger than str_len if output was truncated. + * Is larger or equal than str_len if output was truncated. */ int gldns_wire2str_rcode_buf(int rcode, char* str, size_t len); @@ -448,7 +448,7 @@ int gldns_wire2str_rcode_buf(int rcode, char* str, size_t len); * @param str: the string to write to. * @param len: length of string. * @return the number of characters for this element, excluding zerobyte. - * Is larger than str_len if output was truncated. + * Is larger or equal than str_len if output was truncated. */ int gldns_wire2str_dname_buf(uint8_t* dname, size_t dname_len, char* str, size_t len); diff --git a/src/jsmn b/src/jsmn index 49024a6e..868c22e3 160000 --- a/src/jsmn +++ b/src/jsmn @@ -1 +1 @@ -Subproject commit 49024a6e11739c866bce0e9f3617278b98906ad0 +Subproject commit 868c22e35ec223fc26ddefdb9ca83901dc6e2534 diff --git a/src/libgetdns.symbols b/src/libgetdns.symbols index 6e3cb128..4df6a989 100644 --- a/src/libgetdns.symbols +++ b/src/libgetdns.symbols @@ -26,9 +26,12 @@ getdns_context_get_limit_outstanding_queries getdns_context_get_namespaces getdns_context_get_num_pending_requests getdns_context_get_resolution_type +getdns_context_get_round_robin_upstreams getdns_context_get_suffix getdns_context_get_timeout getdns_context_get_tls_authentication +getdns_context_get_tls_backoff_time +getdns_context_get_tls_connection_retries getdns_context_get_tls_query_padding_blocksize getdns_context_get_update_callback getdns_context_get_upstream_recursive_servers @@ -56,13 +59,17 @@ getdns_context_set_memory_functions getdns_context_set_namespaces getdns_context_set_resolution_type getdns_context_set_return_dnssec_status +getdns_context_set_round_robin_upstreams getdns_context_set_suffix getdns_context_set_timeout getdns_context_set_tls_authentication +getdns_context_set_tls_backoff_time +getdns_context_set_tls_connection_retries getdns_context_set_tls_query_padding_blocksize getdns_context_set_update_callback getdns_context_set_upstream_recursive_servers getdns_context_set_use_threads +getdns_context_unset_edns_maximum_udp_payload_size getdns_convert_alabel_to_ulabel getdns_convert_dns_name_to_fqdn getdns_convert_fqdn_to_dns_name diff --git a/src/list.c b/src/list.c index eec2a1c1..7a7d3e38 100644 --- a/src/list.c +++ b/src/list.c @@ -312,7 +312,7 @@ getdns_return_t _getdns_list_copy(const struct getdns_list * srclist, struct getdns_list ** dstlist) { - int i; + size_t i; getdns_return_t retval; if (!dstlist) @@ -353,6 +353,9 @@ _getdns_list_copy(const struct getdns_list * srclist, retval = _getdns_list_append_dict(*dstlist, srclist->items[i].data.dict); break; + default: + retval = GETDNS_RETURN_WRONG_TYPE_REQUESTED; + break; } if (retval != GETDNS_RETURN_GOOD) { getdns_list_destroy(*dstlist); diff --git a/src/mdns.c b/src/mdns.c new file mode 100644 index 00000000..28de951f --- /dev/null +++ b/src/mdns.c @@ -0,0 +1,2162 @@ +/* + * Functions for MDNS resolving. + */ + + /* + * Copyright (c) 2016 Christian Huitema + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + + +#include "config.h" +#include "debug.h" +#include "context.h" +#include "general.h" +#include "gldns/pkthdr.h" +#include "gldns/rrdef.h" +#include "util-internal.h" +#include "mdns.h" + +#ifdef HAVE_MDNS_SUPPORT + +#ifdef USE_WINSOCK +typedef u_short sa_family_t; +#define _getdns_EWOULDBLOCK (WSAGetLastError() == WSATRY_AGAIN ||\ + WSAGetLastError() == WSAEWOULDBLOCK) +#define _getdns_EINPROGRESS (WSAGetLastError() == WSAEINPROGRESS) +#else +#define _getdns_EWOULDBLOCK (errno == EAGAIN || errno == EWOULDBLOCK) +#define _getdns_EINPROGRESS (errno == EINPROGRESS) +#define SOCKADDR struct sockaddr +#define SOCKADDR_IN struct sockaddr_in +#define SOCKADDR_IN6 struct sockaddr_in6 +#define SOCKET int +#define IP_MREQ struct ip_mreq +#define IPV6_MREQ struct ipv6_mreq +#define BOOL int +#define TRUE 1 +#endif + +/* Define IPV6_ADD_MEMBERSHIP for FreeBSD and Mac OS X */ +#ifndef IPV6_ADD_MEMBERSHIP +#define IPV6_ADD_MEMBERSHIP IPV6_JOIN_GROUP +#endif + +uint64_t _getdns_get_time_as_uintt64(); + +#include "util/fptr_wlist.h" +#include "util/lookup3.h" + +/* + * Constants defined in RFC 6762 + */ + +#define MDNS_MCAST_IPV4_LONG 0xE00000FB /* 224.0.0.251 */ +#define MDNS_MCAST_PORT 5353 + +static uint8_t mdns_mcast_ipv6[] = { + 0xFF, 0x02, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0xFB +}; + +static uint8_t mdns_suffix_dot_local[] = { 5, 'l', 'o', 'c', 'a', 'l', 0 }; +static uint8_t mdns_suffix_254_169_in_addr_arpa[] = { + 3, '2', '5', '4', + 3, '1', '6', '9', + 7, 'i', 'n', '-', 'a', 'd', 'd', 'r', + 4, 'a', 'r', 'p', 'a', 0 }; +static uint8_t mdns_suffix_8_e_f_ip6_arpa[] = { + 1, '8', 1, 'e', 1, 'f', + 3, 'i', 'p', '6', + 4, 'a', 'r', 'p', 'a', 0 }; +static uint8_t mdns_suffix_9_e_f_ip6_arpa[] = { + 1, '9', 1, 'e', 1, 'f', + 3, 'i', 'p', '6', + 4, 'a', 'r', 'p', 'a', 0 }; +static uint8_t mdns_suffix_a_e_f_ip6_arpa[] = { + 1, 'a', 1, 'e', 1, 'f', + 3, 'i', 'p', '6', + 4, 'a', 'r', 'p', 'a', 0 }; +static uint8_t mdns_suffix_b_e_f_ip6_arpa[] = { + 1, 'b', 1, 'e', 1, 'f', + 3, 'i', 'p', '6', + 4, 'a', 'r', 'p', 'a', 0 }; + +#define MDNS_PACKET_INDEX_QCODE 2 +#define MDNS_PACKET_INDEX_QUERY 4 +#define MDNS_PACKET_INDEX_ANSWER 6 + +/* + * MDNS cache management using LRU Hash. + * + * Each record contains a DNS query + response, formatted as received from + * the network. By convention, there will be exactly one query, and + * a variable number of answers. Auth and AD sections will not be cached. + * For maintenance purpose, each recontains a last accessed time stamp. + * + * This structure works very well for classic DNS caches, but for MDNS we + * have to consider processing a new record for an existing cache entry. If + * the record is present, its TTL should be updated. If the record is not + * present, it should be added to the existing data. + * + * After an update, the TTL of all the records should be updated. Some + * records will end up with a TTL value of zero. These records should be + * deleted, using a "compression" procedure. + */ + + + +/* + * For the data part, we want to allocate in rounded increments, so as to reduce the + * number of calls to XMALLOC + */ + +static uint32_t +mdns_util_suggest_size(uint32_t required_size) +{ + return (required_size <= 512) ? ((required_size <= 256) ? 256 : 512) : + ((required_size + 1023) & 0xFFFFFC00); +} + +/* + * Cache management utilities + */ +static int +mdns_util_skip_name(uint8_t *p) +{ + int x = 0; + int l; + + for (;;) { + l = p[x]; + if (l == 0) + { + x++; + break; + } + else if (l >= 0xC0) + { + x += 2; + break; + } + else + { + x += l + 1; + } + } + return x; +} + +static size_t +mdns_util_copy_name(uint8_t * message, size_t message_length, size_t current_index, + uint8_t *name, int name_len_max, int name_index, int * name_len) +{ + uint8_t l; + size_t recursive_index; + + *name_len = 0; + while (current_index < message_length && name_index < name_len_max) { + l = message[current_index++]; + if (l == 0) + { + name[name_index++] = 0; + *name_len = name_index; + break; + } + else if (l >= 0xC0) + { + if (current_index < message_length) + { + recursive_index = ((l & 63) << 8) | message[current_index++]; + + (void) mdns_util_copy_name(message, message_length, + recursive_index, name, name_len_max, name_index, name_len); + + if (*name_len == 0) + { + current_index = message_length; + } + } + break; + } + else if (current_index + l < message_length && + name_index + l + 1 < name_len_max) + { + name[name_index++] = l; + + memcpy(name + name_index, message + current_index, l); + name_index += l; + current_index += l; + } + else + { + current_index = message_length; + break; + } + } + + return current_index; +} + +static int +mdns_util_skip_query(uint8_t *p) +{ + return mdns_util_skip_name(p) + 4; +} + +/* + * Single copy procedure for many record types + * copy N octets, then the canonical value of the name. + */ +static int +mdns_util_canonical_flags_and_name(uint8_t *message, int message_length, + int record_length, + int current_index, + int nb_octets_to_copy, + uint8_t *buffer, int buffer_max, + uint8_t **actual_record, int *actual_length) +{ + int ret = 0; + int buffer_index = 0; + int name_len = 0; + + if (buffer_max <= nb_octets_to_copy || record_length <= nb_octets_to_copy) + { + /* incorrect buffer */ + ret = GETDNS_RETURN_GENERIC_ERROR; + } + else + { + for (int i = 0; i < nb_octets_to_copy; i++) + { + buffer[buffer_index++] = message[current_index++]; + } + + current_index = mdns_util_copy_name(message, message_length, current_index, buffer, buffer_max, buffer_index, &name_len); + if (current_index == record_length) + { + buffer_index += name_len; + *actual_record = buffer; + *actual_length = buffer_index; + } + else + { + /* something went wrong. */ + ret = GETDNS_RETURN_BAD_DOMAIN_NAME; + } + } + + return ret; +} +/* + * Set record value to canonical form + */ +static int +mdns_util_canonical_record(uint8_t *message, int message_length, + int record_type, int record_class, int record_length, + int record_index, + uint8_t *buffer, int buffer_max, + uint8_t **actual_record, int *actual_length) +{ + int ret = 0; + int current_index = record_index; + /* Check whether the record needs canonization */ + *actual_record = message + record_index; + *actual_length = record_length; + + if (record_class != GLDNS_RR_CLASS_IN) + { + /* + * No attempt at canonization outside the IN class. + */ + return 0; + } + + switch (record_type) + { + + case GLDNS_RR_TYPE_NS: + case GLDNS_RR_TYPE_CNAME: + case GLDNS_RR_TYPE_PTR: + case GLDNS_RR_TYPE_MD: + case GLDNS_RR_TYPE_MB: + case GLDNS_RR_TYPE_MF: + case GLDNS_RR_TYPE_MG: + case GLDNS_RR_TYPE_MR: + case GLDNS_RR_TYPE_NSAP_PTR: + /* + * copy the name in canonical form + */ + ret = mdns_util_canonical_flags_and_name(message, message_length, + record_length, current_index, 0, + buffer, buffer_max, actual_record, actual_length); + break; + + case GLDNS_RR_TYPE_A: + case GLDNS_RR_TYPE_AAAA: + case GLDNS_RR_TYPE_TXT: + case GLDNS_RR_TYPE_HINFO: + case GLDNS_RR_TYPE_MINFO: + case GLDNS_RR_TYPE_NULL: + case GLDNS_RR_TYPE_WKS: + case GLDNS_RR_TYPE_X25: + case GLDNS_RR_TYPE_ISDN: + case GLDNS_RR_TYPE_NSAP: + case GLDNS_RR_TYPE_SIG: + case GLDNS_RR_TYPE_KEY: + case GLDNS_RR_TYPE_GPOS: + case GLDNS_RR_TYPE_LOC: + case GLDNS_RR_TYPE_EID: + case GLDNS_RR_TYPE_NIMLOC: + /* leave the content as is, no domain name in content */ + break; + + case GLDNS_RR_TYPE_SRV: + /* + * Copy 6 octets for weight(2), priority(2) and port(2), + * then copy the name. + */ + ret = mdns_util_canonical_flags_and_name(message, message_length, + record_length, current_index, 6, + buffer, buffer_max, actual_record, actual_length); + break; + + case GLDNS_RR_TYPE_MX: + case GLDNS_RR_TYPE_RT: + case GLDNS_RR_TYPE_AFSDB: + /* + * copy two bytes preference or subtype, then + * copy the name in canonical form + */ + ret = mdns_util_canonical_flags_and_name(message, message_length, + record_length, current_index, 2, + buffer, buffer_max, actual_record, actual_length); + break; + + case GLDNS_RR_TYPE_NAPTR: + case GLDNS_RR_TYPE_SOA: + case GLDNS_RR_TYPE_RP: + case GLDNS_RR_TYPE_NXT: + case GLDNS_RR_TYPE_PX: + case GLDNS_RR_TYPE_ATMA: + /* + * Group of record types that are complex, and also + * unexpected in MDNS/DNS-SD operation. Copying the + * record directly will work as long as the sender + * does not attempt name compression. + * TODO: log some kind of error. + */ + break; +#if 0 + + /** RFC2915 */ + GLDNS_RR_TYPE_NAPTR = 35, + /** RFC2230 */ + GLDNS_RR_TYPE_KX = 36, + /** RFC2538 */ + GLDNS_RR_TYPE_CERT = 37, + /** RFC2874 */ + GLDNS_RR_TYPE_A6 = 38, + /** RFC2672 */ + GLDNS_RR_TYPE_DNAME = 39, + /** dnsind-kitchen-sink-02.txt */ + GLDNS_RR_TYPE_SINK = 40, + /** Pseudo OPT record... */ + GLDNS_RR_TYPE_OPT = 41, + /** RFC3123 */ + GLDNS_RR_TYPE_APL = 42, + /** RFC4034, RFC3658 */ + GLDNS_RR_TYPE_DS = 43, + /** SSH Key Fingerprint */ + GLDNS_RR_TYPE_SSHFP = 44, /* RFC 4255 */ + /** IPsec Key */ + GLDNS_RR_TYPE_IPSECKEY = 45, /* RFC 4025 */ + /** DNSSEC */ + GLDNS_RR_TYPE_RRSIG = 46, /* RFC 4034 */ + GLDNS_RR_TYPE_NSEC = 47, /* RFC 4034 */ + GLDNS_RR_TYPE_DNSKEY = 48, /* RFC 4034 */ + + GLDNS_RR_TYPE_DHCID = 49, /* RFC 4701 */ + /* NSEC3 */ + GLDNS_RR_TYPE_NSEC3 = 50, /* RFC 5155 */ + GLDNS_RR_TYPE_NSEC3PARAM = 51, /* RFC 5155 */ + GLDNS_RR_TYPE_NSEC3PARAMS = 51, + GLDNS_RR_TYPE_TLSA = 52, /* RFC 6698 */ + GLDNS_RR_TYPE_SMIMEA = 53, /* draft-ietf-dane-smime, TLSA-like but may + be extended */ + + GLDNS_RR_TYPE_HIP = 55, /* RFC 5205 */ + + /** draft-reid-dnsext-zs */ + GLDNS_RR_TYPE_NINFO = 56, + /** draft-reid-dnsext-rkey */ + GLDNS_RR_TYPE_RKEY = 57, + /** draft-ietf-dnsop-trust-history */ + GLDNS_RR_TYPE_TALINK = 58, + GLDNS_RR_TYPE_CDS = 59, /** RFC 7344 */ + GLDNS_RR_TYPE_CDNSKEY = 60, /** RFC 7344 */ + GLDNS_RR_TYPE_OPENPGPKEY = 61, /* RFC 7929 */ + GLDNS_RR_TYPE_CSYNC = 62, /* RFC 7477 */ + + GLDNS_RR_TYPE_SPF = 99, /* RFC 4408 */ + + GLDNS_RR_TYPE_UINFO = 100, + GLDNS_RR_TYPE_UID = 101, + GLDNS_RR_TYPE_GID = 102, + GLDNS_RR_TYPE_UNSPEC = 103, + + GLDNS_RR_TYPE_NID = 104, /* RFC 6742 */ + GLDNS_RR_TYPE_L32 = 105, /* RFC 6742 */ + GLDNS_RR_TYPE_L64 = 106, /* RFC 6742 */ + GLDNS_RR_TYPE_LP = 107, /* RFC 6742 */ + + /** draft-jabley-dnsext-eui48-eui64-rrtypes */ + GLDNS_RR_TYPE_EUI48 = 108, + GLDNS_RR_TYPE_EUI64 = 109, + + GLDNS_RR_TYPE_TKEY = 249, /* RFC 2930 */ + GLDNS_RR_TYPE_TSIG = 250, + GLDNS_RR_TYPE_IXFR = 251, + GLDNS_RR_TYPE_AXFR = 252, + /** A request for mailbox-related records (MB, MG or MR) */ + GLDNS_RR_TYPE_MAILB = 253, + /** A request for mail agent RRs (Obsolete - see MX) */ + GLDNS_RR_TYPE_MAILA = 254, + /** any type (wildcard) */ + GLDNS_RR_TYPE_ANY = 255, + GLDNS_RR_TYPE_URI = 256, /* RFC 7553 */ + GLDNS_RR_TYPE_CAA = 257, /* RFC 6844 */ +#endif + default: + /* + * Unknown record type. Not expected in MDNS/DNS-SD. Just keep the current value. + * TODO: log some kind of error. + */ + break; + } + + return ret; +} +/* + * Comparison and other functions required for cache management + */ + + /** + * Calculates the size of an entry. + * + * size = mdns_cache_size (key, data). + */ +static size_t mdns_cache_entry_size(void* vkey, void* vdata) +{ + size_t sz = 0; + + if (vkey != NULL) + { + sz += sizeof(getdns_mdns_cached_key_header) + ((getdns_mdns_cached_key_header*)vkey)->name_len; + } + + if (vdata != NULL) + { + sz += ((getdns_mdns_cached_record_header*)vdata)->allocated_length; + } + + return sz; +} + +/** type of function that compares two keys. return 0 if equal. */ +static int mdns_cache_key_comp(void* vkey1, void* vkey2) +{ + getdns_mdns_cached_key_header *header1 = (getdns_mdns_cached_key_header*)vkey1; + getdns_mdns_cached_key_header *header2 = (getdns_mdns_cached_key_header*)vkey2; + + return (header1->record_type == header2->record_type && + header1->record_class == header2->record_class && + header1->name_len == header2->name_len) + ? memcmp(((uint8_t*)vkey1) + sizeof(getdns_mdns_cached_key_header), + ((uint8_t*)vkey2) + sizeof(getdns_mdns_cached_key_header), + header1->name_len) + : -1; +} + +/** old keys are deleted. +* markdel() is used first. +* This function is called: func(key, userarg) +* the userarg is set to the context in which the LRU hash table was created. +* TODO: is there a need to free the lock in the embedded hash entry structure? +*/ +static void msdn_cache_delkey(void* vkey, void* vcontext) +{ + GETDNS_FREE(((struct getdns_context *) vcontext)->mf, vkey); +} + +/** old data is deleted. This function is called: func(data, userarg). + * Since we use the hash table for both data and requests, need to + * terminate whatever request was ongoing. TODO: we should have some smarts + * in cache management and never drop cached entries with active requests. + */ +static void msdn_cache_deldata(void* vdata, void* vcontext) +{ + getdns_mdns_cached_record_header* header = ((getdns_mdns_cached_record_header*)vdata); + + while (header->netreq_first) + { + /* Need to unchain the request from that entry */ + getdns_network_req* netreq = header->netreq_first; + header->netreq_first = netreq->mdns_netreq_next; + netreq->mdns_netreq_next = NULL; + + /* TODO: treating as a timeout for now, may consider treating as error */ + netreq->debug_end_time = _getdns_get_time_as_uintt64(); + _getdns_netreq_change_state(netreq, NET_REQ_TIMED_OUT); + if (netreq->owner->user_callback) { + (void)_getdns_context_request_timed_out(netreq->owner); + } + _getdns_check_dns_req_complete(netreq->owner); + + } + GETDNS_FREE(((struct getdns_context *) vcontext)->mf, vdata); +} + +/* + * Read the number of answers in a cached record + */ +static int +mdns_cache_nb_records_in_entry(uint8_t * cached_data) +{ + int message_index = sizeof(getdns_mdns_cached_record_header); + int nb_answers = (cached_data[message_index + MDNS_PACKET_INDEX_ANSWER] << 8) | + cached_data[message_index + MDNS_PACKET_INDEX_ANSWER + 1]; + + return nb_answers; +} + +/* + * Create a key in preallocated buffer + * the allocated size of key should be >= sizeof(getdns_mdns_cached_key_header) + name_len + */ +static void msdn_cache_create_key_in_buffer( + uint8_t* key, + uint8_t * name, int name_len, + int record_type, int record_class) +{ + getdns_mdns_cached_key_header * header = (getdns_mdns_cached_key_header*)key; + + memset(key, 0, sizeof(getdns_mdns_cached_key_header)); + header->record_type = record_type; + header->record_class = record_class; + header->name_len = name_len; + (void) memcpy(key + sizeof(getdns_mdns_cached_key_header), name, name_len); +} + +static uint8_t * mdns_cache_create_key( + uint8_t * name, int name_len, + int record_type, int record_class, + struct getdns_context * context) +{ + uint8_t* key = GETDNS_XMALLOC(context->mf, uint8_t, sizeof(getdns_mdns_cached_key_header) + name_len); + + if (key != NULL) + { + msdn_cache_create_key_in_buffer(key, name, name_len, record_type, record_class); + } + + return key; +} + +static uint8_t * mdns_cache_create_data( + uint8_t * name, int name_len, + int record_type, int record_class, + int record_data_len, + uint64_t current_time, + struct getdns_context * context) +{ + getdns_mdns_cached_record_header * header; + int current_index; + size_t data_size = sizeof(getdns_mdns_cached_record_header) + 12 + name_len + 4; + size_t alloc_size = mdns_util_suggest_size(data_size + record_data_len + 2 + 2 + 2 + 4 + 2); + + uint8_t* data = GETDNS_XMALLOC(context->mf, uint8_t, alloc_size); + + if (data != NULL) + { + header = (getdns_mdns_cached_record_header *)data; + header->insertion_microsec = current_time; + header->content_len = data_size; + header->allocated_length = alloc_size; + header->netreq_first = NULL; + current_index = sizeof(getdns_mdns_cached_record_header); + memset(data + current_index, 0, 12); + data[current_index + MDNS_PACKET_INDEX_QUERY + 1] = 1; /* 1 query present by default */ + current_index += 12; + memcpy(data + current_index, name, name_len); + current_index += name_len; + data[current_index++] = (uint8_t)(record_type >> 8); + data[current_index++] = (uint8_t)(record_type); + data[current_index++] = (uint8_t)(record_class >> 8); + data[current_index++] = (uint8_t)(record_class); + } + + return data; +} + + +/* + * Add a record. + */ +static int +mdns_add_record_to_cache_entry(struct getdns_context *context, + uint8_t * old_record, uint8_t ** new_record, + int record_type, int record_class, int ttl, + uint8_t * record_data, int record_data_len) +{ + int ret = 0; + getdns_mdns_cached_record_header *header = (getdns_mdns_cached_record_header*)old_record; + /* Compute the record length */ + uint32_t record_length = 2 + 2 + 2 + 4 + 2 + record_data_len; + uint32_t current_length = header->content_len; + /* update the number of records */ + uint8_t *start_answer_code = old_record + sizeof(getdns_mdns_cached_record_header) + MDNS_PACKET_INDEX_ANSWER; + uint16_t nb_answers = (start_answer_code[0] << 8) + start_answer_code[1]; + nb_answers++; + start_answer_code[0] = (uint8_t)(nb_answers >> 8); + start_answer_code[1] = (uint8_t)(nb_answers&0xFF); + + /* Update the content length and reallocate memory if needed */ + header->content_len += record_length; + if (header->content_len > header->allocated_length) + { + /* realloc to a new length, */ + do { + header->allocated_length = mdns_util_suggest_size(header->content_len); + } while (header->content_len > header->allocated_length); + + *new_record = GETDNS_XREALLOC(context->mf, old_record, uint8_t, header->allocated_length); + } + else + { + *new_record = old_record; + } + + if (*new_record == NULL) + { + ret = GETDNS_RETURN_MEMORY_ERROR; + } + else + { + /* copy the record */ + /* First, point name relative to beginning of DNS message */ + (*new_record)[current_length++] = 0xC0; + (*new_record)[current_length++] = 12; + /* encode the components of the per record header */ + (*new_record)[current_length++] = (uint8_t)((record_type >> 8) & 0xFF); + (*new_record)[current_length++] = (uint8_t)((record_type)& 0xFF); + (*new_record)[current_length++] = (uint8_t)((record_class >> 8) & 0xFF); + (*new_record)[current_length++] = (uint8_t)((record_class)& 0xFF); + (*new_record)[current_length++] = (uint8_t)((ttl >> 24) & 0xFF); + (*new_record)[current_length++] = (uint8_t)((ttl >> 16) & 0xFF); + (*new_record)[current_length++] = (uint8_t)((ttl >> 8) & 0xFF); + (*new_record)[current_length++] = (uint8_t)((ttl)& 0xFF); + (*new_record)[current_length++] = (uint8_t)((record_data_len >> 8) & 0xFF); + (*new_record)[current_length++] = (uint8_t)((record_data_len) & 0xFF); + memcpy(*new_record + current_length, record_data, record_data_len); + + } + + return ret; +} + +static int +mdns_update_cache_ttl_and_prune(struct getdns_context *context, + uint8_t * old_record, uint8_t ** new_record, + int record_type, int record_class, int ttl, + uint8_t * record_data, int record_data_len, + uint64_t current_time) +{ + /* + * Compute the TTL delta + */ + int ret = 0; + getdns_mdns_cached_record_header *header = (getdns_mdns_cached_record_header*)old_record; + uint32_t delta_t_sec = (uint32_t)((current_time - header->insertion_microsec) / 1000000ll); + header->insertion_microsec += delta_t_sec * 1000000; + int message_index; + int answer_index; + int nb_answers; + int nb_answers_left; + int current_record_length; + int current_record_data_len; + uint32_t current_record_ttl; + int not_matched_yet = (record_data == NULL) ? 0 : 1; + int last_copied_index; + int current_hole_index = 0; + int record_name_length = 0; + int record_ttl_index = 0; + + /* + * Skip the query + */ + message_index = sizeof(getdns_mdns_cached_record_header); + nb_answers = (old_record[message_index + MDNS_PACKET_INDEX_ANSWER] << 8) | + old_record[message_index + MDNS_PACKET_INDEX_ANSWER + 1]; + nb_answers_left = nb_answers; + answer_index = message_index + 12 + mdns_util_skip_query(old_record + message_index + 12); + last_copied_index = answer_index; + + /* + * Examine each record + */ + for (int i = 0; i < nb_answers; i++) + { + record_name_length = mdns_util_skip_name(old_record + answer_index); + record_ttl_index = answer_index + record_name_length + 2 + 2; + + current_record_ttl = (old_record[record_ttl_index] << 24) + | (old_record[record_ttl_index + 1] << 16) + | (old_record[record_ttl_index + 2] << 8) + | (old_record[record_ttl_index + 3]); + + current_record_data_len = (old_record[record_ttl_index + 4] << 8) + | (old_record[record_ttl_index + 5]); + + current_record_length = record_name_length + 2 + 2 + 4 + 2 + current_record_data_len; + + if (not_matched_yet && + current_record_data_len == record_data_len && + memcmp(old_record + record_ttl_index + 4 + 2, record_data, record_data_len) == 0) + { + not_matched_yet = 0; + current_record_ttl = ttl; + } + else + { + /* Not a match */ + if (current_record_ttl > delta_t_sec) + { + current_record_ttl -= delta_t_sec; + } + else + { + current_record_ttl = 0; + } + } + + if (current_record_ttl == 0) + { + nb_answers_left--; + + /* this record should be compacted away */ + if (current_hole_index == 0) + { + /* encountering the first hole in the message, + * no need to copy anything yet. + */ + last_copied_index = answer_index; + } + else if (current_hole_index != answer_index) + { + /* copy the data from hole to answer */ + memmove(old_record + last_copied_index, old_record + current_hole_index, + answer_index - current_hole_index); + last_copied_index += answer_index - current_hole_index; + } + + /* extend the current hole */ + current_hole_index = answer_index + current_record_length; + } + else + { + /* keeping this record, but updating the TTL */ + old_record[record_ttl_index] = (uint8_t)(current_record_ttl >> 24); + old_record[record_ttl_index + 1] = (uint8_t)(current_record_ttl >> 16); + old_record[record_ttl_index + 2] = (uint8_t)(current_record_ttl >> 8); + old_record[record_ttl_index + 3] = (uint8_t)(current_record_ttl); + } + /* progress to the next record */ + answer_index += current_record_length; + } + + /* if necessary, copy the pending data */ + if (current_hole_index != answer_index && current_hole_index != 0) + { + /* copy the data from hole to last answer */ + memmove(old_record + last_copied_index, old_record + current_hole_index, + answer_index - current_hole_index); + last_copied_index += answer_index - current_hole_index; + + /* dead assignment */ + /* answer_index = last_copied_index; */ + } + + /* if some records were deleted, update the record headers */ + if (nb_answers != nb_answers_left) + { + header->content_len = last_copied_index; + old_record[message_index + MDNS_PACKET_INDEX_ANSWER] = (uint8_t)(nb_answers_left >> 8); + old_record[message_index + MDNS_PACKET_INDEX_ANSWER + 1] = (uint8_t)(nb_answers_left); + } + + /* + * if the update was never seen, ask for an addition + */ + if (ttl > 0 && not_matched_yet) + { + mdns_add_record_to_cache_entry(context, old_record, new_record, + record_type, record_class, ttl, record_data, record_data_len); + nb_answers_left++; + } + else + { + *new_record = old_record; + } + + return ret; +} + +/* + * Get a cached entry by name and record type . + */ +static struct lruhash_entry * +mdns_access_cached_entry_by_name( +struct getdns_context *context, + uint8_t * name, int name_len, + int record_type, int record_class) +{ + uint8_t temp_key[256 + sizeof(getdns_mdns_cached_key_header)]; + hashvalue_type hash; + struct lruhash_entry *entry; + + msdn_cache_create_key_in_buffer(temp_key, name, name_len, record_type, record_class); + + /* TODO: make hash init value a random number in the context, for defense against DOS */ + hash = hashlittle(temp_key, name_len + sizeof(getdns_mdns_cached_key_header), 0xCAC8E); + + entry = lruhash_lookup(context->mdns_cache, hash, temp_key, 1); + + return entry; +} + + +/* +* Add entry function for the MDNS record cache. +*/ +static int +mdns_propose_entry_to_cache( + struct getdns_context *context, + uint8_t * name, int name_len, + int record_type, int record_class, int ttl, + uint8_t * record_data, int record_data_len, + getdns_network_req * netreq, + uint64_t current_time) +{ + int ret = 0; + uint8_t temp_key[256 + sizeof(getdns_mdns_cached_key_header)]; + hashvalue_type hash; + struct lruhash_entry *entry, *new_entry; + uint8_t *key, *data; + getdns_mdns_cached_record_header * header; + + msdn_cache_create_key_in_buffer(temp_key, name, name_len, record_type, record_class); + + + /* TODO: make hash init value a random number in the context, for defense against DOS */ + hash = hashlittle(temp_key, name_len + sizeof(getdns_mdns_cached_key_header), 0xCAC8E); + + entry = lruhash_lookup(context->mdns_cache, hash, temp_key, 1); + + if (entry == NULL && ttl != 0) + { + /* + * Create an empty entry. + */ + key = mdns_cache_create_key(name, name_len, record_type, record_class, context); + data = mdns_cache_create_data(name, name_len, record_type, record_class, + record_data_len, current_time, context); + + if (key == NULL || data == NULL) + { + if (key != NULL) + { + GETDNS_FREE(context->mf, key); + key = NULL; + } + + if (data != NULL) + { + GETDNS_FREE(context->mf, data); + data = NULL; + } + } + else + { + new_entry = &((getdns_mdns_cached_key_header*)key)->entry; + + memset(new_entry, 0, sizeof(struct lruhash_entry)); + lock_rw_init(&new_entry->lock); + new_entry->hash = hash; + new_entry->key = key; + new_entry->data = data; + + entry = lruhash_insert_or_retrieve(context->mdns_cache, hash, new_entry, data, NULL); + + if (entry != new_entry) + { + /* There was already an entry for this name, which is really weird. + * But it can in theory happen in a race condition. + */ + GETDNS_FREE(context->mf, key); + key = NULL; + GETDNS_FREE(context->mf, data); + data = NULL; + } + } + } + + if (entry != NULL) + { + if (record_data != NULL && record_data_len > 0) + ret = mdns_update_cache_ttl_and_prune(context, + (uint8_t*)entry->data, &data, + record_type, record_class, ttl, record_data, record_data_len, + current_time); + + if (netreq != NULL) + { + /* chain the continuous request to the cache line */ + header = (getdns_mdns_cached_record_header *) entry->data; + netreq->mdns_netreq_next = header->netreq_first; + header->netreq_first = netreq; + } + else + { + header = (getdns_mdns_cached_record_header *)entry->data; + + /* if the entry is empty, move it to the bottom of the LRU */ + if (mdns_cache_nb_records_in_entry((uint8_t*)(entry->data)) == 0 && + header->netreq_first == NULL) + { + lru_demote(context->mdns_cache, entry); + } + } + + /* then, unlock the entry */ + lock_rw_unlock(&entry->lock); + } + + return ret; +} + + +/* + * Serve a request from the cached value + */ +static int +mdns_complete_query_from_cache_entry( + getdns_network_req *netreq, + struct lruhash_entry *entry) +{ + int ret = 0; + uint8_t *packet = ((uint8_t *)entry->data) + sizeof(getdns_mdns_cached_record_header); + getdns_mdns_cached_record_header * header = (getdns_mdns_cached_record_header*)entry->data; + size_t packet_length = header->content_len - sizeof(getdns_mdns_cached_record_header); + getdns_network_req **prev_netreq; + int found = 0; + int nb_answers = mdns_cache_nb_records_in_entry((uint8_t *)entry->data); + + /* Clear the event associated to the query */ + GETDNS_CLEAR_EVENT(netreq->owner->loop, &netreq->event); + + /* remove the completed query from the waiting list */ + prev_netreq = &header->netreq_first; + while (*prev_netreq != NULL) + { + if (*prev_netreq == netreq) + { + *prev_netreq = netreq->mdns_netreq_next; + netreq->mdns_netreq_next = NULL; + found = 1; + break; + } + else + { + prev_netreq = &((*prev_netreq)->mdns_netreq_next); + } + } + + if (found) + { + if (nb_answers == 0) + { + } + else + { + /* copy the returned value in the response field */ + if (packet_length > netreq->wire_data_sz) + { + netreq->response = GETDNS_XREALLOC( + netreq->owner->context->mf, netreq->response, uint8_t, packet_length); + } + + if (netreq->response != NULL) + { + memcpy(netreq->response, packet, packet_length); + + netreq->response[MDNS_PACKET_INDEX_QCODE] = 0x84; + + netreq->response_len = packet_length; + netreq->debug_end_time = _getdns_get_time_as_uintt64(); + _getdns_netreq_change_state(netreq, NET_REQ_FINISHED); + _getdns_check_dns_req_complete(netreq->owner); + } + else + { + /* Fail the query? */ + netreq->response_len = 0; + netreq->debug_end_time = _getdns_get_time_as_uintt64(); + _getdns_netreq_change_state(netreq, NET_REQ_ERRORED); + _getdns_check_dns_req_complete(netreq->owner); + } + } + } + else + { + /* Failure */ + netreq->response_len = 0; + netreq->debug_end_time = _getdns_get_time_as_uintt64(); + _getdns_netreq_change_state(netreq, NET_REQ_ERRORED); + _getdns_check_dns_req_complete(netreq->owner); + } + + return ret; +} + +/* + * Processing of requests after cache update. + * This is coded as synchronous processing, under lock. This is probably wrong. + * It would be better to just collate the responses for now, and + * process the queries out of the loop. + */ +static int +mdns_cache_complete_queries( + struct getdns_context *context, + uint8_t * name, int name_len, + int record_type, int record_class) +{ + int ret = 0; + struct lruhash_entry *entry; + getdns_mdns_cached_record_header * header; + getdns_network_req * netreq; + + entry = mdns_access_cached_entry_by_name(context, name, name_len, record_type, record_class); + + if (entry != NULL) + { + if (entry->data != NULL) + { + header = (getdns_mdns_cached_record_header *)entry->data; + + while ((netreq = header->netreq_first) != NULL) + { + mdns_complete_query_from_cache_entry(netreq, entry); + } + } + lock_rw_unlock(&entry->lock); + } + + return ret; +} + +/* +* Timeout of multicast MDNS query +*/ +static void +mdns_mcast_timeout_cb(void *userarg) +{ + getdns_network_req *netreq = (getdns_network_req *)userarg; + getdns_dns_req *dnsreq = netreq->owner; + getdns_context *context = dnsreq->context; + + uint8_t temp_key[256 + sizeof(getdns_mdns_cached_key_header)]; + hashvalue_type hash; + struct lruhash_entry *entry; + int found = 0; + + DEBUG_MDNS("%s %-35s: MSG: %p\n", + MDNS_DEBUG_CLEANUP, __FUNC__, netreq); + + msdn_cache_create_key_in_buffer(temp_key, dnsreq->name, dnsreq->name_len, + netreq->request_type, dnsreq->request_class); + + + /* TODO: make hash init value a random number in the context, for defense against DOS */ + hash = hashlittle(temp_key, dnsreq->name_len + sizeof(getdns_mdns_cached_key_header), 0xCAC8E); + + /* Open the corresponding cache entry */ + entry = lruhash_lookup(context->mdns_cache, hash, temp_key, 1); + + if (entry != NULL) + { + if (entry->data != NULL) + { + /* Remove entry from chain and serve the query */ + found = 1; + mdns_complete_query_from_cache_entry(netreq, entry); + } + lock_rw_unlock(&entry->lock); + } + + if (!found) + { + /* Fail the request on timeout */ + netreq->response_len = 0; + netreq->debug_end_time = _getdns_get_time_as_uintt64(); + _getdns_netreq_change_state(netreq, NET_REQ_ERRORED); + _getdns_check_dns_req_complete(netreq->owner); + } +} + +/* + * Multicast receive event callback + */ +static void +mdns_udp_multicast_read_cb(void *userarg) +{ + mdns_network_connection * cnx = (mdns_network_connection *)userarg; + uint64_t current_time; + ssize_t read; + DEBUG_MDNS("%s %-35s: CTX: %p, NET=%d \n", MDNS_DEBUG_MREAD, + __FUNC__, cnx->context, cnx->addr_mcast.ss_family); + + current_time = _getdns_get_time_as_uintt64(); + + GETDNS_CLEAR_EVENT( + cnx->context->extension, &cnx->event); + + read = recvfrom(cnx->fd, (void *)cnx->response, + sizeof(cnx->response), 0, NULL, NULL); + + + if (read == -1 && _getdns_EWOULDBLOCK) + return; /* TODO: this will stop the receive loop! */ + + if (read >= GLDNS_HEADER_SIZE) + { + /* parse the response, find the relevant queries, submit the records to the cache */ + int opcodeAndflags = cnx->response[2]; + int nb_queries = (cnx->response[4] << 8) | cnx->response[5]; + int nb_responses = (cnx->response[6] << 8) | cnx->response[7]; + + if (opcodeAndflags != 0x84) + { + /* this is not an MDNS answer packet. */ + } + else + { + ssize_t current_index = 12; + uint8_t name[256]; + int name_len; + int record_type; + int record_class; + int record_ttl; + int record_data_len; + int nb_records = 0; + int nb_queries_skipped = 0; + int start_of_records; + int signalled_records = 0; + + /* + * In normal mDNS operation, there should not be any query here. + * But just in case, we can skip the queries... + */ + while (current_index < read && nb_queries_skipped < nb_queries) + { + current_index += mdns_util_skip_query(&cnx->response[current_index]); + nb_queries_skipped++; + } + start_of_records = current_index; + /* + * Parse the answers and propose them to the cache + */ + + while (current_index < read && nb_records < nb_responses) + { + /* Copy and skip the name */ + current_index = mdns_util_copy_name(cnx->response, read, current_index, + name, sizeof(name), 0, &name_len); + if (current_index + 12 >= read) + { + /* bogus packet.. Should log. */ + current_index = read; + } + else + { + /* Parse the record header */ + record_type = (cnx->response[current_index++] << 8); + record_type |= (cnx->response[current_index++]); + /* TODO: handle the cache flush bit! */ + record_class = (cnx->response[current_index++] << 8)&0x7F; + record_class |= (cnx->response[current_index++]); + record_ttl = (cnx->response[current_index++] << 24); + record_ttl |= (cnx->response[current_index++] << 16); + record_ttl |= (cnx->response[current_index++] << 8); + record_ttl |= (cnx->response[current_index++]); + record_data_len = (cnx->response[current_index++] << 8); + record_data_len |= (cnx->response[current_index++]); + + if (current_index + record_data_len <= read) + { + /* + * Set the record to canonical form. This is required, since + * MDNS software commonly uses name compression for PTR or SRV records. + */ + int actual_length; + uint8_t *actual_record; + uint8_t buffer[1024]; + + /* TODO: do something in case of canonization failures */ + (void) mdns_util_canonical_record(cnx->response, read, + record_type, record_class, record_data_len, current_index, + buffer, sizeof(buffer), &actual_record, &actual_length); + + + /* Submit to the cache. As a side effect, may signal that a continuous request is done. */ + (void) mdns_propose_entry_to_cache(cnx->context, name, name_len, + record_type, record_class, record_ttl, + actual_record, actual_length, NULL, + current_time); + + current_index += record_data_len; + nb_records++; + } + else + { + /* bogus packet.. Should log. */ + current_index = read; + } + } + } + + /* Go over the queries that were mentioned in the update, and prepare returns. */ + current_index = start_of_records; + while (current_index < read && signalled_records < nb_responses) + { + /* copy the name */ + current_index = mdns_util_copy_name(cnx->response, read, current_index, + name, sizeof(name), 0, &name_len); + if (current_index + 12 >= read) + { + /* bogus packet.. Should log. */ + current_index = read; + } + else + { + /* Parse the record header */ + record_type = (cnx->response[current_index++] << 8); + record_type |= (cnx->response[current_index++]); + record_class = (cnx->response[current_index++] << 8); + record_class |= (cnx->response[current_index++]); + current_index += 4; + record_data_len = (cnx->response[current_index++] << 8); + record_data_len |= (cnx->response[current_index++]); + current_index += record_data_len; + + /* process the pending requests */ + (void)mdns_cache_complete_queries(cnx->context, name, name_len, record_type, record_class); + } + } + } + } + else + { + /* bogus packet.. Should log. */ + } + + /* + * Relaunch the event, so we can go read the next packet. + */ + GETDNS_SCHEDULE_EVENT( + cnx->context->extension, cnx->fd, 0, + getdns_eventloop_event_init(&cnx->event, cnx, + mdns_udp_multicast_read_cb, NULL, NULL)); +} + +/* + * Create the two required multicast sockets + */ +static int mdns_open_ipv4_multicast(SOCKADDR_STORAGE* mcast_dest, int* mcast_dest_len) +{ + getdns_return_t ret = 0; + SOCKET fd4 = -1; + SOCKADDR_IN ipv4_dest; + SOCKADDR_IN ipv4_port; + BOOL so_reuse_bool = TRUE; + int so_reuse_bool_OptLen = sizeof(BOOL); + uint8_t ttl = 255; + IP_MREQ mreq4; + + memset(mcast_dest, 0, sizeof(SOCKADDR_STORAGE)); + *mcast_dest_len = 0; + memset(&ipv4_dest, 0, sizeof(ipv4_dest)); + memset(&ipv4_port, 0, sizeof(ipv4_dest)); + ipv4_dest.sin_family = AF_INET; + ipv4_dest.sin_port = htons(MDNS_MCAST_PORT); + ipv4_dest.sin_addr.s_addr = htonl(MDNS_MCAST_IPV4_LONG); + ipv4_port.sin_family = AF_INET; + ipv4_port.sin_port = htons(MDNS_MCAST_PORT); + /* memcpy(&ipv4_dest.sin_addr, mdns_mcast_ipv4, sizeof(mdns_mcast_ipv4)); */ + + + + fd4 = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); + + if (fd4 != -1) + { + /* + * No need to test the output of the so_reuse call, + * since the only result that matters is that of bind. + */ + (void)setsockopt(fd4, SOL_SOCKET, SO_REUSEADDR + , (const char*)&so_reuse_bool, so_reuse_bool_OptLen); + + if (bind(fd4, (SOCKADDR*)&ipv4_port, sizeof(ipv4_port)) != 0) + { + ret = -1; + } + else + { + mreq4.imr_multiaddr = ipv4_dest.sin_addr; + mreq4.imr_interface = ipv4_port.sin_addr; + + if (setsockopt(fd4, IPPROTO_IP, IP_ADD_MEMBERSHIP + , (const char*)&mreq4, (int) sizeof(mreq4)) != 0) + { + ret = -1; + } + else if (setsockopt(fd4, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl)) != 0) + { + ret = -1; + } + } + } + + if (ret != 0 && fd4 != -1) + { +#ifdef USE_WINSOCK + closesocket(fd4); +#else + close(fd4); +#endif + fd4 = -1; + } + + if (ret == 0) + { + memcpy(mcast_dest, &ipv4_dest, sizeof(ipv4_dest)); + *mcast_dest_len = sizeof(ipv4_dest); + } + + return fd4; +} + +static int mdns_open_ipv6_multicast(SOCKADDR_STORAGE* mcast_dest, int* mcast_dest_len) +{ + getdns_return_t ret = 0; + SOCKET fd6 = -1; + SOCKADDR_IN6 ipv6_dest; + SOCKADDR_IN6 ipv6_port; + uint8_t so_reuse_bool = 1; + uint8_t ttl = 255; + IPV6_MREQ mreq6; + + memset(mcast_dest, 0, sizeof(SOCKADDR_STORAGE)); + *mcast_dest_len = 0; + memset(&ipv6_dest, 0, sizeof(ipv6_dest)); + memset(&ipv6_port, 0, sizeof(ipv6_dest)); + ipv6_dest.sin6_family = AF_INET6; + ipv6_dest.sin6_port = htons(MDNS_MCAST_PORT); + ipv6_port.sin6_family = AF_INET6; + ipv6_port.sin6_port = htons(MDNS_MCAST_PORT); + memcpy(&ipv6_dest.sin6_addr + , mdns_mcast_ipv6, sizeof(mdns_mcast_ipv6)); + + + fd6 = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP); + + if (fd6 != -1) + { + /* + * No need to test the output of the so_reuse call, + * since the only result that matters is that of bind. + */ + (void)setsockopt(fd6, SOL_SOCKET, SO_REUSEADDR + , (const char*)&so_reuse_bool, (int) sizeof(BOOL)); + + if (bind(fd6, (SOCKADDR*)&ipv6_port, sizeof(ipv6_port)) != 0) + { + ret = -1; + } + else + { + memcpy(&mreq6.ipv6mr_multiaddr + , &ipv6_dest.sin6_addr, sizeof(mreq6.ipv6mr_multiaddr)); + memcpy(&mreq6.ipv6mr_interface + , &ipv6_port.sin6_addr, sizeof(mreq6.ipv6mr_interface)); + + if (setsockopt(fd6, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP + , (const char*)&mreq6, (int) sizeof(mreq6)) != 0) + { + ret = -1; + } + else if (setsockopt(fd6, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &ttl, sizeof(ttl)) != 0) + { + ret = -1; + } + } + } + + if (ret != 0 && fd6 != -1) + { +#ifdef USE_WINSOCK + closesocket(fd6); +#else + close(fd6); +#endif + fd6 = -1; + } + + if (ret == 0) + { + memcpy(mcast_dest, &ipv6_dest, sizeof(ipv6_dest)); + *mcast_dest_len = sizeof(ipv6_dest); + } + return fd6; +} + +/* + * Delayed opening of the MDNS sockets, and launch of the MDNS listeners + */ +static getdns_return_t mdns_delayed_network_init(struct getdns_context *context) +{ + getdns_return_t ret = 0; + + if (context->mdns_extended_support == 2) + { + context->mdns_cache = lruhash_create(128, 10000000, + mdns_cache_entry_size, mdns_cache_key_comp, + msdn_cache_delkey, msdn_cache_deldata, + context); + + if (context->mdns_cache == NULL) + { + ret = GETDNS_RETURN_MEMORY_ERROR; + } + else + { + context->mdns_connection = (mdns_network_connection *) + GETDNS_XMALLOC(context->my_mf, mdns_network_connection, 2); + + if (context->mdns_connection == NULL) + { + ret = GETDNS_RETURN_MEMORY_ERROR; + } + else + { + context->mdns_connection_nb = 2; + + context->mdns_connection[0].fd = mdns_open_ipv4_multicast( + &context->mdns_connection[0].addr_mcast + , &context->mdns_connection[0].addr_mcast_len); + context->mdns_connection[0].context = context; + context->mdns_connection[1].fd = mdns_open_ipv6_multicast( + &context->mdns_connection[1].addr_mcast + , &context->mdns_connection[1].addr_mcast_len); + context->mdns_connection[1].context = context; + + if (context->mdns_connection[0].fd == -1 || + context->mdns_connection[1].fd == -1) + { + ret = GETDNS_RETURN_GENERIC_ERROR; + } + else + { + /* TODO: launch the receive loops */ + for (int i = 0; i < 2; i++) + { + GETDNS_CLEAR_EVENT(context->extension, &context->mdns_connection[i].event); + GETDNS_SCHEDULE_EVENT( + context->extension, context->mdns_connection[i].fd, 0, + getdns_eventloop_event_init(&context->mdns_connection[i].event, + &context->mdns_connection[i], + mdns_udp_multicast_read_cb, NULL, NULL)); + } + } + + if (ret != 0) + { + for (int i = 0; i < 2; i++) + { + if (context->mdns_connection[i].fd != -1) + { + + GETDNS_CLEAR_EVENT(context->extension + , &context->mdns_connection[i].event); +#ifdef USE_WINSOCK + closesocket(context->mdns_connection[i].fd); +#else + close(context->mdns_connection[i].fd); +#endif + } + } + + GETDNS_FREE(context->my_mf, context->mdns_connection); + context->mdns_connection = NULL; + context->mdns_connection_nb = 0; + } + } /* mdns-connection != NULL */ + + if (ret != 0) + { + /* delete the cache that was just created, since the network connection failed */ + lruhash_delete(context->mdns_cache); + context->mdns_cache = NULL; + } + } /* cache != NULL */ + + context->mdns_extended_support = (ret == 0) ? 1 : 0; + } + + return ret; +} + +/* + * Initialize a continuous query from netreq + */ +static getdns_return_t mdns_initialize_continuous_request(getdns_network_req *netreq) +{ + getdns_return_t ret = 0; + getdns_dns_req *dnsreq = netreq->owner; + struct getdns_context *context = dnsreq->context; + + uint8_t temp_key[256 + sizeof(getdns_mdns_cached_key_header)]; + hashvalue_type hash; + struct lruhash_entry *entry; + size_t pkt_len = netreq->response - netreq->query; + + msdn_cache_create_key_in_buffer(temp_key, dnsreq->name, dnsreq->name_len, + netreq->request_type, dnsreq->request_class); + + /* TODO: make hash init value a random number in the context, for defense against DOS */ + hash = hashlittle(temp_key, dnsreq->name_len + sizeof(getdns_mdns_cached_key_header), 0xCAC8E); + + entry = lruhash_lookup(context->mdns_cache, hash, temp_key, 1); + + if (entry == NULL) + { + /* + * First, create an entry for the query + */ + + ret = mdns_propose_entry_to_cache(context, dnsreq->name, dnsreq->name_len, + netreq->request_type, dnsreq->request_class, 1, NULL, 0, + netreq, _getdns_get_time_as_uintt64()); + } + else + { + /* + * Check whether the cache entry is recent. + * If yes, just return it, but first update the entry tracking in the cache entry. + */ + + /* + * and unlock the entry! + */ + } + + if (ret == 0) + { + /* If the query is not actually complete, are a per query timer. */ + if (netreq->state < NET_REQ_FINISHED) + { + GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); + GETDNS_SCHEDULE_EVENT( + dnsreq->loop, -1, _getdns_ms_until_expiry(dnsreq->expires), + getdns_eventloop_event_init(&netreq->event, netreq, + NULL, NULL, mdns_mcast_timeout_cb)); + } + /* If the entry was created less than 1 sec ago, send a query */ + + if (context->mdns_connection_nb <= 0) + { + /* oops, no network! */ + ret = GETDNS_RETURN_GENERIC_ERROR; + } + else + { + /* TODO? Set TTL=255 for compliance with RFC 6762 */ + int fd_index = context->mdns_connection_nb - 1; + int sent = sendto( + context->mdns_connection[fd_index].fd + , (const void *)netreq->query, pkt_len, 0 + , (SOCKADDR*)&context->mdns_connection[fd_index].addr_mcast + , context->mdns_connection[fd_index].addr_mcast_len); + + if (sent < 0 || pkt_len != (size_t)sent) + { + ret = GETDNS_RETURN_GENERIC_ERROR; + } + + /* TODO: update the send query time */ + } + } + + return ret; +} + +/* + * Initialize the MDNS part of the context structure. + */ +void _getdns_mdns_context_init(struct getdns_context *context) +{ + context->mdns_extended_support = 2; /* 0 = no support, 1 = supported, 2 = initialization needed */ + context->mdns_connection = NULL; + context->mdns_connection_nb = 0; + context->mdns_cache = NULL; +} + +/* + * Delete all the data allocated for MDNS in a context + */ +void _getdns_mdns_context_destroy(struct getdns_context *context) +{ + /* Clear all the cached records. This will terminate all pending network requests */ + if (context->mdns_cache != NULL) + { + lruhash_delete(context->mdns_cache); + context->mdns_cache = NULL; + } + /* Close the connections */ + if (context->mdns_connection != NULL) + { + for (int i = 0; i < context->mdns_connection_nb; i++) + { + /* suppress the receive event */ + GETDNS_CLEAR_EVENT(context->extension, &context->mdns_connection[i].event); + /* close the socket */ +#ifdef USE_WINSOCK + closesocket(context->mdns_connection[i].fd); +#else + close(context->mdns_connection[i].fd); +#endif + } + + GETDNS_FREE(context->mf, context->mdns_connection); + context->mdns_connection = NULL; + context->mdns_connection_nb = 0; + } +} + +/* TODO: actualy delete what is required.. */ +static void +mdns_cleanup(getdns_network_req *netreq) +{ + DEBUG_MDNS("%s %-35s: MSG: %p\n", + MDNS_DEBUG_CLEANUP, __FUNC__, netreq); + getdns_dns_req *dnsreq = netreq->owner; + + GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); +} + +void +_getdns_cancel_mdns_request(getdns_network_req *netreq) +{ + mdns_cleanup(netreq); + if (netreq->fd >= 0) { +#ifdef USE_WINSOCK + closesocket(netreq->fd); +#else + close(netreq->fd); +#endif + } +} + +static void +mdns_timeout_cb(void *userarg) +{ + getdns_network_req *netreq = (getdns_network_req *)userarg; + DEBUG_MDNS("%s %-35s: MSG: %p\n", + MDNS_DEBUG_CLEANUP, __FUNC__, netreq); + + /* TODO: do we need a retry logic here? */ + + /* Check the required cleanup */ + mdns_cleanup(netreq); + if (netreq->fd >= 0) +#ifdef USE_WINSOCK + closesocket(netreq->fd); +#else + close(netreq->fd); +#endif + _getdns_netreq_change_state(netreq, NET_REQ_TIMED_OUT); + if (netreq->owner->user_callback) { + netreq->debug_end_time = _getdns_get_time_as_uintt64(); + (void)_getdns_context_request_timed_out(netreq->owner); + } + else + _getdns_check_dns_req_complete(netreq->owner); +} + + + +/*****************************************/ +/* UDP callback functions for basic MDNS */ +/*****************************************/ + +static void +mdns_udp_read_cb(void *userarg) +{ + getdns_network_req *netreq = (getdns_network_req *)userarg; + getdns_dns_req *dnsreq = netreq->owner; + ssize_t read; + DEBUG_MDNS("%s %-35s: MSG: %p \n", MDNS_DEBUG_READ, + __FUNC__, netreq); + + GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); + + read = recvfrom(netreq->fd, (void *)netreq->response, + netreq->max_udp_payload_size + 1, /* If read == max_udp_payload_size + * then all is good. If read == + * max_udp_payload_size + 1, then + * we receive more then requested! + * i.e. overflow + */ + 0, NULL, NULL); + if (read == -1 && _getdns_EWOULDBLOCK) + return; + + if (read < GLDNS_HEADER_SIZE) + return; /* Not DNS */ + + if (GLDNS_ID_WIRE(netreq->response) != netreq->query_id) + return; /* Cache poisoning attempt ;) */ + + // TODO: check whether EDNS server cookies are required for MDNS + + // TODO: check that the source address originates from the local network. + // TODO: check TTL = 255 + +#ifdef USE_WINSOCK + closesocket(netreq->fd); +#else + close(netreq->fd); +#endif + /* + * TODO: how to handle an MDNS response with TC bit set? + * Ignore it for now, as we do not support any kind of TCP fallback + * for basic MDNS. + */ + + netreq->response_len = read; + netreq->debug_end_time = _getdns_get_time_as_uintt64(); + _getdns_netreq_change_state(netreq, NET_REQ_FINISHED); + _getdns_check_dns_req_complete(dnsreq); +} + +static void +mdns_udp_write_cb(void *userarg) +{ + getdns_network_req *netreq = (getdns_network_req *)userarg; + getdns_dns_req *dnsreq = netreq->owner; + size_t pkt_len = netreq->response - netreq->query; + struct sockaddr_in mdns_mcast_v4; + int ttl = 255; + int r; + + DEBUG_MDNS("%s %-35s: MSG: %p \n", MDNS_DEBUG_WRITE, + __FUNC__, netreq); + + GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); + + netreq->debug_start_time = _getdns_get_time_as_uintt64(); + netreq->debug_udp = 1; + netreq->query_id = (uint16_t) arc4random(); + GLDNS_ID_SET(netreq->query, netreq->query_id); + + /* do we need to handle options valid in the MDNS context? */ + + /* Probably no need for TSIG in MDNS */ + + + /* Always use multicast address */ + mdns_mcast_v4.sin_family = AF_INET; + mdns_mcast_v4.sin_port = htons(MDNS_MCAST_PORT); + mdns_mcast_v4.sin_addr.s_addr = htonl(MDNS_MCAST_IPV4_LONG); + /* memcpy(&mdns_mcast_v4.sin_addr.s_addr, mdns_mcast_ipv4, sizeof(mdns_mcast_ipv4)); */ + + /* Set TTL=255 for compliance with RFC 6762 */ + r = setsockopt(netreq->fd, IPPROTO_IP, IP_TTL, (const char *)&ttl, sizeof(ttl)); + + if (r != 0 || + (ssize_t)pkt_len != sendto( + netreq->fd, (const void *)netreq->query, pkt_len, 0, + (struct sockaddr *)&mdns_mcast_v4, + sizeof(mdns_mcast_v4))) { +#ifdef USE_WINSOCK + closesocket(netreq->fd); +#else + close(netreq->fd); +#endif + return; + } + GETDNS_SCHEDULE_EVENT( + dnsreq->loop, netreq->fd, + _getdns_ms_until_expiry(dnsreq->expires), + getdns_eventloop_event_init(&netreq->event, netreq, + mdns_udp_read_cb, NULL, mdns_timeout_cb)); +} + +/* + * MDNS Request Submission + */ + +getdns_return_t +_getdns_submit_mdns_request(getdns_network_req *netreq) +{ + DEBUG_MDNS("%s %-35s: MSG: %p TYPE: %d\n", MDNS_DEBUG_ENTRY, __FUNC__, + netreq, netreq->request_type); + int fd = -1; + getdns_dns_req *dnsreq = netreq->owner; + struct getdns_context * context = dnsreq->context; + getdns_return_t ret = 0; + + /* + * TO DO: depending on context type, perform basic processing versus full MDNS + */ + + if (context->mdns_extended_support == 2) + { + /* Not initialize yet. Do it know before processing the query */ + ret = mdns_delayed_network_init(context); + + if (ret != 0) + { + return ret; + } + } + + if (context->mdns_extended_support == 1) + { + /* extended DNS support */ + ret = mdns_initialize_continuous_request(netreq); + } + else + { + /* basic MDNS request */ + + /* Open the UDP socket required for the request */ + if ((fd = socket( + AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1) + return -1; + /* TODO: do we need getdns_sock_nonblock(fd); */ + + /* Schedule the MDNS request */ + netreq->fd = fd; + GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); + GETDNS_SCHEDULE_EVENT( + dnsreq->loop, netreq->fd, + _getdns_ms_until_expiry(dnsreq->expires), + getdns_eventloop_event_init(&netreq->event, netreq, + NULL, mdns_udp_write_cb, mdns_timeout_cb)); + ret = GETDNS_RETURN_GOOD; + } + + return ret; +} + +/* + * MDNS name space management + */ + +static int +mdns_suffix_compare(register const uint8_t *d1, register const uint8_t *d2) +{ + int ret = 0; + uint8_t *d1_head = (uint8_t *) d1; + uint8_t *d1_current; + uint8_t *d2_current; + int is_matching = 0; + int part_length; + int i; + uint8_t c; + + /* Skip the first name part, since we want at least one label before the suffix */ + if (*d1_head != 0) + d1_head += *d1_head + 1; + + while (*d1_head != 0) + { + /* check whether we have a match at this point */ + d1_current = d1_head; + d2_current = (uint8_t *) d2; + is_matching = 0; + + /* compare length and value of all successive labels */ + while (*d1_current == *d2_current) + { + part_length = *d1_current; + if (part_length == 0) + { + /* We have reached the top label, there is a match */ + ret = 1; + break; + } + + /* The label's lengths are matching, check the content */ + is_matching = 1; + d1_current++; + d2_current++; + + for (i = 0; i < part_length; i++) + { + c = d1_current[i]; + if (isupper(c)) + c = tolower(c); + if (c != d2_current[i]) + { + is_matching = 0; + break; + } + } + + /* move the pointers to the next label */ + if (is_matching) + { + d1_current += part_length; + d2_current += part_length; + } + } + + /* if no match found yet, move to the next label of d1 */ + if (is_matching) + break; + else + d1_head += *d1_head + 1; + } + + return ret; +} + + +getdns_return_t +_getdns_mdns_namespace_check( + getdns_dns_req *dnsreq) +{ + getdns_return_t ret = GETDNS_RETURN_GENERIC_ERROR; + + /* Checking the prefixes defined in RFC 6762 */ + if (mdns_suffix_compare(dnsreq->name, mdns_suffix_dot_local) || + mdns_suffix_compare(dnsreq->name, mdns_suffix_254_169_in_addr_arpa) || + mdns_suffix_compare(dnsreq->name, mdns_suffix_8_e_f_ip6_arpa) || + mdns_suffix_compare(dnsreq->name, mdns_suffix_9_e_f_ip6_arpa) || + mdns_suffix_compare(dnsreq->name, mdns_suffix_a_e_f_ip6_arpa) || + mdns_suffix_compare(dnsreq->name, mdns_suffix_b_e_f_ip6_arpa)) + ret = GETDNS_RETURN_GOOD; + + return ret; +} + +#endif /* HAVE_MDNS_SUPPORT */ + +#ifdef MDNS_UNIT_TEST + +/* + * Test adding data to the LRU Cache + */ + +static BYTE mdns_exampleRRAM[] = { + 0, 0, /* Transaction ID = 0 */ + 0x84, 0, /* Answer: QR=1 (80), AA=1 (04) */ + 0, 0, /* QD Count = 0 */ + 0, 1, /* AN Count = 1 */ + 0, 0, /* NS Count = 0 */ + 0, 0, /* AD Count = 0 */ + 7, /* length of "example" name part */ + 'e', 'x', 'a', 'm', 'p', 'l', 'e', + 5, /* length of "local" name part */ + 'l', 'o', 'c', 'a', 'l', + 0, /* length of the root name part */ + 0, 1, /* QTYPE = 1, A record */ + 0, 1, /* QCLASS = 1, IN */ + 0, 0, 0, 255, /* TTL: 255 sec */ + 0, 4, /* length of RDATA */ + 10, 0, 0, 1 /* Value of RDATA (some IPv4 address) */ +}; + + +uint8_t mdns_test_name[] = { + 7, /* length of "example" name part */ + 't', 'e', 's', 't', 'i', 'n', 'g', + 5, /* length of "local" name part */ + 'l', 'o', 'c', 'a', 'l', + 0, /* length of the root name part */ +}; + +uint8_t mdns_test_first_address[4] = { 10, 0, 0, 1 }; +uint8_t mdns_test_second_address[4] = { 10, 0, 0, 2 }; +uint8_t mdns_test_third_address[4] = { 10, 0, 0, 3 }; + +int mdns_finalize_lru_test(struct getdns_context* context, + uint8_t * name, int name_len, int record_type, int record_class, + int expected_nb_records, + uint8_t * buffer, size_t buffer_max, size_t* entry_length) +{ + int ret = 0; + /* verify that the entry is there */ + struct lruhash_entry * entry = + mdns_access_cached_entry_by_name(context, name, name_len, record_type, record_class); + + + *entry_length = 0; + + if (entry == NULL) + { + if (expected_nb_records != 0) + ret = -1; + } + else + { + int nbanswers = mdns_cache_nb_records_in_entry((uint8_t*)entry->data); + if (nbanswers != expected_nb_records) + { + ret = -2; + } + + if (buffer != NULL) + { + getdns_mdns_cached_record_header * header = + (getdns_mdns_cached_record_header*)entry->data; + size_t record_length = header->content_len - sizeof(getdns_mdns_cached_record_header); + + if (record_length > buffer_max) + { + ret = -3; + } + else + { + memcpy(buffer, ((uint8_t *)entry->data) + sizeof(getdns_mdns_cached_record_header), + record_length); + *entry_length = record_length; + } + } + + lock_rw_unlock(&entry->lock); + } + + return ret; +} + +int mdns_addition_test(struct getdns_context* context, + uint8_t * buffer, size_t buffer_max, size_t* entry_length) +{ + int ret = + mdns_propose_entry_to_cache(context, mdns_test_name, sizeof(mdns_test_name), 1, 1, 255, + mdns_test_first_address, 4, NULL, _getdns_get_time_as_uintt64()); + + if (ret == 0) + { + ret = mdns_finalize_lru_test(context, mdns_test_name, sizeof(mdns_test_name), 1, 1, + 1, buffer, buffer_max, entry_length); + } + + return ret; +} + +int mdns_addition_test2(struct getdns_context* context, + uint8_t * buffer, size_t buffer_max, size_t* entry_length) +{ + int ret = + mdns_propose_entry_to_cache(context, mdns_test_name, sizeof(mdns_test_name), 1, 1, 255, + mdns_test_first_address, 4, NULL, _getdns_get_time_as_uintt64()); + + if (ret == 0) + { + /* add a second entry, with a different value */ + ret = + mdns_propose_entry_to_cache(context, mdns_test_name, sizeof(mdns_test_name), 1, 1, 255, + mdns_test_second_address, 4, NULL, _getdns_get_time_as_uintt64()); + } + + if (ret == 0) + { + /* add a third entry, with a different value */ + ret = + mdns_propose_entry_to_cache(context, mdns_test_name, sizeof(mdns_test_name), 1, 1, 255, + mdns_test_third_address, 4, NULL, _getdns_get_time_as_uintt64()); + } + + if (ret == 0) + { + ret = mdns_finalize_lru_test(context, mdns_test_name, sizeof(mdns_test_name), 1, 1, + 3, buffer, buffer_max, entry_length); + } + + return ret; +} + +int mdns_deletion_test(struct getdns_context* context, + uint8_t * buffer, size_t buffer_max, size_t* entry_length) +{ + /* insert data with TTL = 0 to trigger suppression */ + int ret = + mdns_propose_entry_to_cache(context, mdns_test_name, sizeof(mdns_test_name), 1, 1, 0, + mdns_test_second_address, 4, NULL, _getdns_get_time_as_uintt64()); + + if (ret == 0) + { + ret = mdns_finalize_lru_test(context, mdns_test_name, sizeof(mdns_test_name), 1, 1, + 2, buffer, buffer_max, entry_length); + } + + return ret; +} + +int mdns_deletion_test2(struct getdns_context* context, + uint8_t * buffer, size_t buffer_max, size_t* entry_length) +{ + /* insert data with TTL = 0 to trigger suppression */ + int ret = + mdns_propose_entry_to_cache(context, mdns_test_name, sizeof(mdns_test_name), 1, 1, 0, + mdns_test_first_address, 4, NULL, _getdns_get_time_as_uintt64()); + + if (ret == 0) + { + ret = + mdns_propose_entry_to_cache(context, mdns_test_name, sizeof(mdns_test_name), 1, 1, 0, + mdns_test_third_address, 4, NULL, _getdns_get_time_as_uintt64()); + } + + if (ret == 0) + { + ret = mdns_finalize_lru_test(context, mdns_test_name, sizeof(mdns_test_name), 1, 1, + 0, buffer, buffer_max, entry_length); + } + + return ret; +} + + +int mdns_test_prepare(struct getdns_context* context) +{ + return mdns_delayed_network_init(context); +} + +#endif diff --git a/src/mdns.h b/src/mdns.h new file mode 100644 index 00000000..b7c7d20c --- /dev/null +++ b/src/mdns.h @@ -0,0 +1,121 @@ +/* +* Functions for MDNS resolving. +*/ + +/* +* Copyright (c) 2016 Christian Huitema +* +* Permission to use, copy, modify, and distribute this software for any +* purpose with or without fee is hereby granted, provided that the above +* copyright notice and this permission notice appear in all copies. +* +* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +*/ + +#ifndef MDNS_H +#define MDNS_H + +#ifdef HAVE_MDNS_SUPPORT +#include "getdns/getdns.h" +#include "types-internal.h" +#include "util/lruhash.h" +#include "config.h" + +#ifndef USE_WINSOCK +#define SOCKADDR_STORAGE struct sockaddr_storage +#endif + +getdns_return_t +_getdns_submit_mdns_request(getdns_network_req *netreq); + +getdns_return_t +_getdns_mdns_namespace_check(getdns_dns_req *dnsreq); + +/* + * data structure for continuous queries + */ + +typedef struct getdns_mdns_known_record +{ + /* For storage in context->mdns_known_records_by_value */ + _getdns_rbnode_t node; + uint64_t insertion_microsec; + uint16_t record_type; + uint16_t record_class; + uint32_t ttl; + int name_len; + int record_data_len; + uint8_t* name; + uint8_t * record_data; +} getdns_mdns_known_record; + +/* + * Each entry in the hash table is keyed by type, class and name. + * The key structure also contains the LRU hash entry structure. + * The data part contains: + * - 64 bit time stamp + * - 32 bit word describing the record size + * - 32 bit word describing teh allocated memory size + * - valid DNS response, including 1 query and N answers, 0 AUTH, 0 AD. + * For economy, the names of all answers are encoded using header compression, pointing + * to the name in the query, i.e. offset 12 from beginning of message. + * For stability, the names included in the data part of records are not compressed. + */ + +typedef struct getdns_mdns_cached_key_header +{ + /* embedded entry, for LRU hash */ + struct lruhash_entry entry; + /* identification */ + uint16_t record_type; + uint16_t record_class; + int name_len; + /* the octets following this structure contain the name */ +} getdns_mdns_cached_key_header; + +typedef struct getdns_mdns_cached_record_header +{ + uint64_t insertion_microsec; + uint32_t content_len; + uint32_t allocated_length; + /* list of user queries */ + getdns_network_req *netreq_first; +} getdns_mdns_cached_record_header; + +typedef struct getdns_mdns_continuous_query +{ + /* For storage in context->mdns_continuous_queries_by_name_rrtype */ + _getdns_rbnode_t node; + uint8_t name[256]; /* binary representation of name being queried */ + int name_len; + uint16_t request_class; + uint16_t request_type; + /* list of user queries */ + getdns_network_req *netreq_first; + /* todo: do we need an expiration date, or a timer? */ + /* todo: do we need an update mark for showing last results? */ +} getdns_mdns_continuous_query; + +typedef struct mdns_network_connection +{ + struct getdns_context* context; + int fd; + int addr_mcast_len; + SOCKADDR_STORAGE addr_mcast; + getdns_eventloop_event event; + uint8_t response[1500]; +} mdns_network_connection; + + +void _getdns_mdns_context_init(struct getdns_context *context); +void _getdns_mdns_context_destroy(struct getdns_context *context); + +#endif /* HAVE_MDNS_SUPPORT */ + +#endif /* MDNS_H */ diff --git a/src/mk-symfiles.sh b/src/mk-symfiles.sh index 878196b9..597657b7 100755 --- a/src/mk-symfiles.sh +++ b/src/mk-symfiles.sh @@ -3,7 +3,7 @@ write_symbols() { OUTPUT=$1 shift - grep 'getdns_[0-9a-zA-Z_]*(' $* | grep -v '^#' | grep -v 'INLINE' \ + grep 'getdns_[0-9a-zA-Z_]*(' $* | grep -v '^#' | grep -v 'INLINE' | grep -v 'getdns_extra\.h\.in: \* if' \ | sed -e 's/(.*$//g' -e 's/^.*getdns_/getdns_/g' | LC_ALL=C sort | uniq > $OUTPUT } diff --git a/src/pubkey-pinning.c b/src/pubkey-pinning.c index 8a2250d8..a960ab66 100644 --- a/src/pubkey-pinning.c +++ b/src/pubkey-pinning.c @@ -56,6 +56,10 @@ #include "context.h" #include "util-internal.h" +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) +#define X509_STORE_CTX_get0_untrusted(store) store->untrusted +#endif + /* we only support sha256 at the moment. adding support for another digest is more complex than just adding another entry here. in particular, you'll probably need a match for a particular cert @@ -93,7 +97,7 @@ getdns_dict* getdns_pubkey_pin_create_from_string( const char* str) { BIO *bio = NULL; - int i; + size_t i; uint8_t buf[SHA256_DIGEST_LENGTH]; char inbuf[B64_ENCODED_SHA256_LENGTH + 1]; getdns_bindata value = { .size = SHA256_DIGEST_LENGTH, .data = buf }; @@ -310,15 +314,27 @@ _getdns_get_pubkey_pinset_list(getdns_context *ctx, see doc/HOWTO/proxy_certificates.txt as an example */ static int -_get_ssl_getdns_upstream_idx() +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) +_get_ssl_getdns_upstream_idx(void) +#else +_get_ssl_getdns_upstream_idx(X509_STORE *store) +#endif { static volatile int idx = -1; if (idx < 0) { +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); +#else + X509_STORE_lock(store); +#endif if (idx < 0) idx = SSL_get_ex_new_index(0, "associated getdns upstream", NULL,NULL,NULL); +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); +#else + X509_STORE_unlock(store); +#endif } return idx; } @@ -326,7 +342,11 @@ _get_ssl_getdns_upstream_idx() getdns_upstream* _getdns_upstream_from_x509_store(X509_STORE_CTX *store) { +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) int uidx = _get_ssl_getdns_upstream_idx(); +#else + int uidx = _get_ssl_getdns_upstream_idx(X509_STORE_CTX_get0_store(store)); +#endif int sslidx = SSL_get_ex_data_X509_STORE_CTX_idx(); const SSL *ssl; @@ -344,7 +364,11 @@ getdns_return_t _getdns_associate_upstream_with_SSL(SSL *ssl, getdns_upstream *upstream) { +#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) int uidx = _get_ssl_getdns_upstream_idx(); +#else + int uidx = _get_ssl_getdns_upstream_idx(SSL_CTX_get_cert_store(SSL_get_SSL_CTX(ssl))); +#endif if (SSL_set_ex_data(ssl, uidx, upstream)) return GETDNS_RETURN_GOOD; else @@ -358,10 +382,10 @@ _getdns_verify_pinset_match(const sha256_pin_t *pinset, X509_STORE_CTX *store) { getdns_return_t ret = GETDNS_RETURN_GENERIC_ERROR; - X509 *x; + X509 *x, *prev = NULL; int i, len; unsigned char raw[4096]; - unsigned char *next = raw; + unsigned char *next; unsigned char buf[sizeof(pinset->pin)]; const sha256_pin_t *p; @@ -383,33 +407,45 @@ _getdns_verify_pinset_match(const sha256_pin_t *pinset, /* TODO: how do we handle raw public keys? */ - for (i = 0; i < sk_X509_num(store->untrusted); i++) { - if (i > 0) { - /* TODO: how do we ensure that the certificates in - * each stage appropriately sign the previous one? - * for now, to be safe, we only examine the end-entity - * cert: */ - return GETDNS_RETURN_GENERIC_ERROR; - } + for (i = 0; i < sk_X509_num(X509_STORE_CTX_get0_untrusted(store)); i++, prev = x) { - x = sk_X509_value(store->untrusted, i); + x = sk_X509_value(X509_STORE_CTX_get0_untrusted(store), i); #if defined(STUB_DEBUG) && STUB_DEBUG DEBUG_STUB("%s %-35s: Name of cert: %d ", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, i); + STUB_DEBUG_SETUP_TLS, __FUNC__, i); X509_NAME_print_ex_fp(stderr, X509_get_subject_name(x), 1, XN_FLAG_ONELINE); fprintf(stderr, "\n"); #endif + if (i > 0) { + /* we ensure that "prev" is signed by "x" */ + EVP_PKEY *pkey = X509_get_pubkey(x); + int verified; + if (!pkey) { + DEBUG_STUB("%s %-35s: Could not get pubkey from cert %d (%p)\n", + STUB_DEBUG_SETUP_TLS, __FUNC__, i, (void*)x); + return GETDNS_RETURN_GENERIC_ERROR; + } + verified = X509_verify(prev, pkey); + EVP_PKEY_free(pkey); + if (!verified) { + DEBUG_STUB("%s %-35s: cert %d (%p) was not signed by cert %d\n", + STUB_DEBUG_SETUP_TLS, __FUNC__, i-1, (void*)prev, i); + return GETDNS_RETURN_GENERIC_ERROR; + } + } + /* digest the cert with sha256 */ len = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), NULL); - if (len > sizeof(raw)) { + if (len > (int)sizeof(raw)) { DEBUG_STUB("%s %-35s: Pubkey %d is larger than "PRIsz" octets\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, i, sizeof(raw)); + STUB_DEBUG_SETUP_TLS, __FUNC__, i, sizeof(raw)); continue; } + next = raw; i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &next); if (next - raw != len) { DEBUG_STUB("%s %-35s: Pubkey %d claimed it needed %d octets, really needed "PRIsz"\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, i, len, next - raw); + STUB_DEBUG_SETUP_TLS, __FUNC__, i, len, next - raw); continue; } SHA256(raw, len, buf); @@ -418,11 +454,11 @@ _getdns_verify_pinset_match(const sha256_pin_t *pinset, for (p = pinset; p; p = p->next) if (0 == memcmp(buf, p->pin, sizeof(p->pin))) { DEBUG_STUB("%s %-35s: Pubkey %d matched pin %p ("PRIsz")\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, i, p, sizeof(p->pin)); + STUB_DEBUG_SETUP_TLS, __FUNC__, i, (void*)p, sizeof(p->pin)); return GETDNS_RETURN_GOOD; } else DEBUG_STUB("%s %-35s: Pubkey %d did not match pin %p\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, i, p); + STUB_DEBUG_SETUP_TLS, __FUNC__, i, (void*)p); } return ret; diff --git a/src/request-internal.c b/src/request-internal.c index e75c9b4f..d1e3596b 100644 --- a/src/request-internal.c +++ b/src/request-internal.c @@ -43,6 +43,7 @@ #include "dict.h" #include "debug.h" #include "convert.h" +#include "general.h" /* MAXIMUM_TSIG_SPACE = TSIG name (dname) : 256 * TSIG type (uint16_t) : 2 @@ -65,20 +66,20 @@ getdns_dict dnssec_ok_checking_disabled_spc = { { RBTREE_NULL, 0, (int (*)(const void *, const void *)) strcmp }, - { 0 } + { NULL, {{ NULL, NULL, NULL }}} }; getdns_dict *dnssec_ok_checking_disabled = &dnssec_ok_checking_disabled_spc; getdns_dict dnssec_ok_checking_disabled_roadblock_avoidance_spc = { { RBTREE_NULL, 0, (int (*)(const void *, const void *)) strcmp }, - { 0 } + { NULL, {{ NULL, NULL, NULL }}} }; getdns_dict *dnssec_ok_checking_disabled_roadblock_avoidance = &dnssec_ok_checking_disabled_roadblock_avoidance_spc; getdns_dict dnssec_ok_checking_disabled_avoid_roadblocks_spc = { { RBTREE_NULL, 0, (int (*)(const void *, const void *)) strcmp }, - { 0 } + { NULL, {{ NULL, NULL, NULL }}} }; getdns_dict *dnssec_ok_checking_disabled_avoid_roadblocks = &dnssec_ok_checking_disabled_avoid_roadblocks_spc; @@ -109,6 +110,9 @@ network_req_cleanup(getdns_network_req *net_req) if (net_req->response && (net_req->response < net_req->wire_data || net_req->response > net_req->wire_data+ net_req->wire_data_sz)) GETDNS_FREE(net_req->owner->my_mf, net_req->response); + if (net_req->debug_tls_peer_cert.size && + net_req->debug_tls_peer_cert.data) + OPENSSL_free(net_req->debug_tls_peer_cert.data); } static uint8_t * @@ -118,7 +122,7 @@ netreq_reset(getdns_network_req *net_req) /* variables that need to be reset on reinit */ net_req->unbound_id = -1; - net_req->state = NET_REQ_NOT_SENT; + _getdns_netreq_change_state(net_req, NET_REQ_NOT_SENT); net_req->dnssec_status = GETDNS_DNSSEC_INDETERMINATE; net_req->tsig_status = GETDNS_DNSSEC_INDETERMINATE; net_req->query_id = 0; @@ -181,8 +185,14 @@ network_req_init(getdns_network_req *net_req, getdns_dns_req *owner, net_req->write_queue_tail = NULL; /* Some fields to record info for return_call_reporting */ net_req->debug_tls_auth_status = GETDNS_AUTH_NONE; + net_req->debug_tls_peer_cert.size = 0; + net_req->debug_tls_peer_cert.data = NULL; net_req->debug_udp = 0; + /* Scheduling, touch only via _getdns_netreq_change_state! + */ + net_req->state = NET_REQ_NOT_SENT; + if (max_query_sz == 0) { net_req->query = NULL; net_req->opt = NULL; @@ -262,10 +272,10 @@ _getdns_network_req_clear_upstream_options(getdns_network_req * req) { size_t pktlen; if (req->opt) { - gldns_write_uint16(req->opt + 9, req->base_query_option_sz); + gldns_write_uint16(req->opt + 9, (uint16_t) req->base_query_option_sz); req->response = req->opt + 11 + req->base_query_option_sz; pktlen = req->response - req->query; - gldns_write_uint16(req->query - 2, pktlen); + gldns_write_uint16(req->query - 2, (uint16_t) pktlen); } } @@ -383,7 +393,7 @@ _getdns_network_req_add_tsig(getdns_network_req *req) #endif tsig_info = _getdns_get_tsig_info(upstream->tsig_alg); - gldns_buffer_init_frm_data(&gbuf, req->response, MAXIMUM_TSIG_SPACE); + gldns_buffer_init_vfixed_frm_data(&gbuf, req->response, MAXIMUM_TSIG_SPACE); gldns_buffer_write(&gbuf, upstream->tsig_dname, upstream->tsig_dname_len); /* Name */ gldns_buffer_write_u16(&gbuf, GETDNS_RRCLASS_ANY); /* Class */ @@ -428,7 +438,7 @@ _getdns_network_req_add_tsig(getdns_network_req *req) gldns_buffer_write_u16(&gbuf, GETDNS_RRCLASS_ANY); /* Class */ gldns_buffer_write_u32(&gbuf, 0); /* TTL */ gldns_buffer_write_u16(&gbuf, - tsig_info->dname_len + 10 + md_len + 6); /* RdLen */ + (uint16_t)(tsig_info->dname_len + 10 + md_len + 6)); /* RdLen */ gldns_buffer_write(&gbuf, tsig_info->dname, tsig_info->dname_len); /* Algorithm Name */ gldns_buffer_write_u48(&gbuf, time(NULL)); /* Time Signed */ @@ -474,7 +484,7 @@ _getdns_network_validate_tsig(getdns_network_req *req) HMAC_CTX ctx_space; #endif - DEBUG_STUB("%s %-35s: Validate TSIG\n", STUB_DEBUG_TSIG, __FUNCTION__); + DEBUG_STUB("%s %-35s: Validate TSIG\n", STUB_DEBUG_TSIG, __FUNC__); for ( rr = _getdns_rr_iter_init(&rr_spc, req->query, (req->response - req->query)) ; rr @@ -491,7 +501,7 @@ _getdns_network_validate_tsig(getdns_network_req *req) if (request_mac_len != rdf->nxt - rdf->pos - 2) return; DEBUG_STUB("%s %-35s: Request MAC found length %d\n", - STUB_DEBUG_TSIG, __FUNCTION__, (int)(request_mac_len)); + STUB_DEBUG_TSIG, __FUNC__, (int)(request_mac_len)); request_mac = rdf->pos + 2; @@ -548,7 +558,7 @@ _getdns_network_validate_tsig(getdns_network_req *req) if (response_mac_len != rdf->nxt - rdf->pos - 2) return; DEBUG_STUB("%s %-35s: Response MAC found length: %d\n", - STUB_DEBUG_TSIG, __FUNCTION__, (int)(response_mac_len)); + STUB_DEBUG_TSIG, __FUNC__, (int)(response_mac_len)); response_mac = rdf->pos + 2; if (!(rdf = _getdns_rdf_iter_next(rdf)) || @@ -565,7 +575,7 @@ _getdns_network_validate_tsig(getdns_network_req *req) return; gldns_buffer_write_u16(&gbuf, 0); /* Other len */ - other_len = gldns_read_uint16(rdf->pos); + other_len = (uint8_t) gldns_read_uint16(rdf->pos); if (other_len != rdf->nxt - rdf->pos - 2) return; if (other_len) @@ -573,7 +583,7 @@ _getdns_network_validate_tsig(getdns_network_req *req) /* TSIG found */ DEBUG_STUB("%s %-35s: TSIG found, original ID: %d\n", - STUB_DEBUG_TSIG, __FUNCTION__, (int)original_id); + STUB_DEBUG_TSIG, __FUNC__, (int)original_id); gldns_write_uint16(req->response + 10, gldns_read_uint16(req->response + 10) - 1); @@ -614,7 +624,7 @@ _getdns_network_validate_tsig(getdns_network_req *req) HMAC_Final(ctx, result_mac, &result_mac_len); DEBUG_STUB("%s %-35s: Result MAC length: %d\n", - STUB_DEBUG_TSIG, __FUNCTION__, (int)(result_mac_len)); + STUB_DEBUG_TSIG, __FUNC__, (int)(result_mac_len)); if (result_mac_len == response_mac_len && memcmp(result_mac, response_mac, result_mac_len) == 0) req->tsig_status = GETDNS_DNSSEC_SECURE; @@ -644,7 +654,7 @@ _getdns_dns_req_free(getdns_dns_req * req) network_req_cleanup(*net_req); /* clear timeout event */ - if (req->timeout.timeout_cb) { + if (req->loop && req->loop->vmt && req->timeout.timeout_cb) { req->loop->vmt->clear(req->loop, &req->timeout); req->timeout.timeout_cb = NULL; } @@ -658,7 +668,8 @@ static const uint8_t no_suffixes[] = { 1, 0 }; /* create a new dns req to be submitted */ getdns_dns_req * _getdns_dns_req_new(getdns_context *context, getdns_eventloop *loop, - const char *name, uint16_t request_type, getdns_dict *extensions) + const char *name, uint16_t request_type, getdns_dict *extensions, + uint64_t *now_ms) { int dnssec_return_status = is_extension_set( extensions, "dnssec_return_status", @@ -759,17 +770,26 @@ _getdns_dns_req_new(getdns_context *context, getdns_eventloop *loop, edns_do_bit = context->edns_do_bit; if (have_add_opt_parameters) { - if (!getdns_dict_get_int(add_opt_parameters, + if (getdns_dict_get_int(add_opt_parameters, "maximum_udp_payload_size", - &get_edns_maximum_udp_payload_size)) + &get_edns_maximum_udp_payload_size)) { + if (!getdns_dict_get_int( + add_opt_parameters, "udp_payload_size", + &get_edns_maximum_udp_payload_size)) + edns_maximum_udp_payload_size = + get_edns_maximum_udp_payload_size; + } else edns_maximum_udp_payload_size = get_edns_maximum_udp_payload_size; + (void) getdns_dict_get_int(add_opt_parameters, "extended_rcode", &edns_extended_rcode); (void) getdns_dict_get_int(add_opt_parameters, "version", &edns_version); - (void) getdns_dict_get_int(add_opt_parameters, - "do_bit", &edns_do_bit); + if (getdns_dict_get_int(add_opt_parameters, + "do_bit", &edns_do_bit)) + (void) getdns_dict_get_int( + add_opt_parameters, "do", &edns_do_bit); } } if (have_add_opt_parameters && getdns_dict_get_list( @@ -891,9 +911,7 @@ _getdns_dns_req_new(getdns_context *context, getdns_eventloop *loop, } result->context = context; result->loop = loop; - result->canceled = 0; - result->trans_id = (((uint64_t)arc4random()) << 32) | - ((uint64_t)arc4random()); + result->trans_id = (uint64_t) (intptr_t) result; result->dnssec_return_status = dnssec_return_status; result->dnssec_return_only_secure = dnssec_return_only_secure; result->dnssec_return_all_statuses = dnssec_return_all_statuses; @@ -935,12 +953,15 @@ _getdns_dns_req_new(getdns_context *context, getdns_eventloop *loop, result->finished_next = NULL; result->freed = NULL; result->validating = 0; + result->is_dns_request = 1; + result->request_timed_out = 0; + result->chain = NULL; network_req_init(result->netreqs[0], result, request_type, dnssec_extension_set, with_opt, edns_maximum_udp_payload_size, edns_extended_rcode, edns_version, edns_do_bit, - opt_options_size, noptions, options, + (uint16_t) opt_options_size, noptions, options, netreq_sz - sizeof(getdns_network_req), max_query_sz, extensions); @@ -951,9 +972,14 @@ _getdns_dns_req_new(getdns_context *context, getdns_eventloop *loop, dnssec_extension_set, with_opt, edns_maximum_udp_payload_size, edns_extended_rcode, edns_version, edns_do_bit, - opt_options_size, noptions, options, + (uint16_t) opt_options_size, noptions, options, netreq_sz - sizeof(getdns_network_req), max_query_sz, extensions); + if (*now_ms == 0 && (*now_ms = _getdns_get_now_ms()) == 0) + result->expires = 0; + else + result->expires = *now_ms + context->timeout; + return result; } diff --git a/src/rr-dict.c b/src/rr-dict.c index 76972997..b269e19b 100644 --- a/src/rr-dict.c +++ b/src/rr-dict.c @@ -47,6 +47,7 @@ static const uint8_t * apl_n_rdf_end(const uint8_t *pkt, const uint8_t *pkt_end, const uint8_t *rdf) { + (void)pkt; return rdf < pkt_end ? rdf + 1 : NULL; } static getdns_return_t @@ -107,6 +108,7 @@ apl_afdpart_rdf_end( const uint8_t *pkt, const uint8_t *pkt_end, const uint8_t *rdf) { const uint8_t *end = rdf + (rdf[-1] & 0x7F); + (void)(pkt); return end <= pkt_end ? end : NULL; } static getdns_return_t @@ -335,6 +337,7 @@ static const uint8_t * hip_pk_algorithm_rdf_end( const uint8_t *pkt, const uint8_t *pkt_end, const uint8_t *rdf) { + (void)(pkt); return rdf + 4 > pkt_end ? NULL : rdf + 4 + *rdf + gldns_read_uint16(rdf + 2) > pkt_end ? NULL : rdf + 1; @@ -397,6 +400,7 @@ static _getdns_rdf_special hip_pk_algorithm = { static const uint8_t * hip_hit_rdf_end(const uint8_t *pkt, const uint8_t *pkt_end, const uint8_t *rdf) { + (void)(pkt); return rdf + 3 > pkt_end ? NULL : rdf + 3 + rdf[-1] + gldns_read_uint16(rdf + 1) > pkt_end ? NULL : rdf + 1; @@ -429,7 +433,7 @@ hip_hit_2wire( return GETDNS_RETURN_NEED_MORE_SPACE; } *rdf_len = value->size; - rdata[0] = value->size; + rdata[0] = (uint8_t) value->size; (void)memcpy(rdf, value->data, value->size); return GETDNS_RETURN_GOOD; } @@ -467,6 +471,7 @@ static const uint8_t * hip_public_key_rdf_end( const uint8_t *pkt, const uint8_t *pkt_end, const uint8_t *rdf) { + (void)(pkt); return rdf + 2 > pkt_end ? NULL : rdf + 2 + rdf[-2] + gldns_read_uint16(rdf) > pkt_end ? NULL : rdf + 2 + rdf[-2] + gldns_read_uint16(rdf); @@ -501,7 +506,7 @@ hip_public_key_2wire( return GETDNS_RETURN_NEED_MORE_SPACE; } *rdf_len = value->size; - gldns_write_uint16(rdata + 2, value->size); + gldns_write_uint16(rdata + 2, (uint16_t) value->size); (void)memcpy(rdf, value->data, value->size); return GETDNS_RETURN_GOOD; } @@ -537,222 +542,222 @@ static _getdns_rdf_special hip_public_key = { static _getdns_rdata_def a_rdata[] = { - { "ipv4_address" , GETDNS_RDF_A }}; + { "ipv4_address" , GETDNS_RDF_A , NULL }}; static _getdns_rdata_def ns_rdata[] = { - { "nsdname" , GETDNS_RDF_N_C }}; + { "nsdname" , GETDNS_RDF_N_C , NULL }}; static _getdns_rdata_def md_rdata[] = { - { "madname" , GETDNS_RDF_N_C }}; + { "madname" , GETDNS_RDF_N_C , NULL }}; static _getdns_rdata_def cname_rdata[] = { - { "cname" , GETDNS_RDF_N_C }}; + { "cname" , GETDNS_RDF_N_C , NULL }}; static _getdns_rdata_def soa_rdata[] = { - { "mname" , GETDNS_RDF_N_C }, - { "rname" , GETDNS_RDF_N_C }, - { "serial" , GETDNS_RDF_I4 }, - { "refresh" , GETDNS_RDF_I4 }, - { "retry" , GETDNS_RDF_I4 }, - { "expire" , GETDNS_RDF_I4 }, - { "minimum" , GETDNS_RDF_I4 }}; + { "mname" , GETDNS_RDF_N_C , NULL }, + { "rname" , GETDNS_RDF_N_C , NULL }, + { "serial" , GETDNS_RDF_I4 , NULL }, + { "refresh" , GETDNS_RDF_I4 , NULL }, + { "retry" , GETDNS_RDF_I4 , NULL }, + { "expire" , GETDNS_RDF_I4 , NULL }, + { "minimum" , GETDNS_RDF_I4 , NULL }}; static _getdns_rdata_def mg_rdata[] = { - { "mgmname" , GETDNS_RDF_N_C }}; + { "mgmname" , GETDNS_RDF_N_C , NULL }}; static _getdns_rdata_def mr_rdata[] = { - { "newname" , GETDNS_RDF_N_C }}; + { "newname" , GETDNS_RDF_N_C , NULL }}; static _getdns_rdata_def null_rdata[] = { - { "anything" , GETDNS_RDF_X }}; + { "anything" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def wks_rdata[] = { - { "address" , GETDNS_RDF_A }, - { "protocol" , GETDNS_RDF_I1 }, - { "bitmap" , GETDNS_RDF_X }}; + { "address" , GETDNS_RDF_A , NULL }, + { "protocol" , GETDNS_RDF_I1 , NULL }, + { "bitmap" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def ptr_rdata[] = { - { "ptrdname" , GETDNS_RDF_N_C }}; + { "ptrdname" , GETDNS_RDF_N_C , NULL }}; static _getdns_rdata_def hinfo_rdata[] = { - { "cpu" , GETDNS_RDF_S }, - { "os" , GETDNS_RDF_S }}; + { "cpu" , GETDNS_RDF_S , NULL }, + { "os" , GETDNS_RDF_S , NULL }}; static _getdns_rdata_def minfo_rdata[] = { - { "rmailbx" , GETDNS_RDF_N_C }, - { "emailbx" , GETDNS_RDF_N_C }}; + { "rmailbx" , GETDNS_RDF_N_C , NULL }, + { "emailbx" , GETDNS_RDF_N_C , NULL }}; static _getdns_rdata_def mx_rdata[] = { - { "preference" , GETDNS_RDF_I2 }, - { "exchange" , GETDNS_RDF_N_C }}; + { "preference" , GETDNS_RDF_I2 , NULL }, + { "exchange" , GETDNS_RDF_N_C , NULL }}; static _getdns_rdata_def txt_rdata[] = { - { "txt_strings" , GETDNS_RDF_S_M }}; + { "txt_strings" , GETDNS_RDF_S_M , NULL }}; static _getdns_rdata_def rp_rdata[] = { - { "mbox_dname" , GETDNS_RDF_N }, - { "txt_dname" , GETDNS_RDF_N }}; + { "mbox_dname" , GETDNS_RDF_N , NULL }, + { "txt_dname" , GETDNS_RDF_N , NULL }}; static _getdns_rdata_def afsdb_rdata[] = { - { "subtype" , GETDNS_RDF_I2 }, - { "hostname" , GETDNS_RDF_N }}; + { "subtype" , GETDNS_RDF_I2 , NULL }, + { "hostname" , GETDNS_RDF_N , NULL }}; static _getdns_rdata_def x25_rdata[] = { - { "psdn_address" , GETDNS_RDF_S }}; + { "psdn_address" , GETDNS_RDF_S , NULL }}; static _getdns_rdata_def isdn_rdata[] = { - { "isdn_address" , GETDNS_RDF_S }, - { "sa" , GETDNS_RDF_S }}; + { "isdn_address" , GETDNS_RDF_S , NULL }, + { "sa" , GETDNS_RDF_S , NULL }}; static _getdns_rdata_def rt_rdata[] = { - { "preference" , GETDNS_RDF_I2 }, - { "intermediate_host" , GETDNS_RDF_N }}; + { "preference" , GETDNS_RDF_I2 , NULL }, + { "intermediate_host" , GETDNS_RDF_N , NULL }}; static _getdns_rdata_def nsap_rdata[] = { - { "nsap" , GETDNS_RDF_X }}; + { "nsap" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def sig_rdata[] = { - { "sig_obsolete" , GETDNS_RDF_X }}; + { "sig_obsolete" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def key_rdata[] = { - { "key_obsolete" , GETDNS_RDF_X }}; + { "key_obsolete" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def px_rdata[] = { - { "preference" , GETDNS_RDF_I2 }, - { "map822" , GETDNS_RDF_N }, - { "mapx400" , GETDNS_RDF_N }}; + { "preference" , GETDNS_RDF_I2 , NULL }, + { "map822" , GETDNS_RDF_N , NULL }, + { "mapx400" , GETDNS_RDF_N , NULL }}; static _getdns_rdata_def gpos_rdata[] = { - { "longitude" , GETDNS_RDF_S }, - { "latitude" , GETDNS_RDF_S }, - { "altitude" , GETDNS_RDF_S }}; + { "longitude" , GETDNS_RDF_S , NULL }, + { "latitude" , GETDNS_RDF_S , NULL }, + { "altitude" , GETDNS_RDF_S , NULL }}; static _getdns_rdata_def aaaa_rdata[] = { - { "ipv6_address" , GETDNS_RDF_AAAA }}; + { "ipv6_address" , GETDNS_RDF_AAAA , NULL }}; static _getdns_rdata_def loc_rdata[] = { - { "loc_obsolete" , GETDNS_RDF_X }}; + { "loc_obsolete" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def nxt_rdata[] = { - { "nxt_obsolete" , GETDNS_RDF_X }}; + { "nxt_obsolete" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def srv_rdata[] = { - { "priority" , GETDNS_RDF_I2 }, - { "weight" , GETDNS_RDF_I2 }, - { "port" , GETDNS_RDF_I2 }, - { "target" , GETDNS_RDF_N }}; + { "priority" , GETDNS_RDF_I2 , NULL }, + { "weight" , GETDNS_RDF_I2 , NULL }, + { "port" , GETDNS_RDF_I2 , NULL }, + { "target" , GETDNS_RDF_N , NULL }}; static _getdns_rdata_def atma_rdata[] = { - { "format" , GETDNS_RDF_X }}; + { "format" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def naptr_rdata[] = { - { "order" , GETDNS_RDF_I2 }, - { "preference" , GETDNS_RDF_I2 }, - { "flags" , GETDNS_RDF_S }, - { "service" , GETDNS_RDF_S }, - { "regexp" , GETDNS_RDF_S }, - { "replacement" , GETDNS_RDF_N }}; + { "order" , GETDNS_RDF_I2 , NULL }, + { "preference" , GETDNS_RDF_I2 , NULL }, + { "flags" , GETDNS_RDF_S , NULL }, + { "service" , GETDNS_RDF_S , NULL }, + { "regexp" , GETDNS_RDF_S , NULL }, + { "replacement" , GETDNS_RDF_N , NULL }}; static _getdns_rdata_def kx_rdata[] = { - { "preference" , GETDNS_RDF_I2 }, - { "exchanger" , GETDNS_RDF_N }}; + { "preference" , GETDNS_RDF_I2 , NULL }, + { "exchanger" , GETDNS_RDF_N , NULL }}; static _getdns_rdata_def cert_rdata[] = { - { "type" , GETDNS_RDF_I2 }, - { "key_tag" , GETDNS_RDF_I2 }, - { "algorithm" , GETDNS_RDF_I1 }, - { "certificate_or_crl" , GETDNS_RDF_B }}; + { "type" , GETDNS_RDF_I2 , NULL }, + { "key_tag" , GETDNS_RDF_I2 , NULL }, + { "algorithm" , GETDNS_RDF_I1 , NULL }, + { "certificate_or_crl" , GETDNS_RDF_B , NULL }}; static _getdns_rdata_def a6_rdata[] = { - { "a6_obsolete" , GETDNS_RDF_X }}; + { "a6_obsolete" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def dname_rdata[] = { - { "target" , GETDNS_RDF_N }}; + { "target" , GETDNS_RDF_N , NULL }}; static _getdns_rdata_def opt_rdata[] = { - { "options" , GETDNS_RDF_R }, - { "option_code" , GETDNS_RDF_I2 }, - { "option_data" , GETDNS_RDF_X_S }}; + { "options" , GETDNS_RDF_R , NULL }, + { "option_code" , GETDNS_RDF_I2 , NULL }, + { "option_data" , GETDNS_RDF_X_S , NULL }}; static _getdns_rdata_def apl_rdata[] = { - { "apitems" , GETDNS_RDF_R }, - { "address_family" , GETDNS_RDF_I2 }, - { "prefix" , GETDNS_RDF_I1 }, + { "apitems" , GETDNS_RDF_R , NULL }, + { "address_family" , GETDNS_RDF_I2 , NULL }, + { "prefix" , GETDNS_RDF_I1 , NULL }, { "n" , GETDNS_RDF_SPECIAL, &apl_n }, { "afdpart" , GETDNS_RDF_SPECIAL, &apl_afdpart }}; static _getdns_rdata_def ds_rdata[] = { - { "key_tag" , GETDNS_RDF_I2 }, - { "algorithm" , GETDNS_RDF_I1 }, - { "digest_type" , GETDNS_RDF_I1 }, - { "digest" , GETDNS_RDF_X }}; + { "key_tag" , GETDNS_RDF_I2 , NULL }, + { "algorithm" , GETDNS_RDF_I1 , NULL }, + { "digest_type" , GETDNS_RDF_I1 , NULL }, + { "digest" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def sshfp_rdata[] = { - { "algorithm" , GETDNS_RDF_I1 }, - { "fp_type" , GETDNS_RDF_I1 }, - { "fingerprint" , GETDNS_RDF_X }}; + { "algorithm" , GETDNS_RDF_I1 , NULL }, + { "fp_type" , GETDNS_RDF_I1 , NULL }, + { "fingerprint" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def ipseckey_rdata[] = { - { "algorithm" , GETDNS_RDF_I1 }, - { "gateway_type" , GETDNS_RDF_I1 }, - { "precedence" , GETDNS_RDF_I1 }, + { "algorithm" , GETDNS_RDF_I1 , NULL }, + { "gateway_type" , GETDNS_RDF_I1 , NULL }, + { "precedence" , GETDNS_RDF_I1 , NULL }, { "gateway" , GETDNS_RDF_SPECIAL, &ipseckey_gateway }, - { "public_key" , GETDNS_RDF_B }}; + { "public_key" , GETDNS_RDF_B , NULL }}; static _getdns_rdata_def rrsig_rdata[] = { - { "type_covered" , GETDNS_RDF_I2 }, - { "algorithm" , GETDNS_RDF_I1 }, - { "labels" , GETDNS_RDF_I1 }, - { "original_ttl" , GETDNS_RDF_I4 }, - { "signature_expiration" , GETDNS_RDF_T }, - { "signature_inception" , GETDNS_RDF_T }, - { "key_tag" , GETDNS_RDF_I2 }, - { "signers_name" , GETDNS_RDF_N }, - { "signature" , GETDNS_RDF_B }}; + { "type_covered" , GETDNS_RDF_I2 , NULL }, + { "algorithm" , GETDNS_RDF_I1 , NULL }, + { "labels" , GETDNS_RDF_I1 , NULL }, + { "original_ttl" , GETDNS_RDF_I4 , NULL }, + { "signature_expiration" , GETDNS_RDF_T , NULL }, + { "signature_inception" , GETDNS_RDF_T , NULL }, + { "key_tag" , GETDNS_RDF_I2 , NULL }, + { "signers_name" , GETDNS_RDF_N , NULL }, + { "signature" , GETDNS_RDF_B , NULL }}; static _getdns_rdata_def nsec_rdata[] = { - { "next_domain_name" , GETDNS_RDF_N }, - { "type_bit_maps" , GETDNS_RDF_X }}; + { "next_domain_name" , GETDNS_RDF_N , NULL }, + { "type_bit_maps" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def dnskey_rdata[] = { - { "flags" , GETDNS_RDF_I2 }, - { "protocol" , GETDNS_RDF_I1 }, - { "algorithm" , GETDNS_RDF_I1 }, - { "public_key" , GETDNS_RDF_B }}; + { "flags" , GETDNS_RDF_I2 , NULL }, + { "protocol" , GETDNS_RDF_I1 , NULL }, + { "algorithm" , GETDNS_RDF_I1 , NULL }, + { "public_key" , GETDNS_RDF_B , NULL }}; static _getdns_rdata_def dhcid_rdata[] = { - { "dhcid_opaque" , GETDNS_RDF_B }}; + { "dhcid_opaque" , GETDNS_RDF_B , NULL }}; static _getdns_rdata_def nsec3_rdata[] = { - { "hash_algorithm" , GETDNS_RDF_I1 }, - { "flags" , GETDNS_RDF_I1 }, - { "iterations" , GETDNS_RDF_I2 }, - { "salt" , GETDNS_RDF_X_C }, - { "next_hashed_owner_name" , GETDNS_RDF_B32_C}, - { "type_bit_maps" , GETDNS_RDF_X }}; + { "hash_algorithm" , GETDNS_RDF_I1 , NULL }, + { "flags" , GETDNS_RDF_I1 , NULL }, + { "iterations" , GETDNS_RDF_I2 , NULL }, + { "salt" , GETDNS_RDF_X_C , NULL }, + { "next_hashed_owner_name" , GETDNS_RDF_B32_C , NULL }, + { "type_bit_maps" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def nsec3param_rdata[] = { - { "hash_algorithm" , GETDNS_RDF_I1 }, - { "flags" , GETDNS_RDF_I1 }, - { "iterations" , GETDNS_RDF_I2 }, - { "salt" , GETDNS_RDF_X_C }}; + { "hash_algorithm" , GETDNS_RDF_I1 , NULL }, + { "flags" , GETDNS_RDF_I1 , NULL }, + { "iterations" , GETDNS_RDF_I2 , NULL }, + { "salt" , GETDNS_RDF_X_C , NULL }}; static _getdns_rdata_def tlsa_rdata[] = { - { "certificate_usage" , GETDNS_RDF_I1 }, - { "selector" , GETDNS_RDF_I1 }, - { "matching_type" , GETDNS_RDF_I1 }, - { "certificate_association_data", GETDNS_RDF_X }}; + { "certificate_usage" , GETDNS_RDF_I1 , NULL }, + { "selector" , GETDNS_RDF_I1 , NULL }, + { "matching_type" , GETDNS_RDF_I1 , NULL }, + { "certificate_association_data", GETDNS_RDF_X , NULL }}; static _getdns_rdata_def hip_rdata[] = { { "pk_algorithm" , GETDNS_RDF_SPECIAL, &hip_pk_algorithm }, { "hit" , GETDNS_RDF_SPECIAL, &hip_hit }, { "public_key" , GETDNS_RDF_SPECIAL, &hip_public_key }, - { "rendezvous_servers" , GETDNS_RDF_N_M }}; + { "rendezvous_servers" , GETDNS_RDF_N_M , NULL }}; static _getdns_rdata_def csync_rdata[] = { - { "serial" , GETDNS_RDF_I4 }, - { "flags" , GETDNS_RDF_I2 }, - { "type_bit_maps" , GETDNS_RDF_X }}; + { "serial" , GETDNS_RDF_I4 , NULL }, + { "flags" , GETDNS_RDF_I2 , NULL }, + { "type_bit_maps" , GETDNS_RDF_X , NULL }}; static _getdns_rdata_def spf_rdata[] = { - { "text" , GETDNS_RDF_S_M }}; + { "text" , GETDNS_RDF_S_M , NULL }}; static _getdns_rdata_def nid_rdata[] = { - { "preference" , GETDNS_RDF_I2 }, - { "node_id" , GETDNS_RDF_AA }}; + { "preference" , GETDNS_RDF_I2 , NULL }, + { "node_id" , GETDNS_RDF_AA , NULL }}; static _getdns_rdata_def l32_rdata[] = { - { "preference" , GETDNS_RDF_I2 }, - { "locator32" , GETDNS_RDF_A }}; + { "preference" , GETDNS_RDF_I2 , NULL }, + { "locator32" , GETDNS_RDF_A , NULL }}; static _getdns_rdata_def l64_rdata[] = { - { "preference" , GETDNS_RDF_I2 }, - { "locator64" , GETDNS_RDF_AA }}; + { "preference" , GETDNS_RDF_I2 , NULL }, + { "locator64" , GETDNS_RDF_AA , NULL }}; static _getdns_rdata_def lp_rdata[] = { - { "preference" , GETDNS_RDF_I2 }, - { "fqdn" , GETDNS_RDF_N }}; + { "preference" , GETDNS_RDF_I2 , NULL }, + { "fqdn" , GETDNS_RDF_N , NULL }}; static _getdns_rdata_def eui48_rdata[] = { - { "eui48_address" , GETDNS_RDF_X6 }}; + { "eui48_address" , GETDNS_RDF_X6 , NULL }}; static _getdns_rdata_def eui64_rdata[] = { - { "eui64_address" , GETDNS_RDF_X8 }}; + { "eui64_address" , GETDNS_RDF_X8 , NULL }}; static _getdns_rdata_def tkey_rdata[] = { - { "algorithm" , GETDNS_RDF_N }, - { "inception" , GETDNS_RDF_T }, - { "expiration" , GETDNS_RDF_T }, - { "mode" , GETDNS_RDF_I2 }, - { "error" , GETDNS_RDF_I2 }, - { "key_data" , GETDNS_RDF_X_S }, - { "other_data" , GETDNS_RDF_X_S }}; + { "algorithm" , GETDNS_RDF_N , NULL }, + { "inception" , GETDNS_RDF_T , NULL }, + { "expiration" , GETDNS_RDF_T , NULL }, + { "mode" , GETDNS_RDF_I2 , NULL }, + { "error" , GETDNS_RDF_I2 , NULL }, + { "key_data" , GETDNS_RDF_X_S , NULL }, + { "other_data" , GETDNS_RDF_X_S , NULL }}; static _getdns_rdata_def tsig_rdata[] = { - { "algorithm" , GETDNS_RDF_N }, - { "time_signed" , GETDNS_RDF_T6 }, - { "fudge" , GETDNS_RDF_I2 }, - { "mac" , GETDNS_RDF_X_S }, - { "original_id" , GETDNS_RDF_I2 }, - { "error" , GETDNS_RDF_I2 }, - { "other_data" , GETDNS_RDF_X_S }}; + { "algorithm" , GETDNS_RDF_N , NULL }, + { "time_signed" , GETDNS_RDF_T6 , NULL }, + { "fudge" , GETDNS_RDF_I2 , NULL }, + { "mac" , GETDNS_RDF_X_S , NULL }, + { "original_id" , GETDNS_RDF_I2 , NULL }, + { "error" , GETDNS_RDF_I2 , NULL }, + { "other_data" , GETDNS_RDF_X_S , NULL }}; static _getdns_rdata_def uri_rdata[] = { - { "priority" , GETDNS_RDF_I2 }, - { "weight" , GETDNS_RDF_I2 }, - { "target" , GETDNS_RDF_S_L }}; + { "priority" , GETDNS_RDF_I2 , NULL }, + { "weight" , GETDNS_RDF_I2 , NULL }, + { "target" , GETDNS_RDF_S_L , NULL }}; static _getdns_rdata_def caa_rdata[] = { - { "flags" , GETDNS_RDF_I1 }, - { "tag" , GETDNS_RDF_S }, - { "value" , GETDNS_RDF_S_L }}; + { "flags" , GETDNS_RDF_I1 , NULL }, + { "tag" , GETDNS_RDF_S , NULL }, + { "value" , GETDNS_RDF_S_L , NULL }}; static _getdns_rdata_def dlv_rdata[] = { - { "key_tag" , GETDNS_RDF_I2 }, - { "algorithm" , GETDNS_RDF_I1 }, - { "digest_type" , GETDNS_RDF_I1 }, - { "digest" , GETDNS_RDF_X }}; + { "key_tag" , GETDNS_RDF_I2 , NULL }, + { "algorithm" , GETDNS_RDF_I1 , NULL }, + { "digest_type" , GETDNS_RDF_I1 , NULL }, + { "digest" , GETDNS_RDF_X , NULL }}; static _getdns_rr_def _getdns_rr_defs[] = { { NULL, NULL, 0 }, diff --git a/src/rr-dict.h b/src/rr-dict.h index 6ab52b88..e19e0387 100644 --- a/src/rr-dict.h +++ b/src/rr-dict.h @@ -138,7 +138,7 @@ typedef struct _getdns_rdata_def { typedef struct _getdns_rr_def { const char *name; const _getdns_rdata_def *rdata; - int n_rdata_fields; + size_t n_rdata_fields; } _getdns_rr_def; const _getdns_rr_def *_getdns_rr_def_lookup(uint16_t rr_type); diff --git a/src/rr-iter.c b/src/rr-iter.c index 9b332603..ede6b2b5 100644 --- a/src/rr-iter.c +++ b/src/rr-iter.c @@ -75,8 +75,8 @@ find_rrtype(_getdns_rr_iter *i) /* Past the last RR in the pkt */ if (i->pkt && - GLDNS_QDCOUNT(i->pkt) + GLDNS_ANCOUNT(i->pkt) + - GLDNS_NSCOUNT(i->pkt) + GLDNS_ARCOUNT(i->pkt) <= i->n) + (size_t)GLDNS_QDCOUNT(i->pkt) + GLDNS_ANCOUNT(i->pkt) + + GLDNS_NSCOUNT(i->pkt) + GLDNS_ARCOUNT(i->pkt) <= i->n) goto done; for (pos = i->pos; pos + 4 < i->pkt_end; pos += *pos + 1) @@ -101,7 +101,7 @@ done: } _getdns_rr_iter * -_getdns_rr_iter_init(_getdns_rr_iter *i, const uint8_t *pkt, size_t pkt_len) +_getdns_rr_iter_init(_getdns_rr_iter *i, const uint8_t *pkt, const size_t pkt_len) { assert(i); @@ -119,7 +119,7 @@ _getdns_rr_iter_init(_getdns_rr_iter *i, const uint8_t *pkt, size_t pkt_len) _getdns_rr_iter * _getdns_single_rr_iter_init( - _getdns_rr_iter *i, const uint8_t *wire, size_t wire_len) + _getdns_rr_iter *i, const uint8_t *wire, const size_t wire_len) { assert(i); diff --git a/src/rr-iter.h b/src/rr-iter.h index d657d484..d440d939 100644 --- a/src/rr-iter.h +++ b/src/rr-iter.h @@ -76,7 +76,7 @@ _getdns_rr_iter *_getdns_single_rr_iter_init(_getdns_rr_iter *i, const uint8_t *wire, const size_t wire_len); static inline _getdns_rr_iter *_getdns_rr_iter_rewind(_getdns_rr_iter *i) -{ return _getdns_rr_iter_init(i, i->pkt, i->pkt_end - i->pkt); } +{ return i ? _getdns_rr_iter_init(i, i->pkt, i->pkt_end - i->pkt) : NULL; } _getdns_rr_iter *_getdns_rr_iter_next(_getdns_rr_iter *i); @@ -86,19 +86,19 @@ const uint8_t *_getdns_owner_if_or_as_decompressed( static inline _getdns_section _getdns_rr_iter_section(_getdns_rr_iter *i) { - return !i->pkt ? (i->nxt - i->rr_type == 4 ? SECTION_QUESTION - : SECTION_ANSWER ) - : i->n < GLDNS_QDCOUNT(i->pkt) ? SECTION_QUESTION - : i->n < GLDNS_QDCOUNT(i->pkt) - + GLDNS_ANCOUNT(i->pkt) ? SECTION_ANSWER - : i->n < GLDNS_QDCOUNT(i->pkt) - + GLDNS_ANCOUNT(i->pkt) - + GLDNS_NSCOUNT(i->pkt) ? SECTION_AUTHORITY - : i->n < GLDNS_QDCOUNT(i->pkt) - + GLDNS_ANCOUNT(i->pkt) - + GLDNS_NSCOUNT(i->pkt) - + GLDNS_ARCOUNT(i->pkt) ? SECTION_ADDITIONAL - : SECTION_ANY; + return ! i->pkt ? (i->nxt - i->rr_type == 4 ? SECTION_QUESTION + : SECTION_ANSWER ) + : i->n < (size_t)GLDNS_QDCOUNT(i->pkt) ? SECTION_QUESTION + : i->n < (size_t)GLDNS_QDCOUNT(i->pkt) + + GLDNS_ANCOUNT(i->pkt) ? SECTION_ANSWER + : i->n < (size_t)GLDNS_QDCOUNT(i->pkt) + + GLDNS_ANCOUNT(i->pkt) + + GLDNS_NSCOUNT(i->pkt) ? SECTION_AUTHORITY + : i->n < (size_t)GLDNS_QDCOUNT(i->pkt) + + GLDNS_ANCOUNT(i->pkt) + + GLDNS_NSCOUNT(i->pkt) + + GLDNS_ARCOUNT(i->pkt) ? SECTION_ADDITIONAL + : SECTION_ANY; } /* Utility functions to read rr_type and rr_class from a rr iterator */ @@ -181,7 +181,7 @@ static inline _getdns_rrset *_getdns_rrset_iter_value(_getdns_rrset_iter *i) { return i && i->rr_i.pos ? &i->rrset : NULL; } static inline _getdns_rrset_iter *_getdns_rrset_iter_rewind(_getdns_rrset_iter *i) -{ return _getdns_rrset_iter_init(i, i->rrset.pkt, i->rrset.pkt_len, i->rrset.sections); } +{ return i ? _getdns_rrset_iter_init(i, i->rrset.pkt, i->rrset.pkt_len, i->rrset.sections) : NULL; } typedef struct _getdns_rdf_iter { const uint8_t *pkt; diff --git a/src/server.c b/src/server.c index 9e4caa76..ef167179 100644 --- a/src/server.c +++ b/src/server.c @@ -26,7 +26,14 @@ */ #include "config.h" + +#ifndef USE_WINSOCK #include +#else +#include +#include +#endif + #include "getdns/getdns_extra.h" #include "context.h" #include "types-internal.h" @@ -65,6 +72,7 @@ struct listener { */ struct listen_set { getdns_context *context; + void *userarg; getdns_request_handler_t handler; _getdns_rbtree_t connections_set; @@ -100,9 +108,9 @@ typedef struct tcp_connection { getdns_eventloop_event event; uint8_t *read_buf; - size_t read_buf_len; + ssize_t read_buf_len; uint8_t *read_pos; - size_t to_read; + ssize_t to_read; tcp_to_write *to_write; size_t to_answer; @@ -127,7 +135,11 @@ static void tcp_connection_destroy(tcp_connection *conn) loop->vmt->clear(loop, &conn->event); if (conn->fd >= 0) +#ifdef USE_WINSOCK + (void) closesocket(conn->fd); +#else (void) close(conn->fd); +#endif GETDNS_FREE(*mf, conn->read_buf); for (cur = conn->to_write; cur; cur = next) { @@ -177,8 +189,8 @@ static void tcp_write_cb(void *userarg) } to_write = conn->to_write; if (conn->fd == -1 || - (written = write(conn->fd, &to_write->write_buf[to_write->written], - to_write->write_buf_len - to_write->written)) == -1) { + (written = send(conn->fd, &to_write->write_buf[to_write->written], + to_write->write_buf_len - to_write->written, 0)) == -1) { /* IO error, close connection */ conn->event.read_cb = conn->event.write_cb = @@ -231,7 +243,7 @@ _getdns_cancel_reply(getdns_context *context, connection *conn) getdns_return_t getdns_reply( - getdns_context *context, getdns_transaction_t request_id, getdns_dict *reply) + getdns_context *context, getdns_dict *reply, getdns_transaction_t request_id) { /* TODO: Check request_id at context->outbound_requests */ connection *conn = (connection *)(intptr_t)request_id; @@ -268,11 +280,15 @@ getdns_reply( else if (conn->l->transport == GETDNS_TRANSPORT_UDP) { listener *l = conn->l; - if (conn->l->fd >= 0 && sendto(conn->l->fd, buf, len, 0, + if (conn->l->fd >= 0 && sendto(conn->l->fd, (void *)buf, len, 0, (struct sockaddr *)&conn->remote_in, conn->addrlen) == -1) { /* IO error, cleanup this listener */ loop->vmt->clear(loop, &conn->l->event); +#ifdef USE_WINSOCK + closesocket(conn->l->fd); +#else close(conn->l->fd); +#endif conn->l->fd = -1; } /* Unlink this connection */ @@ -351,7 +367,7 @@ static void tcp_read_cb(void *userarg) (void) loop->vmt->schedule(loop, conn->fd, DOWNSTREAM_IDLE_TIMEOUT, &conn->event); - if ((bytes_read = read(conn->fd, conn->read_pos, conn->to_read)) == -1) { + if ((bytes_read = recv(conn->fd, conn->read_pos, conn->to_read, 0)) < 0) { if (errno == EAGAIN || errno == EWOULDBLOCK) return; /* Come back to do the read later */ @@ -400,9 +416,14 @@ static void tcp_read_cb(void *userarg) else { conn->to_answer++; + /* TODO: wish list item: + * (void) getdns_dict_set_int64( + * request_dict, "request_id", intptr_t)conn); + */ /* Call request handler */ conn->super.l->set->handler( - conn->super.l->set->context, request_dict, (intptr_t)conn); + conn->super.l->set->context, GETDNS_CALLBACK_COMPLETE, + request_dict, conn->super.l->set->userarg, (intptr_t)conn); conn->read_pos = conn->read_buf; conn->to_read = 2; @@ -460,7 +481,11 @@ static void tcp_accept_cb(void *userarg) &conn->super.remote_in, &conn->super.addrlen)) == -1) { /* IO error, cleanup this listener */ loop->vmt->clear(loop, &l->event); +#ifdef USE_WINSOCK + closesocket(l->fd); +#else close(l->fd); +#endif l->fd = -1; GETDNS_FREE(*mf, conn); return; @@ -526,11 +551,15 @@ static void udp_read_cb(void *userarg) conn->l = l; conn->addrlen = sizeof(conn->remote_in); - if ((len = recvfrom(l->fd, buf, sizeof(buf), 0, + if ((len = recvfrom(l->fd, (void *)buf, sizeof(buf), 0, (struct sockaddr *)&conn->remote_in, &conn->addrlen)) == -1) { /* IO error, cleanup this listener. */ loop->vmt->clear(loop, &l->event); +#ifdef USE_WINSOCK + closesocket(l->fd); +#else close(l->fd); +#endif l->fd = -1; #if 0 && defined(SERVER_DEBUG) && SERVER_DEBUG @@ -618,8 +647,14 @@ static void udp_read_cb(void *userarg) conn->prev_next = &l->connections; l->connections = conn; + /* TODO: wish list item: + * (void) getdns_dict_set_int64( + * request_dict, "request_id", (intptr_t)conn); + */ /* Call request handler */ - l->set->handler(l->set->context, request_dict, (intptr_t)conn); + l->set->handler(l->set->context, GETDNS_CALLBACK_COMPLETE, + request_dict, l->set->userarg, (intptr_t)conn); + return; } GETDNS_FREE(*mf, conn); @@ -636,7 +671,7 @@ static void free_listen_set_when_done(listen_set *set) if (!(mf = &set->context->mf)) return; - DEBUG_SERVER("To free listen set: %p\n", set); + DEBUG_SERVER("To free listen set: %p\n", (void *)set); for (i = 0; i < set->count; i++) { listener *l = &set->items[i]; @@ -647,7 +682,7 @@ static void free_listen_set_when_done(listen_set *set) return; } GETDNS_FREE(*mf, set); - DEBUG_SERVER("Listen set: %p freed\n", set); + DEBUG_SERVER("Listen set: %p freed\n", (void *)set); } static void remove_listeners(listen_set *set) @@ -673,7 +708,11 @@ static void remove_listeners(listen_set *set) continue; loop->vmt->clear(loop, &l->event); +#ifdef USE_WINSOCK + closesocket(l->fd); +#else close(l->fd); +#endif l->fd = -1; if (l->transport != GETDNS_TRANSPORT_TCP) @@ -692,7 +731,11 @@ static void remove_listeners(listen_set *set) static getdns_return_t add_listeners(listen_set *set) { +#ifdef USE_WINSOCK + static const char enable = 1; +#else static const int enable = 1; +#endif struct mem_funcs *mf; getdns_eventloop *loop; @@ -726,9 +769,9 @@ static getdns_return_t add_listeners(listen_set *set) break; if (setsockopt(l->fd, SOL_SOCKET, SO_REUSEADDR, - &enable, sizeof(int)) < 0) + &enable, sizeof(int)) < 0) { ; /* Ignore */ - + } if (bind(l->fd, (struct sockaddr *)&l->addr, l->addr_len) == -1) /* IO error */ @@ -765,9 +808,9 @@ ptr_cmp(const void *a, const void *b) return a == b ? 0 : (a < b ? -1 : 1); } -getdns_return_t getdns_context_set_listen_addresses(getdns_context *context, - getdns_request_handler_t request_handler, - const getdns_list *listen_addresses) +getdns_return_t getdns_context_set_listen_addresses( + getdns_context *context, const getdns_list *listen_addresses, + void *userarg, getdns_request_handler_t request_handler) { static const getdns_transport_list_t listen_transports[] = { GETDNS_TRANSPORT_UDP, GETDNS_TRANSPORT_TCP }; @@ -786,10 +829,9 @@ getdns_return_t getdns_context_set_listen_addresses(getdns_context *context, size_t i; struct addrinfo hints; - DEBUG_SERVER("getdns_context_set_listen_addresses(%p, %p, %p)\n", - context, request_handler, + DEBUG_SERVER("getdns_context_set_listen_addresses(%p, , %p)\n", + (void *)context, (void *)listen_addresses); - listen_addresses); if (!(mf = &context->mf)) return GETDNS_RETURN_GENERIC_ERROR; @@ -826,10 +868,11 @@ getdns_return_t getdns_context_set_listen_addresses(getdns_context *context, _getdns_rbtree_init(&new_set->connections_set, ptr_cmp); DEBUG_SERVER("New listen set: %p, current_set: %p\n", - new_set, current_set); + (void *)new_set, (void *)current_set); new_set->context = context; new_set->handler = request_handler; + new_set->userarg = userarg; new_set->count = new_set_count * n_transports; (void) memset(new_set->items, 0, sizeof(listener) * new_set_count * n_transports); diff --git a/src/stub.c b/src/stub.c index 2b6f9c36..2fa121f1 100644 --- a/src/stub.c +++ b/src/stub.c @@ -32,6 +32,23 @@ */ #include "config.h" + +/* Intercept and do not sent out COM DS queries with TLS + * For debugging purposes only. Never commit with this turned on. + */ +#define INTERCEPT_COM_DS 0 + +#ifdef USE_POLL_DEFAULT_EVENTLOOP +# ifdef HAVE_SYS_POLL_H +# include +# else +#ifdef USE_WINSOCK +#define poll(fdarray, nbsockets, timer) WSAPoll(fdarray, nbsockets, timer) +#else +# include +#endif +# endif +#endif #include "debug.h" #include #include @@ -54,15 +71,18 @@ typedef u_short sa_family_t; #define _getdns_EWOULDBLOCK (WSAGetLastError() == WSATRY_AGAIN ||\ WSAGetLastError() == WSAEWOULDBLOCK) #define _getdns_EINPROGRESS (WSAGetLastError() == WSAEINPROGRESS) +#define _getdns_EMFILE (WSAGetLastError() == WSAEMFILE) #else #define _getdns_EWOULDBLOCK (errno == EAGAIN || errno == EWOULDBLOCK) #define _getdns_EINPROGRESS (errno == EINPROGRESS) +#define _getdns_EMFILE (errno == EMFILE) #endif /* WSA TODO: * STUB_TCP_WOULDBLOCK added to deal with edge triggered event loops (versus * level triggered). See also lines containing WSA TODO below... */ +#define STUB_TRY_AGAIN_LATER -24 /* EMFILE, i.e. Out of OS resources */ #define STUB_NO_AUTH -8 /* Existing TLS connection is not authenticated */ #define STUB_CONN_GONE -7 /* Connection has failed, clear queue*/ #define STUB_TCP_WOULDBLOCK -6 @@ -86,7 +106,7 @@ static void upstream_idle_timeout_cb(void *userarg); static void upstream_schedule_netreq(getdns_upstream *upstream, getdns_network_req *netreq); static void upstream_reschedule_events(getdns_upstream *upstream, - size_t idle_timeout); + uint64_t idle_timeout); static int upstream_working_ok(getdns_upstream *upstream); static int upstream_auth_status_ok(getdns_upstream *upstream, getdns_network_req *netreq); @@ -96,7 +116,7 @@ static int upstream_connect(getdns_upstream *upstream, static int fallback_on_write(getdns_network_req *netreq); static void stub_timeout_cb(void *userarg); -static uint64_t _getdns_get_time_as_uintt64(); +uint64_t _getdns_get_time_as_uintt64(); /*****************************/ /* General utility functions */ /*****************************/ @@ -252,7 +272,7 @@ match_edns_opt_rr(uint16_t code, uint8_t *response, size_t response_len, (void) gldns_wire2str_rr_scan( &data, &data_len, &str, &str_len, (uint8_t *)rr_iter->pkt, rr_iter->pkt_end - rr_iter->pkt); DEBUG_STUB("%s %-35s: OPT RR: %s", - STUB_DEBUG_READ, __FUNCTION__, str_spc); + STUB_DEBUG_READ, __FUNC__, str_spc); #endif /* OPT found, now search for the specified option */ @@ -342,12 +362,20 @@ process_keepalive( /* Use server sent value unless the client specified a shorter one. Convert to ms first (wire value has units of 100ms) */ uint64_t server_keepalive = ((uint64_t)gldns_read_uint16(position))*100; + DEBUG_STUB("%s %-35s: FD: %d Server Keepalive recieved: %d ms\n", + STUB_DEBUG_READ, __FUNC__, upstream->fd, + (int)server_keepalive); if (netreq->owner->context->idle_timeout < server_keepalive) upstream->keepalive_timeout = netreq->owner->context->idle_timeout; else { + if (server_keepalive == 0) { + /* This means the server wants us to shut the connection (sending no + more queries). */ + upstream->keepalive_shutdown = 1; + } upstream->keepalive_timeout = server_keepalive; DEBUG_STUB("%s %-35s: FD: %d Server Keepalive used: %d ms\n", - STUB_DEBUG_READ, __FUNCTION__, upstream->fd, + STUB_DEBUG_READ, __FUNC__, upstream->fd, (int)server_keepalive); } } @@ -377,7 +405,7 @@ tcp_connect(getdns_upstream *upstream, getdns_transport_list_t transport) { int fd = -1; DEBUG_STUB("%s %-35s: Creating TCP connection: %p\n", STUB_DEBUG_SETUP, - __FUNCTION__, upstream); + __FUNC__, (void*)upstream); if ((fd = socket(upstream->addr.ss_family, SOCK_STREAM, IPPROTO_TCP)) == -1) return -1; @@ -390,6 +418,7 @@ tcp_connect(getdns_upstream *upstream, getdns_transport_list_t transport) if (transport == GETDNS_TRANSPORT_TCP) return fd; #elif USE_OSX_TCP_FASTOPEN + (void)transport; sa_endpoints_t endpoints; endpoints.sae_srcif = 0; endpoints.sae_srcaddr = NULL; @@ -405,12 +434,18 @@ tcp_connect(getdns_upstream *upstream, getdns_transport_list_t transport) } } return fd; +#else + (void)transport; #endif if (connect(fd, (struct sockaddr *)&upstream->addr, upstream->addr_len) == -1) { if (_getdns_EINPROGRESS || _getdns_EWOULDBLOCK) return fd; +#ifdef USE_WINSOCK + closesocket(fd); +#else close(fd); +#endif return -1; } return fd; @@ -466,7 +501,7 @@ static void stub_cleanup(getdns_network_req *netreq) { DEBUG_STUB("%s %-35s: MSG: %p\n", - STUB_DEBUG_CLEANUP, __FUNCTION__, netreq); + STUB_DEBUG_CLEANUP, __FUNC__, (void*)netreq); getdns_dns_req *dnsreq = netreq->owner; getdns_network_req *r, *prev_r; getdns_upstream *upstream; @@ -475,7 +510,7 @@ stub_cleanup(getdns_network_req *netreq) GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); /* Nothing globally scheduled? Then nothing queued */ - if (!(upstream = netreq->upstream)->event.ev) + if (!netreq->upstream || !(upstream = netreq->upstream)->event.ev) return; /* Delete from upstream->netreq_by_query_id (if present) */ @@ -505,8 +540,8 @@ stub_cleanup(getdns_network_req *netreq) static void upstream_failed(getdns_upstream *upstream, int during_setup) { - DEBUG_STUB("%s %-35s: FD: %d During setup = %d\n", - STUB_DEBUG_CLEANUP, __FUNCTION__, upstream->fd, during_setup); + DEBUG_STUB("%s %-35s: FD: %d Failure during connection setup = %d\n", + STUB_DEBUG_CLEANUP, __FUNC__, upstream->fd, during_setup); /* Fallback code should take care of queue queries and then close conn when idle.*/ /* [TLS1]TODO: Work out how to re-open the connection and re-try @@ -514,9 +549,14 @@ upstream_failed(getdns_upstream *upstream, int during_setup) if (during_setup) { /* Reset timeout on setup failure to trigger fallback handling.*/ GETDNS_CLEAR_EVENT(upstream->loop, &upstream->event); - GETDNS_SCHEDULE_EVENT(upstream->loop, upstream->fd, TIMEOUT_FOREVER, - getdns_eventloop_event_init(&upstream->event, upstream, - NULL, upstream_write_cb, NULL)); + /* Need this check because if the setup failed because the interface is + not up we get -1 and then a seg fault. Found when using IPv6 address + but IPv6 interface not enabled.*/ + if (upstream->fd != -1) { + GETDNS_SCHEDULE_EVENT(upstream->loop, upstream->fd, TIMEOUT_FOREVER, + getdns_eventloop_event_init(&upstream->event, upstream, + NULL, upstream_write_cb, NULL)); + } /* Special case if failure was due to authentication issues since this upstream could be used oppotunistically with no problem.*/ if (!(upstream->transport == GETDNS_TRANSPORT_TLS && @@ -530,7 +570,7 @@ upstream_failed(getdns_upstream *upstream, int during_setup) netreq = (getdns_network_req *) _getdns_rbtree_first(&upstream->netreq_by_query_id); stub_cleanup(netreq); - netreq->state = NET_REQ_FINISHED; + _getdns_netreq_change_state(netreq, NET_REQ_FINISHED); _getdns_check_dns_req_complete(netreq->owner); } } @@ -542,9 +582,15 @@ void _getdns_cancel_stub_request(getdns_network_req *netreq) { DEBUG_STUB("%s %-35s: MSG: %p\n", - STUB_DEBUG_CLEANUP, __FUNCTION__, netreq); + STUB_DEBUG_CLEANUP, __FUNC__, (void*)netreq); stub_cleanup(netreq); - if (netreq->fd >= 0) close(netreq->fd); + if (netreq->fd >= 0) { +#ifdef USE_WINSOCK + closesocket(netreq->fd); +#else + close(netreq->fd); +#endif + } } static void @@ -552,12 +598,23 @@ stub_timeout_cb(void *userarg) { getdns_network_req *netreq = (getdns_network_req *)userarg; DEBUG_STUB("%s %-35s: MSG: %p\n", - STUB_DEBUG_CLEANUP, __FUNCTION__, netreq); + STUB_DEBUG_CLEANUP, __FUNC__, (void*)netreq); stub_cleanup(netreq); - netreq->state = NET_REQ_TIMED_OUT; + _getdns_netreq_change_state(netreq, NET_REQ_TIMED_OUT); /* Handle upstream*/ if (netreq->fd >= 0) { +#ifdef USE_WINSOCK + closesocket(netreq->fd); +#else close(netreq->fd); +#endif + netreq->upstream->udp_timeouts++; +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + if (netreq->upstream->udp_timeouts % 100 == 0) + DEBUG_DAEMON("%s %-40s : Upstream stats: Transport=UDP - Resp=%d,Timeouts=%d\n", + STUB_DEBUG_DAEMON, netreq->upstream->addr_str, + (int)netreq->upstream->udp_responses, (int)netreq->upstream->udp_timeouts); +#endif stub_next_upstream(netreq); } else { netreq->upstream->responses_timeouts++; @@ -565,7 +622,7 @@ stub_timeout_cb(void *userarg) if (netreq->owner->user_callback) { netreq->debug_end_time = _getdns_get_time_as_uintt64(); /* Note this calls cancel_request which calls stub_cleanup again....!*/ - (void) _getdns_context_request_timed_out(netreq->owner); + _getdns_context_request_timed_out(netreq->owner); } else _getdns_check_dns_req_complete(netreq->owner); } @@ -575,7 +632,7 @@ upstream_idle_timeout_cb(void *userarg) { getdns_upstream *upstream = (getdns_upstream *)userarg; DEBUG_STUB("%s %-35s: FD: %d Closing connection\n", - STUB_DEBUG_CLEANUP, __FUNCTION__, upstream->fd); + STUB_DEBUG_CLEANUP, __FUNC__, upstream->fd); GETDNS_CLEAR_EVENT(upstream->loop, &upstream->event); upstream->event.timeout_cb = NULL; upstream->event.read_cb = NULL; @@ -586,9 +643,17 @@ upstream_idle_timeout_cb(void *userarg) static void upstream_setup_timeout_cb(void *userarg) { + int ret; getdns_upstream *upstream = (getdns_upstream *)userarg; +#ifdef USE_POLL_DEFAULT_EVENTLOOP + struct pollfd fds; +#else + fd_set fds; + struct timeval tval; +#endif + DEBUG_STUB("%s %-35s: FD: %d\n", - STUB_DEBUG_CLEANUP, __FUNCTION__, upstream->fd); + STUB_DEBUG_CLEANUP, __FUNC__, upstream->fd); /* Clean up and trigger a write to let the fallback code to its job */ upstream_failed(upstream, 1); @@ -596,17 +661,20 @@ upstream_setup_timeout_cb(void *userarg) * TCP SYN and doesn't do a reset (as is the case with e.g. 8.8.8.8@853). * For that case the socket never becomes writable so doesn't trigger any * callbacks. If so then clear out the queue in one go.*/ - int ret; - fd_set fds; +#ifdef USE_POLL_DEFAULT_EVENTLOOP + fds.fd = upstream->fd; + fds.events = POLLOUT; + ret = poll(&fds, 1, 0); +#else FD_ZERO(&fds); - FD_SET(FD_SET_T upstream->fd, &fds); - struct timeval tval; + FD_SET((int)(upstream->fd), &fds); tval.tv_sec = 0; tval.tv_usec = 0; ret = select(upstream->fd+1, NULL, &fds, NULL, &tval); +#endif if (ret == 0) { DEBUG_STUB("%s %-35s: FD: %d Cleaning up dangling queue\n", - STUB_DEBUG_CLEANUP, __FUNCTION__, upstream->fd); + STUB_DEBUG_CLEANUP, __FUNC__, upstream->fd); while (upstream->write_queue) upstream_write_cb(upstream); } @@ -634,7 +702,7 @@ stub_tcp_read(int fd, getdns_tcp_state *tcp, struct mem_funcs *mf) tcp->to_read = 2; /* Packet size */ } read = recv(fd, (void *)tcp->read_pos, tcp->to_read, 0); - if (read == -1) { + if (read < 0) { if (_getdns_EWOULDBLOCK) return STUB_TCP_WOULDBLOCK; else @@ -643,7 +711,7 @@ stub_tcp_read(int fd, getdns_tcp_state *tcp, struct mem_funcs *mf) /* Remote end closed the socket */ /* TODO: Try to reconnect */ return STUB_TCP_ERROR; - } else if (read> tcp->to_read) { + } else if ((size_t)read > tcp->to_read) { return STUB_TCP_ERROR; } tcp->to_read -= read; @@ -682,7 +750,7 @@ stub_tcp_read(int fd, getdns_tcp_state *tcp, struct mem_funcs *mf) /* stub_tcp_write(fd, tcp, netreq) * will return STUB_TCP_AGAIN when we need to come back again, - * STUB_TCP_ERROR on error and a query_id on successfull sent. + * STUB_TCP_ERROR on error and a query_id on successful sent. */ static int stub_tcp_write(int fd, getdns_tcp_state *tcp, getdns_network_req *netreq) @@ -726,7 +794,7 @@ stub_tcp_write(int fd, getdns_tcp_state *tcp, getdns_network_req *netreq) netreq->owner->context->idle_timeout != 0) { /* Add the keepalive option to the first query on this connection*/ DEBUG_STUB("%s %-35s: FD: %d Requesting keepalive \n", - STUB_DEBUG_WRITE, __FUNCTION__, fd); + STUB_DEBUG_WRITE, __FUNC__, fd); if (attach_edns_keepalive(netreq)) return STUB_OUT_OF_OPTIONS; netreq->keepalive_sent = 1; @@ -751,12 +819,12 @@ stub_tcp_write(int fd, getdns_tcp_state *tcp, getdns_network_req *netreq) (struct sockaddr *)&(netreq->upstream->addr), netreq->upstream->addr_len); #endif - if ((written == -1 && (_getdns_EWOULDBLOCK || + if ((written < 0 && (_getdns_EWOULDBLOCK || /* Add the error case where the connection is in progress which is when a cookie is not available (e.g. when doing the first request to an upstream). We must let the handshake complete since non-blocking. */ _getdns_EINPROGRESS)) || - written < pkt_len + 2) { + (size_t)written < pkt_len + 2) { /* We couldn't write the whole packet. * We have to return with STUB_TCP_AGAIN. @@ -778,8 +846,13 @@ stub_tcp_write(int fd, getdns_tcp_state *tcp, getdns_network_req *netreq) /* Coming back from an earlier unfinished write or handshake. * Try to send remaining data */ +#ifdef USE_WINSOCK + written = send(fd, tcp->write_buf + tcp->written, + tcp->write_buf_len - tcp->written, 0); +#else written = write(fd, tcp->write_buf + tcp->written, tcp->write_buf_len - tcp->written); +#endif if (written == -1) { if (_getdns_EWOULDBLOCK) return STUB_TCP_WOULDBLOCK; @@ -817,48 +890,84 @@ tls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx) getdns_upstream *upstream; getdns_return_t pinset_ret = GETDNS_RETURN_GOOD; upstream = _getdns_upstream_from_x509_store(ctx); + if (!upstream) + return 0; -#if defined(STUB_DEBUG) && STUB_DEBUG || defined(X509_V_ERR_HOSTNAME_MISMATCH) - int err = X509_STORE_CTX_get_error(ctx); - + int err = X509_STORE_CTX_get_error(ctx); +#if defined(STUB_DEBUG) && STUB_DEBUG DEBUG_STUB("%s %-35s: FD: %d Verify result: (%d) \"%s\"\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd, err, + STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd, err, X509_verify_cert_error_string(err)); #endif +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + if (!preverify_ok && !upstream->tls_fallback_ok) + DEBUG_DAEMON("%s %-40s : Verify failed : Transport=TLS - *Failure* - (%d) \"%s\"\n", + STUB_DEBUG_DAEMON, upstream->addr_str, err, + X509_verify_cert_error_string(err)); +#endif + /* First deal with the hostname authentication done by OpenSSL. */ #ifdef X509_V_ERR_HOSTNAME_MISMATCH +# if defined(STUB_DEBUG) && STUB_DEBUG /*Report if error is hostname mismatch*/ - if (upstream && upstream->tls_fallback_ok && err == X509_V_ERR_HOSTNAME_MISMATCH) { - DEBUG_STUB("%s %-35s: FD: %d WARNING: Proceeding even though hostname validation failed!\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd); - upstream->tls_auth_state = GETDNS_AUTH_FAILED; - } + if (err == X509_V_ERR_HOSTNAME_MISMATCH && upstream->tls_fallback_ok) + DEBUG_STUB("%s %-35s: FD: %d WARNING: Proceeding even though hostname validation failed!\n", + STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd); +# endif #else /* if we weren't built against OpenSSL with hostname matching we * could not have matched the hostname, so this would be an automatic * tls_auth_fail if there is a hostname provided*/ - if (upstream->tls_auth_name[0]) + if (upstream->tls_auth_name[0]) { upstream->tls_auth_state = GETDNS_AUTH_FAILED; + preverify_ok = 0; + } #endif - if (upstream && upstream->tls_pubkey_pinset) + + /* Now deal with the pinset validation*/ + if (upstream->tls_pubkey_pinset) pinset_ret = _getdns_verify_pinset_match(upstream->tls_pubkey_pinset, ctx); if (pinset_ret != GETDNS_RETURN_GOOD) { DEBUG_STUB("%s %-35s: FD: %d, WARNING: Pinset validation failure!\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd); + STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd); preverify_ok = 0; upstream->tls_auth_state = GETDNS_AUTH_FAILED; if (upstream->tls_fallback_ok) DEBUG_STUB("%s %-35s: FD: %d, WARNING: Proceeding even though pinset validation failed!\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd); + STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd); +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + else + DEBUG_DAEMON("%s %-40s : Conn failed : Transport=TLS - *Failure* - Pinset validation failure\n", + STUB_DEBUG_DAEMON, upstream->addr_str); +#endif + } else { + /* If we _only_ had a pinset and it is good then force succesful + authentication when the cert self-signed + TODO: We need to check for other error cases here, not blindly accept the cert!! */ + if ((upstream->tls_pubkey_pinset && upstream->tls_auth_name[0] == '\0') && + (err == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN || + err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)) { + preverify_ok = 1; + DEBUG_STUB("%s %-35s: FD: %d, Allowing self-signed (%d) cert since pins match\n", + STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd, err); +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + DEBUG_DAEMON("%s %-40s : Verify passed : Transport=TLS - Allowing self-signed cert since pins match\n", + STUB_DEBUG_DAEMON, upstream->addr_str); +#endif + } } + /* If nothing has failed yet and we had credentials, we have succesfully authenticated*/ - if (upstream->tls_auth_state == GETDNS_AUTH_NONE && - (upstream->tls_pubkey_pinset || upstream->tls_auth_name[0])) + if (preverify_ok == 0) + upstream->tls_auth_state = GETDNS_AUTH_FAILED; + else if (upstream->tls_auth_state == GETDNS_AUTH_NONE && + (upstream->tls_pubkey_pinset || upstream->tls_auth_name[0])) upstream->tls_auth_state = GETDNS_AUTH_OK; + /* If fallback is allowed, proceed regardless of what the auth error is (might not be hostname or pinset related) */ - return (upstream && upstream->tls_fallback_ok) ? 1 : preverify_ok; + return (upstream->tls_fallback_ok) ? 1 : preverify_ok; } static SSL* @@ -891,7 +1000,7 @@ tls_create_object(getdns_dns_req *dnsreq, int fd, getdns_upstream *upstream) if (upstream->tls_auth_name[0] != '\0') { /*Request certificate for the auth_name*/ DEBUG_STUB("%s %-35s: Hostname verification requested for: %s\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->tls_auth_name); + STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->tls_auth_name); SSL_set_tlsext_host_name(ssl, upstream->tls_auth_name); #ifdef HAVE_SSL_HN_AUTH /* Set up native OpenSSL hostname verification*/ @@ -902,7 +1011,7 @@ tls_create_object(getdns_dns_req *dnsreq, int fd, getdns_upstream *upstream) #else if (dnsreq->netreqs[0]->tls_auth_min == GETDNS_AUTHENTICATION_REQUIRED) { DEBUG_STUB("%s %-35s: ERROR: TLS Authentication functionality not available\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__); + STUB_DEBUG_SETUP_TLS, __FUNC__); upstream->tls_hs_state = GETDNS_HS_FAILED; return NULL; } @@ -916,31 +1025,45 @@ tls_create_object(getdns_dns_req *dnsreq, int fd, getdns_upstream *upstream) if (dnsreq->netreqs[0]->tls_auth_min == GETDNS_AUTHENTICATION_REQUIRED) { if (upstream->tls_pubkey_pinset) { DEBUG_STUB("%s %-35s: Proceeding with only pubkey pinning authentication\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__); + STUB_DEBUG_SETUP_TLS, __FUNC__); } else { DEBUG_STUB("%s %-35s: ERROR: No host name or pubkey pinset provided for TLS authentication\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__); + STUB_DEBUG_SETUP_TLS, __FUNC__); upstream->tls_hs_state = GETDNS_HS_FAILED; return NULL; } } else { /* no hostname verification, so we will make opportunistic connections */ DEBUG_STUB("%s %-35s: Proceeding even though no hostname provided!\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__); + STUB_DEBUG_SETUP_TLS, __FUNC__); upstream->tls_fallback_ok = 1; } } if (upstream->tls_fallback_ok) { SSL_set_cipher_list(ssl, "DEFAULT"); DEBUG_STUB("%s %-35s: WARNING: Using Oppotunistic TLS (fallback allowed)!\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__); + STUB_DEBUG_SETUP_TLS, __FUNC__); } else DEBUG_STUB("%s %-35s: Using Strict TLS \n", STUB_DEBUG_SETUP_TLS, - __FUNCTION__); + __FUNC__); SSL_set_verify(ssl, SSL_VERIFY_PEER, tls_verify_callback); SSL_set_connect_state(ssl); (void) SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); + + /* Session resumption. There are trade-offs here. Want to do it when + possible only if we have the right type of connection. Note a change + to the upstream auth info creates a new upstream so never re-uses.*/ + if (upstream->tls_session != NULL) { + if ((upstream->tls_fallback_ok == 0 && + upstream->last_tls_auth_state == GETDNS_AUTH_OK) || + upstream->tls_fallback_ok == 1) { + SSL_set_session(ssl, upstream->tls_session); + DEBUG_STUB("%s %-35s: Attempting session re-use\n", STUB_DEBUG_SETUP_TLS, + __FUNC__); + } + } + return ssl; } @@ -948,7 +1071,7 @@ static int tls_do_handshake(getdns_upstream *upstream) { DEBUG_STUB("%s %-35s: FD: %d \n", STUB_DEBUG_SETUP_TLS, - __FUNCTION__, upstream->fd); + __FUNC__, upstream->fd); int r; int want; ERR_clear_error(); @@ -974,7 +1097,7 @@ tls_do_handshake(getdns_upstream *upstream) return STUB_TCP_AGAIN; default: DEBUG_STUB("%s %-35s: FD: %d Handshake failed %d\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd, + STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd, want); return STUB_SETUP_ERROR; } @@ -982,8 +1105,12 @@ tls_do_handshake(getdns_upstream *upstream) upstream->tls_hs_state = GETDNS_HS_DONE; upstream->conn_state = GETDNS_CONN_OPEN; upstream->conn_completed++; - DEBUG_STUB("%s %-35s: FD: %d Handshake succeeded with auth state %d. Session is %s.\n", - STUB_DEBUG_SETUP_TLS, __FUNCTION__, upstream->fd, upstream->tls_auth_state, + /* A re-used session is not verified so need to fix up state in that case */ + if (SSL_session_reused(upstream->tls_obj)) + upstream->tls_auth_state = upstream->last_tls_auth_state; + DEBUG_STUB("%s %-35s: FD: %d Handshake succeeded with auth state %s. Session is %s.\n", + STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd, + _getdns_auth_str(upstream->tls_auth_state), SSL_session_reused(upstream->tls_obj) ?"re-used":"new"); if (upstream->tls_session != NULL) SSL_SESSION_free(upstream->tls_session); @@ -1158,17 +1285,20 @@ stub_tls_write(getdns_upstream *upstream, getdns_tcp_state *tcp, /* Add the keepalive option to every nth query on this connection */ DEBUG_STUB("%s %-35s: FD: %d Requesting keepalive \n", - STUB_DEBUG_SETUP, __FUNCTION__, upstream->fd); + STUB_DEBUG_SETUP, __FUNC__, upstream->fd); if (attach_edns_keepalive(netreq)) return STUB_OUT_OF_OPTIONS; netreq->keepalive_sent = 1; } - if (netreq->owner->tls_query_padding_blocksize > 1) { + if (netreq->owner->tls_query_padding_blocksize > 0) { + uint16_t blksz = netreq->owner->tls_query_padding_blocksize; + if (blksz == 1) /* use a sensible default policy */ + blksz = 128; pkt_len = netreq->response - netreq->query; pkt_len += 4; /* this accounts for the OPTION-CODE and OPTION-LENGTH of the padding */ - padding_sz = pkt_len % netreq->owner->tls_query_padding_blocksize; + padding_sz = pkt_len % blksz; if (padding_sz) - padding_sz = netreq->owner->tls_query_padding_blocksize - padding_sz; + padding_sz = blksz - padding_sz; if (_getdns_network_req_add_upstream_option(netreq, EDNS_PADDING_OPCODE, padding_sz, NULL)) @@ -1182,10 +1312,39 @@ stub_tls_write(getdns_upstream *upstream, getdns_tcp_state *tcp, /* TODO[TLS]: Handle error cases, partial writes, renegotiation etc. */ ERR_clear_error(); - written = SSL_write(tls_obj, netreq->query - 2, pkt_len + 2); - if (written <= 0) - return STUB_TCP_ERROR; +#if INTERCEPT_COM_DS + /* Intercept and do not sent out COM DS queries. For debugging + * purposes only. Never commit with this turned on. + */ + if (netreq->request_type == GETDNS_RRTYPE_DS && + netreq->owner->name_len == 5 && + netreq->owner->name[0] == 3 && + (netreq->owner->name[1] & 0xDF) == 'C' && + (netreq->owner->name[2] & 0xDF) == 'O' && + (netreq->owner->name[3] & 0xDF) == 'M' && + netreq->owner->name[4] == 0) { + debug_req("Intercepting", netreq); + written = pkt_len + 2; + } else +#endif + written = SSL_write(tls_obj, netreq->query - 2, pkt_len + 2); + if (written <= 0) { + /* SSL_write will not do partial writes, because + * SSL_MODE_ENABLE_PARTIAL_WRITE is not default, + * but the write could fail because of renegotiation. + * In that case SSL_get_error() will return + * SSL_ERROR_WANT_READ or, SSL_ERROR_WANT_WRITE. + * Return for retry in such cases. + */ + switch (SSL_get_error(tls_obj, written)) { + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_WRITE: + return STUB_TCP_AGAIN; + default: + return STUB_TCP_ERROR; + } + } /* We were able to write everything! Start reading. */ return (int) query_id; @@ -1194,12 +1353,12 @@ stub_tls_write(getdns_upstream *upstream, getdns_tcp_state *tcp, return STUB_TCP_ERROR; } -static uint64_t +uint64_t _getdns_get_time_as_uintt64() { - + struct timeval tv; uint64_t now; - + if (gettimeofday(&tv, NULL)) { return 0; } @@ -1207,10 +1366,12 @@ _getdns_get_time_as_uintt64() { return now; } + /**************************/ /* UDP callback functions */ /**************************/ + static void stub_udp_read_cb(void *userarg) { @@ -1219,9 +1380,7 @@ stub_udp_read_cb(void *userarg) getdns_upstream *upstream = netreq->upstream; ssize_t read; DEBUG_STUB("%s %-35s: MSG: %p \n", STUB_DEBUG_READ, - __FUNCTION__, netreq); - - GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); + __FUNC__, (void*)netreq); read = recvfrom(netreq->fd, (void *)netreq->response, netreq->max_udp_payload_size + 1, /* If read == max_udp_payload_size @@ -1232,8 +1391,28 @@ stub_udp_read_cb(void *userarg) */ 0, NULL, NULL); if (read == -1 && _getdns_EWOULDBLOCK) - return; + return; /* Try again later */ + if (read == -1) { + DEBUG_STUB("%s %-35s: MSG: %p error while reading from socket:" + " %s\n", STUB_DEBUG_READ, __FUNC__, (void*)netreq + , strerror(errno)); + + stub_cleanup(netreq); + _getdns_netreq_change_state(netreq, NET_REQ_ERRORED); + /* Handle upstream*/ + if (netreq->fd >= 0) { +#ifdef USE_WINSOCK + closesocket(netreq->fd); +#else + close(netreq->fd); +#endif + stub_next_upstream(netreq); + } + netreq->debug_end_time = _getdns_get_time_as_uintt64(); + _getdns_check_dns_req_complete(netreq->owner); + return; + } if (read < GLDNS_HEADER_SIZE) return; /* Not DNS */ @@ -1244,11 +1423,17 @@ stub_udp_read_cb(void *userarg) upstream, netreq->response, read)) return; /* Client cookie didn't match? */ + GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); + +#ifdef USE_WINSOCK + closesocket(netreq->fd); +#else close(netreq->fd); netreq->fd = -1; +#endif while (GLDNS_TC_WIRE(netreq->response)) { DEBUG_STUB("%s %-35s: MSG: %p TC bit set in response \n", STUB_DEBUG_READ, - __FUNCTION__, netreq); + __FUNC__, (void*)netreq); if (!(netreq->transport_current < netreq->transport_count)) break; getdns_transport_list_t next_transport = @@ -1261,17 +1446,31 @@ stub_udp_read_cb(void *userarg) dnsreq)) == -1) break; upstream_schedule_netreq(netreq->upstream, netreq); - GETDNS_SCHEDULE_EVENT( - dnsreq->loop, -1, dnsreq->context->timeout, + GETDNS_SCHEDULE_EVENT(dnsreq->loop, -1, + _getdns_ms_until_expiry(dnsreq->expires), getdns_eventloop_event_init(&netreq->event, netreq, NULL, NULL, stub_timeout_cb)); return; } netreq->response_len = read; - dnsreq->upstreams->current_udp = 0; + if (!dnsreq->context->round_robin_upstreams) + dnsreq->upstreams->current_udp = 0; + else { + dnsreq->upstreams->current_udp+=GETDNS_UPSTREAM_TRANSPORTS; + if (dnsreq->upstreams->current_udp >= dnsreq->upstreams->count) + dnsreq->upstreams->current_udp = 0; + } netreq->debug_end_time = _getdns_get_time_as_uintt64(); - netreq->state = NET_REQ_FINISHED; + _getdns_netreq_change_state(netreq, NET_REQ_FINISHED); + upstream->udp_responses++; +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + if (upstream->udp_responses == 1 || + upstream->udp_responses % 100 == 0) + DEBUG_DAEMON("%s %-40s : Upstream stats: Transport=UDP - Resp=%d,Timeouts=%d\n", + STUB_DEBUG_DAEMON, upstream->addr_str, + (int)upstream->udp_responses, (int)upstream->udp_timeouts); +#endif _getdns_check_dns_req_complete(dnsreq); } @@ -1282,7 +1481,7 @@ stub_udp_write_cb(void *userarg) getdns_dns_req *dnsreq = netreq->owner; size_t pkt_len; DEBUG_STUB("%s %-35s: MSG: %p \n", STUB_DEBUG_WRITE, - __FUNCTION__, netreq); + __FUNC__, (void *)netreq); GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); @@ -1309,11 +1508,15 @@ stub_udp_write_cb(void *userarg) netreq->fd, (const void *)netreq->query, pkt_len, 0, (struct sockaddr *)&netreq->upstream->addr, netreq->upstream->addr_len)) { +#ifdef USE_WINSOCK + closesocket(netreq->fd); +#else close(netreq->fd); +#endif return; } - GETDNS_SCHEDULE_EVENT( - dnsreq->loop, netreq->fd, dnsreq->context->timeout, + GETDNS_SCHEDULE_EVENT(dnsreq->loop, netreq->fd, + _getdns_ms_until_expiry(dnsreq->expires), getdns_eventloop_event_init(&netreq->event, netreq, stub_udp_read_cb, NULL, stub_timeout_cb)); } @@ -1344,7 +1547,7 @@ static void upstream_read_cb(void *userarg) { getdns_upstream *upstream = (getdns_upstream *)userarg; - DEBUG_STUB("%s %-35s: FD: %d \n", STUB_DEBUG_READ, __FUNCTION__, + DEBUG_STUB("%s %-35s: FD: %d \n", STUB_DEBUG_READ, __FUNC__, upstream->fd); getdns_network_req *netreq; int q; @@ -1385,8 +1588,8 @@ upstream_read_cb(void *userarg) } DEBUG_STUB("%s %-35s: MSG: %p (read)\n", - STUB_DEBUG_READ, __FUNCTION__, netreq); - netreq->state = NET_REQ_FINISHED; + STUB_DEBUG_READ, __FUNC__, (void*)netreq); + _getdns_netreq_change_state(netreq, NET_REQ_FINISHED); netreq->response = upstream->tcp.read_buf; netreq->response_len = upstream->tcp.read_pos - upstream->tcp.read_buf; @@ -1457,6 +1660,7 @@ upstream_write_cb(void *userarg) getdns_upstream *upstream = (getdns_upstream *)userarg; getdns_network_req *netreq = upstream->write_queue; int q; + X509 *cert; if (!netreq) { GETDNS_CLEAR_EVENT(upstream->loop, &upstream->event); @@ -1466,7 +1670,7 @@ upstream_write_cb(void *userarg) netreq->debug_start_time = _getdns_get_time_as_uintt64(); DEBUG_STUB("%s %-35s: MSG: %p (writing)\n", STUB_DEBUG_WRITE, - __FUNCTION__, netreq); + __FUNC__, (void*)netreq); /* Health checks on current connection */ if (upstream->conn_state == GETDNS_CONN_TEARDOWN) @@ -1490,22 +1694,35 @@ upstream_write_cb(void *userarg) /* Fall through */ case STUB_SETUP_ERROR: /* Could not complete the set up. Need to fallback.*/ - DEBUG_STUB("%s %-35s: MSG: %p ERROR = %d\n", STUB_DEBUG_WRITE, - __FUNCTION__, ((getdns_network_req *)userarg), q); + DEBUG_STUB("%s %-35s: Upstream: %p ERROR = %d\n", STUB_DEBUG_WRITE, + __FUNC__, (void*)userarg, q); upstream_failed(upstream, (q == STUB_TCP_ERROR ? 0:1)); /* Fall through */ case STUB_CONN_GONE: case STUB_NO_AUTH: /* Cleaning up after connection or auth check failure. Need to fallback. */ stub_cleanup(netreq); +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + DEBUG_DAEMON("%s %-40s : Conn closed : Transport=%s - *Failure*\n", + STUB_DEBUG_DAEMON, upstream->addr_str, + (upstream->transport == GETDNS_TRANSPORT_TLS ? "TLS" : "TCP")); +#endif if (fallback_on_write(netreq) == STUB_TCP_ERROR) { /* TODO: Need new state to report transport unavailable*/ - netreq->state = NET_REQ_FINISHED; + _getdns_netreq_change_state(netreq, NET_REQ_FINISHED); _getdns_check_dns_req_complete(netreq->owner); } return; default: + if (netreq->owner->return_call_reporting && + netreq->upstream->tls_obj && + netreq->debug_tls_peer_cert.data == NULL && + (cert = SSL_get_peer_certificate(netreq->upstream->tls_obj))) { + netreq->debug_tls_peer_cert.size = i2d_X509( + cert, &netreq->debug_tls_peer_cert.data); + X509_free(cert); + } /* Need this because auth status is reset on connection close */ netreq->debug_tls_auth_status = netreq->upstream->tls_auth_state; upstream->queries_sent++; @@ -1545,14 +1762,29 @@ upstream_working_ok(getdns_upstream *upstream) { /* [TLS1]TODO: This arbitrary logic at the moment - review and improve!*/ return (upstream->responses_timeouts > - upstream->responses_received*GETDNS_CONN_ATTEMPTS ? 0 : 1); + upstream->responses_received* + upstream->upstreams->tls_connection_retries ? 0 : 1); } static int upstream_active(getdns_upstream *upstream) { - return ((upstream->conn_state == GETDNS_CONN_SETUP || - upstream->conn_state == GETDNS_CONN_OPEN) ? 1 : 0); + if ((upstream->conn_state == GETDNS_CONN_SETUP || + upstream->conn_state == GETDNS_CONN_OPEN) && + upstream->keepalive_shutdown == 0) + return 1; + return 0; +} + +static int +upstream_usable(getdns_upstream *upstream) +{ + if ((upstream->conn_state == GETDNS_CONN_CLOSED || + upstream->conn_state == GETDNS_CONN_SETUP || + upstream->conn_state == GETDNS_CONN_OPEN) && + upstream->keepalive_shutdown == 0) + return 1; + return 0; } static int @@ -1575,15 +1807,21 @@ upstream_valid(getdns_upstream *upstream, getdns_transport_list_t transport, getdns_network_req *netreq) { - if (upstream->transport != transport || upstream->conn_state != GETDNS_CONN_CLOSED) + if (!(upstream->transport == transport && upstream_usable(upstream))) return 0; if (transport == GETDNS_TRANSPORT_TCP) return 1; + if (upstream->conn_state == GETDNS_CONN_OPEN) { + if (!upstream_auth_status_ok(upstream, netreq)) + return 0; + else + return 1; + } /* We need to check past authentication history to see if this is usable for TLS.*/ if (netreq->tls_auth_min != GETDNS_AUTHENTICATION_REQUIRED) return 1; - return ((upstream->past_tls_auth_state == GETDNS_AUTH_OK || - upstream->past_tls_auth_state == GETDNS_AUTH_NONE) ? 1 : 0); + return ((upstream->best_tls_auth_state == GETDNS_AUTH_OK || + upstream->best_tls_auth_state == GETDNS_AUTH_NONE) ? 1 : 0); } static int @@ -1610,38 +1848,66 @@ upstream_select_stateful(getdns_network_req *netreq, getdns_transport_list_t tra getdns_upstream *upstream = NULL; getdns_upstreams *upstreams = netreq->owner->upstreams; size_t i; - + time_t now = time(NULL); + if (!upstreams->count) return NULL; - /* [TLS1]TODO: Add check to re-instate backed-off upstreams after X amount - of time*/ - - /* First find if an open upstream has the correct properties and use that*/ + /* A check to re-instate backed-off upstreams after X amount of time*/ for (i = 0; i < upstreams->count; i++) { - if (upstream_valid_and_open(&upstreams->upstreams[i], transport, netreq)) - return &upstreams->upstreams[i]; + if (upstreams->upstreams[i].conn_state == GETDNS_CONN_BACKOFF && + upstreams->upstreams[i].conn_retry_time < now) { + upstreams->upstreams[i].conn_state = GETDNS_CONN_CLOSED; +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + DEBUG_DAEMON("%s %-40s : Re-instating upstream\n", + STUB_DEBUG_DAEMON, upstreams->upstreams[i].addr_str); +#endif + } } - /* OK - we will have to open one. Choose the first one that has the best stats - and the right properties, but because we completely back off failed + if (netreq->owner->context->round_robin_upstreams == 0) { + /* First find if an open upstream has the correct properties and use that*/ + for (i = 0; i < upstreams->count; i++) { + if (upstream_valid_and_open(&upstreams->upstreams[i], transport, netreq)) + return &upstreams->upstreams[i]; + } + } + + /* OK - Find the next one to use. First check we have at least one valid + upstream because we completely back off failed upstreams we may have no valid upstream at all (in contrast to UDP). This will be better communicated to the user when we have better error codes*/ - for (i = 0; i < upstreams->count; i++) { - DEBUG_STUB("%s %-35s: Testing %d %d\n", STUB_DEBUG_SETUP, - __FUNCTION__, (int)i, (int)upstreams->upstreams[i].conn_state); + i = upstreams->current_stateful; + do { + DEBUG_STUB("%s %-35s: Testing upstreams %d %d\n", STUB_DEBUG_SETUP, + __FUNC__, (int)i, (int)upstreams->upstreams[i].conn_state); if (upstream_valid(&upstreams->upstreams[i], transport, netreq)) { upstream = &upstreams->upstreams[i]; break; } - } + i++; + if (i >= upstreams->count) + i = 0; + } while (i != upstreams->current_stateful); if (!upstream) return NULL; - for (i++; i < upstreams->count; i++) { - if (upstream_valid(&upstreams->upstreams[i], transport, netreq) && - upstream_stats(&upstreams->upstreams[i]) > upstream_stats(upstream)) - upstream = &upstreams->upstreams[i]; + + /* Now select the specific upstream */ + if (netreq->owner->context->round_robin_upstreams == 0) { + /* Base the decision on the stats, noting we will have started from 0*/ + for (i++; i < upstreams->count; i++) { + if (upstream_valid(&upstreams->upstreams[i], transport, netreq) && + upstream_stats(&upstreams->upstreams[i]) > upstream_stats(upstream)) + upstream = &upstreams->upstreams[i]; + } + } else { + /* Simplistic, but always just pick the first one, incrementing the current. + Note we are not distinguishing TCP/TLS here....*/ + upstreams->current_stateful+=GETDNS_UPSTREAM_TRANSPORTS; + if (upstreams->current_stateful >= upstreams->count) + upstreams->current_stateful = 0; } + return upstream; } @@ -1677,9 +1943,10 @@ upstream_select(getdns_network_req *netreq) upstream->back_off) upstream = &upstreams->upstreams[i]; - upstream->back_off++; + if (upstream->back_off > 1) + upstream->back_off--; upstream->to_retry = 1; - upstreams->current_udp = (upstream - upstreams->upstreams) / GETDNS_UPSTREAM_TRANSPORTS; + upstreams->current_udp = upstream - upstreams->upstreams; return upstream; } @@ -1688,7 +1955,7 @@ upstream_connect(getdns_upstream *upstream, getdns_transport_list_t transport, getdns_dns_req *dnsreq) { DEBUG_STUB("%s %-35s: Getting upstream connection: %p\n", STUB_DEBUG_SETUP, - __FUNCTION__, upstream); + __FUNC__, (void*)upstream); int fd = -1; switch(transport) { case GETDNS_TRANSPORT_UDP: @@ -1715,14 +1982,21 @@ upstream_connect(getdns_upstream *upstream, getdns_transport_list_t transport, upstream->tls_obj = tls_create_object(dnsreq, fd, upstream); if (upstream->tls_obj == NULL) { upstream_failed(upstream, 1); +#ifdef USE_WINSOCK + closesocket(fd); +#else close(fd); +#endif return -1; } - if (upstream->tls_session != NULL) - SSL_set_session(upstream->tls_obj, upstream->tls_session); upstream->tls_hs_state = GETDNS_HS_WRITE; } upstream->conn_state = GETDNS_CONN_SETUP; +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + DEBUG_DAEMON("%s %-40s : Conn init : Transport=%s - Profile=%s\n", STUB_DEBUG_DAEMON, + upstream->addr_str, transport == GETDNS_TRANSPORT_TLS ? "TLS":"TCP", + dnsreq->context->tls_auth_min == GETDNS_AUTHENTICATION_NONE ? "Opportunistic":"Strict"); +#endif break; default: return -1; @@ -1736,21 +2010,28 @@ upstream_find_for_transport(getdns_network_req *netreq, getdns_transport_list_t transport, int *fd) { - /* [TLS1]TODO: Don't currently loop over upstreams here as UDP will timeout - and stateful will fallback. But there is a case where connect returns -1 - that we need to deal with!!!! so add a while loop to test fd*/ getdns_upstream *upstream = NULL; + + /* UDP always returns an upstream, the only reason this will fail is if + no socket is available, in which case that is an error.*/ if (transport == GETDNS_TRANSPORT_UDP) { upstream = upstream_select(netreq); + *fd = upstream_connect(upstream, transport, netreq->owner); + return upstream; } - else - upstream = upstream_select_stateful(netreq, transport); - if (!upstream) - return NULL; - *fd = upstream_connect(upstream, transport, netreq->owner); - DEBUG_STUB("%s %-35s: FD: %d Connecting to upstream: %p No: %d\n", - STUB_DEBUG_SETUP, __FUNCTION__, *fd, upstream, + else { + /* For stateful transport we should keep trying until all our transports + are exhausted/backed-off (no upstream)*/ + do { + upstream = upstream_select_stateful(netreq, transport); + if (!upstream) + return NULL; + *fd = upstream_connect(upstream, transport, netreq->owner); + } while (*fd == -1); + DEBUG_STUB("%s %-35s: FD: %d Connecting to upstream: %p No: %d\n", + STUB_DEBUG_SETUP, __FUNC__, *fd, (void*)upstream, (int)(upstream - netreq->owner->context->upstreams->upstreams)); + } return upstream; } @@ -1764,15 +2045,25 @@ upstream_find_for_netreq(getdns_network_req *netreq) upstream = upstream_find_for_transport(netreq, netreq->transports[i], &fd); - if (fd == -1 || !upstream) + if (!upstream) continue; + + if (fd == -1) { + if (_getdns_EMFILE) + return STUB_TRY_AGAIN_LATER; + return -1; + } netreq->transport_current = i; netreq->upstream = upstream; netreq->keepalive_sent = 0; return fd; } /* Handle better, will give generic error*/ - DEBUG_STUB("%s %-35s: MSG: %p No valid upstream! \n", STUB_DEBUG_SCHEDULE, __FUNCTION__, netreq); + DEBUG_STUB("%s %-35s: MSG: %p No valid upstream! \n", STUB_DEBUG_SCHEDULE, __FUNC__, (void*)netreq); +#if defined(DAEMON_DEBUG) && DAEMON_DEBUG + DEBUG_DAEMON("%s *FAILURE* no valid transports or upstreams available!\n", + STUB_DEBUG_DAEMON); +#endif return -1; } @@ -1783,12 +2074,13 @@ upstream_find_for_netreq(getdns_network_req *netreq) static int fallback_on_write(getdns_network_req *netreq) { + uint64_t now_ms = 0; /* Deal with UDP one day*/ - DEBUG_STUB("%s %-35s: MSG: %p FALLING BACK \n", STUB_DEBUG_SCHEDULE, __FUNCTION__, netreq); + DEBUG_STUB("%s %-35s: MSG: %p FALLING BACK \n", STUB_DEBUG_SCHEDULE, __FUNC__, (void*)netreq); /* Try to find a fallback transport*/ - getdns_return_t result = _getdns_submit_stub_request(netreq); + getdns_return_t result = _getdns_submit_stub_request(netreq, &now_ms); if (result != GETDNS_RETURN_GOOD) return STUB_TCP_ERROR; @@ -1799,10 +2091,10 @@ fallback_on_write(getdns_network_req *netreq) } static void -upstream_reschedule_events(getdns_upstream *upstream, size_t idle_timeout) { +upstream_reschedule_events(getdns_upstream *upstream, uint64_t idle_timeout) { DEBUG_STUB("%s %-35s: FD: %d \n", STUB_DEBUG_SCHEDULE, - __FUNCTION__, upstream->fd); + __FUNC__, upstream->fd); GETDNS_CLEAR_EVENT(upstream->loop, &upstream->event); if (!upstream->write_queue && upstream->event.write_cb) { upstream->event.write_cb = NULL; @@ -1821,7 +2113,13 @@ upstream_reschedule_events(getdns_upstream *upstream, size_t idle_timeout) { upstream->fd, TIMEOUT_FOREVER, &upstream->event); else { DEBUG_STUB("%s %-35s: FD: %d Connection idle - timeout is %d\n", - STUB_DEBUG_SCHEDULE, __FUNCTION__, upstream->fd, (int)idle_timeout); + STUB_DEBUG_SCHEDULE, __FUNC__, upstream->fd, (int)idle_timeout); + /* TODO: Schedule a read also anyway, + * to digest timed out answers. + * Dont forget to schedule with upstream->fd then! + * + * upstream->event.read_cb = upstream_read_cb; + */ upstream->event.timeout_cb = upstream_idle_timeout_cb; if (upstream->conn_state != GETDNS_CONN_OPEN) idle_timeout = 0; @@ -1833,7 +2131,7 @@ upstream_reschedule_events(getdns_upstream *upstream, size_t idle_timeout) { static void upstream_schedule_netreq(getdns_upstream *upstream, getdns_network_req *netreq) { - DEBUG_STUB("%s %-35s: MSG: %p (schedule event)\n", STUB_DEBUG_SCHEDULE, __FUNCTION__, netreq); + DEBUG_STUB("%s %-35s: MSG: %p (schedule event)\n", STUB_DEBUG_SCHEDULE, __FUNC__, (void*)netreq); /* We have a connected socket and a global event loop */ assert(upstream->fd >= 0); assert(upstream->loop); @@ -1852,8 +2150,8 @@ upstream_schedule_netreq(getdns_upstream *upstream, getdns_network_req *netreq) if (upstream->queries_sent == 0) { /* Set a timeout on the upstream so we can catch failed setup*/ upstream->event.timeout_cb = upstream_setup_timeout_cb; - GETDNS_SCHEDULE_EVENT(upstream->loop, - upstream->fd, netreq->owner->context->timeout / 2, + GETDNS_SCHEDULE_EVENT(upstream->loop, upstream->fd, + _getdns_ms_until_expiry(netreq->owner->expires)/2, &upstream->event); } else { GETDNS_SCHEDULE_EVENT(upstream->loop, @@ -1882,28 +2180,38 @@ upstream_schedule_netreq(getdns_upstream *upstream, getdns_network_req *netreq) } getdns_return_t -_getdns_submit_stub_request(getdns_network_req *netreq) +_getdns_submit_stub_request(getdns_network_req *netreq, uint64_t *now_ms) { - DEBUG_STUB("%s %-35s: MSG: %p TYPE: %d\n", STUB_DEBUG_ENTRY, __FUNCTION__, - netreq, netreq->request_type); int fd = -1; - getdns_dns_req *dnsreq = netreq->owner; + getdns_dns_req *dnsreq; + getdns_context *context; + + DEBUG_STUB("%s %-35s: MSG: %p TYPE: %d\n", STUB_DEBUG_ENTRY, __FUNC__, + (void*)netreq, netreq->request_type); + + dnsreq = netreq->owner; + context = dnsreq->context; /* This does a best effort to get a initial fd. * All other set up is done async*/ fd = upstream_find_for_netreq(netreq); if (fd == -1) - /* Handle better, will give unhelpful error is some cases */ - return GETDNS_RETURN_GENERIC_ERROR; + return GETDNS_RETURN_NO_UPSTREAM_AVAILABLE; - getdns_transport_list_t transport = - netreq->transports[netreq->transport_current]; - switch(transport) { + else if (fd == STUB_TRY_AGAIN_LATER) { + _getdns_netreq_change_state(netreq, NET_REQ_NOT_SENT); + netreq->node.key = netreq; + if (_getdns_rbtree_insert( + &context->pending_netreqs, &netreq->node)) + return GETDNS_RETURN_GOOD; + return GETDNS_RETURN_NO_UPSTREAM_AVAILABLE; + } + switch(netreq->transports[netreq->transport_current]) { case GETDNS_TRANSPORT_UDP: netreq->fd = fd; GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); - GETDNS_SCHEDULE_EVENT( - dnsreq->loop, netreq->fd, dnsreq->context->timeout, + GETDNS_SCHEDULE_EVENT(dnsreq->loop, netreq->fd, + _getdns_ms_until_expiry2(dnsreq->expires, now_ms), getdns_eventloop_event_init(&netreq->event, netreq, NULL, stub_udp_write_cb, stub_timeout_cb)); return GETDNS_RETURN_GOOD; @@ -1977,7 +2285,7 @@ _getdns_submit_stub_request(getdns_network_req *netreq) */ GETDNS_SCHEDULE_EVENT( dnsreq->loop, -1, - dnsreq->context->timeout, + _getdns_ms_until_expiry2(dnsreq->expires, now_ms), getdns_eventloop_event_init( &netreq->event, netreq, NULL, NULL, stub_timeout_cb)); diff --git a/src/stub.h b/src/stub.h index 41aa629a..da45eded 100644 --- a/src/stub.h +++ b/src/stub.h @@ -37,7 +37,8 @@ #include "getdns/getdns.h" #include "types-internal.h" -getdns_return_t _getdns_submit_stub_request(getdns_network_req *netreq); +getdns_return_t _getdns_submit_stub_request( + getdns_network_req *netreq, uint64_t *now_ms); void _getdns_cancel_stub_request(getdns_network_req *netreq); diff --git a/src/sync.c b/src/sync.c index d100afb8..75f8cca3 100644 --- a/src/sync.c +++ b/src/sync.c @@ -123,18 +123,22 @@ getdns_sync_data_cleanup(getdns_sync_data *data) * synchronous request. */ GETDNS_CLEAR_EVENT(upstream->loop, &upstream->event); - (*upstream->event.timeout_cb)(upstream->event.userarg); - - /* This should have cleared the event */ - assert(!upstream->event.read_cb && - !upstream->event.write_cb && - !upstream->event.timeout_cb); + if (upstream->conn_state != GETDNS_CONN_OPEN || + upstream->keepalive_timeout == 0) + (*upstream->event.timeout_cb)(upstream->event.userarg); } upstream->loop = data->context->extension; upstream->is_sync_loop = 0; if (upstream->event.read_cb || upstream->event.write_cb) GETDNS_SCHEDULE_EVENT(upstream->loop, upstream->fd, TIMEOUT_FOREVER, &upstream->event); + + else if (upstream->event.timeout_cb && + upstream->conn_state == GETDNS_CONN_OPEN && + upstream->keepalive_timeout != 0) { + GETDNS_SCHEDULE_EVENT(upstream->loop, upstream->fd, + upstream->keepalive_timeout, &upstream->event); + } } } @@ -151,6 +155,7 @@ getdns_sync_cb(getdns_context *context, getdns_callback_type_t callback_type, getdns_dict *response, void *userarg, getdns_transaction_t transaction_id) { getdns_sync_data *data = (getdns_sync_data *)userarg; + (void)context; (void)callback_type; (void)transaction_id; assert(data); diff --git a/src/test/Makefile.in b/src/test/Makefile.in index d0cf2450..758435c1 100644 --- a/src/test/Makefile.in +++ b/src/test/Makefile.in @@ -57,7 +57,8 @@ CHECK_EVENT_PROG=@CHECK_EVENT_PROG@ CHECK_EV_PROG=@CHECK_EV_PROG@ CC=@CC@ -CFLAGS=-I$(srcdir)/.. -I$(srcdir) -I.. $(cflags) @CFLAGS@ @CPPFLAGS@ +CFLAGS=-I$(srcdir)/.. -I$(srcdir) -I.. $(cflags) @CFLAGS@ @CPPFLAGS@ $(XTRA_CFLAGS) +WPEDANTICFLAG=@WPEDANTICFLAG@ LDFLAGS=-L.. @LDFLAGS@ LDLIBS=../libgetdns.la @LIBS@ CHECK_LIBS=@CHECK_LIBS@ @@ -79,53 +80,53 @@ PROGRAMS=tests_dict tests_list tests_namespaces tests_stub_async tests_stub_sync .SUFFIXES: .c .o .a .lo .h .c.o: - $(CC) $(CFLAGS) -c $< -o $@ + $(CC) $(CFLAGS) $(WPEDANTICFLAG) -c $< -o $@ .c.lo: - $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $< -o $@ + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(WPEDANTICFLAG) -c $< -o $@ default: all all: $(PROGRAMS) $(ALL_OBJS): - $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $(srcdir)/$(@:.lo=.c) -o $@ + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(WPEDANTICFLAG) -c $(srcdir)/$(@:.lo=.c) -o $@ $(NON_C99_OBJS): - $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -D_POSIX_C_SOURCE=200112L -D_XOPEN_SOURCE=600 -c $(srcdir)/$(@:.lo=.c) -o $@ + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) $(WPEDANTICFLAG) -D_POSIX_C_SOURCE=200112L -D_XOPEN_SOURCE=600 -c $(srcdir)/$(@:.lo=.c) -o $@ tests_dict: tests_dict.lo testmessages.lo - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(LDFLAGS) $(LDLIBS) -o $@ tests_dict.lo testmessages.lo + $(LIBTOOL) --tag=CC --mode=link $(CC) $(LDFLAGS) $(LDLIBS) -o $@ tests_dict.lo testmessages.lo tests_list: tests_list.lo testmessages.lo - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(LDFLAGS) $(LDLIBS) -o $@ tests_list.lo testmessages.lo + $(LIBTOOL) --tag=CC --mode=link $(CC) $(LDFLAGS) $(LDLIBS) -o $@ tests_list.lo testmessages.lo tests_namespaces: tests_namespaces.lo - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(LDFLAGS) $(LDLIBS) -o $@ tests_namespaces.lo + $(LIBTOOL) --tag=CC --mode=link $(CC) $(LDFLAGS) $(LDLIBS) -o $@ tests_namespaces.lo tests_stub_async: tests_stub_async.lo testmessages.lo - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(LDFLAGS) $(LDLIBS) -o $@ tests_stub_async.lo testmessages.lo + $(LIBTOOL) --tag=CC --mode=link $(CC) $(LDFLAGS) $(LDLIBS) -o $@ tests_stub_async.lo testmessages.lo tests_stub_sync: tests_stub_sync.lo - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(LDFLAGS) $(LDLIBS) -o $@ tests_stub_sync.lo + $(LIBTOOL) --tag=CC --mode=link $(CC) $(LDFLAGS) $(LDLIBS) -o $@ tests_stub_sync.lo check_getdns_common: check_getdns_common.lo - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(LDFLAGS) $(LDLIBS) -o $@ check_getdns_common.lo + $(LIBTOOL) --tag=CC --mode=link $(CC) $(LDFLAGS) $(LDLIBS) -o $@ check_getdns_common.lo check_getdns: check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_selectloop.lo - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(LDFLAGS) $(LDLIBS) $(CHECK_CFLAGS) $(CHECK_LIBS) -o $@ check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_selectloop.lo + $(LIBTOOL) --tag=CC --mode=link $(CC) $(LDFLAGS) $(LDLIBS) $(CHECK_LIBS) -o $@ check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_selectloop.lo check_getdns_event: check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_libevent.lo ../libgetdns_ext_event.la - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_libevent.lo $(LDFLAGS) $(LDLIBS) $(CHECK_CFLAGS) $(CHECK_LIBS) ../libgetdns_ext_event.la $(EXTENSION_LIBEVENT_LDFLAGS) $(EXTENSION_LIBEVENT_EXT_LIBS) + $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_libevent.lo $(LDFLAGS) $(LDLIBS) $(CHECK_LIBS) ../libgetdns_ext_event.la $(EXTENSION_LIBEVENT_LDFLAGS) $(EXTENSION_LIBEVENT_EXT_LIBS) check_getdns_uv: check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_libuv.lo ../libgetdns_ext_uv.la - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_libuv.lo $(LDFLAGS) $(LDLIBS) $(CHECK_CFLAGS) $(CHECK_LIBS) ../libgetdns_ext_uv.la $(EXTENSION_LIBUV_LDFLAGS) $(EXTENSION_LIBUV_EXT_LIBS) + $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_libuv.lo $(LDFLAGS) $(LDLIBS) $(CHECK_LIBS) ../libgetdns_ext_uv.la $(EXTENSION_LIBUV_LDFLAGS) $(EXTENSION_LIBUV_EXT_LIBS) check_getdns_ev: check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_libev.lo ../libgetdns_ext_ev.la - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_libev.lo $(LDFLAGS) $(LDLIBS) $(CHECK_CFLAGS) $(CHECK_LIBS) ../libgetdns_ext_ev.la $(EXTENSION_LIBEV_LDFLAGS) $(EXTENSION_LIBEV_EXT_LIBS) + $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_libev.lo $(LDFLAGS) $(LDLIBS) $(CHECK_LIBS) ../libgetdns_ext_ev.la $(EXTENSION_LIBEV_LDFLAGS) $(EXTENSION_LIBEV_EXT_LIBS) scratchpad: scratchpad.lo - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ scratchpad.lo $(LDFLAGS) $(LDLIBS) + $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ scratchpad.lo $(LDFLAGS) $(LDLIBS) scratchpad.lo: scratchpad.c diff --git a/src/test/check_getdns.c b/src/test/check_getdns.c index e5974d1d..a437374d 100644 --- a/src/test/check_getdns.c +++ b/src/test/check_getdns.c @@ -30,7 +30,14 @@ #include #include #include +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" +#endif #include +#ifdef __clang__ +#pragma clang diagnostic pop +#endif #include "getdns/getdns.h" #include "check_getdns_common.h" #include "check_getdns_address.h" @@ -75,7 +82,7 @@ int -main (int argc, char** argv) +main () { int number_failed; SRunner *sr ; diff --git a/src/test/check_getdns_address.h b/src/test/check_getdns_address.h index 65f76b8b..f898bdd8 100644 --- a/src/test/check_getdns_address.h +++ b/src/test/check_getdns_address.h @@ -149,6 +149,7 @@ * rcode = 0 */ void verify_getdns_address_6(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_address_6 }; struct getdns_context *context = NULL; \ void* eventloop = NULL; \ getdns_transaction_t transaction_id = 0; @@ -157,7 +158,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_address(context, "google.com", NULL, - verify_getdns_address_6, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_address()"); RUN_EVENT_LOOP; @@ -183,6 +184,7 @@ * ancount = 1 (number of records in ANSWER section) */ void verify_getdns_address_7(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_address_7 }; struct getdns_context *context = NULL; \ void* eventloop = NULL; \ getdns_transaction_t transaction_id = 0; @@ -191,7 +193,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_address(context, "localhost", NULL, - verify_getdns_address_7, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_address()"); RUN_EVENT_LOOP; @@ -213,6 +215,7 @@ * rcode = 3 (NXDOMAIN) */ void verify_getdns_address_8(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_address_8 }; struct getdns_context *context = NULL; \ void* eventloop = NULL; \ getdns_transaction_t transaction_id = 0; @@ -221,8 +224,8 @@ EVENT_BASE_CREATE; - ASSERT_RC(getdns_address(context, "hostnamedoesntexist", NULL, - verify_getdns_address_8, &transaction_id, callbackfn), + ASSERT_RC(getdns_address(context, "hostnamedoesntexist.", NULL, + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_address()"); RUN_EVENT_LOOP; diff --git a/src/test/check_getdns_cancel_callback.h b/src/test/check_getdns_cancel_callback.h index 7ad31b46..facf31bc 100644 --- a/src/test/check_getdns_cancel_callback.h +++ b/src/test/check_getdns_cancel_callback.h @@ -55,6 +55,7 @@ * expect: GETDNS_RETURN_UNKNOWN_TRANSACTION */ void verify_getdns_cancel_callback(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_cancel_callback }; struct getdns_context *context = NULL; void* eventloop = NULL; getdns_transaction_t transaction_id = 0; @@ -65,7 +66,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_general(context, "google.com", GETDNS_RRTYPE_A, NULL, - verify_getdns_cancel_callback, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_general()"); RUN_EVENT_LOOP; @@ -86,6 +87,7 @@ * expect: GETDNS_RETURN_UNKNOWN_TRANSACTION */ void verify_getdns_cancel_callback(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_cancel_callback }; struct getdns_context *context = NULL; void* eventloop = NULL; getdns_transaction_t transaction_id = 0; @@ -96,7 +98,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_general(context, "google.com", GETDNS_RRTYPE_A, NULL, - verify_getdns_cancel_callback, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_general()"); RUN_EVENT_LOOP; @@ -133,7 +135,8 @@ struct getdns_context *context = NULL; void* eventloop = NULL; getdns_transaction_t transaction_id = 0; - getdns_transaction_t transaction_id_array[10] = {}; + getdns_transaction_t transaction_id_array[10] + = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; int i; int odd = 0; int even = 0; @@ -212,7 +215,8 @@ struct getdns_context *context = NULL; void* eventloop = NULL; getdns_transaction_t transaction_id = 0; - getdns_transaction_t transaction_id_array[10] = {}; + getdns_transaction_t transaction_id_array[10] + = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; int i; int odd = 0; int even = 0; @@ -295,7 +299,8 @@ struct getdns_bindata address_data = { 4, (void *)"\x08\x08\x08\x08" }; struct getdns_dict *address = NULL; getdns_transaction_t transaction_id = 0; - getdns_transaction_t transaction_id_array[10] = {}; + getdns_transaction_t transaction_id_array[10] + = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; int i; int odd = 0; int even = 0; @@ -381,7 +386,8 @@ struct getdns_context *context = NULL; void* eventloop = NULL; getdns_transaction_t transaction_id = 0; - getdns_transaction_t transaction_id_array[10] = {}; + getdns_transaction_t transaction_id_array[10] + = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; int i; int odd = 0; int even = 0; @@ -451,6 +457,8 @@ void *userarg, getdns_transaction_t transaction_id) { + (void)context; (void)response; (void)userarg; + callback_called++; if(callback_type == GETDNS_CALLBACK_CANCEL) @@ -483,6 +491,7 @@ */ void verify_getdns_cancel_callback(struct extracted_response *ex_response) { + (void)ex_response; /* * increment callback_called global to prove callback was called. */ diff --git a/src/test/check_getdns_common.c b/src/test/check_getdns_common.c index 79f177a9..8fe9f8c6 100644 --- a/src/test/check_getdns_common.c +++ b/src/test/check_getdns_common.c @@ -29,7 +29,14 @@ #include #include #include +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" +#endif #include +#ifdef __clang__ +#pragma clang diagnostic pop +#endif #include "getdns/getdns.h" #include "config.h" #include "check_getdns_common.h" @@ -320,6 +327,7 @@ void destroy_callbackfn(struct getdns_context *context, void *userarg, getdns_transaction_t transaction_id) { int* flag = (int*)userarg; + (void)callback_type; (void)transaction_id; *flag = 1; getdns_dict_destroy(response); getdns_context_destroy(context); @@ -338,7 +346,8 @@ void callbackfn(struct getdns_context *context, getdns_transaction_t transaction_id) { typedef void (*fn_ptr)(struct extracted_response *ex_response); - fn_ptr fn = userarg; + fn_ptr fn = ((fn_cont *)userarg)->fn; + (void)context; (void)transaction_id; /* * If userarg is NULL, either a negative test case @@ -378,7 +387,7 @@ void callbackfn(struct getdns_context *context, void update_callbackfn(struct getdns_context *context, getdns_context_code_t changed_item) { - + (void)context; ck_assert_msg(changed_item == expected_changed_item, "Expected changed_item == %d, got %d", changed_item, expected_changed_item); diff --git a/src/test/check_getdns_common.h b/src/test/check_getdns_common.h index e2d77f44..6fb3b555 100644 --- a/src/test/check_getdns_common.h +++ b/src/test/check_getdns_common.h @@ -211,6 +211,10 @@ struct getdns_dict *response, void *userarg, getdns_transaction_t transaction_id); + + typedef struct fn_cont { + void (*fn)(struct extracted_response *ex_response); + } fn_cont; /* * callbackfn is the callback function given to all * asynchronous query tests. It is expected to only diff --git a/src/test/check_getdns_context_destroy.h b/src/test/check_getdns_context_destroy.h index 52b28456..65a0a8c3 100644 --- a/src/test/check_getdns_context_destroy.h +++ b/src/test/check_getdns_context_destroy.h @@ -68,6 +68,7 @@ * expect: callback should be called before getdns_context_destroy() returns */ void verify_getdns_context_destroy(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_context_destroy }; struct getdns_context *context = NULL; void* eventloop = NULL; getdns_transaction_t transaction_id = 0; @@ -78,7 +79,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_general(context, "google.com", GETDNS_RRTYPE_A, NULL, - verify_getdns_context_destroy, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_general()"); RUN_EVENT_LOOP; @@ -95,6 +96,7 @@ * expect: callback should be called before getdns_context_destroy() returns */ void verify_getdns_context_destroy(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_context_destroy }; struct getdns_context *context = NULL; void* eventloop = NULL; getdns_transaction_t transaction_id = 0; @@ -105,7 +107,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_address(context, "google.com", NULL, - verify_getdns_context_destroy, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_address()"); RUN_EVENT_LOOP; @@ -122,6 +124,7 @@ * expect: callback should be called before getdns_context_destroy() returns */ void verify_getdns_context_destroy(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_context_destroy }; struct getdns_context *context = NULL; void* eventloop = NULL; struct getdns_bindata address_type = { 5, (void *)"IPv4" }; @@ -141,7 +144,7 @@ GETDNS_RETURN_GOOD, "Return code from getdns_dict_set_bindata"); ASSERT_RC(getdns_hostname(context, address, NULL, - verify_getdns_context_destroy, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_address()"); RUN_EVENT_LOOP; @@ -159,6 +162,7 @@ * expect: callback should be called before getdns_context_destroy() returns */ void verify_getdns_context_destroy(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_context_destroy }; struct getdns_context *context = NULL; void* eventloop = NULL; getdns_transaction_t transaction_id = 0; @@ -169,7 +173,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_service(context, "google.com", NULL, - verify_getdns_context_destroy, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_service()"); RUN_EVENT_LOOP; @@ -267,6 +271,7 @@ void verify_getdns_context_destroy(struct extracted_response *ex_response) { + (void)ex_response; /* * Sleep for a second to make getdns_context_destroy() wait. */ diff --git a/src/test/check_getdns_context_set_context_update_callback.h b/src/test/check_getdns_context_set_context_update_callback.h index d816a149..214893a2 100644 --- a/src/test/check_getdns_context_set_context_update_callback.h +++ b/src/test/check_getdns_context_set_context_update_callback.h @@ -434,6 +434,29 @@ } END_TEST + + START_TEST (getdns_context_set_context_update_callback_23) + { + /* + * value is NULL + * expect: GETDNS_RETURN_INVALID_PARAMETER + */ + + struct getdns_context *context = NULL; + CONTEXT_CREATE(TRUE); + + ASSERT_RC(getdns_context_set_context_update_callback(context, update_callbackfn), + GETDNS_RETURN_GOOD, "Return code from getdns_context_set_context_update_callback()"); + + expected_changed_item = GETDNS_CONTEXT_CODE_ROUND_ROBIN_UPSTREAMS; + + ASSERT_RC(getdns_context_set_round_robin_upstreams(context, 1), + GETDNS_RETURN_GOOD, "Return code from getdns_context_set_timeout()"); + + CONTEXT_DESTROY; + + } + END_TEST Suite * getdns_context_set_context_update_callback_suite (void) @@ -462,6 +485,7 @@ tcase_add_test(tc_pos, getdns_context_set_context_update_callback_20); tcase_add_test(tc_pos, getdns_context_set_context_update_callback_21); tcase_add_test(tc_pos, getdns_context_set_context_update_callback_22); + tcase_add_test(tc_pos, getdns_context_set_context_update_callback_23); suite_add_tcase(s, tc_pos); return s; diff --git a/src/test/check_getdns_context_set_timeout.c b/src/test/check_getdns_context_set_timeout.c index f588445a..26d25aa5 100644 --- a/src/test/check_getdns_context_set_timeout.c +++ b/src/test/check_getdns_context_set_timeout.c @@ -243,6 +243,7 @@ void timeout_3_cb(struct getdns_context *context, getdns_callback_type_t callback_type, struct getdns_dict * response, void *userarg, getdns_transaction_t transaction_id) { + (void)response; (void)transaction_id; timeout_thread_data *tdata = (timeout_thread_data*)userarg; tdata->num_callbacks++; if (callback_type == GETDNS_CALLBACK_TIMEOUT) { diff --git a/src/test/check_getdns_context_set_timeout.h b/src/test/check_getdns_context_set_timeout.h index 6aabb198..fe89ee0f 100644 --- a/src/test/check_getdns_context_set_timeout.h +++ b/src/test/check_getdns_context_set_timeout.h @@ -27,7 +27,14 @@ #ifndef _check_getdns_context_set_timeout_h_ #define _check_getdns_context_set_timeout_h_ +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" +#endif #include +#ifdef __clang__ +#pragma clang diagnostic pop +#endif Suite * getdns_context_set_timeout_suite (void); diff --git a/src/test/check_getdns_dict_get_names.h b/src/test/check_getdns_dict_get_names.h index 46f06f0a..0881ad0f 100644 --- a/src/test/check_getdns_dict_get_names.h +++ b/src/test/check_getdns_dict_get_names.h @@ -79,7 +79,7 @@ struct getdns_list *answer = NULL; char *keys[3] = { "ten", "eleven", "twelve" }; uint32_t values[3] = { 10, 11, 12 }; - int i; + size_t i; size_t length; struct getdns_bindata *key = NULL; char string_buffer[20] = ""; diff --git a/src/test/check_getdns_general.h b/src/test/check_getdns_general.h index 6a19bdfb..f073cd86 100644 --- a/src/test/check_getdns_general.h +++ b/src/test/check_getdns_general.h @@ -151,6 +151,7 @@ * ancount = 0 (number of records in ANSWER section) */ void verify_getdns_general_6(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_general_6 }; struct getdns_context *context = NULL; \ void* eventloop = NULL; \ getdns_transaction_t transaction_id = 0; @@ -159,7 +160,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_general(context, "google.com", 0, NULL, - verify_getdns_general_6, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_general()"); RUN_EVENT_LOOP; @@ -184,6 +185,7 @@ * ancount = 0 (number of records in ANSWER section) */ void verify_getdns_general_7(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_general_7 }; struct getdns_context *context = NULL; \ void* eventloop = NULL; \ getdns_transaction_t transaction_id = 0; @@ -192,7 +194,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_general(context, "google.com", 65279, NULL, - verify_getdns_general_7, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_general()"); RUN_EVENT_LOOP; @@ -218,6 +220,7 @@ * and equals number of A records ("type": 1) in "answer" list */ void verify_getdns_general_8(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_general_8 }; struct getdns_context *context = NULL; \ void* eventloop = NULL; \ getdns_transaction_t transaction_id = 0; @@ -226,7 +229,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_general(context, "google.com", GETDNS_RRTYPE_A, NULL, - verify_getdns_general_8, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_general()"); RUN_EVENT_LOOP; @@ -252,6 +255,7 @@ * and equals number of AAAA records ("type": 28) in "answer" list */ void verify_getdns_general_9(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_general_9 }; struct getdns_context *context = NULL; \ void* eventloop = NULL; \ getdns_transaction_t transaction_id = 0; @@ -260,7 +264,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_general(context, "google.com", GETDNS_RRTYPE_AAAA, NULL, - verify_getdns_general_9, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_general()"); RUN_EVENT_LOOP; @@ -287,6 +291,7 @@ * and SOA record ("type": 6) present in "authority" list */ void verify_getdns_general_10(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_general_10 }; struct getdns_context *context = NULL; \ void* eventloop = NULL; \ getdns_transaction_t transaction_id = 0; @@ -296,7 +301,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_general(context, name, GETDNS_RRTYPE_TXT, NULL, - verify_getdns_general_10, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_general()"); RUN_EVENT_LOOP; @@ -322,6 +327,7 @@ * ancount = 0 (number of records in ANSWER section) */ void verify_getdns_general_11(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_general_11 }; struct getdns_context *context = NULL; \ void* eventloop = NULL; \ getdns_transaction_t transaction_id = 0; @@ -330,7 +336,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_general(context, "willem.getdnsapi.net", GETDNS_RRTYPE_MX, NULL, - verify_getdns_general_11, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_general()"); RUN_EVENT_LOOP; @@ -356,6 +362,7 @@ * and equals number of A records ("type": 1) in "answer" list */ void verify_getdns_general_12(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_general_12 }; struct getdns_context *context = NULL; \ void* eventloop = NULL; \ getdns_transaction_t transaction_id = 0; @@ -364,7 +371,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_general(context, "google.com", GETDNS_RRTYPE_A, NULL, - verify_getdns_general_12, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_general()"); RUN_EVENT_LOOP; diff --git a/src/test/check_getdns_hostname.h b/src/test/check_getdns_hostname.h index 461ad373..7193fec9 100644 --- a/src/test/check_getdns_hostname.h +++ b/src/test/check_getdns_hostname.h @@ -315,6 +315,7 @@ * expect: response with correct hostname */ void verify_getdns_hostname_10(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_hostname_10 }; struct getdns_context *context = NULL; struct getdns_dict *address = NULL; struct getdns_bindata address_type = { 5, (void *)"IPv4" }; @@ -333,7 +334,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_hostname(context, address, NULL, - verify_getdns_hostname_10, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_hostname()"); RUN_EVENT_LOOP; @@ -356,6 +357,7 @@ * expect: response with no hostname */ void verify_getdns_hostname_11(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_hostname_11 }; struct getdns_context *context = NULL; struct getdns_dict *address = NULL; struct getdns_bindata address_type = { 5, (void *)"IPv4" }; @@ -374,7 +376,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_hostname(context, address, NULL, - verify_getdns_hostname_11, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_hostname()"); RUN_EVENT_LOOP; @@ -398,6 +400,7 @@ * expect: response with correct hostname */ void verify_getdns_hostname_12(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_hostname_12 }; struct getdns_context *context = NULL; struct getdns_dict *address = NULL; struct getdns_bindata address_type = { 5, (void *)"IPv6" }; @@ -419,7 +422,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_hostname(context, address, NULL, - verify_getdns_hostname_12, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_hostname()"); RUN_EVENT_LOOP; @@ -442,6 +445,7 @@ * expect: response with no hostname */ void verify_getdns_hostname_13(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_hostname_13 }; struct getdns_context *context = NULL; struct getdns_dict *address = NULL; struct getdns_bindata address_type = { 5, (void *)"IPv6" }; @@ -460,7 +464,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_hostname(context, address, NULL, - verify_getdns_hostname_13, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_hostname()"); RUN_EVENT_LOOP; diff --git a/src/test/check_getdns_libev.c b/src/test/check_getdns_libev.c index 9120cf5a..ffdc6e22 100644 --- a/src/test/check_getdns_libev.c +++ b/src/test/check_getdns_libev.c @@ -41,11 +41,19 @@ #else #include #endif +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" +#endif #include +#ifdef __clang__ +#pragma clang diagnostic pop +#endif #include "check_getdns_common.h" void run_event_loop_impl(struct getdns_context* context, void* eventloop) { struct ev_loop* loop = (struct ev_loop*) eventloop; + (void)context; ev_run(loop, 0); } diff --git a/src/test/check_getdns_libevent.c b/src/test/check_getdns_libevent.c index 304f42ef..ee59854b 100644 --- a/src/test/check_getdns_libevent.c +++ b/src/test/check_getdns_libevent.c @@ -37,11 +37,19 @@ #include "getdns/getdns_ext_libevent.h" #include "check_getdns_libevent.h" +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" +#endif #include +#ifdef __clang__ +#pragma clang diagnostic pop +#endif #include "check_getdns_common.h" void run_event_loop_impl(struct getdns_context* context, void* eventloop) { struct event_base* base = (struct event_base*) eventloop; + (void)context; event_base_dispatch(base); } diff --git a/src/test/check_getdns_libuv.c b/src/test/check_getdns_libuv.c index 3d830445..7aa88b51 100644 --- a/src/test/check_getdns_libuv.c +++ b/src/test/check_getdns_libuv.c @@ -37,11 +37,19 @@ #include "getdns/getdns_ext_libuv.h" #include +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" +#endif #include +#ifdef __clang__ +#pragma clang diagnostic pop +#endif #include "check_getdns_common.h" void run_event_loop_impl(struct getdns_context* context, void* eventloop) { uv_loop_t* loop = (uv_loop_t*) eventloop; + (void)context; uv_run(loop, UV_RUN_DEFAULT); } diff --git a/src/test/check_getdns_selectloop.c b/src/test/check_getdns_selectloop.c index b80f1ffd..c315b30c 100644 --- a/src/test/check_getdns_selectloop.c +++ b/src/test/check_getdns_selectloop.c @@ -37,9 +37,11 @@ #include "getdns/getdns_extra.h" void run_event_loop_impl(struct getdns_context* context, void* eventloop) { + (void)eventloop; getdns_context_run(context); } void* create_eventloop_impl(struct getdns_context* context) { + (void)context; return NULL; } diff --git a/src/test/check_getdns_service.h b/src/test/check_getdns_service.h index c9545c0c..c93cab0e 100644 --- a/src/test/check_getdns_service.h +++ b/src/test/check_getdns_service.h @@ -148,6 +148,7 @@ * expect: NXDOMAIN response (with SOA record) */ void verify_getdns_service_7(struct extracted_response *ex_response); + fn_cont fn_ref = { verify_getdns_service_7 }; struct getdns_context *context = NULL; \ void* eventloop = NULL; \ getdns_transaction_t transaction_id = 0; @@ -157,7 +158,7 @@ EVENT_BASE_CREATE; ASSERT_RC(getdns_service(context, "nitinsinghit.com", NULL, - verify_getdns_address_8, &transaction_id, callbackfn), + &fn_ref, &transaction_id, callbackfn), GETDNS_RETURN_GOOD, "Return code from getdns_service()"); RUN_EVENT_LOOP; diff --git a/src/test/check_getdns_service_sync.h b/src/test/check_getdns_service_sync.h index 09c48f9c..17273e24 100644 --- a/src/test/check_getdns_service_sync.h +++ b/src/test/check_getdns_service_sync.h @@ -124,7 +124,7 @@ */ struct getdns_context *context = NULL; struct getdns_dict *response = NULL; - const char *name = "labelsizeofsixtythreecharacterscom"; + const char *name = "labelsizeofsixtythreecharacterscom."; CONTEXT_CREATE(TRUE); diff --git a/src/test/check_getdns_transport.c b/src/test/check_getdns_transport.c index 7d97c27c..4b93fdd1 100644 --- a/src/test/check_getdns_transport.c +++ b/src/test/check_getdns_transport.c @@ -193,6 +193,8 @@ void transport_cb(struct getdns_context *context, struct getdns_dict * response, void *userarg, getdns_transaction_t transaction_id) { /* Don't really care about the answer*/ + (void)context; (void)callback_type; (void)response; + (void)userarg; (void)transaction_id; return; } diff --git a/src/test/check_getdns_transport.h b/src/test/check_getdns_transport.h index 6da58405..a5496a27 100644 --- a/src/test/check_getdns_transport.h +++ b/src/test/check_getdns_transport.h @@ -27,7 +27,14 @@ #ifndef _check_getdns_transport_h_ #define _check_getdns_transport_h_ +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" +#endif #include +#ifdef __clang__ +#pragma clang diagnostic pop +#endif Suite * getdns_transport_suite (void); diff --git a/src/test/tests_dict.c b/src/test/tests_dict.c index 4be804f5..963ba7b4 100644 --- a/src/test/tests_dict.c +++ b/src/test/tests_dict.c @@ -214,7 +214,7 @@ tst_getnames(void) size_t index; size_t llen; uint32_t ansint; - int i; + size_t i; getdns_return_t result; getdns_data_type dtype; struct getdns_dict *dict = NULL; @@ -508,7 +508,7 @@ tst_create(void) * runs unit tests against list management routines */ int -main(int argc, char *argv[]) +main() { tstmsg_prog_begin("tests_dict"); diff --git a/src/test/tests_list.c b/src/test/tests_list.c index c8a68bd8..ab9a98cf 100644 --- a/src/test/tests_list.c +++ b/src/test/tests_list.c @@ -404,7 +404,7 @@ tst_create(void) * runs unit tests against list management routines */ int -main(int argc, char *argv[]) +main() { tstmsg_prog_begin("tests_list"); diff --git a/src/test/tests_stub_async.c b/src/test/tests_stub_async.c index a5b3c995..79a8029c 100644 --- a/src/test/tests_stub_async.c +++ b/src/test/tests_stub_async.c @@ -57,6 +57,8 @@ this_callbackfn(struct getdns_context *this_context, struct getdns_dict *this_response, void *this_userarg, getdns_transaction_t this_transaction_id) { + (void)this_context; (void)this_userarg; + if (this_callback_type == GETDNS_CALLBACK_COMPLETE) { /* This is a callback with data */ char *res = getdns_pretty_print_dict(this_response); fprintf(stdout, "%s\n", res); diff --git a/src/test/tests_transports.sh b/src/test/tests_transports.sh index 13e5b6b6..89604038 100755 --- a/src/test/tests_transports.sh +++ b/src/test/tests_transports.sh @@ -5,25 +5,72 @@ SERVER_IP="8.8.8.8" SERVER_IPv6="2001:4860:4860::8888" TLS_SERVER_IP="185.49.141.38~getdnsapi.net" TLS_SERVER_IPv6="2a04:b900:0:100::38~getdnsapi.net" +TLS_SERVER_SS_IP="184.105.193.78~tls-dns-u.odvr.dns-oarc.net" #Self signed cert TLS_SERVER_KEY="foxZRnIh9gZpWnl+zEiKa0EJ2rdCGroMWm02gaxSc9S=" +TLS_SERVER_SS_KEY="pOXrpUt9kgPgbWxBFFcBTbRH2heo2wHwXp1fd4AEVXI=" TLS_SERVER_WRONG_KEY="foxZRnIh9gZpWnl+zEiKa0EJ2rdCGroMWm02gaxSc1S=" GOOD_RESULT_SYNC="Status was: At least one response was returned" -GOOD_RESULT_ASYNC="successfull" +GOOD_RESULT_ASYNC="successful" BAD_RESULT_SYNC="1 'Generic error'" BAD_RESULT_ASYNC="callback_type of 703" +NUM_ARGS=3 GOOD_COUNT=0 FAIL_COUNT=0 + +check_auth () { + local my_auth_ok=0; + auth_result=`echo $1 | sed 's/.*tls_auth_status\": .*//'` + if [[ $2 == "-" ]] ; then + my_auth_ok=1; + fi + if [[ $2 == "N" ]] && [[ $auth_result == "None" ]]; then + my_auth_ok=1; + fi + if [[ $2 == "F" ]] && [[ $auth_result == "Failed" ]]; then + my_auth_ok=1; + fi + if [[ $2 == "S" ]] && [[ $auth_result == "Success" ]]; then + my_auth_ok=1; + fi + echo $my_auth_ok; +} + +check_trans () { + local my_trans_ok=0; + trans_result=`echo $1 | sed "s/.*\"transport\": GETDNS_TRANSPORT_//" | sed 's/ }.*//' | sed 's/,.*//'` + if [[ $2 == "U" ]] && [[ $trans_result == "UDP" ]]; then + my_trans_ok=1; + fi + if [[ $2 == "T" ]] && [[ $trans_result == "TCP" ]]; then + my_trans_ok=1; + fi + if [[ $2 == "L" ]] && [[ $trans_result == "TLS" ]]; then + my_trans_ok=1; + fi + echo $my_trans_ok; +} + check_good () { - result=`echo $1 | grep "Response code was: GOOD." | tail -1 | sed 's/ All done.'// | sed 's/Response code was: GOOD. '//` + auth_ok=0; + result_ok=0; + trans_ok=0; + result=`echo $1 | sed 's/ All done.'// | sed 's/.*Response code was: GOOD. '//` async_success=`echo $result | grep -c "$GOOD_RESULT_ASYNC"` if [[ $result =~ $GOOD_RESULT_SYNC ]] || [[ $async_success =~ 1 ]]; then - (( GOOD_COUNT++ )) - echo -n "PASS: " - else - (( FAIL_COUNT++ )) - echo "FAIL (RESULT): " $1 - echo -n "FAIL: " + result_ok=1; + fi + if [[ $result_ok == 1 ]] ; then + trans_ok=$(check_trans "$1" "$2") + auth_ok=$(check_auth "$1" "$3") + fi + if [[ $result_ok == 1 ]] && [[ $auth_ok == 1 ]] && [[ $trans_ok == 1 ]]; then + (( GOOD_COUNT++ )) + echo -n "PASS: " + else + (( FAIL_COUNT++ )) + echo "FAIL (RESULT): Result: $result Auth: $auth_ok Trans: $trans_ok" + echo -n "FAIL: " fi } @@ -80,30 +127,38 @@ while getopts ":p:s:t:k:idh" opt; do done TLS_SERVER_IP_NO_NAME=`echo ${TLS_SERVER_IP%~*}` +TLS_SERVER_SS_IP_NO_NAME=`echo ${TLS_SERVER_SS_IP%~*}` TLS_SERVER_IP_WRONG_NAME=`echo ${TLS_SERVER_IP::${#TLS_SERVER_IP}-1}` +NUM_GOOD_QUERIES=7 GOOD_QUERIES=( -"-s -A -q getdnsapi.net -l U @${SERVER_IP} " -"-s -A -q getdnsapi.net -l T @${SERVER_IP} " -"-s -A -q getdnsapi.net -l L @${TLS_SERVER_IP_NO_NAME}" -"-s -A -q getdnsapi.net -l L -m @${TLS_SERVER_IP}" -"-s -A -q getdnsapi.net -l L -m @${TLS_SERVER_IP_NO_NAME} -K pin-sha256=\"${TLS_SERVER_KEY}\"" -"-s -A -q getdnsapi.net -l L -m @${TLS_SERVER_IP} -K pin-sha256=\"${TLS_SERVER_KEY}\"" -"-s -G -q DNSKEY getdnsapi.net -l U @${SERVER_IP} -b 512 -D") +"-s -A getdnsapi.net -l U @${SERVER_IP}" "U" "-" +"-s -A getdnsapi.net -l T @${SERVER_IP}" "T" "-" +"-s -A getdnsapi.net -l L @${TLS_SERVER_IP_NO_NAME}" "L" "N" +"-s -A getdnsapi.net -l L -m @${TLS_SERVER_IP}" "L" "S" +"-s -A getdnsapi.net -l L -m @${TLS_SERVER_IP_NO_NAME} -K pin-sha256=\"${TLS_SERVER_KEY}\"" "L" "S" +"-s -A getdnsapi.net -l L -m @${TLS_SERVER_IP} -K pin-sha256=\"${TLS_SERVER_KEY}\"" "L" "S" +"-s -A getdnsapi.net -l L -m @${TLS_SERVER_SS_IP_NO_NAME} -K pin-sha256=\"${TLS_SERVER_SS_KEY}\"" "L" "S" +"-s -G DNSKEY getdnsapi.net -l U @${SERVER_IP} -b 512 -D" "U" "-") +NUM_GOOD_FB_QUERIES=6 GOOD_FALLBACK_QUERIES=( -"-s -A -q getdnsapi.net -l LT @${SERVER_IP}" -"-s -A -q getdnsapi.net -l LT @${SERVER_IP}" -"-s -A -q getdnsapi.net -l LT @${TLS_SERVER_IP_NO_NAME}" -"-s -A -q getdnsapi.net -l LT -m @${TLS_SERVER_IP_NO_NAME}" -"-s -A -q getdnsapi.net -l L @${SERVER_IP} @${TLS_SERVER_IP_NO_NAME}" -"-s -G -q DNSKEY getdnsapi.net -l UT @${SERVER_IP} -b 512 -D") +"-s -A getdnsapi.net -l LU @${SERVER_IP}" "U" "-" +"-s -A getdnsapi.net -l LT @${SERVER_IP}" "T" "-" +"-s -A getdnsapi.net -l LT @${TLS_SERVER_IP_NO_NAME}" "L" "N" +"-s -A getdnsapi.net -l LT -m @${TLS_SERVER_IP_NO_NAME}" "L" "N" +"-s -A getdnsapi.net -l L @${SERVER_IP} @${TLS_SERVER_IP_NO_NAME}" "L" "-" +"-s -G DNSKEY getdnsapi.net -l UT @${SERVER_IP} -b 512 -D" "T" "-") NOT_AVAILABLE_QUERIES=( -"-s -A -q getdnsapi.net -l L @${SERVER_IP}" -"-s -A -q getdnsapi.net -l L -m @${TLS_SERVER_IP_WRONG_NAME}" -"-s -A -q getdnsapi.net -l L -m @${TLS_SERVER_IP_NO_NAME}" -"-s -A -q getdnsapi.net -l L -m @${TLS_SERVER_IP_NO_NAME} -K pin-sha256=\"${TLS_SERVER_WRONG_KEY}\"") +"-s -A getdnsapi.net -l L @${SERVER_IP}" +"-s -A getdnsapi.net -l L -m @${TLS_SERVER_IP_WRONG_NAME}" +"-s -A getdnsapi.net -l L -m @${TLS_SERVER_IP_NO_NAME}" +"-s -A getdnsapi.net -l L -m @${TLS_SERVER_IP_NO_NAME} -K pin-sha256=\"${TLS_SERVER_WRONG_KEY}\"" +"-s -A getdnsapi.net -l L -m @${TLS_SERVER_IP} -K pin-sha256=\"${TLS_SERVER_WRONG_KEY}\"" +"-s -A getdnsapi.net -l L -m @${TLS_SERVER_IP_WRONG_NAME} -K pin-sha256=\"${TLS_SERVER_KEY}\"" +"-s -A getdnsapi.net -l L -m @${TLS_SERVER_IP_WRONG_NAME} -K pin-sha256=\"${TLS_SERVER_WRONG_KEY}\"" +"-s -A getdnsapi.net -l L -m @${TLS_SERVER_SS_IP} -K pin-sha256=\"${TLS_SERVER_SS_KEY}\"") echo "Starting transport test" @@ -118,19 +173,19 @@ for (( i = 0; i < 2; i+=1 )); do fi echo "*Success cases:" - for (( j = 0; j < ${#GOOD_QUERIES[@]}; j+=1 )); do - check_good "`$DIR/getdns_query $SYNC_MODE ${GOOD_QUERIES[${j}]} 2>/dev/null`" - echo "getdns_query $SYNC_MODE ${GOOD_QUERIES[${j}]}" - (( COUNT++ )) + for (( j = 0; j < $NUM_GOOD_QUERIES; j+=1 )); do + check_good "`$DIR/getdns_query +return_call_reporting $SYNC_MODE ${GOOD_QUERIES[$j*$NUM_ARGS]} 2>/dev/null`" ${GOOD_QUERIES[$((j*NUM_ARGS))+1]} ${GOOD_QUERIES[$((j*NUM_ARGS))+2]} + echo "getdns_query $SYNC_MODE ${GOOD_QUERIES[$j*$NUM_ARGS]}" + (( COUNT++ )) done echo "*Success fallback cases:" - for (( j = 0; j < ${#GOOD_FALLBACK_QUERIES[@]}; j+=1 )); do - check_good "`$DIR/getdns_query $SYNC_MODE ${GOOD_FALLBACK_QUERIES[${j}]} 2>/dev/null`" - echo "getdns_query $SYNC_MODE ${GOOD_FALLBACK_QUERIES[${j}]}" - (( COUNT++ )) + for (( j = 0; j < $NUM_GOOD_FB_QUERIES; j+=1 )); do + check_good "`$DIR/getdns_query +return_call_reporting $SYNC_MODE ${GOOD_FALLBACK_QUERIES[$j*$NUM_ARGS]} 2>/dev/null`" ${GOOD_FALLBACK_QUERIES[$((j*NUM_ARGS))+1]} ${GOOD_FALLBACK_QUERIES[$((j*NUM_ARGS))+2]} + echo "getdns_query $SYNC_MODE ${GOOD_FALLBACK_QUERIES[$j*$NUM_ARGS]} TESTS: ${GOOD_FALLBACK_QUERIES[$((j*NUM_ARGS))+1]} ${GOOD_FALLBACK_QUERIES[$((j*NUM_ARGS))+2]}" + (( COUNT++ )) done - + echo "*Transport not available cases:" for (( j = 0; j < ${#NOT_AVAILABLE_QUERIES[@]}; j+=1 )); do check_bad "`$DIR/getdns_query $SYNC_MODE ${NOT_AVAILABLE_QUERIES[${j}]} 2>&1`" @@ -141,4 +196,4 @@ done echo echo "Finished transport test: did $COUNT queries, $GOOD_COUNT passes, $FAIL_COUNT failures" -echo \ No newline at end of file +echo diff --git a/src/test/tpkg/070-coding-practice.tpkg/070-coding-practice.dsc b/src/test/tpkg/070-coding-practice.tpkg/070-coding-practice.dsc new file mode 100644 index 00000000..b2101c47 --- /dev/null +++ b/src/test/tpkg/070-coding-practice.tpkg/070-coding-practice.dsc @@ -0,0 +1,16 @@ +BaseName: 070-coding-practice +Version: 1.0 +Description: Check for non-recommended coding practices +CreationDate: ma 20 mrt 2017 15:55:19 CET +Maintainer: Willem Toorop +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: 070-coding-practice.pre +Post: +Test: 070-coding-practice.test +AuxFiles: +Passed: +Failure: diff --git a/src/test/tpkg/070-coding-practice.tpkg/070-coding-practice.pre b/src/test/tpkg/070-coding-practice.tpkg/070-coding-practice.pre new file mode 100644 index 00000000..150497af --- /dev/null +++ b/src/test/tpkg/070-coding-practice.tpkg/070-coding-practice.pre @@ -0,0 +1,14 @@ +# #-- 070-coding-practice.pre--# +# source the master var file when it's there +if [ -f ../.tpkg.var.master ] +then + source ../.tpkg.var.master +else + ( + cd .. + [ -f "${TPKG_SRCDIR}/setup-env.sh" ] \ + && sh "${TPKG_SRCDIR}/setup-env.sh" + ) && source ../.tpkg.var.master +fi +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test diff --git a/src/test/tpkg/070-coding-practice.tpkg/070-coding-practice.test b/src/test/tpkg/070-coding-practice.tpkg/070-coding-practice.test new file mode 100644 index 00000000..09473687 --- /dev/null +++ b/src/test/tpkg/070-coding-practice.tpkg/070-coding-practice.test @@ -0,0 +1,54 @@ +# #-- 070-coding-practice.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +rm -f report.txt +( + cd ${SRCROOT}/src + if [ `grep '[^!=]=[ ][ ]*NET_REQ_' *.[ch] */*.[ch] | wc -l` -gt 1 ] + then + echo "*** " + echo "*** Setting getdns_network_req->state should be done via" + echo "*** _getdns_netreq_change_state() only, for anticipating" + echo "*** running out of filedescriptors (sockets) and for the" + echo "*** limit_outstanding_queries feature." + echo "*** " + grep -n '[^!=]=[ ][ ]*NET_REQ_' *.[ch] */*.[ch] | \ + grep -v '^request-internal.c:[12][0-9][0-9]: *net_req->state = NET_REQ_NOT_SENT;$' + echo "" + fi +) >> report.txt +( + cd ${SRCROOT}/src + if [ `grep '__FUNCTION__' *.[ch] */*.[ch] | wc -l` -gt 0 ] + then + echo "*** " + echo "*** Use __FUNC__ instead of __FUNCTION__ for portability" + echo "*** __FUNC__ is aliases in config.h to name to be used" + echo "*** for the system with a #define" + echo "*** " + grep -n '__FUNCTION__' *.[ch] */*.[ch] + echo "" + fi +) >> report.txt +( + cd ${SRCROOT}/src + if [ `grep '^#define[ ]*INTERCEPT_COM_DS[ ]*1' stub.c | wc -l` -gt 0 ] + then + echo "*** " + echo "*** The repo contained the COM DS queries interception" + echo "*** with TLS transports turned on, this should be off" + echo "*** " + grep -n '^#define[ ]INTERCEPT_COM_DS[ ]*1' stub.c + echo "" + fi +) >> report.txt + + +if [ -s report.txt ] +then + cat report.txt + false +fi diff --git a/src/test/tpkg/100-compile.tpkg/100-compile.test b/src/test/tpkg/100-compile.tpkg/100-compile.test index e527192b..819c1bb3 100644 --- a/src/test/tpkg/100-compile.tpkg/100-compile.test +++ b/src/test/tpkg/100-compile.tpkg/100-compile.test @@ -5,4 +5,4 @@ [ -f .tpkg.var.test ] && source .tpkg.var.test cd "${BUILDDIR}/build" -make +make XTRA_CFLAGS='-Werror' diff --git a/src/test/tpkg/200-stub-only-compile.tpkg/200-stub-only-compile.test b/src/test/tpkg/200-stub-only-compile.tpkg/200-stub-only-compile.test index 369379c4..144fea4b 100644 --- a/src/test/tpkg/200-stub-only-compile.tpkg/200-stub-only-compile.test +++ b/src/test/tpkg/200-stub-only-compile.tpkg/200-stub-only-compile.test @@ -5,4 +5,4 @@ [ -f .tpkg.var.test ] && source .tpkg.var.test cd "${BUILDDIR}/build-stub-only" -make +make XTRA_CFLAGS='-Werror' diff --git a/src/test/tpkg/225-stub-only-valgrind-checks.tpkg/225-stub-only-valgrind-checks.dsc b/src/test/tpkg/225-stub-only-valgrind-checks.tpkg/225-stub-only-valgrind-checks.dsc index d845ad44..7167a541 100644 --- a/src/test/tpkg/225-stub-only-valgrind-checks.tpkg/225-stub-only-valgrind-checks.dsc +++ b/src/test/tpkg/225-stub-only-valgrind-checks.tpkg/225-stub-only-valgrind-checks.dsc @@ -6,7 +6,7 @@ Maintainer: Willem Toorop Category: Component: CmdDepends: valgrind -Depends: 110-link.tpkg +Depends: 210-stub-only-link.tpkg Help: Pre: Post: diff --git a/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.Makefile b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.Makefile new file mode 100644 index 00000000..70d86616 --- /dev/null +++ b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.Makefile @@ -0,0 +1,15 @@ +builddir = @BUILDDIR@ +testname = @TPKG_NAME@ +LIBTOOL = $(builddir)/libtool + +CFLAGS=-Wall -Wextra -I$(builddir)/src +LDLIBS=$(builddir)/src/libgetdns.la + +.SUFFIXES: .c .o .a .lo .h + +.c.lo: + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $< -o $@ + +$(testname): $(testname).lo + $(LIBTOOL) --tag=CC --mode=link $(CC) $(LDLIBS) $(LDFLAGS) -o $(testname) $(testname).lo + diff --git a/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.c b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.c new file mode 100644 index 00000000..1467ec34 --- /dev/null +++ b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.c @@ -0,0 +1,138 @@ +/* + * delaydns.c - A DNS proxy that adds delay to replies + * + * Copyright (c) 2016, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include +#include + + +static int n_requests = 0; + +typedef struct transaction_t { + getdns_transaction_t request_id; + getdns_dict *request; + + getdns_context *context; + getdns_eventloop *loop; + getdns_eventloop_event ev; +} transaction_t; + + +void delay_cb(void *userarg) +{ + transaction_t *trans = userarg; + + trans->loop->vmt->clear(trans->loop, &trans->ev); + (void) getdns_reply(trans->context, trans->request, trans->request_id); + getdns_dict_destroy(trans->request); + free(trans); + n_requests -= 1; +} + +void handler(getdns_context *context, getdns_callback_type_t callback_type, + getdns_dict *request, void *userarg, getdns_transaction_t request_id) +{ + transaction_t *trans = NULL; + getdns_bindata *qname; + char nreq_str[255]; + getdns_bindata nreq_bd = { 0, (void *)nreq_str }; + + (void) userarg; (void)callback_type; + nreq_bd.size = snprintf(nreq_str, sizeof(nreq_str), "n_requests: %d", ++n_requests); + + if (getdns_dict_get_bindata(request, "/question/qname", &qname) || + getdns_dict_set_bindata(request, "/answer/0/name", qname) || + getdns_dict_set_int(request, "/answer/0/type", GETDNS_RRTYPE_TXT) || + getdns_dict_set_bindata(request, "/answer/0/rdata/txt_strings/-", &nreq_bd)) + fprintf(stderr, "Request init error\n"); + + else if (qname->size >= 6 && qname->data[0] == 4 && + qname->data[1] == 'q' && qname->data[2] == 'u' && + qname->data[3] == 'i' && qname->data[4] == 't') { + + (void) getdns_reply(context, request, request_id); + (void) getdns_context_set_listen_addresses(context, NULL, NULL, NULL); + getdns_dict_destroy(request); + return; + + } else if (!(trans = malloc(sizeof(transaction_t)))) + perror("memerror"); + else { + (void) memset(trans, 0, sizeof(transaction_t)); + trans->request_id = request_id; + trans->request = request; + trans->context = context; + trans->ev.userarg = trans; + trans->ev.timeout_cb = delay_cb; + + if (getdns_context_get_eventloop(context, &trans->loop) + || trans->loop->vmt->schedule(trans->loop, -1, 300, &trans->ev)) + fprintf(stderr, "Could not schedule delay\n"); + else return; + } + getdns_dict_destroy(trans->request); + if (trans) free(trans); + exit(EXIT_FAILURE); +} + +int main() +{ + getdns_context *context = NULL; + getdns_list *listeners = NULL; + getdns_dict *address = NULL; + uint32_t port = 18000; + getdns_return_t r; + + if ((r = getdns_str2list("[ 127.0.0.1:18000 ]", &listeners)) || + (r = getdns_list_get_dict(listeners, 0, &address)) || + (r = getdns_context_create(&context, 0))) + fprintf(stderr, "Error initializing: "); + + else while (++port < 18200 && + !(r = getdns_dict_set_int(address, "port", port)) && + (r = getdns_context_set_listen_addresses( + context, listeners, NULL, handler))) + ; /* pass */ + + if (r) fprintf(stderr, "%s\n", getdns_get_errorstr_by_id(r)); + else { + fprintf(stdout, "%d\n", (int)port); + fflush(stdout); + getdns_context_run(context); + } + getdns_list_destroy(listeners); + getdns_context_destroy(context); + return r; +} diff --git a/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.dsc b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.dsc new file mode 100644 index 00000000..f1f0aa4b --- /dev/null +++ b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.dsc @@ -0,0 +1,16 @@ +BaseName: 280-limit_outstanding_queries +Version: 1.0 +Description: Test if outstanding queries setting is obeyed +CreationDate: Tue Mar 14 10:43:45 CET 2017 +Maintainer: Willem Toorop +Category: +Component: +CmdDepends: +Depends: 210-stub-only-link.tpkg +Help: +Pre: 280-limit_outstanding_queries.pre +Post: +Test: 280-limit_outstanding_queries.test +AuxFiles: +Passed: +Failure: diff --git a/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.pre b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.pre new file mode 100644 index 00000000..b4ee91ac --- /dev/null +++ b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.pre @@ -0,0 +1,14 @@ +# #-- 280-limit_outstanding_queries.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +( + grep '^CC=' "${BUILDDIR}/build-stub-only/src/Makefile" + grep '^LDFLAGS=' "${BUILDDIR}/build-stub-only/src/Makefile" + + BUILDDIR4SED=`echo "${BUILDDIR}/build-stub-only" | sed 's/\//\\\\\//g'` + sed -e "s/@BUILDDIR@/${BUILDDIR4SED}/g" \ + -e "s/@TPKG_NAME@/${TPKG_NAME}/g" "${TPKG_NAME}.Makefile" +) > Makefile diff --git a/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.queries b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.queries new file mode 100644 index 00000000..0cc2103d --- /dev/null +++ b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.queries @@ -0,0 +1,1000 @@ +q1. +q2. +q3. +q4. +q5. +q6. +q7. +q8. +q9. +q10. +q11. +q12. +q13. +q14. +q15. +q16. +q17. +q18. +q19. +q20. +q21. +q22. +q23. +q24. +q25. +q26. +q27. +q28. +q29. +q30. +q31. +q32. +q33. +q34. +q35. +q36. +q37. +q38. +q39. +q40. +q41. +q42. +q43. +q44. +q45. +q46. +q47. +q48. +q49. +q50. +q51. +q52. +q53. +q54. +q55. +q56. +q57. +q58. +q59. +q60. +q61. +q62. +q63. +q64. +q65. +q66. +q67. +q68. +q69. +q70. +q71. +q72. +q73. +q74. +q75. +q76. +q77. +q78. +q79. +q80. +q81. +q82. +q83. +q84. +q85. +q86. +q87. +q88. +q89. +q90. +q91. +q92. +q93. +q94. +q95. +q96. +q97. +q98. +q99. +q100. +q101. +q102. +q103. +q104. +q105. +q106. +q107. +q108. +q109. +q110. +q111. +q112. +q113. +q114. +q115. +q116. +q117. +q118. +q119. +q120. +q121. +q122. +q123. +q124. +q125. +q126. +q127. +q128. +q129. +q130. +q131. +q132. +q133. +q134. +q135. +q136. +q137. +q138. +q139. +q140. +q141. +q142. +q143. +q144. +q145. +q146. +q147. +q148. +q149. +q150. +q151. +q152. +q153. +q154. +q155. +q156. +q157. +q158. +q159. +q160. +q161. +q162. +q163. +q164. +q165. +q166. +q167. +q168. +q169. +q170. +q171. +q172. +q173. +q174. +q175. +q176. +q177. +q178. +q179. +q180. +q181. +q182. +q183. +q184. +q185. +q186. +q187. +q188. +q189. +q190. +q191. +q192. +q193. +q194. +q195. +q196. +q197. +q198. +q199. +q200. +q201. +q202. +q203. +q204. +q205. +q206. +q207. +q208. +q209. +q210. +q211. +q212. +q213. +q214. +q215. +q216. +q217. +q218. +q219. +q220. +q221. +q222. +q223. +q224. +q225. +q226. +q227. +q228. +q229. +q230. +q231. +q232. +q233. +q234. +q235. +q236. +q237. +q238. +q239. +q240. +q241. +q242. +q243. +q244. +q245. +q246. +q247. +q248. +q249. +q250. +q251. +q252. +q253. +q254. +q255. +q256. +q257. +q258. +q259. +q260. +q261. +q262. +q263. +q264. +q265. +q266. +q267. +q268. +q269. +q270. +q271. +q272. +q273. +q274. +q275. +q276. +q277. +q278. +q279. +q280. +q281. +q282. +q283. +q284. +q285. +q286. +q287. +q288. +q289. +q290. +q291. +q292. +q293. +q294. +q295. +q296. +q297. +q298. +q299. +q300. +q301. +q302. +q303. +q304. +q305. +q306. +q307. +q308. +q309. +q310. +q311. +q312. +q313. +q314. +q315. +q316. +q317. +q318. +q319. +q320. +q321. +q322. +q323. +q324. +q325. +q326. +q327. +q328. +q329. +q330. +q331. +q332. +q333. +q334. +q335. +q336. +q337. +q338. +q339. +q340. +q341. +q342. +q343. +q344. +q345. +q346. +q347. +q348. +q349. +q350. +q351. +q352. +q353. +q354. +q355. +q356. +q357. +q358. +q359. +q360. +q361. +q362. +q363. +q364. +q365. +q366. +q367. +q368. +q369. +q370. +q371. +q372. +q373. +q374. +q375. +q376. +q377. +q378. +q379. +q380. +q381. +q382. +q383. +q384. +q385. +q386. +q387. +q388. +q389. +q390. +q391. +q392. +q393. +q394. +q395. +q396. +q397. +q398. +q399. +q400. +q401. +q402. +q403. +q404. +q405. +q406. +q407. +q408. +q409. +q410. +q411. +q412. +q413. +q414. +q415. +q416. +q417. +q418. +q419. +q420. +q421. +q422. +q423. +q424. +q425. +q426. +q427. +q428. +q429. +q430. +q431. +q432. +q433. +q434. +q435. +q436. +q437. +q438. +q439. +q440. +q441. +q442. +q443. +q444. +q445. +q446. +q447. +q448. +q449. +q450. +q451. +q452. +q453. +q454. +q455. +q456. +q457. +q458. +q459. +q460. +q461. +q462. +q463. +q464. +q465. +q466. +q467. +q468. +q469. +q470. +q471. +q472. +q473. +q474. +q475. +q476. +q477. +q478. +q479. +q480. +q481. +q482. +q483. +q484. +q485. +q486. +q487. +q488. +q489. +q490. +q491. +q492. +q493. +q494. +q495. +q496. +q497. +q498. +q499. +q500. +q501. +q502. +q503. +q504. +q505. +q506. +q507. +q508. +q509. +q510. +q511. +q512. +q513. +q514. +q515. +q516. +q517. +q518. +q519. +q520. +q521. +q522. +q523. +q524. +q525. +q526. +q527. +q528. +q529. +q530. +q531. +q532. +q533. +q534. +q535. +q536. +q537. +q538. +q539. +q540. +q541. +q542. +q543. +q544. +q545. +q546. +q547. +q548. +q549. +q550. +q551. +q552. +q553. +q554. +q555. +q556. +q557. +q558. +q559. +q560. +q561. +q562. +q563. +q564. +q565. +q566. +q567. +q568. +q569. +q570. +q571. +q572. +q573. +q574. +q575. +q576. +q577. +q578. +q579. +q580. +q581. +q582. +q583. +q584. +q585. +q586. +q587. +q588. +q589. +q590. +q591. +q592. +q593. +q594. +q595. +q596. +q597. +q598. +q599. +q600. +q601. +q602. +q603. +q604. +q605. +q606. +q607. +q608. +q609. +q610. +q611. +q612. +q613. +q614. +q615. +q616. +q617. +q618. +q619. +q620. +q621. +q622. +q623. +q624. +q625. +q626. +q627. +q628. +q629. +q630. +q631. +q632. +q633. +q634. +q635. +q636. +q637. +q638. +q639. +q640. +q641. +q642. +q643. +q644. +q645. +q646. +q647. +q648. +q649. +q650. +q651. +q652. +q653. +q654. +q655. +q656. +q657. +q658. +q659. +q660. +q661. +q662. +q663. +q664. +q665. +q666. +q667. +q668. +q669. +q670. +q671. +q672. +q673. +q674. +q675. +q676. +q677. +q678. +q679. +q680. +q681. +q682. +q683. +q684. +q685. +q686. +q687. +q688. +q689. +q690. +q691. +q692. +q693. +q694. +q695. +q696. +q697. +q698. +q699. +q700. +q701. +q702. +q703. +q704. +q705. +q706. +q707. +q708. +q709. +q710. +q711. +q712. +q713. +q714. +q715. +q716. +q717. +q718. +q719. +q720. +q721. +q722. +q723. +q724. +q725. +q726. +q727. +q728. +q729. +q730. +q731. +q732. +q733. +q734. +q735. +q736. +q737. +q738. +q739. +q740. +q741. +q742. +q743. +q744. +q745. +q746. +q747. +q748. +q749. +q750. +q751. +q752. +q753. +q754. +q755. +q756. +q757. +q758. +q759. +q760. +q761. +q762. +q763. +q764. +q765. +q766. +q767. +q768. +q769. +q770. +q771. +q772. +q773. +q774. +q775. +q776. +q777. +q778. +q779. +q780. +q781. +q782. +q783. +q784. +q785. +q786. +q787. +q788. +q789. +q790. +q791. +q792. +q793. +q794. +q795. +q796. +q797. +q798. +q799. +q800. +q801. +q802. +q803. +q804. +q805. +q806. +q807. +q808. +q809. +q810. +q811. +q812. +q813. +q814. +q815. +q816. +q817. +q818. +q819. +q820. +q821. +q822. +q823. +q824. +q825. +q826. +q827. +q828. +q829. +q830. +q831. +q832. +q833. +q834. +q835. +q836. +q837. +q838. +q839. +q840. +q841. +q842. +q843. +q844. +q845. +q846. +q847. +q848. +q849. +q850. +q851. +q852. +q853. +q854. +q855. +q856. +q857. +q858. +q859. +q860. +q861. +q862. +q863. +q864. +q865. +q866. +q867. +q868. +q869. +q870. +q871. +q872. +q873. +q874. +q875. +q876. +q877. +q878. +q879. +q880. +q881. +q882. +q883. +q884. +q885. +q886. +q887. +q888. +q889. +q890. +q891. +q892. +q893. +q894. +q895. +q896. +q897. +q898. +q899. +q900. +q901. +q902. +q903. +q904. +q905. +q906. +q907. +q908. +q909. +q910. +q911. +q912. +q913. +q914. +q915. +q916. +q917. +q918. +q919. +q920. +q921. +q922. +q923. +q924. +q925. +q926. +q927. +q928. +q929. +q930. +q931. +q932. +q933. +q934. +q935. +q936. +q937. +q938. +q939. +q940. +q941. +q942. +q943. +q944. +q945. +q946. +q947. +q948. +q949. +q950. +q951. +q952. +q953. +q954. +q955. +q956. +q957. +q958. +q959. +q960. +q961. +q962. +q963. +q964. +q965. +q966. +q967. +q968. +q969. +q970. +q971. +q972. +q973. +q974. +q975. +q976. +q977. +q978. +q979. +q980. +q981. +q982. +q983. +q984. +q985. +q986. +q987. +q988. +q989. +q990. +q991. +q992. +q993. +q994. +q995. +q996. +q997. +q998. +q999. +q1000. diff --git a/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.test b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.test new file mode 100644 index 00000000..177cc1c7 --- /dev/null +++ b/src/test/tpkg/280-limit_outstanding_queries.tpkg/280-limit_outstanding_queries.test @@ -0,0 +1,40 @@ +# #-- 280-limit_outstanding_queries.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + + +QLIMIT=64 +NQUERIES=`wc "./${TPKG_NAME}.queries"|sed 's/ .*$//g'` + +# Test will take NQUERIES / QLIMIT * answer delay +# For current parameters this is 1000 / 64 * 0.3 = 4.6875 +# which is smaller than 5 seconds default query timeout value, +# so the test should succeed. + +make && "./${TPKG_NAME}" | ( + read PORT + ${GETDNS_STUB_QUERY} @127.0.0.1:$PORT TXT \ + -a -F "./${TPKG_NAME}.queries" \ + "{limit_outstanding_queries:$QLIMIT}" 2>&1 > out + + ${GETDNS_STUB_QUERY} -q @127.0.0.1:$PORT TXT quit. +) && grep '"n_requests: [0-9][0-9]*"' out | sed -e 's/^.*n_requests: //g' -e 's/".*$//g' \ + | awk -vQLIMIT=$QLIMIT -vNQUERIES=$NQUERIES ' + +BEGIN{ + max_outstanding = 0; +} +{ + if ($1 > max_outstanding) + max_outstanding = $1; +} +END{ + printf("%d of %d queries answered (%.1f%%)\n", NR, NQUERIES, (NR / NQUERIES * 100)); + if (max_outstanding > QLIMIT) { + print "ERROR: More than "QLIMIT" outstanding queries: "max_outstanding; + exit(-1); + } else + print "SUCCESS: No more than "QLIMIT" outstanding queries: "max_outstanding; +}' diff --git a/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.Makefile b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.Makefile new file mode 100644 index 00000000..70d86616 --- /dev/null +++ b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.Makefile @@ -0,0 +1,15 @@ +builddir = @BUILDDIR@ +testname = @TPKG_NAME@ +LIBTOOL = $(builddir)/libtool + +CFLAGS=-Wall -Wextra -I$(builddir)/src +LDLIBS=$(builddir)/src/libgetdns.la + +.SUFFIXES: .c .o .a .lo .h + +.c.lo: + $(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $< -o $@ + +$(testname): $(testname).lo + $(LIBTOOL) --tag=CC --mode=link $(CC) $(LDLIBS) $(LDFLAGS) -o $(testname) $(testname).lo + diff --git a/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.c b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.c new file mode 100644 index 00000000..e495466d --- /dev/null +++ b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.c @@ -0,0 +1,143 @@ +/* + * delaydns.c - A DNS proxy that adds delay to replies + * + * Copyright (c) 2016, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include +#include + + +static int n_requests = 0; + +typedef struct transaction_t { + getdns_transaction_t request_id; + getdns_dict *request; + + getdns_context *context; + getdns_eventloop *loop; + getdns_eventloop_event ev; +} transaction_t; + + +void delay_cb(void *userarg) +{ + transaction_t *trans = userarg; + + trans->loop->vmt->clear(trans->loop, &trans->ev); + (void) getdns_reply(trans->context, trans->request, trans->request_id); + getdns_dict_destroy(trans->request); + free(trans); + n_requests -= 1; +} + +void handler(getdns_context *context, getdns_callback_type_t callback_type, + getdns_dict *request, void *userarg, getdns_transaction_t request_id) +{ + transaction_t *trans = NULL; + getdns_bindata *qname; + char nreq_str[255]; + getdns_bindata nreq_bd = { 0, (void *)nreq_str }; + + (void) userarg; (void)callback_type; + nreq_bd.size = snprintf(nreq_str, sizeof(nreq_str), "n_requests: %d", ++n_requests); + + if (getdns_dict_get_bindata(request, "/question/qname", &qname) || + getdns_dict_set_bindata(request, "/answer/0/name", qname) || + getdns_dict_set_int(request, "/answer/0/type", GETDNS_RRTYPE_TXT) || + getdns_dict_set_bindata(request, "/answer/0/rdata/txt_strings/-", &nreq_bd)) + fprintf(stderr, "Request init error\n"); + + else if (qname->size >= 6 && qname->data[0] == 4 && + qname->data[1] == 'q' && qname->data[2] == 'u' && + qname->data[3] == 'i' && qname->data[4] == 't') { + + (void) getdns_reply(context, request, request_id); + (void) getdns_context_set_listen_addresses(context, NULL, NULL, NULL); + getdns_dict_destroy(request); + return; + + } else if (!(trans = malloc(sizeof(transaction_t)))) + perror("memerror"); + else { + char *fqdn; + getdns_convert_dns_name_to_fqdn(qname, &fqdn); + + (void) memset(trans, 0, sizeof(transaction_t)); + trans->request_id = request_id; + trans->request = request; + trans->context = context; + trans->ev.userarg = trans; + trans->ev.timeout_cb = delay_cb; + + fprintf(stderr, "sched delay for query %s, n_request %d\n", fqdn, (int)n_requests); + free(fqdn); + if (getdns_context_get_eventloop(context, &trans->loop) + || trans->loop->vmt->schedule(trans->loop, -1, 300, &trans->ev)) + fprintf(stderr, "Could not schedule delay\n"); + else return; + } + getdns_dict_destroy(trans->request); + if (trans) free(trans); + exit(EXIT_FAILURE); +} + +int main() +{ + getdns_context *context = NULL; + getdns_list *listeners = NULL; + getdns_dict *address = NULL; + uint32_t port = 18000; + getdns_return_t r; + + if ((r = getdns_str2list("[ 127.0.0.1:18000 ]", &listeners)) || + (r = getdns_list_get_dict(listeners, 0, &address)) || + (r = getdns_context_create(&context, 0))) + fprintf(stderr, "Error initializing: "); + + else while (++port < 18200 && + !(r = getdns_dict_set_int(address, "port", port)) && + (r = getdns_context_set_listen_addresses( + context, listeners, NULL, handler))) + ; /* pass */ + + if (r) fprintf(stderr, "%s\n", getdns_get_errorstr_by_id(r)); + else { + fprintf(stdout, "%d\n", (int)port); + fflush(stdout); + getdns_context_run(context); + } + getdns_list_destroy(listeners); + getdns_context_destroy(context); + return r; +} diff --git a/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.dsc b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.dsc new file mode 100644 index 00000000..6b00775a --- /dev/null +++ b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.dsc @@ -0,0 +1,16 @@ +BaseName: 285-out_of_filedescriptors +Version: 1.0 +Description: Test if outstanding queries setting is obeyed +CreationDate: ma 20 mrt 2017 15:17:45 CET +Maintainer: Willem Toorop +Category: +Component: +CmdDepends: +Depends: 210-stub-only-link.tpkg +Help: +Pre: 285-out_of_filedescriptors.pre +Post: +Test: 285-out_of_filedescriptors.test +AuxFiles: +Passed: +Failure: diff --git a/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.pre b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.pre new file mode 100644 index 00000000..6e7ff3ff --- /dev/null +++ b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.pre @@ -0,0 +1,14 @@ +# #-- 285-out_of_filedescriptors.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +( + grep '^CC=' "${BUILDDIR}/build-stub-only/src/Makefile" + grep '^LDFLAGS=' "${BUILDDIR}/build-stub-only/src/Makefile" + + BUILDDIR4SED=`echo "${BUILDDIR}/build-stub-only" | sed 's/\//\\\\\//g'` + sed -e "s/@BUILDDIR@/${BUILDDIR4SED}/g" \ + -e "s/@TPKG_NAME@/${TPKG_NAME}/g" "${TPKG_NAME}.Makefile" +) > Makefile diff --git a/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.queries b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.queries new file mode 100644 index 00000000..0cc2103d --- /dev/null +++ b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.queries @@ -0,0 +1,1000 @@ +q1. +q2. +q3. +q4. +q5. +q6. +q7. +q8. +q9. +q10. +q11. +q12. +q13. +q14. +q15. +q16. +q17. +q18. +q19. +q20. +q21. +q22. +q23. +q24. +q25. +q26. +q27. +q28. +q29. +q30. +q31. +q32. +q33. +q34. +q35. +q36. +q37. +q38. +q39. +q40. +q41. +q42. +q43. +q44. +q45. +q46. +q47. +q48. +q49. +q50. +q51. +q52. +q53. +q54. +q55. +q56. +q57. +q58. +q59. +q60. +q61. +q62. +q63. +q64. +q65. +q66. +q67. +q68. +q69. +q70. +q71. +q72. +q73. +q74. +q75. +q76. +q77. +q78. +q79. +q80. +q81. +q82. +q83. +q84. +q85. +q86. +q87. +q88. +q89. +q90. +q91. +q92. +q93. +q94. +q95. +q96. +q97. +q98. +q99. +q100. +q101. +q102. +q103. +q104. +q105. +q106. +q107. +q108. +q109. +q110. +q111. +q112. +q113. +q114. +q115. +q116. +q117. +q118. +q119. +q120. +q121. +q122. +q123. +q124. +q125. +q126. +q127. +q128. +q129. +q130. +q131. +q132. +q133. +q134. +q135. +q136. +q137. +q138. +q139. +q140. +q141. +q142. +q143. +q144. +q145. +q146. +q147. +q148. +q149. +q150. +q151. +q152. +q153. +q154. +q155. +q156. +q157. +q158. +q159. +q160. +q161. +q162. +q163. +q164. +q165. +q166. +q167. +q168. +q169. +q170. +q171. +q172. +q173. +q174. +q175. +q176. +q177. +q178. +q179. +q180. +q181. +q182. +q183. +q184. +q185. +q186. +q187. +q188. +q189. +q190. +q191. +q192. +q193. +q194. +q195. +q196. +q197. +q198. +q199. +q200. +q201. +q202. +q203. +q204. +q205. +q206. +q207. +q208. +q209. +q210. +q211. +q212. +q213. +q214. +q215. +q216. +q217. +q218. +q219. +q220. +q221. +q222. +q223. +q224. +q225. +q226. +q227. +q228. +q229. +q230. +q231. +q232. +q233. +q234. +q235. +q236. +q237. +q238. +q239. +q240. +q241. +q242. +q243. +q244. +q245. +q246. +q247. +q248. +q249. +q250. +q251. +q252. +q253. +q254. +q255. +q256. +q257. +q258. +q259. +q260. +q261. +q262. +q263. +q264. +q265. +q266. +q267. +q268. +q269. +q270. +q271. +q272. +q273. +q274. +q275. +q276. +q277. +q278. +q279. +q280. +q281. +q282. +q283. +q284. +q285. +q286. +q287. +q288. +q289. +q290. +q291. +q292. +q293. +q294. +q295. +q296. +q297. +q298. +q299. +q300. +q301. +q302. +q303. +q304. +q305. +q306. +q307. +q308. +q309. +q310. +q311. +q312. +q313. +q314. +q315. +q316. +q317. +q318. +q319. +q320. +q321. +q322. +q323. +q324. +q325. +q326. +q327. +q328. +q329. +q330. +q331. +q332. +q333. +q334. +q335. +q336. +q337. +q338. +q339. +q340. +q341. +q342. +q343. +q344. +q345. +q346. +q347. +q348. +q349. +q350. +q351. +q352. +q353. +q354. +q355. +q356. +q357. +q358. +q359. +q360. +q361. +q362. +q363. +q364. +q365. +q366. +q367. +q368. +q369. +q370. +q371. +q372. +q373. +q374. +q375. +q376. +q377. +q378. +q379. +q380. +q381. +q382. +q383. +q384. +q385. +q386. +q387. +q388. +q389. +q390. +q391. +q392. +q393. +q394. +q395. +q396. +q397. +q398. +q399. +q400. +q401. +q402. +q403. +q404. +q405. +q406. +q407. +q408. +q409. +q410. +q411. +q412. +q413. +q414. +q415. +q416. +q417. +q418. +q419. +q420. +q421. +q422. +q423. +q424. +q425. +q426. +q427. +q428. +q429. +q430. +q431. +q432. +q433. +q434. +q435. +q436. +q437. +q438. +q439. +q440. +q441. +q442. +q443. +q444. +q445. +q446. +q447. +q448. +q449. +q450. +q451. +q452. +q453. +q454. +q455. +q456. +q457. +q458. +q459. +q460. +q461. +q462. +q463. +q464. +q465. +q466. +q467. +q468. +q469. +q470. +q471. +q472. +q473. +q474. +q475. +q476. +q477. +q478. +q479. +q480. +q481. +q482. +q483. +q484. +q485. +q486. +q487. +q488. +q489. +q490. +q491. +q492. +q493. +q494. +q495. +q496. +q497. +q498. +q499. +q500. +q501. +q502. +q503. +q504. +q505. +q506. +q507. +q508. +q509. +q510. +q511. +q512. +q513. +q514. +q515. +q516. +q517. +q518. +q519. +q520. +q521. +q522. +q523. +q524. +q525. +q526. +q527. +q528. +q529. +q530. +q531. +q532. +q533. +q534. +q535. +q536. +q537. +q538. +q539. +q540. +q541. +q542. +q543. +q544. +q545. +q546. +q547. +q548. +q549. +q550. +q551. +q552. +q553. +q554. +q555. +q556. +q557. +q558. +q559. +q560. +q561. +q562. +q563. +q564. +q565. +q566. +q567. +q568. +q569. +q570. +q571. +q572. +q573. +q574. +q575. +q576. +q577. +q578. +q579. +q580. +q581. +q582. +q583. +q584. +q585. +q586. +q587. +q588. +q589. +q590. +q591. +q592. +q593. +q594. +q595. +q596. +q597. +q598. +q599. +q600. +q601. +q602. +q603. +q604. +q605. +q606. +q607. +q608. +q609. +q610. +q611. +q612. +q613. +q614. +q615. +q616. +q617. +q618. +q619. +q620. +q621. +q622. +q623. +q624. +q625. +q626. +q627. +q628. +q629. +q630. +q631. +q632. +q633. +q634. +q635. +q636. +q637. +q638. +q639. +q640. +q641. +q642. +q643. +q644. +q645. +q646. +q647. +q648. +q649. +q650. +q651. +q652. +q653. +q654. +q655. +q656. +q657. +q658. +q659. +q660. +q661. +q662. +q663. +q664. +q665. +q666. +q667. +q668. +q669. +q670. +q671. +q672. +q673. +q674. +q675. +q676. +q677. +q678. +q679. +q680. +q681. +q682. +q683. +q684. +q685. +q686. +q687. +q688. +q689. +q690. +q691. +q692. +q693. +q694. +q695. +q696. +q697. +q698. +q699. +q700. +q701. +q702. +q703. +q704. +q705. +q706. +q707. +q708. +q709. +q710. +q711. +q712. +q713. +q714. +q715. +q716. +q717. +q718. +q719. +q720. +q721. +q722. +q723. +q724. +q725. +q726. +q727. +q728. +q729. +q730. +q731. +q732. +q733. +q734. +q735. +q736. +q737. +q738. +q739. +q740. +q741. +q742. +q743. +q744. +q745. +q746. +q747. +q748. +q749. +q750. +q751. +q752. +q753. +q754. +q755. +q756. +q757. +q758. +q759. +q760. +q761. +q762. +q763. +q764. +q765. +q766. +q767. +q768. +q769. +q770. +q771. +q772. +q773. +q774. +q775. +q776. +q777. +q778. +q779. +q780. +q781. +q782. +q783. +q784. +q785. +q786. +q787. +q788. +q789. +q790. +q791. +q792. +q793. +q794. +q795. +q796. +q797. +q798. +q799. +q800. +q801. +q802. +q803. +q804. +q805. +q806. +q807. +q808. +q809. +q810. +q811. +q812. +q813. +q814. +q815. +q816. +q817. +q818. +q819. +q820. +q821. +q822. +q823. +q824. +q825. +q826. +q827. +q828. +q829. +q830. +q831. +q832. +q833. +q834. +q835. +q836. +q837. +q838. +q839. +q840. +q841. +q842. +q843. +q844. +q845. +q846. +q847. +q848. +q849. +q850. +q851. +q852. +q853. +q854. +q855. +q856. +q857. +q858. +q859. +q860. +q861. +q862. +q863. +q864. +q865. +q866. +q867. +q868. +q869. +q870. +q871. +q872. +q873. +q874. +q875. +q876. +q877. +q878. +q879. +q880. +q881. +q882. +q883. +q884. +q885. +q886. +q887. +q888. +q889. +q890. +q891. +q892. +q893. +q894. +q895. +q896. +q897. +q898. +q899. +q900. +q901. +q902. +q903. +q904. +q905. +q906. +q907. +q908. +q909. +q910. +q911. +q912. +q913. +q914. +q915. +q916. +q917. +q918. +q919. +q920. +q921. +q922. +q923. +q924. +q925. +q926. +q927. +q928. +q929. +q930. +q931. +q932. +q933. +q934. +q935. +q936. +q937. +q938. +q939. +q940. +q941. +q942. +q943. +q944. +q945. +q946. +q947. +q948. +q949. +q950. +q951. +q952. +q953. +q954. +q955. +q956. +q957. +q958. +q959. +q960. +q961. +q962. +q963. +q964. +q965. +q966. +q967. +q968. +q969. +q970. +q971. +q972. +q973. +q974. +q975. +q976. +q977. +q978. +q979. +q980. +q981. +q982. +q983. +q984. +q985. +q986. +q987. +q988. +q989. +q990. +q991. +q992. +q993. +q994. +q995. +q996. +q997. +q998. +q999. +q1000. diff --git a/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.test b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.test new file mode 100644 index 00000000..64a53cfb --- /dev/null +++ b/src/test/tpkg/285-out_of_filedescriptors.tpkg/285-out_of_filedescriptors.test @@ -0,0 +1,48 @@ +# #-- 285-out_of_filedescriptors.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + + +QLIMIT=79 +NQUERIES=`wc "./${TPKG_NAME}.queries"|sed 's/ .*$//g'` + +# This time the query limit is set by setting the maximum open +# filedescriptors. We seem to be needing a higher QLIMIT, than +# with limit_outstanding_queries unit test. +# +# 4 filedescriptors are already needed for overhead (logging etc), +# but experiments showed that to prevent timeouts, we should +# have a higher value than 72 at least. +# +# Test will take NQUERIES / QLIMIT * answer delay +# For current parameters this is 1000 / 75 * 0.3 = 4.0 +# which is smaller than 5 seconds default query timeout value, +# so the test should succeed. + +make && "./${TPKG_NAME}" | ( + read PORT + ulimit -n $QLIMIT + ${GETDNS_STUB_QUERY} @127.0.0.1:$PORT TXT \ + -a -F "./${TPKG_NAME}.queries" 2>&1 > out + + ${GETDNS_STUB_QUERY} -q @127.0.0.1:$PORT TXT quit. +) && grep '"n_requests: [0-9][0-9]*"' out | sed -e 's/^.*n_requests: //g' -e 's/".*$//g' \ + | awk -vQLIMIT=$QLIMIT -vNQUERIES=$NQUERIES ' + +BEGIN{ + max_outstanding = 0; +} +{ + if ($1 > max_outstanding) + max_outstanding = $1; +} +END{ + printf("%d of %d queries answered (%.1f%%)\n", NR, NQUERIES, (NR / NQUERIES * 100)); + if (max_outstanding > QLIMIT) { + print "ERROR: More than "QLIMIT" outstanding queries: "max_outstanding; + exit(-1); + } else + print "SUCCESS: No more than "QLIMIT" outstanding queries: "max_outstanding; +}' diff --git a/src/test/tpkg/300-event-loops-configure.tpkg/300-event-loops-configure.test b/src/test/tpkg/300-event-loops-configure.tpkg/300-event-loops-configure.test index 83ade30b..5da09cd9 100644 --- a/src/test/tpkg/300-event-loops-configure.tpkg/300-event-loops-configure.test +++ b/src/test/tpkg/300-event-loops-configure.tpkg/300-event-loops-configure.test @@ -7,10 +7,10 @@ rm -fr "${BUILDDIR}/build-event-loops" mkdir "${BUILDDIR}/build-event-loops" cd "${BUILDDIR}/build-event-loops" -"${SRCROOT}/configure" $* --enable-all-drafts --enable-all-debugging --with-getdns_query --with-libevent --with-libev --with-libuv \ - || "${SRCROOT}/configure" $* --enable-all-drafts --enable-all-debugging --with-getdns_query --with-libevent --with-libev \ - || "${SRCROOT}/configure" $* --enable-all-drafts --enable-all-debugging --with-getdns_query --with-libevent --with-libuv \ - || "${SRCROOT}/configure" $* --enable-all-drafts --enable-all-debugging --with-getdns_query --with-libev --with-libuv \ - || "${SRCROOT}/configure" $* --enable-all-drafts --enable-all-debugging --with-getdns_query --with-libevent \ - || "${SRCROOT}/configure" $* --enable-all-drafts --enable-all-debugging --with-getdns_query --with-libev \ - || "${SRCROOT}/configure" $* --enable-all-drafts --enable-all-debugging --with-getdns_query --with-libuv +"${SRCROOT}/configure" $* --enable-all-drafts --with-getdns_query --with-libevent --with-libev --with-libuv \ + || "${SRCROOT}/configure" $* --enable-all-drafts --with-getdns_query --with-libevent --with-libev \ + || "${SRCROOT}/configure" $* --enable-all-drafts --with-getdns_query --with-libevent --with-libuv \ + || "${SRCROOT}/configure" $* --enable-all-drafts --with-getdns_query --with-libev --with-libuv \ + || "${SRCROOT}/configure" $* --enable-all-drafts --with-getdns_query --with-libevent \ + || "${SRCROOT}/configure" $* --enable-all-drafts --with-getdns_query --with-libev \ + || "${SRCROOT}/configure" $* --enable-all-drafts --with-getdns_query --with-libuv diff --git a/src/test/tpkg/320-event-loops-compile.tpkg/320-event-loops-compile.test b/src/test/tpkg/320-event-loops-compile.tpkg/320-event-loops-compile.test index 055f8f9b..1be03f3d 100644 --- a/src/test/tpkg/320-event-loops-compile.tpkg/320-event-loops-compile.test +++ b/src/test/tpkg/320-event-loops-compile.tpkg/320-event-loops-compile.test @@ -5,4 +5,4 @@ [ -f .tpkg.var.test ] && source .tpkg.var.test cd "${BUILDDIR}/build-event-loops" -make +make XTRA_CFLAGS=-Werror diff --git a/src/test/tpkg/clean.sh b/src/test/tpkg/clean.sh new file mode 100755 index 00000000..b3ebef5e --- /dev/null +++ b/src/test/tpkg/clean.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +export SRCDIR=`dirname $0` +( cd $SRCDIR + ./tpkg clean + rm -fr build build-stub-only build-event-loops install scan-build-reports .tpkg.var.master +) diff --git a/src/test/tpkg/run-all-lcov.sh b/src/test/tpkg/run-all-lcov.sh index 740ef828..37bf8cea 100755 --- a/src/test/tpkg/run-all-lcov.sh +++ b/src/test/tpkg/run-all-lcov.sh @@ -15,7 +15,7 @@ LCOV_MERGE="" for TEST_PKG in ${SRCDIR}/*.tpkg do # when we run our test, we need to compile with profiling - CFLAGS="-fprofile-arcs -ftest-coverage -O0" "${TPKG}" $* exe "${TEST_PKG}" + LDFLAGS="-lgcov --coverage" CFLAGS="-fprofile-arcs -ftest-coverage -O0" "${TPKG}" $* exe "${TEST_PKG}" # after the test is complete, we need to collect the coverage data INFO_FILE=`echo $TEST_PKG | sed 's/.tpkg$//'`.info geninfo $SRCDIR/.. -o $INFO_FILE diff --git a/src/test/tpkg/setup-env.sh b/src/test/tpkg/setup-env.sh index ad43c879..18cdfbeb 100755 --- a/src/test/tpkg/setup-env.sh +++ b/src/test/tpkg/setup-env.sh @@ -13,7 +13,7 @@ then fi if [ ! -f "${SRCROOT}/libtool" ] then - (cd "${SRCROOT}"; libtoolize -fic) + (cd "${SRCROOT}"; (glibtoolize -fic || libtoolize -fic)) fi if [ ! -f "${SRCROOT}/configure" ] then diff --git a/src/tools/Makefile.in b/src/tools/Makefile.in index ae2c6080..d066e824 100644 --- a/src/tools/Makefile.in +++ b/src/tools/Makefile.in @@ -40,7 +40,8 @@ LIBTOOL = ../../libtool srcdir = @srcdir@ CC=@CC@ -CFLAGS=-I$(srcdir)/.. -I$(srcdir) -I.. $(cflags) @CFLAGS@ @CPPFLAGS@ +WPEDANTICFLAG=@WPEDANTICFLAG@ +CFLAGS=-I$(srcdir)/.. -I$(srcdir) -I.. $(cflags) @CFLAGS@ @CPPFLAGS@ $(WPEDANTICFLAG) $(XTRA_CFLAGS) LDFLAGS=-L.. @LDFLAGS@ LDLIBS=../libgetdns.la @LIBS@ @@ -67,13 +68,23 @@ $(ALL_OBJS): getdns_query: getdns_query.lo $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ getdns_query.lo $(LDFLAGS) $(LDLIBS) -install: getdns_query +stubby: getdns_query.lo + $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ getdns_query.lo $(LDFLAGS) $(LDLIBS) + +install-getdns_query: getdns_query $(INSTALL) -m 755 -d $(DESTDIR)$(bindir) $(LIBTOOL) --mode=install cp getdns_query $(DESTDIR)$(bindir) -uninstall: +uninstall-getdns_query: $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(bindir)/getdns_query +install-stubby: getdns_query + $(INSTALL) -m 755 -d $(DESTDIR)$(bindir) + $(LIBTOOL) --mode=install cp getdns_query $(DESTDIR)$(bindir)/stubby + +uninstall-stubby: + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(bindir)/stubby + clean: rm -f *.o *.lo $(PROGRAMS) rm -rf .libs diff --git a/src/tools/getdns_query.c b/src/tools/getdns_query.c index f5d19fc3..269ec7c3 100644 --- a/src/tools/getdns_query.c +++ b/src/tools/getdns_query.c @@ -48,6 +48,19 @@ typedef unsigned short in_port_t; #define EXAMPLE_PIN "pin-sha256=\"E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g=\"" +static int i_am_stubby = 0; +static const char *default_stubby_config = +"{ resolution_type: GETDNS_RESOLUTION_STUB" +", dns_transport_list: [ GETDNS_TRANSPORT_TLS, GETDNS_TRANSPORT_UDP, GETDNS_TRANSPORT_TCP ]" +", idle_timeout: 10000" +", listen_addresses: [ 127.0.0.1@53, 0::1@53 ]" +", tls_query_padding_blocksize: 1" +", edns_client_subnet_private : 1" +"}"; +static int clear_listen_list_on_arg = 0; +#ifndef GETDNS_ON_WINDOWS +static int run_in_foreground = 1; +#endif static int quiet = 0; static int batch_mode = 0; static char *query_file = NULL; @@ -119,8 +132,8 @@ static int get_rrclass(const char *t) } static getdns_return_t -fill_transport_list(getdns_context *context, char *transport_list_str, - getdns_transport_list_t *transports, size_t *transport_count) +fill_transport_list(char *transport_list_str, + getdns_transport_list_t *transports, size_t *transport_count) { size_t max_transports = *transport_count; *transport_count = 0; @@ -151,13 +164,19 @@ print_usage(FILE *out, const char *progname) { fprintf(out, "usage: %s [